From ff3179012dc092a30a5c532c071a241200ca5454 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 9 Nov 2021 13:11:08 +1000 Subject: [PATCH 01/16] SP: fix when mont_mul_order is defined Customer configuration that failed: ./configure --enable-cryptonly --enable-ecc --enable-sp=yes,asm --disable-rsa --disable-dh --disable-sha3 --disable-sha224 --disable-md5 --disable-sha --disable-pkcs12 --disable-memory --disable-chacha --disable-poly1305 --disable-sha512 --disable-sha384 --disable-aesgcm --disable-aescbc --disable-aes --disable-rng CFLAGS="-DNO_SIG_WRAPPER -DWOLFSSL_PUBLIC_MP -DECC_USER_CURVES -DNO_ECC_SIGN -DNO_ECC_DHE -DNO_ECC_KEY_EXPORT" --- wolfcrypt/src/sp_arm32.c | 52 ++++++++++++++++++--------------- wolfcrypt/src/sp_arm64.c | 52 ++++++++++++++++++--------------- wolfcrypt/src/sp_armthumb.c | 52 ++++++++++++++++++--------------- wolfcrypt/src/sp_c32.c | 52 ++++++++++++++++++--------------- wolfcrypt/src/sp_c64.c | 52 ++++++++++++++++++--------------- wolfcrypt/src/sp_cortexm.c | 52 ++++++++++++++++++--------------- wolfcrypt/src/sp_x86_64.c | 58 +++++++++++++++++++++---------------- wolfcrypt/test/test.c | 3 +- 8 files changed, 203 insertions(+), 170 deletions(-) diff --git a/wolfcrypt/src/sp_arm32.c b/wolfcrypt/src/sp_arm32.c index b26a201c0..6910f0286 100644 --- a/wolfcrypt/src/sp_arm32.c +++ b/wolfcrypt/src/sp_arm32.c @@ -37440,6 +37440,19 @@ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P256 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_256_mul_8(r, a, b); + sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P256 curve. */ static const uint32_t p256_order_minus_2[8] = { @@ -37453,18 +37466,6 @@ static const sp_int_digit p256_order_low[4] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P256 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_256_mul_8(r, a, b); - sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order); -} - /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -37635,6 +37636,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN @@ -46706,6 +46708,19 @@ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digi #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_12(r, a, b); + sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint32_t p384_order_minus_2[12] = { @@ -46719,18 +46734,6 @@ static const uint32_t p384_order_low[6] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_12(r, a, b); - sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -46872,6 +46875,7 @@ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index 46afe9185..ef07cfef0 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -37625,6 +37625,19 @@ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P256 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_256_mul_4(r, a, b); + sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P256 curve. */ static const uint64_t p256_order_minus_2[4] = { @@ -37638,18 +37651,6 @@ static const sp_int_digit p256_order_low[2] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P256 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_256_mul_4(r, a, b); - sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order); -} - /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -37820,6 +37821,7 @@ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN @@ -63412,6 +63414,19 @@ static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, const sp_digit #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_6(r, a, b); + sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint64_t p384_order_minus_2[6] = { @@ -63425,18 +63440,6 @@ static const uint64_t p384_order_low[3] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_6(r, a, b); - sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -63578,6 +63581,7 @@ static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN diff --git a/wolfcrypt/src/sp_armthumb.c b/wolfcrypt/src/sp_armthumb.c index 53ab4df62..e7c74c8bf 100644 --- a/wolfcrypt/src/sp_armthumb.c +++ b/wolfcrypt/src/sp_armthumb.c @@ -104088,6 +104088,19 @@ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P256 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_256_mul_8(r, a, b); + sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P256 curve. */ static const uint32_t p256_order_minus_2[8] = { @@ -104101,18 +104114,6 @@ static const sp_int_digit p256_order_low[4] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P256 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_256_mul_8(r, a, b); - sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order); -} - /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -104283,6 +104284,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN @@ -114608,6 +114610,19 @@ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digi #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_12(r, a, b); + sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint32_t p384_order_minus_2[12] = { @@ -114621,18 +114636,6 @@ static const uint32_t p384_order_low[6] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_12(r, a, b); - sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -114774,6 +114777,7 @@ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index 2380f7eda..52e307556 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -25219,6 +25219,19 @@ static int sp_256_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P256 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_256_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_256_mul_9(r, a, b); + sp_256_mont_reduce_order_9(r, p256_order, p256_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P256 curve. */ static const uint32_t p256_order_minus_2[8] = { @@ -25232,18 +25245,6 @@ static const sp_int_digit p256_order_low[4] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P256 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_256_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_256_mul_9(r, a, b); - sp_256_mont_reduce_order_9(r, p256_order, p256_mp_order); -} - /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -25414,6 +25415,7 @@ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN @@ -33032,6 +33034,19 @@ static int sp_384_mod_15(sp_digit* r, const sp_digit* a, const sp_digit* m) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_15(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_15(r, a, b); + sp_384_mont_reduce_order_15(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint32_t p384_order_minus_2[12] = { @@ -33045,18 +33060,6 @@ static const uint32_t p384_order_low[6] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_15(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_15(r, a, b); - sp_384_mont_reduce_order_15(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -33198,6 +33201,7 @@ static void sp_384_mont_inv_order_15(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index 957593ef9..8e26413d0 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -26414,6 +26414,19 @@ static int sp_256_mod_5(sp_digit* r, const sp_digit* a, const sp_digit* m) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P256 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_256_mont_mul_order_5(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_256_mul_5(r, a, b); + sp_256_mont_reduce_order_5(r, p256_order, p256_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P256 curve. */ static const uint64_t p256_order_minus_2[4] = { @@ -26427,18 +26440,6 @@ static const sp_int_digit p256_order_low[2] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P256 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_256_mont_mul_order_5(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_256_mul_5(r, a, b); - sp_256_mont_reduce_order_5(r, p256_order, p256_mp_order); -} - /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -26609,6 +26610,7 @@ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN @@ -33662,6 +33664,19 @@ static int sp_384_mod_7(sp_digit* r, const sp_digit* a, const sp_digit* m) #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_7(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_7(r, a, b); + sp_384_mont_reduce_order_7(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint64_t p384_order_minus_2[6] = { @@ -33675,18 +33690,6 @@ static const uint64_t p384_order_low[3] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_7(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_7(r, a, b); - sp_384_mont_reduce_order_7(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -33828,6 +33831,7 @@ static void sp_384_mont_inv_order_7(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN diff --git a/wolfcrypt/src/sp_cortexm.c b/wolfcrypt/src/sp_cortexm.c index b99deec12..7b294f75f 100644 --- a/wolfcrypt/src/sp_cortexm.c +++ b/wolfcrypt/src/sp_cortexm.c @@ -22820,6 +22820,19 @@ static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P256 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_256_mul_8(r, a, b); + sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P256 curve. */ static const uint32_t p256_order_minus_2[8] = { @@ -22833,18 +22846,6 @@ static const sp_int_digit p256_order_low[4] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P256 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_256_mul_8(r, a, b); - sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order); -} - /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -23015,6 +23016,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN @@ -30031,6 +30033,19 @@ static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digi #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_12(r, a, b); + sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint32_t p384_order_minus_2[12] = { @@ -30044,18 +30059,6 @@ static const uint32_t p384_order_low[6] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_12(r, a, b); - sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -30197,6 +30200,7 @@ static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN #ifndef SP_ECC_MAX_SIG_GEN diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c index dc7863f67..f24e6359f 100644 --- a/wolfcrypt/src/sp_x86_64.c +++ b/wolfcrypt/src/sp_x86_64.c @@ -23483,19 +23483,6 @@ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) -#ifdef WOLFSSL_SP_SMALL -/* Order-2 for the P256 curve. */ -static const uint64_t p256_order_minus_2[4] = { - 0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU, - 0xffffffff00000000U -}; -#else -/* The low half of the order-2 of the P256 curve. */ -static const uint64_t p256_order_low[2] = { - 0xf3b9cac2fc63254fU,0xbce6faada7179e84U -}; -#endif /* WOLFSSL_SP_SMALL */ - /* Multiply two number mod the order of P256 curve. (r = a * b mod order) * * r Result of the multiplication. @@ -23509,6 +23496,20 @@ static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_dig sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order); } +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) +#ifdef WOLFSSL_SP_SMALL +/* Order-2 for the P256 curve. */ +static const uint64_t p256_order_minus_2[4] = { + 0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU, + 0xffffffff00000000U +}; +#else +/* The low half of the order-2 of the P256 curve. */ +static const uint64_t p256_order_low[2] = { + 0xf3b9cac2fc63254fU,0xbce6faada7179e84U +}; +#endif /* WOLFSSL_SP_SMALL */ + /* Square number mod the order of P256 curve. (r = a * a mod order) * * r Result of the squaring. @@ -23695,8 +23696,10 @@ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #ifdef HAVE_INTEL_AVX2 extern void sp_256_mont_mul_order_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* b); +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) extern void sp_256_mont_sqr_order_avx2_4(sp_digit* r, const sp_digit* a); #ifndef WOLFSSL_SP_SMALL @@ -23873,6 +23876,7 @@ static void sp_256_mont_inv_order_avx2_4(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_INTEL_AVX2 */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN @@ -48074,6 +48078,19 @@ static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, #endif #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY) +/* Multiply two number mod the order of P384 curve. (r = a * b mod order) + * + * r Result of the multiplication. + * a First operand of the multiplication. + * b Second operand of the multiplication. + */ +static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b) +{ + sp_384_mul_6(r, a, b); + sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order); +} + +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) #ifdef WOLFSSL_SP_SMALL /* Order-2 for the P384 curve. */ static const uint64_t p384_order_minus_2[6] = { @@ -48087,18 +48104,6 @@ static const uint64_t p384_order_low[3] = { }; #endif /* WOLFSSL_SP_SMALL */ -/* Multiply two number mod the order of P384 curve. (r = a * b mod order) - * - * r Result of the multiplication. - * a First operand of the multiplication. - * b Second operand of the multiplication. - */ -static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b) -{ - sp_384_mul_6(r, a, b); - sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order); -} - /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -48240,6 +48245,7 @@ static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #ifdef HAVE_INTEL_AVX2 /* Multiply two number mod the order of P384 curve. (r = a * b mod order) * @@ -48253,6 +48259,7 @@ static void sp_384_mont_mul_order_avx2_6(sp_digit* r, const sp_digit* a, const s sp_384_mont_reduce_order_avx2_6(r, p384_order, p384_mp_order); } +#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL)) /* Square number mod the order of P384 curve. (r = a * a mod order) * * r Result of the squaring. @@ -48394,6 +48401,7 @@ static void sp_384_mont_inv_order_avx2_6(sp_digit* r, const sp_digit* a, #endif /* WOLFSSL_SP_SMALL */ } +#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */ #endif /* HAVE_INTEL_AVX2 */ #endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */ #ifdef HAVE_ECC_SIGN diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index f64a0645f..76f6de29e 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -22940,7 +22940,8 @@ static int ecc_def_curve_test(WC_RNG *rng) #else ecc_key key[1]; #endif -#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) +#if (defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \ + (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)) word32 idx = 0; #endif From a3d46bee324c8742bafda43e66bfc65475ec6fc1 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 30 Nov 2021 09:46:11 +1000 Subject: [PATCH 02/16] SP math all: div handling of length of dividend Fail when dividend is maximum size as we may be shifting left and overflow when divisor is not on a word boundary. --- wolfcrypt/src/sp_int.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index 049759827..fce360d13 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -4614,6 +4614,10 @@ int sp_div(sp_int* a, sp_int* d, sp_int* r, sp_int* rem) if ((err == MP_OKAY) && (rem != NULL) && (rem->size < a->used + 1)) { err = MP_VAL; } + /* May need to shift number being divided left into a new word. */ + if ((err == MP_OKAY) && (a->used == SP_INT_DIGITS)) { + err = MP_VAL; + } #if 0 if (err == MP_OKAY) { From 376be0f66ac80cad7b454c19faf1da277778d430 Mon Sep 17 00:00:00 2001 From: Kareem Date: Wed, 8 Dec 2021 16:51:51 -0700 Subject: [PATCH 03/16] Fix building with OPENSSL_EXTRA defined and NO_WOLFSSL_STUB not defined. --- src/ssl.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index aba4ea5c4..a76e793aa 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -27304,6 +27304,11 @@ WOLFSSL_ASN1_TIME *wolfSSL_X509_time_adj(WOLFSSL_ASN1_TIME *asnTime, { return wolfSSL_X509_time_adj_ex(asnTime, 0, offset_sec, in_tm); } + +WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj) +{ + return wolfSSL_X509_time_adj(s, adj, NULL); +} #endif #ifndef NO_WOLFSSL_STUB @@ -28614,11 +28619,6 @@ WOLFSSL_API long wolfSSL_set_tlsext_status_exts(WOLFSSL *s, void *arg) WOLFSSL_STUB("wolfSSL_set_tlsext_status_exts"); return WOLFSSL_FAILURE; } - -WOLFSSL_ASN1_TIME* wolfSSL_X509_gmtime_adj(WOLFSSL_ASN1_TIME *s, long adj) -{ - return wolfSSL_X509_time_adj(s, adj, NULL); -} #endif /*** TBD ***/ From d5783d1eaa4aed08d64732523349ed2d5c349cdc Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Thu, 16 Dec 2021 14:35:39 +0100 Subject: [PATCH 04/16] Missing config for krb5 1.16.1 --- configure.ac | 3 ++- wolfssl/openssl/camellia.h | 27 +++++++++++++++++++++++++++ wolfssl/openssl/include.am | 1 + 3 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 wolfssl/openssl/camellia.h diff --git a/configure.ac b/configure.ac index ee1b1d612..52b00c645 100644 --- a/configure.ac +++ b/configure.ac @@ -4730,7 +4730,8 @@ fi if test "$ENABLED_KRB" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KRB -DWOLFSSL_AES_DIRECT" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KRB -DWOLFSSL_AES_DIRECT -DWOLFSSL_DES_ECB" + AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA" # Requires PKCS7 if test "x$ENABLED_PKCS7" = "xno" diff --git a/wolfssl/openssl/camellia.h b/wolfssl/openssl/camellia.h new file mode 100644 index 000000000..024b4e337 --- /dev/null +++ b/wolfssl/openssl/camellia.h @@ -0,0 +1,27 @@ +/* camellia.h + * + * Copyright (C) 2006-2021 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef WOLFSSL_CAMELLIA_H_ +#define WOLFSSL_CAMELLIA_H_ + +#include + +#endif /* WOLFSSL_CAMELLIA_H_ */ diff --git a/wolfssl/openssl/include.am b/wolfssl/openssl/include.am index e1da39845..e4ae651cd 100644 --- a/wolfssl/openssl/include.am +++ b/wolfssl/openssl/include.am @@ -8,6 +8,7 @@ nobase_include_HEADERS+= \ wolfssl/openssl/bio.h \ wolfssl/openssl/bn.h \ wolfssl/openssl/buffer.h \ + wolfssl/openssl/camellia.h \ wolfssl/openssl/cmac.h \ wolfssl/openssl/cms.h \ wolfssl/openssl/compat_types.h \ From 44cc9e4824323481707db41cfddefe3940ae792c Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Fri, 10 Dec 2021 14:51:23 -0600 Subject: [PATCH 05/16] Fix - wolfSSL_init should cleanup on failure of a component --- src/ssl.c | 133 +++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 92 insertions(+), 41 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 6ea2c1355..be4f1db00 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -446,6 +446,7 @@ int wolfSSL_send_session(WOLFSSL* ssl) /* prevent multiple mutex initializations */ static volatile WOLFSSL_GLOBAL int initRefCount = 0; static WOLFSSL_GLOBAL wolfSSL_Mutex count_mutex; /* init ref count mutex */ +static WOLFSSL_GLOBAL int count_mutex_valid = 0; /* Create a new WOLFSSL_CTX struct and return the pointer to created struct. WOLFSSL_METHOD pointer passed in is given to ctx to manage. @@ -5096,6 +5097,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) #ifdef ENABLE_SESSION_CACHE_ROW_LOCK /* not included in import/export */ wolfSSL_Mutex row_mutex; + int mutex_valid; #endif } SessionRow; #define SIZEOF_SESSION_ROW (sizeof(WOLFSSL_SESSION) + (sizeof(int) * 2)) @@ -5111,6 +5113,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) #define SESSION_ROW_UNLOCK(row) wc_UnLockMutex(&(row)->row_mutex); #else static WOLFSSL_GLOBAL wolfSSL_Mutex session_mutex; /* SessionCache mutex */ + static WOLFSSL_GLOBAL int session_mutex_valid = 0; #define SESSION_ROW_LOCK(row) wc_LockMutex(&session_mutex) #define SESSION_ROW_UNLOCK(row) wc_UnLockMutex(&session_mutex); #endif @@ -5133,6 +5136,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) /* uses session mutex */ static WOLFSSL_GLOBAL wolfSSL_Mutex clisession_mutex; /* ClientCache mutex */ + static WOLFSSL_GLOBAL int clisession_mutex_valid = 0; #endif /* !NO_CLIENT_CACHE */ #endif /* !NO_SESSION_CACHE */ @@ -5144,6 +5148,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) static WC_RNG globalRNG; static int initGlobalRNG = 0; static wolfSSL_Mutex globalRNGMutex; + static int globalRNGMutex_valid = 0; #endif #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB) @@ -5163,6 +5168,7 @@ static void AtExitCleanup(void) WOLFSSL_ABI int wolfSSL_Init(void) { + int ret = WOLFSSL_SUCCESS; #if !defined(NO_SESSION_CACHE) && defined(ENABLE_SESSION_CACHE_ROW_LOCK) int i; #endif @@ -5173,72 +5179,98 @@ int wolfSSL_Init(void) /* Initialize crypto for use with TLS connection */ if (wolfCrypt_Init() != 0) { WOLFSSL_MSG("Bad wolfCrypt Init"); - return WC_INIT_E; + ret = WC_INIT_E; } #ifdef HAVE_GLOBAL_RNG - if (wc_InitMutex(&globalRNGMutex) != 0) { + if ((ret == WOLFSSL_SUCCESS) && (wc_InitMutex(&globalRNGMutex) != 0)) { WOLFSSL_MSG("Bad Init Mutex rng"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; + } + else { + globalRNGMutex_valid = 1; } #endif #ifdef OPENSSL_EXTRA - #ifdef HAVE_ATEXIT - /* OpenSSL registers cleanup using atexit */ - if (atexit(AtExitCleanup) != 0) { - WOLFSSL_MSG("Bad atexit registration"); - return WC_INIT_E; - } - #endif - #ifndef WOLFSSL_NO_OPENSSL_RAND_CB - if (wolfSSL_RAND_InitMutex() != 0) { - return BAD_MUTEX_E; + if ((ret == WOLFSSL_SUCCESS) && (wolfSSL_RAND_InitMutex() != 0)) { + ret = BAD_MUTEX_E; } #endif - if (wolfSSL_RAND_seed(NULL, 0) != WOLFSSL_SUCCESS) { + if ((ret == WOLFSSL_SUCCESS) && + (wolfSSL_RAND_seed(NULL, 0) != WOLFSSL_SUCCESS)) { WOLFSSL_MSG("wolfSSL_RAND_Seed failed"); - return WC_INIT_E; + ret = WC_INIT_E; } #endif #ifndef NO_SESSION_CACHE #ifdef ENABLE_SESSION_CACHE_ROW_LOCK for (i = 0; i < SESSION_ROWS; ++i) { + SessionCache[i].mutex_valid = 0; + } + for (i = 0; (ret == WOLFSSL_SUCCESS) && (i < SESSION_ROWS); ++i) { if (wc_InitMutex(&SessionCache[i].row_mutex) != 0) { WOLFSSL_MSG("Bad Init Mutex session"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; + } + else { + SessionCache[i].mutex_valid = 1; } } #else - if (wc_InitMutex(&session_mutex) != 0) { + if ((ret == WOLFSSL_SUCCESS) && (wc_InitMutex(&session_mutex) != 0)) { WOLFSSL_MSG("Bad Init Mutex session"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; + } + else { + session_mutex_valid = 1; } #endif #ifndef NO_CLIENT_CACHE - if (wc_InitMutex(&clisession_mutex) != 0) { + if ((ret == WOLFSSL_SUCCESS) && + (wc_InitMutex(&clisession_mutex) != 0)) { WOLFSSL_MSG("Bad Init Mutex session"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; + } + else { + clisession_mutex_valid = 1; } #endif #endif - if (wc_InitMutex(&count_mutex) != 0) { + if ((ret == WOLFSSL_SUCCESS) && (wc_InitMutex(&count_mutex) != 0)) { WOLFSSL_MSG("Bad Init Mutex count"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; } + else { + count_mutex_valid = 1; + } + +#if defined(OPENSSL_EXTRA) && defined(HAVE_ATEXIT) + /* OpenSSL registers cleanup using atexit */ + if ((ret == WOLFSSL_SUCCESS) && (atexit(AtExitCleanup) != 0)) { + WOLFSSL_MSG("Bad atexit registration"); + ret = WC_INIT_E; + } +#endif } - if (wc_LockMutex(&count_mutex) != 0) { + if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&count_mutex) != 0)) { WOLFSSL_MSG("Bad Lock Mutex count"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; + } + else { + initRefCount++; + wc_UnLockMutex(&count_mutex); } - initRefCount++; - wc_UnLockMutex(&count_mutex); + if (ret != WOLFSSL_SUCCESS) { + initRefCount = 1; /* Force cleanup */ + (void)wolfSSL_Cleanup(); /* Ignore any error from cleanup */ + } - return WOLFSSL_SUCCESS; + return ret; } @@ -14706,7 +14738,7 @@ int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx) WOLFSSL_ABI int wolfSSL_Cleanup(void) { - int ret = WOLFSSL_SUCCESS; + int ret = WOLFSSL_SUCCESS; /* Only the first error will be returned */ int release = 0; #if !defined(NO_SESSION_CACHE) && defined(ENABLE_SESSION_CACHE_ROW_LOCK) int i; @@ -14717,16 +14749,18 @@ int wolfSSL_Cleanup(void) if (initRefCount == 0) return ret; /* possibly no init yet, but not failure either way */ - if (wc_LockMutex(&count_mutex) != 0) { + if ((count_mutex_valid == 1) && (wc_LockMutex(&count_mutex) != 0)) { WOLFSSL_MSG("Bad Lock Mutex count"); - return BAD_MUTEX_E; + ret = BAD_MUTEX_E; } release = initRefCount-- == 1; if (initRefCount < 0) initRefCount = 0; - wc_UnLockMutex(&count_mutex); + if (count_mutex_valid == 1) { + wc_UnLockMutex(&count_mutex); + } if (!release) return ret; @@ -14741,21 +14775,35 @@ int wolfSSL_Cleanup(void) #ifndef NO_SESSION_CACHE #ifdef ENABLE_SESSION_CACHE_ROW_LOCK for (i = 0; i < SESSION_ROWS; ++i) { - if (wc_FreeMutex(&SessionCache[i].row_mutex) != 0) - ret = BAD_MUTEX_E; + if ((SessionCache[i].mutex_valid == 1) && + (wc_FreeMutex(&SessionCache[i].row_mutex) != 0)) { + if (ret == WOLFSSL_SUCCESS) + ret = BAD_MUTEX_E; + } + SessionCache[i].mutex_valid = 0; } #else - if (wc_FreeMutex(&session_mutex) != 0) - ret = BAD_MUTEX_E; + if ((session_mutex_valid == 1) && (wc_FreeMutex(&session_mutex) != 0)) { + if (ret == WOLFSSL_SUCCESS) + ret = BAD_MUTEX_E; + } + session_mutex_valid = 0; #endif #ifndef NO_CLIENT_CACHE - if (wc_FreeMutex(&clisession_mutex) != 0) + if ((clisession_mutex_valid == 1) && + (wc_FreeMutex(&clisession_mutex) != 0)) { + if (ret == WOLFSSL_SUCCESS) ret = BAD_MUTEX_E; + } + clisession_mutex_valid = 0; #endif #endif /* !NO_SESSION_CACHE */ - if (wc_FreeMutex(&count_mutex) != 0) - ret = BAD_MUTEX_E; + if ((count_mutex_valid == 1) && (wc_FreeMutex(&count_mutex) != 0)) { + if (ret == WOLFSSL_SUCCESS) + ret = BAD_MUTEX_E; + } + count_mutex_valid = 0; #ifdef OPENSSL_EXTRA wolfSSL_RAND_Cleanup(); @@ -14763,13 +14811,16 @@ int wolfSSL_Cleanup(void) if (wolfCrypt_Cleanup() != 0) { WOLFSSL_MSG("Error with wolfCrypt_Cleanup call"); - ret = WC_CLEANUP_E; + if (ret == WOLFSSL_SUCCESS) + ret = WC_CLEANUP_E; } #ifdef HAVE_GLOBAL_RNG - if (wc_FreeMutex(&globalRNGMutex) != 0) { - ret = BAD_MUTEX_E; + if ((globalRNGMutex_valid == 1) && (wc_FreeMutex(&globalRNGMutex) != 0)) { + if (ret == WOLFSSL_SUCCESS) + ret = BAD_MUTEX_E; } + globalRNGMutex_valid = 0; #endif return ret; } From 0b2b218de7166f32810f05a7699428b99eaa61bb Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Thu, 16 Dec 2021 08:49:54 +1000 Subject: [PATCH 06/16] ECC: better protection when using encrypted memory Added new ECC scalar multiplication implementation. --- wolfcrypt/src/ecc.c | 183 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 183 insertions(+) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index d6015dab3..93afe8b71 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -87,6 +87,11 @@ Possible ECC enable options: * the variant macro is used the bits2octets operation on * the hash is removed. * default: off + * + * WC_PROTECT_ENCRYPTED_MEM: + * Enables implementations that protect data that is in + * encrypted memory. + * default: off */ /* @@ -2762,6 +2767,7 @@ static int wc_ecc_gen_z(WC_RNG* rng, int size, ecc_point* p, return err; } +#ifndef WC_PROTECT_ENCRYPTED_MEM #define M_POINTS 3 /* Joye double-add ladder. @@ -2925,6 +2931,183 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q, return err; } +#else +/* Number of points to allocate for use during scalar multiplication. */ +#define M_POINTS 5 +/* Last of the points is used as a temporary during calculations. */ +#define TMP_IDX M_POINTS - 1 + +static void mp_cond_swap_into_ct(mp_int* ra, mp_int* rb, mp_int* a, mp_int* b, + int digits, int m) +{ + int i; + +#if !defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_INT_NEGATIVE) + /* Only using positive numbers in ECC operations. */ + ra->sign = 0; + rb->sign = 0; +#endif + /* Don't store 0 when mask is 0, it will be in a register. */ + ra->used = (int)(((a->used ^ b->used) & ((mp_digit)0 - (m & 1))) ^ a->used); + rb->used = (int)(((a->used ^ b->used) & ((mp_digit)0 - (m & 1))) ^ b->used); + for (i = 0; i < digits; i++) { + ra->dp[i] = ((a->dp[i] ^ b->dp[i]) & ((mp_digit)0 - (m & 1))) ^ + a->dp[i]; + rb->dp[i] = ((a->dp[i] ^ b->dp[i]) & ((mp_digit)0 - (m & 1))) ^ + b->dp[i]; + } +} + +static void ecc_cond_swap_into_ct(ecc_point* ra, ecc_point* rb, ecc_point* a, + ecc_point* b, int digits, int m) +{ + /* Conditionally swap each ordinate. */ + mp_cond_swap_into_ct(ra->x, rb->x, a->x, b->x, digits, m); + mp_cond_swap_into_ct(ra->y, rb->y, a->y, b->y, digits, m); + mp_cond_swap_into_ct(ra->z, rb->z, a->z, b->z, digits, m); +} + +/* Joye double-add ladder. + * "Highly Regular Right-to-Left Algorithms for Scalar Multiplication" + * by Marc Joye (2007) + * + * Algorithm 1': + * Input: P element of curve, k = (k[t-1],..., k[0]) base 2 + * Output: Q = kP + * 1: R[0] = P; R[1] = P + * 2: for j = 1 to t-1 do + * 3: b = 1 - k[j]; R[b] = 2*R[b] + R[k[j]] + * 4: end for + * 5: b = k[0]; R[b] = R[b] - P + * 6: return R[0] + * + * Assumes: k < order. + */ +static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q, + ecc_point** R, mp_int* a, mp_int* modulus, mp_digit mp, WC_RNG* rng) +{ + int err = MP_OKAY; + int bytes = (mp_count_bits(modulus) + 7) / 8; + int i; + int j = 1; + int cnt; + int t = 0; + mp_int* kt = R[TMP_IDX]->x; + /* First bit always 1 (fix at end) and swap equals first bit */ + register int swap = 1; + /* Which pair of points has current value. R[0,1] or R[2,3] */ + int set = 0; + int infinity; + + /* Step 1: R[0] = P; R[1] = P */ + /* R[0] = P */ + if (err == MP_OKAY) + err = mp_copy(P->x, R[0]->x); + if (err == MP_OKAY) + err = mp_copy(P->y, R[0]->y); + if (err == MP_OKAY) + err = mp_copy(P->z, R[0]->z); + + /* R[1] = P */ + if (err == MP_OKAY) + err = mp_copy(P->x, R[1]->x); + if (err == MP_OKAY) + err = mp_copy(P->y, R[1]->y); + if (err == MP_OKAY) + err = mp_copy(P->z, R[1]->z); + + /* Randomize z ordinates to obfuscate timing. */ + if ((err == MP_OKAY) && (rng != NULL)) + err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[TMP_IDX]->x, + R[TMP_IDX]->y); + if ((err == MP_OKAY) && (rng != NULL)) + err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[TMP_IDX]->x, + R[TMP_IDX]->y); + + if (err == MP_OKAY) { + /* Order could be one greater than the size of the modulus. */ + t = mp_count_bits(modulus) + 1; + err = mp_copy(k, kt); + } + if (err == MP_OKAY) { + err = mp_grow(kt, modulus->used + 1); + } + /* Step 2: for j = 1 to t-1 do */ + for (i = 1, j = 0, cnt = 0; (err == MP_OKAY) && (i < t); i++) { + if (++cnt == DIGIT_BIT) { + j++; + cnt = 0; + } + + /* Step 3: b = 1 - k[j]; R[b] = 2*R[b] + R[k[j]] */ + /* Swap R[0] and R[1] if other index is needed. */ + /* Ensure 'swap' changes when shifted word is 0. */ + swap += (kt->dp[j] >> cnt) + 2; + ecc_cond_swap_into_ct(R[(2 - set) + 0], R[(2 - set) + 1], + R[set + 0], R[set + 1], modulus->used, swap); + /* Change to operate on set copied into. */ + set = 2 - set; + /* Ensure 'swap' changes to a previously unseen value. */ + swap += (kt->dp[j] >> cnt) + swap; + + err = ecc_projective_dbl_point_safe(R[set + 0], R[set + 0], a, modulus, + mp); + if (err == MP_OKAY) { + err = ecc_projective_add_point_safe(R[set + 0], R[set + 1], + R[set + 0], a, modulus, mp, &infinity); + } + } + /* Step 4: end for */ + /* Swap back if last bit is 0. */ + /* Ensure 'swap' changes. */ + swap += 1; + if (err == MP_OKAY) { + ecc_cond_swap_into_ct(R[(2 - set) + 0], R[(2 - set) + 1], + R[set + 0], R[set + 1], modulus->used, swap); + set = 2 - set; + } + + /* Step 5: b = k[0]; R[b] = R[b] - P */ + /* R[TMP_IDX] = -P */ + if (err == MP_OKAY) + err = mp_copy(P->x, R[TMP_IDX]->x); + if (err == MP_OKAY) + err = mp_sub(modulus, P->y, R[TMP_IDX]->y); + if (err == MP_OKAY) + err = mp_copy(P->z, R[TMP_IDX]->z); + /* Subtract point by adding negative. */ + if (err == MP_OKAY) { + /* Swap R[0] and R[1], if necessary, to operate on the one we want. + * Last bit of k->dp[0] is being used to make decision to swap. + */ + ecc_cond_swap_into_ct(R[(2 - set) + 0], R[(2 - set) + 1], + R[set + 0], R[set + 1], modulus->used, + (int)k->dp[0]); + set = 2 - set; + err = ecc_projective_add_point_safe(R[set + 0], R[TMP_IDX], R[set + 0], + a, modulus, mp, &infinity); + /* Swap back if necessary. */ + if (err == MP_OKAY) { + ecc_cond_swap_into_ct(R[(2 - set) + 0], R[(2 - set) + 1], + R[set + 0], R[set + 1], modulus->used, + (int)k->dp[0]); + set = 2 - set; + } + } + + /* Step 6: return R[0] */ + if (err == MP_OKAY) + err = mp_copy(R[set + 0]->x, Q->x); + if (err == MP_OKAY) + err = mp_copy(R[set + 0]->y, Q->y); + if (err == MP_OKAY) + err = mp_copy(R[set + 0]->z, Q->z); + + return err; +} + +#endif + #endif /* Convert the point to montgomery form. From 6cac0ea5a9cd6ff8be14512bfe24abaab3aa0cc5 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Fri, 17 Dec 2021 12:00:16 +1000 Subject: [PATCH 07/16] SP C: specific Montgomery reduction code for P256 and P384 Improves performance of 32-bit and 64-bit SP C code. --- wolfcrypt/src/sp_c32.c | 175 ++++++++++++++++++++++++++++++++++------- wolfcrypt/src/sp_c64.c | 151 +++++++++++++++++++++++++++++------ 2 files changed, 273 insertions(+), 53 deletions(-) diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index bd08e3a92..aa75da870 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -20948,8 +20948,6 @@ static int sp_256_point_to_ecc_point_9(const sp_point_256* p, ecc_point* pm) return err; } -#define sp_256_mont_reduce_order_9 sp_256_mont_reduce_9 - /* Compare a with b in constant time. * * a A single precision integer. @@ -21159,40 +21157,89 @@ static void sp_256_mont_shift_9(sp_digit* r, const sp_digit* a) * m The single precision number representing the modulus. * mp The digit representing the negative inverse of m mod 2^n. */ -static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) +static void sp_256_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit mp) { int i; sp_digit mu; - if (mp != 1) { - for (i=0; i<8; i++) { - mu = (a[i] * mp) & 0x1fffffff; - sp_256_mul_add_9(a+i, m, mu); - a[i+1] += a[i] >> 29; - } - mu = (a[i] * mp) & 0xffffffL; + sp_256_norm_9(a + 9); + + for (i=0; i<8; i++) { + mu = (a[i] * mp) & 0x1fffffff; sp_256_mul_add_9(a+i, m, mu); a[i+1] += a[i] >> 29; - a[i] &= 0x1fffffff; } - else { - for (i=0; i<8; i++) { - mu = a[i] & 0x1fffffff; - sp_256_mul_add_9(a+i, p256_mod, mu); - a[i+1] += a[i] >> 29; - } - mu = a[i] & 0xffffffL; - sp_256_mul_add_9(a+i, p256_mod, mu); - a[i+1] += a[i] >> 29; - a[i] &= 0x1fffffff; - } - + mu = (a[i] * mp) & 0xffffffL; + sp_256_mul_add_9(a+i, m, mu); + a[i+1] += a[i] >> 29; + a[i] &= 0x1fffffff; sp_256_mont_shift_9(a, a); sp_256_cond_sub_9(a, a, m, 0 - (((a[8] >> 24) > 0) ? (sp_digit)1 : (sp_digit)0)); sp_256_norm_9(a); } +/* Reduce the number back to 256 bits using Montgomery reduction. + * + * a A single precision number to reduce in place. + * m The single precision number representing the modulus. + * mp The digit representing the negative inverse of m mod 2^n. + */ +static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp) +{ + int i; + sp_digit am; + + (void)m; + (void)mp; + + for (i = 0; i < 8; i++) { + am = a[i] & 0x1fffffff; + a[i + 3] += (am << 9) & 0x1fffffff; + a[i + 4] += am >> 20; + a[i + 6] += (am << 18) & 0x1fffffff; + a[i + 7] += (am >> 11) - ((am << 21) & 0x1fffffff); + a[i + 8] += -(am >> 8) + ((am << 24) & 0x1fffffff); + a[i + 9] += am >> 5; + + a[i+1] += a[i] >> 29; + } + am = a[8] & 0xffffff; + a[8 + 3] += (am << 9) & 0x1fffffff; + a[8 + 4] += am >> 20; + a[8 + 6] += (am << 18) & 0x1fffffff; + a[8 + 7] += (am >> 11) - ((am << 21) & 0x1fffffff); + a[8 + 8] += -(am >> 8) + ((am << 24) & 0x1fffffff); + a[8 + 9] += am >> 5; + + a[0] = (a[ 8] >> 24) + ((a[ 9] << 5) & 0x1fffffff); + a[1] = (a[ 9] >> 24) + ((a[10] << 5) & 0x1fffffff); + a[2] = (a[10] >> 24) + ((a[11] << 5) & 0x1fffffff); + a[3] = (a[11] >> 24) + ((a[12] << 5) & 0x1fffffff); + a[4] = (a[12] >> 24) + ((a[13] << 5) & 0x1fffffff); + a[5] = (a[13] >> 24) + ((a[14] << 5) & 0x1fffffff); + a[6] = (a[14] >> 24) + ((a[15] << 5) & 0x1fffffff); + a[7] = (a[15] >> 24) + ((a[16] << 5) & 0x1fffffff); + a[8] = (a[16] >> 24) + (a[17] << 5); + + /* Get the bit over, if any. */ + am = a[8] >> 24; + /* Create mask. */ + am = 0 - am; + + a[0] -= 0x1fffffff & am; + a[1] -= 0x1fffffff & am; + a[2] -= 0x1fffffff & am; + a[3] -= 0x000001ff & am; + /* p256_mod[4] is zero */ + /* p256_mod[5] is zero */ + a[6] -= 0x00040000 & am; + a[7] -= 0x1fe00000 & am; + a[8] -= 0x00ffffff & am; + + sp_256_norm_9(a); +} + /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * @@ -28065,8 +28112,6 @@ static int sp_384_point_to_ecc_point_15(const sp_point_384* p, ecc_point* pm) return err; } -#define sp_384_mont_reduce_order_15 sp_384_mont_reduce_15 - /* Compare a with b in constant time. * * a A single precision integer. @@ -28292,7 +28337,7 @@ static void sp_384_mont_shift_15(sp_digit* r, const sp_digit* a) * m The single precision number representing the modulus. * mp The digit representing the negative inverse of m mod 2^n. */ -static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp) +static void sp_384_mont_reduce_order_15(sp_digit* a, const sp_digit* m, sp_digit mp) { int i; sp_digit mu; @@ -28314,6 +28359,83 @@ static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp) sp_384_norm_15(a); } +/* Reduce the number back to 384 bits using Montgomery reduction. + * + * a A single precision number to reduce in place. + * m The single precision number representing the modulus. + * mp The digit representing the negative inverse of m mod 2^n. + */ +static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp) +{ + int i; + sp_digit am; + + (void)m; + (void)mp; + + for (i = 0; i < 14; i++) { + am = (a[i] * 0x1) & 0x3ffffff; + a[i + 1] += (am << 6) & 0x3ffffff; + a[i + 2] += am >> 20; + a[i + 3] -= (am << 18) & 0x3ffffff; + a[i + 4] -= am >> 8; + a[i + 4] -= (am << 24) & 0x3ffffff; + a[i + 5] -= am >> 2; + a[i + 14] += (am << 20) & 0x3ffffff; + a[i + 15] += am >> 6; + + a[i+1] += a[i] >> 26; + } + am = (a[14] * 0x1) & 0xfffff; + a[14 + 1] += (am << 6) & 0x3ffffff; + a[14 + 2] += am >> 20; + a[14 + 3] -= (am << 18) & 0x3ffffff; + a[14 + 4] -= am >> 8; + a[14 + 4] -= (am << 24) & 0x3ffffff; + a[14 + 5] -= am >> 2; + a[14 + 14] += (am << 20) & 0x3ffffff; + a[14 + 15] += am >> 6; + + a[0] = (a[14] >> 20) + ((a[15] << 6) & 0x3ffffff); + a[1] = (a[15] >> 20) + ((a[16] << 6) & 0x3ffffff); + a[2] = (a[16] >> 20) + ((a[17] << 6) & 0x3ffffff); + a[3] = (a[17] >> 20) + ((a[18] << 6) & 0x3ffffff); + a[4] = (a[18] >> 20) + ((a[19] << 6) & 0x3ffffff); + a[5] = (a[19] >> 20) + ((a[20] << 6) & 0x3ffffff); + a[6] = (a[20] >> 20) + ((a[21] << 6) & 0x3ffffff); + a[7] = (a[21] >> 20) + ((a[22] << 6) & 0x3ffffff); + a[8] = (a[22] >> 20) + ((a[23] << 6) & 0x3ffffff); + a[9] = (a[23] >> 20) + ((a[24] << 6) & 0x3ffffff); + a[10] = (a[24] >> 20) + ((a[25] << 6) & 0x3ffffff); + a[11] = (a[25] >> 20) + ((a[26] << 6) & 0x3ffffff); + a[12] = (a[26] >> 20) + ((a[27] << 6) & 0x3ffffff); + a[13] = (a[27] >> 20) + ((a[28] << 6) & 0x3ffffff); + a[14] = (a[14 + 14] >> 20) + (a[29] << 6); + + /* Get the bit over, if any. */ + am = a[14] >> 20; + /* Create mask. */ + am = 0 - am; + + a[0] -= 0x03ffffff & am; + a[1] -= 0x0000003f & am; + /* p384_mod[2] is zero */ + a[3] -= 0x03fc0000 & am; + a[4] -= 0x02ffffff & am; + a[5] -= 0x03ffffff & am; + a[6] -= 0x03ffffff & am; + a[7] -= 0x03ffffff & am; + a[8] -= 0x03ffffff & am; + a[9] -= 0x03ffffff & am; + a[10] -= 0x03ffffff & am; + a[11] -= 0x03ffffff & am; + a[12] -= 0x03ffffff & am; + a[13] -= 0x03ffffff & am; + a[14] -= 0x000fffff & am; + + sp_384_norm_15(a); +} + /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * @@ -35767,7 +35889,6 @@ static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a, r[i + 7] = a[i + 7] + (b[i + 7] & m); } r[40] = a[40] + (b[40] & m); - r[41] = a[41] + (b[41] & m); #endif /* WOLFSSL_SP_SMALL */ } diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index 8756fc145..3d242ba07 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -22352,8 +22352,6 @@ static int sp_256_point_to_ecc_point_5(const sp_point_256* p, ecc_point* pm) return err; } -#define sp_256_mont_reduce_order_5 sp_256_mont_reduce_5 - /* Compare a with b in constant time. * * a A single precision integer. @@ -22515,40 +22513,86 @@ static void sp_256_mont_shift_5(sp_digit* r, const sp_digit* a) * m The single precision number representing the modulus. * mp The digit representing the negative inverse of m mod 2^n. */ -static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp) +static void sp_256_mont_reduce_order_5(sp_digit* a, const sp_digit* m, sp_digit mp) { int i; sp_digit mu; - if (mp != 1) { - for (i=0; i<4; i++) { - mu = (a[i] * mp) & 0xfffffffffffffL; - sp_256_mul_add_5(a+i, m, mu); - a[i+1] += a[i] >> 52; - } - mu = (a[i] * mp) & 0xffffffffffffL; + sp_256_norm_5(a + 5); + + for (i=0; i<4; i++) { + mu = (a[i] * mp) & 0xfffffffffffffL; sp_256_mul_add_5(a+i, m, mu); a[i+1] += a[i] >> 52; - a[i] &= 0xfffffffffffffL; } - else { - for (i=0; i<4; i++) { - mu = a[i] & 0xfffffffffffffL; - sp_256_mul_add_5(a+i, p256_mod, mu); - a[i+1] += a[i] >> 52; - } - mu = a[i] & 0xffffffffffffL; - sp_256_mul_add_5(a+i, p256_mod, mu); - a[i+1] += a[i] >> 52; - a[i] &= 0xfffffffffffffL; - } - + mu = (a[i] * mp) & 0xffffffffffffL; + sp_256_mul_add_5(a+i, m, mu); + a[i+1] += a[i] >> 52; + a[i] &= 0xfffffffffffffL; sp_256_mont_shift_5(a, a); sp_256_cond_sub_5(a, a, m, 0 - (((a[4] >> 48) > 0) ? (sp_digit)1 : (sp_digit)0)); sp_256_norm_5(a); } +/* Reduce the number back to 256 bits using Montgomery reduction. + * + * a A single precision number to reduce in place. + * m The single precision number representing the modulus. + * mp The digit representing the negative inverse of m mod 2^n. + */ +static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp) +{ + int i; + sp_int128 t; + sp_digit am; + + (void)m; + (void)mp; + + for (i = 0; i < 4; i++) { + am = a[i] & 0xfffffffffffffL; + /* Fifth word of modulus word */ + t = am; t *= 0x0ffffffff0000L; + + a[i+1] += (am << 44) & 0xfffffffffffffL; + a[i+2] += am >> 8; + a[i+3] += (am << 36) & 0xfffffffffffffL; + a[i+4] += (am >> 16) + (t & 0xfffffffffffffL); + a[i+5] += t >> 52; + + a[i+1] += a[i] >> 52; + } + am = a[4] & 0xffffffffffff; + /* Fifth word of modulus word */ + t = am; t *= 0x0ffffffff0000L; + + a[4+1] += (am << 44) & 0xfffffffffffffL; + a[4+2] += am >> 8; + a[4+3] += (am << 36) & 0xfffffffffffffL; + a[4+4] += (am >> 16) + (t & 0xfffffffffffffL); + a[4+5] += t >> 52; + + a[0] = (a[4] >> 48) + ((a[5] << 4) & 0xfffffffffffffL); + a[1] = (a[5] >> 48) + ((a[6] << 4) & 0xfffffffffffffL); + a[2] = (a[6] >> 48) + ((a[7] << 4) & 0xfffffffffffffL); + a[3] = (a[7] >> 48) + ((a[8] << 4) & 0xfffffffffffffL); + a[4] = (a[8] >> 48) + (a[9] << 4); + + /* Get the bit over, if any. */ + am = a[4] >> 48; + /* Create mask. */ + am = 0 - am; + + a[0] -= 0x000fffffffffffffL & am; + a[1] -= 0x00000fffffffffffL & am; + /* p256_mod[2] is zero */ + a[3] -= 0x0000001000000000L & am; + a[4] -= 0x0000ffffffff0000L & am; + + sp_256_norm_5(a); +} + /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * @@ -28999,8 +29043,6 @@ static int sp_384_point_to_ecc_point_7(const sp_point_384* p, ecc_point* pm) return err; } -#define sp_384_mont_reduce_order_7 sp_384_mont_reduce_7 - /* Compare a with b in constant time. * * a A single precision integer. @@ -29180,7 +29222,7 @@ static void sp_384_mont_shift_7(sp_digit* r, const sp_digit* a) * m The single precision number representing the modulus. * mp The digit representing the negative inverse of m mod 2^n. */ -static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp) +static void sp_384_mont_reduce_order_7(sp_digit* a, const sp_digit* m, sp_digit mp) { int i; sp_digit mu; @@ -29202,6 +29244,63 @@ static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp) sp_384_norm_7(a); } +/* Reduce the number back to 384 bits using Montgomery reduction. + * + * a A single precision number to reduce in place. + * m The single precision number representing the modulus. + * mp The digit representing the negative inverse of m mod 2^n. + */ +static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp) +{ + int i; + sp_digit am; + + (void)m; + (void)mp; + + for (i = 0; i < 6; i++) { + am = (a[i] * 0x100000001) & 0x7fffffffffffffL; + a[i + 0] += (am << 32) & 0x7fffffffffffffL; + a[i + 1] += (am >> 23) - ((am << 41) & 0x7fffffffffffffL); + a[i + 2] += -(am >> 14) - ((am << 18) & 0x7fffffffffffffL); + a[i + 3] += -(am >> 37); + a[i + 6] += (am << 54) & 0x7fffffffffffffL; + a[i + 7] += am >> 1; + + a[i+1] += a[i] >> 55; + } + am = (a[6] * 0x100000001) & 0x3fffffffffffff; + a[6 + 0] += (am << 32) & 0x7fffffffffffffL; + a[6 + 1] += (am >> 23) - ((am << 41) & 0x7fffffffffffffL); + a[6 + 2] += -(am >> 14) - ((am << 18) & 0x7fffffffffffffL); + a[6 + 3] += -(am >> 37); + a[6 + 6] += (am << 54) & 0x7fffffffffffffL; + a[6 + 7] += am >> 1; + + a[0] = (a[6] >> 54) + ((a[7] << 1) & 0x7fffffffffffffL); + a[1] = (a[7] >> 54) + ((a[8] << 1) & 0x7fffffffffffffL); + a[2] = (a[8] >> 54) + ((a[9] << 1) & 0x7fffffffffffffL); + a[3] = (a[9] >> 54) + ((a[10] << 1) & 0x7fffffffffffffL); + a[4] = (a[10] >> 54) + ((a[11] << 1) & 0x7fffffffffffffL); + a[5] = (a[11] >> 54) + ((a[12] << 1) & 0x7fffffffffffffL); + a[6] = (a[12] >> 54) + (a[13] << 1); + + /* Get the bit over, if any. */ + am = a[6] >> 54; + /* Create mask. */ + am = 0 - am; + + a[0] -= 0x00000000ffffffffL & am; + a[1] -= 0x007ffe0000000000L & am; + a[2] -= 0x007ffffffffbffffL & am; + a[3] -= 0x007fffffffffffffL & am; + a[4] -= 0x007fffffffffffffL & am; + a[5] -= 0x007fffffffffffffL & am; + a[6] -= 0x003fffffffffffffL & am; + + sp_384_norm_7(a); +} + /* Multiply two Montgomery form numbers mod the modulus (prime). * (r = a * b mod m) * From b45f1ed7616880a402d7fe3c705564d3168ca235 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Fri, 17 Dec 2021 11:11:16 -0800 Subject: [PATCH 08/16] KCAPI ECDSA Memory Use page aligned memory when using ECDSA signing and verify. --- wolfcrypt/src/port/kcapi/kcapi_ecc.c | 53 ++++++++++++++++++++++------ 1 file changed, 42 insertions(+), 11 deletions(-) diff --git a/wolfcrypt/src/port/kcapi/kcapi_ecc.c b/wolfcrypt/src/port/kcapi/kcapi_ecc.c index 5a64596ef..90b883db1 100644 --- a/wolfcrypt/src/port/kcapi/kcapi_ecc.c +++ b/wolfcrypt/src/port/kcapi/kcapi_ecc.c @@ -179,6 +179,10 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig, word32* sigLen) { int ret = 0; + unsigned char* buf_aligned = NULL; + unsigned char* hash_aligned = NULL; + unsigned char* sig_aligned = NULL; + size_t pageSz = (size_t)sysconf(_SC_PAGESIZE); if (key->handle == NULL) { ret = kcapi_akcipher_init(&key->handle, WC_NAME_ECDSA, 0); @@ -190,13 +194,38 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig, } } if (ret == 0) { - ret = kcapi_akcipher_sign(key->handle, hash, hashLen, sig, *sigLen, + if (((size_t)sig % pageSz != 0) || ((size_t)hash % pageSz != 0)) { + ret = posix_memalign((void*)&buf_aligned, pageSz, pageSz * 2); + if (ret < 0) { + ret = MEMORY_E; + } + } + } + if (ret == 0) { + sig_aligned = ((size_t)sig % pageSz == 0) ? sig : buf_aligned; + if ((size_t)hash % pageSz == 0) { + hash_aligned = (unsigned char*)hash; + } + else { + hash_aligned = buf_aligned + pageSz; + XMEMCPY(hash_aligned, hash, hashLen); + } + ret = kcapi_akcipher_sign(key->handle, hash_aligned, hashLen, + sig_aligned, *sigLen, KCAPI_ACCESS_HEURISTIC); if (ret >= 0) { *sigLen = ret; ret = 0; + if (sig_aligned != sig) { + XMEMCPY(sig, sig_aligned, ret); + } } } + /* Using free as this is in an environment that will have it + * available along with posix_memalign. */ + if (buf_aligned != NULL) { + free(buf_aligned); + } return ret; } @@ -225,7 +254,8 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig, word32 sigLen) { int ret = 0; - unsigned char* sigHash = NULL; + unsigned char* sigHash_aligned = NULL; + size_t pageSz = (size_t)sysconf(_SC_PAGESIZE); if (key->handle == NULL) { ret = kcapi_akcipher_init(&key->handle, WC_NAME_ECDSA, 0); @@ -238,25 +268,26 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig, } if (ret == 0) { - sigHash = (unsigned char*)XMALLOC(sigLen + hashLen, key->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (sigHash == NULL) { + ret = posix_memalign((void*)&sigHash_aligned, pageSz, sigLen + hashLen); + if (ret < 0) { ret = MEMORY_E; } } if (ret == 0) { - XMEMCPY(sigHash, sig, sigLen); - XMEMCPY(sigHash + sigLen, hash, hashLen); + XMEMCPY(sigHash_aligned, sig, sigLen); + XMEMCPY(sigHash_aligned + sigLen, hash, hashLen); - ret = kcapi_akcipher_verify(key->handle, sigHash, sigLen + hashLen, - NULL, hashLen, KCAPI_ACCESS_HEURISTIC); + ret = kcapi_akcipher_verify(key->handle, sigHash_aligned, + sigLen + hashLen, NULL, hashLen, KCAPI_ACCESS_HEURISTIC); if (ret >= 0) { ret = 0; } } - if (sigHash != NULL) { - XFREE(sigHash, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + /* Using free as this is in an environment that will have it + * available along with posix_memalign. */ + if (sigHash_aligned != NULL) { + free(sigHash_aligned); } return ret; } From 7d4c13b9a487fb865c63139da0312c1966ac37d6 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Mon, 20 Dec 2021 11:26:25 -0500 Subject: [PATCH 09/16] --with-liboqs now defines HAVE_LIBOQS and HAVE_PQC AKA: The Great Rename of December 2021 --- INSTALL | 10 +- README.md | 5 +- examples/benchmark/tls_bench.c | 2 +- examples/client/client.c | 138 +++++++++++++------------- examples/server/server.c | 116 +++++++++++----------- gencertbuf.pl | 6 +- src/internal.c | 58 +++++------ src/ssl.c | 36 +++---- src/tls.c | 168 ++++++++++++++++++-------------- src/tls13.c | 38 ++++---- tests/api.c | 8 +- tests/suites.c | 2 +- tests/test-tls13-pq.conf | 104 ++++++++++---------- wolfcrypt/benchmark/benchmark.c | 94 ++++++++++-------- wolfcrypt/benchmark/benchmark.h | 4 +- wolfcrypt/src/asn.c | 78 +++++++-------- wolfcrypt/src/falcon.c | 14 ++- wolfssl/certs_test.h | 4 +- wolfssl/internal.h | 28 +++--- wolfssl/ssl.h | 18 ++-- wolfssl/wolfcrypt/asn.h | 2 +- wolfssl/wolfcrypt/asn_public.h | 8 +- wolfssl/wolfcrypt/falcon.h | 8 +- wolfssl/wolfcrypt/settings.h | 5 + 24 files changed, 498 insertions(+), 456 deletions(-) diff --git a/INSTALL b/INSTALL index 7dabef740..cbd6bdcdb 100644 --- a/INSTALL +++ b/INSTALL @@ -168,13 +168,13 @@ For a quick start, you can run the client and server like this: - $ ./examples/server/server -v 4 --oqs P521_KYBER_LEVEL5 - $ ./examples/client/client -v 4 --oqs P521_KYBER_LEVEL5 + $ ./examples/server/server -v 4 --pqc P521_KYBER_LEVEL5 + $ ./examples/client/client -v 4 --pqc P521_KYBER_LEVEL5 Look for the following line in the output of the server and client: ``` - Using OQS KEM: P521_KYBER_LEVEL5 + Using Post-Quantum KEM: P521_KYBER_LEVEL5 ``` For authentication, you can generate a certificate chain using the Open @@ -208,13 +208,13 @@ -A certs/falcon_level5_root_cert.pem \ -c certs/falcon_level1_entity_cert.pem \ -k certs/falcon_level1_entity_key.pem \ - --oqs P521_KYBER_LEVEL5 + --pqc P521_KYBER_LEVEL5 $ examples/client/client -v 4 -l TLS_AES_256_GCM_SHA384 \ -A certs/falcon_level1_root_cert.pem \ -c certs/falcon_level5_entity_cert.pem \ -k certs/falcon_level5_entity_key.pem \ - --oqs P521_KYBER_LEVEL5 + --pqc P521_KYBER_LEVEL5 Congratulations! You have just achieved a fully quantum-safe TLS 1.3 connection! diff --git a/README.md b/README.md index 5425df361..ac3861220 100644 --- a/README.md +++ b/README.md @@ -12,8 +12,9 @@ standard operating environments as well because of its royalty-free pricing and excellent cross platform support. wolfSSL supports industry standards up to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.2, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20, -Curve25519, Blake2b and OQS TLS 1.3 groups. User benchmarking and feedback -reports dramatically better performance when using wolfSSL over OpenSSL. +Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and +feedback reports dramatically better performance when using wolfSSL over +OpenSSL. wolfSSL is powered by the wolfCrypt cryptography library. Two versions of wolfCrypt have been FIPS 140-2 validated (Certificate #2425 and diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 3521cf744..2294cd08f 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -271,7 +271,7 @@ static struct group_info groups[] = { { WOLFSSL_FFDHE_4096, "FFDHE_4096" }, { WOLFSSL_FFDHE_6144, "FFDHE_6144" }, { WOLFSSL_FFDHE_8192, "FFDHE_8192" }, -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC { WOLFSSL_NTRU_HPS_LEVEL1, "NTRU_HPS_LEVEL1" }, { WOLFSSL_NTRU_HPS_LEVEL3, "NTRU_HPS_LEVEL3" }, { WOLFSSL_NTRU_HPS_LEVEL5, "NTRU_HPS_LEVEL5" }, diff --git a/examples/client/client.c b/examples/client/client.c index 68cf8017d..93f3cc48c 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -286,7 +286,7 @@ static void ShowVersions(void) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #define MAX_GROUP_NUMBER 4 static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, - int useX448, int useLibOqs, char* oqsAlg, int setGroups) + int useX448, int usePqc, char* pqcAlg, int setGroups) { int ret; int groups[MAX_GROUP_NUMBER] = {0}; @@ -294,8 +294,8 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); if (onlyKeyShare == 0 || onlyKeyShare == 2) { @@ -362,120 +362,120 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, } while (ret == WC_PENDING_E); #endif } - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (onlyKeyShare == 0 || onlyKeyShare == 3) { - if (useLibOqs) { + if (usePqc) { int group = 0; - if (XSTRNCMP(oqsAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { + if (XSTRNCMP(pqcAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { group = WOLFSSL_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL3", XSTRLEN("KYBER_LEVEL3")) == 0) { group = WOLFSSL_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL5", XSTRLEN("KYBER_LEVEL5")) == 0) { group = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL1", XSTRLEN("NTRU_HPS_LEVEL1")) == 0) { group = WOLFSSL_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL3", XSTRLEN("NTRU_HPS_LEVEL3")) == 0) { group = WOLFSSL_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL5", XSTRLEN("NTRU_HPS_LEVEL5")) == 0) { group = WOLFSSL_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HRSS_LEVEL3", XSTRLEN("NTRU_HRSS_LEVEL3")) == 0) { group = WOLFSSL_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL1", XSTRLEN("SABER_LEVEL1")) == 0) { group = WOLFSSL_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL3", XSTRLEN("SABER_LEVEL3")) == 0) { group = WOLFSSL_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL5", XSTRLEN("SABER_LEVEL5")) == 0) { group = WOLFSSL_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL1", XSTRLEN("KYBER_90S_LEVEL1")) == 0) { group = WOLFSSL_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL3", XSTRLEN("KYBER_90S_LEVEL3")) == 0) { group = WOLFSSL_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL5", XSTRLEN("KYBER_90S_LEVEL5")) == 0) { group = WOLFSSL_KYBER_90S_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1", XSTRLEN("P256_NTRU_HPS_LEVEL1")) == 0) { group = WOLFSSL_P256_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3", XSTRLEN("P384_NTRU_HPS_LEVEL3")) == 0) { group = WOLFSSL_P384_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5", XSTRLEN("P521_NTRU_HPS_LEVEL5")) == 0) { group = WOLFSSL_P521_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3", XSTRLEN("P384_NTRU_HRSS_LEVEL3")) == 0) { group = WOLFSSL_P384_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P256_SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_SABER_LEVEL1", XSTRLEN("P256_SABER_LEVEL1")) == 0) { group = WOLFSSL_P256_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_SABER_LEVEL3", XSTRLEN("P384_SABER_LEVEL3")) == 0) { group = WOLFSSL_P384_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_SABER_LEVEL5", XSTRLEN("P521_SABER_LEVEL5")) == 0) { group = WOLFSSL_P521_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_LEVEL1", XSTRLEN("P256_KYBER_LEVEL1")) == 0) { group = WOLFSSL_P256_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_LEVEL3", XSTRLEN("P384_KYBER_LEVEL3")) == 0) { group = WOLFSSL_P384_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_LEVEL5", XSTRLEN("P521_KYBER_LEVEL5")) == 0) { group = WOLFSSL_P521_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_90S_LEVEL1", XSTRLEN("P256_KYBER_90S_LEVEL1")) == 0) { group = WOLFSSL_P256_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_90S_LEVEL3", XSTRLEN("P384_KYBER_90S_LEVEL3")) == 0) { group = WOLFSSL_P384_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_90S_LEVEL5", XSTRLEN("P521_KYBER_90S_LEVEL5")) == 0) { group = WOLFSSL_P521_KYBER_90S_LEVEL5; } else { - err_sys("invalid OQS KEM specified"); + err_sys("invalid post-quantum KEM specified"); } - printf("Using OQS KEM: %s\n", oqsAlg); + printf("Using Post-Quantum KEM: %s\n", pqcAlg); if (wolfSSL_UseKeyShare(ssl, group) != WOLFSSL_SUCCESS) { - err_sys("unable to use oqs KEM"); + err_sys("unable to use post-quantum KEM"); } } } @@ -560,7 +560,7 @@ static const char* client_bench_conmsg[][5] = { static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, int dtlsUDP, int dtlsSCTP, int benchmark, int resumeSession, int useX25519, - int useX448, int useLibOqs, char* oqsAlg, int helloRetry, int onlyKeyShare, + int useX448, int usePqc, char* pqcAlg, int helloRetry, int onlyKeyShare, int version, int earlyData) { /* time passed in number of connects give average */ @@ -578,8 +578,8 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, (void)resumeSession; (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; (void)helloRetry; (void)onlyKeyShare; (void)version; @@ -610,7 +610,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, else if (version >= 4) { if (!helloRetry) SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, - useLibOqs, oqsAlg, 1); + usePqc, pqcAlg, 1); else wolfSSL_NoKeyShares(ssl); } @@ -694,7 +694,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, /* Measures throughput in mbps. Throughput = number of bytes */ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519, - int useX448, int useLibOqs, char* oqsAlg, int exitWithRet, int version, + int useX448, int usePqc, char* pqcAlg, int exitWithRet, int version, int onlyKeyShare) { double start, conn_time = 0, tx_time = 0, rx_time = 0; @@ -714,14 +714,14 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; (void)version; (void)onlyKeyShare; #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (version >= 4) { - SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs, - oqsAlg, 1); + SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc, + pqcAlg, 1); } #endif @@ -1303,8 +1303,8 @@ static const char* client_usage_msg[][70] = { "-7 Set minimum downgrade protocol version [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 69 */ #endif -#ifdef HAVE_LIBOQS - "--oqs Key Share with specified liboqs algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", +#ifdef HAVE_PQC + "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" @@ -1513,8 +1513,8 @@ static const char* client_usage_msg[][70] = { "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 69 */ #endif -#ifdef HAVE_LIBOQS - "--oqs liboqs 名前付きグループとの鍵共有のみ\n", +#ifdef HAVE_PQC + "--pqc post-quantum 名前付きグループとの鍵共有のみ\n", "[KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " LIGHTSABER, SABER, FIRESABER, P256_NTRU_HPS_LEVEL1,\n" @@ -1740,11 +1740,11 @@ static void Usage(void) #endif printf("%s", msg[++msgid]); /* -7 */ printf("%s", msg[++msgid]); /* Examples repo link */ -#ifdef HAVE_LIBOQS - printf("%s", msg[++msgid]); /* --oqs */ - printf("%s", msg[++msgid]); /* --oqs options */ - printf("%s", msg[++msgid]); /* more --oqs options */ - printf("%s", msg[++msgid]); /* more --oqs options */ +#ifdef HAVE_PQC + printf("%s", msg[++msgid]); /* --pqc */ + printf("%s", msg[++msgid]); /* --pqc options */ + printf("%s", msg[++msgid]); /* more --pqc options */ + printf("%s", msg[++msgid]); /* more --pqc options */ #endif } @@ -1784,8 +1784,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif { "help", 0, 257 }, { "ヘルプ", 0, 258 }, -#if defined(HAVE_LIBOQS) - { "oqs", 1, 259 }, +#if defined(HAVE_PQC) + { "pqc", 1, 259 }, #endif { 0, 0, 0 } }; @@ -1891,8 +1891,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif int useX25519 = 0; int useX448 = 0; - int useLibOqs = 0; - char* oqsAlg = NULL; + int usePqc = 0; + char* pqcAlg = NULL; int exitWithRet = 0; int loadCertKeyIntoSSLObj = 0; @@ -1981,8 +1981,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) (void)onlyKeyShare; (void)useSupCurve; (void)loadCertKeyIntoSSLObj; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; StackTrap(); /* Reinitialize the global myVerifyAction. */ @@ -2541,11 +2541,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) && \ - defined(HAVE_LIBOQS) + defined(HAVE_PQC) case 259: - useLibOqs = 1; + usePqc = 1; onlyKeyShare = 3; - oqsAlg = myoptarg; + pqcAlg = myoptarg; break; #endif default: @@ -2664,14 +2664,14 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) err_sys("can't load whitewood net random config file"); #endif -#ifdef HAVE_LIBOQS - if (useLibOqs) { +#ifdef HAVE_PQC + if (usePqc) { if (version == CLIENT_DOWNGRADE_VERSION || version == EITHER_DOWNGRADE_VERSION) printf("WARNING: If a TLS 1.3 connection is not negotiated, you " - "will not be using a liboqs group.\n"); + "will not be using a post-quantum group.\n"); else if (version != 4) - err_sys("can only use liboqs groups with TLS 1.3"); + err_sys("can only use post-quantum groups with TLS 1.3"); } #endif @@ -3205,7 +3205,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) ((func_args*)args)->return_code = ClientBenchmarkConnections(ctx, host, port, dtlsUDP, dtlsSCTP, benchmark, resumeSession, useX25519, - useX448, useLibOqs, oqsAlg, helloRetry, + useX448, usePqc, pqcAlg, helloRetry, onlyKeyShare, version, earlyData); wolfSSL_CTX_free(ctx); ctx = NULL; XEXIT_T(EXIT_SUCCESS); @@ -3215,7 +3215,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) ((func_args*)args)->return_code = ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP, block, throughput, useX25519, useX448, - useLibOqs, oqsAlg, exitWithRet, version, + usePqc, pqcAlg, exitWithRet, version, onlyKeyShare); wolfSSL_CTX_free(ctx); ctx = NULL; if (((func_args*)args)->return_code != EXIT_SUCCESS && !exitWithRet) @@ -3340,8 +3340,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (!helloRetry && version >= 4) { - SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs, - oqsAlg, 0); + SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc, + pqcAlg, 0); } else { wolfSSL_NoKeyShares(ssl); diff --git a/examples/server/server.c b/examples/server/server.c index c28f9ac18..378c360e1 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -586,7 +586,7 @@ static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #define MAX_GROUP_NUMBER 4 static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, - int useX448, int useLibOqs, char* oqsAlg) + int useX448, int usePqc, char* pqcAlg) { int ret; int groups[MAX_GROUP_NUMBER] = {0}; @@ -594,8 +594,8 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, (void)useX25519; (void)useX448; - (void)useLibOqs; - (void)oqsAlg; + (void)usePqc; + (void)pqcAlg; WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); if (onlyKeyShare == 2) { @@ -629,124 +629,124 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, } while (ret == WC_PENDING_E); #endif } - else if (useLibOqs == 1) { - #ifdef HAVE_LIBOQS + else if (usePqc == 1) { + #ifdef HAVE_PQC groups[count] = 0; - if (XSTRNCMP(oqsAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { + if (XSTRNCMP(pqcAlg, "KYBER_LEVEL1", XSTRLEN("KYBER_LEVEL1")) == 0) { groups[count] = WOLFSSL_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL3", XSTRLEN("KYBER_LEVEL3")) == 0) { groups[count] = WOLFSSL_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_LEVEL5", XSTRLEN("KYBER_LEVEL5")) == 0) { groups[count] = WOLFSSL_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL1", XSTRLEN("NTRU_HPS_LEVEL1")) == 0) { groups[count] = WOLFSSL_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL3", XSTRLEN("NTRU_HPS_LEVEL3")) == 0) { groups[count] = WOLFSSL_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "NTRU_HPS_LEVEL5", XSTRLEN("NTRU_HPS_LEVEL5")) == 0) { groups[count] = WOLFSSL_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "NTRU_HRSS_LEVEL3", XSTRLEN("NTRU_HRSS_LEVEL3")) == 0) { groups[count] = WOLFSSL_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL1", XSTRLEN("SABER_LEVEL1")) == 0) { groups[count] = WOLFSSL_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL3", XSTRLEN("SABER_LEVEL3")) == 0) { groups[count] = WOLFSSL_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "SABER_LEVEL5", XSTRLEN("SABER_LEVEL5")) == 0) { groups[count] = WOLFSSL_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL1", XSTRLEN("KYBER_90S_LEVEL1")) == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL3", XSTRLEN("KYBER_90S_LEVEL3")) == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "KYBER_90S_LEVEL5", XSTRLEN("KYBER_90S_LEVEL5")) == 0) { groups[count] = WOLFSSL_KYBER_90S_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_NTRU_HPS_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_NTRU_HPS_LEVEL1", XSTRLEN("P256_NTRU_HPS_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_NTRU_HPS_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HPS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HPS_LEVEL3", XSTRLEN("P384_NTRU_HPS_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_NTRU_HPS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_NTRU_HPS_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_NTRU_HPS_LEVEL5", XSTRLEN("P521_NTRU_HPS_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_NTRU_HPS_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P384_NTRU_HRSS_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_NTRU_HRSS_LEVEL3", XSTRLEN("P384_NTRU_HRSS_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_NTRU_HRSS_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P256_SABER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_SABER_LEVEL1", XSTRLEN("P256_SABER_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_SABER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_SABER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_SABER_LEVEL3", XSTRLEN("P384_SABER_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_SABER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_SABER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_SABER_LEVEL5", XSTRLEN("P521_SABER_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_SABER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_LEVEL1", XSTRLEN("P256_KYBER_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_KYBER_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_LEVEL3", XSTRLEN("P384_KYBER_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_KYBER_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_LEVEL5", XSTRLEN("P521_KYBER_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_KYBER_LEVEL5; } - else if (XSTRNCMP(oqsAlg, "P256_KYBER_90S_LEVEL1", + else if (XSTRNCMP(pqcAlg, "P256_KYBER_90S_LEVEL1", XSTRLEN("P256_KYBER_90S_LEVEL1")) == 0) { groups[count] = WOLFSSL_P256_KYBER_90S_LEVEL1; } - else if (XSTRNCMP(oqsAlg, "P384_KYBER_90S_LEVEL3", + else if (XSTRNCMP(pqcAlg, "P384_KYBER_90S_LEVEL3", XSTRLEN("P384_KYBER_90S_LEVEL3")) == 0) { groups[count] = WOLFSSL_P384_KYBER_90S_LEVEL3; } - else if (XSTRNCMP(oqsAlg, "P521_KYBER_90S_LEVEL5", + else if (XSTRNCMP(pqcAlg, "P521_KYBER_90S_LEVEL5", XSTRLEN("P521_KYBER_90S_LEVEL5")) == 0) { groups[count] = WOLFSSL_P521_KYBER_90S_LEVEL5; } if (groups[count] == 0) { - err_sys("invalid OQS KEM specified"); + err_sys("invalid post-quantum KEM specified"); } else { if (wolfSSL_UseKeyShare(ssl, groups[count]) == WOLFSSL_SUCCESS) { - printf("Using OQS KEM: %s\n", oqsAlg); + printf("Using Post-Quantum KEM: %s\n", pqcAlg); count++; } else { groups[count] = 0; - err_sys("unable to use oqs algorithm"); + err_sys("unable to use post-quantum algorithm"); } } #endif @@ -945,8 +945,8 @@ static const char* server_usage_msg[][60] = { "-7 Set minimum downgrade protocol version [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 59 */ #endif -#ifdef HAVE_LIBOQS - "--oqs Key Share with specified liboqs algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", +#ifdef HAVE_PQC + "--pqc Key Share with specified post-quantum algorithm only [KYBER_LEVEL1, KYBER_LEVEL3,\n", " KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" @@ -1109,8 +1109,8 @@ static const char* server_usage_msg[][60] = { "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] " " SSLv3(0) - TLS1.3(4)\n", /* 59 */ #endif -#ifdef HAVE_LIBOQS - "--oqs liboqs 名前付きグループとの鍵共有のみ\n", +#ifdef HAVE_PQC + "--pqc post-quantum 名前付きグループとの鍵共有のみ\n", "[KYBER_LEVEL1, KYBER_LEVEL3, KYBER_LEVEL5, KYBER_90S_LEVEL1, KYBER_90S_LEVEL3, KYBER_90S_LEVEL5,\n", " NTRU_HPS_LEVEL1, NTRU_HPS_LEVEL3, NTRU_HPS_LEVEL5, NTRU_HRSS_LEVEL3,\n", " SABER_LEVEL1, SABER_LEVEL3, SABER_LEVEL5, P256_NTRU_HPS_LEVEL1,\n" @@ -1260,11 +1260,11 @@ static void Usage(void) #endif printf("%s", msg[++msgId]); /* -7 */ printf("%s", msg[++msgId]); /* Examples repo link */ -#ifdef HAVE_LIBOQS - printf("%s", msg[++msgId]); /* --oqs */ - printf("%s", msg[++msgId]); /* --oqs options */ - printf("%s", msg[++msgId]); /* more --oqs options */ - printf("%s", msg[++msgId]); /* more --oqs options */ +#ifdef HAVE_PQC + printf("%s", msg[++msgId]); /* --pqc */ + printf("%s", msg[++msgId]); /* --pqc options */ + printf("%s", msg[++msgId]); /* more --pqc options */ + printf("%s", msg[++msgId]); /* more --pqc options */ #endif } @@ -1293,8 +1293,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #endif { "help", 0, 257 }, { "ヘルプ", 0, 258 }, -#if defined(HAVE_LIBOQS) - { "oqs", 1, 259 }, +#if defined(HAVE_PQC) + { "pqc", 1, 259 }, #endif { 0, 0, 0 } }; @@ -1447,8 +1447,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #endif int useX25519 = 0; int useX448 = 0; - int useLibOqs = 0; - char* oqsAlg = NULL; + int usePqc = 0; + char* pqcAlg = NULL; int exitWithRet = 0; int loadCertKeyIntoSSLObj = 0; @@ -1508,8 +1508,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) (void)mcastID; (void)loadCertKeyIntoSSLObj; (void)nonBlocking; - (void)oqsAlg; - (void)useLibOqs; + (void)pqcAlg; + (void)usePqc; #ifdef WOLFSSL_TIRTOS fdOpenSession(Task_self()); @@ -2022,11 +2022,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) break; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case 259: - useLibOqs = 1; + usePqc = 1; onlyKeyShare = 2; - oqsAlg = myoptarg; + pqcAlg = myoptarg; break; #endif @@ -2070,14 +2070,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) "file"); #endif -#ifdef HAVE_LIBOQS - if (useLibOqs) { +#ifdef HAVE_PQC + if (usePqc) { if (version == SERVER_DOWNGRADE_VERSION || version == EITHER_DOWNGRADE_VERSION) { printf("WARNING: If a TLS 1.3 connection is not negotiated, you " - "will not be using a liboqs group.\n"); + "will not be using a post-quantum group.\n"); } else if (version != 4) { - err_sys("can only use liboqs groups with TLS 1.3"); + err_sys("can only use post-quantum groups with TLS 1.3"); } } #endif @@ -2775,8 +2775,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (version >= 4) { - SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, useLibOqs, - oqsAlg); + SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, usePqc, + pqcAlg); } #endif diff --git a/gencertbuf.pl b/gencertbuf.pl index 06f90e8b6..fb84eb2b3 100755 --- a/gencertbuf.pl +++ b/gencertbuf.pl @@ -99,7 +99,7 @@ my @fileList_4096 = ( ); #Falcon Post-Quantum Keys -#Used with HAVE_LIBOQS +#Used with HAVE_PQC my @fileList_falcon = ( ["certs/falcon/bench_falcon_level1_key.der", "bench_falcon_level1_key" ], ["certs/falcon/bench_falcon_level5_key.der", "bench_falcon_level5_key" ], @@ -194,7 +194,7 @@ for (my $i = 0; $i < $num_4096; $i++) { print OUT_FILE "#endif /* USE_CERT_BUFFERS_4096 */\n\n"; # convert and print falcon keys -print OUT_FILE "#ifdef HAVE_LIBOQS\n\n"; +print OUT_FILE "#ifdef HAVE_PQC\n\n"; for (my $i = 0; $i < $num_falcon; $i++) { my $fname = $fileList_falcon[$i][0]; @@ -208,7 +208,7 @@ for (my $i = 0; $i < $num_falcon; $i++) { print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n"; } -print OUT_FILE "#endif /* HAVE_LIBOQS */\n\n"; +print OUT_FILE "#endif /* HAVE_PQC */\n\n"; # convert and print 256-bit cert/keys print OUT_FILE "#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)\n\n"; diff --git a/src/internal.c b/src/internal.c index cc0edc8d0..65ac2d73b 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2012,7 +2012,7 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side) ssl->options.haveECC = 1; /* server turns on with ECC key cert */ } #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ssl->options.side == WOLFSSL_CLIENT_END) { ssl->options.haveFalconSig = 1; /* always on client side */ } @@ -2080,7 +2080,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->minEccKeySz = MIN_ECCKEY_SZ; ctx->eccTempKeySz = ECDHE_SIZE; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ctx->minFalconKeySz = MIN_FALCONKEY_SZ; #endif ctx->verifyDepth = MAX_CHAIN_DEPTH; @@ -2140,7 +2140,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->CBIOSend = GNRC_SendTo; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (method->side == WOLFSSL_CLIENT_END) ctx->haveFalconSig = 1; /* always on client side */ /* server can turn on by loading key */ @@ -2683,7 +2683,7 @@ static WC_INLINE void AddSuiteHashSigAlgo(Suites* suites, byte macAlgo, } else #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (sigAlgo == falcon_level1_sa_algo) { suites->hashSigAlgo[*inOutIdx] = FALCON_LEVEL1_SA_MAJOR; *inOutIdx += 1; @@ -2760,10 +2760,10 @@ void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig, } #endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */ if (haveFalconSig) { -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) AddSuiteHashSigAlgo(suites, no_mac, falcon_level1_sa_algo, keySz, &idx); AddSuiteHashSigAlgo(suites, no_mac, falcon_level5_sa_algo, keySz, &idx); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ } if (haveRSAsig) { #ifdef WC_RSA_PSS @@ -3830,8 +3830,8 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy *hashAlgo = input[1]; } break; -#ifdef HAVE_LIBOQS - case OQS_SA_MAJOR: +#ifdef HAVE_PQC + case PQC_SA_MAJOR: if (input[1] == FALCON_LEVEL1_SA_MINOR) { *hsType = falcon_level1_sa_algo; /* Hash performed as part of sign/verify operation. */ @@ -6000,7 +6000,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) #ifdef HAVE_ECC ssl->options.minEccKeySz = ctx->minEccKeySz; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ssl->options.minFalconKeySz = ctx->minFalconKeySz; #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -6736,11 +6736,11 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey) wc_curve448_free((curve448_key*)*pKey); break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: wc_falcon_free((falcon_key*)*pKey); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DH case DYNAMIC_TYPE_DH: wc_FreeDhKey((DhKey*)*pKey); @@ -6803,11 +6803,11 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) sz = sizeof(curve448_key); break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: sz = sizeof(falcon_key); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DH case DYNAMIC_TYPE_DH: sz = sizeof(DhKey); @@ -6853,7 +6853,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) ret = 0; break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: wc_falcon_init((falcon_key*)*pKey); ret = 0; @@ -6884,7 +6884,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey) #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ defined(HAVE_CURVE25519) || defined(HAVE_ED448) || \ - defined(HAVE_CURVE448) || defined(HAVE_LIBOQS) + defined(HAVE_CURVE448) || defined(HAVE_PQC) static int ReuseKey(WOLFSSL* ssl, int type, void* pKey) { int ret = 0; @@ -6930,12 +6930,12 @@ static int ReuseKey(WOLFSSL* ssl, int type, void* pKey) ret = wc_curve448_init((curve448_key*)pKey); break; #endif /* HAVE_CURVE448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case DYNAMIC_TYPE_FALCON: wc_falcon_free((falcon_key*)pKey); ret = wc_falcon_init((falcon_key*)pKey); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DH case DYNAMIC_TYPE_DH: wc_FreeDhKey((DhKey*)pKey); @@ -7173,7 +7173,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) } #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC FreeKey(ssl, DYNAMIC_TYPE_FALCON, (void**)&ssl->peerFalconKey); ssl->peerFalconKeyPresent = 0; #endif @@ -7396,10 +7396,10 @@ void FreeHandshakeResources(WOLFSSL* ssl) FreeKey(ssl, DYNAMIC_TYPE_ED448, (void**)&ssl->peerEd448Key); ssl->peerEd448KeyPresent = 0; #endif /* HAVE_ED448 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC FreeKey(ssl, DYNAMIC_TYPE_FALCON, (void**)&ssl->peerFalconKey); ssl->peerFalconKeyPresent = 0; -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ } #ifdef HAVE_ECC @@ -11860,7 +11860,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args) } break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: if (ssl->options.minFalconKeySz < 0 || FALCON_LEVEL1_KEY_SIZE < (word16)ssl->options.minFalconKeySz) { @@ -11877,7 +11877,7 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args) ret = FALCON_KEY_SIZE_E; } break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: WOLFSSL_MSG("Key size not checked"); /* key not being checked for size if not in @@ -13080,7 +13080,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, break; } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: case FALCON_LEVEL5k: { @@ -13125,7 +13125,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, WOLFSSL_MSG("Peer Falcon key is too small"); } } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: break; } @@ -21703,7 +21703,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list) defined(HAVE_ED448) haveECDSAsig = 1; #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) haveFalconSig = 1; #endif } @@ -21922,7 +21922,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo) return sigAlgo == ed448_sa_algo; } #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ssl->pkCurveOID == CTC_FALCON_LEVEL1) { /* Certificate has Falcon level 1 key, only match with Falcon level 1 * sig alg */ @@ -22036,7 +22036,7 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz) break; } #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) if (ssl->pkCurveOID == CTC_FALCON_LEVEL1 || ssl->pkCurveOID == CTC_FALCON_LEVEL5 ) { /* Matched Falcon - set chosen and finished. */ @@ -22702,7 +22702,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) } } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ssl->buffers.keyType == falcon_level1_sa_algo || ssl->buffers.keyType == falcon_level5_sa_algo || ssl->buffers.keyType == 0) { @@ -22762,7 +22762,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length) goto exit_dpk; } } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ (void)idx; (void)keySz; diff --git a/src/ssl.c b/src/ssl.c index 924e0a921..f33ef570e 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -117,7 +117,7 @@ #include #include #include - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) #include #endif #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) @@ -208,7 +208,7 @@ const WOLF_EC_NIST_NAME kNistCurves[] = { {XSTR_SIZEOF("B-320"), "B-320", NID_brainpoolP320r1}, {XSTR_SIZEOF("B-384"), "B-384", NID_brainpoolP384r1}, {XSTR_SIZEOF("B-512"), "B-512", NID_brainpoolP512r1}, -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC {XSTR_SIZEOF("KYBER_LEVEL1"), "KYBER_LEVEL1", WOLFSSL_KYBER_LEVEL1}, {XSTR_SIZEOF("KYBER_LEVEL3"), "KYBER_LEVEL3", WOLFSSL_KYBER_LEVEL3}, {XSTR_SIZEOF("KYBER_LEVEL5"), "KYBER_LEVEL5", WOLFSSL_KYBER_LEVEL5}, @@ -2615,7 +2615,7 @@ static int isValidCurveGroup(word16 name) case WOLFSSL_FFDHE_6144: case WOLFSSL_FFDHE_8192: -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case WOLFSSL_KYBER_LEVEL1: case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: @@ -3939,7 +3939,7 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap) #ifdef HAVE_ECC cm->minEccKeySz = MIN_ECCKEY_SZ; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC cm->minFalconKeySz = MIN_FALCONKEY_SZ; #endif @@ -4887,7 +4887,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) } break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: if (cm->minFalconKeySz < 0 || FALCON_LEVEL1_KEY_SIZE < (word16)cm->minFalconKeySz) { @@ -4902,7 +4902,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) WOLFSSL_MSG("\tCA Falcon level 5 key size error"); } break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: WOLFSSL_MSG("\tNo key size check done on CA"); @@ -5442,7 +5442,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der #endif if (ret != 0) { #if !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \ - !defined(HAVE_ED448) && !defined(HAVE_LIBOQS) + !defined(HAVE_ED448) && !defined(HAVE_PQC) WOLFSSL_MSG("RSA decode failed and other algorithms " "not enabled to try"); ret = WOLFSSL_BAD_FILE; @@ -5675,7 +5675,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der #endif } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (ret == 0 && ((*keyFormat == 0) || (*keyFormat == FALCON_LEVEL1k) || (*keyFormat == FALCON_LEVEL5k))) { /* make sure Falcon key can be used */ @@ -5739,7 +5739,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der } XFREE(key, heap, DYNAMIC_TYPE_FALCON); } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ return ret; } @@ -6087,7 +6087,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ - defined(HAVE_LIBOQS) + defined(HAVE_PQC) if (ssl) { ssl->pkCurveOID = cert->pkCurveOID; #ifndef WC_STRICT_SIG @@ -6104,7 +6104,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ssl->options.haveECC = 1; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC else if (cert->keyOID == FALCON_LEVEL1k || cert->keyOID == FALCON_LEVEL5k) { ssl->options.haveFalconSig = 1; @@ -6130,7 +6130,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ctx->haveECC = 1; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC else if (cert->keyOID == FALCON_LEVEL1k || cert->keyOID == FALCON_LEVEL5k) { ctx->haveFalconSig = 1; @@ -6243,7 +6243,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: case FALCON_LEVEL5k: /* Falcon is fixed key size */ @@ -6263,7 +6263,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } } break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: WOLFSSL_MSG("No key size check done on certificate"); @@ -8524,7 +8524,7 @@ static WOLFSSL_EVP_PKEY* d2iGenericKey(WOLFSSL_EVP_PKEY** out, #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* !NO_DH && OPENSSL_EXTRA && WOLFSSL_DH_EXTRA */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC { int isFalcon = 0; #ifdef WOLFSSL_SMALL_STACK @@ -8584,7 +8584,7 @@ static WOLFSSL_EVP_PKEY* d2iGenericKey(WOLFSSL_EVP_PKEY** out, } } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ if (pkey == NULL) { WOLFSSL_MSG("wolfSSL_d2i_PUBKEY couldn't determine key type"); @@ -32216,7 +32216,7 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { #ifdef HAVE_ED25519 { NID_ED25519, ED25519k, oidKeyType, "ED25519", "ED25519"}, #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC { CTC_FALCON_LEVEL1, FALCON_LEVEL1k, oidKeyType, "Falcon Level 1", "Falcon Level 1"}, { CTC_FALCON_LEVEL5, FALCON_LEVEL5k, oidKeyType, "Falcon Level 5", @@ -36959,7 +36959,7 @@ struct WOLFSSL_HashSigInfo { #ifdef HAVE_ED448 { no_mac, ed448_sa_algo, CTC_ED448 }, #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC { no_mac, falcon_level1_sa_algo, CTC_FALCON_LEVEL1 }, { no_mac, falcon_level5_sa_algo, CTC_FALCON_LEVEL5 }, #endif diff --git a/src/tls.c b/src/tls.c index ed1466b8d..af3ec880b 100644 --- a/src/tls.c +++ b/src/tls.c @@ -48,9 +48,11 @@ #ifdef HAVE_CURVE448 #include #endif +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS #include #endif +#endif #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) static int TLSX_KeyShare_IsSupported(int namedGroup); @@ -3800,7 +3802,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type, #ifdef HAVE_SUPPORTED_CURVES #if !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) && !defined(HAVE_CURVE448) \ - && !defined(HAVE_FFDHE) && !defined(HAVE_LIBOQS) + && !defined(HAVE_FFDHE) && !defined(HAVE_PQC) #error Elliptic Curves Extension requires Elliptic Curve Cryptography or liboqs groups. \ Use --enable-ecc and/or --enable-liboqs in the configure script or \ define HAVE_ECC. Alternatively use FFDHE for DH ciphersuites. @@ -6633,6 +6635,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse) return ret; } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS /* Transform a group ID into an OQS Algorithm name as a string. */ static const char* OQS_ID2name(int id) @@ -6655,73 +6658,75 @@ static const char* OQS_ID2name(int id) } return NULL; } +#endif /* HAVE_LIBOQS */ -typedef struct OqsHybridMapping { +typedef struct PqcHybridMapping { int hybrid; int ecc; - int oqs; -} OqsHybridMapping; + int pqc; +} PqcHybridMapping; -static const OqsHybridMapping oqs_hybrid_mapping[] = { - {.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_NTRU_HPS_LEVEL1}, - {.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_NTRU_HPS_LEVEL3}, - {.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_NTRU_HPS_LEVEL5}, - {.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_NTRU_HRSS_LEVEL3}, - {.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_SABER_LEVEL1}, - {.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_SABER_LEVEL3}, - {.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_SABER_LEVEL5}, - {.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_KYBER_LEVEL1}, - {.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_KYBER_LEVEL3}, - {.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_KYBER_LEVEL5}, - {.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, - .oqs = WOLFSSL_KYBER_90S_LEVEL1}, - {.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, - .oqs = WOLFSSL_KYBER_90S_LEVEL3}, - {.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, - .oqs = WOLFSSL_KYBER_90S_LEVEL5}, - {.hybrid = 0, .ecc = 0, .oqs = 0} +static const PqcHybridMapping pqc_hybrid_mapping[] = { + {.hybrid = WOLFSSL_P256_NTRU_HPS_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_NTRU_HPS_LEVEL1}, + {.hybrid = WOLFSSL_P384_NTRU_HPS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_NTRU_HPS_LEVEL3}, + {.hybrid = WOLFSSL_P521_NTRU_HPS_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_NTRU_HPS_LEVEL5}, + {.hybrid = WOLFSSL_P384_NTRU_HRSS_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_NTRU_HRSS_LEVEL3}, + {.hybrid = WOLFSSL_P256_SABER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_SABER_LEVEL1}, + {.hybrid = WOLFSSL_P384_SABER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_SABER_LEVEL3}, + {.hybrid = WOLFSSL_P521_SABER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_SABER_LEVEL5}, + {.hybrid = WOLFSSL_P256_KYBER_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_KYBER_LEVEL1}, + {.hybrid = WOLFSSL_P384_KYBER_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_KYBER_LEVEL3}, + {.hybrid = WOLFSSL_P521_KYBER_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_KYBER_LEVEL5}, + {.hybrid = WOLFSSL_P256_KYBER_90S_LEVEL1, .ecc = WOLFSSL_ECC_SECP256R1, + .pqc = WOLFSSL_KYBER_90S_LEVEL1}, + {.hybrid = WOLFSSL_P384_KYBER_90S_LEVEL3, .ecc = WOLFSSL_ECC_SECP384R1, + .pqc = WOLFSSL_KYBER_90S_LEVEL3}, + {.hybrid = WOLFSSL_P521_KYBER_90S_LEVEL5, .ecc = WOLFSSL_ECC_SECP521R1, + .pqc = WOLFSSL_KYBER_90S_LEVEL5}, + {.hybrid = 0, .ecc = 0, .pqc = 0} }; -/* This will map an ecc-oqs hybrid group into its ecc group and oqs group. - * If it cannot find a mapping then *oqs is set to group. ecc is optional. */ -static void findEccOqs(int *ecc, int *oqs, int group) +/* This will map an ecc-pqs hybrid group into its ecc group and pqc kem group. + * If it cannot find a mapping then *pqc is set to group. ecc is optional. */ +static void findEccPqc(int *ecc, int *pqc, int group) { int i; - if (oqs == NULL) { + if (pqc == NULL) { return; } - *oqs = 0; + *pqc = 0; if (ecc != NULL) { *ecc = 0; } - for (i = 0; oqs_hybrid_mapping[i].hybrid != 0; i++) { - if (oqs_hybrid_mapping[i].hybrid == group) { - *oqs = oqs_hybrid_mapping[i].oqs; + for (i = 0; pqc_hybrid_mapping[i].hybrid != 0; i++) { + if (pqc_hybrid_mapping[i].hybrid == group) { + *pqc = pqc_hybrid_mapping[i].pqc; if (ecc != NULL) { - *ecc = oqs_hybrid_mapping[i].ecc; + *ecc = pqc_hybrid_mapping[i].ecc; } break; } } - if (*oqs == 0) { + if (*pqc == 0) { /* It is not a hybrid, so maybe its simple. */ - *oqs = group; + *pqc = group; } } +#ifdef HAVE_LIBOQS /* Create a key share entry using liboqs parameters group. * Generates a key pair. * @@ -6740,7 +6745,7 @@ static int TLSX_KeyShare_GenOqsKey(WOLFSSL *ssl, KeyShareEntry* kse) int oqs_group = 0; int ecc_group = 0; - findEccOqs(&ecc_group, &oqs_group, kse->group); + findEccPqc(&ecc_group, &oqs_group, kse->group); algName = OQS_ID2name(oqs_group); if (algName == NULL) { WOLFSSL_MSG("Invalid OQS algorithm specified."); @@ -6830,7 +6835,8 @@ static int TLSX_KeyShare_GenOqsKey(WOLFSSL *ssl, KeyShareEntry* kse) return ret; } -#endif +#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* Generate a secret/key using the key share entry. * @@ -6847,9 +6853,11 @@ static int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse) ret = TLSX_KeyShare_GenX25519Key(ssl, kse); else if (kse->group == WOLFSSL_ECC_X448) ret = TLSX_KeyShare_GenX448Key(ssl, kse); +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS - else if (kse->group >= WOLFSSL_OQS_MIN && kse->group <= WOLFSSL_OQS_MAX) + else if (kse->group >= WOLFSSL_PQC_MIN && kse->group <= WOLFSSL_PQC_MAX) ret = TLSX_KeyShare_GenOqsKey(ssl, kse); +#endif #endif else ret = TLSX_KeyShare_GenEccKey(ssl, kse); @@ -6886,9 +6894,9 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap) wc_curve448_free((curve448_key*)current->key); #endif } -#ifdef HAVE_LIBOQS - else if (current->group >= WOLFSSL_OQS_MIN && - current->group <= WOLFSSL_OQS_MAX && +#ifdef HAVE_PQC + else if (current->group >= WOLFSSL_PQC_MIN && + current->group <= WOLFSSL_PQC_MAX && current->key != NULL) { ForceZero((byte*)current->key, current->keyLen); } @@ -7408,6 +7416,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) return ret; } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS /* Process the liboqs key share extension on the client side. * @@ -7450,7 +7459,7 @@ static int TLSX_KeyShare_ProcessOqs(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) } /* I am the client, the ciphertext is in keyShareEntry->ke */ - findEccOqs(&ecc_group, &oqs_group, keyShareEntry->group); + findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); algName = OQS_ID2name(oqs_group); if (algName == NULL) { @@ -7559,6 +7568,7 @@ static int TLSX_KeyShare_ProcessOqs(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) return ret; } #endif +#endif /* Process the key share extension on the client side. * @@ -7581,10 +7591,12 @@ static int TLSX_KeyShare_Process(WOLFSSL* ssl, KeyShareEntry* keyShareEntry) ret = TLSX_KeyShare_ProcessX25519(ssl, keyShareEntry); else if (keyShareEntry->group == WOLFSSL_ECC_X448) ret = TLSX_KeyShare_ProcessX448(ssl, keyShareEntry); +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS - else if (keyShareEntry->group >= WOLFSSL_OQS_MIN && - keyShareEntry->group <= WOLFSSL_OQS_MAX) + else if (keyShareEntry->group >= WOLFSSL_PQC_MIN && + keyShareEntry->group <= WOLFSSL_PQC_MAX) ret = TLSX_KeyShare_ProcessOqs(ssl, keyShareEntry); +#endif #endif else ret = TLSX_KeyShare_ProcessEcc(ssl, keyShareEntry); @@ -7633,9 +7645,9 @@ static int TLSX_KeyShareEntry_Parse(WOLFSSL* ssl, const byte* input, if (keLen > length - offset) return BUFFER_ERROR; -#ifdef HAVE_LIBOQS - if (group >= WOLFSSL_OQS_MIN && - group <= WOLFSSL_OQS_MAX && +#ifdef HAVE_PQC + if (group >= WOLFSSL_PQC_MIN && + group <= WOLFSSL_PQC_MAX && ssl->options.side == WOLFSSL_SERVER_END) { /* For KEMs, the public key is not stored. Casting away const because * we know for KEMs, it will be read-only.*/ @@ -7800,7 +7812,7 @@ static int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length, /* Not in list sent if there isn't a private key. */ if (keyShareEntry == NULL || (keyShareEntry->key == NULL - #if !defined(NO_DH) || defined(HAVE_LIBOQS) + #if !defined(NO_DH) || defined(HAVE_PQC) && keyShareEntry->privKey == NULL #endif )) { @@ -7838,9 +7850,9 @@ static int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length, return ret; } -#ifdef HAVE_LIBOQS - /* For oqs groups, do this in TLSX_PopulateExtensions(). */ - if (group < WOLFSSL_OQS_MIN || group > WOLFSSL_OQS_MAX) +#ifdef HAVE_PQC + /* For post-quantum groups, do this in TLSX_PopulateExtensions(). */ + if (group < WOLFSSL_PQC_MIN || group > WOLFSSL_PQC_MAX) #endif ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL); } @@ -7888,6 +7900,7 @@ static int TLSX_KeyShare_New(KeyShareEntry** list, int group, void *heap, return 0; } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS static int server_generate_oqs_ciphertext(WOLFSSL* ssl, KeyShareEntry* keyShareEntry, @@ -7908,7 +7921,7 @@ static int server_generate_oqs_ciphertext(WOLFSSL* ssl, ecc_key eccpubkey; word32 outlen = 0; - findEccOqs(&ecc_group, &oqs_group, keyShareEntry->group); + findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group); algName = OQS_ID2name(oqs_group); if (algName == NULL) { WOLFSSL_MSG("Invalid OQS algorithm specified."); @@ -8034,6 +8047,7 @@ static int server_generate_oqs_ciphertext(WOLFSSL* ssl, return ret; } #endif +#endif /* Use the data to create a new key share object in the extensions. * @@ -8082,9 +8096,10 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data, } +#ifdef HAVE_PQC #ifdef HAVE_LIBOQS - if (group >= WOLFSSL_OQS_MIN && - group <= WOLFSSL_OQS_MAX && + if (group >= WOLFSSL_PQC_MIN && + group <= WOLFSSL_PQC_MAX && ssl->options.side == WOLFSSL_SERVER_END) { ret = server_generate_oqs_ciphertext(ssl, keyShareEntry, data, len); @@ -8092,6 +8107,7 @@ int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, byte* data, return ret; } else +#endif #endif if (data != NULL) { if (keyShareEntry->ke != NULL) { @@ -8243,7 +8259,7 @@ static int TLSX_KeyShare_IsSupported(int namedGroup) break; #endif #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case WOLFSSL_KYBER_LEVEL1: case WOLFSSL_KYBER_LEVEL3: case WOLFSSL_KYBER_LEVEL5: @@ -8270,10 +8286,12 @@ static int TLSX_KeyShare_IsSupported(int namedGroup) case WOLFSSL_P256_KYBER_90S_LEVEL1: case WOLFSSL_P384_KYBER_90S_LEVEL3: case WOLFSSL_P521_KYBER_90S_LEVEL5: - findEccOqs(NULL, &namedGroup, namedGroup); + #ifdef HAVE_LIBOQS + findEccPqc(NULL, &namedGroup, namedGroup); if (! OQS_KEM_alg_is_enabled(OQS_ID2name(namedGroup))) { return 0; } + #endif break; #endif default: @@ -8341,7 +8359,7 @@ static int TLSX_KeyShare_GroupRank(WOLFSSL* ssl, int group) #ifdef HAVE_FFDHE_8192 ssl->group[ssl->numGroups++] = WOLFSSL_FFDHE_8192; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* For the liboqs groups we need to do a runtime check because * liboqs could be compiled to make an algorithm unavailable. */ @@ -8524,9 +8542,9 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry) clientKSE->group > MAX_FFHDE_GROUP) { /* Check max value supported. */ if (clientKSE->group > WOLFSSL_ECC_MAX) { -#ifdef HAVE_LIBOQS - if (clientKSE->group < WOLFSSL_OQS_MIN || - clientKSE->group > WOLFSSL_OQS_MAX ) +#ifdef HAVE_PQC + if (clientKSE->group < WOLFSSL_PQC_MIN || + clientKSE->group > WOLFSSL_PQC_MAX ) #endif continue; } @@ -8566,9 +8584,9 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry) return ret; if (clientKSE->key == NULL) { -#ifdef HAVE_LIBOQS - if (clientKSE->group >= WOLFSSL_OQS_MIN && - clientKSE->group <= WOLFSSL_OQS_MAX ) { +#ifdef HAVE_PQC + if (clientKSE->group >= WOLFSSL_PQC_MIN && + clientKSE->group <= WOLFSSL_PQC_MAX ) { /* Going to need the public key (AKA ciphertext). */ serverKSE->pubKey = clientKSE->pubKey; clientKSE->pubKey = NULL; @@ -10220,7 +10238,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1, ssl->heap); if (ret == WOLFSSL_SUCCESS) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL3, @@ -10298,7 +10316,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_90S_LEVEL5, ssl->heap); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ (void)ssl; (void)extensions; @@ -10469,9 +10487,9 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) namedGroup = kse->group; } if (namedGroup > 0) { -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* For KEMs, the key share has already been generated. */ - if (namedGroup < WOLFSSL_OQS_MIN || namedGroup > WOLFSSL_OQS_MAX) + if (namedGroup < WOLFSSL_PQC_MIN || namedGroup > WOLFSSL_PQC_MAX) #endif ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL); if (ret != 0) diff --git a/src/tls13.c b/src/tls13.c index 08e2adefb..b70df4ad8 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5241,7 +5241,7 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx, #ifndef NO_CERTS #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ - defined(HAVE_ED448) || defined(HAVE_LIBOQS) + defined(HAVE_ED448) || defined(HAVE_PQC) /* Encode the signature algorithm into buffer. * * hashalgo The hash algorithm. @@ -5280,7 +5280,7 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output) output[1] = hashAlgo; break; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case falcon_level1_sa_algo: output[0] = FALCON_LEVEL1_SA_MAJOR; output[1] = FALCON_LEVEL1_SA_MINOR; @@ -5333,8 +5333,8 @@ static WC_INLINE int DecodeTls13SigAlg(byte* input, byte* hashAlgo, else ret = INVALID_PARAMETER; break; -#ifdef HAVE_LIBOQS - case OQS_SA_MAJOR: +#ifdef HAVE_PQC + case PQC_SA_MAJOR: if (input[1] == FALCON_LEVEL1_SA_MINOR) { *hsType = falcon_level1_sa_algo; /* Hash performed as part of sign/verify operation. */ @@ -5967,7 +5967,7 @@ static int SendTls13Certificate(WOLFSSL* ssl) } #if (!defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ - defined(HAVE_ED448) || defined(HAVE_LIBOQS)) && \ + defined(HAVE_ED448) || defined(HAVE_PQC)) && \ (!defined(NO_WOLFSSL_SERVER) || !defined(WOLFSSL_NO_CLIENT_AUTH)) typedef struct Scv13Args { byte* output; /* not allocated */ @@ -6112,7 +6112,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) else if (ssl->hsType == DYNAMIC_TYPE_ED448) args->sigAlgo = ed448_sa_algo; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC else if (ssl->hsType == DYNAMIC_TYPE_FALCON) { falcon_key* fkey = (falcon_key*)ssl->hsKey; byte level = 0; @@ -6206,11 +6206,11 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) sig->length = ED448_SIG_SIZE; } #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->hsType == DYNAMIC_TYPE_FALCON) { sig->length = FALCON_MAX_SIG_SIZE; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; @@ -6262,7 +6262,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) args->length = (word16)sig->length; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->hsType == DYNAMIC_TYPE_FALCON) { ret = wc_falcon_sign_msg(args->sigData, args->sigDataSz, args->verify + HASH_SIG_SIZE + @@ -6270,7 +6270,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) (falcon_key*)ssl->hsKey); args->length = (word16)sig->length; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_RSA if (ssl->hsType == DYNAMIC_TYPE_RSA) { ret = RsaSign(ssl, sig->buffer, (word32)sig->length, @@ -6581,7 +6581,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, goto exit_dcv; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (args->sigAlgo == falcon_level1_sa_algo && !ssl->peerFalconKeyPresent) { WOLFSSL_MSG("Peer sent Falcon Level 1 sig but different cert"); ret = SIG_VERIFY_E; @@ -6664,7 +6664,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, ret = 0; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->peerFalconKeyPresent) { WOLFSSL_MSG("Doing Falcon peer cert verify"); @@ -6758,7 +6758,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, } } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (ssl->peerFalconKeyPresent) { int res = 0; WOLFSSL_MSG("Doing Falcon peer cert verify"); @@ -8141,7 +8141,7 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, #endif #if !defined(NO_RSA) || defined(HAVE_ECC) || defined(HAVE_ED25519) || \ - defined(HAVE_ED448) || defined(HAVE_LIBOQS) + defined(HAVE_ED448) || defined(HAVE_PQC) case certificate_verify: WOLFSSL_MSG("processing certificate verify"); ret = DoTls13CertificateVerify(ssl, input, inOutIdx, size); @@ -8579,7 +8579,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) case FIRST_REPLY_THIRD: #if (!defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \ defined(HAVE_ED25519) || defined(HAVE_ED448) || \ - defined(HAVE_LIBOQS))) && (!defined(NO_WOLFSSL_SERVER) || \ + defined(HAVE_PQC))) && (!defined(NO_WOLFSSL_SERVER) || \ !defined(WOLFSSL_NO_CLIENT_AUTH)) if (!ssl->options.resuming && ssl->options.sendVerify) { ssl->error = SendTls13CertificateVerify(ssl); @@ -8740,9 +8740,9 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group) } #endif -#ifdef HAVE_LIBOQS - if (group >= WOLFSSL_OQS_MIN && - group <= WOLFSSL_OQS_MAX) { +#ifdef HAVE_PQC + if (group >= WOLFSSL_PQC_MIN && + group <= WOLFSSL_PQC_MAX) { if (ssl->ctx != NULL && ssl->ctx->method != NULL && ssl->ctx->method->version.minor != TLSv1_3_MINOR) { @@ -9525,7 +9525,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) case TLS13_CERT_SENT : #if !defined(NO_CERTS) && (!defined(NO_RSA) || defined(HAVE_ECC) || \ - defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_LIBOQS)) + defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_PQC)) if (!ssl->options.resuming && ssl->options.sendVerify) { if ((ssl->error = SendTls13CertificateVerify(ssl)) != 0) { WOLFSSL_ERROR(ssl->error); diff --git a/tests/api.c b/tests/api.c index 733a3b0dd..2bfd7cea2 100644 --- a/tests/api.c +++ b/tests/api.c @@ -47079,7 +47079,7 @@ static int test_tls13_apis(void) #endif #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) int groups[2] = { WOLFSSL_ECC_SECP256R1, -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC WOLFSSL_SABER_LEVEL3 #else WOLFSSL_ECC_SECP256R1 @@ -47099,11 +47099,11 @@ static int test_tls13_apis(void) #endif #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 "P-256" -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ":P256_SABER_LEVEL1" #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ":KYBER_LEVEL1" #endif ""; @@ -47209,7 +47209,7 @@ static int test_tls13_apis(void) #endif #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3), diff --git a/tests/suites.c b/tests/suites.c index 68755c33b..f410fb5d6 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -877,7 +877,7 @@ int SuiteTest(int argc, char** argv) goto exit; } #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC /* add TLSv13 pq tests */ strcpy(argv0[1], "tests/test-tls13-pq.conf"); printf("starting TLSv13 post-quantum groups tests\n"); diff --git a/tests/test-tls13-pq.conf b/tests/test-tls13-pq.conf index 0d2baecc1..a3f2a6af8 100644 --- a/tests/test-tls13-pq.conf +++ b/tests/test-tls13-pq.conf @@ -1,260 +1,260 @@ # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL1 +--pqc KYBER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL1 +--pqc KYBER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL3 +--pqc KYBER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL3 +--pqc KYBER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL5 +--pqc KYBER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_LEVEL5 +--pqc KYBER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL1 +--pqc KYBER_90S_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL1 +--pqc KYBER_90S_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL3 +--pqc KYBER_90S_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL3 +--pqc KYBER_90S_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL5 +--pqc KYBER_90S_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs KYBER_90S_LEVEL5 +--pqc KYBER_90S_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL1 +--pqc NTRU_HPS_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL1 +--pqc NTRU_HPS_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL3 +--pqc NTRU_HPS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL3 +--pqc NTRU_HPS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL5 +--pqc NTRU_HPS_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HPS_LEVEL5 +--pqc NTRU_HPS_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HRSS_LEVEL3 +--pqc NTRU_HRSS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs NTRU_HRSS_LEVEL3 +--pqc NTRU_HRSS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL1 +--pqc SABER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL1 +--pqc SABER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL3 +--pqc SABER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL3 +--pqc SABER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL5 +--pqc SABER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs SABER_LEVEL5 +--pqc SABER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_NTRU_HPS_LEVEL1 +--pqc P256_NTRU_HPS_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_NTRU_HPS_LEVEL1 +--pqc P256_NTRU_HPS_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HPS_LEVEL3 +--pqc P384_NTRU_HPS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HPS_LEVEL3 +--pqc P384_NTRU_HPS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_NTRU_HPS_LEVEL5 +--pqc P521_NTRU_HPS_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_NTRU_HPS_LEVEL5 +--pqc P521_NTRU_HPS_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HRSS_LEVEL3 +--pqc P384_NTRU_HRSS_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_NTRU_HRSS_LEVEL3 +--pqc P384_NTRU_HRSS_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_SABER_LEVEL1 +--pqc P256_SABER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_SABER_LEVEL1 +--pqc P256_SABER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_SABER_LEVEL3 +--pqc P384_SABER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_SABER_LEVEL3 +--pqc P384_SABER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_SABER_LEVEL5 +--pqc P521_SABER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_SABER_LEVEL5 +--pqc P521_SABER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_LEVEL1 +--pqc P256_KYBER_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_LEVEL1 +--pqc P256_KYBER_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_LEVEL3 +--pqc P384_KYBER_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_LEVEL3 +--pqc P384_KYBER_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_LEVEL5 +--pqc P521_KYBER_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_LEVEL5 +--pqc P521_KYBER_LEVEL5 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_90S_LEVEL1 +--pqc P256_KYBER_90S_LEVEL1 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P256_KYBER_90S_LEVEL1 +--pqc P256_KYBER_90S_LEVEL1 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_90S_LEVEL3 +--pqc P384_KYBER_90S_LEVEL3 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P384_KYBER_90S_LEVEL3 +--pqc P384_KYBER_90S_LEVEL3 # server TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_90S_LEVEL5 +--pqc P521_KYBER_90S_LEVEL5 # client TLSv1.3 with post-quantum group -v 4 -l TLS13-AES256-GCM-SHA384 ---oqs P521_KYBER_90S_LEVEL5 +--pqc P521_KYBER_90S_LEVEL5 diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index e29802bf9..f4b13ad4b 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -200,6 +200,8 @@ #endif #ifdef HAVE_LIBOQS #include +#endif +#ifdef HAVE_PQC #include #endif @@ -612,7 +614,7 @@ typedef struct bench_pq_alg { const char* str; /* Bit values to set. */ word32 val; - const char* oqs_name; + const char* pqc_name; } bench_pq_alg; /* All recognized post-quantum asymmetric algorithm choosing command line @@ -1500,7 +1502,7 @@ static void bench_stats_asym_finish(const char* algo, int strength, } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) static void bench_stats_pq_asym_finish(const char* algo, int doAsync, int count, double start, int ret) { @@ -2160,63 +2162,63 @@ static void* benchmarks_do(void* args) #endif #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL1_SIGN)) bench_falconKeySign(1); if (bench_all || (bench_pq_asym_algs & BENCH_FALCON_LEVEL5_SIGN)) bench_falconKeySign(5); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_KYBER90S_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_KYBER90S_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_KYBER90S_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_SABER_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_SABER_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_SABER_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_SABER_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_SABER_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_SABER_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_SABER_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_SABER_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_SABER_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_SABER_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL1_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL1_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL1_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL3_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHPS_LEVEL5_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHPS_LEVEL5_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHPS_LEVEL5_ENCAP); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHRSS_LEVEL3_KEYGEN)) - bench_oqsKemKeygen(BENCH_NTRUHRSS_LEVEL3_KEYGEN); + bench_pqcKemKeygen(BENCH_NTRUHRSS_LEVEL3_KEYGEN); if (bench_all || (bench_pq_asym_algs & BENCH_NTRUHRSS_LEVEL3_ENCAP)) - bench_oqsKemEncapDecap(BENCH_NTRUHRSS_LEVEL3_ENCAP); + bench_pqcKemEncapDecap(BENCH_NTRUHRSS_LEVEL3_ENCAP); #endif #ifdef WOLFCRYPT_HAVE_SAKKE @@ -6656,34 +6658,36 @@ void bench_sakke(void) #endif /* WOLFCRYPT_SAKKE_CLIENT */ #endif /* WOLFCRYPT_HAVE_SAKKE */ -#ifdef HAVE_LIBOQS -static void bench_oqsKemInit(word32 alg, byte **priv_key, byte **pub_key, +#ifdef HAVE_PQC +static void bench_pqcKemInit(word32 alg, byte **priv_key, byte **pub_key, const char **wolf_name, OQS_KEM **kem) { int i; - const char *oqs_name = NULL; + const char *pqc_name = NULL; *pub_key = NULL; *priv_key = NULL; for (i=0; bench_pq_asym_opt[i].str != NULL; i++) { if (alg == bench_pq_asym_opt[i].val) { - oqs_name = bench_pq_asym_opt[i].oqs_name; + pqc_name = bench_pq_asym_opt[i].pqc_name; *wolf_name = bench_pq_asym_opt[i].str; break; } } - if (oqs_name == NULL) { + if (pqc_name == NULL) { printf("Bad OQS Alg specified\n"); return; } - *kem = OQS_KEM_new(oqs_name); +#ifdef HAVE_LIBOQS + *kem = OQS_KEM_new(pqc_name); if (*kem == NULL) { printf("OQS_KEM_new() failed\n"); return; } +#endif *pub_key = (byte*)XMALLOC((*kem)->length_public_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6694,7 +6698,7 @@ static void bench_oqsKemInit(word32 alg, byte **priv_key, byte **pub_key, } -void bench_oqsKemKeygen(word32 alg) +void bench_pqcKemKeygen(word32 alg) { const char *wolf_name = NULL; OQS_KEM* kem = NULL; @@ -6703,22 +6707,24 @@ void bench_oqsKemKeygen(word32 alg) byte *priv_key; byte *pub_key; - bench_oqsKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); + bench_pqcKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); if (wolf_name == NULL || kem == NULL || pub_key == NULL || priv_key == NULL) { - printf("bench_oqsKemInit() failed\n"); + printf("bench_pqcKemInit() failed\n"); goto exit; } bench_stats_start(&count, &start); do { for (i = 0; i < genTimes; i++) { +#ifdef HAVE_LIBOQS ret = OQS_KEM_keypair(kem, pub_key, priv_key); if (ret != OQS_SUCCESS) { printf("OQS_KEM_keypair() failed: %d\n", ret); goto exit; } +#endif } count += i; } while (bench_stats_sym_check(start)); @@ -6733,7 +6739,7 @@ exit: } -void bench_oqsKemEncapDecap(word32 alg) +void bench_pqcKemEncapDecap(word32 alg) { const char *wolf_name = NULL; OQS_KEM* kem = NULL; @@ -6744,19 +6750,21 @@ void bench_oqsKemEncapDecap(word32 alg) byte *ciphertext = NULL; byte *shared_secret = NULL; - bench_oqsKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); + bench_pqcKemInit(alg, &priv_key, &pub_key, &wolf_name, &kem); if (wolf_name == NULL || kem == NULL || pub_key == NULL || priv_key == NULL) { - printf("bench_oqsKemInit() failed\n"); + printf("bench_pqcKemInit() failed\n"); goto exit; } +#ifdef HAVE_LIBOQS ret = OQS_KEM_keypair(kem, pub_key, priv_key); if (ret != OQS_SUCCESS) { printf("OQS_KEM_keypair() failed: %d\n", ret); goto exit; } +#endif shared_secret = (byte*)XMALLOC(kem->length_shared_secret, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -6773,6 +6781,7 @@ void bench_oqsKemEncapDecap(word32 alg) bench_stats_start(&count, &start); do { for (i = 0; i < agreeTimes; i++) { +#ifdef HAVE_LIBOQS ret = OQS_KEM_encaps(kem, ciphertext, shared_secret, pub_key); if (ret != OQS_SUCCESS) { printf("OQS_KEM_encaps() failed: %d\n", ret); @@ -6784,6 +6793,7 @@ void bench_oqsKemEncapDecap(word32 alg) printf("OQS_KEM_decaps() failed: %d\n", ret); goto exit; } +#endif } count += i; } while (bench_stats_sym_check(start)); @@ -6898,7 +6908,7 @@ void bench_falconKeySign(byte level) wc_falcon_free(&key); } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #ifndef HAVE_STACK_SIZE #if defined(_WIN32) && !defined(INTIME_RTOS) diff --git a/wolfcrypt/benchmark/benchmark.h b/wolfcrypt/benchmark/benchmark.h index 15a33da1b..34380ba02 100644 --- a/wolfcrypt/benchmark/benchmark.h +++ b/wolfcrypt/benchmark/benchmark.h @@ -107,8 +107,8 @@ void bench_blake2b(void); void bench_blake2s(void); void bench_pbkdf2(void); void bench_falconKeySign(byte level); -void bench_oqsKemKeygen(word32 alg); -void bench_oqsKemEncapDecap(word32 alg); +void bench_pqcKemKeygen(word32 alg); +void bench_pqcKemEncapDecap(word32 alg); void bench_stats_print(void); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 1c8bbe038..9a1ed7a11 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -133,7 +133,7 @@ ASN Options: #include #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #include #endif @@ -3822,13 +3822,13 @@ static word32 SetBitString16Bit(word16 val, byte* output) #ifdef HAVE_ED448 static const byte sigEd448Oid[] = {43, 101, 113}; #endif /* HAVE_ED448 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* Falcon Level 1: 1 3 9999 3 1 */ static const byte sigFalcon_Level1Oid[] = {43, 206, 15, 3, 1}; /* Falcon Level 5: 1 3 9999 3 4 */ static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 4}; -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* keyType */ #ifndef NO_DSA @@ -3855,13 +3855,13 @@ static word32 SetBitString16Bit(word16 val, byte* output) #ifndef NO_DH static const byte keyDhOid[] = {42, 134, 72, 134, 247, 13, 1, 3, 1}; #endif /* !NO_DH */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* Falcon Level 1: 1 3 9999 3 1 */ static const byte keyFalcon_Level1Oid[] = {43, 206, 15, 3, 1}; /* Falcon Level 5: 1 3 9999 3 4 */ static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 4}; -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* curveType */ #ifdef HAVE_ECC @@ -4286,7 +4286,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) *oidSz = sizeof(sigEd448Oid); break; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case CTC_FALCON_LEVEL1: oid = sigFalcon_Level1Oid; *oidSz = sizeof(sigFalcon_Level1Oid); @@ -4351,7 +4351,7 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz) *oidSz = sizeof(keyDhOid); break; #endif /* !NO_DH */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: oid = keyFalcon_Level1Oid; *oidSz = sizeof(keyFalcon_Level1Oid); @@ -6189,7 +6189,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } else #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */ - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) if ((ks == FALCON_LEVEL1k) || (ks == FALCON_LEVEL5k)) { #ifdef WOLFSSL_SMALL_STACK falcon_key* key_pair = NULL; @@ -6242,7 +6242,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #endif } else - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ { ret = 0; } @@ -6544,7 +6544,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, XFREE(ed448, heap, DYNAMIC_TYPE_TMP_BUFFER); } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if (*algoID == 0) { falcon_key *falcon = (falcon_key *)XMALLOC(sizeof(*falcon), heap, DYNAMIC_TYPE_TMP_BUFFER); @@ -6578,7 +6578,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, } XFREE(falcon, heap, DYNAMIC_TYPE_TMP_BUFFER); } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ /* if flag is not set then this is not a key that we understand. */ if (*algoID == 0) { @@ -9657,7 +9657,7 @@ static int GetCertHeader(DecodedCert* cert) } #endif -#if defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_LIBOQS) +#if defined(HAVE_ED25519) || defined(HAVE_ED448) || defined(HAVE_PQC) /* Store the key data under the BIT_STRING in dynamicly allocated data. * * @param [in, out] cert Certificate object. @@ -10087,7 +10087,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx, ret = StoreKey(cert, source, &srcIdx, maxIdx); break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: cert->pkCurveOID = FALCON_LEVEL1k; ret = StoreKey(cert, source, &srcIdx, maxIdx); @@ -10096,7 +10096,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx, cert->pkCurveOID = FALCON_LEVEL5k; ret = StoreKey(cert, source, &srcIdx, maxIdx); break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ #ifndef NO_DSA case DSAk: cert->publicKey = source + pubIdx; @@ -12710,7 +12710,7 @@ static WC_INLINE int IsSigAlgoECC(int algoOID) #ifdef HAVE_CURVE448 || (algoOID == X448k) #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC || (algoOID == FALCON_LEVEL1k) || (algoOID == FALCON_LEVEL5k) #endif @@ -12992,7 +12992,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx) sigCtx->key.ed448 = NULL; break; #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: case FALCON_LEVEL5k: wc_falcon_free(sigCtx->key.falcon); @@ -13000,7 +13000,7 @@ void FreeSignatureCtx(SignatureCtx* sigCtx) DYNAMIC_TYPE_FALCON); sigCtx->key.falcon = NULL; break; - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: break; } /* switch (keyOID) */ @@ -13138,7 +13138,7 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID, */ break; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case CTC_FALCON_LEVEL1: case CTC_FALCON_LEVEL5: /* Hashes done in signing operation. */ @@ -13444,7 +13444,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, break; } #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) case FALCON_LEVEL1k: { sigCtx->verify = 0; @@ -13614,7 +13614,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, break; } #endif - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) case FALCON_LEVEL1k: case FALCON_LEVEL5k: { @@ -13737,7 +13737,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, break; } #endif /* HAVE_ED448 */ - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC case FALCON_LEVEL1k: { if (sigCtx->verify == 1) { @@ -13760,7 +13760,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx, } break; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ default: break; } /* switch (keyOID) */ @@ -18741,7 +18741,7 @@ wcchar END_PUB_KEY = "-----END PUBLIC KEY-----"; wcchar BEGIN_EDDSA_PRIV = "-----BEGIN EDDSA PRIVATE KEY-----"; wcchar END_EDDSA_PRIV = "-----END EDDSA PRIVATE KEY-----"; #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) wcchar BEGIN_FALCON_LEVEL1_PRIV = "-----BEGIN FALCON_LEVEL1 PRIVATE KEY-----"; wcchar END_FALCON_LEVEL1_PRIV = "-----END FALCON_LEVEL1 PRIVATE KEY-----"; wcchar BEGIN_FALCON_LEVEL5_PRIV = "-----BEGIN FALCON_LEVEL5 PRIVATE KEY-----"; @@ -18841,7 +18841,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer) ret = 0; break; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC case FALCON_LEVEL1_TYPE: if (header) *header = BEGIN_FALCON_LEVEL1_PRIV; if (footer) *footer = END_FALCON_LEVEL1_PRIV; @@ -21070,7 +21070,7 @@ int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen, } #endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) /* Encode the public part of an Falcon key in DER. * * Pass NULL for output to get the size of the encoding. @@ -21113,7 +21113,7 @@ int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output, word32 inLen, return ret; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #ifdef WOLFSSL_CERT_GEN @@ -23149,7 +23149,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if ((cert->keyType == FALCON_LEVEL1_KEY) || (cert->keyType == FALCON_LEVEL5_KEY)) { if (falconKey == NULL) @@ -23627,14 +23627,14 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, int sz, } #endif /* HAVE_ED448 && HAVE_ED448_SIGN */ - #if defined(HAVE_LIBOQS) + #if defined(HAVE_PQC) if (!rsaKey && !eccKey && !ed25519Key && !ed448Key && falconKey) { word32 outSz = sigSz; ret = wc_falcon_sign_msg(buf, sz, sig, &outSz, falconKey); if (ret == 0) ret = outSz; } - #endif /* HAVE_LIBOQS */ + #endif /* HAVE_PQC */ break; } @@ -23824,7 +23824,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED25519_KEY; else if (ed448Key) cert->keyType = ED448_KEY; -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC else if ((falconKey != NULL) && (falconKey->level == 1)) cert->keyType = FALCON_LEVEL1_KEY; else if ((falconKey != NULL) && (falconKey->level == 5)) @@ -23885,7 +23885,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED448_KEY; } else if (falconKey != NULL) { - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (falconKey->level == 1) cert->keyType = FALCON_LEVEL1_KEY; else if (falconKey->level == 5) @@ -24353,7 +24353,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey, (word32)sizeof(der->publicKey), 1); } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if ((cert->keyType == FALCON_LEVEL1_KEY) || (cert->keyType == FALCON_LEVEL5_KEY)) { if (falconKey == NULL) @@ -24626,7 +24626,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED25519_KEY; else if (ed448Key) cert->keyType = ED448_KEY; -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC else if ((falconKey != NULL) && (falconKey->level == 1)) cert->keyType = FALCON_LEVEL1_KEY; else if ((falconKey != NULL) && (falconKey->level == 5)) @@ -24686,7 +24686,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, cert->keyType = ED448_KEY; } else if (falconKey != NULL) { - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC if (falconKey->level == 1) cert->keyType = FALCON_LEVEL1_KEY; else if (falconKey->level == 5) @@ -25040,7 +25040,7 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey, bufferSz = wc_Ed448PublicKeyToDer(ed448Key, buf, MAX_PUBLIC_KEY_SZ, 0); } #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) if (falconKey != NULL) { bufferSz = wc_Falcon_PublicKeyToDer(falconKey, buf, MAX_PUBLIC_KEY_SZ, 0); @@ -28252,7 +28252,7 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx, } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx, falcon_key* key, word32 inSz) { @@ -28319,7 +28319,7 @@ int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx, } return ret; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT) int wc_Curve448PrivateKeyDecode(const byte* input, word32* inOutIdx, @@ -28386,7 +28386,7 @@ int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen) #endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) int wc_Falcon_KeyToDer(falcon_key* key, byte* output, word32 inLen) { if (key == NULL) { @@ -28425,7 +28425,7 @@ int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output, word32 inLen) return BAD_FUNC_ARG; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #if defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT) /* Write private Curve448 key to DER format, diff --git a/wolfcrypt/src/falcon.c b/wolfcrypt/src/falcon.c index a18442331..165aa5ac9 100644 --- a/wolfcrypt/src/falcon.c +++ b/wolfcrypt/src/falcon.c @@ -25,15 +25,16 @@ #include #endif -/* in case user set HAVE_LIBOQS there */ +/* in case user set HAVE_PQC there */ #include #include +#ifdef HAVE_PQC + #ifdef HAVE_LIBOQS - #include - +#endif #include #include @@ -61,6 +62,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen, falcon_key* key) { int ret = 0; +#ifdef HAVE_LIBOQS OQS_SIG *oqssig = NULL; size_t localOutLen = 0; @@ -112,7 +114,7 @@ int wc_falcon_sign_msg(const byte* in, word32 inLen, if (oqssig != NULL) { OQS_SIG_free(oqssig); } - +#endif return ret; } @@ -132,6 +134,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg, word32 msgLen, int* res, falcon_key* key) { int ret = 0; +#ifdef HAVE_LIBOQS OQS_SIG *oqssig = NULL; if (key == NULL || sig == NULL || msg == NULL || res == NULL) { @@ -168,6 +171,7 @@ int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg, if (oqssig != NULL) { OQS_SIG_free(oqssig); } +#endif return ret; } @@ -683,4 +687,4 @@ int wc_falcon_sig_size(falcon_key* key) return BAD_FUNC_ARG; } -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ diff --git a/wolfssl/certs_test.h b/wolfssl/certs_test.h index 7183fd2e2..4d42bdda0 100644 --- a/wolfssl/certs_test.h +++ b/wolfssl/certs_test.h @@ -3332,7 +3332,7 @@ static const int sizeof_dh_key_der_4096 = sizeof(dh_key_der_4096); #endif /* USE_CERT_BUFFERS_4096 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* certs/falcon/bench_falcon_level1_key.der */ static const unsigned char bench_falcon_level1_key[] = @@ -3980,7 +3980,7 @@ static const unsigned char bench_falcon_level5_key[] = }; static const int sizeof_bench_falcon_level5_key = sizeof(bench_falcon_level5_key); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 0312e517b..2a42d94c1 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -116,7 +116,7 @@ #ifdef HAVE_CURVE448 #include #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #include #endif #ifdef HAVE_HKDF @@ -1235,7 +1235,7 @@ enum Misc { HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */ SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH, /* pre RSA and all master */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC ENCRYPT_LEN = 1500, /* allow 1500 bit static buffer for falcon */ #else #if defined(WOLFSSL_MYSQL_COMPATIBLE) || \ @@ -1458,7 +1458,7 @@ enum Misc { ED448_SA_MAJOR = 8, /* Most significant byte for ED448 */ ED448_SA_MINOR = 8, /* Least significant byte for ED448 */ - OQS_SA_MAJOR = 0xFE,/* Most significant byte used with OQS sig algos + PQC_SA_MAJOR = 0xFE,/* Most significant byte used with PQC sig algos */ /* These match what OQS has defined in their OpenSSL fork. */ FALCON_LEVEL1_SA_MAJOR = 0xFE, @@ -1470,7 +1470,7 @@ enum Misc { MIN_RSA_SHA512_PSS_BITS = 512 * 2 + 8 * 8, /* Min key size */ MIN_RSA_SHA384_PSS_BITS = 384 * 2 + 8 * 8, /* Min key size */ -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) MAX_CERT_VERIFY_SZ = 1600, /* For Falcon */ #elif !defined(NO_RSA) MAX_CERT_VERIFY_SZ = WOLFSSL_MAX_RSA_BITS / 8, /* max RSA bytes */ @@ -1501,7 +1501,7 @@ enum Misc { MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */ #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) MAX_X509_SIZE = 5120, /* max static x509 buffer size; falcon is big */ #elif defined(WOLFSSL_HAPROXY) MAX_X509_SIZE = 3072, /* max static x509 buffer size */ @@ -1572,7 +1572,7 @@ enum Misc { #endif #define MIN_ECCKEY_SZ (WOLFSSL_MIN_ECC_BITS / 8) -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC /* set minimum Falcon key size allowed */ #ifndef MIN_FALCONKEY_SZ #define MIN_FALCONKEY_SZ 897 @@ -2123,7 +2123,7 @@ struct WOLFSSL_CERT_MANAGER { wolfSSL_Mutex refMutex; /* reference count mutex */ #endif int refCount; /* reference count */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC short minFalconKeySz; /* minimum allowed Falcon key size */ #endif @@ -2622,7 +2622,7 @@ typedef struct KeyShareEntry { word32 keyLen; /* Key size (bytes) */ byte* pubKey; /* Public key */ word32 pubKeyLen; /* Public key length */ -#if !defined(NO_DH) || defined(HAVE_LIBOQS) +#if !defined(NO_DH) || defined(HAVE_PQC) byte* privKey; /* Private key - DH ond PQ KEMs only */ #endif #ifdef WOLFSSL_ASYNC_CRYPT @@ -2873,7 +2873,7 @@ struct WOLFSSL_CTX { #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) short minEccKeySz; /* minimum ECC key size */ #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC short minFalconKeySz; /* minimum Falcon key size */ #endif unsigned long mask; /* store SSL_OP_ flags */ @@ -3733,7 +3733,7 @@ typedef struct Options { #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) short minEccKeySz; /* minimum ECC key size */ #endif -#if defined(HAVE_LIBOQS) +#if defined(HAVE_PQC) short minFalconKeySz; /* minimum Falcon key size */ #endif #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -3908,9 +3908,9 @@ struct WOLFSSL_X509 { int pubKeyOID; DNS_entry* altNamesNext; /* hint for retrieval */ #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \ - defined(HAVE_LIBOQS) + defined(HAVE_PQC) word32 pkCurveOID; -#endif /* HAVE_ECC || HAVE_LIBOQS */ +#endif /* HAVE_ECC || HAVE_PQC */ #ifndef NO_CERTS DerBuffer* derCert; /* may need */ #endif @@ -4318,7 +4318,7 @@ struct WOLFSSL { curve448_key* peerX448Key; byte peerX448KeyPresent; #endif -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC falcon_key* peerFalconKey; byte peerFalconKeyPresent; #endif @@ -4695,7 +4695,7 @@ extern const WOLF_EC_NIST_NAME kNistCurves[]; /* This is the longest and shortest curve name in the kNistCurves list. Note we * also have quantum-safe group names as well. */ #define kNistCurves_MIN_NAME_LEN 5 -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #define kNistCurves_MAX_NAME_LEN 32 #else #define kNistCurves_MAX_NAME_LEN 7 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 1544c5294..0b4d7866d 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -794,7 +794,7 @@ enum SNICbReturn { /* Maximum master key length (SECRET_LEN) */ #define WOLFSSL_MAX_MASTER_KEY_LENGTH 48 /* Maximum number of groups that can be set */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC #define WOLFSSL_MAX_GROUP_COUNT 36 #else #define WOLFSSL_MAX_GROUP_COUNT 10 @@ -3638,8 +3638,8 @@ enum { WOLFSSL_FFDHE_6144 = 259, WOLFSSL_FFDHE_8192 = 260, -#ifdef HAVE_LIBOQS - /* These group numbers were taken from liboqs' openssl fork, see: +#ifdef HAVE_PQC + /* These group numbers were taken from OQS's openssl fork, see: * https://github.com/open-quantum-safe/openssl/blob/OQS-OpenSSL_1_1_1-stable/ * oqs-template/oqs-kem-info.md. * @@ -3655,8 +3655,8 @@ enum { * algorithms have LEVEL2 and LEVEL4 because none of these submissions * included them. */ - WOLFSSL_OQS_MIN = 532, - WOLFSSL_OQS_SIMPLE_MIN = 532, + WOLFSSL_PQC_MIN = 532, + WOLFSSL_PQC_SIMPLE_MIN = 532, WOLFSSL_NTRU_HPS_LEVEL1 = 532, /* NTRU_HPS2048509 */ WOLFSSL_NTRU_HPS_LEVEL3 = 533, /* NTRU_HPS2048677 */ WOLFSSL_NTRU_HPS_LEVEL5 = 534, /* NTRU_HPS4096821 */ @@ -3670,9 +3670,9 @@ enum { WOLFSSL_KYBER_90S_LEVEL1 = 574, /* KYBER_90S_512 */ WOLFSSL_KYBER_90S_LEVEL3 = 575, /* KYBER_90S_768 */ WOLFSSL_KYBER_90S_LEVEL5 = 576, /* KYBER_90S_1024 */ - WOLFSSL_OQS_SIMPLE_MAX = 576, + WOLFSSL_PQC_SIMPLE_MAX = 576, - WOLFSSL_OQS_HYBRID_MIN = 12052, + WOLFSSL_PQC_HYBRID_MIN = 12052, WOLFSSL_P256_NTRU_HPS_LEVEL1 = 12052, WOLFSSL_P384_NTRU_HPS_LEVEL3 = 12053, WOLFSSL_P521_NTRU_HPS_LEVEL5 = 12054, @@ -3686,8 +3686,8 @@ enum { WOLFSSL_P256_KYBER_90S_LEVEL1 = 12094, WOLFSSL_P384_KYBER_90S_LEVEL3 = 12095, WOLFSSL_P521_KYBER_90S_LEVEL5 = 12096, - WOLFSSL_OQS_HYBRID_MAX = 12096, - WOLFSSL_OQS_MAX = 12096, + WOLFSSL_PQC_HYBRID_MAX = 12096, + WOLFSSL_PQC_MAX = 12096, #endif }; diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index fa4ef70d9..2614b4309 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1262,7 +1262,7 @@ struct SignatureCtx { #ifdef HAVE_ED448 struct ed448_key* ed448; #endif - #ifdef HAVE_LIBOQS + #ifdef HAVE_PQC struct falcon_key* falcon; #endif void* ptr; diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h index 61de72216..4c96ca3a9 100644 --- a/wolfssl/wolfcrypt/asn_public.h +++ b/wolfssl/wolfcrypt/asn_public.h @@ -640,7 +640,7 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); (defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)) || \ (defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)) || \ (defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_EXPORT)) || \ - (defined(HAVE_LIBOQS))) + (defined(HAVE_PQC))) #define WC_ENABLE_ASYM_KEY_EXPORT #endif @@ -649,7 +649,7 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz); (defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_IMPORT)) || \ (defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)) || \ (defined(HAVE_CURVE448) && defined(HAVE_CURVE448_KEY_IMPORT)) || \ - (defined(HAVE_LIBOQS))) + (defined(HAVE_PQC))) #define WC_ENABLE_ASYM_KEY_IMPORT #endif @@ -688,13 +688,13 @@ WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte*, word32, int); #endif #endif /* HAVE_ED448 */ -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC WOLFSSL_API int wc_Falcon_PrivateKeyDecode(const byte*, word32*, falcon_key*, word32); WOLFSSL_API int wc_Falcon_PublicKeyDecode(const byte*, word32*, falcon_key*, word32); WOLFSSL_API int wc_Falcon_KeyToDer(falcon_key*, byte*, word32); WOLFSSL_API int wc_Falcon_PrivateKeyToDer(falcon_key*, byte*, word32); WOLFSSL_API int wc_Falcon_PublicKeyToDer(falcon_key*, byte*, word32, int); -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448_KEY_IMPORT diff --git a/wolfssl/wolfcrypt/falcon.h b/wolfssl/wolfcrypt/falcon.h index 56c459b84..136976e3f 100644 --- a/wolfssl/wolfcrypt/falcon.h +++ b/wolfssl/wolfcrypt/falcon.h @@ -31,9 +31,11 @@ #include -#ifdef HAVE_LIBOQS +#ifdef HAVE_PQC +#ifdef HAVE_LIBOQS #include +#endif #ifdef __cplusplus extern "C" { @@ -41,6 +43,7 @@ /* Macros Definitions */ +#ifdef HAVE_LIBOQS #define FALCON_LEVEL1_KEY_SIZE OQS_SIG_falcon_512_length_secret_key #define FALCON_LEVEL1_SIG_SIZE OQS_SIG_falcon_512_length_signature #define FALCON_LEVEL1_PUB_KEY_SIZE OQS_SIG_falcon_512_length_public_key @@ -50,6 +53,7 @@ #define FALCON_LEVEL5_SIG_SIZE OQS_SIG_falcon_1024_length_signature #define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key #define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE) +#endif #define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE #define FALCON_MAX_SIG_SIZE FALCON_LEVEL5_SIG_SIZE @@ -125,5 +129,5 @@ int wc_falcon_sig_size(falcon_key* key); } /* extern "C" */ #endif -#endif /* HAVE_LIBOQS */ +#endif /* HAVE_PQC */ #endif /* WOLF_CRYPT_FALCON_H */ diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 1c7cd8afa..243df6f7c 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2585,6 +2585,11 @@ extern void uITRON4_free(void *p) ; #endif #endif +/* Enable Post-Quantum Cryptography if we have liboqs from the OpenQuantumSafe + * group */ +#ifdef HAVE_LIBOQS +#define HAVE_PQC +#endif /* --------------------------------------------------------------------------- * Depricated Algorithm Handling From 79f6301521503608258ab7a6ef820bd043627d0e Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Mon, 20 Dec 2021 12:42:09 -0500 Subject: [PATCH 10/16] Add error for case of user defining HAVE_PQC without HAVE_LIBOQS. --- wolfssl/wolfcrypt/settings.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 243df6f7c..0724489e0 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -2591,6 +2591,10 @@ extern void uITRON4_free(void *p) ; #define HAVE_PQC #endif +#if defined(HAVE_PQC) && !defined(HAVE_LIBOQS) +#error "You must have a post-quantum cryptography implementation to use PQC." +#endif + /* --------------------------------------------------------------------------- * Depricated Algorithm Handling * Unless allowed via a build macro, disable support From ebc64db7d05766f33f7f4fb008cd181ca3a72590 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 20 Dec 2021 10:17:50 -0800 Subject: [PATCH 11/16] Fix for `--enable-pkcallbacks --disable-aes --disable-aesgcm`. --- wolfssl/internal.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 0312e517b..10c88121e 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -3070,7 +3070,9 @@ struct WOLFSSL_CTX { CallbackGenSessionKey GenSessionKeyCb; /* Use generate session key handler */ CallbackEncryptKeys EncryptKeysCb;/* Use setting encrypt keys handler */ CallbackTlsFinished TlsFinishedCb; /* Use Tls finished handler */ +#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) CallbackVerifyMac VerifyMacCb; /* Use Verify mac handler */ +#endif #endif /* HAVE_PK_CALLBACKS */ #ifdef HAVE_WOLF_EVENT WOLF_EVENT_QUEUE event_queue; From d8b58b8b0530134a440fcb25ae5f673252058926 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 20 Dec 2021 11:47:34 -0800 Subject: [PATCH 12/16] Put both `DigiCert Global Root CA` and `GlobalSign Root CA` into the Google CA list. Fixes `--enable-dtls --enable-ocsp` ./scripts/ocsp.test`. --- certs/external/ca-google-root.pem | 21 +++++++++++++++++++++ scripts/ocsp.test | 2 ++ scripts/resume.test | 2 ++ 3 files changed, 25 insertions(+) diff --git a/certs/external/ca-google-root.pem b/certs/external/ca-google-root.pem index fd4341df2..cc9dd0873 100644 --- a/certs/external/ca-google-root.pem +++ b/certs/external/ca-google-root.pem @@ -20,3 +20,24 @@ PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= -----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG +A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv +b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw +MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i +YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT +aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ +jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp +xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp +1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG +snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ +U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8 +9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B +AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz +yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE +38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP +AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad +DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME +HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- diff --git a/scripts/ocsp.test b/scripts/ocsp.test index e89ecbe77..acedc254e 100755 --- a/scripts/ocsp.test +++ b/scripts/ocsp.test @@ -35,6 +35,7 @@ if [ "$OUTPUT" = "SNI is: ON" ]; then if [ $RESULT -eq 0 ]; then # client test against the server + echo "./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N -v d -S $server" ./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N -v d -S $server GL_RESULT=$? [ $GL_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed" @@ -54,6 +55,7 @@ ${SCRIPT_DIR}/ping.test $server 2 RESULT=$? if [ $RESULT -eq 0 ]; then # client test against the server + echo "./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N" ./examples/client/client -X -C -h $server -p 443 -A "$ca" -g -o -N GR_RESULT=$? [ $GR_RESULT -ne 0 ] && printf '\n\n%s\n' "Client connection failed" diff --git a/scripts/resume.test b/scripts/resume.test index f811e34b2..129f7a669 100755 --- a/scripts/resume.test +++ b/scripts/resume.test @@ -69,6 +69,7 @@ do_test() { esac remove_ready_file + echo "./examples/server/server -r -R "$ready_file" -p $resume_port" ./examples/server/server -r -R "$ready_file" -p $resume_port & server_pid=$! @@ -92,6 +93,7 @@ do_test() { # get created port 0 ephemeral port resume_port=`cat "$ready_file"` + echo "./examples/client/client $1 -r -p $resume_port" capture_out=$(./examples/client/client $1 -r -p $resume_port 2>&1) client_result=$? From c0f8fd5f5dc266ff258190c8d4a1169283ed12ac Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Mon, 20 Dec 2021 16:04:05 -0800 Subject: [PATCH 13/16] update certificate dates and fix autorenew --- certs/1024/ca-cert.der | Bin 1015 -> 1037 bytes certs/1024/ca-cert.pem | 73 +- certs/1024/client-cert.der | Bin 1030 -> 1052 bytes certs/1024/client-cert.pem | 77 +- certs/1024/server-cert.der | Bin 1003 -> 1014 bytes certs/1024/server-cert.pem | 122 +- certs/3072/client-cert.der | Bin 1547 -> 1569 bytes certs/3072/client-cert.pem | 127 +- certs/4096/client-cert.der | Bin 1803 -> 1825 bytes certs/4096/client-cert.pem | 152 +- certs/ca-cert-chain.der | Bin 1000 -> 1022 bytes certs/ca-cert.der | Bin 1261 -> 1283 bytes certs/ca-cert.pem | 97 +- certs/ca-ecc-cert.der | Bin 654 -> 665 bytes certs/ca-ecc-cert.pem | 51 +- certs/ca-ecc384-cert.der | Bin 715 -> 726 bytes certs/ca-ecc384-cert.pem | 58 +- certs/client-ca.pem | 164 +- certs/client-cert-ext.der | Bin 1292 -> 1292 bytes certs/client-cert-ext.pem | 60 +- certs/client-cert.der | Bin 1291 -> 1313 bytes certs/client-cert.pem | 102 +- certs/client-crl-dist.der | Bin 1011 -> 1011 bytes certs/client-crl-dist.pem | 54 +- certs/client-ecc-cert.der | Bin 845 -> 866 bytes certs/client-ecc-cert.pem | 62 +- certs/client-ecc384-cert.der | Bin 754 -> 754 bytes certs/client-ecc384-cert.pem | 28 +- certs/client-relative-uri.pem | 101 +- certs/client-uri-cert.pem | 99 +- certs/crl/caEcc384Crl.pem | 12 +- certs/crl/caEccCrl.pem | 10 +- certs/crl/cliCrl.pem | 58 +- certs/crl/crl.der | Bin 520 -> 520 bytes certs/crl/crl.pem | 56 +- certs/crl/crl.revoked | 60 +- certs/crl/crl2.der | Bin 520 -> 520 bytes certs/crl/crl2.pem | 110 +- certs/crl/eccCliCRL.pem | 28 +- certs/crl/eccSrvCRL.pem | 28 +- certs/crl/server-goodaltCrl.pem | 48 +- certs/crl/server-goodaltwildCrl.pem | 48 +- certs/crl/server-goodcnCrl.pem | 48 +- certs/crl/server-goodcnwildCrl.pem | 48 +- certs/ecc-privOnlyCert.pem | 14 +- certs/ecc-rsa-server.p12 | Bin 2294 -> 2302 bytes certs/ecc/bp256r1-key.der | Bin 122 -> 122 bytes certs/ecc/bp256r1-key.pem | 6 +- certs/ecc/client-bp256r1-cert.der | Bin 717 -> 718 bytes certs/ecc/client-bp256r1-cert.pem | 46 +- certs/ecc/client-secp256k1-cert.der | Bin 710 -> 711 bytes certs/ecc/client-secp256k1-cert.pem | 46 +- certs/ecc/genecc.sh | 69 +- certs/ecc/secp256k1-key.der | Bin 118 -> 118 bytes certs/ecc/secp256k1-key.pem | 6 +- certs/ecc/server-bp256r1-cert.der | Bin 898 -> 897 bytes certs/ecc/server-bp256r1-cert.pem | 52 +- certs/ecc/server-secp256k1-cert.der | Bin 887 -> 888 bytes certs/ecc/server-secp256k1-cert.pem | 52 +- certs/ed25519/ca-ed25519.der | Bin 592 -> 592 bytes certs/ed25519/ca-ed25519.pem | 20 +- certs/ed25519/client-ed25519.der | Bin 856 -> 635 bytes certs/ed25519/client-ed25519.pem | 44 +- certs/ed25519/root-ed25519.der | Bin 613 -> 613 bytes certs/ed25519/root-ed25519.pem | 22 +- certs/ed25519/server-ed25519-cert.pem | 22 +- certs/ed25519/server-ed25519.der | Bin 633 -> 633 bytes certs/ed25519/server-ed25519.pem | 42 +- certs/ed448/ca-ed448.der | Bin 659 -> 659 bytes certs/ed448/ca-ed448.pem | 28 +- certs/ed448/client-ed448.der | Bin 919 -> 919 bytes certs/ed448/client-ed448.pem | 36 +- certs/ed448/root-ed448.der | Bin 680 -> 680 bytes certs/ed448/root-ed448.pem | 32 +- certs/ed448/server-ed448-cert.pem | 28 +- certs/ed448/server-ed448.der | Bin 700 -> 700 bytes certs/ed448/server-ed448.pem | 56 +- certs/entity-no-ca-bool-cert.pem | 150 +- certs/ocsp/intermediate1-ca-cert.pem | 118 +- certs/ocsp/intermediate2-ca-cert.pem | 118 +- certs/ocsp/intermediate3-ca-cert.pem | 118 +- certs/ocsp/ocsp-responder-cert.pem | 118 +- certs/ocsp/root-ca-cert.pem | 60 +- certs/ocsp/server1-cert.pem | 174 +- certs/ocsp/server2-cert.pem | 174 +- certs/ocsp/server3-cert.pem | 174 +- certs/ocsp/server4-cert.pem | 174 +- certs/ocsp/server5-cert.pem | 174 +- certs/p521/ca-p521.der | Bin 780 -> 779 bytes certs/p521/ca-p521.pem | 42 +- certs/p521/client-p521.der | Bin 1016 -> 1037 bytes certs/p521/client-p521.pem | 71 +- certs/p521/root-p521.der | Bin 790 -> 801 bytes certs/p521/root-p521.pem | 65 +- certs/p521/server-p521-cert.pem | 40 +- certs/p521/server-p521.der | Bin 821 -> 821 bytes certs/p521/server-p521.pem | 82 +- certs/renewcerts.sh | 30 + certs/renewcerts/wolfssl.cnf | 8 + certs/server-cert-chain.der | Bin 2510 -> 2543 bytes certs/server-cert.der | Bin 1249 -> 1260 bytes certs/server-cert.pem | 169 +- certs/server-ecc-comp.der | Bin 869 -> 892 bytes certs/server-ecc-comp.pem | 63 +- certs/server-ecc-rsa.der | Bin 1059 -> 1070 bytes certs/server-ecc-rsa.pem | 72 +- certs/server-ecc-self.der | Bin 787 -> 864 bytes certs/server-ecc-self.pem | 70 +- certs/server-ecc.der | Bin 677 -> 676 bytes certs/server-ecc.pem | 32 +- certs/server-ecc384-cert.der | Bin 918 -> 932 bytes certs/server-ecc384-cert.pem | 36 +- certs/server-revoked-cert.pem | 169 +- certs/test-degenerate.p7b | Bin 1340 -> 1362 bytes certs/test-pathlen/chainA-ICA1-pathlen0.pem | 70 +- certs/test-pathlen/chainA-assembled.pem | 126 +- certs/test-pathlen/chainA-entity.pem | 56 +- certs/test-pathlen/chainB-ICA1-pathlen0.pem | 56 +- certs/test-pathlen/chainB-ICA2-pathlen1.pem | 70 +- certs/test-pathlen/chainB-assembled.pem | 184 +- certs/test-pathlen/chainB-entity.pem | 58 +- certs/test-pathlen/chainC-ICA1-pathlen1.pem | 70 +- certs/test-pathlen/chainC-assembled.pem | 126 +- certs/test-pathlen/chainC-entity.pem | 56 +- certs/test-pathlen/chainD-ICA1-pathlen127.pem | 70 +- certs/test-pathlen/chainD-assembled.pem | 126 +- certs/test-pathlen/chainD-entity.pem | 56 +- certs/test-pathlen/chainE-ICA1-pathlen128.pem | 70 +- certs/test-pathlen/chainE-assembled.pem | 126 +- certs/test-pathlen/chainE-entity.pem | 56 +- certs/test-pathlen/chainF-ICA1-pathlen1.pem | 56 +- certs/test-pathlen/chainF-ICA2-pathlen0.pem | 70 +- certs/test-pathlen/chainF-assembled.pem | 184 +- certs/test-pathlen/chainF-entity.pem | 58 +- certs/test-pathlen/chainG-ICA1-pathlen0.pem | 56 +- certs/test-pathlen/chainG-ICA2-pathlen1.pem | 56 +- certs/test-pathlen/chainG-ICA3-pathlen99.pem | 56 +- certs/test-pathlen/chainG-ICA4-pathlen5.pem | 56 +- certs/test-pathlen/chainG-ICA5-pathlen20.pem | 56 +- certs/test-pathlen/chainG-ICA6-pathlen10.pem | 56 +- certs/test-pathlen/chainG-ICA7-pathlen100.pem | 70 +- certs/test-pathlen/chainG-assembled.pem | 464 +-- certs/test-pathlen/chainG-entity.pem | 58 +- certs/test-pathlen/chainH-ICA1-pathlen0.pem | 56 +- certs/test-pathlen/chainH-ICA2-pathlen2.pem | 56 +- certs/test-pathlen/chainH-ICA3-pathlen2.pem | 56 +- certs/test-pathlen/chainH-ICA4-pathlen2.pem | 70 +- certs/test-pathlen/chainH-assembled.pem | 296 +- certs/test-pathlen/chainH-entity.pem | 58 +- certs/test-pathlen/chainI-ICA1-no_pathlen.pem | 56 +- certs/test-pathlen/chainI-ICA2-no_pathlen.pem | 56 +- certs/test-pathlen/chainI-ICA3-pathlen2.pem | 70 +- certs/test-pathlen/chainI-assembled.pem | 238 +- certs/test-pathlen/chainI-entity.pem | 56 +- certs/test-pathlen/chainJ-ICA1-no_pathlen.pem | 56 +- certs/test-pathlen/chainJ-ICA2-no_pathlen.pem | 56 +- certs/test-pathlen/chainJ-ICA3-no_pathlen.pem | 56 +- certs/test-pathlen/chainJ-ICA4-pathlen2.pem | 70 +- certs/test-pathlen/chainJ-assembled.pem | 294 +- certs/test-pathlen/chainJ-entity.pem | 56 +- certs/test-servercert-rc2.p12 | Bin 5461 -> 5517 bytes certs/test-servercert.p12 | Bin 5461 -> 5517 bytes certs/test/cert-ext-ia.der | Bin 1031 -> 1031 bytes certs/test/cert-ext-ia.pem | 18 +- certs/test/cert-ext-joi.der | Bin 1376 -> 1376 bytes certs/test/cert-ext-joi.pem | 18 +- certs/test/cert-ext-mnc.der | Bin 1097 -> 1097 bytes certs/test/cert-ext-multiple.der | Bin 1436 -> 1436 bytes certs/test/cert-ext-multiple.pem | 18 +- certs/test/cert-ext-nc.der | Bin 1081 -> 1081 bytes certs/test/cert-ext-nc.pem | 18 +- certs/test/cert-ext-ncdns.der | Bin 1095 -> 1095 bytes certs/test/cert-ext-ncmixed.der | Bin 1092 -> 1092 bytes certs/test/cert-ext-nct.der | Bin 1052 -> 1052 bytes certs/test/cert-ext-nct.pem | 18 +- certs/test/cert-ext-ndir-exc.der | Bin 1281 -> 1281 bytes certs/test/cert-ext-ndir-exc.pem | 18 +- certs/test/cert-ext-ndir.der | Bin 1260 -> 1260 bytes certs/test/cert-ext-ndir.pem | 20 +- certs/test/digsigku.pem | 33 +- certs/test/gen-ext-certs.sh | 6 + certs/test/ktri-keyid-cms.msg | Bin 379 -> 379 bytes certs/test/server-badaltname.der | Bin 950 -> 950 bytes certs/test/server-badaltname.pem | 54 +- certs/test/server-badaltnull.der | Bin 983 -> 983 bytes certs/test/server-badaltnull.pem | 54 +- certs/test/server-badcn.der | Bin 918 -> 918 bytes certs/test/server-badcn.pem | 56 +- certs/test/server-badcnnull.der | Bin 984 -> 984 bytes certs/test/server-badcnnull.pem | 54 +- certs/test/server-cert-ecc-badsig.der | Bin 677 -> 676 bytes certs/test/server-cert-ecc-badsig.pem | 32 +- certs/test/server-cert-rsa-badsig.der | Bin 1249 -> 1260 bytes certs/test/server-cert-rsa-badsig.pem | 169 +- certs/test/server-duplicate-policy.pem | 171 +- certs/test/server-garbage.der | Bin 928 -> 928 bytes certs/test/server-garbage.pem | 54 +- certs/test/server-goodalt.der | Bin 944 -> 944 bytes certs/test/server-goodalt.pem | 54 +- certs/test/server-goodaltwild.der | Bin 945 -> 945 bytes certs/test/server-goodaltwild.pem | 54 +- certs/test/server-goodcn.der | Bin 904 -> 904 bytes certs/test/server-goodcn.pem | 54 +- certs/test/server-goodcnwild.der | Bin 906 -> 906 bytes certs/test/server-goodcnwild.pem | 54 +- certs/test/server-localhost.der | Bin 930 -> 930 bytes certs/test/server-localhost.pem | 54 +- tests/api.c | 315 +- wolfssl/certs_test.h | 2783 ++++++++--------- wolfssl/wolfcrypt/asn.h | 6 +- 210 files changed, 6798 insertions(+), 6818 deletions(-) diff --git a/certs/1024/ca-cert.der b/certs/1024/ca-cert.der index 1b1d9a12be43a3dbccc3784d44bce736e2959420..93f253bae4e380348c3f57b39f342fc5f9e14674 100644 GIT binary patch delta 260 zcmey)-piqE(8R)N(8OG{fSHMriAh9bVt7M-h1|?G>%Y=d|FAuhP1+99jBb-PnG|_$vN4CsDzh|RG-y0GIgDwi zC{|M^OESmR^UYs&ApiW5_%~h>zUfkZ=4a+kzhgM(#!-%fKcVR=_V3*rm_y=nCjQ!0 zC@(az|7YO+z_b4&_q^S{=5bB1NAcO#j!(*~R_1UTWK}Op)00{&6u08N+)DcoKV4E( s_|7h2(8T=NpouwV0W%XL6B8%HbXjA;7Y=z-Cn|50G%zwWFtjwWG&PPA=QT1m zG&C@Wa5uhnVq~>9XkxUUY{I0-bB>KUR92a#@t8s5;mL_iJGl_XOx9f9X z`qc2Q?6;8eKMukRqyNsUmHEr!U-NF#qJ~f#do7v0R^~!{e}fXzB(HjZGYwcAdAUA! c>h&;zV{IB=@^Wwa$!vMa?ejK?KZTJE0N?RgHvj+t diff --git a/certs/1024/ca-cert.pem b/certs/1024/ca-cert.pem index 20c69ae6c..5aeb3fea8 100644 --- a/certs/1024/ca-cert.pem +++ b/certs/1024/ca-cert.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 10888915626055724693 (0x971d3311e8406e95) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 28:91:57:80:6f:78:1e:99:86:3b:fd:1b:95:fc:06:e2:1d:62:b2:14 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + RSA Public-Key: (1024 bit) Modulus: 00:cd:ac:dd:47:ec:be:b7:24:c3:63:1b:54:98:79: e1:c7:31:16:59:d6:9d:77:9d:8d:e2:8b:ed:04:17: @@ -28,7 +29,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:97:1D:33:11:E8:40:6E:95 + serial:28:91:57:80:6F:78:1E:99:86:3B:FD:1B:95:FC:06:E2:1D:62:B2:14 X509v3 Basic Constraints: CA:TRUE @@ -37,35 +38,35 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 4e:b1:39:6a:23:a3:65:17:14:b6:52:2e:86:46:d5:4f:7c:d5: - 6c:bb:fa:66:b1:71:54:a1:ad:0e:a2:b7:ba:59:65:8b:d5:87: - 5d:51:d0:65:de:74:04:80:7c:da:3a:52:57:7a:1d:5d:46:7a: - 06:79:75:e5:31:dd:1d:f6:54:77:fc:40:13:a1:5b:fd:9e:7d: - 1c:fd:04:4f:7c:ee:92:a2:80:55:3c:3f:2a:1c:bd:3a:37:12: - 0e:fd:52:60:66:19:d5:4b:f6:35:50:a3:59:d3:7f:6d:95:d7: - 56:10:c6:86:28:f4:6e:6d:da:4e:1c:b4:e9:0b:4c:ed:62:0f: - 64:06 + 0e:9f:a6:c0:6f:cf:a4:5f:ec:4a:18:4d:67:1a:8e:37:cc:9d: + 97:dc:31:9c:d8:c5:08:70:fc:55:67:24:3f:ef:47:80:03:54: + 5e:6c:91:fa:ba:71:1f:12:91:8f:f9:51:df:51:cd:ff:59:bc: + ed:b7:ac:e3:7c:53:48:73:cd:85:88:f2:23:aa:a9:6c:09:30: + 6a:7b:a2:66:2e:1a:ad:12:5e:a8:ef:1e:a9:3f:f0:f9:44:64: + 24:1e:0e:80:92:20:37:f9:e2:4f:d6:65:e3:ba:b3:55:99:ad: + 0e:ca:7a:4c:3d:42:f6:7f:c7:23:6a:15:ae:b2:88:6e:45:a0: + a8:8e -----BEGIN CERTIFICATE----- -MIID8zCCA1ygAwIBAgIJAJcdMxHoQG6VMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G -A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE -AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1M1oXDTIzMTEwNzE5NDk1M1owgZkxCzAJBgNVBAYT -AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK -DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93 -d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w -gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW -nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i -gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq -1OWIGLMRL3PA1ikJAgMBAAGjggE/MIIBOzAdBgNVHQ4EFgQU0yKPKCzgBe7T7cNx -PcmyNjodv6gwgc4GA1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+k -gZwwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +MIIECTCCA3KgAwIBAgIUKJFXgG94HpmGO/0blfwG4h1ishQwDQYJKoZIhvcNAQEL +BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu -Zm9Ad29sZnNzbC5jb22CCQCXHTMR6EBulTAMBgNVHRMEBTADAQH/MBwGA1UdEQQV -MBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF -BQcDAjANBgkqhkiG9w0BAQsFAAOBgQBOsTlqI6NlFxS2Ui6GRtVPfNVsu/pmsXFU -oa0Oore6WWWL1YddUdBl3nQEgHzaOlJXeh1dRnoGeXXlMd0d9lR3/EAToVv9nn0c -/QRPfO6SooBVPD8qHL06NxIO/VJgZhnVS/Y1UKNZ039tlddWEMaGKPRubdpOHLTp -C0ztYg9kBg== +Zm9Ad29sZnNzbC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCB +mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx +GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 +b2xmc3NsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzazdR+y+tyTD +YxtUmHnhxzEWWdadd52N4ovtBBeyxuvkm5G+MVBil1i1fynes3EkC7+XCX8m3C3s +qC6yZCt6KzUZLaKAy5n9lHEbI41U2y5ijYEILfQkcids+cmO20x1upsB+D8Y9OZ/ ++1eUksyIxLQAwqrU5YgYsxEvc8DWKQkCAwEAAaOCAUowggFGMB0GA1UdDgQWBBTT +Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9 +ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx +EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D +b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG +SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUKJFXgG94HpmGO/0blfwG4h1ishQw +DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV +HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEADp+m +wG/PpF/sShhNZxqON8ydl9wxnNjFCHD8VWckP+9HgANUXmyR+rpxHxKRj/lR31HN +/1m87bes43xTSHPNhYjyI6qpbAkwanuiZi4arRJeqO8eqT/w+URkJB4OgJIgN/ni +T9Zl47qzVZmtDsp6TD1C9n/HI2oVrrKIbkWgqI4= -----END CERTIFICATE----- diff --git a/certs/1024/client-cert.der b/certs/1024/client-cert.der index 01d6c63c3973c7a22bac58ab0d419f7868befe2e..9e7b2ef08aed7e732ecdf6b53e8abd9990452e95 100644 GIT binary patch delta 273 zcmZqUn8TrL(8MBP(8S!hfSHMriAf}}XMK~%l)wWsF0Zg&JfT%#`mQ92i4xnS42_Ho zjEoJ;jZC7%d5ugAEDcSe+{rae3nzCnF6H+(Xkzp>kY!^ImE~g*W0{=DB+6&dcn`!^ zW@)@;(0F-r0@FTGtX53cV2-O_qJK14$@J%8#htCzwM+UIe4eAN_1Ls3$zP^8@!P*v z*7c#{2ZUew_HirR)vWpBG27iXkM-w#`9B5gxnc|=@_YkzC*P}+7TEN5QQW?TJ(&sS zFE*Ss_4m^{JMZN^(+{mP98X%N@C7O6x!#X>`Cw|GlJCQJPb0#s3p))v;~%u#X7mOC DywGcd delta 239 zcmbQk(Z(TR(8R)I(8Qd*fSHMriHVcpsN{r&CmH#7PE_6|Wng4zU}$M#X=)TD&TC|B zXlP&#8xO#(g zZqB&{4|8|-d$Fc`*XiZE_ET<~R^Qv8hczzyBSUWK8u~t~ymaBlmh;hKTw)9NCC$%K zajV{OcSmpizmIE@raUk?=M!mlH0qhd)r2~Q*tgD;E`NUY;9~fRbB>j_8y$~*;4{6F iKPf`@+NL)jJO1aMO1|dRE3izNt$fzi)pJwa7?}VwsAFLO diff --git a/certs/1024/client-cert.pem b/certs/1024/client-cert.pem index 2262c8d5d..b581f181d 100644 --- a/certs/1024/client-cert.pem +++ b/certs/1024/client-cert.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 14202541924425994169 (0xc51990a1c9010fb9) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 61:8c:af:82:14:94:51:c0:98:d3:a8:3b:a3:90:85:20:97:ba:62:18 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_1024, OU = Programming-1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_1024, OU = Programming-1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + RSA Public-Key: (1024 bit) Modulus: 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55: 99:21:f9:c8:ec:b3:6d:48:e5:35:35:75:77:37:ec: @@ -28,7 +29,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_1024/OU=Programming-1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:C5:19:90:A1:C9:01:0F:B9 + serial:61:8C:AF:82:14:94:51:C0:98:D3:A8:3B:A3:90:85:20:97:BA:62:18 X509v3 Basic Constraints: CA:TRUE @@ -37,35 +38,35 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 30:ce:46:43:6d:70:e1:6d:bb:8f:4a:05:64:f7:2c:8d:0e:d6: - f9:1e:b6:2a:8e:ed:52:e1:7c:44:bf:59:54:da:2d:31:4d:e6: - 79:d2:d0:d8:b4:cf:5b:16:0a:16:a1:be:62:9f:6c:24:46:7b: - b8:dd:b8:8d:7f:fe:f1:ac:62:94:e0:34:ce:4c:59:3a:c5:5a: - e6:40:d5:60:7e:20:5d:ed:43:92:d3:f3:ea:e0:d1:57:c8:ce: - 41:79:db:81:41:c6:f0:0e:35:d4:6f:92:58:2d:d6:b2:ec:f1: - 88:ff:6d:ca:63:d6:4a:8d:10:a6:23:06:77:9a:d5:ab:9d:64: - 46:02 + a4:2f:c5:53:22:35:f9:c3:21:b9:85:3b:7d:a4:8e:a0:f3:9c: + 2b:2a:e3:35:7a:62:4f:1c:73:61:f6:fe:85:05:af:55:17:c0: + 13:ea:4d:8e:0b:20:dd:29:7c:fc:48:9b:47:3d:6e:05:f9:9f: + 1f:fc:70:af:0a:5c:30:58:6e:4d:51:2d:93:de:7e:1b:10:b2: + ed:a2:5e:be:a1:8c:69:60:37:e8:b0:c9:35:4f:4e:2a:cd:9e: + e9:de:35:f0:85:98:41:c9:39:64:0e:52:21:6e:45:df:58:e9: + e0:95:51:22:4d:e1:ee:e5:58:57:7b:71:89:31:89:5f:e0:84: + db:4b -----BEGIN CERTIFICATE----- -MIIEAjCCA2ugAwIBAgIJAMUZkKHJAQ+5MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG -A1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0xMDI0MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s -ZnNzbC5jb20wHhcNMjEwMjEwMTk0OTUyWhcNMjMxMTA3MTk0OTUyWjCBnjELMAkG -A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT -BgNVBAoMDHdvbGZTU0xfMTAyNDEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMTAyNDEY -MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8cw6oSfN0oqnv -GKXaVZkh+cjss21I5TU1dXc37NFhkF8+2eTV35TKwanXGdqGyehNxGE2gv6rrX53 -JbuNEaW8YjqoOMw5ogRmtPf386raTQIOu16NaUjcd8koDiLpa6Qmukzowf1Kbysf -74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQABo4IBRDCCAUAwHQYDVR0OBBYEFIFp -D/jf3c80KdVndXGFx3UQaVnsMIHTBgNVHSMEgcswgciAFIFpD/jf3c80KdVndXGF -x3UQaVnsoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQ -MA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQL -DBBQcm9ncmFtbWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd -BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDFGZChyQEPuTAMBgNVHRME -BTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQG -CCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOBgQAwzkZDbXDhbbuP -SgVk9yyNDtb5HrYqju1S4XxEv1lU2i0xTeZ50tDYtM9bFgoWob5in2wkRnu43biN -f/7xrGKU4DTOTFk6xVrmQNVgfiBd7UOS0/Pq4NFXyM5BeduBQcbwDjXUb5JYLday -7PGI/23KY9ZKjRCmIwZ3mtWrnWRGAg== +MIIEGDCCA4GgAwIBAgIUYYyvghSUUcCY06g7o5CFIJe6YhgwDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzEwMjQxGTAXBgNVBAsMEFByb2dyYW1t +aW5nLTEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0yNDA5MTUyMzA3 +MjRaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFt +bWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +ALxzDqhJ83Siqe8YpdpVmSH5yOyzbUjlNTV1dzfs0WGQXz7Z5NXflMrBqdcZ2obJ +6E3EYTaC/qutfnclu40RpbxiOqg4zDmiBGa09/fzqtpNAg67Xo1pSNx3ySgOIulr +pCa6TOjB/UpvKx/viq72kGLlZB7rKzxnyNwnAPaRaGWpAgMBAAGjggFPMIIBSzAd +BgNVHQ4EFgQUgWkP+N/dzzQp1Wd1cYXHdRBpWewwgd4GA1UdIwSB1jCB04AUgWkP ++N/dzzQp1Wd1cYXHdRBpWeyhgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQI +DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzEw +MjQxGTAXBgNVBAsMEFByb2dyYW1taW5nLTEwMjQxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUYYyvghSU +UcCY06g7o5CFIJe6YhgwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl +LmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZI +hvcNAQELBQADgYEApC/FUyI1+cMhuYU7faSOoPOcKyrjNXpiTxxzYfb+hQWvVRfA +E+pNjgsg3Sl8/EibRz1uBfmfH/xwrwpcMFhuTVEtk95+GxCy7aJevqGMaWA36LDJ +NU9OKs2e6d418IWYQck5ZA5SIW5F31jp4JVRIk3h7uVYV3txiTGJX+CE20s= -----END CERTIFICATE----- diff --git a/certs/1024/server-cert.der b/certs/1024/server-cert.der index 73ed3efb76957a224ccf6215294a07bc7acafc10..45cbba7d9941fe2ca8d32993769bf675283bd237 100644 GIT binary patch delta 229 zcmaFO{*9f(po#gDK@)TIM2?-3hDJsPM#cu_My65XyhbJlmWHMf?#5eojI3S;O^j}n zWtkLtZn80l$||!oUNmStH`$A6r>Ka=#PEjv3b~nW)_fJ@*rFPfIU#I{y-u zdzBwxC!O$b&;8ktEqL#q7ni!mF6Fr7$Qo;bHKB>?{~ZrLuX!xG>SXGz!&8`QR>g@e hPC1tmS2FQvcf!{FbCbCRuR4^}rU=cj7BFP|3jjvaTz>!n delta 218 zcmeyy{+gY`po#gpK@)SpM2?-321bSkhL$Flrp8g?yhg@`h6d&k?#5eojI8zsO^nu) zWtkLt&ap9v$||!o9y4e>JlTtBCl@EfbXjA;7Y=z-CrdEL)vI&)arEpezQFqF)z845 zI!zJfzIn6$xaA9EMBZHRDp+!_M(4xnay~oc_VN49l`RVwH=KH?VIRwdLoZ_RO>-alfBUsB6OuDl WIObn4SIa-aw{?N&+@;SLF986^16T0? diff --git a/certs/1024/server-cert.pem b/certs/1024/server-cert.pem index dc8fda4ef..000333f41 100644 --- a/certs/1024/server-cert.pem +++ b/certs/1024/server-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + RSA Public-Key: (1024 bit) Modulus: 00:aa:3e:a5:9c:d3:17:49:65:43:de:d0:f3:4b:1c: db:49:0c:fc:7a:65:05:6d:de:6a:c4:e4:73:2c:8a: @@ -28,7 +28,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:97:1D:33:11:E8:40:6E:95 + serial:28:91:57:80:6F:78:1E:99:86:3B:FD:1B:95:FC:06:E2:1D:62:B2:14 X509v3 Basic Constraints: CA:TRUE @@ -37,50 +37,52 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 27:0a:4e:08:8c:ba:73:d0:05:f2:ea:f9:51:8c:7e:29:14:23: - 8e:9e:9a:fc:46:6f:10:68:59:d9:a0:ea:53:19:bd:28:89:e1: - 97:1e:4c:b8:1e:be:0f:4d:9d:1d:76:57:17:31:95:c2:80:be: - 04:d0:c2:e9:5c:e0:f4:81:3f:c4:b0:c5:86:ae:58:68:b9:ae: - 0f:88:e8:63:6f:b9:08:f1:1b:56:90:fb:1f:2e:cc:e5:69:1f: - 7c:02:4f:ed:b0:45:7c:2d:a8:59:11:a5:95:51:c7:50:d8:89: - c2:90:63:68:a8:41:6f:d0:37:26:6f:c8:0e:b5:a0:15:9d:a5: - e6:d2 + 22:80:e9:9f:1c:36:d8:96:d9:8f:2c:7b:af:6e:cc:f8:b5:b4: + 59:ac:05:45:b9:01:00:b9:82:23:82:7a:a5:30:3c:55:09:01: + e1:14:a0:fc:88:2e:47:c8:5e:e5:75:d2:89:43:fa:13:1e:ea: + 6f:50:3e:1b:60:fe:bc:df:9b:e3:38:0d:dd:cf:17:1a:d6:07: + 1a:41:a4:c4:ac:3b:10:ac:55:61:af:fe:c7:53:cf:29:c6:5b: + 7a:c9:65:da:c3:94:02:7c:aa:5e:16:a3:64:ce:68:5e:74:91: + c5:8b:60:b5:bf:9d:63:0b:11:d5:40:74:7d:64:12:98:3b:10: + 31:fd -----BEGIN CERTIFICATE----- -MIID5zCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCVVMx +MIID8jCCA1ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0y -MTAyMTAxOTQ5NTNaFw0yMzExMDcxOTQ5NTNaMIGVMQswCQYDVQQGEwJVUzEQMA4G +MTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGVMQswCQYDVQQGEwJVUzEQMA4G A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT TDEVMBMGA1UECwwMU3VwcG9ydF8xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBAKo+pZzTF0llQ97Q80sc20kM/HplBW3easTkcyyKloKP I6UGcRwGPi+SjQspNEVZ6am8YdckN121xDeNumey7wMn+sG0zWsAZrTWc3AfCDrM d63p+TTU86AtqedYqcBhhLbsPQqt/VyGc6prR9iLLlhLaRKCJlXmFL9VcIj++XXh -AgMBAAGjggE/MIIBOzAdBgNVHQ4EFgQU2Tw16nQOI76c/PopkAnB54QWn3wwgc4G -A1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+kgZwwgZkxCzAJBgNV +AgMBAAGjggFKMIIBRjAdBgNVHQ4EFgQU2Tw16nQOI76c/PopkAnB54QWn3wwgdkG +A1UdIwSB0TCBzoAU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+kgZwwgZkxCzAJBgNV BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYD VQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQD DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j -b22CCQCXHTMR6EBulTAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUu -Y29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG -9w0BAQsFAAOBgQAnCk4IjLpz0AXy6vlRjH4pFCOOnpr8Rm8QaFnZoOpTGb0oieGX -Hky4Hr4PTZ0ddlcXMZXCgL4E0MLpXOD0gT/EsMWGrlhoua4PiOhjb7kI8RtWkPsf -LszlaR98Ak/tsEV8LahZEaWVUcdQ2InCkGNoqEFv0Dcmb8gOtaAVnaXm0g== +b22CFCiRV4BveB6Zhjv9G5X8BuIdYrIUMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUw +E4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF +BwMCMA0GCSqGSIb3DQEBCwUAA4GBACKA6Z8cNtiW2Y8se69uzPi1tFmsBUW5AQC5 +giOCeqUwPFUJAeEUoPyILkfIXuV10olD+hMe6m9QPhtg/rzfm+M4Dd3PFxrWBxpB +pMSsOxCsVWGv/sdTzynGW3rJZdrDlAJ8ql4Wo2TOaF50kcWLYLW/nWMLEdVAdH1k +Epg7EDH9 -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) - Serial Number: 10888915626055724693 (0x971d3311e8406e95) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 28:91:57:80:6f:78:1e:99:86:3b:fd:1b:95:fc:06:e2:1d:62:b2:14 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) + RSA Public-Key: (1024 bit) Modulus: 00:cd:ac:dd:47:ec:be:b7:24:c3:63:1b:54:98:79: e1:c7:31:16:59:d6:9d:77:9d:8d:e2:8b:ed:04:17: @@ -98,7 +100,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:97:1D:33:11:E8:40:6E:95 + serial:28:91:57:80:6F:78:1E:99:86:3B:FD:1B:95:FC:06:E2:1D:62:B2:14 X509v3 Basic Constraints: CA:TRUE @@ -107,35 +109,35 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 4e:b1:39:6a:23:a3:65:17:14:b6:52:2e:86:46:d5:4f:7c:d5: - 6c:bb:fa:66:b1:71:54:a1:ad:0e:a2:b7:ba:59:65:8b:d5:87: - 5d:51:d0:65:de:74:04:80:7c:da:3a:52:57:7a:1d:5d:46:7a: - 06:79:75:e5:31:dd:1d:f6:54:77:fc:40:13:a1:5b:fd:9e:7d: - 1c:fd:04:4f:7c:ee:92:a2:80:55:3c:3f:2a:1c:bd:3a:37:12: - 0e:fd:52:60:66:19:d5:4b:f6:35:50:a3:59:d3:7f:6d:95:d7: - 56:10:c6:86:28:f4:6e:6d:da:4e:1c:b4:e9:0b:4c:ed:62:0f: - 64:06 + 0e:9f:a6:c0:6f:cf:a4:5f:ec:4a:18:4d:67:1a:8e:37:cc:9d: + 97:dc:31:9c:d8:c5:08:70:fc:55:67:24:3f:ef:47:80:03:54: + 5e:6c:91:fa:ba:71:1f:12:91:8f:f9:51:df:51:cd:ff:59:bc: + ed:b7:ac:e3:7c:53:48:73:cd:85:88:f2:23:aa:a9:6c:09:30: + 6a:7b:a2:66:2e:1a:ad:12:5e:a8:ef:1e:a9:3f:f0:f9:44:64: + 24:1e:0e:80:92:20:37:f9:e2:4f:d6:65:e3:ba:b3:55:99:ad: + 0e:ca:7a:4c:3d:42:f6:7f:c7:23:6a:15:ae:b2:88:6e:45:a0: + a8:8e -----BEGIN CERTIFICATE----- -MIID8zCCA1ygAwIBAgIJAJcdMxHoQG6VMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G -A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE -AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1M1oXDTIzMTEwNzE5NDk1M1owgZkxCzAJBgNVBAYT -AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK -DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93 -d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w -gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW -nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i -gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq -1OWIGLMRL3PA1ikJAgMBAAGjggE/MIIBOzAdBgNVHQ4EFgQU0yKPKCzgBe7T7cNx -PcmyNjodv6gwgc4GA1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+k -gZwwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +MIIECTCCA3KgAwIBAgIUKJFXgG94HpmGO/0blfwG4h1ishQwDQYJKoZIhvcNAQEL +BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu -Zm9Ad29sZnNzbC5jb22CCQCXHTMR6EBulTAMBgNVHRMEBTADAQH/MBwGA1UdEQQV -MBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF -BQcDAjANBgkqhkiG9w0BAQsFAAOBgQBOsTlqI6NlFxS2Ui6GRtVPfNVsu/pmsXFU -oa0Oore6WWWL1YddUdBl3nQEgHzaOlJXeh1dRnoGeXXlMd0d9lR3/EAToVv9nn0c -/QRPfO6SooBVPD8qHL06NxIO/VJgZhnVS/Y1UKNZ039tlddWEMaGKPRubdpOHLTp -C0ztYg9kBg== +Zm9Ad29sZnNzbC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCB +mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx +GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 +b2xmc3NsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzazdR+y+tyTD +YxtUmHnhxzEWWdadd52N4ovtBBeyxuvkm5G+MVBil1i1fynes3EkC7+XCX8m3C3s +qC6yZCt6KzUZLaKAy5n9lHEbI41U2y5ijYEILfQkcids+cmO20x1upsB+D8Y9OZ/ ++1eUksyIxLQAwqrU5YgYsxEvc8DWKQkCAwEAAaOCAUowggFGMB0GA1UdDgQWBBTT +Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9 +ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx +EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D +b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG +SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUKJFXgG94HpmGO/0blfwG4h1ishQw +DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV +HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEADp+m +wG/PpF/sShhNZxqON8ydl9wxnNjFCHD8VWckP+9HgANUXmyR+rpxHxKRj/lR31HN +/1m87bes43xTSHPNhYjyI6qpbAkwanuiZi4arRJeqO8eqT/w+URkJB4OgJIgN/ni +T9Zl47qzVZmtDsp6TD1C9n/HI2oVrrKIbkWgqI4= -----END CERTIFICATE----- diff --git a/certs/3072/client-cert.der b/certs/3072/client-cert.der index 693acbcc2393d5c51ea476b84a5b408c86758602..3794da5ddbc984f69f897ff02a360891682d8024 100644 GIT binary patch delta 525 zcmeC?S;(Vo(8MNd(8SWZfSHMriAkis`>zy}A4_l#uhW^{mwWChOPG33l-MR^Xk=ty zWNct=WD+ILYh+?zX=n=NPHtdcxVe*YB_pf9K@+3*WOHUk-g|7!p|Z*>jn@nsFE>nf zWEP!V#k@iktKpM%SmNuQ?`)1~I#TZa;HLKOqh4pKxaZt*i970aXHWjW(mz5HjEOe6 zu?D{BDpTydF5g&gBpi`MztO>kBJq_jJ0Hp|4@e-n95<$kP~ zGB13!-nW^zW`#ayZ)fb8RWo7jr#(9QQH#%aAPWg?(=OtjJbhXcKQE z=A!cP``wB|f49A#aPaS@rQxD1+a}ltukd@|sl>@)dTYH-&qZ$ywRsnr*)^ta^WNzA zX^Os&^=95F*=JP$M7f7Q&E4C_^itCPNgzkmiQhSl4{E!n&XZpDknfg_T;?ak6JJ*q zE!oN#`+teHu8c`h!;0eg8OwSz_2a8w)YngJZ$FxN_W0ono>jqizhe9JSq060AK1`- zziVIgT4!(m@>iK>-x_}Rn8ta1VoGv{(&HUEMKdOuXmR~xbN{wh)l*1P);It8+9@2` z)>)UX&y3SA7o6y3UL70KXp_fzXR1<%%H5XloepJzL5;^8<4<6`p delta 510 zcmZ3;)6FAc(8R`W(8Q9zfSHMriHVb8$%9p&H3KZWCMs`}GB7eUFtjwWG&PD6=QT1m zG&C@Wawm5)FWfwZaU~jWNz?2RCtlaea`0MIsQprRzf<2tL$!JWAuOA|^ixU8GVZ&mZ<-K%^yE5~)&F>ISn91?dT;xVsfYzT?Q|c{)td`qw1;;%QmSQ-yW>wvH&Wwr#!Q$1m5&xLyKWljv z7~#;g^#5|5S58ZPwpqtyuRb5v)$_*Y!@A3-_&5vCS57NR_ExF-TzM+9^yH=`Av;~(9jP|Q-fyU=aaQ{%)RL|Jq1LAUPWlq@&QgXpsaI#E z&fgMDIkQ(l?R~cN=0-*nj=9V??ym;` D?BU%c diff --git a/certs/3072/client-cert.pem b/certs/3072/client-cert.pem index 989763628..0454843ce 100644 --- a/certs/3072/client-cert.pem +++ b/certs/3072/client-cert.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 11880683778350266762 (0xa4e0aaf32950398a) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_3072, OU=Programming-3072, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 7f:8b:fd:1a:02:4e:04:53:8c:0d:42:cc:8d:e9:bc:de:23:18:35:4b + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_3072, OU=Programming-3072, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (3072 bit) + RSA Public-Key: (3072 bit) Modulus: 00:ac:39:50:68:8f:78:f8:10:9b:68:96:d3:e1:9c: 56:68:5a:41:62:e3:b3:41:b0:55:80:17:b0:88:16: @@ -45,7 +46,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:3D:D1:84:C2:AF:B0:20:49:BC:74:87:41:38:AB:BA:D2:D4:0C:A3:A8 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_3072/OU=Programming-3072/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:A4:E0:AA:F3:29:50:39:8A + serial:7F:8B:FD:1A:02:4E:04:53:8C:0D:42:CC:8D:E9:BC:DE:23:18:35:4B X509v3 Basic Constraints: CA:TRUE @@ -54,60 +55,60 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 57:21:c0:ad:6e:16:74:d5:b1:8b:19:55:49:7a:a4:5e:d6:18: - f9:03:80:4b:c2:71:d1:04:47:9c:b3:73:9c:4f:62:4a:3a:9a: - d4:48:e4:81:db:8d:15:df:5d:0f:08:13:28:28:d7:05:44:c1: - b9:6d:f1:75:60:74:d0:44:ae:91:0f:3a:7c:f4:ee:ea:6f:06: - 3a:41:ae:6b:5c:8a:0d:85:6b:b3:fb:b1:5f:70:f7:9b:32:57: - fb:c4:6b:ce:90:86:0c:96:8a:41:4e:61:f3:a1:3f:55:e8:94: - 56:12:6d:9e:46:2c:31:bd:3f:8a:70:c8:20:a4:fb:fa:c6:53: - 58:bb:05:28:ba:89:0c:b1:5f:21:ac:1e:f1:35:fd:6b:14:c1: - 69:08:e9:37:14:d8:76:50:2a:fc:aa:94:7f:39:52:3a:a7:3c: - 0a:53:5e:e0:13:1a:00:ca:ac:aa:7e:f7:09:68:78:60:11:73: - ab:7d:58:fe:03:9f:e6:84:ea:51:58:40:82:a5:ff:a7:2c:ea: - 42:a5:4c:b6:3b:5c:6b:ab:cf:56:8a:8c:ec:3c:f0:ae:d3:ca: - 0e:09:71:cf:79:96:72:63:4b:24:7a:f3:79:ca:69:75:c9:b2: - a4:54:b8:84:40:2b:8f:24:27:6a:ed:8f:53:e0:55:9b:35:91: - 18:11:cf:b0:3b:b8:65:3c:c6:ef:b0:78:7c:43:26:f1:12:84: - 6b:2b:f0:7d:3c:7f:dc:67:a4:17:89:75:00:86:1a:ea:cd:1a: - cf:da:11:64:cc:bd:10:26:ef:6b:1b:93:b3:37:14:7f:12:80: - 81:b6:fd:8a:8a:d8:95:5f:f9:1e:a5:1e:65:5f:75:8d:90:2a: - 0d:b1:ab:26:16:31:b2:06:64:6f:2b:7e:4a:f4:de:e9:7a:ec: - 67:35:f3:40:71:75:37:b3:e1:1d:ef:7d:e2:92:ec:d5:e5:bb: - 99:79:50:11:b2:8a:57:1b:30:2e:b7:16:4c:c8:a6:99:b1:01: - 34:08:9d:d8:df:af + 43:dc:b3:5c:82:c4:77:4b:e0:d9:2b:bb:c5:4a:cc:7a:0b:9c: + da:44:5e:c5:42:dc:bc:6f:fe:75:fc:12:18:01:61:3c:6d:5d: + 30:4d:67:24:94:3e:4a:d3:da:a8:ba:b7:db:3c:e9:bd:bf:8f: + e8:be:81:9a:e4:bf:94:a2:ae:4d:3e:90:45:27:f2:22:bb:6a: + 9b:04:91:db:fd:61:0c:ca:6d:f1:78:94:9e:57:ab:2e:f6:99: + da:9a:55:e7:07:87:01:8c:9a:7c:90:ad:f2:bc:2c:2f:5a:a3: + cc:c9:e2:ec:67:a9:1f:b7:2c:7b:b5:b4:ae:56:f3:86:f3:21: + 06:71:3c:5f:3c:16:44:24:f1:f7:dd:78:c2:fd:b6:ef:90:c1: + fd:b2:a5:57:15:04:b6:90:3f:53:a8:4e:e0:49:22:09:08:35: + da:af:2c:8c:d1:4b:28:26:9e:d1:03:07:28:95:b6:4b:b1:41: + f2:94:2f:4c:3b:b3:0d:94:6b:cc:25:fc:5a:47:57:e5:6d:bd: + 8e:02:e9:19:3f:e4:51:08:5a:c8:fb:6c:01:e0:7d:8a:95:9e: + 1b:a6:e1:0e:da:3c:1e:69:f2:31:c8:f5:aa:72:a4:b5:01:5d: + ff:a4:2b:2d:1c:34:72:80:a8:73:5f:98:a6:8d:69:2f:5f:7b: + e8:7f:91:87:87:c5:61:cd:c7:c3:78:0c:aa:53:3e:fa:5d:8e: + 2f:05:11:36:fb:c0:b0:87:df:8a:be:5b:ad:43:4b:0f:77:ea: + 69:cd:ed:31:f7:48:96:09:d7:91:64:63:88:22:e3:b8:2c:72: + 98:92:34:2a:0a:fe:06:47:f6:ad:25:49:12:19:1d:4d:6f:e7: + ad:94:08:2b:3b:6a:d2:d7:99:5e:2f:77:11:91:46:37:7b:5d: + 54:81:3c:6e:09:dc:95:22:88:24:dd:84:f7:89:40:76:51:52: + 81:c6:41:1f:ce:66:47:54:3f:fd:79:f9:af:16:42:a2:39:c5: + a6:3b:6e:00:5d:81 -----BEGIN CERTIFICATE----- -MIIGBzCCBG+gAwIBAgIJAKTgqvMpUDmKMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG -A1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFtbWluZy0zMDcyMRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s -ZnNzbC5jb20wHhcNMjEwMjEwMTk0OTUyWhcNMjMxMTA3MTk0OTUyWjCBnjELMAkG -A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT -BgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3MjEY -MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEArDlQaI94 -+BCbaJbT4ZxWaFpBYuOzQbBVgBewiBab4Jd0X0J5c0Lfk/Oqne4tb6q8J5CEwF3H -7EnqXGYdcJxTXLqhs1jJPo6bcj1uAgIAnGVWgqMitAhfKu/fmtDnMVkmWwscY2H/ -1WkyGQZ+D0A8eh7I/FhsZK4QPagj/44aymqC4vkBZCyXoBqJoHTTtgUR8mIGSCr3 -Zs7BheHSJ+rKEqWRlz78lAZZUcDnE7aHe1/SwFYvXh0CwxEs3/cB2r2FVDUyX8XI -+XqfifcDDn55XQSCNRD+bZu/uO7iYocmXi9QL3gM6HNPiGrWJqTJ/PoeirD0Ms9X -zaFYikkPu6kdhqu5j41XGbJafqTqzLeWejs4zd7gYfzJBo+TWs6tKuMtPjldQYMB -Hw/hf3bHKNpW77/cJjVAvq3HOK2kBqzK6FHrwPhoAiyboRS8+GGG11bXc/Sru2oh -04gitOdvf5HlDsYISd7qE1hyoKo6+TYDRVdeh9JzZcSMo+7J1nN8lkGTAgMBAAGj -ggFEMIIBQDAdBgNVHQ4EFgQUPdGEwq+wIEm8dIdBOKu60tQMo6gwgdMGA1UdIwSB -yzCByIAUPdGEwq+wIEm8dIdBOKu60tQMo6ihgaSkgaEwgZ4xCzAJBgNVBAYTAlVT -MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3 -b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1taW5nLTMwNzIxGDAWBgNVBAMM -D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv -bYIJAKTgqvMpUDmKMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5j -b22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3 -DQEBCwUAA4IBgQBXIcCtbhZ01bGLGVVJeqRe1hj5A4BLwnHRBEecs3OcT2JKOprU -SOSB240V310PCBMoKNcFRMG5bfF1YHTQRK6RDzp89O7qbwY6Qa5rXIoNhWuz+7Ff -cPebMlf7xGvOkIYMlopBTmHzoT9V6JRWEm2eRiwxvT+KcMggpPv6xlNYuwUouokM -sV8hrB7xNf1rFMFpCOk3FNh2UCr8qpR/OVI6pzwKU17gExoAyqyqfvcJaHhgEXOr -fVj+A5/mhOpRWECCpf+nLOpCpUy2O1xrq89WiozsPPCu08oOCXHPeZZyY0skevN5 -yml1ybKkVLiEQCuPJCdq7Y9T4FWbNZEYEc+wO7hlPMbvsHh8QybxEoRrK/B9PH/c -Z6QXiXUAhhrqzRrP2hFkzL0QJu9rG5OzNxR/EoCBtv2KitiVX/kepR5lX3WNkCoN -sasmFjGyBmRvK35K9N7peuxnNfNAcXU3s+Ed733ikuzV5buZeVARsopXGzAutxZM -yKaZsQE0CJ3Y368= +MIIGHTCCBIWgAwIBAgIUf4v9GgJOBFOMDULMjem83iMYNUswDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1t +aW5nLTMwNzIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0yNDA5MTUyMzA3 +MjRaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFt +bWluZy0zMDcyMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK +AoIBgQCsOVBoj3j4EJtoltPhnFZoWkFi47NBsFWAF7CIFpvgl3RfQnlzQt+T86qd +7i1vqrwnkITAXcfsSepcZh1wnFNcuqGzWMk+jptyPW4CAgCcZVaCoyK0CF8q79+a +0OcxWSZbCxxjYf/VaTIZBn4PQDx6Hsj8WGxkrhA9qCP/jhrKaoLi+QFkLJegGomg +dNO2BRHyYgZIKvdmzsGF4dIn6soSpZGXPvyUBllRwOcTtod7X9LAVi9eHQLDESzf +9wHavYVUNTJfxcj5ep+J9wMOfnldBII1EP5tm7+47uJihyZeL1AveAzoc0+IatYm +pMn8+h6KsPQyz1fNoViKSQ+7qR2Gq7mPjVcZslp+pOrMt5Z6OzjN3uBh/MkGj5Na +zq0q4y0+OV1BgwEfD+F/dsco2lbvv9wmNUC+rcc4raQGrMroUevA+GgCLJuhFLz4 +YYbXVtdz9Ku7aiHTiCK0529/keUOxghJ3uoTWHKgqjr5NgNFV16H0nNlxIyj7snW +c3yWQZMCAwEAAaOCAU8wggFLMB0GA1UdDgQWBBQ90YTCr7AgSbx0h0E4q7rS1Ayj +qDCB3gYDVR0jBIHWMIHTgBQ90YTCr7AgSbx0h0E4q7rS1AyjqKGBpKSBoTCBnjEL +MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x +FTATBgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3 +MjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv +QHdvbGZzc2wuY29tghR/i/0aAk4EU4wNQsyN6bzeIxg1SzAMBgNVHRMEBTADAQH/ +MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUF +BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAYEAQ9yzXILEd0vg2Su7xUrM +eguc2kRexULcvG/+dfwSGAFhPG1dME1nJJQ+StPaqLq32zzpvb+P6L6BmuS/lKKu +TT6QRSfyIrtqmwSR2/1hDMpt8XiUnlerLvaZ2ppV5weHAYyafJCt8rwsL1qjzMni +7GepH7cse7W0rlbzhvMhBnE8XzwWRCTx9914wv2275DB/bKlVxUEtpA/U6hO4Eki +CQg12q8sjNFLKCae0QMHKJW2S7FB8pQvTDuzDZRrzCX8WkdX5W29jgLpGT/kUQha +yPtsAeB9ipWeG6bhDto8HmnyMcj1qnKktQFd/6QrLRw0coCoc1+Ypo1pL1976H+R +h4fFYc3Hw3gMqlM++l2OLwURNvvAsIffir5brUNLD3fqac3tMfdIlgnXkWRjiCLj +uCxymJI0Kgr+Bkf2rSVJEhkdTW/nrZQIKztq0teZXi93EZFGN3tdVIE8bgnclSKI +JN2E94lAdlFSgcZBH85mR1Q//Xn5rxZCojnFpjtuAF2B -----END CERTIFICATE----- diff --git a/certs/4096/client-cert.der b/certs/4096/client-cert.der index 50f44b43ee71597e2a2969d1ad395f5c910944ca..68e768f4b4009fa2a0a96b681258e54f1a1a9fd9 100644 GIT binary patch delta 653 zcmeC?Tgazu(8Mll(8S8RfSHMriAjWgVv9zHyyk`Azi*x7&v*EUUi`RZqQo{SLn9*t zBVz+|BaAsBS-B;9d3Q}Zc{fAe?vcuN6JaCnNq1Wp{;}v}_MPUtUw%>b#`!+?7S-20mNjO5 z^35Qsf5*jz4fCFT_U=2qeYa%n zH?j0M#_8gbg^{OTTfZvk>yMC+xv)lPYyFdZ-!{}gZ~L?QLPgHAU0;6HJDv5bcYbTR zJwV#T@|eM%>vb`ayRxe$crLj2!#R z)2n2mNJQWDewL?af1556YkNEORn^z6{ImD++)4CWaQS@T*L{DjpQkyR=X73lc%YxU tjd|h9aG&{;r%s)I%0H@b(u^3(w<>E)PX%r_Dv|ry{36?rW#5(3RsfDDHL(By delta 639 zcmZ3;*Ucwk(8SJe(8Th70W%XL6B8%H0=wJir_Uq(k_{uDerwtlUOn%S2 zj|*Y&f=+@duRd4LxrgaQ6zY4vWVMRjZvx z&Uw`BNIrY^+@1inJGqDCE*4tp-+s!RT^y=hP$tKrHL3bq)_d^WJ_MJ2)Ik5Nf0 zpY#u_Nw%w0rRPsKoI3reZQ$K)SH0>SH&1A;nepqilJU|nMkRagHd>qfJZ!)3Hs4Ks zsh^kpMS_z*DK36_cr8ob^R@EX=lo2)5?gjArphk5zVKNIhp0vA2IT@J(MTPS54UE` zyrSKFf7av**PSgfb%hgdg~`;<4}V+sUHs`K#tAdyeb_zOn@T6SRQ;R1-1p6iJ8tP3 zEZrR9Q-ohGxU@+vOg&*rR6xvm6JLAN=R&bZjTrPF$Z|e4>n)%B?P=1M#j}sqJhQ!O zVH~d<-KeLcHgCp?^(?lj_JtiDE-_Mqe9{jaH*QONW+R+_Eqn3j?ce5$ENidVt`{*> zs`|?7@@%oxwM%z83e7bHbKXx~EqnCvtoKqOf|L3>otf1xyi7L!SLw4X|42lH-nP}@ z3oL#AcN|dGv3@-3zQ<*8*H|+@hKQoW@1K`(|Bze}|1Efir*_cRzNI&c^K6ur+1gaI kd96Rq5;tDr_ci<8<`jj9W4THz*L~rf%bUkCf11`j0NUyre*gdg diff --git a/certs/4096/client-cert.pem b/certs/4096/client-cert.pem index 66335cf6b..a7b1a0239 100644 --- a/certs/4096/client-cert.pem +++ b/certs/4096/client-cert.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 11546908179272725132 (0xa03edbcf979a728c) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_4096, OU=Programming-4096, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 07:91:84:28:88:1f:29:d0:53:fd:ed:42:1f:cf:88:4c:15:d1:f1:a4 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_4096, OU = Programming-4096, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_4096, OU=Programming-4096, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_4096, OU = Programming-4096, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (4096 bit) + RSA Public-Key: (4096 bit) Modulus: 00:f5:d0:31:e4:71:59:58:b3:07:50:dd:16:79:fc: c6:95:50:fc:46:0e:57:12:86:71:8d:e3:9b:4a:33: @@ -54,7 +55,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:FA:54:89:67:E5:5F:B7:31:40:EA:FD:E7:F6:A3:C6:5A:56:16:A5:6E DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_4096/OU=Programming-4096/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:A0:3E:DB:CF:97:9A:72:8C + serial:07:91:84:28:88:1F:29:D0:53:FD:ED:42:1F:CF:88:4C:15:D1:F1:A4 X509v3 Basic Constraints: CA:TRUE @@ -63,72 +64,73 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 17:ab:22:61:05:6d:3a:c0:0d:6b:d9:15:82:11:cf:e7:f8:65: - da:c7:ef:da:0f:50:75:bd:55:cf:3d:50:dd:d4:0d:2c:04:48: - a8:25:3a:b9:c4:ce:48:7e:b8:63:cd:cd:ce:bc:50:26:dc:6d: - c2:1e:d1:71:3a:2f:db:e5:03:6b:73:55:23:70:76:1e:08:2a: - 92:7b:d6:6a:ef:17:a0:f3:8c:ea:eb:c4:2e:cb:d4:d9:d5:ab: - f7:e6:8d:ec:d9:97:a1:56:a7:0b:5d:e5:3f:1f:5e:6a:7a:a4: - 64:d7:b2:42:1a:1e:49:37:93:bc:be:13:a8:fb:b1:93:7b:a8: - 2b:49:90:43:84:24:60:44:fc:32:74:85:0e:1b:f8:3a:92:3d: - aa:25:1b:9f:97:31:95:97:c5:3d:51:dd:b6:d5:4a:7e:41:b3: - 90:83:7c:98:fa:cb:22:33:a5:f4:32:74:bd:3e:b1:3b:34:f9: - c3:3f:be:db:0e:d9:2f:1a:f9:d2:4f:14:53:63:f2:21:a3:e9: - c3:ad:04:6e:e7:ad:1f:6b:ce:4e:35:4a:61:84:b9:61:65:1d: - a2:d7:a1:e6:74:08:15:38:75:b0:23:70:22:15:59:2c:48:f0: - da:9a:99:d4:2b:83:df:9a:93:78:45:b9:84:5c:7e:71:90:da: - 56:1c:9f:57:ed:76:f7:17:e5:d2:01:90:99:5f:4c:07:49:07: - 82:75:92:44:7a:fe:9b:a7:4d:ec:c8:dc:46:67:28:04:8b:08: - 17:94:13:e9:a0:d2:b2:26:56:27:60:94:5a:50:5c:cf:34:4d: - 3f:35:e7:12:5d:c5:32:00:2f:e0:1d:09:e5:36:8d:77:93:f6: - e5:62:b4:a3:9b:c6:7c:e6:3d:d5:38:33:5f:23:5b:81:2e:24: - 26:9e:98:a8:af:04:3d:65:3f:71:88:48:44:5c:1a:11:0e:1b: - e1:81:b1:b6:66:e6:3c:13:67:d6:6b:a3:f3:b7:f6:9f:14:a6: - 87:7f:2b:14:31:22:7a:f5:0d:44:e6:a3:1a:d6:d2:dc:88:71: - 37:28:11:6c:ef:95:ab:1d:c5:c3:9a:ef:1a:54:11:92:8e:89: - 43:03:26:d0:e9:63:33:fe:79:4c:a6:6f:c4:58:58:2e:b6:ab: - 57:a0:39:4d:ff:88:c0:23:2c:3b:e3:9a:df:48:d3:17:45:5d: - 36:4e:00:58:72:c3:ef:e7:76:0b:f8:19:a8:5f:f6:53:98:49: - 2b:52:b5:8e:a5:d8:73:6e:3c:23:23:06:86:25:6b:0d:3b:f2: - 9a:17:33:a4:4e:f5:6b:de:b3:64:20:58:c6:6d:22:a9:ae:f4: - 09:9d:0d:6e:9f:96:2a:9e + 97:3a:5c:65:88:d6:bd:d6:80:4a:a3:a4:13:99:d8:7f:db:6d: + 68:f6:32:c8:ef:7a:70:db:1b:c2:11:7a:21:2b:e4:df:1e:78: + 08:0b:51:6d:0c:c4:cc:a8:e6:ad:ee:7d:67:6b:ce:74:3a:90: + 4c:c0:33:18:c4:b4:ef:27:aa:73:e3:92:d7:f5:31:6f:6b:62: + 57:22:e2:69:05:0f:c0:99:8e:c2:ff:be:99:bf:05:93:05:0b: + 19:8d:0d:ba:92:c9:dd:68:1f:3e:e2:24:b7:34:13:32:0b:92: + dd:85:a1:fc:38:89:03:4d:96:4d:bf:1f:a2:7b:b1:9f:4c:de: + a2:7c:e3:1d:33:05:ea:f0:91:5e:e5:90:cd:62:06:b0:98:73: + f4:74:bc:f7:1d:10:43:6d:d0:85:c8:15:ca:43:6a:df:de:bc: + fa:3c:e7:03:6e:d4:aa:46:db:fe:18:1b:d0:ca:94:7e:7a:e4: + d4:21:c4:15:27:b9:46:7b:1f:b6:cd:03:ae:8d:a3:cf:14:df: + 54:4f:4a:f6:58:4e:b1:bf:5e:d6:7c:21:73:c9:4e:c9:0d:0f: + b8:d1:a1:80:9e:e6:f3:4b:8e:cb:b7:bb:19:5d:f6:16:67:5e: + 01:97:17:59:71:59:ca:eb:3b:ea:70:8e:8f:58:1f:5c:d0:ac: + 12:b5:e4:de:f6:b0:7f:e7:86:fc:ab:d0:78:6c:e6:ba:f4:fa: + 7f:42:cd:4e:7f:43:ed:39:b7:50:1b:34:39:c6:30:bc:d7:7e: + 5c:59:ba:6b:7a:90:49:a0:de:f8:43:00:82:6d:6b:82:01:06: + 01:b0:04:49:fe:bd:8b:2d:c6:10:9f:d3:fb:1d:56:3a:bf:28: + a2:a5:bd:c7:6b:a7:0c:01:bf:18:4e:75:77:49:86:ac:44:16: + 2f:9e:fa:e6:4e:f5:81:00:e7:e9:49:6d:ee:1e:c2:0c:91:3e: + fc:14:07:cd:de:08:dc:cb:9a:3c:2c:9a:3e:32:03:ba:1e:42: + 17:3b:63:8c:ce:da:fd:6c:d5:55:3a:28:a5:35:1d:5f:41:f8: + 1c:fd:f5:73:a1:24:c5:a9:40:ab:ae:d0:4b:d3:d3:b1:23:64: + 2b:64:be:c4:3b:39:dc:46:d6:f4:9f:f9:4a:74:a1:14:58:8e: + d7:8f:04:e5:cd:fb:35:a2:16:86:ed:95:ea:7a:f5:b5:0f:9b: + bd:0c:dc:61:4a:a0:d3:cf:51:f5:be:fd:3b:e7:66:41:37:6c: + 89:d1:40:e0:2f:65:b6:03:a1:a9:57:4c:9f:93:95:95:97:ca: + 4f:5a:71:92:98:5c:39:ed:24:ac:35:ca:51:b7:32:74:1e:f9: + 83:e8:6b:4e:be:d4:75:85 -----BEGIN CERTIFICATE----- -MIIHBzCCBO+gAwIBAgIJAKA+28+XmnKMMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG -A1UECgwMd29sZlNTTF80MDk2MRkwFwYDVQQLDBBQcm9ncmFtbWluZy00MDk2MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s -ZnNzbC5jb20wHhcNMjEwMjEwMTk0OTUyWhcNMjMxMTA3MTk0OTUyWjCBnjELMAkG -A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT -BgNVBAoMDHdvbGZTU0xfNDA5NjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctNDA5NjEY -MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9dAx5HFZ -WLMHUN0WefzGlVD8Rg5XEoZxjeObSjPqT9kXE21Iad9ZEQgCna8rxzC+DNyH1FoS -CSNd4XZaYjdGdO8DBbsebSl1bC6dhw2Ph8sUlZu+F2tR0Uza15FmxTbr4Acadk2w -+8H1XgXbussl2ZkTHMA13EDpNs3E1XpBcA8266VOFwXVdRtkYno/DShIauOsnKiP -6e33zSSgsaADrOMD9T/Rlv8qfgix0+AYFOxlN1BDwmqM9Fv+xMuNP4EC98Ld5MGO -gAwEJS2AWi4PIjVK9IXtUdirbY+iOyQAboHiHnbWrDES2/OOB6HeiUo5YHfFqvFR -5gbxlVYq4Y6SMJ/+WESsRvL9mvyoHaHTVTdKi/ycM/inYUhBfJx3P/WAI31DtNWI -Csl110QZTXdsCwpJqhwv1lpEpkdN5TaWQJksViax8pIxWdcs1LQh1mUTCz77/wTr -uYW52NgoT1wXlqNRvv59CxtIQCV2lNxB+79zdtrrs2LnwchUapPhjTHoPj7fvIcC -MCJXxOAYetOu5AKbqr1OSUdy6Y0TLVSbAKeRYXHJzEhP7t9eGxrfZ9Mg5kRFmH7n -DmMWg8kmXZDB5SpcRVQTsoEYBiAuLmZatXtu1gxOiQFWcLuu3umZXtG5OrdsF7YD -qQjdnPQUyclZOXLUfgI3Mc0Opz348s9rFasCAwEAAaOCAUQwggFAMB0GA1UdDgQW -BBT6VIln5V+3MUDq/ef2o8ZaVhalbjCB0wYDVR0jBIHLMIHIgBT6VIln5V+3MUDq -/ef2o8ZaVhalbqGBpKSBoTCBnjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh -bmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xfNDA5NjEZMBcG -A1UECwwQUHJvZ3JhbW1pbmctNDA5NjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAoD7bz5eacowwDAYD -VR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNVHSUE -FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBABerImEF -bTrADWvZFYIRz+f4ZdrH79oPUHW9Vc89UN3UDSwESKglOrnEzkh+uGPNzc68UCbc -bcIe0XE6L9vlA2tzVSNwdh4IKpJ71mrvF6DzjOrrxC7L1NnVq/fmjezZl6FWpwtd -5T8fXmp6pGTXskIaHkk3k7y+E6j7sZN7qCtJkEOEJGBE/DJ0hQ4b+DqSPaolG5+X -MZWXxT1R3bbVSn5Bs5CDfJj6yyIzpfQydL0+sTs0+cM/vtsO2S8a+dJPFFNj8iGj -6cOtBG7nrR9rzk41SmGEuWFlHaLXoeZ0CBU4dbAjcCIVWSxI8NqamdQrg9+ak3hF -uYRcfnGQ2lYcn1ftdvcX5dIBkJlfTAdJB4J1kkR6/punTezI3EZnKASLCBeUE+mg -0rImVidglFpQXM80TT815xJdxTIAL+AdCeU2jXeT9uVitKObxnzmPdU4M18jW4Eu -JCaemKivBD1lP3GISERcGhEOG+GBsbZm5jwTZ9Zro/O39p8Upod/KxQxInr1DUTm -oxrW0tyIcTcoEWzvlasdxcOa7xpUEZKOiUMDJtDpYzP+eUymb8RYWC62q1egOU3/ -iMAjLDvjmt9I0xdFXTZOAFhyw+/ndgv4Gahf9lOYSStStY6l2HNuPCMjBoYlaw07 -8poXM6RO9Wves2QgWMZtIqmu9AmdDW6fliqe +MIIHHTCCBQWgAwIBAgIUB5GEKIgfKdBT/e1CH8+ITBXR8aQwDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzQwOTYxGTAXBgNVBAsMEFByb2dyYW1t +aW5nLTQwOTYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0yNDA5MTUyMzA3 +MjRaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF80MDk2MRkwFwYDVQQLDBBQcm9ncmFt +bWluZy00MDk2MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQD10DHkcVlYswdQ3RZ5/MaVUPxGDlcShnGN45tKM+pP2RcTbUhp31kRCAKd +ryvHML4M3IfUWhIJI13hdlpiN0Z07wMFux5tKXVsLp2HDY+HyxSVm74Xa1HRTNrX +kWbFNuvgBxp2TbD7wfVeBdu6yyXZmRMcwDXcQOk2zcTVekFwDzbrpU4XBdV1G2Ri +ej8NKEhq46ycqI/p7ffNJKCxoAOs4wP1P9GW/yp+CLHT4BgU7GU3UEPCaoz0W/7E +y40/gQL3wt3kwY6ADAQlLYBaLg8iNUr0he1R2Kttj6I7JABugeIedtasMRLb844H +od6JSjlgd8Wq8VHmBvGVVirhjpIwn/5YRKxG8v2a/KgdodNVN0qL/Jwz+KdhSEF8 +nHc/9YAjfUO01YgKyXXXRBlNd2wLCkmqHC/WWkSmR03lNpZAmSxWJrHykjFZ1yzU +tCHWZRMLPvv/BOu5hbnY2ChPXBeWo1G+/n0LG0hAJXaU3EH7v3N22uuzYufByFRq +k+GNMeg+Pt+8hwIwIlfE4Bh6067kApuqvU5JR3LpjRMtVJsAp5FhccnMSE/u314b +Gt9n0yDmREWYfucOYxaDySZdkMHlKlxFVBOygRgGIC4uZlq1e27WDE6JAVZwu67e +6Zle0bk6t2wXtgOpCN2c9BTJyVk5ctR+AjcxzQ6nPfjyz2sVqwIDAQABo4IBTzCC +AUswHQYDVR0OBBYEFPpUiWflX7cxQOr95/ajxlpWFqVuMIHeBgNVHSMEgdYwgdOA +FPpUiWflX7cxQOr95/ajxlpWFqVuoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4G +A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNT +TF80MDk2MRkwFwYDVQQLDBBQcm9ncmFtbWluZy00MDk2MRgwFgYDVQQDDA93d3cu +d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFAeR +hCiIHynQU/3tQh/PiEwV0fGkMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhh +bXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0G +CSqGSIb3DQEBCwUAA4ICAQCXOlxliNa91oBKo6QTmdh/221o9jLI73pw2xvCEXoh +K+TfHngIC1FtDMTMqOat7n1na850OpBMwDMYxLTvJ6pz45LX9TFva2JXIuJpBQ/A +mY7C/76ZvwWTBQsZjQ26ksndaB8+4iS3NBMyC5LdhaH8OIkDTZZNvx+ie7GfTN6i +fOMdMwXq8JFe5ZDNYgawmHP0dLz3HRBDbdCFyBXKQ2rf3rz6POcDbtSqRtv+GBvQ +ypR+euTUIcQVJ7lGex+2zQOujaPPFN9UT0r2WE6xv17WfCFzyU7JDQ+40aGAnubz +S47Lt7sZXfYWZ14BlxdZcVnK6zvqcI6PWB9c0KwSteTe9rB/54b8q9B4bOa69Pp/ +Qs1Of0PtObdQGzQ5xjC8135cWbprepBJoN74QwCCbWuCAQYBsARJ/r2LLcYQn9P7 +HVY6vyiipb3Ha6cMAb8YTnV3SYasRBYvnvrmTvWBAOfpSW3uHsIMkT78FAfN3gjc +y5o8LJo+MgO6HkIXO2OMztr9bNVVOiilNR1fQfgc/fVzoSTFqUCrrtBL09OxI2Qr +ZL7EOzncRtb0n/lKdKEUWI7XjwTlzfs1ohaG7ZXqevW1D5u9DNxhSqDTz1H1vv07 +52ZBN2yJ0UDgL2W2A6GpV0yfk5WVl8pPWnGSmFw57SSsNcpRtzJ0HvmD6GtOvtR1 +hQ== -----END CERTIFICATE----- diff --git a/certs/ca-cert-chain.der b/certs/ca-cert-chain.der index 848109a0f6c94bb913f8f6d484b6275070cc60f0..c76c26793020369540cee0d5c420437d34b355e0 100644 GIT binary patch delta 256 zcmaFC{*PVRpo#gHK@)TG0%j&gCMFT5Ge2z)&zQS2>jJBC(8hNCeM`AsPLx<9X=r3* zU}S7yZe$WA&TC|1U}bPfQIbK+g#JvG-*MWm*xT;(q2@{cDP`8Y>x+6WS7zlsi1zT)QN6Qe_bDmY z2@~hJH~rap_*YPFf7|qZ5#G;DORwxS-*r^$_QwQG|GW)CtL*2889d!Gf#r;B&f;f} q#A2reO;py|H7C7!m1x69%b(X*Fx9pzu6`fh%jS9d1n=E@b)xbbNdqH814By_OH-pLab6>1 zLqh{|2zTQPTSitZgC<6^$y!W`JSW+hLuHj&8V?#Y?wcIWw1o>{%wz@Txcbd6JF;HI zo7Uv~o&0asjOQ|YE}p0oJ(~IOx2g1-N%j}*GPMM!y4c#+{Qs76wyBvOw$Ztk z&+7t(M7<}h_$9ZhG5B7qrf+2q$Dt!}zLv{4m!z+`^Wp4vzo$Qo4y(%aK43PGj9Qw! eY}Xs1_V>AAO3R(R`mO&etbVTFO diff --git a/certs/ca-cert.der b/certs/ca-cert.der index 9ca22e719b78346d9afc2fb8a2639d747bd312fb..dbe39d2a415551d6fc37144c82feec7fbf29ed95 100644 GIT binary patch delta 397 zcmaFM+03PE(8TiJpo#hU0%j&gCMJ>EDFq$7*qwS;t@qz|NXp~GMTcij6D8J28X6fH z7#SOw8<|9j^BS2LSQ?r_xEt>tWaM`>Xkv6UkY!^ImE~g*W0`!BNtDl^@d}8q%+h$q zpz-A73rt%?v6?=)k2$`6L*edSu2BuDOiSuIxK~#H-LU(c+tyuQjz3OR=wTL3`}!oL z>Ai5nbfxrz7dv7f>4txMFhBF!#+Yp{9?a-GAtH2bTW4?1&IOVFlimpiXV*^l%H(Rj zdG%7#i<4WA`H6q!dhuDeEs^{6kt4^_OW)3#AH1MYZovfJpUhkKv`OZDu=cNi@iybz zb7g01v*u=Rw*|8pFC1^(T{~rgqHUc`mTlv0$7;75qDfc#eQgiio^`Zw#hP2~Gmqch z`B7y3#mSF9J6&JI5~vuWdD!*azL;NUZ|~QyY;=0s@6LTCgmLR3FSlze4E0hP>^%}E hYJOhj9Fv*%k#Xn!QNPU&2rfEoFqdiSVF1C^x5oeg delta 363 zcmZqXddn$c(8Ti6po#h70%j&gCMHgXRhRA8NN}0^PE=kaX<%e%U}$M#X=)TD&TC|B zXlP&#;ck3!kdf8Opo!6J@;W9(o|A0Mp|Z*>jRy@H_f5Xdw1o>{%;Y7^@%2eFPDGp! zV{VI(`8PD^{*Pyy(E|_P2W!?|){G zUia7G$~uJ$WnG3`i;`**dC$epl6#`iQ6K2}yL{zY-(&kjW*WcuUQk?+t9R3u>?=;w{eCK1C)#k;`ET_GPlR;(u2}>=bA5O9*5T%BZ{yxv+a|Jk za^%BMuX>jI=TfiSm+-&4#kGD}n86WNml<>Y)pA=J7R0?(zUa};$I3R*dV|gGo_?EZ LAOD3+r)B^ENoS#o diff --git a/certs/ca-cert.pem b/certs/ca-cert.pem index 47a3ba0a4..5c280581c 100644 --- a/certs/ca-cert.pem +++ b/certs/ca-cert.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 12309252214903945037 (0xaad33fac180a374d) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 7d:94:70:88:ba:07:42:8d:aa:af:4f:be:c2:1a:48:f0:d1:40:e6:42 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: @@ -37,7 +38,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -46,47 +47,47 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08: - 86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd: - 89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99: - c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce: - 89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8: - a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4: - ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20: - 88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70: - 6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38: - 7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4: - 12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6: - b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd: - b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e: - ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c: - 4f:a1:ca:98 + b0:71:bb:ba:45:5a:80:25:02:a4:7e:88:0b:a9:7b:fd:b0:bb: + f6:46:b5:ba:f4:c7:e3:61:20:8c:03:15:66:f5:e4:54:82:ef: + 13:80:97:22:67:c1:d1:88:5d:e2:2d:57:f6:e0:9f:69:d6:b1: + 5c:b6:e8:e0:98:89:c8:14:12:d6:b6:89:8d:6c:b9:a0:59:4f: + 92:ee:11:53:6b:7d:93:4a:69:0a:85:d9:d5:d2:62:e8:c9:b5: + c6:4e:17:f5:0a:e8:f3:2d:86:61:0b:eb:c4:c4:c6:67:75:ed: + 9a:9f:53:a0:71:1e:a0:90:0d:f9:03:b4:bc:86:19:6e:f0:3b: + 4f:e8:ed:68:f6:e7:23:43:3b:36:83:83:4b:46:a0:9a:01:d0: + c7:85:bb:7d:94:a0:21:3d:7e:3c:6a:3d:81:db:41:7b:46:d8: + 15:62:d5:8f:4d:3d:c0:db:9a:c5:81:a8:ac:da:87:99:c7:dd: + b9:f1:14:af:d1:93:e3:f3:42:d7:a2:04:51:21:54:29:c3:45: + f6:be:5c:fa:cd:db:bf:2f:79:81:42:e5:8f:47:0b:d4:54:01: + b5:c2:4a:46:d6:a8:31:2e:64:80:3f:48:61:91:29:f3:aa:43: + 5c:69:6e:f1:01:b9:df:63:71:3d:b9:5a:fb:36:c0:11:a2:c3: + 30:9d:95:c3 -----BEGIN CERTIFICATE----- -MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +MIIE/zCCA+egAwIBAgIUfZRwiLoHQo2qr0++whpI8NFA5kIwDQYJKoZIhvcNAQEL +BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZQxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw +DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP +d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804H0ry +TXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQ +u2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkc +rMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfa +QG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+j +JtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02 +eQIDAQABo4IBRTCCAUEwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHU +BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow -ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+ -gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO -BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv -b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM -BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud -JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI -WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX -apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28 -Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z -PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt -XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR -O7A8u4yPPHtMT6HKmA== +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU +fZRwiLoHQo2qr0++whpI8NFA5kIwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl +eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +DQYJKoZIhvcNAQELBQADggEBALBxu7pFWoAlAqR+iAupe/2wu/ZGtbr0x+NhIIwD +FWb15FSC7xOAlyJnwdGIXeItV/bgn2nWsVy26OCYicgUEta2iY1suaBZT5LuEVNr +fZNKaQqF2dXSYujJtcZOF/UK6PMthmEL68TExmd17ZqfU6BxHqCQDfkDtLyGGW7w +O0/o7Wj25yNDOzaDg0tGoJoB0MeFu32UoCE9fjxqPYHbQXtG2BVi1Y9NPcDbmsWB +qKzah5nH3bnxFK/Rk+PzQteiBFEhVCnDRfa+XPrN278veYFC5Y9HC9RUAbXCSkbW +qDEuZIA/SGGRKfOqQ1xpbvEBud9jcT25Wvs2wBGiwzCdlcM= -----END CERTIFICATE----- diff --git a/certs/ca-ecc-cert.der b/certs/ca-ecc-cert.der index 57d2a42dab05584d5fa61683e612286a730b3947..ae3bf087655b009322fabdf2ffc3ab68e62f84f9 100644 GIT binary patch delta 140 zcmeBUoyn?f(8M&=poz(P0W%XL6O)Mk0iA#HSy9|~zi}kbbgGk_^y`k%M2R($hDJsP zM#cu_MkZ0>yhbJlmWHMf?#8?Mj82~xRPm>=zG+-ECCl&u@4No2x5>tQ>V})opIE>b r-4XbUNgR!S*QDTjxp^=e+ zk+Fffkx7&|uaSv?rJ*T=yYX%}V{*l} aH5>Dtx(S+%cKHR*13p|?Htmi^;4}dD9!Mzw delta 166 zcmcb{dYV$Njn=@%HjaeIq&&i;QP=htF8XMOBX#^?T5m^oW)tF@aS St>ehhi*C(#{_6PP_(=eDwnRh# diff --git a/certs/ca-ecc384-cert.pem b/certs/ca-ecc384-cert.pem index b7bad2ca7..a02156083 100644 --- a/certs/ca-ecc384-cert.pem +++ b/certs/ca-ecc384-cert.pem @@ -1,17 +1,18 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 12132976075216541034 (0xa860fd750798556a) - Signature Algorithm: ecdsa-with-SHA384 - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 1a:57:7f:62:de:7e:f2:6d:93:d2:83:35:86:82:7f:09:5a:8b:a4:09 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) - pub: + pub: 04:ee:82:d4:39:9a:b1:27:82:f4:d7:ea:c6:bc:03: 1d:4d:83:61:f4:03:ae:7e:bd:d8:5a:a5:b9:f0:8e: a2:a5:da:ce:87:3b:5a:ab:44:16:9c:f5:9f:62:dd: @@ -32,26 +33,27 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ecdsa-with-SHA384 - 30:65:02:30:47:a2:36:33:f4:27:bd:d0:5c:e6:8d:3e:31:a9: - 4e:51:57:a9:93:28:72:0a:72:ab:6e:f9:56:c0:f5:70:02:9f: - 9c:b2:4a:9c:3e:9f:fb:c5:64:26:7a:88:dc:4a:2a:25:02:31: - 00:88:f8:e2:d5:20:82:f2:de:7b:cb:13:ac:cd:ff:e8:1e:4e: - 84:3d:9c:af:5d:f9:01:e7:4f:d4:03:09:84:3d:7b:2b:83:e2: - ae:08:68:2e:5b:85:6f:43:f5:41:e0:c7:c9 + 30:65:02:30:78:da:52:4f:11:fa:4f:a9:7b:02:af:63:40:a7: + 54:bf:08:8b:cb:e4:ce:7d:35:38:46:d9:90:40:f5:f1:16:42: + e5:ef:7b:b0:8f:3d:b0:a0:07:a6:23:3e:8f:a3:be:57:02:31: + 00:de:d2:23:84:4c:71:6a:2e:d0:17:73:55:b2:8b:e7:ac:4f: + 83:21:f8:f1:7a:9a:f5:8b:a5:17:7b:06:03:dc:7e:90:29:81: + 3e:6f:70:e7:50:f0:d4:a6:96:dc:28:51:96 -----BEGIN CERTIFICATE----- -MIICxzCCAk2gAwIBAgIJAKhg/XUHmFVqMAoGCCqGSM49BAMDMIGXMQswCQYDVQQG -EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G -A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTNaFw0yMzExMDcxOTQ5NTNaMIGXMQswCQYDVQQGEwJVUzET -MBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwH -d29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqG -SM49AgEGBSuBBAAiA2IABO6C1DmasSeC9NfqxrwDHU2DYfQDrn692FqlufCOoqXa -zoc7WqtEFpz1n2Ld9iDNnHY8QLE/lxffWfbN3s1GNcDtXi5ItmaRcXS3DD+5mreD -vZM/X1AtcD/eNSXhkDuG4KNjMGEwHQYDVR0OBBYEFKvgwyZMGNRyu9KEjJwKBZKA -ElNSMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKAElNSMA8GA1UdEwEB/wQF -MAMBAf8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2gAMGUCMEeiNjP0J73Q -XOaNPjGpTlFXqZMocgpyq275VsD1cAKfnLJKnD6f+8VkJnqI3EoqJQIxAIj44tUg -gvLee8sTrM3/6B5OhD2cr135AedP1AMJhD17K4PirghoLluFb0P1QeDHyQ== +MIIC0jCCAligAwIBAgIUGld/Yt5+8m2T0oM1hoJ/CVqLpAkwCgYIKoZIzj0EAwMw +gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZcxCzAJ +BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl +MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE +AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE7oLUOZqxJ4L01+rGvAMdTYNh9AOu +fr3YWqW58I6ipdrOhztaq0QWnPWfYt32IM2cdjxAsT+XF99Z9s3ezUY1wO1eLki2 +ZpFxdLcMP7mat4O9kz9fUC1wP941JeGQO4bgo2MwYTAdBgNVHQ4EFgQUq+DDJkwY +1HK70oSMnAoFkoASU1IwHwYDVR0jBBgwFoAUq+DDJkwY1HK70oSMnAoFkoASU1Iw +DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaAAw +ZQIweNpSTxH6T6l7Aq9jQKdUvwiLy+TOfTU4RtmQQPXxFkLl73uwjz2woAemIz6P +o75XAjEA3tIjhExxai7QF3NVsovnrE+DIfjxepr1i6UXewYD3H6QKYE+b3DnUPDU +ppbcKFGW -----END CERTIFICATE----- diff --git a/certs/client-ca.pem b/certs/client-ca.pem index 24788cf89..79757b014 100644 --- a/certs/client-ca.pem +++ b/certs/client-ca.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 17391944375755183620 (0xf15c9943663d9604) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 53:16:7c:a0:56:50:46:27:82:ed:60:b4:da:33:d8:6a:c0:ea:dc:31 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b: 2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07: @@ -37,7 +38,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:F1:5C:99:43:66:3D:96:04 + serial:53:16:7C:A0:56:50:46:27:82:ED:60:B4:DA:33:D8:6A:C0:EA:DC:31 X509v3 Basic Constraints: CA:TRUE @@ -46,64 +47,66 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - ba:2b:48:d1:a8:e3:c2:84:42:96:a1:7c:e5:f1:46:ba:4c:f7: - 87:57:c7:78:c8:c1:32:c4:69:ff:85:bb:5d:6a:dd:c9:87:7e: - fe:bb:f4:fd:15:0a:4c:94:95:80:30:90:45:03:f8:33:87:ca: - 5f:74:38:a4:d0:5a:c7:65:38:c3:b0:e8:87:b1:49:32:b9:ac: - e9:fb:d3:08:1d:a4:51:7b:d7:d9:4b:79:35:a2:3a:0b:e4:0c: - a0:02:9c:a1:68:e1:5d:6c:8e:2e:3a:24:de:bb:d6:1c:a7:ac: - 2e:cd:57:44:48:f6:72:e0:c7:5b:93:dc:7d:5b:64:0e:17:84: - 68:2c:95:1d:2c:86:d6:b0:74:67:51:6e:7b:f4:d5:61:38:51: - b3:18:e3:10:16:73:4b:36:8a:8a:62:05:f5:56:8a:be:21:e1: - 78:7d:bf:ad:45:f9:0b:f5:af:a0:62:01:fd:3f:49:df:39:3c: - ff:46:e8:0a:fe:5c:6b:bb:41:a5:64:f1:5c:9b:51:4c:bc:6d: - 9f:a3:20:ed:e9:48:e1:a9:be:08:2d:85:42:59:d6:43:7d:47: - 22:a5:fa:1f:a2:58:76:0b:70:1c:1d:59:1d:aa:be:5d:2d:25: - 7c:b1:06:b6:c0:aa:28:aa:93:7c:d0:bd:43:ad:91:50:1c:7b: - 4d:f3:e4:d7 + b8:e8:e3:2a:48:6c:04:8b:f8:81:14:1a:ce:14:ed:c7:f0:d3: + cb:9a:91:d9:2c:1d:6e:73:36:8f:a3:61:c4:1f:da:d1:4b:b6: + 40:d0:6a:c4:2b:43:c8:2f:fb:ee:5a:c9:41:9d:2b:6f:f3:39: + 67:20:ec:7c:d6:a0:7f:06:79:cd:52:2c:c9:3c:5b:bf:e5:01: + 47:90:f0:82:88:f1:3d:45:25:f4:d1:4b:ec:ac:3f:1b:ce:a1: + 0e:61:a0:29:41:f6:21:0e:9f:73:b3:39:34:c4:1e:55:5f:9f: + e7:42:ca:ab:8f:3c:62:86:26:94:b5:b7:8b:7c:65:4c:3e:b7: + ac:f5:51:0d:a5:14:0f:6f:2b:fe:62:95:26:1e:10:52:ae:44: + 58:95:dc:b4:c4:76:2f:14:28:64:45:aa:94:61:da:1a:d0:cf: + b3:3a:83:c8:66:fb:e8:58:dc:d4:91:4a:9a:e7:c8:b6:ea:f9: + 52:19:b2:3d:5f:95:29:ac:8b:cf:9b:5c:d6:dd:cd:6b:f2:71: + fd:b6:4d:18:98:08:5b:8a:e7:2b:cb:bd:68:97:1c:02:aa:41: + 59:0d:f8:0e:50:d7:48:6f:81:c4:00:70:56:67:64:1a:b3:56: + fc:23:f4:84:49:36:f7:7f:38:94:38:da:40:81:c0:b9:b0:ad: + ea:ce:38:f2 -----BEGIN CERTIFICATE----- -MIIFBzCCA++gAwIBAgIJAPFcmUNmPZYEMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG -A1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0yMDQ4MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s -ZnNzbC5jb20wHhcNMjEwMjEwMTk0OTUyWhcNMjMxMTA3MTk0OTUyWjCBnjELMAkG -A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT -BgNVBAoMDHdvbGZTU0xfMjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEY -MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwPRK/45 -pDJFO1PIhCsqfHSavaoqUgdH1qY2sgcyjtC6aXvGw0Se1IFI/S1oootnu6F1yDYs -StIb94u6zw357+zxgR57mwNHmr9lzH9lJGmm6BSJW+Q098WwFJP1Z3s6enjhAVZW -kaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbfG36/TpfQEOioCDCBryALQxTF -dGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnNrv94bHvAEgPUTnINUG07ozuj -mV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAYE7BjtXJOMMSXhIYtVi/XFfd/ -wK71/Fvl+6G60wIDAQABo4IBRDCCAUAwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeR -xybXhWXAMIHTBgNVHSMEgcswgciAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGkpIGh -MIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96 -ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWlu -Zy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEW -EGluZm9Ad29sZnNzbC5jb22CCQDxXJlDZj2WBDAMBgNVHRMEBTADAQH/MBwGA1Ud -EQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr -BgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAuitI0ajjwoRClqF85fFGukz3h1fH -eMjBMsRp/4W7XWrdyYd+/rv0/RUKTJSVgDCQRQP4M4fKX3Q4pNBax2U4w7Doh7FJ -Mrms6fvTCB2kUXvX2Ut5NaI6C+QMoAKcoWjhXWyOLjok3rvWHKesLs1XREj2cuDH -W5PcfVtkDheEaCyVHSyG1rB0Z1Fue/TVYThRsxjjEBZzSzaKimIF9VaKviHheH2/ -rUX5C/WvoGIB/T9J3zk8/0boCv5ca7tBpWTxXJtRTLxtn6Mg7elI4am+CC2FQlnW -Q31HIqX6H6JYdgtwHB1ZHaq+XS0lfLEGtsCqKKqTfNC9Q62RUBx7TfPk1w== +MIIFHTCCBAWgAwIBAgIUUxZ8oFZQRieC7WC02jPYasDq3DEwDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t +aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0yNDA5MTUyMzA3 +MjRaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt +bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDDA9Er/jmkMkU7U8iEKyp8dJq9qipSB0fWpjayBzKO0Lppe8bDRJ7UgUj9 +LWiii2e7oXXINixK0hv3i7rPDfnv7PGBHnubA0eav2XMf2UkaaboFIlb5DT3xbAU +k/Vnezp6eOEBVlaRphNCjdI8QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ +6KgIMIGvIAtDFMV0Z7Qygm+NhsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8AS +A9ROcg1QbTujO6OZXp3I2QyFs9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4w +xJeEhi1WL9cV93/ArvX8W+X7obrTAgMBAAGjggFPMIIBSzAdBgNVHQ4EFgQUM9hF +Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH +JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw +DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM +EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G +CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUUxZ8oFZQRieC7WC02jPYasDq +3DEwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd +BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB +ALjo4ypIbASL+IEUGs4U7cfw08uakdksHW5zNo+jYcQf2tFLtkDQasQrQ8gv++5a +yUGdK2/zOWcg7HzWoH8Gec1SLMk8W7/lAUeQ8IKI8T1FJfTRS+ysPxvOoQ5hoClB +9iEOn3OzOTTEHlVfn+dCyquPPGKGJpS1t4t8ZUw+t6z1UQ2lFA9vK/5ilSYeEFKu +RFiV3LTEdi8UKGRFqpRh2hrQz7M6g8hm++hY3NSRSprnyLbq+VIZsj1flSmsi8+b +XNbdzWvycf22TRiYCFuK5yvLvWiXHAKqQVkN+A5Q10hvgcQAcFZnZBqzVvwj9IRJ +Nvd/OJQ42kCBwLmwrerOOPI= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) - Serial Number: 16666221217456835267 (0xe74a4fe55697cac3) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 3e:8d:40:a1:0b:e2:5f:d9:7f:b1:f3:ae:73:40:92:c1:d8:aa:f0:65 + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 04:55:bf:f4:0f:44:50:9a:3d:ce:9b:b7:f0:c5:4d: f5:70:7b:d4:ec:24:8e:19:80:ec:5a:4c:a2:24:03: 62:2c:9b:da:ef:a2:35:12:43:84:76:16:c6:56:95: @@ -117,7 +120,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2 DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:E7:4A:4F:E5:56:97:CA:C3 + serial:3E:8D:40:A1:0B:E2:5F:D9:7F:B1:F3:AE:73:40:92:C1:D8:AA:F0:65 X509v3 Basic Constraints: CA:TRUE @@ -126,27 +129,28 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: ecdsa-with-SHA256 - 30:46:02:21:00:e3:bb:ca:0e:31:2d:39:1d:94:25:81:90:d5: - 11:f9:09:6d:58:16:23:be:9f:a9:18:64:83:3c:25:03:58:58: - 39:02:21:00:a4:aa:b3:f0:09:c9:0c:2f:f7:b1:d4:8e:9f:a6: - b6:ab:1a:c7:37:ed:70:4d:34:04:a0:9b:3d:84:86:10:a0:f0 + 30:45:02:21:00:dd:a7:dd:14:ac:16:24:2f:39:34:83:a2:28: + e8:ba:73:2a:24:d3:56:cf:3d:3b:c9:46:91:4e:72:6c:62:9a: + c7:02:20:5f:02:f5:a4:d1:f1:f8:9c:03:8e:fe:c5:4e:dc:d5: + b0:f9:eb:ad:44:0f:26:35:93:0e:a3:76:ec:e0:a6:8b:ff -----BEGIN CERTIFICATE----- -MIIDSTCCAu6gAwIBAgIJAOdKT+VWl8rDMAoGCCqGSM49BAMCMIGNMQswCQYDVQQG -EwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxlbTETMBEGA1UECgwK -Q2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDIxMDE5 -NDk1M1oXDTIzMTEwNzE5NDk1M1owgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZP -cmVnb24xDjAMBgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYD -VQQLDARGYXN0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B -CQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARV -v/QPRFCaPc6bt/DFTfVwe9TsJI4ZgOxaTKIkA2Ism9rvojUSQ4R2FsZWlQbMAam9 -9nUaQve9qbI2Il/HXX+0o4IBMzCCAS8wHQYDVR0OBBYEFOvUS1lrlWE/UVe2BE2J -QYhEXKvyMIHCBgNVHSMEgbowgbeAFOvUS1lrlWE/UVe2BE2JQYhEXKvyoYGTpIGQ -MIGNMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxl -bTETMBEGA1UECgwKQ2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwP -d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t -ggkA50pP5VaXysMwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNv -bYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCgYIKoZIzj0E -AwIDSQAwRgIhAOO7yg4xLTkdlCWBkNUR+QltWBYjvp+pGGSDPCUDWFg5AiEApKqz -8AnJDC/3sdSOn6a2qxrHN+1wTTQEoJs9hIYQoPA= +MIIDXjCCAwSgAwIBAgIUPo1AoQviX9l/sfOuc0CSwdiq8GUwCgYIKoZIzj0EAwIw +gY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAMBgNVBAcMBVNhbGVt +MRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0MRgwFgYDVQQDDA93 +d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w +HhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBjTELMAkGA1UEBhMCVVMx +DzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVu +dCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf +MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG +SM49AwEHA0IABFW/9A9EUJo9zpu38MVN9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJD +hHYWxlaVBswBqb32dRpC972psjYiX8ddf7SjggE+MIIBOjAdBgNVHQ4EFgQU69RL +WWuVYT9RV7YETYlBiERcq/Iwgc0GA1UdIwSBxTCBwoAU69RLWWuVYT9RV7YETYlB +iERcq/KhgZOkgZAwgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAM +BgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0 +MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb22CFD6NQKEL4l/Zf7HzrnNAksHYqvBlMAwGA1UdEwQFMAMBAf8w +HAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0gAMEUCIQDdp90UrBYkLzk0g6Io6Lpz +KiTTVs89O8lGkU5ybGKaxwIgXwL1pNHx+JwDjv7FTtzVsPnrrUQPJjWTDqN27OCm +i/8= -----END CERTIFICATE----- diff --git a/certs/client-cert-ext.der b/certs/client-cert-ext.der index d58a1dbf33744db35bd898c13de4ad04341f6998..c272305905d0cb1ef7a507767d7910aa5fc3667f 100644 GIT binary patch delta 365 zcmeC->fus0Xkz6sXkz}bfSHMriAlsWs(VW9^?3@xUvge)P1f+!4Y-^(QF)7uk)ffH zk%5u1fw_@MlsK=EiGih|DU>^zn|a~pDU4Fsbx%IT>{Y+u{joBiCw!UjUoTEih?u_d z%%ZDXRToypHwR2Pr{%WWcSCZ@jr9H?8^^L^_4#2k@z)9xw#s{N|G(v`j&A4SBR5W6 zbKX}Gsn}5Q>(yhvEhh33-E-p2S*81~MG9Uq&{;B<+vdf2Zne`La=V@GiZ-mcqFQiO zn}=`9S^w$R=B%>XSwFq-d5Amr?|bvtO zqFj|eXU?YlQvzGWlG*J8kMhp-d(HidooW7>WLfpBA3vF&NIeyN)a2&8I3Vx6j4H>% yS#?}r0!;+&Z8`nUr_MY*JyuXncEYzOEBdfus0Xkz6sXkz}bfSHMriAkjH|1l^3=5BeZxqkY))aOsX{^-@}iOO4K3@r^T zjSLJ;42=ycD!eP>+lY@ zLMy{nQXd*M4zrsliq{IbzI%W6fTaGssf@ALIEDKpU)@qKO;dch_s8@FTf65K3aga{ zn0#H+_v3Qs^&qZK@pkNom>!rFml~{$+NJXTw+08VVQ`D>U)f1NMQ<_IC=^`X#{0_Z zW9x*Chqo6hoMu+~T;Knc$$w+H%ye-b>z9sF5;dJS`{GS<(&i*qe%*UNLr>(4;Pt2H z=6CV7O%ZMTWyC*0;-c<-v9JhE)rpFSE`O^#;kk<8dgAf9my|cwPuozL*Uf36FZ|GB y-YktP94^J0L7uPY{$BP&Uhn8-!=ScT5;J9sS9^c1$^Y7Nc-n6!vzx+9Dct~?)SsCE diff --git a/certs/client-cert-ext.pem b/certs/client-cert-ext.pem index b50da7104..092fcf69d 100644 --- a/certs/client-cert-ext.pem +++ b/certs/client-cert-ext.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 7e:ff:c6:42:4f:83:8b:1f:1a:9d:4e:2f:ba:27:9f:97:d7:e2:ea:ab + 49:5a:8b:94:7d:d7:9e:20:53:f4:6c:ea:2a:93:28:4e:2d:50:d3:66 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Sep 20 14:13:15 2019 GMT - Not After : Jun 16 14:13:15 2022 GMT + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -38,7 +38,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:7E:FF:C6:42:4F:83:8B:1F:1A:9D:4E:2F:BA:27:9F:97:D7:E2:EA:AB + serial:49:5A:8B:94:7D:D7:9E:20:53:F4:6C:EA:2A:93:28:4E:2D:50:D3:66 X509v3 Basic Constraints: CA:TRUE @@ -47,28 +47,28 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 46:c2:a5:a6:32:84:b0:68:03:41:de:37:da:c3:b8:46:71:3a: - 31:aa:1a:f0:81:28:c3:07:37:61:17:7d:10:45:ee:ef:cd:c0: - 19:2f:9e:95:01:5d:d6:09:13:8e:19:ea:da:27:75:66:21:e1: - bd:f8:97:a0:b5:8b:9e:71:13:26:75:50:34:f5:ac:8e:f8:d3: - 89:d7:52:0a:f2:5f:3e:07:c2:02:e0:36:73:75:30:a9:5a:ba: - 24:ef:fb:28:08:0d:31:53:84:3d:fd:1d:92:f9:15:da:01:7c: - 20:70:d5:b6:0d:ea:3a:f1:85:90:b1:c3:b7:71:20:cb:03:22: - f3:8f:e5:02:4f:b1:77:1c:97:17:2c:3b:e9:41:1a:18:7c:89: - d9:8e:5f:34:6c:66:9c:61:79:f5:bd:df:68:2e:14:cc:11:d7: - e5:ce:9f:8a:0d:86:94:15:86:fa:32:0f:90:18:d1:2d:df:16: - 56:58:09:25:91:21:c2:d3:f6:7e:c8:49:aa:00:d7:61:c7:9d: - d2:23:b1:7f:96:b0:79:6e:8b:09:38:2f:13:e1:48:9e:9a:28: - d4:08:44:73:29:52:49:eb:9d:fb:a6:f8:1f:2e:c5:d3:31:52: - 86:ea:18:99:1d:73:ab:4b:f3:7c:6f:f5:84:c3:96:fb:02:36: - d9:13:64:8b + a0:ef:c6:76:4c:e4:0e:69:ef:eb:a3:67:60:58:97:b1:cc:a2: + d5:b5:25:a1:7a:5f:83:50:94:ce:2a:46:bb:4d:b0:63:64:d8: + 67:8f:52:3c:41:76:c6:7f:6f:56:1c:5f:d6:70:60:b5:1f:4b: + b7:ff:b4:d5:2c:2d:89:c3:c4:d8:ca:d6:43:be:78:59:21:80: + 78:fa:ea:e3:0e:b4:34:1f:18:8b:9c:5f:37:05:1b:8e:d6:59: + 11:d4:30:2c:a4:9d:0b:3c:e8:cf:0b:26:cb:88:1e:bb:42:dd: + 15:80:a8:d4:25:70:d5:2b:0c:0e:b4:cd:4f:97:d6:9c:aa:3a: + b9:97:71:e7:54:47:0b:fb:de:9f:ae:95:ad:40:72:87:f4:de: + 87:2b:82:a9:c4:b9:f1:97:25:08:c0:48:aa:9f:f1:0c:3c:3b: + 3f:72:6d:24:8e:43:09:82:6f:ca:10:b4:16:63:07:3f:51:c5: + 0d:9d:4e:eb:0b:ea:07:02:9f:ac:63:1d:27:6a:f8:f9:03:e4: + 1a:e5:11:e2:82:46:43:a3:50:6e:ef:1c:25:08:a1:9a:7e:0a: + f4:51:34:10:de:b4:cb:ee:4c:7e:37:67:67:5d:11:26:1d:90: + f6:e4:a8:8e:8b:87:b5:3c:1b:b5:34:00:e7:78:05:c0:94:7c: + 57:9a:ff:f5 -----BEGIN CERTIFICATE----- -MIIFCDCCA/CgAwIBAgIUfv/GQk+Dix8anU4vuiefl9fi6qswDQYJKoZIhvcNAQEL +MIIFCDCCA/CgAwIBAgIUSVqLlH3XniBT9GzqKpMoTi1Q02YwDQYJKoZIhvcNAQEL BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ -ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0xOTA5MjAxNDEzMTVaFw0yMjA2MTYxNDEz -MTVaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0yNDA5MTUyMzA3 +MjRaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK @@ -82,12 +82,12 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G -CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfv/GQk+Dix8anU4vuiefl9fi -6qswDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B -Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAEbCpaYyhLBoA0HeN9rDuEZxOjGq -GvCBKMMHN2EXfRBF7u/NwBkvnpUBXdYJE44Z6tondWYh4b34l6C1i55xEyZ1UDT1 -rI7404nXUgryXz4HwgLgNnN1MKlauiTv+ygIDTFThD39HZL5FdoBfCBw1bYN6jrx -hZCxw7dxIMsDIvOP5QJPsXcclxcsO+lBGhh8idmOXzRsZpxhefW932guFMwR1+XO -n4oNhpQVhvoyD5AY0S3fFlZYCSWRIcLT9n7ISaoA12HHndIjsX+WsHluiwk4LxPh -SJ6aKNQIRHMpUknrnfum+B8uxdMxUobqGJkdc6tL83xv9YTDlvsCNtkTZIs= +CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUSVqLlH3XniBT9GzqKpMoTi1Q +02YwDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B +Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAKDvxnZM5A5p7+ujZ2BYl7HMotW1 +JaF6X4NQlM4qRrtNsGNk2GePUjxBdsZ/b1YcX9ZwYLUfS7f/tNUsLYnDxNjK1kO+ +eFkhgHj66uMOtDQfGIucXzcFG47WWRHUMCyknQs86M8LJsuIHrtC3RWAqNQlcNUr +DA60zU+X1pyqOrmXcedURwv73p+ula1Acof03ocrgqnEufGXJQjASKqf8Qw8Oz9y +bSSOQwmCb8oQtBZjBz9RxQ2dTusL6gcCn6xjHSdq+PkD5BrlEeKCRkOjUG7vHCUI +oZp+CvRRNBDetMvuTH43Z2ddESYdkPbkqI6Lh7U8G7U0AOd4BcCUfFea//U= -----END CERTIFICATE----- diff --git a/certs/client-cert.der b/certs/client-cert.der index 088abd900d78c337b3fc9c373f3383724ffd2fca..857b8336ca092edcaef86b2b8003b01ab7527473 100644 GIT binary patch delta 395 zcmeC?TF9kr(8MZh(8R*JfSHMriAf|_tY$%2fSY>L+k`E*jBjKecy-5cqQo{SLn9*t zBVz+|Ba-mXouYLwe zZnBM^s=227{Op)(ch6>jD*U_6S7HW7bk}q3(|a?f%P_5SjO6{n7jWGpzwrn|L0Ec< g)aI~1%3oSM&A!)LOtHA-(0E|yhPAKGF90Bwh`^Z)<= delta 381 zcmZ3;)y*Yg(8S7a(8T)@S#dw% zS->=BVaCJQoIX7(m3zCd$t+)^cQ)L`<6F^#r9o^X}h+eBt0;% z`peZsi@?nij|Ievz0JD1l32fnb?sApSW&xwt?N(juj>~iG5)ppyl-jq-|Yq0znJXZ zj!RQM#>@`%*^@hevBKMz9uHUU#nr)m;9oLGVTHy*+|({`(kxfYc{fN ZJFrS))#REBd!5%#43Mez{mk^_IshX|qznK6 diff --git a/certs/client-cert.pem b/certs/client-cert.pem index 87480f2e0..16c2975d7 100644 --- a/certs/client-cert.pem +++ b/certs/client-cert.pem @@ -1,16 +1,17 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 17391944375755183620 (0xf15c9943663d9604) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 53:16:7c:a0:56:50:46:27:82:ed:60:b4:da:33:d8:6a:c0:ea:dc:31 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b: 2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07: @@ -37,7 +38,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:F1:5C:99:43:66:3D:96:04 + serial:53:16:7C:A0:56:50:46:27:82:ED:60:B4:DA:33:D8:6A:C0:EA:DC:31 X509v3 Basic Constraints: CA:TRUE @@ -46,47 +47,48 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - ba:2b:48:d1:a8:e3:c2:84:42:96:a1:7c:e5:f1:46:ba:4c:f7: - 87:57:c7:78:c8:c1:32:c4:69:ff:85:bb:5d:6a:dd:c9:87:7e: - fe:bb:f4:fd:15:0a:4c:94:95:80:30:90:45:03:f8:33:87:ca: - 5f:74:38:a4:d0:5a:c7:65:38:c3:b0:e8:87:b1:49:32:b9:ac: - e9:fb:d3:08:1d:a4:51:7b:d7:d9:4b:79:35:a2:3a:0b:e4:0c: - a0:02:9c:a1:68:e1:5d:6c:8e:2e:3a:24:de:bb:d6:1c:a7:ac: - 2e:cd:57:44:48:f6:72:e0:c7:5b:93:dc:7d:5b:64:0e:17:84: - 68:2c:95:1d:2c:86:d6:b0:74:67:51:6e:7b:f4:d5:61:38:51: - b3:18:e3:10:16:73:4b:36:8a:8a:62:05:f5:56:8a:be:21:e1: - 78:7d:bf:ad:45:f9:0b:f5:af:a0:62:01:fd:3f:49:df:39:3c: - ff:46:e8:0a:fe:5c:6b:bb:41:a5:64:f1:5c:9b:51:4c:bc:6d: - 9f:a3:20:ed:e9:48:e1:a9:be:08:2d:85:42:59:d6:43:7d:47: - 22:a5:fa:1f:a2:58:76:0b:70:1c:1d:59:1d:aa:be:5d:2d:25: - 7c:b1:06:b6:c0:aa:28:aa:93:7c:d0:bd:43:ad:91:50:1c:7b: - 4d:f3:e4:d7 + b8:e8:e3:2a:48:6c:04:8b:f8:81:14:1a:ce:14:ed:c7:f0:d3: + cb:9a:91:d9:2c:1d:6e:73:36:8f:a3:61:c4:1f:da:d1:4b:b6: + 40:d0:6a:c4:2b:43:c8:2f:fb:ee:5a:c9:41:9d:2b:6f:f3:39: + 67:20:ec:7c:d6:a0:7f:06:79:cd:52:2c:c9:3c:5b:bf:e5:01: + 47:90:f0:82:88:f1:3d:45:25:f4:d1:4b:ec:ac:3f:1b:ce:a1: + 0e:61:a0:29:41:f6:21:0e:9f:73:b3:39:34:c4:1e:55:5f:9f: + e7:42:ca:ab:8f:3c:62:86:26:94:b5:b7:8b:7c:65:4c:3e:b7: + ac:f5:51:0d:a5:14:0f:6f:2b:fe:62:95:26:1e:10:52:ae:44: + 58:95:dc:b4:c4:76:2f:14:28:64:45:aa:94:61:da:1a:d0:cf: + b3:3a:83:c8:66:fb:e8:58:dc:d4:91:4a:9a:e7:c8:b6:ea:f9: + 52:19:b2:3d:5f:95:29:ac:8b:cf:9b:5c:d6:dd:cd:6b:f2:71: + fd:b6:4d:18:98:08:5b:8a:e7:2b:cb:bd:68:97:1c:02:aa:41: + 59:0d:f8:0e:50:d7:48:6f:81:c4:00:70:56:67:64:1a:b3:56: + fc:23:f4:84:49:36:f7:7f:38:94:38:da:40:81:c0:b9:b0:ad: + ea:ce:38:f2 -----BEGIN CERTIFICATE----- -MIIFBzCCA++gAwIBAgIJAPFcmUNmPZYEMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG -A1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0yMDQ4MRgw -FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s -ZnNzbC5jb20wHhcNMjEwMjEwMTk0OTUyWhcNMjMxMTA3MTk0OTUyWjCBnjELMAkG -A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT -BgNVBAoMDHdvbGZTU0xfMjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEY -MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwPRK/45 -pDJFO1PIhCsqfHSavaoqUgdH1qY2sgcyjtC6aXvGw0Se1IFI/S1oootnu6F1yDYs -StIb94u6zw357+zxgR57mwNHmr9lzH9lJGmm6BSJW+Q098WwFJP1Z3s6enjhAVZW -kaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbfG36/TpfQEOioCDCBryALQxTF -dGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnNrv94bHvAEgPUTnINUG07ozuj -mV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAYE7BjtXJOMMSXhIYtVi/XFfd/ -wK71/Fvl+6G60wIDAQABo4IBRDCCAUAwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeR -xybXhWXAMIHTBgNVHSMEgcswgciAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGkpIGh -MIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96 -ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWlu -Zy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEW -EGluZm9Ad29sZnNzbC5jb22CCQDxXJlDZj2WBDAMBgNVHRMEBTADAQH/MBwGA1Ud -EQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr -BgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAuitI0ajjwoRClqF85fFGukz3h1fH -eMjBMsRp/4W7XWrdyYd+/rv0/RUKTJSVgDCQRQP4M4fKX3Q4pNBax2U4w7Doh7FJ -Mrms6fvTCB2kUXvX2Ut5NaI6C+QMoAKcoWjhXWyOLjok3rvWHKesLs1XREj2cuDH -W5PcfVtkDheEaCyVHSyG1rB0Z1Fue/TVYThRsxjjEBZzSzaKimIF9VaKviHheH2/ -rUX5C/WvoGIB/T9J3zk8/0boCv5ca7tBpWTxXJtRTLxtn6Mg7elI4am+CC2FQlnW -Q31HIqX6H6JYdgtwHB1ZHaq+XS0lfLEGtsCqKKqTfNC9Q62RUBx7TfPk1w== +MIIFHTCCBAWgAwIBAgIUUxZ8oFZQRieC7WC02jPYasDq3DEwDQYJKoZIhvcNAQEL +BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t +aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0yNDA5MTUyMzA3 +MjRaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH +Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt +bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDDA9Er/jmkMkU7U8iEKyp8dJq9qipSB0fWpjayBzKO0Lppe8bDRJ7UgUj9 +LWiii2e7oXXINixK0hv3i7rPDfnv7PGBHnubA0eav2XMf2UkaaboFIlb5DT3xbAU +k/Vnezp6eOEBVlaRphNCjdI8QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ +6KgIMIGvIAtDFMV0Z7Qygm+NhsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8AS +A9ROcg1QbTujO6OZXp3I2QyFs9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4w +xJeEhi1WL9cV93/ArvX8W+X7obrTAgMBAAGjggFPMIIBSzAdBgNVHQ4EFgQUM9hF +Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH +JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw +DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM +EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G +CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUUxZ8oFZQRieC7WC02jPYasDq +3DEwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd +BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB +ALjo4ypIbASL+IEUGs4U7cfw08uakdksHW5zNo+jYcQf2tFLtkDQasQrQ8gv++5a +yUGdK2/zOWcg7HzWoH8Gec1SLMk8W7/lAUeQ8IKI8T1FJfTRS+ysPxvOoQ5hoClB +9iEOn3OzOTTEHlVfn+dCyquPPGKGJpS1t4t8ZUw+t6z1UQ2lFA9vK/5ilSYeEFKu +RFiV3LTEdi8UKGRFqpRh2hrQz7M6g8hm++hY3NSRSprnyLbq+VIZsj1flSmsi8+b +XNbdzWvycf22TRiYCFuK5yvLvWiXHAKqQVkN+A5Q10hvgcQAcFZnZBqzVvwj9IRJ +Nvd/OJQ42kCBwLmwrerOOPI= -----END CERTIFICATE----- diff --git a/certs/client-crl-dist.der b/certs/client-crl-dist.der index 60553fe4c72b760298b0aaf7d7dcc5b5f75ba158..bfe203bed659f89589cc430f21cceef754858bc5 100644 GIT binary patch delta 332 zcmey&{+V6bpo#gtK@-#U1b` z21dpP=0+w_;=D#C29}1V5bnlToJ{p*GbYyu?mvC`t^UN$IDVf6DRx<})b3Y$FWAtz z16ajTuLC@9m4zVky3$@l35dO5^F=Lz6kn*2QUt)iupc zDf)B#ctoVbiA8#p_0z#_zbhjj0zT<4|dL+8BeEaLsT_Vjbp#b5t)r7qL0 z{~;MwqrOn$g4WZlwQ;{W&J_J!Fa2e%o}6Zb-|M-pkyU)L!+*r5AES6oaHgH`$47&CgoRlo12~0r;H( delta 332 zcmey&{+V6bpo#gtK@-#U1L*DxEo(_GSzd6Ulcf3yDtCD`8Zh%xpr&E8iS3^4L|a8y-!a3 z5OYQ_;{58fEe3}kmoc`xTfMs}9ro>Rm0!>8mFwMRgf%pVKhk~9yL*Y$j?EToUwn5?@bV}9H{?#|@SCVE zt@kSUdgGqU-J2hS-`d2M^D?hnnmyxC@TH>q`gi{y>nsS{cX0V)vAKO*HktCK8x0xw zzZ5OzdY0cl`{AZ%d&B=;YMJSAhu!?h!jo%5^Jd&mxl_`tXf$WV%Cu)}39?FU1&LY0 n>c^`CHk+T>blURoHl~DwLH7bb{!VgJ>M~#RLHwT+Q{`Czt$mx| diff --git a/certs/client-crl-dist.pem b/certs/client-crl-dist.pem index df53d1c09..76f013f2d 100644 --- a/certs/client-crl-dist.pem +++ b/certs/client-crl-dist.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 4e:b5:44:5a:f6:c7:eb:36:14:4d:24:cf:36:17:41:be:87:f1:52:d9 + 60:ee:3f:b5:d7:49:3d:a8:9b:a7:c6:c9:4d:fd:d4:aa:3f:d4:b1:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = CRL_DIST, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Aug 5 20:11:31 2021 GMT - Not After : May 1 20:11:31 2024 GMT + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = CRL_DIST, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -39,27 +39,27 @@ Certificate: URI:http://www.wolfssl.com/crl.pem Signature Algorithm: sha256WithRSAEncryption - 09:17:d1:10:ce:7d:ae:6f:ec:cf:5e:1d:38:1e:87:3b:41:7c: - 30:b1:83:80:f8:6f:6d:4b:c9:91:f0:5c:cc:11:58:cf:ab:cd: - 84:30:c2:e3:76:01:87:47:3a:ee:d9:1b:56:f6:dd:7a:4e:8c: - db:a9:af:46:98:56:80:81:57:e2:2d:e7:0d:bb:a4:3e:b4:b3: - d4:9d:fd:cc:06:56:13:4d:c0:18:2a:f0:4c:b9:2e:af:26:a6: - 3a:2f:02:77:93:7d:92:de:c0:69:96:d4:c3:65:1e:6e:f8:7c: - c6:9b:12:87:a3:dd:9c:53:a7:e4:8f:d8:1e:cb:6c:0f:34:25: - a5:4a:70:f5:d8:de:44:dd:d9:f1:53:ed:3c:5d:77:0d:03:ae: - a5:6b:98:c2:53:d2:72:7f:7f:ee:ff:e3:2c:a0:56:be:c1:a7: - a3:16:9d:8e:0a:3c:69:1f:35:b1:31:00:0f:f4:72:a3:0a:e6: - 6f:87:9b:e1:b2:e6:bd:57:fd:d2:84:99:48:dc:07:37:c4:a1: - c9:ad:55:6e:98:db:64:dc:74:83:21:32:9c:a8:a9:66:e6:06: - 60:1d:22:86:70:61:6a:13:27:c7:7b:50:b3:37:cc:b2:cb:39: - fd:b6:02:60:c1:52:de:51:f1:fb:62:46:22:8a:37:ac:f0:17: - fe:42:79:cd + 36:98:93:7f:51:bf:cb:d3:ed:2f:91:89:5e:0f:4c:a0:64:3e: + 6a:ea:26:df:79:4b:a0:b0:89:a4:fe:87:e0:c0:84:da:cf:62: + 53:46:60:f1:ef:44:8e:a5:67:c9:d8:98:c5:6d:de:be:5e:2a: + 04:73:d0:28:e6:26:8b:5a:28:e5:9d:c2:93:09:76:ae:5e:29: + 56:7e:82:9d:64:72:fc:c7:c7:58:59:40:e8:64:ad:ab:f7:58: + 88:e4:4b:72:54:30:4b:d5:08:48:9a:93:4d:c2:74:89:83:63: + c5:be:16:21:a3:9f:19:77:74:8f:77:46:77:67:a4:39:06:2a: + c6:a8:78:96:e3:98:f6:6d:74:81:30:8b:ec:a1:b7:5a:63:69: + 1d:3b:13:31:b8:1b:8d:b2:6d:43:a5:cf:55:9c:ea:89:72:0d: + f5:ad:cb:e7:35:a3:f5:fc:8a:65:a6:2d:7f:f8:19:5a:7c:27: + a1:18:d0:2a:e5:6a:ad:5e:fb:08:cc:72:fd:af:1b:f4:9d:2e: + 1e:29:80:4e:eb:9d:85:59:2a:d9:b9:2b:a1:de:63:56:a5:e0: + 17:ae:af:da:18:f9:e6:83:55:f3:62:09:ff:fc:2e:1b:49:13: + 69:1a:bd:27:81:a5:d0:6c:54:21:52:1b:55:b2:3e:14:b5:6f: + 6a:ab:68:52 -----BEGIN CERTIFICATE----- -MIID7zCCAtegAwIBAgIUTrVEWvbH6zYUTSTPNhdBvofxUtkwDQYJKoZIhvcNAQEL +MIID7zCCAtegAwIBAgIUYO4/tddJPaibp8bJTf3Uqj/UsbEwDQYJKoZIhvcNAQEL BQAwgZYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxETAPBgNVBAsMCENSTF9ESVNU MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A -d29sZnNzbC5jb20wHhcNMjEwODA1MjAxMTMxWhcNMjQwNTAxMjAxMTMxWjCBljEL +d29sZnNzbC5jb20wHhcNMjExMjIwMjMwNzI0WhcNMjQwOTE1MjMwNzI0WjCBljEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x FTATBgNVBAoMDHdvbGZTU0xfMjA0ODERMA8GA1UECwwIQ1JMX0RJU1QxGDAWBgNV BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns @@ -70,11 +70,11 @@ us8N+e/s8YEee5sDR5q/Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN b42GwohAmTaDuh5AciIX11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZ DIWz2YrZVCbbbfqsu/8lTMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb 5fuhutMCAwEAAaMzMDEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3d3dy53b2xm -c3NsLmNvbS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQAJF9EQzn2ub+zPXh04 -Hoc7QXwwsYOA+G9tS8mR8FzMEVjPq82EMMLjdgGHRzru2RtW9t16Tozbqa9GmFaA -gVfiLecNu6Q+tLPUnf3MBlYTTcAYKvBMuS6vJqY6LwJ3k32S3sBpltTDZR5u+HzG -mxKHo92cU6fkj9gey2wPNCWlSnD12N5E3dnxU+08XXcNA66la5jCU9Jyf3/u/+Ms -oFa+waejFp2OCjxpHzWxMQAP9HKjCuZvh5vhsua9V/3ShJlI3Ac3xKHJrVVumNtk -3HSDITKcqKlm5gZgHSKGcGFqEyfHe1CzN8yyyzn9tgJgwVLeUfH7YkYiijes8Bf+ -QnnN +c3NsLmNvbS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQA2mJN/Ub/L0+0vkYle +D0ygZD5q6ibfeUugsImk/ofgwITaz2JTRmDx70SOpWfJ2JjFbd6+XioEc9Ao5iaL +WijlncKTCXauXilWfoKdZHL8x8dYWUDoZK2r91iI5EtyVDBL1QhImpNNwnSJg2PF +vhYho58Zd3SPd0Z3Z6Q5BirGqHiW45j2bXSBMIvsobdaY2kdOxMxuBuNsm1Dpc9V +nOqJcg31rcvnNaP1/Iplpi1/+BlafCehGNAq5WqtXvsIzHL9rxv0nS4eKYBO652F +WSrZuSuh3mNWpeAXrq/aGPnmg1XzYgn//C4bSRNpGr0ngaXQbFQhUhtVsj4UtW9q +q2hS -----END CERTIFICATE----- diff --git a/certs/client-ecc-cert.der b/certs/client-ecc-cert.der index 9d87cc3dde0d41d6db6b62761999640d753558ba..5cf2ff67c679848f57303784c19cf84c7a7521b5 100644 GIT binary patch delta 210 zcmX@h_J~c{pouxopoy7f0W%XL6O)Ktufsy_NAWl7H-27M>@exzja45~CrT`mGBh$W zFfukUH!_V9=QT1hurxG(#$5)D+b92LT+4+paPmQ> z2ro|t12-l`hR3^4@fqq`%1%*joN!g}CueSinDV~)Dj6-0t!v)_>*IW*Fs5#?|oTPm(wk zGEMx?&A)G+NzR&M^!Mh!Nou0~7d|r?=!A)$yr0@($#X()33EnP1IJ0On}13h3cU3e bP8Q&9a5?_)4DV#C{DpH)hwQCqc&G;e%YZ;@ delta 175 zcmeyw`iWK0po!_7K@(H)0%j&gCMG5U#)*QE4J`}}3@r_fO$-f;qQrSkKwLv8 z*PwCQL+p{N_3>iBAlxs}?JUee!^`Gy;PBES00cELs)@`Xdru5}Q ZUePnfa=k0oxgBm>(u0p_#Mc>fK$iT?hz}(0*N}Sio#K6+f6v{OaF%V*6WD@5!GDIkv_*k{R`@oLV z%rQL|gEt-B==*u|3*r6o%cahgykJW^c)IiOvC$d@b!~wRn>A9KH zD)z3t7}?4%tf{N-**>L3WQs)zi`W!_SDy@Tm~2md5f|h?ZO#68|D1QRELv)tG;8Lv zHErJdEc&WoQP@?J(xy1A&&Se>rW|8xeo-IMs#|~kXC`TaO$a@PFaZnj{N;|WVT*USp=+B$D@ z0p_#Mc=^C(A2=p*wolCN}Sio*wDbx2+B1OF%V*6WD@5!GDIkv_*k{xU|CD{ z?icENufP5Eg!dDJx0a-&nEWNf2Tq<=7Wr#@vwsGqEUfaI(As!aclW2$yM5IU-M>** zSMPBCtHisBN`2M2ewr%RZ^s5kM?C+T-v6{xo_~s*%7uU^S*y}lJJSo_ywA)LySs>6 zgg^b$#_e@$U4QC6a(zAH!?WdrCnEz*JL|U|`J0jE-Y;{Z_S&j*4a%FIZD8^Y6PMDy zyuf)?(#{2?C(~3xHW&S2P@}Lhd#0q|v2Dvu5*N%nX|?A6=J!V~coUwy< zLcU9hisAqC8NLF$ziM;+5Q<*E{Em00p_#Mc>fK$iT?hz}(0*N}Sio#K6+f6v{OaF%V*6WD@5!GDIkv_*k{R`@oLV z%rQL|gEt-B==*u|3*r6o%cahgykJW^c)IiOvC$d@b!~wRn>A9KH zD)z3t7}?4%tf{N-**>L3WQs)zi`W!_SDy@Tm~2md5f|h?ZO#68|D1QRELv)tG;8Lv zHErJdEc&WoQP@?J(xy1A&&Se>rW|8xeo-IMs#|~kXC`TaO$a@PFaZnj{N;|WVT*USp=+B$D@ z0p_#Mc=^C(A2=p*wolCN}Sio*wDbx2+B1OF%V*6WD@5!GDIkv_*k{xU|CD{ z?icENufP5Eg!dDJx0a-&nEWNf2Tq<=7Wr#@vwsGqEUfaI(As!aclW2$yM5IU-M>** zSMPBCtHisBN`2M2ewr%RZ^s5kM?C+T-v6{xo_~s*%7uU^S*y}lJJSo_ywA)LySs>6 zgg^b$#_e@$U4QC6a(zAH!?WdrCnEz*JL|U|`J0jE-Y;{Z_S&j*4a%FIZD8^Y6PMDy zyuf)?(#{2?C(~3xHW&S2P@}Lhd#0q|v2Dvu5*N%nX|?A6=J!V~coUwy< zLcU9hisAqC8NLF$ziM;+5Q<*E{Em0qH0H`sIFyYj&K?4rgNGU}$J!k8t)f7kTtMOmlBg!@;FiAI)#B zUA>Yqz*o_cn``P!qd@0JA)f9&9nA|rPkopX$Hx6E#JhZ(QCZy%)dhEz@6A&9_bDpN z>EUT1-Ggr$S|-`Cr5DzP7cAH%)gRZw(USRo%ZswEyVv`h6V_A()l@&S_NZ6d;nXUb zzk1T8larS4$Q~7a^Edm?@i&qm4ca5QJvN)NaR=;?JNy3n`z#EV;xwu376F+NMlZDp2`C=cI*KbpOCOvJTJwK;G7emi>?xQ_*<|?1ve{BBs zw_EN?*=Y}pXm{ZZv%6vkzSJG){Oysw@*A6(3sd0n&kj3+GH!R)y^(aWIC)k2t7zP{ zqsu~Cx`pyB4NuNIwn6Xyo`ynB(*^P+iUz!*-=r6LZ=RubZm015BjtD89S*zIowEbxe2I`xZtX%yxs^ROLY^Go9 zH?(ft!LWvV>8*1QuUzgw#x^(VkHqYUacBKXRT-4_sH^Z!o%8mnZ|}T4O{+R}durZB z2Zk3Ju5J1L=AF}u${!(Ct!od<*IxCuYWx;qR{#F*Ddz+AzR#?UFTM!f_Ij;q*)E&t zQiwo17t*3d-Kj`b0-lq^y>~V0>nbKPA8@Jzl%=f#r<-`(q_NHCg z{k)PbOQ%OqTXS{Aq%^N(YfKN6iL5#({yP3wcwdO7`SRQ&XT-NXXIUY+-dN`MLfPb` z6rEjO7i0sze0K;rW}#3oc&5&+_?PW7*Ol{KYn5idw|3#JOQ_Bg7dPP66Mwh2pkL!s z^_OX1l)q%KaI=eunV;Ek>}TY)kAIJu-~2i&qk+jX(XDsRnJ4y^KT}qgM0aI(sin@B z71R1Ev*y{|y%VIkl;8ZgwMkTBu{2|geSl8l3wQbLpSSFPRpa!&A|)s2T7Be!33J{E zEpIA{-szpQRrc)JS(_GlWF=`9%~N`R(#cmOT9uW-b*a_HOWh_HFJH6x_0c~eQ|&<2 z`}B3oyOi1&rEM|!ohOp;UO;}j19yt9N#SWGkp~}-#O?|USmJZm%;mRF^Dd_@dBfi1 znmewXeUWEoi1o*R>oxnn=%IsJLC)v;J^fq4<})icYJHm1`F>xdvgWRPD>mP{%5-)1 zpCbL32|i{w_jFG4U~byp*SoAu_2Cb_&tYvIjFza+kU*f0Zu3ztWML7RDF)hCBQF)BdWA~kwHCuQtF8MHV1*>q8 zc{fjec!{Q(^}9FyvCZ=DG%xeo-dE*t*;Ui9N9Ijj?!ObMEw{QKA9?q1Zdk8tauv7S z$|A!QeF=B-qA%~hyRqN-8>w~F(ACrS$?}V8&ePX#W#YQQ^Yqu-i4&N7PcJC@lI>qE zA+mKV&*B@O4yUY_&u$7T{~{v!+-_Pz?=*&nEdJPAVf8;>UHG#2h-*mncax=0&mIi> zadGd0$7joJj|aZidh;@T*AXYH(8~E&lfTCr3kKW`Th3SM5`BHK`;RXg2kozB7)5GN zX1$zYxua=csmJ8$K3q-gOQK)IuD#na$?=8Gl^wrt7Ce1pkfA%PUb$qg*z^4gm(NV7 zIj?!5V8Tg_qjTcs@zryjY<#D8<3CKvlU$X08^znQwW;Tuw_l`dNX1B@Ij3h9c<8 z>KkGm8&gCVU2@6s3G7W$e;hYy@s4+PE6*;e);oIj&ARG2dl#uWUfZlz%Xy`=r$IP* z9rL3%C$;7zeb^x^By4`mTSNSNp{#iQJ^N2@=A2+TnYBsCAlKpFsgT2uo?c6xJ~cz5 zF!^!Y*(YaTEm~fEuh+WO=|P?P?{mLxT8;&+GVbeSar*p1;j8HBd2iJx2`pLk{zT-a z1rc{ATvMLWm|(JdhltsgE#K0GWEyr~`Z95LnaVpAV|H0fu~qYmT95ks9S^S+P=CcA zU6fFNJb&3&=gwDMc2oW^TYD7$&a delta 2247 zcmew-_)XBkpo!xX6C<-h6UPoVPOUbNw(q=*?2HSVI99SWaV#}x;#g?V#6BG%#kQb{ zy~Ci1y@iR9!Jvt~cA|r9y+vxCYi_aJBqk;fhK45gfY3Qtr3Kk1$xZm0czeoxFxV;gHrynimraU)QtPz{8z8$ueZFJ)4sT@WZ|;N(wloPX>G6zOP|e2Oi@i!0`Dc~#%9(pqI%wf4&z)&)zxr%e4c&D(Z; z4~sj0{o26$vRhw>Zd2$B?R2W%xX@(HE1#Hed|vB?4_*G|D_ZIGCJ-}8S#mnbv)t2xtuusAH-{%dD;*Zw&<_w=$C>qUw3tz$_3 z#2vlyS0R(H%s11EwQ*;T-hDIq|BtzO5jUq?*5FN1-;$S6FZozaFDYbh<^|cR8Isnk zLgq^7TAkf^e}?{-+WJi$6%Naq9oiVb-Sp>R6`Al~wpK`Z#_#1nW+s$Mp~G_^h+l{kY>>BVeSov(a6^W(G(W2SL z^`PQV-wnswzpUI6p;G@RJTAvGZvC^=i~KojA5Q+3D#@Ud*7f&t+HKpJZZ%Kbax-73 z8M0OXdp|2f<%RCE$48`(xS3xP@H)s?m@TrkASISF?6dibB?m%}T;A|vqPywxV&}q* z{fk`ww(9S(@%WNAtAb;V$d@A`1rKgW*R|~Vvv2C+zpJXs*e038hx~crQ(qhE^6T-w z829{ziou_lm!5w#UHIdV(31~!<9``mvYPoRsyFdN_UwJ~j#rjmcrYpLJ+GNaL+m@l zo@KR1$^;TWO|;m$>6=^af^TA{ZM~vrwTs88e?K~l`E~Skce8Rs#V?<}c5s-7rv8>| z&okYAK08r)-W6w$uN_Ito|{~qw#}NQKK`wSxwP)whL5+poYL>Ky>4k2cdFj;LaG5)vckik2 zTF+we-SFx|>6>fvg5h7ZC#m`7_T;t~ZG7z`F!L_U_hX0bD(3Jl2r&}IEiQO#{XTL zvtqtPCfomh$$ZGY?BD&jc2+NXF0Et#HK*^>zMES2!cP3VEqmtD?<+g@p3U#8d&Kk0 z_qA2lC&j!cMO>CbUH7fGd%7^?EoN&Cnw1ou!u?k)HLBjosd7&Gx(f$)%e{NZV#;wa zK`Z=ry@%?-kP1fcLlHhUF5=rd^*y)gU%nRCd3x22)3^E-zIitLv9R!M-E$TXUE5#m zan-k9zV?aKoA&P?l@|uxyt}Ak{S&7mhEHZZf~{WHk8`r7zxBM3vPOn=f2k~c!G@iO zIc?0F<2sI=+u!{;zJ5uAYWJtZp0f9AwazVk_T<2^IrgjTjZa4@J%2U1>#Vr%hl-+W z5wQ$P3J3Pg3qEOdsF$g4#gc$q0lsYW_f%fF_Vv)R9Zzm4L~`gbEamVPp7C_S6|Nb3 zxD}u3&6xi5M3KJLxw`8UxJ{l(hzN#?Z}K+j3E*XC{#6;eZ}qJW7s_90);BM%`g*|9 zhC%7OhQ)%j+j6(AEl$$D;@0KK|MdUnbH~_?Q*}=MUAwNDqpeiugMOp^fA^DCzY>h6 zCEPbMmi7OA?nd_9fEia_tX#hJc+xkiJv+6cxYZfw7gxpqELzI8sap-sRFP#8`9uR#QfDo%C$(ZQ1PgFG`q9Me8-~SQ*!+yttXkQdsZzH$-{f)|w^r zK5pJSPDAq?`9`fa_+3J7A z@|2J1{oE7sJ4CBoH?zCBly7qX_H$;9*PUPU{(b+(etX8r1rrw?dDXy!q|r$L#= z6=xW#oZZiU-eX$y^?UywR6JdnP_S=DW~ftX+xway4N~JGYc=1y{WTIJs=`?BYWYeu21qjEs_zN1XgTb`~8?*afE1x@-C5ETlGa) z7FMhX-1si8^~a2RehPcam^_+O%M|*rN*JE{$NYWjogTK++6VJJi|1GOdAv7hVq`+p z$BYXaCtqXNug{rSR_ZwY`z25v%+fev_GFs~4^_pFulK~&6&zXn@RiJRyD3H)ml)r& zPpg#@->bCGlI`9iBdK4ziY|5TjxSneaQMi+A6sLtvluX#9lO$WG@2p&)BQs|Zv^*j zyP7mz#dVsc(PvGeoJ;YUUMk;&dMDP_zcydDZo`Gey@wAUuFtD_;$eT5?=nAkKfhU$ zjNCS_de*oO?G_`(b@%uD*Koi7$57Qk8SZLMQA05n5$=DrZ!Km%+4$VdCHhQ|{w}5BQVqe literal 122 zcmXr0U}9usQDC~*tNFW;V~$=)#*+TBW4}xv?YgTQS)$-`n7vo`&bQqQxY;pS3ezYbtg%6+g7KTcbZ|3SDb6ha|u!wJ>h&HNkB}_>vYG3(gzmV e4J|423s&9OZ9L)N?MAnCFB?xXXKp>W_B8-J5i||} diff --git a/certs/ecc/bp256r1-key.pem b/certs/ecc/bp256r1-key.pem index 165d0a867..592a6459a 100644 --- a/certs/ecc/bp256r1-key.pem +++ b/certs/ecc/bp256r1-key.pem @@ -1,5 +1,5 @@ -----BEGIN EC PRIVATE KEY----- -MHgCAQEEIALRjSn7gQicLnRopI92xvo14rrdLVl0IEzDB40t3Pa7oAsGCSskAwMC -CAEBB6FEA0IABC7vJ8tXOtxiJba1QlzuKVbjqM6GbkRSIxXIQ8BiEBYeSsuI0HXg -OGuAhGSfcKrYuzOQwduBRq7pgckDabXOres= +MHgCAQEEIEnTbJH3PQMWXFs1LveV+8qEYXGzmzC97+IDxRFtg2sXoAsGCSskAwMC +CAEBB6FEA0IABJ0I3Fm3EF3kWH6qYt16iWnStRgoXSIxfG+luzGQQiDtnCnqSnQz +oZNPmiZyYRxLcjmfrGPVskLfDrTyfsdI6ww= -----END EC PRIVATE KEY----- diff --git a/certs/ecc/client-bp256r1-cert.der b/certs/ecc/client-bp256r1-cert.der index 2a70bc9fe6eaf7e999ed1453eadf7682f337f12c..6526379f79709d8c479701d11eafa21d3434aa98 100644 GIT binary patch delta 279 zcmX@hdX81upo!^}K@(HK0%j&gCMFT<`@1w9cDD=8ShOL;^>tM+lT~NYMCEnThK5E) z21dpP=0+w_;=IO&hDL@KQ0_$id6T;sr5)yS+=<*S5c?#eZdKCVs?N+yTO~ANl?-e0 zm+m&4;H2<&j^-<`661xF{b#8aCCYdgSW+K7=9&DIQQ!3ZUJkGQ zcP`evy!r2i^{_L`2{2J&pop|Z*>5(Z)oBG?p6_GGg0^k6V>Wm05l^wEiRx%KAB zock+|O52A(=F20{;8k# z&+F=cY&^|HKK<2ZldA^uY|Npu$}AEFVhtkL6ioJHvhi?dFmPc~(Ac)+^}2(z3%Num zO}?fpwCumG)>q{fkM8H(G`>>*Qjdd4!T7c7s)IFV2NQxg`E;LXdCK0{bhOfL-<8Cp LA{VxOa=HQlJcV?p diff --git a/certs/ecc/client-bp256r1-cert.pem b/certs/ecc/client-bp256r1-cert.pem index bdc13916e..7435009a9 100644 --- a/certs/ecc/client-bp256r1-cert.pem +++ b/certs/ecc/client-bp256r1-cert.pem @@ -2,22 +2,22 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 23:c2:32:32:87:c0:20:35:77:e6:56:4b:ba:d3:ba:19:de:0e:ed:9e + 3b:df:ba:29:40:bb:87:11:98:a2:b0:54:45:eb:7a:53:02:3a:89:72 Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 15 20:13:58 2020 GMT - Not After : Oct 13 20:13:58 2030 GMT + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Dec 18 23:07:24 2031 GMT Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: - 04:2e:ef:27:cb:57:3a:dc:62:25:b6:b5:42:5c:ee: - 29:56:e3:a8:ce:86:6e:44:52:23:15:c8:43:c0:62: - 10:16:1e:4a:cb:88:d0:75:e0:38:6b:80:84:64:9f: - 70:aa:d8:bb:33:90:c1:db:81:46:ae:e9:81:c9:03: - 69:b5:ce:ad:eb + 04:9d:08:dc:59:b7:10:5d:e4:58:7e:aa:62:dd:7a: + 89:69:d2:b5:18:28:5d:22:31:7c:6f:a5:bb:31:90: + 42:20:ed:9c:29:ea:4a:74:33:a1:93:4f:9a:26:72: + 61:1c:4b:72:39:9f:ac:63:d5:b2:42:df:0e:b4:f2: + 7e:c7:48:eb:0c ASN1 OID: brainpoolP256r1 X509v3 extensions: X509v3 Basic Constraints: @@ -25,33 +25,33 @@ Certificate: Netscape Cert Type: SSL Client, S/MIME X509v3 Subject Key Identifier: - B4:1B:3B:4F:65:F2:BF:9E:8A:8F:E3:33:96:44:1F:67:EA:B3:34:D5 + CF:BD:08:4A:BF:DC:D1:7C:E9:D9:FE:E8:3B:FA:84:63:07:7C:88:DB X509v3 Authority Key Identifier: - keyid:B4:1B:3B:4F:65:F2:BF:9E:8A:8F:E3:33:96:44:1F:67:EA:B3:34:D5 + keyid:CF:BD:08:4A:BF:DC:D1:7C:E9:D9:FE:E8:3B:FA:84:63:07:7C:88:DB X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment X509v3 Extended Key Usage: TLS Web Client Authentication, E-mail Protection Signature Algorithm: ecdsa-with-SHA256 - 30:44:02:20:28:b6:b4:eb:ae:c1:9b:71:0a:15:92:93:d6:2d: - 12:a6:ff:2d:2a:f5:23:a8:e2:df:6c:d9:33:d4:7f:e9:2e:08: - 02:20:33:eb:45:aa:c1:7c:36:c1:60:52:09:0e:2d:e4:2a:49: - 1d:d8:b2:c5:79:3e:be:d4:61:c5:14:d0:b6:f2:42:d4 + 30:45:02:21:00:81:4c:2c:5d:44:da:ec:e4:9c:df:a8:c6:93: + ad:fa:45:68:43:6a:c2:63:00:60:e7:a6:3a:01:c4:95:ed:d8: + dd:02:20:74:94:80:83:97:25:17:6d:8a:28:dd:31:c7:ee:2a: + d9:13:f8:3b:48:a0:88:15:26:79:df:d4:00:7c:07:58:f8 -----BEGIN CERTIFICATE----- -MIICyTCCAnCgAwIBAgIUI8IyMofAIDV35lZLutO6Gd4O7Z4wCgYIKoZIzj0EAwIw +MIICyjCCAnCgAwIBAgIUO9+6KUC7hxGYorBURet6UwI6iXIwCgYIKoZIzj0EAwIw gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNM STEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv -QHdvbGZzc2wuY29tMB4XDTIwMTAxNTIwMTM1OFoXDTMwMTAxMzIwMTM1OFowgZox +QHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTMxMTIxODIzMDcyNFowgZox CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0 dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNMSTEY MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABC7vJ8tXOtxiJba1 -QlzuKVbjqM6GbkRSIxXIQ8BiEBYeSsuI0HXgOGuAhGSfcKrYuzOQwduBRq7pgckD -abXOreujgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0O -BBYEFLQbO09l8r+eio/jM5ZEH2fqszTVMB8GA1UdIwQYMBaAFLQbO09l8r+eio/j -M5ZEH2fqszTVMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI -KwYBBQUHAwQwCgYIKoZIzj0EAwIDRwAwRAIgKLa0667Bm3EKFZKT1i0Spv8tKvUj -qOLfbNkz1H/pLggCIDPrRarBfDbBYFIJDi3kKkkd2LLFeT6+1GHFFNC28kLU +bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABJ0I3Fm3EF3kWH6q +Yt16iWnStRgoXSIxfG+luzGQQiDtnCnqSnQzoZNPmiZyYRxLcjmfrGPVskLfDrTy +fsdI6wyjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0O +BBYEFM+9CEq/3NF86dn+6Dv6hGMHfIjbMB8GA1UdIwQYMBaAFM+9CEq/3NF86dn+ +6Dv6hGMHfIjbMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI +KwYBBQUHAwQwCgYIKoZIzj0EAwIDSAAwRQIhAIFMLF1E2uzknN+oxpOt+kVoQ2rC +YwBg56Y6AcSV7djdAiB0lICDlyUXbYoo3THH7irZE/g7SKCIFSZ539QAfAdY+A== -----END CERTIFICATE----- diff --git a/certs/ecc/client-secp256k1-cert.der b/certs/ecc/client-secp256k1-cert.der index 1185dc21ed6b704c62fe5466199ee7d82f9e64bf..e647131fabb61fcf8721e768bea7f39559292494 100644 GIT binary patch delta 280 zcmX@cdYo0+po!_QK@(HP0%j&gCMFR>y|*v?*aKI&p7ZnVuDuzoa`wQviOOrF4GoQq z42+Bo%#BQ<#CeSk4UG&fpxlZ2b0)VjiaRvqFiuv>zx!|U#DzXP@AG)S)Ce{EQ>eQv zG}V61vQ#&4At+35vD3og9LXTxvLZpH05YsBhZ+<8aTl z1wSv}YPGKOp0e<}RMXQ{2J&pop|Z*>5(Z)oBG?p6c4V^g@?c+*mHOjt z+6_g^?EEXuQv=wzn|CG6(Js$lr?TT)6_X;vi?_B_Iw`@gtiG;TbCD~bas88~KfM#~ O*2JXrHYMl<{{{euwRXe+ delta 279 zcmX@kdW==spo!^_K@(HP0%j&gCMFSEp}&h(h$i3gv-fCpo3t+VvwHofiOOrF4Gawo zO^pl;jZG}0#CeTDTw^GAqW+x8ZH(d$*Lk@=@+o!v`+fE4L(V036UsJgp1vuZu>Dm> z)AgQhw-xV9=6@Nn`{<`dhrTMC9liQmWtqzDcT5{t4VM|qpRH^Xn0%K}-_#}RMq%#i zBnd?(b>#{BWy`l!dY2o>voVLtDziu!h&6~{Q!v?)$;Q)z!N8SCp_s!<;^NxIZ!wYT zx6Edp{p~kBDq?fuzYTBd%1-e_T|UU9$gq@k%UAu&`wOq|{NBGHh5PJoiTC#>?TI;) MQ_^%IDC(OV09bN!^8f$< diff --git a/certs/ecc/client-secp256k1-cert.pem b/certs/ecc/client-secp256k1-cert.pem index 0d03c0889..3741c76af 100644 --- a/certs/ecc/client-secp256k1-cert.pem +++ b/certs/ecc/client-secp256k1-cert.pem @@ -2,22 +2,22 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 3d:12:fd:a2:a8:15:63:d8:4e:3f:48:81:46:92:ae:65:f3:27:7f:f2 + 31:2e:ed:e8:4e:07:51:aa:45:ce:4e:4d:8b:7d:d9:53:24:cd:c0:ce Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 15 20:13:49 2020 GMT - Not After : Oct 13 20:13:49 2030 GMT + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Dec 18 23:07:24 2031 GMT Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: - 04:d7:0d:0b:f1:0e:22:88:fe:fb:d5:e5:e1:09:a4: - 3e:90:76:b3:29:cb:d9:13:60:b7:ea:88:82:d7:8c: - b6:db:21:dc:93:0f:e9:58:bb:c5:f2:a2:c2:f5:23: - 36:c5:d5:eb:24:a6:24:db:ee:02:b0:05:31:a6:33: - 1f:cd:79:82:10 + 04:80:6c:01:93:26:6f:dd:fe:93:91:a1:4c:b9:df: + 0c:4b:e9:28:55:36:fc:71:2d:a6:55:65:3f:ac:96: + 90:67:80:d8:fb:79:f4:c0:7e:0f:3c:fa:15:1e:6e: + ac:03:cf:29:50:8d:98:60:21:7d:6d:89:08:11:e2: + 44:7c:09:0d:e6 ASN1 OID: secp256k1 X509v3 extensions: X509v3 Basic Constraints: @@ -25,33 +25,33 @@ Certificate: Netscape Cert Type: SSL Client, S/MIME X509v3 Subject Key Identifier: - 44:6A:D8:71:6D:AB:62:18:21:02:27:23:90:BF:1D:77:B6:79:4B:77 + 8B:F8:C3:8C:D6:A0:F9:D3:DA:85:3B:7E:4B:94:A1:F7:1A:82:E5:AA X509v3 Authority Key Identifier: - keyid:44:6A:D8:71:6D:AB:62:18:21:02:27:23:90:BF:1D:77:B6:79:4B:77 + keyid:8B:F8:C3:8C:D6:A0:F9:D3:DA:85:3B:7E:4B:94:A1:F7:1A:82:E5:AA X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment X509v3 Extended Key Usage: TLS Web Client Authentication, E-mail Protection Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:20:73:08:4a:18:d1:ad:81:f6:5c:59:27:da:36:9a: - cd:fb:4e:97:5a:58:b3:61:fe:b0:ec:7e:76:ca:0c:5a:d3:c1: - 02:21:00:a5:05:b4:f5:2f:d3:bf:71:d4:0c:fb:bf:a0:64:0b: - cd:bb:18:ef:df:92:bc:5c:cc:6c:74:82:c8:52:5a:f6:46 + 30:46:02:21:00:ec:71:28:64:3a:65:f8:ed:66:d8:21:39:6b: + 6f:d4:83:95:50:06:0b:83:ba:62:9c:2b:77:6f:ae:24:b8:f6: + 7a:02:21:00:e8:ed:3d:7a:2c:64:53:ea:3a:f5:a8:ac:d1:0a: + 6f:01:af:e4:82:fc:8d:90:dd:7c:5c:64:8d:82:60:2e:53:fb -----BEGIN CERTIFICATE----- -MIICwjCCAmigAwIBAgIUPRL9oqgVY9hOP0iBRpKuZfMnf/IwCgYIKoZIzj0EAwIw +MIICwzCCAmigAwIBAgIUMS7t6E4HUapFzk5Ni33ZUyTNwM4wCgYIKoZIzj0EAwIw gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1DTEkx GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 -b2xmc3NsLmNvbTAeFw0yMDEwMTUyMDEzNDlaFw0zMDEwMTMyMDEzNDlaMIGYMQsw +b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjRaFw0zMTEyMTgyMzA3MjRaMIGYMQsw CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtQ0xJMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAATXDQvxDiKI/vvV5eEJpD6QdrMp -y9kTYLfqiILXjLbbIdyTD+lYu8XyosL1IzbF1eskpiTb7gKwBTGmMx/NeYIQo4GQ -MIGNMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMB0GA1UdDgQWBBREathx -batiGCECJyOQvx13tnlLdzAfBgNVHSMEGDAWgBREathxbatiGCECJyOQvx13tnlL -dzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME -MAoGCCqGSM49BAMCA0gAMEUCIHMIShjRrYH2XFkn2jaazftOl1pYs2H+sOx+dsoM -WtPBAiEApQW09S/Tv3HUDPu/oGQLzbsY79+SvFzMbHSCyFJa9kY= +bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASAbAGTJm/d/pORoUy53wxL6ShV +NvxxLaZVZT+slpBngNj7efTAfg88+hUebqwDzylQjZhgIX1tiQgR4kR8CQ3mo4GQ +MIGNMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMB0GA1UdDgQWBBSL+MOM +1qD509qFO35LlKH3GoLlqjAfBgNVHSMEGDAWgBSL+MOM1qD509qFO35LlKH3GoLl +qjAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME +MAoGCCqGSM49BAMCA0kAMEYCIQDscShkOmX47WbYITlrb9SDlVAGC4O6Ypwrd2+u +JLj2egIhAOjtPXosZFPqOvWorNEKbwGv5IL8jZDdfFxkjYJgLlP7 -----END CERTIFICATE----- diff --git a/certs/ecc/genecc.sh b/certs/ecc/genecc.sh index 752440e5f..3ecb01092 100755 --- a/certs/ecc/genecc.sh +++ b/certs/ecc/genecc.sh @@ -12,9 +12,14 @@ echo 1000 > ./certs/ecc/serial echo 2000 > ./certs/ecc/crlnumber # generate ECC 256-bit CA -openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1 -openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \ +if [ -f ./certs/ca-ecc-key.pem ]; then + openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \ -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" +else + openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1 + openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \ + -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" +fi openssl x509 -in ./certs/ca-ecc-cert.pem -inform PEM -out ./certs/ca-ecc-cert.der -outform DER openssl ec -in ./certs/ca-ecc-key.pem -inform PEM -out ./certs/ca-ecc-key.der -outform DER @@ -22,7 +27,7 @@ openssl ec -in ./certs/ca-ecc-key.pem -inform PEM -out ./certs/ca-ecc-key.der -o rm ./certs/ca-ecc-key.par # Gen CA CRL -openssl ca -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEccCrl.pem -keyfile ./certs/ca-ecc-key.pem -cert ./certs/ca-ecc-cert.pem +openssl ca -batch -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEccCrl.pem -keyfile ./certs/ca-ecc-key.pem -cert ./certs/ca-ecc-cert.pem @@ -31,7 +36,7 @@ openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pe openssl x509 -req -in ./certs/server-ecc-req.pem -CA ./certs/ca-ecc-cert.pem -CAkey ./certs/ca-ecc-key.pem -CAcreateserial -out ./certs/server-ecc.pem -sha256 # Sign server certificate -openssl ca -config ./certs/ecc/wolfssl.cnf -extensions server_cert -days 3650 -notext -md sha256 -in ./certs/server-ecc-req.pem -out ./certs/server-ecc.pem +openssl ca -batch -config ./certs/ecc/wolfssl.cnf -extensions server_cert -days 3650 -notext -md sha256 -in ./certs/server-ecc-req.pem -out ./certs/server-ecc.pem openssl x509 -in ./certs/server-ecc.pem -outform der -out ./certs/server-ecc.der # Generate ECC 256-bit self-signed server cert @@ -43,9 +48,14 @@ rm ./certs/server-ecc-req.pem # generate ECC 384-bit CA -openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1 -openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \ +if [ -f ./certs/ca-ecc384-key.pem ]; then + openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \ -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" +else + openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1 + openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \ + -days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com" +fi openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER openssl ec -in ./certs/ca-ecc384-key.pem -inform PEM -out ./certs/ca-ecc384-key.der -outform DER @@ -53,35 +63,45 @@ openssl ec -in ./certs/ca-ecc384-key.pem -inform PEM -out ./certs/ca-ecc384-key. rm ./certs/ca-ecc384-key.par # Gen CA CRL -openssl ca -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out ./certs/crl/caEcc384Crl.pem -keyfile ./certs/ca-ecc384-key.pem -cert ./certs/ca-ecc384-cert.pem +openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out ./certs/crl/caEcc384Crl.pem -keyfile ./certs/ca-ecc384-key.pem -cert ./certs/ca-ecc384-cert.pem # Generate ECC 384-bit server cert -openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1 -openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ +if [ -f ./certs/server-ecc384-key.pem ]; then + openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" +else + openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1 + openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" +fi openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \ -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER # Sign server certificate -openssl ca -config ./certs/ecc/wolfssl_384.cnf -extensions server_cert -days 10950 -notext -md sha384 -in ./certs/server-ecc384-req.pem -out ./certs/server-ecc384-cert.pem +openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions server_cert -days 10950 -notext -md sha384 -in ./certs/server-ecc384-req.pem -out ./certs/server-ecc384-cert.pem openssl x509 -in ./certs/server-ecc384-cert.pem -outform der -out ./certs/server-ecc384-cert.der rm ./certs/server-ecc384-req.pem rm ./certs/server-ecc384-key.par # Generate ECC 384-bit client cert -openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1 -openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ +if [ -f ./certs/client-ecc384-key.pem ]; then + openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" +else + openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1 + openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ + -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" +fi openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \ -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/" openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER # Sign client certificate -openssl ca -config ./certs/ecc/wolfssl_384.cnf -extensions usr_cert -days 10950 -notext -md sha384 -in ./certs/client-ecc384-req.pem -out ./certs/client-ecc384-cert.pem +openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions usr_cert -days 10950 -notext -md sha384 -in ./certs/client-ecc384-req.pem -out ./certs/client-ecc384-cert.pem openssl x509 -in ./certs/client-ecc384-cert.pem -outform der -out ./certs/client-ecc384-cert.der rm ./certs/client-ecc384-req.pem @@ -121,8 +141,21 @@ openssl x509 -inform pem -in ./certs/ecc/client-bp256r1-cert.pem -outform der -o rm ./certs/ecc/client-bp256r1-req.pem -# Also manually need to: -# 1. Copy ./certs/server-ecc.der into ./certs/test/server-cert-ecc-badsig.der `cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der` -# 2. Modify last byte so its invalidates signature in ./certs/test/server-cert-ecc-badsig.der -# 3. Covert bad cert to pem `openssl x509 -inform der -in ./certs/test/server-cert-ecc-badsig.der -outform pem -out ./certs/test/server-cert-ecc-badsig.pem` -# 4. Update AKID's for CA's in test.c certext_test() function akid_ecc. +# update bad certificate with last byte in signature changed +cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der +sed '$s/.$/W/' ./certs/test/server-cert-ecc-badsig.der >> ./certs/test/server-cert-ecc-badsig-altered.der +mv ./certs/test/server-cert-ecc-badsig-altered.der ./certs/test/server-cert-ecc-badsig.der +openssl x509 -inform der -in ./certs/test/server-cert-ecc-badsig.der -outform pem -out ./certs/test/server-cert-ecc-badsig.pem + +rm ./certs/ecc/*.old +rm ./certs/ecc/index.txt* +rm ./certs/ecc/serial +rm ./certs/ecc/crlnumber +rm ./certs/ecc/index.txt + +rm ./certs/1000.pem +rm ./certs/1001.pem +rm ./certs/1002.pem +rm ./certs/ca-ecc-cert.srl + +exit 0 diff --git a/certs/ecc/secp256k1-key.der b/certs/ecc/secp256k1-key.der index 6a80d8bdf8f19d6a2cca9570fbfab66d489cc75c..5aa6b57070683798c102caf877d8279458355e31 100644 GIT binary patch literal 118 zcmXpgVPa%tQMlH4@%be#tAn!2tJBxT^)0^K`JrFg>+f;1r}?uP53b=~z|O|1-N?eg zwa|sxiGigdhjFr6{@s6*Coc5ad7sDorADaPpF-Vbp{e$3rcFq1xbeI4%Yiz6n_r@G ad25)@YXEZ%sL2p8Ua4;nNVu(PphH?lBr zEp%aaVqm$>%l(m0spH@8t4|+tF0q?XwpsJ^P2q&?uR5Bp_iVeZcxN*I%ZS}aKP@`+ bRoU$5)z>P^RBpdx+Q4eK%vkccQ%lT`PuWoX>&$s1M-EoiCJd>X?8d{v+%i*>E z&c&LSH~+n`{?(GqUej^gpz#(PbEvE`OXDSj#`6s#*wjq+V_J&U@srt^jXc~L3|yEL z>#J@@jaF$emhpZ3f5s#$m=|093?Dl#1}YuNi4?( Wkr__685-ts$={Rg%W2qcE(8FG>VS^` delta 307 zcmZo(AXkxB2Xku1bz|6$R#3Z8s<5&0jH~l($9DYw-V8?R%?$LUViOTDw4Gawo zO^pl;jZICX#CeTDTw^GAqW-+eU5wHWdhgXwhg;oAQr))IDdwGK*y9!F+VWh2ltoWC zA4n1qlk+;=aiR2qMRr3=%KU;=H+CCOIC#6!ZQaYplgyc0&#iqu`6;8J#TIF6|I|Wm05l zG~fJv`SZEbN%pD=Osckjqwc*O-UPukIna%tp@-%dW5S0 diff --git a/certs/ecc/server-bp256r1-cert.pem b/certs/ecc/server-bp256r1-cert.pem index 217d21c55..ae45aad26 100644 --- a/certs/ecc/server-bp256r1-cert.pem +++ b/certs/ecc/server-bp256r1-cert.pem @@ -2,22 +2,22 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 2f:f8:fa:8b:cf:ec:8f:2c:bc:40:fb:95:a0:3e:04:db:dd:c5:7f:08 + 75:8b:6b:62:1b:10:fb:a0:c1:e3:79:bf:0a:2e:15:12:89:6f:df:a7 Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 15 20:13:55 2020 GMT - Not After : Oct 13 20:13:55 2030 GMT + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Dec 18 23:07:24 2031 GMT Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: - 04:2e:ef:27:cb:57:3a:dc:62:25:b6:b5:42:5c:ee: - 29:56:e3:a8:ce:86:6e:44:52:23:15:c8:43:c0:62: - 10:16:1e:4a:cb:88:d0:75:e0:38:6b:80:84:64:9f: - 70:aa:d8:bb:33:90:c1:db:81:46:ae:e9:81:c9:03: - 69:b5:ce:ad:eb + 04:9d:08:dc:59:b7:10:5d:e4:58:7e:aa:62:dd:7a: + 89:69:d2:b5:18:28:5d:22:31:7c:6f:a5:bb:31:90: + 42:20:ed:9c:29:ea:4a:74:33:a1:93:4f:9a:26:72: + 61:1c:4b:72:39:9f:ac:63:d5:b2:42:df:0e:b4:f2: + 7e:c7:48:eb:0c ASN1 OID: brainpoolP256r1 X509v3 extensions: X509v3 Basic Constraints: @@ -25,39 +25,39 @@ Certificate: Netscape Cert Type: SSL Server X509v3 Subject Key Identifier: - B4:1B:3B:4F:65:F2:BF:9E:8A:8F:E3:33:96:44:1F:67:EA:B3:34:D5 + CF:BD:08:4A:BF:DC:D1:7C:E9:D9:FE:E8:3B:FA:84:63:07:7C:88:DB X509v3 Authority Key Identifier: - keyid:B4:1B:3B:4F:65:F2:BF:9E:8A:8F:E3:33:96:44:1F:67:EA:B3:34:D5 + keyid:CF:BD:08:4A:BF:DC:D1:7C:E9:D9:FE:E8:3B:FA:84:63:07:7C:88:DB DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:2F:F8:FA:8B:CF:EC:8F:2C:BC:40:FB:95:A0:3E:04:DB:DD:C5:7F:08 + serial:75:8B:6B:62:1B:10:FB:A0:C1:E3:79:BF:0A:2E:15:12:89:6F:DF:A7 X509v3 Key Usage: critical Digital Signature, Key Encipherment, Key Agreement X509v3 Extended Key Usage: TLS Web Server Authentication Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:21:00:81:37:b3:f7:a7:e7:9d:1b:62:3f:25:20:02: - 45:93:45:5c:91:23:1b:8b:bc:09:0c:f7:ef:51:29:a4:90:ec: - 91:02:20:74:dd:26:c3:eb:24:e1:33:ce:b4:c6:f8:5f:9f:99: - 6d:2b:9a:ee:ac:33:d8:08:29:19:3c:00:f1:83:de:a6:af + 30:44:02:20:1e:54:83:c9:5c:94:38:fe:e8:f4:e6:51:cb:b9: + af:85:bc:97:e6:c1:09:3d:c7:bc:39:74:4e:b8:aa:ea:53:2c: + 02:20:6e:89:c2:33:5a:13:13:32:0e:51:93:a4:5d:08:b0:14: + 98:42:db:00:80:9e:0a:1f:de:19:8e:6c:80:bb:37:12 -----BEGIN CERTIFICATE----- -MIIDfjCCAySgAwIBAgIUL/j6i8/sjyy8QPuVoD4E293FfwgwCgYIKoZIzj0EAwIw +MIIDfTCCAySgAwIBAgIUdYtrYhsQ+6DB43m/Ci4VEolv36cwCgYIKoZIzj0EAwIw gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNS VjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv -QHdvbGZzc2wuY29tMB4XDTIwMTAxNTIwMTM1NVoXDTMwMTAxMzIwMTM1NVowgZox +QHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTMxMTIxODIzMDcyNFowgZox CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0 dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEY MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABC7vJ8tXOtxiJba1 -QlzuKVbjqM6GbkRSIxXIQ8BiEBYeSsuI0HXgOGuAhGSfcKrYuzOQwduBRq7pgckD -abXOreujggFDMIIBPzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNV -HQ4EFgQUtBs7T2Xyv56Kj+MzlkQfZ+qzNNUwgdoGA1UdIwSB0jCBz4AUtBs7T2Xy -v56Kj+MzlkQfZ+qzNNWhgaCkgZ0wgZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX +bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABJ0I3Fm3EF3kWH6q +Yt16iWnStRgoXSIxfG+luzGQQiDtnCnqSnQzoZNPmiZyYRxLcjmfrGPVskLfDrTy +fsdI6wyjggFDMIIBPzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNV +HQ4EFgQUz70ISr/c0Xzp2f7oO/qEYwd8iNswgdoGA1UdIwSB0jCBz4AUz70ISr/c +0Xzp2f7oO/qEYwd8iNuhgaCkgZ0wgZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX YXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcw FQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQv+PqLz+yPLLxA+5Wg -PgTb3cV/CDAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYI -KoZIzj0EAwIDSAAwRQIhAIE3s/en550bYj8lIAJFk0VckSMbi7wJDPfvUSmkkOyR -AiB03SbD6yThM860xvhfn5ltK5rurDPYCCkZPADxg96mrw== +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR1i2tiGxD7oMHjeb8K +LhUSiW/fpzAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYI +KoZIzj0EAwIDRwAwRAIgHlSDyVyUOP7o9OZRy7mvhbyX5sEJPce8OXROuKrqUywC +IG6JwjNaExMyDlGTpF0IsBSYQtsAgJ4KH94ZjmyAuzcS -----END CERTIFICATE----- diff --git a/certs/ecc/server-secp256k1-cert.der b/certs/ecc/server-secp256k1-cert.der index 19f9ec7e801b5312422d3283c46867bcd652503e..84384478605ed1f9079ceaf18076d2f0d7c0e045 100644 GIT binary patch delta 314 zcmey)_Jd8?pozJ}pov*(0W%XL6O)Ki&WZe-gk*=mF@L{C-Yt8(<(G%{MCCQohK5E) z21dpP=0+w_;=IO&hDL@KQ0_$iIg{HM#T^=Q7$>Xc-~Bgv;zFOD_j$ZuYJ{5oDb!sS znrgph+Jy9m8^0^R9H`^B`6Visw}$z=Wpfak%H& zf}fXfwOZGCPg(d~s_E$}gT@tcvac delta 313 zcmeyt_MJ`HpozKIpov*(0W%XL6O%~7)$JAk*+i`6j_&Hd8<)OGY}KaY6P4FU8yFfG zni?4x8k?9!iSrtRxW-WKMEyCF+Ze?iuJdw#OcC_t8&_4t-TNJ9_oC$}*MP@0d2Q8ZI-IKU>)(F!?T{p`AdF)L%a(7e^e#7OyurpCDyz)Wc)_6YY=a0kH47W(Eoq!RQGd2r6IMS={>xK>^%$njV&%uZ?`>R?K!9<$)sR6`M1GOpH55D c`a)D*SUP(hEBLgF219KzOC~;mR69Y>_QwVqCH7iC3<{6LUPh3cqys|50+5MYG zzgCv*n)7t~LZQbyxtBUjesf^j_S7<&IbJW4?7A1XUft9^Wo_oqko5ocoHaG~Hzh^$ F0005&E%^Wd delta 101 zcmcb>a)D*SUP%LELjwad6H5c*C~;mRV?!eYQwVqCH7iDkTmK@0JDpo+nBEbVS^QDH zS8d<6MSr&co3qn2)3EN!PC-|(MVh87OO{W+RafZ0u_(4we9hx;JI={H>6*Ihtn4{n E0DvVciU0rr diff --git a/certs/ed25519/ca-ed25519.pem b/certs/ed25519/ca-ed25519.pem index 7b645aaf3..61ac1b33f 100644 --- a/certs/ed25519/ca-ed25519.pem +++ b/certs/ed25519/ca-ed25519.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Mar 10 06:49:03 2021 GMT - Not After : Dec 5 06:49:03 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -26,22 +26,22 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED25519 - da:fe:58:53:89:43:85:98:35:dc:13:1c:a3:f1:1f:8d:26:be: - b6:a2:fc:b7:fe:9c:b9:35:69:31:7e:d4:b9:11:45:16:a2:29: - 35:a9:74:a7:97:da:7e:71:4f:b1:72:5d:75:17:ac:e3:f6:b8: - ce:1e:e4:8a:95:ba:cd:1d:ce:0d + 03:98:e3:5f:c8:d0:65:19:d4:ba:64:a6:df:d9:c5:f5:79:76: + ba:9c:e5:b7:a1:12:e3:b9:0b:a5:40:93:ec:c0:96:b7:65:76: + 1c:9c:4a:e8:62:3e:8b:a3:85:d5:b2:8b:94:ad:69:f9:54:67: + ff:7f:09:7c:7c:df:b2:62:5b:0c -----BEGIN CERTIFICATE----- MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz -c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDMx -MDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW 77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA -2v5YU4lDhZg13BMco/EfjSa+tqL8t/6cuTVpMX7UuRFFFqIpNal0p5fafnFPsXJd -dRes4/a4zh7kipW6zR3ODQ== +A5jjX8jQZRnUumSm39nF9Xl2upzlt6ES47kLpUCT7MCWt2V2HJxK6GI+i6OF1bKL +lK1p+VRn/38JfHzfsmJbDA== -----END CERTIFICATE----- diff --git a/certs/ed25519/client-ed25519.der b/certs/ed25519/client-ed25519.der index adfdaa58ee6f7eec40be3a37f977ad6a847affc4..dda0b691a22805c9c910d10602d4af9679c71f43 100644 GIT binary patch delta 244 zcmcb?_M1h^poyv6povLy0W%XL6O%~AWAShGb&joNKjz!by dygoGe&E(eMk{|1%Y|0JJd6P4FW8Wn{50`5_TPMa_cpWiFTTl3 r6JP9@vHkhwpzhzN5~trb2~A$1{z6G?+sco_Qz+MPU7H(4l{{hJ(_ KAeOqXpA7&H>M3&o delta 109 zcmey#@{?u4Zdn6kLjwad6H5c*C~;mRV?!eYQz+M)W4Kre~&I(~)+L3XIt& LpfUBxwDk-C=<+VO diff --git a/certs/ed25519/server-ed25519.pem b/certs/ed25519/server-ed25519.pem index d8d2277e7..a9d655aca 100644 --- a/certs/ed25519/server-ed25519.pem +++ b/certs/ed25519/server-ed25519.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Mar 10 06:49:03 2021 GMT - Not After : Dec 5 06:49:03 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -30,25 +30,25 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ED25519 - f3:c2:ef:8b:55:65:4f:bc:e3:df:fc:d8:a1:ad:8e:43:07:73: - c8:58:c3:46:0a:c1:f1:4d:3f:fb:3d:78:e6:76:58:26:ce:d7: - 59:55:ec:c5:b5:b4:05:ed:f9:d4:97:69:66:d6:2c:1b:43:5a: - 51:5c:be:10:28:95:c4:96:af:00 + 2a:c7:33:f1:ed:51:63:7b:38:4d:df:45:3d:b1:6a:8a:6e:3e: + cc:78:93:cf:84:5d:61:23:62:31:c1:c9:4d:11:6a:83:d5:38: + e8:b2:40:a1:62:c9:7b:a4:11:91:04:52:65:86:ab:82:38:20: + 36:fe:93:59:60:16:65:be:8f:06 -----BEGIN CERTIFICATE----- MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTAzMTAw -NjQ5MDNaFw0yMzEyMDUwNjQ5MDNaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAy +MzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1 NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM -MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQDzwu+LVWVP -vOPf/NihrY5DB3PIWMNGCsHxTT/7PXjmdlgmztdZVezFtbQF7fnUl2lm1iwbQ1pR -XL4QKJXElq8A +MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQAqxzPx7VFj +ezhN30U9sWqKbj7MeJPPhF1hI2IxwclNEWqD1TjoskChYsl7pBGRBFJlhquCOCA2 +/pNZYBZlvo8G -----END CERTIFICATE----- Certificate: Data: @@ -57,8 +57,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Mar 10 06:49:03 2021 GMT - Not After : Dec 5 06:49:03 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -78,22 +78,22 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED25519 - da:fe:58:53:89:43:85:98:35:dc:13:1c:a3:f1:1f:8d:26:be: - b6:a2:fc:b7:fe:9c:b9:35:69:31:7e:d4:b9:11:45:16:a2:29: - 35:a9:74:a7:97:da:7e:71:4f:b1:72:5d:75:17:ac:e3:f6:b8: - ce:1e:e4:8a:95:ba:cd:1d:ce:0d + 03:98:e3:5f:c8:d0:65:19:d4:ba:64:a6:df:d9:c5:f5:79:76: + ba:9c:e5:b7:a1:12:e3:b9:0b:a5:40:93:ec:c0:96:b7:65:76: + 1c:9c:4a:e8:62:3e:8b:a3:85:d5:b2:8b:94:ad:69:f9:54:67: + ff:7f:09:7c:7c:df:b2:62:5b:0c -----BEGIN CERTIFICATE----- MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz -c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDMx -MDA2NDkwM1oXDTIzMTIwNTA2NDkwM1owgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW 77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA -2v5YU4lDhZg13BMco/EfjSa+tqL8t/6cuTVpMX7UuRFFFqIpNal0p5fafnFPsXJd -dRes4/a4zh7kipW6zR3ODQ== +A5jjX8jQZRnUumSm39nF9Xl2upzlt6ES47kLpUCT7MCWt2V2HJxK6GI+i6OF1bKL +lK1p+VRn/38JfHzfsmJbDA== -----END CERTIFICATE----- diff --git a/certs/ed448/ca-ed448.der b/certs/ed448/ca-ed448.der index 0f147d75f9bfa020e79934e560a8ebca1a4580f0..336decb487fbc60017b88c6701797b3393be5968 100644 GIT binary patch delta 160 zcmbQtI+=CC4mm?ZBO?PNV*_&|(g>_te{uSHC#; zR5rpcPA<@od1BU#&F#Yc8aA0n(%Zh7@ZWftNEofuN zOA2?|yi%}L<-6wd%QLGJ8Cni=yffLic4_tNAb;OCtaewg&&)5_^@%b1nzN7qYq delta 160 zcmbQtI+=CC4mkq@Geb*5Vg>LUDT*wAHCC zToKRe^(M~7dY;If(&Tf-R%>+iB#PX)WZPc^^5{wb?*3r*Re4YOPtID)zc)B|O#B%9 zwSUg_u;VYO3fkb()~2{HSinOu(7f#O=MPRFkM(8ETjVt1_NGPt2iZ7Z{{Os4WTlX^ L1H-%u8DRzh_EHK{k!Th`q9?bO1_ zGEDOn4CKUljSLNqj0}v74a|*9qr`cQObjdyO`%+nqRnlLW{g-(ntXvNv}jJe*2Ftb zKF+dlR$k7CHx<48i2Fp%iAD1mH%MJSwuxba-?GE5{7wwZgVTSW=3aVZP4Wc?$*B=P<8s$I2B%?k>4YE0Li9a*9JCR=KoFNb`PfK72sp~Fu1pQoR- zFf`^Inh+yqH|PC#lP%UWLeI3iZ!A{%GC_v*=%0}5#j%@TNL=k)w((J}Hz%9vJH4jd O8CPz#ugXynVE_Q@jauda diff --git a/certs/ed448/client-ed448.pem b/certs/ed448/client-ed448.pem index 9f3ab2580..80a4771f0 100644 --- a/certs/ed448/client-ed448.pem +++ b/certs/ed448/client-ed448.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 74:e0:2f:55:75:06:b8:1f:8f:30:20:cb:0d:c7:15:73:d8:d0:32:27 + 31:26:1a:ec:1b:b4:ac:dc:fc:40:67:e4:6f:03:64:1c:58:f4:30:e5 Signature Algorithm: ED448 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Client-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 19 13:23:41 2020 GMT - Not After : Mar 16 13:23:41 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Client-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED448 @@ -23,7 +23,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:F3:C7:66:93:0D:CB:0E:1B:80:08:00:CF:E3:4E:11:4D:58:2B:4B:D4 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed448/OU=Client-ed448/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:74:E0:2F:55:75:06:B8:1F:8F:30:20:CB:0D:C7:15:73:D8:D0:32:27 + serial:31:26:1A:EC:1B:B4:AC:DC:FC:40:67:E4:6F:03:64:1C:58:F4:30:E5 X509v3 Basic Constraints: CA:TRUE @@ -32,19 +32,19 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: ED448 - ee:19:f6:b7:bf:b8:7e:2b:74:77:f2:89:b2:eb:a0:45:5d:42: - 18:f7:f3:aa:ba:7d:82:83:a0:70:b9:28:97:2d:9b:59:78:25: - ec:6b:1a:b6:4d:08:1f:52:10:3c:73:5c:71:40:b9:47:f9:cb: - e6:84:00:81:6c:c2:90:5c:16:3e:9c:ef:f7:34:b4:3b:98:55: - cc:85:47:b1:73:24:f4:90:1c:05:c5:fc:54:d7:73:5d:b3:e8: - 18:d5:89:a6:b1:e2:6d:4b:09:06:35:ee:2e:82:6d:98:d4:da: - 87:aa:6c:20:14:00 + 9c:5f:2a:91:dc:42:4c:43:1d:ec:a9:d3:68:5f:35:15:db:e2: + 0b:c8:7c:c8:a2:9e:01:b0:1a:d7:c6:b2:00:90:4e:a6:c3:45: + 0f:42:00:a7:53:67:f9:cb:0b:a5:d8:ac:63:d0:40:33:eb:6b: + bf:fd:00:1f:b9:78:62:ca:48:54:0f:35:0a:7e:af:69:f2:d6: + f9:ee:54:fe:71:a2:9b:55:0c:53:9b:18:1d:ed:74:74:67:aa: + 8b:66:db:2b:71:49:38:d5:34:fb:f5:cf:55:8e:65:c1:09:d4: + 05:8b:43:b7:25:00 -----BEGIN CERTIFICATE----- -MIIDkzCCAxOgAwIBAgIUdOAvVXUGuB+PMCDLDccVc9jQMicwBQYDK2VxMIGbMQsw +MIIDkzCCAxOgAwIBAgIUMSYa7Bu0rNz8QGfkbwNkHFj0MOUwBQYDK2VxMIGbMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMQ2xpZW50LWVkNDQ4MRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s -ZnNzbC5jb20wHhcNMjAwNjE5MTMyMzQxWhcNMjMwMzE2MTMyMzQxWjCBmzELMAkG +ZnNzbC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmzELMAkG A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFjAU BgNVBAoMDXdvbGZTU0xfZWQ0NDgxFTATBgNVBAsMDENsaWVudC1lZDQ0ODEYMBYG A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz @@ -54,10 +54,10 @@ ZpMNyw4bgAgAz+NOEU1YK0vUMIHbBgNVHSMEgdMwgdCAFPPHZpMNyw4bgAgAz+NO EU1YK0vUoYGhpIGeMIGbMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQ MA4GA1UEBwwHQm96ZW1hbjEWMBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UE CwwMQ2xpZW50LWVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq -hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFHTgL1V1BrgfjzAgyw3HFXPY0DIn +hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFDEmGuwbtKzc/EBn5G8DZBxY9DDl MAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYD -VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAUGAytlcQNzAO4Z9re/uH4rdHfy -ibLroEVdQhj386q6fYKDoHC5KJctm1l4JexrGrZNCB9SEDxzXHFAuUf5y+aEAIFs -wpBcFj6c7/c0tDuYVcyFR7FzJPSQHAXF/FTXc12z6BjViaax4m1LCQY17i6CbZjU -2oeqbCAUAA== +VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAUGAytlcQNzAJxfKpHcQkxDHeyp +02hfNRXb4gvIfMiingGwGtfGsgCQTqbDRQ9CAKdTZ/nLC6XYrGPQQDPra7/9AB+5 +eGLKSFQPNQp+r2ny1vnuVP5xoptVDFObGB3tdHRnqotm2ytxSTjVNPv1z1WOZcEJ +1AWLQ7clAA== -----END CERTIFICATE----- diff --git a/certs/ed448/root-ed448.der b/certs/ed448/root-ed448.der index 929c56617c00fe06748208bfeeb67247699ab13c..ce3387e1abcc71fdb245f81170d8e1cec95a4a57 100644 GIT binary patch delta 193 zcmZ3%x`I{NpowXTK@*e80%j&gCMFU4iTc4|n(s}vaZRbRJb;=D#C29}1VQ0_#nxs#h2Hy3?9vZ~f`?~`C#=Hr)6=1%6nWPQ>u?)~@M zj~6*gD;YfTwC&iv*Fjb4Lt<;DyKDOjK?XxdjSZ6zXfW_PaQ%LA`p(VMDN-y;bz
rKY3qD%sH)}q1y1Ol9K@deC~f z^N;1;TlD{^m)CWTw*1d3H?wZ*cOT|D)l=0+3+H|9I@r)@zT|(IYH4%li5Sr@JiFZf v`JS6KZ{5y-Jh{@N?m2=NKATux(7DpGNYd{1SJpL*x1ROAF;g}C#mxW!r3X*e diff --git a/certs/ed448/root-ed448.pem b/certs/ed448/root-ed448.pem index a77a0038f..330e22fed 100644 --- a/certs/ed448/root-ed448.pem +++ b/certs/ed448/root-ed448.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 3e:b1:2c:57:68:30:3f:06:46:47:d7:ea:ae:97:a2:cd:22:15:12:95 + 3f:91:2f:53:56:29:ef:34:b6:0a:94:7a:3e:0e:08:b1:f7:0d:7e:f2 Signature Algorithm: ED448 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 19 13:23:41 2020 GMT - Not After : Mar 16 13:23:41 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED448 @@ -28,27 +28,27 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED448 - b4:9d:00:0e:cd:5c:55:15:a9:e1:96:8a:47:6e:f8:19:43:1d: - bc:d6:ac:4c:cb:d0:cf:e3:1e:ef:38:8f:f8:7f:1f:2d:45:5b: - 39:ff:05:1e:99:7e:b5:f7:4c:03:7e:25:ca:7b:c5:71:9e:f5: - 8a:c1:80:89:37:a4:ff:76:25:75:83:89:c8:5c:15:f4:0c:ba: - 46:fe:4d:ce:9a:9e:ae:b9:50:6e:1e:75:c5:47:6c:11:d0:f3: - 34:39:d0:2c:d4:84:a2:19:3e:db:f5:05:ac:01:da:e6:8e:ec: - 36:25:31:fa:0b:00 + f5:c4:aa:7d:41:bd:e4:53:3d:03:c7:d2:c9:6d:93:0f:d2:3b: + c9:3e:5e:ef:f7:db:e3:a2:41:1b:22:30:e4:49:3d:88:bb:bd: + 40:25:1a:f0:61:85:69:47:45:87:a8:11:00:31:41:28:b0:93: + c0:28:00:0d:40:0a:fb:e4:cb:dc:d9:cb:64:1a:04:a5:2c:5c: + 9c:c9:93:a4:64:01:8e:09:77:c9:e2:b4:fb:a6:b2:cb:4f:4e: + 07:62:94:44:ec:21:13:f1:de:3a:f9:0d:e9:18:9c:cb:2f:68: + 25:80:ea:79:09:00 -----BEGIN CERTIFICATE----- -MIICpDCCAiSgAwIBAgIUPrEsV2gwPwZGR9fqrpeizSIVEpUwBQYDK2VxMIGZMQsw +MIICpDCCAiSgAwIBAgIUP5EvU1Yp7zS2CpR6Pg4IsfcNfvIwBQYDK2VxMIGZMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW MBQGA1UECgwNd29sZlNTTF9FZDQ0ODETMBEGA1UECwwKUm9vdC1FZDQ0ODEYMBYG A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz -c2wuY29tMB4XDTIwMDYxOTEzMjM0MVoXDTIzMDMxNjEzMjM0MVowgZkxCzAJBgNV +c2wuY29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZkxCzAJBgNV BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYD VQQKDA13b2xmU1NMX0VkNDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQD DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b20wQzAFBgMrZXEDOgALZCYoz7VGm+4/6jv1Znoy1P59+IBfWFds13nuZqI9VI+N CK/LuEOUUF3lU2JpyHWCpl5EyktbCwCjYzBhMB0GA1UdDgQWBBTaaZjJJkp1+1le U5pjSwy4iAsPHjAfBgNVHSMEGDAWgBTaaZjJJkp1+1leU5pjSwy4iAsPHjAPBgNV -HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAFBgMrZXEDcwC0nQAOzVxVFanh -lopHbvgZQx281qxMy9DP4x7vOI/4fx8tRVs5/wUemX6190wDfiXKe8VxnvWKwYCJ -N6T/diV1g4nIXBX0DLpG/k3Omp6uuVBuHnXFR2wR0PM0OdAs1ISiGT7b9QWsAdrm -juw2JTH6CwA= +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAFBgMrZXEDcwD1xKp9Qb3kUz0D +x9LJbZMP0jvJPl7v99vjokEbIjDkST2Iu71AJRrwYYVpR0WHqBEAMUEosJPAKAAN +QAr75Mvc2ctkGgSlLFycyZOkZAGOCXfJ4rT7prLLT04HYpRE7CET8d46+Q3pGJzL +L2glgOp5CQA= -----END CERTIFICATE----- diff --git a/certs/ed448/server-ed448-cert.pem b/certs/ed448/server-ed448-cert.pem index 8f6f49681..6b9d94d23 100644 --- a/certs/ed448/server-ed448-cert.pem +++ b/certs/ed448/server-ed448-cert.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED448 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 19 13:23:41 2020 GMT - Not After : Mar 16 13:23:41 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Server-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED448 @@ -31,19 +31,19 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ED448 - a1:10:74:ad:92:3d:73:cf:89:f1:e8:07:7f:79:18:f0:89:19: - b9:92:13:e4:8b:cc:f3:08:1a:d1:d3:52:d7:24:8d:7d:41:15: - a4:5b:f1:4a:22:6b:00:2d:2f:25:c1:33:23:85:7d:87:69:6f: - 53:b3:00:3c:7f:a3:0b:9c:7d:ce:e5:77:91:70:a4:45:0a:c2: - de:06:23:c3:37:1e:0b:14:cc:d5:89:6e:cd:83:d6:b9:a9:69: - 32:a2:c1:db:d6:39:d1:e2:70:93:c6:68:1b:55:aa:bf:87:b0: - 61:ef:0a:8e:13:00 + 39:91:c6:6a:6c:93:f0:b8:27:ad:c8:d7:b2:49:3d:3f:91:b1: + c6:47:74:39:5a:8c:f9:7a:43:74:34:df:16:1d:60:62:78:69: + e1:ec:61:e3:a8:69:19:2d:a5:b8:c3:c7:62:d9:2e:c8:81:6d: + f5:6f:80:dd:d8:e2:02:ee:5b:f0:9c:cd:1e:cd:27:e2:98:c5: + 37:93:46:88:8d:cd:0c:fe:00:6e:54:96:cd:f0:13:8b:01:d6: + f6:38:fc:81:8a:e6:05:75:12:74:4a:ce:b7:de:40:7b:43:c8: + 25:07:27:07:15:00 -----BEGIN CERTIFICATE----- MIICuDCCAjigAwIBAgIBATAFBgMrZXEwgZcxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2Vk NDQ4MREwDwYDVQQLDAhDQS1lZDQ0ODEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYxOTEzMjM0 -MVoXDTIzMDMxNjEzMjM0MVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250 +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcy +NVoXDTI0MDkxNTIzMDcyNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250 YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2VkNDQ4MRUw EwYDVQQLDAxTZXJ2ZXItZWQ0NDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBDMAUGAytlcQM6AFSBOQHr @@ -51,7 +51,7 @@ N9mpB80BvJ1wFsIsK3VbY9vuOi1Ekka0ewcDT6Kuhobci0ssf+hrFI1Y3W3nbzoF lajvAKOBiTCBhjAdBgNVHQ4EFgQUfKtcEqlo2BgQKH2SxUq4TEx2DtswHwYDVR0j BBgwFoAUOFlF6N1ELLV9pSXWC8w58HLAlGMwDAYDVR0TAQH/BAIwADAOBgNVHQ8B Af8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZA -MAUGAytlcQNzAKEQdK2SPXPPifHoB395GPCJGbmSE+SLzPMIGtHTUtckjX1BFaRb -8UoiawAtLyXBMyOFfYdpb1OzADx/owucfc7ld5FwpEUKwt4GI8M3HgsUzNWJbs2D -1rmpaTKiwdvWOdHicJPGaBtVqr+HsGHvCo4TAA== +MAUGAytlcQNzADmRxmpsk/C4J63I17JJPT+RscZHdDlajPl6Q3Q03xYdYGJ4aeHs +YeOoaRktpbjDx2LZLsiBbfVvgN3Y4gLuW/CczR7NJ+KYxTeTRoiNzQz+AG5Uls3w +E4sB1vY4/IGK5gV1EnRKzrfeQHtDyCUHJwcVAA== -----END CERTIFICATE----- diff --git a/certs/ed448/server-ed448.der b/certs/ed448/server-ed448.der index b0de2d985d60a166bc678281e668b4ddc3b39a41..ec45a3b6338dbaff89ba9c82982e11fc2f8f08ff 100644 GIT binary patch delta 152 zcmdnPx`%bbHYr0xBO?PNV*_&|(NNUraV3sUq{?o5aT}G9`7F?l^or>89R^#@w&@4R>!mVtN<- zVa{2(v+9p#95tWp*3o;G=O05}$h5N`gu5B9eY5z}*!7IHRH(%3-1d78)y^kW+11%a F836g*L_q)m delta 152 zcmdnPx`%bbHYo!GGeb*5V{ z;zOt8&Pl>gy3c&(kh*v|=(P17 zY5By0C9YhD?y)H!HkacTIdio$?`-q6ohvhq79G5O&GO=-g2~4+q(fKjZ{Lvko~uuo F0RVpdK%@Ww diff --git a/certs/ed448/server-ed448.pem b/certs/ed448/server-ed448.pem index 8cc2542d1..8510448cd 100644 --- a/certs/ed448/server-ed448.pem +++ b/certs/ed448/server-ed448.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED448 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 19 13:23:41 2020 GMT - Not After : Mar 16 13:23:41 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Server-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED448 @@ -31,19 +31,19 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ED448 - a1:10:74:ad:92:3d:73:cf:89:f1:e8:07:7f:79:18:f0:89:19: - b9:92:13:e4:8b:cc:f3:08:1a:d1:d3:52:d7:24:8d:7d:41:15: - a4:5b:f1:4a:22:6b:00:2d:2f:25:c1:33:23:85:7d:87:69:6f: - 53:b3:00:3c:7f:a3:0b:9c:7d:ce:e5:77:91:70:a4:45:0a:c2: - de:06:23:c3:37:1e:0b:14:cc:d5:89:6e:cd:83:d6:b9:a9:69: - 32:a2:c1:db:d6:39:d1:e2:70:93:c6:68:1b:55:aa:bf:87:b0: - 61:ef:0a:8e:13:00 + 39:91:c6:6a:6c:93:f0:b8:27:ad:c8:d7:b2:49:3d:3f:91:b1: + c6:47:74:39:5a:8c:f9:7a:43:74:34:df:16:1d:60:62:78:69: + e1:ec:61:e3:a8:69:19:2d:a5:b8:c3:c7:62:d9:2e:c8:81:6d: + f5:6f:80:dd:d8:e2:02:ee:5b:f0:9c:cd:1e:cd:27:e2:98:c5: + 37:93:46:88:8d:cd:0c:fe:00:6e:54:96:cd:f0:13:8b:01:d6: + f6:38:fc:81:8a:e6:05:75:12:74:4a:ce:b7:de:40:7b:43:c8: + 25:07:27:07:15:00 -----BEGIN CERTIFICATE----- MIICuDCCAjigAwIBAgIBATAFBgMrZXEwgZcxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2Vk NDQ4MREwDwYDVQQLDAhDQS1lZDQ0ODEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYxOTEzMjM0 -MVoXDTIzMDMxNjEzMjM0MVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250 +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcy +NVoXDTI0MDkxNTIzMDcyNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250 YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2VkNDQ4MRUw EwYDVQQLDAxTZXJ2ZXItZWQ0NDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBDMAUGAytlcQM6AFSBOQHr @@ -51,9 +51,9 @@ N9mpB80BvJ1wFsIsK3VbY9vuOi1Ekka0ewcDT6Kuhobci0ssf+hrFI1Y3W3nbzoF lajvAKOBiTCBhjAdBgNVHQ4EFgQUfKtcEqlo2BgQKH2SxUq4TEx2DtswHwYDVR0j BBgwFoAUOFlF6N1ELLV9pSXWC8w58HLAlGMwDAYDVR0TAQH/BAIwADAOBgNVHQ8B Af8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZA -MAUGAytlcQNzAKEQdK2SPXPPifHoB395GPCJGbmSE+SLzPMIGtHTUtckjX1BFaRb -8UoiawAtLyXBMyOFfYdpb1OzADx/owucfc7ld5FwpEUKwt4GI8M3HgsUzNWJbs2D -1rmpaTKiwdvWOdHicJPGaBtVqr+HsGHvCo4TAA== +MAUGAytlcQNzADmRxmpsk/C4J63I17JJPT+RscZHdDlajPl6Q3Q03xYdYGJ4aeHs +YeOoaRktpbjDx2LZLsiBbfVvgN3Y4gLuW/CczR7NJ+KYxTeTRoiNzQz+AG5Uls3w +E4sB1vY4/IGK5gV1EnRKzrfeQHtDyCUHJwcVAA== -----END CERTIFICATE----- Certificate: Data: @@ -62,8 +62,8 @@ Certificate: Signature Algorithm: ED448 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 19 13:23:41 2020 GMT - Not After : Mar 16 13:23:41 2023 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED448 @@ -84,26 +84,26 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED448 - 12:5e:bc:a0:86:7e:26:a1:a8:5f:05:4a:ec:5e:3c:3b:9e:14: - 9c:75:63:ce:33:3a:ac:2d:2e:18:72:46:0a:1d:87:e8:51:0c: - 2e:1b:fb:8b:f0:36:f5:23:bc:77:f9:09:7d:39:fd:d8:08:0c: - 34:4e:00:4f:2b:f9:9d:48:3e:0f:74:7a:52:b0:44:86:86:21: - a1:53:10:48:21:51:37:76:d3:f3:f0:42:f1:c6:8e:6a:9e:a2: - 42:90:db:b2:a2:4f:c1:06:09:e9:ff:f3:a2:14:a9:12:43:40: - 00:9e:78:1c:13:00 + de:27:87:c7:7b:e8:c1:e5:1d:58:3e:5e:1e:51:4e:03:91:6a: + 98:b3:87:13:0f:28:3c:69:c5:67:93:d2:c6:d6:39:3d:3d:66: + 64:25:04:a1:80:5b:65:26:79:e8:39:78:d6:a2:d9:72:35:95: + 70:86:00:6e:62:57:42:b3:a9:11:85:24:f7:29:e7:d3:99:7b: + 61:00:84:c3:08:ee:34:be:ad:a5:7b:eb:52:4f:4d:ec:05:3e: + d5:d7:99:6f:70:ba:f2:01:5b:d6:43:39:28:e2:0e:79:f0:1e: + e8:16:3a:33:37:00 -----BEGIN CERTIFICATE----- MIICjzCCAg+gAwIBAgIBATAFBgMrZXEwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX0Vk NDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjAwNjE5MTMy -MzQxWhcNMjMwMzE2MTMyMzQxWjCBlzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v +b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIwMjMw +NzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v bnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFjAUBgNVBAoMDXdvbGZTU0xfZWQ0NDgx ETAPBgNVBAsMCENBLWVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wQzAFBgMrZXEDOgAO4rR25dLM wkt7sCm+kvvDr2mllLpwJOij78hjmt2mr1hDOAQk8BCRvqcBkVTzz2mFTLmXjKQ3 qgCjYzBhMB0GA1UdDgQWBBQ4WUXo3UQstX2lJdYLzDnwcsCUYzAfBgNVHSMEGDAW gBTaaZjJJkp1+1leU5pjSwy4iAsPHjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB -/wQEAwIBhjAFBgMrZXEDcwASXryghn4moahfBUrsXjw7nhScdWPOMzqsLS4YckYK -HYfoUQwuG/uL8Db1I7x3+Ql9Of3YCAw0TgBPK/mdSD4PdHpSsESGhiGhUxBIIVE3 -dtPz8ELxxo5qnqJCkNuyok/BBgnp//OiFKkSQ0AAnngcEwA= +/wQEAwIBhjAFBgMrZXEDcwDeJ4fHe+jB5R1YPl4eUU4DkWqYs4cTDyg8acVnk9LG +1jk9PWZkJQShgFtlJnnoOXjWotlyNZVwhgBuYldCs6kRhST3KefTmXthAITDCO40 +vq2le+tST03sBT7V15lvcLryAVvWQzko4g558B7oFjozNwA= -----END CERTIFICATE----- diff --git a/certs/entity-no-ca-bool-cert.pem b/certs/entity-no-ca-bool-cert.pem index 8fba3910c..4112468d3 100644 --- a/certs/entity-no-ca-bool-cert.pem +++ b/certs/entity-no-ca-bool-cert.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jul 2 15:55:08 2021 GMT - Not After : Mar 28 15:55:08 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = NoCaBool, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -37,7 +37,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:FALSE, pathlen:0 @@ -46,27 +46,27 @@ Certificate: X509v3 Extended Key Usage: TLS Web Client Authentication, TLS Web Server Authentication Signature Algorithm: sha256WithRSAEncryption - 0a:bc:55:13:b4:2d:a2:39:ca:a9:d0:82:6e:96:f1:c3:d7:91: - 13:01:3d:e9:a8:2b:e0:8e:e9:5c:e9:b7:0d:fa:f1:86:84:e4: - 1c:0b:75:19:4b:a0:3a:62:e0:32:d2:18:27:d4:3c:55:84:35: - ba:42:db:a0:5e:78:e5:94:26:69:fd:cb:c0:b2:d4:7d:da:b1: - 7f:dc:1d:34:22:32:8c:81:e1:9c:1c:99:3a:39:10:62:25:c3: - f2:38:d8:78:ae:09:51:ce:57:1c:8b:b4:23:67:a5:74:59:0d: - 68:e6:2b:8b:f0:ba:86:c3:db:f8:b6:fd:0c:21:d6:0b:ab:76: - 8a:1a:02:d0:8f:ce:a0:bb:00:38:52:c1:04:f4:6b:0f:27:45: - 98:1e:79:e7:07:6a:06:83:ab:2e:f7:5b:72:61:a0:f3:06:26: - 36:fc:cc:09:da:fe:de:5a:7d:ca:5f:b0:7f:7a:aa:ef:5f:9d: - ea:f5:79:ed:f3:9a:34:58:1f:ae:6d:10:12:b0:5c:df:e4:6b: - 6b:fe:5a:55:53:a0:ca:43:2f:ce:80:9f:d4:39:20:4e:02:ba: - be:40:5c:b4:60:17:49:50:e8:b0:c9:0f:80:c6:3c:99:70:f2: - 63:31:d1:b4:5d:b3:df:93:17:b2:51:55:f7:c0:af:02:05:6c: - 11:b0:02:d2 + 53:5e:64:a2:ac:e9:1a:84:a6:2f:4e:7c:11:0b:d7:9b:4a:bb: + cb:2f:4b:f6:3f:09:33:46:4e:74:21:6d:6e:e5:a0:1a:69:f8: + 83:9a:c6:14:f6:45:12:e7:f8:a0:43:25:c8:2f:37:39:12:48: + b9:e5:d8:50:08:d6:65:48:55:3f:f6:02:8a:b5:22:5b:5d:19: + 6a:7f:d3:e4:86:73:6c:99:21:64:87:af:37:4a:00:6f:c9:29: + 6a:60:1a:dc:57:65:be:77:af:f3:e1:cf:7e:bc:23:b6:e0:61: + be:2b:e0:12:f1:7c:c1:3d:5d:17:7f:de:69:5c:82:89:0a:69: + ad:1f:37:a3:91:84:c8:f2:eb:ae:c4:e6:62:37:f0:a5:f9:60: + 0c:79:01:68:93:14:ec:a5:6d:ed:ec:0e:fa:ea:a3:e0:5a:f6: + 97:a7:2c:18:20:72:db:2c:92:63:14:ee:a0:3f:d4:22:59:12: + 89:47:82:2a:2f:4d:11:d5:4b:fe:50:6d:77:d8:8f:1e:ff:fb: + ef:af:83:96:ad:53:de:eb:cd:fc:d5:15:37:a7:6e:3d:7e:ef: + b9:3d:39:0c:da:f5:86:ba:8c:3b:d0:46:b4:b2:c7:0b:34:d4: + 8b:8c:87:f2:7c:02:d0:eb:8f:34:69:3f:93:51:dc:f2:56:56: + 72:cc:5d:e3 -----BEGIN CERTIFICATE----- -MIIEzTCCA7WgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIE2DCCA8CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwNzAy -MTU1NTA4WhcNMjQwMzI4MTU1NTA4WjCBkTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBkTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxETAP BgNVBAsMCE5vQ2FCb29sMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB @@ -75,30 +75,30 @@ HVcEnpxW/2aveEuFfHG8a3mpYyH0iB5vuVNYsE2TtaflnIA72fv0R/5G8ed+WR3n IRFrlqDXO966BmHrA9R0t7ST9Dg0259Y3Nf67v5WabiXr1vKVkAwERwmQKYfHLvW 4P8epFc143SrSaGHlS+KdwqxZaCP01qsBJPMUINCZKsS+i6vK+qxc3vOM8NoIyfw dfQLgh6uIQBP/CYXdYSb4DHeWYOqRfmCyz7dIu7OfAwG3MxhJX56ZOnFBlfTwWFT -WYIyxs8dcIdEPbdS5VZn4xZ7u0iYjVTBhapXAgMBAAGjggEpMIIBJTAdBgNVHQ4E -FgQU7/SLhs5179zh+CMeGrg7jZgJiOcwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/ +WYIyxs8dcIdEPbdS5VZn4xZ7u0iYjVTBhapXAgMBAAGjggE0MIIBMDAdBgNVHQ4E +FgQU7/SLhs5179zh+CMeGrg7jZgJiOcwgdQGA1UdIwSBzDCByYAUJ45nEXTDJh0/ 7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250 YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UE CwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI -hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/rBgKN00wDAYDVR0TBAUwAwIB -ADALBgNVHQ8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0G -CSqGSIb3DQEBCwUAA4IBAQAKvFUTtC2iOcqp0IJulvHD15ETAT3pqCvgjulc6bcN -+vGGhOQcC3UZS6A6YuAy0hgn1DxVhDW6QtugXnjllCZp/cvAstR92rF/3B00IjKM -geGcHJk6ORBiJcPyONh4rglRzlcci7QjZ6V0WQ1o5iuL8LqGw9v4tv0MIdYLq3aK -GgLQj86guwA4UsEE9GsPJ0WYHnnnB2oGg6su91tyYaDzBiY2/MwJ2v7eWn3KX7B/ -eqrvX53q9Xnt85o0WB+ubRASsFzf5Gtr/lpVU6DKQy/OgJ/UOSBOArq+QFy0YBdJ -UOiwyQ+AxjyZcPJjMdG0XbPfkxeyUVX3wK8CBWwRsALS +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCIugdCjaqvT77CGkjw0UDmQjAM +BgNVHRMEBTADAgEAMAsGA1UdDwQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI +KwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAFNeZKKs6RqEpi9OfBEL15tKu8sv +S/Y/CTNGTnQhbW7loBpp+IOaxhT2RRLn+KBDJcgvNzkSSLnl2FAI1mVIVT/2Aoq1 +IltdGWp/0+SGc2yZIWSHrzdKAG/JKWpgGtxXZb53r/Phz368I7bgYb4r4BLxfME9 +XRd/3mlcgokKaa0fN6ORhMjy667E5mI38KX5YAx5AWiTFOylbe3sDvrqo+Ba9pen +LBggctsskmMU7qA/1CJZEolHgiovTRHVS/5QbXfYjx7/+++vg5atU97rzfzVFTen +bj1+77k9OQza9Ya6jDvQRrSyxws01IuMh/J8AtDrjzRpP5NR3PJWVnLMXeM= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: - aa:d3:3f:ac:18:0a:37:4d + 7d:94:70:88:ba:07:42:8d:aa:af:4f:be:c2:1a:48:f0:d1:40:e6:42 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,7 +129,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -138,47 +138,47 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08: - 86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd: - 89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99: - c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce: - 89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8: - a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4: - ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20: - 88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70: - 6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38: - 7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4: - 12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6: - b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd: - b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e: - ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c: - 4f:a1:ca:98 + b0:71:bb:ba:45:5a:80:25:02:a4:7e:88:0b:a9:7b:fd:b0:bb: + f6:46:b5:ba:f4:c7:e3:61:20:8c:03:15:66:f5:e4:54:82:ef: + 13:80:97:22:67:c1:d1:88:5d:e2:2d:57:f6:e0:9f:69:d6:b1: + 5c:b6:e8:e0:98:89:c8:14:12:d6:b6:89:8d:6c:b9:a0:59:4f: + 92:ee:11:53:6b:7d:93:4a:69:0a:85:d9:d5:d2:62:e8:c9:b5: + c6:4e:17:f5:0a:e8:f3:2d:86:61:0b:eb:c4:c4:c6:67:75:ed: + 9a:9f:53:a0:71:1e:a0:90:0d:f9:03:b4:bc:86:19:6e:f0:3b: + 4f:e8:ed:68:f6:e7:23:43:3b:36:83:83:4b:46:a0:9a:01:d0: + c7:85:bb:7d:94:a0:21:3d:7e:3c:6a:3d:81:db:41:7b:46:d8: + 15:62:d5:8f:4d:3d:c0:db:9a:c5:81:a8:ac:da:87:99:c7:dd: + b9:f1:14:af:d1:93:e3:f3:42:d7:a2:04:51:21:54:29:c3:45: + f6:be:5c:fa:cd:db:bf:2f:79:81:42:e5:8f:47:0b:d4:54:01: + b5:c2:4a:46:d6:a8:31:2e:64:80:3f:48:61:91:29:f3:aa:43: + 5c:69:6e:f1:01:b9:df:63:71:3d:b9:5a:fb:36:c0:11:a2:c3: + 30:9d:95:c3 -----BEGIN CERTIFICATE----- -MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +MIIE/zCCA+egAwIBAgIUfZRwiLoHQo2qr0++whpI8NFA5kIwDQYJKoZIhvcNAQEL +BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZQxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw +DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP +d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804H0ry +TXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQ +u2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkc +rMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfa +QG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+j +JtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02 +eQIDAQABo4IBRTCCAUEwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHU +BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow -ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+ -gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO -BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv -b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM -BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud -JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI -WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX -apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28 -Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z -PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt -XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR -O7A8u4yPPHtMT6HKmA== +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU +fZRwiLoHQo2qr0++whpI8NFA5kIwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl +eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +DQYJKoZIhvcNAQELBQADggEBALBxu7pFWoAlAqR+iAupe/2wu/ZGtbr0x+NhIIwD +FWb15FSC7xOAlyJnwdGIXeItV/bgn2nWsVy26OCYicgUEta2iY1suaBZT5LuEVNr +fZNKaQqF2dXSYujJtcZOF/UK6PMthmEL68TExmd17ZqfU6BxHqCQDfkDtLyGGW7w +O0/o7Wj25yNDOzaDg0tGoJoB0MeFu32UoCE9fjxqPYHbQXtG2BVi1Y9NPcDbmsWB +qKzah5nH3bnxFK/Rk+PzQteiBFEhVCnDRfa+XPrN278veYFC5Y9HC9RUAbXCSkbW +qDEuZIA/SGGRKfOqQ1xpbvEBud9jcT25Wvs2wBGiwzCdlcM= -----END CERTIFICATE----- diff --git a/certs/ocsp/intermediate1-ca-cert.pem b/certs/ocsp/intermediate1-ca-cert.pem index 673f05678..d2907acca 100644 --- a/certs/ocsp/intermediate1-ca-cert.pem +++ b/certs/ocsp/intermediate1-ca-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35: a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 1e:8f:fa:f5:32:ee:98:9e:ed:96:b4:a9:ea:d7:3c:05:74:36: - 41:ef:1b:84:35:6a:3d:6c:c9:53:2a:50:f7:d1:80:d3:ec:99: - bc:4b:dd:86:69:e0:94:1c:c4:77:c9:6a:f7:ed:2c:0d:c5:17: - a7:15:75:25:14:2d:c6:14:8d:17:97:6d:e7:d7:38:88:d6:df: - ba:8c:aa:2a:f1:4e:ef:1f:4a:16:5a:fa:0c:50:ea:98:b1:4b: - 36:97:24:21:ce:dc:e4:5c:ba:ae:e7:cb:2a:1d:f7:73:ff:17: - f3:9d:cf:26:4e:b7:cb:5c:8e:e4:9e:55:d2:00:f8:ca:53:c3: - 53:3f:6d:65:aa:86:f4:f1:ed:26:1e:75:56:be:bd:80:f5:1c: - 4e:4d:13:c3:1b:04:61:b9:c6:e2:6f:30:44:01:0e:63:d8:19: - ce:83:40:e9:c7:01:f2:51:d7:b7:cd:16:25:93:de:3e:7a:7d: - 8d:72:1e:2b:66:76:91:df:b9:33:fa:04:b8:8c:c5:7a:ef:f6: - 94:74:54:1e:96:4a:a8:f6:0d:59:f7:2f:f1:26:78:f6:c7:bf: - 68:f9:b0:7f:a5:2d:1c:7b:fc:64:25:ed:a4:bb:e6:31:44:f9: - d5:5f:67:4d:01:29:84:b2:f8:fa:fb:6b:52:1e:66:c3:08:6b: - 8e:d5:ad:b9 + 0e:11:5a:b6:3c:42:28:c2:62:1d:8e:85:b9:77:f6:d0:ee:72: + b7:77:66:1f:6e:4e:e1:fb:d2:a9:11:81:b7:30:d2:a8:07:84: + 4d:72:19:d1:64:e4:8d:fa:36:6f:92:0c:51:8f:d8:b0:db:f8: + 61:6c:9c:67:0f:7a:da:8a:fe:2b:c2:72:91:10:40:e6:fb:3d: + e3:d8:59:bf:d4:aa:e1:e1:6d:73:91:d7:0c:5a:15:73:c7:bb: + b1:71:dc:be:d6:80:c9:95:54:5e:1f:6a:d2:4c:b9:4f:3c:74: + fb:22:4d:aa:e7:0f:bc:83:9f:61:e0:d7:77:99:cf:7f:c9:5a: + 89:8b:eb:85:67:02:b8:59:40:3b:3d:de:b6:80:41:69:1b:d5: + 39:8c:e8:29:1c:ec:9b:81:7e:dd:57:1d:d7:7d:d5:8e:8f:1d: + dc:ef:34:9b:06:ee:67:bc:da:96:1d:04:24:95:e5:99:9d:ed: + 1d:5a:50:a1:af:bc:34:0e:e3:45:52:65:97:88:85:07:38:87: + fd:1c:3f:37:20:fc:05:b4:81:98:0a:35:4d:87:e9:1d:c1:6f: + f9:33:ad:36:04:e5:c2:e8:46:1d:d4:d6:d8:ff:a3:ef:ed:13: + 20:9f:07:fe:cc:5d:81:7f:7a:1e:24:6b:56:27:63:53:66:de: + 78:50:81:0e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB @@ -84,26 +84,26 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD -ggEBAB6P+vUy7pie7Za0qerXPAV0NkHvG4Q1aj1syVMqUPfRgNPsmbxL3YZp4JQc -xHfJavftLA3FF6cVdSUULcYUjReXbefXOIjW37qMqirxTu8fShZa+gxQ6pixSzaX -JCHO3ORcuq7nyyod93P/F/OdzyZOt8tcjuSeVdIA+MpTw1M/bWWqhvTx7SYedVa+ -vYD1HE5NE8MbBGG5xuJvMEQBDmPYGc6DQOnHAfJR17fNFiWT3j56fY1yHitmdpHf -uTP6BLiMxXrv9pR0VB6WSqj2DVn3L/EmePbHv2j5sH+lLRx7/GQl7aS75jFE+dVf -Z00BKYSy+Pr7a1IeZsMIa47Vrbk= +ggEBAA4RWrY8QijCYh2Ohbl39tDucrd3Zh9uTuH70qkRgbcw0qgHhE1yGdFk5I36 +Nm+SDFGP2LDb+GFsnGcPetqK/ivCcpEQQOb7PePYWb/UquHhbXOR1wxaFXPHu7Fx +3L7WgMmVVF4fatJMuU88dPsiTarnD7yDn2Hg13eZz3/JWomL64VnArhZQDs93raA +QWkb1TmM6Ckc7JuBft1XHdd91Y6PHdzvNJsG7me82pYdBCSV5Zmd7R1aUKGvvDQO +40VSZZeIhQc4h/0cPzcg/AW0gZgKNU2H6R3Bb/kzrTYE5cLoRh3U1tj/o+/tEyCf +B/7MXYF/eh4ka1YnY1Nm3nhQgQ4= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/intermediate2-ca-cert.pem b/certs/ocsp/intermediate2-ca-cert.pem index 243782ed2..c01f1497b 100644 --- a/certs/ocsp/intermediate2-ca-cert.pem +++ b/certs/ocsp/intermediate2-ca-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4: 6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 0c:13:dc:c2:28:a2:be:bb:0b:8e:29:28:aa:7a:99:04:e5:88: - c6:67:7e:8d:3f:8a:68:3a:7f:c5:e2:d0:ed:c9:95:4c:40:f2: - 7a:87:73:17:fb:f8:c4:bf:1b:ff:54:be:33:6d:15:e3:4f:70: - f4:60:27:b2:67:cd:0e:0f:2a:81:ee:dc:9d:48:37:74:8a:4c: - 11:47:23:f0:5d:7c:c1:78:70:1d:c1:87:db:26:b0:86:a8:42: - 3d:87:87:43:e7:d9:3a:a8:5c:c5:66:a4:d5:4e:9b:d9:44:b2: - 41:30:10:94:3b:fd:00:dc:02:63:05:d7:a1:75:ad:54:28:9e: - e4:07:3c:af:68:89:9b:71:96:21:ff:d6:4e:1d:d0:02:d5:21: - 7d:ae:d8:07:96:6c:1f:ca:a5:ef:54:13:92:be:3c:7d:c0:65: - bf:5c:bb:ff:46:c2:69:0f:4c:29:70:6d:b7:52:d5:ed:9e:e4: - 89:dc:41:0d:0a:94:bc:69:b3:dc:8a:a9:45:25:f1:2c:9b:5b: - 85:bc:69:fb:94:31:05:2c:17:fa:78:28:36:78:7f:f9:0c:4f: - 22:36:05:fe:bf:59:9d:5d:1f:9a:5e:8e:d8:1d:62:4d:d6:2d: - 73:d6:26:c1:a5:bc:e3:62:81:fc:1e:cb:7f:3e:c3:00:c9:b0: - e0:c6:1f:c3 + 33:da:33:9a:28:e3:e7:b0:25:c2:d9:94:9d:7e:46:98:3d:ac: + 08:f4:30:15:04:e0:fc:e2:4a:19:f1:0e:82:07:59:43:cd:0c: + b5:0c:55:2c:01:d2:78:22:e3:cd:38:75:13:36:ce:66:7b:17: + 86:ac:a3:98:e5:36:ae:37:4d:77:e6:02:e1:d8:77:d4:53:96: + 74:57:ca:6a:40:a3:de:38:e2:70:21:72:be:43:72:69:a1:d7: + fb:6d:7a:d3:db:5a:21:aa:d1:d3:7e:e4:76:54:3b:d3:19:68: + 7e:61:96:46:4f:de:d5:fe:f4:3b:8d:1c:24:b2:cb:4c:ff:8f: + ec:6a:13:28:ef:53:3b:12:f5:67:e1:d7:93:d2:eb:39:1d:72: + 13:79:a0:63:70:12:51:67:0d:d7:d2:4d:37:c3:fc:4d:ed:45: + 76:33:0e:82:af:d5:49:b8:f6:2f:fe:0e:93:d3:b7:6a:ab:e6: + e3:11:4f:04:50:5f:f8:13:4a:30:82:f4:56:c0:1d:ed:de:19: + 2c:62:a3:f2:1b:6a:8b:a1:b5:1a:cb:0a:e6:3c:b4:67:1a:2a: + 82:b4:78:a8:5f:a0:5d:22:34:dc:1c:3c:a8:77:6f:23:e0:6f: + b7:3e:36:52:21:64:89:1e:50:85:59:a7:cf:2b:f5:13:37:26: + 62:27:85:34 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB @@ -84,26 +84,26 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD -ggEBAAwT3MIoor67C44pKKp6mQTliMZnfo0/img6f8Xi0O3JlUxA8nqHcxf7+MS/ -G/9UvjNtFeNPcPRgJ7JnzQ4PKoHu3J1IN3SKTBFHI/BdfMF4cB3Bh9smsIaoQj2H -h0Pn2TqoXMVmpNVOm9lEskEwEJQ7/QDcAmMF16F1rVQonuQHPK9oiZtxliH/1k4d -0ALVIX2u2AeWbB/Kpe9UE5K+PH3AZb9cu/9GwmkPTClwbbdS1e2e5IncQQ0KlLxp -s9yKqUUl8SybW4W8afuUMQUsF/p4KDZ4f/kMTyI2Bf6/WZ1dH5pejtgdYk3WLXPW -JsGlvONigfwey38+wwDJsODGH8M= +ggEBADPaM5oo4+ewJcLZlJ1+Rpg9rAj0MBUE4PziShnxDoIHWUPNDLUMVSwB0ngi +4804dRM2zmZ7F4aso5jlNq43TXfmAuHYd9RTlnRXympAo9444nAhcr5Dcmmh1/tt +etPbWiGq0dN+5HZUO9MZaH5hlkZP3tX+9DuNHCSyy0z/j+xqEyjvUzsS9Wfh15PS +6zkdchN5oGNwElFnDdfSTTfD/E3tRXYzDoKv1Um49i/+DpPTt2qr5uMRTwRQX/gT +SjCC9FbAHe3eGSxio/IbaouhtRrLCuY8tGcaKoK0eKhfoF0iNNwcPKh3byPgb7c+ +NlIhZIkeUIVZp88r9RM3JmInhTQ= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/intermediate3-ca-cert.pem b/certs/ocsp/intermediate3-ca-cert.pem index d9971e437..4ebee880d 100644 --- a/certs/ocsp/intermediate3-ca-cert.pem +++ b/certs/ocsp/intermediate3-ca-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:c5:04:10:7d:c2:21:e9:12:45:da:d5:ba:28: fd:a6:f4:30:44:a0:df:f9:70:5e:17:26:97:59:5c: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 9d:2f:66:43:34:cc:a4:d7:ae:09:81:ec:ca:bf:9e:e0:d6:28: - a0:25:63:5e:16:0a:e9:60:2c:c1:e6:36:5d:92:f0:7c:4a:22: - 10:94:9b:1a:c6:8f:c3:a9:bb:69:53:b8:aa:30:91:c5:32:19: - 35:7a:3e:86:af:f9:39:74:44:6e:5c:39:f6:b6:62:0c:33:8e: - f6:b9:d2:a7:e0:22:df:a3:4f:48:e4:04:f1:f7:20:f5:36:55: - a1:3d:08:ae:a9:12:eb:a8:97:59:6f:a0:b8:f0:ab:73:22:01: - cc:cc:96:29:ae:5f:46:ac:4e:47:1a:b9:8d:06:7e:88:67:5e: - 16:12:64:37:85:2a:d8:f3:27:cd:fa:86:fc:84:4b:51:3a:f1: - c7:1a:27:8d:54:49:e6:cb:82:bb:7c:b3:3f:2f:10:d5:3a:74: - e5:36:7b:b5:c4:58:a4:48:35:af:35:ad:3d:44:74:44:83:99: - d0:a1:c6:2f:5f:f3:58:1a:33:2f:6c:4e:8e:44:ce:2a:ba:e9: - c6:7d:9f:22:12:44:05:38:f7:87:54:4d:8d:ac:72:1c:5a:2a: - 74:9d:3b:30:31:d6:a9:39:d4:d6:0e:63:f8:46:07:ab:7f:01: - 31:cc:85:91:72:10:37:94:c4:ec:f9:9d:7f:81:25:cb:ce:55: - 48:85:86:2e + 4f:75:6b:7a:dc:f9:b0:8a:03:c2:b6:7b:d8:b7:39:d2:97:35: + 5b:b7:f7:fa:01:a5:a4:a8:e6:33:ef:99:1f:c4:36:6b:9a:f4: + 50:8f:70:9a:c8:82:6d:fd:28:80:45:eb:13:60:cb:67:81:29: + f3:63:c5:8b:4a:96:a6:62:62:24:86:ad:f3:6b:49:a9:e1:9b: + 8c:cd:fa:b5:53:1b:fb:0d:a1:c4:e2:b7:64:b4:50:18:8b:aa: + 84:21:0f:26:e0:c7:0f:b2:4e:1e:70:14:0d:e9:1e:e2:b7:a0: + d6:4f:e8:ed:77:cd:bc:dd:63:3c:cf:67:4b:27:b5:f1:91:b7: + c2:7a:0a:ca:3a:87:7a:f4:50:8a:6a:19:f7:f6:a0:c1:76:78: + d9:27:c1:33:10:02:1c:96:ae:d5:ca:f8:08:15:cc:2a:64:b6: + 37:cf:05:37:4b:c5:f3:8a:ef:b2:cb:07:b5:04:48:c9:c5:00: + 05:8f:f6:fc:3b:89:6a:57:f6:15:ea:93:85:8b:0a:e7:71:0e: + 32:fa:90:4a:74:6f:71:25:f1:c5:5a:1d:5e:10:e0:25:43:3f: + 8d:76:d4:f5:70:68:50:76:20:d7:f1:4e:eb:75:06:f7:81:20: + 19:5c:03:cb:25:fe:36:93:6c:68:16:e0:64:c9:86:47:5c:44: + b3:96:6b:e9 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBpzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBpzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu @@ -84,26 +84,26 @@ DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcN -AQELBQADggEBAJ0vZkM0zKTXrgmB7Mq/nuDWKKAlY14WCulgLMHmNl2S8HxKIhCU -mxrGj8Opu2lTuKowkcUyGTV6Poav+Tl0RG5cOfa2Ygwzjva50qfgIt+jT0jkBPH3 -IPU2VaE9CK6pEuuol1lvoLjwq3MiAczMlimuX0asTkcauY0GfohnXhYSZDeFKtjz -J836hvyES1E68ccaJ41USebLgrt8sz8vENU6dOU2e7XEWKRINa81rT1EdESDmdCh -xi9f81gaMy9sTo5Eziq66cZ9nyISRAU494dUTY2schxaKnSdOzAx1qk51NYOY/hG -B6t/ATHMhZFyEDeUxOz5nX+BJcvOVUiFhi4= +AQELBQADggEBAE91a3rc+bCKA8K2e9i3OdKXNVu39/oBpaSo5jPvmR/ENmua9FCP +cJrIgm39KIBF6xNgy2eBKfNjxYtKlqZiYiSGrfNrSanhm4zN+rVTG/sNocTit2S0 +UBiLqoQhDybgxw+yTh5wFA3pHuK3oNZP6O13zbzdYzzPZ0sntfGRt8J6Cso6h3r0 +UIpqGff2oMF2eNknwTMQAhyWrtXK+AgVzCpktjfPBTdLxfOK77LLB7UESMnFAAWP +9vw7iWpX9hXqk4WLCudxDjL6kEp0b3El8cVaHV4Q4CVDP4121PVwaFB2INfxTut1 +BveBIBlcA8sl/jaTbGgW4GTJhkdcRLOWa+k= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/ocsp-responder-cert.pem b/certs/ocsp/ocsp-responder-cert.pem index b7e5a6753..c8478f3e8 100644 --- a/certs/ocsp/ocsp-responder-cert.pem +++ b/certs/ocsp/ocsp-responder-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL OCSP Responder/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL OCSP Responder, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b8:ba:23:b4:f6:c3:7b:14:c3:a4:f5:1d:61:a1: f5:1e:63:b9:85:23:34:50:6d:f8:7c:a2:8a:04:8b: @@ -44,27 +44,27 @@ Certificate: X509v3 Extended Key Usage: OCSP Signing Signature Algorithm: sha256WithRSAEncryption - 07:ca:a6:a1:9f:bf:af:92:41:35:66:51:ac:bc:2c:ec:e7:8d: - 65:7e:e9:40:fe:5a:ab:8a:1d:3d:13:db:b4:43:2c:9a:36:98: - 21:a5:e8:ca:a9:4d:fc:e3:f7:45:88:cd:33:bf:8a:62:10:2f: - b2:b7:04:ef:26:43:51:1d:43:62:7d:1e:50:c8:d5:98:94:71: - 8f:3b:23:26:f1:71:8e:1e:3d:3f:21:fd:b7:2d:65:e4:07:65: - ac:3c:fc:c0:47:a9:32:f6:da:26:93:10:b2:d1:6d:c8:81:31: - 7c:b0:6b:c5:22:8d:b3:fa:be:82:ea:41:42:c4:c0:ef:e3:84: - 0f:6f:9a:03:63:b3:30:e0:31:81:2a:16:b3:47:d9:5b:38:93: - 07:d0:6e:79:52:2c:e5:50:84:79:10:e7:f6:31:7a:3e:48:a2: - 38:21:90:7a:f2:5f:48:a4:46:93:87:dd:5c:83:64:ea:b5:99: - a2:e9:01:40:fe:f0:48:66:4f:96:f7:83:52:f8:6d:f8:5f:ed: - 0c:bb:be:d0:69:10:4b:99:8f:f8:61:53:9d:12:ca:86:aa:b1: - 80:b4:a6:c1:cb:b7:48:f7:9f:55:b4:6e:ab:d3:a1:aa:4b:a7: - 21:6e:16:7f:ad:bb:ea:0f:41:80:9b:7f:d6:46:a2:c0:61:72: - 59:59:a0:07 + 59:f9:27:0e:01:0a:bc:99:65:c1:32:bc:90:f8:12:32:a1:9f: + 00:4b:33:d0:b4:54:fb:8e:13:e8:ab:79:bd:f0:9f:47:e1:88: + 88:b3:e2:84:f5:6f:0e:49:8e:76:92:72:0b:32:c1:42:34:1f: + f5:bd:bc:1e:df:60:45:bb:7e:4c:78:b8:a3:53:be:b1:a8:ab: + 97:36:1e:22:be:f4:7d:2c:98:d9:ae:0e:7c:0b:9c:e0:4c:29: + 72:8c:1d:bd:32:6b:f9:42:d9:14:d7:4b:c0:30:97:39:a7:54: + 6f:67:27:ca:9d:f0:c4:03:fb:34:16:6f:c2:d4:a7:d5:55:ac: + a7:ce:dd:fc:66:67:f3:b7:79:c6:b1:a6:c8:22:ad:84:43:c2: + 0e:4d:a0:1f:58:24:45:21:c0:f7:68:11:49:dd:72:9c:77:3c: + 4d:ee:cd:d1:86:e7:1c:ae:62:72:4d:a6:ae:56:2c:f8:48:68: + 54:de:d5:68:10:3b:97:bd:f6:1f:74:98:5f:11:a9:60:b8:53: + 75:31:37:e1:75:77:9b:e3:76:ed:b5:c7:00:35:4e:24:6a:70: + d9:5c:aa:0b:76:07:65:a1:08:fc:ac:76:0c:a5:c5:65:a2:50: + 55:d7:d6:6a:0e:95:09:8d:35:bd:f4:fc:e6:12:77:70:98:f0: + 5d:92:d1:30 -----BEGIN CERTIFICATE----- MIIEvjCCA6agAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBnjELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBnjELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQDDBZ3b2xmU1NMIE9DU1Ag UmVzcG9uZGVyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -80,26 +80,26 @@ CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0 dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG A1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz c2wuY29tggFjMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB -AQAHyqahn7+vkkE1ZlGsvCzs541lfulA/lqrih09E9u0QyyaNpghpejKqU384/dF -iM0zv4piEC+ytwTvJkNRHUNifR5QyNWYlHGPOyMm8XGOHj0/If23LWXkB2WsPPzA -R6ky9tomkxCy0W3IgTF8sGvFIo2z+r6C6kFCxMDv44QPb5oDY7Mw4DGBKhazR9lb -OJMH0G55UizlUIR5EOf2MXo+SKI4IZB68l9IpEaTh91cg2TqtZmi6QFA/vBIZk+W -94NS+G34X+0Mu77QaRBLmY/4YVOdEsqGqrGAtKbBy7dI959VtG6r06GqS6chbhZ/ -rbvqD0GAm3/WRqLAYXJZWaAH +AQBZ+ScOAQq8mWXBMryQ+BIyoZ8ASzPQtFT7jhPoq3m98J9H4YiIs+KE9W8OSY52 +knILMsFCNB/1vbwe32BFu35MeLijU76xqKuXNh4ivvR9LJjZrg58C5zgTClyjB29 +Mmv5QtkU10vAMJc5p1RvZyfKnfDEA/s0Fm/C1KfVVaynzt38Zmfzt3nGsabIIq2E +Q8IOTaAfWCRFIcD3aBFJ3XKcdzxN7s3RhuccrmJyTaauViz4SGhU3tVoEDuXvfYf +dJhfEalguFN1MTfhdXeb43bttccANU4kanDZXKoLdgdloQj8rHYMpcVlolBV19Zq +DpUJjTW99PzmEndwmPBdktEw -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -136,27 +136,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -172,11 +172,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/root-ca-cert.pem b/certs/ocsp/root-ca-cert.pem index 7c6de4bfc..917b114d6 100644 --- a/certs/ocsp/root-ca-cert.pem +++ b/certs/ocsp/root-ca-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -83,11 +83,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/server1-cert.pem b/certs/ocsp/server1-cert.pem index 872c38337..de2d5bd1a 100644 --- a/certs/ocsp/server1-cert.pem +++ b/certs/ocsp/server1-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www1.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www1.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e6:96:55:75:cf:8a:97:68:8c:b6:38:f6:7a:05: be:33:b6:51:47:37:8a:f7:db:91:be:92:6b:b7:00: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22221 Signature Algorithm: sha256WithRSAEncryption - 78:2e:01:bd:b4:60:d9:68:ab:4d:47:a1:a2:97:00:5d:46:44: - 6f:4f:d0:7c:23:ff:52:36:28:b5:72:1c:40:8c:16:1b:a1:4d: - d5:1a:0d:92:48:57:7d:5f:11:b6:07:1d:b1:c5:47:82:f1:16: - 57:49:10:78:12:ef:16:86:8b:97:52:3a:5b:9d:58:4d:df:df: - e1:a0:9c:8b:8b:31:75:9c:81:0f:87:7c:13:c6:1d:e9:5d:d0: - c1:1e:b0:70:e5:b0:8f:cd:57:bc:3e:68:49:58:23:da:b8:ed: - 10:c3:ae:5c:d1:85:b3:8d:85:5c:ec:01:a1:6a:4a:e1:bd:d8: - 16:98:2f:a6:7c:a1:cb:57:11:d0:9a:50:8e:dc:1c:67:e2:9f: - a5:96:f7:51:52:d1:76:be:5b:c9:e2:af:e6:cb:df:00:64:44: - fb:ef:96:ae:3f:6d:d9:85:39:fc:86:42:a4:52:34:3e:a6:96: - 0e:c9:34:28:11:77:1e:ac:e5:78:5f:96:e7:8c:78:b8:db:dd: - f7:ca:c6:68:c7:1b:b1:70:eb:6d:51:fd:6d:93:60:e4:18:ff: - c8:84:92:ad:f5:f0:a5:ea:f2:80:42:c9:a7:e0:ef:bf:b8:98: - b6:3a:91:86:40:4c:d1:90:e5:8d:57:0f:98:b0:ce:d9:a9:e2: - 29:9d:a8:2a + 71:bc:f8:43:d7:55:11:bf:86:ea:46:05:0d:ea:63:05:52:e1: + 84:53:99:38:8f:7a:5b:22:e5:d3:81:bb:9d:9d:98:37:3d:12: + e0:5c:00:cf:de:c3:bb:44:a2:63:c4:10:d2:2a:ba:e4:43:12: + 33:0b:d8:90:c5:e2:c2:ae:e0:5f:b9:79:86:f6:90:92:54:43: + 88:e1:d0:cf:f4:27:fc:3d:fd:43:7c:16:e3:2e:9b:94:8d:11: + 9a:9b:86:ed:7f:fe:36:d8:da:0a:17:3e:c8:2b:e4:d4:ea:de: + e8:5b:57:66:57:a7:23:8e:33:ae:ce:5d:47:fc:d0:c3:de:48: + b7:39:b9:1c:a8:37:fa:2d:a9:b3:a3:b8:ea:4b:96:11:47:fa: + d4:2b:8a:2c:e9:bc:e9:6e:90:40:6e:c5:ce:a5:e1:da:c3:cc: + 08:24:f0:37:f6:1f:4a:ca:01:d9:aa:45:60:f8:dc:20:f7:2a: + ec:2a:f3:d5:82:2a:45:45:2a:f7:7a:71:72:1c:7b:04:a0:fa: + 5f:dc:af:5f:30:2b:be:c4:f8:a2:fc:b8:d9:0d:70:98:1f:9f: + 61:f5:3f:d1:0f:85:5e:83:6f:dc:14:4c:0c:14:da:54:aa:a2: + aa:7c:c9:62:b1:75:62:e4:a3:95:f2:30:0c:23:3d:c7:e6:bc: + 44:f1:6f:dc -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIBBTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZgxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZgxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3 MS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC @@ -84,26 +84,26 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB -AQB4LgG9tGDZaKtNR6GilwBdRkRvT9B8I/9SNii1chxAjBYboU3VGg2SSFd9XxG2 -Bx2xxUeC8RZXSRB4Eu8WhouXUjpbnVhN39/hoJyLizF1nIEPh3wTxh3pXdDBHrBw -5bCPzVe8PmhJWCPauO0Qw65c0YWzjYVc7AGhakrhvdgWmC+mfKHLVxHQmlCO3Bxn -4p+llvdRUtF2vlvJ4q/my98AZET775auP23ZhTn8hkKkUjQ+ppYOyTQoEXcerOV4 -X5bnjHi42933ysZoxxuxcOttUf1tk2DkGP/IhJKt9fCl6vKAQsmn4O+/uJi2OpGG -QEzRkOWNVw+YsM7ZqeIpnagq +AQBxvPhD11URv4bqRgUN6mMFUuGEU5k4j3pbIuXTgbudnZg3PRLgXADP3sO7RKJj +xBDSKrrkQxIzC9iQxeLCruBfuXmG9pCSVEOI4dDP9Cf8Pf1DfBbjLpuUjRGam4bt +f/422NoKFz7IK+TU6t7oW1dmV6cjjjOuzl1H/NDD3ki3ObkcqDf6Lamzo7jqS5YR +R/rUK4os6bzpbpBAbsXOpeHaw8wIJPA39h9KygHZqkVg+Nwg9yrsKvPVgipFRSr3 +enFyHHsEoPpf3K9fMCu+xPii/LjZDXCYH59h9T/RD4Veg2/cFEwMFNpUqqKqfMli +sXVi5KOV8jAMIz3H5rxE8W/c -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35: a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 1e:8f:fa:f5:32:ee:98:9e:ed:96:b4:a9:ea:d7:3c:05:74:36: - 41:ef:1b:84:35:6a:3d:6c:c9:53:2a:50:f7:d1:80:d3:ec:99: - bc:4b:dd:86:69:e0:94:1c:c4:77:c9:6a:f7:ed:2c:0d:c5:17: - a7:15:75:25:14:2d:c6:14:8d:17:97:6d:e7:d7:38:88:d6:df: - ba:8c:aa:2a:f1:4e:ef:1f:4a:16:5a:fa:0c:50:ea:98:b1:4b: - 36:97:24:21:ce:dc:e4:5c:ba:ae:e7:cb:2a:1d:f7:73:ff:17: - f3:9d:cf:26:4e:b7:cb:5c:8e:e4:9e:55:d2:00:f8:ca:53:c3: - 53:3f:6d:65:aa:86:f4:f1:ed:26:1e:75:56:be:bd:80:f5:1c: - 4e:4d:13:c3:1b:04:61:b9:c6:e2:6f:30:44:01:0e:63:d8:19: - ce:83:40:e9:c7:01:f2:51:d7:b7:cd:16:25:93:de:3e:7a:7d: - 8d:72:1e:2b:66:76:91:df:b9:33:fa:04:b8:8c:c5:7a:ef:f6: - 94:74:54:1e:96:4a:a8:f6:0d:59:f7:2f:f1:26:78:f6:c7:bf: - 68:f9:b0:7f:a5:2d:1c:7b:fc:64:25:ed:a4:bb:e6:31:44:f9: - d5:5f:67:4d:01:29:84:b2:f8:fa:fb:6b:52:1e:66:c3:08:6b: - 8e:d5:ad:b9 + 0e:11:5a:b6:3c:42:28:c2:62:1d:8e:85:b9:77:f6:d0:ee:72: + b7:77:66:1f:6e:4e:e1:fb:d2:a9:11:81:b7:30:d2:a8:07:84: + 4d:72:19:d1:64:e4:8d:fa:36:6f:92:0c:51:8f:d8:b0:db:f8: + 61:6c:9c:67:0f:7a:da:8a:fe:2b:c2:72:91:10:40:e6:fb:3d: + e3:d8:59:bf:d4:aa:e1:e1:6d:73:91:d7:0c:5a:15:73:c7:bb: + b1:71:dc:be:d6:80:c9:95:54:5e:1f:6a:d2:4c:b9:4f:3c:74: + fb:22:4d:aa:e7:0f:bc:83:9f:61:e0:d7:77:99:cf:7f:c9:5a: + 89:8b:eb:85:67:02:b8:59:40:3b:3d:de:b6:80:41:69:1b:d5: + 39:8c:e8:29:1c:ec:9b:81:7e:dd:57:1d:d7:7d:d5:8e:8f:1d: + dc:ef:34:9b:06:ee:67:bc:da:96:1d:04:24:95:e5:99:9d:ed: + 1d:5a:50:a1:af:bc:34:0e:e3:45:52:65:97:88:85:07:38:87: + fd:1c:3f:37:20:fc:05:b4:81:98:0a:35:4d:87:e9:1d:c1:6f: + f9:33:ad:36:04:e5:c2:e8:46:1d:d4:d6:d8:ff:a3:ef:ed:13: + 20:9f:07:fe:cc:5d:81:7f:7a:1e:24:6b:56:27:63:53:66:de: + 78:50:81:0e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB @@ -177,26 +177,26 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD -ggEBAB6P+vUy7pie7Za0qerXPAV0NkHvG4Q1aj1syVMqUPfRgNPsmbxL3YZp4JQc -xHfJavftLA3FF6cVdSUULcYUjReXbefXOIjW37qMqirxTu8fShZa+gxQ6pixSzaX -JCHO3ORcuq7nyyod93P/F/OdzyZOt8tcjuSeVdIA+MpTw1M/bWWqhvTx7SYedVa+ -vYD1HE5NE8MbBGG5xuJvMEQBDmPYGc6DQOnHAfJR17fNFiWT3j56fY1yHitmdpHf -uTP6BLiMxXrv9pR0VB6WSqj2DVn3L/EmePbHv2j5sH+lLRx7/GQl7aS75jFE+dVf -Z00BKYSy+Pr7a1IeZsMIa47Vrbk= +ggEBAA4RWrY8QijCYh2Ohbl39tDucrd3Zh9uTuH70qkRgbcw0qgHhE1yGdFk5I36 +Nm+SDFGP2LDb+GFsnGcPetqK/ivCcpEQQOb7PePYWb/UquHhbXOR1wxaFXPHu7Fx +3L7WgMmVVF4fatJMuU88dPsiTarnD7yDn2Hg13eZz3/JWomL64VnArhZQDs93raA +QWkb1TmM6Ckc7JuBft1XHdd91Y6PHdzvNJsG7me82pYdBCSV5Zmd7R1aUKGvvDQO +40VSZZeIhQc4h/0cPzcg/AW0gZgKNU2H6R3Bb/kzrTYE5cLoRh3U1tj/o+/tEyCf +B/7MXYF/eh4ka1YnY1Nm3nhQgQ4= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -233,27 +233,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/server2-cert.pem b/certs/ocsp/server2-cert.pem index db1783e23..bff6c7098 100644 --- a/certs/ocsp/server2-cert.pem +++ b/certs/ocsp/server2-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 6 (0x6) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www2.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www2.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c6:35:8a:e8:aa:bd:33:c9:5e:84:43:67:42:65: 2a:3c:e3:89:b4:a6:67:a1:3b:ee:6d:85:d1:d3:2b: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22221 Signature Algorithm: sha256WithRSAEncryption - 35:db:bd:7c:8c:c2:f1:83:77:3c:dd:bf:b4:5b:0c:6e:95:29: - 30:a5:03:bb:54:45:47:88:cd:d4:46:80:94:bc:82:3f:8f:9c: - 3e:3d:09:48:9c:77:91:b0:70:54:70:23:41:8c:2f:cb:0b:8f: - df:08:fe:ce:0d:76:38:c8:80:15:6f:ab:d8:fc:26:8f:02:55: - 1b:e8:08:4c:c6:6f:38:23:8b:8b:52:fd:76:04:44:fb:5d:47: - 31:83:87:2e:7f:a9:d1:34:db:7d:9c:73:9d:63:fc:2e:86:b2: - 22:4b:5c:ef:95:d4:b3:0f:17:80:6c:67:5d:b3:c4:2a:7d:be: - 22:b9:40:b7:82:d9:c7:38:e4:9b:2b:c9:a0:ef:53:ba:7a:1e: - a9:9c:b6:91:1e:e8:3d:2e:7f:d6:1f:35:db:72:56:ea:8f:0a: - 7f:0a:64:91:c9:8d:79:75:63:45:e3:3b:2e:dc:01:12:ca:6c: - 47:da:97:40:7e:9e:3e:16:1a:64:8b:3e:cd:b7:bd:ec:61:9e: - 63:a9:0f:7a:cd:1c:e0:e0:2b:a9:74:ef:88:72:58:17:0c:ac: - ad:75:9e:6a:2e:a3:66:9e:79:a0:52:d1:77:cf:33:93:72:1a: - b8:0d:ab:9e:8f:32:34:52:9c:15:91:73:c3:a2:19:a4:21:96: - 05:8c:0b:d0 + 19:03:a2:5d:78:b9:24:6b:c8:a2:09:82:de:a1:0a:93:a4:e7: + b5:7f:13:65:df:f4:ff:5d:40:45:85:c8:59:c8:81:99:6b:c4: + 61:f7:06:ba:19:5b:81:c9:e9:39:63:3a:91:c5:14:58:c9:5c: + b7:ca:40:97:4d:e2:a2:9c:72:ff:f1:f3:f4:a0:b9:a8:a2:d5: + 00:f5:af:6d:34:20:b9:71:ea:ac:09:dd:25:d2:09:3b:c0:62: + 62:4f:36:73:74:cc:22:d2:16:14:aa:af:68:4c:2b:94:72:6a: + 4c:6b:38:75:2f:b1:c6:c2:ca:57:66:43:7d:0a:7f:ae:35:1f: + ed:37:a0:aa:59:4a:ff:d8:e4:74:a8:b8:28:ba:4e:1f:ff:31: + 4e:aa:82:e8:0d:d8:f4:22:b5:6f:f0:b4:d8:c7:b2:0b:b1:e4: + a5:1d:bb:7c:14:61:30:d9:f8:cd:69:67:1e:0e:d9:6f:2f:86: + c5:f2:ee:79:c8:50:f1:a3:dc:97:6f:05:68:85:63:74:24:11: + 3b:4f:48:66:aa:1e:36:44:de:e0:e3:ea:b5:01:78:83:de:13: + 7e:25:f4:66:66:b5:da:c6:34:79:3b:9f:73:99:49:e4:ca:37: + e8:92:ca:6e:a1:ac:c3:ea:d1:67:08:cd:33:49:18:05:8b:7e: + fd:c6:6b:ae -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIBBjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZgxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZgxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3 Mi53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC @@ -84,26 +84,26 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB -AQA12718jMLxg3c83b+0WwxulSkwpQO7VEVHiM3URoCUvII/j5w+PQlInHeRsHBU -cCNBjC/LC4/fCP7ODXY4yIAVb6vY/CaPAlUb6AhMxm84I4uLUv12BET7XUcxg4cu -f6nRNNt9nHOdY/wuhrIiS1zvldSzDxeAbGdds8Qqfb4iuUC3gtnHOOSbK8mg71O6 -eh6pnLaRHug9Ln/WHzXbclbqjwp/CmSRyY15dWNF4zsu3AESymxH2pdAfp4+Fhpk -iz7Nt73sYZ5jqQ96zRzg4CupdO+IclgXDKytdZ5qLqNmnnmgUtF3zzOTchq4Daue -jzI0UpwVkXPDohmkIZYFjAvQ +AQAZA6JdeLkka8iiCYLeoQqTpOe1fxNl3/T/XUBFhchZyIGZa8Rh9wa6GVuByek5 +YzqRxRRYyVy3ykCXTeKinHL/8fP0oLmootUA9a9tNCC5ceqsCd0l0gk7wGJiTzZz +dMwi0hYUqq9oTCuUcmpMazh1L7HGwspXZkN9Cn+uNR/tN6CqWUr/2OR0qLgouk4f +/zFOqoLoDdj0IrVv8LTYx7ILseSlHbt8FGEw2fjNaWceDtlvL4bF8u55yFDxo9yX +bwVohWN0JBE7T0hmqh42RN7g4+q1AXiD3hN+JfRmZrXaxjR5O59zmUnkyjfokspu +oazD6tFnCM0zSRgFi379xmuu -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35: a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 1e:8f:fa:f5:32:ee:98:9e:ed:96:b4:a9:ea:d7:3c:05:74:36: - 41:ef:1b:84:35:6a:3d:6c:c9:53:2a:50:f7:d1:80:d3:ec:99: - bc:4b:dd:86:69:e0:94:1c:c4:77:c9:6a:f7:ed:2c:0d:c5:17: - a7:15:75:25:14:2d:c6:14:8d:17:97:6d:e7:d7:38:88:d6:df: - ba:8c:aa:2a:f1:4e:ef:1f:4a:16:5a:fa:0c:50:ea:98:b1:4b: - 36:97:24:21:ce:dc:e4:5c:ba:ae:e7:cb:2a:1d:f7:73:ff:17: - f3:9d:cf:26:4e:b7:cb:5c:8e:e4:9e:55:d2:00:f8:ca:53:c3: - 53:3f:6d:65:aa:86:f4:f1:ed:26:1e:75:56:be:bd:80:f5:1c: - 4e:4d:13:c3:1b:04:61:b9:c6:e2:6f:30:44:01:0e:63:d8:19: - ce:83:40:e9:c7:01:f2:51:d7:b7:cd:16:25:93:de:3e:7a:7d: - 8d:72:1e:2b:66:76:91:df:b9:33:fa:04:b8:8c:c5:7a:ef:f6: - 94:74:54:1e:96:4a:a8:f6:0d:59:f7:2f:f1:26:78:f6:c7:bf: - 68:f9:b0:7f:a5:2d:1c:7b:fc:64:25:ed:a4:bb:e6:31:44:f9: - d5:5f:67:4d:01:29:84:b2:f8:fa:fb:6b:52:1e:66:c3:08:6b: - 8e:d5:ad:b9 + 0e:11:5a:b6:3c:42:28:c2:62:1d:8e:85:b9:77:f6:d0:ee:72: + b7:77:66:1f:6e:4e:e1:fb:d2:a9:11:81:b7:30:d2:a8:07:84: + 4d:72:19:d1:64:e4:8d:fa:36:6f:92:0c:51:8f:d8:b0:db:f8: + 61:6c:9c:67:0f:7a:da:8a:fe:2b:c2:72:91:10:40:e6:fb:3d: + e3:d8:59:bf:d4:aa:e1:e1:6d:73:91:d7:0c:5a:15:73:c7:bb: + b1:71:dc:be:d6:80:c9:95:54:5e:1f:6a:d2:4c:b9:4f:3c:74: + fb:22:4d:aa:e7:0f:bc:83:9f:61:e0:d7:77:99:cf:7f:c9:5a: + 89:8b:eb:85:67:02:b8:59:40:3b:3d:de:b6:80:41:69:1b:d5: + 39:8c:e8:29:1c:ec:9b:81:7e:dd:57:1d:d7:7d:d5:8e:8f:1d: + dc:ef:34:9b:06:ee:67:bc:da:96:1d:04:24:95:e5:99:9d:ed: + 1d:5a:50:a1:af:bc:34:0e:e3:45:52:65:97:88:85:07:38:87: + fd:1c:3f:37:20:fc:05:b4:81:98:0a:35:4d:87:e9:1d:c1:6f: + f9:33:ad:36:04:e5:c2:e8:46:1d:d4:d6:d8:ff:a3:ef:ed:13: + 20:9f:07:fe:cc:5d:81:7f:7a:1e:24:6b:56:27:63:53:66:de: + 78:50:81:0e -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB @@ -177,26 +177,26 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD -ggEBAB6P+vUy7pie7Za0qerXPAV0NkHvG4Q1aj1syVMqUPfRgNPsmbxL3YZp4JQc -xHfJavftLA3FF6cVdSUULcYUjReXbefXOIjW37qMqirxTu8fShZa+gxQ6pixSzaX -JCHO3ORcuq7nyyod93P/F/OdzyZOt8tcjuSeVdIA+MpTw1M/bWWqhvTx7SYedVa+ -vYD1HE5NE8MbBGG5xuJvMEQBDmPYGc6DQOnHAfJR17fNFiWT3j56fY1yHitmdpHf -uTP6BLiMxXrv9pR0VB6WSqj2DVn3L/EmePbHv2j5sH+lLRx7/GQl7aS75jFE+dVf -Z00BKYSy+Pr7a1IeZsMIa47Vrbk= +ggEBAA4RWrY8QijCYh2Ohbl39tDucrd3Zh9uTuH70qkRgbcw0qgHhE1yGdFk5I36 +Nm+SDFGP2LDb+GFsnGcPetqK/ivCcpEQQOb7PePYWb/UquHhbXOR1wxaFXPHu7Fx +3L7WgMmVVF4fatJMuU88dPsiTarnD7yDn2Hg13eZz3/JWomL64VnArhZQDs93raA +QWkb1TmM6Ckc7JuBft1XHdd91Y6PHdzvNJsG7me82pYdBCSV5Zmd7R1aUKGvvDQO +40VSZZeIhQc4h/0cPzcg/AW0gZgKNU2H6R3Bb/kzrTYE5cLoRh3U1tj/o+/tEyCf +B/7MXYF/eh4ka1YnY1Nm3nhQgQ4= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -233,27 +233,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/server3-cert.pem b/certs/ocsp/server3-cert.pem index bbc70fa1c..1ddebb950 100644 --- a/certs/ocsp/server3-cert.pem +++ b/certs/ocsp/server3-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www3.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www3.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:be:19:65:1e:17:39:d4:33:fc:97:64:69:80:51: fb:6c:7c:ca:e1:ba:2a:ab:d2:dd:30:61:f3:2e:47: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22222 Signature Algorithm: sha256WithRSAEncryption - 8f:08:2b:50:a2:26:49:28:c1:f1:bf:d8:5e:75:e3:37:cf:e0: - 48:c3:e3:fa:8b:ec:6f:f7:06:39:cc:12:6a:94:97:01:f1:3b: - 71:9d:08:85:40:ae:de:ab:33:68:ab:af:d6:a4:b3:90:f4:8f: - 12:31:31:52:98:6b:c8:bb:1e:5f:58:1a:31:5d:37:43:91:38: - be:b9:5b:17:cd:25:f1:49:09:76:19:57:fb:08:67:43:3e:d3: - 20:e2:b6:bc:17:cc:21:9d:45:cf:1c:5c:dc:54:fd:22:b6:b4: - b2:91:b8:8f:c3:93:95:02:52:a0:49:ef:fb:f4:86:61:82:e8: - c0:fc:2b:b7:82:32:74:81:68:c3:85:4a:e5:e4:d4:4c:2d:22: - 81:34:89:ca:aa:75:78:4d:5b:90:c2:a1:4f:ba:da:3a:f1:4e: - 12:21:ac:b6:23:3b:e3:e5:50:b6:69:3b:94:d7:64:37:57:a4: - cd:a7:53:1e:e5:27:8f:3d:b7:3e:85:34:9e:db:54:a6:d5:b8: - cb:9d:df:41:e9:b2:16:5c:a6:38:31:fb:64:9e:cb:4b:9d:b7: - f9:cb:52:ed:87:fe:f7:04:bb:a3:6b:07:66:57:5c:1c:cd:c4: - f2:60:94:97:38:0f:52:a4:aa:bc:5d:b5:09:d1:75:bd:24:ab: - 06:91:7e:24 + bf:5f:6a:7a:38:34:ca:36:cf:e9:65:53:f0:3b:3e:f5:c0:87: + 60:89:45:5d:70:24:67:b3:d2:23:97:d7:71:66:5f:f6:23:27: + 8f:f3:fe:72:a0:7b:61:3c:4c:2a:cb:de:78:97:f8:a9:87:78: + 22:1f:ca:96:7a:95:c2:de:07:16:d6:b5:3e:1d:f8:7c:06:ff: + c7:0d:1d:0b:2b:86:50:c3:90:a1:73:9f:cb:d8:25:11:d5:62: + 1d:ed:61:fc:6a:dd:cc:f0:74:91:b5:19:ce:c2:a1:9c:46:ba: + d5:70:b7:54:25:b8:d0:dc:7e:02:dd:bb:1e:ec:a5:f5:85:63: + 61:ef:64:a9:29:44:8b:62:1e:19:19:eb:7b:6c:dd:7b:c5:45: + 17:2c:a1:65:43:85:82:23:24:22:97:c9:26:cb:42:09:45:31: + 7b:c7:ff:2c:14:d6:8d:a1:54:e3:78:03:8b:79:cf:fc:c0:90: + d9:26:14:16:79:49:2d:31:b5:4c:f2:9f:8b:be:4a:46:32:8e: + 9b:27:a5:ca:8f:3f:4e:53:da:42:e7:b5:cb:95:4e:d9:d7:71: + a4:ae:7b:0e:14:df:57:09:b7:e7:5a:f5:c7:8d:e1:68:fb:0a: + ea:20:37:d4:88:c6:8b:4a:d8:10:cd:d1:b5:04:ca:8c:79:ad: + 44:e5:14:90 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZgxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZgxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3 My53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC @@ -84,26 +84,26 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB -AQCPCCtQoiZJKMHxv9hedeM3z+BIw+P6i+xv9wY5zBJqlJcB8TtxnQiFQK7eqzNo -q6/WpLOQ9I8SMTFSmGvIux5fWBoxXTdDkTi+uVsXzSXxSQl2GVf7CGdDPtMg4ra8 -F8whnUXPHFzcVP0itrSykbiPw5OVAlKgSe/79IZhgujA/Cu3gjJ0gWjDhUrl5NRM -LSKBNInKqnV4TVuQwqFPuto68U4SIay2Izvj5VC2aTuU12Q3V6TNp1Me5SePPbc+ -hTSe21Sm1bjLnd9B6bIWXKY4MftknstLnbf5y1Lth/73BLujawdmV1wczcTyYJSX -OA9SpKq8XbUJ0XW9JKsGkX4k +AQC/X2p6ODTKNs/pZVPwOz71wIdgiUVdcCRns9Ijl9dxZl/2IyeP8/5yoHthPEwq +y954l/iph3giH8qWepXC3gcW1rU+Hfh8Bv/HDR0LK4ZQw5Chc5/L2CUR1WId7WH8 +at3M8HSRtRnOwqGcRrrVcLdUJbjQ3H4C3bse7KX1hWNh72SpKUSLYh4ZGet7bN17 +xUUXLKFlQ4WCIyQil8kmy0IJRTF7x/8sFNaNoVTjeAOLec/8wJDZJhQWeUktMbVM +8p+LvkpGMo6bJ6XKjz9OU9pC57XLlU7Z13GkrnsOFN9XCbfnWvXHjeFo+wrqIDfU +iMaLStgQzdG1BMqMea1E5RSQ -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4: 6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 0c:13:dc:c2:28:a2:be:bb:0b:8e:29:28:aa:7a:99:04:e5:88: - c6:67:7e:8d:3f:8a:68:3a:7f:c5:e2:d0:ed:c9:95:4c:40:f2: - 7a:87:73:17:fb:f8:c4:bf:1b:ff:54:be:33:6d:15:e3:4f:70: - f4:60:27:b2:67:cd:0e:0f:2a:81:ee:dc:9d:48:37:74:8a:4c: - 11:47:23:f0:5d:7c:c1:78:70:1d:c1:87:db:26:b0:86:a8:42: - 3d:87:87:43:e7:d9:3a:a8:5c:c5:66:a4:d5:4e:9b:d9:44:b2: - 41:30:10:94:3b:fd:00:dc:02:63:05:d7:a1:75:ad:54:28:9e: - e4:07:3c:af:68:89:9b:71:96:21:ff:d6:4e:1d:d0:02:d5:21: - 7d:ae:d8:07:96:6c:1f:ca:a5:ef:54:13:92:be:3c:7d:c0:65: - bf:5c:bb:ff:46:c2:69:0f:4c:29:70:6d:b7:52:d5:ed:9e:e4: - 89:dc:41:0d:0a:94:bc:69:b3:dc:8a:a9:45:25:f1:2c:9b:5b: - 85:bc:69:fb:94:31:05:2c:17:fa:78:28:36:78:7f:f9:0c:4f: - 22:36:05:fe:bf:59:9d:5d:1f:9a:5e:8e:d8:1d:62:4d:d6:2d: - 73:d6:26:c1:a5:bc:e3:62:81:fc:1e:cb:7f:3e:c3:00:c9:b0: - e0:c6:1f:c3 + 33:da:33:9a:28:e3:e7:b0:25:c2:d9:94:9d:7e:46:98:3d:ac: + 08:f4:30:15:04:e0:fc:e2:4a:19:f1:0e:82:07:59:43:cd:0c: + b5:0c:55:2c:01:d2:78:22:e3:cd:38:75:13:36:ce:66:7b:17: + 86:ac:a3:98:e5:36:ae:37:4d:77:e6:02:e1:d8:77:d4:53:96: + 74:57:ca:6a:40:a3:de:38:e2:70:21:72:be:43:72:69:a1:d7: + fb:6d:7a:d3:db:5a:21:aa:d1:d3:7e:e4:76:54:3b:d3:19:68: + 7e:61:96:46:4f:de:d5:fe:f4:3b:8d:1c:24:b2:cb:4c:ff:8f: + ec:6a:13:28:ef:53:3b:12:f5:67:e1:d7:93:d2:eb:39:1d:72: + 13:79:a0:63:70:12:51:67:0d:d7:d2:4d:37:c3:fc:4d:ed:45: + 76:33:0e:82:af:d5:49:b8:f6:2f:fe:0e:93:d3:b7:6a:ab:e6: + e3:11:4f:04:50:5f:f8:13:4a:30:82:f4:56:c0:1d:ed:de:19: + 2c:62:a3:f2:1b:6a:8b:a1:b5:1a:cb:0a:e6:3c:b4:67:1a:2a: + 82:b4:78:a8:5f:a0:5d:22:34:dc:1c:3c:a8:77:6f:23:e0:6f: + b7:3e:36:52:21:64:89:1e:50:85:59:a7:cf:2b:f5:13:37:26: + 62:27:85:34 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB @@ -177,26 +177,26 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD -ggEBAAwT3MIoor67C44pKKp6mQTliMZnfo0/img6f8Xi0O3JlUxA8nqHcxf7+MS/ -G/9UvjNtFeNPcPRgJ7JnzQ4PKoHu3J1IN3SKTBFHI/BdfMF4cB3Bh9smsIaoQj2H -h0Pn2TqoXMVmpNVOm9lEskEwEJQ7/QDcAmMF16F1rVQonuQHPK9oiZtxliH/1k4d -0ALVIX2u2AeWbB/Kpe9UE5K+PH3AZb9cu/9GwmkPTClwbbdS1e2e5IncQQ0KlLxp -s9yKqUUl8SybW4W8afuUMQUsF/p4KDZ4f/kMTyI2Bf6/WZ1dH5pejtgdYk3WLXPW -JsGlvONigfwey38+wwDJsODGH8M= +ggEBADPaM5oo4+ewJcLZlJ1+Rpg9rAj0MBUE4PziShnxDoIHWUPNDLUMVSwB0ngi +4804dRM2zmZ7F4aso5jlNq43TXfmAuHYd9RTlnRXympAo9444nAhcr5Dcmmh1/tt +etPbWiGq0dN+5HZUO9MZaH5hlkZP3tX+9DuNHCSyy0z/j+xqEyjvUzsS9Wfh15PS +6zkdchN5oGNwElFnDdfSTTfD/E3tRXYzDoKv1Um49i/+DpPTt2qr5uMRTwRQX/gT +SjCC9FbAHe3eGSxio/IbaouhtRrLCuY8tGcaKoK0eKhfoF0iNNwcPKh3byPgb7c+ +NlIhZIkeUIVZp88r9RM3JmInhTQ= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -233,27 +233,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/server4-cert.pem b/certs/ocsp/server4-cert.pem index 363e12c3d..8d32928f8 100644 --- a/certs/ocsp/server4-cert.pem +++ b/certs/ocsp/server4-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www4.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www4.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:9c:ef:8a:7e:84:4d:58:7a:b1:91:c8:cb:68:76: df:fe:0a:29:fe:7f:74:35:d5:c3:fd:43:be:d7:89: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22222 Signature Algorithm: sha256WithRSAEncryption - 41:bd:96:38:c0:f7:87:a4:73:f5:bb:e8:4e:9d:83:45:03:17: - 19:b8:02:55:73:4f:f7:4e:c8:07:b1:7c:24:97:e8:f1:7c:22: - 43:ab:52:42:08:8b:d7:64:4d:30:99:e2:84:e8:f0:59:65:65: - fa:f4:84:da:b2:9f:84:37:e9:19:5a:0f:7c:4c:a7:6c:ef:81: - 7d:da:ca:d2:3e:2a:3b:82:99:50:02:2f:39:09:e8:7a:d8:f2: - d5:7e:f6:77:bf:6b:f2:33:78:0e:f0:fc:d4:15:2b:04:e8:ea: - d6:1d:97:0b:7e:60:17:c1:f7:f0:cb:65:51:a1:65:0c:c0:22: - cd:f5:18:bb:20:82:6c:f8:16:79:30:3e:f5:67:a7:9e:8a:7e: - ae:f5:49:a1:e6:01:8a:d3:b4:92:8e:b6:ce:18:aa:00:67:f1: - 19:7d:55:af:3c:5c:29:c3:04:a5:a5:e7:f5:67:af:d9:ca:75: - 84:3d:6d:74:4e:d5:c8:25:d5:fb:f7:24:5c:83:32:9a:6a:5d: - de:20:c3:3c:47:91:6f:2e:39:b7:17:12:fc:b0:93:d2:d6:23: - 44:c1:71:f4:33:80:21:f1:63:68:26:f7:ad:e4:35:86:3a:5b: - 26:d6:9d:0e:cf:38:b8:3d:80:30:34:ee:9e:b8:b6:37:19:3c: - 2d:ed:a3:63 + 78:64:9c:df:50:51:2f:9c:af:d1:32:f5:bd:49:65:84:22:3c: + 26:3b:90:c9:9e:4c:21:ab:b2:85:35:d3:fc:75:7f:88:46:93: + 69:d8:62:8b:3e:da:57:d7:f3:07:76:f1:02:33:ea:90:c5:d7: + 5f:ee:f3:d6:11:8f:59:12:79:7d:f0:ac:cf:28:65:e7:d3:87: + 86:2e:bf:b7:5b:7b:f8:23:5b:57:a2:85:0b:86:4c:34:db:1f: + 29:8d:bf:02:df:49:f8:e8:25:3e:72:89:f1:b0:c6:a6:cb:90: + d4:29:ef:16:1c:5a:4f:bc:47:e6:dc:ef:68:00:0c:9c:8a:e0: + 91:56:65:5a:56:f0:16:2d:f5:2c:84:95:c1:ca:07:67:14:a6: + f9:9a:df:a5:f4:65:f7:30:5a:d0:a6:14:d4:e7:02:d4:c1:d2: + a3:01:0e:52:e8:a1:ac:90:8b:45:ad:d4:3c:d7:27:e5:31:0e: + ec:9d:f4:f5:ae:dd:99:85:95:df:b8:07:f3:44:51:b0:4c:37: + 84:4b:c2:31:f4:82:24:30:d1:93:6f:26:9b:26:d0:02:2c:53: + 20:b7:c4:1a:c9:1b:1d:82:62:37:fd:f5:ec:ed:13:f1:75:52: + a8:ad:d2:f8:56:68:06:df:b4:4a:14:e0:f1:31:5b:b2:be:39: + 78:0a:b2:9b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZgxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZgxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3 NC53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC @@ -84,26 +84,26 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB -AQBBvZY4wPeHpHP1u+hOnYNFAxcZuAJVc0/3TsgHsXwkl+jxfCJDq1JCCIvXZE0w -meKE6PBZZWX69ITasp+EN+kZWg98TKds74F92srSPio7gplQAi85Ceh62PLVfvZ3 -v2vyM3gO8PzUFSsE6OrWHZcLfmAXwffwy2VRoWUMwCLN9Ri7IIJs+BZ5MD71Z6ee -in6u9Umh5gGK07SSjrbOGKoAZ/EZfVWvPFwpwwSlpef1Z6/ZynWEPW10TtXIJdX7 -9yRcgzKaal3eIMM8R5FvLjm3FxL8sJPS1iNEwXH0M4Ah8WNoJvet5DWGOlsm1p0O -zzi4PYAwNO6euLY3GTwt7aNj +AQB4ZJzfUFEvnK/RMvW9SWWEIjwmO5DJnkwhq7KFNdP8dX+IRpNp2GKLPtpX1/MH +dvECM+qQxddf7vPWEY9ZEnl98KzPKGXn04eGLr+3W3v4I1tXooULhkw02x8pjb8C +30n46CU+conxsMamy5DUKe8WHFpPvEfm3O9oAAyciuCRVmVaVvAWLfUshJXBygdn +FKb5mt+l9GX3MFrQphTU5wLUwdKjAQ5S6KGskItFrdQ81yflMQ7snfT1rt2ZhZXf +uAfzRFGwTDeES8Ix9IIkMNGTbyabJtACLFMgt8QayRsdgmI3/fXs7RPxdVKordL4 +VmgG37RKFODxMVuyvjl4CrKb -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4: 6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 0c:13:dc:c2:28:a2:be:bb:0b:8e:29:28:aa:7a:99:04:e5:88: - c6:67:7e:8d:3f:8a:68:3a:7f:c5:e2:d0:ed:c9:95:4c:40:f2: - 7a:87:73:17:fb:f8:c4:bf:1b:ff:54:be:33:6d:15:e3:4f:70: - f4:60:27:b2:67:cd:0e:0f:2a:81:ee:dc:9d:48:37:74:8a:4c: - 11:47:23:f0:5d:7c:c1:78:70:1d:c1:87:db:26:b0:86:a8:42: - 3d:87:87:43:e7:d9:3a:a8:5c:c5:66:a4:d5:4e:9b:d9:44:b2: - 41:30:10:94:3b:fd:00:dc:02:63:05:d7:a1:75:ad:54:28:9e: - e4:07:3c:af:68:89:9b:71:96:21:ff:d6:4e:1d:d0:02:d5:21: - 7d:ae:d8:07:96:6c:1f:ca:a5:ef:54:13:92:be:3c:7d:c0:65: - bf:5c:bb:ff:46:c2:69:0f:4c:29:70:6d:b7:52:d5:ed:9e:e4: - 89:dc:41:0d:0a:94:bc:69:b3:dc:8a:a9:45:25:f1:2c:9b:5b: - 85:bc:69:fb:94:31:05:2c:17:fa:78:28:36:78:7f:f9:0c:4f: - 22:36:05:fe:bf:59:9d:5d:1f:9a:5e:8e:d8:1d:62:4d:d6:2d: - 73:d6:26:c1:a5:bc:e3:62:81:fc:1e:cb:7f:3e:c3:00:c9:b0: - e0:c6:1f:c3 + 33:da:33:9a:28:e3:e7:b0:25:c2:d9:94:9d:7e:46:98:3d:ac: + 08:f4:30:15:04:e0:fc:e2:4a:19:f1:0e:82:07:59:43:cd:0c: + b5:0c:55:2c:01:d2:78:22:e3:cd:38:75:13:36:ce:66:7b:17: + 86:ac:a3:98:e5:36:ae:37:4d:77:e6:02:e1:d8:77:d4:53:96: + 74:57:ca:6a:40:a3:de:38:e2:70:21:72:be:43:72:69:a1:d7: + fb:6d:7a:d3:db:5a:21:aa:d1:d3:7e:e4:76:54:3b:d3:19:68: + 7e:61:96:46:4f:de:d5:fe:f4:3b:8d:1c:24:b2:cb:4c:ff:8f: + ec:6a:13:28:ef:53:3b:12:f5:67:e1:d7:93:d2:eb:39:1d:72: + 13:79:a0:63:70:12:51:67:0d:d7:d2:4d:37:c3:fc:4d:ed:45: + 76:33:0e:82:af:d5:49:b8:f6:2f:fe:0e:93:d3:b7:6a:ab:e6: + e3:11:4f:04:50:5f:f8:13:4a:30:82:f4:56:c0:1d:ed:de:19: + 2c:62:a3:f2:1b:6a:8b:a1:b5:1a:cb:0a:e6:3c:b4:67:1a:2a: + 82:b4:78:a8:5f:a0:5d:22:34:dc:1c:3c:a8:77:6f:23:e0:6f: + b7:3e:36:52:21:64:89:1e:50:85:59:a7:cf:2b:f5:13:37:26: + 62:27:85:34 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB @@ -177,26 +177,26 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD -ggEBAAwT3MIoor67C44pKKp6mQTliMZnfo0/img6f8Xi0O3JlUxA8nqHcxf7+MS/ -G/9UvjNtFeNPcPRgJ7JnzQ4PKoHu3J1IN3SKTBFHI/BdfMF4cB3Bh9smsIaoQj2H -h0Pn2TqoXMVmpNVOm9lEskEwEJQ7/QDcAmMF16F1rVQonuQHPK9oiZtxliH/1k4d -0ALVIX2u2AeWbB/Kpe9UE5K+PH3AZb9cu/9GwmkPTClwbbdS1e2e5IncQQ0KlLxp -s9yKqUUl8SybW4W8afuUMQUsF/p4KDZ4f/kMTyI2Bf6/WZ1dH5pejtgdYk3WLXPW -JsGlvONigfwey38+wwDJsODGH8M= +ggEBADPaM5oo4+ewJcLZlJ1+Rpg9rAj0MBUE4PziShnxDoIHWUPNDLUMVSwB0ngi +4804dRM2zmZ7F4aso5jlNq43TXfmAuHYd9RTlnRXympAo9444nAhcr5Dcmmh1/tt +etPbWiGq0dN+5HZUO9MZaH5hlkZP3tX+9DuNHCSyy0z/j+xqEyjvUzsS9Wfh15PS +6zkdchN5oGNwElFnDdfSTTfD/E3tRXYzDoKv1Um49i/+DpPTt2qr5uMRTwRQX/gT +SjCC9FbAHe3eGSxio/IbaouhtRrLCuY8tGcaKoK0eKhfoF0iNNwcPKh3byPgb7c+ +NlIhZIkeUIVZp88r9RM3JmInhTQ= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -233,27 +233,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/ocsp/server5-cert.pem b/certs/ocsp/server5-cert.pem index 5db230d70..243328f5f 100644 --- a/certs/ocsp/server5-cert.pem +++ b/certs/ocsp/server5-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www5.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www5.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ac:73:6d:e9:fa:8c:36:72:3e:89:3b:52:29:bd: 14:70:a2:00:b4:08:58:b6:c6:c0:bf:80:6a:1f:a5: @@ -47,27 +47,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22223 Signature Algorithm: sha256WithRSAEncryption - 82:34:f3:94:21:59:85:fb:8f:9e:ae:df:bb:ab:ba:4b:80:75: - c2:eb:1b:58:5d:45:d4:df:6c:a6:8a:8f:84:00:7a:da:00:71: - a3:89:07:52:78:04:05:ba:3d:aa:fd:0b:1e:82:22:12:a1:98: - 39:fb:b8:91:92:dc:4a:a6:33:f9:fd:3b:a7:7d:96:63:ec:cd: - 5c:ac:db:9d:dd:5c:0c:70:1e:31:61:e1:1c:38:b6:e4:d7:e1: - 98:44:8e:20:ae:36:2c:e8:be:8b:82:38:f6:2e:46:46:a2:43: - 51:e1:cd:fb:1d:f5:fe:14:57:fe:b4:55:6d:0c:55:45:3f:96: - 96:7a:3c:be:40:31:27:69:d7:18:d2:7b:af:be:a9:7f:fe:fe: - 75:b4:8c:ae:d8:48:9c:f6:60:ba:69:dd:1a:fe:ec:04:53:5e: - a9:04:91:46:89:4b:5d:01:79:36:66:ea:25:1c:af:fe:44:59: - 90:3f:b0:4d:51:a4:ec:d9:c2:d1:35:12:79:26:ea:a4:99:b2: - ac:e6:7b:bc:bd:d1:06:d3:fe:5b:35:2e:58:46:30:bf:8c:1f: - 15:da:e9:7e:3a:68:4c:85:89:38:2a:a2:6c:6d:14:25:17:32: - d2:96:0b:67:b9:c5:7b:de:ef:1a:13:b8:8a:d7:8f:db:b7:73: - cd:5b:d8:fc + ad:33:0c:6b:85:02:09:19:f8:19:dc:f8:ae:ac:25:c5:59:44: + 72:f4:9b:da:ef:3c:54:35:4c:73:f8:8f:c5:53:e1:fe:63:a4: + b2:05:ea:01:bc:50:35:d0:10:70:31:9a:6c:df:92:1d:25:d2: + 8f:2d:12:e1:f1:41:4d:c5:45:65:35:81:7d:ea:88:5d:77:d7: + 73:96:ec:eb:90:7c:c9:43:bb:8f:80:24:ca:99:65:2d:ef:40: + 12:54:27:e1:65:3b:88:45:bc:3e:0f:37:ec:d2:84:d7:80:9d: + 15:f4:9b:64:c2:d7:73:60:10:00:98:9e:61:9b:c8:32:33:cc: + 1b:d4:75:be:c1:63:c7:78:ef:72:70:4a:ba:df:c2:70:49:c7: + ea:19:74:76:51:72:3f:48:65:3c:58:f8:12:85:52:b1:ed:67: + 0f:71:0e:a3:cf:b8:7a:9e:af:f4:92:ed:bf:7f:f0:b8:1d:ac: + d9:62:13:98:82:7c:a3:51:30:9e:f2:a7:21:ab:33:6c:8e:be: + 28:2b:29:d5:62:f3:c5:6e:87:f2:cd:88:d3:50:c4:6a:54:c6: + fa:fb:0a:29:4c:93:c2:e2:fb:02:86:2a:66:a9:d1:6f:c5:6c: + 91:3f:88:79:52:c1:b0:e1:29:00:3b:d5:9e:07:05:83:1e:b0: + 2c:ed:1b:89 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NM IFJFVk9LRUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZgxCzAJ +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZgxCzAJ BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UE AwwQd3d3NS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns @@ -84,26 +84,26 @@ A1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5l ZXJpbmcxGDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQ aW5mb0B3b2xmc3NsLmNvbYIBAzALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAk MCIGCCsGAQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIzMA0GCSqGSIb3DQEB -CwUAA4IBAQCCNPOUIVmF+4+ert+7q7pLgHXC6xtYXUXU32ymio+EAHraAHGjiQdS -eAQFuj2q/QsegiISoZg5+7iRktxKpjP5/TunfZZj7M1crNud3VwMcB4xYeEcOLbk -1+GYRI4grjYs6L6Lgjj2LkZGokNR4c37HfX+FFf+tFVtDFVFP5aWejy+QDEnadcY -0nuvvql//v51tIyu2Eic9mC6ad0a/uwEU16pBJFGiUtdAXk2ZuolHK/+RFmQP7BN -UaTs2cLRNRJ5JuqkmbKs5nu8vdEG0/5bNS5YRjC/jB8V2ul+OmhMhYk4KqJsbRQl -FzLSlgtnucV73u8aE7iK14/bt3PNW9j8 +CwUAA4IBAQCtMwxrhQIJGfgZ3PiurCXFWURy9Jva7zxUNUxz+I/FU+H+Y6SyBeoB +vFA10BBwMZps35IdJdKPLRLh8UFNxUVlNYF96ohdd9dzluzrkHzJQ7uPgCTKmWUt +70ASVCfhZTuIRbw+Dzfs0oTXgJ0V9JtkwtdzYBAAmJ5hm8gyM8wb1HW+wWPHeO9y +cEq638JwScfqGXR2UXI/SGU8WPgShVKx7WcPcQ6jz7h6nq/0ku2/f/C4HazZYhOY +gnyjUTCe8qchqzNsjr4oKynVYvPFbofyzYjTUMRqVMb6+wopTJPC4vsChipmqdFv +xWyRP4h5UsGw4SkAO9WeBwWDHrAs7RuJ -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:c5:04:10:7d:c2:21:e9:12:45:da:d5:ba:28: fd:a6:f4:30:44:a0:df:f9:70:5e:17:26:97:59:5c: @@ -140,27 +140,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 9d:2f:66:43:34:cc:a4:d7:ae:09:81:ec:ca:bf:9e:e0:d6:28: - a0:25:63:5e:16:0a:e9:60:2c:c1:e6:36:5d:92:f0:7c:4a:22: - 10:94:9b:1a:c6:8f:c3:a9:bb:69:53:b8:aa:30:91:c5:32:19: - 35:7a:3e:86:af:f9:39:74:44:6e:5c:39:f6:b6:62:0c:33:8e: - f6:b9:d2:a7:e0:22:df:a3:4f:48:e4:04:f1:f7:20:f5:36:55: - a1:3d:08:ae:a9:12:eb:a8:97:59:6f:a0:b8:f0:ab:73:22:01: - cc:cc:96:29:ae:5f:46:ac:4e:47:1a:b9:8d:06:7e:88:67:5e: - 16:12:64:37:85:2a:d8:f3:27:cd:fa:86:fc:84:4b:51:3a:f1: - c7:1a:27:8d:54:49:e6:cb:82:bb:7c:b3:3f:2f:10:d5:3a:74: - e5:36:7b:b5:c4:58:a4:48:35:af:35:ad:3d:44:74:44:83:99: - d0:a1:c6:2f:5f:f3:58:1a:33:2f:6c:4e:8e:44:ce:2a:ba:e9: - c6:7d:9f:22:12:44:05:38:f7:87:54:4d:8d:ac:72:1c:5a:2a: - 74:9d:3b:30:31:d6:a9:39:d4:d6:0e:63:f8:46:07:ab:7f:01: - 31:cc:85:91:72:10:37:94:c4:ec:f9:9d:7f:81:25:cb:ce:55: - 48:85:86:2e + 4f:75:6b:7a:dc:f9:b0:8a:03:c2:b6:7b:d8:b7:39:d2:97:35: + 5b:b7:f7:fa:01:a5:a4:a8:e6:33:ef:99:1f:c4:36:6b:9a:f4: + 50:8f:70:9a:c8:82:6d:fd:28:80:45:eb:13:60:cb:67:81:29: + f3:63:c5:8b:4a:96:a6:62:62:24:86:ad:f3:6b:49:a9:e1:9b: + 8c:cd:fa:b5:53:1b:fb:0d:a1:c4:e2:b7:64:b4:50:18:8b:aa: + 84:21:0f:26:e0:c7:0f:b2:4e:1e:70:14:0d:e9:1e:e2:b7:a0: + d6:4f:e8:ed:77:cd:bc:dd:63:3c:cf:67:4b:27:b5:f1:91:b7: + c2:7a:0a:ca:3a:87:7a:f4:50:8a:6a:19:f7:f6:a0:c1:76:78: + d9:27:c1:33:10:02:1c:96:ae:d5:ca:f8:08:15:cc:2a:64:b6: + 37:cf:05:37:4b:c5:f3:8a:ef:b2:cb:07:b5:04:48:c9:c5:00: + 05:8f:f6:fc:3b:89:6a:57:f6:15:ea:93:85:8b:0a:e7:71:0e: + 32:fa:90:4a:74:6f:71:25:f1:c5:5a:1d:5e:10:e0:25:43:3f: + 8d:76:d4:f5:70:68:50:76:20:d7:f1:4e:eb:75:06:f7:81:20: + 19:5c:03:cb:25:fe:36:93:6c:68:16:e0:64:c9:86:47:5c:44: + b3:96:6b:e9 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBpzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBpzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu @@ -177,26 +177,26 @@ DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcN -AQELBQADggEBAJ0vZkM0zKTXrgmB7Mq/nuDWKKAlY14WCulgLMHmNl2S8HxKIhCU -mxrGj8Opu2lTuKowkcUyGTV6Poav+Tl0RG5cOfa2Ygwzjva50qfgIt+jT0jkBPH3 -IPU2VaE9CK6pEuuol1lvoLjwq3MiAczMlimuX0asTkcauY0GfohnXhYSZDeFKtjz -J836hvyES1E68ccaJ41USebLgrt8sz8vENU6dOU2e7XEWKRINa81rT1EdESDmdCh -xi9f81gaMy9sTo5Eziq66cZ9nyISRAU494dUTY2schxaKnSdOzAx1qk51NYOY/hG -B6t/ATHMhZFyEDeUxOz5nX+BJcvOVUiFhi4= +AQELBQADggEBAE91a3rc+bCKA8K2e9i3OdKXNVu39/oBpaSo5jPvmR/ENmua9FCP +cJrIgm39KIBF6xNgy2eBKfNjxYtKlqZiYiSGrfNrSanhm4zN+rVTG/sNocTit2S0 +UBiLqoQhDybgxw+yTh5wFA3pHuK3oNZP6O13zbzdYzzPZ0sntfGRt8J6Cso6h3r0 +UIpqGff2oMF2eNknwTMQAhyWrtXK+AgVzCpktjfPBTdLxfOK77LLB7UESMnFAAWP +9vw7iWpX9hXqk4WLCudxDjL6kEp0b3El8cVaHV4Q4CVDP4121PVwaFB2INfxTut1 +BveBIBlcA8sl/jaTbGgW4GTJhkdcRLOWa+k= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 99 (0x63) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc: bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca: @@ -233,27 +233,27 @@ Certificate: OCSP - URI:http://127.0.0.1:22220 Signature Algorithm: sha256WithRSAEncryption - 3e:31:8d:ab:e8:39:25:0a:a0:01:53:03:10:e8:f9:d9:5e:51: - 46:da:e2:e2:60:40:7c:ec:d7:c1:54:8f:5b:a1:1f:1b:43:64: - f5:b3:a5:b9:d1:9d:af:45:5a:53:00:ba:f7:53:63:5c:79:b5: - ad:0e:b3:0b:05:b0:2e:c7:ca:1f:52:13:47:38:9b:d0:cd:b5: - 19:c1:f7:e6:1d:14:9b:81:8b:e7:ef:d9:70:32:b0:f1:96:b6: - ff:fe:fd:83:e7:fe:74:55:12:e4:93:3f:e3:54:7e:d3:d3:11: - ae:d4:e8:9b:70:97:64:7f:12:f3:38:26:62:38:c6:43:42:3b: - ea:87:67:80:e5:18:c5:28:54:f9:d3:33:4a:b9:33:1e:7c:45: - 7a:e9:64:0f:50:fe:6d:b0:a3:aa:c4:98:7d:ef:53:2c:d1:0e: - d3:8b:2b:f3:3d:a4:df:26:50:b4:8b:ac:64:00:89:7b:5a:fb: - 4f:b8:d3:f4:53:63:bd:e8:45:cc:2c:55:25:61:92:ff:41:b7: - 27:6a:16:43:ff:0a:26:50:ef:31:9d:4f:6f:6e:ea:bd:1d:70: - 69:c9:1f:ba:70:bf:b2:1d:4a:7d:57:d7:9e:a1:e8:86:34:e3: - fa:ee:3f:26:20:12:f5:15:83:53:a0:91:5d:a9:36:b3:02:a3: - 42:94:c9:65 + 47:c1:c3:44:7c:3a:d0:65:5b:74:2c:63:3f:73:84:e5:6b:d9: + e7:45:33:0f:6a:80:49:2d:8f:23:92:b6:ef:22:e6:d5:07:4c: + c7:05:e0:d9:d5:29:b0:bf:a4:9f:b5:fa:c7:d5:79:aa:3f:2e: + 9b:7d:c2:57:dc:41:cb:d7:63:27:28:8d:13:77:67:63:82:3d: + 85:1a:06:7e:f9:4d:7c:3a:ca:b5:dd:50:b1:be:5f:d3:8c:0f: + 73:90:5c:79:0f:c9:86:d4:fd:4b:fc:3e:8c:01:55:1b:2f:33: + 6d:88:6e:0f:bd:21:38:64:96:7d:2d:95:9e:98:51:77:56:39: + 6b:a8:2f:e0:9f:16:a4:1d:17:67:23:a3:8b:4f:1a:71:05:f0: + eb:e0:a7:7a:8f:ab:9f:f4:81:a8:12:f8:09:a3:f7:83:22:8c: + 36:5d:45:7f:61:ea:9c:68:96:94:7b:d4:4d:8b:73:d0:65:20: + 63:cf:75:9d:96:a2:bf:23:f3:2d:60:61:e5:7d:b3:2e:1b:11: + 01:33:d6:58:6d:b2:c8:d2:5a:78:3a:df:56:fd:15:ac:13:33: + 62:ce:ba:99:85:7c:00:05:69:d0:fd:ad:87:e5:4d:d3:16:43: + 44:a6:49:84:74:c7:ea:f0:24:50:c9:c9:4a:5d:d8:be:66:fe: + 00:47:3f:c0 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM -IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEw -MjEwMTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV +IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEx +MjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 @@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW -aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAPjGNq+g5 -JQqgAVMDEOj52V5RRtri4mBAfOzXwVSPW6EfG0Nk9bOludGdr0VaUwC691NjXHm1 -rQ6zCwWwLsfKH1ITRzib0M21GcH35h0Um4GL5+/ZcDKw8Za2//79g+f+dFUS5JM/ -41R+09MRrtTom3CXZH8S8zgmYjjGQ0I76odngOUYxShU+dMzSrkzHnxFeulkD1D+ -bbCjqsSYfe9TLNEO04sr8z2k3yZQtIusZACJe1r7T7jT9FNjvehFzCxVJWGS/0G3 -J2oWQ/8KJlDvMZ1Pb27qvR1wackfunC/sh1KfVfXnqHohjTj+u4/JiAS9RWDU6CR -Xak2swKjQpTJZQ== +aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAR8HDRHw6 +0GVbdCxjP3OE5WvZ50UzD2qASS2PI5K27yLm1QdMxwXg2dUpsL+kn7X6x9V5qj8u +m33CV9xBy9djJyiNE3dnY4I9hRoGfvlNfDrKtd1Qsb5f04wPc5BceQ/JhtT9S/w+ +jAFVGy8zbYhuD70hOGSWfS2VnphRd1Y5a6gv4J8WpB0XZyOji08acQXw6+Cneo+r +n/SBqBL4CaP3gyKMNl1Ff2HqnGiWlHvUTYtz0GUgY891nZaivyPzLWBh5X2zLhsR +ATPWWG2yyNJaeDrfVv0VrBMzYs66mYV8AAVp0P2th+VN0xZDRKZJhHTH6vAkUMnJ +Sl3Yvmb+AEc/wA== -----END CERTIFICATE----- diff --git a/certs/p521/ca-p521.der b/certs/p521/ca-p521.der index 8b4a6c3c50ff0eb4ec68289e88b4a1159c74f1a1..6fa345bab83b32ba92230bc35efd8627da082b59 100644 GIT binary patch delta 192 zcmeBS>t^=*!{V~LT1(}RY!m#~leDPn--6jJR)Syi-mh&7i8||hw@3Z6{G228Tl>F8e@`&X zySez7qoy;rh-hip`%`-javdiYeqnMH(K{L5<;b&s!5$mMz22`l{v;-TZ=H0}NzQ7L tL$QSG{r@-qy*`_0koG>okY&#UU%7)*@4x1KeU_u3%qQma{%>n|YXQhiQU?G4 delta 193 zcmeBX>tSOtXkzA=$g)G$z{t?R(9*=x)Hq6<*T~q=(7+tZHE5hVQQl>IAOt)$@*;`WR1%@c7GOA+UYTM2U5hhDJsP zM#cu_My65XyhbJlmWHMf?#BCejQm~(O^j{^vTV$uvV1IJERzG6MEMLFZ-V&BER7cp z8qZDkXWA)>)%3|i%#roo3gQHO(%-CwS=c%sNB z&yO{!50a!VAC`=k%ek(@c!P1LmhPIh4F{tJs3r_!GzKI>lyoAdt5SQ!7z MbJw5Q!q(q)06vs)PXGV_ delta 251 zcmeC>_`xn=(8T=3pouwj0W%XL6B8%HM%VwRdh_ceCn~R#GB7eUFtjwWG&PPA=QT1m zG&C@WawqD~o!r5=fYsihiP3tpE|Vh9IX31{S!I^SV+M_fCr2^uhIGLU-F&WtJ=vC|fGF zYTkvfr8y1pNAgzdK46|y_f|AM;Pa~|g+CkQFRrVc6?*6U)E=7#CMU-0m5&y+o|&rt zV*8S`ImH*hEesQyQkvEKCUTcx>Bo(B+8$!BEdEPtPO;llvQlI6p#_s9LK%7PwfTNF NVYl4D6nn&57y$cOSi3^IhOjKSYWng4zU}$M#X=)rL&TC|B zXlP&#?b{C@jNaa7^X-iFjed8v=TjN1oG!a$w7j;-_s{>P z$uN78$wo`}=JRzAnzc)}J>2H9)MWkK6^o|5T7SxDE|U{u{w1l0`C(J9E@xR&;UsmG zP4Hn&ki6i#r^~H0&*+9nFLiv(#3P_>6`VP3dT~)+0$bd%Qu`8t(6qzf*e}o2-*r!T F6#(*^QZ)bo diff --git a/certs/p521/root-p521.pem b/certs/p521/root-p521.pem index 17425bb86..d3311c526 100644 --- a/certs/p521/root-p521.pem +++ b/certs/p521/root-p521.pem @@ -1,17 +1,18 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 9354390136921551540 (0x81d1784491a072b4) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_P521, OU=Root-P521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 64:bd:93:4d:73:a4:89:b6:a5:4a:ef:23:28:a3:65:2e:fc:66:9f:a5 + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_P521, OU=Root-P521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (521 bit) - pub: + pub: 04:01:41:60:d4:e5:cc:37:db:f4:4c:12:cc:f6:7a: 32:cc:f2:1c:b7:53:15:bd:5f:53:ef:cb:73:a9:c8: 14:6c:6f:7d:c5:7c:b4:bb:8e:56:c2:43:45:fb:58: @@ -34,30 +35,30 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ecdsa-with-SHA256 - 30:81:88:02:42:01:fe:f6:e7:a7:3f:87:c3:c1:5b:b7:8e:3c: - f6:cc:3b:d8:8f:47:26:e7:95:00:3a:42:d3:44:68:84:eb:3c: - 6f:4f:6f:f6:29:00:9b:92:34:b1:39:47:83:cf:7e:e0:83:2b: - 75:b6:e1:b6:44:a5:34:af:9d:a8:a2:96:ea:af:ca:32:9d:02: - 42:01:6f:d2:1a:e1:6f:56:95:d5:a7:04:ac:78:42:1a:c5:06: - 11:e1:7c:52:1f:11:ee:e5:a7:3a:29:cc:2d:57:5b:a5:41:e3: - 02:0c:10:2b:3a:53:69:96:97:73:72:6e:60:06:5e:c6:75:3f: - 74:10:55:66:c3:f6:d3:99:2f:ba:de:13:aa + 30:81:88:02:42:00:8c:f2:37:8c:fd:9e:7e:51:9e:13:db:15: + 41:33:37:64:12:dd:87:aa:69:74:a4:10:76:a5:16:aa:9e:d0: + f5:75:6c:80:5f:c4:6e:ab:2d:e0:03:92:7e:ed:15:5f:50:f3: + ea:e4:71:f9:80:1f:d1:ae:79:9a:55:dc:f7:95:8c:3c:80:02: + 42:01:d7:79:e2:a2:85:cc:95:27:e8:b7:a4:66:9c:73:d1:f6: + a1:56:12:94:75:6a:8d:ec:59:ba:11:75:f1:b1:3e:2b:48:16: + ea:38:ff:1b:29:94:3e:bc:74:a9:28:93:c2:a0:92:18:55:01: + 0c:de:86:4d:f3:34:39:b8:02:5d:c4:4b:13 -----BEGIN CERTIFICATE----- -MIIDEjCCAnOgAwIBAgIJAIHReESRoHK0MAoGCCqGSM49BAMCMIGXMQswCQYDVQQG -EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UE -CgwMd29sZlNTTF9QNTIxMRIwEAYDVQQLDAlSb290LVA1MjExGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTNaFw0yMzExMDcxOTQ5NTNaMIGXMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29s -ZlNTTF9QNTIxMRIwEAYDVQQLDAlSb290LVA1MjExGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCBmzAQBgcq -hkjOPQIBBgUrgQQAIwOBhgAEAUFg1OXMN9v0TBLM9noyzPIct1MVvV9T78tzqcgU -bG99xXy0u45WwkNF+1gcxkU9f+VOgMxEwQZ6deFpyYqoAXrfAERJc5wvUD+DoB6L -0ar7CAyQBQ0MFzFRPtaFOwkSgtGmCM3IT2payIyOXb/azFuVoehaKXgisrpJoYXG -SIpxU42Jo2MwYTAdBgNVHQ4EFgQUZKdolVMzGKIgkrxkVaarynZom8gwHwYDVR0j -BBgwFoAUZKdolVMzGKIgkrxkVaarynZom8gwDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDgYwAMIGIAkIB/vbnpz+Hw8Fbt4489sw7 -2I9HJueVADpC00RohOs8b09v9ikAm5I0sTlHg89+4IMrdbbhtkSlNK+dqKKW6q/K -Mp0CQgFv0hrhb1aV1acErHhCGsUGEeF8Uh8R7uWnOinMLVdbpUHjAgwQKzpTaZaX -c3JuYAZexnU/dBBVZsP205kvut4Tqg== +MIIDHTCCAn6gAwIBAgIUZL2TTXOkibalSu8jKKNlLvxmn6UwCgYIKoZIzj0EAwIw +gZcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMRUwEwYDVQQKDAx3b2xmU1NMX1A1MjExEjAQBgNVBAsMCVJvb3QtUDUyMTEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZcxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUw +EwYDVQQKDAx3b2xmU1NMX1A1MjExEjAQBgNVBAsMCVJvb3QtUDUyMTEYMBYGA1UE +AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBQWDU5cw32/RMEsz2ejLM8hy3 +UxW9X1Pvy3OpyBRsb33FfLS7jlbCQ0X7WBzGRT1/5U6AzETBBnp14WnJiqgBet8A +RElznC9QP4OgHovRqvsIDJAFDQwXMVE+1oU7CRKC0aYIzchPalrIjI5dv9rMW5Wh +6FopeCKyukmhhcZIinFTjYmjYzBhMB0GA1UdDgQWBBRkp2iVUzMYoiCSvGRVpqvK +dmibyDAfBgNVHSMEGDAWgBRkp2iVUzMYoiCSvGRVpqvKdmibyDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBjAAwgYgCQgCM8jeM +/Z5+UZ4T2xVBMzdkEt2Hqml0pBB2pRaqntD1dWyAX8Ruqy3gA5J+7RVfUPPq5HH5 +gB/RrnmaVdz3lYw8gAJCAdd54qKFzJUn6LekZpxz0fahVhKUdWqN7Fm6EXXxsT4r +SBbqOP8bKZQ+vHSpKJPCoJIYVQEM3oZN8zQ5uAJdxEsT -----END CERTIFICATE----- diff --git a/certs/p521/server-p521-cert.pem b/certs/p521/server-p521-cert.pem index 6c0c7d69e..28c3a6c8f 100644 --- a/certs/p521/server-p521-cert.pem +++ b/certs/p521/server-p521-cert.pem @@ -2,16 +2,16 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_p521, OU=CA-p521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_p521, OU=Server-p521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Server-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (521 bit) - pub: + pub: 04:00:de:70:69:f6:d1:9e:c4:fe:5f:82:52:98:ce: 52:c1:6a:4c:12:22:0f:76:88:22:11:a5:0d:a6:02: 47:91:ab:79:8d:f6:08:70:2d:20:14:15:df:1b:57: @@ -38,20 +38,20 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ecdsa-with-SHA256 - 30:81:88:02:42:01:47:61:fe:54:a4:3f:84:c7:04:12:32:5f: - c7:3b:0e:eb:9a:0d:46:be:d4:17:f0:df:e1:6b:a6:a3:00:0a: - b5:cb:ec:27:c0:f4:4a:5b:50:a9:1c:08:42:83:fa:37:ae:54: - f6:38:07:aa:46:8b:b4:c1:60:15:c7:e3:da:05:0e:8f:4b:02: - 42:01:9e:ee:b3:90:5f:ff:7a:2e:c7:5c:10:d4:6d:b7:25:55: - dc:04:96:bd:0a:11:63:fa:26:66:4d:59:68:a1:04:7f:88:29: - d9:4b:3c:93:21:22:cd:65:b6:a3:b5:74:fd:d5:de:71:07:5b: - fa:5a:49:ae:e6:da:21:93:fb:f5:90:06:e4 + 30:81:88:02:42:01:1a:79:13:f5:86:d5:2c:a7:58:be:8d:43: + b9:c4:ce:58:12:d2:22:76:43:2b:79:35:20:86:6d:26:83:7c: + e7:8b:77:10:c7:e4:d5:fc:92:bf:0b:ce:ee:26:09:e0:fb:fb: + d6:01:74:18:cf:af:57:f0:6b:7d:ef:72:78:e8:f0:97:7a:02: + 42:01:a0:9b:22:53:92:4d:09:8c:76:42:e7:5d:29:f5:b9:ad: + 36:6d:27:81:98:b1:db:aa:0f:ba:96:01:a8:c6:af:bb:43:8e: + 67:ce:d6:8c:1f:5f:90:ef:86:b7:1b:8e:45:16:7d:9e:42:5c: + 30:23:a2:f0:3d:2c:9b:9a:b8:78:42:84:d1 -----BEGIN CERTIFICATE----- MIIDMTCCApKgAwIBAgIBATAKBggqhkjOPQQDAjCBlTELMAkGA1UEBhMCVVMxEDAO BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT U0xfcDUyMTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wu -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDIxMDE5 -NDk1M1oXDTIzMTEwNzE5NDk1M1owgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN +Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIz +MDcyNVoXDTI0MDkxNTIzMDcyNVowgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjEx FDASBgNVBAsMC1NlcnZlci1wNTIxMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZswEAYHKoZIzj0CAQYF @@ -61,8 +61,8 @@ H9VgY6YufY3qP+Bb5chuH6fZo1nllici9AIrr1t4HxOoIovsrgF9wGETpDUKIaOB iTCBhjAdBgNVHQ4EFgQUhYafrnNflHcnOxUVxnkHqEJLHvMwHwYDVR0jBBgwFoAU QIkdMF4MbtU9xtUlkNq2Qmft6YIwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC A6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAoGCCqG -SM49BAMCA4GMADCBiAJCAUdh/lSkP4THBBIyX8c7DuuaDUa+1Bfw3+FrpqMACrXL -7CfA9EpbUKkcCEKD+jeuVPY4B6pGi7TBYBXH49oFDo9LAkIBnu6zkF//ei7HXBDU -bbclVdwElr0KEWP6JmZNWWihBH+IKdlLPJMhIs1ltqO1dP3V3nEHW/paSa7m2iGT -+/WQBuQ= +SM49BAMCA4GMADCBiAJCARp5E/WG1SynWL6NQ7nEzlgS0iJ2Qyt5NSCGbSaDfOeL +dxDH5NX8kr8Lzu4mCeD7+9YBdBjPr1fwa33vcnjo8Jd6AkIBoJsiU5JNCYx2Qudd +KfW5rTZtJ4GYsduqD7qWAajGr7tDjmfO1owfX5DvhrcbjkUWfZ5CXDAjovA9LJua +uHhChNE= -----END CERTIFICATE----- diff --git a/certs/p521/server-p521.der b/certs/p521/server-p521.der index e9560226771d9dddf7a624853ede6de98620711a..cc375bd30e8b1cc3c1c834a7fdc3b35efe9a5fdc 100644 GIT binary patch delta 179 zcmdnWwv}zdE?Gk(BLgF219KzOC~;mR69Y>_Qz+M*q6Bz5IDuutcUDa70 zv9H&8=aF*}LYI`voV6=W720yunrohSmkS(!a`n%o{oLo?sc}B|{rehYiNyK!;UBVV z-xpQ9_%OYS$%%2nY^C5yzMMT}PS0aCzwTUXmaE=4W8>{r{JW+xt~j=Sw{u_mxobW0 h@e|&+ZI|wI6|0@+6l0*g=!31!Y_?fDDx6v_0su0tPOJa` delta 179 zcmdnWwv}zdE?EO3Ljyxg6H8O$C~;mRV?#p&b12uKappvM&&>*q6Bz5=6aR%Qv2Quf zB4iYQ+?wz8EMB*LSHwTuf0(^&F$34u({I!deDR77SSiEd)cnhQUC1{J_Em1(TMj0O z9)Em`m9O8M$%%2^yUi2g|5xc9j}f?%yInQ(4$HK?T!P8J)Y5z-GZwPccWB=9wwbJ` hbT)O{;;kiruih(UkNy?qx$fC5MYhSmzfNF#0stX4Oq&1z diff --git a/certs/p521/server-p521.pem b/certs/p521/server-p521.pem index ec7169a5b..862328fba 100644 --- a/certs/p521/server-p521.pem +++ b/certs/p521/server-p521.pem @@ -2,16 +2,16 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_p521, OU=CA-p521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_p521, OU=Server-p521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Server-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (521 bit) - pub: + pub: 04:00:de:70:69:f6:d1:9e:c4:fe:5f:82:52:98:ce: 52:c1:6a:4c:12:22:0f:76:88:22:11:a5:0d:a6:02: 47:91:ab:79:8d:f6:08:70:2d:20:14:15:df:1b:57: @@ -38,20 +38,20 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ecdsa-with-SHA256 - 30:81:88:02:42:01:47:61:fe:54:a4:3f:84:c7:04:12:32:5f: - c7:3b:0e:eb:9a:0d:46:be:d4:17:f0:df:e1:6b:a6:a3:00:0a: - b5:cb:ec:27:c0:f4:4a:5b:50:a9:1c:08:42:83:fa:37:ae:54: - f6:38:07:aa:46:8b:b4:c1:60:15:c7:e3:da:05:0e:8f:4b:02: - 42:01:9e:ee:b3:90:5f:ff:7a:2e:c7:5c:10:d4:6d:b7:25:55: - dc:04:96:bd:0a:11:63:fa:26:66:4d:59:68:a1:04:7f:88:29: - d9:4b:3c:93:21:22:cd:65:b6:a3:b5:74:fd:d5:de:71:07:5b: - fa:5a:49:ae:e6:da:21:93:fb:f5:90:06:e4 + 30:81:88:02:42:01:1a:79:13:f5:86:d5:2c:a7:58:be:8d:43: + b9:c4:ce:58:12:d2:22:76:43:2b:79:35:20:86:6d:26:83:7c: + e7:8b:77:10:c7:e4:d5:fc:92:bf:0b:ce:ee:26:09:e0:fb:fb: + d6:01:74:18:cf:af:57:f0:6b:7d:ef:72:78:e8:f0:97:7a:02: + 42:01:a0:9b:22:53:92:4d:09:8c:76:42:e7:5d:29:f5:b9:ad: + 36:6d:27:81:98:b1:db:aa:0f:ba:96:01:a8:c6:af:bb:43:8e: + 67:ce:d6:8c:1f:5f:90:ef:86:b7:1b:8e:45:16:7d:9e:42:5c: + 30:23:a2:f0:3d:2c:9b:9a:b8:78:42:84:d1 -----BEGIN CERTIFICATE----- MIIDMTCCApKgAwIBAgIBATAKBggqhkjOPQQDAjCBlTELMAkGA1UEBhMCVVMxEDAO BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT U0xfcDUyMTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wu -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDIxMDE5 -NDk1M1oXDTIzMTEwNzE5NDk1M1owgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN +Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIz +MDcyNVoXDTI0MDkxNTIzMDcyNVowgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjEx FDASBgNVBAsMC1NlcnZlci1wNTIxMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZswEAYHKoZIzj0CAQYF @@ -61,25 +61,25 @@ H9VgY6YufY3qP+Bb5chuH6fZo1nllici9AIrr1t4HxOoIovsrgF9wGETpDUKIaOB iTCBhjAdBgNVHQ4EFgQUhYafrnNflHcnOxUVxnkHqEJLHvMwHwYDVR0jBBgwFoAU QIkdMF4MbtU9xtUlkNq2Qmft6YIwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC A6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAoGCCqG -SM49BAMCA4GMADCBiAJCAUdh/lSkP4THBBIyX8c7DuuaDUa+1Bfw3+FrpqMACrXL -7CfA9EpbUKkcCEKD+jeuVPY4B6pGi7TBYBXH49oFDo9LAkIBnu6zkF//ei7HXBDU -bbclVdwElr0KEWP6JmZNWWihBH+IKdlLPJMhIs1ltqO1dP3V3nEHW/paSa7m2iGT -+/WQBuQ= +SM49BAMCA4GMADCBiAJCARp5E/WG1SynWL6NQ7nEzlgS0iJ2Qyt5NSCGbSaDfOeL +dxDH5NX8kr8Lzu4mCeD7+9YBdBjPr1fwa33vcnjo8Jd6AkIBoJsiU5JNCYx2Qudd +KfW5rTZtJ4GYsduqD7qWAajGr7tDjmfO1owfX5DvhrcbjkUWfZ5CXDAjovA9LJua +uHhChNE= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_P521, OU=Root-P521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_p521, OU=CA-p521, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (521 bit) - pub: + pub: 04:00:2d:18:24:2d:e4:db:6c:c3:69:9b:db:18:67: 33:f1:60:68:94:14:cd:91:4a:57:65:ef:36:fa:24: 82:88:ec:c7:f0:cb:48:45:6e:96:5f:7f:eb:76:be: @@ -102,20 +102,20 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ecdsa-with-SHA256 - 30:81:88:02:42:01:c4:4b:30:70:d8:b3:34:56:15:6a:b2:dc: - 09:af:f9:f8:a2:b8:6b:e7:46:8c:5e:95:77:d0:db:92:6a:d4: - 05:33:4b:94:66:eb:6c:02:50:c0:11:21:65:d8:47:c2:0c:6d: - 10:c4:3b:93:97:66:ca:71:b0:a4:51:3d:e1:e9:71:c7:87:02: - 42:00:a1:73:18:75:c7:aa:77:88:49:cd:5f:e6:7b:f5:c3:b0: - 77:27:ed:23:08:7c:aa:ba:a0:40:21:69:98:6b:95:fe:97:fb: - 26:70:5b:6b:52:1f:42:9b:7d:8c:81:91:bc:2a:b6:eb:b7:3a: - 99:20:c7:17:44:61:ee:50:f2:e9:8d:ca:21 + 30:81:87:02:42:00:a3:76:dd:2a:a5:1f:c4:b6:11:fe:8c:62: + a2:7a:fe:a0:9b:04:3a:11:f5:6e:ef:ad:86:54:5a:cd:4d:dd: + 8c:27:f3:1f:9c:c4:7f:b5:8f:f5:5b:f7:60:31:6e:d9:a3:c6: + 41:29:43:0b:14:15:75:56:ef:ca:bd:30:6d:41:91:71:f4:02: + 41:14:2e:c9:57:8a:41:0c:af:a0:bc:3c:21:bd:4b:ea:08:fc: + 61:61:f7:85:92:d1:42:1e:3a:92:40:73:18:45:df:ff:d8:fe: + eb:cd:61:30:66:ef:60:31:04:bc:e0:4d:1e:c1:95:df:eb:eb: + cd:08:70:76:4c:5c:f3:bf:f6:ac:0d:7d -----BEGIN CERTIFICATE----- -MIIDCDCCAmmgAwIBAgIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEDAO +MIIDBzCCAmmgAwIBAgIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEDAO BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT U0xfUDUyMTESMBAGA1UECwwJUm9vdC1QNTIxMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBlTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBlTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xfcDUy MTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIGbMBAGByqGSM49AgEGBSuB @@ -124,8 +124,8 @@ f+t2vkRAwxnAM2jEBgSOwiWxloMiDnvHsvwBhpHtQ1044AwljbPbsdzetyGAz4fe ZPQhPi2veb320ABLgXn69xCqGc1A1x51NFMpA+1IVCHlj5W1m0GNX91y0lqjYzBh MB0GA1UdDgQWBBRAiR0wXgxu1T3G1SWQ2rZCZ+3pgjAfBgNVHSMEGDAWgBRkp2iV UzMYoiCSvGRVpqvKdmibyDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -hjAKBggqhkjOPQQDAgOBjAAwgYgCQgHESzBw2LM0VhVqstwJr/n4orhr50aMXpV3 -0NuSatQFM0uUZutsAlDAESFl2EfCDG0QxDuTl2bKcbCkUT3h6XHHhwJCAKFzGHXH -qneISc1f5nv1w7B3J+0jCHyquqBAIWmYa5X+l/smcFtrUh9Cm32MgZG8KrbrtzqZ -IMcXRGHuUPLpjcoh +hjAKBggqhkjOPQQDAgOBiwAwgYcCQgCjdt0qpR/EthH+jGKiev6gmwQ6EfVu762G +VFrNTd2MJ/MfnMR/tY/1W/dgMW7Zo8ZBKUMLFBV1Vu/KvTBtQZFx9AJBFC7JV4pB +DK+gvDwhvUvqCPxhYfeFktFCHjqSQHMYRd//2P7rzWEwZu9gMQS84E0ewZXf6+vN +CHB2TFzzv/asDX0= -----END CERTIFICATE----- diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 7c546cbff..ebef14a7f 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -59,6 +59,11 @@ check_result(){ #the function that will be called when we are ready to renew the certs. run_renewcerts(){ + + #call update for some ecc certs + ./certs/ecc/genecc.sh + check_result $? "Step 0" + cd certs/ || { echo "Couldn't cd to certs directory"; exit 1; } echo "" @@ -125,6 +130,27 @@ run_renewcerts(){ echo "End of section" echo "---------------------------------------------------------------------" ############################################################ + #### update the self-signed (2048-bit) client-cert-ext.pem + ############################################################ + echo "Updating 2048-bit client-cert-ext.pem" + echo "" + #pipe the following arguments to openssl req... + echo -e "US\\nMontana\\nBozeman\\nwolfSSL_2048\\nProgramming-2048\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key client-key.pem -config ./wolfssl.cnf -nodes -out client-cert.csr + check_result $? "Step 1" + + + openssl x509 -req -in client-cert.csr -days 1000 -extfile wolfssl.cnf -extensions client_cert_ext -signkey client-key.pem -out client-cert-ext.pem + check_result $? "Step 2" + rm client-cert.csr + + openssl x509 -in client-cert-ext.pem -outform DER -out client-cert-ext.der + check_result $? "Step 3" + openssl x509 -in client-cert-ext.pem -text > tmp.pem + check_result $? "Step 4" + mv tmp.pem client-cert-ext.pem + echo "End of section" + echo "---------------------------------------------------------------------" + ############################################################ #### update the self-signed (2048-bit) client-crl-dist.pem ############################################################ echo "Updating 2048-bit client-crl-dist.pem" @@ -799,6 +825,10 @@ else make clean check_result $? "make clean" + run_renewcerts + cd ../ || exit 1 + rm ./certs/wolfssl.cnf + # restore previous configure state restore_config check_result $? "restoring old configuration" diff --git a/certs/renewcerts/wolfssl.cnf b/certs/renewcerts/wolfssl.cnf index 6c5efb25f..f85b31de2 100644 --- a/certs/renewcerts/wolfssl.cnf +++ b/certs/renewcerts/wolfssl.cnf @@ -300,6 +300,14 @@ authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:false subjectAltName=URI:../relative/page.html +# client cert ext +[ client_cert_ext ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true +subjectAltName=DNS:example.com +keyUsage=critical, digitalSignature, keyCertSign, cRLSign + # test CRL distribution points [ crl_dist_points ] crlDistributionPoints=URI:http://www.wolfssl.com/crl.pem diff --git a/certs/server-cert-chain.der b/certs/server-cert-chain.der index 5f357103ab24a43b2ca3f44a2b17d8845104f03f..86422ddbfb5716bf7fd2299c5086da6c69da29b3 100644 GIT binary patch delta 757 zcmX>n{9c&Dpo!&$K@;mzKXl4Ni{}baf^P0BGzG=kB*iL})`$GKX_TmDZ@GHO{rBrGaG%j$Keb@O z^x!j+xu1M}em$966Y?P1T3#;5t^Ve&1rv7V-nUKvFh9uU@WV8-JBbm3yL@;KY2NxS z?3%DiuyW$tn)%!7V;*T9liOc$YyZW)bH4j2KREn8e_MJ@{dFIvt9#Sm)$u&;yj__n zcOm}ki!=|b(2%QQLIw;c+e#mt{BKcm?!@uG@2A}eomOa?blc>pK6^{oDrvd$04@b< zMQ=8d^%a7P9FN8F6g&vpGS8=Nb@bu~{fiDsWfnA8?+s8^EAs#K_x{^fBb_I!?LIHN zAbZ<5JF|D@&MhY1l`B-mG7Oqn{u?wgKVQJi#K^>iHKZmAtdW98f(dFQm_$u}z%+ew zCZpo!ayAZFEVQtb6bl;)ckgnIYEWfbQrE$~vik3a-QV1{?)q~4aiT&GvuN7aCm~Jm zg&U?Tr60W55&K9t{M&>1nb$VPY%uIhJ1fcGmph1%+}8Ch-1b-m<4nGVg=6fBlQM8Q-2O zJ6oGIH+#D+n8kSEcuj=Y8*e*SyWJ2?y4vq+d*Jr0qm3)p+-jeB{O-<= zBI_?se*D?#`XZJ<#SqQIuHW{>{5pGkzkX$-)6;%;?kgdTTMv1;U0Y$Om(pPGkvLKF g^D5_<%)F0`JMSkK+U|_{ZFWF#(P4wROj8d70L$fC9smFU delta 720 zcmaDad`_6dpo!(KK@;=Qi5y#G4U7y83@uG8O^u_(d5w$>4GqkpT!Y35lNDKwHghw! zGqPG4G%=b@p3bDmbCQiYR92a#@t{HDzRAbgw{USXth#K!MuN-Sck%>|_ z`FKn<)Eo>iy;k#akCyzs_Mg>P11pW|t1_2}K3B`zZXC9z-^BK_qJD71#0z#?EIsy5 z7A!Hl-0peUgxA1e^%oy?$*V_r)_U%p_~X{R6S`V!9+md3;<&j#_5b3H{vQ(ZeWxB_ zt6!g%rEG1rByn5LseKPOlz)EHe6>fmzO}x$zcoQ)SWY9P4VO9mzWH$$+O8_xMQ{E%b`R2iX3LWI&Z3I9hUnr=u^XW z)8^??>}L#`SY8@5F<)H3%*4pVgb1FA0&Aq;!EJ;Z+(uE8A23bdoWrIG3+q|zgu^;% z#)*jYVa#pO(uJP2tjw_wINH|U_PV!PY1)dzkr@ZgCpg^S+j(Knt-kl|n+_!fJ(SWE z&zd&#gx?LLe>*P5SaTh+iC-u;qyAi{nxcHl9MP&d?|;j-X8oFRZpF&ghZh}q-Trou z;{DI;(d+&?Tv?}Zp{&c0Yf(~7BJa7_S#nPlI_d*Gf0wU3>w9c}$V}t+-V2Hga`kT7 za(olAG|V`b7~{BA`in*FpMAw?y5CPl>qHx_I{&TS;E9k<-!+TCXRhzA-a6cT?QPtf zYuiLNPmX*T>Q&Ej|6J;o`x5?lx470X3o|&v>M~=lzglif!-BZC$`?J_`B>Q|T5qt~ P-P3PV?c=|Y>C_AWY}G$7 diff --git a/certs/server-cert.der b/certs/server-cert.der index 041eba29199388428e2f4ae51190faaf4d0ceaf6..0a680446212f8849505389185d4133aac7d4a523 100644 GIT binary patch delta 358 zcmaFJ`G%9jpo!&$K@;KZFGP1fFG%-3( zp3bDmbA^pLR92a#@r*&^$;n5Uwup+AOn%u-3Utb)V zA3Eis#dC!yK{xjmnu6kNl42D~>qCCrG)h#nw_LsC{`++oxX);>pIR_sdhi*^+)utf zzn;vk33(80EiV`3R)2HXf(g5F@7tz-m>=YF_+gsaox}*iT|PXAG;e(uc1_qMSUK@+ z&HU~4F^@El$?dPWwg2MYIp6)19~^$4zb(C{{<;s-)xGKO>UbV^-mXlPyAc2NMVg0I zXvkGDAp?e!ZKV%R{lqo3LXS)ndj5CI(qSg{zZqRG7B24_Xa4d75V@Ad;e{#k4Gqj8+>KZFGO}73G%=b@ zp3bDmbCQiYR92a#@t{HDzR5?Jws3JWth#K!MuN-ScXBUte7!X9GMCA`d_1NaY7T~% zUaR@IM@#-*`_JmDftAMfRhdgfpR46Qnt2Q zlDIAB)V_xs%0ItpzS<*O-&)^Wa^j7g=bLb^Gk+gh*@XnGOFt{VA$@6Z{b4@4v^Nn_X2mfzRkO&8{Rb4Vozdu+5rugylOH2mWx` C6P#ZF diff --git a/certs/server-cert.pem b/certs/server-cert.pem index 54dd74e32..9e5186ecf 100644 --- a/certs/server-cert.pem +++ b/certs/server-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: @@ -37,7 +37,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -46,27 +46,27 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 1b:0d:a6:44:93:0d:0e:0c:35:28:26:40:31:d2:eb:26:4c:47: - 5b:19:fb:ad:fe:3a:f5:30:3a:28:d7:aa:69:a4:15:e7:26:6e: - b7:33:56:ac:8f:34:3d:f3:21:2f:53:58:91:d0:3e:b4:39:48: - bf:93:11:74:36:d3:87:49:c3:34:0d:30:30:ab:f4:4c:27:19: - d5:c4:0c:ad:49:bd:91:f8:da:9e:c8:2d:2a:ac:e2:75:8e:aa: - 08:d9:bf:65:ff:a3:b1:4f:f0:60:6f:4d:95:c4:06:7f:af:66: - 6a:23:3b:3a:a4:61:b6:6c:ca:be:e1:b0:77:f3:ec:83:d5:8c: - 1d:85:7f:8d:74:c8:ec:1e:49:ec:57:4a:cc:fd:e2:3a:3e:54: - 50:ae:67:cd:17:b0:67:a5:53:7f:c3:0e:3e:a7:58:e8:df:d5: - 0c:f2:64:f3:ad:12:70:e3:b9:42:bc:08:60:76:d5:0c:a5:31: - 77:50:e0:c8:f3:3a:3d:45:cf:32:75:ef:10:dd:b5:ed:6e:d2: - 2d:57:82:95:38:bc:7d:54:c4:84:5e:fb:7e:83:f5:f1:2d:9c: - 98:ac:73:e3:a7:d2:02:30:d6:1f:06:1e:d0:dc:3a:ac:f4:c2: - c2:be:72:40:9a:ea:cf:35:21:3b:56:6d:e1:52:f2:80:d7:35: - 83:97:07:cc + 73:59:6f:55:94:e1:38:e7:20:5a:11:46:47:a8:29:11:17:06: + 19:16:78:22:af:54:f8:d9:32:61:26:3f:39:ab:a4:df:ef:ae: + d0:0b:cc:2b:af:95:70:90:97:53:cc:19:6d:f2:4d:4c:fa:e4: + 9d:7c:54:e0:5b:3b:1f:1e:52:46:7f:d9:ba:a0:90:ba:6d:df: + 3d:67:f0:9f:52:44:c3:e1:66:36:dc:61:58:11:ba:4c:0c:c2: + 29:da:f7:13:45:60:b2:11:79:91:ed:7c:9f:b7:7f:5c:e2:29: + c6:1e:bf:78:da:bf:d1:bd:9c:f7:4e:23:e0:c3:ef:6f:b6:67: + 7c:d7:4c:02:d5:bd:67:ee:7e:0c:e3:89:db:79:61:1e:d0:5f: + f5:e8:66:48:3a:55:54:d5:16:12:30:00:c9:86:75:e0:c9:ff: + 38:74:ce:c8:c7:fd:ef:96:d8:55:96:71:35:62:db:34:c5:2f: + 07:84:8a:aa:1b:1e:77:50:0a:20:3b:21:4b:06:14:af:78:11: + a2:41:c6:5d:0c:70:e0:52:b4:9e:4c:86:ab:5b:a3:e0:8f:a2: + c2:1a:69:70:80:3b:bd:50:23:26:72:4f:fa:fd:df:ed:85:32: + 2c:e4:ab:3e:f3:a6:d0:1d:db:33:6b:69:8d:99:b9:b4:34:4b: + 79:a8:16:68 -----BEGIN CERTIFICATE----- -MIIE3TCCA8WgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIE6DCCA9CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP @@ -75,34 +75,35 @@ f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq 0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ -6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOCATowggE2MB0GA1UdDgQW -BBSzETLJkpiE4sn40DtuA0LKHw6OPDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t +6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOCAUUwggFBMB0GA1UdDgQW +BBSzETLJkpiE4sn40DtuA0LKHw6OPDCB1AYDVR0jBIHMMIHJgBQnjmcRdMMmHT/t M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG -9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAMBgNVHRMEBTADAQH/ -MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUF -BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAGw2mRJMNDgw1KCZAMdLr -JkxHWxn7rf469TA6KNeqaaQV5yZutzNWrI80PfMhL1NYkdA+tDlIv5MRdDbTh0nD -NA0wMKv0TCcZ1cQMrUm9kfjansgtKqzidY6qCNm/Zf+jsU/wYG9NlcQGf69maiM7 -OqRhtmzKvuGwd/Psg9WMHYV/jXTI7B5J7FdKzP3iOj5UUK5nzRewZ6VTf8MOPqdY -6N/VDPJk860ScOO5QrwIYHbVDKUxd1DgyPM6PUXPMnXvEN217W7SLVeClTi8fVTE -hF77foP18S2cmKxz46fSAjDWHwYe0Nw6rPTCwr5yQJrqzzUhO1Zt4VLygNc1g5cH -zA== +9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFH2UcIi6B0KNqq9PvsIaSPDRQOZCMAwG +A1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0l +BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBzWW9V +lOE45yBaEUZHqCkRFwYZFngir1T42TJhJj85q6Tf767QC8wrr5VwkJdTzBlt8k1M ++uSdfFTgWzsfHlJGf9m6oJC6bd89Z/CfUkTD4WY23GFYEbpMDMIp2vcTRWCyEXmR +7Xyft39c4inGHr942r/RvZz3TiPgw+9vtmd810wC1b1n7n4M44nbeWEe0F/16GZI +OlVU1RYSMADJhnXgyf84dM7Ix/3vlthVlnE1Yts0xS8HhIqqGx53UAogOyFLBhSv +eBGiQcZdDHDgUrSeTIarW6Pgj6LCGmlwgDu9UCMmck/6/d/thTIs5Ks+86bQHdsz +a2mNmbm0NEt5qBZo -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) - Serial Number: 12309252214903945037 (0xaad33fac180a374d) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 7d:94:70:88:ba:07:42:8d:aa:af:4f:be:c2:1a:48:f0:d1:40:e6:42 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: @@ -129,7 +130,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -138,47 +139,47 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08: - 86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd: - 89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99: - c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce: - 89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8: - a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4: - ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20: - 88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70: - 6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38: - 7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4: - 12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6: - b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd: - b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e: - ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c: - 4f:a1:ca:98 + b0:71:bb:ba:45:5a:80:25:02:a4:7e:88:0b:a9:7b:fd:b0:bb: + f6:46:b5:ba:f4:c7:e3:61:20:8c:03:15:66:f5:e4:54:82:ef: + 13:80:97:22:67:c1:d1:88:5d:e2:2d:57:f6:e0:9f:69:d6:b1: + 5c:b6:e8:e0:98:89:c8:14:12:d6:b6:89:8d:6c:b9:a0:59:4f: + 92:ee:11:53:6b:7d:93:4a:69:0a:85:d9:d5:d2:62:e8:c9:b5: + c6:4e:17:f5:0a:e8:f3:2d:86:61:0b:eb:c4:c4:c6:67:75:ed: + 9a:9f:53:a0:71:1e:a0:90:0d:f9:03:b4:bc:86:19:6e:f0:3b: + 4f:e8:ed:68:f6:e7:23:43:3b:36:83:83:4b:46:a0:9a:01:d0: + c7:85:bb:7d:94:a0:21:3d:7e:3c:6a:3d:81:db:41:7b:46:d8: + 15:62:d5:8f:4d:3d:c0:db:9a:c5:81:a8:ac:da:87:99:c7:dd: + b9:f1:14:af:d1:93:e3:f3:42:d7:a2:04:51:21:54:29:c3:45: + f6:be:5c:fa:cd:db:bf:2f:79:81:42:e5:8f:47:0b:d4:54:01: + b5:c2:4a:46:d6:a8:31:2e:64:80:3f:48:61:91:29:f3:aa:43: + 5c:69:6e:f1:01:b9:df:63:71:3d:b9:5a:fb:36:c0:11:a2:c3: + 30:9d:95:c3 -----BEGIN CERTIFICATE----- -MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +MIIE/zCCA+egAwIBAgIUfZRwiLoHQo2qr0++whpI8NFA5kIwDQYJKoZIhvcNAQEL +BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZQxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw +DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP +d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804H0ry +TXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQ +u2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkc +rMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfa +QG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+j +JtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02 +eQIDAQABo4IBRTCCAUEwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHU +BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow -ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+ -gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO -BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv -b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM -BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud -JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI -WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX -apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28 -Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z -PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt -XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR -O7A8u4yPPHtMT6HKmA== +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU +fZRwiLoHQo2qr0++whpI8NFA5kIwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl +eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +DQYJKoZIhvcNAQELBQADggEBALBxu7pFWoAlAqR+iAupe/2wu/ZGtbr0x+NhIIwD +FWb15FSC7xOAlyJnwdGIXeItV/bgn2nWsVy26OCYicgUEta2iY1suaBZT5LuEVNr +fZNKaQqF2dXSYujJtcZOF/UK6PMthmEL68TExmd17ZqfU6BxHqCQDfkDtLyGGW7w +O0/o7Wj25yNDOzaDg0tGoJoB0MeFu32UoCE9fjxqPYHbQXtG2BVi1Y9NPcDbmsWB +qKzah5nH3bnxFK/Rk+PzQteiBFEhVCnDRfa+XPrN278veYFC5Y9HC9RUAbXCSkbW +qDEuZIA/SGGRKfOqQ1xpbvEBud9jcT25Wvs2wBGiwzCdlcM= -----END CERTIFICATE----- diff --git a/certs/server-ecc-comp.der b/certs/server-ecc-comp.der index d654e7999c12445dd94d8193c1cb257257942438..c172693f784c00d28ade241bfa9718c0de326901 100644 GIT binary patch delta 200 zcmaFL_J>W`pozJ{pov*_0W%XL6O)K$N%=d6kIZ{EU)aVd`!&q#=$UGki4t2S4ULQp zjEoJ;jZCA&d5ugAEDcQ|+=m+R+**ohC$=i$-fv6h+;Kx z@)4#8FHZ&oHzq}fx9lEQ4Ij%lWSv{NDtFD|pI6*=*h$6-URUhDqk1>1I)X`&p(Xg) j2MMkg%}Z-dHq~%XF#f&4F);HC$Mi)OKNJm(jvWL5{iscA delta 196 zcmeyv_LNPs~Wn&JNRc2{CYtVRV zGAq*oE`-68Z!tx9dN3HcGAS~wYqJ!x p9FqcPqHfDe7XM1V=O4}lUDkild4AvQ`EAPjPfk0F?dI%l2LMJgMl1jT diff --git a/certs/server-ecc-comp.pem b/certs/server-ecc-comp.pem index 4f6cd8d95..285f42d50 100644 --- a/certs/server-ecc-comp.pem +++ b/certs/server-ecc-comp.pem @@ -1,17 +1,18 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 16552530592849642901 (0xe5b666e00896c595) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 29:74:77:ee:40:f1:03:bc:b3:d0:b6:01:1d:f5:56:4a:c5:cc:7b:04 + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Montana, L = Bozeman, O = Elliptic - comp, OU = Server ECC-comp, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Elliptic - comp, OU = Server ECC-comp, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 02:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de: 9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c: 16:e8:61 @@ -23,7 +24,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18 DirName:/C=US/ST=Montana/L=Bozeman/O=Elliptic - comp/OU=Server ECC-comp/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:E5:B6:66:E0:08:96:C5:95 + serial:29:74:77:EE:40:F1:03:BC:B3:D0:B6:01:1D:F5:56:4A:C5:CC:7B:04 X509v3 Basic Constraints: CA:TRUE @@ -32,28 +33,28 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:21:00:ae:80:d7:f5:4d:76:79:5c:01:14:8b:fd:80: - 79:fb:9b:fe:8f:0d:9c:c3:7c:e6:80:4c:a6:54:16:3f:ed:1d: - 5e:02:20:09:61:2d:84:e9:04:4f:79:0e:e7:f0:cc:52:d3:2f: - e0:89:cf:be:9b:9f:86:23:2f:e4:cb:43:16:bb:09:8d:87 + 30:46:02:21:00:ed:07:48:d5:31:e3:1f:80:6a:ce:a9:aa:6d: + ac:a3:f9:d4:46:b8:3e:19:5e:11:d7:21:8f:dc:25:dd:6a:7b: + 58:02:21:00:84:53:e6:f0:18:0a:84:29:d2:ad:34:b2:7c:0b: + 90:33:fb:b0:41:51:69:cc:08:97:a2:38:f8:21:31:32:c6:c1 -----BEGIN CERTIFICATE----- -MIIDYTCCAwegAwIBAgIJAOW2ZuAIlsWVMAoGCCqGSM49BAMCMIGgMQswCQYDVQQG -EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UE -CgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAxGDAW -BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm -c3NsLmNvbTAeFw0yMTAyMTAxOTQ5NTNaFw0yMzExMDcxOTQ5NTNaMIGgMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYG -A1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAx -GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 -b2xmc3NsLmNvbTA5MBMGByqGSM49AgEGCCqGSM49AwEHAyIAArszrEwnUErGSqUE -wzzenzbbci3OlOor+ssgCTksFuhho4IBRjCCAUIwHQYDVR0OBBYEFIw4Omu4JLff -bvRZrFZOquJYploYMIHVBgNVHSMEgc0wgcqAFIw4Omu4JLffbvRZrFZOquJYploY -oYGmpIGjMIGgMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UE -BwwHQm96ZW1hbjEYMBYGA1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9T -ZXJ2ZXIgRUNDLWNvbXAxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAOW2ZuAIlsWVMAwGA1UdEwQFMAMB -Af8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYB -BQUHAwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0gAMEUCIQCugNf1TXZ5XAEUi/2A -efub/o8NnMN85oBMplQWP+0dXgIgCWEthOkET3kO5/DMUtMv4InPvpufhiMv5MtD -FrsJjYc= +MIIDeDCCAx2gAwIBAgIUKXR37kDxA7yz0LYBHfVWSsXMewQwCgYIKoZIzj0EAwIw +gaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAxGDAWBgNVBAsMD1NlcnZlciBF +Q0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB +FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcy +NVowgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAxGDAWBgNVBAsMD1NlcnZl +ciBFQ0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN +AQkBFhBpbmZvQHdvbGZzc2wuY29tMDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgAC +uzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GGjggFRMIIBTTAdBgNVHQ4E +FgQUjDg6a7gkt99u9FmsVk6q4limWhgwgeAGA1UdIwSB2DCB1YAUjDg6a7gkt99u +9FmsVk6q4limWhihgaakgaMwgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250 +YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAx +GDAWBgNVBAsMD1NlcnZlciBFQ0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu +Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQpdHfuQPEDvLPQ +tgEd9VZKxcx7BDAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29t +hwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggqhkjOPQQD +AgNJADBGAiEA7QdI1THjH4Bqzqmqbayj+dRGuD4ZXhHXIY/cJd1qe1gCIQCEU+bw +GAqEKdKtNLJ8C5Az+7BBUWnMCJeiOPghMTLGwQ== -----END CERTIFICATE----- diff --git a/certs/server-ecc-rsa.der b/certs/server-ecc-rsa.der index debf33e931b9f09aacbc5bf3c0b46b734344d17d..f7822bdcd534066f84a033e874ca6c05f2679dd0 100644 GIT binary patch delta 357 zcmZ3?v5teopovAxpov*%BF7dKev~E@0IK*c{FGJ$F1i)E*uMc`OjkMMCAkVA7h{V&E4Gox$e({!`=U< z{Qlw0`K{1o_nBSJAw7PXn@S%py0Cr2Y3;ZCbFMr)&1}AyYYzB-nWVL2 znOfgJBX8e7<}Ej*Yq;0EiJ2zEbj8Q|!z-VtbGG46pLK0*+CKlsX@%dnXRu5(cocqG O=`;IZXZGVvNk#x?6RU9m delta 346 zcmZ3-v6zFypovA^poy7%BF7d<10zENLrW7&Q{yOcUL#{eLj!XNcjDFmtX2k1jAoN> zGAi<%WMdAMRc2{CXwbNCG8@wtE>4D3m+jX`aGCo~KF<_i?|t@Y|DWB5&5mC2Eo2c6 zUSPA>PwOu4<>g6+yvK~#4Xdd`d^WgU3NXYNG9-MRaH)z z&I}QczaKBw1h>8IiLdwPSC4hw_f~Dfr9c*6w&)a@IK$*KSFUnvoOz__P};7T(%0So ze!_0Ii4%V&|JblRuJ?t)vF%Ye`AmQBy2yEP#T=0?4TepW$`KOec=Q{l;A6@H&@mA*)j{fS>qJNK*qnB%nFg~==f0IPMB Aw*UYD diff --git a/certs/server-ecc-rsa.pem b/certs/server-ecc-rsa.pem index 0a33de157..bb884e851 100644 --- a/certs/server-ecc-rsa.pem +++ b/certs/server-ecc-rsa.pem @@ -2,16 +2,16 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - RSAsig, OU=ECC-RSAsig, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Elliptic - RSAsig, OU = ECC-RSAsig, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de: 9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c: 16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92: @@ -25,7 +25,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -34,43 +34,43 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 4b:cd:c5:8f:fc:bb:c3:36:c5:d4:4d:71:04:13:53:a0:3c:a3: - 4e:2a:dd:0d:d3:a7:62:31:0d:c6:32:07:31:d4:6b:0f:8b:55: - a2:2f:2c:b3:ae:46:91:8a:09:be:7e:ff:e2:67:46:f2:7e:d4: - 6f:be:5d:57:42:fd:3a:56:b0:e8:0e:4d:12:fd:f5:00:ca:6f: - bd:88:0c:04:47:1a:ec:5d:96:3f:b6:a5:8b:9d:47:a6:4f:82: - 07:33:9d:11:0a:3d:38:1d:21:4f:d4:1e:1d:a6:d7:6b:72:1c: - 51:e1:7a:7a:6c:76:2c:98:14:48:fd:f1:d1:7c:53:86:ed:8c: - 5f:4f:0f:27:5d:45:be:ed:26:90:d2:51:04:4d:06:5b:64:1c: - 5e:31:63:cc:d4:d5:0b:28:cc:e2:29:40:75:87:21:64:8e:8b: - 87:ef:90:bb:46:91:91:f9:63:f8:b0:a7:5e:8d:e8:20:c6:b7: - 5a:d9:0e:35:fb:ba:d1:09:d1:98:a6:61:25:e2:0d:97:c4:1b: - 0f:bc:b6:ec:e7:96:80:b8:e5:55:03:1e:7f:b5:fd:40:06:cc: - aa:7b:f0:b3:81:2e:e1:4e:3a:52:e3:f3:c4:d3:8c:78:49:00: - 3a:57:df:0e:aa:2f:14:52:3f:c8:fa:82:b9:bf:27:f8:9c:42: - b7:44:36:68 + b3:bc:8c:f8:0f:8f:63:4e:cd:73:62:fe:46:e9:fd:de:74:b8: + 74:e2:9c:af:f1:b5:ce:48:d0:c6:56:e9:fe:38:a5:91:23:c0: + 5f:f1:5d:e4:fd:6d:b3:87:f3:7e:fc:e0:c3:8b:ff:94:fb:f8: + 43:09:f6:71:34:bb:cc:ba:43:54:8c:4e:69:b2:75:e1:a2:d0: + b7:b0:cb:2b:ed:0f:9c:d4:e6:cb:03:37:b4:86:92:4c:8c:fc: + 30:5c:71:e0:3c:58:44:25:fa:3a:04:08:4e:27:14:d7:5b:aa: + 75:e7:2b:13:1a:2c:60:9f:ad:43:e0:48:5d:02:88:84:a6:72: + 36:56:a5:1e:82:8c:f2:75:fd:7c:8e:af:92:44:9f:78:3e:a1: + dc:ea:7d:19:ef:08:b4:28:5b:76:d4:90:73:a7:e9:ba:41:bd: + 44:fc:a6:d9:33:06:15:f8:2c:8f:ca:2b:fa:21:bd:4a:4c:a6: + 9f:4e:5b:97:bd:97:cf:d7:74:a6:42:ac:c0:4f:f4:92:2a:b8: + a6:26:8e:fe:32:4b:4d:fc:37:84:d8:1b:7c:0b:ac:ec:5c:96: + 12:02:d4:4c:3b:f0:ea:4c:5a:ce:3d:57:e5:e6:8a:b5:82:b7: + 9f:f8:cb:20:fb:db:98:04:91:30:e2:57:cb:22:f3:07:fd:43: + 07:c7:62:32 -----BEGIN CERTIFICATE----- -MIIEHzCCAwegAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEKjCCAxKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO PQIBBggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBbo -YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBOjCCATYwHQYDVR0O -BBYEFF1dJu+sfjb5m3YVK0olAiPvsokwMIHJBgNVHSMEgcEwgb6AFCeOZxF0wyYd +YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBRTCCAUEwHQYDVR0O +BBYEFF1dJu+sfjb5m3YVK0olAiPvsokwMIHUBgNVHSMEgcwwgcmAFCeOZxF0wyYd P+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgxEzARBgNV BAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wYCjdNMAwGA1UdEwQFMAMB -Af8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYB -BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBLzcWP/LvDNsXUTXEE -E1OgPKNOKt0N06diMQ3GMgcx1GsPi1WiLyyzrkaRigm+fv/iZ0byftRvvl1XQv06 -VrDoDk0S/fUAym+9iAwERxrsXZY/tqWLnUemT4IHM50RCj04HSFP1B4dptdrchxR -4Xp6bHYsmBRI/fHRfFOG7YxfTw8nXUW+7SaQ0lEETQZbZBxeMWPM1NULKMziKUB1 -hyFkjouH75C7RpGR+WP4sKdejeggxrda2Q41+7rRCdGYpmEl4g2XxBsPvLbs55aA -uOVVAx5/tf1ABsyqe/CzgS7hTjpS4/PE04x4SQA6V98Oqi8UUj/I+oK5vyf4nEK3 -RDZo +SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoHQo2qr0++whpI8NFA5kIw +DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV +HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBALO8 +jPgPj2NOzXNi/kbp/d50uHTinK/xtc5I0MZW6f44pZEjwF/xXeT9bbOH83784MOL +/5T7+EMJ9nE0u8y6Q1SMTmmydeGi0LewyyvtD5zU5ssDN7SGkkyM/DBcceA8WEQl ++joECE4nFNdbqnXnKxMaLGCfrUPgSF0CiISmcjZWpR6CjPJ1/XyOr5JEn3g+odzq +fRnvCLQoW3bUkHOn6bpBvUT8ptkzBhX4LI/KK/ohvUpMpp9OW5e9l8/XdKZCrMBP +9JIquKYmjv4yS038N4TYG3wLrOxclhIC1Ew78OpMWs49V+XmirWCt5/4yyD725gE +kTDiV8si8wf9QwfHYjI= -----END CERTIFICATE----- diff --git a/certs/server-ecc-self.der b/certs/server-ecc-self.der index 396d884d153dce6fc3031147feb5d4c832c733d9..0cdbbb947ab2c3c5068d04e4bcdef13e70ed03c1 100644 GIT binary patch delta 279 zcmbQt_JB>lZ`o4R+xp!fWbhJjWeOmgR$+0 z6C)!F3o{d&!{n2Uiah5*DwJ6oj~g@|nf#4$eLYqy4fsIH_!$}hgS0ZQFc1duRatlp zxY#(f*%(<_*_jzZY^^qrbG9tZOw1k(2Chts3~PU+Wk1~^%;>bax&HhkhRt_Q+}!p_ z-KozYaQ6>0A;~Z%1^)3 BU%LPR delta 216 zcmaFBHknPupoy8^powYg0%j&gCMHgX12=-xjr?vcGvH$5&}#EIXUoFOH1XkNIXQ7& zLrVj5LkmN5Ln9-DC~;mRBLfpdV+eQRgZHeB-whhSO#Z^C$a92^IaF4erE!lzfyE;}qT=}u#NTB+ICs}+UN0cnzv>piA8lKbx0EdN1UH||9 diff --git a/certs/server-ecc-self.pem b/certs/server-ecc-self.pem index 06c0e913f..79a122f8f 100644 --- a/certs/server-ecc-self.pem +++ b/certs/server-ecc-self.pem @@ -1,17 +1,18 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 13895948352942430886 (0xc0d85367324edaa6) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 5c:da:f4:04:76:f3:be:6d:f4:9a:5b:7c:a2:c8:21:de:f6:04:ee:ac + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Jul 18 17:12:20 2019 GMT - Not After : Apr 13 17:12:20 2022 GMT - Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Dec 18 23:07:24 2031 GMT + Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de: 9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c: 16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92: @@ -20,36 +21,43 @@ Certificate: ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + Netscape Cert Type: + SSL Server X509v3 Subject Key Identifier: 5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30 X509v3 Authority Key Identifier: keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30 DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:C0:D8:53:67:32:4E:DA:A6 + serial:5C:DA:F4:04:76:F3:BE:6D:F4:9A:5B:7C:A2:C8:21:DE:F6:04:EE:AC - X509v3 Basic Constraints: - CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Key Encipherment, Key Agreement + X509v3 Extended Key Usage: + TLS Web Server Authentication Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:20:01:0e:83:d8:81:53:76:e4:ce:4b:51:69:a4:bc: - 50:2e:46:02:e1:27:d6:04:e4:76:36:e9:fe:4a:ed:87:d1:72: - 02:21:00:97:87:68:62:34:53:45:41:7a:e1:a9:f1:80:c4:51: - 27:e0:e4:6a:0e:54:c4:22:39:ec:85:c0:54:b5:57:62:8c + 30:45:02:21:00:ad:f8:66:6b:e5:b8:13:01:42:b3:83:7f:cf: + e2:00:b3:dc:c8:d9:b6:f2:27:42:8e:30:51:bb:f8:36:12:19: + 56:02:20:39:58:98:f2:ac:a7:6d:9b:d4:4f:6d:e1:01:e1:4a: + 72:8a:e3:bf:e6:d0:f1:cc:fa:31:9b:a0:b6:a7:dd:96:29 -----BEGIN CERTIFICATE----- -MIIDDzCCArWgAwIBAgIJAMDYU2cyTtqmMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG -EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G -A1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkwNzE4 -MTcxMjIwWhcNMjIwNDEzMTcxMjIwWjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx -DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI -hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD -QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih -f/DPGNqREQI0huggWDMLgDSJ2KOB9zCB9DAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr -SiUCI++yiTAwgcQGA1UdIwSBvDCBuYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZWk -gZIwgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH -DAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNV -BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbYIJAMDYU2cyTtqmMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIg -AQ6D2IFTduTOS1FppLxQLkYC4SfWBOR2Nun+Su2H0XICIQCXh2hiNFNFQXrhqfGA -xFEn4ORqDlTEIjnshcBUtVdijA== +MIIDXDCCAwKgAwIBAgIUXNr0BHbzvm30mlt8osgh3vYE7qwwCgYIKoZIzj0EAwIw +gY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMM +D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv +bTAeFw0yMTEyMjAyMzA3MjRaFw0zMTEyMTgyMzA3MjRaMIGPMQswCQYDVQQGEwJV +UzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UE +CgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNzbC5j +b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIB +BggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBboYQLp +r03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBODCCATQwCQYDVR0TBAIw +ADARBglghkgBhvhCAQEEBAMCBkAwHQYDVR0OBBYEFF1dJu+sfjb5m3YVK0olAiPv +sokwMIHPBgNVHSMEgccwgcSAFF1dJu+sfjb5m3YVK0olAiPvsokwoYGVpIGSMIGP +MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh +dHRsZTEQMA4GA1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93 +d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22C +FFza9AR2875t9JpbfKLIId72BO6sMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAK +BggrBgEFBQcDATAKBggqhkjOPQQDAgNIADBFAiEArfhma+W4EwFCs4N/z+IAs9zI +2bbyJ0KOMFG7+DYSGVYCIDlYmPKsp22b1E9t4QHhSnKK47/m0PHM+jGboLan3ZYp -----END CERTIFICATE----- diff --git a/certs/server-ecc.der b/certs/server-ecc.der index e775970c99ee230fe79ba83e70514a39faf47e8b..fcecf41af7e84d7aab360f626df2d1370cf75eb5 100644 GIT binary patch delta 123 zcmZ3=x`dU*powY0M3x=0hDJsPM#cu_My65XyhbJlmWHNKu0dn}M0xwo5{xd49_|bV zE=&qh={w&snW#%&IbvGvrJkke<^PYx;J-lVIQ9Vb<~gDgf;eDx&}Z diff --git a/certs/server-ecc.pem b/certs/server-ecc.pem index 7d0e27bf5..444644b0e 100644 --- a/certs/server-ecc.pem +++ b/certs/server-ecc.pem @@ -2,16 +2,16 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de: 9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c: 16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92: @@ -34,16 +34,16 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:20:61:6f:e8:b9:ad:cc:c9:1a:81:17:02:64:07:c3: - 18:44:01:81:76:18:9d:6d:3d:7d:cb:c1:5a:76:4a:ad:71:55: - 02:21:00:cd:22:35:04:19:c2:23:21:02:88:4b:51:da:db:51: - ab:54:8c:cb:38:ac:8e:bb:ee:18:07:bf:88:36:88:ff:d5 + 30:44:02:20:5a:67:b9:ee:02:34:27:1b:d4:c4:35:7b:ed:59: + 8e:63:c4:8a:b7:e9:92:c1:8a:76:b0:8b:cd:24:49:78:ba:ef: + 02:20:29:b8:b6:5f:83:f7:56:6a:f1:4d:d9:9f:52:2a:f9:8f: + 53:14:49:8b:5f:5e:87:af:7f:ca:2e:e0:d8:e7:75:0c -----BEGIN CERTIFICATE----- -MIICoTCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR +MIICoDCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD @@ -51,7 +51,7 @@ QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ -YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0gAMEUCIGFv6LmtzMkagRcCZAfD -GEQBgXYYnW09fcvBWnZKrXFVAiEAzSI1BBnCIyECiEtR2ttRq1SMyzisjrvuGAe/ -iDaI/9U= +YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0cAMEQCIFpnue4CNCcb1MQ1e+1Z +jmPEirfpksGKdrCLzSRJeLrvAiApuLZfg/dWavFN2Z9SKvmPUxRJi19eh69/yi7g +2Od1DA== -----END CERTIFICATE----- diff --git a/certs/server-ecc384-cert.der b/certs/server-ecc384-cert.der index ea466cb11e0f7af77e7954d8a3bf142e6f168e4b..4d7d5b848037cf09d58ef6f7f8a3543e475ab3f3 100644 GIT binary patch delta 229 zcmbQnzJy)Spow{bK@+p;0%j&gCMG5U#)*QR`~sXfydeqdm`cHs(-SWtPVC290MXTQO}H6)D^IF6`F# zDf(y46Lw#}rC~9B;*|KwznP4(G8qigm<$=V{*xX+w{%MCbmd2rRP2jl zJxyO2zfW5{k=aD~Xj$co%|A0=ncZISJdnwd;qt4bi|*G;XDB}m6LkJ^V24y_>c$`H gQu;3MrXMi0-2Y~F+qCr-Uv8-XDVJZE8}Gva04Lp84FCWD delta 215 zcmZ3&K8;<_pow{sK@+pY0%j&gCMG5UhKYj9mE^>E4J`}}3@r_fO$a1CoD6>~S(flE&1s*^ z!EBV7!C;WeWXSMh)-_g{d6hwqf?GotIwEdvVn2;GL}1&m_ZlY~u~^ z)Sb-x=lJ&7T_>3g0yueRbI8sTKk{7L!)tcRa+ztXYyOy~_E-KmH`A+_CI3OV=+~&9 P|02)MjC`yYe0Mzn&M#3B diff --git a/certs/server-ecc384-cert.pem b/certs/server-ecc384-cert.pem index ed415bf8e..35f295d79 100644 --- a/certs/server-ecc384-cert.pem +++ b/certs/server-ecc384-cert.pem @@ -1,22 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDkjCCAxigAwIBAgICEAAwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw +MIIDoDCCAyWgAwIBAgICEAEwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz -c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4MTAx -OTEzNDA0M1oXDTQ4MTAxMTEzNDA0M1owgZUxCzAJBgNVBAYTAlVTMRMwEQYDVQQI -DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGlj -MRIwEAYDVQQLDAlFQ0MzODRTcnYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqGSM49AgEGBSuB -BAAiA2IABOrPk08sCbs5FA9WZMNAtN8OY67lcUsAzASX/+HpOJa7X5Gyasy1OV+P -cFnxAfZaKwFsaAvPVSWvbZhICqh0yakXoAzD+9MjaP4EPGNQiDu5T3xnNPc7qXPn -G8NRXiIY7KOCATUwggExMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMB0G -A1UdDgQWBBSCO/JlL/O0AMa8Bv15QnVLZdHOvDCBzAYDVR0jBIHEMIHBgBSr4MMm -TBjUcrvShIycCgWSgBJTUqGBnaSBmjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx -FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQD8OQSkDqVshzAOBgNV -HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwMDaAAw -ZQIxAOia1gUcnnky9I/5RZ4A7r19gJvqudLrnujFOsHcaqvmGVe4tg1QSS2TDfzH -t5uKyQIwUAkNmwgdmhfE5ytISptkpxyWq3z8NWWPefjOmUpzBG/gVxX1Wvn+Wc2Z -WeMuU92v +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIxMTIy +MDIzMDcyNFoYDzIwNTExMjEzMjMwNzI0WjCBlTELMAkGA1UEBhMCVVMxEzARBgNV +BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0 +aWMxEjAQBgNVBAsMCUVDQzM4NFNydjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMHYwEAYHKoZIzj0CAQYF +K4EEACIDYgAE6s+TTywJuzkUD1Zkw0C03w5jruVxSwDMBJf/4ek4lrtfkbJqzLU5 +X49wWfEB9lorAWxoC89VJa9tmEgKqHTJqRegDMP70yNo/gQ8Y1CIO7lPfGc09zup +c+cbw1FeIhjso4IBQDCCATwwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAw +HQYDVR0OBBYEFII78mUv87QAxrwG/XlCdUtl0c68MIHXBgNVHSMEgc8wgcyAFKvg +wyZMGNRyu9KEjJwKBZKAElNSoYGdpIGaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UE +CAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNT +TDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv +bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUdr7uVtr3lC/NN2C7 +19ooOJeRlF8wDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoG +CCqGSM49BAMDA2kAMGYCMQC1/h53gwa3d35hpt6LG2RllyPikiQ/cl1JNegz72aj +kQM0I8V2eaiz+WnqNtug51ECMQDT6mLRR9d1mCPhVhFD9MC4GlVlsfgnGi9E7pfA +MTm/7JuGlq849Ngn/HcfoW1fTAA= -----END CERTIFICATE----- diff --git a/certs/server-revoked-cert.pem b/certs/server-revoked-cert.pem index 559cc34c4..000810f38 100644 --- a/certs/server-revoked-cert.pem +++ b/certs/server-revoked-cert.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_revoked, OU=Support_revoked, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_revoked, OU = Support_revoked, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b0:14:16:3a:43:dd:e1:50:45:4f:cf:80:b3:dd: 66:96:c7:e9:f4:dc:de:b6:6b:24:1b:76:48:ac:c6: @@ -37,7 +37,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -46,27 +46,27 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 5b:7a:eb:22:2a:8e:c1:fb:43:81:66:af:cb:bb:6b:d9:d6:2a: - 90:23:4e:8e:35:cc:8b:ec:88:fb:96:c0:48:63:c6:e7:d9:51: - 75:2d:b1:87:2a:5d:ca:56:86:8c:75:f7:d4:51:46:8d:77:3b: - 02:9b:49:2c:cf:f7:a5:da:9e:92:4e:13:0a:fd:48:01:27:44: - 8b:55:a7:76:3b:8f:8f:0b:8b:9a:53:39:21:c0:6a:e9:9c:77: - b1:0a:66:0c:a2:e3:56:3e:bd:4a:b6:a2:d1:b2:07:9f:ab:91: - 83:fa:9b:d3:5d:2c:26:7b:ee:02:e0:1f:f2:00:8c:99:58:d1: - 57:61:b2:6c:34:1a:1e:1a:c4:e8:87:ad:85:89:a1:ac:d6:b0: - 45:f4:97:0e:f2:c9:ed:5f:47:0c:f8:68:8e:04:f0:af:85:44: - 83:5f:dc:05:65:14:8d:83:1b:15:96:e6:09:6f:1f:96:3a:86: - eb:36:9b:fe:a0:b4:aa:05:5a:94:8f:dc:ac:28:97:1e:5b:5a: - 2d:94:5e:e1:1d:8a:2b:e8:ce:b3:be:27:c4:20:78:5c:cd:5d: - 76:9c:83:1f:4d:f3:a6:2e:a4:e3:7b:f0:58:cc:eb:95:c2:c9: - 94:23:fb:71:07:b5:91:de:98:ee:9f:81:d7:ba:ff:00:bb:83: - 3c:60:c5:73 + 48:1c:0d:ff:b1:2b:ef:94:14:a8:26:89:0a:f7:ef:08:9f:21: + 1e:de:56:28:b3:d8:9b:dc:80:10:6f:f6:47:e9:2b:a1:04:ed: + 07:43:6d:91:19:f5:c5:7f:57:7d:a8:dd:01:8c:76:7f:ed:c1: + a4:3e:ea:34:c0:89:5e:63:9e:b4:f2:0f:d3:2f:d9:da:56:72: + 13:6e:dc:fb:0f:bb:ed:84:b7:ef:08:94:ac:94:41:db:de:6b: + 4e:b0:d5:2e:19:37:7f:db:88:4a:8b:95:1c:f7:a6:7f:e6:83: + 3a:ac:23:89:a7:bf:db:6c:e6:85:9a:77:39:62:57:e5:5d:2c: + bd:b6:e8:e1:61:22:dc:7b:8b:dd:e4:41:44:1d:10:e8:5a:19: + cd:3b:74:5d:f7:0d:64:2f:1d:ae:51:ac:76:1a:d5:aa:e1:21: + 07:78:ef:1a:5b:be:5c:69:6d:4e:65:2f:a7:9e:da:16:31:6d: + 50:98:f2:78:d5:5b:f7:60:b6:40:8d:db:48:a0:90:63:12:6d: + ce:5b:b8:b9:37:20:9f:80:f3:0a:cb:f6:72:5d:cd:0b:04:59: + 76:1e:52:64:83:6f:6a:97:74:8a:55:2e:ce:e1:b5:93:46:c8: + 91:8c:63:26:96:1e:1c:53:26:40:6d:4f:49:b1:48:9e:48:95: + 54:bb:ec:38 -----BEGIN CERTIFICATE----- -MIIE7TCCA9WgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIE+DCCA+CgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2 b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G @@ -76,33 +76,34 @@ ayQbdkisxiOlp+QFGb239t76/+1bPHmKqdXx++vIseSyq1JyiZMiXLrNijYqLNFA Hf3mQ8cbM7j05RtZORI4TS2bZGiY/I1yEpHyJCVsTEpIV5IAzH7Y1D24HfKe6rIj D1EPEUEc9ScAGwh6EjoFWwMk/rF7IPrkqFjGys5/vpUBEp0F5jkTG8A+Vi4rn3Y3 3t6b4A16Yw2nIljbMcf3tEZcurZLSLEYmmizY0f9rxJfL/4Qy1grM2iFAgMBAAGj -ggE6MIIBNjAdBgNVHQ4EFgQU2AkrWeEq7tnuQKqcq/BdKAlPIrswgckGA1UdIwSB -wTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVT +ggFFMIIBQTAdBgNVHQ4EFgQU2AkrWeEq7tnuQKqcq/BdKAlPIrswgdQGA1UdIwSB +zDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVT MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz -c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/rBgK -N00wDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd -BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB -AFt66yIqjsH7Q4Fmr8u7a9nWKpAjTo41zIvsiPuWwEhjxufZUXUtsYcqXcpWhox1 -99RRRo13OwKbSSzP96XanpJOEwr9SAEnRItVp3Y7j48Li5pTOSHAaumcd7EKZgyi -41Y+vUq2otGyB5+rkYP6m9NdLCZ77gLgH/IAjJlY0Vdhsmw0Gh4axOiHrYWJoazW -sEX0lw7yye1fRwz4aI4E8K+FRINf3AVlFI2DGxWW5glvH5Y6hus2m/6gtKoFWpSP -3Kwolx5bWi2UXuEdiivozrO+J8QgeFzNXXacgx9N86YupON78FjM65XCyZQj+3EH -tZHemO6fgde6/wC7gzxgxXM= +c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCIugdC +jaqvT77CGkjw0UDmQjAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUu +Y29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG +9w0BAQsFAAOCAQEASBwN/7Er75QUqCaJCvfvCJ8hHt5WKLPYm9yAEG/2R+kroQTt +B0NtkRn1xX9XfajdAYx2f+3BpD7qNMCJXmOetPIP0y/Z2lZyE27c+w+77YS37wiU +rJRB295rTrDVLhk3f9uISouVHPemf+aDOqwjiae/22zmhZp3OWJX5V0svbbo4WEi +3HuL3eRBRB0Q6FoZzTt0XfcNZC8drlGsdhrVquEhB3jvGlu+XGltTmUvp57aFjFt +UJjyeNVb92C2QI3bSKCQYxJtzlu4uTcgn4DzCsv2cl3NCwRZdh5SZINvapd0ilUu +zuG1k0bIkYxjJpYeHFMmQG1PSbFInkiVVLvsOA== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) - Serial Number: 12309252214903945037 (0xaad33fac180a374d) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 7d:94:70:88:ba:07:42:8d:aa:af:4f:be:c2:1a:48:f0:d1:40:e6:42 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: @@ -129,7 +130,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -138,47 +139,47 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08: - 86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd: - 89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99: - c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce: - 89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8: - a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4: - ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20: - 88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70: - 6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38: - 7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4: - 12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6: - b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd: - b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e: - ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c: - 4f:a1:ca:98 + b0:71:bb:ba:45:5a:80:25:02:a4:7e:88:0b:a9:7b:fd:b0:bb: + f6:46:b5:ba:f4:c7:e3:61:20:8c:03:15:66:f5:e4:54:82:ef: + 13:80:97:22:67:c1:d1:88:5d:e2:2d:57:f6:e0:9f:69:d6:b1: + 5c:b6:e8:e0:98:89:c8:14:12:d6:b6:89:8d:6c:b9:a0:59:4f: + 92:ee:11:53:6b:7d:93:4a:69:0a:85:d9:d5:d2:62:e8:c9:b5: + c6:4e:17:f5:0a:e8:f3:2d:86:61:0b:eb:c4:c4:c6:67:75:ed: + 9a:9f:53:a0:71:1e:a0:90:0d:f9:03:b4:bc:86:19:6e:f0:3b: + 4f:e8:ed:68:f6:e7:23:43:3b:36:83:83:4b:46:a0:9a:01:d0: + c7:85:bb:7d:94:a0:21:3d:7e:3c:6a:3d:81:db:41:7b:46:d8: + 15:62:d5:8f:4d:3d:c0:db:9a:c5:81:a8:ac:da:87:99:c7:dd: + b9:f1:14:af:d1:93:e3:f3:42:d7:a2:04:51:21:54:29:c3:45: + f6:be:5c:fa:cd:db:bf:2f:79:81:42:e5:8f:47:0b:d4:54:01: + b5:c2:4a:46:d6:a8:31:2e:64:80:3f:48:61:91:29:f3:aa:43: + 5c:69:6e:f1:01:b9:df:63:71:3d:b9:5a:fb:36:c0:11:a2:c3: + 30:9d:95:c3 -----BEGIN CERTIFICATE----- -MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +MIIE/zCCA+egAwIBAgIUfZRwiLoHQo2qr0++whpI8NFA5kIwDQYJKoZIhvcNAQEL +BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZQxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw +DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP +d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804H0ry +TXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQ +u2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkc +rMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfa +QG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+j +JtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02 +eQIDAQABo4IBRTCCAUEwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHU +BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow -ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+ -gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO -BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv -b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM -BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud -JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI -WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX -apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28 -Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z -PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt -XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR -O7A8u4yPPHtMT6HKmA== +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU +fZRwiLoHQo2qr0++whpI8NFA5kIwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl +eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +DQYJKoZIhvcNAQELBQADggEBALBxu7pFWoAlAqR+iAupe/2wu/ZGtbr0x+NhIIwD +FWb15FSC7xOAlyJnwdGIXeItV/bgn2nWsVy26OCYicgUEta2iY1suaBZT5LuEVNr +fZNKaQqF2dXSYujJtcZOF/UK6PMthmEL68TExmd17ZqfU6BxHqCQDfkDtLyGGW7w +O0/o7Wj25yNDOzaDg0tGoJoB0MeFu32UoCE9fjxqPYHbQXtG2BVi1Y9NPcDbmsWB +qKzah5nH3bnxFK/Rk+PzQteiBFEhVCnDRfa+XPrN278veYFC5Y9HC9RUAbXCSkbW +qDEuZIA/SGGRKfOqQ1xpbvEBud9jcT25Wvs2wBGiwzCdlcM= -----END CERTIFICATE----- diff --git a/certs/test-degenerate.p7b b/certs/test-degenerate.p7b index 80ea235676230bb781bf51e1a9ad7f024343917c..cfae86d607904b3cee1b805eb3eec3c17ca7b4a6 100644 GIT binary patch delta 440 zcmdnPb%`s$po!IwjZ>@5qwPB{BRkWACRTfcCRS@EMn*#h18#&2%gl!h7(=4Nf{a$85kKGm>ZcyiSrtn7+4yb zLb;Q5nHO%}#;D22>Tl4*=so!flOoSOHs(-SWtPTk291{|3o`E$#cJ;4o6Pa`J6=52 z^2lN7{?RBRbx!2%@eh|z&zg8sM>en6tbcLh5&2sey|+1B$U36!d_w>CyQq_nbG7q7 zTc#_#skyeGo~`n1kj_b)=>1O_-6wo#>iB5us`}-k_nS5L(&rZPB`(l({HDk^zj(8y z$q~8G`1#MBPOa{@NorG@vUPiRO{$OG_BHii19_K<@aJp)OPZ=CClIvGC1UEGEl0}q zMKn@eS4~O0C3WHaW~=5CX}@1Y+_^H*Yu57<+g|+)lH6n)KUH&0_xaf|*Y2Lp{#5vP zo3F$Sj_9uE+NbwsOqXF=E^M}FfGhJvv46sgT&f0Vzpc$$5$x0qsa%c1eW R&JAl{ony23w2;A&0RV8~y2k(j delta 413 zcmcb_wTH{qpo!IjjZ>@5qwPB{BRkWACRR;@CRSA@Mn*#h18#&2F)Oo}|0*_cCRm02238#JDnEW^By3t`UW_ssG2yRS*sW3%p_Y_I#b`^#TZE}tn=8w@76GXF4cKNVkMvE)M3@l=b$8(y?; z^fcPJ=H>6p9I{IStFPbmt~6a_#r=e50n?m?84qJ~`t+<+?(M!NvwV%-*>D$+Z$%G| zM^C;}8=b-@-jY$TGgVfn?b?Qt^uWC8FIN*S0yj%M77#1;HtXt2V*MJ{wNLS3MeY8z zu0OfIu3wPE_}AX^zNO87w-;RhVzPHTE=~CuGds{{PwxE13U6O}JY2btL$}o_@|tt4 zyVBBM@{1zMxC>-tBV||Zi`7-F*~qr-z$%SZlWQ*QbzVC$K&IOFGuxBv3mFU<0D$AG A)c^nh diff --git a/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/certs/test-pathlen/chainA-ICA1-pathlen0.pem index ee98dc58d..2b9c28cce 100644 --- a/certs/test-pathlen/chainA-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainA-ICA1-pathlen0.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainA-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b2:2b:a1:3f:be:c0:58:bd:3a:bc:0d:19:ac:ca: 7f:b9:3b:f0:8c:30:ff:04:b1:34:7e:26:86:96:36: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b6:5c:0c:f0:48:f3:14:fe:91:0f:f5:a4:36:ec:6b:aa:8b:7e: - b4:98:7d:66:dc:6f:40:25:a1:cc:01:ae:6c:5e:2c:bd:4a:dc: - 5a:6e:eb:f7:84:aa:59:3b:63:b8:52:95:a2:d8:5e:1d:a8:c4: - e5:68:86:ea:de:83:25:9d:32:05:4e:4b:7a:f3:db:17:bc:1d: - 39:af:07:24:06:46:79:19:30:d3:22:de:d3:e9:e8:e7:b6:7d: - e3:1c:24:76:22:47:b1:5a:d7:2e:5b:8a:f7:a6:9f:54:7b:cf: - 88:a2:e8:45:f9:6a:c4:b5:e6:55:d8:ee:63:86:8b:6f:47:a5: - 84:1e:71:e2:2a:7c:0c:51:72:12:23:0c:ed:81:ef:7f:ab:da: - 47:5a:7b:f2:ee:6c:73:e2:2c:c2:6c:be:cf:4d:9c:3c:af:0f: - 1e:8c:45:2e:02:78:e5:38:0e:31:f6:bf:7f:69:69:4e:57:b6: - bb:62:81:26:3a:bd:27:84:fc:77:a1:98:67:78:5e:2c:4f:b2: - 36:ba:95:bf:19:3f:1e:50:b8:27:74:91:5b:40:15:be:59:56: - a2:79:15:c6:dc:b2:84:01:f4:39:56:28:b1:11:6e:4a:35:05: - 85:4b:09:c9:4b:fa:5d:c6:c5:3b:da:41:04:85:a6:89:cc:d1: - b4:12:03:b7 + 2c:8a:79:a0:f6:0a:84:52:92:f3:2b:4b:b1:99:2c:09:cd:a1: + bc:20:32:34:98:dc:8a:10:ec:f2:3b:01:ef:40:40:b2:17:cd: + 12:0a:c1:e0:3f:68:0d:25:9b:d4:df:39:72:11:fe:60:5e:eb: + 56:8b:8e:bf:2d:5d:47:65:1e:41:da:4a:30:e3:26:99:62:9f: + 73:39:93:11:92:e4:9e:66:6d:99:fb:55:a5:3f:2f:94:2e:1e: + ae:3b:90:00:42:75:9f:31:a7:ae:a5:f9:09:f8:c0:6c:ad:df: + 6b:94:c7:ae:43:b1:fd:0f:95:ee:69:5e:19:df:21:b9:05:62: + 54:9b:19:59:08:01:d9:00:c6:a4:1e:6d:8d:f4:4a:f0:41:53: + 31:4d:ff:40:20:ba:93:9b:96:fd:2b:b5:92:d8:b2:36:4d:e0: + c5:7b:a2:9d:91:d3:8e:73:bc:27:0a:cc:d8:b5:09:bb:a4:57: + 46:b1:9e:b6:80:36:95:63:a5:eb:6a:fe:d4:c9:75:75:1f:f8: + 6d:3e:a4:45:82:39:9e:8d:da:53:e6:25:02:60:c0:12:f0:20: + 9c:19:29:ae:7e:4c:c1:27:25:28:e2:c1:7f:0b:b0:c3:56:80: + 9a:7b:d8:40:36:3f:83:9f:1a:81:f3:be:69:ca:fd:b1:08:37: + a3:ad:f4:11 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ nWIkme23/8tNnUBU1eOqRaam2/5zQpRCwdAyXMQhrpyTALdKH56VpihtS9jAZeft o23KGLP638lnGnUjYIOlA19hveXWjZ0FRyN+oI3Rf0JOOKzOcLy/ewVbD4ICsJqN wBTK0EVelxDRoeEj2txpnM5TzGiJxkBNabyrT8cRXmKi3+KlNHw5NidnNBEELCqz FtuO/dd7HZNfM8LKliIqQ4KKSEYHE/9sHLC6C/DNP0zcNBePInBpnSLXxwIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQC2XAzwSPMU/pEP9aQ27Guqi360mH1m3G9AJaHMAa5sXiy9Stxabuv3hKpZ -O2O4UpWi2F4dqMTlaIbq3oMlnTIFTkt689sXvB05rwckBkZ5GTDTIt7T6ejntn3j -HCR2IkexWtcuW4r3pp9Ue8+IouhF+WrEteZV2O5jhotvR6WEHnHiKnwMUXISIwzt -ge9/q9pHWnvy7mxz4izCbL7PTZw8rw8ejEUuAnjlOA4x9r9/aWlOV7a7YoEmOr0n -hPx3oZhneF4sT7I2upW/GT8eULgndJFbQBW+WVaieRXG3LKEAfQ5ViixEW5KNQWF -SwnJS/pdxsU72kEEhaaJzNG0EgO3 +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBACyKeaD2CoRSkvMrS7GZLAnNobwgMjSY3IoQ7PI7Ae9A +QLIXzRIKweA/aA0lm9TfOXIR/mBe61aLjr8tXUdlHkHaSjDjJplin3M5kxGS5J5m +bZn7VaU/L5QuHq47kABCdZ8xp66l+Qn4wGyt32uUx65Dsf0Ple5pXhnfIbkFYlSb +GVkIAdkAxqQebY30SvBBUzFN/0AgupOblv0rtZLYsjZN4MV7op2R045zvCcKzNi1 +CbukV0axnraANpVjpetq/tTJdXUf+G0+pEWCOZ6N2lPmJQJgwBLwIJwZKa5+TMEn +JSjiwX8LsMNWgJp72EA2P4OfGoHzvmnK/bEIN6Ot9BE= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-assembled.pem b/certs/test-pathlen/chainA-assembled.pem index f84721e47..b4b90db23 100644 --- a/certs/test-pathlen/chainA-assembled.pem +++ b/certs/test-pathlen/chainA-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainA-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainA-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:7a:d8:c8:6c:4f:a5:cd:72:25:87:ff:12:a3: 65:0e:1d:1f:78:b2:d7:1a:65:a1:e7:4e:bd:05:b5: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 4d:0a:88:23:df:df:9b:11:0f:88:a8:a9:47:e1:eb:97:fd:8a: - 26:d0:d7:1b:a9:f5:2a:06:cc:2f:c6:37:f7:be:e5:bb:05:40: - 7d:93:df:7c:b9:b3:f4:21:d8:d7:66:eb:72:42:af:99:aa:13: - 0d:30:e1:00:fa:91:7b:54:4a:2c:8a:13:84:c6:a9:6f:38:7e: - 2b:ab:05:44:f0:dd:86:49:8a:b6:ad:43:d5:ba:be:f6:3c:f9: - 20:fd:b8:5e:f5:82:89:7d:0e:53:e1:85:58:4b:40:d2:57:69: - 37:a8:37:3c:4f:bb:ca:02:a1:dc:50:7f:ee:d5:3c:16:54:d9: - 90:63:ee:eb:b1:1d:35:e7:8a:f3:b8:38:05:a0:a5:18:e5:71: - ab:e8:4f:11:e2:0b:26:d1:0d:14:d9:92:28:5b:a0:87:ac:21: - b4:ca:45:4c:e0:e3:aa:f4:b7:a8:32:0f:74:8c:05:e4:64:54: - 22:d3:78:a9:bd:c8:7d:83:b2:48:3a:54:b9:12:66:d5:e0:a2: - 85:49:27:06:65:70:e2:30:2e:1c:81:6d:d4:92:a8:24:ff:f6: - 2d:f8:38:ca:89:b6:b3:85:14:83:bc:b5:38:e3:93:1c:70:c2: - 02:98:05:2b:b1:a6:7f:7e:97:dd:07:2b:bd:7c:10:03:a9:c5: - 1a:8e:dd:11 + 5e:c1:52:23:b1:8c:4b:a1:27:8f:a1:61:35:2d:62:20:5d:35: + 4d:da:bf:77:94:cc:38:f3:8a:c7:a0:cf:d1:4c:3c:3c:a7:fd: + 98:66:e2:b0:9e:4a:af:59:1f:13:af:d4:3a:04:9c:1d:7b:b5: + 5a:81:62:29:a8:1e:dd:7f:d8:4d:b4:14:8d:e7:15:03:95:12: + 34:46:68:35:57:b1:75:f8:30:99:5e:3b:b8:88:46:7f:0c:1e: + 9f:05:2e:85:d9:f3:ea:bd:3f:16:ef:50:0e:78:07:ae:e7:64: + 04:5e:b8:e8:2e:cf:bc:be:3c:33:2f:e5:c6:81:79:8d:ed:fc: + ea:50:d9:98:75:3a:28:be:64:c6:df:8a:09:35:bc:31:aa:da: + d6:ff:5c:01:80:ad:1d:da:4d:30:4f:4f:04:de:08:8d:dc:e9: + 9e:cf:2a:4c:cd:47:db:76:3f:9a:72:5f:2c:14:2e:9a:b3:59: + 7f:2d:5f:61:97:19:c2:a7:93:b4:98:9f:51:f6:95:f3:e5:fb: + 23:6e:2c:99:c9:69:86:13:35:5f:3d:7b:f3:de:3b:ed:3f:6b: + 48:83:17:03:08:a3:9d:08:bf:5e:7e:f4:31:e2:74:ae:f3:35: + 6a:f3:3d:ab:c8:de:0a:58:62:2e:35:bf:19:19:a7:46:de:a2: + d9:61:ae:5b -----BEGIN CERTIFICATE----- MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,26 +77,26 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATQqII9/fmxEPiKipR+Hrl/2K -JtDXG6n1KgbML8Y3977luwVAfZPffLmz9CHY12brckKvmaoTDTDhAPqRe1RKLIoT -hMapbzh+K6sFRPDdhkmKtq1D1bq+9jz5IP24XvWCiX0OU+GFWEtA0ldpN6g3PE+7 -ygKh3FB/7tU8FlTZkGPu67EdNeeK87g4BaClGOVxq+hPEeILJtENFNmSKFugh6wh -tMpFTODjqvS3qDIPdIwF5GRUItN4qb3IfYOySDpUuRJm1eCihUknBmVw4jAuHIFt -1JKoJP/2Lfg4yom2s4UUg7y1OOOTHHDCApgFK7Gmf36X3QcrvXwQA6nFGo7dEQ== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAXsFSI7GMS6Enj6FhNS1iIF01 +Tdq/d5TMOPOKx6DP0Uw8PKf9mGbisJ5Kr1kfE6/UOgScHXu1WoFiKage3X/YTbQU +jecVA5USNEZoNVexdfgwmV47uIhGfwwenwUuhdnz6r0/Fu9QDngHrudkBF646C7P +vL48My/lxoF5je386lDZmHU6KL5kxt+KCTW8Mara1v9cAYCtHdpNME9PBN4Ijdzp +ns8qTM1H23Y/mnJfLBQumrNZfy1fYZcZwqeTtJifUfaV8+X7I24smclphhM1Xz17 +89477T9rSIMXAwijnQi/Xn70MeJ0rvM1avM9q8jeClhiLjW/GRmnRt6i2WGuWw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainA-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b2:2b:a1:3f:be:c0:58:bd:3a:bc:0d:19:ac:ca: 7f:b9:3b:f0:8c:30:ff:04:b1:34:7e:26:86:96:36: @@ -123,34 +123,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b6:5c:0c:f0:48:f3:14:fe:91:0f:f5:a4:36:ec:6b:aa:8b:7e: - b4:98:7d:66:dc:6f:40:25:a1:cc:01:ae:6c:5e:2c:bd:4a:dc: - 5a:6e:eb:f7:84:aa:59:3b:63:b8:52:95:a2:d8:5e:1d:a8:c4: - e5:68:86:ea:de:83:25:9d:32:05:4e:4b:7a:f3:db:17:bc:1d: - 39:af:07:24:06:46:79:19:30:d3:22:de:d3:e9:e8:e7:b6:7d: - e3:1c:24:76:22:47:b1:5a:d7:2e:5b:8a:f7:a6:9f:54:7b:cf: - 88:a2:e8:45:f9:6a:c4:b5:e6:55:d8:ee:63:86:8b:6f:47:a5: - 84:1e:71:e2:2a:7c:0c:51:72:12:23:0c:ed:81:ef:7f:ab:da: - 47:5a:7b:f2:ee:6c:73:e2:2c:c2:6c:be:cf:4d:9c:3c:af:0f: - 1e:8c:45:2e:02:78:e5:38:0e:31:f6:bf:7f:69:69:4e:57:b6: - bb:62:81:26:3a:bd:27:84:fc:77:a1:98:67:78:5e:2c:4f:b2: - 36:ba:95:bf:19:3f:1e:50:b8:27:74:91:5b:40:15:be:59:56: - a2:79:15:c6:dc:b2:84:01:f4:39:56:28:b1:11:6e:4a:35:05: - 85:4b:09:c9:4b:fa:5d:c6:c5:3b:da:41:04:85:a6:89:cc:d1: - b4:12:03:b7 + 2c:8a:79:a0:f6:0a:84:52:92:f3:2b:4b:b1:99:2c:09:cd:a1: + bc:20:32:34:98:dc:8a:10:ec:f2:3b:01:ef:40:40:b2:17:cd: + 12:0a:c1:e0:3f:68:0d:25:9b:d4:df:39:72:11:fe:60:5e:eb: + 56:8b:8e:bf:2d:5d:47:65:1e:41:da:4a:30:e3:26:99:62:9f: + 73:39:93:11:92:e4:9e:66:6d:99:fb:55:a5:3f:2f:94:2e:1e: + ae:3b:90:00:42:75:9f:31:a7:ae:a5:f9:09:f8:c0:6c:ad:df: + 6b:94:c7:ae:43:b1:fd:0f:95:ee:69:5e:19:df:21:b9:05:62: + 54:9b:19:59:08:01:d9:00:c6:a4:1e:6d:8d:f4:4a:f0:41:53: + 31:4d:ff:40:20:ba:93:9b:96:fd:2b:b5:92:d8:b2:36:4d:e0: + c5:7b:a2:9d:91:d3:8e:73:bc:27:0a:cc:d8:b5:09:bb:a4:57: + 46:b1:9e:b6:80:36:95:63:a5:eb:6a:fe:d4:c9:75:75:1f:f8: + 6d:3e:a4:45:82:39:9e:8d:da:53:e6:25:02:60:c0:12:f0:20: + 9c:19:29:ae:7e:4c:c1:27:25:28:e2:c1:7f:0b:b0:c3:56:80: + 9a:7b:d8:40:36:3f:83:9f:1a:81:f3:be:69:ca:fd:b1:08:37: + a3:ad:f4:11 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -160,16 +160,16 @@ nWIkme23/8tNnUBU1eOqRaam2/5zQpRCwdAyXMQhrpyTALdKH56VpihtS9jAZeft o23KGLP638lnGnUjYIOlA19hveXWjZ0FRyN+oI3Rf0JOOKzOcLy/ewVbD4ICsJqN wBTK0EVelxDRoeEj2txpnM5TzGiJxkBNabyrT8cRXmKi3+KlNHw5NidnNBEELCqz FtuO/dd7HZNfM8LKliIqQ4KKSEYHE/9sHLC6C/DNP0zcNBePInBpnSLXxwIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQC2XAzwSPMU/pEP9aQ27Guqi360mH1m3G9AJaHMAa5sXiy9Stxabuv3hKpZ -O2O4UpWi2F4dqMTlaIbq3oMlnTIFTkt689sXvB05rwckBkZ5GTDTIt7T6ejntn3j -HCR2IkexWtcuW4r3pp9Ue8+IouhF+WrEteZV2O5jhotvR6WEHnHiKnwMUXISIwzt -ge9/q9pHWnvy7mxz4izCbL7PTZw8rw8ejEUuAnjlOA4x9r9/aWlOV7a7YoEmOr0n -hPx3oZhneF4sT7I2upW/GT8eULgndJFbQBW+WVaieRXG3LKEAfQ5ViixEW5KNQWF -SwnJS/pdxsU72kEEhaaJzNG0EgO3 +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBACyKeaD2CoRSkvMrS7GZLAnNobwgMjSY3IoQ7PI7Ae9A +QLIXzRIKweA/aA0lm9TfOXIR/mBe61aLjr8tXUdlHkHaSjDjJplin3M5kxGS5J5m +bZn7VaU/L5QuHq47kABCdZ8xp66l+Qn4wGyt32uUx65Dsf0Ple5pXhnfIbkFYlSb +GVkIAdkAxqQebY30SvBBUzFN/0AgupOblv0rtZLYsjZN4MV7op2R045zvCcKzNi1 +CbukV0axnraANpVjpetq/tTJdXUf+G0+pEWCOZ6N2lPmJQJgwBLwIJwZKa5+TMEn +JSjiwX8LsMNWgJp72EA2P4OfGoHzvmnK/bEIN6Ot9BE= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-entity.pem b/certs/test-pathlen/chainA-entity.pem index 1a87ce1e4..0562b5799 100644 --- a/certs/test-pathlen/chainA-entity.pem +++ b/certs/test-pathlen/chainA-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainA-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainA-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:7a:d8:c8:6c:4f:a5:cd:72:25:87:ff:12:a3: 65:0e:1d:1f:78:b2:d7:1a:65:a1:e7:4e:bd:05:b5: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 4d:0a:88:23:df:df:9b:11:0f:88:a8:a9:47:e1:eb:97:fd:8a: - 26:d0:d7:1b:a9:f5:2a:06:cc:2f:c6:37:f7:be:e5:bb:05:40: - 7d:93:df:7c:b9:b3:f4:21:d8:d7:66:eb:72:42:af:99:aa:13: - 0d:30:e1:00:fa:91:7b:54:4a:2c:8a:13:84:c6:a9:6f:38:7e: - 2b:ab:05:44:f0:dd:86:49:8a:b6:ad:43:d5:ba:be:f6:3c:f9: - 20:fd:b8:5e:f5:82:89:7d:0e:53:e1:85:58:4b:40:d2:57:69: - 37:a8:37:3c:4f:bb:ca:02:a1:dc:50:7f:ee:d5:3c:16:54:d9: - 90:63:ee:eb:b1:1d:35:e7:8a:f3:b8:38:05:a0:a5:18:e5:71: - ab:e8:4f:11:e2:0b:26:d1:0d:14:d9:92:28:5b:a0:87:ac:21: - b4:ca:45:4c:e0:e3:aa:f4:b7:a8:32:0f:74:8c:05:e4:64:54: - 22:d3:78:a9:bd:c8:7d:83:b2:48:3a:54:b9:12:66:d5:e0:a2: - 85:49:27:06:65:70:e2:30:2e:1c:81:6d:d4:92:a8:24:ff:f6: - 2d:f8:38:ca:89:b6:b3:85:14:83:bc:b5:38:e3:93:1c:70:c2: - 02:98:05:2b:b1:a6:7f:7e:97:dd:07:2b:bd:7c:10:03:a9:c5: - 1a:8e:dd:11 + 5e:c1:52:23:b1:8c:4b:a1:27:8f:a1:61:35:2d:62:20:5d:35: + 4d:da:bf:77:94:cc:38:f3:8a:c7:a0:cf:d1:4c:3c:3c:a7:fd: + 98:66:e2:b0:9e:4a:af:59:1f:13:af:d4:3a:04:9c:1d:7b:b5: + 5a:81:62:29:a8:1e:dd:7f:d8:4d:b4:14:8d:e7:15:03:95:12: + 34:46:68:35:57:b1:75:f8:30:99:5e:3b:b8:88:46:7f:0c:1e: + 9f:05:2e:85:d9:f3:ea:bd:3f:16:ef:50:0e:78:07:ae:e7:64: + 04:5e:b8:e8:2e:cf:bc:be:3c:33:2f:e5:c6:81:79:8d:ed:fc: + ea:50:d9:98:75:3a:28:be:64:c6:df:8a:09:35:bc:31:aa:da: + d6:ff:5c:01:80:ad:1d:da:4d:30:4f:4f:04:de:08:8d:dc:e9: + 9e:cf:2a:4c:cd:47:db:76:3f:9a:72:5f:2c:14:2e:9a:b3:59: + 7f:2d:5f:61:97:19:c2:a7:93:b4:98:9f:51:f6:95:f3:e5:fb: + 23:6e:2c:99:c9:69:86:13:35:5f:3d:7b:f3:de:3b:ed:3f:6b: + 48:83:17:03:08:a3:9d:08:bf:5e:7e:f4:31:e2:74:ae:f3:35: + 6a:f3:3d:ab:c8:de:0a:58:62:2e:35:bf:19:19:a7:46:de:a2: + d9:61:ae:5b -----BEGIN CERTIFICATE----- MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEATQqII9/fmxEPiKipR+Hrl/2K -JtDXG6n1KgbML8Y3977luwVAfZPffLmz9CHY12brckKvmaoTDTDhAPqRe1RKLIoT -hMapbzh+K6sFRPDdhkmKtq1D1bq+9jz5IP24XvWCiX0OU+GFWEtA0ldpN6g3PE+7 -ygKh3FB/7tU8FlTZkGPu67EdNeeK87g4BaClGOVxq+hPEeILJtENFNmSKFugh6wh -tMpFTODjqvS3qDIPdIwF5GRUItN4qb3IfYOySDpUuRJm1eCihUknBmVw4jAuHIFt -1JKoJP/2Lfg4yom2s4UUg7y1OOOTHHDCApgFK7Gmf36X3QcrvXwQA6nFGo7dEQ== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAXsFSI7GMS6Enj6FhNS1iIF01 +Tdq/d5TMOPOKx6DP0Uw8PKf9mGbisJ5Kr1kfE6/UOgScHXu1WoFiKage3X/YTbQU +jecVA5USNEZoNVexdfgwmV47uIhGfwwenwUuhdnz6r0/Fu9QDngHrudkBF646C7P +vL48My/lxoF5je386lDZmHU6KL5kxt+KCTW8Mara1v9cAYCtHdpNME9PBN4Ijdzp +ns8qTM1H23Y/mnJfLBQumrNZfy1fYZcZwqeTtJifUfaV8+X7I24smclphhM1Xz17 +89477T9rSIMXAwijnQi/Xn70MeJ0rvM1avM9q8jeClhiLjW/GRmnRt6i2WGuWw== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/certs/test-pathlen/chainB-ICA1-pathlen0.pem index 44735d35e..d10ff6ab7 100644 --- a/certs/test-pathlen/chainB-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainB-ICA1-pathlen0.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA2-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b2:f7:aa:ae:91:d1:24:41:52:a1:22:e0:d3:97: 9b:e0:0c:94:9c:4a:e4:b3:85:ae:a9:43:9f:ec:7a: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 95:41:25:30:aa:2e:b1:65:ab:9c:d0:00:7d:9e:cd:d7:df:c8: - 02:9e:9c:57:9b:f7:1b:f5:d0:0d:11:19:5f:86:bd:fd:e9:87: - f5:ca:4a:7b:06:cc:e5:5a:c2:d8:85:79:0e:ef:c8:27:42:c9: - 2f:62:2b:58:62:36:3c:90:40:cc:40:b3:28:34:9e:84:19:48: - ed:dd:e6:71:84:48:02:15:e5:f7:ce:0e:68:d0:86:1a:03:49: - f9:03:82:be:bb:0c:8e:b0:88:b4:44:82:19:c0:f4:04:41:3c: - f5:c4:a9:44:75:a5:e7:96:f5:a9:54:bd:da:34:d2:a9:4a:d3: - 72:a0:95:d3:2b:65:cb:58:ec:b8:a5:98:22:94:f6:b6:af:eb: - 0b:04:75:52:41:22:3c:1b:7f:4b:90:07:15:13:0d:22:c0:ac: - 1a:8a:fa:43:a9:61:32:6c:ed:1c:65:bb:69:61:8d:5d:22:a1: - d1:2d:d3:88:37:2b:ec:a0:eb:19:89:29:5f:95:22:ff:39:04: - 21:dd:a0:59:d1:fa:18:e8:a0:3c:85:24:cb:42:dd:e3:28:9b: - 82:91:50:18:64:6f:3a:e6:5e:58:e8:2b:9f:ce:a7:d5:1b:4e: - 82:ce:4f:70:76:ec:c4:dc:aa:34:8d:de:a8:23:3a:04:31:96: - b4:50:27:5d + 30:65:c9:85:15:6a:5d:e2:ba:d7:22:7f:f8:98:15:f0:3f:0d: + a0:c7:e8:33:72:57:1c:cc:54:3f:df:c6:64:72:2d:87:83:44: + f1:3d:8a:ef:52:c9:a9:9c:56:07:88:bd:25:4f:0a:b4:bd:a3: + 1b:d7:39:0b:bd:7e:3d:09:7f:65:ad:b2:21:23:74:80:1b:a5: + 4d:65:61:f4:9a:19:63:5a:37:f9:a9:6d:3d:1d:b0:9f:43:e3: + be:78:cf:b2:5f:62:f1:1f:f6:e2:f4:a5:e6:e4:0a:8c:d8:4b: + 05:3c:c0:8f:37:41:ad:b9:6a:fa:02:1c:35:12:8c:29:c6:6b: + 6e:e2:30:76:f0:63:39:fe:38:96:3d:51:58:eb:c0:6c:ad:eb: + 35:14:fe:ff:1c:70:b8:86:92:ae:ca:74:ad:90:ac:ae:c5:d8: + a2:4e:7f:8c:3d:53:74:98:ed:05:b2:83:27:22:3e:19:89:60: + 0c:2c:f6:f7:d2:f6:ac:76:7a:5c:9d:bb:26:c6:90:ad:29:b5: + 28:ac:f1:49:86:28:82:1a:d5:f8:4e:50:d5:51:8f:90:86:0b: + 98:fb:c1:1f:a9:3f:73:72:a2:08:9e:f8:28:8b:25:3d:37:38: + fb:d9:d8:1a:00:3b:23:88:a1:06:14:19:95:b9:e8:24:11:84: + 18:cc:88:21 -----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQELBQADggEBAJVBJTCqLrFlq5zQAH2ezdffyAKenFeb9xv10A0RGV+Gvf3ph/XK -SnsGzOVawtiFeQ7vyCdCyS9iK1hiNjyQQMxAsyg0noQZSO3d5nGESAIV5ffODmjQ -hhoDSfkDgr67DI6wiLREghnA9ARBPPXEqUR1peeW9alUvdo00qlK03KgldMrZctY -7LilmCKU9rav6wsEdVJBIjwbf0uQBxUTDSLArBqK+kOpYTJs7Rxlu2lhjV0iodEt -04g3K+yg6xmJKV+VIv85BCHdoFnR+hjooDyFJMtC3eMom4KRUBhkbzrmXljoK5/O -p9UbToLOT3B27MTcqjSN3qgjOgQxlrRQJ10= +AQELBQADggEBADBlyYUVal3iutcif/iYFfA/DaDH6DNyVxzMVD/fxmRyLYeDRPE9 +iu9SyamcVgeIvSVPCrS9oxvXOQu9fj0Jf2WtsiEjdIAbpU1lYfSaGWNaN/mpbT0d +sJ9D4754z7JfYvEf9uL0pebkCozYSwU8wI83Qa25avoCHDUSjCnGa27iMHbwYzn+ +OJY9UVjrwGyt6zUU/v8ccLiGkq7KdK2QrK7F2KJOf4w9U3SY7QWygyciPhmJYAws +9vfS9qx2elyduybGkK0ptSis8UmGKIIa1fhOUNVRj5CGC5j7wR+pP3Nyogie+CiL +JT03OPvZ2BoAOyOIoQYUGZW56CQRhBjMiCE= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/certs/test-pathlen/chainB-ICA2-pathlen1.pem index 1ea89956e..685c3fb54 100644 --- a/certs/test-pathlen/chainB-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainB-ICA2-pathlen1.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA2-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:7f:82:05:9d:5b:c4:49:e0:3e:1f:87:6e:17: 05:eb:e2:0a:d1:d1:a5:f5:cc:be:1d:46:d8:cd:a8: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 12:dd:3f:c6:8a:bb:1e:a0:0b:68:c4:bf:9e:34:09:b0:e9:1a: - 32:f5:c3:6c:59:7a:ec:c6:ba:42:b8:57:05:21:8a:6b:99:dd: - d7:7e:13:8e:1b:20:e5:ff:f9:67:23:ec:3c:fe:bb:07:e7:12: - ca:cb:74:03:01:5b:82:2d:3c:2c:e7:de:c5:00:6c:3b:6e:a3: - 91:73:e4:b3:ef:bd:5b:89:ce:f4:aa:f7:78:c6:a7:60:57:5a: - 4e:f4:f7:64:e1:78:24:0b:c1:49:fc:be:e2:7e:b6:d7:dd:f2: - 8d:5c:85:b0:1c:9a:2d:28:ea:54:08:a9:d2:80:aa:9f:9d:50: - 83:f4:f6:ce:70:2f:f4:83:0a:f4:39:81:a4:92:76:69:15:74: - 3b:01:46:4e:e1:95:87:d2:0e:f5:a2:b1:cd:8a:dc:d8:c7:12: - 6c:1a:04:74:e8:89:2f:48:bc:64:16:2e:d5:4b:21:78:d5:b2: - 17:93:57:de:94:fe:a4:28:db:f1:6e:5b:df:2b:83:a9:89:a1: - 59:09:1d:5b:64:1d:e6:09:65:41:a9:ef:1c:6d:92:98:50:8c: - af:aa:8e:89:d2:c5:88:2e:d5:a2:0e:1b:1e:7d:11:25:90:de: - 4f:49:ff:37:9c:71:3f:68:2a:da:15:60:20:c1:a0:2a:0e:ed: - fd:f9:92:e7 + 27:15:71:ae:36:f4:cd:a0:70:78:44:74:e8:17:7f:f4:cf:eb: + d8:bc:5d:6a:b3:91:79:ab:d1:d4:ef:72:b7:64:30:c2:49:96: + 9c:a3:d8:05:66:a7:e5:7b:96:8e:ff:bd:3f:3a:d6:36:f5:01: + 06:6b:a8:83:d2:23:dc:48:ff:a7:66:f6:27:a8:99:82:dd:d0: + a4:c4:a9:92:f0:d6:f2:1a:d0:cb:c3:0b:65:63:31:30:46:92: + 65:84:fe:0b:da:fa:9e:b6:70:24:9a:b0:69:d0:90:cb:c1:ec: + 9e:99:10:74:19:5b:78:e1:17:64:d5:74:5d:85:11:92:bd:94: + b5:18:11:ae:82:c2:78:36:4c:eb:11:e8:a3:95:42:07:cd:9d: + 5d:36:14:03:3c:d6:46:0d:7c:19:8c:7c:13:51:e3:5c:c2:a4: + ed:0c:a0:cc:71:08:a6:ec:0f:18:13:bd:59:e5:e3:96:c7:d8: + 04:77:00:7f:45:90:ca:e4:de:63:d7:83:3a:94:e3:01:98:d2: + 6d:cd:22:2a:cb:31:b7:08:29:15:e3:a2:f8:46:98:56:07:6d: + b2:0b:91:38:a0:ea:20:c9:63:6f:41:df:b6:3a:bd:58:f4:8b: + d3:62:ae:1b:b5:64:d3:c0:49:b6:63:20:a4:6b:39:e6:66:48: + f5:c9:81:9c -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ wt+hVv6Vl1ZeW/502fIuyn7bUHda0ZDcItb+S8BXocY7SrqtBRTJJGh2teIm1ctQ /dB3DowMuV73pJpFNWxiyuk41BCaXDClTyZHAwNzVoWMvvXQwAkGPg7o5X3QGVTt V+xRz7yVFZHP0JqE3YpQfDPCGmFwMZoZFyizjNpfuNIGa4I/tmooKYa0IMulr3Nm 5Dc2gfA/rb8FuNsuxCLi60aH9GDRpn/unEGn86rpN93a1vDNSKxR0XeNoQIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQAS3T/GirseoAtoxL+eNAmw6Roy9cNsWXrsxrpCuFcFIYprmd3XfhOOGyDl -//lnI+w8/rsH5xLKy3QDAVuCLTws597FAGw7bqORc+Sz771bic70qvd4xqdgV1pO -9Pdk4XgkC8FJ/L7ifrbX3fKNXIWwHJotKOpUCKnSgKqfnVCD9PbOcC/0gwr0OYGk -knZpFXQ7AUZO4ZWH0g71orHNitzYxxJsGgR06IkvSLxkFi7VSyF41bIXk1felP6k -KNvxblvfK4OpiaFZCR1bZB3mCWVBqe8cbZKYUIyvqo6J0sWILtWiDhsefRElkN5P -Sf83nHE/aCraFWAgwaAqDu39+ZLn +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBACcVca429M2gcHhEdOgXf/TP69i8XWqzkXmr0dTvcrdk +MMJJlpyj2AVmp+V7lo7/vT861jb1AQZrqIPSI9xI/6dm9ieomYLd0KTEqZLw1vIa +0MvDC2VjMTBGkmWE/gva+p62cCSasGnQkMvB7J6ZEHQZW3jhF2TVdF2FEZK9lLUY +Ea6Cwng2TOsR6KOVQgfNnV02FAM81kYNfBmMfBNR41zCpO0MoMxxCKbsDxgTvVnl +45bH2AR3AH9FkMrk3mPXgzqU4wGY0m3NIirLMbcIKRXjovhGmFYHbbILkTig6iDJ +Y29B37Y6vVj0i9Nirhu1ZNPASbZjIKRrOeZmSPXJgZw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-assembled.pem b/certs/test-pathlen/chainB-assembled.pem index a7000713d..bd043db47 100644 --- a/certs/test-pathlen/chainB-assembled.pem +++ b/certs/test-pathlen/chainB-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d7:5f:d9:3d:d7:5b:11:aa:3e:53:31:d0:32:78: 87:fb:c0:8e:80:6d:fc:68:73:1f:9c:77:66:16:35: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 78:1a:2d:43:61:05:f3:48:03:80:1d:15:25:c6:df:5f:94:86: - de:a3:60:53:fb:6c:6d:3d:f3:db:6e:01:8c:8c:73:44:4b:91: - 7d:7a:3c:57:e5:9f:ae:ab:b5:d0:44:e6:84:b5:f6:a3:1f:14: - f1:18:3d:4a:1f:c5:27:75:20:ae:b0:5a:26:33:cf:32:bd:1a: - ea:03:82:09:18:f6:7f:37:a6:f5:73:79:7e:69:45:67:d5:ba: - 68:0a:b9:cf:8d:f5:9c:56:26:e2:e3:0e:4e:1f:db:de:30:9b: - 36:6c:4d:8b:f6:52:ea:2c:99:78:68:35:dd:c6:e1:cb:d3:ba: - 74:b9:1e:3e:db:98:d4:16:6e:6e:ca:ea:0a:99:45:25:2b:56: - 50:89:31:12:b6:ef:5f:44:e6:35:7d:ff:6c:19:cc:6a:d7:1d: - 70:71:80:e8:01:7c:f2:ef:f2:e4:b5:f3:38:f1:78:65:72:38: - e9:c9:b1:93:0b:4c:49:b6:29:64:bc:d8:c4:30:3f:2c:8b:a3: - fc:19:c0:06:6e:2d:05:fe:c9:12:5d:d3:f8:c3:83:fb:d8:1e: - 2d:79:da:13:9c:ff:e6:ea:2f:ee:39:96:84:9a:5e:59:5d:a8: - fd:26:26:2b:36:b4:5d:9b:42:d8:3a:2f:41:03:47:fe:7d:e2: - b4:ce:2e:5d + 6a:04:9e:c8:1b:03:38:96:f6:a2:7c:70:54:65:0a:d8:b7:24: + 34:92:2a:92:95:c5:66:26:96:2b:e3:23:27:14:2c:73:26:b3: + 01:ef:f0:6a:fd:24:71:49:00:1a:1f:31:33:6d:0e:3d:61:36: + b1:07:46:ae:8c:51:3a:77:4c:15:0c:90:63:68:e3:ea:ad:60: + cd:53:d2:a3:9b:6d:8d:16:61:c5:5a:74:b7:4e:ac:97:f0:f9: + 02:7c:01:5e:25:50:23:87:4c:2c:59:d5:b1:66:30:31:b8:e6: + e3:b8:72:80:03:97:91:b1:ee:15:6d:92:20:69:d4:a4:aa:c6: + 88:42:11:7f:f9:55:4e:10:78:53:53:f7:86:79:a0:7a:08:34: + 3e:f7:9c:5b:90:e7:8c:ed:ab:10:c1:c0:ec:e0:b7:5d:4e:39: + c6:91:aa:83:1b:73:5b:02:c4:6a:39:2d:4c:c8:51:3c:f9:67: + db:b7:2d:ab:ac:2f:14:1a:6b:9e:24:e6:a6:ce:f3:bb:ff:33: + f8:b4:71:9f:cc:85:6c:1c:41:0a:37:0a:5c:b2:a3:ca:25:8c: + 05:52:1b:d0:2f:de:29:d9:8d:3a:98:fd:1d:57:8b:f7:ee:70: + 5b:be:ab:f3:fc:c8:83:1d:14:eb:55:58:70:c3:17:d2:cd:c9: + 4e:ac:05:6c -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,27 +77,27 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAHgaLUNh -BfNIA4AdFSXG31+Uht6jYFP7bG0989tuAYyMc0RLkX16PFfln66rtdBE5oS19qMf -FPEYPUofxSd1IK6wWiYzzzK9GuoDggkY9n83pvVzeX5pRWfVumgKuc+N9ZxWJuLj -Dk4f294wmzZsTYv2UuosmXhoNd3G4cvTunS5Hj7bmNQWbm7K6gqZRSUrVlCJMRK2 -719E5jV9/2wZzGrXHXBxgOgBfPLv8uS18zjxeGVyOOnJsZMLTEm2KWS82MQwPyyL -o/wZwAZuLQX+yRJd0/jDg/vYHi152hOc/+bqL+45loSaXlldqP0mJis2tF2bQtg6 -L0EDR/594rTOLl0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAGoEnsgb +AziW9qJ8cFRlCti3JDSSKpKVxWYmlivjIycULHMmswHv8Gr9JHFJABofMTNtDj1h +NrEHRq6MUTp3TBUMkGNo4+qtYM1T0qObbY0WYcVadLdOrJfw+QJ8AV4lUCOHTCxZ +1bFmMDG45uO4coADl5Gx7hVtkiBp1KSqxohCEX/5VU4QeFNT94Z5oHoIND73nFuQ +54ztqxDBwOzgt11OOcaRqoMbc1sCxGo5LUzIUTz5Z9u3LausLxQaa54k5qbO87v/ +M/i0cZ/MhWwcQQo3Clyyo8oljAVSG9Av3inZjTqY/R1Xi/fucFu+q/P8yIMdFOtV +WHDDF9LNyU6sBWw= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA2-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b2:f7:aa:ae:91:d1:24:41:52:a1:22:e0:d3:97: 9b:e0:0c:94:9c:4a:e4:b3:85:ae:a9:43:9f:ec:7a: @@ -131,27 +131,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 95:41:25:30:aa:2e:b1:65:ab:9c:d0:00:7d:9e:cd:d7:df:c8: - 02:9e:9c:57:9b:f7:1b:f5:d0:0d:11:19:5f:86:bd:fd:e9:87: - f5:ca:4a:7b:06:cc:e5:5a:c2:d8:85:79:0e:ef:c8:27:42:c9: - 2f:62:2b:58:62:36:3c:90:40:cc:40:b3:28:34:9e:84:19:48: - ed:dd:e6:71:84:48:02:15:e5:f7:ce:0e:68:d0:86:1a:03:49: - f9:03:82:be:bb:0c:8e:b0:88:b4:44:82:19:c0:f4:04:41:3c: - f5:c4:a9:44:75:a5:e7:96:f5:a9:54:bd:da:34:d2:a9:4a:d3: - 72:a0:95:d3:2b:65:cb:58:ec:b8:a5:98:22:94:f6:b6:af:eb: - 0b:04:75:52:41:22:3c:1b:7f:4b:90:07:15:13:0d:22:c0:ac: - 1a:8a:fa:43:a9:61:32:6c:ed:1c:65:bb:69:61:8d:5d:22:a1: - d1:2d:d3:88:37:2b:ec:a0:eb:19:89:29:5f:95:22:ff:39:04: - 21:dd:a0:59:d1:fa:18:e8:a0:3c:85:24:cb:42:dd:e3:28:9b: - 82:91:50:18:64:6f:3a:e6:5e:58:e8:2b:9f:ce:a7:d5:1b:4e: - 82:ce:4f:70:76:ec:c4:dc:aa:34:8d:de:a8:23:3a:04:31:96: - b4:50:27:5d + 30:65:c9:85:15:6a:5d:e2:ba:d7:22:7f:f8:98:15:f0:3f:0d: + a0:c7:e8:33:72:57:1c:cc:54:3f:df:c6:64:72:2d:87:83:44: + f1:3d:8a:ef:52:c9:a9:9c:56:07:88:bd:25:4f:0a:b4:bd:a3: + 1b:d7:39:0b:bd:7e:3d:09:7f:65:ad:b2:21:23:74:80:1b:a5: + 4d:65:61:f4:9a:19:63:5a:37:f9:a9:6d:3d:1d:b0:9f:43:e3: + be:78:cf:b2:5f:62:f1:1f:f6:e2:f4:a5:e6:e4:0a:8c:d8:4b: + 05:3c:c0:8f:37:41:ad:b9:6a:fa:02:1c:35:12:8c:29:c6:6b: + 6e:e2:30:76:f0:63:39:fe:38:96:3d:51:58:eb:c0:6c:ad:eb: + 35:14:fe:ff:1c:70:b8:86:92:ae:ca:74:ad:90:ac:ae:c5:d8: + a2:4e:7f:8c:3d:53:74:98:ed:05:b2:83:27:22:3e:19:89:60: + 0c:2c:f6:f7:d2:f6:ac:76:7a:5c:9d:bb:26:c6:90:ad:29:b5: + 28:ac:f1:49:86:28:82:1a:d5:f8:4e:50:d5:51:8f:90:86:0b: + 98:fb:c1:1f:a9:3f:73:72:a2:08:9e:f8:28:8b:25:3d:37:38: + fb:d9:d8:1a:00:3b:23:88:a1:06:14:19:95:b9:e8:24:11:84: + 18:cc:88:21 -----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,26 +167,26 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQELBQADggEBAJVBJTCqLrFlq5zQAH2ezdffyAKenFeb9xv10A0RGV+Gvf3ph/XK -SnsGzOVawtiFeQ7vyCdCyS9iK1hiNjyQQMxAsyg0noQZSO3d5nGESAIV5ffODmjQ -hhoDSfkDgr67DI6wiLREghnA9ARBPPXEqUR1peeW9alUvdo00qlK03KgldMrZctY -7LilmCKU9rav6wsEdVJBIjwbf0uQBxUTDSLArBqK+kOpYTJs7Rxlu2lhjV0iodEt -04g3K+yg6xmJKV+VIv85BCHdoFnR+hjooDyFJMtC3eMom4KRUBhkbzrmXljoK5/O -p9UbToLOT3B27MTcqjSN3qgjOgQxlrRQJ10= +AQELBQADggEBADBlyYUVal3iutcif/iYFfA/DaDH6DNyVxzMVD/fxmRyLYeDRPE9 +iu9SyamcVgeIvSVPCrS9oxvXOQu9fj0Jf2WtsiEjdIAbpU1lYfSaGWNaN/mpbT0d +sJ9D4754z7JfYvEf9uL0pebkCozYSwU8wI83Qa25avoCHDUSjCnGa27iMHbwYzn+ +OJY9UVjrwGyt6zUU/v8ccLiGkq7KdK2QrK7F2KJOf4w9U3SY7QWygyciPhmJYAws +9vfS9qx2elyduybGkK0ptSis8UmGKIIa1fhOUNVRj5CGC5j7wR+pP3Nyogie+CiL +JT03OPvZ2BoAOyOIoQYUGZW56CQRhBjMiCE= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA2-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d0:7f:82:05:9d:5b:c4:49:e0:3e:1f:87:6e:17: 05:eb:e2:0a:d1:d1:a5:f5:cc:be:1d:46:d8:cd:a8: @@ -213,34 +213,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 12:dd:3f:c6:8a:bb:1e:a0:0b:68:c4:bf:9e:34:09:b0:e9:1a: - 32:f5:c3:6c:59:7a:ec:c6:ba:42:b8:57:05:21:8a:6b:99:dd: - d7:7e:13:8e:1b:20:e5:ff:f9:67:23:ec:3c:fe:bb:07:e7:12: - ca:cb:74:03:01:5b:82:2d:3c:2c:e7:de:c5:00:6c:3b:6e:a3: - 91:73:e4:b3:ef:bd:5b:89:ce:f4:aa:f7:78:c6:a7:60:57:5a: - 4e:f4:f7:64:e1:78:24:0b:c1:49:fc:be:e2:7e:b6:d7:dd:f2: - 8d:5c:85:b0:1c:9a:2d:28:ea:54:08:a9:d2:80:aa:9f:9d:50: - 83:f4:f6:ce:70:2f:f4:83:0a:f4:39:81:a4:92:76:69:15:74: - 3b:01:46:4e:e1:95:87:d2:0e:f5:a2:b1:cd:8a:dc:d8:c7:12: - 6c:1a:04:74:e8:89:2f:48:bc:64:16:2e:d5:4b:21:78:d5:b2: - 17:93:57:de:94:fe:a4:28:db:f1:6e:5b:df:2b:83:a9:89:a1: - 59:09:1d:5b:64:1d:e6:09:65:41:a9:ef:1c:6d:92:98:50:8c: - af:aa:8e:89:d2:c5:88:2e:d5:a2:0e:1b:1e:7d:11:25:90:de: - 4f:49:ff:37:9c:71:3f:68:2a:da:15:60:20:c1:a0:2a:0e:ed: - fd:f9:92:e7 + 27:15:71:ae:36:f4:cd:a0:70:78:44:74:e8:17:7f:f4:cf:eb: + d8:bc:5d:6a:b3:91:79:ab:d1:d4:ef:72:b7:64:30:c2:49:96: + 9c:a3:d8:05:66:a7:e5:7b:96:8e:ff:bd:3f:3a:d6:36:f5:01: + 06:6b:a8:83:d2:23:dc:48:ff:a7:66:f6:27:a8:99:82:dd:d0: + a4:c4:a9:92:f0:d6:f2:1a:d0:cb:c3:0b:65:63:31:30:46:92: + 65:84:fe:0b:da:fa:9e:b6:70:24:9a:b0:69:d0:90:cb:c1:ec: + 9e:99:10:74:19:5b:78:e1:17:64:d5:74:5d:85:11:92:bd:94: + b5:18:11:ae:82:c2:78:36:4c:eb:11:e8:a3:95:42:07:cd:9d: + 5d:36:14:03:3c:d6:46:0d:7c:19:8c:7c:13:51:e3:5c:c2:a4: + ed:0c:a0:cc:71:08:a6:ec:0f:18:13:bd:59:e5:e3:96:c7:d8: + 04:77:00:7f:45:90:ca:e4:de:63:d7:83:3a:94:e3:01:98:d2: + 6d:cd:22:2a:cb:31:b7:08:29:15:e3:a2:f8:46:98:56:07:6d: + b2:0b:91:38:a0:ea:20:c9:63:6f:41:df:b6:3a:bd:58:f4:8b: + d3:62:ae:1b:b5:64:d3:c0:49:b6:63:20:a4:6b:39:e6:66:48: + f5:c9:81:9c -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -250,16 +250,16 @@ wt+hVv6Vl1ZeW/502fIuyn7bUHda0ZDcItb+S8BXocY7SrqtBRTJJGh2teIm1ctQ /dB3DowMuV73pJpFNWxiyuk41BCaXDClTyZHAwNzVoWMvvXQwAkGPg7o5X3QGVTt V+xRz7yVFZHP0JqE3YpQfDPCGmFwMZoZFyizjNpfuNIGa4I/tmooKYa0IMulr3Nm 5Dc2gfA/rb8FuNsuxCLi60aH9GDRpn/unEGn86rpN93a1vDNSKxR0XeNoQIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQAS3T/GirseoAtoxL+eNAmw6Roy9cNsWXrsxrpCuFcFIYprmd3XfhOOGyDl -//lnI+w8/rsH5xLKy3QDAVuCLTws597FAGw7bqORc+Sz771bic70qvd4xqdgV1pO -9Pdk4XgkC8FJ/L7ifrbX3fKNXIWwHJotKOpUCKnSgKqfnVCD9PbOcC/0gwr0OYGk -knZpFXQ7AUZO4ZWH0g71orHNitzYxxJsGgR06IkvSLxkFi7VSyF41bIXk1felP6k -KNvxblvfK4OpiaFZCR1bZB3mCWVBqe8cbZKYUIyvqo6J0sWILtWiDhsefRElkN5P -Sf83nHE/aCraFWAgwaAqDu39+ZLn +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBACcVca429M2gcHhEdOgXf/TP69i8XWqzkXmr0dTvcrdk +MMJJlpyj2AVmp+V7lo7/vT861jb1AQZrqIPSI9xI/6dm9ieomYLd0KTEqZLw1vIa +0MvDC2VjMTBGkmWE/gva+p62cCSasGnQkMvB7J6ZEHQZW3jhF2TVdF2FEZK9lLUY +Ea6Cwng2TOsR6KOVQgfNnV02FAM81kYNfBmMfBNR41zCpO0MoMxxCKbsDxgTvVnl +45bH2AR3AH9FkMrk3mPXgzqU4wGY0m3NIirLMbcIKRXjovhGmFYHbbILkTig6iDJ +Y29B37Y6vVj0i9Nirhu1ZNPASbZjIKRrOeZmSPXJgZw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-entity.pem b/certs/test-pathlen/chainB-entity.pem index 9b091fb7e..4bbd1b119 100644 --- a/certs/test-pathlen/chainB-entity.pem +++ b/certs/test-pathlen/chainB-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainB-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d7:5f:d9:3d:d7:5b:11:aa:3e:53:31:d0:32:78: 87:fb:c0:8e:80:6d:fc:68:73:1f:9c:77:66:16:35: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 78:1a:2d:43:61:05:f3:48:03:80:1d:15:25:c6:df:5f:94:86: - de:a3:60:53:fb:6c:6d:3d:f3:db:6e:01:8c:8c:73:44:4b:91: - 7d:7a:3c:57:e5:9f:ae:ab:b5:d0:44:e6:84:b5:f6:a3:1f:14: - f1:18:3d:4a:1f:c5:27:75:20:ae:b0:5a:26:33:cf:32:bd:1a: - ea:03:82:09:18:f6:7f:37:a6:f5:73:79:7e:69:45:67:d5:ba: - 68:0a:b9:cf:8d:f5:9c:56:26:e2:e3:0e:4e:1f:db:de:30:9b: - 36:6c:4d:8b:f6:52:ea:2c:99:78:68:35:dd:c6:e1:cb:d3:ba: - 74:b9:1e:3e:db:98:d4:16:6e:6e:ca:ea:0a:99:45:25:2b:56: - 50:89:31:12:b6:ef:5f:44:e6:35:7d:ff:6c:19:cc:6a:d7:1d: - 70:71:80:e8:01:7c:f2:ef:f2:e4:b5:f3:38:f1:78:65:72:38: - e9:c9:b1:93:0b:4c:49:b6:29:64:bc:d8:c4:30:3f:2c:8b:a3: - fc:19:c0:06:6e:2d:05:fe:c9:12:5d:d3:f8:c3:83:fb:d8:1e: - 2d:79:da:13:9c:ff:e6:ea:2f:ee:39:96:84:9a:5e:59:5d:a8: - fd:26:26:2b:36:b4:5d:9b:42:d8:3a:2f:41:03:47:fe:7d:e2: - b4:ce:2e:5d + 6a:04:9e:c8:1b:03:38:96:f6:a2:7c:70:54:65:0a:d8:b7:24: + 34:92:2a:92:95:c5:66:26:96:2b:e3:23:27:14:2c:73:26:b3: + 01:ef:f0:6a:fd:24:71:49:00:1a:1f:31:33:6d:0e:3d:61:36: + b1:07:46:ae:8c:51:3a:77:4c:15:0c:90:63:68:e3:ea:ad:60: + cd:53:d2:a3:9b:6d:8d:16:61:c5:5a:74:b7:4e:ac:97:f0:f9: + 02:7c:01:5e:25:50:23:87:4c:2c:59:d5:b1:66:30:31:b8:e6: + e3:b8:72:80:03:97:91:b1:ee:15:6d:92:20:69:d4:a4:aa:c6: + 88:42:11:7f:f9:55:4e:10:78:53:53:f7:86:79:a0:7a:08:34: + 3e:f7:9c:5b:90:e7:8c:ed:ab:10:c1:c0:ec:e0:b7:5d:4e:39: + c6:91:aa:83:1b:73:5b:02:c4:6a:39:2d:4c:c8:51:3c:f9:67: + db:b7:2d:ab:ac:2f:14:1a:6b:9e:24:e6:a6:ce:f3:bb:ff:33: + f8:b4:71:9f:cc:85:6c:1c:41:0a:37:0a:5c:b2:a3:ca:25:8c: + 05:52:1b:d0:2f:de:29:d9:8d:3a:98:fd:1d:57:8b:f7:ee:70: + 5b:be:ab:f3:fc:c8:83:1d:14:eb:55:58:70:c3:17:d2:cd:c9: + 4e:ac:05:6c -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAHgaLUNh -BfNIA4AdFSXG31+Uht6jYFP7bG0989tuAYyMc0RLkX16PFfln66rtdBE5oS19qMf -FPEYPUofxSd1IK6wWiYzzzK9GuoDggkY9n83pvVzeX5pRWfVumgKuc+N9ZxWJuLj -Dk4f294wmzZsTYv2UuosmXhoNd3G4cvTunS5Hj7bmNQWbm7K6gqZRSUrVlCJMRK2 -719E5jV9/2wZzGrXHXBxgOgBfPLv8uS18zjxeGVyOOnJsZMLTEm2KWS82MQwPyyL -o/wZwAZuLQX+yRJd0/jDg/vYHi152hOc/+bqL+45loSaXlldqP0mJis2tF2bQtg6 -L0EDR/594rTOLl0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAGoEnsgb +AziW9qJ8cFRlCti3JDSSKpKVxWYmlivjIycULHMmswHv8Gr9JHFJABofMTNtDj1h +NrEHRq6MUTp3TBUMkGNo4+qtYM1T0qObbY0WYcVadLdOrJfw+QJ8AV4lUCOHTCxZ +1bFmMDG45uO4coADl5Gx7hVtkiBp1KSqxohCEX/5VU4QeFNT94Z5oHoIND73nFuQ +54ztqxDBwOzgt11OOcaRqoMbc1sCxGo5LUzIUTz5Z9u3LausLxQaa54k5qbO87v/ +M/i0cZ/MhWwcQQo3Clyyo8oljAVSG9Av3inZjTqY/R1Xi/fucFu+q/P8yIMdFOtV +WHDDF9LNyU6sBWw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/certs/test-pathlen/chainC-ICA1-pathlen1.pem index 81f67f54f..f74b341c2 100644 --- a/certs/test-pathlen/chainC-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainC-ICA1-pathlen1.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainC-ICA1-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:1a:6c:c1:bd:bb:9b:29:ca:35:3d:63:a3:29: cd:a6:65:c4:9e:a3:c5:50:99:ad:51:90:0a:9a:9b: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b2:28:df:aa:26:d1:ba:a6:18:a9:c3:36:29:c1:11:4f:40:e0: - dc:5b:cd:18:3d:f4:b8:b2:79:c7:03:93:71:91:fb:0b:cd:d9: - 07:21:76:f2:48:29:28:c8:18:88:df:79:26:04:69:5e:ba:e8: - d6:b9:4e:38:b2:9b:e9:bf:50:91:f6:cb:6f:e0:a6:36:dc:2a: - 27:6b:ca:62:3f:03:e7:cf:24:98:97:a9:c3:7a:b1:79:b3:db: - 2d:4e:38:3e:6d:d9:1d:66:cc:8e:d1:c9:9e:3e:92:8a:76:6d: - 60:53:e6:c3:27:29:dd:f0:7b:17:a5:eb:66:83:40:6c:2f:8d: - 95:d8:91:b6:08:27:1a:ef:96:10:0d:75:76:86:fa:4a:17:e4: - 10:46:16:38:42:65:8c:5e:2c:4c:c0:3f:c7:9d:29:63:53:0b: - 2e:86:44:4c:79:da:c7:2b:af:1a:92:69:43:cb:85:af:79:98: - fc:01:88:b0:5a:f9:3a:de:f0:bb:7e:fa:37:95:9b:04:5b:eb: - 40:9d:ee:2d:cd:50:48:17:19:28:12:66:c7:d7:77:fa:ba:4c: - c7:d1:f0:d9:2e:f4:63:40:14:87:48:03:32:99:13:ea:d7:7b: - 4b:c9:ef:16:ca:14:14:79:ed:fe:d7:f5:6f:4c:db:4c:95:a6: - 36:3d:02:0f + 11:c4:12:09:e2:a7:bd:3e:94:bf:60:69:43:07:e9:0e:a5:48: + 57:63:ba:aa:62:fb:1b:cb:b3:61:69:45:34:f1:60:b0:7b:4f: + 69:b9:f4:e4:99:99:48:a8:4a:5c:84:21:6f:cc:49:4e:0c:2b: + 52:dc:01:bd:fe:d3:ee:66:b4:d4:3e:2b:d5:56:42:58:b2:06: + 34:24:74:ad:0d:50:3c:d8:fd:89:20:58:ff:f5:58:b0:3b:cc: + 47:2b:1d:82:2c:81:1a:a2:ad:26:be:ae:c2:fb:04:f4:c1:08: + 6a:e2:c3:97:17:23:a6:d3:18:69:cf:7f:b6:b1:39:ba:06:de: + 20:1a:ed:e3:3b:11:11:11:f6:f3:da:f0:4f:29:36:fa:d2:71: + 1b:b5:7a:3e:fa:d4:0e:5f:54:cc:f1:1b:95:b2:a6:06:85:61: + e6:06:dc:02:8a:d1:ad:11:fe:85:8e:04:ac:dd:f1:24:90:72: + 5a:45:d5:6c:69:ef:c0:4f:d6:2f:46:bd:45:bb:51:f9:9d:d2: + fb:c0:53:8e:62:4e:64:17:14:e6:9a:18:6d:a9:33:94:af:2a: + 21:e0:95:84:2d:73:3a:15:87:2f:c8:8c:25:5d:e6:ca:1a:0b: + e2:1f:d8:b0:29:c1:86:d0:72:27:26:40:19:ea:8e:ec:7a:c4: + 83:e8:66:6d -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ T/w3Jk5UedcXOVB5bqMpmQetnVzY4QLnM37k2qQFvGID059qkZJm3SnQlfsvP/BZ uHBbJVR7oAqfMwlk7fvUHC2WVEXjUJj/sX+axs8Jo9rpV60dBY8edXXn0gcz3tp9 QtgOlP6ux5vDtZ7zayGfdMSzMnwoTg+8FTO6nAk8wUAGeLuxID9hFfYeSXNRiZUt lb801sKp0TQdjSFtT6Nu7/wjonb80CVTDkN2O+2C7NgjyzPvPJ2h3uZ6rQIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQCyKN+qJtG6phipwzYpwRFPQODcW80YPfS4snnHA5NxkfsLzdkHIXbySCko -yBiI33kmBGleuujWuU44spvpv1CR9stv4KY23Cona8piPwPnzySYl6nDerF5s9st -Tjg+bdkdZsyO0cmePpKKdm1gU+bDJynd8HsXpetmg0BsL42V2JG2CCca75YQDXV2 -hvpKF+QQRhY4QmWMXixMwD/HnSljUwsuhkRMedrHK68akmlDy4WveZj8AYiwWvk6 -3vC7fvo3lZsEW+tAne4tzVBIFxkoEmbH13f6ukzH0fDZLvRjQBSHSAMymRPq13tL -ye8WyhQUee3+1/VvTNtMlaY2PQIP +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBABHEEgnip70+lL9gaUMH6Q6lSFdjuqpi+xvLs2FpRTTx +YLB7T2m59OSZmUioSlyEIW/MSU4MK1LcAb3+0+5mtNQ+K9VWQliyBjQkdK0NUDzY +/YkgWP/1WLA7zEcrHYIsgRqirSa+rsL7BPTBCGriw5cXI6bTGGnPf7axOboG3iAa +7eM7ERER9vPa8E8pNvrScRu1ej761A5fVMzxG5WypgaFYeYG3AKK0a0R/oWOBKzd +8SSQclpF1Wxp78BP1i9GvUW7Ufmd0vvAU45iTmQXFOaaGG2pM5SvKiHglYQtczoV +hy/IjCVd5soaC+If2LApwYbQcicmQBnqjux6xIPoZm0= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-assembled.pem b/certs/test-pathlen/chainC-assembled.pem index e1691d453..ff2ec64a7 100644 --- a/certs/test-pathlen/chainC-assembled.pem +++ b/certs/test-pathlen/chainC-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainC-ICA1-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainC-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:34:e1:1c:2c:2d:a4:93:b5:c4:fc:65:40:fa: 94:68:74:24:ff:52:a4:df:3e:f1:7c:92:14:f0:f0: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 3d:59:ea:2a:2e:ce:c6:6d:eb:52:08:01:5c:bc:cb:0f:e1:6a: - 26:22:25:ad:8c:0f:34:c0:65:23:e0:6b:34:3d:6d:8d:1b:df: - e1:57:84:92:5d:f6:cd:27:18:49:9c:58:9a:d8:ac:96:fd:44: - fa:b9:d9:77:d2:7a:22:f7:6d:9e:3d:86:97:95:af:0c:c8:0e: - df:78:df:3c:2f:7d:3f:85:e0:e4:03:b2:b6:32:ed:7d:53:7a: - 3f:1f:84:6c:3b:28:61:80:7e:5b:50:c8:59:a8:0f:b3:12:26: - 6a:fd:12:8f:fa:d5:12:02:43:85:c2:f4:cc:02:0d:4f:ff:cc: - 56:0f:a7:f2:7f:64:e8:77:8d:fb:21:42:6c:20:2a:99:da:a5: - 72:0c:1a:0d:ea:e0:91:3d:5a:bc:4e:96:b7:7d:50:0e:ce:1c: - f9:7d:1f:9a:39:25:33:28:e5:45:8f:27:02:68:97:8d:f5:f0: - 3f:21:83:ff:b7:29:09:4f:46:9c:8d:ab:49:43:45:8f:4a:3b: - 1b:ae:b1:d3:9a:d8:47:1c:9b:67:3a:e4:5a:18:29:55:8d:ee: - fd:ed:88:e7:f4:38:6c:f1:36:12:d9:d0:ee:4b:4b:17:df:74: - 18:ea:96:64:1d:84:3a:ed:38:7a:9f:95:3b:c2:5b:93:80:41: - e1:c5:4e:19 + ae:e3:75:41:90:9d:0b:8a:bf:15:d5:3c:dd:08:31:a7:b5:92: + e2:3e:53:73:a7:20:27:4a:6b:2a:ef:99:a8:15:42:c9:79:4b: + b7:bb:3a:ba:9d:f0:b3:cf:37:34:64:63:7c:0a:f1:91:04:30: + 6b:ca:66:39:d3:a0:26:23:34:28:5b:a9:57:91:0c:fa:cf:84: + 42:79:28:23:21:ba:ff:04:4c:c4:06:1f:9e:a5:1d:37:e9:5c: + 6a:75:84:b7:f9:d3:24:80:91:95:ab:df:1a:cc:7c:a7:7d:ac: + 95:fc:02:77:b2:8e:e2:77:da:96:30:48:84:44:2a:b0:af:5b: + 9d:7d:67:8a:a5:13:3d:4c:ed:df:cb:2a:6b:8a:1a:ad:18:f0: + 1f:50:9e:4d:c3:31:58:31:f2:9b:05:c0:7e:a3:6a:80:28:5c: + 22:78:fd:32:66:6a:9c:31:fc:d2:db:42:43:e8:b8:35:41:36: + 00:8d:26:4b:e9:02:c3:2d:72:c0:4f:8f:4a:cf:5d:7c:5c:ae: + 16:0b:0c:37:a9:34:d8:19:91:cd:3a:af:55:ae:bc:6b:2a:85: + ef:f0:0f:8d:30:b3:90:d7:56:39:47:d6:5a:3d:e3:f3:d1:b9: + 75:74:8b:27:4f:c7:b6:af:ff:e4:6b:af:5c:b6:c4:6f:19:89: + 44:41:f6:41 -----BEGIN CERTIFICATE----- MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,26 +77,26 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAPVnqKi7Oxm3rUggBXLzLD+Fq -JiIlrYwPNMBlI+BrND1tjRvf4VeEkl32zScYSZxYmtislv1E+rnZd9J6Ivdtnj2G -l5WvDMgO33jfPC99P4Xg5AOytjLtfVN6Px+EbDsoYYB+W1DIWagPsxImav0Sj/rV -EgJDhcL0zAINT//MVg+n8n9k6HeN+yFCbCAqmdqlcgwaDergkT1avE6Wt31QDs4c -+X0fmjklMyjlRY8nAmiXjfXwPyGD/7cpCU9GnI2rSUNFj0o7G66x05rYRxybZzrk -WhgpVY3u/e2I5/Q4bPE2EtnQ7ktLF990GOqWZB2EOu04ep+VO8Jbk4BB4cVOGQ== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAruN1QZCdC4q/FdU83Qgxp7WS +4j5Tc6cgJ0prKu+ZqBVCyXlLt7s6up3ws883NGRjfArxkQQwa8pmOdOgJiM0KFup +V5EM+s+EQnkoIyG6/wRMxAYfnqUdN+lcanWEt/nTJICRlavfGsx8p32slfwCd7KO +4nfaljBIhEQqsK9bnX1niqUTPUzt38sqa4oarRjwH1CeTcMxWDHymwXAfqNqgChc +Inj9MmZqnDH80ttCQ+i4NUE2AI0mS+kCwy1ywE+PSs9dfFyuFgsMN6k02BmRzTqv +Va68ayqF7/APjTCzkNdWOUfWWj3j89G5dXSLJ0/Htq//5GuvXLbEbxmJREH2QQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainC-ICA1-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:1a:6c:c1:bd:bb:9b:29:ca:35:3d:63:a3:29: cd:a6:65:c4:9e:a3:c5:50:99:ad:51:90:0a:9a:9b: @@ -123,34 +123,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b2:28:df:aa:26:d1:ba:a6:18:a9:c3:36:29:c1:11:4f:40:e0: - dc:5b:cd:18:3d:f4:b8:b2:79:c7:03:93:71:91:fb:0b:cd:d9: - 07:21:76:f2:48:29:28:c8:18:88:df:79:26:04:69:5e:ba:e8: - d6:b9:4e:38:b2:9b:e9:bf:50:91:f6:cb:6f:e0:a6:36:dc:2a: - 27:6b:ca:62:3f:03:e7:cf:24:98:97:a9:c3:7a:b1:79:b3:db: - 2d:4e:38:3e:6d:d9:1d:66:cc:8e:d1:c9:9e:3e:92:8a:76:6d: - 60:53:e6:c3:27:29:dd:f0:7b:17:a5:eb:66:83:40:6c:2f:8d: - 95:d8:91:b6:08:27:1a:ef:96:10:0d:75:76:86:fa:4a:17:e4: - 10:46:16:38:42:65:8c:5e:2c:4c:c0:3f:c7:9d:29:63:53:0b: - 2e:86:44:4c:79:da:c7:2b:af:1a:92:69:43:cb:85:af:79:98: - fc:01:88:b0:5a:f9:3a:de:f0:bb:7e:fa:37:95:9b:04:5b:eb: - 40:9d:ee:2d:cd:50:48:17:19:28:12:66:c7:d7:77:fa:ba:4c: - c7:d1:f0:d9:2e:f4:63:40:14:87:48:03:32:99:13:ea:d7:7b: - 4b:c9:ef:16:ca:14:14:79:ed:fe:d7:f5:6f:4c:db:4c:95:a6: - 36:3d:02:0f + 11:c4:12:09:e2:a7:bd:3e:94:bf:60:69:43:07:e9:0e:a5:48: + 57:63:ba:aa:62:fb:1b:cb:b3:61:69:45:34:f1:60:b0:7b:4f: + 69:b9:f4:e4:99:99:48:a8:4a:5c:84:21:6f:cc:49:4e:0c:2b: + 52:dc:01:bd:fe:d3:ee:66:b4:d4:3e:2b:d5:56:42:58:b2:06: + 34:24:74:ad:0d:50:3c:d8:fd:89:20:58:ff:f5:58:b0:3b:cc: + 47:2b:1d:82:2c:81:1a:a2:ad:26:be:ae:c2:fb:04:f4:c1:08: + 6a:e2:c3:97:17:23:a6:d3:18:69:cf:7f:b6:b1:39:ba:06:de: + 20:1a:ed:e3:3b:11:11:11:f6:f3:da:f0:4f:29:36:fa:d2:71: + 1b:b5:7a:3e:fa:d4:0e:5f:54:cc:f1:1b:95:b2:a6:06:85:61: + e6:06:dc:02:8a:d1:ad:11:fe:85:8e:04:ac:dd:f1:24:90:72: + 5a:45:d5:6c:69:ef:c0:4f:d6:2f:46:bd:45:bb:51:f9:9d:d2: + fb:c0:53:8e:62:4e:64:17:14:e6:9a:18:6d:a9:33:94:af:2a: + 21:e0:95:84:2d:73:3a:15:87:2f:c8:8c:25:5d:e6:ca:1a:0b: + e2:1f:d8:b0:29:c1:86:d0:72:27:26:40:19:ea:8e:ec:7a:c4: + 83:e8:66:6d -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -160,16 +160,16 @@ T/w3Jk5UedcXOVB5bqMpmQetnVzY4QLnM37k2qQFvGID059qkZJm3SnQlfsvP/BZ uHBbJVR7oAqfMwlk7fvUHC2WVEXjUJj/sX+axs8Jo9rpV60dBY8edXXn0gcz3tp9 QtgOlP6ux5vDtZ7zayGfdMSzMnwoTg+8FTO6nAk8wUAGeLuxID9hFfYeSXNRiZUt lb801sKp0TQdjSFtT6Nu7/wjonb80CVTDkN2O+2C7NgjyzPvPJ2h3uZ6rQIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQCyKN+qJtG6phipwzYpwRFPQODcW80YPfS4snnHA5NxkfsLzdkHIXbySCko -yBiI33kmBGleuujWuU44spvpv1CR9stv4KY23Cona8piPwPnzySYl6nDerF5s9st -Tjg+bdkdZsyO0cmePpKKdm1gU+bDJynd8HsXpetmg0BsL42V2JG2CCca75YQDXV2 -hvpKF+QQRhY4QmWMXixMwD/HnSljUwsuhkRMedrHK68akmlDy4WveZj8AYiwWvk6 -3vC7fvo3lZsEW+tAne4tzVBIFxkoEmbH13f6ukzH0fDZLvRjQBSHSAMymRPq13tL -ye8WyhQUee3+1/VvTNtMlaY2PQIP +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBABHEEgnip70+lL9gaUMH6Q6lSFdjuqpi+xvLs2FpRTTx +YLB7T2m59OSZmUioSlyEIW/MSU4MK1LcAb3+0+5mtNQ+K9VWQliyBjQkdK0NUDzY +/YkgWP/1WLA7zEcrHYIsgRqirSa+rsL7BPTBCGriw5cXI6bTGGnPf7axOboG3iAa +7eM7ERER9vPa8E8pNvrScRu1ej761A5fVMzxG5WypgaFYeYG3AKK0a0R/oWOBKzd +8SSQclpF1Wxp78BP1i9GvUW7Ufmd0vvAU45iTmQXFOaaGG2pM5SvKiHglYQtczoV +hy/IjCVd5soaC+If2LApwYbQcicmQBnqjux6xIPoZm0= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-entity.pem b/certs/test-pathlen/chainC-entity.pem index bb74064ea..42fc36f2d 100644 --- a/certs/test-pathlen/chainC-entity.pem +++ b/certs/test-pathlen/chainC-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainC-ICA1-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainC-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:34:e1:1c:2c:2d:a4:93:b5:c4:fc:65:40:fa: 94:68:74:24:ff:52:a4:df:3e:f1:7c:92:14:f0:f0: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 3d:59:ea:2a:2e:ce:c6:6d:eb:52:08:01:5c:bc:cb:0f:e1:6a: - 26:22:25:ad:8c:0f:34:c0:65:23:e0:6b:34:3d:6d:8d:1b:df: - e1:57:84:92:5d:f6:cd:27:18:49:9c:58:9a:d8:ac:96:fd:44: - fa:b9:d9:77:d2:7a:22:f7:6d:9e:3d:86:97:95:af:0c:c8:0e: - df:78:df:3c:2f:7d:3f:85:e0:e4:03:b2:b6:32:ed:7d:53:7a: - 3f:1f:84:6c:3b:28:61:80:7e:5b:50:c8:59:a8:0f:b3:12:26: - 6a:fd:12:8f:fa:d5:12:02:43:85:c2:f4:cc:02:0d:4f:ff:cc: - 56:0f:a7:f2:7f:64:e8:77:8d:fb:21:42:6c:20:2a:99:da:a5: - 72:0c:1a:0d:ea:e0:91:3d:5a:bc:4e:96:b7:7d:50:0e:ce:1c: - f9:7d:1f:9a:39:25:33:28:e5:45:8f:27:02:68:97:8d:f5:f0: - 3f:21:83:ff:b7:29:09:4f:46:9c:8d:ab:49:43:45:8f:4a:3b: - 1b:ae:b1:d3:9a:d8:47:1c:9b:67:3a:e4:5a:18:29:55:8d:ee: - fd:ed:88:e7:f4:38:6c:f1:36:12:d9:d0:ee:4b:4b:17:df:74: - 18:ea:96:64:1d:84:3a:ed:38:7a:9f:95:3b:c2:5b:93:80:41: - e1:c5:4e:19 + ae:e3:75:41:90:9d:0b:8a:bf:15:d5:3c:dd:08:31:a7:b5:92: + e2:3e:53:73:a7:20:27:4a:6b:2a:ef:99:a8:15:42:c9:79:4b: + b7:bb:3a:ba:9d:f0:b3:cf:37:34:64:63:7c:0a:f1:91:04:30: + 6b:ca:66:39:d3:a0:26:23:34:28:5b:a9:57:91:0c:fa:cf:84: + 42:79:28:23:21:ba:ff:04:4c:c4:06:1f:9e:a5:1d:37:e9:5c: + 6a:75:84:b7:f9:d3:24:80:91:95:ab:df:1a:cc:7c:a7:7d:ac: + 95:fc:02:77:b2:8e:e2:77:da:96:30:48:84:44:2a:b0:af:5b: + 9d:7d:67:8a:a5:13:3d:4c:ed:df:cb:2a:6b:8a:1a:ad:18:f0: + 1f:50:9e:4d:c3:31:58:31:f2:9b:05:c0:7e:a3:6a:80:28:5c: + 22:78:fd:32:66:6a:9c:31:fc:d2:db:42:43:e8:b8:35:41:36: + 00:8d:26:4b:e9:02:c3:2d:72:c0:4f:8f:4a:cf:5d:7c:5c:ae: + 16:0b:0c:37:a9:34:d8:19:91:cd:3a:af:55:ae:bc:6b:2a:85: + ef:f0:0f:8d:30:b3:90:d7:56:39:47:d6:5a:3d:e3:f3:d1:b9: + 75:74:8b:27:4f:c7:b6:af:ff:e4:6b:af:5c:b6:c4:6f:19:89: + 44:41:f6:41 -----BEGIN CERTIFICATE----- MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAPVnqKi7Oxm3rUggBXLzLD+Fq -JiIlrYwPNMBlI+BrND1tjRvf4VeEkl32zScYSZxYmtislv1E+rnZd9J6Ivdtnj2G -l5WvDMgO33jfPC99P4Xg5AOytjLtfVN6Px+EbDsoYYB+W1DIWagPsxImav0Sj/rV -EgJDhcL0zAINT//MVg+n8n9k6HeN+yFCbCAqmdqlcgwaDergkT1avE6Wt31QDs4c -+X0fmjklMyjlRY8nAmiXjfXwPyGD/7cpCU9GnI2rSUNFj0o7G66x05rYRxybZzrk -WhgpVY3u/e2I5/Q4bPE2EtnQ7ktLF990GOqWZB2EOu04ep+VO8Jbk4BB4cVOGQ== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAruN1QZCdC4q/FdU83Qgxp7WS +4j5Tc6cgJ0prKu+ZqBVCyXlLt7s6up3ws883NGRjfArxkQQwa8pmOdOgJiM0KFup +V5EM+s+EQnkoIyG6/wRMxAYfnqUdN+lcanWEt/nTJICRlavfGsx8p32slfwCd7KO +4nfaljBIhEQqsK9bnX1niqUTPUzt38sqa4oarRjwH1CeTcMxWDHymwXAfqNqgChc +Inj9MmZqnDH80ttCQ+i4NUE2AI0mS+kCwy1ywE+PSs9dfFyuFgsMN6k02BmRzTqv +Va68ayqF7/APjTCzkNdWOUfWWj3j89G5dXSLJ0/Htq//5GuvXLbEbxmJREH2QQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/certs/test-pathlen/chainD-ICA1-pathlen127.pem index b55b0cdbc..87677632f 100644 --- a/certs/test-pathlen/chainD-ICA1-pathlen127.pem +++ b/certs/test-pathlen/chainD-ICA1-pathlen127.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainD-ICA1-pathlen127/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d7:81:78:a9:19:99:12:d1:cf:3d:51:54:1d:d3: 14:94:ed:3e:de:ff:e0:23:e4:f7:23:fc:5c:49:24: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 33:03:d0:c5:e2:4c:91:4f:7d:1a:1b:2d:31:a5:48:bf:bc:86: - 6c:f5:0c:28:2f:61:12:80:c8:7e:45:d6:f9:86:7f:c4:e5:f6: - 3f:04:79:e5:33:5d:48:15:94:c6:1e:2e:75:7d:45:2f:33:75: - 54:d1:29:cf:88:6a:37:91:aa:29:41:69:46:ab:ba:e6:6f:81: - 5c:cf:44:59:50:4f:f0:49:d4:8f:b9:a4:9c:8c:7b:49:9f:43: - c9:96:02:fb:c8:1d:f3:13:96:12:b5:e9:17:8f:f4:43:c2:f9: - 25:4c:59:53:12:cc:f0:f5:55:48:99:e9:cc:80:1b:54:e6:ad: - db:fb:60:48:08:8a:79:02:db:d2:33:bd:a7:f3:27:83:75:d5: - 6e:31:d4:a8:67:67:08:30:b8:2f:a1:61:0e:2f:5a:77:bf:2b: - d1:94:9b:9f:f8:af:fb:54:eb:ab:6f:bc:9c:74:5b:e2:c4:ce: - 2b:98:ea:83:3c:75:b4:ce:5a:96:0a:ee:2b:f8:72:d9:04:30: - 95:fe:3d:5d:1b:5f:6f:40:12:de:d2:c2:1b:0e:9c:29:fe:13: - 53:ae:49:25:1c:6d:db:4c:e3:74:0d:f7:6d:7d:0a:a1:80:83: - a5:e9:cc:cb:d4:22:32:03:74:48:b1:5c:b0:aa:07:f3:63:3d: - 97:34:b3:17 + 92:5a:c3:d5:88:88:3f:0d:b5:b6:87:4a:6d:0d:4d:f0:34:ea: + 0c:b9:73:30:b3:5e:83:3e:6c:16:63:13:dc:d1:d4:6a:c3:86: + 42:93:5c:85:55:41:5b:5d:42:8c:65:f4:bf:63:6b:7e:2f:f8: + 66:5e:a3:1b:6c:0c:29:47:f7:fb:d9:74:8c:62:de:7d:13:26: + 81:0a:ea:03:d9:e0:25:6e:40:6d:5e:a1:12:ef:8e:97:f0:97: + 64:2f:84:3d:24:27:bb:25:89:94:51:d8:c6:d4:e3:15:83:5b: + be:4a:a9:61:1a:d1:2f:79:f5:25:3a:a2:e2:d0:92:bf:6f:05: + 09:1d:d5:a8:a8:51:19:70:c4:08:d3:6a:72:08:75:1f:e2:08: + 1e:40:93:93:8c:54:22:ec:a1:2d:37:b3:ab:07:13:88:2b:bf: + 94:be:66:03:ba:e6:2a:69:5d:18:86:c4:4e:06:b5:7a:23:8e: + 82:b8:45:fa:2f:91:b4:04:b5:b8:ef:ad:95:da:9b:70:fe:b5: + 61:cf:9e:ee:51:84:41:35:8a:ef:65:23:a3:8c:30:7f:37:a8: + 0b:5d:94:43:35:0a:2e:1e:19:4e:00:ee:d4:a0:57:ad:5c:25: + 9c:fe:57:75:0e:6b:42:fa:73:5f:92:f0:25:7d:63:cc:1c:59: + 02:96:ba:dd -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -74,16 +74,16 @@ sr1DzFh/HdtLl6WDXIdem3OHyB0rR5JV5Nu+UdXrdsKqWXJ79icvvsDb3Dzy4hnJ sDC7LqKVSAa9jp29jGtexppzS2ywIJZHRNMJa2or+oZfHQunYiJy1VYcqpeMzlej D+a8zWNUVWCHUOv6jOkVcLNcTQ4nYP0HbozsP6AlxQFZo/wtgEuETBC1yKdrseXF wZqw1kswIbpCZeA/Wc9/SUs7z2IG9ImuW4FdFWP7fCmmtc/ztbVmBk+j2mc5AgMB -AAGjggENMIIBCTAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgckGA1Ud -IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AAGjggEYMIIBFDAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgdQGA1Ud +IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/ -rBgKN00wDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL -BQADggEBADMD0MXiTJFPfRobLTGlSL+8hmz1DCgvYRKAyH5F1vmGf8Tl9j8EeeUz -XUgVlMYeLnV9RS8zdVTRKc+IajeRqilBaUaruuZvgVzPRFlQT/BJ1I+5pJyMe0mf -Q8mWAvvIHfMTlhK16ReP9EPC+SVMWVMSzPD1VUiZ6cyAG1Tmrdv7YEgIinkC29Iz -vafzJ4N11W4x1KhnZwgwuC+hYQ4vWne/K9GUm5/4r/tU66tvvJx0W+LEziuY6oM8 -dbTOWpYK7iv4ctkEMJX+PV0bX29AEt7SwhsOnCn+E1OuSSUcbdtM43QN9219CqGA -g6XpzMvUIjIDdEixXLCqB/NjPZc0sxc= +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCI +ugdCjaqvT77CGkjw0UDmQjAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN +BgkqhkiG9w0BAQsFAAOCAQEAklrD1YiIPw21todKbQ1N8DTqDLlzMLNegz5sFmMT +3NHUasOGQpNchVVBW11CjGX0v2Nrfi/4Zl6jG2wMKUf3+9l0jGLefRMmgQrqA9ng +JW5AbV6hEu+Ol/CXZC+EPSQnuyWJlFHYxtTjFYNbvkqpYRrRL3n1JTqi4tCSv28F +CR3VqKhRGXDECNNqcgh1H+IIHkCTk4xUIuyhLTezqwcTiCu/lL5mA7rmKmldGIbE +Tga1eiOOgrhF+i+RtAS1uO+tldqbcP61Yc+e7lGEQTWK72Ujo4wwfzeoC12UQzUK +Lh4ZTgDu1KBXrVwlnP5XdQ5rQvpzX5LwJX1jzBxZApa63Q== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-assembled.pem b/certs/test-pathlen/chainD-assembled.pem index 72fb7c792..a797f2d84 100644 --- a/certs/test-pathlen/chainD-assembled.pem +++ b/certs/test-pathlen/chainD-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainD-ICA1-pathlen127/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainD-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e2:5d:f4:bd:06:b6:a1:21:3a:2d:7f:cc:f2:5a: 15:36:28:0a:f2:bb:16:b5:ec:f9:e7:5b:92:ec:17: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 5e:12:77:cf:93:0c:dd:b4:11:e3:d6:70:70:af:d7:50:01:ea: - 9f:39:4c:7c:06:67:44:dd:1a:25:ee:46:ff:21:8e:7d:3c:24: - 52:42:91:57:eb:5b:63:26:85:30:67:18:22:42:19:cc:e0:1c: - f1:71:22:da:2f:b4:5e:6f:ed:e1:30:5c:db:e9:07:a7:d6:36: - 94:52:ce:e5:05:a3:9e:d4:b2:2b:be:d3:fc:56:e3:7c:d2:06: - 61:0a:61:91:59:44:24:85:e8:3d:0d:e1:09:7e:4f:91:87:2c: - 26:85:2e:5d:c3:b1:53:96:91:40:64:16:82:7e:b8:4f:c1:60: - 0d:86:5d:99:eb:49:be:9d:63:16:ff:3e:08:4e:fa:c6:18:8f: - 0b:79:92:24:89:bb:74:23:65:53:64:da:d6:d9:f7:06:7b:8d: - d7:50:ba:16:03:04:b2:eb:6e:7b:18:c6:00:7a:38:b4:bf:77: - c8:27:bc:c9:ab:a4:9c:96:df:f8:90:4f:7f:cd:06:5b:97:41: - 48:cd:9f:66:05:a5:3e:56:44:6d:e1:89:0d:d3:e4:31:22:35: - 2c:7b:8a:ca:49:22:c2:bc:68:43:fc:db:31:fe:cd:cf:be:8c: - fa:cc:12:59:82:94:9d:96:7a:fb:e9:55:1b:e5:c4:3d:86:43: - 82:10:2c:ba + 2d:bb:9e:a1:9a:9a:f9:33:11:a7:2e:07:e1:b1:68:a0:7e:ac: + 38:a5:d3:1a:03:61:36:67:88:66:81:5d:6a:72:52:26:7a:0c: + 79:48:53:f1:78:59:6f:d8:53:5e:cd:3b:14:d2:86:18:2e:41: + 56:b7:5e:3b:3f:6a:e1:e1:15:d8:de:e4:eb:5b:54:79:a6:47: + f0:c8:3f:b6:30:a4:ee:83:39:20:bc:7c:a0:af:06:95:a2:03: + cb:63:f3:3d:1f:43:b0:8d:64:75:17:d2:a7:0d:be:4e:5e:35: + 59:a0:9e:64:88:92:21:eb:4c:62:ea:49:9c:a6:9d:30:4e:9d: + 55:5a:4f:d2:e0:79:3c:57:80:41:66:d6:b8:58:72:03:65:4b: + f7:f8:3e:45:d0:e4:b6:40:33:66:b2:2b:54:87:33:dc:6f:43: + 80:cb:b9:0c:7f:8d:26:92:6b:86:18:d2:14:20:61:a4:a8:05: + bc:73:7f:e2:1d:54:b8:54:c9:67:7f:7d:26:5f:4d:3c:bb:d3: + 58:f4:60:5b:ef:c8:6f:ad:57:d2:a1:64:01:80:b8:3e:90:0a: + 1d:4f:33:aa:33:3a:8d:9b:8a:62:91:98:e4:c9:88:0a:ff:e4: + 69:fa:62:ae:f8:ec:c7:de:53:59:c9:25:e2:69:82:3b:0e:6e: + 1c:12:15:a3 -----BEGIN CERTIFICATE----- MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,26 +77,26 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBeEnfPkwzdtBHj1nBwr9dQ -AeqfOUx8BmdE3Rol7kb/IY59PCRSQpFX61tjJoUwZxgiQhnM4BzxcSLaL7Reb+3h -MFzb6Qen1jaUUs7lBaOe1LIrvtP8VuN80gZhCmGRWUQkheg9DeEJfk+RhywmhS5d -w7FTlpFAZBaCfrhPwWANhl2Z60m+nWMW/z4ITvrGGI8LeZIkibt0I2VTZNrW2fcG -e43XULoWAwSy6257GMYAeji0v3fIJ7zJq6Sclt/4kE9/zQZbl0FIzZ9mBaU+VkRt -4YkN0+QxIjUse4rKSSLCvGhD/Nsx/s3Pvoz6zBJZgpSdlnr76VUb5cQ9hkOCECy6 +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAtu56hmpr5MxGnLgfhsWig +fqw4pdMaA2E2Z4hmgV1qclImegx5SFPxeFlv2FNezTsU0oYYLkFWt147P2rh4RXY +3uTrW1R5pkfwyD+2MKTugzkgvHygrwaVogPLY/M9H0OwjWR1F9KnDb5OXjVZoJ5k +iJIh60xi6kmcpp0wTp1VWk/S4Hk8V4BBZta4WHIDZUv3+D5F0OS2QDNmsitUhzPc +b0OAy7kMf40mkmuGGNIUIGGkqAW8c3/iHVS4VMlnf30mX008u9NY9GBb78hvrVfS +oWQBgLg+kAodTzOqMzqNm4pikZjkyYgK/+Rp+mKu+OzH3lNZySXiaYI7Dm4cEhWj -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainD-ICA1-pathlen127/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d7:81:78:a9:19:99:12:d1:cf:3d:51:54:1d:d3: 14:94:ed:3e:de:ff:e0:23:e4:f7:23:fc:5c:49:24: @@ -123,34 +123,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 33:03:d0:c5:e2:4c:91:4f:7d:1a:1b:2d:31:a5:48:bf:bc:86: - 6c:f5:0c:28:2f:61:12:80:c8:7e:45:d6:f9:86:7f:c4:e5:f6: - 3f:04:79:e5:33:5d:48:15:94:c6:1e:2e:75:7d:45:2f:33:75: - 54:d1:29:cf:88:6a:37:91:aa:29:41:69:46:ab:ba:e6:6f:81: - 5c:cf:44:59:50:4f:f0:49:d4:8f:b9:a4:9c:8c:7b:49:9f:43: - c9:96:02:fb:c8:1d:f3:13:96:12:b5:e9:17:8f:f4:43:c2:f9: - 25:4c:59:53:12:cc:f0:f5:55:48:99:e9:cc:80:1b:54:e6:ad: - db:fb:60:48:08:8a:79:02:db:d2:33:bd:a7:f3:27:83:75:d5: - 6e:31:d4:a8:67:67:08:30:b8:2f:a1:61:0e:2f:5a:77:bf:2b: - d1:94:9b:9f:f8:af:fb:54:eb:ab:6f:bc:9c:74:5b:e2:c4:ce: - 2b:98:ea:83:3c:75:b4:ce:5a:96:0a:ee:2b:f8:72:d9:04:30: - 95:fe:3d:5d:1b:5f:6f:40:12:de:d2:c2:1b:0e:9c:29:fe:13: - 53:ae:49:25:1c:6d:db:4c:e3:74:0d:f7:6d:7d:0a:a1:80:83: - a5:e9:cc:cb:d4:22:32:03:74:48:b1:5c:b0:aa:07:f3:63:3d: - 97:34:b3:17 + 92:5a:c3:d5:88:88:3f:0d:b5:b6:87:4a:6d:0d:4d:f0:34:ea: + 0c:b9:73:30:b3:5e:83:3e:6c:16:63:13:dc:d1:d4:6a:c3:86: + 42:93:5c:85:55:41:5b:5d:42:8c:65:f4:bf:63:6b:7e:2f:f8: + 66:5e:a3:1b:6c:0c:29:47:f7:fb:d9:74:8c:62:de:7d:13:26: + 81:0a:ea:03:d9:e0:25:6e:40:6d:5e:a1:12:ef:8e:97:f0:97: + 64:2f:84:3d:24:27:bb:25:89:94:51:d8:c6:d4:e3:15:83:5b: + be:4a:a9:61:1a:d1:2f:79:f5:25:3a:a2:e2:d0:92:bf:6f:05: + 09:1d:d5:a8:a8:51:19:70:c4:08:d3:6a:72:08:75:1f:e2:08: + 1e:40:93:93:8c:54:22:ec:a1:2d:37:b3:ab:07:13:88:2b:bf: + 94:be:66:03:ba:e6:2a:69:5d:18:86:c4:4e:06:b5:7a:23:8e: + 82:b8:45:fa:2f:91:b4:04:b5:b8:ef:ad:95:da:9b:70:fe:b5: + 61:cf:9e:ee:51:84:41:35:8a:ef:65:23:a3:8c:30:7f:37:a8: + 0b:5d:94:43:35:0a:2e:1e:19:4e:00:ee:d4:a0:57:ad:5c:25: + 9c:fe:57:75:0e:6b:42:fa:73:5f:92:f0:25:7d:63:cc:1c:59: + 02:96:ba:dd -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -160,16 +160,16 @@ sr1DzFh/HdtLl6WDXIdem3OHyB0rR5JV5Nu+UdXrdsKqWXJ79icvvsDb3Dzy4hnJ sDC7LqKVSAa9jp29jGtexppzS2ywIJZHRNMJa2or+oZfHQunYiJy1VYcqpeMzlej D+a8zWNUVWCHUOv6jOkVcLNcTQ4nYP0HbozsP6AlxQFZo/wtgEuETBC1yKdrseXF wZqw1kswIbpCZeA/Wc9/SUs7z2IG9ImuW4FdFWP7fCmmtc/ztbVmBk+j2mc5AgMB -AAGjggENMIIBCTAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgckGA1Ud -IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AAGjggEYMIIBFDAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgdQGA1Ud +IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/ -rBgKN00wDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL -BQADggEBADMD0MXiTJFPfRobLTGlSL+8hmz1DCgvYRKAyH5F1vmGf8Tl9j8EeeUz -XUgVlMYeLnV9RS8zdVTRKc+IajeRqilBaUaruuZvgVzPRFlQT/BJ1I+5pJyMe0mf -Q8mWAvvIHfMTlhK16ReP9EPC+SVMWVMSzPD1VUiZ6cyAG1Tmrdv7YEgIinkC29Iz -vafzJ4N11W4x1KhnZwgwuC+hYQ4vWne/K9GUm5/4r/tU66tvvJx0W+LEziuY6oM8 -dbTOWpYK7iv4ctkEMJX+PV0bX29AEt7SwhsOnCn+E1OuSSUcbdtM43QN9219CqGA -g6XpzMvUIjIDdEixXLCqB/NjPZc0sxc= +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCI +ugdCjaqvT77CGkjw0UDmQjAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN +BgkqhkiG9w0BAQsFAAOCAQEAklrD1YiIPw21todKbQ1N8DTqDLlzMLNegz5sFmMT +3NHUasOGQpNchVVBW11CjGX0v2Nrfi/4Zl6jG2wMKUf3+9l0jGLefRMmgQrqA9ng +JW5AbV6hEu+Ol/CXZC+EPSQnuyWJlFHYxtTjFYNbvkqpYRrRL3n1JTqi4tCSv28F +CR3VqKhRGXDECNNqcgh1H+IIHkCTk4xUIuyhLTezqwcTiCu/lL5mA7rmKmldGIbE +Tga1eiOOgrhF+i+RtAS1uO+tldqbcP61Yc+e7lGEQTWK72Ujo4wwfzeoC12UQzUK +Lh4ZTgDu1KBXrVwlnP5XdQ5rQvpzX5LwJX1jzBxZApa63Q== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-entity.pem b/certs/test-pathlen/chainD-entity.pem index 97f04041b..9f2ae0678 100644 --- a/certs/test-pathlen/chainD-entity.pem +++ b/certs/test-pathlen/chainD-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainD-ICA1-pathlen127/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainD-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e2:5d:f4:bd:06:b6:a1:21:3a:2d:7f:cc:f2:5a: 15:36:28:0a:f2:bb:16:b5:ec:f9:e7:5b:92:ec:17: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 5e:12:77:cf:93:0c:dd:b4:11:e3:d6:70:70:af:d7:50:01:ea: - 9f:39:4c:7c:06:67:44:dd:1a:25:ee:46:ff:21:8e:7d:3c:24: - 52:42:91:57:eb:5b:63:26:85:30:67:18:22:42:19:cc:e0:1c: - f1:71:22:da:2f:b4:5e:6f:ed:e1:30:5c:db:e9:07:a7:d6:36: - 94:52:ce:e5:05:a3:9e:d4:b2:2b:be:d3:fc:56:e3:7c:d2:06: - 61:0a:61:91:59:44:24:85:e8:3d:0d:e1:09:7e:4f:91:87:2c: - 26:85:2e:5d:c3:b1:53:96:91:40:64:16:82:7e:b8:4f:c1:60: - 0d:86:5d:99:eb:49:be:9d:63:16:ff:3e:08:4e:fa:c6:18:8f: - 0b:79:92:24:89:bb:74:23:65:53:64:da:d6:d9:f7:06:7b:8d: - d7:50:ba:16:03:04:b2:eb:6e:7b:18:c6:00:7a:38:b4:bf:77: - c8:27:bc:c9:ab:a4:9c:96:df:f8:90:4f:7f:cd:06:5b:97:41: - 48:cd:9f:66:05:a5:3e:56:44:6d:e1:89:0d:d3:e4:31:22:35: - 2c:7b:8a:ca:49:22:c2:bc:68:43:fc:db:31:fe:cd:cf:be:8c: - fa:cc:12:59:82:94:9d:96:7a:fb:e9:55:1b:e5:c4:3d:86:43: - 82:10:2c:ba + 2d:bb:9e:a1:9a:9a:f9:33:11:a7:2e:07:e1:b1:68:a0:7e:ac: + 38:a5:d3:1a:03:61:36:67:88:66:81:5d:6a:72:52:26:7a:0c: + 79:48:53:f1:78:59:6f:d8:53:5e:cd:3b:14:d2:86:18:2e:41: + 56:b7:5e:3b:3f:6a:e1:e1:15:d8:de:e4:eb:5b:54:79:a6:47: + f0:c8:3f:b6:30:a4:ee:83:39:20:bc:7c:a0:af:06:95:a2:03: + cb:63:f3:3d:1f:43:b0:8d:64:75:17:d2:a7:0d:be:4e:5e:35: + 59:a0:9e:64:88:92:21:eb:4c:62:ea:49:9c:a6:9d:30:4e:9d: + 55:5a:4f:d2:e0:79:3c:57:80:41:66:d6:b8:58:72:03:65:4b: + f7:f8:3e:45:d0:e4:b6:40:33:66:b2:2b:54:87:33:dc:6f:43: + 80:cb:b9:0c:7f:8d:26:92:6b:86:18:d2:14:20:61:a4:a8:05: + bc:73:7f:e2:1d:54:b8:54:c9:67:7f:7d:26:5f:4d:3c:bb:d3: + 58:f4:60:5b:ef:c8:6f:ad:57:d2:a1:64:01:80:b8:3e:90:0a: + 1d:4f:33:aa:33:3a:8d:9b:8a:62:91:98:e4:c9:88:0a:ff:e4: + 69:fa:62:ae:f8:ec:c7:de:53:59:c9:25:e2:69:82:3b:0e:6e: + 1c:12:15:a3 -----BEGIN CERTIFICATE----- MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBeEnfPkwzdtBHj1nBwr9dQ -AeqfOUx8BmdE3Rol7kb/IY59PCRSQpFX61tjJoUwZxgiQhnM4BzxcSLaL7Reb+3h -MFzb6Qen1jaUUs7lBaOe1LIrvtP8VuN80gZhCmGRWUQkheg9DeEJfk+RhywmhS5d -w7FTlpFAZBaCfrhPwWANhl2Z60m+nWMW/z4ITvrGGI8LeZIkibt0I2VTZNrW2fcG -e43XULoWAwSy6257GMYAeji0v3fIJ7zJq6Sclt/4kE9/zQZbl0FIzZ9mBaU+VkRt -4YkN0+QxIjUse4rKSSLCvGhD/Nsx/s3Pvoz6zBJZgpSdlnr76VUb5cQ9hkOCECy6 +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAtu56hmpr5MxGnLgfhsWig +fqw4pdMaA2E2Z4hmgV1qclImegx5SFPxeFlv2FNezTsU0oYYLkFWt147P2rh4RXY +3uTrW1R5pkfwyD+2MKTugzkgvHygrwaVogPLY/M9H0OwjWR1F9KnDb5OXjVZoJ5k +iJIh60xi6kmcpp0wTp1VWk/S4Hk8V4BBZta4WHIDZUv3+D5F0OS2QDNmsitUhzPc +b0OAy7kMf40mkmuGGNIUIGGkqAW8c3/iHVS4VMlnf30mX008u9NY9GBb78hvrVfS +oWQBgLg+kAodTzOqMzqNm4pikZjkyYgK/+Rp+mKu+OzH3lNZySXiaYI7Dm4cEhWj -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/certs/test-pathlen/chainE-ICA1-pathlen128.pem index cc7b89606..62567cac7 100644 --- a/certs/test-pathlen/chainE-ICA1-pathlen128.pem +++ b/certs/test-pathlen/chainE-ICA1-pathlen128.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainE-ICA1-pathlen128/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d6:f3:6f:b8:db:10:df:89:df:3b:d9:2e:7a:c1: 34:1a:56:97:6c:73:04:fc:15:50:04:93:66:cb:17: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b7:fd:94:b5:b8:71:1f:16:21:7c:b0:82:d3:9f:b4:e3:00:97: - 42:df:2a:fd:80:ea:2b:9c:30:7c:4c:fd:91:25:4a:e5:0e:fc: - 4a:c9:dd:65:0e:8e:9c:bb:6c:c1:1d:78:9f:0d:af:8a:80:79: - 29:64:3a:d8:76:a1:f2:6d:8a:ed:e8:d7:50:ab:6b:26:da:e1: - 62:6f:67:17:85:70:0f:d0:16:57:19:71:90:8f:49:de:43:af: - aa:60:61:b5:46:62:0d:92:bb:56:d6:38:b9:1a:77:fc:02:73: - 2f:75:2c:70:40:f0:82:ca:5b:80:aa:b5:72:c8:24:45:91:a2: - 2d:50:f2:b2:2a:33:8d:8b:28:d7:f7:ad:cc:19:d8:e6:0d:81: - d6:ce:6e:74:70:49:6e:d6:b9:d8:86:c1:dc:d8:15:68:9c:7d: - 6b:06:71:3f:64:da:34:9e:88:30:fb:ab:88:32:92:57:4c:17: - 3c:07:46:f0:b3:a7:3f:d1:77:49:5a:6e:49:a9:39:93:c5:a8: - 1e:5b:5c:99:24:96:fe:79:ac:46:f1:c0:60:eb:61:30:df:04: - a2:0e:7e:8d:39:15:20:b2:05:e5:3d:17:ab:65:dc:be:3c:68: - ef:a6:3b:c5:23:03:8a:12:2b:11:4d:03:28:87:f5:49:fe:72: - 2d:41:bc:c3 + 39:35:81:fd:34:59:cf:56:ba:78:6f:a5:c1:8d:84:43:33:93: + e9:c0:49:db:51:b5:f6:e3:5a:c8:6e:20:51:cf:46:80:a4:c7: + 47:0f:f2:e9:34:d4:9b:96:f9:2a:aa:e9:cf:e4:f6:b9:9b:a7: + bb:ec:45:3a:33:e0:8a:c0:5a:bd:8d:f9:f0:b2:39:5a:08:b0: + 98:47:96:bf:c6:9c:14:22:c5:6c:71:59:95:ef:5e:86:46:8c: + 46:37:aa:68:b5:3a:8f:57:48:bb:24:30:00:9e:d5:47:95:bf: + ea:0b:e1:76:c6:6d:89:a2:c0:25:0f:60:bd:ee:59:22:1b:77: + 9a:7f:b9:9f:3e:1c:13:80:92:49:40:ee:5e:1a:79:0f:b4:1c: + fe:00:84:67:d4:f1:c9:0d:88:cf:1f:20:10:bd:79:f7:8c:ee: + 96:48:ab:aa:3e:7d:e4:a1:40:10:37:6d:d7:f8:c6:31:32:7e: + 3d:6a:3d:9b:1a:bf:e8:8f:73:bd:d9:2b:d6:9a:37:aa:57:c8: + 5c:63:9f:82:cb:c6:53:58:21:34:43:87:77:ec:50:99:61:a3: + d3:81:1a:3e:01:ee:f5:e6:ff:6b:97:fc:ce:74:a4:c5:6d:b5: + f5:4f:ea:06:da:da:4d:e1:fd:52:af:7a:43:32:b5:b8:c2:73: + 59:c3:66:f2 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzzCCA7egAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -74,16 +74,16 @@ F/1WuDrPz+33kGpzbAaZ7w6PZdzQ6Nt7wehNbWGezFog3oY6WIH6sdRfPHRDRWE2 LP6kNa7iOcf93bOD1hfc9Zk/Zw7BYNFpjTz5YumDrmYQqkCRYwsq5cGoH46KmxGf v6ZF+xZw7WwbFJiAaQTDvRMi59kzSJ2KbA+cOQgpkoN7c6PahtZKAA+nwnu/rA8q YpZbO++f4Qi7RLrEmU+guV5Ny3Nz/u6CaU+vx1laNoFExuNQO7+NFO9+lu/BAgMB -AAGjggEOMIIBCjAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgckGA1Ud -IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AAGjggEZMIIBFTAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgdQGA1Ud +IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/ -rBgKN00wEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQC3/ZS1uHEfFiF8sILTn7TjAJdC3yr9gOornDB8TP2RJUrlDvxKyd1l -Do6cu2zBHXifDa+KgHkpZDrYdqHybYrt6NdQq2sm2uFib2cXhXAP0BZXGXGQj0ne -Q6+qYGG1RmINkrtW1ji5Gnf8AnMvdSxwQPCCyluAqrVyyCRFkaItUPKyKjONiyjX -963MGdjmDYHWzm50cElu1rnYhsHc2BVonH1rBnE/ZNo0nogw+6uIMpJXTBc8B0bw -s6c/0XdJWm5JqTmTxageW1yZJJb+eaxG8cBg62Ew3wSiDn6NORUgsgXlPRerZdy+ -PGjvpjvFIwOKEisRTQMoh/VJ/nItQbzD +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCI +ugdCjaqvT77CGkjw0UDmQjAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw +DQYJKoZIhvcNAQELBQADggEBADk1gf00Wc9WunhvpcGNhEMzk+nASdtRtfbjWshu +IFHPRoCkx0cP8uk01JuW+Sqq6c/k9rmbp7vsRToz4IrAWr2N+fCyOVoIsJhHlr/G +nBQixWxxWZXvXoZGjEY3qmi1Oo9XSLskMACe1UeVv+oL4XbGbYmiwCUPYL3uWSIb +d5p/uZ8+HBOAkklA7l4aeQ+0HP4AhGfU8ckNiM8fIBC9efeM7pZIq6o+feShQBA3 +bdf4xjEyfj1qPZsav+iPc73ZK9aaN6pXyFxjn4LLxlNYITRDh3fsUJlho9OBGj4B +7vXm/2uX/M50pMVttfVP6gba2k3h/VKvekMytbjCc1nDZvI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-assembled.pem b/certs/test-pathlen/chainE-assembled.pem index f44749c5f..dffe69020 100644 --- a/certs/test-pathlen/chainE-assembled.pem +++ b/certs/test-pathlen/chainE-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainE-ICA1-pathlen128/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainE-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d8:6f:49:bb:56:ea:34:4c:25:a6:8c:44:f6:c9: 75:8f:6b:83:b8:8b:ec:c6:f6:d3:c7:40:e2:d1:b2: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 2d:35:05:3b:41:51:cb:b0:57:33:0a:09:f2:46:12:13:cc:9b: - e8:31:70:5c:86:0d:ea:63:be:9d:db:9b:fb:d5:f1:a2:fe:d1: - 8c:3f:04:28:69:25:bd:c2:a4:19:16:f4:aa:0f:43:dc:b0:51: - 8c:4e:5e:a0:a9:6e:56:67:be:4d:eb:18:de:37:99:51:fc:20: - e4:38:cc:c6:c3:cb:1e:fa:97:8c:96:e3:62:85:e7:77:48:4f: - 1d:3f:ba:c0:ba:4c:40:6f:d1:2c:3f:0d:ce:03:f7:12:64:07: - 1f:51:b9:d6:88:5b:bc:b0:59:16:94:54:cb:cb:c2:33:98:15: - c8:80:00:27:25:d3:f8:aa:97:c1:0e:6c:8c:4c:86:0e:5f:66: - 73:a6:1d:83:db:66:87:55:f5:3f:66:c0:66:bb:de:3e:f2:64: - 98:ab:ea:be:56:9b:b3:64:bb:10:60:75:05:9b:34:62:02:45: - f3:eb:2b:76:2f:4a:fc:c3:bc:b0:fe:2e:40:9b:ed:44:35:07: - 31:da:fa:7c:48:85:a3:8c:83:e2:d6:9a:54:95:a1:19:51:1e: - ce:4d:a7:fc:1b:56:c0:3b:a3:36:d0:83:2d:f4:fb:4c:d1:3e: - 59:fa:47:44:a0:16:93:02:b1:0a:38:b0:8b:12:3d:87:ab:34: - 1f:2e:5d:ea + ca:df:49:e3:ff:ab:df:ff:1a:f7:32:01:38:cb:c6:be:7b:69: + ce:90:91:20:0f:9f:53:60:1f:c8:92:c1:8a:65:a9:13:ee:c9: + 42:dc:c4:cd:83:3b:9c:43:85:52:88:64:aa:fb:67:dc:a9:e8: + 27:f9:b5:11:f8:c8:56:02:ef:04:08:32:70:5d:de:e7:10:16: + 0f:ea:d4:4c:63:97:c4:d5:d2:a0:27:fb:68:3c:34:e6:36:d5: + bb:d7:f3:bb:fd:cb:8b:6f:cb:8c:f2:95:b6:c4:bc:d5:b2:00: + 89:37:d6:67:84:1c:cc:59:2b:c1:25:04:b2:b6:00:17:ab:de: + cc:88:29:19:da:8f:f1:e9:c9:54:51:ba:37:82:00:ff:98:fa: + 16:89:31:0d:06:e9:e1:d7:04:f2:b3:b8:ae:25:6b:01:42:91: + 32:13:b8:48:ab:58:2a:07:9a:f2:fe:c8:57:d5:48:00:db:96: + 19:b9:ac:b5:db:27:80:b6:bd:22:53:42:27:a8:19:31:d2:c1: + 8e:78:73:4c:83:d7:a0:19:cb:ee:8c:67:0f:0f:63:03:ed:bc: + 1b:e9:9c:3e:ed:56:df:b3:d7:da:c1:ce:f7:e0:b2:af:43:da: + 26:0a:e9:02:25:d2:6a:3b:40:bf:29:9e:8e:51:33:c2:73:fa: + d6:ee:21:a6 -----BEGIN CERTIFICATE----- MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,26 +77,26 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAtNQU7QVHLsFczCgnyRhIT -zJvoMXBchg3qY76d25v71fGi/tGMPwQoaSW9wqQZFvSqD0PcsFGMTl6gqW5WZ75N -6xjeN5lR/CDkOMzGw8se+peMluNihed3SE8dP7rAukxAb9EsPw3OA/cSZAcfUbnW -iFu8sFkWlFTLy8IzmBXIgAAnJdP4qpfBDmyMTIYOX2Zzph2D22aHVfU/ZsBmu94+ -8mSYq+q+VpuzZLsQYHUFmzRiAkXz6yt2L0r8w7yw/i5Am+1ENQcx2vp8SIWjjIPi -1ppUlaEZUR7OTaf8G1bAO6M20IMt9PtM0T5Z+kdEoBaTArEKOLCLEj2HqzQfLl3q +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQDK30nj/6vf/xr3MgE4y8a+ +e2nOkJEgD59TYB/IksGKZakT7slC3MTNgzucQ4VSiGSq+2fcqegn+bUR+MhWAu8E +CDJwXd7nEBYP6tRMY5fE1dKgJ/toPDTmNtW71/O7/cuLb8uM8pW2xLzVsgCJN9Zn +hBzMWSvBJQSytgAXq97MiCkZ2o/x6clUUbo3ggD/mPoWiTENBunh1wTys7iuJWsB +QpEyE7hIq1gqB5ry/shX1UgA25YZuay12yeAtr0iU0InqBkx0sGOeHNMg9egGcvu +jGcPD2MD7bwb6Zw+7Vbfs9fawc734LKvQ9omCukCJdJqO0C/KZ6OUTPCc/rW7iGm -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainE-ICA1-pathlen128/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d6:f3:6f:b8:db:10:df:89:df:3b:d9:2e:7a:c1: 34:1a:56:97:6c:73:04:fc:15:50:04:93:66:cb:17: @@ -123,34 +123,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b7:fd:94:b5:b8:71:1f:16:21:7c:b0:82:d3:9f:b4:e3:00:97: - 42:df:2a:fd:80:ea:2b:9c:30:7c:4c:fd:91:25:4a:e5:0e:fc: - 4a:c9:dd:65:0e:8e:9c:bb:6c:c1:1d:78:9f:0d:af:8a:80:79: - 29:64:3a:d8:76:a1:f2:6d:8a:ed:e8:d7:50:ab:6b:26:da:e1: - 62:6f:67:17:85:70:0f:d0:16:57:19:71:90:8f:49:de:43:af: - aa:60:61:b5:46:62:0d:92:bb:56:d6:38:b9:1a:77:fc:02:73: - 2f:75:2c:70:40:f0:82:ca:5b:80:aa:b5:72:c8:24:45:91:a2: - 2d:50:f2:b2:2a:33:8d:8b:28:d7:f7:ad:cc:19:d8:e6:0d:81: - d6:ce:6e:74:70:49:6e:d6:b9:d8:86:c1:dc:d8:15:68:9c:7d: - 6b:06:71:3f:64:da:34:9e:88:30:fb:ab:88:32:92:57:4c:17: - 3c:07:46:f0:b3:a7:3f:d1:77:49:5a:6e:49:a9:39:93:c5:a8: - 1e:5b:5c:99:24:96:fe:79:ac:46:f1:c0:60:eb:61:30:df:04: - a2:0e:7e:8d:39:15:20:b2:05:e5:3d:17:ab:65:dc:be:3c:68: - ef:a6:3b:c5:23:03:8a:12:2b:11:4d:03:28:87:f5:49:fe:72: - 2d:41:bc:c3 + 39:35:81:fd:34:59:cf:56:ba:78:6f:a5:c1:8d:84:43:33:93: + e9:c0:49:db:51:b5:f6:e3:5a:c8:6e:20:51:cf:46:80:a4:c7: + 47:0f:f2:e9:34:d4:9b:96:f9:2a:aa:e9:cf:e4:f6:b9:9b:a7: + bb:ec:45:3a:33:e0:8a:c0:5a:bd:8d:f9:f0:b2:39:5a:08:b0: + 98:47:96:bf:c6:9c:14:22:c5:6c:71:59:95:ef:5e:86:46:8c: + 46:37:aa:68:b5:3a:8f:57:48:bb:24:30:00:9e:d5:47:95:bf: + ea:0b:e1:76:c6:6d:89:a2:c0:25:0f:60:bd:ee:59:22:1b:77: + 9a:7f:b9:9f:3e:1c:13:80:92:49:40:ee:5e:1a:79:0f:b4:1c: + fe:00:84:67:d4:f1:c9:0d:88:cf:1f:20:10:bd:79:f7:8c:ee: + 96:48:ab:aa:3e:7d:e4:a1:40:10:37:6d:d7:f8:c6:31:32:7e: + 3d:6a:3d:9b:1a:bf:e8:8f:73:bd:d9:2b:d6:9a:37:aa:57:c8: + 5c:63:9f:82:cb:c6:53:58:21:34:43:87:77:ec:50:99:61:a3: + d3:81:1a:3e:01:ee:f5:e6:ff:6b:97:fc:ce:74:a4:c5:6d:b5: + f5:4f:ea:06:da:da:4d:e1:fd:52:af:7a:43:32:b5:b8:c2:73: + 59:c3:66:f2 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzzCCA7egAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -160,16 +160,16 @@ F/1WuDrPz+33kGpzbAaZ7w6PZdzQ6Nt7wehNbWGezFog3oY6WIH6sdRfPHRDRWE2 LP6kNa7iOcf93bOD1hfc9Zk/Zw7BYNFpjTz5YumDrmYQqkCRYwsq5cGoH46KmxGf v6ZF+xZw7WwbFJiAaQTDvRMi59kzSJ2KbA+cOQgpkoN7c6PahtZKAA+nwnu/rA8q YpZbO++f4Qi7RLrEmU+guV5Ny3Nz/u6CaU+vx1laNoFExuNQO7+NFO9+lu/BAgMB -AAGjggEOMIIBCjAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgckGA1Ud -IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AAGjggEZMIIBFTAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgdQGA1Ud +IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/ -rBgKN00wEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQC3/ZS1uHEfFiF8sILTn7TjAJdC3yr9gOornDB8TP2RJUrlDvxKyd1l -Do6cu2zBHXifDa+KgHkpZDrYdqHybYrt6NdQq2sm2uFib2cXhXAP0BZXGXGQj0ne -Q6+qYGG1RmINkrtW1ji5Gnf8AnMvdSxwQPCCyluAqrVyyCRFkaItUPKyKjONiyjX -963MGdjmDYHWzm50cElu1rnYhsHc2BVonH1rBnE/ZNo0nogw+6uIMpJXTBc8B0bw -s6c/0XdJWm5JqTmTxageW1yZJJb+eaxG8cBg62Ew3wSiDn6NORUgsgXlPRerZdy+ -PGjvpjvFIwOKEisRTQMoh/VJ/nItQbzD +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCI +ugdCjaqvT77CGkjw0UDmQjAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw +DQYJKoZIhvcNAQELBQADggEBADk1gf00Wc9WunhvpcGNhEMzk+nASdtRtfbjWshu +IFHPRoCkx0cP8uk01JuW+Sqq6c/k9rmbp7vsRToz4IrAWr2N+fCyOVoIsJhHlr/G +nBQixWxxWZXvXoZGjEY3qmi1Oo9XSLskMACe1UeVv+oL4XbGbYmiwCUPYL3uWSIb +d5p/uZ8+HBOAkklA7l4aeQ+0HP4AhGfU8ckNiM8fIBC9efeM7pZIq6o+feShQBA3 +bdf4xjEyfj1qPZsav+iPc73ZK9aaN6pXyFxjn4LLxlNYITRDh3fsUJlho9OBGj4B +7vXm/2uX/M50pMVttfVP6gba2k3h/VKvekMytbjCc1nDZvI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-entity.pem b/certs/test-pathlen/chainE-entity.pem index 05a7b31a2..3f6df339e 100644 --- a/certs/test-pathlen/chainE-entity.pem +++ b/certs/test-pathlen/chainE-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainE-ICA1-pathlen128/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainE-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d8:6f:49:bb:56:ea:34:4c:25:a6:8c:44:f6:c9: 75:8f:6b:83:b8:8b:ec:c6:f6:d3:c7:40:e2:d1:b2: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 2d:35:05:3b:41:51:cb:b0:57:33:0a:09:f2:46:12:13:cc:9b: - e8:31:70:5c:86:0d:ea:63:be:9d:db:9b:fb:d5:f1:a2:fe:d1: - 8c:3f:04:28:69:25:bd:c2:a4:19:16:f4:aa:0f:43:dc:b0:51: - 8c:4e:5e:a0:a9:6e:56:67:be:4d:eb:18:de:37:99:51:fc:20: - e4:38:cc:c6:c3:cb:1e:fa:97:8c:96:e3:62:85:e7:77:48:4f: - 1d:3f:ba:c0:ba:4c:40:6f:d1:2c:3f:0d:ce:03:f7:12:64:07: - 1f:51:b9:d6:88:5b:bc:b0:59:16:94:54:cb:cb:c2:33:98:15: - c8:80:00:27:25:d3:f8:aa:97:c1:0e:6c:8c:4c:86:0e:5f:66: - 73:a6:1d:83:db:66:87:55:f5:3f:66:c0:66:bb:de:3e:f2:64: - 98:ab:ea:be:56:9b:b3:64:bb:10:60:75:05:9b:34:62:02:45: - f3:eb:2b:76:2f:4a:fc:c3:bc:b0:fe:2e:40:9b:ed:44:35:07: - 31:da:fa:7c:48:85:a3:8c:83:e2:d6:9a:54:95:a1:19:51:1e: - ce:4d:a7:fc:1b:56:c0:3b:a3:36:d0:83:2d:f4:fb:4c:d1:3e: - 59:fa:47:44:a0:16:93:02:b1:0a:38:b0:8b:12:3d:87:ab:34: - 1f:2e:5d:ea + ca:df:49:e3:ff:ab:df:ff:1a:f7:32:01:38:cb:c6:be:7b:69: + ce:90:91:20:0f:9f:53:60:1f:c8:92:c1:8a:65:a9:13:ee:c9: + 42:dc:c4:cd:83:3b:9c:43:85:52:88:64:aa:fb:67:dc:a9:e8: + 27:f9:b5:11:f8:c8:56:02:ef:04:08:32:70:5d:de:e7:10:16: + 0f:ea:d4:4c:63:97:c4:d5:d2:a0:27:fb:68:3c:34:e6:36:d5: + bb:d7:f3:bb:fd:cb:8b:6f:cb:8c:f2:95:b6:c4:bc:d5:b2:00: + 89:37:d6:67:84:1c:cc:59:2b:c1:25:04:b2:b6:00:17:ab:de: + cc:88:29:19:da:8f:f1:e9:c9:54:51:ba:37:82:00:ff:98:fa: + 16:89:31:0d:06:e9:e1:d7:04:f2:b3:b8:ae:25:6b:01:42:91: + 32:13:b8:48:ab:58:2a:07:9a:f2:fe:c8:57:d5:48:00:db:96: + 19:b9:ac:b5:db:27:80:b6:bd:22:53:42:27:a8:19:31:d2:c1: + 8e:78:73:4c:83:d7:a0:19:cb:ee:8c:67:0f:0f:63:03:ed:bc: + 1b:e9:9c:3e:ed:56:df:b3:d7:da:c1:ce:f7:e0:b2:af:43:da: + 26:0a:e9:02:25:d2:6a:3b:40:bf:29:9e:8e:51:33:c2:73:fa: + d6:ee:21:a6 -----BEGIN CERTIFICATE----- MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAtNQU7QVHLsFczCgnyRhIT -zJvoMXBchg3qY76d25v71fGi/tGMPwQoaSW9wqQZFvSqD0PcsFGMTl6gqW5WZ75N -6xjeN5lR/CDkOMzGw8se+peMluNihed3SE8dP7rAukxAb9EsPw3OA/cSZAcfUbnW -iFu8sFkWlFTLy8IzmBXIgAAnJdP4qpfBDmyMTIYOX2Zzph2D22aHVfU/ZsBmu94+ -8mSYq+q+VpuzZLsQYHUFmzRiAkXz6yt2L0r8w7yw/i5Am+1ENQcx2vp8SIWjjIPi -1ppUlaEZUR7OTaf8G1bAO6M20IMt9PtM0T5Z+kdEoBaTArEKOLCLEj2HqzQfLl3q +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQDK30nj/6vf/xr3MgE4y8a+ +e2nOkJEgD59TYB/IksGKZakT7slC3MTNgzucQ4VSiGSq+2fcqegn+bUR+MhWAu8E +CDJwXd7nEBYP6tRMY5fE1dKgJ/toPDTmNtW71/O7/cuLb8uM8pW2xLzVsgCJN9Zn +hBzMWSvBJQSytgAXq97MiCkZ2o/x6clUUbo3ggD/mPoWiTENBunh1wTys7iuJWsB +QpEyE7hIq1gqB5ry/shX1UgA25YZuay12yeAtr0iU0InqBkx0sGOeHNMg9egGcvu +jGcPD2MD7bwb6Zw+7Vbfs9fawc734LKvQ9omCukCJdJqO0C/KZ6OUTPCc/rW7iGm -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/certs/test-pathlen/chainF-ICA1-pathlen1.pem index def0e807e..88e935765 100644 --- a/certs/test-pathlen/chainF-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainF-ICA1-pathlen1.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA2-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA1-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e0:13:c9:b0:8e:9d:3f:88:d4:30:4a:b4:e8:11: 21:93:5c:20:45:08:f8:7a:91:b9:2c:ad:ff:60:aa: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 0f:ec:d6:db:15:a4:df:0a:0c:0d:e0:08:20:5d:a6:c5:26:67: - 89:91:20:cb:a5:d3:91:cf:c7:45:62:7b:b0:67:a7:0f:fe:03: - 16:d2:40:a4:a1:4b:00:a0:14:88:7c:31:f6:33:61:3a:b1:7a: - 6d:c7:fb:f1:19:37:67:a1:2b:8e:99:0f:0c:71:95:6e:8d:69: - 85:f4:ed:f8:69:ce:05:cf:9d:a7:da:72:42:6b:0d:99:f1:91: - c5:a8:45:80:5c:6c:cf:08:af:9b:02:c2:ca:85:06:59:cb:6c: - 34:4e:87:94:8c:b9:c2:e1:74:66:c7:6b:60:ab:c7:0d:c3:69: - b8:e4:76:0b:07:3e:6a:2c:12:c3:46:23:6f:74:5b:a5:6f:4f: - e7:7e:51:90:20:73:9b:b6:dd:b4:95:8b:fb:13:02:b3:86:cc: - d3:0c:53:25:4d:a1:e7:ab:cc:7e:a6:11:2c:17:35:f2:d4:94: - 97:7e:0f:a9:5d:41:13:98:a8:b1:34:fe:6e:fe:86:74:b2:27: - 53:4a:75:07:46:02:9c:41:b7:1e:9c:83:64:1a:8f:4b:50:e0: - 7c:81:e3:f3:87:58:50:b9:37:9a:27:32:d6:b5:cf:0f:cc:6d: - 71:54:30:b4:56:54:f2:7f:95:38:8e:f1:d2:a7:81:42:b5:47: - 0a:01:9c:e6 + cf:af:61:bb:fd:70:42:0e:4d:e1:94:94:12:c3:61:ad:2e:4a: + 70:91:09:00:ef:43:c3:52:e7:61:5d:89:7e:8c:fb:68:0e:1f: + ee:ac:1f:e6:c6:83:18:fa:05:0c:51:27:ce:69:71:5b:22:b9: + 65:2f:f4:51:2e:db:fb:5c:76:02:14:d3:58:4f:7a:ac:ec:66: + f4:d6:62:32:7d:6d:3e:e9:c9:00:51:0b:3f:8d:bc:6d:20:3c: + 25:28:1c:30:32:b1:cc:61:06:76:b6:0a:e3:4a:49:b2:85:e3: + f7:db:4d:97:48:d2:4a:3a:34:81:24:fd:d0:9f:7b:ac:58:09: + 3e:40:27:1b:70:c8:05:b5:0e:54:be:01:b8:38:e2:b3:8b:c6: + c0:36:b8:ab:1e:d0:30:aa:1d:35:3d:93:0c:4f:9b:e4:71:8e: + 21:d5:f2:f1:1f:b6:f5:fe:95:8b:29:a2:9c:99:4c:9e:cd:9a: + dc:41:0a:7b:85:61:fd:6e:5c:b2:d4:79:b3:46:1c:22:e6:65: + d9:c5:99:fe:de:4d:b6:d2:9f:a4:26:07:b0:dd:31:13:a0:8b: + 01:cc:ab:b9:7e:9f:34:58:65:fb:48:ed:16:07:88:11:93:20: + 25:56:b0:dc:58:99:e0:6e:6e:71:be:58:77:13:96:e3:7c:60: + 7a:1f:64:83 -----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQELBQADggEBAA/s1tsVpN8KDA3gCCBdpsUmZ4mRIMul05HPx0Vie7Bnpw/+AxbS -QKShSwCgFIh8MfYzYTqxem3H+/EZN2ehK46ZDwxxlW6NaYX07fhpzgXPnafackJr -DZnxkcWoRYBcbM8Ir5sCwsqFBlnLbDROh5SMucLhdGbHa2Crxw3DabjkdgsHPmos -EsNGI290W6VvT+d+UZAgc5u23bSVi/sTArOGzNMMUyVNoeerzH6mESwXNfLUlJd+ -D6ldQROYqLE0/m7+hnSyJ1NKdQdGApxBtx6cg2Qaj0tQ4HyB4/OHWFC5N5onMta1 -zw/MbXFUMLRWVPJ/lTiO8dKngUK1RwoBnOY= +AQELBQADggEBAM+vYbv9cEIOTeGUlBLDYa0uSnCRCQDvQ8NS52FdiX6M+2gOH+6s +H+bGgxj6BQxRJ85pcVsiuWUv9FEu2/tcdgIU01hPeqzsZvTWYjJ9bT7pyQBRCz+N +vG0gPCUoHDAyscxhBna2CuNKSbKF4/fbTZdI0ko6NIEk/dCfe6xYCT5AJxtwyAW1 +DlS+Abg44rOLxsA2uKse0DCqHTU9kwxPm+RxjiHV8vEftvX+lYspopyZTJ7NmtxB +CnuFYf1uXLLUebNGHCLmZdnFmf7eTbbSn6QmB7DdMROgiwHMq7l+nzRYZftI7RYH +iBGTICVWsNxYmeBubnG+WHcTluN8YHofZIM= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/certs/test-pathlen/chainF-ICA2-pathlen0.pem index a0bfc71bb..0fa9fd16d 100644 --- a/certs/test-pathlen/chainF-ICA2-pathlen0.pem +++ b/certs/test-pathlen/chainF-ICA2-pathlen0.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA2-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:da:3a:22:65:f8:6d:1c:b7:1c:87:dd:27:f4:d7: 75:aa:7c:1c:37:31:b4:d6:a5:34:4b:36:40:ea:55: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 57:b9:16:18:c5:f0:4a:fc:14:4f:f7:53:a5:05:ea:88:48:e1: - 54:ec:c1:a6:02:8e:5a:7a:80:90:7d:fe:6d:a7:b8:c5:fb:22: - d9:a5:9f:80:fa:63:2f:e4:a7:c3:57:b4:0a:1f:55:d1:f9:30: - 36:aa:e3:39:8c:00:f9:44:1e:ba:d1:84:f9:0d:11:b1:42:96: - ee:94:92:c2:8f:ef:36:47:54:48:03:74:5b:d3:28:d8:ac:e4: - e0:1a:b1:1c:6a:95:a1:f2:7b:bc:33:6c:c4:6d:91:8f:2e:95: - 26:97:a2:a2:45:19:ce:25:03:8a:0e:99:0f:64:d4:2e:06:ed: - 36:d0:58:bd:8f:6d:23:e2:82:3e:d0:b5:d5:29:91:1a:49:04: - 10:9d:6a:4f:ba:19:60:45:ee:a9:41:ae:84:05:6d:77:2f:72: - da:7c:19:3a:19:3f:c1:44:0c:c0:35:34:98:36:28:e0:3f:d2: - b9:8e:07:24:e6:1f:7c:0c:ce:7d:c0:89:bb:01:9f:50:49:09: - 89:fa:9c:4b:4d:5c:8d:53:60:f3:19:44:44:15:50:e0:86:ec: - 47:ba:22:c3:dc:d9:56:84:f3:8d:9c:03:98:4e:f2:0d:e1:98: - e0:f2:0a:48:a1:0e:db:42:74:3e:c5:fd:ed:fe:2b:91:1d:98: - d7:5d:07:e4 + 06:b2:fa:bd:93:a8:a0:f5:e5:7c:cd:a6:58:8e:c7:c0:84:69: + 96:d1:ae:90:e9:d4:c7:62:56:00:73:0b:d9:b2:f4:0a:a7:90: + c1:60:53:6d:14:e3:fe:5e:46:18:a2:68:a1:37:7e:b0:2e:98: + 9d:a5:e9:68:8b:8d:5a:fc:6d:ac:e9:1f:1b:47:af:fe:23:e7: + 2f:62:c1:ae:94:78:89:13:72:92:bb:f7:e5:38:93:a0:a3:a4: + d8:5a:cd:27:a5:20:51:b6:43:9b:19:23:d9:61:5b:da:c5:d6: + e2:89:c4:db:08:f0:90:ee:76:8c:31:fb:9e:2c:61:66:29:03: + 48:0a:d6:47:8d:6f:05:bd:df:a4:65:5b:80:8a:31:54:e3:af: + ee:9d:f8:d0:aa:59:0c:a8:6f:d9:c1:9b:54:81:a3:6d:d2:1b: + 90:6d:2d:3b:de:60:ef:8d:15:76:c1:c0:6e:40:02:92:a1:21: + da:41:ac:e7:4f:55:c3:b7:6d:0e:93:98:d7:60:c5:02:6e:c8: + de:9f:4c:b3:af:ce:ab:7a:ca:9a:2b:6e:41:84:8b:6b:9f:95: + 8d:5a:f0:76:46:3d:49:38:40:5c:b2:a3:28:6c:f5:01:a2:c6: + 74:6b:aa:43:1f:70:e5:09:f5:63:4d:88:e3:8a:b0:10:ed:58: + a5:ea:cd:f6 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ bHhY4fbPRorWpXlNR4jKbGlOKNSNhKjhbB3TNn4j42TVCqP8NomQCv9+i/ouZvvH M0SS3w9DsuskfiuusEOprVOC+N4XGSZfyoysDB8kvRXtT12C6hDrBXBPA2DZI20h B00SnPNk7nb7nfnD2Bo7bqmCey0usHS3E9ZligbyJXTCJulxZlRh/io0JwfJje+g ooaTQUdzCAEHzE3s/oCIk/uutJEW+oOWhGZTzfNS2tQl4QkVIOIQ6t057wIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQBXuRYYxfBK/BRP91OlBeqISOFU7MGmAo5aeoCQff5tp7jF+yLZpZ+A+mMv -5KfDV7QKH1XR+TA2quM5jAD5RB660YT5DRGxQpbulJLCj+82R1RIA3Rb0yjYrOTg -GrEcapWh8nu8M2zEbZGPLpUml6KiRRnOJQOKDpkPZNQuBu020Fi9j20j4oI+0LXV -KZEaSQQQnWpPuhlgRe6pQa6EBW13L3LafBk6GT/BRAzANTSYNijgP9K5jgck5h98 -DM59wIm7AZ9QSQmJ+pxLTVyNU2DzGUREFVDghuxHuiLD3NlWhPONnAOYTvIN4Zjg -8gpIoQ7bQnQ+xf3t/iuRHZjXXQfk +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAAay+r2TqKD15XzNpliOx8CEaZbRrpDp1MdiVgBzC9my +9AqnkMFgU20U4/5eRhiiaKE3frAumJ2l6WiLjVr8bazpHxtHr/4j5y9iwa6UeIkT +cpK79+U4k6CjpNhazSelIFG2Q5sZI9lhW9rF1uKJxNsI8JDudowx+54sYWYpA0gK +1keNbwW936RlW4CKMVTjr+6d+NCqWQyob9nBm1SBo23SG5BtLTveYO+NFXbBwG5A +ApKhIdpBrOdPVcO3bQ6TmNdgxQJuyN6fTLOvzqt6yporbkGEi2uflY1a8HZGPUk4 +QFyyoyhs9QGixnRrqkMfcOUJ9WNNiOOKsBDtWKXqzfY= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-assembled.pem b/certs/test-pathlen/chainF-assembled.pem index 847a954e1..bd84c8885 100644 --- a/certs/test-pathlen/chainF-assembled.pem +++ b/certs/test-pathlen/chainF-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA1-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c9:f8:2c:ad:25:a9:65:3b:72:13:5d:aa:7f:5b: 71:f5:e0:43:c4:3a:b3:36:0d:34:61:35:86:77:a0: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 2a:cd:93:cf:48:f6:8e:7b:ec:b6:a1:1b:3a:52:46:fb:e0:8d: - a3:14:63:b1:20:b8:a4:ee:69:ca:7b:d4:1d:53:f4:ab:a2:b2: - 0d:7b:65:23:c1:97:34:b2:62:aa:31:4b:67:5a:1e:01:7e:6a: - 64:65:b5:dd:02:d2:d0:85:4f:28:64:57:43:4d:8f:f1:d4:23: - da:e9:1e:7c:28:7c:75:24:9d:19:d5:60:b3:e0:bc:32:6c:2a: - a7:80:c3:2a:05:d2:86:46:47:64:f2:63:bd:68:8d:60:99:a2: - a5:cb:b2:ad:d4:0b:fc:a0:d0:44:e0:0d:50:83:b2:84:c5:08: - 12:34:c5:8c:39:e3:75:9f:5a:81:f5:ad:ce:e6:1c:70:0b:e2: - be:30:f7:0c:f8:a7:f3:96:22:74:7f:31:b1:5d:f5:77:a8:e0: - c0:0d:9e:7a:20:1f:68:6a:e0:4f:33:00:5a:05:bd:c3:3d:aa: - b5:8d:36:8d:53:44:08:3e:5e:59:d3:ce:79:54:5e:5b:e9:ca: - 6d:2b:95:e9:77:14:94:c9:a0:9a:7d:28:9a:e4:1c:cd:22:94: - d1:a9:f8:03:38:b5:f0:a2:8d:09:7c:13:0e:d5:85:ef:03:a0: - 1f:a9:5d:29:e3:ff:4e:be:10:58:54:78:a4:04:0c:5a:8d:13: - ae:bd:48:db + 08:a8:7f:6c:b7:c4:65:ce:c3:c5:1e:af:dd:d8:42:19:e1:f5: + f8:26:8b:c8:78:05:57:d6:71:3b:6a:4f:88:c6:4c:ea:33:0b: + 39:19:c0:fb:e8:e4:9a:be:38:11:a9:e4:6f:a7:db:54:80:b4: + ab:cf:d2:04:f4:41:f6:05:c5:65:a3:42:c5:d1:50:33:3f:27: + 5d:8a:b0:b4:37:4e:7f:32:dd:7a:cb:2c:ba:ab:ef:5f:3c:38: + ea:ca:cb:28:2a:7b:0d:a6:f4:46:cc:d1:77:b5:51:70:b1:bb: + 18:e9:66:92:45:af:55:a3:de:3e:dd:65:44:c4:5f:de:38:b6: + 8e:45:ed:36:07:36:cb:72:14:d2:ff:1d:78:a7:4f:c5:0b:51: + 07:e3:61:bd:99:58:e7:64:fb:d5:33:59:d9:50:7d:4b:39:0e: + 6c:66:46:63:aa:34:d8:d4:df:46:da:ed:d1:01:cc:da:6b:d6: + b8:cd:07:23:b2:07:32:bc:6a:38:88:1d:04:00:f0:dc:ef:99: + 22:76:68:ba:4a:3f:cb:11:fb:4b:49:c7:4c:6e:b3:34:05:6f: + 71:24:da:d6:2e:5e:67:30:42:82:aa:4f:07:e8:24:3b:0f:3c: + bf:64:0c:76:96:20:c0:16:87:31:a6:d5:c4:76:ca:f2:fc:74: + e2:41:ea:9c -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,27 +77,27 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACrNk89I -9o577LahGzpSRvvgjaMUY7EguKTuacp71B1T9Kuisg17ZSPBlzSyYqoxS2daHgF+ -amRltd0C0tCFTyhkV0NNj/HUI9rpHnwofHUknRnVYLPgvDJsKqeAwyoF0oZGR2Ty -Y71ojWCZoqXLsq3UC/yg0ETgDVCDsoTFCBI0xYw543WfWoH1rc7mHHAL4r4w9wz4 -p/OWInR/MbFd9Xeo4MANnnogH2hq4E8zAFoFvcM9qrWNNo1TRAg+XlnTznlUXlvp -ym0rlel3FJTJoJp9KJrkHM0ilNGp+AM4tfCijQl8Ew7Vhe8DoB+pXSnj/06+EFhU -eKQEDFqNE669SNs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAiof2y3 +xGXOw8Uer93YQhnh9fgmi8h4BVfWcTtqT4jGTOozCzkZwPvo5Jq+OBGp5G+n21SA +tKvP0gT0QfYFxWWjQsXRUDM/J12KsLQ3Tn8y3XrLLLqr7188OOrKyygqew2m9EbM +0Xe1UXCxuxjpZpJFr1Wj3j7dZUTEX944to5F7TYHNstyFNL/HXinT8ULUQfjYb2Z +WOdk+9UzWdlQfUs5DmxmRmOqNNjU30ba7dEBzNpr1rjNByOyBzK8ajiIHQQA8Nzv +mSJ2aLpKP8sR+0tJx0xuszQFb3Ek2tYuXmcwQoKqTwfoJDsPPL9kDHaWIMAWhzGm +1cR2yvL8dOJB6pw= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA2-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA1-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e0:13:c9:b0:8e:9d:3f:88:d4:30:4a:b4:e8:11: 21:93:5c:20:45:08:f8:7a:91:b9:2c:ad:ff:60:aa: @@ -131,27 +131,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 0f:ec:d6:db:15:a4:df:0a:0c:0d:e0:08:20:5d:a6:c5:26:67: - 89:91:20:cb:a5:d3:91:cf:c7:45:62:7b:b0:67:a7:0f:fe:03: - 16:d2:40:a4:a1:4b:00:a0:14:88:7c:31:f6:33:61:3a:b1:7a: - 6d:c7:fb:f1:19:37:67:a1:2b:8e:99:0f:0c:71:95:6e:8d:69: - 85:f4:ed:f8:69:ce:05:cf:9d:a7:da:72:42:6b:0d:99:f1:91: - c5:a8:45:80:5c:6c:cf:08:af:9b:02:c2:ca:85:06:59:cb:6c: - 34:4e:87:94:8c:b9:c2:e1:74:66:c7:6b:60:ab:c7:0d:c3:69: - b8:e4:76:0b:07:3e:6a:2c:12:c3:46:23:6f:74:5b:a5:6f:4f: - e7:7e:51:90:20:73:9b:b6:dd:b4:95:8b:fb:13:02:b3:86:cc: - d3:0c:53:25:4d:a1:e7:ab:cc:7e:a6:11:2c:17:35:f2:d4:94: - 97:7e:0f:a9:5d:41:13:98:a8:b1:34:fe:6e:fe:86:74:b2:27: - 53:4a:75:07:46:02:9c:41:b7:1e:9c:83:64:1a:8f:4b:50:e0: - 7c:81:e3:f3:87:58:50:b9:37:9a:27:32:d6:b5:cf:0f:cc:6d: - 71:54:30:b4:56:54:f2:7f:95:38:8e:f1:d2:a7:81:42:b5:47: - 0a:01:9c:e6 + cf:af:61:bb:fd:70:42:0e:4d:e1:94:94:12:c3:61:ad:2e:4a: + 70:91:09:00:ef:43:c3:52:e7:61:5d:89:7e:8c:fb:68:0e:1f: + ee:ac:1f:e6:c6:83:18:fa:05:0c:51:27:ce:69:71:5b:22:b9: + 65:2f:f4:51:2e:db:fb:5c:76:02:14:d3:58:4f:7a:ac:ec:66: + f4:d6:62:32:7d:6d:3e:e9:c9:00:51:0b:3f:8d:bc:6d:20:3c: + 25:28:1c:30:32:b1:cc:61:06:76:b6:0a:e3:4a:49:b2:85:e3: + f7:db:4d:97:48:d2:4a:3a:34:81:24:fd:d0:9f:7b:ac:58:09: + 3e:40:27:1b:70:c8:05:b5:0e:54:be:01:b8:38:e2:b3:8b:c6: + c0:36:b8:ab:1e:d0:30:aa:1d:35:3d:93:0c:4f:9b:e4:71:8e: + 21:d5:f2:f1:1f:b6:f5:fe:95:8b:29:a2:9c:99:4c:9e:cd:9a: + dc:41:0a:7b:85:61:fd:6e:5c:b2:d4:79:b3:46:1c:22:e6:65: + d9:c5:99:fe:de:4d:b6:d2:9f:a4:26:07:b0:dd:31:13:a0:8b: + 01:cc:ab:b9:7e:9f:34:58:65:fb:48:ed:16:07:88:11:93:20: + 25:56:b0:dc:58:99:e0:6e:6e:71:be:58:77:13:96:e3:7c:60: + 7a:1f:64:83 -----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,26 +167,26 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQELBQADggEBAA/s1tsVpN8KDA3gCCBdpsUmZ4mRIMul05HPx0Vie7Bnpw/+AxbS -QKShSwCgFIh8MfYzYTqxem3H+/EZN2ehK46ZDwxxlW6NaYX07fhpzgXPnafackJr -DZnxkcWoRYBcbM8Ir5sCwsqFBlnLbDROh5SMucLhdGbHa2Crxw3DabjkdgsHPmos -EsNGI290W6VvT+d+UZAgc5u23bSVi/sTArOGzNMMUyVNoeerzH6mESwXNfLUlJd+ -D6ldQROYqLE0/m7+hnSyJ1NKdQdGApxBtx6cg2Qaj0tQ4HyB4/OHWFC5N5onMta1 -zw/MbXFUMLRWVPJ/lTiO8dKngUK1RwoBnOY= +AQELBQADggEBAM+vYbv9cEIOTeGUlBLDYa0uSnCRCQDvQ8NS52FdiX6M+2gOH+6s +H+bGgxj6BQxRJ85pcVsiuWUv9FEu2/tcdgIU01hPeqzsZvTWYjJ9bT7pyQBRCz+N +vG0gPCUoHDAyscxhBna2CuNKSbKF4/fbTZdI0ko6NIEk/dCfe6xYCT5AJxtwyAW1 +DlS+Abg44rOLxsA2uKse0DCqHTU9kwxPm+RxjiHV8vEftvX+lYspopyZTJ7NmtxB +CnuFYf1uXLLUebNGHCLmZdnFmf7eTbbSn6QmB7DdMROgiwHMq7l+nzRYZftI7RYH +iBGTICVWsNxYmeBubnG+WHcTluN8YHofZIM= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA2-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:da:3a:22:65:f8:6d:1c:b7:1c:87:dd:27:f4:d7: 75:aa:7c:1c:37:31:b4:d6:a5:34:4b:36:40:ea:55: @@ -213,34 +213,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 57:b9:16:18:c5:f0:4a:fc:14:4f:f7:53:a5:05:ea:88:48:e1: - 54:ec:c1:a6:02:8e:5a:7a:80:90:7d:fe:6d:a7:b8:c5:fb:22: - d9:a5:9f:80:fa:63:2f:e4:a7:c3:57:b4:0a:1f:55:d1:f9:30: - 36:aa:e3:39:8c:00:f9:44:1e:ba:d1:84:f9:0d:11:b1:42:96: - ee:94:92:c2:8f:ef:36:47:54:48:03:74:5b:d3:28:d8:ac:e4: - e0:1a:b1:1c:6a:95:a1:f2:7b:bc:33:6c:c4:6d:91:8f:2e:95: - 26:97:a2:a2:45:19:ce:25:03:8a:0e:99:0f:64:d4:2e:06:ed: - 36:d0:58:bd:8f:6d:23:e2:82:3e:d0:b5:d5:29:91:1a:49:04: - 10:9d:6a:4f:ba:19:60:45:ee:a9:41:ae:84:05:6d:77:2f:72: - da:7c:19:3a:19:3f:c1:44:0c:c0:35:34:98:36:28:e0:3f:d2: - b9:8e:07:24:e6:1f:7c:0c:ce:7d:c0:89:bb:01:9f:50:49:09: - 89:fa:9c:4b:4d:5c:8d:53:60:f3:19:44:44:15:50:e0:86:ec: - 47:ba:22:c3:dc:d9:56:84:f3:8d:9c:03:98:4e:f2:0d:e1:98: - e0:f2:0a:48:a1:0e:db:42:74:3e:c5:fd:ed:fe:2b:91:1d:98: - d7:5d:07:e4 + 06:b2:fa:bd:93:a8:a0:f5:e5:7c:cd:a6:58:8e:c7:c0:84:69: + 96:d1:ae:90:e9:d4:c7:62:56:00:73:0b:d9:b2:f4:0a:a7:90: + c1:60:53:6d:14:e3:fe:5e:46:18:a2:68:a1:37:7e:b0:2e:98: + 9d:a5:e9:68:8b:8d:5a:fc:6d:ac:e9:1f:1b:47:af:fe:23:e7: + 2f:62:c1:ae:94:78:89:13:72:92:bb:f7:e5:38:93:a0:a3:a4: + d8:5a:cd:27:a5:20:51:b6:43:9b:19:23:d9:61:5b:da:c5:d6: + e2:89:c4:db:08:f0:90:ee:76:8c:31:fb:9e:2c:61:66:29:03: + 48:0a:d6:47:8d:6f:05:bd:df:a4:65:5b:80:8a:31:54:e3:af: + ee:9d:f8:d0:aa:59:0c:a8:6f:d9:c1:9b:54:81:a3:6d:d2:1b: + 90:6d:2d:3b:de:60:ef:8d:15:76:c1:c0:6e:40:02:92:a1:21: + da:41:ac:e7:4f:55:c3:b7:6d:0e:93:98:d7:60:c5:02:6e:c8: + de:9f:4c:b3:af:ce:ab:7a:ca:9a:2b:6e:41:84:8b:6b:9f:95: + 8d:5a:f0:76:46:3d:49:38:40:5c:b2:a3:28:6c:f5:01:a2:c6: + 74:6b:aa:43:1f:70:e5:09:f5:63:4d:88:e3:8a:b0:10:ed:58: + a5:ea:cd:f6 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -250,16 +250,16 @@ bHhY4fbPRorWpXlNR4jKbGlOKNSNhKjhbB3TNn4j42TVCqP8NomQCv9+i/ouZvvH M0SS3w9DsuskfiuusEOprVOC+N4XGSZfyoysDB8kvRXtT12C6hDrBXBPA2DZI20h B00SnPNk7nb7nfnD2Bo7bqmCey0usHS3E9ZligbyJXTCJulxZlRh/io0JwfJje+g ooaTQUdzCAEHzE3s/oCIk/uutJEW+oOWhGZTzfNS2tQl4QkVIOIQ6t057wIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQBXuRYYxfBK/BRP91OlBeqISOFU7MGmAo5aeoCQff5tp7jF+yLZpZ+A+mMv -5KfDV7QKH1XR+TA2quM5jAD5RB660YT5DRGxQpbulJLCj+82R1RIA3Rb0yjYrOTg -GrEcapWh8nu8M2zEbZGPLpUml6KiRRnOJQOKDpkPZNQuBu020Fi9j20j4oI+0LXV -KZEaSQQQnWpPuhlgRe6pQa6EBW13L3LafBk6GT/BRAzANTSYNijgP9K5jgck5h98 -DM59wIm7AZ9QSQmJ+pxLTVyNU2DzGUREFVDghuxHuiLD3NlWhPONnAOYTvIN4Zjg -8gpIoQ7bQnQ+xf3t/iuRHZjXXQfk +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAAay+r2TqKD15XzNpliOx8CEaZbRrpDp1MdiVgBzC9my +9AqnkMFgU20U4/5eRhiiaKE3frAumJ2l6WiLjVr8bazpHxtHr/4j5y9iwa6UeIkT +cpK79+U4k6CjpNhazSelIFG2Q5sZI9lhW9rF1uKJxNsI8JDudowx+54sYWYpA0gK +1keNbwW936RlW4CKMVTjr+6d+NCqWQyob9nBm1SBo23SG5BtLTveYO+NFXbBwG5A +ApKhIdpBrOdPVcO3bQ6TmNdgxQJuyN6fTLOvzqt6yporbkGEi2uflY1a8HZGPUk4 +QFyyoyhs9QGixnRrqkMfcOUJ9WNNiOOKsBDtWKXqzfY= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-entity.pem b/certs/test-pathlen/chainF-entity.pem index 94403cded..d54f9d18d 100644 --- a/certs/test-pathlen/chainF-entity.pem +++ b/certs/test-pathlen/chainF-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-ICA1-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainF-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c9:f8:2c:ad:25:a9:65:3b:72:13:5d:aa:7f:5b: 71:f5:e0:43:c4:3a:b3:36:0d:34:61:35:86:77:a0: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 2a:cd:93:cf:48:f6:8e:7b:ec:b6:a1:1b:3a:52:46:fb:e0:8d: - a3:14:63:b1:20:b8:a4:ee:69:ca:7b:d4:1d:53:f4:ab:a2:b2: - 0d:7b:65:23:c1:97:34:b2:62:aa:31:4b:67:5a:1e:01:7e:6a: - 64:65:b5:dd:02:d2:d0:85:4f:28:64:57:43:4d:8f:f1:d4:23: - da:e9:1e:7c:28:7c:75:24:9d:19:d5:60:b3:e0:bc:32:6c:2a: - a7:80:c3:2a:05:d2:86:46:47:64:f2:63:bd:68:8d:60:99:a2: - a5:cb:b2:ad:d4:0b:fc:a0:d0:44:e0:0d:50:83:b2:84:c5:08: - 12:34:c5:8c:39:e3:75:9f:5a:81:f5:ad:ce:e6:1c:70:0b:e2: - be:30:f7:0c:f8:a7:f3:96:22:74:7f:31:b1:5d:f5:77:a8:e0: - c0:0d:9e:7a:20:1f:68:6a:e0:4f:33:00:5a:05:bd:c3:3d:aa: - b5:8d:36:8d:53:44:08:3e:5e:59:d3:ce:79:54:5e:5b:e9:ca: - 6d:2b:95:e9:77:14:94:c9:a0:9a:7d:28:9a:e4:1c:cd:22:94: - d1:a9:f8:03:38:b5:f0:a2:8d:09:7c:13:0e:d5:85:ef:03:a0: - 1f:a9:5d:29:e3:ff:4e:be:10:58:54:78:a4:04:0c:5a:8d:13: - ae:bd:48:db + 08:a8:7f:6c:b7:c4:65:ce:c3:c5:1e:af:dd:d8:42:19:e1:f5: + f8:26:8b:c8:78:05:57:d6:71:3b:6a:4f:88:c6:4c:ea:33:0b: + 39:19:c0:fb:e8:e4:9a:be:38:11:a9:e4:6f:a7:db:54:80:b4: + ab:cf:d2:04:f4:41:f6:05:c5:65:a3:42:c5:d1:50:33:3f:27: + 5d:8a:b0:b4:37:4e:7f:32:dd:7a:cb:2c:ba:ab:ef:5f:3c:38: + ea:ca:cb:28:2a:7b:0d:a6:f4:46:cc:d1:77:b5:51:70:b1:bb: + 18:e9:66:92:45:af:55:a3:de:3e:dd:65:44:c4:5f:de:38:b6: + 8e:45:ed:36:07:36:cb:72:14:d2:ff:1d:78:a7:4f:c5:0b:51: + 07:e3:61:bd:99:58:e7:64:fb:d5:33:59:d9:50:7d:4b:39:0e: + 6c:66:46:63:aa:34:d8:d4:df:46:da:ed:d1:01:cc:da:6b:d6: + b8:cd:07:23:b2:07:32:bc:6a:38:88:1d:04:00:f0:dc:ef:99: + 22:76:68:ba:4a:3f:cb:11:fb:4b:49:c7:4c:6e:b3:34:05:6f: + 71:24:da:d6:2e:5e:67:30:42:82:aa:4f:07:e8:24:3b:0f:3c: + bf:64:0c:76:96:20:c0:16:87:31:a6:d5:c4:76:ca:f2:fc:74: + e2:41:ea:9c -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACrNk89I -9o577LahGzpSRvvgjaMUY7EguKTuacp71B1T9Kuisg17ZSPBlzSyYqoxS2daHgF+ -amRltd0C0tCFTyhkV0NNj/HUI9rpHnwofHUknRnVYLPgvDJsKqeAwyoF0oZGR2Ty -Y71ojWCZoqXLsq3UC/yg0ETgDVCDsoTFCBI0xYw543WfWoH1rc7mHHAL4r4w9wz4 -p/OWInR/MbFd9Xeo4MANnnogH2hq4E8zAFoFvcM9qrWNNo1TRAg+XlnTznlUXlvp -ym0rlel3FJTJoJp9KJrkHM0ilNGp+AM4tfCijQl8Ew7Vhe8DoB+pXSnj/06+EFhU -eKQEDFqNE669SNs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAiof2y3 +xGXOw8Uer93YQhnh9fgmi8h4BVfWcTtqT4jGTOozCzkZwPvo5Jq+OBGp5G+n21SA +tKvP0gT0QfYFxWWjQsXRUDM/J12KsLQ3Tn8y3XrLLLqr7188OOrKyygqew2m9EbM +0Xe1UXCxuxjpZpJFr1Wj3j7dZUTEX944to5F7TYHNstyFNL/HXinT8ULUQfjYb2Z +WOdk+9UzWdlQfUs5DmxmRmOqNNjU30ba7dEBzNpr1rjNByOyBzK8ajiIHQQA8Nzv +mSJ2aLpKP8sR+0tJx0xuszQFb3Ek2tYuXmcwQoKqTwfoJDsPPL9kDHaWIMAWhzGm +1cR2yvL8dOJB6pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/certs/test-pathlen/chainG-ICA1-pathlen0.pem index 99bb03162..fef792cfd 100644 --- a/certs/test-pathlen/chainG-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainG-ICA1-pathlen0.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA2-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d2:26:be:51:98:42:e0:1f:ae:fc:c2:cb:ba:d5: 0f:44:3b:0b:60:d8:49:ec:03:43:6b:06:ce:f2:28: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 8c:c9:7e:79:a8:29:4e:81:7f:e2:78:bc:91:6c:33:08:67:01: - d0:76:f6:51:04:ad:a2:34:4d:59:4f:ab:b7:e5:80:60:01:1e: - 16:20:60:a9:ef:a5:27:01:36:7a:20:1d:76:1f:fb:ef:fc:7f: - 00:b0:96:d0:41:c8:d8:f0:1c:de:dc:c8:0b:09:57:85:f4:2b: - 8e:49:76:6b:32:ea:0d:87:79:15:63:80:ec:0a:f2:3e:7e:e1: - ec:71:ee:32:57:77:9b:85:a7:fb:3b:1c:b9:be:59:d4:14:f8: - 84:63:a8:f9:46:1a:18:4b:18:9c:08:90:4f:7d:ba:ec:4c:b5: - e8:a9:65:81:fa:ac:8c:2c:77:09:78:a7:44:7b:18:01:93:e6: - bb:f5:ed:40:90:04:b3:78:b7:dd:70:9b:c6:bd:a3:58:a9:a7: - 57:f9:e5:0d:1f:ad:87:04:ca:d5:45:62:5c:4f:fa:9e:d4:19: - 83:0a:73:5f:f6:c2:65:7d:6e:96:6e:f6:66:3b:8d:90:0a:28: - 0a:89:17:2f:12:ba:3a:da:6a:0d:21:f8:04:44:ae:bf:49:eb: - 98:00:c6:cb:c3:5a:01:2a:de:74:39:99:43:34:98:94:76:dc: - cb:e3:96:10:3b:08:15:0e:60:8d:0c:95:99:68:a4:38:cf:1f: - 5a:9f:7f:97 + 79:c2:90:26:d1:a8:0c:b0:e5:f8:5f:6b:29:06:17:bf:df:32: + 5e:08:c4:27:18:2d:83:14:30:63:3b:40:89:2a:68:d2:65:4d: + 68:a7:d6:a5:6c:c6:62:9d:14:ba:99:c5:a7:ea:28:34:dc:82: + f0:fd:f0:02:c9:be:f8:a6:75:87:bf:7e:bb:3b:5d:c4:c6:7e: + aa:af:97:a1:5e:ac:51:f8:5e:62:e5:57:a0:df:f2:8a:a8:e3: + db:2c:c0:ae:40:65:3a:19:6a:d5:65:30:3d:97:1f:10:ef:e7: + 7e:d1:81:e5:b0:76:25:70:52:22:51:f7:45:17:13:7f:e6:f1: + 76:4f:ef:a6:fd:d9:45:a1:e5:ab:1b:b8:73:bd:7d:51:e3:61: + 72:e5:c3:87:51:c1:b7:82:d0:08:63:21:f5:cd:c4:0a:bc:0d: + 9b:f0:d8:5a:63:00:f8:51:48:14:f8:5e:8c:e7:a5:f9:63:85: + ca:9d:09:62:7a:3d:1c:bb:90:72:6d:39:f3:b8:62:fa:2b:c4: + 31:fa:86:45:eb:2b:7d:5d:09:88:58:79:ba:ba:0f:64:2c:1c: + 21:12:52:51:0f:05:f0:b3:c2:53:df:66:3c:14:59:82:35:ee: + ef:65:15:61:8c:00:f8:3a:b3:a7:8a:d5:4d:6a:c9:4f:9f:1f: + f9:1e:5e:0d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAjMl+eagpToF/4ni8kWwzCGcB0Hb2UQSt -ojRNWU+rt+WAYAEeFiBgqe+lJwE2eiAddh/77/x/ALCW0EHI2PAc3tzICwlXhfQr -jkl2azLqDYd5FWOA7AryPn7h7HHuMld3m4Wn+zscub5Z1BT4hGOo+UYaGEsYnAiQ -T3267Ey16KllgfqsjCx3CXinRHsYAZPmu/XtQJAEs3i33XCbxr2jWKmnV/nlDR+t -hwTK1UViXE/6ntQZgwpzX/bCZX1ulm72ZjuNkAooCokXLxK6OtpqDSH4BESuv0nr -mADGy8NaASredDmZQzSYlHbcy+OWEDsIFQ5gjQyVmWikOM8fWp9/lw== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAecKQJtGoDLDl+F9rKQYXv98yXgjEJxgt +gxQwYztAiSpo0mVNaKfWpWzGYp0UupnFp+ooNNyC8P3wAsm++KZ1h79+uztdxMZ+ +qq+XoV6sUfheYuVXoN/yiqjj2yzArkBlOhlq1WUwPZcfEO/nftGB5bB2JXBSIlH3 +RRcTf+bxdk/vpv3ZRaHlqxu4c719UeNhcuXDh1HBt4LQCGMh9c3ECrwNm/DYWmMA ++FFIFPhejOel+WOFyp0JYno9HLuQcm0587hi+ivEMfqGResrfV0JiFh5uroPZCwc +IRJSUQ8F8LPCU99mPBRZgjXu72UVYYwA+Dqzp4rVTWrJT58f+R5eDQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/certs/test-pathlen/chainG-ICA2-pathlen1.pem index 77f262920..8292b7e26 100644 --- a/certs/test-pathlen/chainG-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainG-ICA2-pathlen1.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA3-pathlen99/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA2-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d7:3e:de:b9:f9:a9:d7:8e:7a:4b:f2:f1:8c:f9: 3b:1c:ce:59:31:4c:57:0c:2e:8a:0f:90:f0:dc:27: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - a1:c0:5b:84:8c:71:03:de:30:a6:b7:22:98:7d:83:a6:48:46: - 45:db:8a:e1:35:f9:41:28:9e:7c:0a:e0:20:f4:00:75:6a:91: - be:6b:57:96:60:15:46:71:ce:b4:b4:e0:a6:62:f1:a7:6a:3d: - 7c:a5:94:16:09:a4:89:3b:51:86:f7:87:eb:a6:fb:1d:e1:f6: - 50:8d:68:88:d7:1a:99:6d:3d:5d:ca:53:bc:28:c0:83:d2:f0: - 50:4f:33:63:a8:5b:e6:62:4e:e6:af:d5:b2:5d:45:5b:33:04: - 1f:ec:4c:a6:af:f7:be:dd:c9:2b:58:e0:09:a6:5c:4d:c1:a5: - ad:eb:fb:72:31:6c:3d:6f:65:de:02:db:39:ee:02:06:57:b1: - 28:05:2c:97:2f:04:9b:37:d4:b6:cd:95:27:f0:c9:be:56:9d: - 69:77:fe:45:7a:22:c2:29:29:5f:a6:be:7d:ab:3c:d5:dd:08: - b7:89:d9:0c:09:15:66:f7:a8:f6:77:57:94:5f:94:ab:4e:c7: - 54:b7:ee:8a:9b:d2:4b:9e:fa:33:2b:90:f6:05:dd:db:d0:f2: - de:45:b9:e5:ca:51:9d:73:03:d6:bb:c4:d3:9a:3d:15:4a:f7: - c1:58:3a:64:00:90:57:1e:1a:6b:40:50:3c:a3:b4:46:05:26: - 26:50:01:e1 + 61:25:84:4e:d6:3d:e5:bf:37:0f:b8:04:2b:62:fb:1d:83:fc: + 31:27:f9:1a:07:26:b7:72:12:09:ab:3c:d6:59:7c:31:66:67: + 6e:8e:c5:bd:60:9a:16:f4:08:58:77:c4:50:cf:75:67:65:88: + 42:d7:eb:f9:12:44:cc:5d:1a:89:c8:4d:54:87:63:0c:12:37: + 94:3f:71:b1:8d:69:58:03:20:10:b9:96:6f:c0:5e:59:02:e2: + f6:e7:b4:63:0d:e4:b9:7a:89:1f:e1:6e:53:4d:30:37:f0:cf: + e4:98:5f:6e:10:83:dc:43:bb:77:58:18:0e:a5:10:48:3c:cc: + a0:7f:59:bc:a4:ce:12:28:9e:52:02:5c:71:79:14:b9:96:5f: + d8:10:41:6f:91:49:b6:c2:91:d4:b0:b8:25:4c:ff:49:0f:9b: + 74:38:e0:a4:f8:52:5a:3b:a0:4d:c1:68:76:b1:2e:90:6a:94: + 0f:c0:00:4e:af:19:5d:a5:ed:32:29:49:56:0d:91:8b:3c:3d: + 72:6a:50:58:c7:e1:77:3f:3a:8b:c0:e2:d6:63:4a:fa:2a:28: + 7b:35:3a:18:98:12:b4:e5:a0:7c:23:c1:62:d9:64:e0:99:db: + 27:de:24:d2:92:78:9d:c1:6a:38:81:18:0a:4a:98:60:c4:75: + c0:4e:d1:7c -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0yMTAyMTAxOTQ5NTRaFw0yMzExMDcxOTQ5NTRaMIGhMQswCQYDVQQG +LmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAocBbhIxxA94wprcimH2DpkhGRduK4TX5 -QSiefArgIPQAdWqRvmtXlmAVRnHOtLTgpmLxp2o9fKWUFgmkiTtRhveH66b7HeH2 -UI1oiNcamW09XcpTvCjAg9LwUE8zY6hb5mJO5q/Vsl1FWzMEH+xMpq/3vt3JK1jg -CaZcTcGlrev7cjFsPW9l3gLbOe4CBlexKAUsly8EmzfUts2VJ/DJvladaXf+RXoi -wikpX6a+fas81d0It4nZDAkVZveo9ndXlF+Uq07HVLfuipvSS576MyuQ9gXd29Dy -3kW55cpRnXMD1rvE05o9FUr3wVg6ZACQVx4aa0BQPKO0RgUmJlAB4Q== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAYSWETtY95b83D7gEK2L7HYP8MSf5Ggcm +t3ISCas81ll8MWZnbo7FvWCaFvQIWHfEUM91Z2WIQtfr+RJEzF0aichNVIdjDBI3 +lD9xsY1pWAMgELmWb8BeWQLi9ue0Yw3kuXqJH+FuU00wN/DP5JhfbhCD3EO7d1gY +DqUQSDzMoH9ZvKTOEiieUgJccXkUuZZf2BBBb5FJtsKR1LC4JUz/SQ+bdDjgpPhS +WjugTcFodrEukGqUD8AATq8ZXaXtMilJVg2Rizw9cmpQWMfhdz86i8Di1mNK+ioo +ezU6GJgStOWgfCPBYtlk4JnbJ94k0pJ4ncFqOIEYCkqYYMR1wE7RfA== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/certs/test-pathlen/chainG-ICA3-pathlen99.pem index 4bf51f905..da5a61183 100644 --- a/certs/test-pathlen/chainG-ICA3-pathlen99.pem +++ b/certs/test-pathlen/chainG-ICA3-pathlen99.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA4-pathlen5/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA3-pathlen99/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ac:f1:39:65:f7:9c:9d:f6:f0:d2:b7:18:16:24: 81:32:b7:a5:29:d6:f7:4e:31:38:a7:54:d6:eb:07: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 69:05:fe:91:03:94:51:f1:c0:60:19:98:dc:ed:ad:20:22:35: - ff:49:1d:02:25:86:df:b2:3d:fa:da:97:af:04:95:c4:d8:4f: - f6:46:9d:48:e7:e5:f3:87:97:5b:33:6d:f5:22:d3:cf:04:fc: - e1:5f:66:00:89:90:1b:80:1e:5d:46:35:28:47:b1:b8:c5:68: - 91:bd:a1:fa:19:b2:f8:bc:d0:ce:48:65:76:7a:32:ff:6b:55: - 94:d5:a6:3f:34:ba:09:18:6c:93:e3:2d:fa:4c:f9:6d:ef:5b: - db:a2:cf:cb:86:62:86:cb:72:d6:3e:b0:2f:6a:85:ae:a3:5e: - 84:de:04:c0:ed:90:2f:51:20:e0:34:00:09:a8:b8:b0:24:47: - 23:5c:82:3c:dc:d4:1a:67:67:38:20:bc:c2:c9:f7:03:b0:f1: - f8:c6:b1:29:42:ae:34:fc:f0:79:81:8c:5b:e7:e2:2c:79:e9: - 6d:bc:89:81:64:ae:ec:e3:33:c0:7c:9a:f9:f4:3b:d6:a9:88: - 8b:cf:8c:c8:76:58:03:2b:2a:98:c2:b9:c0:8b:23:05:68:0d: - 1c:b3:d9:06:00:a7:d7:c5:5e:28:a6:46:3f:d6:64:0e:9b:a5: - 0e:5b:11:18:3a:0b:17:36:ba:e9:28:94:41:d9:d8:3b:b2:4f: - 32:8f:93:d9 + 28:1f:8c:fa:52:d4:c8:b6:02:c3:e2:b9:4f:36:16:50:e5:78: + 0a:82:87:d3:d1:d1:28:0d:e6:d3:73:4d:51:19:24:0e:84:a8: + f5:73:b9:ad:93:4f:89:6e:df:c6:4f:76:0e:80:d9:26:34:4c: + 63:6d:d7:ee:f9:27:e6:43:6a:2d:32:51:6e:f2:6f:8d:79:21: + 9e:f8:e9:be:9c:ff:56:88:58:5c:2a:cc:80:af:34:bf:52:86: + 0c:b5:61:83:72:c7:91:88:2c:07:66:9c:99:17:2e:d1:50:d5: + cf:9b:a9:68:5c:35:ea:c4:af:7f:02:ba:fb:9a:9b:34:9e:41: + ce:57:e3:00:b7:94:0c:ed:a5:73:7f:bf:df:4a:bc:a4:44:59: + db:8a:f4:a9:fc:9f:ee:2a:d7:4c:76:af:8a:4e:24:c6:00:75: + 6a:ee:5a:89:e3:71:5f:5f:71:7a:6b:80:ab:71:58:b1:2a:2a: + 87:1a:d5:ca:e2:03:77:23:52:f9:0f:ab:fb:fd:a5:3f:cd:86: + eb:76:65:8b:47:ba:4d:4d:cb:93:c4:ba:a3:e9:d2:7b:55:71: + 64:d5:06:c6:a7:31:1d:30:cf:a5:1b:27:02:59:15:b9:78:d9: + bd:89:ea:06:4f:2f:24:02:51:11:77:ba:8f:c3:b6:92:9d:2f: + 68:d4:3f:42 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaIxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAGkF/pEDlFHxwGAZmNztrSAiNf9JHQIl -ht+yPfral68ElcTYT/ZGnUjn5fOHl1szbfUi088E/OFfZgCJkBuAHl1GNShHsbjF -aJG9ofoZsvi80M5IZXZ6Mv9rVZTVpj80ugkYbJPjLfpM+W3vW9uiz8uGYobLctY+ -sC9qha6jXoTeBMDtkC9RIOA0AAmouLAkRyNcgjzc1BpnZzggvMLJ9wOw8fjGsSlC -rjT88HmBjFvn4ix56W28iYFkruzjM8B8mvn0O9apiIvPjMh2WAMrKpjCucCLIwVo -DRyz2QYAp9fFXiimRj/WZA6bpQ5bERg6Cxc2uukolEHZ2DuyTzKPk9k= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBACgfjPpS1Mi2AsPiuU82FlDleAqCh9PR +0SgN5tNzTVEZJA6EqPVzua2TT4lu38ZPdg6A2SY0TGNt1+75J+ZDai0yUW7yb415 +IZ746b6c/1aIWFwqzICvNL9Shgy1YYNyx5GILAdmnJkXLtFQ1c+bqWhcNerEr38C +uvuamzSeQc5X4wC3lAztpXN/v99KvKREWduK9Kn8n+4q10x2r4pOJMYAdWruWonj +cV9fcXprgKtxWLEqKoca1criA3cjUvkPq/v9pT/Nhut2ZYtHuk1Ny5PEuqPp0ntV +cWTVBsanMR0wz6UbJwJZFbl42b2J6gZPLyQCURF3uo/DtpKdL2jUP0I= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/certs/test-pathlen/chainG-ICA4-pathlen5.pem index fb4723c4f..abcfa3100 100644 --- a/certs/test-pathlen/chainG-ICA4-pathlen5.pem +++ b/certs/test-pathlen/chainG-ICA4-pathlen5.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA5-pathlen20/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA4-pathlen5/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c9:4b:a0:77:b8:42:43:96:e1:f4:8d:1d:a6:2c: d8:12:a2:40:49:11:eb:5f:fb:6c:1d:15:3e:af:dd: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b0:8e:1a:de:7d:55:b1:c3:4e:4e:df:a0:bb:0a:a7:41:78:11: - 47:17:0a:c1:85:2f:7a:0c:2a:f5:79:e5:b9:c7:a3:cf:a4:03: - 8a:ec:db:4b:ac:31:e0:b1:b2:d2:74:09:a6:70:90:30:01:68: - c7:07:a0:28:b0:0b:b7:0e:9c:d6:de:4c:f0:62:69:a4:82:f1: - 80:79:e6:65:15:09:88:26:ae:4d:7e:fd:7b:9f:7a:e8:3b:d6: - 11:fe:7c:9d:c4:de:90:14:1a:1a:29:7c:a4:80:e9:55:1d:17: - 18:d3:45:84:ec:5f:42:35:ea:09:b2:67:f0:5f:71:b9:12:d5: - 88:2a:20:e3:7f:e5:c3:ac:d7:6e:4c:97:3c:aa:ca:f2:ba:d7: - 37:6b:ba:b8:e7:1a:f5:60:2b:41:7a:f4:68:50:91:ff:00:ab: - 73:05:ad:0f:b3:48:c5:73:dd:44:3f:16:1f:11:3b:ab:78:8c: - e3:20:2a:24:31:ad:8d:3f:74:2b:2c:c1:08:75:9a:c8:6c:6b: - 43:62:cb:e1:6d:70:ce:f5:64:7c:31:60:c1:6c:fc:37:2f:1b: - 59:bc:28:97:11:de:df:50:5b:38:5d:a6:dd:b6:1c:f0:f3:dd: - 07:c4:4b:fa:f9:3a:fd:06:b1:64:64:fa:46:2f:93:52:3f:19: - eb:e0:2b:7a + 2f:a8:0b:e3:eb:e0:fe:e8:82:f8:b7:2d:c2:14:e6:e8:59:8d: + e1:6d:50:f7:45:65:d5:4f:7b:6d:1e:d9:44:86:25:a7:56:55: + 07:46:e0:3f:d9:00:24:f2:61:e2:6a:4f:a8:df:7e:29:41:d0: + 31:3e:2d:b6:31:09:4e:f5:59:c7:0f:8c:c1:ba:b4:c0:39:2f: + ec:d6:a4:4a:0b:6f:bd:87:45:6d:33:2c:b1:14:2c:bc:9e:30: + ca:57:57:bc:b8:ec:fd:76:fd:ab:f5:63:3d:ef:16:cf:e8:cb: + 59:d5:28:0e:8c:36:a8:8d:d7:b8:0f:2a:33:5e:d3:53:19:86: + 12:64:b3:dc:b6:b8:c9:e3:54:73:7f:0a:ea:c3:ce:95:c4:c1: + 72:0c:58:ff:4f:2e:ae:f5:27:60:0b:c3:c9:19:3e:94:65:64: + 2a:1a:bc:03:a4:86:1a:c4:a2:98:c4:9e:63:42:f7:cd:eb:d0: + 04:f3:33:96:8a:a3:df:36:4c:ff:37:c3:4e:58:61:3a:c4:79: + cd:5f:0a:09:d0:15:69:22:2d:8b:c7:27:3e:ab:5c:15:83:96: + 25:bf:7b:00:7e:34:fa:9e:1a:65:13:eb:cd:4e:22:5e:15:8d: + 6f:74:c9:31:f9:0e:b0:55:54:72:02:38:3f:92:43:01:d9:57: + 51:50:03:d9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0yMTAyMTAxOTQ5NTRaFw0yMzExMDcxOTQ5NTRaMIGhMQswCQYDVQQG +LmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQELBQADggEBALCOGt59VbHDTk7foLsKp0F4EUcXCsGF -L3oMKvV55bnHo8+kA4rs20usMeCxstJ0CaZwkDABaMcHoCiwC7cOnNbeTPBiaaSC -8YB55mUVCYgmrk1+/Xufeug71hH+fJ3E3pAUGhopfKSA6VUdFxjTRYTsX0I16gmy -Z/BfcbkS1YgqION/5cOs125MlzyqyvK61zdrurjnGvVgK0F69GhQkf8Aq3MFrQ+z -SMVz3UQ/Fh8RO6t4jOMgKiQxrY0/dCsswQh1mshsa0Niy+FtcM71ZHwxYMFs/Dcv -G1m8KJcR3t9QWzhdpt22HPDz3QfES/r5Ov0GsWRk+kYvk1I/GevgK3o= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAC+oC+Pr4P7ogvi3LcIU5uhZjeFtUPdF +ZdVPe20e2USGJadWVQdG4D/ZACTyYeJqT6jffilB0DE+LbYxCU71WccPjMG6tMA5 +L+zWpEoLb72HRW0zLLEULLyeMMpXV7y47P12/av1Yz3vFs/oy1nVKA6MNqiN17gP +KjNe01MZhhJks9y2uMnjVHN/CurDzpXEwXIMWP9PLq71J2ALw8kZPpRlZCoavAOk +hhrEopjEnmNC983r0ATzM5aKo982TP83w05YYTrEec1fCgnQFWkiLYvHJz6rXBWD +liW/ewB+NPqeGmUT681OIl4VjW90yTH5DrBVVHICOD+SQwHZV1FQA9k= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/certs/test-pathlen/chainG-ICA5-pathlen20.pem index d8224fcc6..247061724 100644 --- a/certs/test-pathlen/chainG-ICA5-pathlen20.pem +++ b/certs/test-pathlen/chainG-ICA5-pathlen20.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA6-pathlen10/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA5-pathlen20/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:be:9d:98:a2:41:ca:64:1f:a2:34:dc:51:7d:49: 2b:f7:f8:7a:fc:1a:22:8d:3a:17:8e:00:9c:74:06: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - c5:55:81:ae:d8:a9:00:b6:65:0b:41:2a:7c:7b:de:6a:24:15: - 36:b8:8f:dd:c6:70:0d:ee:fd:a7:f1:55:c1:c2:77:1c:e7:2f: - cc:e0:78:81:57:2f:8f:c6:a6:c0:70:5d:aa:b1:2b:4d:30:2f: - f0:42:4e:be:06:7c:53:2d:65:c7:58:ae:02:d8:87:80:a0:48: - e5:4d:df:e6:de:c7:51:14:26:58:0d:9a:f7:f4:c4:32:95:98: - b7:9c:a0:92:a4:a6:c7:28:04:c0:1c:52:d3:ff:bb:f2:4f:08: - 64:98:04:34:f1:ac:9f:ca:b2:a7:99:45:eb:a3:c9:b5:74:54: - c3:0e:fa:ba:fd:d2:a4:70:c4:ff:f2:f9:93:3a:1f:c8:95:ac: - 42:de:45:e0:08:a9:5a:a8:3d:99:50:c3:f0:bb:c6:14:b6:68: - 62:dd:f4:df:36:74:10:39:6f:18:de:4b:a7:64:fa:62:17:2f: - ba:e8:58:b8:7c:9d:2f:5d:43:c4:02:a9:03:69:8c:1a:ce:a8: - 98:7b:53:72:a6:de:de:76:aa:4b:0b:4d:fd:7b:79:74:da:73: - a9:4f:79:1c:c5:8a:39:ee:90:c1:25:00:29:fa:d3:b1:13:4b: - 3a:51:4e:8e:63:ee:4b:57:af:2f:29:91:98:c1:27:88:e0:69: - fc:3d:8b:91 + 29:ff:da:ab:a9:62:4b:ef:6b:0b:d4:a9:a1:96:83:21:2d:df: + 20:7b:76:4d:be:4a:63:12:a7:54:af:c1:e4:38:75:6b:7a:47: + de:85:a0:c3:c4:a1:17:78:de:cc:15:d2:78:81:f4:ed:b7:f1: + 42:88:be:b6:95:f6:7f:1d:dc:93:74:9a:8c:9b:0d:77:b4:3b: + 86:f8:ef:ed:27:8a:d0:db:f0:08:b9:29:23:2c:25:27:80:81: + 14:c3:7a:50:d6:88:77:64:a7:25:55:85:16:10:9f:3d:fb:83: + 0f:75:8a:1d:6e:c6:23:6e:41:87:1e:98:f0:a9:1c:b7:6d:ab: + 79:08:8d:42:63:3a:42:1f:a3:9e:97:93:04:2b:de:c6:fb:bc: + cb:03:af:77:17:61:a0:03:96:d0:1b:38:37:c3:d3:ba:90:7d: + 2d:05:24:a0:af:62:8c:a9:7e:c2:88:59:ce:e6:c0:2f:1c:33: + 92:cd:e9:ce:41:7a:a6:9d:e4:ba:bc:07:1f:9d:84:79:ca:e0: + 63:cb:ed:34:c7:3c:a8:13:df:57:ce:8e:9a:13:5f:2d:31:72: + 6e:81:65:53:62:a9:39:11:94:de:2c:c8:c5:94:66:d1:0e:4b: + 84:ca:32:46:82:f8:c0:98:94:3b:bd:d4:be:f8:c2:f7:af:13: + e4:db:57:fa -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0yMTAyMTAxOTQ5NTRaFw0yMzExMDcxOTQ5NTRaMIGiMQswCQYDVQQG +LmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -80,10 +80,10 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAxVWBrtipALZlC0EqfHveaiQVNriP -3cZwDe79p/FVwcJ3HOcvzOB4gVcvj8amwHBdqrErTTAv8EJOvgZ8Uy1lx1iuAtiH -gKBI5U3f5t7HURQmWA2a9/TEMpWYt5ygkqSmxygEwBxS0/+78k8IZJgENPGsn8qy -p5lF66PJtXRUww76uv3SpHDE//L5kzofyJWsQt5F4AipWqg9mVDD8LvGFLZoYt30 -3zZ0EDlvGN5Lp2T6YhcvuuhYuHydL11DxAKpA2mMGs6omHtTcqbe3naqSwtN/Xt5 -dNpzqU95HMWKOe6QwSUAKfrTsRNLOlFOjmPuS1evLymRmMEniOBp/D2LkQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAKf/aq6liS+9rC9SpoZaDIS3fIHt2 +Tb5KYxKnVK/B5Dh1a3pH3oWgw8ShF3jezBXSeIH07bfxQoi+tpX2fx3ck3SajJsN +d7Q7hvjv7SeK0NvwCLkpIywlJ4CBFMN6UNaId2SnJVWFFhCfPfuDD3WKHW7GI25B +hx6Y8Kkct22reQiNQmM6Qh+jnpeTBCvexvu8ywOvdxdhoAOW0Bs4N8PTupB9LQUk +oK9ijKl+wohZzubALxwzks3pzkF6pp3kurwHH52EecrgY8vtNMc8qBPfV86OmhNf +LTFyboFlU2KpORGU3izIxZRm0Q5LhMoyRoL4wJiUO73UvvjC968T5NtX+g== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/certs/test-pathlen/chainG-ICA6-pathlen10.pem index 43dc4ff78..a50908d0a 100644 --- a/certs/test-pathlen/chainG-ICA6-pathlen10.pem +++ b/certs/test-pathlen/chainG-ICA6-pathlen10.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA7-pathlen100/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA6-pathlen10/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e1:4f:c9:e7:30:ea:06:ff:65:cb:2b:6c:f1:a8: ac:f6:cf:10:6b:80:7a:af:5e:42:0a:0d:61:be:6f: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 73:70:e1:67:aa:a1:e6:31:8c:6b:c3:bd:0e:99:9f:f8:8c:18: - b4:40:c7:0c:2d:0f:03:66:92:0e:5e:91:1e:37:f3:4f:68:66: - 3e:d4:4a:30:19:fe:44:fe:bb:11:22:23:10:db:8d:91:8a:45: - f8:71:48:b7:97:3d:9e:3d:c4:7c:3b:da:51:23:6e:76:3f:b5: - 1c:a8:db:80:2f:fa:15:16:ea:f8:9b:1d:86:1d:02:94:cd:4a: - f2:7d:6d:c1:40:0d:2f:d0:f9:65:dc:39:41:93:e1:e2:ab:7b: - 1f:c4:37:5f:3f:6e:af:4b:cb:d8:b2:21:e6:b4:73:13:8f:b6: - d6:e3:81:b5:e4:85:e3:3c:1a:ae:4b:79:86:29:a5:1b:ba:7d: - 4a:4e:a3:22:94:33:49:64:46:ff:44:99:02:f7:f6:82:d6:76: - f0:a6:ff:5d:b3:58:df:a8:c4:00:00:33:8c:1e:17:72:8c:84: - d7:bd:17:7f:ff:2a:7a:7b:71:63:34:21:ad:3a:88:3c:2c:cf: - 9b:77:c0:0c:ce:7d:d6:2d:56:0f:6f:6b:98:54:5e:0c:92:40: - eb:43:2e:4c:08:14:48:af:c9:80:34:59:ee:f8:e3:5f:3e:68: - aa:52:65:91:6f:ed:56:21:ff:1b:dc:d0:33:39:c4:e0:39:c7: - 97:70:0e:8f + 33:53:88:2d:1e:0e:04:6c:69:d4:b6:08:23:73:d1:31:02:7b: + a2:ed:ce:c6:58:8e:6a:fd:0e:1e:c7:73:8e:0e:b5:46:02:15: + c3:55:bf:96:8d:a7:cf:f3:3b:80:d9:8c:5d:a8:df:4e:f2:63: + e0:9b:04:8c:76:f5:fc:a7:7e:43:e9:da:a5:9a:31:3e:ae:a3: + f7:ae:20:14:e2:f8:a0:a0:18:74:2e:95:f7:30:24:b3:28:10: + 7f:85:23:e7:6c:5d:9d:e5:a3:f0:75:63:a6:ae:62:aa:7b:3d: + e3:c9:27:4a:35:29:85:83:9a:ac:c0:f8:21:1e:8b:c4:b9:90: + 2e:83:6a:07:de:4c:3a:24:2a:2b:32:33:8d:85:d9:e1:97:a0: + ae:8c:ae:10:f2:77:87:f6:73:7a:21:0f:4a:6b:7a:8e:82:bc: + 85:10:78:12:37:7c:ab:46:3c:78:32:bf:7a:1c:85:7c:b9:81: + e0:b8:32:41:c9:af:db:f6:3c:8c:5d:01:f2:8a:d2:0c:42:1c: + d2:05:ee:f1:a5:1a:42:d6:c5:d9:93:38:e0:f6:d3:25:55:6b: + 81:4a:1e:10:68:6a:29:d9:59:49:14:b9:84:46:99:c5:d6:fc: + c7:ec:75:38:30:08:5a:58:96:cf:3c:43:6b:73:21:1d:f6:d8: + 01:2d:28:5a -----BEGIN CERTIFICATE----- MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBojELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -80,10 +80,10 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQELBQADggEBAHNw4WeqoeYxjGvDvQ6Zn/iMGLRAxwwtDwNmkg5ekR43809o -Zj7USjAZ/kT+uxEiIxDbjZGKRfhxSLeXPZ49xHw72lEjbnY/tRyo24Av+hUW6vib -HYYdApTNSvJ9bcFADS/Q+WXcOUGT4eKrex/EN18/bq9Ly9iyIea0cxOPttbjgbXk -heM8Gq5LeYYppRu6fUpOoyKUM0lkRv9EmQL39oLWdvCm/12zWN+oxAAAM4weF3KM -hNe9F3//Knp7cWM0Ia06iDwsz5t3wAzOfdYtVg9va5hUXgySQOtDLkwIFEivyYA0 -We74418+aKpSZZFv7VYh/xvc0DM5xOA5x5dwDo8= +hvcNAQELBQADggEBADNTiC0eDgRsadS2CCNz0TECe6LtzsZYjmr9Dh7Hc44OtUYC +FcNVv5aNp8/zO4DZjF2o307yY+CbBIx29fynfkPp2qWaMT6uo/euIBTi+KCgGHQu +lfcwJLMoEH+FI+dsXZ3lo/B1Y6auYqp7PePJJ0o1KYWDmqzA+CEei8S5kC6Dagfe +TDokKisyM42F2eGXoK6MrhDyd4f2c3ohD0preo6CvIUQeBI3fKtGPHgyv3ochXy5 +geC4MkHJr9v2PIxdAfKK0gxCHNIF7vGlGkLWxdmTOOD20yVVa4FKHhBoainZWUkU +uYRGmcXW/MfsdTgwCFpYls88Q2tzIR322AEtKFo= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/certs/test-pathlen/chainG-ICA7-pathlen100.pem index e072feaa6..edac83949 100644 --- a/certs/test-pathlen/chainG-ICA7-pathlen100.pem +++ b/certs/test-pathlen/chainG-ICA7-pathlen100.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA7-pathlen100/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d6:8c:d6:c4:29:20:60:9d:15:3d:0c:2a:fb:24: 2f:38:89:ed:37:c4:fc:57:67:2a:50:d8:eb:e2:6a: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 26:72:76:89:e5:6a:e9:31:30:3d:c1:cf:15:f4:3f:dd:43:f0: - 6d:53:94:8b:90:fe:ea:94:93:bf:57:60:84:b5:a9:39:8b:a6: - 89:65:82:ce:f7:77:1e:ee:7a:65:a8:5d:dc:6f:13:5d:55:94: - b5:ac:d2:24:ff:f1:f7:8e:49:91:da:86:b9:b6:c7:03:39:e9: - a1:9b:78:f8:86:85:ab:a6:77:23:e5:02:33:83:e4:a1:c2:e7: - ae:36:22:4c:2e:a3:81:44:2a:bf:ad:a5:a3:05:c0:7a:3f:c8: - bc:e9:72:4b:04:1a:82:72:18:6a:8b:4d:2b:c2:53:dd:28:a5: - d5:5d:b1:87:8a:a2:a7:3a:31:43:c2:79:45:27:61:a7:c1:9d: - ae:8c:b7:cb:05:6f:04:2a:d7:1f:64:52:dd:ad:9a:b7:69:12: - 2e:82:d2:93:32:f2:03:df:3d:6c:07:6f:13:1d:28:af:ef:86: - 04:de:d6:15:3f:31:37:ff:42:32:8f:9c:64:d5:4f:55:81:3e: - c8:01:95:51:cd:18:2d:57:9f:30:5c:b5:a8:bc:2e:3e:63:57: - 07:48:ea:ad:23:9f:25:8d:8b:3e:de:8c:6f:a1:52:79:37:a1: - 99:6f:df:0d:84:d9:8d:d8:db:d1:34:60:9e:3b:36:12:df:7b: - f5:fb:59:1a + 4f:97:12:76:60:f0:fd:24:ca:f2:c4:89:6a:90:28:86:fe:1b: + 19:f8:fc:f8:b9:89:8e:8c:06:56:d5:89:a8:73:6a:11:b2:6f: + ce:f1:35:e4:3e:3c:8f:d5:a4:95:b9:24:16:41:2b:0b:04:29: + df:03:52:3f:82:2b:be:fb:74:29:b6:36:6e:dd:28:56:e8:e3: + 85:c4:94:5b:9c:4e:09:0f:c0:bd:79:2a:08:a6:b6:54:0c:24: + d6:00:d8:29:d8:ff:d8:44:57:30:25:b3:28:24:f8:25:36:b6: + e6:44:6c:72:0a:7a:fc:0d:b4:9e:77:b8:80:36:49:e6:47:7a: + dd:c9:e5:27:57:11:52:f1:44:96:a0:9c:6f:f4:3f:35:bd:81: + 4d:a6:61:ed:ef:43:95:13:a3:57:19:1a:70:34:5e:7c:a9:b9: + c6:c6:a0:7c:35:d5:5f:98:9f:9b:33:f3:d2:fd:57:08:db:80: + bd:fa:2a:0b:44:f8:3b:97:75:9f:e6:83:50:92:6c:82:02:7f: + 32:ed:7b:52:4d:2d:c1:cf:0c:c1:09:6f:3f:63:49:9b:e1:25: + 7c:c5:33:49:f6:68:e4:7e:67:33:67:54:1c:49:99:8c:bf:3a: + aa:1c:ee:0d:d1:7b:29:6a:70:b4:47:cb:b4:d9:95:57:cf:59: + 44:85:19:54 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -74,16 +74,16 @@ xPxXZypQ2OviahxZBvJtPrlP/knFIcAW+ClvUQzqeNcOFUHaWssL4FTWg/0P6E4w /RYKOrjHI0uv4M0SXp9PYhPwyOTiqAHTN7AIIdMPbOTYwQRR6UzFsW3MYyOXMO7w Hqtt6pPKrVZvHu0arowbkQTqq50bO1anwcwvOS+zuowW/V4QEJ4k6kCXdLa05RzA 0195LARDOo70sVa9xyVjXDRQTb0t8Qi9jD7Sb/rkBKFR69DQkJGXe0bGEJKvAgMB -AAGjggENMIIBCTAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgckGA1Ud -IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AAGjggEYMIIBFDAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgdQGA1Ud +IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/ -rBgKN00wDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL -BQADggEBACZydonlaukxMD3BzxX0P91D8G1TlIuQ/uqUk79XYIS1qTmLpollgs73 -dx7uemWoXdxvE11VlLWs0iT/8feOSZHahrm2xwM56aGbePiGhaumdyPlAjOD5KHC -5642Ikwuo4FEKr+tpaMFwHo/yLzpcksEGoJyGGqLTSvCU90opdVdsYeKoqc6MUPC -eUUnYafBna6Mt8sFbwQq1x9kUt2tmrdpEi6C0pMy8gPfPWwHbxMdKK/vhgTe1hU/ -MTf/QjKPnGTVT1WBPsgBlVHNGC1XnzBctai8Lj5jVwdI6q0jnyWNiz7ejG+hUnk3 -oZlv3w2E2Y3Y29E0YJ47NhLfe/X7WRo= +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCI +ugdCjaqvT77CGkjw0UDmQjAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN +BgkqhkiG9w0BAQsFAAOCAQEAT5cSdmDw/STK8sSJapAohv4bGfj8+LmJjowGVtWJ +qHNqEbJvzvE15D48j9WklbkkFkErCwQp3wNSP4Irvvt0KbY2bt0oVujjhcSUW5xO +CQ/AvXkqCKa2VAwk1gDYKdj/2ERXMCWzKCT4JTa25kRscgp6/A20nne4gDZJ5kd6 +3cnlJ1cRUvFElqCcb/Q/Nb2BTaZh7e9DlROjVxkacDRefKm5xsagfDXVX5ifmzPz +0v1XCNuAvfoqC0T4O5d1n+aDUJJsggJ/Mu17Uk0twc8MwQlvP2NJm+ElfMUzSfZo +5H5nM2dUHEmZjL86qhzuDdF7KWpwtEfLtNmVV89ZRIUZVA== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-assembled.pem b/certs/test-pathlen/chainG-assembled.pem index 0ab84a773..a3a1e521a 100644 --- a/certs/test-pathlen/chainG-assembled.pem +++ b/certs/test-pathlen/chainG-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:7b:82:23:a2:34:e7:cb:89:4e:64:cc:f2:98: c8:65:8f:e2:69:55:54:4b:3c:8b:c0:1f:67:37:7f: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 43:1d:31:61:87:f5:7b:0d:77:84:eb:8b:be:45:c6:9f:a9:f8: - a0:af:a8:46:16:88:d7:08:0f:96:54:39:f7:ee:f5:6a:f4:11: - f7:49:a5:f4:36:36:8c:4d:95:07:87:35:d7:c9:07:3e:95:4f: - 4e:aa:2f:f4:2f:2c:ea:4a:e7:5b:d9:54:19:a0:d5:da:16:e8: - ed:e4:0b:30:4a:1a:1d:12:c2:0f:12:ed:cb:53:ac:37:96:00: - c2:16:3b:9e:2e:96:2b:a0:fb:72:13:9c:5b:d8:34:ff:0f:d9: - ed:1f:1c:db:26:66:84:86:f4:23:9c:ea:76:39:4f:a7:0f:65: - af:f5:9e:2f:c8:7c:b6:57:71:14:e8:8a:61:73:f0:01:8a:e0: - 96:f4:5b:cb:cb:e2:ed:d1:9c:42:f1:3d:b5:01:4f:bb:bc:46: - d8:af:ef:55:17:de:4b:2a:17:2b:e1:fd:86:b6:aa:65:0c:88: - 7b:b9:6f:1f:9b:0d:15:28:a7:b3:7f:20:4c:c4:59:80:eb:ee: - 72:fb:09:ad:cd:3e:40:d0:dc:69:7c:3f:09:77:f8:3f:65:28: - 21:3d:12:c0:56:c9:50:a0:3c:29:9f:45:5b:7b:c1:24:a3:3c: - 88:32:24:85:28:bd:b1:f1:ff:0e:33:75:b0:74:cf:d5:46:37: - d5:c8:aa:13 + ca:65:da:90:a0:ff:8b:98:db:33:6e:3c:4d:f1:43:81:53:a7: + 99:fb:d5:84:2c:30:9d:88:e6:2e:cb:1d:d7:69:a5:8b:c3:c7: + 25:52:4d:60:d2:48:d8:fa:82:ef:a2:d4:77:ff:e2:67:28:fa: + 4e:e8:ec:39:39:61:c4:93:d7:5e:7e:75:5c:68:00:15:c0:0e: + 08:60:18:03:d8:ff:a7:a5:dc:39:03:61:44:3a:04:04:57:40: + b7:a5:0e:50:02:1d:98:1a:77:99:a9:0d:9c:0e:e5:96:ad:07: + 24:0c:b9:29:cc:ad:7e:41:a7:54:a8:ab:6c:6a:47:2f:90:b4: + 46:7f:9e:21:64:76:b5:27:f6:11:7f:5b:75:75:d9:e0:d8:5f: + f2:fa:0a:03:91:eb:58:a2:20:35:d4:e9:91:0e:2e:c2:94:b0: + 06:d5:1e:a0:35:b9:35:2b:e3:c6:2b:72:6c:cc:bd:dc:5b:3f: + 0b:55:b6:9b:57:49:7c:29:7e:a5:40:4a:58:ce:87:2f:db:aa: + 1e:c0:34:fe:fc:cc:85:c6:e2:25:43:5e:2b:df:4a:ca:eb:74: + 4f:59:93:df:ff:8e:93:32:45:19:27:58:6b:9d:d9:9b:bf:0b: + 31:14:5d:c7:8b:05:a4:05:85:c8:f4:1c:24:df:8e:5f:cb:09: + ca:af:68:82 -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,27 +77,27 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAEMdMWGH -9XsNd4Tri75Fxp+p+KCvqEYWiNcID5ZUOffu9Wr0EfdJpfQ2NoxNlQeHNdfJBz6V -T06qL/QvLOpK51vZVBmg1doW6O3kCzBKGh0Swg8S7ctTrDeWAMIWO54uliug+3IT -nFvYNP8P2e0fHNsmZoSG9COc6nY5T6cPZa/1ni/IfLZXcRToimFz8AGK4Jb0W8vL -4u3RnELxPbUBT7u8Rtiv71UX3ksqFyvh/Ya2qmUMiHu5bx+bDRUop7N/IEzEWYDr -7nL7Ca3NPkDQ3Gl8Pwl3+D9lKCE9EsBWyVCgPCmfRVt7wSSjPIgyJIUovbHx/w4z -dbB0z9VGN9XIqhM= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAMpl2pCg +/4uY2zNuPE3xQ4FTp5n71YQsMJ2I5i7LHddppYvDxyVSTWDSSNj6gu+i1Hf/4mco ++k7o7Dk5YcST115+dVxoABXADghgGAPY/6el3DkDYUQ6BARXQLelDlACHZgad5mp +DZwO5ZatByQMuSnMrX5Bp1Soq2xqRy+QtEZ/niFkdrUn9hF/W3V12eDYX/L6CgOR +61iiIDXU6ZEOLsKUsAbVHqA1uTUr48YrcmzMvdxbPwtVtptXSXwpfqVASljOhy/b +qh7ANP78zIXG4iVDXivfSsrrdE9Zk9//jpMyRRknWGud2Zu/CzEUXceLBaQFhcj0 +HCTfjl/LCcqvaII= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA2-pathlen1/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d2:26:be:51:98:42:e0:1f:ae:fc:c2:cb:ba:d5: 0f:44:3b:0b:60:d8:49:ec:03:43:6b:06:ce:f2:28: @@ -131,27 +131,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 8c:c9:7e:79:a8:29:4e:81:7f:e2:78:bc:91:6c:33:08:67:01: - d0:76:f6:51:04:ad:a2:34:4d:59:4f:ab:b7:e5:80:60:01:1e: - 16:20:60:a9:ef:a5:27:01:36:7a:20:1d:76:1f:fb:ef:fc:7f: - 00:b0:96:d0:41:c8:d8:f0:1c:de:dc:c8:0b:09:57:85:f4:2b: - 8e:49:76:6b:32:ea:0d:87:79:15:63:80:ec:0a:f2:3e:7e:e1: - ec:71:ee:32:57:77:9b:85:a7:fb:3b:1c:b9:be:59:d4:14:f8: - 84:63:a8:f9:46:1a:18:4b:18:9c:08:90:4f:7d:ba:ec:4c:b5: - e8:a9:65:81:fa:ac:8c:2c:77:09:78:a7:44:7b:18:01:93:e6: - bb:f5:ed:40:90:04:b3:78:b7:dd:70:9b:c6:bd:a3:58:a9:a7: - 57:f9:e5:0d:1f:ad:87:04:ca:d5:45:62:5c:4f:fa:9e:d4:19: - 83:0a:73:5f:f6:c2:65:7d:6e:96:6e:f6:66:3b:8d:90:0a:28: - 0a:89:17:2f:12:ba:3a:da:6a:0d:21:f8:04:44:ae:bf:49:eb: - 98:00:c6:cb:c3:5a:01:2a:de:74:39:99:43:34:98:94:76:dc: - cb:e3:96:10:3b:08:15:0e:60:8d:0c:95:99:68:a4:38:cf:1f: - 5a:9f:7f:97 + 79:c2:90:26:d1:a8:0c:b0:e5:f8:5f:6b:29:06:17:bf:df:32: + 5e:08:c4:27:18:2d:83:14:30:63:3b:40:89:2a:68:d2:65:4d: + 68:a7:d6:a5:6c:c6:62:9d:14:ba:99:c5:a7:ea:28:34:dc:82: + f0:fd:f0:02:c9:be:f8:a6:75:87:bf:7e:bb:3b:5d:c4:c6:7e: + aa:af:97:a1:5e:ac:51:f8:5e:62:e5:57:a0:df:f2:8a:a8:e3: + db:2c:c0:ae:40:65:3a:19:6a:d5:65:30:3d:97:1f:10:ef:e7: + 7e:d1:81:e5:b0:76:25:70:52:22:51:f7:45:17:13:7f:e6:f1: + 76:4f:ef:a6:fd:d9:45:a1:e5:ab:1b:b8:73:bd:7d:51:e3:61: + 72:e5:c3:87:51:c1:b7:82:d0:08:63:21:f5:cd:c4:0a:bc:0d: + 9b:f0:d8:5a:63:00:f8:51:48:14:f8:5e:8c:e7:a5:f9:63:85: + ca:9d:09:62:7a:3d:1c:bb:90:72:6d:39:f3:b8:62:fa:2b:c4: + 31:fa:86:45:eb:2b:7d:5d:09:88:58:79:ba:ba:0f:64:2c:1c: + 21:12:52:51:0f:05:f0:b3:c2:53:df:66:3c:14:59:82:35:ee: + ef:65:15:61:8c:00:f8:3a:b3:a7:8a:d5:4d:6a:c9:4f:9f:1f: + f9:1e:5e:0d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,26 +167,26 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAjMl+eagpToF/4ni8kWwzCGcB0Hb2UQSt -ojRNWU+rt+WAYAEeFiBgqe+lJwE2eiAddh/77/x/ALCW0EHI2PAc3tzICwlXhfQr -jkl2azLqDYd5FWOA7AryPn7h7HHuMld3m4Wn+zscub5Z1BT4hGOo+UYaGEsYnAiQ -T3267Ey16KllgfqsjCx3CXinRHsYAZPmu/XtQJAEs3i33XCbxr2jWKmnV/nlDR+t -hwTK1UViXE/6ntQZgwpzX/bCZX1ulm72ZjuNkAooCokXLxK6OtpqDSH4BESuv0nr -mADGy8NaASredDmZQzSYlHbcy+OWEDsIFQ5gjQyVmWikOM8fWp9/lw== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAecKQJtGoDLDl+F9rKQYXv98yXgjEJxgt +gxQwYztAiSpo0mVNaKfWpWzGYp0UupnFp+ooNNyC8P3wAsm++KZ1h79+uztdxMZ+ +qq+XoV6sUfheYuVXoN/yiqjj2yzArkBlOhlq1WUwPZcfEO/nftGB5bB2JXBSIlH3 +RRcTf+bxdk/vpv3ZRaHlqxu4c719UeNhcuXDh1HBt4LQCGMh9c3ECrwNm/DYWmMA ++FFIFPhejOel+WOFyp0JYno9HLuQcm0587hi+ivEMfqGResrfV0JiFh5uroPZCwc +IRJSUQ8F8LPCU99mPBRZgjXu72UVYYwA+Dqzp4rVTWrJT58f+R5eDQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA3-pathlen99/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA2-pathlen1/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d7:3e:de:b9:f9:a9:d7:8e:7a:4b:f2:f1:8c:f9: 3b:1c:ce:59:31:4c:57:0c:2e:8a:0f:90:f0:dc:27: @@ -220,27 +220,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - a1:c0:5b:84:8c:71:03:de:30:a6:b7:22:98:7d:83:a6:48:46: - 45:db:8a:e1:35:f9:41:28:9e:7c:0a:e0:20:f4:00:75:6a:91: - be:6b:57:96:60:15:46:71:ce:b4:b4:e0:a6:62:f1:a7:6a:3d: - 7c:a5:94:16:09:a4:89:3b:51:86:f7:87:eb:a6:fb:1d:e1:f6: - 50:8d:68:88:d7:1a:99:6d:3d:5d:ca:53:bc:28:c0:83:d2:f0: - 50:4f:33:63:a8:5b:e6:62:4e:e6:af:d5:b2:5d:45:5b:33:04: - 1f:ec:4c:a6:af:f7:be:dd:c9:2b:58:e0:09:a6:5c:4d:c1:a5: - ad:eb:fb:72:31:6c:3d:6f:65:de:02:db:39:ee:02:06:57:b1: - 28:05:2c:97:2f:04:9b:37:d4:b6:cd:95:27:f0:c9:be:56:9d: - 69:77:fe:45:7a:22:c2:29:29:5f:a6:be:7d:ab:3c:d5:dd:08: - b7:89:d9:0c:09:15:66:f7:a8:f6:77:57:94:5f:94:ab:4e:c7: - 54:b7:ee:8a:9b:d2:4b:9e:fa:33:2b:90:f6:05:dd:db:d0:f2: - de:45:b9:e5:ca:51:9d:73:03:d6:bb:c4:d3:9a:3d:15:4a:f7: - c1:58:3a:64:00:90:57:1e:1a:6b:40:50:3c:a3:b4:46:05:26: - 26:50:01:e1 + 61:25:84:4e:d6:3d:e5:bf:37:0f:b8:04:2b:62:fb:1d:83:fc: + 31:27:f9:1a:07:26:b7:72:12:09:ab:3c:d6:59:7c:31:66:67: + 6e:8e:c5:bd:60:9a:16:f4:08:58:77:c4:50:cf:75:67:65:88: + 42:d7:eb:f9:12:44:cc:5d:1a:89:c8:4d:54:87:63:0c:12:37: + 94:3f:71:b1:8d:69:58:03:20:10:b9:96:6f:c0:5e:59:02:e2: + f6:e7:b4:63:0d:e4:b9:7a:89:1f:e1:6e:53:4d:30:37:f0:cf: + e4:98:5f:6e:10:83:dc:43:bb:77:58:18:0e:a5:10:48:3c:cc: + a0:7f:59:bc:a4:ce:12:28:9e:52:02:5c:71:79:14:b9:96:5f: + d8:10:41:6f:91:49:b6:c2:91:d4:b0:b8:25:4c:ff:49:0f:9b: + 74:38:e0:a4:f8:52:5a:3b:a0:4d:c1:68:76:b1:2e:90:6a:94: + 0f:c0:00:4e:af:19:5d:a5:ed:32:29:49:56:0d:91:8b:3c:3d: + 72:6a:50:58:c7:e1:77:3f:3a:8b:c0:e2:d6:63:4a:fa:2a:28: + 7b:35:3a:18:98:12:b4:e5:a0:7c:23:c1:62:d9:64:e0:99:db: + 27:de:24:d2:92:78:9d:c1:6a:38:81:18:0a:4a:98:60:c4:75: + c0:4e:d1:7c -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0yMTAyMTAxOTQ5NTRaFw0yMzExMDcxOTQ5NTRaMIGhMQswCQYDVQQG +LmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -256,26 +256,26 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAocBbhIxxA94wprcimH2DpkhGRduK4TX5 -QSiefArgIPQAdWqRvmtXlmAVRnHOtLTgpmLxp2o9fKWUFgmkiTtRhveH66b7HeH2 -UI1oiNcamW09XcpTvCjAg9LwUE8zY6hb5mJO5q/Vsl1FWzMEH+xMpq/3vt3JK1jg -CaZcTcGlrev7cjFsPW9l3gLbOe4CBlexKAUsly8EmzfUts2VJ/DJvladaXf+RXoi -wikpX6a+fas81d0It4nZDAkVZveo9ndXlF+Uq07HVLfuipvSS576MyuQ9gXd29Dy -3kW55cpRnXMD1rvE05o9FUr3wVg6ZACQVx4aa0BQPKO0RgUmJlAB4Q== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAYSWETtY95b83D7gEK2L7HYP8MSf5Ggcm +t3ISCas81ll8MWZnbo7FvWCaFvQIWHfEUM91Z2WIQtfr+RJEzF0aichNVIdjDBI3 +lD9xsY1pWAMgELmWb8BeWQLi9ue0Yw3kuXqJH+FuU00wN/DP5JhfbhCD3EO7d1gY +DqUQSDzMoH9ZvKTOEiieUgJccXkUuZZf2BBBb5FJtsKR1LC4JUz/SQ+bdDjgpPhS +WjugTcFodrEukGqUD8AATq8ZXaXtMilJVg2Rizw9cmpQWMfhdz86i8Di1mNK+ioo +ezU6GJgStOWgfCPBYtlk4JnbJ94k0pJ4ncFqOIEYCkqYYMR1wE7RfA== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA4-pathlen5/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA3-pathlen99/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ac:f1:39:65:f7:9c:9d:f6:f0:d2:b7:18:16:24: 81:32:b7:a5:29:d6:f7:4e:31:38:a7:54:d6:eb:07: @@ -309,27 +309,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 69:05:fe:91:03:94:51:f1:c0:60:19:98:dc:ed:ad:20:22:35: - ff:49:1d:02:25:86:df:b2:3d:fa:da:97:af:04:95:c4:d8:4f: - f6:46:9d:48:e7:e5:f3:87:97:5b:33:6d:f5:22:d3:cf:04:fc: - e1:5f:66:00:89:90:1b:80:1e:5d:46:35:28:47:b1:b8:c5:68: - 91:bd:a1:fa:19:b2:f8:bc:d0:ce:48:65:76:7a:32:ff:6b:55: - 94:d5:a6:3f:34:ba:09:18:6c:93:e3:2d:fa:4c:f9:6d:ef:5b: - db:a2:cf:cb:86:62:86:cb:72:d6:3e:b0:2f:6a:85:ae:a3:5e: - 84:de:04:c0:ed:90:2f:51:20:e0:34:00:09:a8:b8:b0:24:47: - 23:5c:82:3c:dc:d4:1a:67:67:38:20:bc:c2:c9:f7:03:b0:f1: - f8:c6:b1:29:42:ae:34:fc:f0:79:81:8c:5b:e7:e2:2c:79:e9: - 6d:bc:89:81:64:ae:ec:e3:33:c0:7c:9a:f9:f4:3b:d6:a9:88: - 8b:cf:8c:c8:76:58:03:2b:2a:98:c2:b9:c0:8b:23:05:68:0d: - 1c:b3:d9:06:00:a7:d7:c5:5e:28:a6:46:3f:d6:64:0e:9b:a5: - 0e:5b:11:18:3a:0b:17:36:ba:e9:28:94:41:d9:d8:3b:b2:4f: - 32:8f:93:d9 + 28:1f:8c:fa:52:d4:c8:b6:02:c3:e2:b9:4f:36:16:50:e5:78: + 0a:82:87:d3:d1:d1:28:0d:e6:d3:73:4d:51:19:24:0e:84:a8: + f5:73:b9:ad:93:4f:89:6e:df:c6:4f:76:0e:80:d9:26:34:4c: + 63:6d:d7:ee:f9:27:e6:43:6a:2d:32:51:6e:f2:6f:8d:79:21: + 9e:f8:e9:be:9c:ff:56:88:58:5c:2a:cc:80:af:34:bf:52:86: + 0c:b5:61:83:72:c7:91:88:2c:07:66:9c:99:17:2e:d1:50:d5: + cf:9b:a9:68:5c:35:ea:c4:af:7f:02:ba:fb:9a:9b:34:9e:41: + ce:57:e3:00:b7:94:0c:ed:a5:73:7f:bf:df:4a:bc:a4:44:59: + db:8a:f4:a9:fc:9f:ee:2a:d7:4c:76:af:8a:4e:24:c6:00:75: + 6a:ee:5a:89:e3:71:5f:5f:71:7a:6b:80:ab:71:58:b1:2a:2a: + 87:1a:d5:ca:e2:03:77:23:52:f9:0f:ab:fb:fd:a5:3f:cd:86: + eb:76:65:8b:47:ba:4d:4d:cb:93:c4:ba:a3:e9:d2:7b:55:71: + 64:d5:06:c6:a7:31:1d:30:cf:a5:1b:27:02:59:15:b9:78:d9: + bd:89:ea:06:4f:2f:24:02:51:11:77:ba:8f:c3:b6:92:9d:2f: + 68:d4:3f:42 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NFoXDTIzMTEwNzE5NDk1NFowgaIxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -345,26 +345,26 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAGkF/pEDlFHxwGAZmNztrSAiNf9JHQIl -ht+yPfral68ElcTYT/ZGnUjn5fOHl1szbfUi088E/OFfZgCJkBuAHl1GNShHsbjF -aJG9ofoZsvi80M5IZXZ6Mv9rVZTVpj80ugkYbJPjLfpM+W3vW9uiz8uGYobLctY+ -sC9qha6jXoTeBMDtkC9RIOA0AAmouLAkRyNcgjzc1BpnZzggvMLJ9wOw8fjGsSlC -rjT88HmBjFvn4ix56W28iYFkruzjM8B8mvn0O9apiIvPjMh2WAMrKpjCucCLIwVo -DRyz2QYAp9fFXiimRj/WZA6bpQ5bERg6Cxc2uukolEHZ2DuyTzKPk9k= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBACgfjPpS1Mi2AsPiuU82FlDleAqCh9PR +0SgN5tNzTVEZJA6EqPVzua2TT4lu38ZPdg6A2SY0TGNt1+75J+ZDai0yUW7yb415 +IZ746b6c/1aIWFwqzICvNL9Shgy1YYNyx5GILAdmnJkXLtFQ1c+bqWhcNerEr38C +uvuamzSeQc5X4wC3lAztpXN/v99KvKREWduK9Kn8n+4q10x2r4pOJMYAdWruWonj +cV9fcXprgKtxWLEqKoca1criA3cjUvkPq/v9pT/Nhut2ZYtHuk1Ny5PEuqPp0ntV +cWTVBsanMR0wz6UbJwJZFbl42b2J6gZPLyQCURF3uo/DtpKdL2jUP0I= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA5-pathlen20/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA4-pathlen5/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c9:4b:a0:77:b8:42:43:96:e1:f4:8d:1d:a6:2c: d8:12:a2:40:49:11:eb:5f:fb:6c:1d:15:3e:af:dd: @@ -398,27 +398,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b0:8e:1a:de:7d:55:b1:c3:4e:4e:df:a0:bb:0a:a7:41:78:11: - 47:17:0a:c1:85:2f:7a:0c:2a:f5:79:e5:b9:c7:a3:cf:a4:03: - 8a:ec:db:4b:ac:31:e0:b1:b2:d2:74:09:a6:70:90:30:01:68: - c7:07:a0:28:b0:0b:b7:0e:9c:d6:de:4c:f0:62:69:a4:82:f1: - 80:79:e6:65:15:09:88:26:ae:4d:7e:fd:7b:9f:7a:e8:3b:d6: - 11:fe:7c:9d:c4:de:90:14:1a:1a:29:7c:a4:80:e9:55:1d:17: - 18:d3:45:84:ec:5f:42:35:ea:09:b2:67:f0:5f:71:b9:12:d5: - 88:2a:20:e3:7f:e5:c3:ac:d7:6e:4c:97:3c:aa:ca:f2:ba:d7: - 37:6b:ba:b8:e7:1a:f5:60:2b:41:7a:f4:68:50:91:ff:00:ab: - 73:05:ad:0f:b3:48:c5:73:dd:44:3f:16:1f:11:3b:ab:78:8c: - e3:20:2a:24:31:ad:8d:3f:74:2b:2c:c1:08:75:9a:c8:6c:6b: - 43:62:cb:e1:6d:70:ce:f5:64:7c:31:60:c1:6c:fc:37:2f:1b: - 59:bc:28:97:11:de:df:50:5b:38:5d:a6:dd:b6:1c:f0:f3:dd: - 07:c4:4b:fa:f9:3a:fd:06:b1:64:64:fa:46:2f:93:52:3f:19: - eb:e0:2b:7a + 2f:a8:0b:e3:eb:e0:fe:e8:82:f8:b7:2d:c2:14:e6:e8:59:8d: + e1:6d:50:f7:45:65:d5:4f:7b:6d:1e:d9:44:86:25:a7:56:55: + 07:46:e0:3f:d9:00:24:f2:61:e2:6a:4f:a8:df:7e:29:41:d0: + 31:3e:2d:b6:31:09:4e:f5:59:c7:0f:8c:c1:ba:b4:c0:39:2f: + ec:d6:a4:4a:0b:6f:bd:87:45:6d:33:2c:b1:14:2c:bc:9e:30: + ca:57:57:bc:b8:ec:fd:76:fd:ab:f5:63:3d:ef:16:cf:e8:cb: + 59:d5:28:0e:8c:36:a8:8d:d7:b8:0f:2a:33:5e:d3:53:19:86: + 12:64:b3:dc:b6:b8:c9:e3:54:73:7f:0a:ea:c3:ce:95:c4:c1: + 72:0c:58:ff:4f:2e:ae:f5:27:60:0b:c3:c9:19:3e:94:65:64: + 2a:1a:bc:03:a4:86:1a:c4:a2:98:c4:9e:63:42:f7:cd:eb:d0: + 04:f3:33:96:8a:a3:df:36:4c:ff:37:c3:4e:58:61:3a:c4:79: + cd:5f:0a:09:d0:15:69:22:2d:8b:c7:27:3e:ab:5c:15:83:96: + 25:bf:7b:00:7e:34:fa:9e:1a:65:13:eb:cd:4e:22:5e:15:8d: + 6f:74:c9:31:f9:0e:b0:55:54:72:02:38:3f:92:43:01:d9:57: + 51:50:03:d9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0yMTAyMTAxOTQ5NTRaFw0yMzExMDcxOTQ5NTRaMIGhMQswCQYDVQQG +LmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -434,26 +434,26 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQELBQADggEBALCOGt59VbHDTk7foLsKp0F4EUcXCsGF -L3oMKvV55bnHo8+kA4rs20usMeCxstJ0CaZwkDABaMcHoCiwC7cOnNbeTPBiaaSC -8YB55mUVCYgmrk1+/Xufeug71hH+fJ3E3pAUGhopfKSA6VUdFxjTRYTsX0I16gmy -Z/BfcbkS1YgqION/5cOs125MlzyqyvK61zdrurjnGvVgK0F69GhQkf8Aq3MFrQ+z -SMVz3UQ/Fh8RO6t4jOMgKiQxrY0/dCsswQh1mshsa0Niy+FtcM71ZHwxYMFs/Dcv -G1m8KJcR3t9QWzhdpt22HPDz3QfES/r5Ov0GsWRk+kYvk1I/GevgK3o= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAC+oC+Pr4P7ogvi3LcIU5uhZjeFtUPdF +ZdVPe20e2USGJadWVQdG4D/ZACTyYeJqT6jffilB0DE+LbYxCU71WccPjMG6tMA5 +L+zWpEoLb72HRW0zLLEULLyeMMpXV7y47P12/av1Yz3vFs/oy1nVKA6MNqiN17gP +KjNe01MZhhJks9y2uMnjVHN/CurDzpXEwXIMWP9PLq71J2ALw8kZPpRlZCoavAOk +hhrEopjEnmNC983r0ATzM5aKo982TP83w05YYTrEec1fCgnQFWkiLYvHJz6rXBWD +liW/ewB+NPqeGmUT681OIl4VjW90yTH5DrBVVHICOD+SQwHZV1FQA9k= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA6-pathlen10/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA5-pathlen20/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:be:9d:98:a2:41:ca:64:1f:a2:34:dc:51:7d:49: 2b:f7:f8:7a:fc:1a:22:8d:3a:17:8e:00:9c:74:06: @@ -487,27 +487,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - c5:55:81:ae:d8:a9:00:b6:65:0b:41:2a:7c:7b:de:6a:24:15: - 36:b8:8f:dd:c6:70:0d:ee:fd:a7:f1:55:c1:c2:77:1c:e7:2f: - cc:e0:78:81:57:2f:8f:c6:a6:c0:70:5d:aa:b1:2b:4d:30:2f: - f0:42:4e:be:06:7c:53:2d:65:c7:58:ae:02:d8:87:80:a0:48: - e5:4d:df:e6:de:c7:51:14:26:58:0d:9a:f7:f4:c4:32:95:98: - b7:9c:a0:92:a4:a6:c7:28:04:c0:1c:52:d3:ff:bb:f2:4f:08: - 64:98:04:34:f1:ac:9f:ca:b2:a7:99:45:eb:a3:c9:b5:74:54: - c3:0e:fa:ba:fd:d2:a4:70:c4:ff:f2:f9:93:3a:1f:c8:95:ac: - 42:de:45:e0:08:a9:5a:a8:3d:99:50:c3:f0:bb:c6:14:b6:68: - 62:dd:f4:df:36:74:10:39:6f:18:de:4b:a7:64:fa:62:17:2f: - ba:e8:58:b8:7c:9d:2f:5d:43:c4:02:a9:03:69:8c:1a:ce:a8: - 98:7b:53:72:a6:de:de:76:aa:4b:0b:4d:fd:7b:79:74:da:73: - a9:4f:79:1c:c5:8a:39:ee:90:c1:25:00:29:fa:d3:b1:13:4b: - 3a:51:4e:8e:63:ee:4b:57:af:2f:29:91:98:c1:27:88:e0:69: - fc:3d:8b:91 + 29:ff:da:ab:a9:62:4b:ef:6b:0b:d4:a9:a1:96:83:21:2d:df: + 20:7b:76:4d:be:4a:63:12:a7:54:af:c1:e4:38:75:6b:7a:47: + de:85:a0:c3:c4:a1:17:78:de:cc:15:d2:78:81:f4:ed:b7:f1: + 42:88:be:b6:95:f6:7f:1d:dc:93:74:9a:8c:9b:0d:77:b4:3b: + 86:f8:ef:ed:27:8a:d0:db:f0:08:b9:29:23:2c:25:27:80:81: + 14:c3:7a:50:d6:88:77:64:a7:25:55:85:16:10:9f:3d:fb:83: + 0f:75:8a:1d:6e:c6:23:6e:41:87:1e:98:f0:a9:1c:b7:6d:ab: + 79:08:8d:42:63:3a:42:1f:a3:9e:97:93:04:2b:de:c6:fb:bc: + cb:03:af:77:17:61:a0:03:96:d0:1b:38:37:c3:d3:ba:90:7d: + 2d:05:24:a0:af:62:8c:a9:7e:c2:88:59:ce:e6:c0:2f:1c:33: + 92:cd:e9:ce:41:7a:a6:9d:e4:ba:bc:07:1f:9d:84:79:ca:e0: + 63:cb:ed:34:c7:3c:a8:13:df:57:ce:8e:9a:13:5f:2d:31:72: + 6e:81:65:53:62:a9:39:11:94:de:2c:c8:c5:94:66:d1:0e:4b: + 84:ca:32:46:82:f8:c0:98:94:3b:bd:d4:be:f8:c2:f7:af:13: + e4:db:57:fa -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0yMTAyMTAxOTQ5NTRaFw0yMzExMDcxOTQ5NTRaMIGiMQswCQYDVQQG +LmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -523,26 +523,26 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAxVWBrtipALZlC0EqfHveaiQVNriP -3cZwDe79p/FVwcJ3HOcvzOB4gVcvj8amwHBdqrErTTAv8EJOvgZ8Uy1lx1iuAtiH -gKBI5U3f5t7HURQmWA2a9/TEMpWYt5ygkqSmxygEwBxS0/+78k8IZJgENPGsn8qy -p5lF66PJtXRUww76uv3SpHDE//L5kzofyJWsQt5F4AipWqg9mVDD8LvGFLZoYt30 -3zZ0EDlvGN5Lp2T6YhcvuuhYuHydL11DxAKpA2mMGs6omHtTcqbe3naqSwtN/Xt5 -dNpzqU95HMWKOe6QwSUAKfrTsRNLOlFOjmPuS1evLymRmMEniOBp/D2LkQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAKf/aq6liS+9rC9SpoZaDIS3fIHt2 +Tb5KYxKnVK/B5Dh1a3pH3oWgw8ShF3jezBXSeIH07bfxQoi+tpX2fx3ck3SajJsN +d7Q7hvjv7SeK0NvwCLkpIywlJ4CBFMN6UNaId2SnJVWFFhCfPfuDD3WKHW7GI25B +hx6Y8Kkct22reQiNQmM6Qh+jnpeTBCvexvu8ywOvdxdhoAOW0Bs4N8PTupB9LQUk +oK9ijKl+wohZzubALxwzks3pzkF6pp3kurwHH52EecrgY8vtNMc8qBPfV86OmhNf +LTFyboFlU2KpORGU3izIxZRm0Q5LhMoyRoL4wJiUO73UvvjC968T5NtX+g== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA7-pathlen100/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA6-pathlen10/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:e1:4f:c9:e7:30:ea:06:ff:65:cb:2b:6c:f1:a8: ac:f6:cf:10:6b:80:7a:af:5e:42:0a:0d:61:be:6f: @@ -576,27 +576,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 73:70:e1:67:aa:a1:e6:31:8c:6b:c3:bd:0e:99:9f:f8:8c:18: - b4:40:c7:0c:2d:0f:03:66:92:0e:5e:91:1e:37:f3:4f:68:66: - 3e:d4:4a:30:19:fe:44:fe:bb:11:22:23:10:db:8d:91:8a:45: - f8:71:48:b7:97:3d:9e:3d:c4:7c:3b:da:51:23:6e:76:3f:b5: - 1c:a8:db:80:2f:fa:15:16:ea:f8:9b:1d:86:1d:02:94:cd:4a: - f2:7d:6d:c1:40:0d:2f:d0:f9:65:dc:39:41:93:e1:e2:ab:7b: - 1f:c4:37:5f:3f:6e:af:4b:cb:d8:b2:21:e6:b4:73:13:8f:b6: - d6:e3:81:b5:e4:85:e3:3c:1a:ae:4b:79:86:29:a5:1b:ba:7d: - 4a:4e:a3:22:94:33:49:64:46:ff:44:99:02:f7:f6:82:d6:76: - f0:a6:ff:5d:b3:58:df:a8:c4:00:00:33:8c:1e:17:72:8c:84: - d7:bd:17:7f:ff:2a:7a:7b:71:63:34:21:ad:3a:88:3c:2c:cf: - 9b:77:c0:0c:ce:7d:d6:2d:56:0f:6f:6b:98:54:5e:0c:92:40: - eb:43:2e:4c:08:14:48:af:c9:80:34:59:ee:f8:e3:5f:3e:68: - aa:52:65:91:6f:ed:56:21:ff:1b:dc:d0:33:39:c4:e0:39:c7: - 97:70:0e:8f + 33:53:88:2d:1e:0e:04:6c:69:d4:b6:08:23:73:d1:31:02:7b: + a2:ed:ce:c6:58:8e:6a:fd:0e:1e:c7:73:8e:0e:b5:46:02:15: + c3:55:bf:96:8d:a7:cf:f3:3b:80:d9:8c:5d:a8:df:4e:f2:63: + e0:9b:04:8c:76:f5:fc:a7:7e:43:e9:da:a5:9a:31:3e:ae:a3: + f7:ae:20:14:e2:f8:a0:a0:18:74:2e:95:f7:30:24:b3:28:10: + 7f:85:23:e7:6c:5d:9d:e5:a3:f0:75:63:a6:ae:62:aa:7b:3d: + e3:c9:27:4a:35:29:85:83:9a:ac:c0:f8:21:1e:8b:c4:b9:90: + 2e:83:6a:07:de:4c:3a:24:2a:2b:32:33:8d:85:d9:e1:97:a0: + ae:8c:ae:10:f2:77:87:f6:73:7a:21:0f:4a:6b:7a:8e:82:bc: + 85:10:78:12:37:7c:ab:46:3c:78:32:bf:7a:1c:85:7c:b9:81: + e0:b8:32:41:c9:af:db:f6:3c:8c:5d:01:f2:8a:d2:0c:42:1c: + d2:05:ee:f1:a5:1a:42:d6:c5:d9:93:38:e0:f6:d3:25:55:6b: + 81:4a:1e:10:68:6a:29:d9:59:49:14:b9:84:46:99:c5:d6:fc: + c7:ec:75:38:30:08:5a:58:96:cf:3c:43:6b:73:21:1d:f6:d8: + 01:2d:28:5a -----BEGIN CERTIFICATE----- MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBojELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -612,26 +612,26 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQELBQADggEBAHNw4WeqoeYxjGvDvQ6Zn/iMGLRAxwwtDwNmkg5ekR43809o -Zj7USjAZ/kT+uxEiIxDbjZGKRfhxSLeXPZ49xHw72lEjbnY/tRyo24Av+hUW6vib -HYYdApTNSvJ9bcFADS/Q+WXcOUGT4eKrex/EN18/bq9Ly9iyIea0cxOPttbjgbXk -heM8Gq5LeYYppRu6fUpOoyKUM0lkRv9EmQL39oLWdvCm/12zWN+oxAAAM4weF3KM -hNe9F3//Knp7cWM0Ia06iDwsz5t3wAzOfdYtVg9va5hUXgySQOtDLkwIFEivyYA0 -We74418+aKpSZZFv7VYh/xvc0DM5xOA5x5dwDo8= +hvcNAQELBQADggEBADNTiC0eDgRsadS2CCNz0TECe6LtzsZYjmr9Dh7Hc44OtUYC +FcNVv5aNp8/zO4DZjF2o307yY+CbBIx29fynfkPp2qWaMT6uo/euIBTi+KCgGHQu +lfcwJLMoEH+FI+dsXZ3lo/B1Y6auYqp7PePJJ0o1KYWDmqzA+CEei8S5kC6Dagfe +TDokKisyM42F2eGXoK6MrhDyd4f2c3ohD0preo6CvIUQeBI3fKtGPHgyv3ochXy5 +geC4MkHJr9v2PIxdAfKK0gxCHNIF7vGlGkLWxdmTOOD20yVVa4FKHhBoainZWUkU +uYRGmcXW/MfsdTgwCFpYls88Q2tzIR322AEtKFo= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:54 2021 GMT - Not After : Nov 7 19:49:54 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA7-pathlen100/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d6:8c:d6:c4:29:20:60:9d:15:3d:0c:2a:fb:24: 2f:38:89:ed:37:c4:fc:57:67:2a:50:d8:eb:e2:6a: @@ -658,34 +658,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 26:72:76:89:e5:6a:e9:31:30:3d:c1:cf:15:f4:3f:dd:43:f0: - 6d:53:94:8b:90:fe:ea:94:93:bf:57:60:84:b5:a9:39:8b:a6: - 89:65:82:ce:f7:77:1e:ee:7a:65:a8:5d:dc:6f:13:5d:55:94: - b5:ac:d2:24:ff:f1:f7:8e:49:91:da:86:b9:b6:c7:03:39:e9: - a1:9b:78:f8:86:85:ab:a6:77:23:e5:02:33:83:e4:a1:c2:e7: - ae:36:22:4c:2e:a3:81:44:2a:bf:ad:a5:a3:05:c0:7a:3f:c8: - bc:e9:72:4b:04:1a:82:72:18:6a:8b:4d:2b:c2:53:dd:28:a5: - d5:5d:b1:87:8a:a2:a7:3a:31:43:c2:79:45:27:61:a7:c1:9d: - ae:8c:b7:cb:05:6f:04:2a:d7:1f:64:52:dd:ad:9a:b7:69:12: - 2e:82:d2:93:32:f2:03:df:3d:6c:07:6f:13:1d:28:af:ef:86: - 04:de:d6:15:3f:31:37:ff:42:32:8f:9c:64:d5:4f:55:81:3e: - c8:01:95:51:cd:18:2d:57:9f:30:5c:b5:a8:bc:2e:3e:63:57: - 07:48:ea:ad:23:9f:25:8d:8b:3e:de:8c:6f:a1:52:79:37:a1: - 99:6f:df:0d:84:d9:8d:d8:db:d1:34:60:9e:3b:36:12:df:7b: - f5:fb:59:1a + 4f:97:12:76:60:f0:fd:24:ca:f2:c4:89:6a:90:28:86:fe:1b: + 19:f8:fc:f8:b9:89:8e:8c:06:56:d5:89:a8:73:6a:11:b2:6f: + ce:f1:35:e4:3e:3c:8f:d5:a4:95:b9:24:16:41:2b:0b:04:29: + df:03:52:3f:82:2b:be:fb:74:29:b6:36:6e:dd:28:56:e8:e3: + 85:c4:94:5b:9c:4e:09:0f:c0:bd:79:2a:08:a6:b6:54:0c:24: + d6:00:d8:29:d8:ff:d8:44:57:30:25:b3:28:24:f8:25:36:b6: + e6:44:6c:72:0a:7a:fc:0d:b4:9e:77:b8:80:36:49:e6:47:7a: + dd:c9:e5:27:57:11:52:f1:44:96:a0:9c:6f:f4:3f:35:bd:81: + 4d:a6:61:ed:ef:43:95:13:a3:57:19:1a:70:34:5e:7c:a9:b9: + c6:c6:a0:7c:35:d5:5f:98:9f:9b:33:f3:d2:fd:57:08:db:80: + bd:fa:2a:0b:44:f8:3b:97:75:9f:e6:83:50:92:6c:82:02:7f: + 32:ed:7b:52:4d:2d:c1:cf:0c:c1:09:6f:3f:63:49:9b:e1:25: + 7c:c5:33:49:f6:68:e4:7e:67:33:67:54:1c:49:99:8c:bf:3a: + aa:1c:ee:0d:d1:7b:29:6a:70:b4:47:cb:b4:d9:95:57:cf:59: + 44:85:19:54 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU0WhcNMjMxMTA3MTk0OTU0WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -695,16 +695,16 @@ xPxXZypQ2OviahxZBvJtPrlP/knFIcAW+ClvUQzqeNcOFUHaWssL4FTWg/0P6E4w /RYKOrjHI0uv4M0SXp9PYhPwyOTiqAHTN7AIIdMPbOTYwQRR6UzFsW3MYyOXMO7w Hqtt6pPKrVZvHu0arowbkQTqq50bO1anwcwvOS+zuowW/V4QEJ4k6kCXdLa05RzA 0195LARDOo70sVa9xyVjXDRQTb0t8Qi9jD7Sb/rkBKFR69DQkJGXe0bGEJKvAgMB -AAGjggENMIIBCTAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgckGA1Ud -IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AAGjggEYMIIBFDAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgdQGA1Ud +IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv -bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAqtM/ -rBgKN00wDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL -BQADggEBACZydonlaukxMD3BzxX0P91D8G1TlIuQ/uqUk79XYIS1qTmLpollgs73 -dx7uemWoXdxvE11VlLWs0iT/8feOSZHahrm2xwM56aGbePiGhaumdyPlAjOD5KHC -5642Ikwuo4FEKr+tpaMFwHo/yLzpcksEGoJyGGqLTSvCU90opdVdsYeKoqc6MUPC -eUUnYafBna6Mt8sFbwQq1x9kUt2tmrdpEi6C0pMy8gPfPWwHbxMdKK/vhgTe1hU/ -MTf/QjKPnGTVT1WBPsgBlVHNGC1XnzBctai8Lj5jVwdI6q0jnyWNiz7ejG+hUnk3 -oZlv3w2E2Y3Y29E0YJ47NhLfe/X7WRo= +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghR9lHCI +ugdCjaqvT77CGkjw0UDmQjAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN +BgkqhkiG9w0BAQsFAAOCAQEAT5cSdmDw/STK8sSJapAohv4bGfj8+LmJjowGVtWJ +qHNqEbJvzvE15D48j9WklbkkFkErCwQp3wNSP4Irvvt0KbY2bt0oVujjhcSUW5xO +CQ/AvXkqCKa2VAwk1gDYKdj/2ERXMCWzKCT4JTa25kRscgp6/A20nne4gDZJ5kd6 +3cnlJ1cRUvFElqCcb/Q/Nb2BTaZh7e9DlROjVxkacDRefKm5xsagfDXVX5ifmzPz +0v1XCNuAvfoqC0T4O5d1n+aDUJJsggJ/Mu17Uk0twc8MwQlvP2NJm+ElfMUzSfZo +5H5nM2dUHEmZjL86qhzuDdF7KWpwtEfLtNmVV89ZRIUZVA== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-entity.pem b/certs/test-pathlen/chainG-entity.pem index b5c191c75..d9d72c845 100644 --- a/certs/test-pathlen/chainG-entity.pem +++ b/certs/test-pathlen/chainG-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainG-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:7b:82:23:a2:34:e7:cb:89:4e:64:cc:f2:98: c8:65:8f:e2:69:55:54:4b:3c:8b:c0:1f:67:37:7f: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 43:1d:31:61:87:f5:7b:0d:77:84:eb:8b:be:45:c6:9f:a9:f8: - a0:af:a8:46:16:88:d7:08:0f:96:54:39:f7:ee:f5:6a:f4:11: - f7:49:a5:f4:36:36:8c:4d:95:07:87:35:d7:c9:07:3e:95:4f: - 4e:aa:2f:f4:2f:2c:ea:4a:e7:5b:d9:54:19:a0:d5:da:16:e8: - ed:e4:0b:30:4a:1a:1d:12:c2:0f:12:ed:cb:53:ac:37:96:00: - c2:16:3b:9e:2e:96:2b:a0:fb:72:13:9c:5b:d8:34:ff:0f:d9: - ed:1f:1c:db:26:66:84:86:f4:23:9c:ea:76:39:4f:a7:0f:65: - af:f5:9e:2f:c8:7c:b6:57:71:14:e8:8a:61:73:f0:01:8a:e0: - 96:f4:5b:cb:cb:e2:ed:d1:9c:42:f1:3d:b5:01:4f:bb:bc:46: - d8:af:ef:55:17:de:4b:2a:17:2b:e1:fd:86:b6:aa:65:0c:88: - 7b:b9:6f:1f:9b:0d:15:28:a7:b3:7f:20:4c:c4:59:80:eb:ee: - 72:fb:09:ad:cd:3e:40:d0:dc:69:7c:3f:09:77:f8:3f:65:28: - 21:3d:12:c0:56:c9:50:a0:3c:29:9f:45:5b:7b:c1:24:a3:3c: - 88:32:24:85:28:bd:b1:f1:ff:0e:33:75:b0:74:cf:d5:46:37: - d5:c8:aa:13 + ca:65:da:90:a0:ff:8b:98:db:33:6e:3c:4d:f1:43:81:53:a7: + 99:fb:d5:84:2c:30:9d:88:e6:2e:cb:1d:d7:69:a5:8b:c3:c7: + 25:52:4d:60:d2:48:d8:fa:82:ef:a2:d4:77:ff:e2:67:28:fa: + 4e:e8:ec:39:39:61:c4:93:d7:5e:7e:75:5c:68:00:15:c0:0e: + 08:60:18:03:d8:ff:a7:a5:dc:39:03:61:44:3a:04:04:57:40: + b7:a5:0e:50:02:1d:98:1a:77:99:a9:0d:9c:0e:e5:96:ad:07: + 24:0c:b9:29:cc:ad:7e:41:a7:54:a8:ab:6c:6a:47:2f:90:b4: + 46:7f:9e:21:64:76:b5:27:f6:11:7f:5b:75:75:d9:e0:d8:5f: + f2:fa:0a:03:91:eb:58:a2:20:35:d4:e9:91:0e:2e:c2:94:b0: + 06:d5:1e:a0:35:b9:35:2b:e3:c6:2b:72:6c:cc:bd:dc:5b:3f: + 0b:55:b6:9b:57:49:7c:29:7e:a5:40:4a:58:ce:87:2f:db:aa: + 1e:c0:34:fe:fc:cc:85:c6:e2:25:43:5e:2b:df:4a:ca:eb:74: + 4f:59:93:df:ff:8e:93:32:45:19:27:58:6b:9d:d9:9b:bf:0b: + 31:14:5d:c7:8b:05:a4:05:85:c8:f4:1c:24:df:8e:5f:cb:09: + ca:af:68:82 -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAEMdMWGH -9XsNd4Tri75Fxp+p+KCvqEYWiNcID5ZUOffu9Wr0EfdJpfQ2NoxNlQeHNdfJBz6V -T06qL/QvLOpK51vZVBmg1doW6O3kCzBKGh0Swg8S7ctTrDeWAMIWO54uliug+3IT -nFvYNP8P2e0fHNsmZoSG9COc6nY5T6cPZa/1ni/IfLZXcRToimFz8AGK4Jb0W8vL -4u3RnELxPbUBT7u8Rtiv71UX3ksqFyvh/Ya2qmUMiHu5bx+bDRUop7N/IEzEWYDr -7nL7Ca3NPkDQ3Gl8Pwl3+D9lKCE9EsBWyVCgPCmfRVt7wSSjPIgyJIUovbHx/w4z -dbB0z9VGN9XIqhM= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAMpl2pCg +/4uY2zNuPE3xQ4FTp5n71YQsMJ2I5i7LHddppYvDxyVSTWDSSNj6gu+i1Hf/4mco ++k7o7Dk5YcST115+dVxoABXADghgGAPY/6el3DkDYUQ6BARXQLelDlACHZgad5mp +DZwO5ZatByQMuSnMrX5Bp1Soq2xqRy+QtEZ/niFkdrUn9hF/W3V12eDYX/L6CgOR +61iiIDXU6ZEOLsKUsAbVHqA1uTUr48YrcmzMvdxbPwtVtptXSXwpfqVASljOhy/b +qh7ANP78zIXG4iVDXivfSsrrdE9Zk9//jpMyRRknWGud2Zu/CzEUXceLBaQFhcj0 +HCTfjl/LCcqvaII= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/certs/test-pathlen/chainH-ICA1-pathlen0.pem index 4e0743db9..893bba3bc 100644 --- a/certs/test-pathlen/chainH-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainH-ICA1-pathlen0.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA2-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c7:f4:a6:7e:f2:cb:4f:6e:04:18:d3:53:d5:cf: bf:7e:97:d1:74:94:fe:db:ad:61:3f:12:20:67:f3: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 9f:9b:2c:00:4d:4c:62:f6:75:de:56:fe:15:df:1e:74:11:1c: - 33:0e:84:40:04:4a:d3:9b:20:3a:1c:b2:c0:20:2f:71:f5:d6: - f6:71:f3:a9:9e:f3:a3:e3:0f:fe:d8:97:24:bc:18:0b:54:38: - d2:e5:d4:1d:74:d3:f9:19:a1:e5:5d:7e:61:bb:fb:cd:8b:aa: - 8b:dc:9a:47:5a:ed:e3:57:46:a7:cc:32:5e:71:1d:9b:2b:ad: - a1:60:43:b3:be:80:31:a1:7d:2a:ab:a7:d8:3a:b5:62:95:c5: - 31:24:87:30:1f:fc:41:72:d7:b0:99:df:6c:b5:4c:14:dc:d9: - 4b:0b:a0:90:8b:11:a6:e5:4d:43:17:54:db:a7:4b:fe:1e:65: - 37:f2:1d:f3:6d:f0:6d:1e:13:d3:d0:a9:0c:39:f5:34:07:51: - d2:19:f2:8e:a9:51:77:c7:b0:69:05:dc:44:66:0e:25:e6:78: - 9f:4c:4a:8d:c9:f4:66:4a:e4:60:fd:fa:13:73:2a:46:ce:3b: - aa:f2:89:0d:68:68:75:78:d3:f5:a0:c2:72:16:6c:3c:82:bd: - dd:1c:f7:65:dc:52:00:0e:24:d6:42:df:f5:60:24:9d:06:e6: - 1c:1d:e1:81:23:47:8b:66:a3:c2:49:c1:15:df:13:8b:83:3f: - 89:1d:42:ba + c6:28:f9:c3:81:a4:93:be:43:7c:95:db:e5:cf:fe:0b:1a:1f: + d3:f4:e5:d8:35:77:ee:35:69:16:c9:b5:9c:5a:9b:82:70:41: + f4:c2:e5:ea:dc:9f:3c:06:6e:2e:71:e6:ff:50:42:39:50:57: + 1a:2d:d3:d7:58:83:08:5d:5b:77:58:13:11:f0:66:2b:2c:2a: + e8:1e:e2:a5:d7:e7:c3:3e:83:ae:29:86:ef:29:78:c5:58:b1: + ef:8f:3f:6d:2f:d4:a0:2f:4f:1f:e7:34:33:c9:b5:57:f4:e8: + be:45:4b:c1:ed:a2:89:c3:05:08:d8:a9:37:df:13:b0:78:ad: + eb:18:d1:be:24:f4:1d:64:a1:87:f6:9a:53:48:bc:20:79:49: + 0b:b6:93:db:0b:6f:f5:18:d5:89:ae:39:18:32:a0:a7:e8:65: + 98:75:46:b9:15:1c:f4:11:c2:de:65:10:17:c3:24:b9:d1:fa: + e8:e6:99:cc:aa:fe:1b:17:0a:9c:a1:72:63:4c:4e:99:57:24: + cf:b9:df:ad:7b:1a:a7:63:53:aa:85:c5:68:64:6c:e0:29:e8: + ad:1e:a3:d2:74:7d:10:03:6d:11:48:6a:f0:60:39:69:7f:01: + 0a:a3:e4:0d:f2:64:2c:59:3d:20:19:d1:b1:27:8d:cd:d5:eb: + fe:b2:97:09 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCfmywATUxi9nXeVv4V3x50ERwzDoRABErT -myA6HLLAIC9x9db2cfOpnvOj4w/+2JckvBgLVDjS5dQddNP5GaHlXX5hu/vNi6qL -3JpHWu3jV0anzDJecR2bK62hYEOzvoAxoX0qq6fYOrVilcUxJIcwH/xBctewmd9s -tUwU3NlLC6CQixGm5U1DF1Tbp0v+HmU38h3zbfBtHhPT0KkMOfU0B1HSGfKOqVF3 -x7BpBdxEZg4l5nifTEqNyfRmSuRg/foTcypGzjuq8okNaGh1eNP1oMJyFmw8gr3d -HPdl3FIADiTWQt/1YCSdBuYcHeGBI0eLZqPCScEV3xOLgz+JHUK6 +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQDGKPnDgaSTvkN8ldvlz/4LGh/T9OXYNXfu +NWkWybWcWpuCcEH0wuXq3J88Bm4uceb/UEI5UFcaLdPXWIMIXVt3WBMR8GYrLCro +HuKl1+fDPoOuKYbvKXjFWLHvjz9tL9SgL08f5zQzybVX9Oi+RUvB7aKJwwUI2Kk3 +3xOweK3rGNG+JPQdZKGH9ppTSLwgeUkLtpPbC2/1GNWJrjkYMqCn6GWYdUa5FRz0 +EcLeZRAXwyS50fro5pnMqv4bFwqcoXJjTE6ZVyTPud+texqnY1OqhcVoZGzgKeit +HqPSdH0QA20RSGrwYDlpfwEKo+QN8mQsWT0gGdGxJ43N1ev+spcJ -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/certs/test-pathlen/chainH-ICA2-pathlen2.pem index 19cc738cd..ec3fb24de 100644 --- a/certs/test-pathlen/chainH-ICA2-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA2-pathlen2.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA3-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA2-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d9:b5:af:4b:ba:83:03:23:df:50:28:a8:c2:0c: 2c:f0:04:cb:2d:04:9b:1e:f5:f4:68:bc:d4:8e:b4: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 19:a6:e8:27:a0:39:d2:86:54:63:76:85:91:3d:3d:97:65:4f: - e2:96:f1:cb:64:7b:07:b3:b4:3a:09:f0:8d:9f:cb:9c:6f:ab: - cc:69:4a:3d:b4:26:01:c0:37:a3:23:56:a0:99:51:9d:a3:33: - 23:58:65:bc:8b:08:be:52:62:ef:8e:74:ed:c8:d0:88:ee:b6: - 14:c0:0a:63:f3:03:6c:df:f9:92:4b:b6:53:6c:86:39:3b:31: - 3e:69:b7:ed:ae:0c:df:2f:00:eb:8f:ed:01:ef:94:f4:8d:ca: - a9:0f:eb:1c:07:1f:56:01:4a:16:69:a0:81:51:a4:08:75:89: - cf:97:e7:6f:03:77:ed:21:ec:8c:2a:78:4a:8a:73:31:63:c2: - 4f:b8:43:ad:d8:5e:60:3d:1c:7f:89:f0:08:d1:65:9a:7b:be: - 22:fb:74:a9:25:6c:38:c2:f8:66:22:af:37:da:c6:58:99:cc: - 62:c2:44:8e:07:70:9f:64:64:bc:52:54:f6:5e:23:da:b5:84: - 45:d3:4c:00:22:0a:43:f1:4d:f0:50:77:78:fa:01:4c:23:08: - 26:ac:d3:70:99:db:ee:0d:cc:57:aa:27:aa:5f:6d:ed:3b:2a: - 8f:9b:7a:fa:82:e7:f9:41:6d:e4:61:3a:75:2c:4e:f3:2c:7c: - b9:c2:0f:23 + 5a:18:36:0e:02:33:b8:aa:7d:a2:67:a2:30:22:b0:f1:d0:69: + d9:d9:13:53:4f:74:b1:8d:6f:b7:d9:62:78:5c:e6:97:51:02: + ac:3f:54:02:bc:db:7e:b1:31:0c:e5:bf:7e:ff:bf:ee:d5:73: + d0:a5:41:c7:bc:98:4b:35:86:44:b4:cb:eb:d8:ae:17:c5:55: + 46:5d:66:c1:06:97:be:28:e7:23:dc:60:d0:dd:14:fc:17:fd: + 1e:ed:61:f7:1c:44:de:e7:19:52:2a:a3:ec:8e:47:7e:10:66: + f3:b9:e4:d5:ee:2f:d5:cf:a3:58:06:72:99:3b:27:2b:f5:fe: + 46:ed:17:ae:76:85:36:39:5c:c7:a7:f5:08:c5:df:39:e1:a7: + 6e:20:d4:5a:34:9e:f1:c5:97:eb:d7:99:2e:15:c6:35:64:2b: + e1:f9:22:73:c6:83:30:4c:5b:0a:9f:0d:6a:48:da:6d:b0:5d: + b4:7b:9d:37:ac:67:61:f7:e0:53:cc:15:24:e5:81:8b:9f:01: + 62:91:48:52:36:94:1a:fa:ec:d2:e0:c6:5b:22:52:42:80:ab: + 4b:0a:d4:9a:cb:60:7c:bb:d0:d2:3e:73:88:4d:97:21:e9:fb: + 43:80:bf:59:96:8f:b1:52:65:13:db:4a:4e:22:6a:8e:af:f2: + 91:e3:6c:4c -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAZpugnoDnShlRjdoWRPT2XZU/ilvHLZHsH -s7Q6CfCNn8ucb6vMaUo9tCYBwDejI1agmVGdozMjWGW8iwi+UmLvjnTtyNCI7rYU -wApj8wNs3/mSS7ZTbIY5OzE+abftrgzfLwDrj+0B75T0jcqpD+scBx9WAUoWaaCB -UaQIdYnPl+dvA3ftIeyMKnhKinMxY8JPuEOt2F5gPRx/ifAI0WWae74i+3SpJWw4 -wvhmIq832sZYmcxiwkSOB3CfZGS8UlT2XiPatYRF00wAIgpD8U3wUHd4+gFMIwgm -rNNwmdvuDcxXqieqX23tOyqPm3r6guf5QW3kYTp1LE7zLHy5wg8j +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBaGDYOAjO4qn2iZ6IwIrDx0GnZ2RNTT3Sx +jW+32WJ4XOaXUQKsP1QCvNt+sTEM5b9+/7/u1XPQpUHHvJhLNYZEtMvr2K4XxVVG +XWbBBpe+KOcj3GDQ3RT8F/0e7WH3HETe5xlSKqPsjkd+EGbzueTV7i/Vz6NYBnKZ +Oycr9f5G7ReudoU2OVzHp/UIxd854aduINRaNJ7xxZfr15kuFcY1ZCvh+SJzxoMw +TFsKnw1qSNptsF20e503rGdh9+BTzBUk5YGLnwFikUhSNpQa+uzS4MZbIlJCgKtL +CtSay2B8u9DSPnOITZch6ftDgL9Zlo+xUmUT20pOImqOr/KR42xM -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/certs/test-pathlen/chainH-ICA3-pathlen2.pem index 836af52b2..20b6e7ebd 100644 --- a/certs/test-pathlen/chainH-ICA3-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA3-pathlen2.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA4-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA3-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b7:b3:1a:1b:4a:80:1b:a2:e5:95:14:bc:55:e4: 77:dc:f3:7b:8a:9f:34:7c:93:db:c9:c9:d0:8b:b8: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 31:21:a9:63:af:5f:5d:49:3f:34:d3:19:1b:f9:88:c1:a9:87: - 88:4e:60:9d:72:d3:7f:be:6a:54:73:46:4a:84:7c:ce:8d:7d: - 3b:d5:7d:e9:43:69:35:dc:d8:65:2e:49:5b:cd:10:33:20:40: - 9a:ba:71:64:6e:7a:50:f5:49:82:5f:75:31:66:77:11:d2:78: - 7b:26:ec:ed:12:e0:44:e1:c4:ae:36:d1:ed:f6:40:51:84:14: - 22:2d:7b:23:27:eb:ee:76:b0:84:57:61:46:58:f0:46:74:94: - 36:49:e4:f0:cb:6a:a5:c8:68:db:76:f5:f1:e0:4b:98:18:d7: - 2d:ad:f6:6b:38:f6:af:c1:e5:d9:b0:d4:af:ce:d0:09:af:14: - 99:b1:e9:e7:4c:c2:ea:3a:75:a3:e1:04:20:35:bd:41:e3:73: - bc:5a:b4:d5:a5:d6:87:c4:89:20:1e:27:98:90:80:81:3f:45: - 10:5d:35:ee:d1:6d:2c:c3:d7:27:35:6b:56:6c:cb:b2:21:b7: - fc:15:c4:ea:24:84:2e:ba:60:98:ed:7c:0c:93:dc:a7:59:d7: - b5:d2:8a:05:7f:42:f5:bc:0b:92:6c:99:08:eb:8a:30:3b:d8: - 1a:a2:c4:f4:6e:c3:a5:1d:83:a0:40:47:35:0e:21:59:0d:bf: - 8a:be:ae:dd + 6b:f3:44:8b:f9:5d:a8:c0:26:49:f1:51:f0:be:72:53:5d:73: + d7:a2:a2:58:e0:6c:93:68:03:3d:cc:0b:70:27:48:6c:c7:34: + 0e:6b:32:02:d0:c1:65:99:c0:ed:b4:b0:ef:f1:09:0c:8e:5c: + b0:3b:79:7d:eb:a3:7c:a7:4c:8e:01:b2:b3:f5:53:64:3d:9b: + 2d:35:89:2e:7b:68:df:f2:86:e5:f5:50:f8:e0:57:80:ac:b1: + 96:7d:5f:84:f1:88:07:bb:eb:be:c8:a0:26:9d:88:9b:f5:45: + 2f:e5:75:01:77:55:fd:46:d6:7a:a1:85:26:a2:4c:43:cd:7b: + 30:4a:e2:8f:62:ed:e0:32:0f:21:3c:94:67:89:5c:81:d9:bb: + 9d:d6:c5:ca:95:86:e5:b9:b1:67:94:2e:e7:64:cd:14:65:0e: + da:13:54:85:53:c4:e8:01:e5:54:e3:52:8c:ac:17:cf:01:02: + 90:c7:92:c0:1a:cb:c4:05:38:08:aa:27:e7:bd:6a:89:28:e4: + a8:b4:17:30:72:0a:18:a7:20:91:fc:27:74:66:c4:5d:14:6e: + b1:6c:94:dd:74:67:f8:7e:c2:a2:0e:a6:38:7d:3f:ba:ae:ec: + e6:b1:81:6c:46:49:2c:06:66:ca:56:9c:a9:27:36:a1:a3:3d: + ba:4c:7d:d5 -----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQELBQADggEBADEhqWOvX11JPzTTGRv5iMGph4hOYJ1y03++alRzRkqEfM6NfTvV -felDaTXc2GUuSVvNEDMgQJq6cWRuelD1SYJfdTFmdxHSeHsm7O0S4EThxK420e32 -QFGEFCIteyMn6+52sIRXYUZY8EZ0lDZJ5PDLaqXIaNt29fHgS5gY1y2t9ms49q/B -5dmw1K/O0AmvFJmx6edMwuo6daPhBCA1vUHjc7xatNWl1ofEiSAeJ5iQgIE/RRBd -Ne7RbSzD1yc1a1Zsy7Iht/wVxOokhC66YJjtfAyT3KdZ17XSigV/QvW8C5JsmQjr -ijA72BqixPRuw6Udg6BARzUOIVkNv4q+rt0= +AQELBQADggEBAGvzRIv5XajAJknxUfC+clNdc9eioljgbJNoAz3MC3AnSGzHNA5r +MgLQwWWZwO20sO/xCQyOXLA7eX3ro3ynTI4BsrP1U2Q9my01iS57aN/yhuX1UPjg +V4CssZZ9X4TxiAe7677IoCadiJv1RS/ldQF3Vf1G1nqhhSaiTEPNezBK4o9i7eAy +DyE8lGeJXIHZu53WxcqVhuW5sWeULudkzRRlDtoTVIVTxOgB5VTjUoysF88BApDH +ksAay8QFOAiqJ+e9aoko5Ki0FzByChinIJH8J3RmxF0UbrFslN10Z/h+wqIOpjh9 +P7qu7OaxgWxGSSwGZspWnKknNqGjPbpMfdU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/certs/test-pathlen/chainH-ICA4-pathlen2.pem index e243cbd55..b92e8dc6b 100644 --- a/certs/test-pathlen/chainH-ICA4-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA4-pathlen2.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA4-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:f3:2f:8a:cd:9e:87:f1:01:f3:a4:c0:2d:66: 36:d7:11:2e:64:08:e8:f1:99:fa:a6:9c:f4:bd:3b: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 49:c6:df:ce:fc:71:3e:a5:1b:27:1c:e4:9e:bb:04:fa:93:17: - 6d:79:c8:8f:ee:08:6e:59:57:b6:f9:5a:a2:21:1a:3e:a7:a1: - 0c:0d:3f:30:70:57:15:55:4c:95:e4:e1:3e:99:ce:9e:4a:a6: - c3:56:22:1d:a1:23:bc:fc:25:c8:5a:84:74:a1:0e:dd:70:59: - a8:36:29:14:bf:ff:ce:c5:6e:12:c4:2d:fb:13:63:66:29:63: - 63:83:f3:ab:a0:7f:12:aa:5c:58:70:3a:9d:ae:26:ec:ec:d3: - 31:07:41:17:cc:14:15:8e:d5:45:49:d8:f2:ec:4d:46:db:2b: - 69:15:c5:99:23:6b:dc:31:c7:d6:53:b3:d2:65:fc:17:f5:19: - ae:d9:95:aa:1e:9b:1b:cf:18:61:c9:e1:17:d4:fa:d7:e1:a3: - cf:b5:09:ce:ed:9b:3c:41:c8:88:99:a2:ab:f0:55:86:78:8d: - 07:44:25:c5:23:11:6e:fe:db:92:6f:35:96:ba:a1:01:f9:ab: - da:d2:29:c8:70:d0:b9:fe:c1:8d:72:67:ec:0a:d0:75:e5:01: - 9d:d3:f9:01:ea:06:27:6f:21:99:e5:46:d8:fc:65:0d:9c:72: - 25:82:1e:f6:43:d6:e8:08:b1:8f:d2:a9:c8:bf:05:ab:5c:80: - 72:6c:ac:a4 + 38:88:02:e8:dd:ee:7e:5a:33:74:e7:46:eb:9f:39:d3:10:a9: + 07:59:53:54:d7:47:57:7d:6a:47:1e:c4:09:7e:b2:33:72:39: + e6:11:32:ec:1e:15:18:63:23:07:e9:34:b7:82:55:45:d4:63: + d5:7b:d2:60:06:b2:d5:9d:00:7f:0d:55:07:78:57:ab:b5:65: + 0a:4d:f8:73:04:41:aa:0d:0d:bf:61:7b:4c:89:91:a9:15:9e: + fa:07:76:1c:20:3c:43:28:7b:91:f0:cf:70:a7:38:ae:b3:d0: + 63:ea:90:b6:ee:09:92:70:26:47:11:3d:f2:26:a4:de:7e:81: + f2:f4:e5:4d:1b:a5:93:72:13:4c:3c:73:98:02:5e:b3:9f:95: + 22:80:c0:65:f6:d6:0d:6d:93:95:bf:05:4b:ae:a8:59:4c:e1: + b1:79:41:98:cf:15:23:11:f5:d1:ee:95:d3:26:f0:37:05:33: + 3f:d9:0b:7b:ac:b4:d3:fa:39:f8:4c:7d:4b:33:fd:14:2d:33: + cf:60:65:4f:ec:f7:02:b9:48:65:76:49:6a:5c:5f:ea:08:3f: + 3c:bd:f2:97:37:04:23:4a:06:41:83:ea:14:44:b4:93:65:61: + ac:d6:e8:f6:e7:13:55:62:c9:70:1e:e0:fe:fb:ea:2d:57:c0: + 75:b7:36:40 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ N6kYdo3+ywlUP0+7X6u6cOm0oV6gaX5FP8DMeOnydGR5wmoW0JgwgkRKs5ksZjCs mYIEKr8PYIkENvop0whWYWqoM0CaU30gqFFvm6DZPtyaix03nq3J/VOnBNwfNj7T ZVKEJGHQTuJBYL/7/bIEsz/rFJlevOh96WXRP/4ESeW7oy3j25bf2YGgMtcBubgC jrmiHwrUJBc6GQ9tOhBfXH24VoLHf0DwLYdjwbHYZMc8JxNKY4IhsfI56QIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQBJxt/O/HE+pRsnHOSeuwT6kxdteciP7ghuWVe2+VqiIRo+p6EMDT8wcFcV -VUyV5OE+mc6eSqbDViIdoSO8/CXIWoR0oQ7dcFmoNikUv//OxW4SxC37E2NmKWNj -g/OroH8SqlxYcDqdribs7NMxB0EXzBQVjtVFSdjy7E1G2ytpFcWZI2vcMcfWU7PS -ZfwX9Rmu2ZWqHpsbzxhhyeEX1PrX4aPPtQnO7Zs8QciImaKr8FWGeI0HRCXFIxFu -/tuSbzWWuqEB+ava0inIcNC5/sGNcmfsCtB15QGd0/kB6gYnbyGZ5UbY/GUNnHIl -gh72Q9boCLGP0qnIvwWrXIBybKyk +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBADiIAujd7n5aM3TnRuufOdMQqQdZU1TXR1d9akcexAl+ +sjNyOeYRMuweFRhjIwfpNLeCVUXUY9V70mAGstWdAH8NVQd4V6u1ZQpN+HMEQaoN +Db9he0yJkakVnvoHdhwgPEMoe5Hwz3CnOK6z0GPqkLbuCZJwJkcRPfImpN5+gfL0 +5U0bpZNyE0w8c5gCXrOflSKAwGX21g1tk5W/BUuuqFlM4bF5QZjPFSMR9dHuldMm +8DcFMz/ZC3ustNP6OfhMfUsz/RQtM89gZU/s9wK5SGV2SWpcX+oIPzy98pc3BCNK +BkGD6hREtJNlYazW6PbnE1ViyXAe4P776i1XwHW3NkA= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-assembled.pem b/certs/test-pathlen/chainH-assembled.pem index 7fd29d571..ddb3edfa3 100644 --- a/certs/test-pathlen/chainH-assembled.pem +++ b/certs/test-pathlen/chainH-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ba:ed:ab:c0:0d:92:6c:10:e4:50:9f:7c:98:cc: 87:fd:28:34:77:c0:58:28:52:2c:28:97:80:ec:78: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 14:a2:2d:29:5a:25:93:ee:26:f8:bc:57:3b:40:a9:f8:b1:1f: - 73:15:57:e9:9b:1c:0b:ee:97:7d:a5:f1:51:7c:93:9e:ec:d4: - aa:5d:65:16:20:a2:71:2c:61:32:5d:1e:0d:c2:cd:b2:ba:8b: - ad:c5:ae:77:1a:e5:ff:72:3f:af:4f:37:0d:8b:2b:00:08:39: - d4:08:eb:68:0b:42:4f:7d:2a:12:b9:bb:f7:f0:14:48:c4:49: - 44:a9:77:81:34:74:28:b4:bd:6d:ce:0a:ad:d3:72:48:66:d6: - 80:b1:b5:ed:6a:66:11:eb:2a:18:ed:da:67:1e:f8:31:33:77: - a9:a6:b4:14:8d:ac:2b:a0:46:79:38:75:1c:82:43:e3:d5:10: - f1:7f:87:44:c2:40:a4:2b:0b:eb:cb:9b:bf:7e:fb:cb:9d:c7: - 86:f8:95:a9:42:ef:58:be:f8:7e:94:51:15:94:57:88:34:60: - 2e:2e:75:d9:20:95:a1:72:eb:87:8c:c3:63:02:7c:f5:17:c9: - dd:39:06:b0:a8:8b:fb:bf:32:5c:e6:8d:32:4a:9f:b9:ba:19: - 6b:6e:98:36:0a:80:5a:06:9f:6a:7d:68:f6:5c:e7:89:7f:d3: - 32:b8:35:04:91:5a:41:1e:dc:41:fc:63:bd:5a:36:42:25:a7: - 92:8b:2c:a7 + 3e:3a:7a:1f:07:bd:a2:e5:5c:7b:66:5a:bd:e0:c1:0d:5e:41: + 13:fe:75:6c:a5:e8:50:13:04:02:26:f0:ab:fe:0e:4e:f1:8a: + 1b:21:0a:5a:a4:4c:1c:3a:0d:92:37:63:46:b5:57:77:89:ba: + b0:33:44:a8:05:a4:52:d9:19:7c:15:f7:1d:c9:dc:3c:70:7f: + d4:99:1e:00:82:00:06:3b:4b:5f:2a:aa:4a:74:06:40:c9:2b: + 18:3d:d1:8c:05:76:69:39:f7:55:20:88:64:94:71:95:9d:f3: + ab:98:3e:71:c5:6f:0b:22:9f:70:d6:f9:03:cf:5b:18:0d:01: + 60:db:22:e8:36:48:9b:4f:1e:b5:83:20:6f:96:db:72:bc:a3: + fc:b7:6b:25:04:df:42:d2:94:5f:b0:f3:c8:26:2a:6a:d9:74: + fc:46:0a:68:66:bc:c3:1f:0b:52:b3:2a:d9:25:97:f4:b6:72: + db:95:29:92:c3:1e:dc:43:90:d3:f0:2b:49:ac:e0:cb:dc:ca: + 39:2b:a1:c9:61:5a:8b:4d:7e:3c:8e:50:8a:0d:f2:d9:2d:8d: + b7:76:18:ac:94:38:a5:ac:d7:99:f0:1f:cb:6d:66:53:14:97: + b5:07:fd:c8:12:68:f6:43:96:ec:c7:59:55:fe:f0:5d:ba:2b: + 70:c1:2d:ee -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,27 +77,27 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBABSiLSla -JZPuJvi8VztAqfixH3MVV+mbHAvul32l8VF8k57s1KpdZRYgonEsYTJdHg3CzbK6 -i63Frnca5f9yP69PNw2LKwAIOdQI62gLQk99KhK5u/fwFEjESUSpd4E0dCi0vW3O -Cq3Tckhm1oCxte1qZhHrKhjt2mce+DEzd6mmtBSNrCugRnk4dRyCQ+PVEPF/h0TC -QKQrC+vLm79++8udx4b4lalC71i++H6UURWUV4g0YC4uddkglaFy64eMw2MCfPUX -yd05BrCoi/u/MlzmjTJKn7m6GWtumDYKgFoGn2p9aPZc54l/0zK4NQSRWkEe3EH8 -Y71aNkIlp5KLLKc= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAD46eh8H +vaLlXHtmWr3gwQ1eQRP+dWyl6FATBAIm8Kv+Dk7xihshClqkTBw6DZI3Y0a1V3eJ +urAzRKgFpFLZGXwV9x3J3Dxwf9SZHgCCAAY7S18qqkp0BkDJKxg90YwFdmk591Ug +iGSUcZWd86uYPnHFbwsin3DW+QPPWxgNAWDbIug2SJtPHrWDIG+W23K8o/y3ayUE +30LSlF+w88gmKmrZdPxGCmhmvMMfC1KzKtkll/S2ctuVKZLDHtxDkNPwK0ms4Mvc +yjkroclhWotNfjyOUIoN8tktjbd2GKyUOKWs15nwH8ttZlMUl7UH/cgSaPZDluzH +WVX+8F26K3DBLe4= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA2-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA1-pathlen0/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c7:f4:a6:7e:f2:cb:4f:6e:04:18:d3:53:d5:cf: bf:7e:97:d1:74:94:fe:db:ad:61:3f:12:20:67:f3: @@ -131,27 +131,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 9f:9b:2c:00:4d:4c:62:f6:75:de:56:fe:15:df:1e:74:11:1c: - 33:0e:84:40:04:4a:d3:9b:20:3a:1c:b2:c0:20:2f:71:f5:d6: - f6:71:f3:a9:9e:f3:a3:e3:0f:fe:d8:97:24:bc:18:0b:54:38: - d2:e5:d4:1d:74:d3:f9:19:a1:e5:5d:7e:61:bb:fb:cd:8b:aa: - 8b:dc:9a:47:5a:ed:e3:57:46:a7:cc:32:5e:71:1d:9b:2b:ad: - a1:60:43:b3:be:80:31:a1:7d:2a:ab:a7:d8:3a:b5:62:95:c5: - 31:24:87:30:1f:fc:41:72:d7:b0:99:df:6c:b5:4c:14:dc:d9: - 4b:0b:a0:90:8b:11:a6:e5:4d:43:17:54:db:a7:4b:fe:1e:65: - 37:f2:1d:f3:6d:f0:6d:1e:13:d3:d0:a9:0c:39:f5:34:07:51: - d2:19:f2:8e:a9:51:77:c7:b0:69:05:dc:44:66:0e:25:e6:78: - 9f:4c:4a:8d:c9:f4:66:4a:e4:60:fd:fa:13:73:2a:46:ce:3b: - aa:f2:89:0d:68:68:75:78:d3:f5:a0:c2:72:16:6c:3c:82:bd: - dd:1c:f7:65:dc:52:00:0e:24:d6:42:df:f5:60:24:9d:06:e6: - 1c:1d:e1:81:23:47:8b:66:a3:c2:49:c1:15:df:13:8b:83:3f: - 89:1d:42:ba + c6:28:f9:c3:81:a4:93:be:43:7c:95:db:e5:cf:fe:0b:1a:1f: + d3:f4:e5:d8:35:77:ee:35:69:16:c9:b5:9c:5a:9b:82:70:41: + f4:c2:e5:ea:dc:9f:3c:06:6e:2e:71:e6:ff:50:42:39:50:57: + 1a:2d:d3:d7:58:83:08:5d:5b:77:58:13:11:f0:66:2b:2c:2a: + e8:1e:e2:a5:d7:e7:c3:3e:83:ae:29:86:ef:29:78:c5:58:b1: + ef:8f:3f:6d:2f:d4:a0:2f:4f:1f:e7:34:33:c9:b5:57:f4:e8: + be:45:4b:c1:ed:a2:89:c3:05:08:d8:a9:37:df:13:b0:78:ad: + eb:18:d1:be:24:f4:1d:64:a1:87:f6:9a:53:48:bc:20:79:49: + 0b:b6:93:db:0b:6f:f5:18:d5:89:ae:39:18:32:a0:a7:e8:65: + 98:75:46:b9:15:1c:f4:11:c2:de:65:10:17:c3:24:b9:d1:fa: + e8:e6:99:cc:aa:fe:1b:17:0a:9c:a1:72:63:4c:4e:99:57:24: + cf:b9:df:ad:7b:1a:a7:63:53:aa:85:c5:68:64:6c:e0:29:e8: + ad:1e:a3:d2:74:7d:10:03:6d:11:48:6a:f0:60:39:69:7f:01: + 0a:a3:e4:0d:f2:64:2c:59:3d:20:19:d1:b1:27:8d:cd:d5:eb: + fe:b2:97:09 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,26 +167,26 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCfmywATUxi9nXeVv4V3x50ERwzDoRABErT -myA6HLLAIC9x9db2cfOpnvOj4w/+2JckvBgLVDjS5dQddNP5GaHlXX5hu/vNi6qL -3JpHWu3jV0anzDJecR2bK62hYEOzvoAxoX0qq6fYOrVilcUxJIcwH/xBctewmd9s -tUwU3NlLC6CQixGm5U1DF1Tbp0v+HmU38h3zbfBtHhPT0KkMOfU0B1HSGfKOqVF3 -x7BpBdxEZg4l5nifTEqNyfRmSuRg/foTcypGzjuq8okNaGh1eNP1oMJyFmw8gr3d -HPdl3FIADiTWQt/1YCSdBuYcHeGBI0eLZqPCScEV3xOLgz+JHUK6 +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQDGKPnDgaSTvkN8ldvlz/4LGh/T9OXYNXfu +NWkWybWcWpuCcEH0wuXq3J88Bm4uceb/UEI5UFcaLdPXWIMIXVt3WBMR8GYrLCro +HuKl1+fDPoOuKYbvKXjFWLHvjz9tL9SgL08f5zQzybVX9Oi+RUvB7aKJwwUI2Kk3 +3xOweK3rGNG+JPQdZKGH9ppTSLwgeUkLtpPbC2/1GNWJrjkYMqCn6GWYdUa5FRz0 +EcLeZRAXwyS50fro5pnMqv4bFwqcoXJjTE6ZVyTPud+texqnY1OqhcVoZGzgKeit +HqPSdH0QA20RSGrwYDlpfwEKo+QN8mQsWT0gGdGxJ43N1ev+spcJ -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA3-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA2-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d9:b5:af:4b:ba:83:03:23:df:50:28:a8:c2:0c: 2c:f0:04:cb:2d:04:9b:1e:f5:f4:68:bc:d4:8e:b4: @@ -220,27 +220,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 19:a6:e8:27:a0:39:d2:86:54:63:76:85:91:3d:3d:97:65:4f: - e2:96:f1:cb:64:7b:07:b3:b4:3a:09:f0:8d:9f:cb:9c:6f:ab: - cc:69:4a:3d:b4:26:01:c0:37:a3:23:56:a0:99:51:9d:a3:33: - 23:58:65:bc:8b:08:be:52:62:ef:8e:74:ed:c8:d0:88:ee:b6: - 14:c0:0a:63:f3:03:6c:df:f9:92:4b:b6:53:6c:86:39:3b:31: - 3e:69:b7:ed:ae:0c:df:2f:00:eb:8f:ed:01:ef:94:f4:8d:ca: - a9:0f:eb:1c:07:1f:56:01:4a:16:69:a0:81:51:a4:08:75:89: - cf:97:e7:6f:03:77:ed:21:ec:8c:2a:78:4a:8a:73:31:63:c2: - 4f:b8:43:ad:d8:5e:60:3d:1c:7f:89:f0:08:d1:65:9a:7b:be: - 22:fb:74:a9:25:6c:38:c2:f8:66:22:af:37:da:c6:58:99:cc: - 62:c2:44:8e:07:70:9f:64:64:bc:52:54:f6:5e:23:da:b5:84: - 45:d3:4c:00:22:0a:43:f1:4d:f0:50:77:78:fa:01:4c:23:08: - 26:ac:d3:70:99:db:ee:0d:cc:57:aa:27:aa:5f:6d:ed:3b:2a: - 8f:9b:7a:fa:82:e7:f9:41:6d:e4:61:3a:75:2c:4e:f3:2c:7c: - b9:c2:0f:23 + 5a:18:36:0e:02:33:b8:aa:7d:a2:67:a2:30:22:b0:f1:d0:69: + d9:d9:13:53:4f:74:b1:8d:6f:b7:d9:62:78:5c:e6:97:51:02: + ac:3f:54:02:bc:db:7e:b1:31:0c:e5:bf:7e:ff:bf:ee:d5:73: + d0:a5:41:c7:bc:98:4b:35:86:44:b4:cb:eb:d8:ae:17:c5:55: + 46:5d:66:c1:06:97:be:28:e7:23:dc:60:d0:dd:14:fc:17:fd: + 1e:ed:61:f7:1c:44:de:e7:19:52:2a:a3:ec:8e:47:7e:10:66: + f3:b9:e4:d5:ee:2f:d5:cf:a3:58:06:72:99:3b:27:2b:f5:fe: + 46:ed:17:ae:76:85:36:39:5c:c7:a7:f5:08:c5:df:39:e1:a7: + 6e:20:d4:5a:34:9e:f1:c5:97:eb:d7:99:2e:15:c6:35:64:2b: + e1:f9:22:73:c6:83:30:4c:5b:0a:9f:0d:6a:48:da:6d:b0:5d: + b4:7b:9d:37:ac:67:61:f7:e0:53:cc:15:24:e5:81:8b:9f:01: + 62:91:48:52:36:94:1a:fa:ec:d2:e0:c6:5b:22:52:42:80:ab: + 4b:0a:d4:9a:cb:60:7c:bb:d0:d2:3e:73:88:4d:97:21:e9:fb: + 43:80:bf:59:96:8f:b1:52:65:13:db:4a:4e:22:6a:8e:af:f2: + 91:e3:6c:4c -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -256,26 +256,26 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAZpugnoDnShlRjdoWRPT2XZU/ilvHLZHsH -s7Q6CfCNn8ucb6vMaUo9tCYBwDejI1agmVGdozMjWGW8iwi+UmLvjnTtyNCI7rYU -wApj8wNs3/mSS7ZTbIY5OzE+abftrgzfLwDrj+0B75T0jcqpD+scBx9WAUoWaaCB -UaQIdYnPl+dvA3ftIeyMKnhKinMxY8JPuEOt2F5gPRx/ifAI0WWae74i+3SpJWw4 -wvhmIq832sZYmcxiwkSOB3CfZGS8UlT2XiPatYRF00wAIgpD8U3wUHd4+gFMIwgm -rNNwmdvuDcxXqieqX23tOyqPm3r6guf5QW3kYTp1LE7zLHy5wg8j +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBaGDYOAjO4qn2iZ6IwIrDx0GnZ2RNTT3Sx +jW+32WJ4XOaXUQKsP1QCvNt+sTEM5b9+/7/u1XPQpUHHvJhLNYZEtMvr2K4XxVVG +XWbBBpe+KOcj3GDQ3RT8F/0e7WH3HETe5xlSKqPsjkd+EGbzueTV7i/Vz6NYBnKZ +Oycr9f5G7ReudoU2OVzHp/UIxd854aduINRaNJ7xxZfr15kuFcY1ZCvh+SJzxoMw +TFsKnw1qSNptsF20e503rGdh9+BTzBUk5YGLnwFikUhSNpQa+uzS4MZbIlJCgKtL +CtSay2B8u9DSPnOITZch6ftDgL9Zlo+xUmUT20pOImqOr/KR42xM -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA4-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA3-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b7:b3:1a:1b:4a:80:1b:a2:e5:95:14:bc:55:e4: 77:dc:f3:7b:8a:9f:34:7c:93:db:c9:c9:d0:8b:b8: @@ -309,27 +309,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 31:21:a9:63:af:5f:5d:49:3f:34:d3:19:1b:f9:88:c1:a9:87: - 88:4e:60:9d:72:d3:7f:be:6a:54:73:46:4a:84:7c:ce:8d:7d: - 3b:d5:7d:e9:43:69:35:dc:d8:65:2e:49:5b:cd:10:33:20:40: - 9a:ba:71:64:6e:7a:50:f5:49:82:5f:75:31:66:77:11:d2:78: - 7b:26:ec:ed:12:e0:44:e1:c4:ae:36:d1:ed:f6:40:51:84:14: - 22:2d:7b:23:27:eb:ee:76:b0:84:57:61:46:58:f0:46:74:94: - 36:49:e4:f0:cb:6a:a5:c8:68:db:76:f5:f1:e0:4b:98:18:d7: - 2d:ad:f6:6b:38:f6:af:c1:e5:d9:b0:d4:af:ce:d0:09:af:14: - 99:b1:e9:e7:4c:c2:ea:3a:75:a3:e1:04:20:35:bd:41:e3:73: - bc:5a:b4:d5:a5:d6:87:c4:89:20:1e:27:98:90:80:81:3f:45: - 10:5d:35:ee:d1:6d:2c:c3:d7:27:35:6b:56:6c:cb:b2:21:b7: - fc:15:c4:ea:24:84:2e:ba:60:98:ed:7c:0c:93:dc:a7:59:d7: - b5:d2:8a:05:7f:42:f5:bc:0b:92:6c:99:08:eb:8a:30:3b:d8: - 1a:a2:c4:f4:6e:c3:a5:1d:83:a0:40:47:35:0e:21:59:0d:bf: - 8a:be:ae:dd + 6b:f3:44:8b:f9:5d:a8:c0:26:49:f1:51:f0:be:72:53:5d:73: + d7:a2:a2:58:e0:6c:93:68:03:3d:cc:0b:70:27:48:6c:c7:34: + 0e:6b:32:02:d0:c1:65:99:c0:ed:b4:b0:ef:f1:09:0c:8e:5c: + b0:3b:79:7d:eb:a3:7c:a7:4c:8e:01:b2:b3:f5:53:64:3d:9b: + 2d:35:89:2e:7b:68:df:f2:86:e5:f5:50:f8:e0:57:80:ac:b1: + 96:7d:5f:84:f1:88:07:bb:eb:be:c8:a0:26:9d:88:9b:f5:45: + 2f:e5:75:01:77:55:fd:46:d6:7a:a1:85:26:a2:4c:43:cd:7b: + 30:4a:e2:8f:62:ed:e0:32:0f:21:3c:94:67:89:5c:81:d9:bb: + 9d:d6:c5:ca:95:86:e5:b9:b1:67:94:2e:e7:64:cd:14:65:0e: + da:13:54:85:53:c4:e8:01:e5:54:e3:52:8c:ac:17:cf:01:02: + 90:c7:92:c0:1a:cb:c4:05:38:08:aa:27:e7:bd:6a:89:28:e4: + a8:b4:17:30:72:0a:18:a7:20:91:fc:27:74:66:c4:5d:14:6e: + b1:6c:94:dd:74:67:f8:7e:c2:a2:0e:a6:38:7d:3f:ba:ae:ec: + e6:b1:81:6c:46:49:2c:06:66:ca:56:9c:a9:27:36:a1:a3:3d: + ba:4c:7d:d5 -----BEGIN CERTIFICATE----- MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaExCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -345,26 +345,26 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQELBQADggEBADEhqWOvX11JPzTTGRv5iMGph4hOYJ1y03++alRzRkqEfM6NfTvV -felDaTXc2GUuSVvNEDMgQJq6cWRuelD1SYJfdTFmdxHSeHsm7O0S4EThxK420e32 -QFGEFCIteyMn6+52sIRXYUZY8EZ0lDZJ5PDLaqXIaNt29fHgS5gY1y2t9ms49q/B -5dmw1K/O0AmvFJmx6edMwuo6daPhBCA1vUHjc7xatNWl1ofEiSAeJ5iQgIE/RRBd -Ne7RbSzD1yc1a1Zsy7Iht/wVxOokhC66YJjtfAyT3KdZ17XSigV/QvW8C5JsmQjr -ijA72BqixPRuw6Udg6BARzUOIVkNv4q+rt0= +AQELBQADggEBAGvzRIv5XajAJknxUfC+clNdc9eioljgbJNoAz3MC3AnSGzHNA5r +MgLQwWWZwO20sO/xCQyOXLA7eX3ro3ynTI4BsrP1U2Q9my01iS57aN/yhuX1UPjg +V4CssZZ9X4TxiAe7677IoCadiJv1RS/ldQF3Vf1G1nqhhSaiTEPNezBK4o9i7eAy +DyE8lGeJXIHZu53WxcqVhuW5sWeULudkzRRlDtoTVIVTxOgB5VTjUoysF88BApDH +ksAay8QFOAiqJ+e9aoko5Ki0FzByChinIJH8J3RmxF0UbrFslN10Z/h+wqIOpjh9 +P7qu7OaxgWxGSSwGZspWnKknNqGjPbpMfdU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA4-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:f3:2f:8a:cd:9e:87:f1:01:f3:a4:c0:2d:66: 36:d7:11:2e:64:08:e8:f1:99:fa:a6:9c:f4:bd:3b: @@ -391,34 +391,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 49:c6:df:ce:fc:71:3e:a5:1b:27:1c:e4:9e:bb:04:fa:93:17: - 6d:79:c8:8f:ee:08:6e:59:57:b6:f9:5a:a2:21:1a:3e:a7:a1: - 0c:0d:3f:30:70:57:15:55:4c:95:e4:e1:3e:99:ce:9e:4a:a6: - c3:56:22:1d:a1:23:bc:fc:25:c8:5a:84:74:a1:0e:dd:70:59: - a8:36:29:14:bf:ff:ce:c5:6e:12:c4:2d:fb:13:63:66:29:63: - 63:83:f3:ab:a0:7f:12:aa:5c:58:70:3a:9d:ae:26:ec:ec:d3: - 31:07:41:17:cc:14:15:8e:d5:45:49:d8:f2:ec:4d:46:db:2b: - 69:15:c5:99:23:6b:dc:31:c7:d6:53:b3:d2:65:fc:17:f5:19: - ae:d9:95:aa:1e:9b:1b:cf:18:61:c9:e1:17:d4:fa:d7:e1:a3: - cf:b5:09:ce:ed:9b:3c:41:c8:88:99:a2:ab:f0:55:86:78:8d: - 07:44:25:c5:23:11:6e:fe:db:92:6f:35:96:ba:a1:01:f9:ab: - da:d2:29:c8:70:d0:b9:fe:c1:8d:72:67:ec:0a:d0:75:e5:01: - 9d:d3:f9:01:ea:06:27:6f:21:99:e5:46:d8:fc:65:0d:9c:72: - 25:82:1e:f6:43:d6:e8:08:b1:8f:d2:a9:c8:bf:05:ab:5c:80: - 72:6c:ac:a4 + 38:88:02:e8:dd:ee:7e:5a:33:74:e7:46:eb:9f:39:d3:10:a9: + 07:59:53:54:d7:47:57:7d:6a:47:1e:c4:09:7e:b2:33:72:39: + e6:11:32:ec:1e:15:18:63:23:07:e9:34:b7:82:55:45:d4:63: + d5:7b:d2:60:06:b2:d5:9d:00:7f:0d:55:07:78:57:ab:b5:65: + 0a:4d:f8:73:04:41:aa:0d:0d:bf:61:7b:4c:89:91:a9:15:9e: + fa:07:76:1c:20:3c:43:28:7b:91:f0:cf:70:a7:38:ae:b3:d0: + 63:ea:90:b6:ee:09:92:70:26:47:11:3d:f2:26:a4:de:7e:81: + f2:f4:e5:4d:1b:a5:93:72:13:4c:3c:73:98:02:5e:b3:9f:95: + 22:80:c0:65:f6:d6:0d:6d:93:95:bf:05:4b:ae:a8:59:4c:e1: + b1:79:41:98:cf:15:23:11:f5:d1:ee:95:d3:26:f0:37:05:33: + 3f:d9:0b:7b:ac:b4:d3:fa:39:f8:4c:7d:4b:33:fd:14:2d:33: + cf:60:65:4f:ec:f7:02:b9:48:65:76:49:6a:5c:5f:ea:08:3f: + 3c:bd:f2:97:37:04:23:4a:06:41:83:ea:14:44:b4:93:65:61: + ac:d6:e8:f6:e7:13:55:62:c9:70:1e:e0:fe:fb:ea:2d:57:c0: + 75:b7:36:40 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -428,16 +428,16 @@ N6kYdo3+ywlUP0+7X6u6cOm0oV6gaX5FP8DMeOnydGR5wmoW0JgwgkRKs5ksZjCs mYIEKr8PYIkENvop0whWYWqoM0CaU30gqFFvm6DZPtyaix03nq3J/VOnBNwfNj7T ZVKEJGHQTuJBYL/7/bIEsz/rFJlevOh96WXRP/4ESeW7oy3j25bf2YGgMtcBubgC jrmiHwrUJBc6GQ9tOhBfXH24VoLHf0DwLYdjwbHYZMc8JxNKY4IhsfI56QIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQBJxt/O/HE+pRsnHOSeuwT6kxdteciP7ghuWVe2+VqiIRo+p6EMDT8wcFcV -VUyV5OE+mc6eSqbDViIdoSO8/CXIWoR0oQ7dcFmoNikUv//OxW4SxC37E2NmKWNj -g/OroH8SqlxYcDqdribs7NMxB0EXzBQVjtVFSdjy7E1G2ytpFcWZI2vcMcfWU7PS -ZfwX9Rmu2ZWqHpsbzxhhyeEX1PrX4aPPtQnO7Zs8QciImaKr8FWGeI0HRCXFIxFu -/tuSbzWWuqEB+ava0inIcNC5/sGNcmfsCtB15QGd0/kB6gYnbyGZ5UbY/GUNnHIl -gh72Q9boCLGP0qnIvwWrXIBybKyk +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBADiIAujd7n5aM3TnRuufOdMQqQdZU1TXR1d9akcexAl+ +sjNyOeYRMuweFRhjIwfpNLeCVUXUY9V70mAGstWdAH8NVQd4V6u1ZQpN+HMEQaoN +Db9he0yJkakVnvoHdhwgPEMoe5Hwz3CnOK6z0GPqkLbuCZJwJkcRPfImpN5+gfL0 +5U0bpZNyE0w8c5gCXrOflSKAwGX21g1tk5W/BUuuqFlM4bF5QZjPFSMR9dHuldMm +8DcFMz/ZC3ustNP6OfhMfUsz/RQtM89gZU/s9wK5SGV2SWpcX+oIPzy98pc3BCNK +BkGD6hREtJNlYazW6PbnE1ViyXAe4P776i1XwHW3NkA= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-entity.pem b/certs/test-pathlen/chainH-entity.pem index b7fb67aee..d8ffb3c47 100644 --- a/certs/test-pathlen/chainH-entity.pem +++ b/certs/test-pathlen/chainH-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-ICA1-pathlen0/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainH-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:ba:ed:ab:c0:0d:92:6c:10:e4:50:9f:7c:98:cc: 87:fd:28:34:77:c0:58:28:52:2c:28:97:80:ec:78: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 14:a2:2d:29:5a:25:93:ee:26:f8:bc:57:3b:40:a9:f8:b1:1f: - 73:15:57:e9:9b:1c:0b:ee:97:7d:a5:f1:51:7c:93:9e:ec:d4: - aa:5d:65:16:20:a2:71:2c:61:32:5d:1e:0d:c2:cd:b2:ba:8b: - ad:c5:ae:77:1a:e5:ff:72:3f:af:4f:37:0d:8b:2b:00:08:39: - d4:08:eb:68:0b:42:4f:7d:2a:12:b9:bb:f7:f0:14:48:c4:49: - 44:a9:77:81:34:74:28:b4:bd:6d:ce:0a:ad:d3:72:48:66:d6: - 80:b1:b5:ed:6a:66:11:eb:2a:18:ed:da:67:1e:f8:31:33:77: - a9:a6:b4:14:8d:ac:2b:a0:46:79:38:75:1c:82:43:e3:d5:10: - f1:7f:87:44:c2:40:a4:2b:0b:eb:cb:9b:bf:7e:fb:cb:9d:c7: - 86:f8:95:a9:42:ef:58:be:f8:7e:94:51:15:94:57:88:34:60: - 2e:2e:75:d9:20:95:a1:72:eb:87:8c:c3:63:02:7c:f5:17:c9: - dd:39:06:b0:a8:8b:fb:bf:32:5c:e6:8d:32:4a:9f:b9:ba:19: - 6b:6e:98:36:0a:80:5a:06:9f:6a:7d:68:f6:5c:e7:89:7f:d3: - 32:b8:35:04:91:5a:41:1e:dc:41:fc:63:bd:5a:36:42:25:a7: - 92:8b:2c:a7 + 3e:3a:7a:1f:07:bd:a2:e5:5c:7b:66:5a:bd:e0:c1:0d:5e:41: + 13:fe:75:6c:a5:e8:50:13:04:02:26:f0:ab:fe:0e:4e:f1:8a: + 1b:21:0a:5a:a4:4c:1c:3a:0d:92:37:63:46:b5:57:77:89:ba: + b0:33:44:a8:05:a4:52:d9:19:7c:15:f7:1d:c9:dc:3c:70:7f: + d4:99:1e:00:82:00:06:3b:4b:5f:2a:aa:4a:74:06:40:c9:2b: + 18:3d:d1:8c:05:76:69:39:f7:55:20:88:64:94:71:95:9d:f3: + ab:98:3e:71:c5:6f:0b:22:9f:70:d6:f9:03:cf:5b:18:0d:01: + 60:db:22:e8:36:48:9b:4f:1e:b5:83:20:6f:96:db:72:bc:a3: + fc:b7:6b:25:04:df:42:d2:94:5f:b0:f3:c8:26:2a:6a:d9:74: + fc:46:0a:68:66:bc:c3:1f:0b:52:b3:2a:d9:25:97:f4:b6:72: + db:95:29:92:c3:1e:dc:43:90:d3:f0:2b:49:ac:e0:cb:dc:ca: + 39:2b:a1:c9:61:5a:8b:4d:7e:3c:8e:50:8a:0d:f2:d9:2d:8d: + b7:76:18:ac:94:38:a5:ac:d7:99:f0:1f:cb:6d:66:53:14:97: + b5:07:fd:c8:12:68:f6:43:96:ec:c7:59:55:fe:f0:5d:ba:2b: + 70:c1:2d:ee -----BEGIN CERTIFICATE----- MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgZoxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBABSiLSla -JZPuJvi8VztAqfixH3MVV+mbHAvul32l8VF8k57s1KpdZRYgonEsYTJdHg3CzbK6 -i63Frnca5f9yP69PNw2LKwAIOdQI62gLQk99KhK5u/fwFEjESUSpd4E0dCi0vW3O -Cq3Tckhm1oCxte1qZhHrKhjt2mce+DEzd6mmtBSNrCugRnk4dRyCQ+PVEPF/h0TC -QKQrC+vLm79++8udx4b4lalC71i++H6UURWUV4g0YC4uddkglaFy64eMw2MCfPUX -yd05BrCoi/u/MlzmjTJKn7m6GWtumDYKgFoGn2p9aPZc54l/0zK4NQSRWkEe3EH8 -Y71aNkIlp5KLLKc= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAD46eh8H +vaLlXHtmWr3gwQ1eQRP+dWyl6FATBAIm8Kv+Dk7xihshClqkTBw6DZI3Y0a1V3eJ +urAzRKgFpFLZGXwV9x3J3Dxwf9SZHgCCAAY7S18qqkp0BkDJKxg90YwFdmk591Ug +iGSUcZWd86uYPnHFbwsin3DW+QPPWxgNAWDbIug2SJtPHrWDIG+W23K8o/y3ayUE +30LSlF+w88gmKmrZdPxGCmhmvMMfC1KzKtkll/S2ctuVKZLDHtxDkNPwK0ms4Mvc +yjkroclhWotNfjyOUIoN8tktjbd2GKyUOKWs15nwH8ttZlMUl7UH/cgSaPZDluzH +WVX+8F26K3DBLe4= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA1-no_pathlen.pem b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem index c8cfd0d92..8a23611d7 100644 --- a/certs/test-pathlen/chainI-ICA1-no_pathlen.pem +++ b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 5c:9d:46:b6:82:50:18:af:da:a3:05:8a:ef:78:f7:8f:2a:72: - 3d:08:30:9e:60:bf:01:8d:bc:71:b2:15:85:aa:61:3b:14:8f: - 60:0c:ad:1f:a1:a2:db:62:5f:31:5a:44:36:d8:c1:34:d3:c4: - d7:04:d6:33:d1:3e:4b:81:73:df:5e:41:1e:56:7d:4d:12:a6: - c0:94:92:9d:cc:8c:ff:a2:02:8d:ce:9a:d4:00:69:66:06:7e: - ab:1f:29:1e:b9:0b:ae:31:0c:0d:b5:44:a1:46:3e:f6:18:cb: - fe:f9:9b:e6:0e:82:7c:49:63:08:34:08:ff:9c:0f:1c:28:cf: - 89:78:2b:53:00:b4:4b:f6:98:48:df:40:59:99:8d:69:f3:f9: - 6f:88:73:b1:63:4a:3b:11:c7:89:75:fa:33:8e:1d:2d:7f:c2: - 19:13:8a:fd:8a:5a:39:e1:c8:6e:55:43:54:df:da:c4:d3:1b: - 79:83:d2:63:f7:d6:85:b5:be:7d:53:98:26:68:cb:37:25:70: - 36:6d:ba:7d:08:54:a5:03:70:97:dc:a0:7c:f3:ce:44:47:9d: - 5a:53:63:ed:7e:07:bc:5f:4e:b2:53:a0:40:1e:d8:a8:19:22: - c5:2d:74:5a:02:32:0d:58:37:a6:36:b3:bf:57:1a:3c:24:c1: - 7b:f4:b1:71 + 36:af:a0:d5:be:f3:a5:07:f1:ac:be:df:d1:c4:e9:e2:08:62: + 40:7d:16:6a:26:ca:63:22:39:57:d5:36:11:ea:48:65:48:f6: + a3:86:8d:f3:34:d6:62:c0:e5:f2:5e:5a:d8:ac:1e:5d:cc:8c: + ef:9e:ac:b3:ea:f9:a9:08:63:68:da:c9:b5:1a:42:62:5b:0c: + 19:d5:f8:c0:24:ae:87:42:66:32:6d:49:e6:af:99:53:3f:2a: + 6f:89:d6:14:3c:50:14:9f:b0:4f:eb:25:71:6c:a7:75:25:57: + db:dc:c4:e9:2a:06:26:b3:85:b7:c6:22:94:b9:d7:b9:21:e8: + a1:39:d7:2c:6e:fa:29:97:a5:48:7e:f6:7c:3b:62:51:d4:96: + 65:f0:88:d8:e5:45:7a:22:dd:2c:0d:1a:d3:4b:3a:0a:3d:71: + 07:6e:0b:b6:5a:93:ff:ae:db:0b:b7:f0:20:88:3a:af:75:04: + aa:ab:d4:4e:73:1b:f9:a6:69:cd:c3:21:bc:f3:b3:2b:ef:47: + 3c:86:30:2b:1d:10:1c:68:b9:99:4d:79:a0:23:3f:ca:3d:c7: + f0:d7:57:86:1f:12:2b:73:83:0d:64:bd:51:4d:b7:2d:17:8a: + 47:b1:3a:2c:35:f9:fd:d4:3b:0a:fd:0e:4a:dd:c1:f7:90:de: + d0:42:ba:9d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBozELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A @@ -80,10 +80,10 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAXJ1GtoJQGK/aowWK73j3jypyPQgwnmC/ -AY28cbIVhaphOxSPYAytH6Gi22JfMVpENtjBNNPE1wTWM9E+S4Fz315BHlZ9TRKm -wJSSncyM/6ICjc6a1ABpZgZ+qx8pHrkLrjEMDbVEoUY+9hjL/vmb5g6CfEljCDQI -/5wPHCjPiXgrUwC0S/aYSN9AWZmNafP5b4hzsWNKOxHHiXX6M44dLX/CGROK/Ypa -OeHIblVDVN/axNMbeYPSY/fWhbW+fVOYJmjLNyVwNm26fQhUpQNwl9ygfPPOREed -WlNj7X4HvF9OslOgQB7YqBkixS10WgIyDVg3pjazv1caPCTBe/SxcQ== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEANq+g1b7zpQfxrL7f0cTp4ghiQH0WaibK +YyI5V9U2EepIZUj2o4aN8zTWYsDl8l5a2KweXcyM756ss+r5qQhjaNrJtRpCYlsM +GdX4wCSuh0JmMm1J5q+ZUz8qb4nWFDxQFJ+wT+slcWyndSVX29zE6SoGJrOFt8Yi +lLnXuSHooTnXLG76KZelSH72fDtiUdSWZfCI2OVFeiLdLA0a00s6Cj1xB24LtlqT +/67bC7fwIIg6r3UEqqvUTnMb+aZpzcMhvPOzK+9HPIYwKx0QHGi5mU15oCM/yj3H +8NdXhh8SK3ODDWS9UU23LReKR7E6LDX5/dQ7Cv0OSt3B95De0EK6nQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA2-no_pathlen.pem b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem index 468d48eee..b964fa7e3 100644 --- a/certs/test-pathlen/chainI-ICA2-no_pathlen.pem +++ b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 92:01:86:22:0c:3e:a5:4f:fb:c5:5e:16:96:9e:a0:e1:1c:58: - 2e:d7:6c:13:44:5e:55:97:3b:35:a6:17:b2:26:1a:ea:2e:b3: - 06:e6:2e:92:ce:c2:56:7e:a3:3b:26:0d:8f:9a:91:9b:cf:84: - 90:e3:55:b8:84:4d:78:c0:ba:f1:76:d0:ad:cc:31:e5:53:18: - 6f:61:27:6e:fe:c7:9d:ea:a2:99:76:83:8c:b8:44:7c:f2:f5: - 3c:b0:49:f3:b3:a9:9c:33:b6:2b:1b:e0:4b:1f:bf:fe:34:1a: - cd:e3:31:ae:a1:0b:91:3e:0a:e5:3e:68:da:28:66:53:14:cc: - 9b:d1:d5:ab:ed:2b:bf:bc:c3:33:68:08:a9:44:e1:4a:ba:5d: - 2b:bd:b7:f5:e9:36:36:61:98:fb:b1:35:0d:ee:30:ec:ed:7d: - fe:dd:d0:a6:46:a6:7f:0e:ac:91:7b:7d:8e:a2:0d:77:81:20: - 77:a2:4e:98:1d:97:0d:9e:4a:c5:fe:0a:e0:e4:75:86:b1:e9: - f8:b4:42:31:a3:87:70:7c:bd:0d:79:fa:70:40:8e:b5:12:c7: - c5:be:b9:6b:7c:9e:ec:47:f0:3a:39:47:42:81:de:11:cf:4a: - 72:51:a1:36:e8:57:e7:d9:e5:f5:b0:c6:ca:bb:d2:c3:9d:73: - b5:80:a2:1c + 98:63:ad:48:55:94:8f:37:2d:a1:38:e1:1a:99:cd:2a:34:9b: + 43:b7:d3:ac:1b:67:1e:61:bf:4d:ab:21:32:63:61:6a:3e:0e: + 2d:8e:b9:2f:99:5e:a0:1d:94:4c:5c:ce:d5:6c:85:db:9a:4e: + 94:ab:f2:73:02:cc:62:90:a1:5b:a4:6c:ee:92:55:05:87:9f: + 4a:3b:11:21:b8:b5:68:03:89:4d:ed:33:17:53:a1:8d:ec:aa: + 66:0a:7b:18:3c:00:8c:75:b9:82:fb:66:63:81:cd:42:e6:b1: + 95:5d:33:0a:04:42:20:51:e3:19:89:fa:00:1d:96:87:17:e3: + 57:f8:da:09:9b:6a:1e:e4:57:bf:9d:d1:a5:39:18:a3:1f:99: + 9a:cd:80:d7:52:b7:e0:bf:ba:9c:ef:6e:fa:b1:dc:d7:29:58: + 15:05:c2:98:49:18:2b:23:24:a5:c4:ce:9e:f3:6b:3e:3e:a6: + 16:6e:82:89:0f:a7:af:53:a0:be:20:8c:90:4b:f0:31:54:79: + 64:ed:6b:b3:86:66:83:b9:fb:9a:f8:e6:5e:08:44:8c:5e:a9: + b2:94:12:ee:eb:f1:21:e2:64:3c:59:bc:89:91:d9:01:bd:87: + c7:94:30:d2:95:cf:34:f6:49:ea:ee:e1:34:05:48:27:a9:c6: + 2a:cc:eb:9b -----BEGIN CERTIFICATE----- MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaMxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaMxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -80,10 +80,10 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQCSAYYiDD6lT/vFXhaWnqDhHFgu12wTRF5Vlzs1pheyJhrqLrMG5i6S -zsJWfqM7Jg2PmpGbz4SQ41W4hE14wLrxdtCtzDHlUxhvYSdu/sed6qKZdoOMuER8 -8vU8sEnzs6mcM7YrG+BLH7/+NBrN4zGuoQuRPgrlPmjaKGZTFMyb0dWr7Su/vMMz -aAipROFKul0rvbf16TY2YZj7sTUN7jDs7X3+3dCmRqZ/DqyRe32Oog13gSB3ok6Y -HZcNnkrF/grg5HWGsen4tEIxo4dwfL0NefpwQI61EsfFvrlrfJ7sR/A6OUdCgd4R -z0pyUaE26Ffn2eX1sMbKu9LDnXO1gKIc +CwUAA4IBAQCYY61IVZSPNy2hOOEamc0qNJtDt9OsG2ceYb9NqyEyY2FqPg4tjrkv +mV6gHZRMXM7VbIXbmk6Uq/JzAsxikKFbpGzuklUFh59KOxEhuLVoA4lN7TMXU6GN +7KpmCnsYPACMdbmC+2Zjgc1C5rGVXTMKBEIgUeMZifoAHZaHF+NX+NoJm2oe5Fe/ +ndGlORijH5mazYDXUrfgv7qc7276sdzXKVgVBcKYSRgrIySlxM6e82s+PqYWboKJ +D6evU6C+IIyQS/AxVHlk7WuzhmaDufua+OZeCESMXqmylBLu6/Eh4mQ8WbyJkdkB +vYfHlDDSlc809knq7uE0BUgnqcYqzOub -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA3-pathlen2.pem b/certs/test-pathlen/chainI-ICA3-pathlen2.pem index f6370b449..6b30c7f3b 100644 --- a/certs/test-pathlen/chainI-ICA3-pathlen2.pem +++ b/certs/test-pathlen/chainI-ICA3-pathlen2.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 6f:ba:0f:86:af:8b:12:74:05:b4:74:01:31:bd:fa:54:af:e2: - 2a:19:5d:c2:a2:eb:de:1e:50:00:77:da:17:d2:ff:52:80:3d: - f5:e5:81:b6:17:00:f7:62:b8:e4:a8:3c:44:99:46:02:09:fa: - 38:bd:ea:dd:1b:29:06:79:e1:a7:e8:0c:de:8d:58:0a:fd:98: - 74:84:05:78:ec:50:e4:a7:3a:38:67:2d:90:57:35:28:b6:89: - f4:41:0e:c3:b9:70:3c:eb:f3:b3:eb:27:14:a2:bc:2e:3a:bb: - 82:9b:5e:2e:bb:bd:9f:ae:ff:27:1b:07:35:a3:b2:05:f7:4d: - 8e:33:ee:93:16:b9:89:2e:ea:e0:dd:52:21:5d:bf:11:70:a7: - 5c:36:e7:7b:81:d0:47:e6:97:f4:2b:72:ce:03:12:0f:08:1e: - 89:da:cf:88:e1:74:4d:1b:0d:72:7b:16:bf:bc:f9:8f:03:8a: - 03:df:ad:db:14:83:cf:31:36:72:cb:ff:7d:ba:8b:71:28:bc: - 23:26:d4:50:9c:64:20:ee:e8:34:ce:a9:ee:b5:32:e7:1a:ef: - e6:2e:76:9b:b4:15:33:3f:ed:af:c0:01:a6:1b:81:1e:18:da: - b6:88:15:59:d5:37:03:f2:31:2c:69:0e:30:66:66:7b:cc:16: - 1f:96:5d:ff + 74:07:c0:d6:4e:74:54:c7:76:ae:b9:0c:0c:90:89:9a:0c:e3: + 96:09:5d:df:d4:2a:0c:c3:0d:a0:e8:8d:a6:1f:8c:15:df:76: + 29:1d:45:72:26:01:95:da:0a:dd:75:bd:59:ed:53:d0:ec:f6: + a4:5c:43:65:cb:62:1b:96:5f:28:07:5b:fd:4f:f4:fb:3f:a5: + 08:dd:ec:2e:ab:37:83:90:1f:d2:bf:6c:cd:e5:c6:40:46:b1: + d0:f4:c1:68:aa:28:64:07:20:97:a5:56:4e:54:fe:52:58:05: + 28:9c:64:fa:29:6f:b7:88:1b:ef:9d:4d:91:44:9e:f5:2f:73: + c0:a7:0d:d0:a5:07:55:c0:cc:85:bb:3a:85:5d:03:a9:b1:2f: + 55:cd:f0:bf:67:0b:90:b4:0d:78:12:ea:bb:62:bd:2b:16:77: + 2f:02:1a:12:fd:d8:fa:52:ab:8c:c0:d4:d2:e2:cd:b8:62:69: + ac:30:50:d6:44:35:01:b9:50:8d:35:84:9f:b9:d6:ca:0c:0b: + d2:f3:5e:1e:42:7f:83:79:b6:48:04:3a:80:b1:97:87:b1:93: + 6a:a3:57:6e:86:fd:ef:2b:95:c8:24:d0:66:a2:0b:f1:9b:6d: + a6:6b:6d:83:2d:c1:5f:25:dd:4a:d0:f7:4c:94:b0:c3:6f:bc: + ca:ef:c1:4a -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk 5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQBvug+Gr4sSdAW0dAExvfpUr+IqGV3CouveHlAAd9oX0v9SgD315YG2FwD3 -YrjkqDxEmUYCCfo4verdGykGeeGn6AzejVgK/Zh0hAV47FDkpzo4Zy2QVzUoton0 -QQ7DuXA86/Oz6ycUorwuOruCm14uu72frv8nGwc1o7IF902OM+6TFrmJLurg3VIh -Xb8RcKdcNud7gdBH5pf0K3LOAxIPCB6J2s+I4XRNGw1yexa/vPmPA4oD363bFIPP -MTZyy/99uotxKLwjJtRQnGQg7ug0zqnutTLnGu/mLnabtBUzP+2vwAGmG4EeGNq2 -iBVZ1TcD8jEsaQ4wZmZ7zBYfll3/ +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAHQHwNZOdFTHdq65DAyQiZoM45YJXd/UKgzDDaDojaYf +jBXfdikdRXImAZXaCt11vVntU9Ds9qRcQ2XLYhuWXygHW/1P9Ps/pQjd7C6rN4OQ +H9K/bM3lxkBGsdD0wWiqKGQHIJelVk5U/lJYBSicZPopb7eIG++dTZFEnvUvc8Cn +DdClB1XAzIW7OoVdA6mxL1XN8L9nC5C0DXgS6rtivSsWdy8CGhL92PpSq4zA1NLi +zbhiaawwUNZENQG5UI01hJ+51soMC9LzXh5Cf4N5tkgEOoCxl4exk2qjV26G/e8r +lcgk0GaiC/GbbaZrbYMtwV8l3UrQ90yUsMNvvMrvwUo= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-assembled.pem b/certs/test-pathlen/chainI-assembled.pem index 27b81d462..10e047cbc 100644 --- a/certs/test-pathlen/chainI-assembled.pem +++ b/certs/test-pathlen/chainI-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 84:1b:07:96:79:b0:eb:77:83:c4:7a:f7:ee:c0:9a:32:15:47: - 1f:33:26:d7:17:c7:0f:69:09:e0:8f:50:d1:b9:c1:99:f4:0a: - 24:2d:18:1a:14:14:29:91:d6:cf:bb:11:92:80:74:a6:92:16: - 54:ed:ad:01:b4:97:71:67:59:53:43:37:14:dd:a8:1d:5b:96: - 35:b1:80:ff:41:0e:ae:f7:da:2f:d2:01:bd:4b:73:50:fb:f0: - 8e:2b:58:f8:43:c6:7a:5b:95:14:51:a2:36:f9:09:ec:83:1a: - 13:44:53:58:2a:f2:83:71:64:5d:99:7c:b8:c7:28:16:7e:8e: - b6:31:e3:1f:fa:35:35:8e:96:4a:58:b3:48:2f:7b:c3:1f:43: - 95:8d:13:b1:1a:25:93:a1:17:64:bb:3b:1c:26:c6:37:b3:14: - 9f:ae:2d:73:f3:e5:8c:2e:3d:b5:0a:90:72:90:86:f7:4d:4d: - 27:91:e1:e8:2c:65:7a:a4:4a:ce:cf:c7:6e:12:16:31:f2:dc: - 1c:51:34:60:16:ff:56:06:f8:93:5c:bb:96:03:2b:13:64:00: - 23:94:d8:e1:a1:66:37:c8:b1:db:36:86:93:e6:96:77:82:37: - 20:40:1f:38:f4:1e:13:de:1a:97:ed:69:db:ca:17:09:83:d5: - 05:62:fb:fd + 17:b3:bc:12:8f:96:ee:c8:f1:36:75:6a:b6:d7:79:bd:1b:08: + 06:ef:5a:47:7d:bc:4b:dc:54:9c:1b:cf:81:9c:e7:e2:43:6d: + 87:61:35:07:44:4b:4e:3d:e9:53:8a:28:69:60:41:c9:f3:e8: + 8d:a4:6b:7e:2e:1b:5c:88:26:00:ef:6a:18:df:99:03:59:c4: + 0a:6c:1e:ef:ce:b5:f3:ca:e3:57:56:ae:8b:41:4e:66:d7:b6: + 35:d1:ab:2f:bd:5b:9d:a0:55:57:95:2d:2d:d2:f0:02:2e:f5: + db:cd:3c:50:bf:f0:cd:51:98:27:cd:1b:5f:8d:0f:2b:ae:67: + 38:e1:5c:af:1c:b1:9d:8f:f2:b0:24:ff:f2:8b:b7:0c:4a:1e: + ee:dd:55:b2:43:70:f4:b0:05:ba:b0:ad:e4:7c:cd:0b:05:d5: + db:97:13:37:13:d0:33:b4:0e:2c:0f:95:17:11:cd:95:1a:1c: + 2d:8b:28:53:bf:bc:5a:46:77:6e:23:71:e1:9e:59:cd:48:8f: + 19:cf:67:ac:63:a2:2d:d6:db:a8:6e:70:d0:5f:e3:42:00:c3: + 99:a8:d6:43:35:74:16:6a:05:fb:11:88:9e:5f:5c:98:e5:5e: + b1:04:a2:61:36:ae:2d:2f:e8:b1:1e:26:f4:49:74:ae:c2:29: + b8:6d:41:27 -----BEGIN CERTIFICATE----- MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -78,26 +78,26 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA -hBsHlnmw63eDxHr37sCaMhVHHzMm1xfHD2kJ4I9Q0bnBmfQKJC0YGhQUKZHWz7sR -koB0ppIWVO2tAbSXcWdZU0M3FN2oHVuWNbGA/0EOrvfaL9IBvUtzUPvwjitY+EPG -eluVFFGiNvkJ7IMaE0RTWCryg3FkXZl8uMcoFn6OtjHjH/o1NY6WSlizSC97wx9D -lY0TsRolk6EXZLs7HCbGN7MUn64tc/PljC49tQqQcpCG901NJ5Hh6CxleqRKzs/H -bhIWMfLcHFE0YBb/Vgb4k1y7lgMrE2QAI5TY4aFmN8ix2zaGk+aWd4I3IEAfOPQe -E94al+1p28oXCYPVBWL7/Q== +F7O8Eo+W7sjxNnVqttd5vRsIBu9aR328S9xUnBvPgZzn4kNth2E1B0RLTj3pU4oo +aWBByfPojaRrfi4bXIgmAO9qGN+ZA1nECmwe786188rjV1aui0FOZte2NdGrL71b +naBVV5UtLdLwAi712808UL/wzVGYJ80bX40PK65nOOFcrxyxnY/ysCT/8ou3DEoe +7t1VskNw9LAFurCt5HzNCwXV25cTNxPQM7QOLA+VFxHNlRocLYsoU7+8WkZ3biNx +4Z5ZzUiPGc9nrGOiLdbbqG5w0F/jQgDDmajWQzV0FmoF+xGInl9cmOVesQSiYTau +LS/osR4m9El0rsIpuG1BJw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: @@ -131,27 +131,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 5c:9d:46:b6:82:50:18:af:da:a3:05:8a:ef:78:f7:8f:2a:72: - 3d:08:30:9e:60:bf:01:8d:bc:71:b2:15:85:aa:61:3b:14:8f: - 60:0c:ad:1f:a1:a2:db:62:5f:31:5a:44:36:d8:c1:34:d3:c4: - d7:04:d6:33:d1:3e:4b:81:73:df:5e:41:1e:56:7d:4d:12:a6: - c0:94:92:9d:cc:8c:ff:a2:02:8d:ce:9a:d4:00:69:66:06:7e: - ab:1f:29:1e:b9:0b:ae:31:0c:0d:b5:44:a1:46:3e:f6:18:cb: - fe:f9:9b:e6:0e:82:7c:49:63:08:34:08:ff:9c:0f:1c:28:cf: - 89:78:2b:53:00:b4:4b:f6:98:48:df:40:59:99:8d:69:f3:f9: - 6f:88:73:b1:63:4a:3b:11:c7:89:75:fa:33:8e:1d:2d:7f:c2: - 19:13:8a:fd:8a:5a:39:e1:c8:6e:55:43:54:df:da:c4:d3:1b: - 79:83:d2:63:f7:d6:85:b5:be:7d:53:98:26:68:cb:37:25:70: - 36:6d:ba:7d:08:54:a5:03:70:97:dc:a0:7c:f3:ce:44:47:9d: - 5a:53:63:ed:7e:07:bc:5f:4e:b2:53:a0:40:1e:d8:a8:19:22: - c5:2d:74:5a:02:32:0d:58:37:a6:36:b3:bf:57:1a:3c:24:c1: - 7b:f4:b1:71 + 36:af:a0:d5:be:f3:a5:07:f1:ac:be:df:d1:c4:e9:e2:08:62: + 40:7d:16:6a:26:ca:63:22:39:57:d5:36:11:ea:48:65:48:f6: + a3:86:8d:f3:34:d6:62:c0:e5:f2:5e:5a:d8:ac:1e:5d:cc:8c: + ef:9e:ac:b3:ea:f9:a9:08:63:68:da:c9:b5:1a:42:62:5b:0c: + 19:d5:f8:c0:24:ae:87:42:66:32:6d:49:e6:af:99:53:3f:2a: + 6f:89:d6:14:3c:50:14:9f:b0:4f:eb:25:71:6c:a7:75:25:57: + db:dc:c4:e9:2a:06:26:b3:85:b7:c6:22:94:b9:d7:b9:21:e8: + a1:39:d7:2c:6e:fa:29:97:a5:48:7e:f6:7c:3b:62:51:d4:96: + 65:f0:88:d8:e5:45:7a:22:dd:2c:0d:1a:d3:4b:3a:0a:3d:71: + 07:6e:0b:b6:5a:93:ff:ae:db:0b:b7:f0:20:88:3a:af:75:04: + aa:ab:d4:4e:73:1b:f9:a6:69:cd:c3:21:bc:f3:b3:2b:ef:47: + 3c:86:30:2b:1d:10:1c:68:b9:99:4d:79:a0:23:3f:ca:3d:c7: + f0:d7:57:86:1f:12:2b:73:83:0d:64:bd:51:4d:b7:2d:17:8a: + 47:b1:3a:2c:35:f9:fd:d4:3b:0a:fd:0e:4a:dd:c1:f7:90:de: + d0:42:ba:9d -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBozELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A @@ -167,26 +167,26 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAXJ1GtoJQGK/aowWK73j3jypyPQgwnmC/ -AY28cbIVhaphOxSPYAytH6Gi22JfMVpENtjBNNPE1wTWM9E+S4Fz315BHlZ9TRKm -wJSSncyM/6ICjc6a1ABpZgZ+qx8pHrkLrjEMDbVEoUY+9hjL/vmb5g6CfEljCDQI -/5wPHCjPiXgrUwC0S/aYSN9AWZmNafP5b4hzsWNKOxHHiXX6M44dLX/CGROK/Ypa -OeHIblVDVN/axNMbeYPSY/fWhbW+fVOYJmjLNyVwNm26fQhUpQNwl9ygfPPOREed -WlNj7X4HvF9OslOgQB7YqBkixS10WgIyDVg3pjazv1caPCTBe/SxcQ== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEANq+g1b7zpQfxrL7f0cTp4ghiQH0WaibK +YyI5V9U2EepIZUj2o4aN8zTWYsDl8l5a2KweXcyM756ss+r5qQhjaNrJtRpCYlsM +GdX4wCSuh0JmMm1J5q+ZUz8qb4nWFDxQFJ+wT+slcWyndSVX29zE6SoGJrOFt8Yi +lLnXuSHooTnXLG76KZelSH72fDtiUdSWZfCI2OVFeiLdLA0a00s6Cj1xB24LtlqT +/67bC7fwIIg6r3UEqqvUTnMb+aZpzcMhvPOzK+9HPIYwKx0QHGi5mU15oCM/yj3H +8NdXhh8SK3ODDWS9UU23LReKR7E6LDX5/dQ7Cv0OSt3B95De0EK6nQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: @@ -220,27 +220,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 92:01:86:22:0c:3e:a5:4f:fb:c5:5e:16:96:9e:a0:e1:1c:58: - 2e:d7:6c:13:44:5e:55:97:3b:35:a6:17:b2:26:1a:ea:2e:b3: - 06:e6:2e:92:ce:c2:56:7e:a3:3b:26:0d:8f:9a:91:9b:cf:84: - 90:e3:55:b8:84:4d:78:c0:ba:f1:76:d0:ad:cc:31:e5:53:18: - 6f:61:27:6e:fe:c7:9d:ea:a2:99:76:83:8c:b8:44:7c:f2:f5: - 3c:b0:49:f3:b3:a9:9c:33:b6:2b:1b:e0:4b:1f:bf:fe:34:1a: - cd:e3:31:ae:a1:0b:91:3e:0a:e5:3e:68:da:28:66:53:14:cc: - 9b:d1:d5:ab:ed:2b:bf:bc:c3:33:68:08:a9:44:e1:4a:ba:5d: - 2b:bd:b7:f5:e9:36:36:61:98:fb:b1:35:0d:ee:30:ec:ed:7d: - fe:dd:d0:a6:46:a6:7f:0e:ac:91:7b:7d:8e:a2:0d:77:81:20: - 77:a2:4e:98:1d:97:0d:9e:4a:c5:fe:0a:e0:e4:75:86:b1:e9: - f8:b4:42:31:a3:87:70:7c:bd:0d:79:fa:70:40:8e:b5:12:c7: - c5:be:b9:6b:7c:9e:ec:47:f0:3a:39:47:42:81:de:11:cf:4a: - 72:51:a1:36:e8:57:e7:d9:e5:f5:b0:c6:ca:bb:d2:c3:9d:73: - b5:80:a2:1c + 98:63:ad:48:55:94:8f:37:2d:a1:38:e1:1a:99:cd:2a:34:9b: + 43:b7:d3:ac:1b:67:1e:61:bf:4d:ab:21:32:63:61:6a:3e:0e: + 2d:8e:b9:2f:99:5e:a0:1d:94:4c:5c:ce:d5:6c:85:db:9a:4e: + 94:ab:f2:73:02:cc:62:90:a1:5b:a4:6c:ee:92:55:05:87:9f: + 4a:3b:11:21:b8:b5:68:03:89:4d:ed:33:17:53:a1:8d:ec:aa: + 66:0a:7b:18:3c:00:8c:75:b9:82:fb:66:63:81:cd:42:e6:b1: + 95:5d:33:0a:04:42:20:51:e3:19:89:fa:00:1d:96:87:17:e3: + 57:f8:da:09:9b:6a:1e:e4:57:bf:9d:d1:a5:39:18:a3:1f:99: + 9a:cd:80:d7:52:b7:e0:bf:ba:9c:ef:6e:fa:b1:dc:d7:29:58: + 15:05:c2:98:49:18:2b:23:24:a5:c4:ce:9e:f3:6b:3e:3e:a6: + 16:6e:82:89:0f:a7:af:53:a0:be:20:8c:90:4b:f0:31:54:79: + 64:ed:6b:b3:86:66:83:b9:fb:9a:f8:e6:5e:08:44:8c:5e:a9: + b2:94:12:ee:eb:f1:21:e2:64:3c:59:bc:89:91:d9:01:bd:87: + c7:94:30:d2:95:cf:34:f6:49:ea:ee:e1:34:05:48:27:a9:c6: + 2a:cc:eb:9b -----BEGIN CERTIFICATE----- MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaMxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaMxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -256,26 +256,26 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQCSAYYiDD6lT/vFXhaWnqDhHFgu12wTRF5Vlzs1pheyJhrqLrMG5i6S -zsJWfqM7Jg2PmpGbz4SQ41W4hE14wLrxdtCtzDHlUxhvYSdu/sed6qKZdoOMuER8 -8vU8sEnzs6mcM7YrG+BLH7/+NBrN4zGuoQuRPgrlPmjaKGZTFMyb0dWr7Su/vMMz -aAipROFKul0rvbf16TY2YZj7sTUN7jDs7X3+3dCmRqZ/DqyRe32Oog13gSB3ok6Y -HZcNnkrF/grg5HWGsen4tEIxo4dwfL0NefpwQI61EsfFvrlrfJ7sR/A6OUdCgd4R -z0pyUaE26Ffn2eX1sMbKu9LDnXO1gKIc +CwUAA4IBAQCYY61IVZSPNy2hOOEamc0qNJtDt9OsG2ceYb9NqyEyY2FqPg4tjrkv +mV6gHZRMXM7VbIXbmk6Uq/JzAsxikKFbpGzuklUFh59KOxEhuLVoA4lN7TMXU6GN +7KpmCnsYPACMdbmC+2Zjgc1C5rGVXTMKBEIgUeMZifoAHZaHF+NX+NoJm2oe5Fe/ +ndGlORijH5mazYDXUrfgv7qc7276sdzXKVgVBcKYSRgrIySlxM6e82s+PqYWboKJ +D6evU6C+IIyQS/AxVHlk7WuzhmaDufua+OZeCESMXqmylBLu6/Eh4mQ8WbyJkdkB +vYfHlDDSlc809knq7uE0BUgnqcYqzOub -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: @@ -302,34 +302,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 6f:ba:0f:86:af:8b:12:74:05:b4:74:01:31:bd:fa:54:af:e2: - 2a:19:5d:c2:a2:eb:de:1e:50:00:77:da:17:d2:ff:52:80:3d: - f5:e5:81:b6:17:00:f7:62:b8:e4:a8:3c:44:99:46:02:09:fa: - 38:bd:ea:dd:1b:29:06:79:e1:a7:e8:0c:de:8d:58:0a:fd:98: - 74:84:05:78:ec:50:e4:a7:3a:38:67:2d:90:57:35:28:b6:89: - f4:41:0e:c3:b9:70:3c:eb:f3:b3:eb:27:14:a2:bc:2e:3a:bb: - 82:9b:5e:2e:bb:bd:9f:ae:ff:27:1b:07:35:a3:b2:05:f7:4d: - 8e:33:ee:93:16:b9:89:2e:ea:e0:dd:52:21:5d:bf:11:70:a7: - 5c:36:e7:7b:81:d0:47:e6:97:f4:2b:72:ce:03:12:0f:08:1e: - 89:da:cf:88:e1:74:4d:1b:0d:72:7b:16:bf:bc:f9:8f:03:8a: - 03:df:ad:db:14:83:cf:31:36:72:cb:ff:7d:ba:8b:71:28:bc: - 23:26:d4:50:9c:64:20:ee:e8:34:ce:a9:ee:b5:32:e7:1a:ef: - e6:2e:76:9b:b4:15:33:3f:ed:af:c0:01:a6:1b:81:1e:18:da: - b6:88:15:59:d5:37:03:f2:31:2c:69:0e:30:66:66:7b:cc:16: - 1f:96:5d:ff + 74:07:c0:d6:4e:74:54:c7:76:ae:b9:0c:0c:90:89:9a:0c:e3: + 96:09:5d:df:d4:2a:0c:c3:0d:a0:e8:8d:a6:1f:8c:15:df:76: + 29:1d:45:72:26:01:95:da:0a:dd:75:bd:59:ed:53:d0:ec:f6: + a4:5c:43:65:cb:62:1b:96:5f:28:07:5b:fd:4f:f4:fb:3f:a5: + 08:dd:ec:2e:ab:37:83:90:1f:d2:bf:6c:cd:e5:c6:40:46:b1: + d0:f4:c1:68:aa:28:64:07:20:97:a5:56:4e:54:fe:52:58:05: + 28:9c:64:fa:29:6f:b7:88:1b:ef:9d:4d:91:44:9e:f5:2f:73: + c0:a7:0d:d0:a5:07:55:c0:cc:85:bb:3a:85:5d:03:a9:b1:2f: + 55:cd:f0:bf:67:0b:90:b4:0d:78:12:ea:bb:62:bd:2b:16:77: + 2f:02:1a:12:fd:d8:fa:52:ab:8c:c0:d4:d2:e2:cd:b8:62:69: + ac:30:50:d6:44:35:01:b9:50:8d:35:84:9f:b9:d6:ca:0c:0b: + d2:f3:5e:1e:42:7f:83:79:b6:48:04:3a:80:b1:97:87:b1:93: + 6a:a3:57:6e:86:fd:ef:2b:95:c8:24:d0:66:a2:0b:f1:9b:6d: + a6:6b:6d:83:2d:c1:5f:25:dd:4a:d0:f7:4c:94:b0:c3:6f:bc: + ca:ef:c1:4a -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -339,16 +339,16 @@ dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk 5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQBvug+Gr4sSdAW0dAExvfpUr+IqGV3CouveHlAAd9oX0v9SgD315YG2FwD3 -YrjkqDxEmUYCCfo4verdGykGeeGn6AzejVgK/Zh0hAV47FDkpzo4Zy2QVzUoton0 -QQ7DuXA86/Oz6ycUorwuOruCm14uu72frv8nGwc1o7IF902OM+6TFrmJLurg3VIh -Xb8RcKdcNud7gdBH5pf0K3LOAxIPCB6J2s+I4XRNGw1yexa/vPmPA4oD363bFIPP -MTZyy/99uotxKLwjJtRQnGQg7ug0zqnutTLnGu/mLnabtBUzP+2vwAGmG4EeGNq2 -iBVZ1TcD8jEsaQ4wZmZ7zBYfll3/ +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAHQHwNZOdFTHdq65DAyQiZoM45YJXd/UKgzDDaDojaYf +jBXfdikdRXImAZXaCt11vVntU9Ds9qRcQ2XLYhuWXygHW/1P9Ps/pQjd7C6rN4OQ +H9K/bM3lxkBGsdD0wWiqKGQHIJelVk5U/lJYBSicZPopb7eIG++dTZFEnvUvc8Cn +DdClB1XAzIW7OoVdA6mxL1XN8L9nC5C0DXgS6rtivSsWdy8CGhL92PpSq4zA1NLi +zbhiaawwUNZENQG5UI01hJ+51soMC9LzXh5Cf4N5tkgEOoCxl4exk2qjV26G/e8r +lcgk0GaiC/GbbaZrbYMtwV8l3UrQ90yUsMNvvMrvwUo= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-entity.pem b/certs/test-pathlen/chainI-entity.pem index 3ecb511ab..3bcbba061 100644 --- a/certs/test-pathlen/chainI-entity.pem +++ b/certs/test-pathlen/chainI-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainI-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 84:1b:07:96:79:b0:eb:77:83:c4:7a:f7:ee:c0:9a:32:15:47: - 1f:33:26:d7:17:c7:0f:69:09:e0:8f:50:d1:b9:c1:99:f4:0a: - 24:2d:18:1a:14:14:29:91:d6:cf:bb:11:92:80:74:a6:92:16: - 54:ed:ad:01:b4:97:71:67:59:53:43:37:14:dd:a8:1d:5b:96: - 35:b1:80:ff:41:0e:ae:f7:da:2f:d2:01:bd:4b:73:50:fb:f0: - 8e:2b:58:f8:43:c6:7a:5b:95:14:51:a2:36:f9:09:ec:83:1a: - 13:44:53:58:2a:f2:83:71:64:5d:99:7c:b8:c7:28:16:7e:8e: - b6:31:e3:1f:fa:35:35:8e:96:4a:58:b3:48:2f:7b:c3:1f:43: - 95:8d:13:b1:1a:25:93:a1:17:64:bb:3b:1c:26:c6:37:b3:14: - 9f:ae:2d:73:f3:e5:8c:2e:3d:b5:0a:90:72:90:86:f7:4d:4d: - 27:91:e1:e8:2c:65:7a:a4:4a:ce:cf:c7:6e:12:16:31:f2:dc: - 1c:51:34:60:16:ff:56:06:f8:93:5c:bb:96:03:2b:13:64:00: - 23:94:d8:e1:a1:66:37:c8:b1:db:36:86:93:e6:96:77:82:37: - 20:40:1f:38:f4:1e:13:de:1a:97:ed:69:db:ca:17:09:83:d5: - 05:62:fb:fd + 17:b3:bc:12:8f:96:ee:c8:f1:36:75:6a:b6:d7:79:bd:1b:08: + 06:ef:5a:47:7d:bc:4b:dc:54:9c:1b:cf:81:9c:e7:e2:43:6d: + 87:61:35:07:44:4b:4e:3d:e9:53:8a:28:69:60:41:c9:f3:e8: + 8d:a4:6b:7e:2e:1b:5c:88:26:00:ef:6a:18:df:99:03:59:c4: + 0a:6c:1e:ef:ce:b5:f3:ca:e3:57:56:ae:8b:41:4e:66:d7:b6: + 35:d1:ab:2f:bd:5b:9d:a0:55:57:95:2d:2d:d2:f0:02:2e:f5: + db:cd:3c:50:bf:f0:cd:51:98:27:cd:1b:5f:8d:0f:2b:ae:67: + 38:e1:5c:af:1c:b1:9d:8f:f2:b0:24:ff:f2:8b:b7:0c:4a:1e: + ee:dd:55:b2:43:70:f4:b0:05:ba:b0:ad:e4:7c:cd:0b:05:d5: + db:97:13:37:13:d0:33:b4:0e:2c:0f:95:17:11:cd:95:1a:1c: + 2d:8b:28:53:bf:bc:5a:46:77:6e:23:71:e1:9e:59:cd:48:8f: + 19:cf:67:ac:63:a2:2d:d6:db:a8:6e:70:d0:5f:e3:42:00:c3: + 99:a8:d6:43:35:74:16:6a:05:fb:11:88:9e:5f:5c:98:e5:5e: + b1:04:a2:61:36:ae:2d:2f:e8:b1:1e:26:f4:49:74:ae:c2:29: + b8:6d:41:27 -----BEGIN CERTIFICATE----- MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -78,10 +78,10 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA -hBsHlnmw63eDxHr37sCaMhVHHzMm1xfHD2kJ4I9Q0bnBmfQKJC0YGhQUKZHWz7sR -koB0ppIWVO2tAbSXcWdZU0M3FN2oHVuWNbGA/0EOrvfaL9IBvUtzUPvwjitY+EPG -eluVFFGiNvkJ7IMaE0RTWCryg3FkXZl8uMcoFn6OtjHjH/o1NY6WSlizSC97wx9D -lY0TsRolk6EXZLs7HCbGN7MUn64tc/PljC49tQqQcpCG901NJ5Hh6CxleqRKzs/H -bhIWMfLcHFE0YBb/Vgb4k1y7lgMrE2QAI5TY4aFmN8ix2zaGk+aWd4I3IEAfOPQe -E94al+1p28oXCYPVBWL7/Q== +F7O8Eo+W7sjxNnVqttd5vRsIBu9aR328S9xUnBvPgZzn4kNth2E1B0RLTj3pU4oo +aWBByfPojaRrfi4bXIgmAO9qGN+ZA1nECmwe786188rjV1aui0FOZte2NdGrL71b +naBVV5UtLdLwAi712808UL/wzVGYJ80bX40PK65nOOFcrxyxnY/ysCT/8ou3DEoe +7t1VskNw9LAFurCt5HzNCwXV25cTNxPQM7QOLA+VFxHNlRocLYsoU7+8WkZ3biNx +4Z5ZzUiPGc9nrGOiLdbbqG5w0F/jQgDDmajWQzV0FmoF+xGInl9cmOVesQSiYTau +LS/osR4m9El0rsIpuG1BJw== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem index 7103a6fc9..c08db4241 100644 --- a/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem +++ b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 1b:bc:90:0e:7d:7e:8c:da:bb:5c:81:c5:86:8a:da:4e:c9:98: - a6:0c:e5:8b:ab:a1:a6:9d:94:68:af:18:34:3f:b3:39:e8:0a: - 3f:8f:67:a2:b4:f5:41:eb:ca:ab:93:8f:29:9f:7d:1c:50:7e: - 85:4f:a8:01:11:ea:08:fd:a1:e6:ec:10:4e:84:b3:4d:a0:20: - c8:32:5a:40:d8:8b:78:41:ea:19:8d:e2:5e:03:72:ee:9b:a0: - 84:bc:87:32:e9:31:24:37:b5:33:78:7a:aa:5a:d4:bb:aa:e1: - b3:10:c8:98:90:e3:92:23:54:86:0e:2a:04:23:cc:d9:a8:7a: - c9:1b:17:c1:08:d5:2b:09:e9:9b:ac:07:9f:e0:34:05:eb:01: - e8:15:c5:7d:69:89:17:15:cc:dc:3b:84:1c:aa:53:e0:06:fa: - 2b:7f:82:07:0d:eb:cb:be:43:8c:7e:9e:2b:62:08:44:32:e8: - 68:48:4e:e0:44:8f:7a:d2:4a:3c:6d:25:56:ce:2b:6a:54:8e: - 67:8e:1e:ef:bb:92:9b:47:7c:95:3d:c5:9b:bf:28:e0:a8:2e: - e5:17:4d:01:1a:71:1a:d4:0c:4d:d4:c8:f4:df:09:85:1d:36: - b6:47:9a:f9:83:1a:74:98:23:aa:96:a1:31:c1:67:c7:db:69: - 9a:fe:44:aa + 34:2e:4c:ef:fb:6f:f2:6d:64:aa:c8:fb:93:23:af:12:d4:6d: + ad:26:34:48:f7:bb:db:51:c0:d5:20:5c:cf:86:3c:7a:7a:9f: + f7:16:c0:10:42:07:bb:d2:e5:ee:f8:9c:50:b3:fa:56:41:0f: + 48:b8:d1:91:54:4b:bf:b5:cb:35:66:b6:94:a8:8e:ff:f1:d1: + 3a:07:d4:df:19:e8:5c:10:ff:93:ed:3e:9b:f5:d2:dd:20:32: + 35:5f:79:7c:9e:55:7b:1f:9a:b5:3c:90:3e:06:9f:7a:7b:f0: + 08:9f:ec:61:3c:88:07:9d:b8:36:6e:23:0a:d9:16:15:60:d6: + 0c:de:e0:11:8d:92:3c:37:6f:bb:cf:5e:86:d7:61:26:cb:a0: + 6a:bf:18:2d:08:dc:e9:8b:0f:02:a8:8e:a1:fd:89:cd:5c:ce: + df:8b:74:0e:b6:d4:8f:62:1a:e4:b2:e4:ca:40:4f:20:ed:50: + b2:c5:bf:e5:08:d3:d0:c4:f3:a2:87:f7:80:a2:fa:2a:4d:41: + 1f:b4:a0:f9:10:8c:22:c6:5f:83:eb:51:9d:44:4a:83:fd:b5: + fd:93:42:ab:f7:49:c8:98:4e:34:14:d2:82:63:60:6d:53:d6: + 7b:e2:00:8d:15:e2:e5:0d:53:94:76:d2:35:e7:57:2e:d0:a5: + d2:22:1b:f8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBozELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A @@ -80,10 +80,10 @@ gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P -BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAbvJAOfX6M2rtcgcWGitpOyZimDOWL -q6GmnZRorxg0P7M56Ao/j2eitPVB68qrk48pn30cUH6FT6gBEeoI/aHm7BBOhLNN -oCDIMlpA2It4QeoZjeJeA3Lum6CEvIcy6TEkN7UzeHqqWtS7quGzEMiYkOOSI1SG -DioEI8zZqHrJGxfBCNUrCembrAef4DQF6wHoFcV9aYkXFczcO4QcqlPgBvorf4IH -DevLvkOMfp4rYghEMuhoSE7gRI960ko8bSVWzitqVI5njh7vu5KbR3yVPcWbvyjg -qC7lF00BGnEa1AxN1Mj03wmFHTa2R5r5gxp0mCOqlqExwWfH22ma/kSq +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0Lkzv+2/ybWSqyPuTI68S1G2tJjRI +97vbUcDVIFzPhjx6ep/3FsAQQge70uXu+JxQs/pWQQ9IuNGRVEu/tcs1ZraUqI7/ +8dE6B9TfGehcEP+T7T6b9dLdIDI1X3l8nlV7H5q1PJA+Bp96e/AIn+xhPIgHnbg2 +biMK2RYVYNYM3uARjZI8N2+7z16G12Emy6BqvxgtCNzpiw8CqI6h/YnNXM7fi3QO +ttSPYhrksuTKQE8g7VCyxb/lCNPQxPOih/eAovoqTUEftKD5EIwixl+D61GdREqD +/bX9k0Kr90nImE40FNKCY2BtU9Z74gCNFeLlDVOUdtI151cu0KXSIhv4 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem index 7e69d63e7..cfbaf287e 100644 --- a/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem +++ b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b5:1a:a8:18:60:a0:55:56:bc:19:0c:0b:a6:fe:c1:a4:fb:b0: - f3:c2:7e:4f:86:62:c5:3d:a4:da:9f:df:de:57:a1:3d:9e:67: - d4:84:2d:bd:17:12:ad:9e:cd:7b:e5:43:c9:35:90:00:50:36: - 97:dd:bc:86:86:3c:63:11:13:ed:4f:f2:66:b3:ea:fb:d2:a9: - 71:00:d1:9d:be:c8:ae:00:44:40:a6:08:df:a3:ae:1e:85:34: - 4d:cf:61:40:1e:1e:be:b1:e4:0a:33:ed:30:d0:fc:c1:26:c3: - 5c:c9:c3:5d:02:87:88:49:2d:50:d2:7f:dd:5a:ac:26:8c:22: - 79:62:0e:84:ac:5e:2a:83:47:b3:42:5e:c1:2a:98:8e:1d:40: - 8f:4e:8c:2a:89:97:b6:91:8b:cf:12:5b:83:9b:81:0c:82:80: - 90:70:fc:55:28:8b:f0:c1:74:85:a6:df:85:c6:69:e3:16:d8: - cb:ae:11:96:7a:16:b8:85:c4:d6:17:69:13:75:35:b5:40:4c: - 31:02:cb:85:8b:75:38:32:f0:80:93:3c:75:20:5b:da:3a:c1: - 40:dd:2a:9e:36:e4:f1:8d:8f:56:20:a0:ef:67:9d:ea:53:ec: - b2:f5:7c:4e:dd:41:57:26:96:1a:0b:2c:55:00:5f:10:87:e0: - 41:e5:ce:51 + 26:7a:2c:3d:0c:70:00:99:4e:7b:48:06:5f:f9:0d:f2:ee:b1: + d2:3a:11:86:41:72:1d:d5:a2:89:fa:42:0b:f6:0c:7f:d6:8a: + 93:b4:19:25:5b:99:17:45:ca:95:6b:45:3e:b1:53:f0:da:0c: + 81:67:f4:7c:3d:2d:dd:68:bd:ab:44:d1:99:9b:63:9a:54:14: + 28:e5:0d:a4:a6:a6:fa:a4:29:b0:85:96:c1:f5:ce:af:77:ba: + b8:36:ff:7c:62:9f:6b:57:5c:dd:34:14:17:a2:81:ce:40:b9: + 10:c1:9e:cb:4e:67:9e:a3:7d:aa:80:d7:a7:d6:42:be:69:69: + d3:74:02:08:a9:32:a0:ea:22:3d:cb:c7:ee:57:f2:7f:99:6d: + 79:9b:bb:4e:43:fa:d5:28:af:13:13:f2:c9:56:3e:ca:87:22: + d9:c5:30:44:27:3b:20:8c:ad:5e:29:79:1f:8d:e3:13:89:1d: + 7b:eb:7c:3b:2e:04:51:43:68:70:dc:fc:be:aa:33:6e:b2:c4: + 36:e1:79:33:2c:b7:b2:d5:75:f2:f0:66:51:a9:a6:de:4a:77: + d3:f7:bc:84:e7:ab:3c:7c:e6:33:59:86:1a:99:9b:36:24:51: + 96:fb:c2:c0:88:2f:e6:35:6b:68:42:93:4c:09:22:23:06:7a: + be:16:14:a1 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBozELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A @@ -80,10 +80,10 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAtRqoGGCgVVa8GQwLpv7BpPuw88J+T4Zi -xT2k2p/f3lehPZ5n1IQtvRcSrZ7Ne+VDyTWQAFA2l928hoY8YxET7U/yZrPq+9Kp -cQDRnb7IrgBEQKYI36OuHoU0Tc9hQB4evrHkCjPtMND8wSbDXMnDXQKHiEktUNJ/ -3VqsJowieWIOhKxeKoNHs0JewSqYjh1Aj06MKomXtpGLzxJbg5uBDIKAkHD8VSiL -8MF0habfhcZp4xbYy64RlnoWuIXE1hdpE3U1tUBMMQLLhYt1ODLwgJM8dSBb2jrB -QN0qnjbk8Y2PViCg72ed6lPssvV8Tt1BVyaWGgssVQBfEIfgQeXOUQ== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAJnosPQxwAJlOe0gGX/kN8u6x0joRhkFy +HdWiifpCC/YMf9aKk7QZJVuZF0XKlWtFPrFT8NoMgWf0fD0t3Wi9q0TRmZtjmlQU +KOUNpKam+qQpsIWWwfXOr3e6uDb/fGKfa1dc3TQUF6KBzkC5EMGey05nnqN9qoDX +p9ZCvmlp03QCCKkyoOoiPcvH7lfyf5lteZu7TkP61SivExPyyVY+yoci2cUwRCc7 +IIytXil5H43jE4kde+t8Oy4EUUNocNz8vqozbrLENuF5Myy3stV18vBmUamm3kp3 +0/e8hOerPHzmM1mGGpmbNiRRlvvCwIgv5jVraEKTTAkiIwZ6vhYUoQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem index 75e7a63fa..4b2363dc7 100644 --- a/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem +++ b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: @@ -44,27 +44,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 1c:4a:61:8f:95:15:dc:f1:79:27:3d:bd:fb:30:05:37:da:62: - e9:ed:0c:e4:18:78:87:7c:aa:a7:0e:c6:b2:ff:04:25:a7:f1: - 29:4e:ad:7e:86:47:67:f3:a8:a9:70:28:5f:2b:ab:34:a3:21: - 30:7b:45:d3:5b:60:5f:84:86:01:cf:36:14:1a:86:09:00:d7: - b6:60:69:6a:0b:fc:9c:c4:9e:46:90:74:00:61:32:23:b6:73: - e8:58:c9:44:e6:6e:8a:b1:e4:a1:9c:a9:a0:db:2d:71:b2:a4: - 4c:ea:f2:b3:28:46:8f:fd:61:70:c5:92:b3:ad:42:92:d4:dd: - 2b:11:ce:a5:02:84:6a:a8:81:2c:00:29:2d:54:63:c3:18:79: - c0:a9:d0:d7:c1:12:65:6e:14:98:e5:09:1a:2e:ef:0a:e3:4a: - 9c:3f:a8:01:44:6c:f2:31:90:b3:78:91:23:e5:6f:3e:13:54: - 59:32:c2:11:1e:a2:2d:9d:39:95:25:c3:8d:c5:d7:b0:e4:b3: - f8:d7:d5:8c:ad:b7:f4:2f:44:f2:05:53:33:6b:52:a0:98:e5: - e4:ec:fb:51:e7:fa:d6:2b:c1:e8:c8:a6:a7:5c:44:aa:e4:61: - a7:43:5d:5f:eb:5e:d0:d5:fd:99:01:a3:0e:39:5d:0b:b4:9b: - 8f:e8:a8:0e + 56:36:8b:bd:1d:e4:df:d0:a4:fd:c3:b0:e8:fc:fd:00:89:6f: + 24:b4:eb:a9:d1:1c:0d:d9:f3:f5:02:90:f0:30:76:f7:73:b8: + 0c:da:7e:19:9c:b9:d7:0d:f9:46:cb:e3:4c:3f:f4:f4:fe:f8: + 81:84:a9:da:c3:a4:83:58:ff:a6:78:6a:41:8f:62:8e:25:69: + ee:34:20:49:4d:da:8c:94:fd:52:d2:96:95:e6:be:d3:21:f8: + d4:23:65:4c:33:55:b8:a7:95:99:21:e4:f6:29:c8:36:db:d8: + 84:d0:1f:5b:92:92:87:8c:50:5d:dd:04:46:30:1e:b6:04:93: + ee:4a:2a:04:b6:9b:f4:5f:fd:89:66:54:fa:e9:76:b0:78:3c: + 71:7b:d3:93:90:b1:57:f4:f3:e3:90:48:e7:de:da:30:61:f2: + 2f:79:0b:1a:e8:17:a6:e5:58:ab:18:25:68:b1:9d:af:5a:94: + fd:1e:fd:df:84:56:e4:4a:01:63:b5:36:b0:c3:61:0f:18:04: + b9:98:ca:75:87:26:ce:9f:71:c7:e7:60:f1:9a:b5:5b:91:0a: + ed:e4:e6:28:6d:ea:d0:e9:4f:14:64:c9:4c:67:ae:df:8d:a2: + 5d:42:a5:14:5d:29:d4:4b:25:3e:1b:fe:2f:7c:13:4d:e4:72: + 57:a4:fb:fb -----BEGIN CERTIFICATE----- MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaMxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaMxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -80,10 +80,10 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQAcSmGPlRXc8XknPb37MAU32mLp7QzkGHiHfKqnDsay/wQlp/EpTq1+ -hkdn86ipcChfK6s0oyEwe0XTW2BfhIYBzzYUGoYJANe2YGlqC/ycxJ5GkHQAYTIj -tnPoWMlE5m6KseShnKmg2y1xsqRM6vKzKEaP/WFwxZKzrUKS1N0rEc6lAoRqqIEs -ACktVGPDGHnAqdDXwRJlbhSY5QkaLu8K40qcP6gBRGzyMZCzeJEj5W8+E1RZMsIR -HqItnTmVJcONxdew5LP419WMrbf0L0TyBVMza1KgmOXk7PtR5/rWK8HoyKanXESq -5GGnQ11f617Q1f2ZAaMOOV0LtJuP6KgO +CwUAA4IBAQBWNou9HeTf0KT9w7Do/P0AiW8ktOup0RwN2fP1ApDwMHb3c7gM2n4Z +nLnXDflGy+NMP/T0/viBhKnaw6SDWP+meGpBj2KOJWnuNCBJTdqMlP1S0paV5r7T +IfjUI2VMM1W4p5WZIeT2Kcg229iE0B9bkpKHjFBd3QRGMB62BJPuSioEtpv0X/2J +ZlT66XaweDxxe9OTkLFX9PPjkEjn3towYfIveQsa6Bem5VirGCVosZ2vWpT9Hv3f +hFbkSgFjtTaww2EPGAS5mMp1hybOn3HH52DxmrVbkQrt5OYoberQ6U8UZMlMZ67f +jaJdQqUUXSnUSyU+G/4vfBNN5HJXpPv7 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA4-pathlen2.pem b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem index c1446e00d..13f078af1 100644 --- a/certs/test-pathlen/chainJ-ICA4-pathlen2.pem +++ b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: @@ -37,34 +37,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 0a:09:0b:51:1a:2d:fd:0f:3f:07:9b:9e:c8:17:d9:a5:40:e6: - 08:a5:8a:f6:38:38:c1:b2:6a:a0:80:6e:b8:0f:15:94:80:ed: - 1b:2d:79:f0:31:f3:9c:6a:1f:f5:51:d3:9d:6a:17:c7:20:14: - cf:74:b5:01:ef:ce:0c:d4:c4:e5:d2:f8:6c:ef:79:64:c0:7e: - 50:7d:88:1f:5a:7d:a4:d0:e5:0b:ec:b9:54:ac:81:91:75:2c: - 38:de:ff:73:8d:23:14:52:ce:c8:07:cd:e5:66:8b:79:90:ee: - e0:4e:91:ee:dd:14:74:58:89:04:ea:d7:f6:cf:65:b6:33:d8: - f8:ae:1c:3d:17:fc:5a:51:28:b9:a6:6e:c4:aa:e8:43:f8:9d: - 6b:de:dd:e9:9c:9d:b1:43:8e:f1:b7:60:9b:0a:fa:3a:0b:80: - a8:01:7c:b5:63:d5:c5:11:23:9a:89:2f:0f:47:26:0d:78:26: - c1:61:64:c3:37:93:27:af:08:f8:4e:1a:f7:92:a6:c0:2b:32: - 78:23:fc:71:71:8d:a1:1e:ec:7e:6f:62:27:1b:04:3c:0a:78: - 23:9a:21:b2:ef:59:67:59:bd:9d:d3:49:72:0c:0b:c2:8f:d3: - ca:4e:81:ab:b3:5a:00:39:4a:86:ce:1e:e3:99:a8:1a:e3:ba: - 79:a9:aa:68 + 4b:8f:32:25:21:a6:78:3e:85:35:66:bd:36:f4:7c:cc:4e:90: + 74:19:b0:a6:35:bb:cc:59:a8:61:06:29:65:bf:75:7f:9f:a0: + 84:84:18:c1:9a:2f:93:3c:12:4c:ec:89:e4:e9:a3:53:0f:0a: + 00:e1:4b:00:e4:64:b6:4a:53:59:06:e7:0f:d5:cc:af:26:34: + 31:86:fc:3c:9e:71:b1:10:4a:c1:db:a3:52:98:33:a2:ab:a0: + cc:24:3e:f8:bb:21:f4:24:c5:03:17:27:d2:21:09:02:a8:4e: + 98:b8:63:ff:50:62:b2:c8:a6:b9:bc:cf:bd:a5:91:98:da:48: + 6d:05:f0:fe:e6:77:7e:69:81:e5:2e:cb:01:dc:ce:e5:09:b6: + c9:05:8e:f0:e4:d5:2e:3f:23:92:6c:47:e1:75:fd:7a:49:74: + b9:85:65:a1:d5:52:64:9a:42:54:a3:14:5b:69:a0:c3:66:3a: + ea:ce:5a:47:65:d9:08:ff:d7:79:de:67:9a:45:6b:e7:13:5a: + 57:60:dc:d2:65:06:19:a7:57:cf:48:87:80:39:ca:46:0c:1f: + 90:bc:e6:7f:4d:5d:f2:83:b1:08:24:34:8d:96:94:5f:64:90: + f4:a6:1f:46:e3:5e:1f:fd:d8:fe:4d:aa:98:e4:93:af:32:72: + e5:fc:fa:b3 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -74,16 +74,16 @@ Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr 42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQAKCQtRGi39Dz8Hm57IF9mlQOYIpYr2ODjBsmqggG64DxWUgO0bLXnwMfOc -ah/1UdOdahfHIBTPdLUB784M1MTl0vhs73lkwH5QfYgfWn2k0OUL7LlUrIGRdSw4 -3v9zjSMUUs7IB83lZot5kO7gTpHu3RR0WIkE6tf2z2W2M9j4rhw9F/xaUSi5pm7E -quhD+J1r3t3pnJ2xQ47xt2CbCvo6C4CoAXy1Y9XFESOaiS8PRyYNeCbBYWTDN5Mn -rwj4Thr3kqbAKzJ4I/xxcY2hHux+b2InGwQ8CngjmiGy71lnWb2d00lyDAvCj9PK -ToGrs1oAOUqGzh7jmaga47p5qapo +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAEuPMiUhpng+hTVmvTb0fMxOkHQZsKY1u8xZqGEGKWW/ +dX+foISEGMGaL5M8EkzsieTpo1MPCgDhSwDkZLZKU1kG5w/VzK8mNDGG/DyecbEQ +SsHbo1KYM6KroMwkPvi7IfQkxQMXJ9IhCQKoTpi4Y/9QYrLIprm8z72lkZjaSG0F +8P7md35pgeUuywHczuUJtskFjvDk1S4/I5JsR+F1/XpJdLmFZaHVUmSaQlSjFFtp +oMNmOurOWkdl2Qj/13neZ5pFa+cTWldg3NJlBhmnV89Ih4A5ykYMH5C85n9NXfKD +sQgkNI2WlF9kkPSmH0bjXh/92P5Nqpjkk68ycuX8+rM= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-assembled.pem b/certs/test-pathlen/chainJ-assembled.pem index 18c0da0f7..f52dce9a5 100644 --- a/certs/test-pathlen/chainJ-assembled.pem +++ b/certs/test-pathlen/chainJ-assembled.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 9c:16:1e:71:2c:cc:59:21:df:65:d5:f0:6a:07:d1:46:2a:cf: - 10:5f:9c:e5:75:13:1b:d7:8e:a3:15:dc:85:b8:27:7b:87:d5: - c5:5f:29:03:92:48:0a:42:83:85:93:3c:1a:82:5b:0f:66:81: - 09:6a:d6:9e:73:fa:4c:6e:c0:97:7d:b2:ad:14:5b:12:84:82: - 62:19:a2:e4:07:15:48:3b:98:6c:31:f5:4a:8b:2d:88:e9:c2: - 36:de:c2:7b:c8:62:7b:cf:67:63:97:40:0c:f0:b9:09:69:8f: - ce:55:b4:28:06:9d:a7:d8:1d:4b:8d:4c:57:ce:0e:0d:1b:9e: - 85:0d:c9:48:a5:f8:f5:00:d1:77:e0:d5:91:cb:7b:68:2c:02: - 58:aa:38:f5:09:9a:3e:01:3d:e7:b5:1e:0f:49:05:93:9f:30: - 59:84:8b:06:e5:8a:be:93:98:29:5b:44:86:a6:d8:5e:14:d4: - 22:79:36:b7:b0:9d:2d:c1:ec:5a:99:7f:a8:7a:f2:a1:48:42: - 18:89:6e:22:a5:8d:fc:6e:b1:6c:62:3e:67:72:d6:f4:96:f8: - fb:fc:55:53:68:d8:d7:be:7e:d6:1b:75:0e:58:c8:f9:f1:d1: - 5d:ba:e4:5e:ce:f6:a1:b7:cf:5e:d7:43:56:42:f5:58:88:9e: - 21:de:6d:0b + 1c:81:5f:34:60:dd:bb:0a:02:db:8c:9a:e6:a9:f0:49:5d:f4: + fb:22:25:12:60:b8:65:fc:d5:c2:6d:1a:06:e2:b3:a2:aa:cd: + e9:cb:9e:01:1f:96:2a:4b:e9:1c:c3:b2:23:b2:5a:2a:6b:2c: + 57:d6:f0:45:d6:d8:a0:fa:2d:6f:38:92:8c:ae:19:fc:aa:ba: + 06:b2:6c:fb:2c:81:a6:39:9b:36:92:54:a2:36:77:86:8e:dd: + fd:b1:88:15:d4:a2:6b:a7:bc:f4:e0:25:8c:75:e8:33:6a:bf: + b2:0c:6b:04:07:b2:2f:d5:c3:a5:24:48:b4:f2:76:31:df:89: + d7:56:ea:b9:b8:ab:d4:9e:d5:68:35:0a:70:9a:cc:9a:a1:47: + 48:84:b9:0b:8e:f3:0f:3b:99:6a:ea:e7:00:39:ef:a2:36:55: + 7b:bf:b8:d0:cd:a5:ce:6f:50:9a:fc:56:43:f7:64:8a:46:51: + f7:db:58:00:f7:5d:44:b1:7b:c0:22:ef:71:dd:8b:7c:c8:38: + fe:0f:22:ca:ca:d9:10:63:1e:88:b9:fa:24:ea:4f:85:72:79: + ce:57:d0:ec:d4:6b:ce:56:fc:b2:d1:85:79:6c:32:7c:05:77: + da:29:85:17:e1:56:f8:b1:ed:a0:8d:40:8d:54:7b:a1:2d:0b: + 45:64:99:87 -----BEGIN CERTIFICATE----- MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -78,26 +78,26 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA -nBYecSzMWSHfZdXwagfRRirPEF+c5XUTG9eOoxXchbgne4fVxV8pA5JICkKDhZM8 -GoJbD2aBCWrWnnP6TG7Al32yrRRbEoSCYhmi5AcVSDuYbDH1SostiOnCNt7Ce8hi -e89nY5dADPC5CWmPzlW0KAadp9gdS41MV84ODRuehQ3JSKX49QDRd+DVkct7aCwC -WKo49QmaPgE957UeD0kFk58wWYSLBuWKvpOYKVtEhqbYXhTUInk2t7CdLcHsWpl/ -qHryoUhCGIluIqWN/G6xbGI+Z3LW9Jb4+/xVU2jY175+1ht1DljI+fHRXbrkXs72 -obfPXtdDVkL1WIieId5tCw== +HIFfNGDduwoC24ya5qnwSV30+yIlEmC4ZfzVwm0aBuKzoqrN6cueAR+WKkvpHMOy +I7JaKmssV9bwRdbYoPotbziSjK4Z/Kq6BrJs+yyBpjmbNpJUojZ3ho7d/bGIFdSi +a6e89OAljHXoM2q/sgxrBAeyL9XDpSRItPJ2Md+J11bqubir1J7VaDUKcJrMmqFH +SIS5C47zDzuZaurnADnvojZVe7+40M2lzm9QmvxWQ/dkikZR99tYAPddRLF7wCLv +cd2LfMg4/g8iysrZEGMeiLn6JOpPhXJ5zlfQ7NRrzlb8stGFeWwyfAV32imFF+FW ++LHtoI1AjVR7oS0LRWSZhw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: @@ -131,27 +131,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 1b:bc:90:0e:7d:7e:8c:da:bb:5c:81:c5:86:8a:da:4e:c9:98: - a6:0c:e5:8b:ab:a1:a6:9d:94:68:af:18:34:3f:b3:39:e8:0a: - 3f:8f:67:a2:b4:f5:41:eb:ca:ab:93:8f:29:9f:7d:1c:50:7e: - 85:4f:a8:01:11:ea:08:fd:a1:e6:ec:10:4e:84:b3:4d:a0:20: - c8:32:5a:40:d8:8b:78:41:ea:19:8d:e2:5e:03:72:ee:9b:a0: - 84:bc:87:32:e9:31:24:37:b5:33:78:7a:aa:5a:d4:bb:aa:e1: - b3:10:c8:98:90:e3:92:23:54:86:0e:2a:04:23:cc:d9:a8:7a: - c9:1b:17:c1:08:d5:2b:09:e9:9b:ac:07:9f:e0:34:05:eb:01: - e8:15:c5:7d:69:89:17:15:cc:dc:3b:84:1c:aa:53:e0:06:fa: - 2b:7f:82:07:0d:eb:cb:be:43:8c:7e:9e:2b:62:08:44:32:e8: - 68:48:4e:e0:44:8f:7a:d2:4a:3c:6d:25:56:ce:2b:6a:54:8e: - 67:8e:1e:ef:bb:92:9b:47:7c:95:3d:c5:9b:bf:28:e0:a8:2e: - e5:17:4d:01:1a:71:1a:d4:0c:4d:d4:c8:f4:df:09:85:1d:36: - b6:47:9a:f9:83:1a:74:98:23:aa:96:a1:31:c1:67:c7:db:69: - 9a:fe:44:aa + 34:2e:4c:ef:fb:6f:f2:6d:64:aa:c8:fb:93:23:af:12:d4:6d: + ad:26:34:48:f7:bb:db:51:c0:d5:20:5c:cf:86:3c:7a:7a:9f: + f7:16:c0:10:42:07:bb:d2:e5:ee:f8:9c:50:b3:fa:56:41:0f: + 48:b8:d1:91:54:4b:bf:b5:cb:35:66:b6:94:a8:8e:ff:f1:d1: + 3a:07:d4:df:19:e8:5c:10:ff:93:ed:3e:9b:f5:d2:dd:20:32: + 35:5f:79:7c:9e:55:7b:1f:9a:b5:3c:90:3e:06:9f:7a:7b:f0: + 08:9f:ec:61:3c:88:07:9d:b8:36:6e:23:0a:d9:16:15:60:d6: + 0c:de:e0:11:8d:92:3c:37:6f:bb:cf:5e:86:d7:61:26:cb:a0: + 6a:bf:18:2d:08:dc:e9:8b:0f:02:a8:8e:a1:fd:89:cd:5c:ce: + df:8b:74:0e:b6:d4:8f:62:1a:e4:b2:e4:ca:40:4f:20:ed:50: + b2:c5:bf:e5:08:d3:d0:c4:f3:a2:87:f7:80:a2:fa:2a:4d:41: + 1f:b4:a0:f9:10:8c:22:c6:5f:83:eb:51:9d:44:4a:83:fd:b5: + fd:93:42:ab:f7:49:c8:98:4e:34:14:d2:82:63:60:6d:53:d6: + 7b:e2:00:8d:15:e2:e5:0d:53:94:76:d2:35:e7:57:2e:d0:a5: + d2:22:1b:f8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBozELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A @@ -167,26 +167,26 @@ gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P -BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAbvJAOfX6M2rtcgcWGitpOyZimDOWL -q6GmnZRorxg0P7M56Ao/j2eitPVB68qrk48pn30cUH6FT6gBEeoI/aHm7BBOhLNN -oCDIMlpA2It4QeoZjeJeA3Lum6CEvIcy6TEkN7UzeHqqWtS7quGzEMiYkOOSI1SG -DioEI8zZqHrJGxfBCNUrCembrAef4DQF6wHoFcV9aYkXFczcO4QcqlPgBvorf4IH -DevLvkOMfp4rYghEMuhoSE7gRI960ko8bSVWzitqVI5njh7vu5KbR3yVPcWbvyjg -qC7lF00BGnEa1AxN1Mj03wmFHTa2R5r5gxp0mCOqlqExwWfH22ma/kSq +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0Lkzv+2/ybWSqyPuTI68S1G2tJjRI +97vbUcDVIFzPhjx6ep/3FsAQQge70uXu+JxQs/pWQQ9IuNGRVEu/tcs1ZraUqI7/ +8dE6B9TfGehcEP+T7T6b9dLdIDI1X3l8nlV7H5q1PJA+Bp96e/AIn+xhPIgHnbg2 +biMK2RYVYNYM3uARjZI8N2+7z16G12Emy6BqvxgtCNzpiw8CqI6h/YnNXM7fi3QO +ttSPYhrksuTKQE8g7VCyxb/lCNPQxPOih/eAovoqTUEftKD5EIwixl+D61GdREqD +/bX9k0Kr90nImE40FNKCY2BtU9Z74gCNFeLlDVOUdtI151cu0KXSIhv4 -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: @@ -220,27 +220,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - b5:1a:a8:18:60:a0:55:56:bc:19:0c:0b:a6:fe:c1:a4:fb:b0: - f3:c2:7e:4f:86:62:c5:3d:a4:da:9f:df:de:57:a1:3d:9e:67: - d4:84:2d:bd:17:12:ad:9e:cd:7b:e5:43:c9:35:90:00:50:36: - 97:dd:bc:86:86:3c:63:11:13:ed:4f:f2:66:b3:ea:fb:d2:a9: - 71:00:d1:9d:be:c8:ae:00:44:40:a6:08:df:a3:ae:1e:85:34: - 4d:cf:61:40:1e:1e:be:b1:e4:0a:33:ed:30:d0:fc:c1:26:c3: - 5c:c9:c3:5d:02:87:88:49:2d:50:d2:7f:dd:5a:ac:26:8c:22: - 79:62:0e:84:ac:5e:2a:83:47:b3:42:5e:c1:2a:98:8e:1d:40: - 8f:4e:8c:2a:89:97:b6:91:8b:cf:12:5b:83:9b:81:0c:82:80: - 90:70:fc:55:28:8b:f0:c1:74:85:a6:df:85:c6:69:e3:16:d8: - cb:ae:11:96:7a:16:b8:85:c4:d6:17:69:13:75:35:b5:40:4c: - 31:02:cb:85:8b:75:38:32:f0:80:93:3c:75:20:5b:da:3a:c1: - 40:dd:2a:9e:36:e4:f1:8d:8f:56:20:a0:ef:67:9d:ea:53:ec: - b2:f5:7c:4e:dd:41:57:26:96:1a:0b:2c:55:00:5f:10:87:e0: - 41:e5:ce:51 + 26:7a:2c:3d:0c:70:00:99:4e:7b:48:06:5f:f9:0d:f2:ee:b1: + d2:3a:11:86:41:72:1d:d5:a2:89:fa:42:0b:f6:0c:7f:d6:8a: + 93:b4:19:25:5b:99:17:45:ca:95:6b:45:3e:b1:53:f0:da:0c: + 81:67:f4:7c:3d:2d:dd:68:bd:ab:44:d1:99:9b:63:9a:54:14: + 28:e5:0d:a4:a6:a6:fa:a4:29:b0:85:96:c1:f5:ce:af:77:ba: + b8:36:ff:7c:62:9f:6b:57:5c:dd:34:14:17:a2:81:ce:40:b9: + 10:c1:9e:cb:4e:67:9e:a3:7d:aa:80:d7:a7:d6:42:be:69:69: + d3:74:02:08:a9:32:a0:ea:22:3d:cb:c7:ee:57:f2:7f:99:6d: + 79:9b:bb:4e:43:fa:d5:28:af:13:13:f2:c9:56:3e:ca:87:22: + d9:c5:30:44:27:3b:20:8c:ad:5e:29:79:1f:8d:e3:13:89:1d: + 7b:eb:7c:3b:2e:04:51:43:68:70:dc:fc:be:aa:33:6e:b2:c4: + 36:e1:79:33:2c:b7:b2:d5:75:f2:f0:66:51:a9:a6:de:4a:77: + d3:f7:bc:84:e7:ab:3c:7c:e6:33:59:86:1a:99:9b:36:24:51: + 96:fb:c2:c0:88:2f:e6:35:6b:68:42:93:4c:09:22:23:06:7a: + be:16:14:a1 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBozELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBozELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A @@ -256,26 +256,26 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAtRqoGGCgVVa8GQwLpv7BpPuw88J+T4Zi -xT2k2p/f3lehPZ5n1IQtvRcSrZ7Ne+VDyTWQAFA2l928hoY8YxET7U/yZrPq+9Kp -cQDRnb7IrgBEQKYI36OuHoU0Tc9hQB4evrHkCjPtMND8wSbDXMnDXQKHiEktUNJ/ -3VqsJowieWIOhKxeKoNHs0JewSqYjh1Aj06MKomXtpGLzxJbg5uBDIKAkHD8VSiL -8MF0habfhcZp4xbYy64RlnoWuIXE1hdpE3U1tUBMMQLLhYt1ODLwgJM8dSBb2jrB -QN0qnjbk8Y2PViCg72ed6lPssvV8Tt1BVyaWGgssVQBfEIfgQeXOUQ== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAJnosPQxwAJlOe0gGX/kN8u6x0joRhkFy +HdWiifpCC/YMf9aKk7QZJVuZF0XKlWtFPrFT8NoMgWf0fD0t3Wi9q0TRmZtjmlQU +KOUNpKam+qQpsIWWwfXOr3e6uDb/fGKfa1dc3TQUF6KBzkC5EMGey05nnqN9qoDX +p9ZCvmlp03QCCKkyoOoiPcvH7lfyf5lteZu7TkP61SivExPyyVY+yoci2cUwRCc7 +IIytXil5H43jE4kde+t8Oy4EUUNocNz8vqozbrLENuF5Myy3stV18vBmUamm3kp3 +0/e8hOerPHzmM1mGGpmbNiRRlvvCwIgv5jVraEKTTAkiIwZ6vhYUoQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: @@ -309,27 +309,27 @@ Certificate: X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 1c:4a:61:8f:95:15:dc:f1:79:27:3d:bd:fb:30:05:37:da:62: - e9:ed:0c:e4:18:78:87:7c:aa:a7:0e:c6:b2:ff:04:25:a7:f1: - 29:4e:ad:7e:86:47:67:f3:a8:a9:70:28:5f:2b:ab:34:a3:21: - 30:7b:45:d3:5b:60:5f:84:86:01:cf:36:14:1a:86:09:00:d7: - b6:60:69:6a:0b:fc:9c:c4:9e:46:90:74:00:61:32:23:b6:73: - e8:58:c9:44:e6:6e:8a:b1:e4:a1:9c:a9:a0:db:2d:71:b2:a4: - 4c:ea:f2:b3:28:46:8f:fd:61:70:c5:92:b3:ad:42:92:d4:dd: - 2b:11:ce:a5:02:84:6a:a8:81:2c:00:29:2d:54:63:c3:18:79: - c0:a9:d0:d7:c1:12:65:6e:14:98:e5:09:1a:2e:ef:0a:e3:4a: - 9c:3f:a8:01:44:6c:f2:31:90:b3:78:91:23:e5:6f:3e:13:54: - 59:32:c2:11:1e:a2:2d:9d:39:95:25:c3:8d:c5:d7:b0:e4:b3: - f8:d7:d5:8c:ad:b7:f4:2f:44:f2:05:53:33:6b:52:a0:98:e5: - e4:ec:fb:51:e7:fa:d6:2b:c1:e8:c8:a6:a7:5c:44:aa:e4:61: - a7:43:5d:5f:eb:5e:d0:d5:fd:99:01:a3:0e:39:5d:0b:b4:9b: - 8f:e8:a8:0e + 56:36:8b:bd:1d:e4:df:d0:a4:fd:c3:b0:e8:fc:fd:00:89:6f: + 24:b4:eb:a9:d1:1c:0d:d9:f3:f5:02:90:f0:30:76:f7:73:b8: + 0c:da:7e:19:9c:b9:d7:0d:f9:46:cb:e3:4c:3f:f4:f4:fe:f8: + 81:84:a9:da:c3:a4:83:58:ff:a6:78:6a:41:8f:62:8e:25:69: + ee:34:20:49:4d:da:8c:94:fd:52:d2:96:95:e6:be:d3:21:f8: + d4:23:65:4c:33:55:b8:a7:95:99:21:e4:f6:29:c8:36:db:d8: + 84:d0:1f:5b:92:92:87:8c:50:5d:dd:04:46:30:1e:b6:04:93: + ee:4a:2a:04:b6:9b:f4:5f:fd:89:66:54:fa:e9:76:b0:78:3c: + 71:7b:d3:93:90:b1:57:f4:f3:e3:90:48:e7:de:da:30:61:f2: + 2f:79:0b:1a:e8:17:a6:e5:58:ab:18:25:68:b1:9d:af:5a:94: + fd:1e:fd:df:84:56:e4:4a:01:63:b5:36:b0:c3:61:0f:18:04: + b9:98:ca:75:87:26:ce:9f:71:c7:e7:60:f1:9a:b5:5b:91:0a: + ed:e4:e6:28:6d:ea:d0:e9:4f:14:64:c9:4c:67:ae:df:8d:a2: + 5d:42:a5:14:5d:29:d4:4b:25:3e:1b:fe:2f:7c:13:4d:e4:72: + 57:a4:fb:fb -----BEGIN CERTIFICATE----- MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTIxMDIxMDE5NDk1NVoXDTIzMTEwNzE5NDk1NVowgaMxCzAJBgNVBAYT +Y29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgaMxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -345,26 +345,26 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -CwUAA4IBAQAcSmGPlRXc8XknPb37MAU32mLp7QzkGHiHfKqnDsay/wQlp/EpTq1+ -hkdn86ipcChfK6s0oyEwe0XTW2BfhIYBzzYUGoYJANe2YGlqC/ycxJ5GkHQAYTIj -tnPoWMlE5m6KseShnKmg2y1xsqRM6vKzKEaP/WFwxZKzrUKS1N0rEc6lAoRqqIEs -ACktVGPDGHnAqdDXwRJlbhSY5QkaLu8K40qcP6gBRGzyMZCzeJEj5W8+E1RZMsIR -HqItnTmVJcONxdew5LP419WMrbf0L0TyBVMza1KgmOXk7PtR5/rWK8HoyKanXESq -5GGnQ11f617Q1f2ZAaMOOV0LtJuP6KgO +CwUAA4IBAQBWNou9HeTf0KT9w7Do/P0AiW8ktOup0RwN2fP1ApDwMHb3c7gM2n4Z +nLnXDflGy+NMP/T0/viBhKnaw6SDWP+meGpBj2KOJWnuNCBJTdqMlP1S0paV5r7T +IfjUI2VMM1W4p5WZIeT2Kcg229iE0B9bkpKHjFBd3QRGMB62BJPuSioEtpv0X/2J +ZlT66XaweDxxe9OTkLFX9PPjkEjn3towYfIveQsa6Bem5VirGCVosZ2vWpT9Hv3f +hFbkSgFjtTaww2EPGAS5mMp1hybOn3HH52DxmrVbkQrt5OYoberQ6U8UZMlMZ67f +jaJdQqUUXSnUSyU+G/4vfBNN5HJXpPv7 -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: @@ -391,34 +391,34 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption - 0a:09:0b:51:1a:2d:fd:0f:3f:07:9b:9e:c8:17:d9:a5:40:e6: - 08:a5:8a:f6:38:38:c1:b2:6a:a0:80:6e:b8:0f:15:94:80:ed: - 1b:2d:79:f0:31:f3:9c:6a:1f:f5:51:d3:9d:6a:17:c7:20:14: - cf:74:b5:01:ef:ce:0c:d4:c4:e5:d2:f8:6c:ef:79:64:c0:7e: - 50:7d:88:1f:5a:7d:a4:d0:e5:0b:ec:b9:54:ac:81:91:75:2c: - 38:de:ff:73:8d:23:14:52:ce:c8:07:cd:e5:66:8b:79:90:ee: - e0:4e:91:ee:dd:14:74:58:89:04:ea:d7:f6:cf:65:b6:33:d8: - f8:ae:1c:3d:17:fc:5a:51:28:b9:a6:6e:c4:aa:e8:43:f8:9d: - 6b:de:dd:e9:9c:9d:b1:43:8e:f1:b7:60:9b:0a:fa:3a:0b:80: - a8:01:7c:b5:63:d5:c5:11:23:9a:89:2f:0f:47:26:0d:78:26: - c1:61:64:c3:37:93:27:af:08:f8:4e:1a:f7:92:a6:c0:2b:32: - 78:23:fc:71:71:8d:a1:1e:ec:7e:6f:62:27:1b:04:3c:0a:78: - 23:9a:21:b2:ef:59:67:59:bd:9d:d3:49:72:0c:0b:c2:8f:d3: - ca:4e:81:ab:b3:5a:00:39:4a:86:ce:1e:e3:99:a8:1a:e3:ba: - 79:a9:aa:68 + 4b:8f:32:25:21:a6:78:3e:85:35:66:bd:36:f4:7c:cc:4e:90: + 74:19:b0:a6:35:bb:cc:59:a8:61:06:29:65:bf:75:7f:9f:a0: + 84:84:18:c1:9a:2f:93:3c:12:4c:ec:89:e4:e9:a3:53:0f:0a: + 00:e1:4b:00:e4:64:b6:4a:53:59:06:e7:0f:d5:cc:af:26:34: + 31:86:fc:3c:9e:71:b1:10:4a:c1:db:a3:52:98:33:a2:ab:a0: + cc:24:3e:f8:bb:21:f4:24:c5:03:17:27:d2:21:09:02:a8:4e: + 98:b8:63:ff:50:62:b2:c8:a6:b9:bc:cf:bd:a5:91:98:da:48: + 6d:05:f0:fe:e6:77:7e:69:81:e5:2e:cb:01:dc:ce:e5:09:b6: + c9:05:8e:f0:e4:d5:2e:3f:23:92:6c:47:e1:75:fd:7a:49:74: + b9:85:65:a1:d5:52:64:9a:42:54:a3:14:5b:69:a0:c3:66:3a: + ea:ce:5a:47:65:d9:08:ff:d7:79:de:67:9a:45:6b:e7:13:5a: + 57:60:dc:d2:65:06:19:a7:57:cf:48:87:80:39:ca:46:0c:1f: + 90:bc:e6:7f:4d:5d:f2:83:b1:08:24:34:8d:96:94:5f:64:90: + f4:a6:1f:46:e3:5e:1f:fd:d8:fe:4d:aa:98:e4:93:af:32:72: + e5:fc:fa:b3 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -428,16 +428,16 @@ Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr 42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB -o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBGDCCARQwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA -A4IBAQAKCQtRGi39Dz8Hm57IF9mlQOYIpYr2ODjBsmqggG64DxWUgO0bLXnwMfOc -ah/1UdOdahfHIBTPdLUB784M1MTl0vhs73lkwH5QfYgfWn2k0OUL7LlUrIGRdSw4 -3v9zjSMUUs7IB83lZot5kO7gTpHu3RR0WIkE6tf2z2W2M9j4rhw9F/xaUSi5pm7E -quhD+J1r3t3pnJ2xQ47xt2CbCvo6C4CoAXy1Y9XFESOaiS8PRyYNeCbBYWTDN5Mn -rwj4Thr3kqbAKzJ4I/xxcY2hHux+b2InGwQ8CngjmiGy71lnWb2d00lyDAvCj9PK -ToGrs1oAOUqGzh7jmaga47p5qapo +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ +KoZIhvcNAQELBQADggEBAEuPMiUhpng+hTVmvTb0fMxOkHQZsKY1u8xZqGEGKWW/ +dX+foISEGMGaL5M8EkzsieTpo1MPCgDhSwDkZLZKU1kG5w/VzK8mNDGG/DyecbEQ +SsHbo1KYM6KroMwkPvi7IfQkxQMXJ9IhCQKoTpi4Y/9QYrLIprm8z72lkZjaSG0F +8P7md35pgeUuywHczuUJtskFjvDk1S4/I5JsR+F1/XpJdLmFZaHVUmSaQlSjFFtp +oMNmOurOWkdl2Qj/13neZ5pFa+cTWldg3NJlBhmnV89Ih4A5ykYMH5C85n9NXfKD +sQgkNI2WlF9kkPSmH0bjXh/92P5Nqpjkk68ycuX8+rM= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-entity.pem b/certs/test-pathlen/chainJ-entity.pem index 268139037..c516f29a3 100644 --- a/certs/test-pathlen/chainJ-entity.pem +++ b/certs/test-pathlen/chainJ-entity.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-ICA1-no_pathlen/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:55 2021 GMT - Not After : Nov 7 19:49:55 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=chainJ-entity/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: @@ -42,27 +42,27 @@ Certificate: X509v3 Basic Constraints: CA:FALSE Signature Algorithm: sha256WithRSAEncryption - 9c:16:1e:71:2c:cc:59:21:df:65:d5:f0:6a:07:d1:46:2a:cf: - 10:5f:9c:e5:75:13:1b:d7:8e:a3:15:dc:85:b8:27:7b:87:d5: - c5:5f:29:03:92:48:0a:42:83:85:93:3c:1a:82:5b:0f:66:81: - 09:6a:d6:9e:73:fa:4c:6e:c0:97:7d:b2:ad:14:5b:12:84:82: - 62:19:a2:e4:07:15:48:3b:98:6c:31:f5:4a:8b:2d:88:e9:c2: - 36:de:c2:7b:c8:62:7b:cf:67:63:97:40:0c:f0:b9:09:69:8f: - ce:55:b4:28:06:9d:a7:d8:1d:4b:8d:4c:57:ce:0e:0d:1b:9e: - 85:0d:c9:48:a5:f8:f5:00:d1:77:e0:d5:91:cb:7b:68:2c:02: - 58:aa:38:f5:09:9a:3e:01:3d:e7:b5:1e:0f:49:05:93:9f:30: - 59:84:8b:06:e5:8a:be:93:98:29:5b:44:86:a6:d8:5e:14:d4: - 22:79:36:b7:b0:9d:2d:c1:ec:5a:99:7f:a8:7a:f2:a1:48:42: - 18:89:6e:22:a5:8d:fc:6e:b1:6c:62:3e:67:72:d6:f4:96:f8: - fb:fc:55:53:68:d8:d7:be:7e:d6:1b:75:0e:58:c8:f9:f1:d1: - 5d:ba:e4:5e:ce:f6:a1:b7:cf:5e:d7:43:56:42:f5:58:88:9e: - 21:de:6d:0b + 1c:81:5f:34:60:dd:bb:0a:02:db:8c:9a:e6:a9:f0:49:5d:f4: + fb:22:25:12:60:b8:65:fc:d5:c2:6d:1a:06:e2:b3:a2:aa:cd: + e9:cb:9e:01:1f:96:2a:4b:e9:1c:c3:b2:23:b2:5a:2a:6b:2c: + 57:d6:f0:45:d6:d8:a0:fa:2d:6f:38:92:8c:ae:19:fc:aa:ba: + 06:b2:6c:fb:2c:81:a6:39:9b:36:92:54:a2:36:77:86:8e:dd: + fd:b1:88:15:d4:a2:6b:a7:bc:f4:e0:25:8c:75:e8:33:6a:bf: + b2:0c:6b:04:07:b2:2f:d5:c3:a5:24:48:b4:f2:76:31:df:89: + d7:56:ea:b9:b8:ab:d4:9e:d5:68:35:0a:70:9a:cc:9a:a1:47: + 48:84:b9:0b:8e:f3:0f:3b:99:6a:ea:e7:00:39:ef:a2:36:55: + 7b:bf:b8:d0:cd:a5:ce:6f:50:9a:fc:56:43:f7:64:8a:46:51: + f7:db:58:00:f7:5d:44:b1:7b:c0:22:ef:71:dd:8b:7c:c8:38: + fe:0f:22:ca:ca:d9:10:63:1e:88:b9:fa:24:ea:4f:85:72:79: + ce:57:d0:ec:d4:6b:ce:56:fc:b2:d1:85:79:6c:32:7c:05:77: + da:29:85:17:e1:56:f8:b1:ed:a0:8d:40:8d:54:7b:a1:2d:0b: + 45:64:99:87 -----BEGIN CERTIFICATE----- MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMjEwMjEwMTk0OTU1WhcNMjMxMTA3MTk0OTU1WjCBmjELMAkGA1UE +bC5jb20wHhcNMjExMjIwMjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -78,10 +78,10 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA -nBYecSzMWSHfZdXwagfRRirPEF+c5XUTG9eOoxXchbgne4fVxV8pA5JICkKDhZM8 -GoJbD2aBCWrWnnP6TG7Al32yrRRbEoSCYhmi5AcVSDuYbDH1SostiOnCNt7Ce8hi -e89nY5dADPC5CWmPzlW0KAadp9gdS41MV84ODRuehQ3JSKX49QDRd+DVkct7aCwC -WKo49QmaPgE957UeD0kFk58wWYSLBuWKvpOYKVtEhqbYXhTUInk2t7CdLcHsWpl/ -qHryoUhCGIluIqWN/G6xbGI+Z3LW9Jb4+/xVU2jY175+1ht1DljI+fHRXbrkXs72 -obfPXtdDVkL1WIieId5tCw== +HIFfNGDduwoC24ya5qnwSV30+yIlEmC4ZfzVwm0aBuKzoqrN6cueAR+WKkvpHMOy +I7JaKmssV9bwRdbYoPotbziSjK4Z/Kq6BrJs+yyBpjmbNpJUojZ3ho7d/bGIFdSi +a6e89OAljHXoM2q/sgxrBAeyL9XDpSRItPJ2Md+J11bqubir1J7VaDUKcJrMmqFH +SIS5C47zDzuZaurnADnvojZVe7+40M2lzm9QmvxWQ/dkikZR99tYAPddRLF7wCLv +cd2LfMg4/g8iysrZEGMeiLn6JOpPhXJ5zlfQ7NRrzlb8stGFeWwyfAV32imFF+FW ++LHtoI1AjVR7oS0LRWSZhw== -----END CERTIFICATE----- diff --git a/certs/test-servercert-rc2.p12 b/certs/test-servercert-rc2.p12 index c9f07ede4eb2f9de5655b4e3230fae8bf5157801..4e95e2cc70279fc3e7a46cd66cf808ab3b5e054b 100644 GIT binary patch delta 5473 zcmcbr)vN7b&?MT)#K>&WBue>QMbtN@TI5-pmKf z&rRt2!m>@A^T*b|C0nD;ul<#^VfJ?q~ILP_0k+q1}Dqf#=3ct#SW;*M47aH2;Z}`gCos zV;Ze*e%8!hR5{__#PV*dZHIG9eM`v3+w6 zJflr`9f=>-b*MdGk&8MBe@95>Ivp>My$VwD3;O;W82X z@15HY-sjS4d10Di9=EY&2LEA+^YK@N*M1BSTfgeuq8Ow4`Zeo1bGsMKDbxG%=fawU zu@aM~-)|6~HvLX2gYL=)4IHnZatr3j&38|IY1=i!E|TNoMt-&S9>nvo?Nj+Izsdqe}bM2~~wN)leC%Kwlmp#62vw%TPb8=qHr3+b+ z4b63o)u)vEc!kBAk}c{FK8`o~nwqthvtjqQ691hswbpxGZ~N_EHR;Cd_2*fxNwjSF zcgHH`mxj7vsxTlyo6T9e;0M(B9wEq^DV6vy}FNVHgDvhiAuh)6G=Yk752ksEXx z-Cs_MajESSb32+`rt`a7_#m@Pc6?WqT1!xu>-x&iYd)J^oRl+ZO?{0(y@#*rzg+JN zxoVfY@5dIF=xOGd^_)nW@VfR=h;aM)jrmE2f<^aMb9FdZA6UK2SX(4XJWOZF+XuhG z)dhC^x?^~5Wzt8}H--h3O|N|=XS&KWIuu)O>leKr;!yRy-8A^gn&ov@{?_abP2765 z`1am6-#<+`8s2nLWd80oDjKf(UyAB4eRx`}&$>~cXY2mwb(2?q{&~aIeeKMsy$@Vv zBDa6OTz$m%_xYq2^Pe+Zc5i(u=akpN7VE^uvgK9Y>gb6*A7;1fS{~_)_u4sImT~7a zr^K++hilh=k=w@i*V2H$Xj93~%I~U%xk;984Ecv``&TVG-!Va`b*1j1rjr*cSQzTHcC^2)()W z;PI*%=OU9A_-qN%ubwmQQE&S~jj0V2dj95$zRGjSuHXOU(bXU9^Zx5yjGPlvxbE~> zmQ1&xKWwHlAHMDu-sdWGdFM*mLyyBBr+94JHX(5O8CSm-KSDJ-jura<)!mx${QcQ= zc9qAU%uo=oykOnME4%#Kt)Tz@yyuo)Ol?#ASo?r|hUXezIp+x-Za-Y-+>Oz3ICk0R z)y2a${a!9^%R9Jk*JoW-sEic4bvCo>-H-pXk6oQR>9MB!l#JOmOUrgW^AVfP#QXi< zu5&VTlVo}sjaCFdR=e_lvzzA08r=io`;T_N*gxA|r}(6TwhWJ$Khye%Tq~DjOHL=8 zUvVqzx!H#=EtQ*hKDd^$>)BrBxOJg9dB^|1n$|qqx4&Ml0S08FqK0)JF zn0E5*l9!LQzSM1h^ndm2{En#k50@MB-`UNu_t&&!cD?O0m6kBKEoUy!d$H|=ao)_H zxTk)mN5V`R{e25BS6@-~a(a@(snQiD&3W>@&E@CY)=jS5@31PS?cL9+#LxLV-!2V| z{4ZPNuygH=)?bs~@rE|vd3WyPN%3OW`U7suy3Ld4CPtL!o+{q5MPl_Wm6NG|eAspM zCnRppO=R#i;E375pTBj(jPF;U1a-<@xy5Lyx2@U#=oH4wrA{kUuj;b4OjFS;%$)s2 zvhkopUdNFwj}Nm)hnc_MW~BO&c}s^Jf6z{C;{(#Je>ZKo_49{w&ty?6+X~ zw!2=w#3OZgMf{{UX+iCs)q;dp59SbD?n zFjqRK=4k~ydsd&#vQ=C4RaMQSEh;MBT*@DBPt=NGoN_R*Z{e=ELuWGOtmOG}HaboA zdb?L=i~n*b-~acU)7JV3rz;+v`DB`0iTAG=AH0qF561Reo<90d^lr|QQ#t&?`}gf! z!-Wnu_f@nx2zLKjv2EVbBaf&5w`B~NtG(g3 zB8OXX^V@^A9Znk4581oNh1GmMeuTA4^IT6*?`LO0BYXB6Z=SJC;Hizas9!mI$){U0 z)^HX4**&?)c}mDm`6B1FH?{6xNLbi>`1s9>DYGAGB>%Ts*qHonLE2&M^|kB_51+72 zQdyE#xW?mgxJP2j+!ywDoJF2T?S5lk{5bXg{>0lewA<3&g}qE`-zmSPtnuV*&4Tf-QG`>zn{v!=`^8WTMCoP+g&!dOAc`>Jbx_CnwjkULH}i%{tMAp!l9ni zbxo4%t<83D7fwB!o3O^aSDYvHN_&IgCZ}WJ){EkJeNr;>|1(-Y>iE;N-0s|M9kb}S zR>~=IJl$12-y`f)_HST~PxMqjW;N46M|!$D_m7_CH$U9a)4TQQ`|R1FVcpv7q9yU0 z0=iuc4c9U)Ty0tYK||5&OK9n8R<-w5E4og<&E{QcUjH@nh__EdOLlnlCVf5o*>jqo zCQtp&nEd|1<*DnW;@`1ZU0X4`O_XBq!ouul4=tJ53Vcx^xXu?y||E3)}#-ukko)Lysxui&g0>5P92c4?8vzo+h-cYUA7 z+Lk?~i!Nm){^5_WH>zU&c==tt?Y>+0-xSLQtJT?mFx%&4vRTV$x#@@MPS3FE_2pX* z@A5b!dguL&1fw(ajCQy@7ULE!H8b5MyjJk4T43v;)88g3UqAIWernUVKaV}RGV0w5 z!k?W=5aQ&U`P;|--2R9SFIRt!UC?JFa^z&sO`nM%3!%rMOjz(l@@Zz5b|YW{1{go*u{h=Estk zFG_f^`Io=K633bGvpki}=iZH1m#z0W@oQ6;;i)<1na0;kRkQCnD)?}*F}{@DVPk9Z z^<&t9+RptfC+5iR+;}Kzd8dx|)9#2hc0Xmln9s92~~cJaD*xAf;(ZVL+T-f<-5 z`CZMQys1pfRSge2>DuQh_LXk_a&bEQg|w}skkow4LsqpxV>@ z^&NWWz6W=%Q9JEke=XzX&(Pk-ufOPr&snc8wxzmTwJvCP+Md_Z&hL_TrMwDHelaO~ z>bZuSL17R1ZWl#O=qq`wvrIBVnsuton%z4ygO-TxUi>sZJ7i}SyUzU!imVw58bR8O zsrd=tTSbBr>Br|z_kP~m-E10t zquR$#@=L?-^gkWUFP44GQIo!N<>e-ICYiz~D-yK6$noEJ)~dBm-oCWH(M)}Fu-P|d zt}2fmXAkrU90*Qeo1?S-kH?u11a4f+Z{MSfrK{`62}cZ}228!h%*+niQOtiPALVREfK>r~lY zE#<*Zx5^hCowc<8y*;n-+b~Vz?6WL98!m+YSg?qb`PirWU483Ty;lw?&*eBS71h=1 za_3{?F_ElCON8#LUfc7duRJ8>jBfK98R7G*pM~d!zcQPWoyd8ue)^Xy;eVFt%O)j; z7rLFcy?W$ubNpu3l%<+GLgq`m75=Sb`4zk9ftc(yEj<|pSE)9IzSHG?YZEeV>gTVo zJ=St4uEBRs*8RMI-e=vvkNi@vNZIC8l<(mm%6cSwk;QRujo|wa_8sTg>%LPhA$@Yx z=b4P(g|+_&K4Evac>SsMt7m=sM*h!|8B#Nw>(0mDcT$@3HEmJ&3;D{b0YlQbH9HX3t^^B&o=J|^DoX`Iqz$%Z+ANX1_p_3^@073 z+cd7p_ZAfV$ysZVQ+586m&AnkcWN1C3oVlEi2h-6q~n>8%Kdd5i&stM5WR9OuHG;B zI8S2ghd14`FKg{x@hNxdwFk1CPd6?;E9|N`onw32w*5LA9;iGL`nNH1!VllL&CYvV zs}-gjo409foxS_{7Ur3snuUJc4&Ei6wmSaep_^XivpAbi$65!!+M&1g-MP?7^$f;xNE2-3byffu$ zO>x^ymH+eKzMb{GM26Yh?|%B}!EsNwqWjkj3>B~U*dE^+;c)t%`>8pGLctSOux>Rj><^yKn7!c0QL%&{ z>gT>Z&QQBiUq7qsh=cIOpu!LR6P7Zc-L}o!M2&Oa{;$UtaPca6^jRJ3J#}TC=JBN| zOG?;po`1dhp2G$co|{H@BEP>(sl6I8tu0V{wRDaC4DCufycK{BHFXrwcDNs8&7%_3c@jSWc`} zTpG5dOK+iv_1ZbB|Fk9s8?Biq@pMYsHQsGc!h#~Yt~xGid+&eT)OxLgLj3lQ@+_@A zlb%N_u3j1S%j$i5U<m%^fHh^Xr-tf2!>Hn}KeenwO3!Gxsi) zRZ#PrGl8q#wR2nj?v`1n5?(yGAZGfarc~$b&*RBwq&9Cj)^^^GIkI$G)A`SLk}UTg zXEA>|^}}Ku@jqb~O;0Dh*EijjQC#>p zcyeGJ&-Pm9i*>6ntb1cCQ+qYxd&|xT@uy#|VqcK;mRBp~e4*8~)sHVR+?&X1w(w=P zVd1fR>n`^Rd=PCv#B`<5<*;?L_Wj=z{4``Fd3$HG?u#u8_C9cb zMg4{^|9V>&$tgJ-Eh^o8r165no)F)O9=?-o-RnDMe60DPAsTdU_175!Z;Pe=u}YjT zT)U$Crj%6GJ4Vhg&n1(uU1vP{(Mwz-M)B8Cz zr)&G$TruxT6cZ8r_*~S1x9*3HrGw(KVHJ|YH|FnQLc^6FNZ!$hn)r-{J-EyOt zsjPipn9QQEMi!O)vTYWp3lH(_-g$^`r@+hnH>XY~$|lCh?=zOZWoF1Cy5cjB>iRs1 z$s*U%j=bjFw!PjiBOqI|=SJzZ@+^)oF%e0d@~vf+A$nXzYfX|vB~UT z?yh~-+2&y2Hs$2A`IXyVcKkcA@G*n^oprme#fVOS`_ym4^pnCdOm1b?M(JAu<-YT* zI8zm^TURz?mRIHeLo*poPeAMfq+^y#-Qgdwdsqw$38$Pw;dhmk#HIfhieQ(`-E8*9~4u*Nn7LhG7oUYl~&2m$F ze6rde?v7Lb-F$e``~1F;fIBa0xp%RYY;G2^vDCl1y~^~~$tBaK+oW8YtJ%?{+*N-m z*zH5zxq#I0cN>5B=F}fIv$WgAsrY_HWC6p^Z*z>7-Td-$@q^&G0jrKWnXZ}r^8-(s z&W!1)6C*o+GaB@E`)sd%D11EXMtki2CHjA5!hSsYJcY4_>%WA9_)8WwrYVuPHW;cJ zD8q+0IYkY{SVV#{vQ@si1%2@5ZMWGqKT_J#rtJv3fuVt-0Vf-)HXk#S6e|OZNS?4= jYG+8Bu|@i|vu{~-%&WBr49vsnzDu_MMlJopC{vC>6Mw<_V@o+33$`EUIGWPzS$@`JeX3mQ zdes$MS6nnq&)|L9vEChGMYF>C$rOpS5p8C#nOa2+%Qf@x1 zleXC5Qx2b=@u>nspN)=|dZLn>|4hs_c^+1AVP@k=W1(G-c~3s*zLWYbUzfMcD>h|e z;LS^nnjDd{M6WbATh}V3Da_w~V4untnR$`JI?Yh^euDOvc)Xx^;) zryE*MxvS3Vb(EGl@bc%hbG3Qpd*>BnfImS`8V4ZDYXW^xvqnstkYtX|!B*e0zn zu)r>2a#vgNv5B9jNfVv0N ztoL-XJ>@4XKB2zo+=5-4?EM=*lto8eIX5B6_Q|6pzc7V7o`!2jmfbl$L9|G)k>$9t z^Pa^n9|cVggvH;Ux=y&;u-eDFHtTJeJo!b>l6KBVhLIB)rxobDs281aBRok!Cu-Z) znMZH28oZTve%i({^GI^tKDCV>+$ONf`sdzkJ-m+D=(0fhrTCTSKXL3fHFf?GbyjC8 zo8N9xGZe94ng(Z{B6qKX}a46X$d4$e!+*si8N7pSRmwD7>;l-qUqoccz8- zwTT7q&sI5k#|s&4_+#a;^SW8YvS|xuSAUUaT-CZF?MAxYnKz6JzgBU%Y5i56>TYwOduO;!GUe-c|dzq?EP7m-)leNwHC?VeQskzU_hD~jtE zxGdcM>QOw0P57J(pOR*>`EGr(wIq1ItMEaIQOyo6;ly{^t_ zpBZzQ>#N$jl5z>9gGep&Q#$NU0&+4!nci#s=bs^;dLaeVK_H$gG$W_+5wP3Q7;HYJ7KodWGM zmaWrcPl)2Fx0dv3U!V3r+>UW(hau}k_5%~$SGA=j_ue~~*Znx9EF|K<&$ioZL=VeL zJ@AkhO<#CwvE*}ym$%>jTAvWek@fx0IpaNr8{4xw-}+2C>)xdv_q(#^d&4@dxi>B+ zu}+Pj9PQn;`S!k2rc&NhoRc%2ZU69gN$u?nb+(E2bDH$mfA6ioGHcqhaNqq-6NDCZ zaNKE|9xj&idd*5jhI{|Cml!_MRujLnRl#^h&C&;!te-!7+r>s!hf4Q_?NNEIzRfth z)8Xa>)&p||R_@V1E0xTYKKtLEEJk%v9-&2A_CIfmUpQSf=SX_%vAq_GQ~VV=73a5> zzj~2h;J&q``>536>yNxxr`O-wCq1`AUg(0R^h}4!zmF?2^OwG2U`~;)Z#=i}iIsuN z^_KT(>UwYd-$-Q4)W|2^v-wy$5;idxC`GI!`t z?AARR-N9~iY{rt`Qw7eL?pgK1d)Chgtx%yXhJ}9Hl4=eww7AJ|ZLTGwvI5iVzq@7! z?Kn2+`tRF2X1VFd|2Us^_0_Mp5(dvET7{|~(+dg`4oDDQt|n-)&Eknmfp^}bBl+I@ z8KmFm&e}Yyesi*jzGh+JIyHR;6|MS^?PgJ8eeoMiw%Y}Nb-Xi4kWsO{&hopn`^0ON zOPe~QG*!1)$~c|5e4$dGziPpr_WL_`-O_SRY<1vR7X4)2#Ty4!FN?I1+7YRLSFG&u zgueDwA@P!L+iFAV{y1?9XEyv)(n*_SnZmIqL&I40WVCGR{dy@j*;{^bo*7r(bay>D zHR;sq%hzqn-UJ^u_)*4ph?DiwQR@p+fBD_@`PefrKtJ*BL&3Szr=E=~W zg1&5?Z63Y+^Auf+#~CU!9P562Kd5IncK*%oO55Xp*&Q4f6MNWFKRD$wARZXcCk7=y~z2W zT(RMwb9HS>Ydv{& zVXj=-tb_N?Pg#2UdZGUt=17@8XQo;iE6Pk{GrVehx%lOR24@jpAYStQucVs9E;-z=Sq5|+OQp$OY>mUGdeCK zT7bC;v2dC~T{gSTFubA2V=2>Rj&Y(G0Qo__q zzRO%mS|TK+b~LK_XZ8Q@rzV)2)fpDOc~K$!@bQyY-AxQF!c(lY?)2zvXnQ@Iu~pMF z_13ii>!1FAGV9Hkf1g|*O!{$j)e;^@ouykuerzq+e{{v!i=T>DSy=L z-T&9TRo0wxvgP$sWs~pqYw!F#zb{)(L*R7uHqV>NGE9A69#8OKU^D41?_5&spZMzf zYte)k><@faMsx|Sd$(4I@yQ`q(>ableY>-TJpRp$f0PsF!SLODXY9;LGw<=u%dyfw z{coviQiAWFCs$53k&x<1{P*zj_QU7BYm6qhItltY zC0wac3+?*GZrdE!A{)Q4X?b;~qsWR^^&T^3TDdKbQmQW6Cm^(7-IhA0#hJ<}E$?qx z7d+_WcUU)@`MgBG)=RbW32*cN=|^?#-Ipo5_1eX~H(OFB3vZV>bmRV|2Q3{-riOO* z^RWq~PIi>5F04Ey?9@B)*7sc%YBN{!Xsb7IT(WCjH&gBZzTGpdekOQH_^vxGoMmhy z^XOo`V4~ha*F84H+n<{rlJfW?D7N$b|MzCPN(<$eO?#Vk=HZ5j)QUAv7cY(U`Sf?) zpYn4WQ|{l|w~*`BpO4BFel2?^K8t+HC3vjoM_k9UKk9N?fwF6FCUJ9rpPlohi6yk2 zuY_%%g-hKkQ+AWdXVq@*jIWKlVRzGM-uI`@1~Kfj+uG{;HRnEyhw@u3F z#@@L4%DZlR_NYf))_Qa>ky*3q<&vv=XV2qQw)yTO+u-V|zngE*&?|fq`-T4>)3OyG_lcI( zan@AdFzmSet>svC%!^OmQYz&)H_e@7#dzvC=M0;%=1dX%^M+{430H|wwFt~+CG zcVW58_i%~RQ$Faryk6TW(WXC_uhP`!czVi-W6_L{k9+pbxTmcx*PH)3aM$^bihe@p zf-Y`(82as2u*7thl2z>zB0MJh-OpWOb!q$H;!zZJyZ-m4lac2%HnBhRkufopp7-_d z5&v={|82>)!Z;2F1YKC7$|icgwcDV%zIfucBL>gj|GU9^@<@rsjr?<5uQFJ^?7b22 z*Wl$Ep742Z0?n#&f2w>uK4mp;nA4*z7K@$hcYHd!{z85Ma~0!?7Ymq_vo?e~nAB@1 z7p1L@zW?`K?SYEY?o;KHY+i&$aeB*t7oTpa8?U^23C~=`<7($OOLXtaKeDFBlV#n* z$T`kgXv9D>TM!ZV*ix=5X zTJHs3Sv;?4ZSn7^lRy3FQ~Fb$(VBS7V~@V^ZiiXTUv0k2U%jw*t~k&0IDmiJs{>X|Gm;8uS&Xleh8PLFa>ADyL%<%HlW%^c0Xn?c8w4}7nf zdrKwr$J%?d?i|`spwTq%cJuAXZifmVeqm+t-IXpiiGKONRIWt%+V7so-^)Lw zrur?9T6q8RJ@w1^Jt}s^Woi{W3X|_?MIGD!ZjVRG>CPj&AI;tN{M9ZG-9(oD?H`ir zby(dJ&I_L0R`1ggo?rVZ&-8Re!O^Uyqx)xVNwzQE!zF3D{OjyhpQKZCPS}?GIpZdN z^=aT+9*vE=+B+`Jo+mZmtU5v{d)k|GA_rM7?c=k%%zZ*aYrzRwhEG=#Z_fB=E6ZeZ z;dO4lE^ z;wrpVl}zd+WXS9rM^;o;?7Bsz<%#q2 z4o}?3Fd=K-vHbhj_0Ilbt>Ze8IrDI7ZE2)j~#ZBtQJHcA6%uQxt#x@Pee$E)jEbbp43||; zRx5AOk_hi8yiqN;zec_Jb^0d_;}5T*k`{S=%(R%bV~73m1M`l=9<4akqvy?fzanSB zrBcs>lY4hBe*DAf_8}wh#?m=nJ$2bUCo8q&_s%?G+S$AN#kxO9S8CcgCF-x0 zcnF4^dhlS;T@#r(pIKjeKeV3q|N7?}FEcJh7w=R0ms(gMBX}d!Lf=dD9rwpB6{ZQX zTSHA*=9(l}@4B!=LiW(F3Fo?!<@cE`U$=cn%N!P&K(@50A8yW>`$(?U=;^D&8O9OY zbHnqW2NW1u?NGR~`mt|)#*??-I^9;;^ob;%sCWHv{{NSI=6_~IoJzH1e|f1|E+XyR zS%$>jQ}|Y{xwH7|%A-3{K6i$^WOC^iPY|;F>8!Nz#hz=+UK%`Nl;Ay=c6DmXyJyVn z*!EOhmlfUo^HbC&rU!o}TK`|9x#ED>l%vUUr~SSjvnp=)*_tSKf5YE3(;~v7zFp|~ zRWw=U(VH#BQuUr?0fHT2k7NCm)_>-1$)CB7dsYzNzWXbtT{aUlQel|StFL@#=~L#d zk$%1Wp38MJomN)~zno(Q;KSWf`H_ZEcLFn_0bxoN;o)>>wpFXcPL7OL4 zTQfFzUtP?lX)%$uuS+zO{$|c(tkG&69VMFBh0UST`%6Ugh*t)jrnP+b>II zmEW$b+NLsL{)|m?ewjrIUkKVPD09Q`-~5~LzCq9S9WL50A=q|iTDQbKtEp@M{0P&K z%6OqQ=~!F1<1Xgb1!b!nxFUWyp88~x_bntpbm{?d=ZjbF?BGx|R5eg$gN&WB9|yf<4b6K>mQ!EiF=fT zBwm@#el~03G-3OxSIge^*L?Og-_qV4nl9I{Y9{LjzDvI+n-ooKlfT5Id-A354n4Cw zai0I5r%D$q$bA#6u<`iyGv~#^A9q!nj-1`mEHS6*#iFE))v2>n&nF%c@ARvmTH5;X zk==O*FQM;6{wMbbt`ISgbvpl|d~>krmhZLq#eRN${b*ZB^uC={R#RUv&RO6akZQxI zq+MtGe8#z`ult`mXkRejs3dTE;{!EI8OM7Ur4O)_r9AKm-2P}`yr*teM|+~w{+VqN zx0-h5bZuJHe8yMisfNkb%wLiMBHAj&$LsU5)xwUgTmSma+Ln{uR?fC2=l)x~xbkgb zirBVj;d<^G`A2q+pO-9G$U5|E8ZDO1L(&&(F(d68jD>W9~XICEb)EmnhPm*^}o~C^4^@JDRwP^bM<{W z*5z|d%lh?1ZzxX8TW_wHQMW)Q+1Yn3f!}kr?rFmCku;*-rRC3OHHATG*Dz0i7R+@L+@YwTI&$s?$UG}#huNQ1co^8oc zdRe2&%|NbyqWTK<=k?3#CqCG?=~xp__l7;o-nj|b^;};&YsGT;(!i#AvFn9D_jEmZ z{-V|NZ-sfp94&|IeYP#x7w-HvE14?V6(nvzSW*HCb>TL+xkFG*Rfg3r1P%y zx;Il3`JC5uE#u)`wf{kqvsBii@4{SJVn2dswoLT9uvY5e?FHG3PyJVwY|p5VZ1}R& z;ab6?wAW&Za+Yx>3PI<|Ph zfn#qDON&Vt?X&7|(wV3FRwaF28pm>rPirM-CH<09jCmlh5b<-rvxcVC*-Ix^sYlH7 zQFeRnUf7+oWx3LvIo)q%Hl!Qu+`s8~y&tQj%x8n&IB;uHP7z6&mE4$GLIvv|UT z=No%<5BV!FYvszbZcVd3@n`-|z9TOsZVq&=hy1J*22Gq`7^jcY8let@6C-7FOZYs%L#Xrg81)`FTn_ zPo=)~)z|FMVqVC^7cF&Q(a*g%p2e&_^ze6-(^>>n#Zxys-usdg!TDM+rljS@8^Pb(&gd+B(_T84=i20Y&6P8*Tukpz=nG!)m{H|J z{KMt9wNn{(C2V-YDRk%9)P^q)Y-~7$#*XG~L3Gi2#UZoZi=KTG> zyV|W?+F3K#>Dmgc7A!b=G)S?as3YZ$T~oZ-r0z2-w=c11eqj@s%RKe}sls!~`#p`K z*2{DLSom|bHupr$V|?{fe2Z@On55MRINXtvpL+7>JJE@6yE%pb?{IW^vWj7S`lf?R z^cW6!c+M-D@zwJ30qeXA*$cR89c#FwKFNJ6G2F(~@_cie^BtG)6*3(E6Py_e)cp95 z*fV+t%QU|iop*oluggnA;UH4v`^H+S*-gl}cA7%fl-u$u2`SYs(^7Et)&zWx%St=kc5XARs z!mcyX+6v`Um>dr@UG9IMc(nM?<_mxRehr;?Z11Hx)rCUyv;VB%+Prv1+A0z5rFS+h zo_H?w$j)hVLdDOS&XUji!pfq$G`!E*sot$dxPF>NC$FNW<n`V>!=a76(W7RBO*T$!5pEy+AV!uvb%-nV;i8ncF(QT_; zPi*|Z>|e7cfpfLno2tEsrng=T36A-mF0x@xb^Q!}lhkCPF2R?5-yYsfzZLmcMZ8(j z>eO*{p_JkWwOi}D{-0Icth;Rbj&^O)hrbp-F*JXbH(RkjB2;C@@#T--CiqVm)~{&~ zxzynPLAXQm$_yc9lU7%eSMlE4g0RaDCjv{4DI(f42LP zdKqgzy)!;sTHE1mGnhG|{26MY^D}gp zw3GXRpK^aiGuOq=;9d7ecd68(4JL{c(^CHaRtna!ojk?T^%OV%hg04g*G~U->T1Sx z>3ZP>?2?acyA4~bQ=ZMwf5nm&@myufMnAt@{vPfZ z3eP{TPxzF)w}0shQS}SL>$&dUIOgc)E`5I0for{q^+j8m#T8~cy>Y49&tdQ+y<)nx z3PZE0->KVHsiAWBn|CE0cp+v~aBB8S=39TwlWjDs)6FCf9ncbcyIU#bcEZV$o@2I> zN!_uh8ozn|`opWHv2^w9*<>VZ4o&0nT!vHhj+oH?4b=tK4SKf{geeQ+-!Y^tssf?`j=zRA6&cT*?(WiB5H+|a7`l^>l!$|Ks ze};6*fwWf@9J6g!S{HwMy#2+*iAMcx9a;;x6sp_WG7v%#6 z209HMHq&>XzjtQy#n|1vjV8P2_dfTjJ9u=(hv#eCP33ldXX;XI?LNd(d#b^Io1huX>QkOu6}@oGJ9X_?)5AjtZy9c!zU&#>AOGi0@`V@c z%(Uh-1uoZ%+mhOEx#H54**Ce@{@*K@QrIEglUAeRSYUrWnLY7Y`qtUb)7Wn*%+)Gc z%Rk}fF3oQO-yTV1tCY<9)v{O6S51ZQ<>HBUZzd-?&dlGynW$pH^k$;>=JZux^L!iY z_lkVzew6C*ZH{?vl$WU9-;?J{I9|>?_HMGl!{3vq$QQIsd|=h2exmRgtCNpY==0xa zUM36Okcn6wRe7X;;lWQ&Y}ywY{Ce+E#akFUYaXwh&F?8+8E54DxGB>!bpZ$aG#`l< zw(;*Ga_V_F%nOn~J!JVZMebI;#pj$qG5ciS6#uJ_zb93;hJB0HmuHI)Wo&(8`#C!4 z((B4g6DF5KHUqEE`kz0x%&MMyr|O>S41L+RDGA5Sl+*GU<~@5Zajg3Uhsg?U zoyxq13EK`|I@5eUSM~_=`xC5-CNWK^XU#ab^~D+ii!kY}+J!RPO#! zlma$QJ#&dd*T-qElFahYWi+xK+CD*#`B{BX_|ej0F8$|FowX{y_{m`+`}^qFt%%ZnA(opZgW*;@QMWE*!X z_0y|&agJ#-z?7QH?c>aq>#=9zJ_wDcd4L#-l zO^&d%h%D%tu`8X;^2e{L?XLFq9Ua&GCkCtzIA5@S-d6Ry!FPQ&>lg4wO@FABoD#Q} z?WE`2jmHB%xnI4Jru{hAm-!IO@ha}Mxd+Af?unanN?Z8*{%PKG-YvDvNzb)S=wO+4 zdbQQgsk7b|7QET8*x1Wad}1AA(1S-8<%=KPRyuoa^^~x)P7IE=zVX|xG)zr*JfvPP z%o6X)v8zJs-|5-a6MXoW+eqfk=d5cJKe)Q=^-CMhCl?p%u%$HDQ12$2*fG6$ zN-5K?2woo3qXG83r7oxE#fzIXyQ)_AJsr+BTS-;HuAG8wn&>2|=mVVKg$@3(;B=tvw zLQ49&d$-)O3(j6nX5c7Dt$L>Wcur>W^=GpkSVQH6*ZdNA@>%~sA7{16wmoNSro7C( zaeS?5vf~ls>GcaDmY+If-utC$PvSc7wecl(|2$@$^S^BV?&Q%OvDx_{(-IsbKb(nb z-`itxq()sgp)Hsmn+{+tXF>b<9WUBq)!#kmdu~mwnmLrU~7ca?AVe$DIzP> zez>u1W7^!u@vk~CBh{2ED}3>*`JK7_)^j5w*xLBMTWnW3Xi|J6Tzd86>04Z?ws4m| zIAUJ%>jSg<0k4V`m$oL#E<3`sSYP`{&$Xqd^A11A(Uz!`ZrCDVqR?l|ckkqUlaTZ4 zmN!4KvUGbQAm^W1(2F`(obwuewj`Cg0_EtJf%R=}w=#ClS=QXK7+N;gwy( z(HxeNInOwV-O5*CGvj`<_&dkmIxX1dq_OcZ7})TVlJL%qAf-W14luSq%YV!1DtGx5M2_V%BDx>p?e_4}dI7QF|>&ySt>e4tBH^ylG!vo?F2 zaPNG0?b_0l=OPwOG}=1FJkhN2?IQUrTMLWUMhOU2Eqi~L;hTou;+Olr^EuW1b6j24 zq~hB?X;)qen|AWzEGw>g={uF`FK;^LSah!8Ov2NN+k-#fY(C?AWEM~Mzq+*_S?pIW zdiLkde7ADZczq}HiqQU91%gXWe{B!;QZa5)z4Yp9UyW;cjfjtD)Ab1zvRi%2AKmTW zCq4DfvzI0hZ$Bw|cA;cl-os0xJx$Y!R_krOaBWw${AW2sizP>Ti`4|ae}87~EBC2B zWm9-{%!Oz22?A?9#J27`bpFp&t+jniR)n}5wDy{LTxkn`^~#{{j%G%$y-m0Co!Pdv z>ih?vTgx>U+2#J!dNlJ6BVWgnI+az|GIr1VbJ$>JY*~cX0shs@ZDoFMF1*VXbPtJs zW62_`HPg1icwUa?q*b?>kKYNNT3R0bX3Oz?{}$Kxf7ZOxlb=E}7#?GFo**^?Ung&YmYH%<3w@RNa^~cXdMZVz9DaU4Re{^8q`gnfk z>>b&Yr`z1D{AI3iRi{+XNRMY{wExeqs~ap99r^RM@%o0O=S8(f8#B2~#FNh)3RAlu znfpVo;Of2lE%kHXtTU`x_`+JCblRQQtrui;+r{HfE}ElvZQk8E>;Li^zAXLxy7qKTF_N zUm5B0V>Qpiy$N3{ZT0`I4gQ~=rg1LLE4a6LW!EH?U%$<(_jj&68+YZO*edG{mljOZ zJn1(vWidlKSFm8Il8>awWoy0q7nKvxOHKiT|oMo-HG{cg>lQAd8sB%4U~d9GlO zeHU;+OycV^CR^Fn`XBWAuIrZhO!{THcSrlr_X5*(HfelZzv0H$uQT4R6BqqhDs%qq zEVbvgU`MqfV;w`P(F&m}^uY0w1+VRImr!Ix%F&I`!1wY!eY~qi7Pno;w zCxl|@Cr82PO7&gsowEx$E+iQm^P#$67f)vt~SPE}XU zu_>sSa&5l3(X~Tg|3)$-t+;mo*7Gll=fv~Qiz!-F|M%L=Q#@DB~$ lm8n`^?i6HPZZ`YzZ2f|o*`F9$IINei{$wX+{svTD0sv<`i^u=~ delta 5417 zcmeCxzN+P5&?Fkj#K>&WBr49vsnzDu_MMlJopC{vCgvP47=F5)?Qh-m{8L3^ z%8VH0dns||-{)zA+2I{817?o`yx zdhqrh)Av33X4Ok&d9{7xO8MMlUw58ut5&(7?jVtpQgK3}b@L6w2~CT79|-)?wm!GV zl~qnOzJq&bO@rg7d8?GGxS9`oKV4A2qUIL+`|A7J@8wzate$W6)huU=U)WO1@?F|X z)AhdDfsE_cOP6FclrMJORl1em^naFdz{Ur6zkZQ=!`aohHRNf`U+P~+O+2y=h{HNm#KPBr7amuB-n$S zw%7msBI3X6f++U^r^`ymXB6Gk4OV@9A%a(C-=p*G-tiaDA53If&LX^HZRq}4H?9_~ z_dKbUkfy5DziC>$=S2N`2bo0bc=n&;RC+IKWp#1K!?y}Eifi20S*Z(Gp5T}Q9QdwdG`{y3R2 z{Py*|tS1`3T)Lv(f9$xk-h@Rr6c#w_H~+P9^R&Bta{`<9yls)pwrLV@t28_!!mf5U za>d^6bQJ}w`kC%#^~P5#)*&k z?Ok_~-<`An%5RV>+^uDoX#CEWU;V4Vn(gY_g!7vNoI3IBQjMpx_VA^% zEjhUA<$(pZ6DMgU2=6#vxbs~|T2b*%+3o8p`*%3-cu#$(o4Mkn*WX(+H}C6se(#NY zR>0-g@s%gvObvVASbO8p4CUFeue0lukC%A39s2ji_y1P25Lf*e|HKvCKCiV@ZI&2+ z`4{~vs_(1!83*xJ{oMbOtCeRRbo2TDiowb;(rBiXvYgvSk;Nj7j&Do@Pc%LbPzrPI zH88)*XRw}mCEs7k*2}9e?Dk$#Di`$Z4NK#>3Lla9<8CHX=O!(y+O1l;!TDZO@sU1` z`e%2pXudmgB)0NL)lKh@-G;XIuk~kN>~ZH~-QV4C%4D+pWx0!jKg%xl{A*+Xf8|cK zg;JBBS^a+>dv)_0FYNRFM~iJaB;@$VoqYyZh1$U!`G%K~tb&|X%lB~EWqzGix+7n^ zx5V!~)Ba_bK3#nFWs?%)errxiT@QA_V980pz8$Xr{(l)u(c0BkQ+%R)kG);k|GVqc z&+{28Y@BXiQ7P&B(W-Cgo6fiJV#@l@M;~9WY?s`;EaO9Avr|a=|5;oL%Vr#UbIsww zs=!mHV=P`DVTgMxoz^(9(ER>yb~e^$=3h)MR%az0I)D3UO~{j$qEhL^8OP(Er$}@- zeLBe=Im_7d{m1$XUrf0+XcOlzxn39Z{Dr^sY=^46af6`i~j|I7?4zSb0X zU3snULUG>94#IB)R=NKut77b#7&q;I)2UO5rzJ%9){9(N6ZHSAK|PE0(fV`Kf5)Fo zbz9%|uf;&HF?+p$AUi13WU$GsVbiPg& z>V7uG`Ha0`D6j3i)c=9ycG~Bl_P>$S+%oI# zC3Eba^LS~(E%lPFNG^Z9OY7%eueK3>^j&5wCwtF@A_WTiSmjmkx>h@c_dG~%ex_&8sEKd zr+4zJ>M8ryZJ(NdfKBQCw0@WT)9D*(mot{#T2&O|vX}35!i`G9ET0u$Z*H1kegA(+ zcWlwRC=vB5^}(r*_Y3&z`J|L0t&7kFoK*I1v~SUgim-sbby=B!Wvio?W;57q0RD zr=eTed8S1(c=RXS{}#lP;ahlk(^d9K(*hD?MZM={b-xvtH0jNry)=5Z{!un@AF;37 z_9^{gF#Pb-$!53NhT?SXOZ925|Gw|`TyUkP&N46g)ckiZe@1$~vpliuq|fo4)$1(M zxw5~gpY`CinYsAAXuIXXZ$}v4xxZYo{naB6J|3eL3Xhv7HE-a#;P)&}t7udG{pSA@ zLzn!!`fS7EMUlegr3!N^EAH>wE%)@z`goXmR@iO{EBKqgt6wgmV8?r3sk}1thvkpz&D?wre|$HU#pG5&TEd-e z4(n!@Zkx&eWPyLXVsX*}`?ck1%dX6fWRqoPZvD{SEBwOv(I4Z7>^Tg|5Fm<}ot(AC1s_aadu_4HV*1E!qNk}@zluv`!j(BHGTTBs6SGfDI;1}7ts%=y zC!t+8nwE3F&Rv;qtXh65UtG}mnN>)`S1$IXBRQIzu3qrJcduu~&a3+t$*_d_J+^+o zQ?^;$NnfbAw&+6P+s^z2hKXNG#OK9rHV5;qU7La`HZpymY(n zPZRF27y8Fz8WMkd&h(sgmVViSdY9ev44Y=>Pi7L4G3;A5AwpX4u)V{rpIWECCcG(m zYvbBiIh!|Qi)faT+Oh4)^Rq1(R_$95s#(}@vMx6>+MY?a{|~6DrY^r7IrmpbWhC^nv8mG$<3NR+4EKdkGTm;VM4GPx5WAQ-HCDBvP-Y7 z>(t5J?0ex{n0-l+_1mna=hI&#cuJu!x2a3 zGjnSi`K6rvE3zxac8q>$<6u)cFVFq^S8Qce)zoS zL)qr=(koXE9Bb+7@K8u~P|v!c5&q`U0nv<--pMXeQLCa~h}OQ#Pcc_0w@K8WHm5XN ztM7vSX3sfKS%vnv^qEyH&K1g%t(vdBWIoT~%PRHrdjB~sn`<0-^zKyS1=1}(?&r9q z%j;j&%Ce?xICZfr-F$y-*wrM~Nrudq>zX_6hV1F`y_WP#{F~5?_eXeL%fGE&wvgLV z^Q@J(Lt^y>!-Yqh{@pcpRPg2fuacyAChXv^rrUEI9W}o_KauwJm&TX%sPT6ZsqC^TNWk=#|9?0xW5T0(VBNBUQ2-YWnLTSk5vm?ZU|nu zF4uf=zeL?^x1xIgB+)-nXY9SFpE|F|ulH=bnBbh(MrU~TedWJD;oXwU)!9!LPT3`X zeS5_Lok_hKF`=3D=XbkKD^oIv%bfdkpGifBpuJ~cFN^5akU!xEOBV3&uB}_j^Ydg_ z^{20Mj4pcLXxSaG@3q1HSB`O$e?^AOOsxDoLoZ6?qx{G2eRrg*(&}yazO)_YDcrd@ z^YXc07nh|rOkG@B;#m0F|8j{~X!d2%Q{EG1znn93-IYA9WlEP%Ob8NS;p~Z>FFYY7 z#^GjBb>fuH{zn=L{Gq*eQ zW7pqapT#Z8H`tt8xB79o-gTVETL1UCUqI})qVqBw({v7nKGotmk$ddp%fpRq2fwY; zT3BJ*wAAL$d?APBVV@T2weua4I55R>f1Rtt^I|QJ@G#3)ZH)?A8~!V;{1kZS7+2=v zV6|B|&>VYf;uS4~u8@ z(O+58SLA+*bKc=%toZuttNe_0Z@!&~NEA<9uXglSuB}kMQ>cgRJJsdyA{bt1y2PKI z-0iDkv|=BhywZBf%S`h#pIr(6`eXKrGf!E)+ziualxGJ1DLi8D^gcuD!)cwoXX|P@ z>`u(spW@G!@%Ye&hy4$lWv*A*8^@m1ENb1OSt;Manw%8ZQPp;DpL}odp*KQti?rQp zxGx`Et1S6f_w1C(q5^L9`z~9*KD#g81Jp-nX<|9CI&!M)*5$8WC}$}dJ74|R_u@={ zQ`WN&3(h82+`Hs6t#|d~$JfM{{+KfV$j6I8&luktrzf0_XlCsfx|e@rrqzReRvmkl z>ScVwZ@M3KF%sUT zxW`iD9A@*uJ*_!l{?qc6-}qPDi+=0;|3Yf0!}DIhr$yhEE_8D;l~daI>Wx{6mCkA7 za8ZNx_U=Nnw%B{L9G$pU_W9J6@@n5dZqzzlaANwu{b}49-_Gc7`7~W$?i9~P*0|+c z)Kp_^AHJSjsI{kC)w-Z6H$OLUt9Wm8{Y>e!_>E5TPnWII53#dM44$@tcmL(N^Xu=V z9uRmKCzB>Ub3@y5@h3Ny9eK;h+8E7~#v0P^ttG>CPx6h`Rlf5{Zl)98lv@6oHd)p% zdeP$WkR4S9HsXhlm5&+HrG9wrX1?@w1RX+5;ISE~L;*Zj|&m3KC;{1+Krv;Bk7JIUhOsPN@= zzr1$8-mb1_>|QEm_x8hPt@uCn$@Wo~Tc-YRtzRfCdG5aV)LUFZemZL2?Ry+7~wRHpVh?)to|ubzcx|NlPb?I$J9ZNGo8;b6z5 zuN$?yew>gDJ!{08Vx>8~{i(3Zg$-5*N?&n(=-*S>{d4hp27%uj?yHuwzqPrV-?BeB zf%(88^I3})>Kthci9Pb>F6)9LXTLaeg~UAk+;~>4;#=g0i*bbxPwF2(yI}kGgowBI z-Y=6~i}iRP%W+*^Q9s+*_>X}gTlDTs)!EW-eQx#zba8HH{C`b8L0&4raz_#0_x2dY z_&xLXZ;82fcHx;kl@7NFjz`%)U6^WPYBc3$)a1@4OSxsU`=cdPCz)wP(Grw^mg zU71-|bd}1i&s1t2J(Jsfz&@w?v$>zG(H_4)#+oUgdVUKvzfNFY5UpN+&_C(5>W?xu z2~Ez%Q1%m_LrOF!@77*^r*%`@>E)(rJio7N7cb*F!?nd|x71CAvI*=iv!tSg*6CFA zbA}wUUVMq=^TqAA&+XLhX*m3Ls`!s}6QAZD+E;9(5H>SOZuKH35%I%!bZ#VBU)c56 zg6rveM@8vHfdPHxL7@|NomFc6R$b3h^~YwV_pZ`If!fYeA)XIX7rar8Wc#AYpniVe zY-X!Ry6Z16-%gt#zU}j`d2^i?&+kZ8aS>@@c&c%p<5i5KN>jwE*hNb}>%V{8q5oe? zC*asM_tIcF<^S&4^UN1dJupw@#=rGZQ49V{-4_mZ+Hk#yvu>_+Mj+ds)(acgANml* zRexA8{*~qP;I_QGi?`jie-f;kcW>rp?eaHk+EVK_r7|UN?O0pj`9AyU3!dK>dnyZN zPMQ8Dedf}CyU+dJHRZK0ChOB? z*Bwy_{czl;YsTGwB4WkLZ(Mc7lJ1*)4V0~3^7&T%J{zv z*>l&X{!Ovm^DSbA5e9|^iUyo)tlE6cOj4{2EF#Q2QfIby>pbWC`F^u8Z{B9Zb#ay~ S9RKrwEco?Z>=+Xh2Lk}UxK{-L diff --git a/certs/test/cert-ext-ia.der b/certs/test/cert-ext-ia.der index 742c68640efe3f1cb31875b2fb1b9da7200353db..191cb1963dcc1c8e830fd5abf99b8f86ed6da19f 100644 GIT binary patch delta 331 zcmZqYXy;HiXkuYDXkvQ3fSHMriAltIZKyliX1&@k*8&*_*|>se)>?>cB8HX8Q zeJYd7r)c{HTT>r=t~vatJXdU)TyNvkEDyG#{^(B}*@?-f*H35!n!M`S|F)hnP`BRY zz?Ym28CE8rWU8kYY|WJnTQBj+@Tt$^*&GZ<|4H22Cbd1&;{@kqxi##I`$TwhrZ1l| zYqpg~UIfqTCYxF9LRH7j4%eTXrIPh0>v83a54^Ihcjl+uKkL8$%GpZi{QU15#!=$DMkWU4Mn(|s#?K;5_0A{La+tsD`d6Rx@&U__q;-cLPh{NV@jjuZeU<-& zGaZE?@w5EbFW7L}t!wkO3rUY1+;UIeiu;n@wdZlZqcDq6_gOWy|4|Q<1Xf%$Vs)D< z>bqk<>&bP2PRvGAiq7qN{z_WM;@r&r>_WQ6@`qYYn@Toby0hV9_{qeIWm6u67dLp+ z=WQuD))~dAxh?!%gxrfIr$3wy_`zFR^3G-PGO6j4Ul{oRe4W5o{a60NGf!vMUE5pF zUE4qXnca=}<>?0McRrnD;+pm1Vzb#1U%$i!!2+RoT$`c<{jR)+_2z&;J{B4 z+th#j3^<_RbE972z>tv?lc_{H}l-`TIo{g$%0bETn# zGlfrg=A9(Z-3PCHeZ9s-TJR0~pH&BspIE)i>+Q~zw+*bPt{aA&Uv;omf=feaLy&!( xq}n@3C&4FJ5Xr(ysA delta 362 zcmaFB^?*y+poulcpozt00W%XL6O%~UjaS!8z$1gAFirhE%W!xd9m)^EH>R8 zmIhYW9}91ge^fvFzea{kpWYxS)Dqwh*s%f$q~t6FS++vPF) zZu2Mi3+m6$P}@9s~u8)5h z>;E_u$VqVd@2+S%-J$T^EM(!ObGn>MvL%*3zSvh*VmL?MuBH9vM9)*3epk=R4mq)^9Tk>uy98?QY3zP1+Cb8aKzE8b0;Bs%#adp0*H`JKSR|5b6iO-S%V?;rf3qJJdL2PTbLhNlHq> z?~11Q^Z(4ym9IJMKDWj5)~~rHmreH?Et}TK-16T3+dSu@h3_mz_Ht^*O$j?-(OxWd}MlO z1b^Oap{yf!Q~I7)J^%cG{b9*Hkw3>Tg;rN{F52wC@?hbk6|5E?kF0NDvXH*ph$Y9kv zY4w!cunSgFS5D<*e)}JOB~Mf3y5aO&`@dYdm%g_Bt4994?CNPn+xZth594ZE^*dXW zKR21ncTOJv@^G$2J9zU03}-O%`0`9$Z8f!A!G5hsV^*e(di|BRyz6c9{1vvUvx?hq zHf6iSBNKka;UKrO2LBN|_e(c#8Q%3--#<;Lct*s8lCJZY@0bbHFop9j-(bx1lhuh; zvBs+KSNOxtyOPrb%N8kTeH2%H)S4vD@TkK;|D%TQ;^yleU(M!l`y7;2n~{5YZL{u@ z=497*?RO^myC2@k70#!1Jm76=(lajc6Kj-zJTqlq@at>fw)(kAmnKHs(LS@6zp3x- MR#&;LIpXza0c(MvdjJ3c delta 377 zcmbQkJ%?M_pow*cK@&^E0%j&gCMFTZ&QoRF>b8bkD;*>?I9CQ9`)mGhqVjD?10yp- zV`F0j<0x@nBNGF2BO@qx@>=Gjo9{5rV5-Na)qt0cQ>)FR?K>|cBR4Apa}y&YgBa_l zyG2pz%x`ohC*5&0_+oov?g<~M{k9i4r^oYc6EwfmpL#N~_4Ndn=q^w1qmMV8pJsNp z@=KF<&g#kct|zTZaCjT*zA@H(&&h|i7o5fYH%C=-rNrtUu1}o(esBMc9ld|M4i+~p z*?QoWT06_>1OMzhE{0sT+SbhcW~DLP?th}b=lU)DKODc+(V4aB+mGE{eXI1B>g(+4 zV-+~J;pO++Q@)>@v|jDnuE<9l+XNjFXI}c#p!w#Hy%pEK_IO_p%PBimRt3Z>S{~Za z`#|=@r^&A;e~3@_Fx(V6QERTuKvS9-eqNJPzBnL2{?&DH$pT=zOrvwX2nNwY^o>GTNK$v-+n zb!E<6)|8unZw>ideyO{=%QeR`eGx2b_+pKdtwmdEUga-U`_aqunT zn*V#oh1R(%WDeS}K3rb(UHy|@AOD{3Gi8o^jxO~|p0wIM&qwp*uHzE%^ON)@{It}K jTe#U+bm9Vg#mjwjhQRy(4n~lR_#0P3MbA delta 331 zcmdnVv6DmDpozuQpov*_0W%XL6O)M8g$+i>*ls1BjcR&w|Gj4YuB6CW6O|`R7#Nuu z8XFrM7)Oco8krcF8yP{k8_#7k)i>BZwYVX^x?SS$`^)wfzKi@DOg>MZ&A!o&#V{f3 z`|_P>;kWOZY;Zm@(N=vWZ+^)SG4`#8p0tXtT&}M2Q*`rOv%2+vrJ0U2FMD?Ka=>}% zxCfTu{7*UL4z(U<>v;T3NXGfY`VOaM71?2#FG|_d9>3mv-{0;2(g@x&Pd-JTo6vQp zzF0}baN;tL+3p5AUa$WbzHjOL4Z5tG7vAR$h~a22X)p`#mA$0;Z}s$j`k{X|1UB!B ziSyU*irFLjfBV^x9lE^V{cjfU>*q*un7+a)%U8uFXFuoeV^VtBPCup3T?o1@rOdR~ mtEA)&$ImAlU+%fEK$r2{v&zmBbIaWVMReLsjWg-=!X>rjsu} z@!hcsk_y|>IH%aLd*1zNem&=uxl1nx{kmSD;8d}oHMXehhr65Mk)?YxyBhC)wQb>% z4RFo6$i1e2mSJ*T3rD z&+l86)A5_XwmrM!-q9Z_;>#r*YCn7rWq-!`Tt?ou$$Y}K+6a#c+MR*Z%(n>_f6L(6 z d7Y2Ac??k_xCqQU&jr_|Pc3CY{=Fxr&&^2slYt$xW=eqz&A*~s%^#sB*9cYN0j jYYW17YC{Wy1JlY(jMp!&V?94}q2~4_O|CC>m^wTF@UD>< delta 331 zcmX@kahyZhpozuVpov*~0W%XL6O%|@@&Ea+KAniK$&l#q-Wu|IQ@nfmMCHj621aIv z#>U15#!=$DMkWU4Mn(|s#&eZS^)tSREAEn8YG-V{d;ipRRneKRl|F~(Z~bGsCCPYC zTI>AB6AtG-XV%S-P5bFR)jB~k-R(@syx3mlNbBtj9_ekrlNh}Ia?ZXP*~Lk(e@+Yh zJ-w%{?>O7m1@>1QtTr0%Ogpt-fpPIm)j4eMPWwCNSPMr;y?B?id&BguPX{8Gl)vVx z&u6K5w>E3{^#3v+w>mNV*XV1=4eW}0dzfKO*MCHj6Mn(ok z#s=m_rcvU&MkWT9hNcki#&cy%^>Rh~S$;0%>lK)DQ*Hfb8;>;?4l8#R9On+*H7PS& zWUbt{xfV@Ijn;wJpUv`{Sk5_N@fVHLTzpEsH<@qS9EmuzkHhTpMuwN-x7StlFi(-# z-#1}~|MZg3hRA+>A-83}7b=-6UelXbXtrqT#3gGZ-(7Lqw6d1XOWM^SCw>3X%?B3O zpMDV~`FF{jm+7L$CJTF#H{DPO_1?)@Ut;OAB3VBoYEqW%l80%&he9Tu!p0*?dBMCHj621aIv z#>U15#!=$DMkWU4Mn(|s#&cy%^=7uaC%<4|+uYnNH+@f6!R)zP_d1oB7P)YIZxHC{ zn^37{xzSF-muJVR5VOfYq~_iY_SEX)^_D)Q=p(JejdU4V3-}Te{lNMIYNxzdL9aJimr$6iV0fSDl6HW0G`wZ%@ zWV608;OhTmKIe6IX!`f0Y_7eoH#$$(EOz}B#_OnS#o;7-`*Bl;_50N<9Xc~u&aw-h zYMifaz9yk@?Nhy7KjuDP=otR!yDYESZm-*n>|A+j3%@XlHfZ^V2T4Bm&b}RKUf=E> jP^EaxpXHR7spH?QfZY#2L`?EpYGb3}S^Tw)Y135z`_qex diff --git a/certs/test/cert-ext-nct.der b/certs/test/cert-ext-nct.der index ad63f1c9477c219ed8f816cafb9f626b6635788d..5ee66e27fc844265ca12451236e8843d7821a4cb 100644 GIT binary patch delta 331 zcmbQkF^5ChpovAopoy7b0W%XL6O#yUd1AU`-07$H*LgqK_hNg_9CgWLojW3KSgJzpC!Lm~!xhw9B{S^TaL*3d@~{mwlA% zaA4O*ukV7&R-z%v&pSnxtN?eM-kC*N&)8aZRB z$^G6>_FFEln#reE&;INQ&;3=N4AWPhy*~e5c+N8CACrHlZS82@!NT}TY=v{~+{3F5 z)rYQ|Ao7N#szS1KgF$))i!~e1lTWr@#;#e{m33!`dC44+DzP_~^Yt-uJZ?Rq=z!PS zE&E!_=Q^p1ZjEE_3^$SOcs^17;;Ab}s}3K`XJ+_g`K9U8PA}KIy5&=@X_%bIZT{i# lOpon`yT*s?P>y30GMC5Z3*O$DHZ93I=y7%V^2tmc=Ku^;lV<<` delta 331 zcmbQkF^5ChpovAopoy7b0W%XL6O)Mfox4xxwK5#Z5_0WdsK@*`&*Wy+MCBb421aIv z#>U15#!=$DMkWU4Mn(|s#?P8e_12eUo34~!HxR2@vPGFMj6>hX`;jw8(|qUqhi5)I zr0$-3@m|>SI}7*~6T7%gVuTKdMX6XFXuK*k~-u1{+A-ANVV7v6l#bIsxvC+7Ls&+5;e@h{u^lXr^rr=6!4?$UcT=iAE7ifo(f zXN3G)5LFTBQk14Q)8DNBn&4!{7z^&#=`q=>L^?|wmoV??Pd*W<5qJFcw&@Gbp8m9+ zFKkNE*F7KjTo3dHx4n{c_4}24M3H^XEp8uyZC68^-kdA^d+hG{WRu;+SKBl19XdQy lDPFF~y5yabw-r4uG#+fY@%ZHuCInK3Zp_<7P$P5PRqTsc`lRS9*LBOPUn?#L^9`C zJ(+Uletm_9`iVRJw&y6I_>33rS?cRHedqVhTk10yp- zV`F0j<0x@nBNGF2BO?fR-e%rsx}hclb^oBV^**2=PIMMdvXS!(s9Qh9ZPcIvN6Srh(_$L>qM z=J$L)?;X`}xqXK8>?q&I{5QU8{;Zg|rQgE3(nH|mh1pE2SnU5zykBys;E>0W+jga{tZd_pHiNaRML9mb2EMTUPh^-8$P+ zKJl#jV%`?449L-I^`_`)7BRoLiZazD`s)xJSwn+(Xc*USd%gOM*fYm7a4jT q*4x-0UA?wse^8113co*n9haCVMgC`E?=bwprgDqbpztY^+YbODV4Y|H diff --git a/certs/test/cert-ext-ndir-exc.pem b/certs/test/cert-ext-ndir-exc.pem index 69dd39566..eda286592 100644 --- a/certs/test/cert-ext-ndir-exc.pem +++ b/certs/test/cert-ext-ndir-exc.pem @@ -1,9 +1,9 @@ -----BEGIN CERTIFICATE----- -MIIE/TCCA+WgAwIBAgIUNPy5nImvNHMmLnekTFdBX87LWIcwDQYJKoZIhvcNAQEL +MIIE/TCCA+WgAwIBAgIUM9awMAspUpiIVdq72fCHAfLMJGcwDQYJKoZIhvcNAQEL BQAwgZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv -bGZzc3NsLmNvbTAeFw0yMTEwMjYxMzMzMDNaFw0yNDA3MjIxMzMzMDNaMIGVMQsw +bGZzc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGVMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjER MA8GA1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMM D3d3dy53b2xmc3NsLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0B3b2xmc3NzbC5j @@ -18,12 +18,12 @@ gdUGA1UdIwSBzTCByoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZukgZgwgZUxCzAJ BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP d3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3NsLmNv -bYIUNPy5nImvNHMmLnekTFdBX87LWIcwDAYDVR0TBAUwAwEB/zA2BgNVHR4BAf8E +bYIUM9awMAspUpiIVdq72fCHAfLMJGcwDAYDVR0TBAUwAwEB/zA2BgNVHR4BAf8E LDAqoSgwJqQkMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMA0G -CSqGSIb3DQEBCwUAA4IBAQCOsVInwF8jwAT/YzOZppX9UfOVKxRkJSaXWLKyskDY -NKsq2nY1bxn4QwZL7G/Blq0dBCpaW7wkpTrkeSOrYCtl+nkdNA+I40ek9W+M889L -WoDTh5gbm1pN4w/Y9Sn5eJG0jzg7eUgQ8dCbAqoEP/6R33TccMJIxG3eT9VeZSag -bra51uVAfZuU5ec1EHomC2QdFAW6ekf7Bk7mejkhkA4EtM0784Srjk7azYR3kc0n -ow2o9qwtA6lQnGmrZO0AArXosFW/MuZzBEIJxRCkATF/ZxMpAVvYb9h26GguiDu2 -B+LV1qS/UnQfqE78jojSA5JZ/wIHiDHwBiTaBTBx5Ub4 +CSqGSIb3DQEBCwUAA4IBAQCbVBEy5LE93aKVrKDFikU+BeGc2sTBTB4K51PmN034 +4nIB6Y4D/+e076Jeoso6HNCIFtSCq139IKPsMSg1DxR1H1pPIW4DGU6ksI/XPEqI +uwKJWHcFrLftzWEhW7r1MehxWlUEoET7W2Zt3LOdAhG8GGSAiUOpnBRpnDrklNTf +eEgnyNyPPc7wDQSmQx9nGabx7sEf/UlOAovVi0+IWCs3Yd0dOceZE0kyBhISiwrt +hUPNfTA+wQisRALpXMmGhdDwN8hGGUNRHyQx2fZiYLOOiOaQNbx+hDtanzxXCus7 ++kYwvOCihtkvEKQdXg0ZxzMSbIdFSatItRZ8+/3Bwv/P -----END CERTIFICATE----- diff --git a/certs/test/cert-ext-ndir.der b/certs/test/cert-ext-ndir.der index 78fc774cb6263e802bd1118f676ac8a9aca301e0..e0d64e1d32ee92ef975ae15c2144712699c93cdf 100644 GIT binary patch delta 356 zcmaFE`G!;3po!&$K@;{%&zrDuRU~*7@V9bzO+X4mz{g|p{+Xawk1tl zb#M0P$js~Bwkj)Zud9Al^S`w_EnstPb>6om&i`jU;*F2&IJfPel3|cr(wPlODprBZ zw*829303GkxzOi+ZT*@jZ{ot1hU}L7A{w%Jh2X_MzJG*|Zd6at;+cr_$#yws|BaYE(4++*35PKKh~=d8Jy0^09OtxMLNo;kVB|Jc4v z`@oe)PxO75ANhRUy~`_t|2#gGw1)Lj;FV2}nm0Jgg{&2c*3rA`eenj@(o0WypKiXy r_;|LIVa!7wqgRYh+?zZe#@EZhW~4yQay@nO*DWZ&hD?{KMhjC(CbJGA{c))#*x%&=jk~ z8^lI0=Rg31a<@hzspLNNnOYxYHs$Zb?@#T}_UR?=HT6sg{QlQ4Y>wab5 zKZ+||&b=`8{1+2Vi9~^|c3-CmPIva}FAj2*-|x_?E7u>g@04;`NJw)h4ju)dZ&d>R)%ZFuq%J zB4Ymrp^zuP8lxVkvIadpspE1+!Di3bPkZ)P-hHw*@Wh;q(pKj3)ShSe=FC_7>e@YZ t%Ke|k2fj#MIaqi}y1wG6*q?t4vbG*NigvpLnWBBpw7Ih_6=u439RSz^s{Q}~ diff --git a/certs/test/cert-ext-ndir.pem b/certs/test/cert-ext-ndir.pem index c5a545194..acd8732ee 100644 --- a/certs/test/cert-ext-ndir.pem +++ b/certs/test/cert-ext-ndir.pem @@ -1,9 +1,9 @@ -----BEGIN CERTIFICATE----- -MIIE6DCCA9CgAwIBAgIUUjnwSvtRITn8DePk5BV3FpOSt/EwDQYJKoZIhvcNAQEL +MIIE6DCCA9CgAwIBAgIUHPcNvQQcn4x0wu1vUeSMnNXZGCEwDQYJKoZIhvcNAQEL BQAwgZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv -bGZzc3NsLmNvbTAeFw0yMTEwMjYxMzMzMDNaFw0yNDA3MjIxMzMzMDNaMIGVMQsw +bGZzc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGVMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjER MA8GA1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMM D3d3dy53b2xmc3NsLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0B3b2xmc3NzbC5j @@ -18,12 +18,12 @@ gdUGA1UdIwSBzTCByoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZukgZgwgZUxCzAJ BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP d3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3NsLmNv -bYIUUjnwSvtRITn8DePk5BV3FpOSt/EwDAYDVR0TBAUwAwEB/zAhBgNVHR4BAf8E -FzAVoBMwEaQPMA0xCzAJBgNVBAYTAlVTMA0GCSqGSIb3DQEBCwUAA4IBAQCftSer -x/DD+8l32zkBpvuVQtRcEpQ6w7Cl1PD8TaiXe0W9eqKeBmxOgJ+a0kyKIcYSJU5R -K8enk17q1FFiqdgU0lEo3tdOdvfxFyLTbdCVz/Q0KRhhELU+9ZQRl0NOj3NSRR+/ -QI0tHo9UvsojdlRUW2LTaVdHAz8yBp5dC73KM/7Y3bS4q8MDjVvXD+TiJdfbcbQo -1eBm5eEsmoYQoOqQAt8n9bmEAe6syFi/sBJU5PqBWuNlBVLlySxEzCA8vPXyvL95 -3eStUcicaHWFA3dljObenJ8m9UWLlZTf+XPA9BrUwXHSG3945Rb8/gAdPUgsIT67 -UQJbTMyGRwalE97X +bYIUHPcNvQQcn4x0wu1vUeSMnNXZGCEwDAYDVR0TBAUwAwEB/zAhBgNVHR4BAf8E +FzAVoBMwEaQPMA0xCzAJBgNVBAYTAlVTMA0GCSqGSIb3DQEBCwUAA4IBAQAy60gs +xDDJmRelfBX6PkdrwrUs7rZilqrem/NZaddLPSSoPdcl9SZP2rtmULN9e272Ygn/ +zUhfM8S4zrb+IjFSRmLMsGIkOlGmtvhbRFUgicmhTN99f6zk7F5WpVS7GfQVVLOo +EdH8Tf0Tal76p25ixMVwwHBPCwsEeZ4kKu2uchYgUUOcSoBisdKFKdGQef5txmt5 +QjEVC847CgJQh98armMpl2mTfk/Gvmk/UanFyI7wn1nnrt7TqFP848pirAXiUdSy +4oOwQR5UrRRbLC7dS9HYCqXS5Q3ls9IB45saMVzhDDNlgyGN4hUgdN5aZhtPVzUk +IR6c648yYQsJFEvx -----END CERTIFICATE----- diff --git a/certs/test/digsigku.pem b/certs/test/digsigku.pem index 5de4e8271..3becd8d89 100644 --- a/certs/test/digsigku.pem +++ b/certs/test/digsigku.pem @@ -1,17 +1,18 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 16393466893990650224 (0xe3814b48a5706170) - Signature Algorithm: ecdsa-with-SHA1 - Issuer: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com + Serial Number: + e3:81:4b:48:a5:70:61:70 + Signature Algorithm: ecdsa-with-SHA1 + Issuer: C = US, ST = Washington, L = Seattle, O = Foofarah, OU = Arglebargle, CN = foobarbaz, emailAddress = info@worlss.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=Foofarah, OU=Arglebargle, CN=foobarbaz/emailAddress=info@worlss.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = Foofarah, OU = Arglebargle, CN = foobarbaz, emailAddress = info@worlss.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de: 9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c: 16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92: @@ -32,16 +33,16 @@ Certificate: X509v3 Key Usage: critical Non Repudiation, Key Encipherment Signature Algorithm: ecdsa-with-SHA1 - 30:45:02:20:1e:4a:b5:ea:29:e5:e2:da:d7:89:26:58:c4:43: - 23:da:9d:bc:a9:7c:2d:28:db:e6:a0:41:63:a0:c3:3a:bf:65: - 02:21:00:db:c0:7d:8f:e5:cc:0b:2b:08:57:c4:ba:dc:86:8c: - e6:da:ba:2e:b2:fa:7e:0c:b0:26:b8:c6:a4:94:12:93:2a + 30:44:02:20:1a:aa:25:f0:ec:0d:82:58:6d:5f:fb:ad:5c:5b: + 76:a7:03:94:6a:0a:29:b7:56:ed:32:fd:9e:21:e0:09:f5:08: + 02:20:6e:0e:f3:d5:84:70:d4:89:64:e1:cc:87:1a:c1:e4:b5: + c3:96:fb:c6:a4:23:36:08:8d:47:48:cf:d3:fe:6b:c3 -----BEGIN CERTIFICATE----- -MIIDKDCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT +MIIDJzCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYD VQQKDAhGb29mYXJhaDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZv -b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTIxMDIx -MDE5NDk1M1oXDTIzMTEwNzE5NDk1M1owgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI +b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhGb29mYXJh aDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZvb2JhcmJhejEeMBwG CSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D @@ -52,6 +53,6 @@ MKGBl6SBlDCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAO BgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEZvb2ZhcmFoMRQwEgYDVQQLDAtBcmds ZWJhcmdsZTESMBAGA1UEAwwJZm9vYmFyYmF6MR4wHAYJKoZIhvcNAQkBFg9pbmZv QHdvcmxzcy5jb22CCQDjgUtIpXBhcDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB -/wQEAwIFYDAJBgcqhkjOPQQBA0gAMEUCIB5Kteop5eLa14kmWMRDI9qdvKl8LSjb -5qBBY6DDOr9lAiEA28B9j+XMCysIV8S63IaM5tq6LrL6fgywJrjGpJQSkyo= +/wQEAwIFYDAJBgcqhkjOPQQBA0cAMEQCIBqqJfDsDYJYbV/7rVxbdqcDlGoKKbdW +7TL9niHgCfUIAiBuDvPVhHDUiWThzIcaweS1w5b7xqQjNgiNR0jP0/5rww== -----END CERTIFICATE----- diff --git a/certs/test/gen-ext-certs.sh b/certs/test/gen-ext-certs.sh index cbaa010aa..badb1b4d3 100755 --- a/certs/test/gen-ext-certs.sh +++ b/certs/test/gen-ext-certs.sh @@ -76,6 +76,8 @@ nsComment = "Testing name constraints" EOF gen_cert +rm -f ./certs/test/cert-ext-mnc.cfg +rm -f ./certs/test/cert-ext-mnc.pem OUT=certs/test/cert-ext-ncdns @@ -105,6 +107,8 @@ nsComment = "Testing name constraints" EOF gen_cert +rm -f ./certs/test/cert-ext-ncdns.cfg +rm -f ./certs/test/cert-ext-ncdns.pem OUT=certs/test/cert-ext-ncmixed KEYFILE=certs/test/cert-ext-ncmixed-key.der @@ -133,6 +137,8 @@ nsComment = "Testing name constraints" EOF gen_cert +rm -f ./certs/test/cert-ext-ncmixed.cfg +rm -f ./certs/test/cert-ext-ncmixed.pem OUT=certs/test/cert-ext-ia KEYFILE=certs/test/cert-ext-ia-key.der diff --git a/certs/test/ktri-keyid-cms.msg b/certs/test/ktri-keyid-cms.msg index 6418c523e860926cca82c417d3b64b7bde121689..49b6e0a9f39826cd1cde30e5df6a21e6099cb1e6 100644 GIT binary patch delta 288 zcmey(^qXmdU;XqZ{uRrY^u6FYDz0X`>`LRS$P=mT|1)k)s!4V&JI=jorsYJYjZEj9 z{pG5BaujS|Z+6e{zUAGQFXz^2viR+ci3JO-^kr0jANvq;@XB2U&39b+lQvtto4RPK z+R+us=d{&c9e88z9iw_m{oI#um4mf6-@QB5AHMQR-mY#R@y+ji>YrVk@NUH|!Smer z4A%XPes?I8i+@jx_WQW+AKuR>Ut62zR;krqX#Ohq=8x~OVbYT>u9hpQ(ie=dFrWXd zV$O1|FYBjeb9yrsUzwrhFZb`VX9taB?~6~^*QWYx zm*%dmGK diff --git a/certs/test/server-badaltname.der b/certs/test/server-badaltname.der index 4a1fef0a6d6ce8af67c9318b51fbc0240009cc9f..d76e09c1638896357aa7472b1d5e817467a3e655 100644 GIT binary patch delta 331 zcmdnSzKvbkpow{tK@-!g131yjY{SXZ6!l6P0I48X6fH z7#SOw8<|Fl^BS2LSQ?r_xErrMWUSxSmuT>Pox-*qt4n5DcRmpB|I&N8agz7ezd5V& z%6A8*e|nh7vDLmZSv#hcQ~#f`nWoiQeJj4J|CMty-+cSxsU`KEE4D1adk)K{f&!;? zum8MqI&nYtWR0``b03}w)~5P4GG{LMrhjw4eelgGcFnsJb@=A^xp)i5PBzVAa&Bs< zzZrQaCTe4{VA6$Op{;8;4Zbtoe#E%-qrsQ2n>;@`oDMpmvRJa{YcDlAI*(gVyDNbILzBxl&r(J1pv|Mm*oHe delta 331 zcmdnSzKvbkpow{tK@-!g1P?NyhbJl#)gIv?#62m8SA^>=PWy>vwq9+lW%<<_FQOo*!Zq!*Y`=g{kJ_^ zY&WxKeUFgnfj}R(71Oke7MdpbKYH{q^U>$y$2aa~46#`eyQWOa!LL^Z*t=&yevlbpMWvdn2U{QE4MsBAvH)mhfb?5zM;jD}yk2bV7v5L)J<1^#Ef0@;z z`nlUemVAEkQ(iDtYi{b|Zw($7J_>$rTY0YMr?KQNq3iX!9@CEs9k2gA%h8dwrRt6M zso%HwbnCONy_I-;CslXZY0s=~%+b}}lwmegc3OyUTV=z2d%1%WkN&=0z4@iO(YK2! mTbG%vR+xD~K-)Xy>4Cdz*TfjQ9DRA|id@^Av{bfT>wP#mDK>E=TOjMpFX<%k( zYGh}h6_slJM)E{Jpw<5yL96pUbA{G7x*oKYQb})Nxsu1E zm@T03#Gy6%Zp2K#i!TLFUXnQESMx~Z$N4Q)59+@?UVowM-h(T*QcWini9b0bk=Xn9 zef^w>KT<9N(wYHHKh%!ATitbI#h&zeGn>s%f4HN%VHfX-Ek-w{-knrt_(*{}^}zB^ z;)1rfD?Tf}%INW%t{=VO%1aNgSWneG3h$O`e$kxXdoQe{LSyUW$7xenIqo>%((%~% ozR{$=EK6@C_#e=Bd9l~@T+xMcjcOU@80NJ%g0inJV0vW&09VYN>Hq)$ diff --git a/certs/test/server-badaltnull.pem b/certs/test/server-badaltnull.pem index 4ef1fd994..052a83be7 100644 --- a/certs/test/server-badaltnull.pem +++ b/certs/test/server-badaltnull.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 63:8b:eb:7c:a5:8c:1a:1f:c0:4d:d2:f3:36:90:e1:89:6b:d8:95:a0 + 7d:7e:04:a2:9a:54:cf:b4:eb:a5:c2:da:a1:23:f2:2a:3a:f2:cb:12 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:33 2021 GMT - Not After : Mar 11 22:02:33 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -36,27 +36,27 @@ Certificate: X509v3 Subject Alternative Name: DNS:DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68 Signature Algorithm: sha256WithRSAEncryption - 80:b1:67:53:d5:5d:8d:f0:a1:2a:31:ce:ff:9c:16:01:93:f9: - 10:37:8c:bf:e1:26:b7:13:20:d4:19:df:c5:b8:cd:2d:e3:36: - 37:d3:9e:14:f8:16:35:eb:f3:85:ba:5a:65:3b:ec:19:c8:50: - 51:3a:ff:d8:52:ab:6f:49:6d:12:af:81:45:c1:39:1a:24:67: - 84:04:d4:6e:02:21:6b:10:28:e4:40:85:5b:dd:58:99:4e:d1: - e9:11:c9:d2:18:c2:4e:7c:e2:14:f8:cf:b4:7a:e0:7f:f6:e3: - af:d0:8a:de:e0:d4:da:65:35:92:72:17:e4:cc:18:61:8d:fd: - ef:9c:58:fc:1a:44:10:1b:29:50:82:f8:26:c4:ee:ab:8a:d8: - a8:bc:67:9e:99:83:37:cb:f0:dc:25:b0:ba:0d:c8:b4:32:d8: - 95:dd:92:76:31:e2:20:0b:65:c0:a7:f2:17:11:3d:db:78:f3: - 21:ea:68:8c:4e:97:2f:5b:b0:d4:e9:48:4a:5d:49:25:bc:20: - ee:a5:29:f4:29:97:8d:de:56:74:78:28:b5:e3:e3:66:95:aa: - 41:b8:c0:44:88:e3:33:df:32:92:fd:04:a5:da:60:4f:c0:2f: - 44:e8:bd:35:ce:72:d0:77:28:7b:1c:03:5c:03:ad:d8:52:6b: - d5:a0:ea:34 + 09:42:2d:4f:4f:37:f8:c9:15:e0:99:bf:46:ad:6a:86:5c:30: + 4d:4e:40:13:3b:23:89:d9:56:0a:34:88:ba:c8:87:d9:04:81: + 7a:f7:d8:59:6c:c7:fa:e5:48:52:6d:4d:f0:4a:e6:77:ac:44: + 1c:82:12:ad:2b:ca:68:27:85:f8:07:34:85:02:28:91:97:45: + a0:ec:e9:ba:4a:35:1e:c6:c7:45:8c:00:d8:d5:80:89:ce:f4: + 2d:4f:68:1a:10:dc:8b:5a:a3:5f:73:17:c3:44:1b:74:d2:a2: + ef:bb:1f:65:f9:56:50:ac:1e:44:1d:26:55:b9:ef:3c:e3:c6: + 63:16:15:14:8f:7c:48:39:c6:d5:d3:41:48:90:7a:34:31:7f: + cd:6b:db:20:a6:72:1d:bd:46:da:b7:29:f5:cd:4f:77:67:85: + 01:c2:2c:40:1e:e6:59:4c:a9:f3:1c:79:72:15:6f:12:4b:95: + c0:2d:5e:df:91:6c:5c:cb:76:86:04:b8:65:74:40:dd:af:1c: + 49:b1:57:c5:31:f5:d3:7e:36:ea:bb:a4:fb:2c:08:ab:fe:fc: + 0e:fb:d0:89:3c:6d:4b:01:60:e1:f3:47:9d:f2:49:6c:e2:61: + a0:ec:73:81:38:ef:48:86:6e:e9:ac:bf:4e:cb:7a:f7:f4:a4: + 54:0c:24:8a -----BEGIN CERTIFICATE----- -MIID0zCCArugAwIBAgIUY4vrfKWMGh/ATdLzNpDhiWvYlaAwDQYJKoZIhvcNAQEL +MIID0zCCArugAwIBAgIUfX4EoppUz7TrpcLaoSPyKjryyxIwDQYJKoZIhvcNAQEL BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0 -Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDYx -NTIyMDIzM1oXDTI0MDMxMTIyMDIzM1owgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI @@ -67,10 +67,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE 4eZhg8XSlt/Z0E+t1wIDAQABoz8wPTA7BgNVHREENDAygjBERVI6MzA6MGQ6ODI6 MGI6NmM6NmY6NjM6NjE6NmM6Njg6NmY6NzM6NzQ6MDA6NjgwDQYJKoZIhvcNAQEL -BQADggEBAICxZ1PVXY3woSoxzv+cFgGT+RA3jL/hJrcTINQZ38W4zS3jNjfTnhT4 -FjXr84W6WmU77BnIUFE6/9hSq29JbRKvgUXBORokZ4QE1G4CIWsQKORAhVvdWJlO -0ekRydIYwk584hT4z7R64H/246/Qit7g1NplNZJyF+TMGGGN/e+cWPwaRBAbKVCC -+CbE7quK2Ki8Z56ZgzfL8NwlsLoNyLQy2JXdknYx4iALZcCn8hcRPdt48yHqaIxO -ly9bsNTpSEpdSSW8IO6lKfQpl43eVnR4KLXj42aVqkG4wESI4zPfMpL9BKXaYE/A -L0TovTXOctB3KHscA1wDrdhSa9Wg6jQ= +BQADggEBAAlCLU9PN/jJFeCZv0ataoZcME1OQBM7I4nZVgo0iLrIh9kEgXr32Fls +x/rlSFJtTfBK5nesRByCEq0rymgnhfgHNIUCKJGXRaDs6bpKNR7Gx0WMANjVgInO +9C1PaBoQ3Itao19zF8NEG3TSou+7H2X5VlCsHkQdJlW57zzjxmMWFRSPfEg5xtXT +QUiQejQxf81r2yCmch29Rtq3KfXNT3dnhQHCLEAe5llMqfMceXIVbxJLlcAtXt+R +bFzLdoYEuGV0QN2vHEmxV8Ux9dN+Nuq7pPssCKv+/A770Ik8bUsBYOHzR53ySWzi +YaDsc4E470iGbumsv07Levf0pFQMJIo= -----END CERTIFICATE----- diff --git a/certs/test/server-badcn.der b/certs/test/server-badcn.der index 8cab7cefb45b1fc097ea5494ce01b99de4c3f516..0d467e8cc4cd91ac1b526271db3750733d87b8ed 100644 GIT binary patch delta 332 zcmbQnK8;=3pow{sK@(He0%j&gCMJ<+o}D?fRc7s(({QRO@`FxK~f4V9_Q$iGxPMKCeN>0;l{SG-I4 z{BIkMn!NmK8};Z`g8Q4!4+mH)HnJ@aFey}r8&hKuAWR1KI?CCPG8fIGWW~fi3_ZlO6mcbl9llQ delta 332 zcmbQnK8;=3pow{sK@(He0%j&gCMFT?{y)Et7idlTxy#6}QiP%C=9}7W6P0I48kiZH z8W|ZF85>85^BS2L7#kWwxErq>V61Q3b-&|_+MhMg7SA~5EqLt1y%&|)Eu4ESnineX zJsvQtZ)N|Bmhy}#3nQYU3q5tOD%Ye-{p(uxZC=*1sMO-;P8BN!dXHr8maUOHu;KjG zCpIpEZQu+af(yj+4r|PJ|?Yvd##{VOHS6kyaA#9 diff --git a/certs/test/server-badcn.pem b/certs/test/server-badcn.pem index 9aeb3846e..65691f911 100644 --- a/certs/test/server-badcn.pem +++ b/certs/test/server-badcn.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 0b:8f:fc:fa:c7:70:2a:92:f9:ba:32:4e:79:14:00:72:d9:ec:7d:b6 + 5b:0c:b9:6c:9b:24:9a:bc:9c:80:ca:7b:22:8c:2e:d4:7a:31:46:ae Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:33 2021 GMT - Not After : Mar 11 22:02:33 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -33,27 +33,27 @@ Certificate: ad:d7 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption - 86:ba:df:88:f4:26:fc:ac:e6:a3:98:c6:4b:11:c6:f0:de:e8: - 79:6b:84:09:bc:38:83:a1:23:bd:c7:50:9a:8e:a9:8f:e8:84: - 77:68:94:a1:58:5a:5b:71:49:2d:d5:23:7c:67:1a:fe:8a:a6: - f6:9e:6a:e6:5a:65:73:e7:42:78:a9:10:8d:c4:69:bb:1d:7c: - 1e:c0:b0:cf:d5:e4:3c:44:8d:85:a9:76:94:a2:b3:1b:b1:94: - 42:7e:cd:ef:da:88:f1:62:a9:ed:d6:70:85:26:2b:2d:b2:e7: - e6:af:0d:76:0c:73:48:c6:ab:18:d4:97:cb:d8:bd:24:8f:bd: - c1:9a:79:aa:f4:1c:10:8c:6d:71:71:b9:1c:2e:49:21:2a:dc: - 33:83:5b:2c:8a:d2:6b:06:9e:23:47:6b:72:12:b8:43:6a:94: - d6:c5:25:df:ae:77:7f:b4:4a:6c:39:b9:47:04:68:58:23:e1: - c1:24:f3:f2:e1:b8:72:27:fb:4a:3e:7f:bf:8b:bc:69:79:74: - 28:8c:33:b0:9d:7a:cb:c4:5b:6b:82:43:60:53:85:87:db:0b: - 1a:e4:83:bb:6c:a3:87:b9:87:42:a0:7f:ff:ec:db:ec:8e:89: - 83:d6:af:f3:80:d0:5d:fe:e5:15:c1:7a:bc:d6:cf:14:b8:d5: - 25:92:ef:b1 + 8f:f5:55:1c:7d:68:6f:d2:73:94:11:61:64:42:d1:8e:f9:ea: + 0d:a5:0f:1f:e3:f4:f6:f0:4d:fd:9f:f6:b0:c5:34:e9:f5:3d: + 5a:e2:da:60:47:ec:89:f0:c0:05:78:b1:06:a3:51:0e:c7:5f: + 6a:76:c1:2d:6a:80:1a:e2:d4:11:28:16:3f:ce:55:a8:a1:38: + 2e:3c:81:57:0b:46:c3:59:f3:f8:a9:f5:a3:4a:97:8a:5b:aa: + 00:f5:05:92:bb:58:4e:8f:cd:8a:6f:fc:d1:71:58:95:05:36: + 90:67:ae:0c:35:16:de:a3:c4:db:1e:7a:a4:e5:57:20:ce:f0: + e4:d2:7d:9a:d2:a0:46:bf:27:16:c0:4d:ab:a0:61:7d:c9:c2: + 0c:42:39:6a:0a:e2:e4:46:94:53:92:34:56:84:09:20:35:77: + 29:43:33:33:66:dd:ae:b5:24:a7:66:0f:d2:99:ee:76:2d:d0: + 81:ff:41:87:3d:af:8a:ea:41:4c:43:62:15:d0:30:57:40:99: + 41:f3:2b:31:16:a9:a2:eb:50:62:0e:d3:4d:84:cc:99:2f:16: + 84:37:b7:c7:99:fc:0d:bd:6d:4d:bf:90:a5:eb:6b:a7:75:6c: + 73:28:45:49:02:18:4c:af:d9:09:97:ac:80:64:9d:f4:dd:91: + a0:3a:74:7f -----BEGIN CERTIFICATE----- -MIIDkjCCAnqgAwIBAgIUC4/8+sdwKpL5ujJOeRQActnsfbYwDQYJKoZIhvcNAQEL +MIIDkjCCAnqgAwIBAgIUWwy5bJskmrycgMp7Iowu1HoxRq4wDQYJKoZIhvcNAQEL BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0 -Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDYx -NTIyMDIzM1oXDTI0MDMxMTIyMDIzM1owgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI @@ -62,11 +62,11 @@ j+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+t Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE -4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCGut+I9Cb8rOaj -mMZLEcbw3uh5a4QJvDiDoSO9x1CajqmP6IR3aJShWFpbcUkt1SN8Zxr+iqb2nmrm -WmVz50J4qRCNxGm7HXwewLDP1eQ8RI2FqXaUorMbsZRCfs3v2ojxYqnt1nCFJist -sufmrw12DHNIxqsY1JfL2L0kj73Bmnmq9BwQjG1xcbkcLkkhKtwzg1ssitJrBp4j -R2tyErhDapTWxSXfrnd/tEpsOblHBGhYI+HBJPPy4bhyJ/tKPn+/i7xpeXQojDOw -nXrLxFtrgkNgU4WH2wsa5IO7bKOHuYdCoH//7NvsjomD1q/zgNBd/uUVwXq81s8U -uNUlku+x +4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCP9VUcfWhv0nOU +EWFkQtGO+eoNpQ8f4/T28E39n/awxTTp9T1a4tpgR+yJ8MAFeLEGo1EOx19qdsEt +aoAa4tQRKBY/zlWooTguPIFXC0bDWfP4qfWjSpeKW6oA9QWSu1hOj82Kb/zRcViV +BTaQZ64MNRbeo8TbHnqk5VcgzvDk0n2a0qBGvycWwE2roGF9ycIMQjlqCuLkRpRT +kjRWhAkgNXcpQzMzZt2utSSnZg/Sme52LdCB/0GHPa+K6kFMQ2IV0DBXQJlB8ysx +Fqmi61BiDtNNhMyZLxaEN7fHmfwNvW1Nv5Cl62undWxzKEVJAhhMr9kJl6yAZJ30 +3ZGgOnR/ -----END CERTIFICATE----- diff --git a/certs/test/server-badcnnull.der b/certs/test/server-badcnnull.der index e84fcc012d976968019296bed845566f6365e20e..f49e48498842109dac75ce805d8caba164b3e122 100644 GIT binary patch delta 332 zcmcb?euG`vpo#g4K@-!S1 z-fe2n<>0i z@V}F}Xsgb~PIir_OA2N$v}$NJWVv#qnC;Y-x&P}nZ*IP0vBdJqit}7orgsB3XHJ^b delta 332 zcmcb?euG`vpo#g4K@-!S1gnZ?`nvL*=@!;YViP_(ao3wVtmP~J5VvZM$VuH$wJ9!M%GW35e=dD8E#@6} zy{hGsbeo9JMmL3y^GkI4KXclpBxidfOZU#1DJS;F=gFF$(M_nhx>74hBlV~_|8Dp1 zT;dDwc>h{p nU$m#~lh?h)iCfOOY0BA_Oj`WI^3T;6A;t?k-R5s&lHdgZwg#8g diff --git a/certs/test/server-badcnnull.pem b/certs/test/server-badcnnull.pem index 52d18641b..fa9faea9d 100644 --- a/certs/test/server-badcnnull.pem +++ b/certs/test/server-badcnnull.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 2f:dc:cf:8a:1c:ed:ad:f7:a4:ac:5f:24:68:1c:f5:dd:82:c5:59:1e + 62:9e:92:00:8a:b6:e6:80:80:c6:d5:d6:bb:1a:9e:ee:1d:29:2e:2f Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:33 2021 GMT - Not After : Mar 11 22:02:33 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -33,28 +33,28 @@ Certificate: ad:d7 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption - ae:86:0e:c4:71:4f:75:f5:12:19:d8:60:b4:80:f8:e2:23:43: - cb:7f:38:16:97:b6:1e:57:58:d1:41:6b:7e:8b:4e:9a:10:3f: - 24:fa:89:23:ba:76:28:ae:4a:d6:d9:35:52:c9:60:0b:70:5b: - fa:79:6d:0c:36:fb:cd:7e:16:8c:e4:7a:5b:6d:d2:c2:28:86: - d7:ea:b2:e1:d9:08:5c:a6:49:12:8c:8d:0c:1a:f5:a9:ce:35: - b4:05:d2:16:90:f1:42:0b:7f:35:40:ad:0e:77:f0:5e:aa:9c: - 14:c9:2d:55:26:94:44:4a:23:d7:92:6f:f3:75:e4:96:5c:ee: - 0b:25:39:a4:67:3c:58:f3:32:d9:12:c7:0f:18:89:4f:e6:42: - ba:22:1e:3d:c8:6a:2d:dc:cc:94:c8:bf:5f:6e:1d:35:cc:2d: - 60:78:d5:a9:2a:52:28:65:c5:17:0f:bb:47:f7:0a:17:a1:dc: - 4b:fa:a6:d9:b7:17:37:b6:d9:94:fd:3c:f0:a6:3d:c1:51:67: - 11:c6:53:ce:db:e3:d7:fe:d3:d6:73:63:15:48:02:35:d1:df: - e8:e0:14:c2:f8:52:2c:a7:ff:15:8c:86:f2:4a:de:a3:61:b4: - ce:46:29:1e:3d:74:92:a3:f8:39:fc:d5:5c:12:01:d0:b9:46: - 9f:b6:18:0d + 64:e3:ba:6f:73:2f:d1:4e:7c:30:e7:8a:c6:97:45:1b:87:41: + 82:31:7e:5e:69:7d:b5:de:3f:00:1f:cb:0d:cb:ec:94:24:aa: + 10:0b:ec:6a:92:ff:3d:4c:47:7a:d0:f8:58:54:31:86:a5:ab: + f7:31:e1:18:93:cf:94:9b:40:df:7d:7e:9b:a9:b4:8b:3e:4f: + 0c:90:26:a0:89:1f:46:95:8c:e3:5b:7b:b4:69:f8:7f:7d:33: + f8:1f:d6:db:53:4a:e1:52:86:76:0b:8e:e4:06:cf:1f:7f:3e: + 0d:df:a2:9f:da:91:bb:a0:37:24:e5:88:f8:ec:69:84:76:b6: + 3a:ee:01:38:f4:d4:f7:71:50:40:14:68:e8:1a:6f:52:84:ec: + 36:46:40:78:65:e8:22:56:d3:22:33:53:df:88:78:8e:78:95: + a6:14:67:53:cc:40:d3:32:75:ea:07:e0:b3:90:4f:dc:69:a2: + b5:2c:b1:89:07:28:e5:a4:70:9b:a1:3a:80:83:31:04:d4:d8: + 73:06:ca:b4:9d:ff:7e:b3:b3:83:dc:38:a4:39:d4:a8:cf:0a: + d4:97:8b:70:bc:45:b5:20:ad:8b:c7:b9:1b:f2:72:f5:05:2c: + 31:76:1a:cb:a8:bb:d2:cb:40:f7:ec:2e:11:ac:cd:41:54:7a: + b2:04:5d:68 -----BEGIN CERTIFICATE----- -MIID1DCCArygAwIBAgIUL9zPihztrfekrF8kaBz13YLFWR4wDQYJKoZIhvcNAQEL +MIID1DCCArygAwIBAgIUYp6SAIq25oCAxtXWuxqe7h0pLi8wDQYJKoZIhvcNAQEL BQAwgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzE5MDcGA1UEAwwwREVSOjMwOjBk OjgyOjBiOjZjOjZmOjYzOjYxOjZjOjY4OjZmOjczOjc0OjAwOjY4MR8wHQYJKoZI -hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDYxNTIyMDIzM1oXDTI0MDMx -MTIyMDIzM1owgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkx +NTIzMDcyNVowgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD VQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzE5MDcGA1UEAwwwREVS OjMwOjBkOjgyOjBiOjZjOjZmOjYzOjYxOjZjOjY4OjZmOjczOjc0OjAwOjY4MR8w HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEF @@ -64,10 +64,10 @@ U7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEu uBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTS ELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0 sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEB -CwUAA4IBAQCuhg7EcU919RIZ2GC0gPjiI0PLfzgWl7YeV1jRQWt+i06aED8k+okj -unYorkrW2TVSyWALcFv6eW0MNvvNfhaM5HpbbdLCKIbX6rLh2QhcpkkSjI0MGvWp -zjW0BdIWkPFCC381QK0Od/BeqpwUyS1VJpRESiPXkm/zdeSWXO4LJTmkZzxY8zLZ -EscPGIlP5kK6Ih49yGot3MyUyL9fbh01zC1geNWpKlIoZcUXD7tH9woXodxL+qbZ -txc3ttmU/Tzwpj3BUWcRxlPO2+PX/tPWc2MVSAI10d/o4BTC+FIsp/8VjIbySt6j -YbTORikePXSSo/g5/NVcEgHQuUafthgN +CwUAA4IBAQBk47pvcy/RTnww54rGl0Ubh0GCMX5eaX213j8AH8sNy+yUJKoQC+xq +kv89TEd60PhYVDGGpav3MeEYk8+Um0DffX6bqbSLPk8MkCagiR9GlYzjW3u0afh/ +fTP4H9bbU0rhUoZ2C47kBs8ffz4N36Kf2pG7oDck5Yj47GmEdrY67gE49NT3cVBA +FGjoGm9ShOw2RkB4ZegiVtMiM1PfiHiOeJWmFGdTzEDTMnXqB+CzkE/caaK1LLGJ +ByjlpHCboTqAgzEE1NhzBsq0nf9+s7OD3DikOdSozwrUl4twvEW1IK2Lx7kb8nL1 +BSwxdhrLqLvSy0D37C4RrM1BVHqyBF1o -----END CERTIFICATE----- diff --git a/certs/test/server-cert-ecc-badsig.der b/certs/test/server-cert-ecc-badsig.der index 401f5b5b3ca4913e450967d9ccfd72fbc07c5249..c025bf90f12dac41638493884b82c52135d2aa2e 100644 GIT binary patch delta 123 zcmZ3=x`dU*powY0M3x=0hDJsPM#cu_My65XyhbJlmWHNKu0dn}M0xwo5{xd49_|bV zE=&qh={w&snW#%&IbvGvrJkke<^PYx;J-lVIQ9Vb*c{Dgf-DDr*1$ diff --git a/certs/test/server-cert-ecc-badsig.pem b/certs/test/server-cert-ecc-badsig.pem index 2a7cfed98..c29745fa4 100644 --- a/certs/test/server-cert-ecc-badsig.pem +++ b/certs/test/server-cert-ecc-badsig.pem @@ -2,16 +2,16 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) - Signature Algorithm: ecdsa-with-SHA256 - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Development, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: ecdsa-with-SHA256 + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) - pub: + pub: 04:bb:33:ac:4c:27:50:4a:c6:4a:a5:04:c3:3c:de: 9f:36:db:72:2d:ce:94:ea:2b:fa:cb:20:09:39:2c: 16:e8:61:02:e9:af:4d:d3:02:93:9a:31:5b:97:92: @@ -34,16 +34,16 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ecdsa-with-SHA256 - 30:45:02:20:61:6f:e8:b9:ad:cc:c9:1a:81:17:02:64:07:c3: - 18:44:01:81:76:18:9d:6d:3d:7d:cb:c1:5a:76:4a:ad:71:55: - 02:21:00:cd:22:35:04:19:c2:23:21:02:88:4b:51:da:db:51: - ab:54:8c:cb:38:ac:8e:bb:ee:18:07:bf:88:36:88:ff:d5 + 30:44:02:20:5a:67:b9:ee:02:34:27:1b:d4:c4:35:7b:ed:59: + 8e:63:c4:8a:b7:e9:92:c1:8a:76:b0:8b:cd:24:49:78:ba:ef: + 02:20:29:b8:b6:5f:83:f7:56:6a:f1:4d:d9:9f:52:2a:f9:8f: + 53:14:49:8b:5f:5e:87:af:7f:ca:2e:e0:d8:e7:75:0c -----BEGIN CERTIFICATE----- -MIICoTCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR +MIICoDCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD @@ -51,7 +51,7 @@ QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ -YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0gAMEUCIGFv6LmtzMkagRcCZAfD -GEQBgXYYnW09fcvBWnZKrXFVAiEAzSI1BBnCIyECiEtR2ttRq1SMyzisjrvuGAe/ -iDaIx9U= +YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0cAMEQCIFpnue4CNCcb1MQ1e+1Z +jmPEirfpksGKdrCLzSRJeLrvAiApuLZfg/dWavFN2Z9SKvmPUxRJi19eh69/yi7g +2Od1xA== -----END CERTIFICATE----- diff --git a/certs/test/server-cert-rsa-badsig.der b/certs/test/server-cert-rsa-badsig.der index 041eba29199388428e2f4ae51190faaf4d0ceaf6..0a680446212f8849505389185d4133aac7d4a523 100644 GIT binary patch delta 358 zcmaFJ`G%9jpo!&$K@;KZFGP1fFG%-3( zp3bDmbA^pLR92a#@r*&^$;n5Uwup+AOn%u-3Utb)V zA3Eis#dC!yK{xjmnu6kNl42D~>qCCrG)h#nw_LsC{`++oxX);>pIR_sdhi*^+)utf zzn;vk33(80EiV`3R)2HXf(g5F@7tz-m>=YF_+gsaox}*iT|PXAG;e(uc1_qMSUK@+ z&HU~4F^@El$?dPWwg2MYIp6)19~^$4zb(C{{<;s-)xGKO>UbV^-mXlPyAc2NMVg0I zXvkGDAp?e!ZKV%R{lqo3LXS)ndj5CI(qSg{zZqRG7B24_Xa4d75V@Ad;e{#k4Gqj8+>KZFGO}73G%=b@ zp3bDmbCQiYR92a#@t{HDzR5?Jws3JWth#K!MuN-ScXBUte7!X9GMCA`d_1NaY7T~% zUaR@IM@#-*`_JmDftAMfRhdgfpR46Qnt2Q zlDIAB)V_xs%0ItpzS<*O-&)^Wa^j7g=bLb^Gk+gh*@XnGOFt{VA$@6Z{b4@4v^Nn_X2mfzRkO&8{Rb4Vozdu+5rugylOH2mWx` C6P#ZF diff --git a/certs/test/server-cert-rsa-badsig.pem b/certs/test/server-cert-rsa-badsig.pem index 26acc60e4..69de8f60c 100644 --- a/certs/test/server-cert-rsa-badsig.pem +++ b/certs/test/server-cert-rsa-badsig.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: @@ -37,7 +37,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -46,27 +46,27 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 1b:0d:a6:44:93:0d:0e:0c:35:28:26:40:31:d2:eb:26:4c:47: - 5b:19:fb:ad:fe:3a:f5:30:3a:28:d7:aa:69:a4:15:e7:26:6e: - b7:33:56:ac:8f:34:3d:f3:21:2f:53:58:91:d0:3e:b4:39:48: - bf:93:11:74:36:d3:87:49:c3:34:0d:30:30:ab:f4:4c:27:19: - d5:c4:0c:ad:49:bd:91:f8:da:9e:c8:2d:2a:ac:e2:75:8e:aa: - 08:d9:bf:65:ff:a3:b1:4f:f0:60:6f:4d:95:c4:06:7f:af:66: - 6a:23:3b:3a:a4:61:b6:6c:ca:be:e1:b0:77:f3:ec:83:d5:8c: - 1d:85:7f:8d:74:c8:ec:1e:49:ec:57:4a:cc:fd:e2:3a:3e:54: - 50:ae:67:cd:17:b0:67:a5:53:7f:c3:0e:3e:a7:58:e8:df:d5: - 0c:f2:64:f3:ad:12:70:e3:b9:42:bc:08:60:76:d5:0c:a5:31: - 77:50:e0:c8:f3:3a:3d:45:cf:32:75:ef:10:dd:b5:ed:6e:d2: - 2d:57:82:95:38:bc:7d:54:c4:84:5e:fb:7e:83:f5:f1:2d:9c: - 98:ac:73:e3:a7:d2:02:30:d6:1f:06:1e:d0:dc:3a:ac:f4:c2: - c2:be:72:40:9a:ea:cf:35:21:3b:56:6d:e1:52:f2:80:d7:35: - 83:97:07:cc + 73:59:6f:55:94:e1:38:e7:20:5a:11:46:47:a8:29:11:17:06: + 19:16:78:22:af:54:f8:d9:32:61:26:3f:39:ab:a4:df:ef:ae: + d0:0b:cc:2b:af:95:70:90:97:53:cc:19:6d:f2:4d:4c:fa:e4: + 9d:7c:54:e0:5b:3b:1f:1e:52:46:7f:d9:ba:a0:90:ba:6d:df: + 3d:67:f0:9f:52:44:c3:e1:66:36:dc:61:58:11:ba:4c:0c:c2: + 29:da:f7:13:45:60:b2:11:79:91:ed:7c:9f:b7:7f:5c:e2:29: + c6:1e:bf:78:da:bf:d1:bd:9c:f7:4e:23:e0:c3:ef:6f:b6:67: + 7c:d7:4c:02:d5:bd:67:ee:7e:0c:e3:89:db:79:61:1e:d0:5f: + f5:e8:66:48:3a:55:54:d5:16:12:30:00:c9:86:75:e0:c9:ff: + 38:74:ce:c8:c7:fd:ef:96:d8:55:96:71:35:62:db:34:c5:2f: + 07:84:8a:aa:1b:1e:77:50:0a:20:3b:21:4b:06:14:af:78:11: + a2:41:c6:5d:0c:70:e0:52:b4:9e:4c:86:ab:5b:a3:e0:8f:a2: + c2:1a:69:70:80:3b:bd:50:23:26:72:4f:fa:fd:df:ed:85:32: + 2c:e4:ab:3e:f3:a6:d0:1d:db:33:6b:69:8d:99:b9:b4:34:4b: + 79:a8:16:68 -----BEGIN CERTIFICATE----- -MIIE3TCCA8WgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIE6DCCA9CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP @@ -75,34 +75,35 @@ f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq 0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ -6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOCATowggE2MB0GA1UdDgQW -BBSzETLJkpiE4sn40DtuA0LKHw6OPDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t +6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOCAUUwggFBMB0GA1UdDgQW +BBSzETLJkpiE4sn40DtuA0LKHw6OPDCB1AYDVR0jBIHMMIHJgBQnjmcRdMMmHT/t M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG -9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAMBgNVHRMEBTADAQH/ -MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUF -BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAGw2mRJMNDgw1KCZAMdLr -JkxHWxn7rf469TA6KNeqaaQV5yZutzNWrI80PfMhL1NYkdA+tDlIv5MRdDbTh0nD -NA0wMKv0TCcZ1cQMrUm9kfjansgtKqzidY6qCNm/Zf+jsU/wYG9NlcQGf69maiM7 -OqRhtmzKvuGwd/Psg9WMHYV/jXTI7B5J7FdKzP3iOj5UUK5nzRewZ6VTf8MOPqdY -6N/VDPJk860ScOO5QrwIYHbVDKUxd1DgyPM6PUXPMnXvEN217W7SLVeClTi8fVTE -hF77foP18S2cmKxz46fSAjDWHwYe0Nw6rPTCwr5yQJrqzzUhO1Zt4VLygNc1g5cH -zA== +9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFH2UcIi6B0KNqq9PvsIaSPDRQOZCMAwG +A1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0l +BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBzWW9V +lOE45yBaEUZHqCkRFwYZFngir1T42TJhJj85q6Tf767QC8wrr5VwkJdTzBlt8k1M ++uSdfFTgWzsfHlJGf9m6oJC6bd89Z/CfUkTD4WY23GFYEbpMDMIp2vcTRWCyEXmR +7Xyft39c4inGHr942r/RvZz3TiPgw+9vtmd810wC1b1n7n4M44nbeWEe0F/16GZI +OlVU1RYSMADJhnXgyf84dM7Ix/3vlthVlnE1Yts0xS8HhIqqGx53UAogOyFLBhSv +eBGiQcZdDHDgUrSeTIarW6Pgj6LCGmlwgDu9UCMmck/6/d/thTIs5Ks+86bQHdsz +a2mNmbm0NEt5qBZo -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) - Serial Number: 12309252214903945037 (0xaad33fac180a374d) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 7d:94:70:88:ba:07:42:8d:aa:af:4f:be:c2:1a:48:f0:d1:40:e6:42 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: @@ -129,7 +130,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -138,47 +139,47 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08: - 86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd: - 89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99: - c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce: - 89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8: - a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4: - ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20: - 88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70: - 6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38: - 7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4: - 12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6: - b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd: - b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e: - ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c: - 4f:a1:ca:98 + b0:71:bb:ba:45:5a:80:25:02:a4:7e:88:0b:a9:7b:fd:b0:bb: + f6:46:b5:ba:f4:c7:e3:61:20:8c:03:15:66:f5:e4:54:82:ef: + 13:80:97:22:67:c1:d1:88:5d:e2:2d:57:f6:e0:9f:69:d6:b1: + 5c:b6:e8:e0:98:89:c8:14:12:d6:b6:89:8d:6c:b9:a0:59:4f: + 92:ee:11:53:6b:7d:93:4a:69:0a:85:d9:d5:d2:62:e8:c9:b5: + c6:4e:17:f5:0a:e8:f3:2d:86:61:0b:eb:c4:c4:c6:67:75:ed: + 9a:9f:53:a0:71:1e:a0:90:0d:f9:03:b4:bc:86:19:6e:f0:3b: + 4f:e8:ed:68:f6:e7:23:43:3b:36:83:83:4b:46:a0:9a:01:d0: + c7:85:bb:7d:94:a0:21:3d:7e:3c:6a:3d:81:db:41:7b:46:d8: + 15:62:d5:8f:4d:3d:c0:db:9a:c5:81:a8:ac:da:87:99:c7:dd: + b9:f1:14:af:d1:93:e3:f3:42:d7:a2:04:51:21:54:29:c3:45: + f6:be:5c:fa:cd:db:bf:2f:79:81:42:e5:8f:47:0b:d4:54:01: + b5:c2:4a:46:d6:a8:31:2e:64:80:3f:48:61:91:29:f3:aa:43: + 5c:69:6e:f1:01:b9:df:63:71:3d:b9:5a:fb:36:c0:11:a2:c3: + 30:9d:95:c3 -----BEGIN CERTIFICATE----- -MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +MIIE/zCCA+egAwIBAgIUfZRwiLoHQo2qr0++whpI8NFA5kIwDQYJKoZIhvcNAQEL +BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZQxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw +DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP +d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804H0ry +TXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQ +u2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkc +rMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfa +QG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+j +JtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02 +eQIDAQABo4IBRTCCAUEwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHU +BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow -ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+ -gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO -BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv -b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM -BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud -JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI -WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX -apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28 -Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z -PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt -XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR -O7A8u4yPPHtMT6HKxA== +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU +fZRwiLoHQo2qr0++whpI8NFA5kIwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl +eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +DQYJKoZIhvcNAQELBQADggEBALBxu7pFWoAlAqR+iAupe/2wu/ZGtbr0x+NhIIwD +FWb15FSC7xOAlyJnwdGIXeItV/bgn2nWsVy26OCYicgUEta2iY1suaBZT5LuEVNr +fZNKaQqF2dXSYujJtcZOF/UK6PMthmEL68TExmd17ZqfU6BxHqCQDfkDtLyGGW7w +O0/o7Wj25yNDOzaDg0tGoJoB0MeFu32UoCE9fjxqPYHbQXtG2BVi1Y9NPcDbmsWB +qKzah5nH3bnxFK/Rk+PzQteiBFEhVCnDRfa+XPrN278veYFC5Y9HC9RUAbXCSkbW +qDEuZIA/SGGRKfOqQ1xpbvEBud9jcT25Wvs2wBGiwzCdxcM= -----END CERTIFICATE----- diff --git a/certs/test/server-duplicate-policy.pem b/certs/test/server-duplicate-policy.pem index 50281d14a..6941973d8 100644 --- a/certs/test/server-duplicate-policy.pem +++ b/certs/test/server-duplicate-policy.pem @@ -2,15 +2,15 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:53 2021 GMT - Not After : Nov 7 19:49:53 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=testing duplicate policy, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = testing duplicate policy, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: @@ -37,7 +37,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:FALSE @@ -49,27 +49,27 @@ Certificate: Explicit Text: Test of duplicate OIDs with different qualifiers Signature Algorithm: sha256WithRSAEncryption - 89:48:e9:bf:9d:98:fc:e3:b5:32:80:9c:b8:18:31:37:df:6b: - 5b:f9:ca:f1:50:b2:10:d2:97:91:31:7b:3b:e0:f9:ec:d3:45: - 83:47:c0:a6:86:e0:f9:a2:46:f8:7a:22:54:9e:37:b5:43:3d: - de:13:7f:a1:79:2b:1e:c9:a5:1f:96:23:fb:43:cb:94:7f:55: - 37:9a:7e:4e:73:90:1f:aa:07:92:b7:86:f9:0d:36:c0:94:53: - 91:86:ec:ed:b3:e7:44:b4:9e:27:d2:b7:ff:f8:d0:98:32:5e: - 9d:24:9d:59:3a:06:82:3e:58:0f:93:f3:c5:85:23:ef:ec:1a: - 05:a0:0c:db:ac:e1:7c:67:84:0c:92:0e:81:e3:57:4e:5a:8a: - a9:05:f2:38:73:78:c9:12:8a:45:c5:5a:f0:a6:2a:de:b9:29: - 7d:9f:69:07:af:06:2a:e8:cc:3b:35:ea:7b:f3:43:2f:24:15: - 1b:93:f2:3a:1d:0f:e5:e6:20:4c:a8:6a:42:32:71:5a:f8:3a: - 41:5e:35:bb:0a:c3:4e:b5:12:6a:ae:e1:97:cb:94:b9:71:14: - a2:63:a4:f0:c4:07:31:57:6e:f8:f8:05:25:dd:36:bb:83:f8: - 60:53:b2:4c:75:92:44:fc:24:21:1e:65:94:9e:0a:86:73:34: - 45:f7:1b:88 + 2a:bd:46:4a:5f:f0:63:9c:49:90:7e:04:c9:aa:c5:1e:07:5c: + 62:7a:33:cb:39:92:bc:dd:f6:1b:52:fc:d0:31:82:89:10:d0: + 3a:c4:54:3a:79:ae:a7:e1:f1:d4:93:20:41:27:cc:2c:41:74: + 7d:f8:35:e4:98:a2:52:c0:11:1f:68:4a:f0:b0:6d:94:7c:a5: + a9:5e:62:82:37:9f:5a:d2:72:58:d1:dd:dc:18:fd:63:f5:4a: + f8:d1:b7:56:63:9d:2c:df:0b:ae:00:b4:52:aa:6f:84:f2:ed: + 25:35:39:b4:60:85:91:c1:80:87:a2:3d:34:be:80:b7:5a:ac: + db:5e:99:3e:88:98:a4:07:a8:86:0d:61:81:c6:3d:1e:78:2c: + 40:b2:e2:d5:c4:b5:78:ac:ef:2c:86:f5:98:87:32:f6:f3:6f: + 09:a4:a4:7c:20:db:c6:1b:3c:97:ff:5f:62:54:3e:24:80:63: + 89:e4:0f:43:68:05:c7:d2:b4:bd:d2:b2:a0:3e:37:ae:43:34: + c1:21:c7:f3:36:9d:04:44:be:45:d0:7c:47:a1:6c:f4:e8:64: + 8b:24:ff:18:9d:c2:77:79:de:2c:1e:0f:da:3f:25:8f:4c:87: + f3:db:dc:d4:ae:7d:25:cd:f2:73:b8:0f:35:6c:64:43:9a:7d: + d4:53:a5:0c -----BEGIN CERTIFICATE----- -MIIFJjCCBA6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +MIIFMTCCBBmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwMjEw -MTk0OTUzWhcNMjMxMTA3MTk0OTUzWjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIw +MjMwNzI1WhcNMjQwOTE1MjMwNzI1WjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxITAf BgNVBAsMGHRlc3RpbmcgZHVwbGljYXRlIHBvbGljeTEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,34 +79,35 @@ JDC4lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPh bV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KX c+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQAB -o4IBcjCCAW4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSME -gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +o4IBfTCCAXkwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHUBgNVHSME +gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm -c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKrTP6wY -CjdNMAkGA1UdEwQCMAAwdgYDVR0gBG8wbTAFBgMqAwQwZAYDKgMEMF0wGwYIKwYB -BQUHAgEWD3d3dy53b2xmc3NsLmNvbTA+BggrBgEFBQcCAjAyGjBUZXN0IG9mIGR1 -cGxpY2F0ZSBPSURzIHdpdGggZGlmZmVyZW50IHF1YWxpZmllcnMwDQYJKoZIhvcN -AQELBQADggEBAIlI6b+dmPzjtTKAnLgYMTffa1v5yvFQshDSl5Exezvg+ezTRYNH -wKaG4PmiRvh6IlSeN7VDPd4Tf6F5Kx7JpR+WI/tDy5R/VTeafk5zkB+qB5K3hvkN -NsCUU5GG7O2z50S0nifSt//40JgyXp0knVk6BoI+WA+T88WFI+/sGgWgDNus4Xxn -hAySDoHjV05aiqkF8jhzeMkSikXFWvCmKt65KX2faQevBirozDs16nvzQy8kFRuT -8jodD+XmIEyoakIycVr4OkFeNbsKw061Emqu4ZfLlLlxFKJjpPDEBzFXbvj4BSXd -NruD+GBTskx1kkT8JCEeZZSeCoZzNEX3G4g= +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUfZRwiLoH +Qo2qr0++whpI8NFA5kIwCQYDVR0TBAIwADB2BgNVHSAEbzBtMAUGAyoDBDBkBgMq +AwQwXTAbBggrBgEFBQcCARYPd3d3LndvbGZzc2wuY29tMD4GCCsGAQUFBwICMDIa +MFRlc3Qgb2YgZHVwbGljYXRlIE9JRHMgd2l0aCBkaWZmZXJlbnQgcXVhbGlmaWVy +czANBgkqhkiG9w0BAQsFAAOCAQEAKr1GSl/wY5xJkH4EyarFHgdcYnozyzmSvN32 +G1L80DGCiRDQOsRUOnmup+Hx1JMgQSfMLEF0ffg15JiiUsARH2hK8LBtlHylqV5i +gjefWtJyWNHd3Bj9Y/VK+NG3VmOdLN8LrgC0UqpvhPLtJTU5tGCFkcGAh6I9NL6A +t1qs216ZPoiYpAeohg1hgcY9HngsQLLi1cS1eKzvLIb1mIcy9vNvCaSkfCDbxhs8 +l/9fYlQ+JIBjieQPQ2gFx9K0vdKyoD43rkM0wSHH8zadBES+RdB8R6Fs9OhkiyT/ +GJ3Cd3neLB4P2j8lj0yH89vc1K59Jc3yc7gPNWxkQ5p91FOlDA== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) - Serial Number: 12309252214903945037 (0xaad33fac180a374d) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Serial Number: + 7d:94:70:88:ba:07:42:8d:aa:af:4f:be:c2:1a:48:f0:d1:40:e6:42 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Feb 10 19:49:52 2021 GMT - Not After : Nov 7 19:49:52 2023 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Not Before: Dec 20 23:07:24 2021 GMT + Not After : Sep 15 23:07:24 2024 GMT + Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) + RSA Public-Key: (2048 bit) Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: @@ -133,7 +134,7 @@ Certificate: X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:AA:D3:3F:AC:18:0A:37:4D + serial:7D:94:70:88:BA:07:42:8D:AA:AF:4F:BE:C2:1A:48:F0:D1:40:E6:42 X509v3 Basic Constraints: CA:TRUE @@ -142,47 +143,47 @@ Certificate: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: sha256WithRSAEncryption - 62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08: - 86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd: - 89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99: - c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce: - 89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8: - a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4: - ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20: - 88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70: - 6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38: - 7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4: - 12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6: - b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd: - b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e: - ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c: - 4f:a1:ca:98 + b0:71:bb:ba:45:5a:80:25:02:a4:7e:88:0b:a9:7b:fd:b0:bb: + f6:46:b5:ba:f4:c7:e3:61:20:8c:03:15:66:f5:e4:54:82:ef: + 13:80:97:22:67:c1:d1:88:5d:e2:2d:57:f6:e0:9f:69:d6:b1: + 5c:b6:e8:e0:98:89:c8:14:12:d6:b6:89:8d:6c:b9:a0:59:4f: + 92:ee:11:53:6b:7d:93:4a:69:0a:85:d9:d5:d2:62:e8:c9:b5: + c6:4e:17:f5:0a:e8:f3:2d:86:61:0b:eb:c4:c4:c6:67:75:ed: + 9a:9f:53:a0:71:1e:a0:90:0d:f9:03:b4:bc:86:19:6e:f0:3b: + 4f:e8:ed:68:f6:e7:23:43:3b:36:83:83:4b:46:a0:9a:01:d0: + c7:85:bb:7d:94:a0:21:3d:7e:3c:6a:3d:81:db:41:7b:46:d8: + 15:62:d5:8f:4d:3d:c0:db:9a:c5:81:a8:ac:da:87:99:c7:dd: + b9:f1:14:af:d1:93:e3:f3:42:d7:a2:04:51:21:54:29:c3:45: + f6:be:5c:fa:cd:db:bf:2f:79:81:42:e5:8f:47:0b:d4:54:01: + b5:c2:4a:46:d6:a8:31:2e:64:80:3f:48:61:91:29:f3:aa:43: + 5c:69:6e:f1:01:b9:df:63:71:3d:b9:5a:fb:36:c0:11:a2:c3: + 30:9d:95:c3 -----BEGIN CERTIFICATE----- -MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD +MIIE/zCCA+egAwIBAgIUfZRwiLoHQo2qr0++whpI8NFA5kIwDQYJKoZIhvcNAQEL +BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC +b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY +MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNFoXDTI0MDkxNTIzMDcyNFowgZQxCzAJ +BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw +DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP +d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804H0ry +TXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQ +u2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkc +rMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfa +QG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+j +JtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02 +eQIDAQABo4IBRTCCAUEwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHU +BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow -ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+ -gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO -BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv -b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j -b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM -BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud -JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI -WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX -apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28 -Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z -PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt -XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR -O7A8u4yPPHtMT6HKmA== +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU +fZRwiLoHQo2qr0++whpI8NFA5kIwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl +eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +DQYJKoZIhvcNAQELBQADggEBALBxu7pFWoAlAqR+iAupe/2wu/ZGtbr0x+NhIIwD +FWb15FSC7xOAlyJnwdGIXeItV/bgn2nWsVy26OCYicgUEta2iY1suaBZT5LuEVNr +fZNKaQqF2dXSYujJtcZOF/UK6PMthmEL68TExmd17ZqfU6BxHqCQDfkDtLyGGW7w +O0/o7Wj25yNDOzaDg0tGoJoB0MeFu32UoCE9fjxqPYHbQXtG2BVi1Y9NPcDbmsWB +qKzah5nH3bnxFK/Rk+PzQteiBFEhVCnDRfa+XPrN278veYFC5Y9HC9RUAbXCSkbW +qDEuZIA/SGGRKfOqQ1xpbvEBud9jcT25Wvs2wBGiwzCdlcM= -----END CERTIFICATE----- diff --git a/certs/test/server-garbage.der b/certs/test/server-garbage.der index c8e7d7cecba044cc6e5318228f5b85056eecf4f8..6dbb41afd92b873c1e1e0f21d82e77b5a4aa5753 100644 GIT binary patch delta 332 zcmZ3$zJOiXpow{oK@(HU0%j&gCMJa+r7fcVyW;9tbKRd3ht#lzr_rJaCl$yQID^A^}XM5;# zz25TcVmq6UoLa$@8h5FjbH!()$PH7%POlZ=_ySio3 zna|&|zC;A^bxyIB(wunP(r0R|t;n{nh$>gsF4?Irs|A=>da3T80o mcb{Z3>Nhg&JhuKI|N8t0&s#FLt8J_N8u;b)owqV&I0FFFjgNK! delta 332 zcmZ3$zJOiXpow{oK@(HU0%j&gCMJ>Si&?cdkIa%fCg>vc=hVV4mD$pZCMr*sG%zzX zH8L_VGB$}4=QT1hFg7%Va5tX6$XLJeNqVJk^W!Mb%YDWYi{9-$lIC!!QS!vEsa!An z??#*z=sN8DH%b4LHt)+?4gYvoYjx{dHcO$>!_W2ln!az;sIM<;zWw#prS|9vOE%hh zr!2PRy6$LLs9_z_sjyW%RpI0hX;nd&#oSvH%s))}V=e2&{QlvVL}lY15B(Q+y?@x& zPiF`{?zzu2%l_eQqxbcjvsTA;fBfw#S1Nz;*<_XaP2tnSIn-^ZSZ|)bh5f+ux8<`Q zexIPbUQS=M=9bR&+lw|n^;7rZ3E~M^czLJcs*Cap6Sp0#FLGu|{vs@!R^3n|w^f{3 mdup)zYk}lveafef>$1LHds}76vk%&fs?4t|#Jpu{ItKs|@RPs* diff --git a/certs/test/server-garbage.pem b/certs/test/server-garbage.pem index 32e1ed08d..381d7bc5d 100644 --- a/certs/test/server-garbage.pem +++ b/certs/test/server-garbage.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 5b:d1:6a:7d:d9:c4:9a:1a:c6:11:44:12:fc:ca:a1:f4:79:6b:1b:a2 + 79:41:0e:38:0a:5f:24:41:24:48:9a:ff:f5:5c:3d:5a:a1:01:4f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:34 2021 GMT - Not After : Mar 11 22:02:34 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -36,27 +36,27 @@ Certificate: X509v3 Subject Alternative Name: DNS:garbage Signature Algorithm: sha256WithRSAEncryption - b1:e4:67:79:4d:83:e3:5a:49:d3:8e:33:18:a2:ee:bd:c4:66: - 40:d2:81:19:c8:fa:95:0a:e9:8f:dd:58:cd:10:8a:c3:43:fd: - 62:2f:ca:2b:0d:e9:7d:28:4f:5f:45:3b:27:3b:7d:06:39:12: - 75:c3:e7:2e:8e:82:f7:b1:28:7f:7f:76:83:db:f5:ea:d2:87: - 5b:90:a4:b1:3e:4b:64:a3:3d:0a:d7:41:31:71:28:3b:54:89: - 20:b5:17:65:20:c9:f8:1b:25:11:44:a3:0b:b5:60:37:f0:92: - fc:3b:1d:4a:03:ef:e1:b4:61:23:33:8c:48:2f:e8:dd:4b:f8: - 3d:97:00:55:c7:49:be:35:6a:3f:e1:db:32:ef:7f:b3:6a:ab: - 5d:8b:f1:fb:45:1e:75:1f:d1:e6:93:24:7f:b2:57:97:57:08: - 27:3d:94:3b:b3:97:b4:07:c0:e7:ed:77:9a:e1:f7:90:2d:af: - 1e:2f:15:7c:da:2c:d7:db:a2:b1:e5:4e:27:4c:0c:52:0c:54: - a1:d3:b9:31:aa:d1:1f:20:91:b6:c1:7f:72:43:02:63:f4:13: - 1d:66:7b:80:7c:1e:b5:17:03:2b:95:53:47:eb:10:63:e6:8e: - 23:ca:c7:2d:05:eb:ad:db:24:a4:e6:f0:2b:a2:7a:37:d7:20: - 5c:ed:82:ce + 93:85:54:0c:c7:ad:3f:ad:83:9d:a3:95:00:66:a1:8c:d8:56: + ca:07:79:14:2c:e2:20:e2:03:c8:67:2e:6b:47:95:8f:d8:ee: + e4:c4:33:b0:96:1d:04:52:85:7d:47:d8:a9:89:9b:9f:a3:c9: + e0:eb:be:e4:d2:89:9a:78:04:49:5a:30:0f:16:3e:b1:82:11: + 33:e1:39:f0:42:a6:71:6f:f9:10:8f:7a:c4:1f:a3:a1:70:a3: + b8:8e:f8:52:25:e3:e7:11:67:54:6b:01:34:a8:9f:6b:5e:76: + 86:75:a1:08:8b:fe:bd:ae:22:83:4b:cf:21:95:b6:2e:3d:c2: + f3:2e:a7:d7:16:b9:83:c4:ca:a8:02:65:5e:d2:77:09:a8:f3: + 32:59:b0:94:56:cb:ad:14:08:fb:c0:98:db:25:6b:1b:cb:8b: + 8f:a8:4c:10:12:74:a1:c1:ff:3d:ab:84:a2:cc:f3:f7:6a:f4: + 58:52:0e:89:94:3d:1a:29:91:db:39:4c:95:7d:3d:14:b6:8a: + 58:7a:45:05:8a:1d:95:44:ab:10:03:a9:4a:25:b8:0a:83:24: + aa:47:da:c9:15:47:ca:5a:1e:ee:f2:1c:68:7f:b1:02:b9:c6: + af:c1:0f:af:6f:58:49:da:1c:db:7b:3d:7a:4e:80:0f:1f:2f: + 43:b5:68:43 -----BEGIN CERTIFICATE----- -MIIDnDCCAoSgAwIBAgIUW9FqfdnEmhrGEUQS/Mqh9HlrG6IwDQYJKoZIhvcNAQEL +MIIDnDCCAoSgAwIBAgIUeUEOOApfJEEkSJr/9Vw9WqEBTxgwDQYJKoZIhvcNAQEL BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwNjE1MjIwMjM0 -WhcNMjQwMzExMjIwMjM0WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIwMjMwNzI1 +WhcNMjQwOTE1MjMwNzI1WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG @@ -66,10 +66,10 @@ C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3 uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC AwEAAaMWMBQwEgYDVR0RBAswCYIHZ2FyYmFnZTANBgkqhkiG9w0BAQsFAAOCAQEA -seRneU2D41pJ044zGKLuvcRmQNKBGcj6lQrpj91YzRCKw0P9Yi/KKw3pfShPX0U7 -Jzt9BjkSdcPnLo6C97Eof392g9v16tKHW5CksT5LZKM9CtdBMXEoO1SJILUXZSDJ -+BslEUSjC7VgN/CS/DsdSgPv4bRhIzOMSC/o3Uv4PZcAVcdJvjVqP+HbMu9/s2qr -XYvx+0UedR/R5pMkf7JXl1cIJz2UO7OXtAfA5+13muH3kC2vHi8VfNos19uiseVO -J0wMUgxUodO5MarRHyCRtsF/ckMCY/QTHWZ7gHwetRcDK5VTR+sQY+aOI8rHLQXr -rdskpObwK6J6N9cgXO2Czg== +k4VUDMetP62DnaOVAGahjNhWygd5FCziIOIDyGcua0eVj9ju5MQzsJYdBFKFfUfY +qYmbn6PJ4Ou+5NKJmngESVowDxY+sYIRM+E58EKmcW/5EI96xB+joXCjuI74UiXj +5xFnVGsBNKifa152hnWhCIv+va4ig0vPIZW2Lj3C8y6n1xa5g8TKqAJlXtJ3Cajz +MlmwlFbLrRQI+8CY2yVrG8uLj6hMEBJ0ocH/PauEoszz92r0WFIOiZQ9GimR2zlM +lX09FLaKWHpFBYodlUSrEAOpSiW4CoMkqkfayRVHyloe7vIcaH+xArnGr8EPr29Y +Sdoc23s9ek6ADx8vQ7VoQw== -----END CERTIFICATE----- diff --git a/certs/test/server-goodalt.der b/certs/test/server-goodalt.der index fa2afb5670ce4ee27543f34f5cf3dbf4917e3426..418254873eb32e98433499c4789c2c0bdb15c38b 100644 GIT binary patch delta 332 zcmdnMzJXoYpow{nK@-!I1?H~Ykof0ny5TW($L7r zz{uFZ+{iRaoY%<2z|znZ!rgf77GwPyxn-5!8mA8zd{0~b+hyJ9fBsrW<~kDbRHDS+Li&LUw^wpJ#|R zMn-8n)>r;rx1Zm4)u9ZtSj8)<&m8`5ynpxg?l)X4I{H!^miev6gDp+Xgng8&RW5$! zuJ7m;oZ_=KO)c++LF1s(1SCDVA%T mJaOMuCnxenZ2r_`+am6Vr)I~0{+joEZ6V9C85^BS2L7#kWwxErtCVyxdBCYQrdB2dEk%%wl^^X=2&RxcHQq|G zZf&pllw&B%C?|JNQ{-RkBmO-;yLBh;bKLCa|7yux)7@YG@XS84PIgLJ&6ye{VV(B+ z^RGJX?;TWQ%Fl>!zdz-9UD%2_aWh4)9J;KxV*b@cnOe8y;RO+f+gBy5i;?wW4`C`_ z{&U5qu2Wee`RuLJYJh=BC}&&rwR%mM(GAd)cv diff --git a/certs/test/server-goodalt.pem b/certs/test/server-goodalt.pem index 7a393bee3..d9438287c 100644 --- a/certs/test/server-goodalt.pem +++ b/certs/test/server-goodalt.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 22:0f:95:6c:4d:29:a8:eb:a8:48:f9:16:e0:f7:9f:52:2c:3d:8c:74 + 71:a9:03:7e:a9:c5:45:28:67:c8:de:a2:78:01:ee:a0:ac:f9:e7:2a Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:33 2021 GMT - Not After : Mar 11 22:02:33 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -36,27 +36,27 @@ Certificate: X509v3 Subject Alternative Name: DNS:localhost Signature Algorithm: sha256WithRSAEncryption - b3:56:1e:6c:00:74:10:74:01:e6:44:8f:61:f3:db:cb:57:3a: - e9:20:d7:09:ad:85:29:1f:dd:6e:2c:98:21:7b:46:51:10:56: - 38:10:9b:7b:ad:f4:8c:6c:29:78:13:33:33:c3:17:7d:a6:d3: - 45:1c:25:cf:dd:4b:4e:9e:19:62:86:6b:f8:6b:40:ec:96:09: - 0f:6a:a5:2c:79:3b:1d:b5:87:78:f2:6c:31:1d:01:1e:1e:c1: - 29:14:fe:85:e2:0f:bc:4c:bb:2d:93:be:41:b3:46:4f:ea:a4: - 9d:35:bb:f4:fc:0c:9b:c4:ae:1d:94:76:7c:cc:7c:22:13:2c: - 87:cf:ea:89:3f:de:c1:26:02:6f:68:58:47:df:94:e7:7e:56: - a8:9c:5e:99:15:d4:c2:d3:2e:a8:9f:d5:61:1c:7d:46:a7:57: - 70:58:31:b7:aa:60:ae:5c:1d:4a:07:54:02:77:a7:f9:a8:b2: - 8a:ca:6a:14:bf:83:e1:2f:e5:28:bf:d7:de:e7:fb:47:bc:f2: - 84:78:11:f9:41:bf:33:d6:c8:17:1a:da:ff:eb:fd:32:75:cd: - 08:47:78:0c:26:16:2e:dc:75:db:e8:44:f8:10:87:b1:94:16: - eb:c3:29:3d:fb:ae:46:5e:9a:42:4d:40:03:c1:58:50:67:ff: - e6:77:9c:9a + ac:1e:a6:79:4b:28:cb:c3:70:f7:66:ab:fb:44:9e:ca:20:b2: + 43:61:93:cf:23:d6:2c:ec:f1:bf:01:1f:0f:f6:4e:08:00:50: + 3c:b0:86:4c:29:7b:6f:f2:2c:e2:9f:47:97:4e:d7:1a:9e:02: + cb:cd:fa:d1:67:31:f0:99:10:82:d9:e6:53:4a:d6:71:07:10: + aa:f3:98:15:81:59:5a:2b:41:7f:79:fd:ae:bf:0f:4d:aa:c2: + 68:36:5d:21:d4:25:e6:40:ff:b1:df:dd:eb:bb:ec:0a:04:2c: + 2f:1a:08:39:6f:85:c7:53:39:35:36:13:4c:23:7b:24:d1:f3: + 0b:88:8b:11:94:4c:ad:66:26:6e:d8:30:81:f2:c0:3e:fe:30: + ab:45:b9:10:88:d4:19:b1:a6:9d:5e:c1:3f:b0:8b:eb:44:fd: + ae:f0:46:44:23:04:f6:59:02:f4:66:47:15:07:7a:ed:41:a2: + 11:46:87:78:06:5a:79:ef:58:68:8c:ae:81:34:c6:96:d5:64: + c8:45:31:a0:e9:0c:92:1e:90:67:c8:66:a4:df:70:7b:5d:ee: + b4:25:dc:8e:de:21:77:28:c9:c8:df:45:2c:6c:59:e8:5d:6f: + 95:a6:b6:58:df:57:65:6b:5f:f3:f5:6e:e7:ad:71:04:c6:63: + fd:61:02:65 -----BEGIN CERTIFICATE----- -MIIDrDCCApSgAwIBAgIUIg+VbE0pqOuoSPkW4PefUiw9jHQwDQYJKoZIhvcNAQEL +MIIDrDCCApSgAwIBAgIUcakDfqnFRShnyN6ieAHuoKz55yowDQYJKoZIhvcNAQEL BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0 -Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDYx -NTIyMDIzM1oXDTI0MDMxMTIyMDIzM1owgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI @@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE 4eZhg8XSlt/Z0E+t1wIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJ -KoZIhvcNAQELBQADggEBALNWHmwAdBB0AeZEj2Hz28tXOukg1wmthSkf3W4smCF7 -RlEQVjgQm3ut9IxsKXgTMzPDF32m00UcJc/dS06eGWKGa/hrQOyWCQ9qpSx5Ox21 -h3jybDEdAR4ewSkU/oXiD7xMuy2TvkGzRk/qpJ01u/T8DJvErh2UdnzMfCITLIfP -6ok/3sEmAm9oWEfflOd+VqicXpkV1MLTLqif1WEcfUanV3BYMbeqYK5cHUoHVAJ3 -p/mosorKahS/g+Ev5Si/197n+0e88oR4EflBvzPWyBca2v/r/TJ1zQhHeAwmFi7c -ddvoRPgQh7GUFuvDKT37rkZemkJNQAPBWFBn/+Z3nJo= +KoZIhvcNAQELBQADggEBAKwepnlLKMvDcPdmq/tEnsogskNhk88j1izs8b8BHw/2 +TggAUDywhkwpe2/yLOKfR5dO1xqeAsvN+tFnMfCZEILZ5lNK1nEHEKrzmBWBWVor +QX95/a6/D02qwmg2XSHUJeZA/7Hf3eu77AoELC8aCDlvhcdTOTU2E0wjeyTR8wuI +ixGUTK1mJm7YMIHywD7+MKtFuRCI1Bmxpp1ewT+wi+tE/a7wRkQjBPZZAvRmRxUH +eu1BohFGh3gGWnnvWGiMroE0xpbVZMhFMaDpDJIekGfIZqTfcHtd7rQl3I7eIXco +ycjfRSxsWehdb5WmtljfV2VrX/P1buetcQTGY/1hAmU= -----END CERTIFICATE----- diff --git a/certs/test/server-goodaltwild.der b/certs/test/server-goodaltwild.der index 67fa3a9c869f5b9346d0a957492b95055e55f5a3..fb899ec76afd33ddb8d080fe302632ad8c81c9e0 100644 GIT binary patch delta 332 zcmdnUzL8zopow{{K@-!|1k)eY~WV%&qWCo0d9G&C|Y zFfukUH!_V9=QT1hurxG9NW=!8^^Jj+Z~G@H{DF?0Hf(<>{Flak&$J9w}RKGUtx$vJ%Y|^V*kx6ypf| z{d&2{1D&t$uFG%=o?KcHy6Z{!)E&Y-PaIrsz4m){uf%8L&EpA=7hXJe^xT;OO oO=jZR;FHUB?ry&8WPRrN2`=4^(~}n%ziPKIRBhkZ%CvAj0KP$>vj6}9 delta 332 zcmdnUzL8zopow{{K@-!|18j?-pN}75oTxlY(!k8n z)X2!d$k;eaoY%<2z}V0b!rgf7He>zXa50x7mJ6Q=1$6(^4=$Os%_+x3cV1KV=ch+! zPhPIJ$Xe(1%<~`g*56yxwVY?^wck9c`+Qzm)+Tsemiz6&>oY+})^Xa`hJ8Vg!o4)V-QUC%v|oc`OI}_5yw~QFJ9o%>iNF5-xJN#}iy@~q{IGc2lq&&$7nU$OPC6qN z6xH{~K<}@xJ=d~7oezDQ4YoIxRlPeBUj9tKRDFj=*_ZjZg}v|1$vL@t(dKoS6sv6jF9 diff --git a/certs/test/server-goodaltwild.pem b/certs/test/server-goodaltwild.pem index dd2620d0e..8b7579e8c 100644 --- a/certs/test/server-goodaltwild.pem +++ b/certs/test/server-goodaltwild.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 51:c8:76:f6:e4:03:7b:88:d2:98:fb:66:35:aa:83:d3:f3:c7:c4:01 + 64:f2:d4:d2:af:4e:fb:8a:b2:32:ff:0c:ab:80:ee:5a:5c:47:52:6b Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:33 2021 GMT - Not After : Mar 11 22:02:33 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -36,27 +36,27 @@ Certificate: X509v3 Subject Alternative Name: DNS:*localhost Signature Algorithm: sha256WithRSAEncryption - bd:57:16:44:c4:39:a1:e6:12:50:8b:f9:2f:53:74:92:b6:42: - 6c:34:2d:9e:82:7b:f3:e5:c5:9b:93:a7:26:a2:3b:2c:eb:99: - cf:f0:2e:af:de:ac:8a:a7:0c:a5:d6:fb:0c:65:be:4c:ea:39: - 7d:60:4a:d3:1e:fb:48:0d:4c:90:12:1d:41:96:f5:80:be:52: - e3:57:23:5a:4d:4d:03:6c:82:7c:75:0e:8a:ec:2c:ee:f3:05: - 80:84:7a:58:a2:d6:58:05:31:27:ae:8f:6b:52:c3:93:eb:66: - 23:0b:15:d0:5f:cc:fd:ca:af:f9:94:6b:4d:0d:05:6b:65:22: - 35:d2:0c:ed:bf:82:02:52:bf:28:08:b4:6e:7e:7f:9e:eb:37: - 93:89:b8:1d:4a:17:eb:f7:e3:8c:1f:6f:8a:00:6c:85:57:c3: - 17:86:94:d4:50:fd:a1:74:01:41:92:cc:16:52:5a:8e:fc:30: - 2e:fd:13:3f:0a:a6:fc:89:e1:4c:83:30:b7:82:76:7a:ee:c4: - 57:77:e6:2f:75:27:b8:28:76:f4:9f:db:13:4b:de:9c:6c:ce: - b7:d9:39:7c:2a:f9:52:59:e2:ba:10:33:86:73:f6:a8:52:f2: - 58:0c:bd:11:e5:fd:b1:3d:ab:10:33:a1:56:84:5e:af:ad:23: - 44:99:30:19 + 4d:6d:8a:2d:3f:12:f3:09:c1:a5:19:1c:62:33:f9:5c:f9:6e: + 3c:78:5f:cd:73:be:f5:a9:43:54:44:85:2d:17:62:e3:24:ce: + 11:dc:83:89:41:d3:f1:24:0c:e4:76:01:8c:e4:7a:94:e5:cc: + d8:5e:6d:91:f9:c4:76:a8:c9:6c:dc:1d:a6:74:29:a8:9e:87: + a7:f1:16:08:51:fb:eb:a7:34:e0:2c:f5:ee:d7:1c:09:11:c9: + a5:78:55:ba:e4:57:95:b8:13:8c:e4:40:44:da:eb:4e:e6:de: + 74:4c:b1:d9:c7:60:e3:a1:d1:c6:d5:de:52:ec:7e:92:3e:0b: + a9:e6:c7:46:73:ad:4b:f6:45:2b:4e:f2:4f:be:9c:fb:59:8f: + b4:0d:66:36:bb:27:54:cc:bb:3f:10:44:b0:ce:b8:b3:fd:fb: + 7e:63:5d:1f:cb:85:cf:af:35:62:df:a6:08:6e:34:a8:00:53: + 09:da:79:7d:e2:b5:60:55:ec:42:43:df:58:72:c1:f4:b6:ae: + 0f:70:c9:83:96:7a:61:b5:e9:d3:17:7c:51:20:7c:1a:1a:d9: + bc:9f:d3:b1:aa:86:17:86:1c:91:cd:53:c9:a7:2c:dd:b3:dd: + 42:3b:cc:c7:c8:0a:2d:88:cb:93:a0:33:ea:87:38:31:25:87: + b6:85:a1:af -----BEGIN CERTIFICATE----- -MIIDrTCCApWgAwIBAgIUUch29uQDe4jSmPtmNaqD0/PHxAEwDQYJKoZIhvcNAQEL +MIIDrTCCApWgAwIBAgIUZPLU0q9O+4qyMv8Mq4DuWlxHUmswDQYJKoZIhvcNAQEL BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0 -Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDYx -NTIyMDIzM1oXDTI0MDMxMTIyMDIzM1owgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy +MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI @@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE 4eZhg8XSlt/Z0E+t1wIDAQABoxkwFzAVBgNVHREEDjAMggoqbG9jYWxob3N0MA0G -CSqGSIb3DQEBCwUAA4IBAQC9VxZExDmh5hJQi/kvU3SStkJsNC2egnvz5cWbk6cm -ojss65nP8C6v3qyKpwyl1vsMZb5M6jl9YErTHvtIDUyQEh1BlvWAvlLjVyNaTU0D -bIJ8dQ6K7Czu8wWAhHpYotZYBTEnro9rUsOT62YjCxXQX8z9yq/5lGtNDQVrZSI1 -0gztv4ICUr8oCLRufn+e6zeTibgdShfr9+OMH2+KAGyFV8MXhpTUUP2hdAFBkswW -UlqO/DAu/RM/Cqb8ieFMgzC3gnZ67sRXd+YvdSe4KHb0n9sTS96cbM632Tl8KvlS -WeK6EDOGc/aoUvJYDL0R5f2xPasQM6FWhF6vrSNEmTAZ +CSqGSIb3DQEBCwUAA4IBAQBNbYotPxLzCcGlGRxiM/lc+W48eF/Nc771qUNURIUt +F2LjJM4R3IOJQdPxJAzkdgGM5HqU5czYXm2R+cR2qMls3B2mdCmonoen8RYIUfvr +pzTgLPXu1xwJEcmleFW65FeVuBOM5EBE2utO5t50TLHZx2DjodHG1d5S7H6SPgup +5sdGc61L9kUrTvJPvpz7WY+0DWY2uydUzLs/EESwzriz/ft+Y10fy4XPrzVi36YI +bjSoAFMJ2nl94rVgVexCQ99YcsH0tq4PcMmDlnphtenTF3xRIHwaGtm8n9OxqoYX +hhyRzVPJpyzds91CO8zHyAotiMuToDPqhzgxJYe2haGv -----END CERTIFICATE----- diff --git a/certs/test/server-goodcn.der b/certs/test/server-goodcn.der index 87bb4e792cee42b54956ee13cba1aec5f65d41eb..dd16112db869a97b7923650c0fb064f9c7a10844 100644 GIT binary patch delta 332 zcmeBR?_gIpXkui^${{yCb~$bNavbJzMg=K8)a7dhw8kXILvKVQ4YeZrLK{_dAAcfI0F>=j(b|6_tj z{g30zOnr|1+*hz_UB`On@}xNz7Ak!GVSF<=n0<1p_02x23M1 zRs8uB87;pirK4_=1<|3;YBtVIIdUn>WTtcd{Ts)eUzR`m5M@`q+F*PC)niePX@8@Z n98sSYH?vvxOwYrKv;WThvS16p(wSP#v(6G$z8`io&1nJv72TNV delta 332 zcmeBR?_gIpXku-@AbWYbt&@#UY)MCHkn24;q) zMn(ok#>P?NyhbJl#)gIv?#A;w8SAI~ej67dR=Jl$CWqxUL*%9(`se#ED>eAsUz_{h ziR*j8IWPTLnZ~U5hH0Xywe=^S}CR zYii_2j=nzvpDnuU%r`U@s_^e*nv$q^@oe4VT`waWjMg}PZk(jFW`B11x0!#pZ;A_3dyjF7%d(}LF2r3sFFmRH zUhVXJud^2~mA1*YUR0?yeh|@rga7Dt$(?vwOYt($kOG{4qTe;l3rT^W!6(D;L(Q&6%_CK+nC` zXM}#9=RC@7yF$O@RP0Ti6^~fIesp%4RFpC8&q0yqH_uwP85;4#cbj!rtbOqK?XDyr m8HFQ$vE_G)I}h)Ss!lNYd+MOr3Ag)ew?%S&p0S7N_Z$GQ5t;M= delta 332 zcmeBT?_yUrXku_*U32me?y&M+DHtqSv0_qh=0<}XAq97CpLo=s z_F-{T&+#s)>gwa{s%zg?*DB67N(sp}FF5z>XWJc@mDcXw6P`^>*Id}pS`yRHt=`^J z`+EH}uBEmet8R1kyvg_9v-)%2eqrVfs_jp1HNI!_xx4>L_p~KT&YqJKpRwkx%cLfc zdcO2S{racvUYwoXAQSbrIdEUao7K->eDql#uqxU;!%*>Fhtc}eC0BN}?Y#qaE_YH^9+ZB6U4F(v4eqbTOqW#w?D(Lc diff --git a/certs/test/server-goodcnwild.pem b/certs/test/server-goodcnwild.pem index 8f5821d6d..900f84cb9 100644 --- a/certs/test/server-goodcnwild.pem +++ b/certs/test/server-goodcnwild.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 54:28:61:98:f6:94:1e:cd:01:47:65:7a:64:cd:f6:1e:37:0a:e4:f3 + 7c:8e:3e:2b:1c:d9:dc:8c:61:59:63:e6:86:64:11:59:c6:76:5d:46 Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:33 2021 GMT - Not After : Mar 11 22:02:33 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -33,27 +33,27 @@ Certificate: ad:d7 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption - 56:75:ba:9c:6f:c1:b8:3a:4b:a9:11:53:19:78:a8:92:8d:69: - b1:30:d8:54:70:dc:db:c8:e2:87:66:f0:a3:82:8c:c7:8a:1a: - 7b:7b:c7:07:25:ad:ed:7b:7d:21:9b:32:64:54:6b:37:70:ce: - fa:f9:86:dc:44:a9:3b:47:4b:90:e6:91:67:29:a1:80:85:74: - 5c:80:8b:27:87:84:7d:eb:af:96:0a:a5:3d:88:aa:db:0a:8c: - ec:6f:4f:bc:ab:f3:8e:bf:13:03:b0:25:87:e4:da:81:ef:06: - 4c:dd:bf:d4:8b:96:a4:a4:cd:ce:1e:17:98:ac:ed:44:92:82: - 48:0e:67:c2:8f:2f:cb:3e:e8:cd:9b:80:1c:5a:ed:83:51:be: - 78:ec:ab:e7:e8:f1:4c:af:50:aa:5b:47:68:31:21:de:88:32: - af:cb:74:d4:ba:86:bb:db:5a:78:1e:27:4b:b8:16:53:83:20: - 84:a4:df:67:68:c0:a1:ab:59:3c:14:8b:3c:f5:37:41:60:d8: - 7c:bf:bf:fe:d1:72:d2:a5:0b:f5:fc:97:ce:c4:c4:d9:ce:6f: - cb:ee:27:7c:a0:9a:d0:ae:0d:a6:85:3e:ed:a6:3e:90:09:c7: - 5e:df:e9:89:fb:44:dc:64:a9:c1:1b:ef:d7:1f:98:c1:28:0b: - f5:33:d3:25 + bc:c3:20:df:70:21:0a:a0:c4:a2:dd:2e:0c:40:d9:fb:c9:14: + 9f:9f:90:65:64:38:b2:c6:71:53:7b:e5:00:6f:b9:74:ee:0f: + 93:c9:e1:bf:d9:e4:ea:77:15:35:ba:35:08:7b:b1:cf:ec:09: + e2:ff:b8:8f:a0:03:1c:42:18:66:a5:84:63:29:d3:f8:80:12: + d3:3b:31:8d:85:73:ac:08:f8:5c:ee:0f:7f:6a:71:3d:3a:cc: + 9f:53:b2:27:36:0a:d1:6f:eb:86:f4:fd:cd:ec:81:25:47:4a: + 85:ca:d8:fa:32:fa:60:a0:1d:c6:68:77:39:0e:96:6e:6b:04: + 23:84:41:fc:a9:11:26:74:1e:5b:8b:cf:38:27:4a:03:aa:2f: + 01:36:cd:bd:4a:2e:67:67:c6:3c:fc:35:c4:58:47:b4:56:89: + f1:e2:2c:d4:d0:af:26:9c:9c:a1:c0:8c:de:eb:cc:12:f9:cf: + 09:c5:0b:3d:a8:2f:74:ca:5d:d9:2c:a8:e2:05:f5:f1:43:42: + 92:72:68:96:fc:c1:14:83:ec:e6:85:b6:31:32:0c:5f:8b:36: + 8b:78:ad:e0:e3:ed:ba:62:4c:1c:20:c4:4e:5d:77:dc:73:89: + c3:b9:5a:7b:60:30:fd:ca:c1:16:c8:46:df:ad:b6:59:0a:f3: + 98:bc:fb:9c -----BEGIN CERTIFICATE----- -MIIDhjCCAm6gAwIBAgIUVChhmPaUHs0BR2V6ZM32HjcK5PMwDQYJKoZIhvcNAQEL +MIIDhjCCAm6gAwIBAgIUfI4+KxzZ3IxhWWPmhmQRWcZ2XUYwDQYJKoZIhvcNAQEL BQAwfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRMwEQYDVQQDDAoqbG9jYWxob3N0 -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMDYxNTIyMDIz -M1oXDTI0MDMxMTIyMDIzM1owfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcy +NVoXDTI0MDkxNTIzMDcyNVowfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh bmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRMwEQYD VQQDDAoqbG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScB @@ -62,10 +62,10 @@ yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF 9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1m UQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOV oXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t -1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBWdbqcb8G4OkupEVMZeKiSjWmxMNhU -cNzbyOKHZvCjgozHihp7e8cHJa3te30hmzJkVGs3cM76+YbcRKk7R0uQ5pFnKaGA -hXRcgIsnh4R966+WCqU9iKrbCozsb0+8q/OOvxMDsCWH5NqB7wZM3b/Ui5akpM3O -HheYrO1EkoJIDmfCjy/LPujNm4AcWu2DUb547Kvn6PFMr1CqW0doMSHeiDKvy3TU -uoa721p4HidLuBZTgyCEpN9naMChq1k8FIs89TdBYNh8v7/+0XLSpQv1/JfOxMTZ -zm/L7id8oJrQrg2mhT7tpj6QCcde3+mJ+0TcZKnBG+/XH5jBKAv1M9Ml +1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQC8wyDfcCEKoMSi3S4MQNn7yRSfn5Bl +ZDiyxnFTe+UAb7l07g+TyeG/2eTqdxU1ujUIe7HP7Ani/7iPoAMcQhhmpYRjKdP4 +gBLTOzGNhXOsCPhc7g9/anE9OsyfU7InNgrRb+uG9P3N7IElR0qFytj6MvpgoB3G +aHc5DpZuawQjhEH8qREmdB5bi884J0oDqi8BNs29Si5nZ8Y8/DXEWEe0Vonx4izU +0K8mnJyhwIze68wS+c8JxQs9qC90yl3ZLKjiBfXxQ0KScmiW/MEUg+zmhbYxMgxf +izaLeK3g4+26YkwcIMROXXfcc4nDuVp7YDD9ysEWyEbfrbZZCvOYvPuc -----END CERTIFICATE----- diff --git a/certs/test/server-localhost.der b/certs/test/server-localhost.der index e7e28d6de157c73861418f344c1b0d20a45e8a81..7d439dd453c59c38a33fd7761cbb455458514ed4 100644 GIT binary patch delta 332 zcmZ3)zKC7fpow{&K@(Hk0%j&gCMFTdwOj4@XM1IFi>`?JxQ5BHKet?FqVi-(Ln9*t zBVz+|Bhx5xULz9&OG8r#cjNiXjP-^eKRtY9ewzD?@SIYsjj{ipJUhcNGw8hPw2IwX z-jlL-h`BG@=u^zfZTu)=+k)5@H|u4a%zsQj(|vD^5YH5!S##aEG?i42tW!{tS^3PS z@}K%|+uav(wtm08ROVKBO3R0k|7Uir>vikP4Rb#0^|W%?YewCOcb9cf-8?xrbmpA{ z9rf>%&v2E_P1qGB;Qah{(*x@*m%m6o;B@J_rCEI>gYi4}q<90ZjJGSM?O(1r>5_=- z*Jw4~U&41R*ry(yaOdI4uYXoC>0Db<-SCs)ov><MUAh{YxzV{XV8?sxjTN|5L(_ p6DtLFuim@&_toA9kLIi)79a{$+=0H^NSv&i884F+O}=mMCHkn24;q) zMn(ok#wJnXyhbJl#)gIv?#A<%8S5SV=l?QKf1c8n#r-#9wI%1Ybu)I%5?gK1vMZ~T z|LNb03+%u4?-17aky*H`H}b>k#7`&Ib3gjCRYd&f(rvre-Y8(?o^{3U5DQ!CM^*oO zX77XSR;riBcE(m!zqi#`%deML;-BtVV=jKOtB_S7O>o0E(XEmEns<06pV@1ZJJ~^_ zeo5rL>MvgnWw&sW3wUbB?x%79|_Cz1<{Dd`g mUN+u-DD3au;2eICwQZSl-uA?|Wf7NC?_|H8w8oU_7Z(8dD3gc) diff --git a/certs/test/server-localhost.pem b/certs/test/server-localhost.pem index ae0f7da90..ccfe6f203 100644 --- a/certs/test/server-localhost.pem +++ b/certs/test/server-localhost.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 5f:cb:7b:57:73:63:6d:62:69:9f:72:e0:66:15:00:27:fa:b6:b6:b6 + 19:ad:b5:3e:0f:9b:4a:6a:0b:15:a8:5a:f1:ac:02:39:8f:6d:77:1c Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com Validity - Not Before: Jun 15 22:02:34 2021 GMT - Not After : Mar 11 22:02:34 2024 GMT + Not Before: Dec 20 23:07:25 2021 GMT + Not After : Sep 15 23:07:25 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -36,27 +36,27 @@ Certificate: X509v3 Subject Alternative Name: DNS:localhost Signature Algorithm: sha256WithRSAEncryption - 40:4f:9f:fa:37:67:e7:64:8a:6a:0b:fd:68:ab:39:09:96:ae: - 98:b8:9a:16:ab:30:84:ba:6a:89:0f:e5:fd:d1:a0:3f:f5:8f: - b8:13:2f:4c:1c:a1:a6:8d:59:f0:ab:61:f2:c8:af:0b:e2:fc: - b5:14:17:f9:a5:b6:ba:ad:d8:70:01:0b:9a:d4:3e:c2:04:06: - 65:f1:25:4f:de:36:ef:52:3e:a9:27:77:5d:89:5d:7a:7b:ef: - 3d:28:ad:0f:2e:6e:74:4f:67:41:7c:37:17:c9:8a:71:05:10: - 66:11:b0:f6:15:b5:59:0f:29:dc:0c:93:cc:bd:3c:6d:93:40: - 28:a4:59:de:7b:f4:f5:31:1c:0b:b1:db:c8:39:00:70:39:3a: - 3b:31:fc:de:02:e2:00:1e:e1:35:cf:8a:ca:0b:15:ae:ac:63: - 92:d2:33:77:54:0e:56:6f:b7:1b:84:f9:e5:fc:4e:2e:db:26: - 5f:bd:51:a0:bb:d7:23:0b:8f:d7:24:4d:ab:df:74:46:fe:9f: - 17:55:23:0d:a7:9a:ea:56:d7:a7:a9:cd:3e:18:60:14:d2:fd: - 9a:b7:61:4c:0b:6f:60:ac:9c:e9:81:db:e1:13:4f:4b:80:43: - 57:c1:05:86:a6:23:6e:b7:61:ed:76:58:d3:65:dc:6b:eb:92: - ac:35:fa:0a + 31:f1:f2:e1:ea:37:cb:0b:cc:13:9c:75:3a:b1:5d:fe:e4:e6: + cc:08:99:52:cf:25:96:78:bb:6a:4b:92:6b:b8:16:47:a6:b1: + 4c:73:05:0b:33:e2:58:b6:a0:5d:84:46:3b:a6:b2:37:f8:97: + cc:8b:de:ac:12:0c:94:4c:9a:9d:46:0a:29:22:24:c4:ae:20: + 24:1c:a9:e6:3c:79:fe:27:fb:3d:bb:d0:6c:b5:f7:db:a5:1c: + da:77:64:84:f0:54:ff:cc:b8:ae:8d:46:8e:6d:56:43:cd:4a: + e5:79:a6:eb:01:2d:58:ee:d3:2d:ca:d9:c9:9d:55:99:dc:c0: + 88:ef:63:cc:0a:75:9d:60:ba:5a:10:43:e7:db:82:e0:3b:b4: + d3:f4:1a:e0:09:44:8a:da:29:7b:c4:68:01:f7:0b:92:5f:30: + 2a:68:ed:a8:96:bf:a7:29:92:d2:14:1d:f5:5b:26:0d:fa:13: + dc:38:07:95:c5:90:dc:e1:c9:f5:fc:aa:02:2c:d6:a4:7b:80: + f9:00:ee:13:15:81:05:33:9f:54:bf:a4:38:fe:fb:c6:29:35: + 28:97:39:8f:f2:60:b8:c8:a9:10:bb:ab:bd:bd:fb:d5:8d:e0: + e2:9e:84:44:15:ff:8d:d7:b1:1c:4b:3e:bd:fc:3c:02:b0:b4: + a4:27:ef:2b -----BEGIN CERTIFICATE----- -MIIDnjCCAoagAwIBAgIUX8t7V3NjbWJpn3LgZhUAJ/q2trYwDQYJKoZIhvcNAQEL +MIIDnjCCAoagAwIBAgIUGa21Pg+bSmoLFaha8awCOY9tdxwwDQYJKoZIhvcNAQEL BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx -HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjEwNjE1MjIwMjM0 -WhcNMjQwMzExMjIwMjM0WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjExMjIwMjMwNzI1 +WhcNMjQwOTE1MjMwNzI1WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG @@ -66,10 +66,10 @@ C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3 uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC AwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IB -AQBAT5/6N2fnZIpqC/1oqzkJlq6YuJoWqzCEumqJD+X90aA/9Y+4Ey9MHKGmjVnw -q2HyyK8L4vy1FBf5pba6rdhwAQua1D7CBAZl8SVP3jbvUj6pJ3ddiV16e+89KK0P -Lm50T2dBfDcXyYpxBRBmEbD2FbVZDyncDJPMvTxtk0AopFnee/T1MRwLsdvIOQBw -OTo7MfzeAuIAHuE1z4rKCxWurGOS0jN3VA5Wb7cbhPnl/E4u2yZfvVGgu9cjC4/X -JE2r33RG/p8XVSMNp5rqVtenqc0+GGAU0v2at2FMC29grJzpgdvhE09LgENXwQWG -piNut2HtdljTZdxr65KsNfoK +AQAx8fLh6jfLC8wTnHU6sV3+5ObMCJlSzyWWeLtqS5JruBZHprFMcwULM+JYtqBd +hEY7prI3+JfMi96sEgyUTJqdRgopIiTEriAkHKnmPHn+J/s9u9BstffbpRzad2SE +8FT/zLiujUaObVZDzUrleabrAS1Y7tMtytnJnVWZ3MCI72PMCnWdYLpaEEPn24Lg +O7TT9BrgCUSK2il7xGgB9wuSXzAqaO2olr+nKZLSFB31WyYN+hPcOAeVxZDc4cn1 +/KoCLNake4D5AO4TFYEFM59Uv6Q4/vvGKTUolzmP8mC4yKkQu6u9vfvVjeDinoRE +Ff+N17EcSz69/DwCsLSkJ+8r -----END CERTIFICATE----- diff --git a/tests/api.c b/tests/api.c index 733a3b0dd..fa2dd82b0 100644 --- a/tests/api.c +++ b/tests/api.c @@ -8689,7 +8689,7 @@ static void test_wolfSSL_TBS(void) AssertNull(tbs = wolfSSL_X509_get_tbs(NULL, &tbsSz)); AssertNull(tbs = wolfSSL_X509_get_tbs(x509, NULL)); AssertNotNull(tbs = wolfSSL_X509_get_tbs(x509, &tbsSz)); - AssertIntEQ(tbsSz, 981); + AssertIntEQ(tbsSz, 1003); wolfSSL_FreeX509(x509); @@ -30688,7 +30688,7 @@ static void test_wolfSSL_ASN1_TIME_print(void) sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)); AssertIntEQ(ASN1_TIME_print(bio, X509_get_notBefore(x509)), 1); AssertIntEQ(BIO_read(bio, buf, sizeof(buf)), 24); - AssertIntEQ(XMEMCMP(buf, "Feb 10 19:49:52 2021 GMT", sizeof(buf) - 1), 0); + AssertIntEQ(XMEMCMP(buf, "Dec 20 23:07:24 2021 GMT", sizeof(buf) - 1), 0); /* create a bad time and test results */ AssertNotNull(t = X509_get_notAfter(x509)); @@ -36070,208 +36070,115 @@ static void test_wolfSSL_X509_sign2(void) time_t t; const unsigned char expected[] = { -#ifdef WOLFSSL_AKID_NAME - 0x30, 0x82, 0x04, 0xfd, 0x30, 0x82, 0x03, 0xe5, 0xa0, 0x03, 0x02, 0x01, - 0x02, 0x02, 0x09, 0x00, 0xf1, 0x5c, 0x99, 0x43, 0x66, 0x3d, 0x96, 0x04, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, - 0x0b, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, - 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, - 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30, 0x0f, 0x06, - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, - 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, - 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, + 0x30, 0x82, 0x05, 0x13, 0x30, 0x82, 0x03, 0xfb, 0xa0, 0x03, 0x02, 0x01, + 0x02, 0x02, 0x14, 0x53, 0x16, 0x7c, 0xa0, 0x56, 0x50, 0x46, 0x27, 0x82, + 0xed, 0x60, 0xb4, 0xda, 0x33, 0xd8, 0x6a, 0xc0, 0xea, 0xdc, 0x31, 0x30, + 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, + 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, + 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, + 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, + 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, 0x74, + 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0a, + 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, + 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, + 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, + 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, + 0x0d, 0x30, 0x30, 0x30, 0x32, 0x31, 0x35, 0x32, 0x30, 0x33, 0x30, 0x30, + 0x30, 0x5a, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x32, 0x31, 0x34, 0x32, 0x30, + 0x33, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, + 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x15, 0x30, + 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0c, 0x77, 0x6f, 0x6c, 0x66, + 0x53, 0x53, 0x4c, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, + 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x10, 0x50, 0x72, 0x6f, 0x67, 0x72, + 0x61, 0x6d, 0x6d, 0x69, 0x6e, 0x67, 0x2d, 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, - 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, - 0x17, 0x0d, 0x30, 0x30, 0x30, 0x32, 0x31, 0x35, 0x32, 0x30, 0x33, 0x30, - 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x32, 0x31, 0x34, 0x32, - 0x30, 0x33, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x0b, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, - 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x15, - 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0c, 0x77, 0x6f, 0x6c, - 0x66, 0x53, 0x53, 0x4c, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x10, 0x50, 0x72, 0x6f, 0x67, - 0x72, 0x61, 0x6d, 0x6d, 0x69, 0x6e, 0x67, 0x2d, 0x32, 0x30, 0x34, 0x38, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, - 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, - 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, - 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, - 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, - 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc3, 0x03, 0xd1, 0x2b, - 0xfe, 0x39, 0xa4, 0x32, 0x45, 0x3b, 0x53, 0xc8, 0x84, 0x2b, 0x2a, 0x7c, - 0x74, 0x9a, 0xbd, 0xaa, 0x2a, 0x52, 0x07, 0x47, 0xd6, 0xa6, 0x36, 0xb2, - 0x07, 0x32, 0x8e, 0xd0, 0xba, 0x69, 0x7b, 0xc6, 0xc3, 0x44, 0x9e, 0xd4, - 0x81, 0x48, 0xfd, 0x2d, 0x68, 0xa2, 0x8b, 0x67, 0xbb, 0xa1, 0x75, 0xc8, - 0x36, 0x2c, 0x4a, 0xd2, 0x1b, 0xf7, 0x8b, 0xba, 0xcf, 0x0d, 0xf9, 0xef, - 0xec, 0xf1, 0x81, 0x1e, 0x7b, 0x9b, 0x03, 0x47, 0x9a, 0xbf, 0x65, 0xcc, - 0x7f, 0x65, 0x24, 0x69, 0xa6, 0xe8, 0x14, 0x89, 0x5b, 0xe4, 0x34, 0xf7, - 0xc5, 0xb0, 0x14, 0x93, 0xf5, 0x67, 0x7b, 0x3a, 0x7a, 0x78, 0xe1, 0x01, - 0x56, 0x56, 0x91, 0xa6, 0x13, 0x42, 0x8d, 0xd2, 0x3c, 0x40, 0x9c, 0x4c, - 0xef, 0xd1, 0x86, 0xdf, 0x37, 0x51, 0x1b, 0x0c, 0xa1, 0x3b, 0xf5, 0xf1, - 0xa3, 0x4a, 0x35, 0xe4, 0xe1, 0xce, 0x96, 0xdf, 0x1b, 0x7e, 0xbf, 0x4e, - 0x97, 0xd0, 0x10, 0xe8, 0xa8, 0x08, 0x30, 0x81, 0xaf, 0x20, 0x0b, 0x43, - 0x14, 0xc5, 0x74, 0x67, 0xb4, 0x32, 0x82, 0x6f, 0x8d, 0x86, 0xc2, 0x88, - 0x40, 0x99, 0x36, 0x83, 0xba, 0x1e, 0x40, 0x72, 0x22, 0x17, 0xd7, 0x52, - 0x65, 0x24, 0x73, 0xb0, 0xce, 0xef, 0x19, 0xcd, 0xae, 0xff, 0x78, 0x6c, - 0x7b, 0xc0, 0x12, 0x03, 0xd4, 0x4e, 0x72, 0x0d, 0x50, 0x6d, 0x3b, 0xa3, - 0x3b, 0xa3, 0x99, 0x5e, 0x9d, 0xc8, 0xd9, 0x0c, 0x85, 0xb3, 0xd9, 0x8a, - 0xd9, 0x54, 0x26, 0xdb, 0x6d, 0xfa, 0xac, 0xbb, 0xff, 0x25, 0x4c, 0xc4, - 0xd1, 0x79, 0xf4, 0x71, 0xd3, 0x86, 0x40, 0x18, 0x13, 0xb0, 0x63, 0xb5, - 0x72, 0x4e, 0x30, 0xc4, 0x97, 0x84, 0x86, 0x2d, 0x56, 0x2f, 0xd7, 0x15, - 0xf7, 0x7f, 0xc0, 0xae, 0xf5, 0xfc, 0x5b, 0xe5, 0xfb, 0xa1, 0xba, 0xd3, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x44, 0x30, 0x82, 0x01, - 0x40, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, - 0x01, 0x01, 0xff, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x15, - 0x30, 0x13, 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, - 0x63, 0x6f, 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01, 0x30, 0x1d, 0x06, - 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x33, 0xd8, 0x45, 0x66, - 0xd7, 0x68, 0x87, 0x18, 0x7e, 0x54, 0x0d, 0x70, 0x27, 0x91, 0xc7, 0x26, - 0xd7, 0x85, 0x65, 0xc0, 0x30, 0x81, 0xd3, 0x06, 0x03, 0x55, 0x1d, 0x23, - 0x04, 0x81, 0xcb, 0x30, 0x81, 0xc8, 0x80, 0x14, 0x33, 0xd8, 0x45, 0x66, - 0xd7, 0x68, 0x87, 0x18, 0x7e, 0x54, 0x0d, 0x70, 0x27, 0x91, 0xc7, 0x26, - 0xd7, 0x85, 0x65, 0xc0, 0xa1, 0x81, 0xa4, 0xa4, 0x81, 0xa1, 0x30, 0x81, - 0x9e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, - 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, - 0x61, 0x6e, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, - 0x0c, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x5f, 0x32, 0x30, 0x34, - 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x10, - 0x50, 0x72, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x6d, 0x69, 0x6e, 0x67, 0x2d, - 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x03, 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, - 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, - 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, - 0x63, 0x6f, 0x6d, 0x82, 0x09, 0x00, 0xf1, 0x5c, 0x99, 0x43, 0x66, 0x3d, - 0x96, 0x04, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, - 0x14, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, - 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0d, 0x06, - 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x01, 0x00, 0x59, 0x2e, 0xd1, 0xec, 0xbc, 0x99, 0xfe, - 0x50, 0x38, 0x47, 0x47, 0x88, 0x51, 0xcf, 0xe4, 0x88, 0x76, 0xdf, 0x89, - 0x8f, 0xea, 0x91, 0xbc, 0xd6, 0xc6, 0x91, 0xc9, 0xcc, 0x33, 0x77, 0x5d, - 0xdd, 0x4b, 0xc9, 0xf6, 0x10, 0x54, 0xe2, 0x04, 0x89, 0x51, 0xdb, 0xe1, - 0x00, 0x0c, 0x61, 0x03, 0x26, 0x86, 0x35, 0xac, 0x96, 0x23, 0x9d, 0xef, - 0xd9, 0x95, 0xe4, 0xb4, 0x83, 0x9e, 0x0f, 0x47, 0x30, 0x08, 0x96, 0x28, - 0x7f, 0x2d, 0xe3, 0x23, 0x30, 0x3b, 0xb0, 0x46, 0xe8, 0x21, 0x78, 0xb4, - 0xc0, 0xbc, 0x9f, 0x60, 0x02, 0xd4, 0x16, 0x2d, 0xe5, 0x5a, 0x00, 0x65, - 0x15, 0x95, 0x81, 0x93, 0x80, 0x06, 0x3e, 0xf7, 0xdf, 0x0c, 0x2b, 0x3f, - 0x14, 0xfc, 0xc3, 0x79, 0xfd, 0x59, 0x5c, 0xa7, 0xc3, 0xe0, 0xa8, 0xd4, - 0x53, 0x4f, 0x13, 0x0a, 0xa3, 0xfe, 0x1d, 0x63, 0x4e, 0x84, 0xb2, 0x98, - 0x19, 0x06, 0xe0, 0x60, 0x3a, 0xc9, 0x49, 0x73, 0x00, 0xe3, 0x72, 0x2f, - 0x68, 0x27, 0x9f, 0x14, 0x18, 0xb7, 0x57, 0xb9, 0x1d, 0xa8, 0xb3, 0x05, - 0x6c, 0xf5, 0x4b, 0x0e, 0xac, 0x26, 0x7a, 0xfe, 0xc1, 0xab, 0x1f, 0x27, - 0xf1, 0x1e, 0x21, 0x33, 0x31, 0xb6, 0x43, 0xb0, 0xf8, 0x74, 0x69, 0x6a, - 0xb1, 0x9b, 0xcb, 0xe4, 0xd3, 0xa2, 0x8e, 0x8a, 0x55, 0xef, 0x81, 0xf3, - 0x4a, 0x44, 0x90, 0x4d, 0x08, 0xb8, 0x31, 0x90, 0x1a, 0x82, 0x52, 0x56, - 0xeb, 0xf0, 0x50, 0x5b, 0x9f, 0x87, 0x98, 0x54, 0xfe, 0x6a, 0x60, 0x41, - 0x16, 0xdb, 0xdc, 0xff, 0x89, 0x4c, 0x98, 0x00, 0xb1, 0x87, 0x6c, 0xe7, - 0xec, 0xba, 0x3b, 0xa4, 0xfe, 0xa1, 0xfd, 0x26, 0x19, 0x7c, 0x2d, 0x14, - 0x91, 0x91, 0x61, 0x30, 0x3e, 0xf4, 0x5c, 0x97, 0x4c, 0x06, 0x84, 0xab, - 0x94, 0xa8, 0x17, 0x6c, 0xec, 0x19, 0xc0, 0x87, 0xd0 -#else - 0x30, 0x82, 0x04, 0x46, 0x30, 0x82, 0x03, 0x2e, 0xa0, 0x03, 0x02, 0x01, - 0x02, 0x02, 0x09, 0x00, 0xf1, 0x5c, 0x99, 0x43, 0x66, 0x3d, 0x96, 0x04, - 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, - 0x0b, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, - 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, - 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30, 0x0f, 0x06, - 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, - 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, - 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x77, - 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, - 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, - 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, - 0x17, 0x0d, 0x30, 0x30, 0x30, 0x32, 0x31, 0x35, 0x32, 0x30, 0x33, 0x30, - 0x30, 0x30, 0x5a, 0x17, 0x0d, 0x30, 0x31, 0x30, 0x32, 0x31, 0x34, 0x32, - 0x30, 0x33, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x0b, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, - 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x15, - 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0c, 0x77, 0x6f, 0x6c, - 0x66, 0x53, 0x53, 0x4c, 0x5f, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x10, 0x50, 0x72, 0x6f, 0x67, - 0x72, 0x61, 0x6d, 0x6d, 0x69, 0x6e, 0x67, 0x2d, 0x32, 0x30, 0x34, 0x38, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, - 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, - 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, - 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, - 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, - 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, - 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, - 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc3, 0x03, 0xd1, 0x2b, - 0xfe, 0x39, 0xa4, 0x32, 0x45, 0x3b, 0x53, 0xc8, 0x84, 0x2b, 0x2a, 0x7c, - 0x74, 0x9a, 0xbd, 0xaa, 0x2a, 0x52, 0x07, 0x47, 0xd6, 0xa6, 0x36, 0xb2, - 0x07, 0x32, 0x8e, 0xd0, 0xba, 0x69, 0x7b, 0xc6, 0xc3, 0x44, 0x9e, 0xd4, - 0x81, 0x48, 0xfd, 0x2d, 0x68, 0xa2, 0x8b, 0x67, 0xbb, 0xa1, 0x75, 0xc8, - 0x36, 0x2c, 0x4a, 0xd2, 0x1b, 0xf7, 0x8b, 0xba, 0xcf, 0x0d, 0xf9, 0xef, - 0xec, 0xf1, 0x81, 0x1e, 0x7b, 0x9b, 0x03, 0x47, 0x9a, 0xbf, 0x65, 0xcc, - 0x7f, 0x65, 0x24, 0x69, 0xa6, 0xe8, 0x14, 0x89, 0x5b, 0xe4, 0x34, 0xf7, - 0xc5, 0xb0, 0x14, 0x93, 0xf5, 0x67, 0x7b, 0x3a, 0x7a, 0x78, 0xe1, 0x01, - 0x56, 0x56, 0x91, 0xa6, 0x13, 0x42, 0x8d, 0xd2, 0x3c, 0x40, 0x9c, 0x4c, - 0xef, 0xd1, 0x86, 0xdf, 0x37, 0x51, 0x1b, 0x0c, 0xa1, 0x3b, 0xf5, 0xf1, - 0xa3, 0x4a, 0x35, 0xe4, 0xe1, 0xce, 0x96, 0xdf, 0x1b, 0x7e, 0xbf, 0x4e, - 0x97, 0xd0, 0x10, 0xe8, 0xa8, 0x08, 0x30, 0x81, 0xaf, 0x20, 0x0b, 0x43, - 0x14, 0xc5, 0x74, 0x67, 0xb4, 0x32, 0x82, 0x6f, 0x8d, 0x86, 0xc2, 0x88, - 0x40, 0x99, 0x36, 0x83, 0xba, 0x1e, 0x40, 0x72, 0x22, 0x17, 0xd7, 0x52, - 0x65, 0x24, 0x73, 0xb0, 0xce, 0xef, 0x19, 0xcd, 0xae, 0xff, 0x78, 0x6c, - 0x7b, 0xc0, 0x12, 0x03, 0xd4, 0x4e, 0x72, 0x0d, 0x50, 0x6d, 0x3b, 0xa3, - 0x3b, 0xa3, 0x99, 0x5e, 0x9d, 0xc8, 0xd9, 0x0c, 0x85, 0xb3, 0xd9, 0x8a, - 0xd9, 0x54, 0x26, 0xdb, 0x6d, 0xfa, 0xac, 0xbb, 0xff, 0x25, 0x4c, 0xc4, - 0xd1, 0x79, 0xf4, 0x71, 0xd3, 0x86, 0x40, 0x18, 0x13, 0xb0, 0x63, 0xb5, - 0x72, 0x4e, 0x30, 0xc4, 0x97, 0x84, 0x86, 0x2d, 0x56, 0x2f, 0xd7, 0x15, - 0xf7, 0x7f, 0xc0, 0xae, 0xf5, 0xfc, 0x5b, 0xe5, 0xfb, 0xa1, 0xba, 0xd3, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x81, 0x8e, 0x30, 0x81, 0x8b, 0x30, - 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, - 0xff, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x15, 0x30, 0x13, - 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, - 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01, 0x30, 0x1d, 0x06, 0x03, 0x55, - 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x33, 0xd8, 0x45, 0x66, 0xd7, 0x68, - 0x87, 0x18, 0x7e, 0x54, 0x0d, 0x70, 0x27, 0x91, 0xc7, 0x26, 0xd7, 0x85, - 0x65, 0xc0, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, - 0x16, 0x80, 0x14, 0x33, 0xd8, 0x45, 0x66, 0xd7, 0x68, 0x87, 0x18, 0x7e, - 0x54, 0x0d, 0x70, 0x27, 0x91, 0xc7, 0x26, 0xd7, 0x85, 0x65, 0xc0, 0x30, - 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, - 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, - 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, - 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, - 0x01, 0x00, 0x98, 0x2a, 0x3d, 0x94, 0x37, 0xae, 0xd6, 0x28, 0x12, 0xed, - 0x6d, 0x95, 0xc9, 0x05, 0x89, 0x4b, 0x5c, 0x5e, 0x88, 0xed, 0x9e, 0x14, - 0x89, 0x79, 0x65, 0x7b, 0x5c, 0xdb, 0xcd, 0x21, 0xc5, 0xfc, 0x7a, 0x05, - 0xd2, 0x33, 0x54, 0xa1, 0x1b, 0xb2, 0xc6, 0xd8, 0x3e, 0x88, 0x7d, 0x58, - 0xfd, 0xd0, 0xca, 0x71, 0x58, 0xd5, 0x37, 0x81, 0xe0, 0xef, 0x65, 0xfc, - 0x1b, 0xf1, 0x5d, 0xdd, 0x26, 0x68, 0x12, 0xfb, 0x12, 0x24, 0xd5, 0x45, - 0x4f, 0x41, 0xad, 0xee, 0x3f, 0x16, 0x40, 0xb2, 0x59, 0xe6, 0x5b, 0x76, - 0xe7, 0x47, 0x11, 0xa4, 0xe1, 0x2f, 0x0d, 0xe8, 0x13, 0x13, 0x49, 0xb0, - 0x01, 0x11, 0x15, 0xb5, 0xb3, 0x93, 0x4f, 0x28, 0xdc, 0xd0, 0x30, 0x03, - 0x48, 0x02, 0x95, 0x2d, 0xd9, 0x26, 0x87, 0x1f, 0x19, 0xa1, 0x03, 0x5c, - 0x7c, 0xde, 0x54, 0xd4, 0x98, 0x85, 0x34, 0xcc, 0x54, 0xf1, 0x24, 0x43, - 0xa6, 0x87, 0xfa, 0xb6, 0x62, 0xee, 0xa3, 0x4a, 0xb3, 0xce, 0x1c, 0x2e, - 0xbf, 0x94, 0xef, 0x4c, 0x75, 0x75, 0x55, 0x1d, 0xc9, 0xc2, 0xe4, 0xe5, - 0x24, 0xb2, 0x0a, 0x93, 0xf0, 0xff, 0x2e, 0x43, 0x99, 0xad, 0x4e, 0x83, - 0x11, 0x52, 0xf4, 0xb9, 0x92, 0x30, 0xe1, 0x02, 0x2f, 0xa5, 0xf2, 0x21, - 0xb1, 0xf4, 0xe9, 0x57, 0xbd, 0xba, 0x17, 0x56, 0xd7, 0x31, 0xcb, 0x63, - 0xa3, 0xd5, 0xcf, 0xc9, 0xd9, 0xa6, 0x4f, 0x51, 0x6c, 0x52, 0x4c, 0x53, - 0x88, 0x9a, 0x2e, 0xb9, 0x72, 0x02, 0x6e, 0x1b, 0x21, 0x93, 0xa1, 0x88, - 0x1b, 0x35, 0x0e, 0x9e, 0x2b, 0x63, 0x81, 0xba, 0xb4, 0x6b, 0x28, 0x01, - 0x56, 0xe1, 0x0e, 0x13, 0x73, 0xf6, 0xd6, 0xa0, 0xd2, 0xfd, 0xc9, 0x4d, - 0xbd, 0xa8, 0xa9, 0x22, 0x9e, 0xc7, 0x13, 0x76, 0x5a, 0x9c, 0xd3, 0x9a, - 0xf4, 0x0c, 0x52, 0xe6, 0x47, 0xcb -#endif + 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, + 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, + 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xc3, 0x03, 0xd1, 0x2b, 0xfe, + 0x39, 0xa4, 0x32, 0x45, 0x3b, 0x53, 0xc8, 0x84, 0x2b, 0x2a, 0x7c, 0x74, + 0x9a, 0xbd, 0xaa, 0x2a, 0x52, 0x07, 0x47, 0xd6, 0xa6, 0x36, 0xb2, 0x07, + 0x32, 0x8e, 0xd0, 0xba, 0x69, 0x7b, 0xc6, 0xc3, 0x44, 0x9e, 0xd4, 0x81, + 0x48, 0xfd, 0x2d, 0x68, 0xa2, 0x8b, 0x67, 0xbb, 0xa1, 0x75, 0xc8, 0x36, + 0x2c, 0x4a, 0xd2, 0x1b, 0xf7, 0x8b, 0xba, 0xcf, 0x0d, 0xf9, 0xef, 0xec, + 0xf1, 0x81, 0x1e, 0x7b, 0x9b, 0x03, 0x47, 0x9a, 0xbf, 0x65, 0xcc, 0x7f, + 0x65, 0x24, 0x69, 0xa6, 0xe8, 0x14, 0x89, 0x5b, 0xe4, 0x34, 0xf7, 0xc5, + 0xb0, 0x14, 0x93, 0xf5, 0x67, 0x7b, 0x3a, 0x7a, 0x78, 0xe1, 0x01, 0x56, + 0x56, 0x91, 0xa6, 0x13, 0x42, 0x8d, 0xd2, 0x3c, 0x40, 0x9c, 0x4c, 0xef, + 0xd1, 0x86, 0xdf, 0x37, 0x51, 0x1b, 0x0c, 0xa1, 0x3b, 0xf5, 0xf1, 0xa3, + 0x4a, 0x35, 0xe4, 0xe1, 0xce, 0x96, 0xdf, 0x1b, 0x7e, 0xbf, 0x4e, 0x97, + 0xd0, 0x10, 0xe8, 0xa8, 0x08, 0x30, 0x81, 0xaf, 0x20, 0x0b, 0x43, 0x14, + 0xc5, 0x74, 0x67, 0xb4, 0x32, 0x82, 0x6f, 0x8d, 0x86, 0xc2, 0x88, 0x40, + 0x99, 0x36, 0x83, 0xba, 0x1e, 0x40, 0x72, 0x22, 0x17, 0xd7, 0x52, 0x65, + 0x24, 0x73, 0xb0, 0xce, 0xef, 0x19, 0xcd, 0xae, 0xff, 0x78, 0x6c, 0x7b, + 0xc0, 0x12, 0x03, 0xd4, 0x4e, 0x72, 0x0d, 0x50, 0x6d, 0x3b, 0xa3, 0x3b, + 0xa3, 0x99, 0x5e, 0x9d, 0xc8, 0xd9, 0x0c, 0x85, 0xb3, 0xd9, 0x8a, 0xd9, + 0x54, 0x26, 0xdb, 0x6d, 0xfa, 0xac, 0xbb, 0xff, 0x25, 0x4c, 0xc4, 0xd1, + 0x79, 0xf4, 0x71, 0xd3, 0x86, 0x40, 0x18, 0x13, 0xb0, 0x63, 0xb5, 0x72, + 0x4e, 0x30, 0xc4, 0x97, 0x84, 0x86, 0x2d, 0x56, 0x2f, 0xd7, 0x15, 0xf7, + 0x7f, 0xc0, 0xae, 0xf5, 0xfc, 0x5b, 0xe5, 0xfb, 0xa1, 0xba, 0xd3, 0x02, + 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, 0x01, 0x4f, 0x30, 0x82, 0x01, 0x4b, + 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xff, 0x30, 0x1c, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x04, 0x15, 0x30, + 0x13, 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, + 0x6f, 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01, 0x30, 0x1d, 0x06, 0x03, + 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x33, 0xd8, 0x45, 0x66, 0xd7, + 0x68, 0x87, 0x18, 0x7e, 0x54, 0x0d, 0x70, 0x27, 0x91, 0xc7, 0x26, 0xd7, + 0x85, 0x65, 0xc0, 0x30, 0x81, 0xde, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, + 0x81, 0xd6, 0x30, 0x81, 0xd3, 0x80, 0x14, 0x33, 0xd8, 0x45, 0x66, 0xd7, + 0x68, 0x87, 0x18, 0x7e, 0x54, 0x0d, 0x70, 0x27, 0x91, 0xc7, 0x26, 0xd7, + 0x85, 0x65, 0xc0, 0xa1, 0x81, 0xa4, 0xa4, 0x81, 0xa1, 0x30, 0x81, 0x9e, + 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, + 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x07, + 0x4d, 0x6f, 0x6e, 0x74, 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f, 0x7a, 0x65, 0x6d, 0x61, + 0x6e, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0c, + 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x5f, 0x32, 0x30, 0x34, 0x38, + 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x10, 0x50, + 0x72, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x6d, 0x69, 0x6e, 0x67, 0x2d, 0x32, + 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0c, 0x0f, 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, + 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, + 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, + 0x6f, 0x6d, 0x82, 0x14, 0x53, 0x16, 0x7c, 0xa0, 0x56, 0x50, 0x46, 0x27, + 0x82, 0xed, 0x60, 0xb4, 0xda, 0x33, 0xd8, 0x6a, 0xc0, 0xea, 0xdc, 0x31, + 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, + 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2b, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0d, 0x06, 0x09, 0x2a, + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, + 0x01, 0x01, 0x00, 0x53, 0xba, 0xa1, 0xe4, 0x1b, 0x63, 0xea, 0x3d, 0x7a, + 0x6c, 0x21, 0xfb, 0x08, 0xb4, 0x42, 0x1d, 0xbc, 0xe6, 0x16, 0xd5, 0x3a, + 0x66, 0x1f, 0x8b, 0x7f, 0x9d, 0x89, 0x6b, 0xcc, 0x7e, 0xa6, 0x13, 0x95, + 0x94, 0x3f, 0xff, 0x0a, 0x0c, 0xca, 0xde, 0xa1, 0xf3, 0x97, 0xb4, 0xf9, + 0xf8, 0x2b, 0x5f, 0x02, 0x6a, 0xbb, 0x65, 0xd1, 0x49, 0x6c, 0xaf, 0x99, + 0xeb, 0x24, 0x7a, 0xd5, 0x4d, 0x8e, 0x7f, 0x12, 0xbc, 0x9b, 0x45, 0x38, + 0x76, 0x5e, 0xe5, 0x3e, 0x84, 0x49, 0x8d, 0xa4, 0xdb, 0xa5, 0x70, 0x15, + 0xc7, 0xc5, 0x9d, 0x5a, 0xac, 0xfb, 0x9e, 0x00, 0xf5, 0xde, 0xa2, 0x3d, + 0x10, 0x64, 0x60, 0xeb, 0x15, 0x9e, 0x70, 0x7e, 0xf9, 0x05, 0xe2, 0x71, + 0xaf, 0xe8, 0xf0, 0x98, 0xa6, 0x57, 0x0b, 0xfd, 0x63, 0x58, 0xa2, 0xf7, + 0x71, 0xdd, 0xb1, 0xc6, 0x76, 0x85, 0x12, 0x2b, 0x38, 0x18, 0xc9, 0x90, + 0x77, 0x78, 0x2a, 0xc1, 0x22, 0x88, 0x5e, 0xab, 0xbb, 0xcf, 0xf5, 0xe0, + 0x67, 0x1c, 0x2f, 0x62, 0x18, 0x1d, 0x9d, 0x22, 0x08, 0x87, 0x31, 0x77, + 0x47, 0x8b, 0x5e, 0x94, 0x3a, 0xb6, 0x99, 0xb4, 0x9d, 0x52, 0x8d, 0xb1, + 0xdc, 0xbe, 0x9c, 0x46, 0xde, 0xbe, 0xb1, 0xd8, 0xef, 0x65, 0x9c, 0xe3, + 0xcb, 0xea, 0x0b, 0xec, 0x36, 0xf6, 0xbb, 0x9c, 0x5f, 0x64, 0x9f, 0xfc, + 0x55, 0xc3, 0xf5, 0xab, 0x44, 0xd1, 0x89, 0x2f, 0x92, 0x9b, 0xa1, 0x93, + 0x46, 0x8c, 0xbe, 0xcf, 0x03, 0xff, 0x24, 0x74, 0x37, 0xdd, 0x30, 0x82, + 0xf6, 0x9f, 0xba, 0x15, 0xfe, 0xb5, 0x62, 0x83, 0x20, 0x9d, 0x3a, 0x26, + 0x11, 0x1b, 0xa0, 0xcd, 0xa1, 0x43, 0x28, 0xc7, 0x06, 0x55, 0x69, 0x26, + 0x90, 0x57, 0xb7, 0xd0, 0x5b, 0x8d, 0xee, 0x2e, 0x82, 0xee, 0x3f, 0xe7, + 0xe2, 0x47, 0x25, 0x98, 0x9c, 0x83, 0x10 }; printf(testingFmt, "wolfSSL_X509_sign2"); @@ -46723,7 +46630,7 @@ static void test_wolfssl_PKCS7(void) pkcs7->hashOID = SHAh; AssertNotNull(bio = BIO_new(BIO_s_mem())); AssertIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1); - AssertIntEQ(i2d_PKCS7(pkcs7, &out), 644); + AssertIntEQ(i2d_PKCS7(pkcs7, &out), 655); XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); BIO_free(bio); #endif @@ -49520,13 +49427,13 @@ static void test_wolfSSL_ASN1_get_object(void) /* Read a couple TLV triplets and make sure they match the expected values */ AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len) & 0x80, 0); - AssertIntEQ(asnLen, 841); + AssertIntEQ(asnLen, 862); AssertIntEQ(tag, 0x10); AssertIntEQ(cls, 0); AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); - AssertIntEQ(asnLen, 750); + AssertIntEQ(asnLen, 772); AssertIntEQ(tag, 0x10); AssertIntEQ(cls, 0); @@ -49545,7 +49452,7 @@ static void test_wolfSSL_ASN1_get_object(void) AssertIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len - (derBuf - cliecc_cert_der_256)) & 0x80, 0); - AssertIntEQ(asnLen, 9); + AssertIntEQ(asnLen, 20); AssertIntEQ(tag, 0x2); AssertIntEQ(cls, 0); derBuf += asnLen; diff --git a/wolfssl/certs_test.h b/wolfssl/certs_test.h index 7183fd2e2..538bcd4c9 100644 --- a/wolfssl/certs_test.h +++ b/wolfssl/certs_test.h @@ -98,110 +98,112 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024); /* ./certs/1024/client-cert.der, 1024-bit */ static const unsigned char client_cert_der_1024[] = { - 0x30, 0x82, 0x04, 0x02, 0x30, 0x82, 0x03, 0x6B, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xC5, 0x19, 0x90, 0xA1, - 0xC9, 0x01, 0x0F, 0xB9, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, - 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, - 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, - 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, - 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, - 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, - 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, - 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, - 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, - 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, - 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, - 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, - 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, - 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, - 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, - 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, - 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, - 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, - 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, - 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, - 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, - 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, - 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, - 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, - 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, - 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, - 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, 0xD5, - 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, 0xEC, - 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, - 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, - 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, - 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, - 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, - 0xC5, 0x19, 0x90, 0xA1, 0xC9, 0x01, 0x0F, 0xB9, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, - 0x81, 0x00, 0x30, 0xCE, 0x46, 0x43, 0x6D, 0x70, 0xE1, 0x6D, - 0xBB, 0x8F, 0x4A, 0x05, 0x64, 0xF7, 0x2C, 0x8D, 0x0E, 0xD6, - 0xF9, 0x1E, 0xB6, 0x2A, 0x8E, 0xED, 0x52, 0xE1, 0x7C, 0x44, - 0xBF, 0x59, 0x54, 0xDA, 0x2D, 0x31, 0x4D, 0xE6, 0x79, 0xD2, - 0xD0, 0xD8, 0xB4, 0xCF, 0x5B, 0x16, 0x0A, 0x16, 0xA1, 0xBE, - 0x62, 0x9F, 0x6C, 0x24, 0x46, 0x7B, 0xB8, 0xDD, 0xB8, 0x8D, - 0x7F, 0xFE, 0xF1, 0xAC, 0x62, 0x94, 0xE0, 0x34, 0xCE, 0x4C, - 0x59, 0x3A, 0xC5, 0x5A, 0xE6, 0x40, 0xD5, 0x60, 0x7E, 0x20, - 0x5D, 0xED, 0x43, 0x92, 0xD3, 0xF3, 0xEA, 0xE0, 0xD1, 0x57, - 0xC8, 0xCE, 0x41, 0x79, 0xDB, 0x81, 0x41, 0xC6, 0xF0, 0x0E, - 0x35, 0xD4, 0x6F, 0x92, 0x58, 0x2D, 0xD6, 0xB2, 0xEC, 0xF1, - 0x88, 0xFF, 0x6D, 0xCA, 0x63, 0xD6, 0x4A, 0x8D, 0x10, 0xA6, - 0x23, 0x06, 0x77, 0x9A, 0xD5, 0xAB, 0x9D, 0x64, 0x46, 0x02 - + 0x30, 0x82, 0x04, 0x18, 0x30, 0x82, 0x03, 0x81, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x61, 0x8C, 0xAF, 0x82, 0x14, + 0x94, 0x51, 0xC0, 0x98, 0xD3, 0xA8, 0x3B, 0xA3, 0x90, 0x85, + 0x20, 0x97, 0xBA, 0x62, 0x18, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, + 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, + 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x19, + 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, + 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, + 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, + 0x81, 0x81, 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, + 0xA2, 0xA9, 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, + 0xC8, 0xEC, 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, + 0x37, 0xEC, 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, + 0xDF, 0x94, 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, + 0xE8, 0x4D, 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, + 0x77, 0x25, 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, + 0x38, 0xCC, 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, + 0xAA, 0xDA, 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, + 0xDC, 0x77, 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, + 0xBA, 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, + 0x8A, 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, + 0x3C, 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, + 0xA9, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, + 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x0E, 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, + 0xDD, 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, + 0x75, 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xDE, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, + 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, + 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, + 0xEC, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, + 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, + 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, + 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x31, 0x30, + 0x32, 0x34, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, + 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x31, 0x30, 0x32, 0x34, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, + 0x61, 0x8C, 0xAF, 0x82, 0x14, 0x94, 0x51, 0xC0, 0x98, 0xD3, + 0xA8, 0x3B, 0xA3, 0x90, 0x85, 0x20, 0x97, 0xBA, 0x62, 0x18, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x03, 0x81, 0x81, 0x00, 0xA4, 0x2F, 0xC5, 0x53, 0x22, 0x35, + 0xF9, 0xC3, 0x21, 0xB9, 0x85, 0x3B, 0x7D, 0xA4, 0x8E, 0xA0, + 0xF3, 0x9C, 0x2B, 0x2A, 0xE3, 0x35, 0x7A, 0x62, 0x4F, 0x1C, + 0x73, 0x61, 0xF6, 0xFE, 0x85, 0x05, 0xAF, 0x55, 0x17, 0xC0, + 0x13, 0xEA, 0x4D, 0x8E, 0x0B, 0x20, 0xDD, 0x29, 0x7C, 0xFC, + 0x48, 0x9B, 0x47, 0x3D, 0x6E, 0x05, 0xF9, 0x9F, 0x1F, 0xFC, + 0x70, 0xAF, 0x0A, 0x5C, 0x30, 0x58, 0x6E, 0x4D, 0x51, 0x2D, + 0x93, 0xDE, 0x7E, 0x1B, 0x10, 0xB2, 0xED, 0xA2, 0x5E, 0xBE, + 0xA1, 0x8C, 0x69, 0x60, 0x37, 0xE8, 0xB0, 0xC9, 0x35, 0x4F, + 0x4E, 0x2A, 0xCD, 0x9E, 0xE9, 0xDE, 0x35, 0xF0, 0x85, 0x98, + 0x41, 0xC9, 0x39, 0x64, 0x0E, 0x52, 0x21, 0x6E, 0x45, 0xDF, + 0x58, 0xE9, 0xE0, 0x95, 0x51, 0x22, 0x4D, 0xE1, 0xEE, 0xE5, + 0x58, 0x57, 0x7B, 0x71, 0x89, 0x31, 0x89, 0x5F, 0xE0, 0x84, + 0xDB, 0x4B }; static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024); @@ -414,29 +416,70 @@ static const int sizeof_ca_key_der_1024 = sizeof(ca_key_der_1024); /* ./certs/1024/ca-cert.der, 1024-bit */ static const unsigned char ca_cert_der_1024[] = { - 0x30, 0x82, 0x03, 0xF3, 0x30, 0x82, 0x03, 0x5C, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, - 0xE8, 0x40, 0x6E, 0x95, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, - 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, - 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x99, + 0x30, 0x82, 0x04, 0x09, 0x30, 0x82, 0x03, 0x72, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x28, 0x91, 0x57, 0x80, 0x6F, + 0x78, 0x1E, 0x99, 0x86, 0x3B, 0xFD, 0x1B, 0x95, 0xFC, 0x06, + 0xE2, 0x1D, 0x62, 0xB2, 0x14, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, + 0x68, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0F, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, + 0x6E, 0x67, 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, + 0x32, 0x31, 0x31, 0x32, 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x35, 0x5A, 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, + 0x35, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, + 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, + 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, + 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, + 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, + 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, + 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, + 0x5F, 0x31, 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, + 0x81, 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, + 0x24, 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, + 0x16, 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, + 0x04, 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, + 0x50, 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, + 0x24, 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, + 0xA8, 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, + 0xA2, 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, + 0x54, 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, + 0x72, 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, + 0x9B, 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, + 0x94, 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, + 0xE5, 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, + 0x09, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4A, + 0x30, 0x82, 0x01, 0x46, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, + 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, + 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xD9, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD1, 0x30, 0x81, 0xCE, 0x80, + 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, + 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, + 0xA8, 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, @@ -452,70 +495,31 @@ static const unsigned char ca_cert_der_1024[] = 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, - 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, - 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, 0x24, - 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, 0x16, - 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, 0x04, - 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, 0x50, - 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, 0x24, - 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, 0xA8, - 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, 0xA2, - 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, 0x54, - 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, 0x72, - 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, 0x9B, - 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, - 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, - 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3F, 0x30, - 0x82, 0x01, 0x3B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, - 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, - 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, - 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, - 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, - 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, - 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, - 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, - 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x43, 0x6F, - 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x5F, 0x31, - 0x30, 0x32, 0x34, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, - 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, - 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x82, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, 0xE8, - 0x40, 0x6E, 0x95, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, - 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, - 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, - 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, - 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, - 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, - 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x4E, 0xB1, 0x39, - 0x6A, 0x23, 0xA3, 0x65, 0x17, 0x14, 0xB6, 0x52, 0x2E, 0x86, - 0x46, 0xD5, 0x4F, 0x7C, 0xD5, 0x6C, 0xBB, 0xFA, 0x66, 0xB1, - 0x71, 0x54, 0xA1, 0xAD, 0x0E, 0xA2, 0xB7, 0xBA, 0x59, 0x65, - 0x8B, 0xD5, 0x87, 0x5D, 0x51, 0xD0, 0x65, 0xDE, 0x74, 0x04, - 0x80, 0x7C, 0xDA, 0x3A, 0x52, 0x57, 0x7A, 0x1D, 0x5D, 0x46, - 0x7A, 0x06, 0x79, 0x75, 0xE5, 0x31, 0xDD, 0x1D, 0xF6, 0x54, - 0x77, 0xFC, 0x40, 0x13, 0xA1, 0x5B, 0xFD, 0x9E, 0x7D, 0x1C, - 0xFD, 0x04, 0x4F, 0x7C, 0xEE, 0x92, 0xA2, 0x80, 0x55, 0x3C, - 0x3F, 0x2A, 0x1C, 0xBD, 0x3A, 0x37, 0x12, 0x0E, 0xFD, 0x52, - 0x60, 0x66, 0x19, 0xD5, 0x4B, 0xF6, 0x35, 0x50, 0xA3, 0x59, - 0xD3, 0x7F, 0x6D, 0x95, 0xD7, 0x56, 0x10, 0xC6, 0x86, 0x28, - 0xF4, 0x6E, 0x6D, 0xDA, 0x4E, 0x1C, 0xB4, 0xE9, 0x0B, 0x4C, - 0xED, 0x62, 0x0F, 0x64, 0x06 + 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x28, 0x91, 0x57, 0x80, 0x6F, + 0x78, 0x1E, 0x99, 0x86, 0x3B, 0xFD, 0x1B, 0x95, 0xFC, 0x06, + 0xE2, 0x1D, 0x62, 0xB2, 0x14, 0x30, 0x0C, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, + 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, + 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, + 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, + 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, + 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x0E, + 0x9F, 0xA6, 0xC0, 0x6F, 0xCF, 0xA4, 0x5F, 0xEC, 0x4A, 0x18, + 0x4D, 0x67, 0x1A, 0x8E, 0x37, 0xCC, 0x9D, 0x97, 0xDC, 0x31, + 0x9C, 0xD8, 0xC5, 0x08, 0x70, 0xFC, 0x55, 0x67, 0x24, 0x3F, + 0xEF, 0x47, 0x80, 0x03, 0x54, 0x5E, 0x6C, 0x91, 0xFA, 0xBA, + 0x71, 0x1F, 0x12, 0x91, 0x8F, 0xF9, 0x51, 0xDF, 0x51, 0xCD, + 0xFF, 0x59, 0xBC, 0xED, 0xB7, 0xAC, 0xE3, 0x7C, 0x53, 0x48, + 0x73, 0xCD, 0x85, 0x88, 0xF2, 0x23, 0xAA, 0xA9, 0x6C, 0x09, + 0x30, 0x6A, 0x7B, 0xA2, 0x66, 0x2E, 0x1A, 0xAD, 0x12, 0x5E, + 0xA8, 0xEF, 0x1E, 0xA9, 0x3F, 0xF0, 0xF9, 0x44, 0x64, 0x24, + 0x1E, 0x0E, 0x80, 0x92, 0x20, 0x37, 0xF9, 0xE2, 0x4F, 0xD6, + 0x65, 0xE3, 0xBA, 0xB3, 0x55, 0x99, 0xAD, 0x0E, 0xCA, 0x7A, + 0x4C, 0x3D, 0x42, 0xF6, 0x7F, 0xC7, 0x23, 0x6A, 0x15, 0xAE, + 0xB2, 0x88, 0x6E, 0x45, 0xA0, 0xA8, 0x8E }; static const int sizeof_ca_cert_der_1024 = sizeof(ca_cert_der_1024); @@ -589,7 +593,7 @@ static const int sizeof_server_key_der_1024 = sizeof(server_key_der_1024); /* ./certs/1024/server-cert.der, 1024-bit */ static const unsigned char server_cert_der_1024[] = { - 0x30, 0x82, 0x03, 0xE7, 0x30, 0x82, 0x03, 0x50, 0xA0, 0x03, + 0x30, 0x82, 0x03, 0xF2, 0x30, 0x82, 0x03, 0x5B, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -608,9 +612,9 @@ static const unsigned char server_cert_der_1024[] = 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, - 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, - 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x31, - 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x30, + 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, 0x30, 0x32, 0x33, 0x30, + 0x37, 0x32, 0x35, 0x5A, 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, + 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -642,12 +646,12 @@ static const unsigned char server_cert_der_1024[] = 0xAD, 0xFD, 0x5C, 0x86, 0x73, 0xAA, 0x6B, 0x47, 0xD8, 0x8B, 0x2E, 0x58, 0x4B, 0x69, 0x12, 0x82, 0x26, 0x55, 0xE6, 0x14, 0xBF, 0x55, 0x70, 0x88, 0xFE, 0xF9, 0x75, 0xE1, 0x02, 0x03, - 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3F, 0x30, 0x82, 0x01, - 0x3B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4A, 0x30, 0x82, 0x01, + 0x46, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD9, 0x3C, 0x35, 0xEA, 0x74, 0x0E, 0x23, 0xBE, 0x9C, 0xFC, 0xFA, 0x29, 0x90, 0x09, 0xC1, 0xE7, 0x84, 0x16, - 0x9F, 0x7C, 0x30, 0x81, 0xCE, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x81, 0xC6, 0x30, 0x81, 0xC3, 0x80, 0x14, 0xD3, 0x22, + 0x9F, 0x7C, 0x30, 0x81, 0xD9, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xD1, 0x30, 0x81, 0xCE, 0x80, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0xA1, 0x81, 0x9F, 0xA4, 0x81, 0x9C, 0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, @@ -666,30 +670,31 @@ static const unsigned char server_cert_der_1024[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x82, 0x09, 0x00, 0x97, 0x1D, 0x33, 0x11, 0xE8, 0x40, 0x6E, - 0x95, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, - 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, - 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, - 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, - 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, - 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, - 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, - 0x00, 0x03, 0x81, 0x81, 0x00, 0x27, 0x0A, 0x4E, 0x08, 0x8C, - 0xBA, 0x73, 0xD0, 0x05, 0xF2, 0xEA, 0xF9, 0x51, 0x8C, 0x7E, - 0x29, 0x14, 0x23, 0x8E, 0x9E, 0x9A, 0xFC, 0x46, 0x6F, 0x10, - 0x68, 0x59, 0xD9, 0xA0, 0xEA, 0x53, 0x19, 0xBD, 0x28, 0x89, - 0xE1, 0x97, 0x1E, 0x4C, 0xB8, 0x1E, 0xBE, 0x0F, 0x4D, 0x9D, - 0x1D, 0x76, 0x57, 0x17, 0x31, 0x95, 0xC2, 0x80, 0xBE, 0x04, - 0xD0, 0xC2, 0xE9, 0x5C, 0xE0, 0xF4, 0x81, 0x3F, 0xC4, 0xB0, - 0xC5, 0x86, 0xAE, 0x58, 0x68, 0xB9, 0xAE, 0x0F, 0x88, 0xE8, - 0x63, 0x6F, 0xB9, 0x08, 0xF1, 0x1B, 0x56, 0x90, 0xFB, 0x1F, - 0x2E, 0xCC, 0xE5, 0x69, 0x1F, 0x7C, 0x02, 0x4F, 0xED, 0xB0, - 0x45, 0x7C, 0x2D, 0xA8, 0x59, 0x11, 0xA5, 0x95, 0x51, 0xC7, - 0x50, 0xD8, 0x89, 0xC2, 0x90, 0x63, 0x68, 0xA8, 0x41, 0x6F, - 0xD0, 0x37, 0x26, 0x6F, 0xC8, 0x0E, 0xB5, 0xA0, 0x15, 0x9D, - 0xA5, 0xE6, 0xD2 + 0x82, 0x14, 0x28, 0x91, 0x57, 0x80, 0x6F, 0x78, 0x1E, 0x99, + 0x86, 0x3B, 0xFD, 0x1B, 0x95, 0xFC, 0x06, 0xE2, 0x1D, 0x62, + 0xB2, 0x14, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, + 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, + 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, + 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, + 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, + 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x22, 0x80, 0xE9, 0x9F, + 0x1C, 0x36, 0xD8, 0x96, 0xD9, 0x8F, 0x2C, 0x7B, 0xAF, 0x6E, + 0xCC, 0xF8, 0xB5, 0xB4, 0x59, 0xAC, 0x05, 0x45, 0xB9, 0x01, + 0x00, 0xB9, 0x82, 0x23, 0x82, 0x7A, 0xA5, 0x30, 0x3C, 0x55, + 0x09, 0x01, 0xE1, 0x14, 0xA0, 0xFC, 0x88, 0x2E, 0x47, 0xC8, + 0x5E, 0xE5, 0x75, 0xD2, 0x89, 0x43, 0xFA, 0x13, 0x1E, 0xEA, + 0x6F, 0x50, 0x3E, 0x1B, 0x60, 0xFE, 0xBC, 0xDF, 0x9B, 0xE3, + 0x38, 0x0D, 0xDD, 0xCF, 0x17, 0x1A, 0xD6, 0x07, 0x1A, 0x41, + 0xA4, 0xC4, 0xAC, 0x3B, 0x10, 0xAC, 0x55, 0x61, 0xAF, 0xFE, + 0xC7, 0x53, 0xCF, 0x29, 0xC6, 0x5B, 0x7A, 0xC9, 0x65, 0xDA, + 0xC3, 0x94, 0x02, 0x7C, 0xAA, 0x5E, 0x16, 0xA3, 0x64, 0xCE, + 0x68, 0x5E, 0x74, 0x91, 0xC5, 0x8B, 0x60, 0xB5, 0xBF, 0x9D, + 0x63, 0x0B, 0x11, 0xD5, 0x40, 0x74, 0x7D, 0x64, 0x12, 0x98, + 0x3B, 0x10, 0x31, 0xFD }; static const int sizeof_server_cert_der_1024 = sizeof(server_cert_der_1024); @@ -862,10 +867,84 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048); /* ./certs/client-cert.der, 2048-bit */ static const unsigned char client_cert_der_2048[] = { - 0x30, 0x82, 0x05, 0x07, 0x30, 0x82, 0x03, 0xEF, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xF1, 0x5C, 0x99, 0x43, - 0x66, 0x3D, 0x96, 0x04, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x30, 0x82, 0x05, 0x1D, 0x30, 0x82, 0x04, 0x05, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x53, 0x16, 0x7C, 0xA0, 0x56, + 0x50, 0x46, 0x27, 0x82, 0xED, 0x60, 0xB4, 0xDA, 0x33, 0xD8, + 0x6A, 0xC0, 0xEA, 0xDC, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, + 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, + 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, + 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, + 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, + 0x2D, 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, + 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, + 0x2B, 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, + 0x2B, 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, + 0x47, 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, + 0x69, 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, + 0x2D, 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, + 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, + 0xEF, 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, + 0xBF, 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, + 0x89, 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, + 0x67, 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, + 0xA6, 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, + 0xD1, 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, + 0xF1, 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, + 0x7E, 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, + 0x81, 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, + 0x32, 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, + 0x83, 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, + 0x24, 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, + 0x6C, 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, + 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, + 0x0C, 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, + 0xFA, 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, + 0x71, 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, + 0x4E, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, + 0x15, 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, + 0xA1, 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, + 0x01, 0x4F, 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, + 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, + 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xDE, + 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, + 0xD3, 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, + 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, + 0x85, 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -882,116 +961,44 @@ static const unsigned char client_cert_der_2048[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, - 0x53, 0x4C, 0x5F, 0x32, 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, - 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, - 0x32, 0x30, 0x34, 0x38, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, - 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, - 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, - 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, - 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, - 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, - 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, - 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, - 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, - 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, - 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, - 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, - 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, - 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, - 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, - 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, - 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, - 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, - 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, - 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, - 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, - 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, - 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, - 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, - 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, - 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, - 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, - 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, - 0x44, 0x30, 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, - 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, - 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06, - 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, - 0x80, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, - 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, - 0x65, 0xC0, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, - 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, - 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x32, - 0x30, 0x34, 0x38, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, - 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x32, 0x30, 0x34, 0x38, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, - 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, - 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, - 0x09, 0x00, 0xF1, 0x5C, 0x99, 0x43, 0x66, 0x3D, 0x96, 0x04, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, - 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, - 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, - 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, - 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, - 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, - 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x01, 0x00, 0xBA, 0x2B, 0x48, 0xD1, 0xA8, - 0xE3, 0xC2, 0x84, 0x42, 0x96, 0xA1, 0x7C, 0xE5, 0xF1, 0x46, - 0xBA, 0x4C, 0xF7, 0x87, 0x57, 0xC7, 0x78, 0xC8, 0xC1, 0x32, - 0xC4, 0x69, 0xFF, 0x85, 0xBB, 0x5D, 0x6A, 0xDD, 0xC9, 0x87, - 0x7E, 0xFE, 0xBB, 0xF4, 0xFD, 0x15, 0x0A, 0x4C, 0x94, 0x95, - 0x80, 0x30, 0x90, 0x45, 0x03, 0xF8, 0x33, 0x87, 0xCA, 0x5F, - 0x74, 0x38, 0xA4, 0xD0, 0x5A, 0xC7, 0x65, 0x38, 0xC3, 0xB0, - 0xE8, 0x87, 0xB1, 0x49, 0x32, 0xB9, 0xAC, 0xE9, 0xFB, 0xD3, - 0x08, 0x1D, 0xA4, 0x51, 0x7B, 0xD7, 0xD9, 0x4B, 0x79, 0x35, - 0xA2, 0x3A, 0x0B, 0xE4, 0x0C, 0xA0, 0x02, 0x9C, 0xA1, 0x68, - 0xE1, 0x5D, 0x6C, 0x8E, 0x2E, 0x3A, 0x24, 0xDE, 0xBB, 0xD6, - 0x1C, 0xA7, 0xAC, 0x2E, 0xCD, 0x57, 0x44, 0x48, 0xF6, 0x72, - 0xE0, 0xC7, 0x5B, 0x93, 0xDC, 0x7D, 0x5B, 0x64, 0x0E, 0x17, - 0x84, 0x68, 0x2C, 0x95, 0x1D, 0x2C, 0x86, 0xD6, 0xB0, 0x74, - 0x67, 0x51, 0x6E, 0x7B, 0xF4, 0xD5, 0x61, 0x38, 0x51, 0xB3, - 0x18, 0xE3, 0x10, 0x16, 0x73, 0x4B, 0x36, 0x8A, 0x8A, 0x62, - 0x05, 0xF5, 0x56, 0x8A, 0xBE, 0x21, 0xE1, 0x78, 0x7D, 0xBF, - 0xAD, 0x45, 0xF9, 0x0B, 0xF5, 0xAF, 0xA0, 0x62, 0x01, 0xFD, - 0x3F, 0x49, 0xDF, 0x39, 0x3C, 0xFF, 0x46, 0xE8, 0x0A, 0xFE, - 0x5C, 0x6B, 0xBB, 0x41, 0xA5, 0x64, 0xF1, 0x5C, 0x9B, 0x51, - 0x4C, 0xBC, 0x6D, 0x9F, 0xA3, 0x20, 0xED, 0xE9, 0x48, 0xE1, - 0xA9, 0xBE, 0x08, 0x2D, 0x85, 0x42, 0x59, 0xD6, 0x43, 0x7D, - 0x47, 0x22, 0xA5, 0xFA, 0x1F, 0xA2, 0x58, 0x76, 0x0B, 0x70, - 0x1C, 0x1D, 0x59, 0x1D, 0xAA, 0xBE, 0x5D, 0x2D, 0x25, 0x7C, - 0xB1, 0x06, 0xB6, 0xC0, 0xAA, 0x28, 0xAA, 0x93, 0x7C, 0xD0, - 0xBD, 0x43, 0xAD, 0x91, 0x50, 0x1C, 0x7B, 0x4D, 0xF3, 0xE4, - 0xD7 + 0x82, 0x14, 0x53, 0x16, 0x7C, 0xA0, 0x56, 0x50, 0x46, 0x27, + 0x82, 0xED, 0x60, 0xB4, 0xDA, 0x33, 0xD8, 0x6A, 0xC0, 0xEA, + 0xDC, 0x31, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, + 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, + 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, + 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, + 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xB8, 0xE8, 0xE3, + 0x2A, 0x48, 0x6C, 0x04, 0x8B, 0xF8, 0x81, 0x14, 0x1A, 0xCE, + 0x14, 0xED, 0xC7, 0xF0, 0xD3, 0xCB, 0x9A, 0x91, 0xD9, 0x2C, + 0x1D, 0x6E, 0x73, 0x36, 0x8F, 0xA3, 0x61, 0xC4, 0x1F, 0xDA, + 0xD1, 0x4B, 0xB6, 0x40, 0xD0, 0x6A, 0xC4, 0x2B, 0x43, 0xC8, + 0x2F, 0xFB, 0xEE, 0x5A, 0xC9, 0x41, 0x9D, 0x2B, 0x6F, 0xF3, + 0x39, 0x67, 0x20, 0xEC, 0x7C, 0xD6, 0xA0, 0x7F, 0x06, 0x79, + 0xCD, 0x52, 0x2C, 0xC9, 0x3C, 0x5B, 0xBF, 0xE5, 0x01, 0x47, + 0x90, 0xF0, 0x82, 0x88, 0xF1, 0x3D, 0x45, 0x25, 0xF4, 0xD1, + 0x4B, 0xEC, 0xAC, 0x3F, 0x1B, 0xCE, 0xA1, 0x0E, 0x61, 0xA0, + 0x29, 0x41, 0xF6, 0x21, 0x0E, 0x9F, 0x73, 0xB3, 0x39, 0x34, + 0xC4, 0x1E, 0x55, 0x5F, 0x9F, 0xE7, 0x42, 0xCA, 0xAB, 0x8F, + 0x3C, 0x62, 0x86, 0x26, 0x94, 0xB5, 0xB7, 0x8B, 0x7C, 0x65, + 0x4C, 0x3E, 0xB7, 0xAC, 0xF5, 0x51, 0x0D, 0xA5, 0x14, 0x0F, + 0x6F, 0x2B, 0xFE, 0x62, 0x95, 0x26, 0x1E, 0x10, 0x52, 0xAE, + 0x44, 0x58, 0x95, 0xDC, 0xB4, 0xC4, 0x76, 0x2F, 0x14, 0x28, + 0x64, 0x45, 0xAA, 0x94, 0x61, 0xDA, 0x1A, 0xD0, 0xCF, 0xB3, + 0x3A, 0x83, 0xC8, 0x66, 0xFB, 0xE8, 0x58, 0xDC, 0xD4, 0x91, + 0x4A, 0x9A, 0xE7, 0xC8, 0xB6, 0xEA, 0xF9, 0x52, 0x19, 0xB2, + 0x3D, 0x5F, 0x95, 0x29, 0xAC, 0x8B, 0xCF, 0x9B, 0x5C, 0xD6, + 0xDD, 0xCD, 0x6B, 0xF2, 0x71, 0xFD, 0xB6, 0x4D, 0x18, 0x98, + 0x08, 0x5B, 0x8A, 0xE7, 0x2B, 0xCB, 0xBD, 0x68, 0x97, 0x1C, + 0x02, 0xAA, 0x41, 0x59, 0x0D, 0xF8, 0x0E, 0x50, 0xD7, 0x48, + 0x6F, 0x81, 0xC4, 0x00, 0x70, 0x56, 0x67, 0x64, 0x1A, 0xB3, + 0x56, 0xFC, 0x23, 0xF4, 0x84, 0x49, 0x36, 0xF7, 0x7F, 0x38, + 0x94, 0x38, 0xDA, 0x40, 0x81, 0xC0, 0xB9, 0xB0, 0xAD, 0xEA, + 0xCE, 0x38, 0xF2 }; static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048); @@ -1526,10 +1533,82 @@ static const int sizeof_ca_key_der_2048 = sizeof(ca_key_der_2048); /* ./certs/ca-cert.der, 2048-bit */ static const unsigned char ca_cert_der_2048[] = { - 0x30, 0x82, 0x04, 0xE9, 0x30, 0x82, 0x03, 0xD1, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xAA, 0xD3, 0x3F, 0xAC, - 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, + 0x30, 0x82, 0x04, 0xFF, 0x30, 0x82, 0x03, 0xE7, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x7D, 0x94, 0x70, 0x88, 0xBA, + 0x07, 0x42, 0x8D, 0xAA, 0xAF, 0x4F, 0xBE, 0xC2, 0x1A, 0x48, + 0xF0, 0xD1, 0x40, 0xE6, 0x42, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, + 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, + 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, + 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, + 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, + 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, + 0x2D, 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, + 0x4A, 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, + 0xCA, 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, + 0x2A, 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, + 0x98, 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, + 0xDE, 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, + 0xBB, 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, + 0xF1, 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, + 0x41, 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, + 0x70, 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, + 0xED, 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, + 0xED, 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, + 0x38, 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, + 0x3C, 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, + 0x13, 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, + 0x7D, 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, + 0xDC, 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, + 0x7D, 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, + 0x67, 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, + 0x68, 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, + 0xF5, 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, + 0x17, 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, + 0xC3, 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, + 0x52, 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, + 0xB9, 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, + 0xED, 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, + 0x01, 0x45, 0x30, 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, + 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, + 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xD4, + 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, + 0xC9, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, + 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, + 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, @@ -1545,78 +1624,130 @@ static const unsigned char ca_cert_der_2048[] = 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x32, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, - 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, - 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x82, 0x14, 0x7D, 0x94, 0x70, 0x88, 0xBA, 0x07, 0x42, 0x8D, + 0xAA, 0xAF, 0x4F, 0xBE, 0xC2, 0x1A, 0x48, 0xF0, 0xD1, 0x40, + 0xE6, 0x42, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, + 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, + 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, + 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, + 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, + 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xB0, 0x71, 0xBB, + 0xBA, 0x45, 0x5A, 0x80, 0x25, 0x02, 0xA4, 0x7E, 0x88, 0x0B, + 0xA9, 0x7B, 0xFD, 0xB0, 0xBB, 0xF6, 0x46, 0xB5, 0xBA, 0xF4, + 0xC7, 0xE3, 0x61, 0x20, 0x8C, 0x03, 0x15, 0x66, 0xF5, 0xE4, + 0x54, 0x82, 0xEF, 0x13, 0x80, 0x97, 0x22, 0x67, 0xC1, 0xD1, + 0x88, 0x5D, 0xE2, 0x2D, 0x57, 0xF6, 0xE0, 0x9F, 0x69, 0xD6, + 0xB1, 0x5C, 0xB6, 0xE8, 0xE0, 0x98, 0x89, 0xC8, 0x14, 0x12, + 0xD6, 0xB6, 0x89, 0x8D, 0x6C, 0xB9, 0xA0, 0x59, 0x4F, 0x92, + 0xEE, 0x11, 0x53, 0x6B, 0x7D, 0x93, 0x4A, 0x69, 0x0A, 0x85, + 0xD9, 0xD5, 0xD2, 0x62, 0xE8, 0xC9, 0xB5, 0xC6, 0x4E, 0x17, + 0xF5, 0x0A, 0xE8, 0xF3, 0x2D, 0x86, 0x61, 0x0B, 0xEB, 0xC4, + 0xC4, 0xC6, 0x67, 0x75, 0xED, 0x9A, 0x9F, 0x53, 0xA0, 0x71, + 0x1E, 0xA0, 0x90, 0x0D, 0xF9, 0x03, 0xB4, 0xBC, 0x86, 0x19, + 0x6E, 0xF0, 0x3B, 0x4F, 0xE8, 0xED, 0x68, 0xF6, 0xE7, 0x23, + 0x43, 0x3B, 0x36, 0x83, 0x83, 0x4B, 0x46, 0xA0, 0x9A, 0x01, + 0xD0, 0xC7, 0x85, 0xBB, 0x7D, 0x94, 0xA0, 0x21, 0x3D, 0x7E, + 0x3C, 0x6A, 0x3D, 0x81, 0xDB, 0x41, 0x7B, 0x46, 0xD8, 0x15, + 0x62, 0xD5, 0x8F, 0x4D, 0x3D, 0xC0, 0xDB, 0x9A, 0xC5, 0x81, + 0xA8, 0xAC, 0xDA, 0x87, 0x99, 0xC7, 0xDD, 0xB9, 0xF1, 0x14, + 0xAF, 0xD1, 0x93, 0xE3, 0xF3, 0x42, 0xD7, 0xA2, 0x04, 0x51, + 0x21, 0x54, 0x29, 0xC3, 0x45, 0xF6, 0xBE, 0x5C, 0xFA, 0xCD, + 0xDB, 0xBF, 0x2F, 0x79, 0x81, 0x42, 0xE5, 0x8F, 0x47, 0x0B, + 0xD4, 0x54, 0x01, 0xB5, 0xC2, 0x4A, 0x46, 0xD6, 0xA8, 0x31, + 0x2E, 0x64, 0x80, 0x3F, 0x48, 0x61, 0x91, 0x29, 0xF3, 0xAA, + 0x43, 0x5C, 0x69, 0x6E, 0xF1, 0x01, 0xB9, 0xDF, 0x63, 0x71, + 0x3D, 0xB9, 0x5A, 0xFB, 0x36, 0xC0, 0x11, 0xA2, 0xC3, 0x30, + 0x9D, 0x95, 0xC3 +}; +static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); + +/* ./certs/ca-cert-chain.der, 2048-bit */ +static const unsigned char ca_cert_chain_der[] = +{ + 0x30, 0x82, 0x03, 0xFA, 0x30, 0x82, 0x03, 0x63, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x42, 0xCC, 0xF9, 0x3D, 0xC3, + 0x98, 0x9D, 0xB9, 0x6A, 0xD0, 0x05, 0x23, 0x52, 0xB1, 0x87, + 0x2F, 0xBE, 0xA5, 0x0A, 0xE9, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, + 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, + 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, + 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, + 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, - 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, - 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, - 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, - 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, - 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, - 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, - 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, - 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, - 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, - 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, - 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, - 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, - 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, - 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, - 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, - 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, - 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, - 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, - 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, - 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, - 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, - 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, - 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, - 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, - 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, - 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, - 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, - 0x3A, 0x30, 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, - 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, - 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, - 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, - 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, - 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, - 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, - 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, - 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, - 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, - 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, - 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, - 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, - 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, - 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, - 0x09, 0x00, 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, + 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, + 0x81, 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, + 0x24, 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, + 0x16, 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, + 0x04, 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, + 0x50, 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, + 0x24, 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, + 0xA8, 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, + 0xA2, 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, + 0x54, 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, + 0x72, 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, + 0x9B, 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, + 0x94, 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, + 0xE5, 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, + 0x09, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x45, + 0x30, 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x0E, 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, + 0xE0, 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, + 0x36, 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xD4, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, + 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, + 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, + 0xA8, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, + 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, + 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, + 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, + 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, + 0x42, 0xCC, 0xF9, 0x3D, 0xC3, 0x98, 0x9D, 0xB9, 0x6A, 0xD0, + 0x05, 0x23, 0x52, 0xB1, 0x87, 0x2F, 0xBE, 0xA5, 0x0A, 0xE9, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, @@ -1626,140 +1757,20 @@ static const unsigned char ca_cert_der_2048[] = 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, - 0x03, 0x82, 0x01, 0x01, 0x00, 0x62, 0x98, 0xC8, 0x58, 0xCF, - 0x56, 0x03, 0x86, 0x5B, 0x1B, 0x71, 0x49, 0x7D, 0x05, 0x03, - 0x5D, 0xE0, 0x08, 0x86, 0xAD, 0xDB, 0x4A, 0xDE, 0xAB, 0x22, - 0x96, 0xA8, 0xC3, 0x59, 0x68, 0xC1, 0x37, 0x90, 0x40, 0xDF, - 0xBD, 0x89, 0xD0, 0xBC, 0xDA, 0x8E, 0xEF, 0x87, 0xB2, 0xC2, - 0x62, 0x52, 0xE1, 0x1A, 0x29, 0x17, 0x6A, 0x96, 0x99, 0xC8, - 0x4E, 0xD8, 0x32, 0xFE, 0xB8, 0xD1, 0x5C, 0x3B, 0x0A, 0xC2, - 0x3C, 0x5F, 0xA1, 0x1E, 0x98, 0x7F, 0xCE, 0x89, 0x26, 0x21, - 0x1F, 0x64, 0x9C, 0x15, 0x7A, 0x9C, 0xEF, 0xFB, 0x1D, 0x85, - 0x6A, 0xFA, 0x98, 0xCE, 0xA8, 0xA9, 0xAB, 0xC3, 0xA2, 0xC0, - 0xEB, 0x87, 0xED, 0xBC, 0x21, 0xDF, 0xF3, 0x07, 0x5B, 0xAE, - 0xFD, 0x40, 0xD4, 0xAE, 0x20, 0xD0, 0x76, 0x8A, 0x31, 0x0A, - 0xA2, 0x62, 0x7C, 0x61, 0x0D, 0xCE, 0x5D, 0x9A, 0x1E, 0xE4, - 0x20, 0x88, 0x51, 0x49, 0xFB, 0x77, 0xA9, 0xCD, 0x4D, 0xC6, - 0xBF, 0x54, 0x99, 0x33, 0xEF, 0x4B, 0xA0, 0x73, 0x70, 0x6D, - 0x2E, 0xD9, 0x3D, 0x08, 0xF6, 0x12, 0x39, 0x31, 0x68, 0xC6, - 0x61, 0x5C, 0x41, 0xB5, 0x1B, 0xF4, 0x38, 0x7D, 0xFC, 0xBE, - 0x73, 0x66, 0x2D, 0xF7, 0xCA, 0x5B, 0x2C, 0x5B, 0x31, 0xAA, - 0xCF, 0xF6, 0x7F, 0x30, 0xE4, 0x12, 0x2C, 0x8E, 0xD6, 0x38, - 0x51, 0xE6, 0x45, 0xEE, 0xD5, 0xDA, 0xC3, 0x83, 0xD6, 0xED, - 0x5E, 0xEC, 0xD6, 0xB6, 0x14, 0xB3, 0x93, 0x59, 0xE1, 0x55, - 0x4A, 0x7F, 0x04, 0xDF, 0xCE, 0x65, 0xD4, 0xDF, 0x18, 0x4F, - 0xDD, 0xB4, 0x45, 0x7F, 0xA6, 0x56, 0x30, 0xC4, 0x05, 0x44, - 0x98, 0x9D, 0x4F, 0x26, 0x6D, 0x84, 0x80, 0xA0, 0x5E, 0xED, - 0x23, 0xD1, 0x48, 0x87, 0x0E, 0x05, 0x06, 0x91, 0x3B, 0xB0, - 0x3C, 0xBB, 0x8C, 0x8F, 0x3C, 0x7B, 0x4C, 0x4F, 0xA1, 0xCA, - 0x98 -}; -static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); - -/* ./certs/ca-cert-chain.der, 2048-bit */ -static const unsigned char ca_cert_chain_der[] = -{ - 0x30, 0x82, 0x03, 0xE4, 0x30, 0x82, 0x03, 0x4D, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE9, 0x2F, 0xDA, 0xA8, - 0x53, 0xBD, 0xBD, 0xD5, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, - 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, - 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, - 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x32, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, - 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, - 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, - 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, - 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, - 0x81, 0x00, 0xCD, 0xAC, 0xDD, 0x47, 0xEC, 0xBE, 0xB7, 0x24, - 0xC3, 0x63, 0x1B, 0x54, 0x98, 0x79, 0xE1, 0xC7, 0x31, 0x16, - 0x59, 0xD6, 0x9D, 0x77, 0x9D, 0x8D, 0xE2, 0x8B, 0xED, 0x04, - 0x17, 0xB2, 0xC6, 0xEB, 0xE4, 0x9B, 0x91, 0xBE, 0x31, 0x50, - 0x62, 0x97, 0x58, 0xB5, 0x7F, 0x29, 0xDE, 0xB3, 0x71, 0x24, - 0x0B, 0xBF, 0x97, 0x09, 0x7F, 0x26, 0xDC, 0x2D, 0xEC, 0xA8, - 0x2E, 0xB2, 0x64, 0x2B, 0x7A, 0x2B, 0x35, 0x19, 0x2D, 0xA2, - 0x80, 0xCB, 0x99, 0xFD, 0x94, 0x71, 0x1B, 0x23, 0x8D, 0x54, - 0xDB, 0x2E, 0x62, 0x8D, 0x81, 0x08, 0x2D, 0xF4, 0x24, 0x72, - 0x27, 0x6C, 0xF9, 0xC9, 0x8E, 0xDB, 0x4C, 0x75, 0xBA, 0x9B, - 0x01, 0xF8, 0x3F, 0x18, 0xF4, 0xE6, 0x7F, 0xFB, 0x57, 0x94, - 0x92, 0xCC, 0x88, 0xC4, 0xB4, 0x00, 0xC2, 0xAA, 0xD4, 0xE5, - 0x88, 0x18, 0xB3, 0x11, 0x2F, 0x73, 0xC0, 0xD6, 0x29, 0x09, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3A, 0x30, - 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, - 0x04, 0x16, 0x04, 0x14, 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, - 0x05, 0xEE, 0xD3, 0xED, 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, - 0x3A, 0x1D, 0xBF, 0xA8, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, - 0xD3, 0x22, 0x8F, 0x28, 0x2C, 0xE0, 0x05, 0xEE, 0xD3, 0xED, - 0xC3, 0x71, 0x3D, 0xC9, 0xB2, 0x36, 0x3A, 0x1D, 0xBF, 0xA8, - 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, - 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, - 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, - 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, - 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, - 0xE9, 0x2F, 0xDA, 0xA8, 0x53, 0xBD, 0xBD, 0xD5, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, - 0x81, 0x00, 0xB3, 0xE9, 0x88, 0x6A, 0xEA, 0x5F, 0x35, 0x7C, - 0x6C, 0xFD, 0x93, 0xFE, 0x9A, 0x98, 0xE7, 0x1C, 0xBC, 0xD1, - 0xC8, 0x7A, 0x15, 0xC5, 0x69, 0xE1, 0xFB, 0x35, 0x1B, 0xEC, - 0x92, 0x3F, 0xD1, 0x3E, 0x69, 0x2A, 0x11, 0x95, 0x44, 0x3D, - 0x3F, 0x7C, 0xFF, 0xF6, 0x64, 0xD8, 0xE4, 0x1D, 0xEC, 0x86, - 0x95, 0x69, 0x48, 0x3D, 0x5B, 0x6D, 0x39, 0xE7, 0x7E, 0x51, - 0x12, 0x15, 0x4B, 0x90, 0xA8, 0xFA, 0x1E, 0xAA, 0x81, 0x53, - 0xDE, 0x85, 0x29, 0x4D, 0x79, 0x6C, 0x08, 0xC2, 0xC4, 0x5E, - 0x4D, 0x39, 0xA6, 0x09, 0xA4, 0x67, 0xAC, 0xDC, 0xF0, 0xCD, - 0xB7, 0x4E, 0xE5, 0xF9, 0x72, 0xC3, 0x25, 0x1C, 0x8D, 0xE0, - 0x03, 0x30, 0x19, 0x5A, 0xA5, 0x63, 0xA6, 0xBA, 0xEC, 0x12, - 0x87, 0xEF, 0x6D, 0x56, 0x22, 0xA7, 0x42, 0x4A, 0x8F, 0x3B, - 0xFD, 0x20, 0xAB, 0xEF, 0x29, 0x5E, 0x3D, 0x16, 0xD7, 0xAC - + 0x03, 0x81, 0x81, 0x00, 0x97, 0xF4, 0x5A, 0x19, 0x52, 0xA6, + 0x12, 0xFC, 0x95, 0x1F, 0xB8, 0xCB, 0x3E, 0x73, 0x4B, 0x3E, + 0xCB, 0xC2, 0x83, 0x92, 0x4F, 0x64, 0x76, 0x3B, 0x0D, 0xAF, + 0x72, 0x8C, 0xD3, 0x79, 0x6A, 0x6E, 0xE0, 0x5B, 0x48, 0x4E, + 0x2C, 0x25, 0xDC, 0xB4, 0xBB, 0xCA, 0x1A, 0x45, 0x90, 0x91, + 0x9E, 0x47, 0x82, 0xFC, 0xB9, 0xC3, 0xFA, 0x52, 0x6D, 0x8F, + 0x86, 0x97, 0xBE, 0x58, 0x4B, 0xE7, 0x35, 0x75, 0xD4, 0xB9, + 0x37, 0xBA, 0xC5, 0x2A, 0xDB, 0xF1, 0x60, 0x29, 0x4F, 0x6E, + 0xB0, 0x12, 0xAA, 0x3F, 0x9F, 0x56, 0x30, 0xE5, 0xB4, 0x90, + 0x04, 0xCC, 0x1D, 0x6C, 0xA3, 0xE6, 0xE2, 0x16, 0x5D, 0x94, + 0x52, 0x91, 0x23, 0x2C, 0xBA, 0x9C, 0x67, 0x83, 0xAA, 0x15, + 0x80, 0xF1, 0x39, 0xF9, 0xD7, 0xA8, 0x02, 0x7D, 0x87, 0x21, + 0xAB, 0xEF, 0x57, 0x8D, 0x06, 0x49, 0xCB, 0xC9, 0xCD, 0x6F, + 0xD7, 0x4E }; static const int sizeof_ca_cert_chain_der = sizeof(ca_cert_chain_der); @@ -1892,7 +1903,7 @@ static const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048); /* ./certs/server-cert.der, 2048-bit */ static const unsigned char server_cert_der_2048[] = { - 0x30, 0x82, 0x04, 0xDD, 0x30, 0x82, 0x03, 0xC5, 0xA0, 0x03, + 0x30, 0x82, 0x04, 0xE8, 0x30, 0x82, 0x03, 0xD0, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -1910,10 +1921,10 @@ static const unsigned char server_cert_der_2048[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, - 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, - 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, + 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, + 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, + 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, @@ -1957,12 +1968,12 @@ static const unsigned char server_cert_der_2048[] = 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3A, 0x30, - 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x45, 0x30, + 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, - 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xD4, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, @@ -1980,43 +1991,45 @@ static const unsigned char server_cert_der_2048[] = 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, - 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, - 0x01, 0x01, 0x00, 0x1B, 0x0D, 0xA6, 0x44, 0x93, 0x0D, 0x0E, - 0x0C, 0x35, 0x28, 0x26, 0x40, 0x31, 0xD2, 0xEB, 0x26, 0x4C, - 0x47, 0x5B, 0x19, 0xFB, 0xAD, 0xFE, 0x3A, 0xF5, 0x30, 0x3A, - 0x28, 0xD7, 0xAA, 0x69, 0xA4, 0x15, 0xE7, 0x26, 0x6E, 0xB7, - 0x33, 0x56, 0xAC, 0x8F, 0x34, 0x3D, 0xF3, 0x21, 0x2F, 0x53, - 0x58, 0x91, 0xD0, 0x3E, 0xB4, 0x39, 0x48, 0xBF, 0x93, 0x11, - 0x74, 0x36, 0xD3, 0x87, 0x49, 0xC3, 0x34, 0x0D, 0x30, 0x30, - 0xAB, 0xF4, 0x4C, 0x27, 0x19, 0xD5, 0xC4, 0x0C, 0xAD, 0x49, - 0xBD, 0x91, 0xF8, 0xDA, 0x9E, 0xC8, 0x2D, 0x2A, 0xAC, 0xE2, - 0x75, 0x8E, 0xAA, 0x08, 0xD9, 0xBF, 0x65, 0xFF, 0xA3, 0xB1, - 0x4F, 0xF0, 0x60, 0x6F, 0x4D, 0x95, 0xC4, 0x06, 0x7F, 0xAF, - 0x66, 0x6A, 0x23, 0x3B, 0x3A, 0xA4, 0x61, 0xB6, 0x6C, 0xCA, - 0xBE, 0xE1, 0xB0, 0x77, 0xF3, 0xEC, 0x83, 0xD5, 0x8C, 0x1D, - 0x85, 0x7F, 0x8D, 0x74, 0xC8, 0xEC, 0x1E, 0x49, 0xEC, 0x57, - 0x4A, 0xCC, 0xFD, 0xE2, 0x3A, 0x3E, 0x54, 0x50, 0xAE, 0x67, - 0xCD, 0x17, 0xB0, 0x67, 0xA5, 0x53, 0x7F, 0xC3, 0x0E, 0x3E, - 0xA7, 0x58, 0xE8, 0xDF, 0xD5, 0x0C, 0xF2, 0x64, 0xF3, 0xAD, - 0x12, 0x70, 0xE3, 0xB9, 0x42, 0xBC, 0x08, 0x60, 0x76, 0xD5, - 0x0C, 0xA5, 0x31, 0x77, 0x50, 0xE0, 0xC8, 0xF3, 0x3A, 0x3D, - 0x45, 0xCF, 0x32, 0x75, 0xEF, 0x10, 0xDD, 0xB5, 0xED, 0x6E, - 0xD2, 0x2D, 0x57, 0x82, 0x95, 0x38, 0xBC, 0x7D, 0x54, 0xC4, - 0x84, 0x5E, 0xFB, 0x7E, 0x83, 0xF5, 0xF1, 0x2D, 0x9C, 0x98, - 0xAC, 0x73, 0xE3, 0xA7, 0xD2, 0x02, 0x30, 0xD6, 0x1F, 0x06, - 0x1E, 0xD0, 0xDC, 0x3A, 0xAC, 0xF4, 0xC2, 0xC2, 0xBE, 0x72, - 0x40, 0x9A, 0xEA, 0xCF, 0x35, 0x21, 0x3B, 0x56, 0x6D, 0xE1, - 0x52, 0xF2, 0x80, 0xD7, 0x35, 0x83, 0x97, 0x07, 0xCC + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x7D, + 0x94, 0x70, 0x88, 0xBA, 0x07, 0x42, 0x8D, 0xAA, 0xAF, 0x4F, + 0xBE, 0xC2, 0x1A, 0x48, 0xF0, 0xD1, 0x40, 0xE6, 0x42, 0x30, + 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, + 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, + 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, + 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, + 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, + 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, + 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, + 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, + 0x82, 0x01, 0x01, 0x00, 0x73, 0x59, 0x6F, 0x55, 0x94, 0xE1, + 0x38, 0xE7, 0x20, 0x5A, 0x11, 0x46, 0x47, 0xA8, 0x29, 0x11, + 0x17, 0x06, 0x19, 0x16, 0x78, 0x22, 0xAF, 0x54, 0xF8, 0xD9, + 0x32, 0x61, 0x26, 0x3F, 0x39, 0xAB, 0xA4, 0xDF, 0xEF, 0xAE, + 0xD0, 0x0B, 0xCC, 0x2B, 0xAF, 0x95, 0x70, 0x90, 0x97, 0x53, + 0xCC, 0x19, 0x6D, 0xF2, 0x4D, 0x4C, 0xFA, 0xE4, 0x9D, 0x7C, + 0x54, 0xE0, 0x5B, 0x3B, 0x1F, 0x1E, 0x52, 0x46, 0x7F, 0xD9, + 0xBA, 0xA0, 0x90, 0xBA, 0x6D, 0xDF, 0x3D, 0x67, 0xF0, 0x9F, + 0x52, 0x44, 0xC3, 0xE1, 0x66, 0x36, 0xDC, 0x61, 0x58, 0x11, + 0xBA, 0x4C, 0x0C, 0xC2, 0x29, 0xDA, 0xF7, 0x13, 0x45, 0x60, + 0xB2, 0x11, 0x79, 0x91, 0xED, 0x7C, 0x9F, 0xB7, 0x7F, 0x5C, + 0xE2, 0x29, 0xC6, 0x1E, 0xBF, 0x78, 0xDA, 0xBF, 0xD1, 0xBD, + 0x9C, 0xF7, 0x4E, 0x23, 0xE0, 0xC3, 0xEF, 0x6F, 0xB6, 0x67, + 0x7C, 0xD7, 0x4C, 0x02, 0xD5, 0xBD, 0x67, 0xEE, 0x7E, 0x0C, + 0xE3, 0x89, 0xDB, 0x79, 0x61, 0x1E, 0xD0, 0x5F, 0xF5, 0xE8, + 0x66, 0x48, 0x3A, 0x55, 0x54, 0xD5, 0x16, 0x12, 0x30, 0x00, + 0xC9, 0x86, 0x75, 0xE0, 0xC9, 0xFF, 0x38, 0x74, 0xCE, 0xC8, + 0xC7, 0xFD, 0xEF, 0x96, 0xD8, 0x55, 0x96, 0x71, 0x35, 0x62, + 0xDB, 0x34, 0xC5, 0x2F, 0x07, 0x84, 0x8A, 0xAA, 0x1B, 0x1E, + 0x77, 0x50, 0x0A, 0x20, 0x3B, 0x21, 0x4B, 0x06, 0x14, 0xAF, + 0x78, 0x11, 0xA2, 0x41, 0xC6, 0x5D, 0x0C, 0x70, 0xE0, 0x52, + 0xB4, 0x9E, 0x4C, 0x86, 0xAB, 0x5B, 0xA3, 0xE0, 0x8F, 0xA2, + 0xC2, 0x1A, 0x69, 0x70, 0x80, 0x3B, 0xBD, 0x50, 0x23, 0x26, + 0x72, 0x4F, 0xFA, 0xFD, 0xDF, 0xED, 0x85, 0x32, 0x2C, 0xE4, + 0xAB, 0x3E, 0xF3, 0xA6, 0xD0, 0x1D, 0xDB, 0x33, 0x6B, 0x69, + 0x8D, 0x99, 0xB9, 0xB4, 0x34, 0x4B, 0x79, 0xA8, 0x16, 0x68 + }; static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048); @@ -2619,161 +2632,163 @@ static const int sizeof_client_keypub_der_3072 = sizeof(client_keypub_der_3072); /* ./certs/3072/client-cert.der, 3072-bit */ static const unsigned char client_cert_der_3072[] = { - 0x30, 0x82, 0x06, 0x07, 0x30, 0x82, 0x04, 0x6F, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA4, 0xE0, 0xAA, 0xF3, - 0x29, 0x50, 0x39, 0x8A, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, - 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, - 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, - 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, - 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, - 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, - 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, - 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, 0x01, - 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, 0x68, - 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, 0x9C, - 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, 0x55, - 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, 0x5F, - 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, 0xEE, - 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, 0xC7, - 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, 0x5C, - 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, 0x3D, - 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, 0x22, - 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, 0x31, - 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, 0x69, - 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, 0xC8, - 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, 0xFF, - 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, 0x2C, - 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, 0x11, - 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, 0x85, - 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, 0x3E, - 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, 0x87, - 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, 0xC3, - 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, 0x35, - 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, 0x03, - 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, 0x6D, - 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, 0x2F, - 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, 0xD6, - 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, 0x32, - 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, 0xA9, - 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, 0x5A, - 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, 0xCD, - 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, 0xCE, - 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, 0x01, - 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, 0xEF, - 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, 0xAD, - 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, 0x68, - 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, 0xD7, - 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, 0x88, - 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, 0x08, - 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, 0xF9, - 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, 0xC4, - 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, 0x93, - 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, - 0x82, 0x01, 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, - 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, - 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, - 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, - 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, 0x74, - 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, - 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, - 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, - 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, - 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, - 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, - 0xA4, 0xE0, 0xAA, 0xF3, 0x29, 0x50, 0x39, 0x8A, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, - 0x01, 0x81, 0x00, 0x57, 0x21, 0xC0, 0xAD, 0x6E, 0x16, 0x74, - 0xD5, 0xB1, 0x8B, 0x19, 0x55, 0x49, 0x7A, 0xA4, 0x5E, 0xD6, - 0x18, 0xF9, 0x03, 0x80, 0x4B, 0xC2, 0x71, 0xD1, 0x04, 0x47, - 0x9C, 0xB3, 0x73, 0x9C, 0x4F, 0x62, 0x4A, 0x3A, 0x9A, 0xD4, - 0x48, 0xE4, 0x81, 0xDB, 0x8D, 0x15, 0xDF, 0x5D, 0x0F, 0x08, - 0x13, 0x28, 0x28, 0xD7, 0x05, 0x44, 0xC1, 0xB9, 0x6D, 0xF1, - 0x75, 0x60, 0x74, 0xD0, 0x44, 0xAE, 0x91, 0x0F, 0x3A, 0x7C, - 0xF4, 0xEE, 0xEA, 0x6F, 0x06, 0x3A, 0x41, 0xAE, 0x6B, 0x5C, - 0x8A, 0x0D, 0x85, 0x6B, 0xB3, 0xFB, 0xB1, 0x5F, 0x70, 0xF7, - 0x9B, 0x32, 0x57, 0xFB, 0xC4, 0x6B, 0xCE, 0x90, 0x86, 0x0C, - 0x96, 0x8A, 0x41, 0x4E, 0x61, 0xF3, 0xA1, 0x3F, 0x55, 0xE8, - 0x94, 0x56, 0x12, 0x6D, 0x9E, 0x46, 0x2C, 0x31, 0xBD, 0x3F, - 0x8A, 0x70, 0xC8, 0x20, 0xA4, 0xFB, 0xFA, 0xC6, 0x53, 0x58, - 0xBB, 0x05, 0x28, 0xBA, 0x89, 0x0C, 0xB1, 0x5F, 0x21, 0xAC, - 0x1E, 0xF1, 0x35, 0xFD, 0x6B, 0x14, 0xC1, 0x69, 0x08, 0xE9, - 0x37, 0x14, 0xD8, 0x76, 0x50, 0x2A, 0xFC, 0xAA, 0x94, 0x7F, - 0x39, 0x52, 0x3A, 0xA7, 0x3C, 0x0A, 0x53, 0x5E, 0xE0, 0x13, - 0x1A, 0x00, 0xCA, 0xAC, 0xAA, 0x7E, 0xF7, 0x09, 0x68, 0x78, - 0x60, 0x11, 0x73, 0xAB, 0x7D, 0x58, 0xFE, 0x03, 0x9F, 0xE6, - 0x84, 0xEA, 0x51, 0x58, 0x40, 0x82, 0xA5, 0xFF, 0xA7, 0x2C, - 0xEA, 0x42, 0xA5, 0x4C, 0xB6, 0x3B, 0x5C, 0x6B, 0xAB, 0xCF, - 0x56, 0x8A, 0x8C, 0xEC, 0x3C, 0xF0, 0xAE, 0xD3, 0xCA, 0x0E, - 0x09, 0x71, 0xCF, 0x79, 0x96, 0x72, 0x63, 0x4B, 0x24, 0x7A, - 0xF3, 0x79, 0xCA, 0x69, 0x75, 0xC9, 0xB2, 0xA4, 0x54, 0xB8, - 0x84, 0x40, 0x2B, 0x8F, 0x24, 0x27, 0x6A, 0xED, 0x8F, 0x53, - 0xE0, 0x55, 0x9B, 0x35, 0x91, 0x18, 0x11, 0xCF, 0xB0, 0x3B, - 0xB8, 0x65, 0x3C, 0xC6, 0xEF, 0xB0, 0x78, 0x7C, 0x43, 0x26, - 0xF1, 0x12, 0x84, 0x6B, 0x2B, 0xF0, 0x7D, 0x3C, 0x7F, 0xDC, - 0x67, 0xA4, 0x17, 0x89, 0x75, 0x00, 0x86, 0x1A, 0xEA, 0xCD, - 0x1A, 0xCF, 0xDA, 0x11, 0x64, 0xCC, 0xBD, 0x10, 0x26, 0xEF, - 0x6B, 0x1B, 0x93, 0xB3, 0x37, 0x14, 0x7F, 0x12, 0x80, 0x81, - 0xB6, 0xFD, 0x8A, 0x8A, 0xD8, 0x95, 0x5F, 0xF9, 0x1E, 0xA5, - 0x1E, 0x65, 0x5F, 0x75, 0x8D, 0x90, 0x2A, 0x0D, 0xB1, 0xAB, - 0x26, 0x16, 0x31, 0xB2, 0x06, 0x64, 0x6F, 0x2B, 0x7E, 0x4A, - 0xF4, 0xDE, 0xE9, 0x7A, 0xEC, 0x67, 0x35, 0xF3, 0x40, 0x71, - 0x75, 0x37, 0xB3, 0xE1, 0x1D, 0xEF, 0x7D, 0xE2, 0x92, 0xEC, - 0xD5, 0xE5, 0xBB, 0x99, 0x79, 0x50, 0x11, 0xB2, 0x8A, 0x57, - 0x1B, 0x30, 0x2E, 0xB7, 0x16, 0x4C, 0xC8, 0xA6, 0x99, 0xB1, - 0x01, 0x34, 0x08, 0x9D, 0xD8, 0xDF, 0xAF + 0x30, 0x82, 0x06, 0x1D, 0x30, 0x82, 0x04, 0x85, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x7F, 0x8B, 0xFD, 0x1A, 0x02, + 0x4E, 0x04, 0x53, 0x8C, 0x0D, 0x42, 0xCC, 0x8D, 0xE9, 0xBC, + 0xDE, 0x23, 0x18, 0x35, 0x4B, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, + 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, + 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, 0x37, 0x32, 0x31, 0x19, + 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, + 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, + 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0xA2, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x8F, 0x00, 0x30, 0x82, + 0x01, 0x8A, 0x02, 0x82, 0x01, 0x81, 0x00, 0xAC, 0x39, 0x50, + 0x68, 0x8F, 0x78, 0xF8, 0x10, 0x9B, 0x68, 0x96, 0xD3, 0xE1, + 0x9C, 0x56, 0x68, 0x5A, 0x41, 0x62, 0xE3, 0xB3, 0x41, 0xB0, + 0x55, 0x80, 0x17, 0xB0, 0x88, 0x16, 0x9B, 0xE0, 0x97, 0x74, + 0x5F, 0x42, 0x79, 0x73, 0x42, 0xDF, 0x93, 0xF3, 0xAA, 0x9D, + 0xEE, 0x2D, 0x6F, 0xAA, 0xBC, 0x27, 0x90, 0x84, 0xC0, 0x5D, + 0xC7, 0xEC, 0x49, 0xEA, 0x5C, 0x66, 0x1D, 0x70, 0x9C, 0x53, + 0x5C, 0xBA, 0xA1, 0xB3, 0x58, 0xC9, 0x3E, 0x8E, 0x9B, 0x72, + 0x3D, 0x6E, 0x02, 0x02, 0x00, 0x9C, 0x65, 0x56, 0x82, 0xA3, + 0x22, 0xB4, 0x08, 0x5F, 0x2A, 0xEF, 0xDF, 0x9A, 0xD0, 0xE7, + 0x31, 0x59, 0x26, 0x5B, 0x0B, 0x1C, 0x63, 0x61, 0xFF, 0xD5, + 0x69, 0x32, 0x19, 0x06, 0x7E, 0x0F, 0x40, 0x3C, 0x7A, 0x1E, + 0xC8, 0xFC, 0x58, 0x6C, 0x64, 0xAE, 0x10, 0x3D, 0xA8, 0x23, + 0xFF, 0x8E, 0x1A, 0xCA, 0x6A, 0x82, 0xE2, 0xF9, 0x01, 0x64, + 0x2C, 0x97, 0xA0, 0x1A, 0x89, 0xA0, 0x74, 0xD3, 0xB6, 0x05, + 0x11, 0xF2, 0x62, 0x06, 0x48, 0x2A, 0xF7, 0x66, 0xCE, 0xC1, + 0x85, 0xE1, 0xD2, 0x27, 0xEA, 0xCA, 0x12, 0xA5, 0x91, 0x97, + 0x3E, 0xFC, 0x94, 0x06, 0x59, 0x51, 0xC0, 0xE7, 0x13, 0xB6, + 0x87, 0x7B, 0x5F, 0xD2, 0xC0, 0x56, 0x2F, 0x5E, 0x1D, 0x02, + 0xC3, 0x11, 0x2C, 0xDF, 0xF7, 0x01, 0xDA, 0xBD, 0x85, 0x54, + 0x35, 0x32, 0x5F, 0xC5, 0xC8, 0xF9, 0x7A, 0x9F, 0x89, 0xF7, + 0x03, 0x0E, 0x7E, 0x79, 0x5D, 0x04, 0x82, 0x35, 0x10, 0xFE, + 0x6D, 0x9B, 0xBF, 0xB8, 0xEE, 0xE2, 0x62, 0x87, 0x26, 0x5E, + 0x2F, 0x50, 0x2F, 0x78, 0x0C, 0xE8, 0x73, 0x4F, 0x88, 0x6A, + 0xD6, 0x26, 0xA4, 0xC9, 0xFC, 0xFA, 0x1E, 0x8A, 0xB0, 0xF4, + 0x32, 0xCF, 0x57, 0xCD, 0xA1, 0x58, 0x8A, 0x49, 0x0F, 0xBB, + 0xA9, 0x1D, 0x86, 0xAB, 0xB9, 0x8F, 0x8D, 0x57, 0x19, 0xB2, + 0x5A, 0x7E, 0xA4, 0xEA, 0xCC, 0xB7, 0x96, 0x7A, 0x3B, 0x38, + 0xCD, 0xDE, 0xE0, 0x61, 0xFC, 0xC9, 0x06, 0x8F, 0x93, 0x5A, + 0xCE, 0xAD, 0x2A, 0xE3, 0x2D, 0x3E, 0x39, 0x5D, 0x41, 0x83, + 0x01, 0x1F, 0x0F, 0xE1, 0x7F, 0x76, 0xC7, 0x28, 0xDA, 0x56, + 0xEF, 0xBF, 0xDC, 0x26, 0x35, 0x40, 0xBE, 0xAD, 0xC7, 0x38, + 0xAD, 0xA4, 0x06, 0xAC, 0xCA, 0xE8, 0x51, 0xEB, 0xC0, 0xF8, + 0x68, 0x02, 0x2C, 0x9B, 0xA1, 0x14, 0xBC, 0xF8, 0x61, 0x86, + 0xD7, 0x56, 0xD7, 0x73, 0xF4, 0xAB, 0xBB, 0x6A, 0x21, 0xD3, + 0x88, 0x22, 0xB4, 0xE7, 0x6F, 0x7F, 0x91, 0xE5, 0x0E, 0xC6, + 0x08, 0x49, 0xDE, 0xEA, 0x13, 0x58, 0x72, 0xA0, 0xAA, 0x3A, + 0xF9, 0x36, 0x03, 0x45, 0x57, 0x5E, 0x87, 0xD2, 0x73, 0x65, + 0xC4, 0x8C, 0xA3, 0xEE, 0xC9, 0xD6, 0x73, 0x7C, 0x96, 0x41, + 0x93, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, + 0x30, 0x82, 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x0E, 0x04, 0x16, 0x04, 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, + 0xB0, 0x20, 0x49, 0xBC, 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, + 0xD2, 0xD4, 0x0C, 0xA3, 0xA8, 0x30, 0x81, 0xDE, 0x06, 0x03, + 0x55, 0x1D, 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, + 0x14, 0x3D, 0xD1, 0x84, 0xC2, 0xAF, 0xB0, 0x20, 0x49, 0xBC, + 0x74, 0x87, 0x41, 0x38, 0xAB, 0xBA, 0xD2, 0xD4, 0x0C, 0xA3, + 0xA8, 0xA1, 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, + 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, + 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, + 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x33, 0x30, + 0x37, 0x32, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, + 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x33, 0x30, 0x37, 0x32, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, + 0x7F, 0x8B, 0xFD, 0x1A, 0x02, 0x4E, 0x04, 0x53, 0x8C, 0x0D, + 0x42, 0xCC, 0x8D, 0xE9, 0xBC, 0xDE, 0x23, 0x18, 0x35, 0x4B, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x81, 0x00, 0x43, 0xDC, 0xB3, 0x5C, 0x82, + 0xC4, 0x77, 0x4B, 0xE0, 0xD9, 0x2B, 0xBB, 0xC5, 0x4A, 0xCC, + 0x7A, 0x0B, 0x9C, 0xDA, 0x44, 0x5E, 0xC5, 0x42, 0xDC, 0xBC, + 0x6F, 0xFE, 0x75, 0xFC, 0x12, 0x18, 0x01, 0x61, 0x3C, 0x6D, + 0x5D, 0x30, 0x4D, 0x67, 0x24, 0x94, 0x3E, 0x4A, 0xD3, 0xDA, + 0xA8, 0xBA, 0xB7, 0xDB, 0x3C, 0xE9, 0xBD, 0xBF, 0x8F, 0xE8, + 0xBE, 0x81, 0x9A, 0xE4, 0xBF, 0x94, 0xA2, 0xAE, 0x4D, 0x3E, + 0x90, 0x45, 0x27, 0xF2, 0x22, 0xBB, 0x6A, 0x9B, 0x04, 0x91, + 0xDB, 0xFD, 0x61, 0x0C, 0xCA, 0x6D, 0xF1, 0x78, 0x94, 0x9E, + 0x57, 0xAB, 0x2E, 0xF6, 0x99, 0xDA, 0x9A, 0x55, 0xE7, 0x07, + 0x87, 0x01, 0x8C, 0x9A, 0x7C, 0x90, 0xAD, 0xF2, 0xBC, 0x2C, + 0x2F, 0x5A, 0xA3, 0xCC, 0xC9, 0xE2, 0xEC, 0x67, 0xA9, 0x1F, + 0xB7, 0x2C, 0x7B, 0xB5, 0xB4, 0xAE, 0x56, 0xF3, 0x86, 0xF3, + 0x21, 0x06, 0x71, 0x3C, 0x5F, 0x3C, 0x16, 0x44, 0x24, 0xF1, + 0xF7, 0xDD, 0x78, 0xC2, 0xFD, 0xB6, 0xEF, 0x90, 0xC1, 0xFD, + 0xB2, 0xA5, 0x57, 0x15, 0x04, 0xB6, 0x90, 0x3F, 0x53, 0xA8, + 0x4E, 0xE0, 0x49, 0x22, 0x09, 0x08, 0x35, 0xDA, 0xAF, 0x2C, + 0x8C, 0xD1, 0x4B, 0x28, 0x26, 0x9E, 0xD1, 0x03, 0x07, 0x28, + 0x95, 0xB6, 0x4B, 0xB1, 0x41, 0xF2, 0x94, 0x2F, 0x4C, 0x3B, + 0xB3, 0x0D, 0x94, 0x6B, 0xCC, 0x25, 0xFC, 0x5A, 0x47, 0x57, + 0xE5, 0x6D, 0xBD, 0x8E, 0x02, 0xE9, 0x19, 0x3F, 0xE4, 0x51, + 0x08, 0x5A, 0xC8, 0xFB, 0x6C, 0x01, 0xE0, 0x7D, 0x8A, 0x95, + 0x9E, 0x1B, 0xA6, 0xE1, 0x0E, 0xDA, 0x3C, 0x1E, 0x69, 0xF2, + 0x31, 0xC8, 0xF5, 0xAA, 0x72, 0xA4, 0xB5, 0x01, 0x5D, 0xFF, + 0xA4, 0x2B, 0x2D, 0x1C, 0x34, 0x72, 0x80, 0xA8, 0x73, 0x5F, + 0x98, 0xA6, 0x8D, 0x69, 0x2F, 0x5F, 0x7B, 0xE8, 0x7F, 0x91, + 0x87, 0x87, 0xC5, 0x61, 0xCD, 0xC7, 0xC3, 0x78, 0x0C, 0xAA, + 0x53, 0x3E, 0xFA, 0x5D, 0x8E, 0x2F, 0x05, 0x11, 0x36, 0xFB, + 0xC0, 0xB0, 0x87, 0xDF, 0x8A, 0xBE, 0x5B, 0xAD, 0x43, 0x4B, + 0x0F, 0x77, 0xEA, 0x69, 0xCD, 0xED, 0x31, 0xF7, 0x48, 0x96, + 0x09, 0xD7, 0x91, 0x64, 0x63, 0x88, 0x22, 0xE3, 0xB8, 0x2C, + 0x72, 0x98, 0x92, 0x34, 0x2A, 0x0A, 0xFE, 0x06, 0x47, 0xF6, + 0xAD, 0x25, 0x49, 0x12, 0x19, 0x1D, 0x4D, 0x6F, 0xE7, 0xAD, + 0x94, 0x08, 0x2B, 0x3B, 0x6A, 0xD2, 0xD7, 0x99, 0x5E, 0x2F, + 0x77, 0x11, 0x91, 0x46, 0x37, 0x7B, 0x5D, 0x54, 0x81, 0x3C, + 0x6E, 0x09, 0xDC, 0x95, 0x22, 0x88, 0x24, 0xDD, 0x84, 0xF7, + 0x89, 0x40, 0x76, 0x51, 0x52, 0x81, 0xC6, 0x41, 0x1F, 0xCE, + 0x66, 0x47, 0x54, 0x3F, 0xFD, 0x79, 0xF9, 0xAF, 0x16, 0x42, + 0xA2, 0x39, 0xC5, 0xA6, 0x3B, 0x6E, 0x00, 0x5D, 0x81 }; static const int sizeof_client_cert_der_3072 = sizeof(client_cert_der_3072); @@ -3087,187 +3102,189 @@ static const int sizeof_client_keypub_der_4096 = sizeof(client_keypub_der_4096); /* ./certs/4096/client-cert.der, 4096-bit */ static const unsigned char client_cert_der_4096[] = { - 0x30, 0x82, 0x07, 0x07, 0x30, 0x82, 0x04, 0xEF, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA0, 0x3E, 0xDB, 0xCF, - 0x97, 0x9A, 0x72, 0x8C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, - 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, - 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, - 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, - 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, - 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, - 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, - 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, - 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x32, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x32, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, - 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, - 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, - 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, - 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, - 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, - 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, - 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, - 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, - 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, - 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06, - 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, - 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02, - 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, 0xE4, - 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, 0xFC, - 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, 0x71, - 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, 0x13, - 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, 0xAF, - 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, 0x12, - 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, 0x74, - 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, 0x2E, - 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, 0xBE, - 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, 0xC5, - 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, 0xC1, - 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, 0x13, - 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, 0xD5, - 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, 0x05, - 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, 0x48, - 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, 0xCD, - 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, 0x3F, - 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, 0x18, - 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, 0xF4, - 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, 0xC2, - 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, 0x80, - 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, 0x51, - 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, 0x81, - 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, 0x8E, - 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, 0xAA, - 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, 0x8E, - 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, 0xFD, - 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, 0x8B, - 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, 0x9C, - 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, 0x88, - 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, 0x0B, - 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, 0x47, - 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, 0xB1, - 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, 0xD6, - 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, 0x85, - 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, 0x51, - 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, 0x94, - 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, 0x62, - 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, 0xE8, - 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, 0xC4, - 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, 0xBD, - 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, 0x9B, - 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, 0xEE, - 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, 0x44, - 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, 0x26, - 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, 0xB2, - 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, 0x7B, - 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, 0xAE, - 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, 0x17, - 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, 0xC9, - 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, 0x0E, - 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, 0x03, - 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x44, 0x30, 0x82, 0x01, - 0x40, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, - 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, - 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, - 0xA5, 0x6E, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x81, 0xCB, 0x30, 0x81, 0xC8, 0x80, 0x14, 0xFA, 0x54, - 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, 0xE7, - 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, 0x81, - 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, - 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, - 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, - 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, - 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, - 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, - 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xA0, 0x3E, - 0xDB, 0xCF, 0x97, 0x9A, 0x72, 0x8C, 0x30, 0x0C, 0x06, 0x03, - 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, - 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, - 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, - 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, - 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, - 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, - 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, - 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01, - 0x00, 0x17, 0xAB, 0x22, 0x61, 0x05, 0x6D, 0x3A, 0xC0, 0x0D, - 0x6B, 0xD9, 0x15, 0x82, 0x11, 0xCF, 0xE7, 0xF8, 0x65, 0xDA, - 0xC7, 0xEF, 0xDA, 0x0F, 0x50, 0x75, 0xBD, 0x55, 0xCF, 0x3D, - 0x50, 0xDD, 0xD4, 0x0D, 0x2C, 0x04, 0x48, 0xA8, 0x25, 0x3A, - 0xB9, 0xC4, 0xCE, 0x48, 0x7E, 0xB8, 0x63, 0xCD, 0xCD, 0xCE, - 0xBC, 0x50, 0x26, 0xDC, 0x6D, 0xC2, 0x1E, 0xD1, 0x71, 0x3A, - 0x2F, 0xDB, 0xE5, 0x03, 0x6B, 0x73, 0x55, 0x23, 0x70, 0x76, - 0x1E, 0x08, 0x2A, 0x92, 0x7B, 0xD6, 0x6A, 0xEF, 0x17, 0xA0, - 0xF3, 0x8C, 0xEA, 0xEB, 0xC4, 0x2E, 0xCB, 0xD4, 0xD9, 0xD5, - 0xAB, 0xF7, 0xE6, 0x8D, 0xEC, 0xD9, 0x97, 0xA1, 0x56, 0xA7, - 0x0B, 0x5D, 0xE5, 0x3F, 0x1F, 0x5E, 0x6A, 0x7A, 0xA4, 0x64, - 0xD7, 0xB2, 0x42, 0x1A, 0x1E, 0x49, 0x37, 0x93, 0xBC, 0xBE, - 0x13, 0xA8, 0xFB, 0xB1, 0x93, 0x7B, 0xA8, 0x2B, 0x49, 0x90, - 0x43, 0x84, 0x24, 0x60, 0x44, 0xFC, 0x32, 0x74, 0x85, 0x0E, - 0x1B, 0xF8, 0x3A, 0x92, 0x3D, 0xAA, 0x25, 0x1B, 0x9F, 0x97, - 0x31, 0x95, 0x97, 0xC5, 0x3D, 0x51, 0xDD, 0xB6, 0xD5, 0x4A, - 0x7E, 0x41, 0xB3, 0x90, 0x83, 0x7C, 0x98, 0xFA, 0xCB, 0x22, - 0x33, 0xA5, 0xF4, 0x32, 0x74, 0xBD, 0x3E, 0xB1, 0x3B, 0x34, - 0xF9, 0xC3, 0x3F, 0xBE, 0xDB, 0x0E, 0xD9, 0x2F, 0x1A, 0xF9, - 0xD2, 0x4F, 0x14, 0x53, 0x63, 0xF2, 0x21, 0xA3, 0xE9, 0xC3, - 0xAD, 0x04, 0x6E, 0xE7, 0xAD, 0x1F, 0x6B, 0xCE, 0x4E, 0x35, - 0x4A, 0x61, 0x84, 0xB9, 0x61, 0x65, 0x1D, 0xA2, 0xD7, 0xA1, - 0xE6, 0x74, 0x08, 0x15, 0x38, 0x75, 0xB0, 0x23, 0x70, 0x22, - 0x15, 0x59, 0x2C, 0x48, 0xF0, 0xDA, 0x9A, 0x99, 0xD4, 0x2B, - 0x83, 0xDF, 0x9A, 0x93, 0x78, 0x45, 0xB9, 0x84, 0x5C, 0x7E, - 0x71, 0x90, 0xDA, 0x56, 0x1C, 0x9F, 0x57, 0xED, 0x76, 0xF7, - 0x17, 0xE5, 0xD2, 0x01, 0x90, 0x99, 0x5F, 0x4C, 0x07, 0x49, - 0x07, 0x82, 0x75, 0x92, 0x44, 0x7A, 0xFE, 0x9B, 0xA7, 0x4D, - 0xEC, 0xC8, 0xDC, 0x46, 0x67, 0x28, 0x04, 0x8B, 0x08, 0x17, - 0x94, 0x13, 0xE9, 0xA0, 0xD2, 0xB2, 0x26, 0x56, 0x27, 0x60, - 0x94, 0x5A, 0x50, 0x5C, 0xCF, 0x34, 0x4D, 0x3F, 0x35, 0xE7, - 0x12, 0x5D, 0xC5, 0x32, 0x00, 0x2F, 0xE0, 0x1D, 0x09, 0xE5, - 0x36, 0x8D, 0x77, 0x93, 0xF6, 0xE5, 0x62, 0xB4, 0xA3, 0x9B, - 0xC6, 0x7C, 0xE6, 0x3D, 0xD5, 0x38, 0x33, 0x5F, 0x23, 0x5B, - 0x81, 0x2E, 0x24, 0x26, 0x9E, 0x98, 0xA8, 0xAF, 0x04, 0x3D, - 0x65, 0x3F, 0x71, 0x88, 0x48, 0x44, 0x5C, 0x1A, 0x11, 0x0E, - 0x1B, 0xE1, 0x81, 0xB1, 0xB6, 0x66, 0xE6, 0x3C, 0x13, 0x67, - 0xD6, 0x6B, 0xA3, 0xF3, 0xB7, 0xF6, 0x9F, 0x14, 0xA6, 0x87, - 0x7F, 0x2B, 0x14, 0x31, 0x22, 0x7A, 0xF5, 0x0D, 0x44, 0xE6, - 0xA3, 0x1A, 0xD6, 0xD2, 0xDC, 0x88, 0x71, 0x37, 0x28, 0x11, - 0x6C, 0xEF, 0x95, 0xAB, 0x1D, 0xC5, 0xC3, 0x9A, 0xEF, 0x1A, - 0x54, 0x11, 0x92, 0x8E, 0x89, 0x43, 0x03, 0x26, 0xD0, 0xE9, - 0x63, 0x33, 0xFE, 0x79, 0x4C, 0xA6, 0x6F, 0xC4, 0x58, 0x58, - 0x2E, 0xB6, 0xAB, 0x57, 0xA0, 0x39, 0x4D, 0xFF, 0x88, 0xC0, - 0x23, 0x2C, 0x3B, 0xE3, 0x9A, 0xDF, 0x48, 0xD3, 0x17, 0x45, - 0x5D, 0x36, 0x4E, 0x00, 0x58, 0x72, 0xC3, 0xEF, 0xE7, 0x76, - 0x0B, 0xF8, 0x19, 0xA8, 0x5F, 0xF6, 0x53, 0x98, 0x49, 0x2B, - 0x52, 0xB5, 0x8E, 0xA5, 0xD8, 0x73, 0x6E, 0x3C, 0x23, 0x23, - 0x06, 0x86, 0x25, 0x6B, 0x0D, 0x3B, 0xF2, 0x9A, 0x17, 0x33, - 0xA4, 0x4E, 0xF5, 0x6B, 0xDE, 0xB3, 0x64, 0x20, 0x58, 0xC6, - 0x6D, 0x22, 0xA9, 0xAE, 0xF4, 0x09, 0x9D, 0x0D, 0x6E, 0x9F, - 0x96, 0x2A, 0x9E + 0x30, 0x82, 0x07, 0x1D, 0x30, 0x82, 0x05, 0x05, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x07, 0x91, 0x84, 0x28, 0x88, + 0x1F, 0x29, 0xD0, 0x53, 0xFD, 0xED, 0x42, 0x1F, 0xCF, 0x88, + 0x4C, 0x15, 0xD1, 0xF1, 0xA4, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, + 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, + 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, + 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, + 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, + 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, + 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, + 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, + 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, + 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, + 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, + 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, + 0x02, 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, + 0xE4, 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, + 0xFC, 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, + 0x71, 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, + 0x13, 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, + 0xAF, 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, + 0x12, 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, + 0x74, 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, + 0x2E, 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, + 0xBE, 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, + 0xC5, 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, + 0xC1, 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, + 0x13, 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, + 0xD5, 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, + 0x05, 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, + 0x48, 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, + 0xCD, 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, + 0x3F, 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, + 0x18, 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, + 0xF4, 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, + 0xC2, 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, + 0x80, 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, + 0x51, 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, + 0x81, 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, + 0x8E, 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, + 0xAA, 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, + 0x8E, 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, + 0xFD, 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, + 0x8B, 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, + 0x9C, 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, + 0x88, 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, + 0x0B, 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, + 0x47, 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, + 0xB1, 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, + 0xD6, 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, + 0x85, 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, + 0x51, 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, + 0x94, 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, + 0x62, 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, + 0xE8, 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, + 0xC4, 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, + 0xBD, 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, + 0x9B, 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, + 0xEE, 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, + 0x44, 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, + 0x26, 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, + 0xB2, 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, + 0x7B, 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, + 0xAE, 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, + 0x17, 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, + 0xC9, 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, + 0x0E, 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, + 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82, + 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, + 0x16, 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, + 0x31, 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, + 0x16, 0xA5, 0x6E, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D, + 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0xFA, + 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, + 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, + 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, + 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, + 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, + 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, + 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, + 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, + 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, + 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, + 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x07, 0x91, + 0x84, 0x28, 0x88, 0x1F, 0x29, 0xD0, 0x53, 0xFD, 0xED, 0x42, + 0x1F, 0xCF, 0x88, 0x4C, 0x15, 0xD1, 0xF1, 0xA4, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, + 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, + 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, + 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, + 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, + 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, + 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, + 0x02, 0x01, 0x00, 0x97, 0x3A, 0x5C, 0x65, 0x88, 0xD6, 0xBD, + 0xD6, 0x80, 0x4A, 0xA3, 0xA4, 0x13, 0x99, 0xD8, 0x7F, 0xDB, + 0x6D, 0x68, 0xF6, 0x32, 0xC8, 0xEF, 0x7A, 0x70, 0xDB, 0x1B, + 0xC2, 0x11, 0x7A, 0x21, 0x2B, 0xE4, 0xDF, 0x1E, 0x78, 0x08, + 0x0B, 0x51, 0x6D, 0x0C, 0xC4, 0xCC, 0xA8, 0xE6, 0xAD, 0xEE, + 0x7D, 0x67, 0x6B, 0xCE, 0x74, 0x3A, 0x90, 0x4C, 0xC0, 0x33, + 0x18, 0xC4, 0xB4, 0xEF, 0x27, 0xAA, 0x73, 0xE3, 0x92, 0xD7, + 0xF5, 0x31, 0x6F, 0x6B, 0x62, 0x57, 0x22, 0xE2, 0x69, 0x05, + 0x0F, 0xC0, 0x99, 0x8E, 0xC2, 0xFF, 0xBE, 0x99, 0xBF, 0x05, + 0x93, 0x05, 0x0B, 0x19, 0x8D, 0x0D, 0xBA, 0x92, 0xC9, 0xDD, + 0x68, 0x1F, 0x3E, 0xE2, 0x24, 0xB7, 0x34, 0x13, 0x32, 0x0B, + 0x92, 0xDD, 0x85, 0xA1, 0xFC, 0x38, 0x89, 0x03, 0x4D, 0x96, + 0x4D, 0xBF, 0x1F, 0xA2, 0x7B, 0xB1, 0x9F, 0x4C, 0xDE, 0xA2, + 0x7C, 0xE3, 0x1D, 0x33, 0x05, 0xEA, 0xF0, 0x91, 0x5E, 0xE5, + 0x90, 0xCD, 0x62, 0x06, 0xB0, 0x98, 0x73, 0xF4, 0x74, 0xBC, + 0xF7, 0x1D, 0x10, 0x43, 0x6D, 0xD0, 0x85, 0xC8, 0x15, 0xCA, + 0x43, 0x6A, 0xDF, 0xDE, 0xBC, 0xFA, 0x3C, 0xE7, 0x03, 0x6E, + 0xD4, 0xAA, 0x46, 0xDB, 0xFE, 0x18, 0x1B, 0xD0, 0xCA, 0x94, + 0x7E, 0x7A, 0xE4, 0xD4, 0x21, 0xC4, 0x15, 0x27, 0xB9, 0x46, + 0x7B, 0x1F, 0xB6, 0xCD, 0x03, 0xAE, 0x8D, 0xA3, 0xCF, 0x14, + 0xDF, 0x54, 0x4F, 0x4A, 0xF6, 0x58, 0x4E, 0xB1, 0xBF, 0x5E, + 0xD6, 0x7C, 0x21, 0x73, 0xC9, 0x4E, 0xC9, 0x0D, 0x0F, 0xB8, + 0xD1, 0xA1, 0x80, 0x9E, 0xE6, 0xF3, 0x4B, 0x8E, 0xCB, 0xB7, + 0xBB, 0x19, 0x5D, 0xF6, 0x16, 0x67, 0x5E, 0x01, 0x97, 0x17, + 0x59, 0x71, 0x59, 0xCA, 0xEB, 0x3B, 0xEA, 0x70, 0x8E, 0x8F, + 0x58, 0x1F, 0x5C, 0xD0, 0xAC, 0x12, 0xB5, 0xE4, 0xDE, 0xF6, + 0xB0, 0x7F, 0xE7, 0x86, 0xFC, 0xAB, 0xD0, 0x78, 0x6C, 0xE6, + 0xBA, 0xF4, 0xFA, 0x7F, 0x42, 0xCD, 0x4E, 0x7F, 0x43, 0xED, + 0x39, 0xB7, 0x50, 0x1B, 0x34, 0x39, 0xC6, 0x30, 0xBC, 0xD7, + 0x7E, 0x5C, 0x59, 0xBA, 0x6B, 0x7A, 0x90, 0x49, 0xA0, 0xDE, + 0xF8, 0x43, 0x00, 0x82, 0x6D, 0x6B, 0x82, 0x01, 0x06, 0x01, + 0xB0, 0x04, 0x49, 0xFE, 0xBD, 0x8B, 0x2D, 0xC6, 0x10, 0x9F, + 0xD3, 0xFB, 0x1D, 0x56, 0x3A, 0xBF, 0x28, 0xA2, 0xA5, 0xBD, + 0xC7, 0x6B, 0xA7, 0x0C, 0x01, 0xBF, 0x18, 0x4E, 0x75, 0x77, + 0x49, 0x86, 0xAC, 0x44, 0x16, 0x2F, 0x9E, 0xFA, 0xE6, 0x4E, + 0xF5, 0x81, 0x00, 0xE7, 0xE9, 0x49, 0x6D, 0xEE, 0x1E, 0xC2, + 0x0C, 0x91, 0x3E, 0xFC, 0x14, 0x07, 0xCD, 0xDE, 0x08, 0xDC, + 0xCB, 0x9A, 0x3C, 0x2C, 0x9A, 0x3E, 0x32, 0x03, 0xBA, 0x1E, + 0x42, 0x17, 0x3B, 0x63, 0x8C, 0xCE, 0xDA, 0xFD, 0x6C, 0xD5, + 0x55, 0x3A, 0x28, 0xA5, 0x35, 0x1D, 0x5F, 0x41, 0xF8, 0x1C, + 0xFD, 0xF5, 0x73, 0xA1, 0x24, 0xC5, 0xA9, 0x40, 0xAB, 0xAE, + 0xD0, 0x4B, 0xD3, 0xD3, 0xB1, 0x23, 0x64, 0x2B, 0x64, 0xBE, + 0xC4, 0x3B, 0x39, 0xDC, 0x46, 0xD6, 0xF4, 0x9F, 0xF9, 0x4A, + 0x74, 0xA1, 0x14, 0x58, 0x8E, 0xD7, 0x8F, 0x04, 0xE5, 0xCD, + 0xFB, 0x35, 0xA2, 0x16, 0x86, 0xED, 0x95, 0xEA, 0x7A, 0xF5, + 0xB5, 0x0F, 0x9B, 0xBD, 0x0C, 0xDC, 0x61, 0x4A, 0xA0, 0xD3, + 0xCF, 0x51, 0xF5, 0xBE, 0xFD, 0x3B, 0xE7, 0x66, 0x41, 0x37, + 0x6C, 0x89, 0xD1, 0x40, 0xE0, 0x2F, 0x65, 0xB6, 0x03, 0xA1, + 0xA9, 0x57, 0x4C, 0x9F, 0x93, 0x95, 0x95, 0x97, 0xCA, 0x4F, + 0x5A, 0x71, 0x92, 0x98, 0x5C, 0x39, 0xED, 0x24, 0xAC, 0x35, + 0xCA, 0x51, 0xB7, 0x32, 0x74, 0x1E, 0xF9, 0x83, 0xE8, 0x6B, + 0x4E, 0xBE, 0xD4, 0x75, 0x85 }; static const int sizeof_client_cert_der_4096 = sizeof(client_cert_der_4096); @@ -4022,91 +4039,93 @@ static const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256); /* ./certs/client-ecc-cert.der, ECC */ static const unsigned char cliecc_cert_der_256[] = { - 0x30, 0x82, 0x03, 0x49, 0x30, 0x82, 0x02, 0xEE, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE7, 0x4A, 0x4F, 0xE5, - 0x56, 0x97, 0xCA, 0xC3, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, - 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, - 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, - 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, - 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, - 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, - 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x30, 0x82, 0x03, 0x5E, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x3E, 0x8D, 0x40, 0xA1, 0x0B, + 0xE2, 0x5F, 0xD9, 0x7F, 0xB1, 0xF3, 0xAE, 0x73, 0x40, 0x92, + 0xC1, 0xD8, 0xAA, 0xF0, 0x65, 0x30, 0x0A, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, + 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, + 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, + 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, + 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x35, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, + 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, + 0x65, 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, + 0x45, 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, + 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, + 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, + 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, + 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, + 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, + 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, + 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, + 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, + 0x01, 0x3E, 0x30, 0x82, 0x01, 0x3A, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, + 0x59, 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, + 0x89, 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xCD, + 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC5, 0x30, 0x81, + 0xC2, 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, + 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, + 0x5C, 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, + 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, + 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, + 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, + 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, + 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, + 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x33, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, - 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, - 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, - 0x03, 0x55, 0x04, 0x07, 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, - 0x6D, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, - 0x43, 0x43, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, - 0x0B, 0x0C, 0x04, 0x46, 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, - 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, - 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, - 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4, 0x0F, 0x44, 0x50, 0x9A, - 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5, 0x4D, 0xF5, 0x70, 0x7B, - 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80, 0xEC, 0x5A, 0x4C, 0xA2, - 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA, 0xEF, 0xA2, 0x35, 0x12, - 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56, 0x95, 0x06, 0xCC, 0x01, - 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42, 0xF7, 0xBD, 0xA9, 0xB2, - 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F, 0xB4, 0xA3, 0x82, 0x01, - 0x33, 0x30, 0x82, 0x01, 0x2F, 0x30, 0x1D, 0x06, 0x03, 0x55, - 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xEB, 0xD4, 0x4B, 0x59, - 0x6B, 0x95, 0x61, 0x3F, 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, - 0x41, 0x88, 0x44, 0x5C, 0xAB, 0xF2, 0x30, 0x81, 0xC2, 0x06, - 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xBA, 0x30, 0x81, 0xB7, - 0x80, 0x14, 0xEB, 0xD4, 0x4B, 0x59, 0x6B, 0x95, 0x61, 0x3F, - 0x51, 0x57, 0xB6, 0x04, 0x4D, 0x89, 0x41, 0x88, 0x44, 0x5C, - 0xAB, 0xF2, 0xA1, 0x81, 0x93, 0xA4, 0x81, 0x90, 0x30, 0x81, - 0x8D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, - 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, - 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, - 0x6E, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x07, - 0x0C, 0x05, 0x53, 0x61, 0x6C, 0x65, 0x6D, 0x31, 0x13, 0x30, - 0x11, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0A, 0x43, 0x6C, - 0x69, 0x65, 0x6E, 0x74, 0x20, 0x45, 0x43, 0x43, 0x31, 0x0D, - 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x04, 0x46, - 0x61, 0x73, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, - 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, - 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xE7, 0x4A, 0x4F, 0xE5, 0x56, - 0x97, 0xCA, 0xC3, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, - 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, - 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, - 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, - 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, - 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, - 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, - 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xE3, 0xBB, - 0xCA, 0x0E, 0x31, 0x2D, 0x39, 0x1D, 0x94, 0x25, 0x81, 0x90, - 0xD5, 0x11, 0xF9, 0x09, 0x6D, 0x58, 0x16, 0x23, 0xBE, 0x9F, - 0xA9, 0x18, 0x64, 0x83, 0x3C, 0x25, 0x03, 0x58, 0x58, 0x39, - 0x02, 0x21, 0x00, 0xA4, 0xAA, 0xB3, 0xF0, 0x09, 0xC9, 0x0C, - 0x2F, 0xF7, 0xB1, 0xD4, 0x8E, 0x9F, 0xA6, 0xB6, 0xAB, 0x1A, - 0xC7, 0x37, 0xED, 0x70, 0x4D, 0x34, 0x04, 0xA0, 0x9B, 0x3D, - 0x84, 0x86, 0x10, 0xA0, 0xF0 + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x3E, 0x8D, 0x40, 0xA1, 0x0B, + 0xE2, 0x5F, 0xD9, 0x7F, 0xB1, 0xF3, 0xAE, 0x73, 0x40, 0x92, + 0xC1, 0xD8, 0xAA, 0xF0, 0x65, 0x30, 0x0C, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, + 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, + 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, + 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, + 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, + 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, + 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, + 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, + 0xDD, 0xA7, 0xDD, 0x14, 0xAC, 0x16, 0x24, 0x2F, 0x39, 0x34, + 0x83, 0xA2, 0x28, 0xE8, 0xBA, 0x73, 0x2A, 0x24, 0xD3, 0x56, + 0xCF, 0x3D, 0x3B, 0xC9, 0x46, 0x91, 0x4E, 0x72, 0x6C, 0x62, + 0x9A, 0xC7, 0x02, 0x20, 0x5F, 0x02, 0xF5, 0xA4, 0xD1, 0xF1, + 0xF8, 0x9C, 0x03, 0x8E, 0xFE, 0xC5, 0x4E, 0xDC, 0xD5, 0xB0, + 0xF9, 0xEB, 0xAD, 0x44, 0x0F, 0x26, 0x35, 0x93, 0x0E, 0xA3, + 0x76, 0xEC, 0xE0, 0xA6, 0x8B, 0xFF }; static const int sizeof_cliecc_cert_der_256 = sizeof(cliecc_cert_der_256); @@ -4148,100 +4167,103 @@ static const int sizeof_ecc_key_pub_der_256 = sizeof(ecc_key_pub_der_256); /* ./certs/server-ecc-comp.der, ECC */ static const unsigned char serv_ecc_comp_der_256[] = { - 0x30, 0x82, 0x03, 0x61, 0x30, 0x82, 0x03, 0x07, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE5, 0xB6, 0x66, 0xE0, - 0x08, 0x96, 0xC5, 0x95, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, - 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, - 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, - 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, - 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, - 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, - 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, - 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, - 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, - 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, - 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, - 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, - 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, - 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, 0x33, - 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, - 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, - 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, - 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, - 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, - 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, - 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, - 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, - 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, - 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, - 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, - 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, - 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, 0x07, - 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, - 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, 0x00, - 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, - 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, - 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, - 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x46, 0x30, 0x82, 0x01, - 0x42, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, - 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, - 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, - 0x5A, 0x18, 0x30, 0x81, 0xD5, 0x06, 0x03, 0x55, 0x1D, 0x23, - 0x04, 0x81, 0xCD, 0x30, 0x81, 0xCA, 0x80, 0x14, 0x8C, 0x38, - 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, 0xAC, - 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, 0x81, - 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, - 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, - 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, - 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, - 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, - 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, - 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, - 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, - 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, - 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, - 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, - 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, - 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, - 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, - 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, - 0xE5, 0xB6, 0x66, 0xE0, 0x08, 0x96, 0xC5, 0x95, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, - 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, - 0x02, 0x21, 0x00, 0xAE, 0x80, 0xD7, 0xF5, 0x4D, 0x76, 0x79, - 0x5C, 0x01, 0x14, 0x8B, 0xFD, 0x80, 0x79, 0xFB, 0x9B, 0xFE, - 0x8F, 0x0D, 0x9C, 0xC3, 0x7C, 0xE6, 0x80, 0x4C, 0xA6, 0x54, - 0x16, 0x3F, 0xED, 0x1D, 0x5E, 0x02, 0x20, 0x09, 0x61, 0x2D, - 0x84, 0xE9, 0x04, 0x4F, 0x79, 0x0E, 0xE7, 0xF0, 0xCC, 0x52, - 0xD3, 0x2F, 0xE0, 0x89, 0xCF, 0xBE, 0x9B, 0x9F, 0x86, 0x23, - 0x2F, 0xE4, 0xCB, 0x43, 0x16, 0xBB, 0x09, 0x8D, 0x87 + 0x30, 0x82, 0x03, 0x78, 0x30, 0x82, 0x03, 0x1D, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x29, 0x74, 0x77, 0xEE, 0x40, + 0xF1, 0x03, 0xBC, 0xB3, 0xD0, 0xB6, 0x01, 0x1D, 0xF5, 0x56, + 0x4A, 0xC5, 0xCC, 0x7B, 0x04, 0x30, 0x0A, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, + 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, + 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, + 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, + 0x20, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, + 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, 0x30, + 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, 0x0D, 0x32, + 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, 0x32, + 0x35, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, 0x6C, 0x69, 0x70, + 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, 0x6F, 0x6D, 0x70, + 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x45, 0x43, + 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x39, 0x30, 0x13, 0x06, + 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, + 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, 0x22, + 0x00, 0x02, 0xBB, 0x33, 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, + 0x4A, 0xA5, 0x04, 0xC3, 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, + 0x2D, 0xCE, 0x94, 0xEA, 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, + 0x2C, 0x16, 0xE8, 0x61, 0xA3, 0x82, 0x01, 0x51, 0x30, 0x82, + 0x01, 0x4D, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, + 0x16, 0x04, 0x14, 0x8C, 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, + 0xDF, 0x6E, 0xF4, 0x59, 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, + 0xA6, 0x5A, 0x18, 0x30, 0x81, 0xE0, 0x06, 0x03, 0x55, 0x1D, + 0x23, 0x04, 0x81, 0xD8, 0x30, 0x81, 0xD5, 0x80, 0x14, 0x8C, + 0x38, 0x3A, 0x6B, 0xB8, 0x24, 0xB7, 0xDF, 0x6E, 0xF4, 0x59, + 0xAC, 0x56, 0x4E, 0xAA, 0xE2, 0x58, 0xA6, 0x5A, 0x18, 0xA1, + 0x81, 0xA6, 0xA4, 0x81, 0xA3, 0x30, 0x81, 0xA0, 0x31, 0x0B, + 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, + 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, + 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, + 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, + 0x16, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x45, 0x6C, + 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x20, 0x2D, 0x20, 0x63, + 0x6F, 0x6D, 0x70, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0F, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x20, 0x45, 0x43, 0x43, 0x2D, 0x63, 0x6F, 0x6D, 0x70, 0x31, + 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, + 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, + 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, + 0x29, 0x74, 0x77, 0xEE, 0x40, 0xF1, 0x03, 0xBC, 0xB3, 0xD0, + 0xB6, 0x01, 0x1D, 0xF5, 0x56, 0x4A, 0xC5, 0xCC, 0x7B, 0x04, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, + 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, + 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, + 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, + 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, + 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, + 0x30, 0x46, 0x02, 0x21, 0x00, 0xED, 0x07, 0x48, 0xD5, 0x31, + 0xE3, 0x1F, 0x80, 0x6A, 0xCE, 0xA9, 0xAA, 0x6D, 0xAC, 0xA3, + 0xF9, 0xD4, 0x46, 0xB8, 0x3E, 0x19, 0x5E, 0x11, 0xD7, 0x21, + 0x8F, 0xDC, 0x25, 0xDD, 0x6A, 0x7B, 0x58, 0x02, 0x21, 0x00, + 0x84, 0x53, 0xE6, 0xF0, 0x18, 0x0A, 0x84, 0x29, 0xD2, 0xAD, + 0x34, 0xB2, 0x7C, 0x0B, 0x90, 0x33, 0xFB, 0xB0, 0x41, 0x51, + 0x69, 0xCC, 0x08, 0x97, 0xA2, 0x38, 0xF8, 0x21, 0x31, 0x32, + 0xC6, 0xC1 }; static const int sizeof_serv_ecc_comp_der_256 = sizeof(serv_ecc_comp_der_256); /* ./certs/server-ecc-rsa.der, ECC */ static const unsigned char serv_ecc_rsa_der_256[] = { - 0x30, 0x82, 0x04, 0x1F, 0x30, 0x82, 0x03, 0x07, 0xA0, 0x03, + 0x30, 0x82, 0x04, 0x2A, 0x30, 0x82, 0x03, 0x12, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, @@ -4259,10 +4281,10 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, - 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, - 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, + 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, + 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, + 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, @@ -4287,12 +4309,12 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x16, 0xE8, 0x61, 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, - 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x82, 0x01, 0x3A, 0x30, - 0x82, 0x01, 0x36, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x0B, 0x80, 0x34, 0x89, 0xD8, 0xA3, 0x82, 0x01, 0x45, 0x30, + 0x82, 0x01, 0x41, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D, 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B, 0x4A, 0x25, 0x02, 0x23, - 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, - 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x81, 0xD4, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xCC, 0x30, 0x81, 0xC9, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, @@ -4310,50 +4332,52 @@ static const unsigned char serv_ecc_rsa_der_256[] = 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, - 0xAA, 0xD3, 0x3F, 0xAC, 0x18, 0x0A, 0x37, 0x4D, 0x30, 0x0C, - 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, - 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, - 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, - 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, - 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, - 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, - 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, - 0x01, 0x01, 0x00, 0x4B, 0xCD, 0xC5, 0x8F, 0xFC, 0xBB, 0xC3, - 0x36, 0xC5, 0xD4, 0x4D, 0x71, 0x04, 0x13, 0x53, 0xA0, 0x3C, - 0xA3, 0x4E, 0x2A, 0xDD, 0x0D, 0xD3, 0xA7, 0x62, 0x31, 0x0D, - 0xC6, 0x32, 0x07, 0x31, 0xD4, 0x6B, 0x0F, 0x8B, 0x55, 0xA2, - 0x2F, 0x2C, 0xB3, 0xAE, 0x46, 0x91, 0x8A, 0x09, 0xBE, 0x7E, - 0xFF, 0xE2, 0x67, 0x46, 0xF2, 0x7E, 0xD4, 0x6F, 0xBE, 0x5D, - 0x57, 0x42, 0xFD, 0x3A, 0x56, 0xB0, 0xE8, 0x0E, 0x4D, 0x12, - 0xFD, 0xF5, 0x00, 0xCA, 0x6F, 0xBD, 0x88, 0x0C, 0x04, 0x47, - 0x1A, 0xEC, 0x5D, 0x96, 0x3F, 0xB6, 0xA5, 0x8B, 0x9D, 0x47, - 0xA6, 0x4F, 0x82, 0x07, 0x33, 0x9D, 0x11, 0x0A, 0x3D, 0x38, - 0x1D, 0x21, 0x4F, 0xD4, 0x1E, 0x1D, 0xA6, 0xD7, 0x6B, 0x72, - 0x1C, 0x51, 0xE1, 0x7A, 0x7A, 0x6C, 0x76, 0x2C, 0x98, 0x14, - 0x48, 0xFD, 0xF1, 0xD1, 0x7C, 0x53, 0x86, 0xED, 0x8C, 0x5F, - 0x4F, 0x0F, 0x27, 0x5D, 0x45, 0xBE, 0xED, 0x26, 0x90, 0xD2, - 0x51, 0x04, 0x4D, 0x06, 0x5B, 0x64, 0x1C, 0x5E, 0x31, 0x63, - 0xCC, 0xD4, 0xD5, 0x0B, 0x28, 0xCC, 0xE2, 0x29, 0x40, 0x75, - 0x87, 0x21, 0x64, 0x8E, 0x8B, 0x87, 0xEF, 0x90, 0xBB, 0x46, - 0x91, 0x91, 0xF9, 0x63, 0xF8, 0xB0, 0xA7, 0x5E, 0x8D, 0xE8, - 0x20, 0xC6, 0xB7, 0x5A, 0xD9, 0x0E, 0x35, 0xFB, 0xBA, 0xD1, - 0x09, 0xD1, 0x98, 0xA6, 0x61, 0x25, 0xE2, 0x0D, 0x97, 0xC4, - 0x1B, 0x0F, 0xBC, 0xB6, 0xEC, 0xE7, 0x96, 0x80, 0xB8, 0xE5, - 0x55, 0x03, 0x1E, 0x7F, 0xB5, 0xFD, 0x40, 0x06, 0xCC, 0xAA, - 0x7B, 0xF0, 0xB3, 0x81, 0x2E, 0xE1, 0x4E, 0x3A, 0x52, 0xE3, - 0xF3, 0xC4, 0xD3, 0x8C, 0x78, 0x49, 0x00, 0x3A, 0x57, 0xDF, - 0x0E, 0xAA, 0x2F, 0x14, 0x52, 0x3F, 0xC8, 0xFA, 0x82, 0xB9, - 0xBF, 0x27, 0xF8, 0x9C, 0x42, 0xB7, 0x44, 0x36, 0x68 + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x7D, + 0x94, 0x70, 0x88, 0xBA, 0x07, 0x42, 0x8D, 0xAA, 0xAF, 0x4F, + 0xBE, 0xC2, 0x1A, 0x48, 0xF0, 0xD1, 0x40, 0xE6, 0x42, 0x30, + 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, + 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, + 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, + 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, + 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, + 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, + 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, + 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, + 0x82, 0x01, 0x01, 0x00, 0xB3, 0xBC, 0x8C, 0xF8, 0x0F, 0x8F, + 0x63, 0x4E, 0xCD, 0x73, 0x62, 0xFE, 0x46, 0xE9, 0xFD, 0xDE, + 0x74, 0xB8, 0x74, 0xE2, 0x9C, 0xAF, 0xF1, 0xB5, 0xCE, 0x48, + 0xD0, 0xC6, 0x56, 0xE9, 0xFE, 0x38, 0xA5, 0x91, 0x23, 0xC0, + 0x5F, 0xF1, 0x5D, 0xE4, 0xFD, 0x6D, 0xB3, 0x87, 0xF3, 0x7E, + 0xFC, 0xE0, 0xC3, 0x8B, 0xFF, 0x94, 0xFB, 0xF8, 0x43, 0x09, + 0xF6, 0x71, 0x34, 0xBB, 0xCC, 0xBA, 0x43, 0x54, 0x8C, 0x4E, + 0x69, 0xB2, 0x75, 0xE1, 0xA2, 0xD0, 0xB7, 0xB0, 0xCB, 0x2B, + 0xED, 0x0F, 0x9C, 0xD4, 0xE6, 0xCB, 0x03, 0x37, 0xB4, 0x86, + 0x92, 0x4C, 0x8C, 0xFC, 0x30, 0x5C, 0x71, 0xE0, 0x3C, 0x58, + 0x44, 0x25, 0xFA, 0x3A, 0x04, 0x08, 0x4E, 0x27, 0x14, 0xD7, + 0x5B, 0xAA, 0x75, 0xE7, 0x2B, 0x13, 0x1A, 0x2C, 0x60, 0x9F, + 0xAD, 0x43, 0xE0, 0x48, 0x5D, 0x02, 0x88, 0x84, 0xA6, 0x72, + 0x36, 0x56, 0xA5, 0x1E, 0x82, 0x8C, 0xF2, 0x75, 0xFD, 0x7C, + 0x8E, 0xAF, 0x92, 0x44, 0x9F, 0x78, 0x3E, 0xA1, 0xDC, 0xEA, + 0x7D, 0x19, 0xEF, 0x08, 0xB4, 0x28, 0x5B, 0x76, 0xD4, 0x90, + 0x73, 0xA7, 0xE9, 0xBA, 0x41, 0xBD, 0x44, 0xFC, 0xA6, 0xD9, + 0x33, 0x06, 0x15, 0xF8, 0x2C, 0x8F, 0xCA, 0x2B, 0xFA, 0x21, + 0xBD, 0x4A, 0x4C, 0xA6, 0x9F, 0x4E, 0x5B, 0x97, 0xBD, 0x97, + 0xCF, 0xD7, 0x74, 0xA6, 0x42, 0xAC, 0xC0, 0x4F, 0xF4, 0x92, + 0x2A, 0xB8, 0xA6, 0x26, 0x8E, 0xFE, 0x32, 0x4B, 0x4D, 0xFC, + 0x37, 0x84, 0xD8, 0x1B, 0x7C, 0x0B, 0xAC, 0xEC, 0x5C, 0x96, + 0x12, 0x02, 0xD4, 0x4C, 0x3B, 0xF0, 0xEA, 0x4C, 0x5A, 0xCE, + 0x3D, 0x57, 0xE5, 0xE6, 0x8A, 0xB5, 0x82, 0xB7, 0x9F, 0xF8, + 0xCB, 0x20, 0xFB, 0xDB, 0x98, 0x04, 0x91, 0x30, 0xE2, 0x57, + 0xCB, 0x22, 0xF3, 0x07, 0xFD, 0x43, 0x07, 0xC7, 0x62, 0x32 + }; static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256); /* ./certs/server-ecc.der, ECC */ static const unsigned char serv_ecc_der_256[] = { - 0x30, 0x82, 0x02, 0xA1, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03, + 0x30, 0x82, 0x02, 0xA0, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x03, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, @@ -4371,10 +4395,10 @@ static const unsigned char serv_ecc_der_256[] = 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, - 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, - 0x0D, 0x32, 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, - 0x39, 0x35, 0x33, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, + 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, + 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, + 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, @@ -4413,14 +4437,14 @@ static const unsigned char serv_ecc_der_256[] = 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, - 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, - 0x61, 0x6F, 0xE8, 0xB9, 0xAD, 0xCC, 0xC9, 0x1A, 0x81, 0x17, - 0x02, 0x64, 0x07, 0xC3, 0x18, 0x44, 0x01, 0x81, 0x76, 0x18, - 0x9D, 0x6D, 0x3D, 0x7D, 0xCB, 0xC1, 0x5A, 0x76, 0x4A, 0xAD, - 0x71, 0x55, 0x02, 0x21, 0x00, 0xCD, 0x22, 0x35, 0x04, 0x19, - 0xC2, 0x23, 0x21, 0x02, 0x88, 0x4B, 0x51, 0xDA, 0xDB, 0x51, - 0xAB, 0x54, 0x8C, 0xCB, 0x38, 0xAC, 0x8E, 0xBB, 0xEE, 0x18, - 0x07, 0xBF, 0x88, 0x36, 0x88, 0xFF, 0xD5 + 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, + 0x5A, 0x67, 0xB9, 0xEE, 0x02, 0x34, 0x27, 0x1B, 0xD4, 0xC4, + 0x35, 0x7B, 0xED, 0x59, 0x8E, 0x63, 0xC4, 0x8A, 0xB7, 0xE9, + 0x92, 0xC1, 0x8A, 0x76, 0xB0, 0x8B, 0xCD, 0x24, 0x49, 0x78, + 0xBA, 0xEF, 0x02, 0x20, 0x29, 0xB8, 0xB6, 0x5F, 0x83, 0xF7, + 0x56, 0x6A, 0xF1, 0x4D, 0xD9, 0x9F, 0x52, 0x2A, 0xF9, 0x8F, + 0x53, 0x14, 0x49, 0x8B, 0x5F, 0x5E, 0x87, 0xAF, 0x7F, 0xCA, + 0x2E, 0xE0, 0xD8, 0xE7, 0x75, 0x0C }; static const int sizeof_serv_ecc_der_256 = sizeof(serv_ecc_der_256); @@ -4446,72 +4470,73 @@ static const int sizeof_ca_ecc_key_der_256 = sizeof(ca_ecc_key_der_256); /* ./certs/ca-ecc-cert.der, ECC */ static const unsigned char ca_ecc_cert_der_256[] = { - 0x30, 0x82, 0x02, 0x8A, 0x30, 0x82, 0x02, 0x30, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x83, 0x47, 0x7C, 0x81, - 0xD6, 0x0D, 0x1C, 0x4E, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, - 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, - 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, - 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, - 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, - 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, - 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x33, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, - 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x65, - 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, 0x13, - 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, - 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, 0x03, - 0x42, 0x00, 0x04, 0x02, 0xD3, 0xD9, 0x6E, 0xD6, 0x01, 0x8E, - 0x45, 0xC8, 0xB9, 0x90, 0x31, 0xE5, 0xC0, 0x4C, 0xE3, 0x9E, - 0xAD, 0x29, 0x38, 0x98, 0xBA, 0x10, 0xD6, 0xE9, 0x09, 0x2A, - 0x80, 0xA9, 0x2E, 0x17, 0x2A, 0xB9, 0x8A, 0xBF, 0x33, 0x83, - 0x46, 0xE3, 0x95, 0x0B, 0xE4, 0x77, 0x40, 0xB5, 0x3B, 0x43, - 0x45, 0x33, 0x0F, 0x61, 0x53, 0x7C, 0x37, 0x44, 0xC1, 0xCB, - 0xFC, 0x80, 0xCA, 0xE8, 0x43, 0xEA, 0xA7, 0xA3, 0x63, 0x30, - 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, - 0x04, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18, - 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3, - 0xA5, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, - 0x18, 0x30, 0x16, 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, - 0x42, 0xDE, 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, - 0xEA, 0xC3, 0xF3, 0xA5, 0x21, 0x30, 0x0F, 0x06, 0x03, 0x55, - 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, - 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, - 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, - 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, - 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xC5, 0x83, - 0xFF, 0x1E, 0x51, 0xF7, 0xA1, 0xE9, 0xF1, 0x42, 0xC4, 0xBE, - 0xED, 0x38, 0xBD, 0x38, 0x32, 0x8F, 0xAE, 0x3F, 0xC7, 0x6D, - 0x11, 0x90, 0xE9, 0x99, 0xAB, 0x61, 0xA2, 0xDB, 0xA7, 0x4B, - 0x02, 0x20, 0x28, 0x40, 0xD9, 0xBA, 0x45, 0xCC, 0xA6, 0xEA, - 0xFA, 0x3F, 0x3E, 0x71, 0x44, 0x8E, 0x02, 0x03, 0x2F, 0x41, - 0x0B, 0x56, 0x78, 0x2D, 0xA6, 0xE8, 0x5E, 0xF6, 0xFF, 0xDA, - 0x62, 0x8C, 0xF9, 0xDF + 0x30, 0x82, 0x02, 0x95, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x2F, 0xC0, 0x2C, 0xFE, 0x1F, + 0x6A, 0x5A, 0x0B, 0xDD, 0xF6, 0x08, 0x63, 0x99, 0x42, 0x7E, + 0x19, 0x92, 0xFA, 0xDC, 0x32, 0x30, 0x0A, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, + 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, + 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0B, 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, + 0x6E, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, + 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, + 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x59, 0x30, + 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07, + 0x03, 0x42, 0x00, 0x04, 0x02, 0xD3, 0xD9, 0x6E, 0xD6, 0x01, + 0x8E, 0x45, 0xC8, 0xB9, 0x90, 0x31, 0xE5, 0xC0, 0x4C, 0xE3, + 0x9E, 0xAD, 0x29, 0x38, 0x98, 0xBA, 0x10, 0xD6, 0xE9, 0x09, + 0x2A, 0x80, 0xA9, 0x2E, 0x17, 0x2A, 0xB9, 0x8A, 0xBF, 0x33, + 0x83, 0x46, 0xE3, 0x95, 0x0B, 0xE4, 0x77, 0x40, 0xB5, 0x3B, + 0x43, 0x45, 0x33, 0x0F, 0x61, 0x53, 0x7C, 0x37, 0x44, 0xC1, + 0xCB, 0xFC, 0x80, 0xCA, 0xE8, 0x43, 0xEA, 0xA7, 0xA3, 0x63, + 0x30, 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, + 0x16, 0x04, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, + 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, + 0xF3, 0xA5, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, + 0xF0, 0x42, 0xDE, 0x18, 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, + 0xCF, 0xEA, 0xC3, 0xF3, 0xA5, 0x21, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, + 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, + 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, + 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, + 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xF2, + 0xA0, 0x7A, 0x0F, 0x66, 0x05, 0xEC, 0x81, 0xA2, 0x94, 0x6A, + 0x31, 0xE0, 0x0D, 0xEE, 0x8F, 0x6A, 0xED, 0x63, 0x33, 0x0E, + 0x27, 0x31, 0xB3, 0xCF, 0xC8, 0xA0, 0x0E, 0x5B, 0x88, 0x51, + 0xFA, 0x02, 0x20, 0x51, 0x0F, 0x26, 0x46, 0x95, 0x37, 0x8E, + 0x49, 0x4E, 0xB0, 0x4D, 0xCD, 0xB1, 0x65, 0xFE, 0x2D, 0x43, + 0xAB, 0x20, 0xC7, 0x83, 0x70, 0x44, 0x11, 0x13, 0x86, 0xA5, + 0x9B, 0x3B, 0x34, 0x24, 0xF2 }; static const int sizeof_ca_ecc_cert_der_256 = sizeof(ca_ecc_cert_der_256); @@ -4541,78 +4566,79 @@ static const int sizeof_ca_ecc_key_der_384 = sizeof(ca_ecc_key_der_384); /* ./certs/ca-ecc384-cert.der, ECC */ static const unsigned char ca_ecc_cert_der_384[] = { - 0x30, 0x82, 0x02, 0xC7, 0x30, 0x82, 0x02, 0x4D, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA8, 0x60, 0xFD, 0x75, - 0x07, 0x98, 0x55, 0x6A, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, - 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97, 0x31, - 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, - 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, - 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, - 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, - 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, - 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, - 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, - 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, - 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, - 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, - 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, - 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, - 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, - 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, - 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, - 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x32, 0x31, 0x30, - 0x31, 0x39, 0x34, 0x39, 0x35, 0x33, 0x5A, 0x17, 0x0D, 0x32, - 0x33, 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, - 0x33, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, - 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, - 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, 0x57, - 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, - 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, - 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, - 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, 0x65, - 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, 0x30, - 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, - 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, - 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, - 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, - 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x76, 0x30, 0x10, - 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06, - 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, - 0xEE, 0x82, 0xD4, 0x39, 0x9A, 0xB1, 0x27, 0x82, 0xF4, 0xD7, - 0xEA, 0xC6, 0xBC, 0x03, 0x1D, 0x4D, 0x83, 0x61, 0xF4, 0x03, - 0xAE, 0x7E, 0xBD, 0xD8, 0x5A, 0xA5, 0xB9, 0xF0, 0x8E, 0xA2, - 0xA5, 0xDA, 0xCE, 0x87, 0x3B, 0x5A, 0xAB, 0x44, 0x16, 0x9C, - 0xF5, 0x9F, 0x62, 0xDD, 0xF6, 0x20, 0xCD, 0x9C, 0x76, 0x3C, - 0x40, 0xB1, 0x3F, 0x97, 0x17, 0xDF, 0x59, 0xF6, 0xCD, 0xDE, - 0xCD, 0x46, 0x35, 0xC0, 0xED, 0x5E, 0x2E, 0x48, 0xB6, 0x66, - 0x91, 0x71, 0x74, 0xB7, 0x0C, 0x3F, 0xB9, 0x9A, 0xB7, 0x83, - 0xBD, 0x93, 0x3F, 0x5F, 0x50, 0x2D, 0x70, 0x3F, 0xDE, 0x35, - 0x25, 0xE1, 0x90, 0x3B, 0x86, 0xE0, 0xA3, 0x63, 0x30, 0x61, - 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, - 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, 0xD4, 0x72, 0xBB, - 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, 0x80, 0x12, 0x53, - 0x52, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, - 0x30, 0x16, 0x80, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, - 0xD4, 0x72, 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, - 0x80, 0x12, 0x53, 0x52, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, - 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, - 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, - 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, 0x06, - 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x03, - 0x68, 0x00, 0x30, 0x65, 0x02, 0x30, 0x47, 0xA2, 0x36, 0x33, - 0xF4, 0x27, 0xBD, 0xD0, 0x5C, 0xE6, 0x8D, 0x3E, 0x31, 0xA9, - 0x4E, 0x51, 0x57, 0xA9, 0x93, 0x28, 0x72, 0x0A, 0x72, 0xAB, - 0x6E, 0xF9, 0x56, 0xC0, 0xF5, 0x70, 0x02, 0x9F, 0x9C, 0xB2, - 0x4A, 0x9C, 0x3E, 0x9F, 0xFB, 0xC5, 0x64, 0x26, 0x7A, 0x88, - 0xDC, 0x4A, 0x2A, 0x25, 0x02, 0x31, 0x00, 0x88, 0xF8, 0xE2, - 0xD5, 0x20, 0x82, 0xF2, 0xDE, 0x7B, 0xCB, 0x13, 0xAC, 0xCD, - 0xFF, 0xE8, 0x1E, 0x4E, 0x84, 0x3D, 0x9C, 0xAF, 0x5D, 0xF9, - 0x01, 0xE7, 0x4F, 0xD4, 0x03, 0x09, 0x84, 0x3D, 0x7B, 0x2B, - 0x83, 0xE2, 0xAE, 0x08, 0x68, 0x2E, 0x5B, 0x85, 0x6F, 0x43, - 0xF5, 0x41, 0xE0, 0xC7, 0xC9 + 0x30, 0x82, 0x02, 0xD2, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x1A, 0x57, 0x7F, 0x62, 0xDE, + 0x7E, 0xF2, 0x6D, 0x93, 0xD2, 0x83, 0x35, 0x86, 0x82, 0x7F, + 0x09, 0x5A, 0x8B, 0xA4, 0x09, 0x30, 0x0A, 0x06, 0x08, 0x2A, + 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97, + 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, + 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x08, 0x0C, 0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, + 0x67, 0x74, 0x6F, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x07, 0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, + 0x6C, 0x65, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, + 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0B, 0x44, 0x65, 0x76, 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, + 0x6E, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x34, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x34, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A, + 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x44, 0x65, 0x76, + 0x65, 0x6C, 0x6F, 0x70, 0x6D, 0x65, 0x6E, 0x74, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x76, 0x30, + 0x10, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, + 0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, + 0x04, 0xEE, 0x82, 0xD4, 0x39, 0x9A, 0xB1, 0x27, 0x82, 0xF4, + 0xD7, 0xEA, 0xC6, 0xBC, 0x03, 0x1D, 0x4D, 0x83, 0x61, 0xF4, + 0x03, 0xAE, 0x7E, 0xBD, 0xD8, 0x5A, 0xA5, 0xB9, 0xF0, 0x8E, + 0xA2, 0xA5, 0xDA, 0xCE, 0x87, 0x3B, 0x5A, 0xAB, 0x44, 0x16, + 0x9C, 0xF5, 0x9F, 0x62, 0xDD, 0xF6, 0x20, 0xCD, 0x9C, 0x76, + 0x3C, 0x40, 0xB1, 0x3F, 0x97, 0x17, 0xDF, 0x59, 0xF6, 0xCD, + 0xDE, 0xCD, 0x46, 0x35, 0xC0, 0xED, 0x5E, 0x2E, 0x48, 0xB6, + 0x66, 0x91, 0x71, 0x74, 0xB7, 0x0C, 0x3F, 0xB9, 0x9A, 0xB7, + 0x83, 0xBD, 0x93, 0x3F, 0x5F, 0x50, 0x2D, 0x70, 0x3F, 0xDE, + 0x35, 0x25, 0xE1, 0x90, 0x3B, 0x86, 0xE0, 0xA3, 0x63, 0x30, + 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, 0x18, 0xD4, 0x72, + 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, 0x92, 0x80, 0x12, + 0x53, 0x52, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x18, 0x30, 0x16, 0x80, 0x14, 0xAB, 0xE0, 0xC3, 0x26, 0x4C, + 0x18, 0xD4, 0x72, 0xBB, 0xD2, 0x84, 0x8C, 0x9C, 0x0A, 0x05, + 0x92, 0x80, 0x12, 0x53, 0x52, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, + 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, + 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, + 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x30, 0x78, 0xDA, 0x52, + 0x4F, 0x11, 0xFA, 0x4F, 0xA9, 0x7B, 0x02, 0xAF, 0x63, 0x40, + 0xA7, 0x54, 0xBF, 0x08, 0x8B, 0xCB, 0xE4, 0xCE, 0x7D, 0x35, + 0x38, 0x46, 0xD9, 0x90, 0x40, 0xF5, 0xF1, 0x16, 0x42, 0xE5, + 0xEF, 0x7B, 0xB0, 0x8F, 0x3D, 0xB0, 0xA0, 0x07, 0xA6, 0x23, + 0x3E, 0x8F, 0xA3, 0xBE, 0x57, 0x02, 0x31, 0x00, 0xDE, 0xD2, + 0x23, 0x84, 0x4C, 0x71, 0x6A, 0x2E, 0xD0, 0x17, 0x73, 0x55, + 0xB2, 0x8B, 0xE7, 0xAC, 0x4F, 0x83, 0x21, 0xF8, 0xF1, 0x7A, + 0x9A, 0xF5, 0x8B, 0xA5, 0x17, 0x7B, 0x06, 0x03, 0xDC, 0x7E, + 0x90, 0x29, 0x81, 0x3E, 0x6F, 0x70, 0xE7, 0x50, 0xF0, 0xD4, + 0xA6, 0x96, 0xDC, 0x28, 0x51, 0x96 }; static const int sizeof_ca_ecc_cert_der_384 = sizeof(ca_ecc_cert_der_384); @@ -4640,49 +4666,6 @@ static const unsigned char dh_g[] = 0x02, }; -/* dh2048 p */ -static const unsigned char dh2048_p[] = -{ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, - 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1, - 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95, - 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, - 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, - 0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, - 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A, - 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61, - 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, - 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, - 0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, - 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77, - 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72, - 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, - 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, - 0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, - 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, - 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68, - 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, - 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, - 0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, - 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, - 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61, - 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, - 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, - 0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, - 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05, - 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2, - 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, - 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF -}; - -/* dh2048 g */ -static const unsigned char dh2048_g[] = -{ - 0x02, -}; - #if defined(HAVE_ED25519) /* ./certs/ed25519/server-ed25519.der, ED25519 */ @@ -4706,10 +4689,10 @@ static const unsigned char server_ed25519_cert[] = 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, - 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, 0x33, 0x31, - 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, 0x17, 0x0D, - 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, 0x36, 0x34, 0x39, - 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, + 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, + 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, @@ -4744,14 +4727,14 @@ static const unsigned char server_ed25519_cert[] = 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, - 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0xF3, - 0xC2, 0xEF, 0x8B, 0x55, 0x65, 0x4F, 0xBC, 0xE3, 0xDF, 0xFC, - 0xD8, 0xA1, 0xAD, 0x8E, 0x43, 0x07, 0x73, 0xC8, 0x58, 0xC3, - 0x46, 0x0A, 0xC1, 0xF1, 0x4D, 0x3F, 0xFB, 0x3D, 0x78, 0xE6, - 0x76, 0x58, 0x26, 0xCE, 0xD7, 0x59, 0x55, 0xEC, 0xC5, 0xB5, - 0xB4, 0x05, 0xED, 0xF9, 0xD4, 0x97, 0x69, 0x66, 0xD6, 0x2C, - 0x1B, 0x43, 0x5A, 0x51, 0x5C, 0xBE, 0x10, 0x28, 0x95, 0xC4, - 0x96, 0xAF, 0x00 + 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x2A, + 0xC7, 0x33, 0xF1, 0xED, 0x51, 0x63, 0x7B, 0x38, 0x4D, 0xDF, + 0x45, 0x3D, 0xB1, 0x6A, 0x8A, 0x6E, 0x3E, 0xCC, 0x78, 0x93, + 0xCF, 0x84, 0x5D, 0x61, 0x23, 0x62, 0x31, 0xC1, 0xC9, 0x4D, + 0x11, 0x6A, 0x83, 0xD5, 0x38, 0xE8, 0xB2, 0x40, 0xA1, 0x62, + 0xC9, 0x7B, 0xA4, 0x11, 0x91, 0x04, 0x52, 0x65, 0x86, 0xAB, + 0x82, 0x38, 0x20, 0x36, 0xFE, 0x93, 0x59, 0x60, 0x16, 0x65, + 0xBE, 0x8F, 0x06 }; static const int sizeof_server_ed25519_cert = sizeof(server_ed25519_cert); @@ -4787,10 +4770,10 @@ static const unsigned char ca_ed25519_cert[] = 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, - 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x30, - 0x33, 0x31, 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, - 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, 0x36, - 0x34, 0x39, 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9B, 0x31, 0x0B, + 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, + 0x32, 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, + 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, + 0x30, 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9B, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, @@ -4821,24 +4804,24 @@ static const unsigned char ca_ed25519_cert[] = 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0xDA, 0xFE, - 0x58, 0x53, 0x89, 0x43, 0x85, 0x98, 0x35, 0xDC, 0x13, 0x1C, - 0xA3, 0xF1, 0x1F, 0x8D, 0x26, 0xBE, 0xB6, 0xA2, 0xFC, 0xB7, - 0xFE, 0x9C, 0xB9, 0x35, 0x69, 0x31, 0x7E, 0xD4, 0xB9, 0x11, - 0x45, 0x16, 0xA2, 0x29, 0x35, 0xA9, 0x74, 0xA7, 0x97, 0xDA, - 0x7E, 0x71, 0x4F, 0xB1, 0x72, 0x5D, 0x75, 0x17, 0xAC, 0xE3, - 0xF6, 0xB8, 0xCE, 0x1E, 0xE4, 0x8A, 0x95, 0xBA, 0xCD, 0x1D, - 0xCE, 0x0D + 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x03, 0x98, + 0xE3, 0x5F, 0xC8, 0xD0, 0x65, 0x19, 0xD4, 0xBA, 0x64, 0xA6, + 0xDF, 0xD9, 0xC5, 0xF5, 0x79, 0x76, 0xBA, 0x9C, 0xE5, 0xB7, + 0xA1, 0x12, 0xE3, 0xB9, 0x0B, 0xA5, 0x40, 0x93, 0xEC, 0xC0, + 0x96, 0xB7, 0x65, 0x76, 0x1C, 0x9C, 0x4A, 0xE8, 0x62, 0x3E, + 0x8B, 0xA3, 0x85, 0xD5, 0xB2, 0x8B, 0x94, 0xAD, 0x69, 0xF9, + 0x54, 0x67, 0xFF, 0x7F, 0x09, 0x7C, 0x7C, 0xDF, 0xB2, 0x62, + 0x5B, 0x0C }; static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert); /* ./certs/ed25519/client-ed25519.der, ED25519 */ static const unsigned char client_ed25519_cert[] = { - 0x30, 0x82, 0x03, 0x54, 0x30, 0x82, 0x03, 0x06, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x40, 0x66, 0xC6, 0x11, 0xBC, - 0x00, 0xF8, 0x51, 0xF9, 0xE4, 0x4B, 0xBB, 0x0B, 0xAD, 0xC1, - 0x09, 0x38, 0xB0, 0x4A, 0xE4, 0x30, 0x05, 0x06, 0x03, 0x2B, + 0x30, 0x82, 0x02, 0x77, 0x30, 0x82, 0x02, 0x29, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x78, 0xE3, 0x17, 0xF6, 0x7F, + 0x7E, 0x41, 0x85, 0x76, 0xF8, 0x9F, 0x3E, 0x9D, 0xDB, 0x7E, + 0xDD, 0xB9, 0x52, 0x8B, 0x39, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, @@ -4856,9 +4839,9 @@ static const unsigned char client_ed25519_cert[] = 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, - 0x30, 0x33, 0x31, 0x30, 0x30, 0x36, 0x34, 0x39, 0x30, 0x33, - 0x5A, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x30, 0x35, 0x30, - 0x36, 0x34, 0x39, 0x30, 0x33, 0x5A, 0x30, 0x81, 0x9F, 0x31, + 0x31, 0x32, 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, + 0x5A, 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, + 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, @@ -4879,48 +4862,26 @@ static const unsigned char client_ed25519_cert[] = 0xE6, 0x57, 0x5B, 0x13, 0x1B, 0xC7, 0x51, 0x14, 0x6B, 0xED, 0x3B, 0xF5, 0xD1, 0xFA, 0xAB, 0x9E, 0x6C, 0xB6, 0xEB, 0x02, 0x09, 0xA3, 0x99, 0xF5, 0x6E, 0xBF, 0x9D, 0x3C, 0xFE, 0x54, - 0x39, 0xE6, 0xA3, 0x82, 0x01, 0x50, 0x30, 0x82, 0x01, 0x4C, - 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, - 0x14, 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, - 0x3E, 0x47, 0x89, 0x90, 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, - 0x8A, 0x30, 0x81, 0xDF, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, - 0x81, 0xD7, 0x30, 0x81, 0xD4, 0x80, 0x14, 0xFE, 0x41, 0x5E, + 0x39, 0xE6, 0xA3, 0x75, 0x30, 0x73, 0x30, 0x1D, 0x06, 0x03, + 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, 0x3E, 0x47, 0x89, 0x90, - 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, 0xA1, 0x81, 0xA5, - 0xA4, 0x81, 0xA2, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, - 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, - 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, - 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, - 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, - 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, - 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, - 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, - 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, - 0x0C, 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x65, - 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, - 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, - 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, - 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, - 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, - 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x40, 0x66, 0xC6, - 0x11, 0xBC, 0x00, 0xF8, 0x51, 0xF9, 0xE4, 0x4B, 0xBB, 0x0B, - 0xAD, 0xC1, 0x09, 0x38, 0xB0, 0x4A, 0xE4, 0x30, 0x0C, 0x06, - 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, - 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, - 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, - 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, - 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, - 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, - 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, - 0x03, 0x02, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, - 0x41, 0x00, 0xE0, 0x87, 0xE2, 0xCE, 0xD3, 0x87, 0x77, 0x9D, - 0xF7, 0x44, 0xC0, 0x73, 0x00, 0xFF, 0x07, 0x6D, 0x2E, 0x90, - 0x90, 0x5C, 0xBF, 0x30, 0x46, 0x9C, 0x75, 0xA9, 0x48, 0x50, - 0x8A, 0xDA, 0x09, 0x0F, 0xA8, 0xA8, 0x04, 0xB4, 0x33, 0xC8, - 0xF4, 0x28, 0x61, 0x9E, 0xC2, 0xA5, 0x19, 0xB7, 0x70, 0x1E, - 0x69, 0xCD, 0x49, 0x5C, 0x9A, 0xF3, 0x81, 0xE0, 0xDE, 0x38, - 0xB3, 0x37, 0xFF, 0x33, 0xBB, 0x07 + 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, 0x30, 0x1F, 0x06, + 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, + 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, 0x3E, + 0x47, 0x89, 0x90, 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, + 0x04, 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, + 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03, 0xA8, + 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, + 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, + 0x02, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, + 0x00, 0x5F, 0xE1, 0x69, 0x78, 0x55, 0xCA, 0x61, 0x76, 0xA6, + 0xEC, 0x10, 0x29, 0xDA, 0xDC, 0xA9, 0x31, 0x23, 0xC7, 0x3B, + 0x91, 0x5F, 0x94, 0xE8, 0x2A, 0x6D, 0xE6, 0xF5, 0x5A, 0x5C, + 0x16, 0x60, 0x9D, 0xE7, 0xAC, 0x97, 0x3D, 0x30, 0x41, 0x23, + 0x76, 0x0C, 0x4A, 0xF2, 0x82, 0x31, 0xF2, 0x70, 0x85, 0xBD, + 0x7A, 0xE7, 0x19, 0x77, 0xB3, 0x6F, 0x88, 0x0F, 0x96, 0xAD, + 0xAF, 0x2D, 0xA8, 0xD2, 0x09 }; static const int sizeof_client_ed25519_cert = sizeof(client_ed25519_cert); diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index fa4ef70d9..1bad94a32 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -791,7 +791,7 @@ enum ECC_TYPES #ifndef WC_ASN_NAME_MAX #ifdef OPENSSL_EXTRA - #define WC_ASN_NAME_MAX 300 + #define WC_ASN_NAME_MAX 330 #else #define WC_ASN_NAME_MAX 256 #endif @@ -923,7 +923,11 @@ enum Misc_ASN { #ifndef WC_MAX_NAME_ENTRIES /* entries added to x509 name struct */ + #ifdef OPENSSL_EXTRA + #define WC_MAX_NAME_ENTRIES 15 + #else #define WC_MAX_NAME_ENTRIES 13 + #endif #endif #define MAX_NAME_ENTRIES WC_MAX_NAME_ENTRIES From 9f2419246e8da59090ff00a9eb5dfe9faa2f0e19 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Tue, 21 Dec 2021 10:18:12 +1000 Subject: [PATCH 14/16] SP ARM64: P-384 prime specific Montogmery Reduction Improves performance --- wolfcrypt/src/sp_arm64.c | 139 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 137 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index 8280e5696..adab94b4b 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -40527,8 +40527,6 @@ static void sp_384_cond_copy_6(sp_digit* r, const sp_digit* a, sp_digit m) ); } -#define sp_384_mont_reduce_order_6 sp_384_mont_reduce_6 - /* Reduce the number back to 384 bits using Montgomery reduction. * * a A single precision number to reduce in place. @@ -40538,6 +40536,143 @@ static void sp_384_cond_copy_6(sp_digit* r, const sp_digit* a, sp_digit m) SP_NOINLINE static void sp_384_mont_reduce_6(sp_digit* a, const sp_digit* m, sp_digit mp) { + __asm__ __volatile__ ( + "ldp x7, x8, [%[a], #0]\n\t" + "ldp x9, x10, [%[a], #16]\n\t" + "ldp x11, x12, [%[a], #32]\n\t" + "mov x6, xzr\n\t" + "# a[0-7] += m[0-5] * mu[0..1] = m[0-5] * (a[0..1] * mp)\n\t" + "ldp x13, x14, [%[a], #48]\n\t" + "lsl x2, x8, 32\n\t" + "lsl x1, x7, 32\n\t" + "orr x2, x2, x7, lsr 32\n\t" + "adds x1, x1, x7\n\t" + "adc x2, x2, x8\n\t" + "add x2, x2, x7\n\t" + "lsl x3, x1, 32\n\t" + "lsl x4, x2, 32\n\t" + "orr x4, x4, x1, lsr 32\n\t" + "lsr x5, x2, 32\n\t" + "adds x7, x7, x3\n\t" + "adcs x8, x8, x4\n\t" + "adcs x9, x9, x5\n\t" + "adcs x10, x10, xzr\n\t" + "adcs x11, x11, xzr\n\t" + "adcs x12, x12, xzr\n\t" + "adcs x13, x13, x1\n\t" + "adcs x14, x14, x2\n\t" + "adcs x6, x6, xzr\n\t" + "adds x3, x3, x2\n\t" + "adcs x4, x4, x1\n\t" + "adcs x5, x5, x2\n\t" + "adcs x2, xzr, xzr\n\t" + "subs x9, x9, x4\n\t" + "sbcs x10, x10, x5\n\t" + "sbcs x11, x11, x2\n\t" + "sbcs x12, x12, xzr\n\t" + "sbcs x13, x13, xzr\n\t" + "sbcs x14, x14, xzr\n\t" + "sbc x6, x6, xzr\n\t" + "# a[2-9] += m[0-5] * mu[0..1] = m[0-5] * (a[2..3] * mp)\n\t" + "ldp x7, x8, [%[a], #64]\n\t" + "lsl x2, x10, 32\n\t" + "lsl x1, x9, 32\n\t" + "orr x2, x2, x9, lsr 32\n\t" + "adds x1, x1, x9\n\t" + "adc x2, x2, x10\n\t" + "add x2, x2, x9\n\t" + "lsl x3, x1, 32\n\t" + "lsl x4, x2, 32\n\t" + "orr x4, x4, x1, lsr 32\n\t" + "lsr x5, x2, 32\n\t" + "adds x7, x7, x6\n\t" + "adcs x8, x8, xzr\n\t" + "adc x6, xzr, xzr\n\t" + "adds x9, x9, x3\n\t" + "adcs x10, x10, x4\n\t" + "adcs x11, x11, x5\n\t" + "adcs x12, x12, xzr\n\t" + "adcs x13, x13, xzr\n\t" + "adcs x14, x14, xzr\n\t" + "adcs x7, x7, x1\n\t" + "adcs x8, x8, x2\n\t" + "adcs x6, x6, xzr\n\t" + "adds x3, x3, x2\n\t" + "adcs x4, x4, x1\n\t" + "adcs x5, x5, x2\n\t" + "adcs x2, xzr, xzr\n\t" + "subs x11, x11, x4\n\t" + "sbcs x12, x12, x5\n\t" + "sbcs x13, x13, x2\n\t" + "sbcs x14, x14, xzr\n\t" + "sbcs x7, x7, xzr\n\t" + "sbcs x8, x8, xzr\n\t" + "sbc x6, x6, xzr\n\t" + "# a[4-11] += m[0-5] * mu[0..1] = m[0-5] * (a[4..5] * mp)\n\t" + "ldp x9, x10, [%[a], #80]\n\t" + "lsl x2, x12, 32\n\t" + "lsl x1, x11, 32\n\t" + "orr x2, x2, x11, lsr 32\n\t" + "adds x1, x1, x11\n\t" + "adc x2, x2, x12\n\t" + "add x2, x2, x11\n\t" + "lsl x3, x1, 32\n\t" + "lsl x4, x2, 32\n\t" + "orr x4, x4, x1, lsr 32\n\t" + "lsr x5, x2, 32\n\t" + "adds x9, x9, x6\n\t" + "adcs x10, x10, xzr\n\t" + "adc x6, xzr, xzr\n\t" + "adds x11, x11, x3\n\t" + "adcs x12, x12, x4\n\t" + "adcs x13, x13, x5\n\t" + "adcs x14, x14, xzr\n\t" + "adcs x7, x7, xzr\n\t" + "adcs x8, x8, xzr\n\t" + "adcs x9, x9, x1\n\t" + "adcs x10, x10, x2\n\t" + "adcs x6, x6, xzr\n\t" + "adds x3, x3, x2\n\t" + "adcs x4, x4, x1\n\t" + "adcs x5, x5, x2\n\t" + "adcs x2, xzr, xzr\n\t" + "subs x13, x13, x4\n\t" + "sbcs x14, x14, x5\n\t" + "sbcs x7, x7, x2\n\t" + "sbcs x8, x8, xzr\n\t" + "sbcs x9, x9, xzr\n\t" + "sbcs x10, x10, xzr\n\t" + "sbc x6, x6, xzr\n\t" + "# Subtract mod if carry\n\t" + "neg x6, x6\n\t" + "mov x5, -2\n\t" + "lsr x3, x6, 32\n\t" + "lsl x4, x6, 32\n\t" + "and x5, x5, x6\n\t" + "subs x13, x13, x3\n\t" + "sbcs x14, x14, x4\n\t" + "sbcs x7, x7, x5\n\t" + "sbcs x8, x8, x6\n\t" + "sbcs x9, x9, x6\n\t" + "sbc x10, x10, x6\n\t" + "stp x13, x14, [%[a], #0]\n\t" + "stp x7, x8, [%[a], #16]\n\t" + "stp x9, x10, [%[a], #32]\n\t" + : + : [a] "r" (a), [m] "r" (m), [mp] "r" (mp) + : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14" + ); +} + +/* Reduce the number back to 384 bits using Montgomery reduction. + * + * a A single precision number to reduce in place. + * m The single precision number representing the modulus. + * mp The digit representing the negative inverse of m mod 2^n. + */ +SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m, + sp_digit mp) +{ __asm__ __volatile__ ( "ldp x14, x15, [%[m], 0]\n\t" From d28cb70735d78f68865c17a90ed90198ff34e03b Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Tue, 21 Dec 2021 09:03:54 -0800 Subject: [PATCH 15/16] fix for ed25519 client cert generation --- certs/ed25519/ca-ed25519.der | Bin 592 -> 592 bytes certs/ed25519/ca-ed25519.pem | 18 ++-- certs/ed25519/client-ed25519.der | Bin 635 -> 856 bytes certs/ed25519/client-ed25519.pem | 44 +++++----- certs/ed25519/gen-ed25519-certs.sh | 2 +- certs/ed25519/root-ed25519.der | Bin 613 -> 613 bytes certs/ed25519/root-ed25519.pem | 22 ++--- certs/ed25519/server-ed25519-cert.pem | 22 ++--- certs/ed25519/server-ed25519.der | Bin 633 -> 633 bytes certs/ed25519/server-ed25519.pem | 40 ++++----- wolfssl/certs_test.h | 118 +++++++++++++++----------- 11 files changed, 147 insertions(+), 119 deletions(-) diff --git a/certs/ed25519/ca-ed25519.der b/certs/ed25519/ca-ed25519.der index b244cf22e3538a9079a79ba8bd54a1c85c4e949e..f20249325f20e6d621261426ffc784db4f08e8b5 100644 GIT binary patch delta 97 zcmcb>a)D*S0Z~IkGZRZ=(a)D*S0Z{`ZV*_&|(|_ctX)^8f&> Cl`Sp+ diff --git a/certs/ed25519/ca-ed25519.pem b/certs/ed25519/ca-ed25519.pem index 61ac1b33f..eb206841e 100644 --- a/certs/ed25519/ca-ed25519.pem +++ b/certs/ed25519/ca-ed25519.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT + Not Before: Dec 21 16:49:35 2021 GMT + Not After : Sep 16 16:49:35 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -26,22 +26,22 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED25519 - 03:98:e3:5f:c8:d0:65:19:d4:ba:64:a6:df:d9:c5:f5:79:76: - ba:9c:e5:b7:a1:12:e3:b9:0b:a5:40:93:ec:c0:96:b7:65:76: - 1c:9c:4a:e8:62:3e:8b:a3:85:d5:b2:8b:94:ad:69:f9:54:67: - ff:7f:09:7c:7c:df:b2:62:5b:0c + 71:66:ff:a7:fc:b9:fa:03:85:13:28:80:46:5b:22:84:1c:a2: + b8:f1:f4:85:83:66:4b:a2:44:8c:63:04:ba:3f:59:e1:ba:b3: + 03:16:70:85:05:5d:50:20:29:69:7c:5b:82:25:31:c3:79:7e: + 9a:eb:86:be:dc:33:e1:e0:57:0e -----BEGIN CERTIFICATE----- MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy -MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +MTE2NDkzNVoXDTI0MDkxNjE2NDkzNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW 77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA -A5jjX8jQZRnUumSm39nF9Xl2upzlt6ES47kLpUCT7MCWt2V2HJxK6GI+i6OF1bKL -lK1p+VRn/38JfHzfsmJbDA== +cWb/p/y5+gOFEyiARlsihByiuPH0hYNmS6JEjGMEuj9Z4bqzAxZwhQVdUCApaXxb +giUxw3l+muuGvtwz4eBXDg== -----END CERTIFICATE----- diff --git a/certs/ed25519/client-ed25519.der b/certs/ed25519/client-ed25519.der index dda0b691a22805c9c910d10602d4af9679c71f43..7f11a86e270699a9b35108afeb43e65c9252b510 100644 GIT binary patch delta 308 zcmey(a)V9Fpouxepoy7n0W%XL6O#!0|EbUC>FSC}#qQ~I@sZ=NIVfFhz{jgR!)Hru&(PPlStOP}Diu7!3&uo^HkGX6J^ z0r3P`L=A+SxKk?qbRq5Jcz5z zB4Hpl`8}gptpN{+FU-jJpM}YQ!GI6M;|K9rn3cd|?95D1 zyO|vs;vZ&Kgq}()TlPjk^VXe}hRVmSC&o{Cp_TjWYgCL_!rbR;rrR1gDwpwieQGlN YRM5J&>bYe3=KK!+X=~T(uDHYr02xt9VgLXD diff --git a/certs/ed25519/client-ed25519.pem b/certs/ed25519/client-ed25519.pem index ea9df8378..015f7d77f 100644 --- a/certs/ed25519/client-ed25519.pem +++ b/certs/ed25519/client-ed25519.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 78:e3:17:f6:7f:7e:41:85:76:f8:9f:3e:9d:db:7e:dd:b9:52:8b:39 + 07:ff:95:e7:9e:2d:2d:16:1a:5d:bc:8e:44:4c:1e:0f:7c:c1:1b:73 Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT + Not Before: Dec 21 16:49:35 2021 GMT + Not After : Sep 16 16:49:35 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -21,31 +21,37 @@ Certificate: FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A X509v3 Authority Key Identifier: keyid:FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A + DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed25519/OU=Client-ed25519/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:07:FF:95:E7:9E:2D:2D:16:1A:5D:BC:8E:44:4C:1E:0F:7C:C1:1B:73 - X509v3 Basic Constraints: critical - CA:FALSE - X509v3 Key Usage: critical - Digital Signature, Key Encipherment, Key Agreement + X509v3 Basic Constraints: + CA:TRUE + X509v3 Subject Alternative Name: + DNS:example.com, IP Address:127.0.0.1 X509v3 Extended Key Usage: - TLS Web Client Authentication + TLS Web Server Authentication, TLS Web Client Authentication Signature Algorithm: ED25519 - 5f:e1:69:78:55:ca:61:76:a6:ec:10:29:da:dc:a9:31:23:c7: - 3b:91:5f:94:e8:2a:6d:e6:f5:5a:5c:16:60:9d:e7:ac:97:3d: - 30:41:23:76:0c:4a:f2:82:31:f2:70:85:bd:7a:e7:19:77:b3: - 6f:88:0f:96:ad:af:2d:a8:d2:09 + 56:16:bb:d9:a4:39:84:64:21:ad:ca:36:aa:3f:01:97:7d:6d: + 9b:49:8b:5b:ce:f0:f1:66:81:fb:f2:3f:86:02:f3:da:ea:20: + 76:ed:5b:08:28:c9:a9:c1:af:82:3f:bb:fe:24:04:6e:5d:f7: + bd:b7:bb:52:cd:79:a3:ed:aa:01 -----BEGIN CERTIFICATE----- -MIICdzCCAimgAwIBAgIUeOMX9n9+QYV2+J8+ndt+3blSizkwBQYDK2VwMIGfMQsw +MIIDVDCCAwagAwIBAgIUB/+V554tLRYaXbyOREweD3zBG3MwBQYDK2VwMIGfMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY MBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUx OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv -QHdvbGZzc2wuY29tMB4XDTIxMTIyMDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZ8x +QHdvbGZzc2wuY29tMB4XDTIxMTIyMTE2NDkzNVoXDTI0MDkxNjE2NDkzNVowgZ8x CzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFu MRgwFgYDVQQKDA93b2xmU1NMX2VkMjU1MTkxFzAVBgNVBAsMDkNsaWVudC1lZDI1 NTE5MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu Zm9Ad29sZnNzbC5jb20wKjAFBgMrZXADIQDmV1sTG8dRFGvtO/XR+quebLbrAgmj -mfVuv508/lQ55qN1MHMwHQYDVR0OBBYEFP5BXj6B4i5Gsz5HiZDUwrSOEdaKMB8G -A1UdIwQYMBaAFP5BXj6B4i5Gsz5HiZDUwrSOEdaKMAwGA1UdEwEB/wQCMAAwDgYD -VR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAUGAytlcANBAF/haXhV -ymF2puwQKdrcqTEjxzuRX5ToKm3m9VpcFmCd56yXPTBBI3YMSvKCMfJwhb165xl3 -s2+ID5atry2o0gk= +mfVuv508/lQ55qOCAVAwggFMMB0GA1UdDgQWBBT+QV4+geIuRrM+R4mQ1MK0jhHW +ijCB3wYDVR0jBIHXMIHUgBT+QV4+geIuRrM+R4mQ1MK0jhHWiqGBpaSBojCBnzEL +MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x +GDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOQ2xpZW50LWVkMjU1 +MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m +b0B3b2xmc3NsLmNvbYIUB/+V554tLRYaXbyOREweD3zBG3MwDAYDVR0TBAUwAwEB +/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEF +BQcDAQYIKwYBBQUHAwIwBQYDK2VwA0EAVha72aQ5hGQhrco2qj8Bl31tm0mLW87w +8WaB+/I/hgLz2uogdu1bCCjJqcGvgj+7/iQEbl33vbe7Us15o+2qAQ== -----END CERTIFICATE----- diff --git a/certs/ed25519/gen-ed25519-certs.sh b/certs/ed25519/gen-ed25519-certs.sh index 1e25707ee..b945e49b6 100755 --- a/certs/ed25519/gen-ed25519-certs.sh +++ b/certs/ed25519/gen-ed25519-certs.sh @@ -91,7 +91,7 @@ echo "" echo -e "US\\nMontana\\nBozeman\\nwolfSSL_ed25519\\nClient-ed25519\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key client-ed25519-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out client-ed25519.csr check_result $? "Generate request" -openssl x509 -req -in client-ed25519.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions client_ecc -signkey client-ed25519-priv.pem -out client-ed25519.pem +openssl x509 -req -in client-ed25519.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions wolfssl_opts -signkey client-ed25519-priv.pem -out client-ed25519.pem check_result $? "Generate certificate" rm client-ed25519.csr diff --git a/certs/ed25519/root-ed25519.der b/certs/ed25519/root-ed25519.der index bf74c6296b89de8ebe016d9192a2065b9b517154..4cb192815793d8cd1fe087389fd5d465e1187458 100644 GIT binary patch delta 134 zcmaFL@{~o{pouBbpovL%0W%XL6O)L?OxDz8Owq-zKG_SnB*J4i7-S|*RNf$JXlQ0) zX>1xL&TC|1U}M-2Z~y>k1uz@{ delta 134 zcmaFL@{~o{pouBbpovL%0W%XL6O)MUl9Jmo`yBuMj_jOu+dpgjnx;G26O}iJ8WZc!iSrtn7+4ybg1H-C*fKhZW!`fydip*`>xiIC(0$I2(nV#nUl}kfINncM)*?Cm me1yTX&)xz{53jj1;a5OqD`Td4P1lv;7D)?3zTBB-V%Pv4!!-Z^ diff --git a/certs/ed25519/root-ed25519.pem b/certs/ed25519/root-ed25519.pem index d52df30eb..72e576ed5 100644 --- a/certs/ed25519/root-ed25519.pem +++ b/certs/ed25519/root-ed25519.pem @@ -2,12 +2,12 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 2d:a4:74:db:5c:be:41:fe:fb:59:89:9a:db:4f:6a:b7:ac:82:dc:2b + 48:99:05:65:a6:02:5b:73:45:4c:6b:a0:0a:18:57:5d:b0:30:69:62 Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT + Not Before: Dec 21 16:49:35 2021 GMT + Not After : Sep 16 16:49:35 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -27,22 +27,22 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED25519 - 16:69:de:47:72:e5:ef:6c:2a:c4:11:1c:52:df:09:f1:1b:72: - 76:9b:ea:30:03:20:41:df:62:a6:84:19:97:cf:58:30:e6:f3: - 4b:10:a5:c3:ac:dc:90:fa:50:79:85:01:69:37:7c:8a:d4:73: - 84:19:38:31:0e:6d:99:cc:5c:06 + 9c:34:61:81:c1:f4:69:a7:f7:5f:da:3d:d4:14:52:38:65:50: + 78:80:74:e7:ca:28:4b:d1:69:11:b7:c1:b7:2b:8b:6d:09:44: + fe:a1:a4:71:0a:03:23:38:a8:18:b5:2e:8a:0f:c3:8a:d2:42: + 72:96:18:64:3d:b7:80:68:50:08 -----BEGIN CERTIFICATE----- -MIICYTCCAhOgAwIBAgIULaR021y+Qf77WYma209qt6yC3CswBQYDK2VwMIGdMQsw +MIICYTCCAhOgAwIBAgIUSJkFZaYCW3NFTGugChhXXbAwaWIwBQYDK2VwMIGdMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 -b2xmc3NsLmNvbTAeFw0yMTEyMjAyMzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGdMQsw +b2xmc3NsLmNvbTAeFw0yMTEyMjExNjQ5MzVaFw0yNDA5MTYxNjQ5MzVaMIGdMQsw CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 b2xmc3NsLmNvbTAqMAUGAytlcAMhAOmzb3xwiqvKVCBOZHY8Gk/3+l5K//PbuWQt EKUMWj/ao2MwYTAdBgNVHQ4EFgQU+rpbdh3xHR1NdEjYmDtW77MU894wHwYDVR0j BBgwFoAU+rpbdh3xHR1NdEjYmDtW77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNV -HQ8BAf8EBAMCAYYwBQYDK2VwA0EAFmneR3Ll72wqxBEcUt8J8RtydpvqMAMgQd9i -poQZl89YMObzSxClw6zckPpQeYUBaTd8itRzhBk4MQ5tmcxcBg== +HQ8BAf8EBAMCAYYwBQYDK2VwA0EAnDRhgcH0aaf3X9o91BRSOGVQeIB058ooS9Fp +EbfBtyuLbQlE/qGkcQoDIzioGLUuig/DitJCcpYYZD23gGhQCA== -----END CERTIFICATE----- diff --git a/certs/ed25519/server-ed25519-cert.pem b/certs/ed25519/server-ed25519-cert.pem index 101cfeaad..e629875b5 100644 --- a/certs/ed25519/server-ed25519-cert.pem +++ b/certs/ed25519/server-ed25519-cert.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT + Not Before: Dec 21 16:49:35 2021 GMT + Not After : Sep 16 16:49:35 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -30,23 +30,23 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ED25519 - 2a:c7:33:f1:ed:51:63:7b:38:4d:df:45:3d:b1:6a:8a:6e:3e: - cc:78:93:cf:84:5d:61:23:62:31:c1:c9:4d:11:6a:83:d5:38: - e8:b2:40:a1:62:c9:7b:a4:11:91:04:52:65:86:ab:82:38:20: - 36:fe:93:59:60:16:65:be:8f:06 + 64:65:b1:5a:3b:18:07:36:42:ea:95:c9:de:96:59:04:cc:65: + 8a:5a:97:ee:a5:94:06:66:f6:b8:78:68:d1:c1:9f:3f:5c:71: + 4d:81:1e:80:ec:c2:52:44:b4:1f:d7:90:ad:84:37:a1:dd:c1: + f8:ae:fa:c2:92:4f:38:7d:b0:0c -----BEGIN CERTIFICATE----- MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAy -MzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjEx +NjQ5MzVaFw0yNDA5MTYxNjQ5MzVaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1 NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM -MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQAqxzPx7VFj -ezhN30U9sWqKbj7MeJPPhF1hI2IxwclNEWqD1TjoskChYsl7pBGRBFJlhquCOCA2 -/pNZYBZlvo8G +MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQBkZbFaOxgH +NkLqlcnellkEzGWKWpfupZQGZva4eGjRwZ8/XHFNgR6A7MJSRLQf15CthDeh3cH4 +rvrCkk84fbAM -----END CERTIFICATE----- diff --git a/certs/ed25519/server-ed25519.der b/certs/ed25519/server-ed25519.der index 470fb8d889b08ec9a74af2456432a2d672488116..117225652352c4cc8948005562b92fa5cfb1ec56 100644 GIT binary patch delta 106 zcmey#@{?u4J}E;(GZRZ=(jZoL)^m zd2d=I%bC=!sOj&PPGL*?wxc5B;=%d$F@?U3at&_|1-WdIzdm7Yi}}L42Y;;lb!d{m IMePP20Q1=_od5s; delta 106 zcmey#@{?u4J}CnuV*_&|(Lr2`S%OmARySEFnEjg^nIM+B Hub&M7%IzrL diff --git a/certs/ed25519/server-ed25519.pem b/certs/ed25519/server-ed25519.pem index a9d655aca..3c64693b2 100644 --- a/certs/ed25519/server-ed25519.pem +++ b/certs/ed25519/server-ed25519.pem @@ -5,8 +5,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT + Not Before: Dec 21 16:49:35 2021 GMT + Not After : Sep 16 16:49:35 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -30,25 +30,25 @@ Certificate: Netscape Cert Type: SSL Server Signature Algorithm: ED25519 - 2a:c7:33:f1:ed:51:63:7b:38:4d:df:45:3d:b1:6a:8a:6e:3e: - cc:78:93:cf:84:5d:61:23:62:31:c1:c9:4d:11:6a:83:d5:38: - e8:b2:40:a1:62:c9:7b:a4:11:91:04:52:65:86:ab:82:38:20: - 36:fe:93:59:60:16:65:be:8f:06 + 64:65:b1:5a:3b:18:07:36:42:ea:95:c9:de:96:59:04:cc:65: + 8a:5a:97:ee:a5:94:06:66:f6:b8:78:68:d1:c1:9f:3f:5c:71: + 4d:81:1e:80:ec:c2:52:44:b4:1f:d7:90:ad:84:37:a1:dd:c1: + f8:ae:fa:c2:92:4f:38:7d:b0:0c -----BEGIN CERTIFICATE----- MIICdTCCAiegAwIBAgIBATAFBgMrZXAwgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjAy -MzA3MjVaFw0yNDA5MTUyMzA3MjVaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMTEyMjEx +NjQ5MzVaFw0yNDA5MTYxNjQ5MzVaMIGfMQswCQYDVQQGEwJVUzEQMA4GA1UECAwH TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1 NTE5MRcwFQYDVQQLDA5TZXJ2ZXItZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCowBQYDK2Vw AyEAI6pNYFDgE9M67av2qcxK/tdNL9JbGhAF71pBJc4bU3ijgYkwgYYwHQYDVR0O BBYEFKMpgeeQb7lg+K/MFXqu16H0tIa6MB8GA1UdIwQYMBaAFHTVOBleg7kD+AGK NTW7iUxJtCPpMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQM -MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQAqxzPx7VFj -ezhN30U9sWqKbj7MeJPPhF1hI2IxwclNEWqD1TjoskChYsl7pBGRBFJlhquCOCA2 -/pNZYBZlvo8G +MAoGCCsGAQUFBwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAFBgMrZXADQQBkZbFaOxgH +NkLqlcnellkEzGWKWpfupZQGZva4eGjRwZ8/XHFNgR6A7MJSRLQf15CthDeh3cH4 +rvrCkk84fbAM -----END CERTIFICATE----- Certificate: Data: @@ -57,8 +57,8 @@ Certificate: Signature Algorithm: ED25519 Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Dec 20 23:07:25 2021 GMT - Not After : Sep 15 23:07:25 2024 GMT + Not Before: Dec 21 16:49:35 2021 GMT + Not After : Sep 16 16:49:35 2024 GMT Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: ED25519 @@ -78,22 +78,22 @@ Certificate: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: ED25519 - 03:98:e3:5f:c8:d0:65:19:d4:ba:64:a6:df:d9:c5:f5:79:76: - ba:9c:e5:b7:a1:12:e3:b9:0b:a5:40:93:ec:c0:96:b7:65:76: - 1c:9c:4a:e8:62:3e:8b:a3:85:d5:b2:8b:94:ad:69:f9:54:67: - ff:7f:09:7c:7c:df:b2:62:5b:0c + 71:66:ff:a7:fc:b9:fa:03:85:13:28:80:46:5b:22:84:1c:a2: + b8:f1:f4:85:83:66:4b:a2:44:8c:63:04:ba:3f:59:e1:ba:b3: + 03:16:70:85:05:5d:50:20:29:69:7c:5b:82:25:31:c3:79:7e: + 9a:eb:86:be:dc:33:e1:e0:57:0e -----BEGIN CERTIFICATE----- MIICTDCCAf6gAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIxMTIy -MDIzMDcyNVoXDTI0MDkxNTIzMDcyNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI +MTE2NDkzNVoXDTI0MDkxNjE2NDkzNVowgZsxCzAJBgNVBAYTAlVTMRAwDgYDVQQI DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAqMAUGAytlcAMh AEI7evmCz/nfGd3z8DIpbfr9dk9owsLgbEeuwlVorA1No2MwYTAdBgNVHQ4EFgQU dNU4GV6DuQP4AYo1NbuJTEm0I+kwHwYDVR0jBBgwFoAU+rpbdh3xHR1NdEjYmDtW 77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VwA0EA -A5jjX8jQZRnUumSm39nF9Xl2upzlt6ES47kLpUCT7MCWt2V2HJxK6GI+i6OF1bKL -lK1p+VRn/38JfHzfsmJbDA== +cWb/p/y5+gOFEyiARlsihByiuPH0hYNmS6JEjGMEuj9Z4bqzAxZwhQVdUCApaXxb +giUxw3l+muuGvtwz4eBXDg== -----END CERTIFICATE----- diff --git a/wolfssl/certs_test.h b/wolfssl/certs_test.h index 538bcd4c9..d2fcfaa73 100644 --- a/wolfssl/certs_test.h +++ b/wolfssl/certs_test.h @@ -4690,9 +4690,9 @@ static const unsigned char server_ed25519_cert[] = 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, 0x32, 0x32, - 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x17, 0x0D, - 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, 0x30, 0x37, - 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x31, 0x31, 0x36, 0x34, 0x39, 0x33, 0x35, 0x5A, 0x17, 0x0D, + 0x32, 0x34, 0x30, 0x39, 0x31, 0x36, 0x31, 0x36, 0x34, 0x39, + 0x33, 0x35, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, @@ -4727,14 +4727,14 @@ static const unsigned char server_ed25519_cert[] = 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, - 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x2A, - 0xC7, 0x33, 0xF1, 0xED, 0x51, 0x63, 0x7B, 0x38, 0x4D, 0xDF, - 0x45, 0x3D, 0xB1, 0x6A, 0x8A, 0x6E, 0x3E, 0xCC, 0x78, 0x93, - 0xCF, 0x84, 0x5D, 0x61, 0x23, 0x62, 0x31, 0xC1, 0xC9, 0x4D, - 0x11, 0x6A, 0x83, 0xD5, 0x38, 0xE8, 0xB2, 0x40, 0xA1, 0x62, - 0xC9, 0x7B, 0xA4, 0x11, 0x91, 0x04, 0x52, 0x65, 0x86, 0xAB, - 0x82, 0x38, 0x20, 0x36, 0xFE, 0x93, 0x59, 0x60, 0x16, 0x65, - 0xBE, 0x8F, 0x06 + 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x64, + 0x65, 0xB1, 0x5A, 0x3B, 0x18, 0x07, 0x36, 0x42, 0xEA, 0x95, + 0xC9, 0xDE, 0x96, 0x59, 0x04, 0xCC, 0x65, 0x8A, 0x5A, 0x97, + 0xEE, 0xA5, 0x94, 0x06, 0x66, 0xF6, 0xB8, 0x78, 0x68, 0xD1, + 0xC1, 0x9F, 0x3F, 0x5C, 0x71, 0x4D, 0x81, 0x1E, 0x80, 0xEC, + 0xC2, 0x52, 0x44, 0xB4, 0x1F, 0xD7, 0x90, 0xAD, 0x84, 0x37, + 0xA1, 0xDD, 0xC1, 0xF8, 0xAE, 0xFA, 0xC2, 0x92, 0x4F, 0x38, + 0x7D, 0xB0, 0x0C }; static const int sizeof_server_ed25519_cert = sizeof(server_ed25519_cert); @@ -4771,9 +4771,9 @@ static const unsigned char ca_ed25519_cert[] = 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, 0x31, - 0x32, 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, - 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, 0x33, - 0x30, 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9B, 0x31, 0x0B, + 0x32, 0x32, 0x31, 0x31, 0x36, 0x34, 0x39, 0x33, 0x35, 0x5A, + 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x36, 0x31, 0x36, + 0x34, 0x39, 0x33, 0x35, 0x5A, 0x30, 0x81, 0x9B, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, @@ -4804,24 +4804,24 @@ static const unsigned char ca_ed25519_cert[] = 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x05, - 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x03, 0x98, - 0xE3, 0x5F, 0xC8, 0xD0, 0x65, 0x19, 0xD4, 0xBA, 0x64, 0xA6, - 0xDF, 0xD9, 0xC5, 0xF5, 0x79, 0x76, 0xBA, 0x9C, 0xE5, 0xB7, - 0xA1, 0x12, 0xE3, 0xB9, 0x0B, 0xA5, 0x40, 0x93, 0xEC, 0xC0, - 0x96, 0xB7, 0x65, 0x76, 0x1C, 0x9C, 0x4A, 0xE8, 0x62, 0x3E, - 0x8B, 0xA3, 0x85, 0xD5, 0xB2, 0x8B, 0x94, 0xAD, 0x69, 0xF9, - 0x54, 0x67, 0xFF, 0x7F, 0x09, 0x7C, 0x7C, 0xDF, 0xB2, 0x62, - 0x5B, 0x0C + 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x71, 0x66, + 0xFF, 0xA7, 0xFC, 0xB9, 0xFA, 0x03, 0x85, 0x13, 0x28, 0x80, + 0x46, 0x5B, 0x22, 0x84, 0x1C, 0xA2, 0xB8, 0xF1, 0xF4, 0x85, + 0x83, 0x66, 0x4B, 0xA2, 0x44, 0x8C, 0x63, 0x04, 0xBA, 0x3F, + 0x59, 0xE1, 0xBA, 0xB3, 0x03, 0x16, 0x70, 0x85, 0x05, 0x5D, + 0x50, 0x20, 0x29, 0x69, 0x7C, 0x5B, 0x82, 0x25, 0x31, 0xC3, + 0x79, 0x7E, 0x9A, 0xEB, 0x86, 0xBE, 0xDC, 0x33, 0xE1, 0xE0, + 0x57, 0x0E }; static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert); /* ./certs/ed25519/client-ed25519.der, ED25519 */ static const unsigned char client_ed25519_cert[] = { - 0x30, 0x82, 0x02, 0x77, 0x30, 0x82, 0x02, 0x29, 0xA0, 0x03, - 0x02, 0x01, 0x02, 0x02, 0x14, 0x78, 0xE3, 0x17, 0xF6, 0x7F, - 0x7E, 0x41, 0x85, 0x76, 0xF8, 0x9F, 0x3E, 0x9D, 0xDB, 0x7E, - 0xDD, 0xB9, 0x52, 0x8B, 0x39, 0x30, 0x05, 0x06, 0x03, 0x2B, + 0x30, 0x82, 0x03, 0x54, 0x30, 0x82, 0x03, 0x06, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x14, 0x07, 0xFF, 0x95, 0xE7, 0x9E, + 0x2D, 0x2D, 0x16, 0x1A, 0x5D, 0xBC, 0x8E, 0x44, 0x4C, 0x1E, + 0x0F, 0x7C, 0xC1, 0x1B, 0x73, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, @@ -4839,9 +4839,9 @@ static const unsigned char client_ed25519_cert[] = 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x31, - 0x31, 0x32, 0x32, 0x30, 0x32, 0x33, 0x30, 0x37, 0x32, 0x35, - 0x5A, 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x35, 0x32, - 0x33, 0x30, 0x37, 0x32, 0x35, 0x5A, 0x30, 0x81, 0x9F, 0x31, + 0x31, 0x32, 0x32, 0x31, 0x31, 0x36, 0x34, 0x39, 0x33, 0x35, + 0x5A, 0x17, 0x0D, 0x32, 0x34, 0x30, 0x39, 0x31, 0x36, 0x31, + 0x36, 0x34, 0x39, 0x33, 0x35, 0x5A, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, @@ -4862,26 +4862,48 @@ static const unsigned char client_ed25519_cert[] = 0xE6, 0x57, 0x5B, 0x13, 0x1B, 0xC7, 0x51, 0x14, 0x6B, 0xED, 0x3B, 0xF5, 0xD1, 0xFA, 0xAB, 0x9E, 0x6C, 0xB6, 0xEB, 0x02, 0x09, 0xA3, 0x99, 0xF5, 0x6E, 0xBF, 0x9D, 0x3C, 0xFE, 0x54, - 0x39, 0xE6, 0xA3, 0x75, 0x30, 0x73, 0x30, 0x1D, 0x06, 0x03, - 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xFE, 0x41, 0x5E, + 0x39, 0xE6, 0xA3, 0x82, 0x01, 0x50, 0x30, 0x82, 0x01, 0x4C, + 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, + 0x14, 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, + 0x3E, 0x47, 0x89, 0x90, 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, + 0x8A, 0x30, 0x81, 0xDF, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, + 0x81, 0xD7, 0x30, 0x81, 0xD4, 0x80, 0x14, 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, 0x3E, 0x47, 0x89, 0x90, - 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, 0x30, 0x1F, 0x06, - 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, - 0xFE, 0x41, 0x5E, 0x3E, 0x81, 0xE2, 0x2E, 0x46, 0xB3, 0x3E, - 0x47, 0x89, 0x90, 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, - 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, - 0x04, 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, - 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03, 0xA8, - 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, - 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, - 0x02, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, - 0x00, 0x5F, 0xE1, 0x69, 0x78, 0x55, 0xCA, 0x61, 0x76, 0xA6, - 0xEC, 0x10, 0x29, 0xDA, 0xDC, 0xA9, 0x31, 0x23, 0xC7, 0x3B, - 0x91, 0x5F, 0x94, 0xE8, 0x2A, 0x6D, 0xE6, 0xF5, 0x5A, 0x5C, - 0x16, 0x60, 0x9D, 0xE7, 0xAC, 0x97, 0x3D, 0x30, 0x41, 0x23, - 0x76, 0x0C, 0x4A, 0xF2, 0x82, 0x31, 0xF2, 0x70, 0x85, 0xBD, - 0x7A, 0xE7, 0x19, 0x77, 0xB3, 0x6F, 0x88, 0x0F, 0x96, 0xAD, - 0xAF, 0x2D, 0xA8, 0xD2, 0x09 + 0xD4, 0xC2, 0xB4, 0x8E, 0x11, 0xD6, 0x8A, 0xA1, 0x81, 0xA5, + 0xA4, 0x81, 0xA2, 0x30, 0x81, 0x9F, 0x31, 0x0B, 0x30, 0x09, + 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, + 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, + 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, + 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x18, 0x30, 0x16, 0x06, + 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0F, 0x77, 0x6F, 0x6C, 0x66, + 0x53, 0x53, 0x4C, 0x5F, 0x65, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, + 0x0C, 0x0E, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x65, + 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x07, 0xFF, 0x95, + 0xE7, 0x9E, 0x2D, 0x2D, 0x16, 0x1A, 0x5D, 0xBC, 0x8E, 0x44, + 0x4C, 0x1E, 0x0F, 0x7C, 0xC1, 0x1B, 0x73, 0x30, 0x0C, 0x06, + 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, + 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, + 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, + 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, + 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, + 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, + 0x03, 0x02, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, + 0x41, 0x00, 0x56, 0x16, 0xBB, 0xD9, 0xA4, 0x39, 0x84, 0x64, + 0x21, 0xAD, 0xCA, 0x36, 0xAA, 0x3F, 0x01, 0x97, 0x7D, 0x6D, + 0x9B, 0x49, 0x8B, 0x5B, 0xCE, 0xF0, 0xF1, 0x66, 0x81, 0xFB, + 0xF2, 0x3F, 0x86, 0x02, 0xF3, 0xDA, 0xEA, 0x20, 0x76, 0xED, + 0x5B, 0x08, 0x28, 0xC9, 0xA9, 0xC1, 0xAF, 0x82, 0x3F, 0xBB, + 0xFE, 0x24, 0x04, 0x6E, 0x5D, 0xF7, 0xBD, 0xB7, 0xBB, 0x52, + 0xCD, 0x79, 0xA3, 0xED, 0xAA, 0x01 }; static const int sizeof_client_ed25519_cert = sizeof(client_ed25519_cert); From dd9b1afb7213ca7b584240b5135147efce7a210e Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz <49391366+julek-wolfssl@users.noreply.github.com> Date: Wed, 22 Dec 2021 02:28:01 +0100 Subject: [PATCH 16/16] Remove magic numbers from `WOLFSSL_ASN_TEMPLATE` code (#4582) * pkcs8KeyASN and other misc asn fixes - Test fixes for testing with `USE_CERT_BUFFERS_1024` * intASN * bitStringASN * objectIdASN * algoIdASN * rsaKeyASN * pbes2ParamsASN * pbes1ParamsASN * pkcs8DecASN * p8EncPbes1ASN * rsaPublicKeyASN * dhParamASN * dhKeyPkcs8ASN * dsaKeyASN * dsaPubKeyASN - Add `wc_SetDsaPublicKey` without header testing * dsaKeyOctASN * rsaCertKeyASN * eccCertKeyASN * rdnASN * certNameASN * digestInfoASN * otherNameASN * altNameASN * basicConsASN * crlDistASN * accessDescASN * authKeyIdASN * keyUsageASN * keyPurposeIdASN * subTreeASN * nameConstraintsASN * policyInfoASN * certExtHdrASN * certExtASN * x509CertASN * reqAttrASN * strAttrASN * certReqASN * eccPublicKeyASN * edPubKeyASN * ekuASN * nameASN * certExtsASN * sigASN * certReqBodyASN_IDX_EXT_BODY * dsaSigASN * eccSpecifiedASN * eccKeyASN * edKeyASN * singleResponseASN * respExtHdrASN * ocspRespDataASN * ocspBasicRespASN * ocspResponseASN * ocspNonceExtASN * ocspRequestASN * revokedASN * crlASN * pivASN * pivCertASN * dateASN * `wc_SetDsaPublicKey` was not including `y` in the sequence length * All index names changed to uppercase * Shorten names in comments * Make sure extensions have sequence header when in cert gen * Fix/refactor size calc in `SetNameEx` * Pad blocks for encryption * Add casting for increased enum portability * Use stack for small ASN types --- tests/api.c | 80 +- wolfcrypt/src/asn.c | 3642 ++++++++++++++++++++++++--------------- wolfcrypt/test/test.c | 6 + wolfssl/test.h | 7 + wolfssl/wolfcrypt/asn.h | 46 + 5 files changed, 2359 insertions(+), 1422 deletions(-) diff --git a/tests/api.c b/tests/api.c index e5a943ef3..8cb037311 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1463,8 +1463,9 @@ static int test_wolfSSL_CertManagerSetVerify(void) #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ defined(DEBUG_UNIT_TEST_CERTS) -/* used when debugging name constraint tests */ -static void DEBUG_WRITE_CERT_X509(WOLFSSL_X509* x509, const char* fileName) +/* Used when debugging name constraint tests. Not static to allow use in + * multiple locations with complex define guards. */ +void DEBUG_WRITE_CERT_X509(WOLFSSL_X509* x509, const char* fileName) { BIO* out = BIO_new(BIO_s_file()); if (out != NULL) { @@ -1474,7 +1475,7 @@ static void DEBUG_WRITE_CERT_X509(WOLFSSL_X509* x509, const char* fileName) BIO_free(out); } } -static void DEBUG_WRITE_CERT_DER(const byte* der, int derSz, const char* fileName) +void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName) { BIO* out = BIO_new(BIO_s_file()); if (out != NULL) { @@ -1486,7 +1487,7 @@ static void DEBUG_WRITE_CERT_DER(const byte* der, int derSz, const char* fileNam } #else #define DEBUG_WRITE_CERT_X509(x509, fileName) -#define DEBUG_WRITE_CERT_DER(der, derSz, fileName) +#define DEBUG_WRITE_DER(der, derSz, fileName) #endif @@ -1572,7 +1573,7 @@ static void test_wolfSSL_CertManagerNameConstraint(void) WOLFSSL_FILETYPE_ASN1)); AssertNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); - DEBUG_WRITE_CERT_DER(der, derSz, "ca.der"); + DEBUG_WRITE_DER(der, derSz, "ca.der"); AssertIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); @@ -1853,7 +1854,7 @@ static void test_wolfSSL_CertManagerNameConstraint3(void) AssertNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); AssertNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); - DEBUG_WRITE_CERT_DER(der, derSz, "ca.der"); + DEBUG_WRITE_DER(der, derSz, "ca.der"); AssertIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); @@ -1968,7 +1969,7 @@ static void test_wolfSSL_CertManagerNameConstraint4(void) AssertNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); AssertNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); - DEBUG_WRITE_CERT_DER(der, derSz, "ca.der"); + DEBUG_WRITE_DER(der, derSz, "ca.der"); AssertIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); @@ -2124,7 +2125,7 @@ static void test_wolfSSL_CertManagerNameConstraint5(void) AssertNotNull(ca = wolfSSL_X509_load_certificate_file(ca_cert, WOLFSSL_FILETYPE_ASN1)); AssertNotNull((der = (byte*)wolfSSL_X509_get_der(ca, &derSz))); - DEBUG_WRITE_CERT_DER(der, derSz, "ca.der"); + DEBUG_WRITE_DER(der, derSz, "ca.der"); AssertIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, der, derSz, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); @@ -18500,7 +18501,7 @@ static int test_RsaDecryptBoundsCheck(void) mp_init_copy(&c, &key.n); mp_sub_d(&c, 1, &c); mp_to_unsigned_bin(&c, flatC); - ret = wc_RsaDirect(flatC, sizeof(flatC), out, &outSz, &key, + ret = wc_RsaDirect(flatC, flatCSz, out, &outSz, &key, RSA_PRIVATE_DECRYPT, NULL); mp_clear(&c); } @@ -20619,6 +20620,20 @@ static int test_wc_DsaKeyToPublicDer(void) word32 idx = 0; ret = wc_DsaPublicKeyDecode(der, &idx, &genKey, sz); } + /* Test without the SubjectPublicKeyInfo header */ + if (ret == 0) { + ret = wc_SetDsaPublicKey(der, &genKey, ONEK_BUF, 0); + if (ret >= 0) { + sz = ret; + ret = 0; + } else { + ret = WOLFSSL_FATAL_ERROR; + } + } + if (ret == 0) { + word32 idx = 0; + ret = wc_DsaPublicKeyDecode(der, &idx, &genKey, sz); + } /* Test bad args. */ if (ret == 0) { @@ -36321,9 +36336,12 @@ static void test_wolfSSL_X509_sign(void) AssertIntEQ(wolfSSL_X509_get_serial_number(x509, sn, &snSz), WOLFSSL_SUCCESS); - DEBUG_WRITE_CERT_X509(x509, "signed.der"); + DEBUG_WRITE_CERT_X509(x509, "signed.pem"); - /* Variation in size depends on ASN.1 encoding when MSB is set */ + /* Variation in size depends on ASN.1 encoding when MSB is set. + * WOLFSSL_ASN_TEMPLATE code does not generate a serial number + * with the MSB set. See GenerateInteger in asn.c */ +#ifndef USE_CERT_BUFFERS_1024 #ifndef WOLFSSL_ALT_NAMES /* Valid case - size should be 798-797 with 16 byte serial number */ AssertTrue((ret == 781 + snSz) || (ret == 782 + snSz)); @@ -36333,6 +36351,18 @@ static void test_wolfSSL_X509_sign(void) #else /* Valid case - size should be 926-927 with 16 byte serial number */ AssertTrue((ret == 910 + snSz) || (ret == 911 + snSz)); +#endif +#else +#ifndef WOLFSSL_ALT_NAMES + /* Valid case - size should be 537-538 with 16 byte serial number */ + AssertTrue((ret == 521 + snSz) || (ret == 522 + snSz)); +#elif defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME) + /* Valid case - size should be 695-696 with 16 byte serial number */ + AssertTrue((ret == 679 + snSz) || (ret == 680 + snSz)); +#else + /* Valid case - size should be 666-667 with 16 byte serial number */ + AssertTrue((ret == 650 + snSz) || (ret == 651 + snSz)); +#endif #endif /* check that issuer name is as expected after signature */ InitDecodedCert(&dCert, certIssuer, (word32)certIssuerSz, 0); @@ -36759,6 +36789,7 @@ static void test_wolfSSL_X509_PUBKEY_DSA(void) AssertIntEQ(pptype, V_ASN1_SEQUENCE); AssertIntEQ(OBJ_obj2nid(pa_oid), EVP_PKEY_DSA); str = (ASN1_STRING *)pval; + DEBUG_WRITE_DER(ASN1_STRING_data(str), ASN1_STRING_length(str), "str.der"); #ifdef USE_CERT_BUFFERS_1024 AssertIntEQ(ASN1_STRING_length(str), 291); #else @@ -42746,12 +42777,12 @@ static void test_wolfSSL_EVP_PKEY_set1_get1_DSA(void) word32 bytes; int answer; #ifdef USE_CERT_BUFFERS_1024 - const unsigned char* dsaKeyDer = dsa_key_der1024; + const unsigned char* dsaKeyDer = dsa_key_der_1024; int dsaKeySz = sizeof_dsa_key_der_1024; byte tmp[ONEK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsaKeyDer , dsaKeySz); - bytes = dsa_key_der_sz; + bytes = dsaKeySz; #elif defined(USE_CERT_BUFFERS_2048) const unsigned char* dsaKeyDer = dsa_key_der_2048; int dsaKeySz = sizeof_dsa_key_der_2048; @@ -42760,16 +42791,15 @@ static void test_wolfSSL_EVP_PKEY_set1_get1_DSA(void) XMEMCPY(tmp, dsaKeyDer , dsaKeySz); bytes = dsaKeySz; #else - const unsigned char* dsaKeyDer = dsa_key_der_2048; - int dsaKeySz = sizeof_dsa_key_der_2048; byte tmp[TWOK_BUF]; + const unsigned char* dsaKeyDer = (const unsigned char*)tmp; + int dsaKeySz; XMEMSET(tmp, 0, sizeof(tmp)); - XMEMCPY(tmp, dsaKeyDer , dsaKeySz); - XFILE fp = XOPEN("./certs/dsa2048.der", "rb"); + XFILE fp = XFOPEN("./certs/dsa2048.der", "rb"); if (fp == XBADFILE) { return WOLFSSL_BAD_FILE; } - bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp); + dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp); XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ @@ -42793,7 +42823,11 @@ static void test_wolfSSL_EVP_PKEY_set1_get1_DSA(void) AssertNotNull(dsa = EVP_PKEY_get0_DSA(pkey)); AssertNotNull(dsa = EVP_PKEY_get1_DSA(pkey)); +#ifdef USE_CERT_BUFFERS_1024 + AssertIntEQ(DSA_bits(dsa), 1024); +#else AssertIntEQ(DSA_bits(dsa), 2048); +#endif /* Sign */ AssertIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS); @@ -46498,6 +46532,7 @@ static void test_X509_REQ(void) EVP_PKEY* priv; EVP_PKEY* pub; unsigned char* der = NULL; + int len; #endif #ifndef NO_RSA EVP_MD_CTX *mctx = NULL; @@ -46513,7 +46548,6 @@ static void test_X509_REQ(void) #ifdef HAVE_ECC const unsigned char* ecPriv = (const unsigned char*)ecc_clikey_der_256; const unsigned char* ecPub = (unsigned char*)ecc_clikeypub_der_256; - int len; #endif AssertNotNull(name = X509_NAME_new()); @@ -46540,7 +46574,13 @@ static void test_X509_REQ(void) AssertIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE); AssertIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE); AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS); - AssertIntEQ(i2d_X509_REQ(req, &der), 643); + len = i2d_X509_REQ(req, &der); + DEBUG_WRITE_DER(der, len, "req.der"); +#ifdef USE_CERT_BUFFERS_1024 + AssertIntEQ(len, 381); +#else + AssertIntEQ(len, 643); +#endif XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL); der = NULL; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 9a1ed7a11..c757ccd9d 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -701,7 +701,15 @@ int SizeASN_Items(const ASNItem* asn, ASNSetData *data, int count, int* encSz) if (data[i].data.buffer.data != NULL) { /* Force all child nodes to be ignored. Buffer * overwrites children. */ - SetASNItem_NoOutBelow(data, asn, i, count); + { + int ii; + for (ii = i + 1; ii < count; ii++) { + if (asn[ii].depth <= asn[i].depth) + break; + sz -= data[ii].length; + data[ii].noOut = 1; + } + } } else { /* Calculate data length from items below if no buffer @@ -2829,7 +2837,10 @@ static int SetASNIntRSA(void* n, byte* output) #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for an INTEGER. */ static const ASNItem intASN[] = { - { 0, ASN_INTEGER, 0, 0, 0 } +/* INT */ { 0, ASN_INTEGER, 0, 0, 0 } +}; +enum { + INTASN_IDX_INT = 0 }; /* Number of items in ASN.1 template for an INTEGER. */ @@ -2879,7 +2890,7 @@ int GetMyVersion(const byte* input, word32* inOutIdx, /* Clear dynamic data and set the version number variable. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_Int8Bit(&dataASN[0], &num); + GetASN_Int8Bit(&dataASN[INTASN_IDX_INT], &num); /* Decode the version (INTEGER). */ ret = GetASN_Items(intASN, dataASN, intASN_Length, 0, input, inOutIdx, maxIdx); @@ -2946,7 +2957,7 @@ int GetShortInt(const byte* input, word32* inOutIdx, int* number, word32 maxIdx) /* Clear dynamic data and set the 32-bit number variable. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_Int32Bit(&dataASN[0], &num); + GetASN_Int32Bit(&dataASN[INTASN_IDX_INT], &num); /* Decode the short int (INTEGER). */ ret = GetASN_Items(intASN, dataASN, intASN_Length, 0, input, inOutIdx, maxIdx); @@ -3092,7 +3103,7 @@ int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, word32 maxIdx) /* Clear dynamic data and set the mp_int to fill with value. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_MP_PosNeg(&dataASN[0], mpi); + GetASN_MP_PosNeg(&dataASN[INTASN_IDX_INT], mpi); /* Decode the big number (INTEGER). */ return GetASN_Items(intASN, dataASN, intASN_Length, 0, input, inOutIdx, maxIdx); @@ -3124,7 +3135,10 @@ static int SkipInt(const byte* input, word32* inOutIdx, word32 maxIdx) #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for a BIT_STRING. */ static const ASNItem bitStringASN[] = { - { 0, ASN_BIT_STRING, 0, 1, 0 } +/* BIT_STR */ { 0, ASN_BIT_STRING, 0, 1, 0 } +}; +enum { + BITSTRINGASN_IDX_BIT_STR = 0 }; /* Number of items in ASN.1 template for a BIT_STRING. */ @@ -3207,7 +3221,7 @@ int CheckBitString(const byte* input, word32* inOutIdx, int* len, inOutIdx, maxIdx); if (ret == 0) { /* Get unused bits from dynamic ASN.1 data. */ - bits = GetASNItem_UnusedBits(dataASN[0]); + bits = GetASNItem_UnusedBits(dataASN[BITSTRINGASN_IDX_BIT_STR]); /* Check unused bits is 0 when expected. */ if (zeroBits && (bits != 0)) { ret = ASN_EXPECT_0_E; @@ -3216,7 +3230,7 @@ int CheckBitString(const byte* input, word32* inOutIdx, int* len, if (ret == 0) { /* Return length of data and unused bits if required. */ if (len != NULL) { - *len = dataASN[0].data.ref.length; + *len = dataASN[BITSTRINGASN_IDX_BIT_STR].data.ref.length; } if (unusedBits != NULL) { *unusedBits = bits; @@ -5179,7 +5193,10 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid, #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for an OBJECT_ID. */ static const ASNItem objectIdASN[] = { - { 0, ASN_OBJECT_ID, 0, 0, 0 } +/* OID */ { 0, ASN_OBJECT_ID, 0, 0, 0 } +}; +enum { + OBJECTIDASN_IDX_OID = 0 }; /* Number of items in ASN.1 template for an OBJECT_ID. */ @@ -5219,13 +5236,13 @@ int GetObjectId(const byte* input, word32* inOutIdx, word32* oid, /* Clear dynamic data and set OID type expected. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_OID(&dataASN[0], oidType); + GetASN_OID(&dataASN[OBJECTIDASN_IDX_OID], oidType); /* Decode OBJECT_ID. */ ret = GetASN_Items(objectIdASN, dataASN, objectIdASN_Length, 0, input, inOutIdx, maxIdx); if (ret == 0) { /* Return the id/sum. */ - *oid = dataASN[0].data.oid.sum; + *oid = dataASN[OBJECTIDASN_IDX_OID].data.oid.sum; } return ret; #endif /* WOLFSSL_ASN_TEMPLATE */ @@ -5252,9 +5269,14 @@ static int SkipObjectId(const byte* input, word32* inOutIdx, word32 maxIdx) #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for an algorithm identifier. */ static const ASNItem algoIdASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 2 */ { 1, ASN_TAG_NULL, 0, 0, 1 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* NULL */ { 1, ASN_TAG_NULL, 0, 0, 1 }, +}; +enum { + ALGOIDASN_IDX_SEQ = 0, + ALGOIDASN_IDX_OID, + ALGOIDASN_IDX_NULL }; /* Number of items in ASN.1 template for an algorithm identifier. */ @@ -5310,22 +5332,25 @@ int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, return 0; #else - ASNGetData dataASN[algoIdASN_Length]; - int ret; + DECL_ASNGETDATA(dataASN, algoIdASN_Length); + int ret = 0; WOLFSSL_ENTER("GetAlgoId"); - /* Clear dynamic data and set OID type expected. */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * algoIdASN_Length); - GetASN_OID(&dataASN[1], oidType); - /* Decode the algorithm identifier. */ - ret = GetASN_Items(algoIdASN, dataASN, algoIdASN_Length, 0, input, inOutIdx, - maxIdx); + CALLOC_ASNGETDATA(dataASN, algoIdASN_Length, ret, NULL); + if (ret == 0) { + /* Set OID type expected. */ + GetASN_OID(&dataASN[ALGOIDASN_IDX_OID], oidType); + /* Decode the algorithm identifier. */ + ret = GetASN_Items(algoIdASN, dataASN, algoIdASN_Length, 0, input, inOutIdx, + maxIdx); + } if (ret == 0) { /* Return the OID id/sum. */ - *oid = dataASN[1].data.oid.sum; + *oid = dataASN[ALGOIDASN_IDX_OID].data.oid.sum; } + FREE_ASNGETDATA(dataASN, NULL); return ret; #endif /* WOLFSSL_ASN_TEMPLATE */ } @@ -5372,21 +5397,39 @@ static mp_int* GetRsaInt(RsaKey* key, byte idx) * PKCS #1: RFC 8017, A.1.2 - RSAPrivateKey */ static const ASNItem rsaKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 2 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 3 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* VER */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* Integers need to be in this specific order + * as asn code depends on this. */ +/* N */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* E */ { 1, ASN_INTEGER, 0, 0, 0 }, #if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_KEY_GEN) -/* 4 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 5 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 6 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 7 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 8 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 9 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* D */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* P */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* Q */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* DP */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* DQ */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* U */ { 1, ASN_INTEGER, 0, 0, 0 }, /* otherPrimeInfos OtherPrimeInfos OPTIONAL * v2 - multiprime */ #endif }; +enum { + RSAKEYASN_IDX_SEQ = 0, + RSAKEYASN_IDX_VER, + /* Integers need to be in this specific order + * as asn code depends on this. */ + RSAKEYASN_IDX_N, + RSAKEYASN_IDX_E, +#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_KEY_GEN) + RSAKEYASN_IDX_D, + RSAKEYASN_IDX_P, + RSAKEYASN_IDX_Q, + RSAKEYASN_IDX_DP, + RSAKEYASN_IDX_DQ, + RSAKEYASN_IDX_U, +#endif +}; /* Number of items in ASN.1 template for an RSA private key. */ #define rsaKeyASN_Length (sizeof(rsaKeyASN) / sizeof(ASNItem)) @@ -5496,19 +5539,19 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, if (ret == 0) { /* Register variable to hold version field. */ - GetASN_Int8Bit(&dataASN[1], &version); + GetASN_Int8Bit(&dataASN[RSAKEYASN_IDX_VER], &version); /* Setup data to store INTEGER data in mp_int's in RSA object. */ #if defined(WOLFSSL_RSA_PUBLIC_ONLY) /* Extract all public fields. */ for (i = 0; i < RSA_PUB_INTS; i++) { - GetASN_MP(&dataASN[2 + i], GetRsaInt(key, i)); + GetASN_MP(&dataASN[(byte)RSAKEYASN_IDX_N + i], GetRsaInt(key, i)); } /* Not extracting all data from BER encoding. */ #define RSA_ASN_COMPLETE 0 #else /* Extract all private fields. */ for (i = 0; i < RSA_INTS; i++) { - GetASN_MP(&dataASN[2 + i], GetRsaInt(key, i)); + GetASN_MP(&dataASN[(byte)RSAKEYASN_IDX_N + i], GetRsaInt(key, i)); } /* Extracting all data from BER encoding. */ #define RSA_ASN_COMPLETE 1 @@ -5552,16 +5595,25 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, * PKCS #8: RFC 5958, 2 - PrivateKeyInfo */ static const ASNItem pkcs8KeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 2 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 4 */ { 2, ASN_OBJECT_ID, 0, 0, 1 }, -/* 5 */ { 2, ASN_TAG_NULL, 0, 0, 1 }, -/* 6 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* VER */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* PKEY_ALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* PKEY_ALGO_OID_KEY */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* PKEY_ALGO_OID_CURVE */ { 2, ASN_OBJECT_ID, 0, 0, 1 }, +/* PKEY_ALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 1 }, +/* PKEY_DATA */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, /* attributes [0] Attributes OPTIONAL */ /* [[2: publicKey [1] PublicKey OPTIONAL ]] */ }; +enum { + PKCS8KEYASN_IDX_SEQ = 0, + PKCS8KEYASN_IDX_VER, + PKCS8KEYASN_IDX_PKEY_ALGO_SEQ, + PKCS8KEYASN_IDX_PKEY_ALGO_OID_KEY, + PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE, + PKCS8KEYASN_IDX_PKEY_ALGO_NULL, + PKCS8KEYASN_IDX_PKEY_DATA, +}; /* Number of items in ASN.1 template for a PKCS #8 key. */ #define pkcs8KeyASN_Length (sizeof(pkcs8KeyASN) / sizeof(ASNItem)) @@ -5641,9 +5693,9 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, if (ret == 0) { /* Get version, check key type and curve type. */ - GetASN_Int8Bit(&dataASN[1], &version); - GetASN_OID(&dataASN[3], oidKeyType); - GetASN_OID(&dataASN[4], oidCurveType); + GetASN_Int8Bit(&dataASN[PKCS8KEYASN_IDX_VER], &version); + GetASN_OID(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_KEY], oidKeyType); + GetASN_OID(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE], oidCurveType); /* Parse data. */ ret = GetASN_Items(pkcs8KeyASN, dataASN, pkcs8KeyASN_Length, 1, input, &idx, sz); @@ -5651,7 +5703,7 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, if (ret == 0) { /* Key type OID. */ - oid = dataASN[3].data.oid.sum; + oid = dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_KEY].data.oid.sum; /* Version 1 includes an optional public key. * If public key is included then the parsing will fail as it did not @@ -5666,8 +5718,8 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, #ifndef NO_RSA case RSAk: /* Must have NULL item but not OBJECT_ID item. */ - if ((dataASN[5].tag == 0) || - (dataASN[4].tag != 0)) { + if ((dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].tag == 0) || + (dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE].tag != 0)) { ret = ASN_PARSE_E; } break; @@ -5675,7 +5727,7 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, #ifdef HAVE_ECC case ECDSAk: /* Must not have NULL item. */ - if (dataASN[5].tag != 0) { + if (dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].tag != 0) { ret = ASN_PARSE_E; } break; @@ -5683,8 +5735,8 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, #ifdef HAVE_ED25519 case ED25519k: /* Neither NULL item nor OBJECT_ID item allowed. */ - if ((dataASN[5].tag != 0) || - (dataASN[4].tag != 0)) { + if ((dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].tag != 0) || + (dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE].tag != 0)) { ret = ASN_PARSE_E; } break; @@ -5692,8 +5744,8 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, #ifdef HAVE_CURVE25519 case X25519k: /* Neither NULL item nor OBJECT_ID item allowed. */ - if ((dataASN[5].tag != 0) || - (dataASN[4].tag != 0)) { + if ((dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].tag != 0) || + (dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE].tag != 0)) { ret = ASN_PARSE_E; } break; @@ -5701,8 +5753,8 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, #ifdef HAVE_ED448 case ED448k: /* Neither NULL item nor OBJECT_ID item allowed. */ - if ((dataASN[5].tag != 0) || - (dataASN[4].tag != 0)) { + if ((dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].tag != 0) || + (dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE].tag != 0)) { ret = ASN_PARSE_E; } break; @@ -5710,8 +5762,8 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, #ifdef HAVE_CURVE448 case X448k: /* Neither NULL item nor OBJECT_ID item allowed. */ - if ((dataASN[5].tag != 0) || - (dataASN[4].tag != 0)) { + if ((dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].tag != 0) || + (dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE].tag != 0)) { ret = ASN_PARSE_E; } break; @@ -5726,9 +5778,9 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz, /* Return algorithm id of internal key. */ *algId = oid; /* Return index to start of internal key. */ - *inOutIdx = GetASNItem_DataIdx(dataASN[6], input); + *inOutIdx = GetASNItem_DataIdx(dataASN[PKCS8KEYASN_IDX_PKEY_DATA], input); /* Return value is length of internal key. */ - ret = dataASN[6].data.ref.length; + ret = dataASN[PKCS8KEYASN_IDX_PKEY_DATA].data.ref.length; } FREE_ASNGETDATA(dataASN, NULL); @@ -5906,21 +5958,21 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz, if (ret == 0) { /* Only support default PKCS #8 format - v0. */ - SetASN_Int8Bit(&dataASN[1], PKCS8v0); + SetASN_Int8Bit(&dataASN[PKCS8KEYASN_IDX_VER], PKCS8v0); /* Set key OID that corresponds to key data. */ - SetASN_OID(&dataASN[3], algoID, oidKeyType); + SetASN_OID(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_KEY], algoID, oidKeyType); if (curveOID != NULL && oidSz > 0) { /* ECC key and curveOID set to write. */ - SetASN_Buffer(&dataASN[4], curveOID, oidSz); + SetASN_Buffer(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE], curveOID, oidSz); } else { /* EC curve OID to encode. */ - dataASN[4].noOut = 1; + dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE].noOut = 1; } /* Only RSA keys have NULL tagged item after OID. */ - dataASN[5].noOut = (algoID != RSAk); + dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_NULL].noOut = (algoID != RSAk); /* Set key data to encode. */ - SetASN_Buffer(&dataASN[6], key, keySz); + SetASN_Buffer(&dataASN[PKCS8KEYASN_IDX_PKEY_DATA], key, keySz); /* Get the size of the DER encoding. */ ret = SizeASN_Items(pkcs8KeyASN, dataASN, pkcs8KeyASN_Length, &sz); @@ -6603,27 +6655,42 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, * PKCS #5: RFC 8018, A.4 - PBES2-params without outer SEQUENCE * A.2 - PBKDF2-params * B.2 - Encryption schemes + * C - AlgorithmIdentifier */ static const ASNItem pbes2ParamsASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* PBKDF2 */ -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 2 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* Salt */ -/* 3 */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, - /* Iteration count */ -/* 4 */ { 2, ASN_INTEGER, 0, 0, 0 }, - /* Key length */ -/* 5 */ { 2, ASN_INTEGER, 0, 0, 1 }, - /* PRF - default is HMAC-SHA1 */ -/* 6 */ { 2, ASN_SEQUENCE, 1, 1, 1 }, -/* 7 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, -/* 8 */ { 3, ASN_TAG_NULL, 0, 0, 1 }, -/* 9 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* Encryption algorithm */ -/* 10 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, - /* IV for CBC */ -/* 11 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +/* KDF_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* PBKDF2 */ +/* KDF_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* PBKDF2_PARAMS_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* Salt */ +/* PBKDF2_PARAMS_SALT */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, + /* Iteration count */ +/* PBKDF2_PARAMS_ITER */ { 2, ASN_INTEGER, 0, 0, 0 }, + /* Key length */ +/* PBKDF2_PARAMS_KEYLEN */ { 2, ASN_INTEGER, 0, 0, 1 }, + /* PRF - default is HMAC-SHA1 */ +/* PBKDF2_PARAMS_PRF */ { 2, ASN_SEQUENCE, 1, 1, 1 }, +/* PBKDF2_PARAMS_PRF_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, +/* PBKDF2_PARAMS_PRF_NULL */ { 3, ASN_TAG_NULL, 0, 0, 1 }, +/* ENCS_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* Encryption algorithm */ +/* ENCS_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, + /* IV for CBC */ +/* ENCS_PARAMS */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +}; +enum { + PBES2PARAMSASN_IDX_KDF_SEQ = 0, + PBES2PARAMSASN_IDX_KDF_OID, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_SEQ, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_SALT, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_ITER, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_KEYLEN, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_PRF, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_PRF_OID, + PBES2PARAMSASN_IDX_PBKDF2_PARAMS_PRF_NULL, + PBES2PARAMSASN_IDX_ENCS_SEQ, + PBES2PARAMSASN_IDX_ENCS_OID, + PBES2PARAMSASN_IDX_ENCS_PARAMS, }; /* Number of items in ASN.1 template for PBES2 parameters. */ @@ -6634,9 +6701,13 @@ static const ASNItem pbes2ParamsASN[] = { */ static const ASNItem pbes1ParamsASN[] = { /* Salt */ -/* 0 */ { 0, ASN_OCTET_STRING, 0, 0, 0 }, +/* SALT */ { 0, ASN_OCTET_STRING, 0, 0, 0 }, /* Iteration count */ -/* 1 */ { 0, ASN_INTEGER, 0, 0, 0 }, +/* ITER */ { 0, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + PBES1PARAMSASN_IDX_SALT = 0, + PBES1PARAMSASN_IDX_ITER, }; /* Number of items in ASN.1 template for PBES1 parameters. */ @@ -6983,13 +7054,21 @@ int wc_CreateEncryptedPKCS8Key(byte* key, word32 keySz, byte* out, * PKCS #7: RFC 2315, 10.1 - EncryptedContentInfo without outer SEQUENCE */ static const ASNItem pkcs8DecASN[] = { -/* 0 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 2 */ { 2, ASN_SEQUENCE, 1, 0, 0 }, +/* ENCALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* ENCALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* ENCALGO_PARAMS */ { 2, ASN_SEQUENCE, 1, 0, 0 }, /* PKCS #7 */ -/* 3 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 2 }, +/* ENCCONTENT */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ENC_CONTENT, + 0, 0, 2 }, /* PKCS #8 */ -/* 4 */ { 1, ASN_OCTET_STRING, 0, 0, 2 }, +/* ENCDATA */ { 1, ASN_OCTET_STRING, 0, 0, 2 }, +}; +enum { + PKCS8DECASN_IDX_ENCALGO_SEQ = 0, + PKCS8DECASN_IDX_ENCALGO_OID, + PKCS8DECASN_IDX_ENCALGO_PARAMS, + PKCS8DECASN_IDX_ENCCONTENT, + PKCS8DECASN_IDX_ENCDATA, }; /* Number of items in ASN.1 template for PKCS #8/#7 encrypted key. */ @@ -7192,43 +7271,43 @@ exit_dc: WOLFSSL_ENTER("DecryptContent"); - ALLOC_ASNGETDATA(dataASN, pbes2ParamsASN_Length, ret, NULL); + CALLOC_ASNGETDATA(dataASN, pbes2ParamsASN_Length, ret, NULL); if (ret == 0) { /* Check OID is a PBE Type */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * pkcs8DecASN_Length); - GetASN_OID(&dataASN[1], oidPBEType); + GetASN_OID(&dataASN[PKCS8DECASN_IDX_ENCALGO_OID], oidPBEType); ret = GetASN_Items(pkcs8DecASN, dataASN, pkcs8DecASN_Length, 0, input, &idx, sz); } if (ret == 0) { /* Check the PBE algorithm and get the version and id. */ - idx = dataASN[1].data.oid.length; + idx = dataASN[PKCS8DECASN_IDX_ENCALGO_OID].data.oid.length; /* Second last byte: 1 (PKCS #12 PBE Id) or 5 (PKCS #5) * Last byte: Alg or PBES2 */ - CheckAlgo(dataASN[1].data.oid.data[idx - 2], - dataASN[1].data.oid.data[idx - 1], &id, &version, NULL); + CheckAlgo(dataASN[PKCS8DECASN_IDX_ENCALGO_OID].data.oid.data[idx - 2], + dataASN[PKCS8DECASN_IDX_ENCALGO_OID].data.oid.data[idx - 1], + &id, &version, NULL); /* Get the parameters data. */ - GetASN_GetRef(&dataASN[2], ¶ms, &sz); + GetASN_GetRef(&dataASN[PKCS8DECASN_IDX_ENCALGO_PARAMS], ¶ms, &sz); /* Having a numbered choice means none or both will have errored out. */ - if (dataASN[3].tag != 0) - GetASN_GetRef(&dataASN[3], &key, &keySz); - else if (dataASN[4].tag != 0) - GetASN_GetRef(&dataASN[4], &key, &keySz); + if (dataASN[PKCS8DECASN_IDX_ENCCONTENT].tag != 0) + GetASN_GetRef(&dataASN[PKCS8DECASN_IDX_ENCCONTENT], &key, &keySz); + else if (dataASN[PKCS8DECASN_IDX_ENCDATA].tag != 0) + GetASN_GetRef(&dataASN[PKCS8DECASN_IDX_ENCDATA], &key, &keySz); } if (ret == 0) { if (version != PKCS5v2) { /* Initialize for PBES1 parameters and put iterations in var. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * pbes1ParamsASN_Length); - GetASN_Int32Bit(&dataASN[1], &iterations); + GetASN_Int32Bit(&dataASN[PBES1PARAMSASN_IDX_ITER], &iterations); /* Parse the PBES1 parameters. */ ret = GetASN_Items(pbes1ParamsASN, dataASN, pbes1ParamsASN_Length, 0, params, &pIdx, sz); if (ret == 0) { /* Get the salt data. */ - GetASN_GetRef(&dataASN[0], &salt, &saltSz); + GetASN_GetRef(&dataASN[PBES1PARAMSASN_IDX_SALT], &salt, &saltSz); } } else { @@ -7237,20 +7316,20 @@ exit_dc: /* Initialize for PBES2 parameters. Put iterations in var; match * KDF, HMAC and cipher, and copy CBC into buffer. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * pbes2ParamsASN_Length); - GetASN_ExpBuffer(&dataASN[1], pbkdf2Oid, sizeof(pbkdf2Oid)); - GetASN_Int32Bit(&dataASN[4], &iterations); - GetASN_OID(&dataASN[7], oidHmacType); - GetASN_OID(&dataASN[10], oidBlkType); - GetASN_Buffer(&dataASN[11], cbcIv, &ivSz); + GetASN_ExpBuffer(&dataASN[PBES2PARAMSASN_IDX_KDF_OID], pbkdf2Oid, sizeof(pbkdf2Oid)); + GetASN_Int32Bit(&dataASN[PBES2PARAMSASN_IDX_PBKDF2_PARAMS_ITER], &iterations); + GetASN_OID(&dataASN[PBES2PARAMSASN_IDX_PBKDF2_PARAMS_PRF_OID], oidHmacType); + GetASN_OID(&dataASN[PBES2PARAMSASN_IDX_ENCS_OID], oidBlkType); + GetASN_Buffer(&dataASN[PBES2PARAMSASN_IDX_ENCS_PARAMS], cbcIv, &ivSz); /* Parse the PBES2 parameters */ ret = GetASN_Items(pbes2ParamsASN, dataASN, pbes2ParamsASN_Length, 0, params, &pIdx, sz); if (ret == 0) { /* Get the salt data. */ - GetASN_GetRef(&dataASN[3], &salt, &saltSz); + GetASN_GetRef(&dataASN[PBES2PARAMSASN_IDX_PBKDF2_PARAMS_SALT], &salt, &saltSz); /* Get the digest and encryption algorithm id. */ - shaOid = dataASN[7].data.oid.sum; /* Default HMAC-SHA1 */ - id = dataASN[10].data.oid.sum; + shaOid = dataASN[PBES2PARAMSASN_IDX_PBKDF2_PARAMS_PRF_OID].data.oid.sum; /* Default HMAC-SHA1 */ + id = dataASN[PBES2PARAMSASN_IDX_ENCS_OID].data.oid.sum; /* Convert encryption algorithm to a PBE algorithm if needed. */ CheckAlgoV2(id, &id, NULL); } @@ -7337,16 +7416,25 @@ static int Pkcs8Pad(byte* buf, int sz, int blockSz) * PKCS #5: RFC 8018, A.3 - PBEParameter */ static const ASNItem p8EncPbes1ASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* ENCALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, /* PBE algorithm */ -/* 2 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 3 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, +/* ENCALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* ENCALGO_PBEPARAM_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, /* Salt */ -/* 4 */ { 3, ASN_OCTET_STRING, 0, 0, 0 }, +/* ENCALGO_PBEPARAM_SALT */ { 3, ASN_OCTET_STRING, 0, 0, 0 }, /* Iteration Count */ -/* 5 */ { 3, ASN_INTEGER, 0, 0, 0 }, -/* 6 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +/* ENCALGO_PBEPARAM_ITER */ { 3, ASN_INTEGER, 0, 0, 0 }, +/* ENCDATA */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +}; +enum { + P8ENCPBES1ASN_IDX_SEQ = 0, + P8ENCPBES1ASN_IDX_ENCALGO_SEQ, + P8ENCPBES1ASN_IDX_ENCALGO_OID, + P8ENCPBES1ASN_IDX_ENCALGO_PBEPARAM_SEQ, + P8ENCPBES1ASN_IDX_ENCALGO_PBEPARAM_SALT, + P8ENCPBES1ASN_IDX_ENCALGO_PBEPARAM_ITER, + P8ENCPBES1ASN_IDX_ENCDATA, }; #define p8EncPbes1ASN_Length (sizeof(p8EncPbes1ASN) / sizeof(ASNItem)) @@ -7603,20 +7691,23 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, if (ret == 0) { /* Setup data to go into encoding including PBE algorithm, salt, * iteration count, and padded key length. */ - SetASN_OID(&dataASN[2], id, oidPBEType); + SetASN_OID(&dataASN[P8ENCPBES1ASN_IDX_ENCALGO_OID], id, oidPBEType); if (salt == NULL || saltSz == 0) { salt = NULL; saltSz = PKCS5_SALT_SZ; /* Salt generated into encoding below. */ } - SetASN_Buffer(&dataASN[4], salt, saltSz); - SetASN_Int16Bit(&dataASN[5], itt); + SetASN_Buffer(&dataASN[P8ENCPBES1ASN_IDX_ENCALGO_PBEPARAM_SALT], + salt, saltSz); + SetASN_Int16Bit(&dataASN[P8ENCPBES1ASN_IDX_ENCALGO_PBEPARAM_ITER], itt); pkcs8Sz = Pkcs8Pad(NULL, inputSz, blockSz); - SetASN_Buffer(&dataASN[6], NULL, pkcs8Sz); + SetASN_Buffer(&dataASN[P8ENCPBES1ASN_IDX_ENCDATA], NULL, pkcs8Sz); /* Calculate size of encoding. */ - ret = SizeASN_Items(p8EncPbes1ASN + 1, dataASN + 1, - p8EncPbes1ASN_Length - 1, &sz); + ret = SizeASN_Items(p8EncPbes1ASN + P8ENCPBES1ASN_IDX_ENCALGO_SEQ, + dataASN + P8ENCPBES1ASN_IDX_ENCALGO_SEQ, + (int)(p8EncPbes1ASN_Length - P8ENCPBES1ASN_IDX_ENCALGO_SEQ), + &sz); } /* Return size when no output buffer. */ if ((ret == 0) && (out == NULL)) { @@ -7629,19 +7720,22 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, } if (ret == 0) { /* Encode PKCS#8 key. */ - SetASN_Items(p8EncPbes1ASN + 1, dataASN + 1, p8EncPbes1ASN_Length - 1, - out); + SetASN_Items(p8EncPbes1ASN + P8ENCPBES1ASN_IDX_ENCALGO_SEQ, + dataASN + P8ENCPBES1ASN_IDX_ENCALGO_SEQ, + (int)(p8EncPbes1ASN_Length - P8ENCPBES1ASN_IDX_ENCALGO_SEQ), + out); if (salt == NULL) { /* Generate salt into encoding. */ - salt = (byte*)dataASN[4].data.buffer.data; + salt = (byte*)dataASN[P8ENCPBES1ASN_IDX_ENCALGO_PBEPARAM_SALT].data.buffer.data; ret = wc_RNG_GenerateBlock(rng, salt, saltSz); } } if (ret == 0) { /* Store PKCS#8 key in output buffer. */ - pkcs8 = (byte*)dataASN[6].data.buffer.data; + pkcs8 = (byte*)dataASN[P8ENCPBES1ASN_IDX_ENCDATA].data.buffer.data; XMEMCPY(pkcs8, input, inputSz); + Pkcs8Pad(pkcs8, inputSz, blockSz); /* Encrypt PKCS#8 key inline. */ ret = wc_CryptKey(password, passwordSz, salt, saltSz, itt, id, pkcs8, @@ -7748,15 +7842,25 @@ static int RsaPublicKeyDecodeRawIndex(const byte* input, word32* inOutIdx, * PKCS #1: RFC 8017, A.1.1 - RSAPublicKey */ static const ASNItem rsaPublicKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 2 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 3 */ { 2, ASN_TAG_NULL, 0, 0, 1 }, -/* 4 */ { 1, ASN_BIT_STRING, 0, 1, 0 }, - /* RSAPublicKey */ -/* 5 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, -/* 6 */ { 3, ASN_INTEGER, 0, 0, 0 }, -/* 7 */ { 3, ASN_INTEGER, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* ALGOID_NULL */ { 2, ASN_TAG_NULL, 0, 0, 1 }, +/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 1, 0 }, + /* RSAPublicKey */ +/* PUBKEY_RSA_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, +/* PUBKEY_RSA_N */ { 3, ASN_INTEGER, 0, 0, 0 }, +/* PUBKEY_RSA_E */ { 3, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + RSAPUBLICKEYASN_IDX_SEQ = 0, + RSAPUBLICKEYASN_IDX_ALGOID_SEQ, + RSAPUBLICKEYASN_IDX_ALGOID_OID, + RSAPUBLICKEYASN_IDX_ALGOID_NULL, + RSAPUBLICKEYASN_IDX_PUBKEY, + RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ, + RSAPUBLICKEYASN_IDX_PUBKEY_RSA_N, + RSAPUBLICKEYASN_IDX_PUBKEY_RSA_E, }; /* Number of items in ASN.1 template for an RSA public key. */ @@ -7877,13 +7981,15 @@ int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, word32 inSz, if (ret == 0) { /* Try decoding PKCS #1 public key by ignoring rest of ASN.1. */ - ret = GetASN_Items(&rsaPublicKeyASN[5], &dataASN[5], - rsaPublicKeyASN_Length - 5, 0, input, inOutIdx, - inSz); + ret = GetASN_Items(&rsaPublicKeyASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ], + &dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ], + (int)(rsaPublicKeyASN_Length - RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ), + 0, input, inOutIdx, inSz); if (ret != 0) { /* Didn't work - try whole SubjectKeyInfo instead. */ /* Set the OID to expect. */ - GetASN_ExpBuffer(&dataASN[2], keyRsaOid, sizeof(keyRsaOid)); + GetASN_ExpBuffer(&dataASN[RSAPUBLICKEYASN_IDX_ALGOID_OID], + keyRsaOid, sizeof(keyRsaOid)); /* Decode SubjectKeyInfo. */ ret = GetASN_Items(rsaPublicKeyASN, dataASN, rsaPublicKeyASN_Length, 1, input, inOutIdx, @@ -7893,16 +7999,16 @@ int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, word32 inSz, if (ret == 0) { /* Return the buffers and lengths asked for. */ if (n != NULL) { - *n = dataASN[6].data.ref.data; + *n = dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_N].data.ref.data; } if (nSz != NULL) { - *nSz = dataASN[6].data.ref.length; + *nSz = dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_N].data.ref.length; } if (e != NULL) { - *e = dataASN[7].data.ref.data; + *e = dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_E].data.ref.data; } if (eSz != NULL) { - *eSz = dataASN[7].data.ref.length; + *eSz = dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_E].data.ref.length; } } @@ -7961,16 +8067,18 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, if (ret == 0) { /* Set mp_ints to fill with modulus and exponent data. */ - GetASN_MP(&dataASN[6], &key->n); - GetASN_MP(&dataASN[7], &key->e); + GetASN_MP(&dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_N], &key->n); + GetASN_MP(&dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_E], &key->e); /* Try decoding PKCS #1 public key by ignoring rest of ASN.1. */ - ret = GetASN_Items(&rsaPublicKeyASN[5], &dataASN[5], - rsaPublicKeyASN_Length - 5, 0, input, inOutIdx, - inSz); + ret = GetASN_Items(&rsaPublicKeyASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ], + &dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ], + (int)(rsaPublicKeyASN_Length - RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ), + 0, input, inOutIdx, inSz); if (ret != 0) { /* Didn't work - try whole SubjectKeyInfo instead. */ /* Set the OID to expect. */ - GetASN_ExpBuffer(&dataASN[2], keyRsaOid, sizeof(keyRsaOid)); + GetASN_ExpBuffer(&dataASN[RSAPUBLICKEYASN_IDX_ALGOID_OID], + keyRsaOid, sizeof(keyRsaOid)); /* Decode SubjectKeyInfo. */ ret = GetASN_Items(rsaPublicKeyASN, dataASN, rsaPublicKeyASN_Length, 1, input, inOutIdx, @@ -8096,13 +8204,19 @@ int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx, * (Also in: RFC 2786, 3) */ static const ASNItem dhParamASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, /* prime */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* PRIME */ { 1, ASN_INTEGER, 0, 0, 0 }, /* base */ -/* 2 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* BASE */ { 1, ASN_INTEGER, 0, 0, 0 }, /* privateValueLength */ -/* 3 */ { 1, ASN_INTEGER, 0, 0, 1 }, +/* PRIVLEN */ { 1, ASN_INTEGER, 0, 0, 1 }, +}; +enum { + DHPARAMASN_IDX_SEQ = 0, + DHPARAMASN_IDX_PRIME, + DHPARAMASN_IDX_BASE, + DHPARAMASN_IDX_PRIVLEN, }; /* Number of items in ASN.1 template for DH key. */ @@ -8112,30 +8226,47 @@ static const ASNItem dhParamASN[] = { /* ASN.1 template for DH key wrapped in PKCS #8 or SubjectPublicKeyInfo. * PKCS #8: RFC 5208, 5 - PrivateKeyInfo * X.509: RFC 5280, 4.1 - SubjectPublicKeyInfo - * RFC 3279, 2.3.2 - DH in SubjectPublicKeyInfo + * RFC 3279, 2.3.3 - DH in SubjectPublicKeyInfo */ static const ASNItem dhKeyPkcs8ASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_INTEGER, 0, 0, 1 }, -/* 2 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, - /* DHParameter */ -/* 4 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* p */ -/* 5 */ { 3, ASN_INTEGER, 0, 0, 0 }, - /* g */ -/* 6 */ { 3, ASN_INTEGER, 0, 0, 0 }, - /* q - factor of p-1 */ -/* 7 */ { 3, ASN_INTEGER, 0, 0, 1 }, - /* j - subgroup factor */ -/* 8 */ { 3, ASN_INTEGER, 0, 0, 1 }, -/* 9 */ { 3, ASN_SEQUENCE, 0, 0, 1 }, - /* PrivateKey - PKCS #8 */ -/* 10 */ { 1, ASN_OCTET_STRING, 0, 1, 2 }, -/* 11 */ { 2, ASN_INTEGER, 0, 0, 0 }, - /* PublicKey - SubjectPublicKeyInfo. */ -/* 12 */ { 1, ASN_BIT_STRING, 0, 1, 2 }, -/* 13 */ { 2, ASN_INTEGER, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* VER */ { 1, ASN_INTEGER, 0, 0, 1 }, +/* PKEYALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* PKEYALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, + /* DHParameter */ +/* PKEYALGO_PARAM_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* p */ +/* PKEYALGO_PARAM_P */ { 3, ASN_INTEGER, 0, 0, 0 }, + /* g */ +/* PKEYALGO_PARAM_G */ { 3, ASN_INTEGER, 0, 0, 0 }, + /* q - factor of p-1 */ +/* PKEYALGO_PARAM_Q */ { 3, ASN_INTEGER, 0, 0, 1 }, + /* j - subgroup factor */ +/* PKEYALGO_PARAM_J */ { 3, ASN_INTEGER, 0, 0, 1 }, + /* ValidationParms */ +/* PKEYALGO_PARAM_VALID */ { 3, ASN_SEQUENCE, 0, 0, 1 }, + /* PrivateKey - PKCS #8 */ +/* PKEY_STR */ { 1, ASN_OCTET_STRING, 0, 1, 2 }, +/* PKEY_INT */ { 2, ASN_INTEGER, 0, 0, 0 }, + /* PublicKey - SubjectPublicKeyInfo. */ +/* PUBKEY_STR */ { 1, ASN_BIT_STRING, 0, 1, 2 }, +/* PUBKEY_INT */ { 2, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + DHKEYPKCS8ASN_IDX_SEQ = 0, + DHKEYPKCS8ASN_IDX_VER, + DHKEYPKCS8ASN_IDX_PKEYALGO_SEQ, + DHKEYPKCS8ASN_IDX_PKEYALGO_OID, + DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_SEQ, + DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_P, + DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_G, + DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_Q, + DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_J, + DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_VALID, + DHKEYPKCS8ASN_IDX_PKEY_STR, + DHKEYPKCS8ASN_IDX_PKEY_INT, + DHKEYPKCS8ASN_IDX_PUBKEY_STR, + DHKEYPKCS8ASN_IDX_PUBKEY_INT, }; #define dhKeyPkcs8ASN_Length (sizeof(dhKeyPkcs8ASN) / sizeof(ASNItem)) @@ -8287,8 +8418,8 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz) if (ret == 0) { /* Initialize data and set mp_ints to hold p and g. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * dhParamASN_Length); - GetASN_MP(&dataASN[1], &key->p); - GetASN_MP(&dataASN[2], &key->g); + GetASN_MP(&dataASN[DHPARAMASN_IDX_PRIME], &key->p); + GetASN_MP(&dataASN[DHPARAMASN_IDX_BASE], &key->g); /* Try simple PKCS #3 template. */ ret = GetASN_Items(dhParamASN, dataASN, dhParamASN_Length, 1, input, inOutIdx, inSz); @@ -8296,21 +8427,24 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz) if (ret != 0) { /* Initialize data and set mp_ints to hold p, g, q, priv and pub. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * dhKeyPkcs8ASN_Length); - GetASN_ExpBuffer(&dataASN[3], keyDhOid, sizeof(keyDhOid)); - GetASN_MP(&dataASN[5], &key->p); - GetASN_MP(&dataASN[6], &key->g); - GetASN_MP(&dataASN[7], &key->q); - GetASN_MP(&dataASN[11], &key->priv); - GetASN_MP(&dataASN[13], &key->pub); + GetASN_ExpBuffer(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_OID], + keyDhOid, sizeof(keyDhOid)); + GetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_P], &key->p); + GetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_G], &key->g); + GetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_Q], &key->q); + GetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEY_INT], &key->priv); + GetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PUBKEY_INT], &key->pub); /* Try PKCS #8 wrapped template. */ ret = GetASN_Items(dhKeyPkcs8ASN, dataASN, dhKeyPkcs8ASN_Length, 1, input, inOutIdx, inSz); if (ret == 0) { - if ((dataASN[11].length != 0) && (dataASN[1].length == 0)) { + /* VERSION only present in PKCS #8 private key structure */ + if ((dataASN[DHKEYPKCS8ASN_IDX_PKEY_INT].length != 0) && + (dataASN[DHKEYPKCS8ASN_IDX_VER].length == 0)) { ret = ASN_PARSE_E; } - else if ((dataASN[13].length != 0) && - (dataASN[1].length != 0)) { + else if ((dataASN[DHKEYPKCS8ASN_IDX_PUBKEY_INT].length != 0) && + (dataASN[DHKEYPKCS8ASN_IDX_VER].length != 0)) { ret = ASN_PARSE_E; } } @@ -8422,25 +8556,25 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv) WOLFSSL_ENTER("wc_DhKeyToDer"); XMEMSET(dataASN, 0, sizeof(dataASN)); - SetASN_Int8Bit(&dataASN[1], 0); - SetASN_OID(&dataASN[3], DHk, oidKeyType); + SetASN_Int8Bit(&dataASN[DHKEYPKCS8ASN_IDX_VER], 0); + SetASN_OID(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_OID], DHk, oidKeyType); /* Set mp_int containing p and g. */ - SetASN_MP(&dataASN[5], &key->p); - SetASN_MP(&dataASN[6], &key->g); - dataASN[7].noOut = 1; - dataASN[8].noOut = 1; - dataASN[9].noOut = 1; + SetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_P], &key->p); + SetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_G], &key->g); + dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_Q].noOut = 1; + dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_J].noOut = 1; + dataASN[DHKEYPKCS8ASN_IDX_PKEYALGO_PARAM_VALID].noOut = 1; if (exportPriv) { - SetASN_MP(&dataASN[11], &key->priv); - dataASN[12].noOut = 1; - dataASN[13].noOut = 1; + SetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PKEY_INT], &key->priv); + dataASN[DHKEYPKCS8ASN_IDX_PUBKEY_STR].noOut = 1; + dataASN[DHKEYPKCS8ASN_IDX_PUBKEY_INT].noOut = 1; } else { - dataASN[1].noOut = 1; - dataASN[10].noOut = 1; - dataASN[11].noOut = 1; - SetASN_MP(&dataASN[13], &key->pub); + dataASN[DHKEYPKCS8ASN_IDX_VER].noOut = 1; + dataASN[DHKEYPKCS8ASN_IDX_PKEY_STR].noOut = 1; + dataASN[DHKEYPKCS8ASN_IDX_PKEY_INT].noOut = 1; + SetASN_MP(&dataASN[DHKEYPKCS8ASN_IDX_PUBKEY_INT], &key->pub); } /* Calculate the size of the DH parameters. */ @@ -8536,10 +8670,10 @@ int wc_DhParamsToDer(DhKey* key, byte* output, word32* outSz) if (ret == 0) { XMEMSET(dataASN, 0, sizeof(dataASN)); /* Set mp_int containing p and g. */ - SetASN_MP(&dataASN[1], &key->p); - SetASN_MP(&dataASN[2], &key->g); + SetASN_MP(&dataASN[DHPARAMASN_IDX_PRIME], &key->p); + SetASN_MP(&dataASN[DHPARAMASN_IDX_BASE], &key->g); /* privateValueLength not encoded. */ - dataASN[3].noOut = 1; + dataASN[DHPARAMASN_IDX_PRIVLEN].noOut = 1; /* Calculate the size of the DH parameters. */ ret = SizeASN_Items(dhParamASN, dataASN, dhParamASN_Length, &sz); @@ -8640,8 +8774,8 @@ int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz, if (ret == 0) { /* Set the buffers to copy p and g into. */ - GetASN_Buffer(&dataASN[1], p, pInOutSz); - GetASN_Buffer(&dataASN[2], g, gInOutSz); + GetASN_Buffer(&dataASN[DHPARAMASN_IDX_PRIME], p, pInOutSz); + GetASN_Buffer(&dataASN[DHPARAMASN_IDX_BASE], g, gInOutSz); /* Decode the DH Parameters. */ ret = GetASN_Items(dhParamASN, dataASN, dhParamASN_Length, 1, input, &idx, inSz); @@ -8679,13 +8813,22 @@ static mp_int* GetDsaInt(DsaKey* key, int idx) * RFC 3279, 2.3.2 - DSA in SubjectPublicKeyInfo */ static const ASNItem dsaKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 2 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 3 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 4 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 5 */ { 1, ASN_INTEGER, 0, 0, 0 }, -/* 6 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* VER */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* P */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* Q */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* G */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* Y */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* X */ { 1, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + DSAKEYASN_IDX_SEQ = 0, + DSAKEYASN_IDX_VER, + DSAKEYASN_IDX_P, + DSAKEYASN_IDX_Q, + DSAKEYASN_IDX_G, + DSAKEYASN_IDX_Y, + DSAKEYASN_IDX_X, }; /* Number of items in ASN.1 template for DSA private key. */ @@ -8698,19 +8841,30 @@ static const ASNItem dsaKeyASN[] = { * RFC 3279, 2.3.2 - DSA in SubjectPublicKeyInfo */ static const ASNItem dsaPubKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 2 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 3 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* p */ -/* 4 */ { 3, ASN_INTEGER, 0, 0, 0 }, - /* q */ -/* 5 */ { 3, ASN_INTEGER, 0, 0, 0 }, - /* g */ -/* 6 */ { 3, ASN_INTEGER, 0, 0, 0 }, -/* 7 */ { 1, ASN_BIT_STRING, 0, 1, 1 }, - /* y */ -/* 8 */ { 2, ASN_INTEGER, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* ALGOID_PARAMS */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* p */ +/* ALGOID_PARAMS_P */ { 3, ASN_INTEGER, 0, 0, 0 }, + /* q */ +/* ALGOID_PARAMS_Q */ { 3, ASN_INTEGER, 0, 0, 0 }, + /* g */ +/* ALGOID_PARAMS_G */ { 3, ASN_INTEGER, 0, 0, 0 }, +/* PUBKEY_STR */ { 1, ASN_BIT_STRING, 0, 1, 1 }, + /* y */ +/* PUBKEY_Y */ { 2, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + DSAPUBKEYASN_IDX_SEQ = 0, + DSAPUBKEYASN_IDX_ALGOID_SEQ, + DSAPUBKEYASN_IDX_ALGOID_OID, + DSAPUBKEYASN_IDX_ALGOID_PARAMS, + DSAPUBKEYASN_IDX_ALGOID_PARAMS_P, + DSAPUBKEYASN_IDX_ALGOID_PARAMS_Q, + DSAPUBKEYASN_IDX_ALGOID_PARAMS_G, + DSAPUBKEYASN_IDX_PUBKEY_STR, + DSAPUBKEYASN_IDX_PUBKEY_Y, }; /* Number of items in ASN.1 template for PublicKeyInfo with DSA. */ @@ -8802,9 +8956,11 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, if (ret == 0) { /* Clear dynamic data items. */ XMEMSET(dataASN, 0, sizeof(ASNGetData) * dsaPublicKeyASN_Length); - /* p, q, g, y */ + /* seq + * p, q, g, y + * Start DSA ints from DSAKEYASN_IDX_VER instead of DSAKEYASN_IDX_P */ for (i = 0; i < DSA_INTS - 1; i++) - GetASN_MP(&dataASN[1 + i], GetDsaInt(key, i)); + GetASN_MP(&dataASN[(int)DSAKEYASN_IDX_VER + i], GetDsaInt(key, i)); /* Parse as simple form. */ ret = GetASN_Items(dsaKeyASN, dataASN, dsaPublicKeyASN_Length, 1, input, inOutIdx, inSz); @@ -8812,12 +8968,14 @@ int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, /* Clear dynamic data items. */ XMEMSET(dataASN, 0, sizeof(ASNGetData) * dsaPubKeyASN_Length); /* Set DSA OID to expect. */ - GetASN_ExpBuffer(&dataASN[2], keyDsaOid, sizeof(keyDsaOid)); + GetASN_ExpBuffer(&dataASN[DSAPUBKEYASN_IDX_ALGOID_OID], + keyDsaOid, sizeof(keyDsaOid)); /* p, q, g */ for (i = 0; i < DSA_INTS - 2; i++) - GetASN_MP(&dataASN[4 + i], GetDsaInt(key, i)); + GetASN_MP(&dataASN[(int)DSAPUBKEYASN_IDX_ALGOID_PARAMS_P + i], + GetDsaInt(key, i)); /* y */ - GetASN_MP(&dataASN[8], GetDsaInt(key, i)); + GetASN_MP(&dataASN[DSAPUBKEYASN_IDX_PUBKEY_Y], GetDsaInt(key, i)); /* Parse as SubjectPublicKeyInfo. */ ret = GetASN_Items(dsaPubKeyASN, dataASN, dsaPubKeyASN_Length, 1, input, inOutIdx, inSz); @@ -8859,17 +9017,25 @@ int wc_DsaParamsDecode(const byte* input, word32* inOutIdx, DsaKey* key, #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for a DSA key holding private key in an OCTET_STRING. */ static const ASNItem dsaKeyOctASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, /* p */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* P */ { 1, ASN_INTEGER, 0, 0, 0 }, /* q */ -/* 2 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* Q */ { 1, ASN_INTEGER, 0, 0, 0 }, /* g */ -/* 3 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* G */ { 1, ASN_INTEGER, 0, 0, 0 }, /* Private key */ -/* 4 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* PKEY_STR */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, /* x */ -/* 5 */ { 2, ASN_INTEGER, 0, 0, 0 }, +/* X */ { 2, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + DSAKEYOCTASN_IDX_SEQ = 0, + DSAKEYOCTASN_IDX_P, + DSAKEYOCTASN_IDX_Q, + DSAKEYOCTASN_IDX_G, + DSAKEYOCTASN_IDX_PKEY_STR, + DSAKEYOCTASN_IDX_X, }; /* Number of items in ASN.1 template for a DSA key (OCTET_STRING version). */ @@ -8982,27 +9148,26 @@ int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, ret = BAD_FUNC_ARG; } - ALLOC_ASNGETDATA(dataASN, dsaKeyASN_Length, ret, key->heap); + CALLOC_ASNGETDATA(dataASN, dsaKeyASN_Length, ret, key->heap); if (ret == 0) { - /* Initialize key data and set mp_ints for params and priv/pub. */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * dsaKeyOctASN_Length); - GetASN_Int8Bit(&dataASN[1], &version); + /* Try dsaKeyOctASN */ + /* Initialize key data and set mp_ints for params */ for (i = 0; i < DSA_INTS - 2; i++) { - GetASN_MP(&dataASN[1 + i], GetDsaInt(key, i)); + GetASN_MP(&dataASN[(int)DSAKEYOCTASN_IDX_P + i], GetDsaInt(key, i)); } - GetASN_MP(&dataASN[2 + i], GetDsaInt(key, i)); + /* and priv */ + GetASN_MP(&dataASN[DSAKEYOCTASN_IDX_X], GetDsaInt(key, i)); /* Try simple form. */ ret = GetASN_Items(dsaKeyOctASN, dataASN, dsaKeyOctASN_Length, 1, input, inOutIdx, inSz); - if ((ret == 0) && (version != 0)) { - ret = ASN_PARSE_E; - } - else if (ret != 0) { - /* Initialize key data and set mp_ints for params and priv/pub. */ + + if (ret != 0) { + /* Try dsaKeyASN */ XMEMSET(dataASN, 0, sizeof(*dataASN) * dsaKeyASN_Length); + GetASN_Int8Bit(&dataASN[DSAKEYASN_IDX_VER], &version); for (i = 0; i < DSA_INTS; i++) { - GetASN_MP(&dataASN[2 + i], GetDsaInt(key, i)); + GetASN_MP(&dataASN[(int)DSAKEYASN_IDX_P + i], GetDsaInt(key, i)); } /* Try simple OCTET_STRING form. */ @@ -9136,20 +9301,6 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) return ySz; } - innerSeqSz = SetSequence(pSz + qSz + gSz, innerSeq); - - /* check output size */ - if ((innerSeqSz + pSz + qSz + gSz) > outLen) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif - WOLFSSL_MSG("Error, output size smaller than outlen"); - return BUFFER_E; - } - if (with_header) { int algoSz; #ifdef WOLFSSL_SMALL_STACK @@ -9166,6 +9317,7 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) #else byte algo[MAX_ALGO_SZ]; #endif + innerSeqSz = SetSequence(pSz + qSz + gSz, innerSeq); algoSz = SetAlgoID(DSAk, algo, oidKeyType, 0); bitStringSz = SetBitString(ySz, 0, bitString); outerSeqSz = SetSequence(algoSz + innerSeqSz + pSz + qSz + gSz, @@ -9198,6 +9350,20 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER); #endif } else { + innerSeqSz = SetSequence(pSz + qSz + gSz + ySz, innerSeq); + + /* check output size */ + if ((innerSeqSz + pSz + qSz + gSz + ySz) > outLen) { + #ifdef WOLFSSL_SMALL_STACK + XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + #endif + WOLFSSL_MSG("Error, output size smaller than outlen"); + return BUFFER_E; + } + idx = 0; } @@ -9234,7 +9400,8 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) int ret = 0; int i; int sz; - int o; + const ASNItem *data = NULL; + int count = 0; WOLFSSL_ENTER("wc_SetDsaPublicKey"); @@ -9245,38 +9412,40 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) CALLOC_ASNSETDATA(dataASN, dsaPubKeyASN_Length, ret, key->heap); if (ret == 0) { - /* With header - include the SubjectPublicKeyInfo wrapping. */ if (with_header) { - o = 0; + /* Using dsaPubKeyASN */ + data = dsaPubKeyASN; + count = dsaPubKeyASN_Length; /* Set the algorithm OID to write out. */ - SetASN_OID(&dataASN[2], DSAk, oidKeyType); + SetASN_OID(&dataASN[DSAPUBKEYASN_IDX_ALGOID_OID], DSAk, oidKeyType); + /* Set the mp_ints to encode - parameters and public value. */ + for (i = 0; i < DSA_INTS - 2; i++) { + SetASN_MP(&dataASN[(int)DSAPUBKEYASN_IDX_ALGOID_PARAMS_P + i], + GetDsaInt(key, i)); + } + SetASN_MP(&dataASN[DSAPUBKEYASN_IDX_PUBKEY_Y], GetDsaInt(key, i)); } else { - o = 3; - /* Skip BIT_STRING but include 'y'. */ - dataASN[7].noOut = 1; + /* Using dsaKeyASN */ + data = dsaKeyASN; + count = dsaPublicKeyASN_Length; + /* Set the mp_ints to encode - parameters and public value. */ + for (i = 0; i < DSA_INTS - 1; i++) { + /* Move all DSA ints up one slot (ignore VERSION so now + * it means P) */ + SetASN_MP(&dataASN[(int)DSAKEYASN_IDX_VER + i], + GetDsaInt(key, i)); + } } - /* Set the mp_ints to encode - parameters and public value. */ - for (i = 0; i < DSA_INTS - 2; i++) { - SetASN_MP(&dataASN[4 + i], GetDsaInt(key, i)); - } - SetASN_MP(&dataASN[5 + i], GetDsaInt(key, i)); - /* Calculate size of the encoding. */ - ret = SizeASN_Items(dsaPubKeyASN + o, dataASN, dsaPubKeyASN_Length - o, - &sz); + ret = SizeASN_Items(data, dataASN, count, &sz); } /* Check buffer is big enough for encoding. */ if ((ret == 0) && (sz > (int)outLen)) { ret = BAD_FUNC_ARG; } + /* Encode the DSA public key into output buffer. */ if (ret == 0) { - /* Encode the DSA public key into output buffer. - * 'o' indicates offset when no header. - */ - SetASN_Items(dsaPubKeyASN + o, dataASN, dsaPubKeyASN_Length - o, - output); - /* Return the size of the encoding. */ - ret = sz; + ret = SetASN_Items(data, dataASN, count, output); } FREE_ASNSETDATA(dataASN, key->heap); @@ -9397,16 +9566,19 @@ static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen, if (ret == 0) { if (includeVersion) { /* Set the version. */ - SetASN_Int8Bit(&dataASN[1], 0); + SetASN_Int8Bit(&dataASN[DSAKEYASN_IDX_VER], 0); } else { - dataASN[1].noOut = 1; + dataASN[DSAKEYASN_IDX_VER].noOut = 1; } - dataASN[5].noOut = mp_iszero(&key->y); - dataASN[6].noOut = mp_iszero(&key->x); + dataASN[DSAKEYASN_IDX_Y].noOut = mp_iszero(&key->y); + dataASN[DSAKEYASN_IDX_X].noOut = mp_iszero(&key->x); /* Set the mp_ints to encode - params, public and private value. */ for (i = 0; i < DSA_INTS; i++) { - SetASN_MP(&dataASN[2 + i], GetDsaInt(key, i)); + if (i < ints) + SetASN_MP(&dataASN[(int)DSAKEYASN_IDX_P + i], GetDsaInt(key, i)); + else + dataASN[(int)DSAKEYASN_IDX_P + i].noOut = 1; } /* Calculate size of the encoding. */ ret = SizeASN_Items(dsaKeyASN, dataASN, dsaKeyASN_Length, &sz); @@ -9702,8 +9874,12 @@ static int StoreKey(DecodedCert* cert, const byte* source, word32* srcIdx, #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for header before RSA key in certificate. */ static const ASNItem rsaCertKeyASN[] = { -/* 0 */ { 0, ASN_BIT_STRING, 0, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 0, 0 }, +/* STR */ { 0, ASN_BIT_STRING, 0, 1, 0 }, +/* SEQ */ { 1, ASN_SEQUENCE, 1, 0, 0 }, +}; +enum { + RSACERTKEYASN_IDX_STR = 0, + RSACERTKEYASN_IDX_SEQ, }; /* Number of items in ASN.1 template for header before RSA key in cert. */ @@ -9765,12 +9941,13 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx, if (ret == 0) { /* Store the pointer and length in certificate object starting at * SEQUENCE. */ - GetASN_GetConstRef(&dataASN[0], &cert->publicKey, &cert->pubKeySize); + GetASN_GetConstRef(&dataASN[RSACERTKEYASN_IDX_STR], + &cert->publicKey, &cert->pubKeySize); #if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT) /* Start of SEQUENCE. */ cert->sigCtx.CertAtt.pubkey_n_start = - cert->sigCtx.CertAtt.pubkey_e_start = dataASN[1].offset; + cert->sigCtx.CertAtt.pubkey_e_start = dataASN[RSACERTKEYASN_IDX_SEQ].offset; #endif #ifdef HAVE_OCSP /* Calculate the hash of the public key for OCSP. */ @@ -9789,9 +9966,16 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx, #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for header before ECC key in certificate. */ static const ASNItem eccCertKeyASN[] = { -/* 0 */ { 1, ASN_OBJECT_ID, 0, 0, 2 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 0, 2 }, -/* 2 */ { 0, ASN_BIT_STRING, 0, 0, 0 }, +/* OID */ { 1, ASN_OBJECT_ID, 0, 0, 2 }, + /* Algo parameters */ +/* PARAMS */ { 1, ASN_SEQUENCE, 1, 0, 2 }, + /* Subject public key */ +/* SUBJPUBKEY */ { 0, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + ECCCERTKEYASN_IDX_OID = 0, + ECCCERTKEYASN_IDX_PARAMS, + ECCCERTKEYASN_IDX_SUBJPUBKEY, }; /* Number of items in ASN.1 template for header before ECC key in cert. */ @@ -9877,26 +10061,29 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx, return 0; #else - ASNGetData dataASN[eccCertKeyASN_Length]; - int ret; + int ret = 0; + DECL_ASNGETDATA(dataASN, eccCertKeyASN_Length); byte* publicKey; /* Clear dynamic data and check OID is a curve. */ - XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_OID(&dataASN[0], oidCurveType); - /* Parse ECC public key header. */ - ret = GetASN_Items(eccCertKeyASN, dataASN, eccCertKeyASN_Length, 1, source, - srcIdx, maxIdx); + CALLOC_ASNGETDATA(dataASN, eccCertKeyASN_Length, ret, cert->heap); if (ret == 0) { - if (dataASN[0].tag != 0) { + GetASN_OID(&dataASN[ECCCERTKEYASN_IDX_OID], oidCurveType); + /* Parse ECC public key header. */ + ret = GetASN_Items(eccCertKeyASN, dataASN, eccCertKeyASN_Length, 1, + source, srcIdx, maxIdx); + } + if (ret == 0) { + if (dataASN[ECCCERTKEYASN_IDX_OID].tag != 0) { /* Store curve OID. */ - cert->pkCurveOID = dataASN[0].data.oid.sum; + cert->pkCurveOID = dataASN[ECCCERTKEYASN_IDX_OID].data.oid.sum; } /* Ignore explicit parameters. */ #ifdef HAVE_OCSP /* Calculate the hash of the subject public key for OCSP. */ - ret = CalcHashId(dataASN[2].data.ref.data, dataASN[2].data.ref.length, + ret = CalcHashId(dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data, + dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length, cert->subjectKeyHash); } if (ret == 0) { @@ -9918,6 +10105,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx, cert->pubKeyStored = 1; } } + FREE_ASNGETDATA(dataASN, cert->heap); return ret; #endif /* WOLFSSL_ASN_TEMPLATE */ @@ -10443,10 +10631,14 @@ static const CertNameData certNameSubject[] = { /* Street Address */ { "/street=", 8, -#ifdef WOLFSSL_CERT_GEN +#ifdef WOLFSSL_CERT_EXT OFFSETOF(DecodedCert, subjectStreet), OFFSETOF(DecodedCert, subjectStreetLen), OFFSETOF(DecodedCert, subjectStreetEnc), +#else + 0, + 0, + 0, #endif #ifdef WOLFSSL_X509_NAME_AVAILABLE NID_streetAddress @@ -10569,13 +10761,19 @@ static const int certNameSubjectSz = * X.509: RFC 5280, 4.1.2.4 - RelativeDistinguishedName */ static const ASNItem rdnASN[] = { -/* 0 */ { 1, ASN_SET, 1, 1, 0 }, - /* AttributeTypeAndValue */ -/* 1 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* AttributeType */ -/* 2 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, - /* AttributeValue: Choice of tags - rdnChoice. */ -/* 3 */ { 3, 0, 0, 0, 0 }, +/* SET */ { 1, ASN_SET, 1, 1, 0 }, + /* AttributeTypeAndValue */ +/* ATTR_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* AttributeType */ +/* ATTR_TYPE */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, + /* AttributeValue: Choice of tags - rdnChoice. */ +/* ATTR_VAL */ { 3, 0, 0, 0, 0 }, +}; +enum { + RDNASN_IDX_SET = 0, + RDNASN_IDX_ATTR_SEQ, + RDNASN_IDX_ATTR_TYPE, + RDNASN_IDX_ATTR_VAL, }; /* Number of items in ASN.1 template for an RDN. */ @@ -10787,7 +10985,7 @@ static int SetSubject(DecodedCert* cert, int id, byte* str, word32 strLen, * @param [in, out] idx Index int full name to place next component. * @param [in, out] nid NID of component type. * @param [in] isSubject Whether this data is for a subject name. - * @param [in] dataASN Decoded data of RDN. + * @param [in] dataASN Decoded data of RDN. Expected rdnASN type. * @return 0 on success. * @return MEMORY_E when dynamic memory allocation fails. * @return ASN_PARSE_E when type not supported. @@ -10805,7 +11003,7 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, (void)nid; /* Get name type OID from data items. */ - GetASN_OIDData(&dataASN[2], &oid, &oidSz); + GetASN_OIDData(&dataASN[RDNASN_IDX_ATTR_TYPE], &oid, &oidSz); /* v1 name types */ if ((oidSz == 3) && (oid[0] == 0x55) && (oid[1] == 0x04)) { @@ -10881,10 +11079,10 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid, /* OID type to store for subject name and add to full string. */ byte* str; word32 strLen; - byte tag = dataASN[3].tag; + byte tag = dataASN[RDNASN_IDX_ATTR_VAL].tag; /* Get the string reference and length. */ - GetASN_GetRef(&dataASN[3], &str, &strLen); + GetASN_GetRef(&dataASN[RDNASN_IDX_ATTR_VAL], &str, &strLen); if (isSubject) { /* Store subject field components. */ @@ -11491,7 +11689,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, ret = ASN_PARSE_E; } - ALLOC_ASNGETDATA(dataASN, rdnASN_Length, ret, cert->heap); + CALLOC_ASNGETDATA(dataASN, rdnASN_Length, ret, cert->heap); #ifdef WOLFSSL_X509_NAME_AVAILABLE if (ret == 0) { @@ -11528,10 +11726,9 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, int nid = 0; /* Initialize for data and setup RDN choice. */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * rdnASN_Length); - GetASN_Choice(&dataASN[3], rdnChoice); + GetASN_Choice(&dataASN[RDNASN_IDX_ATTR_VAL], rdnChoice); /* Ignore type OID as too many to store in table. */ - GetASN_OID(&dataASN[2], oidIgnoreType); + GetASN_OID(&dataASN[RDNASN_IDX_ATTR_TYPE], oidIgnoreType); /* Parse RDN. */ ret = GetASN_Items(rdnASN, dataASN, rdnASN_Length, 1, input, &srcIdx, maxIdx); @@ -11547,10 +11744,10 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, int enc; byte* str; word32 strLen; - byte tag = dataASN[3].tag; + byte tag = dataASN[RDNASN_IDX_ATTR_VAL].tag; /* Get string reference. */ - GetASN_GetRef(&dataASN[3], &str, &strLen); + GetASN_GetRef(&dataASN[RDNASN_IDX_ATTR_VAL], &str, &strLen); /* Convert BER tag to a OpenSSL type. */ switch (tag) { @@ -11614,8 +11811,12 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType, #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for certificate name. */ static const ASNItem certNameASN[] = { -/* 0 */ { 0, ASN_OBJECT_ID, 0, 0, 1 }, -/* 1 */ { 0, ASN_SEQUENCE, 1, 0, 0 }, +/* OID */ { 0, ASN_OBJECT_ID, 0, 0, 1 }, +/* NAME */ { 0, ASN_SEQUENCE, 1, 0, 0 }, +}; +enum { + CERTNAMEASN_IDX_OID = 0, + CERTNAMEASN_IDX_NAME, }; /* Number of items in ASN.1 template for certificate name. */ @@ -11689,20 +11890,20 @@ int GetName(DecodedCert* cert, int nameType, int maxIdx) #else ASNGetData dataASN[certNameASN_Length]; word32 idx = cert->srcIdx; - int ret; + int ret = 0; char* full; byte* hash; WOLFSSL_MSG("Getting Cert Name"); - /* Initialize for data and don't check optional prefix OID. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_OID(&dataASN[0], oidIgnoreType); + /* Initialize for data and don't check optional prefix OID. */ + GetASN_OID(&dataASN[CERTNAMEASN_IDX_OID], oidIgnoreType); ret = GetASN_Items(certNameASN, dataASN, certNameASN_Length, 0, cert->source, &idx, maxIdx); if (ret == 0) { /* Store offset of SEQUENCE that is start of name. */ - cert->srcIdx = dataASN[1].offset; + cert->srcIdx = dataASN[CERTNAMEASN_IDX_NAME].offset; /* Get fields to fill in based on name type. */ if (nameType == ISSUER) { @@ -12109,8 +12310,12 @@ int wc_GetTime(void* timePtr, word32 timeSize) /* TODO: use a CHOICE instead of two items? */ /* ASN.1 template for a date - either UTC or Generalized Time. */ static const ASNItem dateASN[] = { -/* 0 */ { 0, ASN_UTC_TIME, 0, 0, 2 }, -/* 1 */ { 0, ASN_GENERALIZED_TIME, 0, 0, 2 }, +/* UTC */ { 0, ASN_UTC_TIME, 0, 0, 2 }, +/* GT */ { 0, ASN_GENERALIZED_TIME, 0, 0, 2 }, +}; +enum { + DATEASN_IDX_UTC = 0, + DATEASN_IDX_GT, }; /* Number of items in ASN.1 template for a date. */ @@ -12185,7 +12390,8 @@ static int GetDateInfo(const byte* source, word32* idx, const byte** pDate, } if (ret == 0) { /* Determine which tag was seen. */ - i = (dataASN[0].tag != 0) ? 0 : 1; + i = (dataASN[DATEASN_IDX_UTC].tag != 0) ? DATEASN_IDX_UTC + : DATEASN_IDX_GT; /* Return data from seen item. */ if (pFormat != NULL) { *pFormat = dataASN[i].tag; @@ -12780,13 +12986,13 @@ word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) CALLOC_ASNSETDATA(dataASN, algoIdASN_Length, ret, NULL); /* Set the OID and OID type to encode. */ - SetASN_OID(&dataASN[1], algoOID, type); + SetASN_OID(&dataASN[ALGOIDASN_IDX_OID], algoOID, type); /* Hashes, signatures not ECC and keys not RSA put put NULL tag. */ if (!(type == oidHashType || (type == oidSigType && !IsSigAlgoECC(algoOID)) || (type == oidKeyType && algoOID == RSAk))) { /* Don't put out NULL DER item. */ - dataASN[2].noOut = 1; + dataASN[ALGOIDASN_IDX_NULL].noOut = 1; } if (algoOID == DSAk) { /* Don't include SEQUENCE for DSA keys. */ @@ -12794,10 +13000,10 @@ word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) } else if (curveSz > 0) { /* Don't put out NULL DER item. */ - dataASN[2].noOut = 0; + dataASN[ALGOIDASN_IDX_NULL].noOut = 0; /* Include space for extra data of length curveSz. * Subtract 1 for sequence and 1 for length encoding. */ - SetASN_Buffer(&dataASN[2], NULL, curveSz - 2); + SetASN_Buffer(&dataASN[ALGOIDASN_IDX_NULL], NULL, curveSz - 2); } /* Calculate size of encoding. */ @@ -12807,7 +13013,7 @@ word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) SetASN_Items(algoIdASN + o, dataASN + o, algoIdASN_Length - o, output); if (curveSz > 0) { /* Return size excluding curve data. */ - sz = dataASN[o].offset - dataASN[2].offset; + sz = dataASN[o].offset - dataASN[ALGOIDASN_IDX_NULL].offset; } } @@ -12831,13 +13037,20 @@ word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) * PKCS#1 v2.2: RFC 8017, A.2.4 - DigestInfo */ static const ASNItem digestInfoASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* digestAlgorithm */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 2 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 3 */ { 2, ASN_TAG_NULL, 0, 0, 0 }, - /* digest */ -/* 4 */ { 1, ASN_OCTET_STRING, 0, 0, 0 } +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* digestAlgorithm */ +/* DIGALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* DIGALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* DIGALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 0 }, + /* digest */ +/* DIGEST */ { 1, ASN_OCTET_STRING, 0, 0, 0 } +}; +enum { + DIGESTINFOASN_IDX_SEQ = 0, + DIGESTINFOASN_IDX_DIGALGO_SEQ, + DIGESTINFOASN_IDX_DIGALGO_OID, + DIGESTINFOASN_IDX_DIGALGO_NULL, + DIGESTINFOASN_IDX_DIGEST, }; /* Number of items in ASN.1 template for DigestInfo for RSA. */ @@ -12879,9 +13092,9 @@ word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz, if (ret == 0) { /* Set hash OID and type. */ - SetASN_OID(&dataASN[2], hashOID, oidHashType); + SetASN_OID(&dataASN[DIGESTINFOASN_IDX_DIGALGO_OID], hashOID, oidHashType); /* Set digest. */ - SetASN_Buffer(&dataASN[4], digest, digSz); + SetASN_Buffer(&dataASN[DIGESTINFOASN_IDX_DIGEST], digest, digSz); /* Calculate size of encoding. */ ret = SizeASN_Items(digestInfoASN, dataASN, digestInfoASN_Length, &sz); @@ -13998,14 +14211,22 @@ static void AddAltName(DecodedCert* cert, DNS_entry* dnsEntry) #ifdef WOLFSSL_SEP /* ASN.1 template for OtherName of an X.509 certificate. * X.509: RFC 5280, 4.2.1.6 - OtherName (without implicit outer SEQUENCE). + * HW Name: RFC 4108, 5 - Hardware Module Name * Only support HW Name where the type is a HW serial number. */ static const ASNItem otherNameASN[] = { -/* 0 */ { 0, ASN_OBJECT_ID, 0, 0, 0 }, -/* 1 */ { 0, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 0 }, -/* 2 */ { 1, ASN_SEQUENCE, 1, 0, 0 }, -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 4 */ { 2, ASN_OCTET_STRING, 0, 0, 0 } +/* TYPEID */ { 0, ASN_OBJECT_ID, 0, 0, 0 }, +/* VALUE */ { 0, ASN_CONTEXT_SPECIFIC | ASN_OTHERNAME_VALUE, 1, 0, 0 }, +/* HWN_SEQ */ { 1, ASN_SEQUENCE, 1, 0, 0 }, +/* HWN_TYPE */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* HWN_NUM */ { 2, ASN_OCTET_STRING, 0, 0, 0 } +}; +enum { + OTHERNAMEASN_IDX_TYPEID = 0, + OTHERNAMEASN_IDX_VALUE, + OTHERNAMEASN_IDX_HWN_SEQ, + OTHERNAMEASN_IDX_HWN_TYPE, + OTHERNAMEASN_IDX_HWN_NUM, }; /* Number of items in ASN.1 template for OtherName of an X.509 certificate. */ @@ -14037,24 +14258,24 @@ static int DecodeOtherName(DecodedCert* cert, const byte* input, if (ret == 0) { /* Check the first OID is a recognized Alt Cert Name type. */ - GetASN_OID(&dataASN[0], oidCertAltNameType); + GetASN_OID(&dataASN[OTHERNAMEASN_IDX_TYPEID], oidCertAltNameType); /* Only support HW serial number. */ - GetASN_OID(&dataASN[3], oidIgnoreType); + GetASN_OID(&dataASN[OTHERNAMEASN_IDX_HWN_TYPE], oidIgnoreType); /* Parse OtherName. */ ret = GetASN_Items(otherNameASN, dataASN, otherNameASN_Length, 1, input, inOutIdx, maxIdx); } if (ret == 0) { /* Ensure expected OID. */ - if (dataASN[0].data.oid.sum != HW_NAME_OID) { - WOLFSSL_MSG("\tincorrect OID"); + if (dataASN[OTHERNAMEASN_IDX_TYPEID].data.oid.sum != HW_NAME_OID) { + WOLFSSL_MSG("\tunsupported OID"); ret = ASN_PARSE_E; } } if (ret == 0) { - oidLen = dataASN[3].data.oid.length; - serialLen = dataASN[4].data.ref.length; + oidLen = dataASN[OTHERNAMEASN_IDX_HWN_TYPE].data.oid.length; + serialLen = dataASN[OTHERNAMEASN_IDX_HWN_NUM].data.ref.length; /* Allocate space for HW type OID. */ cert->hwType = (byte*)XMALLOC(oidLen, cert->heap, @@ -14064,7 +14285,8 @@ static int DecodeOtherName(DecodedCert* cert, const byte* input, } if (ret == 0) { /* Copy, into cert HW type OID */ - XMEMCPY(cert->hwType, dataASN[3].data.oid.data, oidLen); + XMEMCPY(cert->hwType, + dataASN[OTHERNAMEASN_IDX_HWN_TYPE].data.oid.data, oidLen); cert->hwTypeSz = oidLen; /* TODO: check this is the HW serial number OID - no test data. */ @@ -14078,7 +14300,8 @@ static int DecodeOtherName(DecodedCert* cert, const byte* input, } if (ret == 0) { /* Copy into cert HW serial number. */ - XMEMCPY(cert->hwSerialNum, dataASN[4].data.ref.data, serialLen); + XMEMCPY(cert->hwSerialNum, + dataASN[OTHERNAMEASN_IDX_HWN_NUM].data.ref.data, serialLen); cert->hwSerialNum[serialLen] = '\0'; cert->hwSerialNumSz = serialLen; } @@ -14235,6 +14458,9 @@ static const byte generalNameChoice[] = { static const ASNItem altNameASN[] = { { 0, ASN_CONTEXT_SPECIFIC | 0, 0, 1, 0 } }; +enum { + ALTNAMEASN_IDX_GN = 0, +}; /* Number of items in ASN.1 template for GeneralName. */ #define altNameASN_Length (sizeof(altNameASN) / sizeof(ASNItem)) @@ -14657,13 +14883,13 @@ static int DecodeAltNames(const byte* input, int sz, DecodedCert* cert) /* Clear dynamic data items. */ XMEMSET(dataASN, 0, sizeof(dataASN)); /* Parse GeneralName with the choices supported. */ - GetASN_Choice(&dataASN[0], generalNameChoice); + GetASN_Choice(&dataASN[ALTNAMEASN_IDX_GN], generalNameChoice); /* Decode a GeneralName choice. */ ret = GetASN_Items(altNameASN, dataASN, altNameASN_Length, 0, input, &idx, sz); if (ret == 0) { - ret = DecodeGeneralName(input, &idx, dataASN[0].tag, - dataASN[0].length, cert); + ret = DecodeGeneralName(input, &idx, dataASN[ALTNAMEASN_IDX_GN].tag, + dataASN[ALTNAMEASN_IDX_GN].length, cert); } } @@ -14676,9 +14902,14 @@ static int DecodeAltNames(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.1.9 - BasicConstraints. */ static const ASNItem basicConsASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_BOOLEAN, 0, 0, 1 }, -/* 2 */ { 1, ASN_INTEGER, 0, 0, 1 } +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* CA */ { 1, ASN_BOOLEAN, 0, 0, 1 }, +/* PLEN */ { 1, ASN_INTEGER, 0, 0, 1 } +}; +enum { + BASICCONSASN_IDX_SEQ = 0, + BASICCONSASN_IDX_CA, + BASICCONSASN_IDX_PLEN, }; /* Number of items in ASN.1 template for BasicContraints. */ @@ -14760,18 +14991,18 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert) if (ret == 0) { /* Get the CA boolean and path length when present. */ - GetASN_Boolean(&dataASN[1], &isCA); - GetASN_Int8Bit(&dataASN[2], &cert->pathLength); + GetASN_Boolean(&dataASN[BASICCONSASN_IDX_CA], &isCA); + GetASN_Int8Bit(&dataASN[BASICCONSASN_IDX_PLEN], &cert->pathLength); ret = GetASN_Items(basicConsASN, dataASN, basicConsASN_Length, 1, input, &idx, sz); } /* Empty SEQUENCE is OK - nothing to store. */ - if ((ret == 0) && (dataASN[0].length != 0)) { + if ((ret == 0) && (dataASN[BASICCONSASN_IDX_SEQ].length != 0)) { /* Bad encoding when CA Boolean is false * (default when not present). */ - if ((dataASN[1].length != 0) && (!isCA)) { + if ((dataASN[BASICCONSASN_IDX_CA].length != 0) && (!isCA)) { ret = ASN_PARSE_E; } /* Path length must be a 7-bit value. */ @@ -14782,7 +15013,7 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert) if (ret == 0) { /* isCA in certificate is a 1 bit of a byte. */ cert->isCA = isCA; - cert->pathLengthSet = (dataASN[2].length > 0); + cert->pathLengthSet = (dataASN[BASICCONSASN_IDX_PLEN].length > 0); } } @@ -14862,19 +15093,29 @@ static int DecodePolicyConstraints(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.1.13 - CRL Distribution Points. */ static const ASNItem crlDistASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* Distribution point name */ -/* 2 */ { 2, DISTRIBUTION_POINT, 1, 1, 1 }, - /* fullName */ -/* 3 */ { 3, CRLDP_FULL_NAME, 1, 1, 2 }, -/* 4 */ { 4, GENERALNAME_URI, 0, 0, 0 }, - /* nameRelativeToCRLIssuer */ -/* 5 */ { 3, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 2 }, - /* reasons: IMPLICIT BIT STRING */ -/* 6 */ { 2, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, - /* cRLIssuer */ -/* 7 */ { 2, ASN_CONTEXT_SPECIFIC | 2, 1, 0, 1 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* DP_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* Distribution point name */ +/* DP_DISTPOINT */ { 2, DISTRIBUTION_POINT, 1, 1, 1 }, + /* fullName */ +/* DP_DISTPOINT_FN */ { 3, CRLDP_FULL_NAME, 1, 1, 2 }, +/* DP_DISTPOINT_FN_GN */ { 4, GENERALNAME_URI, 0, 0, 0 }, + /* nameRelativeToCRLIssuer */ +/* DP_DISTPOINT_RN */ { 3, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 2 }, + /* reasons: IMPLICIT BIT STRING */ +/* DP_REASONS */ { 2, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, + /* cRLIssuer */ +/* DP_CRLISSUER */ { 2, ASN_CONTEXT_SPECIFIC | 2, 1, 0, 1 }, +}; +enum { + CRLDISTASN_IDX_SEQ = 0, + CRLDISTASN_IDX_DP_SEQ, + CRLDISTASN_IDX_DP_DISTPOINT, + CRLDISTASN_IDX_DP_DISTPOINT_FN, + CRLDISTASN_IDX_DP_DISTPOINT_FN_GN, + CRLDISTASN_IDX_DP_DISTPOINT_RN, /* Relative name */ + CRLDISTASN_IDX_DP_REASONS, + CRLDISTASN_IDX_DP_CRLISSUER, }; /* Number of items in ASN.1 template for CRL distribution points. */ @@ -15006,24 +15247,26 @@ static int DecodeCrlDist(const byte* input, int sz, DecodedCert* cert) if (ret == 0) { /* Get the GeneralName choice */ - GetASN_Choice(&dataASN[4], generalNameChoice); - /* Parse CRL distribution point. */ + GetASN_Choice(&dataASN[CRLDISTASN_IDX_DP_DISTPOINT_FN_GN], generalNameChoice); + /* Parse CRL distribtion point. */ ret = GetASN_Items(crlDistASN, dataASN, crlDistASN_Length, 0, input, &idx, sz); } if (ret == 0) { /* If the choice was a URI, store it in certificate. */ - if (dataASN[4].tag == GENERALNAME_URI) { + if (dataASN[CRLDISTASN_IDX_DP_DISTPOINT_FN_GN].tag == GENERALNAME_URI) { word32 sz32; - GetASN_GetConstRef(&dataASN[4], &cert->extCrlInfo, &sz32); + GetASN_GetConstRef(&dataASN[CRLDISTASN_IDX_DP_DISTPOINT_FN_GN], + &cert->extCrlInfo, &sz32); cert->extCrlInfoSz = sz32; } #ifdef CRLDP_VALIDATE_DATA - if (dataASN[6].data.ref.data != NULL) { + if (dataASN[CRLDISTASN_IDX_DP_REASONS].data.ref.data != NULL) { /* TODO: test case */ /* Validate ReasonFlags. */ - ret = GetASN_BitString_Int16Bit(&dataASN[6], &reason); + ret = GetASN_BitString_Int16Bit(&dataASN[CRLDISTASN_IDX_DP_REASONS], + &reason); /* First bit (LSB) unused and eight other bits defined. */ if ((ret == 0) && ((reason >> 9) || (reason & 0x01))) { ret = ASN_PARSE_E; @@ -15049,11 +15292,16 @@ static int DecodeCrlDist(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.2.1 - Authority Information Access. */ static const ASNItem accessDescASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* accessMethod */ -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, - /* accessLocation: GeneralName */ -/* 2 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* accessMethod */ +/* METH */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, + /* accessLocation: GeneralName */ +/* LOC */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 0 }, +}; +enum { + ACCESSDESCASN_IDX_SEQ = 0, + ACCESSDESCASN_IDX_METH, + ACCESSDESCASN_IDX_LOC, }; /* Number of items in ASN.1 template for the access description. */ @@ -15150,17 +15398,18 @@ static int DecodeAuthInfo(const byte* input, int sz, DecodedCert* cert) /* Clear dynamic data and retrieve OID and name. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_OID(&dataASN[1], oidCertAuthInfoType); - GetASN_Choice(&dataASN[2], generalNameChoice); + GetASN_OID(&dataASN[ACCESSDESCASN_IDX_METH], oidCertAuthInfoType); + GetASN_Choice(&dataASN[ACCESSDESCASN_IDX_LOC], generalNameChoice); /* Parse AccessDescription. */ ret = GetASN_Items(accessDescASN, dataASN, accessDescASN_Length, 0, input, &idx, sz); if (ret == 0) { /* Check we have OCSP and URI. */ - if ((dataASN[1].data.oid.sum == AIA_OCSP_OID) && - (dataASN[2].tag == GENERALNAME_URI)) { + if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum == AIA_OCSP_OID) && + (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) { /* Store URI for OCSP lookup. */ - GetASN_GetConstRef(&dataASN[2], &cert->extAuthInfo, &sz32); + GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC], + &cert->extAuthInfo, &sz32); cert->extAuthInfoSz = sz32; count++; #if !defined(OPENSSL_ALL) || !defined(WOLFSSL_QT) @@ -15169,11 +15418,12 @@ static int DecodeAuthInfo(const byte* input, int sz, DecodedCert* cert) } #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) /* Check we have CA Issuer and URI. */ - else if ((dataASN[1].data.oid.sum == AIA_CA_ISSUER_OID) && - (dataASN[2].tag == GENERALNAME_URI)) { + else if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum == + AIA_CA_ISSUER_OID) && + (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) { /* Set CaIssuers entry */ - GetASN_GetConstRef(&dataASN[2], &cert->extAuthInfoCaIssuer, - &sz32); + GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC], + &cert->extAuthInfoCaIssuer, &sz32); cert->extAuthInfoCaIssuerSz = sz32; count++; } @@ -15192,13 +15442,19 @@ static int DecodeAuthInfo(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.1.1 - Authority Key Identifier. */ static const ASNItem authKeyIdASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* keyIdentifier */ -/* 1 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 1 }, - /* authorityCertIssuer */ -/* 2 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, - /* authorityCertSerialNumber */ -/* 3 */ { 1, ASN_CONTEXT_SPECIFIC | 2, 0, 0, 1 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* keyIdentifier */ +/* KEYID */ { 1, ASN_CONTEXT_SPECIFIC | ASN_AUTHKEYID_KEYID, 0, 0, 1 }, + /* authorityCertIssuer */ +/* ISSUER */ { 1, ASN_CONTEXT_SPECIFIC | ASN_AUTHKEYID_ISSUER, 1, 0, 1 }, + /* authorityCertSerialNumber */ +/* SERIAL */ { 1, ASN_CONTEXT_SPECIFIC | ASN_AUTHKEYID_SERIAL, 0, 0, 1 }, +}; +enum { + AUTHKEYIDASN_IDX_SEQ = 0, + AUTHKEYIDASN_IDX_KEYID, + AUTHKEYIDASN_IDX_ISSUER, + AUTHKEYIDASN_IDX_SERIAL, }; /* Number of items in ASN.1 template for AuthorityKeyIdentifier. */ @@ -15273,7 +15529,7 @@ static int DecodeAuthKeyId(const byte* input, int sz, DecodedCert* cert) } if (ret == 0) { /* Key id is optional. */ - if (dataASN[1].data.ref.data == NULL) { + if (dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data == NULL) { WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available"); } else { @@ -15283,13 +15539,14 @@ static int DecodeAuthKeyId(const byte* input, int sz, DecodedCert* cert) cert->extRawAuthKeyIdSrc = input; cert->extRawAuthKeyIdSz = sz; #endif - GetASN_GetConstRef(&dataASN[1], &cert->extAuthKeyIdSrc, + GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_KEYID], &cert->extAuthKeyIdSrc, &cert->extAuthKeyIdSz); #endif /* OPENSSL_EXTRA */ /* Get the hash or hash of the hash if wrong size. */ - ret = GetHashId(dataASN[1].data.ref.data, - dataASN[1].data.ref.length, cert->extAuthKeyId); + ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data, + dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length, + cert->extAuthKeyId); } } @@ -15342,7 +15599,10 @@ static int DecodeSubjKeyId(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.1.3 - Key Usage. */ static const ASNItem keyUsageASN[] = { -/* 0 */ { 0, ASN_BIT_STRING, 0, 0, 0 }, +/* STR */ { 0, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + KEYUSAGEASN_IDX_STR = 0, }; /* Number of items in ASN.1 template for KeyUsage. */ @@ -15389,7 +15649,7 @@ static int DecodeKeyUsage(const byte* input, int sz, DecodedCert* cert) /* Clear dynamic data and set where to store extended key usage. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_Int16Bit(&dataASN[0], &cert->extKeyUsage); + GetASN_Int16Bit(&dataASN[KEYUSAGEASN_IDX_STR], &cert->extKeyUsage); /* Parse key usage. */ return GetASN_Items(keyUsageASN, dataASN, keyUsageASN_Length, 0, input, &idx, sz); @@ -15401,7 +15661,10 @@ static int DecodeKeyUsage(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.1.12 - Extended Key Usage. */ static const ASNItem keyPurposeIdASN[] = { -/* 0 */ { 0, ASN_OBJECT_ID, 0, 0, 0 }, +/* OID */ { 0, ASN_OBJECT_ID, 0, 0, 0 }, +}; +enum { + KEYPURPOSEIDASN_IDX_OID = 0, }; /* Number of items in ASN.1 template for KeyPurposeId. */ @@ -15505,7 +15768,7 @@ static int DecodeExtKeyUsage(const byte* input, int sz, DecodedCert* cert) /* Clear dynamic data items and set OID type expected. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_OID(&dataASN[0], oidCertKeyUseType); + GetASN_OID(&dataASN[KEYPURPOSEIDASN_IDX_OID], oidCertKeyUseType); /* Decode KeyPurposeId. */ ret = GetASN_Items(keyPurposeIdASN, dataASN, keyPurposeIdASN_Length, 0, input, &idx, sz); @@ -15515,7 +15778,7 @@ static int DecodeExtKeyUsage(const byte* input, int sz, DecodedCert* cert) } else if (ret == 0) { /* Store the bit for the OID. */ - switch (dataASN[0].data.oid.sum) { + switch (dataASN[KEYPURPOSEIDASN_IDX_OID].data.oid.sum) { case EKU_ANY_OID: cert->extExtKeyUsage |= EXTKEYUSE_ANY; break; @@ -15577,13 +15840,19 @@ static int DecodeNsCertType(const byte* input, int sz, DecodedCert* cert) * X.509: RFC 5280, 4.2.1.10 - Name Constraints. */ static const ASNItem subTreeASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* base GeneralName */ -/* 1 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 0 }, - /* minimum BaseDistance DEFAULT 0*/ -/* 2 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 1 }, - /* maximum BaseDistance OPTIONAL */ -/* 3 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 0, 0, 1 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* base GeneralName */ +/* BASE */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 0 }, + /* minimum BaseDistance DEFAULT 0*/ +/* MIN */ { 1, ASN_CONTEXT_SPECIFIC | ASN_SUBTREE_MIN, 0, 0, 1 }, + /* maximum BaseDistance OPTIONAL */ +/* MAX */ { 1, ASN_CONTEXT_SPECIFIC | ASN_SUBTREE_MAX, 0, 0, 1 }, +}; +enum { + SUBTREEASN_IDX_SEQ = 0, + SUBTREEASN_IDX_BASE, + SUBTREEASN_IDX_MIN, + SUBTREEASN_IDX_MAX, }; /* Number of items in ASN.1 template for GeneralSubtree. */ @@ -15755,14 +16024,14 @@ static int DecodeSubtree(const byte* input, int sz, Base_entry** head, * store minimum and maximum. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * subTreeASN_Length); - GetASN_Choice(&dataASN[1], generalNameChoice); - GetASN_Int8Bit(&dataASN[2], &minVal); - GetASN_Int8Bit(&dataASN[3], &maxVal); + GetASN_Choice(&dataASN[SUBTREEASN_IDX_BASE], generalNameChoice); + GetASN_Int8Bit(&dataASN[SUBTREEASN_IDX_MIN], &minVal); + GetASN_Int8Bit(&dataASN[SUBTREEASN_IDX_MAX], &maxVal); /* Parse GeneralSubtree. */ ret = GetASN_Items(subTreeASN, dataASN, subTreeASN_Length, 0, input, &idx, sz); if (ret == 0) { - byte t = dataASN[1].tag; + byte t = dataASN[SUBTREEASN_IDX_BASE].tag; /* Check GeneralName tag is one of the types we can handle. */ if (t == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE) || @@ -15770,8 +16039,8 @@ static int DecodeSubtree(const byte* input, int sz, Base_entry** head, t == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_DIR_TYPE)) { /* Parse the general name and store a new entry. */ ret = DecodeSubtreeGeneralName(input + - GetASNItem_DataIdx(dataASN[1], input), - dataASN[1].length, t, head, heap); + GetASNItem_DataIdx(dataASN[SUBTREEASN_IDX_BASE], input), + dataASN[SUBTREEASN_IDX_BASE].length, t, head, heap); } /* Skip entry. */ } @@ -15787,11 +16056,16 @@ static int DecodeSubtree(const byte* input, int sz, Base_entry** head, * X.509: RFC 5280, 4.2.1.10 - Name Contraints. */ static const ASNItem nameConstraintsASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* permittedSubtrees */ -/* 1 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 1 }, - /* excludededSubtrees */ -/* 2 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* permittedSubtrees */ +/* PERMIT */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 1 }, + /* excludededSubtrees */ +/* EXCLUDE */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, +}; +enum { + NAMECONSTRAINTSASN_IDX_SEQ = 0, + NAMECONSTRAINTSASN_IDX_PERMIT, + NAMECONSTRAINTSASN_IDX_EXCLUDE, }; /* Number of items in ASN.1 template for NameConstraints. */ @@ -15851,27 +16125,33 @@ static int DecodeNameConstraints(const byte* input, int sz, DecodedCert* cert) return 0; #else - ASNGetData dataASN[nameConstraintsASN_Length]; + DECL_ASNGETDATA(dataASN, nameConstraintsASN_Length); word32 idx = 0; int ret = 0; - /* Clear dynamic data. */ - XMEMSET(dataASN, 0, sizeof(dataASN)); - /* Parse NameConstraints. */ - ret = GetASN_Items(nameConstraintsASN, dataASN, nameConstraintsASN_Length, - 1, input, &idx, sz); + CALLOC_ASNGETDATA(dataASN, nameConstraintsASN_Length, ret, cert->heap); + + if (ret == 0) { + /* Parse NameConstraints. */ + ret = GetASN_Items(nameConstraintsASN, dataASN, nameConstraintsASN_Length, + 1, input, &idx, sz); + } if (ret == 0) { /* If there was a permittedSubtrees then parse it. */ - if (dataASN[1].data.ref.data != NULL) { - ret = DecodeSubtree(dataASN[1].data.ref.data, - dataASN[1].data.ref.length, &cert->permittedNames, cert->heap); + if (dataASN[NAMECONSTRAINTSASN_IDX_PERMIT].data.ref.data != NULL) { + ret = DecodeSubtree( + dataASN[NAMECONSTRAINTSASN_IDX_PERMIT].data.ref.data, + dataASN[NAMECONSTRAINTSASN_IDX_PERMIT].data.ref.length, + &cert->permittedNames, cert->heap); } } if (ret == 0) { /* If there was a excludedSubtrees then parse it. */ - if (dataASN[2].data.ref.data != NULL) { - ret = DecodeSubtree(dataASN[2].data.ref.data, - dataASN[2].data.ref.length, &cert->excludedNames, cert->heap); + if (dataASN[NAMECONSTRAINTSASN_IDX_EXCLUDE].data.ref.data != NULL) { + ret = DecodeSubtree( + dataASN[NAMECONSTRAINTSASN_IDX_EXCLUDE].data.ref.data, + dataASN[NAMECONSTRAINTSASN_IDX_EXCLUDE].data.ref.length, + &cert->excludedNames, cert->heap); } } @@ -15941,11 +16221,16 @@ exit: * X.509: RFC 5280, 4.2.1.4 - Certificate Policies. */ static const ASNItem policyInfoASN[] = { - /* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* policyIdentifier */ - /* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, - /* policyQualifiers */ - /* 2 */ { 1, ASN_SEQUENCE, 1, 0, 1 }, + /* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* policyIdentifier */ + /* ID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, + /* policyQualifiers */ + /* QUALI */ { 1, ASN_SEQUENCE, 1, 0, 1 }, + }; + enum { + POLICYINFOASN_IDX_SEQ = 0, + POLICYINFOASN_IDX_ID, + POLICYINFOASN_IDX_QUALI, }; /* Number of items in ASN.1 template for PolicyInformation. */ @@ -16101,12 +16386,12 @@ exit: /* Clear dynamic data and check OID is a cert policy type. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_OID(&dataASN[1], oidCertPolicyType); + GetASN_OID(&dataASN[POLICYINFOASN_IDX_ID], oidCertPolicyType); ret = GetASN_Items(policyInfoASN, dataASN, policyInfoASN_Length, 1, input, &idx, sz); if (ret == 0) { /* Get the OID. */ - GetASN_OIDData(&dataASN[1], &data, &length); + GetASN_OIDData(&dataASN[POLICYINFOASN_IDX_ID], &data, &length); if (length == 0) { ret = ASN_PARSE_E; } @@ -16426,8 +16711,12 @@ static int DecodeExtensionType(const byte* input, int length, word32 oid, * X.509: RFC 5280, 4.1 - Basic Certificate Fields. */ static const ASNItem certExtHdrASN[] = { -/* 0 */ { 0, ASN_CONTEXT_SPECIFIC | 3, 1, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* EXTTAG */ { 0, ASN_CONTEXT_SPECIFIC | 3, 1, 1, 0 }, +/* EXTSEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +}; +enum { + CERTEXTHDRASN_IDX_EXTTAG = 0, + CERTEXTHDRASN_IDX_EXTSEQ, }; /* Number of itesm in ASN.1 template for extensions. */ @@ -16437,13 +16726,19 @@ static const ASNItem certExtHdrASN[] = { * X.509: RFC 5280, 4.1 - Basic Certificate Fields. */ static const ASNItem certExtASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* Extension object id */ -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, - /* critical - when true, must be parseable. */ -/* 2 */ { 1, ASN_BOOLEAN, 0, 0, 1 }, - /* Data for extension - leave index at start of data. */ -/* 3 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* Extension object id */ +/* OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, + /* critical - when true, must be parseable. */ +/* CRIT */ { 1, ASN_BOOLEAN, 0, 0, 1 }, + /* Data for extension - leave index at start of data. */ +/* VAL */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +}; +enum { + CERTEXTASN_IDX_SEQ = 0, + CERTEXTASN_IDX_OID, + CERTEXTASN_IDX_CRIT, + CERTEXTASN_IDX_VAL, }; /* Number of items in ASN.1 template for Extension. */ @@ -16569,7 +16864,7 @@ end: #ifdef WOLFSSL_CERT_REQ if (cert->isCSR) { - offset = 1; + offset = CERTEXTHDRASN_IDX_EXTSEQ; } #endif if (ret == 0) { @@ -16586,15 +16881,15 @@ end: /* Clear dynamic data. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length); /* Ensure OID is an extention type. */ - GetASN_OID(&dataASN[1], oidCertExtType); + GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType); /* Set criticality variable. */ - GetASN_Int8Bit(&dataASN[2], &critical); + GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical); /* Parse extension wrapper. */ ret = GetASN_Items(certExtASN, dataASN, certExtASN_Length, 0, input, &idx, sz); if (ret == 0) { - word32 oid = dataASN[1].data.oid.sum; - int length = dataASN[3].length; + word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum; + int length = dataASN[CERTEXTASN_IDX_VAL].length; /* Decode the extension by type. */ ret = DecodeExtensionType(input + idx, length, oid, critical, cert); @@ -16625,66 +16920,98 @@ end: */ static const ASNItem x509CertASN[] = { /* Certificate ::= SEQUENCE */ -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* tbsCertificate TBSCertificate */ - /* TBSCertificate ::= SEQUENCE */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* version [0] EXPLICT Version DEFAULT v1 */ -/* 2 */ { 2, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, - /* Version ::= INTEGER { v1(0), v2(1), v3(2) */ -/* 3 */ { 3, ASN_INTEGER, 0, 0, 0 }, - /* serialNumber CertificateSerialNumber */ - /* CetificateSerialNumber ::= INTEGER */ -/* 4 */ { 2, ASN_INTEGER, 0, 0, 0 }, - /* signature AlgorithmIdentifier */ - /* AlgorithmIdentifier ::= SEQUENCE */ -/* 5 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* Algorithm OBJECT IDENTIFIER */ -/* 6 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, - /* parameters ANY defined by algorithm OPTIONAL */ -/* 7 */ { 3, ASN_TAG_NULL, 0, 0, 1 }, - /* issuer Name */ -/* 8 */ { 2, ASN_SEQUENCE, 1, 0, 0 }, - /* validity Validity */ - /* Validity ::= SEQUENCE */ -/* 9 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* notBefore Time */ - /* Time :: CHOICE { UTCTime, GeneralizedTime } */ -/* 10 */ { 3, ASN_UTC_TIME, 0, 0, 2 }, -/* 11 */ { 3, ASN_GENERALIZED_TIME, 0, 0, 2 }, - /* notAfter Time */ - /* Time :: CHOICE { UTCTime, GeneralizedTime } */ -/* 12 */ { 3, ASN_UTC_TIME, 0, 0, 3 }, -/* 13 */ { 3, ASN_GENERALIZED_TIME, 0, 0, 3 }, - /* subject Name */ -/* 14 */ { 2, ASN_SEQUENCE, 1, 0, 0 }, - /* subjectPublicKeyInfo SubjectPublicKeyInfo */ -/* 15 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* algorithm AlgorithmIdentifier */ - /* AlgorithmIdentifier ::= SEQUENCE */ -/* 16 */ { 3, ASN_SEQUENCE, 1, 1, 0 }, - /* Algorithm OBJECT IDENTIFIER */ -/* 17 */ { 4, ASN_OBJECT_ID, 0, 0, 0 }, - /* parameters ANY defined by algorithm OPTIONAL */ -/* 18 */ { 4, ASN_TAG_NULL, 0, 0, 1 }, -/* 19 */ { 4, ASN_OBJECT_ID, 0, 0, 1 }, - /* subjectPublicKey BIT STRING */ -/* 20 */ { 3, ASN_BIT_STRING, 0, 0, 0 }, - /* issuerUniqueID UniqueIdentfier OPTIONAL */ -/* 21 */ { 2, ASN_CONTEXT_SPECIFIC | 1, 0, 0, 1 }, - /* subjectUniqueID UniqueIdentfier OPTIONAL */ -/* 22 */ { 2, ASN_CONTEXT_SPECIFIC | 2, 0, 0, 1 }, - /* extensions Extensions OPTIONAL */ -/* 23 */ { 2, ASN_CONTEXT_SPECIFIC | 3, 1, 0, 1 }, - /* signatureAlgorithm AlgorithmIdentifier */ - /* AlgorithmIdentifier ::= SEQUENCE */ -/* 24 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* Algorithm OBJECT IDENTIFIER */ -/* 25 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, - /* parameters ANY defined by algorithm OPTIONAL */ -/* 26 */ { 2, ASN_TAG_NULL, 0, 0, 1 }, - /* signature BIT STRING */ -/* 27 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* tbsCertificate TBSCertificate */ + /* TBSCertificate ::= SEQUENCE */ +/* TBS_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* version [0] EXPLICT Version DEFAULT v1 */ +/* TBS_VER */ { 2, ASN_CONTEXT_SPECIFIC | ASN_X509_CERT_VERSION, 1, 1, 1 }, + /* Version ::= INTEGER { v1(0), v2(1), v3(2) */ +/* TBS_VER_INT */ { 3, ASN_INTEGER, 0, 0, 0 }, + /* serialNumber CertificateSerialNumber */ + /* CetificateSerialNumber ::= INTEGER */ +/* TBS_SERIAL */ { 2, ASN_INTEGER, 0, 0, 0 }, + /* signature AlgorithmIdentifier */ + /* AlgorithmIdentifier ::= SEQUENCE */ +/* TBS_ALGOID_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* Algorithm OBJECT IDENTIFIER */ +/* TBS_ALGOID_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, + /* parameters ANY defined by algorithm OPTIONAL */ +/* TBS_ALGOID_PARAMS */ { 3, ASN_TAG_NULL, 0, 0, 1 }, + /* issuer Name */ +/* TBS_ISSUER_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 0 }, + /* validity Validity */ + /* Validity ::= SEQUENCE */ +/* TBS_VALIDITY_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* notBefore Time */ + /* Time :: CHOICE { UTCTime, GeneralizedTime } */ +/* TBS_VALIDITY_NOTB_UTC */ { 3, ASN_UTC_TIME, 0, 0, 2 }, +/* TBS_VALIDITY_NOTB_GT */ { 3, ASN_GENERALIZED_TIME, 0, 0, 2 }, + /* notAfter Time */ + /* Time :: CHOICE { UTCTime, GeneralizedTime } */ +/* TBS_VALIDITY_NOTA_UTC */ { 3, ASN_UTC_TIME, 0, 0, 3 }, +/* TBS_VALIDITY_NOTA_GT */ { 3, ASN_GENERALIZED_TIME, 0, 0, 3 }, + /* subject Name */ +/* TBS_SUBJECT_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 0 }, + /* subjectPublicKeyInfo SubjectPublicKeyInfo */ +/* TBS_SPUBKEYINFO_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* algorithm AlgorithmIdentifier */ + /* AlgorithmIdentifier ::= SEQUENCE */ +/* TBS_SPUBKEYINFO_ALGO_SEQ */ { 3, ASN_SEQUENCE, 1, 1, 0 }, + /* Algorithm OBJECT IDENTIFIER */ +/* TBS_SPUBKEYINFO_ALGO_OID */ { 4, ASN_OBJECT_ID, 0, 0, 0 }, + /* parameters ANY defined by algorithm OPTIONAL */ +/* TBS_SPUBKEYINFO_ALGO_NOPARAMS */ { 4, ASN_TAG_NULL, 0, 0, 1 }, +/* TBS_SPUBKEYINFO_ALGO_CURVEID */ { 4, ASN_OBJECT_ID, 0, 0, 1 }, + /* subjectPublicKey BIT STRING */ +/* TBS_SPUBKEYINFO_PUBKEY */ { 3, ASN_BIT_STRING, 0, 0, 0 }, + /* issuerUniqueID UniqueIdentfier OPTIONAL */ +/* TBS_ISSUERUID */ { 2, ASN_CONTEXT_SPECIFIC | 1, 0, 0, 1 }, + /* subjectUniqueID UniqueIdentfier OPTIONAL */ +/* TBS_SUBJECTUID */ { 2, ASN_CONTEXT_SPECIFIC | 2, 0, 0, 1 }, + /* extensions Extensions OPTIONAL */ +/* TBS_EXT */ { 2, ASN_CONTEXT_SPECIFIC | 3, 1, 1, 1 }, +/* TBS_EXT_SEQ */ { 3, ASN_SEQUENCE, 1, 0, 0 }, + /* signatureAlgorithm AlgorithmIdentifier */ + /* AlgorithmIdentifier ::= SEQUENCE */ +/* SIGALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* Algorithm OBJECT IDENTIFIER */ +/* SIGALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, + /* parameters ANY defined by algorithm OPTIONAL */ +/* SIGALGO_PARAMS */ { 2, ASN_TAG_NULL, 0, 0, 1 }, + /* signature BIT STRING */ +/* SIGNATURE */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + X509CERTASN_IDX_SEQ = 0, + X509CERTASN_IDX_TBS_SEQ, + X509CERTASN_IDX_TBS_VER, + X509CERTASN_IDX_TBS_VER_INT, + X509CERTASN_IDX_TBS_SERIAL, + X509CERTASN_IDX_TBS_ALGOID_SEQ, + X509CERTASN_IDX_TBS_ALGOID_OID, + X509CERTASN_IDX_TBS_ALGOID_PARAMS, + X509CERTASN_IDX_TBS_ISSUER_SEQ, + X509CERTASN_IDX_TBS_VALIDITY_SEQ, + X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC, + X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT, + X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC, + X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT, + X509CERTASN_IDX_TBS_SUBJECT_SEQ, + X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ, + X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_SEQ, + X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_OID, + X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_NOPARAMS, + X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_CURVEID, + X509CERTASN_IDX_TBS_SPUBKEYINFO_PUBKEY, + X509CERTASN_IDX_TBS_ISSUERUID, + X509CERTASN_IDX_TBS_SUBJECTUID, + X509CERTASN_IDX_TBS_EXT, + X509CERTASN_IDX_TBS_EXT_SEQ, + X509CERTASN_IDX_SIGALGO_SEQ, + X509CERTASN_IDX_SIGALGO_OID, + X509CERTASN_IDX_SIGALGO_PARAMS, + X509CERTASN_IDX_SIGNATURE, }; /* Number of items in ASN template for an X509 certificate. */ @@ -16775,13 +17102,16 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, serialSz = EXTERNAL_SERIAL_SIZE; /* Get the version and put the serial number into the buffer. */ - GetASN_Int8Bit(&dataASN[3], &version); - GetASN_Buffer(&dataASN[4], cert->serial, &serialSz); + GetASN_Int8Bit(&dataASN[X509CERTASN_IDX_TBS_VER_INT], &version); + GetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_SERIAL], cert->serial, + &serialSz); /* Check OID types for signature, algorithm, ECC curve and sigAlg. */ - GetASN_OID(&dataASN[6], oidSigType); - GetASN_OID(&dataASN[17], oidKeyType); - GetASN_OID(&dataASN[19], oidCurveType); - GetASN_OID(&dataASN[25], oidSigType); + GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_ALGOID_OID], oidSigType); + GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_OID], + oidKeyType); + GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_CURVEID], + oidCurveType); + GetASN_OID(&dataASN[X509CERTASN_IDX_SIGALGO_OID], oidSigType); /* Parse the X509 certificate. */ ret = GetASN_Items(x509CertASN, dataASN, x509CertASN_Length, 1, cert->source, &cert->srcIdx, cert->maxIdx); @@ -16795,14 +17125,16 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, /* Set fields extracted from data. */ cert->version = version; cert->serialSz = serialSz; - cert->signatureOID = dataASN[6].data.oid.sum; - cert->keyOID = dataASN[17].data.oid.sum; - cert->certBegin = dataASN[1].offset; + cert->signatureOID = dataASN[X509CERTASN_IDX_TBS_ALGOID_OID].data.oid.sum; + cert->keyOID = dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_OID].data.oid.sum; + cert->certBegin = dataASN[X509CERTASN_IDX_TBS_SEQ].offset; /* No bad date error - don't always care. */ badDate = 0; /* Find the item with the BEFORE date and check it. */ - i = (dataASN[10].tag != 0) ? 10 : 11; + i = (dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC].tag != 0) + ? X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC + : X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT; if ((CheckDate(&dataASN[i], BEFORE) < 0) && verify) { badDate = ASN_BEFORE_DATE_E; } @@ -16811,7 +17143,9 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, cert->beforeDateLen = GetASNItem_Length(dataASN[i], cert->source); /* Find the item with the AFTER date and check it. */ - i = (dataASN[12].tag != 0) ? 12 : 13; + i = (dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC].tag != 0) + ? X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC + : X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT; if ((CheckDate(&dataASN[i], AFTER) < 0) && verify) { badDate = ASN_AFTER_DATE_E; } @@ -16820,37 +17154,40 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, cert->afterDateLen = GetASNItem_Length(dataASN[i], cert->source); /* Get the issuer name and calculate hash. */ - idx = dataASN[8].offset; + idx = dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ].offset; ret = GetCertName(cert, cert->issuer, cert->issuerHash, ISSUER, - cert->source, &idx, dataASN[9].offset); + cert->source, &idx, + dataASN[X509CERTASN_IDX_TBS_VALIDITY_SEQ].offset); } if (ret == 0) { /* Get the subject name and calculate hash. */ - idx = dataASN[14].offset; + idx = dataASN[X509CERTASN_IDX_TBS_SUBJECT_SEQ].offset; ret = GetCertName(cert, cert->subject, cert->subjectHash, SUBJECT, - cert->source, &idx, dataASN[15].offset); + cert->source, &idx, + dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ].offset); } if (ret == 0) { - /* Determine if self signed by comparig issuer and subject hashes. */ + /* Determine if self signed by comparing issuer and subject hashes. */ cert->selfSigned = XMEMCMP(cert->issuerHash, cert->subjectHash, KEYID_SIZE) == 0 ? 1 : 0; if (stopAtPubKey) { - /* Return any bad date error through badDateRed and return offset of + /* Return any bad date error through badDateRet and return offset of * subjectPublicKeyInfo. */ if (badDateRet != NULL) { *badDateRet = badDate; } - ret = dataASN[15].offset; + ret = dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ].offset; done = 1; } } if ((ret == 0) && (!done)) { /* Parse the public key. */ - idx = dataASN[15].offset; - ret = GetCertKey(cert, cert->source, &idx, dataASN[21].offset); + idx = dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ].offset; + ret = GetCertKey(cert, cert->source, &idx, + dataASN[X509CERTASN_IDX_TBS_ISSUERUID].offset); if ((ret == 0) && stopAfterPubKey) { /* Return any bad date error through badDateRed and return offset * after subjectPublicKeyInfo. @@ -16861,7 +17198,8 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, done = 1; } } - if ((ret == 0) && (!done) && (dataASN[23].data.ref.data != NULL)) { + if ((ret == 0) && (!done) && + (dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.ref.data != NULL)) { #ifndef ALLOW_V1_EXTENSIONS /* Certificate extensions were only defined in version 2. */ if (cert->version < 2) { @@ -16871,9 +17209,11 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, #endif if (ret == 0) { /* Save references to extension data. */ - cert->extensions = GetASNItem_Addr(dataASN[23], cert->source); - cert->extensionsSz = GetASNItem_Length(dataASN[23], cert->source); - cert->extensionsIdx = dataASN[23].offset; + cert->extensions = GetASNItem_Addr( + dataASN[X509CERTASN_IDX_TBS_EXT], cert->source); + cert->extensionsSz = GetASNItem_Length( + dataASN[X509CERTASN_IDX_TBS_EXT], cert->source); + cert->extensionsIdx = dataASN[X509CERTASN_IDX_TBS_EXT].offset; /* Decode the extension data starting at [3]. */ ret = DecodeCertExtensions(cert); @@ -16891,20 +17231,23 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt, } if (ret == 0) { /* Advance past extensions. */ - cert->srcIdx = dataASN[24].offset; + cert->srcIdx = dataASN[X509CERTASN_IDX_SIGALGO_SEQ].offset; } } if ((ret == 0) && (!done)) { /* Store the signature information. */ - cert->sigIndex = dataASN[24].offset; - GetASN_GetConstRef(&dataASN[27], &cert->signature, &cert->sigLength); + cert->sigIndex = dataASN[X509CERTASN_IDX_SIGALGO_SEQ].offset; + GetASN_GetConstRef(&dataASN[X509CERTASN_IDX_SIGNATURE], + &cert->signature, &cert->sigLength); /* Make sure 'signature' and 'signatureAlgorithm' are the same. */ - if (dataASN[25].data.oid.sum != cert->signatureOID) { + if (dataASN[X509CERTASN_IDX_SIGALGO_OID].data.oid.sum + != cert->signatureOID) { ret = ASN_SIG_OID_E; } /* NULL tagged item not allowed after ECDSA or EdDSA algorithm OID. */ - if (IsSigAlgoECC(cert->signatureOID) && (dataASN[26].tag != 0)) { + if (IsSigAlgoECC(cert->signatureOID) && + (dataASN[X509CERTASN_IDX_SIGALGO_PARAMS].tag != 0)) { ret = ASN_PARSE_E; } } @@ -16950,11 +17293,16 @@ int DecodeCert(DecodedCert* cert, int verify, int* criticalExt) * PKCS #10: RFC 2986, 4.1 - CertificationRequestInfo */ static const ASNItem reqAttrASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* type */ -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, - /* values */ -/* 2 */ { 1, ASN_SET, 1, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* type */ +/* TYPE */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, + /* values */ +/* VALS */ { 1, ASN_SET, 1, 0, 0 }, +}; +enum { + REQATTRASN_IDX_SEQ = 0, + REQATTRASN_IDX_TYPE, + REQATTRASN_IDX_VALS, }; /* Number of items in ASN.1 template for certificate request Attribute. */ @@ -16964,6 +17312,9 @@ static const ASNItem reqAttrASN[] = { static const ASNItem strAttrASN[] = { { 0, 0, 0, 0, 0 }, }; +enum { + STRATTRASN_IDX_STR = 0, +}; /* Number of items in ASN.1 template for a string choice. */ #define strAttrASN_Length (sizeof(strAttrASN) / sizeof(ASNItem)) @@ -16996,14 +17347,16 @@ static int DecodeCertReqAttrValue(DecodedCert* cert, int* criticalExt, case PKCS9_CONTENT_TYPE_OID: /* Clear dynamic data and specify choices acceptable. */ XMEMSET(strDataASN, 0, sizeof(strDataASN)); - GetASN_Choice(&strDataASN[0], strAttrChoice); + GetASN_Choice(&strDataASN[STRATTRASN_IDX_STR], strAttrChoice); /* Parse a string. */ ret = GetASN_Items(strAttrASN, strDataASN, strAttrASN_Length, 1, input, &idx, maxIdx); if (ret == 0) { /* Store references to password data. */ - cert->contentType = (char*)strDataASN[0].data.ref.data; - cert->contentTypeLen = strDataASN[0].data.ref.length; + cert->contentType = + (char*)strDataASN[STRATTRASN_IDX_STR].data.ref.data; + cert->contentTypeLen = + strDataASN[STRATTRASN_IDX_STR].data.ref.length; } break; @@ -17013,14 +17366,15 @@ static int DecodeCertReqAttrValue(DecodedCert* cert, int* criticalExt, case CHALLENGE_PASSWORD_OID: /* Clear dynamic data and specify choices acceptable. */ XMEMSET(strDataASN, 0, sizeof(strDataASN)); - GetASN_Choice(&strDataASN[0], strAttrChoice); + GetASN_Choice(&strDataASN[STRATTRASN_IDX_STR], strAttrChoice); /* Parse a string. */ ret = GetASN_Items(strAttrASN, strDataASN, strAttrASN_Length, 1, input, &idx, maxIdx); if (ret == 0) { /* Store references to password data. */ - cert->cPwd = (char*)strDataASN[0].data.ref.data; - cert->cPwdLen = strDataASN[0].data.ref.length; + cert->cPwd = + (char*)strDataASN[STRATTRASN_IDX_STR].data.ref.data; + cert->cPwdLen = strDataASN[STRATTRASN_IDX_STR].data.ref.length; } break; @@ -17031,14 +17385,15 @@ static int DecodeCertReqAttrValue(DecodedCert* cert, int* criticalExt, case SERIAL_NUMBER_OID: /* Clear dynamic data and specify choices acceptable. */ XMEMSET(strDataASN, 0, sizeof(strDataASN)); - GetASN_Choice(&strDataASN[0], strAttrChoice); + GetASN_Choice(&strDataASN[STRATTRASN_IDX_STR], strAttrChoice); /* Parse a string. */ ret = GetASN_Items(strAttrASN, strDataASN, strAttrASN_Length, 1, input, &idx, maxIdx); if (ret == 0) { /* Store references to serial number. */ - cert->sNum = (char*)strDataASN[0].data.ref.data; - cert->sNumLen = strDataASN[0].data.ref.length; + cert->sNum = + (char*)strDataASN[STRATTRASN_IDX_STR].data.ref.data; + cert->sNumLen = strDataASN[STRATTRASN_IDX_STR].data.ref.length; /* Store serial number if small enough. */ if (cert->sNumLen <= EXTERNAL_SERIAL_SIZE) { XMEMCPY(cert->serial, cert->sNum, cert->sNumLen); @@ -17111,7 +17466,7 @@ static int DecodeCertReqAttributes(DecodedCert* cert, int* criticalExt, while ((ret == 0) && (idx < maxIdx)) { /* Clear dynamic data. */ XMEMSET(dataASN, 0, sizeof(ASNGetData) * reqAttrASN_Length); - GetASN_OID(&dataASN[1], oidIgnoreType); + GetASN_OID(&dataASN[REQATTRASN_IDX_TYPE], oidIgnoreType); /* Parse an attribute. */ ret = GetASN_Items(reqAttrASN, dataASN, reqAttrASN_Length, 0, @@ -17119,9 +17474,10 @@ static int DecodeCertReqAttributes(DecodedCert* cert, int* criticalExt, /* idx is now at end of attribute data. */ if (ret == 0) { ret = DecodeCertReqAttrValue(cert, criticalExt, - dataASN[1].data.oid.sum, - GetASNItem_DataIdx(dataASN[2], cert->source), - dataASN[2].data.ref.data, dataASN[2].data.ref.length); + dataASN[REQATTRASN_IDX_TYPE].data.oid.sum, + GetASNItem_DataIdx(dataASN[REQATTRASN_IDX_VALS], cert->source), + dataASN[REQATTRASN_IDX_VALS].data.ref.data, + dataASN[REQATTRASN_IDX_VALS].data.ref.length); } } @@ -17131,36 +17487,57 @@ static int DecodeCertReqAttributes(DecodedCert* cert, int* criticalExt, /* ASN.1 template for a certificate request. * PKCS#10: RFC 2986, 4.1 - CertificationRequestInfo + * PKCS#10: RFC 2986, 4.2 - CertificationRequest */ static const ASNItem certReqASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* version INTEGER { v1(0), v2(1), v3(2) */ -/* 2 */ { 2, ASN_INTEGER, 0, 0, 0 }, - /* subject Name */ -/* 3 */ { 2, ASN_SEQUENCE, 1, 0, 0 }, - /* subjectPublicKeyInfo SubjectPublicKeyInfo */ -/* 4 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* algorithm AlgorithmIdentifier */ -/* 5 */ { 3, ASN_SEQUENCE, 1, 1, 0 }, - /* Algorithm OBJECT IDENTIFIER */ -/* 6 */ { 4, ASN_OBJECT_ID, 0, 0, 0 }, - /* parameters ANY defined by algorithm OPTIONAL */ -/* 7 */ { 4, ASN_TAG_NULL, 0, 0, 1 }, -/* 8 */ { 4, ASN_OBJECT_ID, 0, 0, 1 }, -/* 9 */ { 4, ASN_SEQUENCE, 1, 0, 1 }, - /* subjectPublicKey BIT STRING */ -/* 10 */ { 3, ASN_BIT_STRING, 0, 0, 0 }, - /* attributes [0] Attributes */ -/* 11 */ { 2, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 1 }, - /* signatureAlgorithm AlgorithmIdentifier */ -/* 12 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* Algorithm OBJECT IDENTIFIER */ -/* 13 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, - /* parameters ANY defined by algorithm OPTIONAL */ -/* 14 */ { 2, ASN_TAG_NULL, 0, 0, 1 }, - /* signature BIT STRING */ -/* 15 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, + /* CertificationRequest */ +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* CertificationRequestInfo */ +/* INFO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* version INTEGER { v1(0), v2(1), v3(2) */ +/* INFO_VER */ { 2, ASN_INTEGER, 0, 0, 0 }, + /* subject Name */ +/* INFO_SUBJ_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 0 }, + /* subjectPublicKeyInfo SubjectPublicKeyInfo */ +/* INFO_SPUBKEYINFO_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* algorithm AlgorithmIdentifier */ +/* INFO_SPUBKEYINFO_ALGOID_SEQ */ { 3, ASN_SEQUENCE, 1, 1, 0 }, + /* Algorithm OBJECT IDENTIFIER */ +/* INFO_SPUBKEYINFO_ALGOID_OID */ { 4, ASN_OBJECT_ID, 0, 0, 0 }, + /* parameters ANY defined by algorithm OPTIONAL */ +/* INFO_SPUBKEYINFO_ALGOID_NOPARAMS */ { 4, ASN_TAG_NULL, 0, 0, 1 }, +/* INFO_SPUBKEYINFO_ALGOID_CURVEID */ { 4, ASN_OBJECT_ID, 0, 0, 1 }, +/* INFO_SPUBKEYINFO_ALGOID_PARAMS */ { 4, ASN_SEQUENCE, 1, 0, 1 }, + /* subjectPublicKey BIT STRING */ +/* INFO_SPUBKEYINFO_PUBKEY */ { 3, ASN_BIT_STRING, 0, 0, 0 }, + /* attributes [0] Attributes */ +/* INFO_ATTRS */ { 2, ASN_CONTEXT_SPECIFIC | 0, 1, 0, 1 }, + /* signatureAlgorithm AlgorithmIdentifier */ +/* INFO_SIGALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* Algorithm OBJECT IDENTIFIER */ +/* INFO_SIGALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, + /* parameters ANY defined by algorithm OPTIONAL */ +/* INFO_SIGALGO_NOPARAMS */ { 2, ASN_TAG_NULL, 0, 0, 1 }, + /* signature BIT STRING */ +/* INFO_SIGNATURE */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + CERTREQASN_IDX_SEQ = 0, + CERTREQASN_IDX_INFO_SEQ, + CERTREQASN_IDX_INFO_VER, + CERTREQASN_IDX_INFO_SUBJ_SEQ, + CERTREQASN_IDX_INFO_SPUBKEYINFO_SEQ, + CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_SEQ, + CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_OID, + CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_NOPARAMS, + CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_CURVEID, + CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_PARAMS, + CERTREQASN_IDX_INFO_SPUBKEYINFO_PUBKEY, + CERTREQASN_IDX_INFO_ATTRS, + CERTREQASN_IDX_INFO_SIGALGO_SEQ, + CERTREQASN_IDX_INFO_SIGALGO_OID, + CERTREQASN_IDX_INFO_SIGALGO_NOPARAMS, + CERTREQASN_IDX_INFO_SIGNATURE, }; /* Number of items in ASN.1 template for a certificate request. */ @@ -17197,10 +17574,12 @@ static int DecodeCertReq(DecodedCert* cert, int* criticalExt) version = 0; /* Set version var and OID types to expect. */ - GetASN_Int8Bit(&dataASN[2], &version); - GetASN_OID(&dataASN[6], oidKeyType); - GetASN_OID(&dataASN[8], oidCurveType); - GetASN_OID(&dataASN[13], oidSigType); + GetASN_Int8Bit(&dataASN[CERTREQASN_IDX_INFO_VER], &version); + GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_OID], + oidKeyType); + GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_CURVEID], + oidCurveType); + GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SIGALGO_OID], oidSigType); /* Parse a certificate request. */ ret = GetASN_Items(certReqASN, dataASN, certReqASN_Length, 1, cert->source, &cert->srcIdx, cert->maxIdx); @@ -17213,29 +17592,36 @@ static int DecodeCertReq(DecodedCert* cert, int* criticalExt) if (ret == 0) { /* Set fields of certificate request. */ cert->version = version; - cert->signatureOID = dataASN[13].data.oid.sum; - cert->keyOID = dataASN[6].data.oid.sum; - cert->certBegin = dataASN[1].offset; + cert->signatureOID = + dataASN[CERTREQASN_IDX_INFO_SIGALGO_OID].data.oid.sum; + cert->keyOID = + dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_OID].data.oid.sum; + cert->certBegin = dataASN[CERTREQASN_IDX_INFO_SEQ].offset; /* Parse the subject name. */ - idx = dataASN[3].offset; + idx = dataASN[CERTREQASN_IDX_INFO_SUBJ_SEQ].offset; ret = GetCertName(cert, cert->subject, cert->subjectHash, SUBJECT, - cert->source, &idx, dataASN[4].offset); + cert->source, &idx, + dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_SEQ].offset); } if (ret == 0) { /* Parse the certificate request Attributes. */ ret = DecodeCertReqAttributes(cert, criticalExt, - GetASNItem_DataIdx(dataASN[11], cert->source), dataASN[12].offset); + GetASNItem_DataIdx(dataASN[CERTREQASN_IDX_INFO_ATTRS], + cert->source), + dataASN[CERTREQASN_IDX_INFO_SIGALGO_SEQ].offset); } if (ret == 0) { /* Parse the certificate request's key. */ - idx = dataASN[4].offset; - ret = GetCertKey(cert, cert->source, &idx, dataASN[11].offset); + idx = dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_SEQ].offset; + ret = GetCertKey(cert, cert->source, &idx, + dataASN[CERTREQASN_IDX_INFO_ATTRS].offset); } if (ret == 0) { /* Store references to signature. */ - cert->sigIndex = dataASN[12].offset; - GetASN_GetConstRef(&dataASN[15], &cert->signature, &cert->sigLength); + cert->sigIndex = dataASN[CERTREQASN_IDX_INFO_SIGALGO_SEQ].offset; + GetASN_GetConstRef(&dataASN[CERTREQASN_IDX_INFO_SIGNATURE], + &cert->signature, &cert->sigLength); } FREE_ASNGETDATA(dataASN, cert->heap); @@ -17373,7 +17759,6 @@ static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set, DECL_ASNGETDATA(dataASN, certExtASN_Length); int ret = 0; word32 idx = 0; - int extLen = 0; word32 extEndIdx; byte* extData; word32 extDataSz; @@ -17382,30 +17767,26 @@ static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set, ALLOC_ASNGETDATA(dataASN, certExtASN_Length, ret, heap); (void)heap; - /* Parse the outer SEQUENCE and calculate end index of extensions. */ - if ((ret == 0) && (GetASN_Sequence(input, &idx, &extLen, maxIdx, 1) < 0)) { - ret = ASN_PARSE_E; - } - extEndIdx = idx + extLen; + extEndIdx = idx + maxIdx; /* Step through each extension looking for AKI. */ while ((ret == 0) && (idx < extEndIdx)) { /* Clear dynamic data and check for certificate extension type OIDs. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length); - GetASN_OID(&dataASN[1], oidCertExtType); + GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType); /* Set criticality variable. */ - GetASN_Int8Bit(&dataASN[2], &critical); + GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical); /* Parse an extension. */ ret = GetASN_Items(certExtASN, dataASN, certExtASN_Length, 0, input, &idx, extEndIdx); if (ret == 0) { /* Get reference to extension data and move index on past this * extension. */ - GetASN_GetRef(&dataASN[3], &extData, &extDataSz); + GetASN_GetRef(&dataASN[CERTEXTASN_IDX_VAL], &extData, &extDataSz); idx += extDataSz; /* Check whether we have the AKI extension. */ - if (dataASN[1].data.oid.sum == AUTH_KEY_OID) { + if (dataASN[CERTEXTASN_IDX_OID].data.oid.sum == AUTH_KEY_OID) { /* Clear dynamic data. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * authKeyIdASN_Length); /* Start parsing extension data from the start. */ @@ -17413,12 +17794,16 @@ static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set, /* Parse AKI extension data. */ ret = GetASN_Items(authKeyIdASN, dataASN, authKeyIdASN_Length, 1, extData, &idx, extDataSz); - if ((ret == 0) && (dataASN[1].data.ref.data != NULL)) { + if ((ret == 0) && + (dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data + != NULL)) { /* We parsed successfully and have data. */ *set = 1; /* Get the hash or hash of the hash if wrong size. */ - ret = GetHashId(dataASN[1].data.ref.data, - dataASN[1].data.ref.length, hash); + ret = GetHashId( + dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data, + dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length, + hash); } break; } @@ -17794,26 +18179,31 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, /* Clear dynamic data for certificate items. */ XMEMSET(dataASN, 0, sizeof(ASNGetData) * x509CertASN_Length); /* Set OID types expected for signature and public key. */ - GetASN_OID(&dataASN[6], oidSigType); - GetASN_OID(&dataASN[17], oidKeyType); - GetASN_OID(&dataASN[19], oidCurveType); - GetASN_OID(&dataASN[25], oidSigType); + GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_ALGOID_OID], oidSigType); + GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_OID], + oidKeyType); + GetASN_OID(&dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_CURVEID], + oidCurveType); + GetASN_OID(&dataASN[X509CERTASN_IDX_SIGALGO_OID], oidSigType); /* Parse certificate. */ ret = GetASN_Items(x509CertASN, dataASN, x509CertASN_Length, 1, cert, &idx, certSz); /* Check signature OIDs match. */ - if ((ret == 0) && dataASN[6].data.oid.sum != dataASN[25].data.oid.sum) { + if ((ret == 0) && dataASN[X509CERTASN_IDX_TBS_ALGOID_OID].data.oid.sum + != dataASN[X509CERTASN_IDX_SIGALGO_OID].data.oid.sum) { ret = ASN_SIG_OID_E; } /* Store the data for verification in the certificate. */ if (ret == 0) { - tbs = GetASNItem_Addr(dataASN[1], cert); - tbsSz = GetASNItem_Length(dataASN[1], cert); - caName = GetASNItem_Addr(dataASN[8], cert); - caNameLen = GetASNItem_Length(dataASN[8], cert); - sigOID = dataASN[25].data.oid.sum; - GetASN_GetConstRef(&dataASN[27], &sig, &sigSz); + tbs = GetASNItem_Addr(dataASN[X509CERTASN_IDX_TBS_SEQ], cert); + tbsSz = GetASNItem_Length(dataASN[X509CERTASN_IDX_TBS_SEQ], cert); + caName = GetASNItem_Addr(dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ], + cert); + caNameLen = GetASNItem_Length(dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ], + cert); + sigOID = dataASN[X509CERTASN_IDX_SIGALGO_OID].data.oid.sum; + GetASN_GetConstRef(&dataASN[X509CERTASN_IDX_SIGNATURE], &sig, &sigSz); } } else if (ret == 0) { @@ -17823,20 +18213,25 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, /* Clear dynamic data for certificate request items. */ XMEMSET(dataASN, 0, sizeof(ASNGetData) * certReqASN_Length); /* Set OID types expected for signature and public key. */ - GetASN_OID(&dataASN[6], oidKeyType); - GetASN_OID(&dataASN[8], oidCurveType); - GetASN_OID(&dataASN[13], oidSigType); + GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_OID], + oidKeyType); + GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SPUBKEYINFO_ALGOID_CURVEID], + oidCurveType); + GetASN_OID(&dataASN[CERTREQASN_IDX_INFO_SIGALGO_OID], oidSigType); /* Parse certificate request. */ ret = GetASN_Items(certReqASN, dataASN, certReqASN_Length, 1, cert, &idx, certSz); if (ret == 0) { /* Store the data for verification in the certificate. */ - tbs = GetASNItem_Addr(dataASN[1], cert); - tbsSz = GetASNItem_Length(dataASN[1], cert); - caName = GetASNItem_Addr(dataASN[3], cert); - caNameLen = GetASNItem_Length(dataASN[3], cert); - sigOID = dataASN[13].data.oid.sum; - GetASN_GetConstRef(&dataASN[15], &sig, &sigSz); + tbs = GetASNItem_Addr(dataASN[CERTREQASN_IDX_INFO_SEQ], cert); + tbsSz = GetASNItem_Length(dataASN[CERTREQASN_IDX_INFO_SEQ], cert); + caName = GetASNItem_Addr( + dataASN[CERTREQASN_IDX_INFO_SUBJ_SEQ], cert); + caNameLen = GetASNItem_Length( + dataASN[CERTREQASN_IDX_INFO_SUBJ_SEQ], cert); + sigOID = dataASN[CERTREQASN_IDX_INFO_SIGALGO_OID].data.oid.sum; + GetASN_GetConstRef(&dataASN[CERTREQASN_IDX_INFO_SIGNATURE], &sig, + &sigSz); } #endif } @@ -17845,11 +18240,12 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, if ((ret == 0) && (pubKey == NULL)) { #ifndef NO_SKID /* Find the AKI extension in list of extensions and get hash. */ - if ((ret == 0) && (!req) && (dataASN[23].data.ref.data != NULL)) { + if ((!req) && + (dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.ref.data != NULL)) { /* TODO: test case */ - ret = GetAKIHash(dataASN[23].data.ref.data, - dataASN[23].data.ref.length, hash, - &extAuthKeyIdSet, heap); + ret = GetAKIHash(dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.ref.data, + dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.ref.length, + hash, &extAuthKeyIdSet, heap); } /* Get the CA by hash one was found. */ @@ -20133,17 +20529,17 @@ static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen, if (ret == 0) { if (!with_header) { /* Start encoding with items after header. */ - o = 5; + o = RSAPUBLICKEYASN_IDX_PUBKEY_RSA_SEQ; } /* Set OID for RSA key. */ - SetASN_OID(&dataASN[2], RSAk, oidKeyType); + SetASN_OID(&dataASN[RSAPUBLICKEYASN_IDX_ALGOID_OID], RSAk, oidKeyType); /* Set public key mp_ints. */ #ifdef HAVE_USER_RSA - SetASN_MP(&dataASN[6], key->n); - SetASN_MP(&dataASN[7], key->e); + SetASN_MP(&dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_N], key->n); + SetASN_MP(&dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_E], key->e); #else - SetASN_MP(&dataASN[6], &key->n); - SetASN_MP(&dataASN[7], &key->e); + SetASN_MP(&dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_N], &key->n); + SetASN_MP(&dataASN[RSAPUBLICKEYASN_IDX_PUBKEY_RSA_E], &key->e); #endif /* Calculate size of RSA public key. */ ret = SizeASN_Items(rsaPublicKeyASN + o, dataASN + o, @@ -20292,10 +20688,10 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) if (ret == 0) { /* Set the version. */ - SetASN_Int8Bit(&dataASN[1], 0); + SetASN_Int8Bit(&dataASN[RSAKEYASN_IDX_VER], 0); /* Set all the mp_ints in private key. */ for (i = 0; i < RSA_INTS; i++) { - SetASN_MP(&dataASN[2 + i], GetRsaInt(key, i)); + SetASN_MP(&dataASN[(byte)RSAKEYASN_IDX_N + i], GetRsaInt(key, i)); } /* Calculate size of RSA private key encoding. */ @@ -20569,17 +20965,25 @@ static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz) * See ASN.1 template 'eccSpecifiedASN' for specifiedCurve. */ static const ASNItem eccPublicKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* AlgorithmIdentifier */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* algorithm */ -/* 2 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, - /* namedCurve */ -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 2 }, - /* specifiedCurve - explicit parameters */ -/* 4 */ { 2, ASN_SEQUENCE, 1, 0, 2 }, - /* */ -/* 5 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* AlgorithmIdentifier */ +/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* algorithm */ +/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, + /* namedCurve */ +/* ALGOID_CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 2 }, + /* specifiedCurve - explicit parameters */ +/* ALGOID_PARAMS */ { 2, ASN_SEQUENCE, 1, 0, 2 }, + /* Public Key */ +/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + ECCPUBLICKEYASN_IDX_SEQ = 0, + ECCPUBLICKEYASN_IDX_ALGOID_SEQ, + ECCPUBLICKEYASN_IDX_ALGOID_OID, + ECCPUBLICKEYASN_IDX_ALGOID_CURVEID, + ECCPUBLICKEYASN_IDX_ALGOID_PARAMS, + ECCPUBLICKEYASN_IDX_PUBKEY, }; /* Number of items in ASN.1 template for ECC public key. */ @@ -20742,13 +21146,15 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen, if (ret == 0) { /* Set the key type OID. */ - SetASN_OID(&dataASN[2], ECDSAk, oidKeyType); + SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk, + oidKeyType); /* Set the curve OID. */ - SetASN_Buffer(&dataASN[3], key->dp->oid, key->dp->oidSz); + SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID], + key->dp->oid, key->dp->oidSz); /* Don't try to write out explicit parameters. */ - dataASN[4].noOut = 1; + dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1; /* Set size of public point to ensure space is made for it. */ - SetASN_Buffer(&dataASN[5], NULL, pubSz); + SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz); /* Calculate size of ECC public key. */ ret = SizeASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length, &sz); @@ -20875,13 +21281,19 @@ int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve) */ static const ASNItem edPubKeyASN[] = { /* SubjectPublicKeyInfo */ -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* AlgorithmIdentifier */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* Ed25519/Ed448 OID */ -/* 2 */ { 2, ASN_OBJECT_ID, 0, 0, 1 }, - /* Public key stream */ -/* 3 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* AlgorithmIdentifier */ +/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* Ed25519/Ed448 OID */ +/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 1 }, + /* Public key stream */ +/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + EDPUBKEYASN_IDX_SEQ = 0, + EDPUBKEYASN_IDX_ALGOID_SEQ, + EDPUBKEYASN_IDX_ALGOID_OID, + EDPUBKEYASN_IDX_PUBKEY, }; /* Number of items in ASN.1 template for Ed25519 and Ed448 public key. */ @@ -20967,9 +21379,10 @@ static int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen, if (ret == 0) { /* Set the OID. */ - SetASN_OID(&dataASN[2], keyType, oidKeyType); + SetASN_OID(&dataASN[EDPUBKEYASN_IDX_ALGOID_OID], keyType, + oidKeyType); /* Leave space for public point. */ - SetASN_Buffer(&dataASN[3], NULL, pubKeyLen); + SetASN_Buffer(&dataASN[EDPUBKEYASN_IDX_PUBKEY], NULL, pubKeyLen); /* Calculate size of public key encoding. */ ret = SizeASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, &sz); } @@ -20980,7 +21393,7 @@ static int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen, /* Encode public key. */ SetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, output); /* Set location to encode public point. */ - output = (byte*)dataASN[3].data.buffer.data; + output = (byte*)dataASN[EDPUBKEYASN_IDX_PUBKEY].data.buffer.data; } FREE_ASNSETDATA(dataASN, NULL); @@ -21541,8 +21954,12 @@ static int SetOjectIdValue(byte* output, word32 outSz, int* idx, * Dynamic creation of template for encoding. */ static const ASNItem ekuASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +}; +enum { + EKUASN_IDX_SEQ = 0, + EKUASN_IDX_OID, }; /* OIDs corresponding to extended key usage. */ @@ -21672,7 +22089,7 @@ static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input) if (ret == 0) { /* Copy Sequence into dynamic ASN.1 template. */ - XMEMCPY(&extKuASN[0], ekuASN, sizeof(ASNItem)); + XMEMCPY(&extKuASN[EKUASN_IDX_SEQ], ekuASN, sizeof(ASNItem)); /* Clear dynamic data. */ XMEMSET(dataASN, 0, cnt * sizeof(ASNSetData)); @@ -21680,7 +22097,8 @@ static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input) /* If 'any' set, then just use it. */ if ((input & EXTKEYUSE_ANY) == EXTKEYUSE_ANY) { /* Set template item. */ - XMEMCPY(&extKuASN[1], &ekuASN[1], sizeof(ASNItem)); + XMEMCPY(&extKuASN[EKUASN_IDX_OID], &ekuASN[EKUASN_IDX_OID], + sizeof(ASNItem)); /* Set data item. */ SetASN_Buffer(&dataASN[asnIdx], extExtKeyUsageAnyOid, sizeof(extExtKeyUsageAnyOid)); @@ -21691,7 +22109,8 @@ static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input) for (i = EKU_OID_LO; i <= EKU_OID_HI; i++) { if ((input & (1 << i)) != 0) { /* Set template item. */ - XMEMCPY(&extKuASN[asnIdx], &ekuASN[1], sizeof(ASNItem)); + XMEMCPY(&extKuASN[asnIdx], &ekuASN[EKUASN_IDX_OID], + sizeof(ASNItem)); /* Set data item. */ SetASN_Buffer(&dataASN[asnIdx], ekuOid[i - 1].oid, ekuOid[i - 1].oidSz); @@ -21705,7 +22124,8 @@ static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input) int sz = cert->extKeyUsageOIDSz[i]; if (sz > 0) { /* Set template item. */ - XMEMCPY(&extKuASN[asnIdx], &ekuASN[1], sizeof(ASNItem)); + XMEMCPY(&extKuASN[asnIdx], &ekuASN[EKUASN_IDX_OID], + sizeof(ASNItem)); /* Set data item. */ SetASN_Buffer(&dataASN[asnIdx], cert->extKeyUsageOID[i], sz); @@ -21902,12 +22322,12 @@ static int SetCertificatePolicies(byte *output, oidSz = sizeof(oid); XMEMSET(oid, 0, oidSz); - dataASN[2].noOut = 1; + dataASN[POLICYINFOASN_IDX_QUALI].noOut = 1; ret = EncodePolicyOID(oid, &oidSz, input[i], heap); if (ret == 0) { XMEMSET(dataASN, 0, sizeof(dataASN)); - SetASN_Buffer(&dataASN[1], oid, oidSz); + SetASN_Buffer(&dataASN[POLICYINFOASN_IDX_ID], oid, oidSz); ret = SizeASN_Items(policyInfoASN, dataASN, policyInfoASN_Length, &piSz); } @@ -22188,7 +22608,7 @@ static int EncodeName(EncodedName* name, const char* nameStr, return idx; #else - ASNSetData dataASN[rdnASN_Length]; + DECL_ASNSETDATA(dataASN, rdnASN_Length); ASNItem namesASN[rdnASN_Length]; byte dnOid[DN_OID_SZ] = { 0x55, 0x04, 0x00 }; int ret = 0; @@ -22202,14 +22622,12 @@ static int EncodeName(EncodedName* name, const char* nameStr, ret = BAD_FUNC_ARG; } + CALLOC_ASNSETDATA(dataASN, rdnASN_Length, ret, NULL); if (ret == 0) { nameSz = (word32)XSTRLEN(nameStr); - - /* Clear data to use when encoding. */ - XMEMSET(dataASN, 0, rdnASN_Length * sizeof(ASNSetData)); /* Copy the RDN encoding template. ASN.1 tag for the name string is set * based on type. */ - XMEMCPY(namesASN, rdnASN, rdnASN_Length * sizeof(ASNItem)); + XMEMCPY(namesASN, rdnASN, sizeof(namesASN)); /* Set OID and ASN.1 tag for name depending on type. */ switch (type) { @@ -22241,11 +22659,11 @@ static int EncodeName(EncodedName* name, const char* nameStr, } /* Set OID corresponding to the name type. */ - SetASN_Buffer(&dataASN[2], oid, oidSz); + SetASN_Buffer(&dataASN[RDNASN_IDX_ATTR_TYPE], oid, oidSz); /* Set name string. */ - SetASN_Buffer(&dataASN[3], (const byte *)nameStr, nameSz); + SetASN_Buffer(&dataASN[RDNASN_IDX_ATTR_VAL], (const byte *)nameStr, nameSz); /* Set the ASN.1 tag for the name string. */ - namesASN[3].tag = nameTag; + namesASN[RDNASN_IDX_ATTR_VAL].tag = nameTag; /* Calculate size of encoded name and indexes of components. */ ret = SizeASN_Items(namesASN, dataASN, rdnASN_Length, &sz); @@ -22267,6 +22685,7 @@ static int EncodeName(EncodedName* name, const char* nameStr, } (void)cname; + FREE_ASNSETDATA(dataASN, NULL); return ret; #endif /* WOLFSSL_ASN_TEMPLATE */ } @@ -22309,9 +22728,9 @@ static void SetRdnItems(ASNItem* namesASN, ASNSetData* dataASN, const byte* oid, int oidSz, byte tag, const byte* data, int sz) { XMEMCPY(namesASN, rdnASN, sizeof(rdnASN)); - SetASN_Buffer(&dataASN[2], oid, oidSz); - namesASN[3].tag = tag; - SetASN_Buffer(&dataASN[3], data, sz); + SetASN_Buffer(&dataASN[RDNASN_IDX_ATTR_TYPE], oid, oidSz); + namesASN[RDNASN_IDX_ATTR_VAL].tag = tag; + SetASN_Buffer(&dataASN[RDNASN_IDX_ATTR_VAL], data, sz); } #ifdef WOLFSSL_MULTI_ATTRIB @@ -22337,9 +22756,111 @@ static int FindMultiAttrib(CertName* name, int id, int* idx) static const ASNItem nameASN[] = { { 0, ASN_SEQUENCE, 1, 1, 0 }, }; +enum { + NAMEASN_IDX_SEQ = 0, +}; /* Number of items in ASN.1 template for the SEQUENCE around the RDNs. */ #define nameASN_Length (sizeof(nameASN) / sizeof(ASNItem)) + +static int SetNameRdnItems(ASNSetData* dataASN, ASNItem* namesASN, + int maxIdx, CertName* name) +{ + int i; + int idx; + int ret = 0; + int nameLen[NAME_ENTRIES]; +#ifdef WOLFSSL_MULTI_ATTRIB + int j; +#endif + + for (i = 0; i < NAME_ENTRIES; i++) { + /* Keep name length to identify component is to be encoded. */ + const char* nameStr = GetOneCertName(name, i); + nameLen[i] = nameStr ? (int)XSTRLEN(nameStr) : 0; + } + + idx = nameASN_Length; + for (i = 0; i < NAME_ENTRIES; i++) { + int type = GetCertNameId(i); + + #ifdef WOLFSSL_MULTI_ATTRIB + j = -1; + /* Put DomainComponents before OrgUnitName. */ + while (FindMultiAttrib(name, type, &j)) { + if (dataASN != NULL && namesASN != NULL) { + if (idx > maxIdx - (int)rdnASN_Length) { + WOLFSSL_MSG("Wanted to write more ASN than allocated"); + ret = BUFFER_E; + break; + } + /* Copy data into dynamic vars. */ + SetRdnItems(namesASN + idx, dataASN + idx, dcOid, + sizeof(dcOid), name->name[j].type, + (byte*)name->name[j].value, name->name[j].sz); + } + idx += rdnASN_Length; + } + if (ret != 0) + break; + #endif + + if (nameLen[i] > 0) { + if (dataASN != NULL && nameASN != NULL) { + if (idx > maxIdx - (int)rdnASN_Length) { + WOLFSSL_MSG("Wanted to write more ASN than allocated"); + ret = BUFFER_E; + break; + } + /* Write out first instance of attribute type. */ + if (type == ASN_EMAIL_NAME) { + /* Copy email data into dynamic vars. */ + SetRdnItems(namesASN + idx, dataASN + idx, attrEmailOid, + sizeof(attrEmailOid), ASN_IA5_STRING, + (const byte*)GetOneCertName(name, i), nameLen[i]); + } + else if (type == ASN_CUSTOM_NAME) { + #ifdef WOLFSSL_CUSTOM_OID + SetRdnItems(namesASN + idx, dataASN + idx, name->custom.oid, + name->custom.oidSz, name->custom.enc, + name->custom.val, name->custom.valSz); + #endif + } + else { + /* Copy name data into dynamic vars. */ + SetRdnItems(namesASN + idx, dataASN + idx, nameOid[i], + NAME_OID_SZ, GetNameType(name, i), + (const byte*)GetOneCertName(name, i), nameLen[i]); + } + } + idx += rdnASN_Length; + } + + #ifdef WOLFSSL_MULTI_ATTRIB + j = -1; + /* Write all other attributes of this type. */ + while (FindMultiAttrib(name, type, &j)) { + if (dataASN != NULL && namesASN != NULL) { + if (idx > maxIdx - (int)rdnASN_Length) { + WOLFSSL_MSG("Wanted to write more ASN than allocated"); + ret = BUFFER_E; + break; + } + /* Copy data into dynamic vars. */ + SetRdnItems(namesASN + idx, dataASN + idx, nameOid[type], + NAME_OID_SZ, name->name[j].type, + (byte*)name->name[j].value, name->name[j].sz); + } + idx += rdnASN_Length; + } + if (ret != 0) + break; + #endif + } + if (ret == 0) + ret = idx; + return ret; +} #endif /* encode CertName into output, return total bytes written */ @@ -22459,44 +22980,28 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) #else /* TODO: consider calculating size of entries, putting length into * SEQUENCE, encode SEQUENCE, encode entries into buffer. */ - ASNSetData* dataASN; - ASNItem* namesASN; - int i; - int idx; + ASNSetData* dataASN = NULL; /* Can't use DECL_ASNSETDATA. Always dynamic. */ + ASNItem* namesASN = NULL; + int items; int ret = 0; int sz; - int nameLen[NAME_ENTRIES]; -#ifdef WOLFSSL_MULTI_ATTRIB - int j; -#endif /* Calculate length of name entries and size for allocating. */ - idx = nameASN_Length; - for (i = 0; i < NAME_ENTRIES; i++) { - /* Keep name length to identify component is to be encoded. */ - const char* nameStr = GetOneCertName(name, i); - nameLen[i] = nameStr ? (int)XSTRLEN(nameStr) : 0; - if (nameLen[i] > 0) { - idx += rdnASN_Length; - } + ret = SetNameRdnItems(NULL, NULL, 0, name); + if (ret > 0) { + items = ret; + ret = 0; } - #ifdef WOLFSSL_MULTI_ATTRIB - /* Count the extra attributes too. */ - for (i = 0; i < CTC_MAX_ATTRIB; i++) { - if (name->name[i].sz > 0) - idx += rdnASN_Length; - } - #endif /* Allocate dynamic data items. */ - dataASN = (ASNSetData*)XMALLOC(idx * sizeof(ASNSetData), heap, + dataASN = (ASNSetData*)XMALLOC(items * sizeof(ASNSetData), heap, DYNAMIC_TYPE_TMP_BUFFER); if (dataASN == NULL) { ret = MEMORY_E; } else { /* Allocate dynamic ASN.1 template items. */ - namesASN = (ASNItem*)XMALLOC(idx * sizeof(ASNItem), heap, + namesASN = (ASNItem*)XMALLOC(items * sizeof(ASNItem), heap, DYNAMIC_TYPE_TMP_BUFFER); if (namesASN == NULL) { ret = MEMORY_E; @@ -22505,81 +23010,41 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) if (ret == 0) { /* Clear the dynamic data. */ - XMEMSET(dataASN, 0, idx * sizeof(ASNSetData)); + XMEMSET(dataASN, 0, items * sizeof(ASNSetData)); /* Copy in the outer sequence. */ XMEMCPY(namesASN, nameASN, sizeof(nameASN)); - idx = nameASN_Length; - for (i = 0; i < NAME_ENTRIES; i++) { - int type = GetCertNameId(i); - - #ifdef WOLFSSL_MULTI_ATTRIB - j = -1; - /* Put DomainComponents before OrgUnitName. */ - while (FindMultiAttrib(name, type, &j)) { - /* Copy data into dynamic vars. */ - SetRdnItems(namesASN + idx, dataASN + idx, dcOid, - sizeof(dcOid), name->name[j].type, - (byte*)name->name[j].value, name->name[j].sz); - idx += rdnASN_Length; - } - #endif - - if (nameLen[i] > 0) { - /* Write out first instance of attribute type. */ - if (type == ASN_EMAIL_NAME) { - /* Copy email data into dynamic vars. */ - SetRdnItems(namesASN + idx, dataASN + idx, attrEmailOid, - sizeof(attrEmailOid), ASN_IA5_STRING, - (const byte*)GetOneCertName(name, i), nameLen[i]); - } - else if (type == ASN_CUSTOM_NAME) { - #ifdef WOLFSSL_CUSTOM_OID - SetRdnItems(namesASN + idx, dataASN + idx, name->custom.oid, - name->custom.oidSz, name->custom.enc, - name->custom.val, name->custom.valSz); - #endif - } - else { - /* Copy name data into dynamic vars. */ - SetRdnItems(namesASN + idx, dataASN + idx, nameOid[i], - NAME_OID_SZ, GetNameType(name, i), - (const byte*)GetOneCertName(name, i), nameLen[i]); - } - idx += rdnASN_Length; - } - - #ifdef WOLFSSL_MULTI_ATTRIB - j = -1; - /* Write all other attributes of this type. */ - while (FindMultiAttrib(name, type, &j)) { - /* Copy data into dynamic vars. */ - SetRdnItems(namesASN + idx, dataASN + idx, nameOid[type], - NAME_OID_SZ, name->name[j].type, - (byte*)name->name[j].value, name->name[j].sz); - idx += rdnASN_Length; - } - #endif + ret = SetNameRdnItems(dataASN, namesASN, items, name); + if (ret == items) + ret = 0; + else if (ret > 0) { + WOLFSSL_MSG("SetNameRdnItems returned different length"); + ret = BUFFER_E; } - - /* Calculate size of encoding. */ - ret = SizeASN_Items(namesASN, dataASN, idx, &sz); - } - /* Check buffer size if passed in. */ - if ((ret == 0) && (output != NULL) && (sz > (int)outputSz)) { - ret = BUFFER_E; - } - if ((ret == 0) && (output != NULL)) { - /* Encode Name. */ - SetASN_Items(namesASN, dataASN, idx, output); } if (ret == 0) { - /* Return the encoding size. */ - ret = sz; + /* Calculate size of encoding. */ + ret = SizeASN_Items(namesASN, dataASN, items, &sz); + } + /* Check buffer size if passed in. */ + if (ret == 0 && output != NULL && sz > (int)outputSz) { + ret = BUFFER_E; + } + if (ret == 0) { + if (output != NULL) { + /* Encode Name. */ + ret = SetASN_Items(namesASN, dataASN, items, output); + } + else { + /* Return the encoding size. */ + ret = sz; + } } - XFREE(namesASN, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(dataASN, heap, DYNAMIC_TYPE_TMP_BUFFER); + if (namesASN != NULL) + XFREE(namesASN, heap, DYNAMIC_TYPE_TMP_BUFFER); + if (dataASN != NULL) + XFREE(dataASN, heap, DYNAMIC_TYPE_TMP_BUFFER); (void)heap; return ret; #endif @@ -22651,60 +23116,102 @@ static int EncodePublicKey(int keyType, byte* output, int outLen, */ static const ASNItem certExtsASN[] = { /* Basic Constraints Extension - 4.2.1.9 */ -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 1 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 2 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, -/* 3 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* cA */ -/* 4 */ { 3, ASN_BOOLEAN, 0, 0, 0 }, - /* pathLenConstraint */ -/* 5 */ { 3, ASN_INTEGER, 0, 0, 1 }, - /* Subject Alternative Name - 4.2.1.6 */ -/* 6 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 7 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 8 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +/* BC_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* BC_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* BC_STR */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* BC_STR_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* cA */ +/* BC_CA */ { 3, ASN_BOOLEAN, 0, 0, 0 }, + /* pathLenConstraint */ +/* BC_PATHLEN */ { 3, ASN_INTEGER, 0, 0, 1 }, + /* Subject Alternative Name - 4.2.1.6 */ +/* SAN_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* SAN_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* SAN_STR */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, #ifdef WOLFSSL_CERT_EXT /* Subject Key Identifier - 4.2.1.2 */ -/* 9 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 10 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 11 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, -/* 12 */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, - /* Authority Key Identifier - 4.2.1.1 */ -/* 13 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 14 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 15 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, -/* 16 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, -/* 17 */ { 3, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 0 }, - /* Key Usage - 4.2.1.3 */ -/* 18 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 19 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 20 */ { 1, ASN_BOOLEAN, 0, 0, 0 }, -/* 21 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, -/* 22 */ { 2, ASN_BIT_STRING, 0, 0, 0 }, - /* Extended Key Usage - 4,2,1,12 */ -/* 23 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 24 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 25 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, - /* Certificate Policies - 4.2.1.4 */ -/* 26 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 27 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 28 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, -/* 29 */ { 2, ASN_SEQUENCE, 0, 0, 0 }, - /* Netscape Certificate Type */ -/* 30 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 31 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 32 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, -/* 33 */ { 2, ASN_BIT_STRING, 0, 0, 0 }, -/* 34 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 35 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 36 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +/* SKID_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* SKID_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* SKID_STR */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* SKID_KEYID */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, + /* Authority Key Identifier - 4.2.1.1 */ +/* AKID_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* AKID_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* AKID_STR */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* AKID_STR_SEQ, */ { 2, ASN_SEQUENCE, 1, 1, 0 }, +/* AKID_KEYID */ { 3, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 0 }, + /* Key Usage - 4.2.1.3 */ +/* KU_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* KU_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* KU_CRIT */ { 1, ASN_BOOLEAN, 0, 0, 0 }, +/* KU_STR */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* KU_USAGE */ { 2, ASN_BIT_STRING, 0, 0, 0 }, + /* Extended Key Usage - 4,2,1,12 */ +/* EKU_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* EKU_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* EKU_STR */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, + /* Certificate Policies - 4.2.1.4 */ +/* POLICIES_SEQ, */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* POLICIES_OID, */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* POLICIES_STR, */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* POLICIES_INFO */ { 2, ASN_SEQUENCE, 0, 0, 0 }, + /* Netscape Certificate Type */ +/* NSTYPE_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* NSTYPE_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* NSTYPE_STR */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, +/* NSTYPE_USAGE, */ { 2, ASN_BIT_STRING, 0, 0, 0 }, +/* CRLINFO_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* CRLINFO_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* CRLINFO_STR */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, #endif /* WOLFSSL_CERT_EXT */ #ifdef WOLFSSL_CUSTOM_OID -/* 37 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, -/* 38 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, -/* 39 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, +/* CUSTOM_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, +/* CUSTOM_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, +/* CUSTOM_STR */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, #endif }; +enum { + CERTEXTSASN_IDX_BC_SEQ = 0, + CERTEXTSASN_IDX_BC_OID, + CERTEXTSASN_IDX_BC_STR, + CERTEXTSASN_IDX_BC_STR_SEQ, + CERTEXTSASN_IDX_BC_CA, + CERTEXTSASN_IDX_BC_PATHLEN, + CERTEXTSASN_IDX_SAN_SEQ, + CERTEXTSASN_IDX_SAN_OID, + CERTEXTSASN_IDX_SAN_STR, + CERTEXTSASN_IDX_SKID_SEQ, + CERTEXTSASN_IDX_SKID_OID, + CERTEXTSASN_IDX_SKID_STR, + CERTEXTSASN_IDX_SKID_KEYID, + CERTEXTSASN_IDX_AKID_SEQ, + CERTEXTSASN_IDX_AKID_OID, + CERTEXTSASN_IDX_AKID_STR, + CERTEXTSASN_IDX_AKID_STR_SEQ, + CERTEXTSASN_IDX_AKID_KEYID, + CERTEXTSASN_IDX_KU_SEQ, + CERTEXTSASN_IDX_KU_OID, + CERTEXTSASN_IDX_KU_CRIT, + CERTEXTSASN_IDX_KU_STR, + CERTEXTSASN_IDX_KU_USAGE, + CERTEXTSASN_IDX_EKU_SEQ, + CERTEXTSASN_IDX_EKU_OID, + CERTEXTSASN_IDX_EKU_STR, + CERTEXTSASN_IDX_POLICIES_SEQ, + CERTEXTSASN_IDX_POLICIES_OID, + CERTEXTSASN_IDX_POLICIES_STR, + CERTEXTSASN_IDX_POLICIES_INFO, + CERTEXTSASN_IDX_NSTYPE_SEQ, + CERTEXTSASN_IDX_NSTYPE_OID, + CERTEXTSASN_IDX_NSTYPE_STR, + CERTEXTSASN_IDX_NSTYPE_USAGE, + CERTEXTSASN_IDX_CRLINFO_SEQ, + CERTEXTSASN_IDX_CRLINFO_OID, + CERTEXTSASN_IDX_CRLINFO_STR, + CERTEXTSASN_IDX_CUSTOM_SEQ, + CERTEXTSASN_IDX_CUSTOM_OID, + CERTEXTSASN_IDX_CUSTOM_STR, +}; /* Number of items in ASN.1 template for certificate extensions. */ #define certExtsASN_Length (sizeof(certExtsASN) / sizeof(ASNItem)) @@ -22737,66 +23244,80 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz, if (ret == 0) { if (cert->isCA) { /* Set Basic Constraints to be a Certificate Authority. */ - SetASN_Boolean(&dataASN[4], 1); - SetASN_Buffer(&dataASN[1], bcOID, sizeof(bcOID)); + SetASN_Boolean(&dataASN[CERTEXTSASN_IDX_BC_CA], 1); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_BC_OID], bcOID, sizeof(bcOID)); /* TODO: consider adding path length field in Cert. */ - dataASN[5].noOut = 1; + dataASN[CERTEXTSASN_IDX_BC_PATHLEN].noOut = 1; } else { /* Don't write out Basic Constraints extension items. */ - SetASNItem_NoOut(dataASN, 0, 5); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_BC_SEQ, + CERTEXTSASN_IDX_BC_PATHLEN); } #ifdef WOLFSSL_ALT_NAMES if (!forRequest && cert->altNamesSz > 0) { /* Set Subject Alternative Name OID and data. */ - SetASN_Buffer(&dataASN[7], sanOID, sizeof(sanOID)); - SetASN_Buffer(&dataASN[8], cert->altNames, cert->altNamesSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_SAN_OID], + sanOID, sizeof(sanOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_SAN_STR], + cert->altNames, cert->altNamesSz); } else #endif { /* Don't write out Subject Alternative Name extension items. */ - SetASNItem_NoOut(dataASN, 6, 8); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_SAN_SEQ, + CERTEXTSASN_IDX_SAN_STR); } #ifdef WOLFSSL_CERT_EXT if (cert->skidSz > 0) { /* Set Subject Key Identifier OID and data. */ - SetASN_Buffer(&dataASN[10], skidOID, sizeof(skidOID)); - SetASN_Buffer(&dataASN[12], cert->skid, cert->skidSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_SKID_OID], + skidOID, sizeof(skidOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_SKID_KEYID], + cert->skid, cert->skidSz); } else { /* Don't write out Subject Key Identifier extension items. */ - SetASNItem_NoOut(dataASN, 9, 12); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_SKID_SEQ, + CERTEXTSASN_IDX_SKID_KEYID); } if (cert->akidSz > 0) { /* Set Authority Key Identifier OID and data. */ - SetASN_Buffer(&dataASN[14], akidOID, sizeof(akidOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_AKID_OID], + akidOID, sizeof(akidOID)); #ifdef WOLFSSL_AKID_NAME if (cert->rawAkid) { - SetASN_Buffer(&dataASN[15], cert->akid, cert->akidSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_AKID_STR], + cert->akid, cert->akidSz); /* cert->akid contains the internal ext structure */ - SetASNItem_NoOutBelow(dataASN, certExtsASN, 15, - certExtsASN_Length); + SetASNItem_NoOutBelow(dataASN, certExtsASN, + CERTEXTSASN_IDX_AKID_STR, certExtsASN_Length); } else #endif { - SetASN_Buffer(&dataASN[17], cert->akid, cert->akidSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_AKID_KEYID], + cert->akid, cert->akidSz); } } else { /* Don't write out Authority Key Identifier extension items. */ - SetASNItem_NoOut(dataASN, 13, 17); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_AKID_SEQ, + CERTEXTSASN_IDX_AKID_KEYID); } if (cert->keyUsage != 0) { /* Set Key Usage OID, critical and value. */ - SetASN_Buffer(&dataASN[19], kuOID, sizeof(kuOID)); - SetASN_Boolean(&dataASN[20], 1); - SetASN_Int16Bit(&dataASN[22], cert->keyUsage); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_KU_OID], + kuOID, sizeof(kuOID)); + SetASN_Boolean(&dataASN[CERTEXTSASN_IDX_KU_CRIT], 1); + SetASN_Int16Bit(&dataASN[CERTEXTSASN_IDX_KU_USAGE], + cert->keyUsage); } else { /* Don't write out Key Usage extension items. */ - SetASNItem_NoOut(dataASN, 18, 22); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_KU_SEQ, + CERTEXTSASN_IDX_KU_USAGE); } if (cert->extKeyUsage != 0) { /* Calculate size of Extended Key Usage data. */ @@ -22805,12 +23326,15 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz, ret = KEYUSAGE_E; } /* Set Extended Key Usage OID and data. */ - SetASN_Buffer(&dataASN[24], ekuOID, sizeof(ekuOID)); - SetASN_Buffer(&dataASN[25], NULL, sz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_EKU_OID], + ekuOID, sizeof(ekuOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_EKU_STR], + NULL, sz); } else { /* Don't write out Extended Key Usage extension items. */ - SetASNItem_NoOut(dataASN, 23, 25); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_EKU_SEQ, + CERTEXTSASN_IDX_EKU_STR); } if ((!forRequest) && (cert->certPoliciesNb > 0)) { @@ -22819,9 +23343,11 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz, cert->certPoliciesNb, cert->heap); if (sz > 0) { /* Set Certificate Policies OID. */ - SetASN_Buffer(&dataASN[27], cpOID, sizeof(cpOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_POLICIES_OID], + cpOID, sizeof(cpOID)); /* Make space for data. */ - SetASN_Buffer(&dataASN[29], NULL, sz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_POLICIES_INFO], + NULL, sz); } else { ret = CERTPOLICIES_E; @@ -22829,29 +23355,36 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz, } else { /* Don't write out Certificate Policies extension items. */ - SetASNItem_NoOut(dataASN, 26, 29); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_POLICIES_SEQ, + CERTEXTSASN_IDX_POLICIES_INFO); } #ifndef IGNORE_NETSCAPE_CERT_TYPE /* Netscape Certificate Type */ if (cert->nsCertType != 0) { /* Set Netscape Certificate Type OID and data. */ - SetASN_Buffer(&dataASN[31], nsCertOID, sizeof(nsCertOID)); - SetASN_Buffer(&dataASN[33], &cert->nsCertType, 1); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_NSTYPE_OID], + nsCertOID, sizeof(nsCertOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_NSTYPE_USAGE], + &cert->nsCertType, 1); } else #endif { /* Don't write out Netscape Certificate Type. */ - SetASNItem_NoOut(dataASN, 30, 33); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_NSTYPE_SEQ, + CERTEXTSASN_IDX_NSTYPE_USAGE); } if (cert->crlInfoSz > 0) { /* Set CRL Distribution Points OID and data. */ - SetASN_Buffer(&dataASN[35], crlInfoOID, sizeof(crlInfoOID)); - SetASN_Buffer(&dataASN[36], cert->crlInfo, cert->crlInfoSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_CRLINFO_OID], + crlInfoOID, sizeof(crlInfoOID)); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_CRLINFO_STR], + cert->crlInfo, cert->crlInfoSz); } else { /* Don't write out CRL Distribution Points. */ - SetASNItem_NoOut(dataASN, 34, 36); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_CRLINFO_SEQ, + CERTEXTSASN_IDX_CRLINFO_STR); } #endif /* WOLFSSL_CERT_EXT */ @@ -22859,12 +23392,15 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz, /* encode a custom oid and value */ if (cert->extCustom.oidSz > 0) { /* Set CRL Distribution Points OID and data. */ - SetASN_Buffer(&dataASN[38], cert->extCustom.oid, cert->extCustom.oidSz); - SetASN_Buffer(&dataASN[39], cert->extCustom.val, cert->extCustom.valSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_CUSTOM_OID], + cert->extCustom.oid, cert->extCustom.oidSz); + SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_CUSTOM_STR], + cert->extCustom.val, cert->extCustom.valSz); } else { /* Don't write out custom OID. */ - SetASNItem_NoOut(dataASN, 37, 39); + SetASNItem_NoOut(dataASN, CERTEXTSASN_IDX_CUSTOM_SEQ, + CERTEXTSASN_IDX_CUSTOM_STR); } #endif } @@ -22891,16 +23427,19 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz, #ifdef WOLFSSL_CERT_EXT if (cert->extKeyUsage != 0){ /* Encode Extended Key Usage into space provided. */ - if (SetExtKeyUsage(cert, (byte*)dataASN[26].data.buffer.data, - dataASN[26].data.buffer.length, cert->extKeyUsage) <= 0) { + if (SetExtKeyUsage(cert, + (byte*)dataASN[CERTEXTSASN_IDX_EKU_STR].data.buffer.data, + dataASN[CERTEXTSASN_IDX_EKU_STR].data.buffer.length, + cert->extKeyUsage) <= 0) { ret = KEYUSAGE_E; } } if ((!forRequest) && (cert->certPoliciesNb > 0)) { /* Encode Certificate Policies into space provided. */ - if (SetCertificatePolicies((byte*)dataASN[30].data.buffer.data, - dataASN[30].data.buffer.length, cert->certPolicies, - cert->certPoliciesNb, cert->heap) <= 0) { + if (SetCertificatePolicies( + (byte*)dataASN[CERTEXTSASN_IDX_POLICIES_INFO].data.buffer.data, + dataASN[CERTEXTSASN_IDX_POLICIES_INFO].data.buffer.length, + cert->certPolicies, cert->certPoliciesNb, cert->heap) <= 0) { ret = CERTPOLICIES_E; } } @@ -23706,15 +24245,23 @@ static int GenerateInteger(WC_RNG* rng, byte* out, int len) * X.509: RFC 5280, 4.1 - Basic Certificate Fields. */ static const ASNItem sigASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* tbsCertificate */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 0, 0 }, - /* signatureAlgorithm */ -/* 2 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 4 */ { 2, ASN_TAG_NULL, 0, 0, 0 }, - /* signatureValue */ -/* 5 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* tbsCertificate */ +/* TBS_SEQ */ { 1, ASN_SEQUENCE, 1, 0, 0 }, + /* signatureAlgorithm */ +/* SIGALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* SIGALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* SIGALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 0 }, + /* signatureValue */ +/* SIGNATURE */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + SIGASN_IDX_SEQ = 0, + SIGASN_IDX_TBS_SEQ, + SIGASN_IDX_SIGALGO_SEQ, + SIGASN_IDX_SIGALGO_OID, + SIGASN_IDX_SIGALGO_NULL, + SIGASN_IDX_SIGNATURE, }; /* Number of items in ASN.1 template for a Certificate. */ @@ -23758,14 +24305,15 @@ int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz, /* In place, put body between SEQUENCE and signature. */ if (ret == 0) { /* Set sigature OID and signature data. */ - SetASN_OID(&dataASN[3], sigAlgoType, oidSigType); + SetASN_OID(&dataASN[SIGASN_IDX_SIGALGO_OID], sigAlgoType, oidSigType); if (IsSigAlgoECC(sigAlgoType)) { /* ECDSA and EdDSA doesn't have NULL tagged item. */ - dataASN[4].noOut = 1; + dataASN[SIGASN_IDX_SIGALGO_NULL].noOut = 1; } - SetASN_Buffer(&dataASN[5], sig, sigSz); + SetASN_Buffer(&dataASN[SIGASN_IDX_SIGNATURE], sig, sigSz); /* Calcuate size of signature data. */ - ret = SizeASN_Items(&sigASN[2], &dataASN[2], sigASN_Length - 2, &sz); + ret = SizeASN_Items(&sigASN[SIGASN_IDX_SIGALGO_SEQ], + &dataASN[SIGASN_IDX_SIGALGO_SEQ], sigASN_Length - 2, &sz); } if (ret == 0) { /* Calculate size of outer sequence by calculating size of the encoded @@ -23776,7 +24324,7 @@ int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz, XMEMMOVE(buf + seqSz, buf, bodySz); } /* Leave space for body in encoding. */ - SetASN_ReplaceBuffer(&dataASN[1], NULL, bodySz); + SetASN_ReplaceBuffer(&dataASN[SIGASN_IDX_TBS_SEQ], NULL, bodySz); /* Calculate overall size and put in offsets and lengths. */ ret = SizeASN_Items(sigASN, dataASN, sigASN_Length, &sz); @@ -23865,6 +24413,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, word32 issRawLen = 0; word32 sbjRawLen = 0; + (void)falconKey; /* Unused without OQS */ CALLOC_ASNSETDATA(dataASN, x509CertASN_Length, ret, cert->heap); if (ret == 0) { @@ -23944,96 +24493,110 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, } if (ret >= 0) { /* Don't write out outer sequence - only doing body. */ - dataASN[0].noOut = 1; + dataASN[X509CERTASN_IDX_SEQ].noOut = 1; /* Set version, serial number and signature OID */ - SetASN_Int8Bit(&dataASN[3], cert->version); - SetASN_Buffer(&dataASN[4], cert->serial, cert->serialSz); - SetASN_OID(&dataASN[6], cert->sigType, oidSigType); + SetASN_Int8Bit(&dataASN[X509CERTASN_IDX_TBS_VER_INT], cert->version); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_SERIAL], cert->serial, + cert->serialSz); + SetASN_OID(&dataASN[X509CERTASN_IDX_TBS_ALGOID_OID], cert->sigType, + oidSigType); if (IsSigAlgoECC(cert->sigType)) { /* No NULL tagged item with ECDSA and EdDSA signature OIDs. */ - dataASN[7].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_ALGOID_PARAMS].noOut = 1; } if (issRawLen > 0) { #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \ defined(WOLFSSL_CERT_REQ) /* Put in encoded issuer name. */ - SetASN_Buffer(&dataASN[8], cert->issRaw, issuerSz); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ], + cert->issRaw, issuerSz); #endif } else { /* Leave space for issuer name. */ - SetASN_ReplaceBuffer(&dataASN[8], NULL, issuerSz); + SetASN_ReplaceBuffer(&dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ], + NULL, issuerSz); } #ifdef WOLFSSL_ALT_NAMES if (cert->beforeDateSz && cert->afterDateSz) { if (cert->beforeDate[0] == ASN_UTC_TIME) { /* Make space for before date data. */ - SetASN_Buffer(&dataASN[10], cert->beforeDate + 2, - ASN_UTC_TIME_SIZE - 1); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC], + cert->beforeDate + 2, ASN_UTC_TIME_SIZE - 1); /* Don't put out Generalized Time before data. */ - dataASN[11].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT].noOut = 1; } else { /* Don't put out UTC before data. */ - dataASN[10].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC].noOut = 1; /* Make space for before date data. */ - SetASN_Buffer(&dataASN[11], cert->beforeDate + 2, - ASN_GEN_TIME_SZ); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT], + cert->beforeDate + 2, ASN_GEN_TIME_SZ); } if (cert->afterDate[0] == ASN_UTC_TIME) { /* Make space for after date data. */ - SetASN_Buffer(&dataASN[12], cert->afterDate + 2, - ASN_UTC_TIME_SIZE - 1); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC], + cert->afterDate + 2, ASN_UTC_TIME_SIZE - 1); /* Don't put out UTC Generalized Time after data. */ - dataASN[13].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT].noOut = 1; } else { /* Don't put out UTC after data. */ - dataASN[12].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC].noOut = 1; /* Make space for after date data. */ - SetASN_Buffer(&dataASN[13], cert->afterDate + 2, - ASN_GEN_TIME_SZ); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT], + cert->afterDate + 2, ASN_GEN_TIME_SZ); } } else #endif { /* Don't put out UTC before data. */ - dataASN[10].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC].noOut = 1; /* Make space for before date data. */ - SetASN_Buffer(&dataASN[11], NULL, ASN_GEN_TIME_SZ); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT], + NULL, ASN_GEN_TIME_SZ); /* Don't put out UTC after data. */ - dataASN[12].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC].noOut = 1; /* Make space for after date data. */ - SetASN_Buffer(&dataASN[13], NULL, ASN_GEN_TIME_SZ); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT], + NULL, ASN_GEN_TIME_SZ); } if (sbjRawLen > 0) { /* Put in encoded subject name. */ #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \ defined(WOLFSSL_CERT_REQ) - SetASN_Buffer(&dataASN[14], cert->sbjRaw, subjectSz); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_SUBJECT_SEQ], + cert->sbjRaw, subjectSz); #endif } else { /* Leave space for subject name. */ - SetASN_ReplaceBuffer(&dataASN[14], NULL, subjectSz); + SetASN_ReplaceBuffer(&dataASN[X509CERTASN_IDX_TBS_SUBJECT_SEQ], + NULL, subjectSz); } /* Leave space for public key. */ - SetASN_ReplaceBuffer(&dataASN[15], NULL, publicKeySz); + SetASN_ReplaceBuffer(&dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ], + NULL, publicKeySz); /* Replacement buffer instead of algorithm identifier items. */ - SetASNItem_NoOut(dataASN, 16, 20); + SetASNItem_NoOut(dataASN, + X509CERTASN_IDX_TBS_SPUBKEYINFO_ALGO_SEQ, + X509CERTASN_IDX_TBS_SPUBKEYINFO_PUBKEY); /* issuerUniqueID and subjectUniqueID not supported. */ - dataASN[21].noOut = dataASN[22].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_ISSUERUID].noOut = 1; + dataASN[X509CERTASN_IDX_TBS_SUBJECTUID].noOut = 1; /* Leave space for extensions if any set into certificate object. */ if (extSz > 0) { - SetASN_Buffer(&dataASN[23], NULL, extSz); + SetASN_Buffer(&dataASN[X509CERTASN_IDX_TBS_EXT_SEQ], NULL, extSz); } else { - dataASN[23].noOut = 1; + SetASNItem_NoOutNode(dataASN, x509CertASN, + X509CERTASN_IDX_TBS_EXT, x509CertASN_Length); } /* No signature - added later. */ - SetASNItem_NoOut(dataASN, 24, 27); + SetASNItem_NoOut(dataASN, X509CERTASN_IDX_SIGALGO_SEQ, + X509CERTASN_IDX_SIGNATURE); /* Calculate encoded certificate body size. */ ret = SizeASN_Items(x509CertASN, dataASN, x509CertASN_Length, &sz); @@ -24048,14 +24611,18 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, if (issRawLen == 0) { /* Encode issuer name into buffer. */ - ret = SetNameEx((byte*)dataASN[8].data.buffer.data, - dataASN[8].data.buffer.length, &cert->issuer, cert->heap); + ret = SetNameEx( + (byte*)dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ].data.buffer.data, + dataASN[X509CERTASN_IDX_TBS_ISSUER_SEQ].data.buffer.length, + &cert->issuer, cert->heap); } } if ((ret >= 0) && (sbjRawLen == 0)) { /* Encode subject name into buffer. */ - ret = SetNameEx((byte*)dataASN[14].data.buffer.data, - dataASN[14].data.buffer.length, &cert->subject, cert->heap); + ret = SetNameEx( + (byte*)dataASN[X509CERTASN_IDX_TBS_SUBJECT_SEQ].data.buffer.data, + dataASN[X509CERTASN_IDX_TBS_SUBJECT_SEQ].data.buffer.length, + &cert->subject, cert->heap); } if (ret >= 0) { #ifdef WOLFSSL_ALT_NAMES @@ -24063,20 +24630,27 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, #endif { /* Encode validity into buffer. */ - ret = SetValidity((byte*)dataASN[11].data.buffer.data, - (byte*)dataASN[13].data.buffer.data, cert->daysValid); + ret = SetValidity( + (byte*)dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT] + .data.buffer.data, + (byte*)dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT] + .data.buffer.data, cert->daysValid); } } if (ret >= 0) { /* Encode public key into buffer. */ ret = EncodePublicKey(cert->keyType, - (byte*)dataASN[15].data.buffer.data, dataASN[15].data.buffer.length, + (byte*)dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ] + .data.buffer.data, + dataASN[X509CERTASN_IDX_TBS_SPUBKEYINFO_SEQ] + .data.buffer.length, rsaKey, eccKey, ed25519Key, ed448Key, dsaKey); } - if ((ret >= 0) && (!dataASN[23].noOut)) { + if ((ret >= 0) && (!dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].noOut)) { /* Encode extensions into buffer. */ - ret = EncodeExtensions(cert, (byte*)dataASN[23].data.buffer.data, - dataASN[23].data.buffer.length, 0); + ret = EncodeExtensions(cert, + (byte*)dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.buffer.data, + dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.buffer.length, 0); } if (ret >= 0) { /* Store encoded certifcate body size. */ @@ -24577,26 +25151,42 @@ static int WriteCertReqBody(DerCert* der, byte* buf) * PKCS #10: RFC 2986, 4.1 - CertificationRequestInfo */ static const ASNItem certReqBodyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* version */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, - /* subject */ -/* 2 */ { 1, ASN_SEQUENCE, 1, 0, 0 }, - /* subjectPKInfo */ -/* 3 */ { 1, ASN_SEQUENCE, 1, 0, 0 }, - /* attributes*/ -/* 4 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, - /* Challenge Password Attribute */ -/* 5 */ { 2, ASN_SEQUENCE, 1, 1, 1 }, -/* 6 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, -/* 7 */ { 3, ASN_SET, 1, 1, 0 }, -/* 8 */ { 4, ASN_PRINTABLE_STRING, 0, 0, 0 }, -/* 9 */ { 4, ASN_UTF8STRING, 0, 0, 0 }, - /* Extensions Attribute */ -/* 10 */ { 2, ASN_SEQUENCE, 1, 1, 1 }, -/* 11 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, -/* 12 */ { 3, ASN_SET, 1, 1, 0 }, -/* 13 */ { 4, ASN_SEQUENCE, 1, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* version */ +/* VER */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* subject */ +/* SUBJ_SEQ */ { 1, ASN_SEQUENCE, 1, 0, 0 }, + /* subjectPKInfo */ +/* SPUBKEYINFO_SEQ */ { 1, ASN_SEQUENCE, 1, 0, 0 }, + /* attributes*/ +/* ATTRS */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, + /* Challenge Password Attribute */ +/* ATTRS_CPW_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 1 }, +/* ATTRS_CPW_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, +/* ATTRS_CPW_SET */ { 3, ASN_SET, 1, 1, 0 }, +/* ATTRS_CPW_PS */ { 4, ASN_PRINTABLE_STRING, 0, 0, 0 }, +/* ATTRS_CPW_UTF */ { 4, ASN_UTF8STRING, 0, 0, 0 }, + /* Extensions Attribute */ +/* EXT_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 1 }, +/* EXT_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, +/* EXT_SET */ { 3, ASN_SET, 1, 1, 0 }, +/* EXT_BODY */ { 4, ASN_SEQUENCE, 1, 0, 0 }, +}; +enum { + CERTREQBODYASN_IDX_SEQ = 0, + CERTREQBODYASN_IDX_VER, + CERTREQBODYASN_IDX_SUBJ_SEQ, + CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ, + CERTREQBODYASN_IDX_ATTRS, + CERTREQBODYASN_IDX_ATTRS_CPW_SEQ, + CERTREQBODYASN_IDX_ATTRS_CPW_OID, + CERTREQBODYASN_IDX_ATTRS_CPW_SET, + CERTREQBODYASN_IDX_ATTRS_CPW_PS, + CERTREQBODYASN_IDX_ATTRS_CPW_UTF, + CERTREQBODYASN_IDX_EXT_SEQ, + CERTREQBODYASN_IDX_EXT_OID, + CERTREQBODYASN_IDX_EXT_SET, + CERTREQBODYASN_IDX_EXT_BODY, }; /* Number of items in ASN.1 template for Certificate Request body. */ @@ -24666,6 +25256,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, word32 sbjRawSz; #endif + (void)falconKey; /* Unused without OQS */ CALLOC_ASNSETDATA(dataASN, certReqBodyASN_Length, ret, cert->heap); if (ret == 0) { @@ -24722,55 +25313,62 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, } if (ret >= 0) { /* Set version. */ - SetASN_Int8Bit(&dataASN[1], cert->version); + SetASN_Int8Bit(&dataASN[CERTREQBODYASN_IDX_VER], cert->version); #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) if (sbjRawSz > 0) { /* Put in encoded subject name. */ - SetASN_Buffer(&dataASN[2], cert->sbjRaw, subjectSz); + SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_SUBJ_SEQ], cert->sbjRaw, + subjectSz); } else #endif { /* Leave space for subject name. */ - SetASN_ReplaceBuffer(&dataASN[2], NULL, subjectSz); + SetASN_ReplaceBuffer(&dataASN[CERTREQBODYASN_IDX_SUBJ_SEQ], NULL, + subjectSz); } /* Leave space for public key. */ - SetASN_ReplaceBuffer(&dataASN[3], NULL, publicKeySz); + SetASN_ReplaceBuffer(&dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ], + NULL, publicKeySz); if (cert->challengePw[0] != '\0') { /* Add challenge password attribute. */ /* Set challenge password OID. */ - SetASN_Buffer(&dataASN[6], attrChallengePasswordOid, + SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_CPW_OID], attrChallengePasswordOid, sizeof(attrChallengePasswordOid)); /* Enable the ASN template item with the appropriate tag. */ if (cert->challengePwPrintableString) { /* PRINTABLE_STRING - set buffer */ - SetASN_Buffer(&dataASN[8], (byte*)cert->challengePw, - (word32)XSTRLEN(cert->challengePw)); + SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_CPW_PS], + (byte*)cert->challengePw, + (word32)XSTRLEN(cert->challengePw)); /* UTF8STRING - don't encode */ - dataASN[9].noOut = 1; + dataASN[CERTREQBODYASN_IDX_ATTRS_CPW_UTF].noOut = 1; } else { /* PRINTABLE_STRING - don't encode */ - dataASN[8].noOut = 1; + dataASN[CERTREQBODYASN_IDX_ATTRS_CPW_PS].noOut = 1; /* UTF8STRING - set buffer */ - SetASN_Buffer(&dataASN[9], (byte*)cert->challengePw, - (word32)XSTRLEN(cert->challengePw)); + SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_CPW_UTF], + (byte*)cert->challengePw, + (word32)XSTRLEN(cert->challengePw)); } } else { /* Leave out challenge password attribute items. */ - SetASNItem_NoOut(dataASN, 5, 9); + SetASNItem_NoOutNode(dataASN, certReqBodyASN, + CERTREQBODYASN_IDX_ATTRS_CPW_SEQ, certReqBodyASN_Length); } if (extSz > 0) { /* Set extension attribute OID. */ - SetASN_Buffer(&dataASN[11], attrExtensionRequestOid, + SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_EXT_OID], attrExtensionRequestOid, sizeof(attrExtensionRequestOid)); /* Leave space for data. */ - SetASN_Buffer(&dataASN[13], NULL, extSz); + SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_EXT_BODY], NULL, extSz); } else { /* Leave out extension attribute items. */ - SetASNItem_NoOut(dataASN, 10, 13); + SetASNItem_NoOutNode(dataASN, certReqBodyASN, + CERTREQBODYASN_IDX_EXT_SEQ, certReqBodyASN_Length); } /* Calculate size of encoded certificate request body. */ @@ -24791,20 +25389,24 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, #endif { /* Encode subject name into space in buffer. */ - ret = SetNameEx((byte*)dataASN[2].data.buffer.data, - dataASN[2].data.buffer.length, &cert->subject, cert->heap); + ret = SetNameEx( + (byte*)dataASN[CERTREQBODYASN_IDX_SUBJ_SEQ].data.buffer.data, + dataASN[CERTREQBODYASN_IDX_SUBJ_SEQ].data.buffer.length, + &cert->subject, cert->heap); } } if (ret >= 0) { /* Encode public key into space in buffer. */ - ret = EncodePublicKey(cert->keyType, (byte*)dataASN[3].data.buffer.data, - dataASN[3].data.buffer.length, rsaKey, eccKey, ed25519Key, ed448Key, - dsaKey); + ret = EncodePublicKey(cert->keyType, + (byte*)dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ].data.buffer.data, + dataASN[CERTREQBODYASN_IDX_SPUBKEYINFO_SEQ].data.buffer.length, + rsaKey, eccKey, ed25519Key, ed448Key, dsaKey); } - if ((ret >= 0) && (!dataASN[13].noOut)) { + if ((ret >= 0) && (!dataASN[CERTREQBODYASN_IDX_EXT_BODY].noOut)) { /* Encode extensions into space in buffer. */ - ret = EncodeExtensions(cert, (byte*)dataASN[13].data.buffer.data, - dataASN[13].data.buffer.length, 1); + ret = EncodeExtensions(cert, + (byte*)dataASN[CERTREQBODYASN_IDX_EXT_BODY].data.buffer.data, + dataASN[CERTREQBODYASN_IDX_EXT_BODY].data.buffer.length, 1); } if (ret >= 0) { /* Store encoded certifcate request body size. */ @@ -26054,10 +26656,10 @@ int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g) if (ret == 0) { XMEMSET(dataASN, 0, sizeof(dataASN)); /* Set mp_int containing p and g. */ - SetASN_MP(&dataASN[1], p); - SetASN_MP(&dataASN[2], g); + SetASN_MP(&dataASN[DHPARAMASN_IDX_PRIME], p); + SetASN_MP(&dataASN[DHPARAMASN_IDX_BASE], g); /* privateValueLength not encoded. */ - dataASN[3].noOut = 1; + dataASN[DHPARAMASN_IDX_PRIVLEN].noOut = 1; /* Calculate the size of the DH parameters. */ ret = SizeASN_Items(dhParamASN, dataASN, dhParamASN_Length, &sz); @@ -26085,11 +26687,16 @@ int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g) * RFC 5912, 6 - DSA-Sig-Value */ static const ASNItem dsaSigASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* r */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, - /* s */ -/* 2 */ { 1, ASN_INTEGER, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* r */ +/* R */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* s */ +/* S */ { 1, ASN_INTEGER, 0, 0, 0 }, +}; +enum { + DSASIGASN_IDX_SEQ = 0, + DSASIGASN_IDX_R, + DSASIGASN_IDX_S, }; #define dsaSigASN_Length (sizeof(dsaSigASN) / sizeof(ASNItem)) @@ -26138,8 +26745,8 @@ int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s) /* Clear dynamic data and set mp_ints r and s */ XMEMSET(dataASN, 0, sizeof(dataASN)); - SetASN_MP(&dataASN[1], r); - SetASN_MP(&dataASN[2], s); + SetASN_MP(&dataASN[DSASIGASN_IDX_R], r); + SetASN_MP(&dataASN[DSASIGASN_IDX_S], s); /* Calculate size of encoding. */ ret = SizeASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, &sz); @@ -26240,8 +26847,8 @@ int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen, /* Clear dynamic data and set buffers for r and s */ XMEMSET(dataASN, 0, sizeof(dataASN)); - SetASN_Buffer(&dataASN[1], r, rLen); - SetASN_Buffer(&dataASN[2], s, sLen); + SetASN_Buffer(&dataASN[DSASIGASN_IDX_R], r, rLen); + SetASN_Buffer(&dataASN[DSASIGASN_IDX_S], s, sLen); /* Calculate size of encoding. */ ret = SizeASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, &sz); @@ -26318,8 +26925,8 @@ int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen, byte* r, word32* rLen, /* Clear dynamic data and set buffers to put r and s into. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_Buffer(&dataASN[1], r, rLen); - GetASN_Buffer(&dataASN[2], s, sLen); + GetASN_Buffer(&dataASN[DSASIGASN_IDX_R], r, rLen); + GetASN_Buffer(&dataASN[DSASIGASN_IDX_S], s, sLen); /* Decode the DSA signature. */ return GetASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, 1, sig, &idx, @@ -26375,8 +26982,8 @@ int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s) /* Clear dynamic data and set mp_ints to put r and s into. */ XMEMSET(dataASN, 0, sizeof(dataASN)); - GetASN_MP(&dataASN[1], r); - GetASN_MP(&dataASN[2], s); + GetASN_MP(&dataASN[DSASIGASN_IDX_R], r); + GetASN_MP(&dataASN[DSASIGASN_IDX_S], s); /* Decode the DSA signature. */ return GetASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, 1, sig, &idx, @@ -26451,29 +27058,43 @@ static int DataToHexStringAlloc(const byte* input, word32 inSz, char** out, * NOTE: characteristic-two-field not supported. */ static const ASNItem eccSpecifiedASN[] = { /* version */ -/* 0 */ { 0, ASN_INTEGER, 0, 0, 0 }, - /* fieldID */ -/* 1 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* prime-field or characteristic-two-field */ -/* 2 */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, - /* Prime-p */ -/* 3 */ { 1, ASN_INTEGER, 0, 0, 0 }, - /* fieldID */ -/* 4 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* a */ -/* 5 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, - /* b */ -/* 6 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, - /* seed */ -/* 7 */ { 1, ASN_BIT_STRING, 0, 0, 1 }, - /* base */ -/* 8 */ { 0, ASN_OCTET_STRING, 0, 0, 0 }, - /* order */ -/* 9 */ { 0, ASN_INTEGER, 0, 0, 0 }, - /* cofactor */ -/* 10 */ { 0, ASN_INTEGER, 0, 0, 1 }, - /* hash */ -/* 11 */ { 0, ASN_SEQUENCE, 0, 0, 1 }, +/* VER */ { 0, ASN_INTEGER, 0, 0, 0 }, + /* fieldID */ +/* PRIME_SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* prime-field or characteristic-two-field */ +/* PRIME_OID */ { 1, ASN_OBJECT_ID, 0, 0, 0 }, + /* Prime-p */ +/* PRIME_P */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* fieldID */ +/* PARAM_SEQ, */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* a */ +/* PARAM_A */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, + /* b */ +/* PARAM_B */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, + /* seed */ +/* PARAM_SEED */ { 1, ASN_BIT_STRING, 0, 0, 1 }, + /* base */ +/* BASE */ { 0, ASN_OCTET_STRING, 0, 0, 0 }, + /* order */ +/* ORDER */ { 0, ASN_INTEGER, 0, 0, 0 }, + /* cofactor */ +/* COFACTOR */ { 0, ASN_INTEGER, 0, 0, 1 }, + /* hash */ +/* HASH_SEQ */ { 0, ASN_SEQUENCE, 0, 0, 1 }, +}; +enum { + ECCSPECIFIEDASN_IDX_VER = 0, + ECCSPECIFIEDASN_IDX_PRIME_SEQ, + ECCSPECIFIEDASN_IDX_PRIME_OID, + ECCSPECIFIEDASN_IDX_PRIME_P, + ECCSPECIFIEDASN_IDX_PARAM_SEQ, + ECCSPECIFIEDASN_IDX_PARAM_A, + ECCSPECIFIEDASN_IDX_PARAM_B, + ECCSPECIFIEDASN_IDX_PARAM_SEED, + ECCSPECIFIEDASN_IDX_BASE, + ECCSPECIFIEDASN_IDX_ORDER, + ECCSPECIFIEDASN_IDX_COFACTOR, + ECCSPECIFIEDASN_IDX_HASH_SEQ, }; /* Number of items in ASN.1 template for SpecifiedECDomain. */ @@ -26518,9 +27139,10 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz, curve->id = ECC_CURVE_CUSTOM; /* Get version, must have prime field OID and get co-factor. */ - GetASN_Int8Bit(&dataASN[0], &version); - GetASN_ExpBuffer(&dataASN[2], primeFieldOID, sizeof(primeFieldOID)); - GetASN_Int8Bit(&dataASN[10], &cofactor); + GetASN_Int8Bit(&dataASN[ECCSPECIFIEDASN_IDX_VER], &version); + GetASN_ExpBuffer(&dataASN[ECCSPECIFIEDASN_IDX_PRIME_OID], + primeFieldOID, sizeof(primeFieldOID)); + GetASN_Int8Bit(&dataASN[ECCSPECIFIEDASN_IDX_COFACTOR], &cofactor); /* Decode the explicit parameters. */ ret = GetASN_Items(eccSpecifiedASN, dataASN, eccSpecifiedASN_Length, 1, input, &idx, inSz); @@ -26530,22 +27152,26 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz, ret = ASN_PARSE_E; } /* Only version 2 and above can have a seed. */ - if ((ret == 0) && (dataASN[7].tag != 0) && (version < 2)) { + if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_PARAM_SEED].tag != 0) && + (version < 2)) { ret = ASN_PARSE_E; } /* Only version 2 and above can have a hash algorithm. */ - if ((ret == 0) && (dataASN[11].tag != 0) && (version < 2)) { + if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_HASH_SEQ].tag != 0) && + (version < 2)) { ret = ASN_PARSE_E; } - if ((ret == 0) && (dataASN[10].tag != 0)) { + if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_COFACTOR].tag != 0)) { /* Store optional co-factor. */ curve->cofactor = cofactor; } if (ret == 0) { /* Length of the prime in bytes is the curve size. */ - curve->size = (int)dataASN[3].data.ref.length; + curve->size = + (int)dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.length; /* Base point: 0x04 (must be uncompressed). */ - GetASN_GetConstRef(&dataASN[8], &base, &baseLen); + GetASN_GetConstRef(&dataASN[ECCSPECIFIEDASN_IDX_BASE], &base, + &baseLen); if ((baseLen < (word32)curve->size * 2 + 1) || (base[0] != 0x4)) { ret = ASN_PARSE_E; } @@ -26569,31 +27195,31 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz, } if (ret == 0) { /* Prime */ - ret = DataToHexStringAlloc(dataASN[3].data.ref.data, - dataASN[3].data.ref.length, - (char**)&curve->prime, key->heap, - DYNAMIC_TYPE_ECC_BUFFER); + ret = DataToHexStringAlloc( + dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.length, + (char**)&curve->prime, key->heap, DYNAMIC_TYPE_ECC_BUFFER); } if (ret == 0) { /* Parameter A */ - ret = DataToHexStringAlloc(dataASN[5].data.ref.data, - dataASN[5].data.ref.length, - (char**)&curve->Af, key->heap, - DYNAMIC_TYPE_ECC_BUFFER); + ret = DataToHexStringAlloc( + dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.length, + (char**)&curve->Af, key->heap, DYNAMIC_TYPE_ECC_BUFFER); } if (ret == 0) { /* Parameter B */ - ret = DataToHexStringAlloc(dataASN[6].data.ref.data, - dataASN[6].data.ref.length, - (char**)&curve->Bf, key->heap, - DYNAMIC_TYPE_ECC_BUFFER); + ret = DataToHexStringAlloc( + dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.length, + (char**)&curve->Bf, key->heap, DYNAMIC_TYPE_ECC_BUFFER); } if (ret == 0) { /* Order of curve */ - ret = DataToHexStringAlloc(dataASN[9].data.ref.data, - dataASN[9].data.ref.length, - (char**)&curve->order, key->heap, - DYNAMIC_TYPE_ECC_BUFFER); + ret = DataToHexStringAlloc( + dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.length, + (char**)&curve->order, key->heap, DYNAMIC_TYPE_ECC_BUFFER); } #else if (ret == 0) { @@ -26602,16 +27228,20 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz, /* Base Y-ordinate */ DataToHexString(base + 1 + curve->size, curve->size, curve->Gy); /* Prime */ - DataToHexString(dataASN[3].data.ref.data, dataASN[3].data.ref.length, + DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.length, curve->prime); /* Parameter A */ - DataToHexString(dataASN[5].data.ref.data, dataASN[5].data.ref.length, + DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.length, curve->Af); /* Parameter B */ - DataToHexString(dataASN[6].data.ref.data, dataASN[6].data.ref.length, + DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.length, curve->Bf); /* Order of curve */ - DataToHexString(dataASN[9].data.ref.data, dataASN[9].data.ref.length, + DataToHexString(dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.data, + dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.length, curve->order); } #endif /* WOLFSSL_ECC_CURVE_STATIC */ @@ -26643,21 +27273,31 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz, * SEC.1 Ver 2.0, C.4 - Syntax for Elliptic Curve Private Keys */ static const ASNItem eccKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* version */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, - /* privateKey */ -/* 2 */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, - /* parameters */ -/* 3 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, - /* named */ -/* 4 */ { 2, ASN_OBJECT_ID, 0, 0, 2 }, - /* specified */ -/* 5 */ { 2, ASN_SEQUENCE, 1, 0, 2 }, - /* publicKey */ -/* 6 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 1, 1 }, - /* Uncompressed point - X9.62. */ -/* 7 */ { 2, ASN_BIT_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* version */ +/* VER */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* privateKey */ +/* PKEY */ { 1, ASN_OCTET_STRING, 0, 0, 0 }, + /* parameters */ +/* PARAMS */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ECC_PARAMS, 1, 1, 1 }, + /* named */ +/* CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 2 }, + /* specified */ +/* CURVEPARAMS */ { 2, ASN_SEQUENCE, 1, 0, 2 }, + /* publicKey */ +/* PUBKEY */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ECC_PUBKEY, 1, 1, 1 }, + /* Uncompressed point - X9.62. */ +/* PUBKEY_VAL, */ { 2, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + ECCKEYASN_IDX_SEQ = 0, + ECCKEYASN_IDX_VER, + ECCKEYASN_IDX_PKEY, + ECCKEYASN_IDX_PARAMS, + ECCKEYASN_IDX_CURVEID, + ECCKEYASN_IDX_CURVEPARAMS, + ECCKEYASN_IDX_PUBKEY, + ECCKEYASN_IDX_PUBKEY_VAL, }; /* Number of items in ASN.1 template for ECC private key. */ @@ -26820,8 +27460,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, if (ret == 0) { /* Get the version and set the expected OID type. */ - GetASN_Int8Bit(&dataASN[1], &version); - GetASN_OID(&dataASN[4], oidCurveType); + GetASN_Int8Bit(&dataASN[ECCKEYASN_IDX_VER], &version); + GetASN_OID(&dataASN[ECCKEYASN_IDX_CURVEID], oidCurveType); /* Decode the private ECC key. */ ret = GetASN_Items(eccKeyASN, dataASN, eccKeyASN_Length, 1, input, inOutIdx, inSz); @@ -26831,10 +27471,10 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, ret = ASN_PARSE_E; } /* Curve Parameters are optional. */ - if ((ret == 0) && (dataASN[3].tag != 0)) { - if (dataASN[4].tag != 0) { + if ((ret == 0) && (dataASN[ECCKEYASN_IDX_PARAMS].tag != 0)) { + if (dataASN[ECCKEYASN_IDX_CURVEID].tag != 0) { /* Named curve - check and get id. */ - curve_id = CheckCurve(dataASN[4].data.oid.sum); + curve_id = CheckCurve(dataASN[ECCKEYASN_IDX_CURVEID].data.oid.sum); if (curve_id < 0) { ret = ECC_CURVE_OID_E; } @@ -26842,8 +27482,9 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, else { #ifdef WOLFSSL_CUSTOM_CURVES /* Parse explicit parameters. */ - ret = EccSpecifiedECDomainDecode(dataASN[5].data.ref.data, - dataASN[5].data.ref.length, key); + ret = EccSpecifiedECDomainDecode( + dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.data, + dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.length, key); #else /* Explicit parameters not supported in build configuration. */ ret = ASN_PARSE_E; @@ -26852,9 +27493,12 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, } if (ret == 0) { /* Import private key value and public point (may be NULL). */ - ret = wc_ecc_import_private_key_ex(dataASN[2].data.ref.data, - dataASN[2].data.ref.length, dataASN[7].data.ref.data, - dataASN[7].data.ref.length, key, curve_id); + ret = wc_ecc_import_private_key_ex( + dataASN[ECCKEYASN_IDX_PKEY].data.ref.data, + dataASN[ECCKEYASN_IDX_PKEY].data.ref.length, + dataASN[ECCKEYASN_IDX_PUBKEY_VAL].data.ref.data, + dataASN[ECCKEYASN_IDX_PUBKEY_VAL].data.ref.length, + key, curve_id); } FREE_ASNGETDATA(dataASN, key->heap); @@ -27184,11 +27828,11 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, DECL_ASNGETDATA(dataASN, eccKeyASN_Length); int ret = 0; int curve_id = ECC_CURVE_DEF; - int oidIdx = 3; + int oidIdx = ECCPUBLICKEYASN_IDX_ALGOID_CURVEID; #ifdef WOLFSSL_CUSTOM_CURVES - int specIdx = 4; + int specIdx = ECCPUBLICKEYASN_IDX_ALGOID_PARAMS; #endif - int pubIdx = 5; + int pubIdx = ECCPUBLICKEYASN_IDX_PUBKEY; if ((input == NULL) || (inOutIdx == NULL) || (key == NULL) || (inSz == 0)) { ret = BAD_FUNC_ARG; @@ -27200,17 +27844,18 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, /* Clear dynamic data for ECC public key. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * eccPublicKeyASN_Length); /* Set required ECDSA OID and ignore the curve OID type. */ - GetASN_ExpBuffer(&dataASN[2], keyEcdsaOid, sizeof(keyEcdsaOid)); + GetASN_ExpBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], keyEcdsaOid, + sizeof(keyEcdsaOid)); GetASN_OID(&dataASN[oidIdx], oidIgnoreType); /* Decode the public ECC key. */ ret = GetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length, 1, input, inOutIdx, inSz); if (ret != 0) { - oidIdx = 4; + oidIdx = ECCKEYASN_IDX_CURVEID; #ifdef WOLFSSL_CUSTOM_CURVES - specIdx = 5; + specIdx = ECCKEYASN_IDX_CURVEPARAMS; #endif - pubIdx = 7; + pubIdx = ECCKEYASN_IDX_PUBKEY_VAL; /* Clear dynamic data for ECC private key. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * eccKeyASN_Length); @@ -27466,26 +28111,28 @@ static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen, } if (ret == 0) { /* Version: 1 */ - SetASN_Int8Bit(&dataASN[1], 1); + SetASN_Int8Bit(&dataASN[ECCKEYASN_IDX_VER], 1); /* Leave space for private key. */ - SetASN_Buffer(&dataASN[2], NULL, privSz); + SetASN_Buffer(&dataASN[ECCKEYASN_IDX_PKEY], NULL, privSz); if (curveIn) { /* Curve OID */ - SetASN_Buffer(&dataASN[4], key->dp->oid, key->dp->oidSz); + SetASN_Buffer(&dataASN[ECCKEYASN_IDX_CURVEID], key->dp->oid, + key->dp->oidSz); + /* TODO: add support for SpecifiedECDomain curve. */ + dataASN[ECCKEYASN_IDX_CURVEPARAMS].noOut = 1; } else { - dataASN[3].noOut = 1; - dataASN[4].noOut = 1; + SetASNItem_NoOutNode(dataASN, eccKeyASN, ECCKEYASN_IDX_PARAMS, + eccKeyASN_Length); } - /* TODO: add support for SpecifiedECDomain curve. */ - dataASN[5].noOut = 1; if (pubIn) { /* Leave space for public key. */ - SetASN_Buffer(&dataASN[7], NULL, pubSz); + SetASN_Buffer(&dataASN[ECCKEYASN_IDX_PUBKEY_VAL], NULL, pubSz); } else { /* Don't write out public key. */ - dataASN[6].noOut = dataASN[7].noOut = 1; + SetASNItem_NoOutNode(dataASN, eccKeyASN, ECCKEYASN_IDX_PUBKEY, + eccKeyASN_Length); } /* Calculate size of the private key encoding. */ ret = SizeASN_Items(eccKeyASN, dataASN, eccKeyASN_Length, &sz); @@ -27505,11 +28152,12 @@ static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen, /* Export the private value into the buffer. */ ret = wc_ecc_export_private_only(key, - (byte*)dataASN[2].data.buffer.data, &privSz); + (byte*)dataASN[ECCKEYASN_IDX_PKEY].data.buffer.data, &privSz); if ((ret == 0) && pubIn) { /* Export the public point into the buffer. */ PRIVATE_KEY_UNLOCK(); - ret = wc_ecc_export_x963(key, (byte*)dataASN[7].data.buffer.data, + ret = wc_ecc_export_x963(key, + (byte*)dataASN[ECCKEYASN_IDX_PUBKEY_VAL].data.buffer.data, &pubSz); PRIVATE_KEY_LOCK(); } @@ -27674,22 +28322,33 @@ int wc_EccKeyToPKCS8(ecc_key* key, byte* output, * RFC 8410, 7 - Private Key Format (but public value is EXPLICIT OCTET_STRING) */ static const ASNItem edKeyASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* Version */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, - /* privateKeyAlgorithm */ -/* 2 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 1 }, - /* privateKey */ -/* 4 */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, - /* CurvePrivateKey */ -/* 5 */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, - /* attributes */ -/* 6 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, - /* publicKey */ -/* 7 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 1, 1 }, - /* Public value */ -/* 8 */ { 2, ASN_OCTET_STRING, 0, 0, 0 } +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* Version */ +/* VER */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* privateKeyAlgorithm */ +/* PKEYALGO_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* PKEYALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 1 }, + /* privateKey */ +/* PKEY */ { 1, ASN_OCTET_STRING, 0, 1, 0 }, + /* CurvePrivateKey */ +/* PKEY_CURVEPKEY */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, + /* attributes */ +/* ATTRS */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_ATTRS, 1, 1, 1 }, + /* publicKey */ +/* PUBKEY */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY, 1, 1, 1 }, + /* Public value */ +/* PUBKEY_VAL */ { 2, ASN_OCTET_STRING, 0, 0, 0 } +}; +enum { + EDKEYASN_IDX_SEQ = 0, + EDKEYASN_IDX_VER, + EDKEYASN_IDX_PKEYALGO_SEQ, + EDKEYASN_IDX_PKEYALGO_OID, + EDKEYASN_IDX_PKEY, + EDKEYASN_IDX_PKEY_CURVEPKEY, + EDKEYASN_IDX_ATTRS, + EDKEYASN_IDX_PUBKEY, + EDKEYASN_IDX_PUBKEY_VAL, }; /* Number of items in ASN.1 template for Ed25519 and Ed448 private key. */ @@ -27795,41 +28454,46 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz, /* Require OID. */ word32 oidSz; const byte* oid = OidFromId(keyType, oidKeyType, &oidSz); - GetASN_ExpBuffer(&dataASN[3], oid, oidSz); + GetASN_ExpBuffer(&dataASN[EDKEYASN_IDX_PKEYALGO_OID], oid, oidSz); /* Parse full private key. */ ret = GetASN_Items(edKeyASN, dataASN, edKeyASN_Length, 1, input, inOutIdx, inSz); if (ret != 0) { /* Parse just the OCTET_STRING. */ - ret = GetASN_Items(&edKeyASN[5], &dataASN[5], 1, 0, input, inOutIdx, - inSz); + ret = GetASN_Items(&edKeyASN[EDKEYASN_IDX_PKEY_CURVEPKEY], + &dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY], 1, 0, input, + inOutIdx, inSz); if (ret != 0) { ret = ASN_PARSE_E; } } } /* Check the private value length is correct. */ - if ((ret == 0) && dataASN[5].data.ref.length > *privKeyLen) { + if ((ret == 0) && dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.length + > *privKeyLen) { ret = ASN_PARSE_E; } - if ((ret == 0) && dataASN[7].tag == 0) { - *privKeyLen = dataASN[5].data.ref.length; - XMEMCPY(privKey, dataASN[5].data.ref.data, *privKeyLen); + if ((ret == 0) && dataASN[EDKEYASN_IDX_PUBKEY].tag == 0) { + *privKeyLen = dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.length; + XMEMCPY(privKey, dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.data, + *privKeyLen); if (pubKeyLen != NULL) *pubKeyLen = 0; } else if ((ret == 0) && - (dataASN[8].data.ref.length > *pubKeyLen)) { + (dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.ref.length > *pubKeyLen)) { ret = ASN_PARSE_E; } else if (ret == 0) { /* Import private and public value. */ - *privKeyLen = dataASN[5].data.ref.length; - XMEMCPY(privKey, dataASN[5].data.ref.data, *privKeyLen); + *privKeyLen = dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.length; + XMEMCPY(privKey, dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.data, + *privKeyLen); if (pubKeyLen != NULL) - *pubKeyLen = dataASN[8].data.ref.length; + *pubKeyLen = dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.ref.length; if (pubKey != NULL && pubKeyLen != NULL) - XMEMCPY(pubKey, dataASN[8].data.ref.data, *pubKeyLen); + XMEMCPY(pubKey, dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.ref.data, + *pubKeyLen); } FREE_ASNGETDATA(dataASN, NULL); @@ -27892,7 +28556,7 @@ static int DecodeAsymKeyPublic(const byte* input, word32* inOutIdx, word32 inSz, word32 oidSz; const byte* oid = OidFromId(keyType, oidKeyType, &oidSz); - GetASN_ExpBuffer(&dataASN[2], oid, oidSz); + GetASN_ExpBuffer(&dataASN[EDPUBKEYASN_IDX_ALGOID_OID], oid, oidSz); /* Decode Ed25519 private key. */ ret = GetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, 1, input, inOutIdx, inSz); @@ -27903,16 +28567,19 @@ static int DecodeAsymKeyPublic(const byte* input, word32* inOutIdx, word32 inSz, ret = ASN_PARSE_E; } /* Check the public value length is correct. */ - if ((ret == 0) && (dataASN[3].data.ref.length > *pubKeyLen)) { + if ((ret == 0) && + (dataASN[EDPUBKEYASN_IDX_PUBKEY].data.ref.length > *pubKeyLen)) { ret = ASN_PARSE_E; } /* Check that the all the buffer was used. */ - if ((ret == 0) && (GetASNItem_Length(dataASN[0], input) != len)) { + if ((ret == 0) && + (GetASNItem_Length(dataASN[EDPUBKEYASN_IDX_SEQ], input) != len)) { ret = ASN_PARSE_E; } if (ret == 0) { - *pubKeyLen = dataASN[3].data.ref.length; - XMEMCPY(pubKey, dataASN[3].data.ref.data, *pubKeyLen); + *pubKeyLen = dataASN[EDPUBKEYASN_IDX_PUBKEY].data.ref.length; + XMEMCPY(pubKey, dataASN[EDPUBKEYASN_IDX_PUBKEY].data.ref.data, + *pubKeyLen); } FREE_ASNGETDATA(dataASN, NULL); @@ -28092,20 +28759,21 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, if (ret == 0) { /* Set version = 0 */ - SetASN_Int8Bit(&dataASN[1], 0); + SetASN_Int8Bit(&dataASN[EDKEYASN_IDX_VER], 0); /* Set OID. */ - SetASN_OID(&dataASN[3], keyType, oidKeyType); + SetASN_OID(&dataASN[EDKEYASN_IDX_PKEYALGO_OID], keyType, oidKeyType); /* Leave space for private key. */ - SetASN_Buffer(&dataASN[5], NULL, privKeyLen); + SetASN_Buffer(&dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY], NULL, privKeyLen); /* Don't write out attributes. */ - dataASN[6].noOut = 1; + dataASN[EDKEYASN_IDX_ATTRS].noOut = 1; if (pubKey) { /* Leave space for public key. */ - SetASN_Buffer(&dataASN[8], NULL, pubKeyLen); + SetASN_Buffer(&dataASN[EDKEYASN_IDX_PUBKEY_VAL], NULL, pubKeyLen); } else { /* Don't put out public part. */ - dataASN[7].noOut = dataASN[8].noOut = 1; + SetASNItem_NoOutNode(dataASN, edKeyASN, EDKEYASN_IDX_PUBKEY, + edKeyASN_Length); } /* Calculate the size of encoding. */ @@ -28121,11 +28789,13 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, SetASN_Items(edKeyASN, dataASN, edKeyASN_Length, output); /* Put private value into space provided. */ - XMEMCPY((byte*)dataASN[5].data.buffer.data, privKey, privKeyLen); + XMEMCPY((byte*)dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.buffer.data, + privKey, privKeyLen); if (pubKey != NULL) { /* Put public value into space provided. */ - XMEMCPY((byte*)dataASN[8].data.buffer.data, pubKey, pubKeyLen); + XMEMCPY((byte*)dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.buffer.data, + pubKey, pubKeyLen); } /* Return size of encoding. */ @@ -28538,40 +29208,60 @@ static int GetEnumerated(const byte* input, word32* inOutIdx, int *value, * RFC 6960, 4.2.1 - ASN.1 Specification of the OCSP Response */ static const ASNItem singleResponseASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* certId */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* hashAlgorithm */ -/* 2 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, -/* 3 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, -/* 4 */ { 3, ASN_TAG_NULL, 0, 0, 1 }, - /* issuerNameHash */ -/* 5 */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, - /* issuerKeyHash */ -/* 6 */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, - /* serialNumber */ -/* 7 */ { 2, ASN_INTEGER, 0, 0, 0 }, - /* certStatus - CHOICE */ - /* good [0] IMPLICIT NULL */ -/* 8 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 2 }, - /* revoked [1] IMPLICIT RevokedInfo */ -/* 9 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 1, 2 }, - /* revocationTime */ -/* 10 */ { 2, ASN_GENERALIZED_TIME, 0, 0, 0 }, - /* revocationReason [0] EXPLICIT CRLReason OPTIONAL */ -/* 11 */ { 2, ASN_CONTEXT_SPECIFIC | 0, 0, 1, 1 }, - /* crlReason */ -/* 12 */ { 3, ASN_ENUMERATED, 0, 0, 0 }, - /* unknown [2] IMPLICIT UnknownInfo ::= NULL */ -/* 13 */ { 1, ASN_CONTEXT_SPECIFIC | 2, 0, 0, 2 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* certId */ +/* CID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* hashAlgorithm */ +/* CID_HASHALGO_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, +/* CID_HASHALGO_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, +/* CID_HASHALGO_NULL */ { 3, ASN_TAG_NULL, 0, 0, 1 }, + /* issuerNameHash */ +/* CID_ISSUERHASH */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, + /* issuerKeyHash */ +/* CID_ISSUERKEYHASH */ { 2, ASN_OCTET_STRING, 0, 0, 0 }, + /* serialNumber */ +/* CID_SERIAL */ { 2, ASN_INTEGER, 0, 0, 0 }, + /* certStatus - CHOICE */ + /* good [0] IMPLICIT NULL */ +/* CS_GOOD */ { 1, ASN_CONTEXT_SPECIFIC | 0, 0, 0, 2 }, + /* revoked [1] IMPLICIT RevokedInfo */ +/* CS_REVOKED */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 1, 2 }, + /* revocationTime */ +/* CS_REVOKED_TIME */ { 2, ASN_GENERALIZED_TIME, 0, 0, 0 }, + /* revocationReason [0] EXPLICIT CRLReason OPTIONAL */ +/* CS_REVOKED_REASON */ { 2, ASN_CONTEXT_SPECIFIC | 0, 0, 1, 1 }, + /* crlReason */ +/* CS_REVOKED_REASON_VAL */ { 3, ASN_ENUMERATED, 0, 0, 0 }, + /* unknown [2] IMPLICIT UnknownInfo ::= NULL */ +/* UNKNOWN */ { 1, ASN_CONTEXT_SPECIFIC | 2, 0, 0, 2 }, - /* thisUpdate */ -/* 14 */ { 1, ASN_GENERALIZED_TIME, 0, 0, 0 }, - /* nextUpdate */ -/* 15 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, -/* 16 */ { 2, ASN_GENERALIZED_TIME, 0, 0, 0 }, - /* singleExtensions */ -/* 17 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, + /* thisUpdate */ +/* THISUPDATE_GT */ { 1, ASN_GENERALIZED_TIME, 0, 0, 0 }, + /* nextUpdate */ +/* NEXTUPDATE */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, +/* NEXTUPDATE_GT */ { 2, ASN_GENERALIZED_TIME, 0, 0, 0 }, + /* singleExtensions */ +/* EXT */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 }, +}; +enum { + SINGLERESPONSEASN_IDX_SEQ = 0, + SINGLERESPONSEASN_IDX_CID_SEQ, + SINGLERESPONSEASN_IDX_CID_HASHALGO_SEQ, + SINGLERESPONSEASN_IDX_CID_HASHALGO_OID, + SINGLERESPONSEASN_IDX_CID_HASHALGO_NULL, + SINGLERESPONSEASN_IDX_CID_ISSUERHASH, + SINGLERESPONSEASN_IDX_CID_ISSUERKEYHASH, + SINGLERESPONSEASN_IDX_CID_SERIAL, + SINGLERESPONSEASN_IDX_CS_GOOD, + SINGLERESPONSEASN_IDX_CS_REVOKED, + SINGLERESPONSEASN_IDX_CS_REVOKED_TIME, + SINGLERESPONSEASN_IDX_CS_REVOKED_REASON, + SINGLERESPONSEASN_IDX_CS_REVOKED_REASON_VAL, + SINGLERESPONSEASN_IDX_UNKNOWN, + SINGLERESPONSEASN_IDX_THISUPDATE_GT, + SINGLERESPONSEASN_IDX_NEXTUPDATE, + SINGLERESPONSEASN_IDX_NEXTUPDATE_GT, + SINGLERESPONSEASN_IDX_EXT, }; /* Number of items in ASN.1 template for OCSP single response. */ @@ -28753,12 +29443,18 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, nextDateLen = MAX_DATE_SIZE; /* Set OID type, buffers to hold data and variables to hold size. */ - GetASN_OID(&dataASN[3], oidHashType); - GetASN_Buffer(&dataASN[5], single->issuerHash, &issuerHashLen); - GetASN_Buffer(&dataASN[6], single->issuerKeyHash, &issuerKeyHashLen); - GetASN_Buffer(&dataASN[7], cs->serial, &serialSz); - GetASN_Buffer(&dataASN[14], cs->thisDate, &thisDateLen); - GetASN_Buffer(&dataASN[16], cs->nextDate, &nextDateLen); + GetASN_OID(&dataASN[SINGLERESPONSEASN_IDX_CID_HASHALGO_OID], + oidHashType); + GetASN_Buffer(&dataASN[SINGLERESPONSEASN_IDX_CID_ISSUERHASH], + single->issuerHash, &issuerHashLen); + GetASN_Buffer(&dataASN[SINGLERESPONSEASN_IDX_CID_ISSUERKEYHASH], + single->issuerKeyHash, &issuerKeyHashLen); + GetASN_Buffer(&dataASN[SINGLERESPONSEASN_IDX_CID_SERIAL], cs->serial, + &serialSz); + GetASN_Buffer(&dataASN[SINGLERESPONSEASN_IDX_THISUPDATE_GT], + cs->thisDate, &thisDateLen); + GetASN_Buffer(&dataASN[SINGLERESPONSEASN_IDX_NEXTUPDATE_GT], + cs->nextDate, &nextDateLen); /* TODO: decode revoked time and reason. */ /* Decode OCSP single response. */ ret = GetASN_Items(singleResponseASN, dataASN, singleResponseASN_Length, @@ -28777,13 +29473,13 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, cs->serialSz = serialSz; /* Determine status by which item was found. */ - if (dataASN[8].tag != 0) { + if (dataASN[SINGLERESPONSEASN_IDX_CS_GOOD].tag != 0) { cs->status = CERT_GOOD; } - if (dataASN[9].tag != 0) { + if (dataASN[SINGLERESPONSEASN_IDX_CS_REVOKED].tag != 0) { cs->status = CERT_REVOKED; } - if (dataASN[13].tag != 0) { + if (dataASN[SINGLERESPONSEASN_IDX_UNKNOWN].tag != 0) { cs->status = CERT_UNKNOWN; } @@ -28800,14 +29496,16 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) /* Store ASN.1 version of thisDate. */ - cs->thisDateAsn = GetASNItem_Addr(dataASN[14], source); + cs->thisDateAsn = GetASNItem_Addr( + dataASN[SINGLERESPONSEASN_IDX_THISUPDATE_GT], source); at = &cs->thisDateParsed; at->type = ASN_GENERALIZED_TIME; XMEMCPY(at->data, cs->thisDate, thisDateLen); at->length = thisDateLen; #endif } - if ((ret == 0) && (dataASN[16].tag != 0)) { + if ((ret == 0) && + (dataASN[SINGLERESPONSEASN_IDX_NEXTUPDATE_GT].tag != 0)) { /* Store the nextDate format - only one possible. */ cs->nextDateFormat = ASN_GENERALIZED_TIME; #if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_OCSP_DATE_CHECK) @@ -28816,12 +29514,14 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, ret = ASN_AFTER_DATE_E; } } - if ((ret == 0) && (dataASN[16].tag != 0)) { + if ((ret == 0) && + (dataASN[SINGLERESPONSEASN_IDX_NEXTUPDATE_GT].tag != 0)) { #endif #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY) /* Store ASN.1 version of thisDate. */ - cs->nextDateAsn = GetASNItem_Addr(dataASN[16], source); + cs->nextDateAsn = GetASNItem_Addr( + dataASN[SINGLERESPONSEASN_IDX_NEXTUPDATE_GT], source); at = &cs->nextDateParsed; at->type = ASN_GENERALIZED_TIME; XMEMCPY(at->data, cs->nextDate, nextDateLen); @@ -28843,10 +29543,14 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size, * RFC 6960, 4.2.1 - ASN.1 Specification of the OCSP Response */ static const ASNItem respExtHdrASN[] = { - /* responseExtensions */ -/* 0 */ { 0, ASN_CONTEXT_SPECIFIC | 1, 1, 1, 0 }, - /* extensions */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* responseExtensions */ +/* EXT */ { 0, ASN_CONTEXT_SPECIFIC | 1, 1, 1, 0 }, + /* extensions */ +/* EXT_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +}; +enum { + RESPEXTHDRASN_IDX_EXT = 0, + RESPEXTHDRASN_IDX_EXT_SEQ, }; /* Number of items in ASN.1 template for OCSP response extension header. */ @@ -28939,29 +29643,30 @@ static int DecodeOcspRespExtensions(byte* source, word32* ioIndex, WOLFSSL_ENTER("DecodeOcspRespExtensions"); - ALLOC_ASNGETDATA(dataASN, certExtASN_Length, ret, resp->heap); + CALLOC_ASNGETDATA(dataASN, certExtASN_Length, ret, resp->heap); - /* Check for header and move past. */ - XMEMSET(dataASN, 0, sizeof(*dataASN) * respExtHdrASN_Length); - ret = GetASN_Items(respExtHdrASN, dataASN, respExtHdrASN_Length, 0, - source, &idx, sz); + if (ret == 0) { + /* Check for header and move past. */ + ret = GetASN_Items(respExtHdrASN, dataASN, respExtHdrASN_Length, 0, + source, &idx, sz); + } if (ret == 0) { /* Keep end extensions index for total length check. */ - maxIdx = idx + dataASN[1].length; + maxIdx = idx + dataASN[RESPEXTHDRASN_IDX_EXT_SEQ].length; } /* Step through all extensions. */ while ((ret == 0) && (idx < maxIdx)) { /* Clear dynamic data, set OID type to expect. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length); - GetASN_OID(&dataASN[1], oidOcspType); + GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidOcspType); /* TODO: check criticality. */ /* Decode OCSP response extension. */ ret = GetASN_Items(certExtASN, dataASN, certExtASN_Length, 0, source, &idx, sz); if (ret == 0) { - word32 oid = dataASN[1].data.oid.sum; - int length = dataASN[3].length; + word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum; + int length = dataASN[CERTEXTASN_IDX_VAL].length; if (oid == OCSP_NONCE_OID) { /* Extract nonce data. */ @@ -28993,20 +29698,30 @@ static int DecodeOcspRespExtensions(byte* source, word32* ioIndex, * RFC 6960, 4.2.1 - ASN.1 Specification of the OCSP Response */ static const ASNItem ocspRespDataASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* version DEFAULT v1 */ -/* 1 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, -/* 2 */ { 2, ASN_INTEGER, 1, 0, 0 }, - /* byName */ -/* 3 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 2 }, - /* byKey */ -/* 4 */ { 1, ASN_CONTEXT_SPECIFIC | 2, 1, 0, 2 }, - /* producedAt */ -/* 5 */ { 1, ASN_GENERALIZED_TIME, 0, 0, 0, }, - /* responses */ -/* 6 */ { 1, ASN_SEQUENCE, 1, 0, 0 }, - /* responseExtensions */ -/* 7 */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 } +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* version DEFAULT v1 */ +/* VER_PRESENT */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, +/* VER */ { 2, ASN_INTEGER, 1, 0, 0 }, + /* byName */ +/* BYNAME */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 2 }, + /* byKey */ +/* BYKEY */ { 1, ASN_CONTEXT_SPECIFIC | 2, 1, 0, 2 }, + /* producedAt */ +/* PA */ { 1, ASN_GENERALIZED_TIME, 0, 0, 0, }, + /* responses */ +/* RESP */ { 1, ASN_SEQUENCE, 1, 0, 0 }, + /* responseExtensions */ +/* RESPEXT */ { 1, ASN_CONTEXT_SPECIFIC | 1, 1, 0, 1 } +}; +enum { + OCSPRESPDATAASN_IDX_SEQ = 0, + OCSPRESPDATAASN_IDX_VER_PRESENT, + OCSPRESPDATAASN_IDX_VER, + OCSPRESPDATAASN_IDX_BYNAME, + OCSPRESPDATAASN_IDX_BYKEY, + OCSPRESPDATAASN_IDX_PA, + OCSPRESPDATAASN_IDX_RESP, + OCSPRESPDATAASN_IDX_RESPEXT, }; /* Number of items in ASN.1 template for OCSP ResponseData. */ @@ -29127,8 +29842,9 @@ static int DecodeResponseData(byte* source, word32* ioIndex, dateSz = MAX_DATE_SIZE; /* Set the where to put version an produced date. */ - GetASN_Int8Bit(&dataASN[2], &version); - GetASN_Buffer(&dataASN[5], resp->producedDate, &dateSz); + GetASN_Int8Bit(&dataASN[OCSPRESPDATAASN_IDX_VER], &version); + GetASN_Buffer(&dataASN[OCSPRESPDATAASN_IDX_PA], resp->producedDate, + &dateSz); /* Decode the ResponseData. */ ret = GetASN_Items(ocspRespDataASN, dataASN, ocspRespDataASN_Length, 1, source, ioIndex, size); @@ -29146,14 +29862,14 @@ static int DecodeResponseData(byte* source, word32* ioIndex, /* Store size of response. */ resp->responseSz = *ioIndex - idx; /* Store date format/tag. */ - resp->producedDateFormat = dataASN[5].tag; + resp->producedDateFormat = dataASN[OCSPRESPDATAASN_IDX_PA].tag; /* Get the index of the responses SEQUENCE. */ - idx = GetASNItem_DataIdx(dataASN[6], source); + idx = GetASNItem_DataIdx(dataASN[OCSPRESPDATAASN_IDX_RESP], source); /* Start with the pre-existing OcspEntry. */ single = resp->single; } - while ((ret == 0) && (idx < dataASN[7].offset)) { + while ((ret == 0) && (idx < dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset)) { /* Allocate and use a new OCSP entry if this is used. */ if (single->used) { single->next = (OcspEntry*)XMALLOC(sizeof(OcspEntry), resp->heap, @@ -29184,16 +29900,18 @@ static int DecodeResponseData(byte* source, word32* ioIndex, } if (ret == 0) { /* Decode SingleResponse into OcspEntry. */ - ret = DecodeSingleResponse(source, &idx, dataASN[7].offset, - dataASN[6].length, single); + ret = DecodeSingleResponse(source, &idx, + dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset, + dataASN[OCSPRESPDATAASN_IDX_RESP].length, single); /* single->used set on successful decode. */ } } /* Check if there were extensions. */ - if ((ret == 0) && (dataASN[7].data.buffer.data != NULL)) { + if ((ret == 0) && + (dataASN[OCSPRESPDATAASN_IDX_RESPEXT].data.buffer.data != NULL)) { /* Get index of [1] */ - idx = dataASN[7].offset; + idx = dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset; /* Decode the response extensions. */ if (DecodeOcspRespExtensions(source, &idx, resp, *ioIndex) < 0) { ret = ASN_PARSE_E; @@ -29247,18 +29965,28 @@ static int DecodeCerts(byte* source, * RFC 6960, 4.2.1 - ASN.1 Specification of the OCSP Response */ static const ASNItem ocspBasicRespASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* tbsResponseData */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 0, 0, }, - /* signatureAlgorithm */ -/* 2 */ { 1, ASN_SEQUENCE, 1, 1, 0, }, -/* 3 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 4 */ { 2, ASN_TAG_NULL, 0, 0, 1 }, - /* signature */ -/* 5 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, - /* certs */ -/* 6 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, -/* 7 */ { 2, ASN_SEQUENCE, 1, 0, 0, }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* tbsResponseData */ +/* TBS_SEQ */ { 1, ASN_SEQUENCE, 1, 0, 0, }, + /* signatureAlgorithm */ +/* SIGALGO */ { 1, ASN_SEQUENCE, 1, 1, 0, }, +/* SIGALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* SIGALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 1 }, + /* signature */ +/* SIGNATURE */ { 1, ASN_BIT_STRING, 0, 0, 0 }, + /* certs */ +/* CERTS */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, +/* CERTS_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 0, }, +}; +enum { + OCSPBASICRESPASN_IDX_SEQ = 0, + OCSPBASICRESPASN_IDX_TBS_SEQ, + OCSPBASICRESPASN_IDX_SIGALGO, + OCSPBASICRESPASN_IDX_SIGALGO_OID, + OCSPBASICRESPASN_IDX_SIGALGO_NULL, + OCSPBASICRESPASN_IDX_SIGNATURE, + OCSPBASICRESPASN_IDX_CERTS, + OCSPBASICRESPASN_IDX_CERTS_SEQ, }; /* Number of items in ASN.1 template for BasicOCSPResponse. */ @@ -29405,7 +30133,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, if (ret == 0) { /* Set expecting signature OID. */ - GetASN_OID(&dataASN[3], oidSigType); + GetASN_OID(&dataASN[OCSPBASICRESPASN_IDX_SIGALGO_OID], oidSigType); /* Decode BasicOCSPResponse. */ ret = GetASN_Items(ocspBasicRespASN, dataASN, ocspBasicRespASN_Length, 1, source, &idx, size); @@ -29413,21 +30141,27 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, if (ret == 0) { word32 dataIdx = 0; /* Decode the response data. */ - if (DecodeResponseData(GetASNItem_Addr(dataASN[1], source), &dataIdx, - resp, GetASNItem_Length(dataASN[1], source)) < 0) { + if (DecodeResponseData( + GetASNItem_Addr(dataASN[OCSPBASICRESPASN_IDX_TBS_SEQ], source), + &dataIdx, resp, + GetASNItem_Length(dataASN[OCSPBASICRESPASN_IDX_TBS_SEQ], source) + ) < 0) { ret = ASN_PARSE_E; } } if (ret == 0) { /* Get the signature OID and signature. */ - resp->sigOID = dataASN[3].data.oid.sum; - GetASN_GetRef(&dataASN[5], &resp->sig, &resp->sigSz); + resp->sigOID = dataASN[OCSPBASICRESPASN_IDX_SIGALGO_OID].data.oid.sum; + GetASN_GetRef(&dataASN[OCSPBASICRESPASN_IDX_SIGNATURE], &resp->sig, + &resp->sigSz); } #ifndef WOLFSSL_NO_OCSP_OPTIONAL_CERTS - if ((ret == 0) && (dataASN[7].data.ref.data != NULL)) { + if ((ret == 0) && + (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) { /* TODO: support more than one certificate. */ /* Store reference to certificate BER data. */ - GetASN_GetRef(&dataASN[7], &resp->cert, &resp->certSz); + GetASN_GetRef(&dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ], &resp->cert, + &resp->certSz); /* Allocate a certificate object to decode cert into. */ #ifdef WOLFSSL_SMALL_STACK @@ -29437,7 +30171,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, ret = MEMORY_E; } } - if ((ret == 0) && (dataASN[7].data.ref.data != NULL)) { + if ((ret == 0) && + (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) { #endif /* Initialize the crtificate object. */ InitDecodedCert(cert, resp->cert, resp->certSz, heap); @@ -29450,7 +30185,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, WOLFSSL_MSG("\tOCSP Responder certificate parsing failed"); } } - if ((ret == 0) && (dataASN[7].data.ref.data != NULL)) { + if ((ret == 0) && + (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) { /* TODO: ConfirmSignature is blocking here */ /* Check the signature of the response. */ ret = ConfirmSignature(&cert->sigCtx, resp->response, resp->responseSz, @@ -29461,7 +30197,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex, ret = ASN_OCSP_CONFIRM_E; } } - if ((ret == 0) && (dataASN[7].data.ref.data == NULL)) + if ((ret == 0) && + (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data == NULL)) #else if (ret == 0) #endif /* WOLFSSL_NO_OCSP_OPTIONAL_CERTS */ @@ -29549,18 +30286,31 @@ void FreeOcspResponse(OcspResponse* resp) * RFC 6960, 4.2.1 - ASN.1 Specification of the OCSP Response */ static const ASNItem ocspResponseASN[] = { - /* OCSPResponse ::= SEQUENCE */ -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* responseStatus OCSPResponseStatus */ -/* 1 */ { 1, ASN_ENUMERATED, 0, 0, 0, }, - /* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL */ -/* 2 */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, - /* ResponseBytes ::= SEQUENCE */ -/* 3 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* responseType OBJECT IDENTIFIER */ -/* 4 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, - /* response OCTET STRING */ -/* 5 */ { 3, ASN_OCTET_STRING, 0, 0, 0 }, + /* OCSPResponse ::= SEQUENCE */ +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* responseStatus OCSPResponseStatus */ +/* STATUS */ { 1, ASN_ENUMERATED, 0, 0, 0, }, + /* responseBytes [0] EXPLICIT ResponseBytes OPTIONAL */ +/* BYTES */ { 1, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, + /* ResponseBytes ::= SEQUENCE */ +/* BYTES_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* responseType OBJECT IDENTIFIER */ +/* BYTES_TYPE */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, + /* response OCTET STRING */ +/* BYTES_VAL */ { 3, ASN_OCTET_STRING, 0, 0, 0 }, +}; +enum { + OCSPRESPONSEASN_IDX_SEQ = 0, + + OCSPRESPONSEASN_IDX_STATUS, + + OCSPRESPONSEASN_IDX_BYTES, + + OCSPRESPONSEASN_IDX_BYTES_SEQ, + + OCSPRESPONSEASN_IDX_BYTES_TYPE, + + OCSPRESPONSEASN_IDX_BYTES_VAL, }; /* Number of items in ASN.1 template for OCSPResponse. */ @@ -29659,8 +30409,8 @@ int OcspResponseDecode(OcspResponse* resp, void* cm, void* heap, int noVerify) if (ret == 0) { /* Set variable to put status in and expect OCSP OID. */ - GetASN_Int8Bit(&dataASN[1], &status); - GetASN_OID(&dataASN[4], oidOcspType); + GetASN_Int8Bit(&dataASN[OCSPRESPONSEASN_IDX_STATUS], &status); + GetASN_OID(&dataASN[OCSPRESPONSEASN_IDX_BYTES_TYPE], oidOcspType); /* Decode OCSPResponse (and ResponseBytes). */ ret = GetASN_Items(ocspResponseASN, dataASN, ocspResponseASN_Length, 1, source, &idx, size); @@ -29668,9 +30418,11 @@ int OcspResponseDecode(OcspResponse* resp, void* cm, void* heap, int noVerify) if (ret == 0) { /* Get response. */ resp->responseStatus = status; - if (dataASN[4].data.oid.sum == OCSP_BASIC_OID) { + if (dataASN[OCSPRESPONSEASN_IDX_BYTES_TYPE].data.oid.sum + == OCSP_BASIC_OID) { /* Get reference to BasicOCSPResponse. */ - GetASN_GetRef(&dataASN[5], &basic, &basicSz); + GetASN_GetRef(&dataASN[OCSPRESPONSEASN_IDX_BYTES_VAL], &basic, + &basicSz); idx = 0; /* Decode BasicOCSPResponse. */ ret = DecodeBasicOcspResponse(basic, &idx, resp, basicSz, cm, heap, @@ -29694,16 +30446,23 @@ int OcspResponseDecode(OcspResponse* resp, void* cm, void* heap, int noVerify) * X.509: RFC 5280, 4.1 - Basic Certificate Fields. (Extension) */ static const ASNItem ocspNonceExtASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* Extension */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* extnId */ -/* 2 */ {2, ASN_OBJECT_ID, 0, 0, 0 }, - /* critcal not encoded. */ - /* extnValue */ -/* 3 */ {2, ASN_OCTET_STRING, 0, 1, 0 }, - /* nonce */ -/* 4 */ {3, ASN_OCTET_STRING, 0, 0, 0 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* Extension */ +/* EXT */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* extnId */ +/* EXT_OID */ {2, ASN_OBJECT_ID, 0, 0, 0 }, + /* critcal not encoded. */ + /* extnValue */ +/* EXT_VAL */ {2, ASN_OCTET_STRING, 0, 1, 0 }, + /* nonce */ +/* EXT_NONCE */ {3, ASN_OCTET_STRING, 0, 0, 0 }, +}; +enum { + OCSPNONCEEXTASN_IDX_SEQ = 0, + OCSPNONCEEXTASN_IDX_EXT, + OCSPNONCEEXTASN_IDX_EXT_OID, + OCSPNONCEEXTASN_IDX_EXT_VAL, + OCSPNONCEEXTASN_IDX_EXT_NONCE, }; /* Number of items in ASN.1 template for OCSP nonce extension. */ @@ -29770,8 +30529,10 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size) CALLOC_ASNSETDATA(dataASN, ocspNonceExtASN_Length, ret, req->heap); /* Set nonce extension OID and nonce. */ - SetASN_Buffer(&dataASN[2], NonceObjId, sizeof(NonceObjId)); - SetASN_Buffer(&dataASN[4], req->nonce, req->nonceSz); + SetASN_Buffer(&dataASN[OCSPNONCEEXTASN_IDX_EXT_OID], NonceObjId, + sizeof(NonceObjId)); + SetASN_Buffer(&dataASN[OCSPNONCEEXTASN_IDX_EXT_NONCE], req->nonce, + req->nonceSz); /* Calculate size of nonce extension. */ ret = SizeASN_Items(ocspNonceExtASN, dataASN, ocspNonceExtASN_Length, &sz); @@ -29802,30 +30563,43 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size) * RFC 6960, 4.1.1 - ASN.1 Specification of the OCSP Request */ static const ASNItem ocspRequestASN[] = { - /* OCSPRequest */ -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* tbsRequest */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* version not written - v1 */ - /* requestorName not written */ - /* requestList */ -/* 2 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, - /* Request */ -/* 3 */ { 3, ASN_SEQUENCE, 1, 1, 0 }, - /* reqCert */ -/* 4 */ { 4, ASN_SEQUENCE, 1, 1, 0 }, - /* hashAlgorithm */ -/* 5 */ { 5, ASN_SEQUENCE, 1, 1, 0 }, -/* 6 */ { 6, ASN_OBJECT_ID, 0, 0, 0 }, - /* issuerNameHash */ -/* 7 */ { 5, ASN_OCTET_STRING, 0, 0, 0 }, - /* issuerKeyHash */ -/* 8 */ { 5, ASN_OCTET_STRING, 0, 0, 0 }, - /* serialNumber */ -/* 9 */ { 5, ASN_INTEGER, 0, 0, 0 }, - /* requestExtensions */ -/* 10 */ { 2, ASN_CONTEXT_SPECIFIC | 2, 1, 0, 0 }, - /* optionalSignature not written. */ + /* OCSPRequest */ +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* tbsRequest */ +/* TBS */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* version not written - v1 */ + /* requestorName not written */ + /* requestList */ +/* TBS_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 0 }, + /* Request */ +/* TBS_LIST */ { 3, ASN_SEQUENCE, 1, 1, 0 }, + /* reqCert */ +/* TBS_REQ_CID */ { 4, ASN_SEQUENCE, 1, 1, 0 }, + /* hashAlgorithm */ +/* TBS_REQ_HASH */ { 5, ASN_SEQUENCE, 1, 1, 0 }, +/* TBS_REQ_HASH_OID */ { 6, ASN_OBJECT_ID, 0, 0, 0 }, + /* issuerNameHash */ +/* TBS_REQ_ISSUER */ { 5, ASN_OCTET_STRING, 0, 0, 0 }, + /* issuerKeyHash */ +/* TBS_REQ_ISSUERKEY */ { 5, ASN_OCTET_STRING, 0, 0, 0 }, + /* serialNumber */ +/* TBS_REQ_SERIAL */ { 5, ASN_INTEGER, 0, 0, 0 }, + /* requestExtensions */ +/* TBS_REQEXT */ { 2, ASN_CONTEXT_SPECIFIC | 2, 1, 0, 0 }, + /* optionalSignature not written. */ +}; +enum { + OCSPREQUESTASN_IDX_SEQ = 0, + OCSPREQUESTASN_IDX_TBS, + OCSPREQUESTASN_IDX_TBS_SEQ, + OCSPREQUESTASN_IDX_TBS_LIST, + OCSPREQUESTASN_IDX_TBS_REQ_CID, + OCSPREQUESTASN_IDX_TBS_REQ_HASH, + OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID, + OCSPREQUESTASN_IDX_TBS_REQ_ISSUER, + OCSPREQUESTASN_IDX_TBS_REQ_ISSUERKEY, + OCSPREQUESTASN_IDX_TBS_REQ_SERIAL, + OCSPREQUESTASN_IDX_TBS_REQEXT, }; /* Number of items in ASN.1 template for OCSPRequest. */ @@ -29920,27 +30694,32 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size) if (ret == 0) { /* Set OID of hash algorithm use on issuer and key. */ #ifdef NO_SHA - SetASN_OID(&dataASN[6], SHA256h, oidHashType); + SetASN_OID(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID], SHA256h, + oidHashType); #else - SetASN_OID(&dataASN[6], SHAh, oidHashType); + SetASN_OID(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID], SHAh, + oidHashType); #endif /* Set issuer, issuer key hash and serial number of certificate being * checked. */ - SetASN_Buffer(&dataASN[7], req->issuerHash, KEYID_SIZE); - SetASN_Buffer(&dataASN[8], req->issuerKeyHash, KEYID_SIZE); - SetASN_Buffer(&dataASN[9], req->serial, req->serialSz); + SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_ISSUER], + req->issuerHash, KEYID_SIZE); + SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_ISSUERKEY], + req->issuerKeyHash, KEYID_SIZE); + SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_SERIAL], + req->serial, req->serialSz); /* Only extension to write is nonce - check if one to encode. */ if (req->nonceSz) { /* Get size of extensions and leave space for them in encoding. */ ret = extSz = EncodeOcspRequestExtensions(req, NULL, 0); - SetASN_Buffer(&dataASN[10], NULL, extSz); + SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT], NULL, extSz); if (ret > 0) { ret = 0; } } else { /* Don't write out extensions. */ - dataASN[10].noOut = 1; + dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT].noOut = 1; } } if (ret == 0) { @@ -29958,7 +30737,8 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size) if (req->nonceSz) { /* Encode extensions into space provided. */ ret = EncodeOcspRequestExtensions(req, - (byte*)dataASN[10].data.buffer.data, extSz); + (byte*)dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT].data.buffer.data, + extSz); if (ret > 0) { ret = 0; } @@ -30137,8 +30917,12 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp) #ifdef WOLFSSL_ASN_TEMPLATE /* ASN.1 template for certificate name hash. */ static const ASNItem nameHashASN[] = { -/* 0 */ { 0, ASN_OBJECT_ID, 0, 0, 1 }, -/* 1 */ { 0, ASN_SEQUENCE, 1, 0, 0 }, +/* OID */ { 0, ASN_OBJECT_ID, 0, 0, 1 }, +/* NAME */ { 0, ASN_SEQUENCE, 1, 0, 0 }, +}; +enum { + NAMEHASHASN_IDX_OID = 0, + NAMEHASHASN_IDX_NAME, }; /* Number of items in ASN.1 template for certificate name hash. */ @@ -30185,7 +30969,7 @@ int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) XMEMSET(dataASN, 0, sizeof(dataASN)); /* Ignore the OID even when present. */ - GetASN_OID(&dataASN[0], oidIgnoreType); + GetASN_OID(&dataASN[NAMEHASHASN_IDX_OID], oidIgnoreType); /* Decode certificate name. */ ret = GetASN_Items(nameHashASN, dataASN, nameHashASN_Length, 0, source, idx, maxIdx); @@ -30194,8 +30978,10 @@ int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) * calculated over the entire DER encoding of the Name field, including * the tag and length. */ /* Calculate hash of complete name including SEQUENCE. */ - ret = CalcHashId(GetASNItem_Addr(dataASN[1], source), - GetASNItem_Length(dataASN[1], source), hash); + ret = CalcHashId( + GetASNItem_Addr(dataASN[NAMEHASHASN_IDX_NAME], source), + GetASNItem_Length(dataASN[NAMEHASHASN_IDX_NAME], source), + hash); } return ret; @@ -30238,14 +31024,21 @@ void FreeDecodedCRL(DecodedCRL* dcrl) * X.509: RFC 5280, 5.1 - CRL Fields */ static const ASNItem revokedASN[] = { -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* userCertificate CertificateSerialNumber */ -/* 1 */ { 1, ASN_INTEGER, 0, 0, 0 }, - /* revocationDate Time */ -/* 2 */ { 1, ASN_UTC_TIME, 0, 0, 2 }, -/* 3 */ { 1, ASN_GENERALIZED_TIME, 0, 0, 2 }, - /* crlEntryExensions Extensions */ -/* 4 */ { 1, ASN_SEQUENCE, 1, 0, 1 }, +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* userCertificate CertificateSerialNumber */ +/* CERT */ { 1, ASN_INTEGER, 0, 0, 0 }, + /* revocationDate Time */ +/* TIME_UTC */ { 1, ASN_UTC_TIME, 0, 0, 2 }, +/* TIME_GT */ { 1, ASN_GENERALIZED_TIME, 0, 0, 2 }, + /* crlEntryExensions Extensions */ +/* TIME_EXT */ { 1, ASN_SEQUENCE, 1, 0, 1 }, +}; +enum { + REVOKEDASN_IDX_SEQ = 0, + REVOKEDASN_IDX_CERT, + REVOKEDASN_IDX_TIME_UTC, + REVOKEDASN_IDX_TIME_GT, + REVOKEDASN_IDX_TIME_EXT, }; /* Number of items in ASN.1 template for revoked certificates. */ @@ -30315,7 +31108,8 @@ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl, if (ret == 0) { /* Set buffer to place serial number into. */ - GetASN_Buffer(&dataASN[1], rc->serialNumber, &serialSz); + GetASN_Buffer(&dataASN[REVOKEDASN_IDX_CERT], rc->serialNumber, + &serialSz); /* Decode the Revoked */ ret = GetASN_Items(revokedASN, dataASN, revokedASN_Length, 1, buff, idx, maxIdx); @@ -30603,13 +31397,14 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl) } if (ret == 0) { /* Key id is optional. */ - if (dataASN[1].data.ref.data == NULL) { + if (dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data == NULL) { WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available"); } else { /* Get the hash or hash of the hash if wrong size. */ - ret = GetHashId(dataASN[1].data.ref.data, - dataASN[1].data.ref.length, dcrl->extAuthKeyId); + ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data, + dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length, + dcrl->extAuthKeyId); } } @@ -30732,17 +31527,17 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx, /* Clear dynamic data. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length); /* Ensure OID is an extention type. */ - GetASN_OID(&dataASN[1], oidCertExtType); + GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType); /* Set criticality variable. */ - dataASN[2].data.u8 = &critical; + GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical); /* Parse extension wrapper. */ ret = GetASN_Items(certExtASN, dataASN, certExtASN_Length, 0, buf, &idx, maxIdx); if (ret == 0) { /* OID in extension. */ - word32 oid = dataASN[1].data.oid.sum; + word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum; /* Length of extension data. */ - int length = dataASN[3].length; + int length = dataASN[CERTEXTASN_IDX_VAL].length; if (oid == AUTH_KEY_OID) { #ifndef NO_SKID @@ -30774,35 +31569,55 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx, * X.509: RFC 5280, 5.1 - CRL Fields */ static const ASNItem crlASN[] = { - /* CertificateList */ -/* 0 */ { 0, ASN_SEQUENCE, 1, 1, 0 }, - /* tbsCertList */ -/* 1 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, - /* version Version OPTIONAL if present must be v2 */ -/* 2 */ { 2, ASN_INTEGER, 0, 0, 1 }, - /* signature */ -/* 3 */ { 2, ASN_SEQUENCE, 1, 1, 0 }, -/* 4 */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, -/* 5 */ { 3, ASN_TAG_NULL, 0, 0, 1 }, - /* issuer */ -/* 6 */ { 2, ASN_SEQUENCE, 1, 0, 0 }, - /* thisUpdate */ -/* 7 */ { 2, ASN_UTC_TIME, 0, 0, 2 }, -/* 8 */ { 2, ASN_GENERALIZED_TIME, 0, 0, 2 }, - /* nextUpdate */ -/* 9 */ { 2, ASN_UTC_TIME, 0, 0, 3 }, -/* 10 */ { 2, ASN_GENERALIZED_TIME, 0, 0, 3 }, - /* revokedCertificates */ -/* 11 */ { 2, ASN_SEQUENCE, 1, 0, 1 }, - /* crlExtensions */ -/* 12 */ { 2, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, -/* 13 */ { 3, ASN_SEQUENCE, 1, 0, 0 }, - /* signatureAlgorithm */ -/* 14 */ { 1, ASN_SEQUENCE, 1, 1, 0 }, -/* 15 */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, -/* 16 */ { 2, ASN_TAG_NULL, 0, 0, 1 }, - /* signatureValue */ -/* 17 */ { 1, ASN_BIT_STRING, 0, 0, 0 }, + /* CertificateList */ +/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 }, + /* tbsCertList */ +/* TBS */ { 1, ASN_SEQUENCE, 1, 1, 0 }, + /* version Version OPTIONAL if present must be v2 */ +/* TBS_VER */ { 2, ASN_INTEGER, 0, 0, 1 }, + /* signature */ +/* TBS_SIGALGO */ { 2, ASN_SEQUENCE, 1, 1, 0 }, +/* TBS_SIGALGO_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 }, +/* TBS_SIGALGO_NULL */ { 3, ASN_TAG_NULL, 0, 0, 1 }, + /* issuer */ +/* TBS_ISSUER */ { 2, ASN_SEQUENCE, 1, 0, 0 }, + /* thisUpdate */ +/* TBS_THISUPDATE_UTC */ { 2, ASN_UTC_TIME, 0, 0, 2 }, +/* TBS_THISUPDATE_GT */ { 2, ASN_GENERALIZED_TIME, 0, 0, 2 }, + /* nextUpdate */ +/* TBS_NEXTUPDATE_UTC */ { 2, ASN_UTC_TIME, 0, 0, 3 }, +/* TBS_NEXTUPDATE_GT */ { 2, ASN_GENERALIZED_TIME, 0, 0, 3 }, + /* revokedCertificates */ +/* TBS_REVOKEDCERTS */ { 2, ASN_SEQUENCE, 1, 0, 1 }, + /* crlExtensions */ +/* TBS_EXT */ { 2, ASN_CONTEXT_SPECIFIC | 0, 1, 1, 1 }, +/* TBS_EXT_SEQ */ { 3, ASN_SEQUENCE, 1, 0, 0 }, + /* signatureAlgorithm */ +/* SIGALGO */ { 1, ASN_SEQUENCE, 1, 1, 0 }, +/* SIGALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 }, +/* SIGALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 1 }, + /* signatureValue */ +/* SIGNATURE */ { 1, ASN_BIT_STRING, 0, 0, 0 }, +}; +enum { + CRLASN_IDX_SEQ = 0, + CRLASN_IDX_TBS, + CRLASN_IDX_TBS_VER, + CRLASN_IDX_TBS_SIGALGO, + CRLASN_IDX_TBS_SIGALGO_OID, + CRLASN_IDX_TBS_SIGALGO_NULL, + CRLASN_IDX_TBS_ISSUER, + CRLASN_IDX_TBS_THISUPDATE_UTC, + CRLASN_IDX_TBS_THISUPDATE_GT, + CRLASN_IDX_TBS_NEXTUPDATE_UTC, + CRLASN_IDX_TBS_NEXTUPDATE_GT, + CRLASN_IDX_TBS_REVOKEDCERTS, + CRLASN_IDX_TBS_EXT, + CRLASN_IDX_TBS_EXT_SEQ, + CRLASN_IDX_SIGALGO, + CRLASN_IDX_SIGALGO_OID, + CRLASN_IDX_SIGALGO_NULL, + CRLASN_IDX_SIGNATURE, }; /* Number of items in ASN.1 template for a CRL- CertificateList. */ @@ -30907,21 +31722,26 @@ end: if (ret == 0) { /* Set variable to store version. */ - GetASN_Int8Bit(&dataASN[2], &version); + GetASN_Int8Bit(&dataASN[CRLASN_IDX_TBS_VER], &version); /* Set expecting signature OID. */ - GetASN_OID(&dataASN[4], oidSigType); + GetASN_OID(&dataASN[CRLASN_IDX_TBS_SIGALGO_OID], oidSigType); /* Set buffer to put last and next date into. */ - GetASN_Buffer(&dataASN[7], dcrl->lastDate, &lastDateSz); - GetASN_Buffer(&dataASN[8], dcrl->lastDate, &lastDateSz); - GetASN_Buffer(&dataASN[9], dcrl->nextDate, &nextDateSz); - GetASN_Buffer(&dataASN[10], dcrl->nextDate, &nextDateSz); + GetASN_Buffer(&dataASN[CRLASN_IDX_TBS_THISUPDATE_UTC], dcrl->lastDate, + &lastDateSz); + GetASN_Buffer(&dataASN[CRLASN_IDX_TBS_THISUPDATE_GT], dcrl->lastDate, + &lastDateSz); + GetASN_Buffer(&dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC], dcrl->nextDate, + &nextDateSz); + GetASN_Buffer(&dataASN[CRLASN_IDX_TBS_NEXTUPDATE_GT], dcrl->nextDate, + &nextDateSz); /* Set expecting signature OID. */ - GetASN_OID(&dataASN[14], oidSigType); + GetASN_OID(&dataASN[CRLASN_IDX_SIGALGO_OID], oidSigType); /* Decode the CRL. */ ret = GetASN_Items(crlASN, dataASN, crlASN_Length, 1, buff, &idx, sz); } /* Version must be v2 = 1 if present. */ - if ((ret == 0) && (dataASN[2].tag != 0) && (version != 1)) { + if ((ret == 0) && (dataASN[CRLASN_IDX_TBS_VER].tag != 0) && + (version != 1)) { ret = ASN_PARSE_E; } /* Check minimum size of last date. */ @@ -30933,23 +31753,27 @@ end: ret = ASN_PARSE_E; } /* 'signatureAlgorithm' OID must be the same as 'signature' OID. */ - if ((ret == 0) && (dataASN[15].data.oid.sum != dataASN[4].data.oid.sum)) { + if ((ret == 0) && (dataASN[CRLASN_IDX_SIGALGO_OID].data.oid.sum != + dataASN[CRLASN_IDX_TBS_SIGALGO_OID].data.oid.sum)) { ret = ASN_PARSE_E; } if (ret == 0) { /* Store offset of to be signed part. */ - dcrl->certBegin = dataASN[1].offset; + dcrl->certBegin = dataASN[CRLASN_IDX_TBS].offset; /* Store index of signature. */ - dcrl->sigIndex = dataASN[14].offset; + dcrl->sigIndex = dataASN[CRLASN_IDX_SIGALGO].offset; /* Store address and length of signature data. */ - GetASN_GetRef(&dataASN[17], &dcrl->signature, &dcrl->sigLength); + GetASN_GetRef(&dataASN[CRLASN_IDX_SIGNATURE], &dcrl->signature, + &dcrl->sigLength); /* Get the signature OID. */ - dcrl->signatureOID = dataASN[15].data.oid.sum; + dcrl->signatureOID = dataASN[CRLASN_IDX_SIGALGO_OID].data.oid.sum; /* Get the format/tag of the last and next date. */ - dcrl->lastDateFormat = (dataASN[7].tag != 0) ? dataASN[7].tag - : dataASN[8].tag; - dcrl->nextDateFormat = (dataASN[9].tag != 0) ? dataASN[9].tag - : dataASN[10].tag; + dcrl->lastDateFormat = (dataASN[CRLASN_IDX_TBS_THISUPDATE_UTC].tag != 0) + ? dataASN[CRLASN_IDX_TBS_THISUPDATE_UTC].tag + : dataASN[CRLASN_IDX_TBS_THISUPDATE_GT].tag; + dcrl->nextDateFormat = (dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC].tag != 0) + ? dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC].tag + : dataASN[CRLASN_IDX_TBS_NEXTUPDATE_GT].tag; #ifndef NO_ASN_TIME if (dcrl->nextDateFormat != 0) { /* Next date was set, so validate it. */ @@ -30962,23 +31786,24 @@ end: if (ret == 0) { #endif /* Calculate the Hash id from the issuer name. */ - ret = CalcHashId(GetASNItem_Addr(dataASN[6], buff), - GetASNItem_Length(dataASN[6], buff), dcrl->issuerHash); + ret = CalcHashId(GetASNItem_Addr(dataASN[CRLASN_IDX_TBS_ISSUER], buff), + GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER], buff), + dcrl->issuerHash); if (ret < 0) { ret = ASN_PARSE_E; } } - if ((ret == 0) && (dataASN[11].tag != 0)) { + if ((ret == 0) && (dataASN[CRLASN_IDX_TBS_REVOKEDCERTS].tag != 0)) { /* Parse revoked cerificates - starting after SEQUENCE OF. */ ret = ParseCRL_RevokedCerts(dcrl, buff, - GetASNItem_DataIdx(dataASN[11], buff), - GetASNItem_EndIdx(dataASN[11], buff)); + GetASNItem_DataIdx(dataASN[CRLASN_IDX_TBS_REVOKEDCERTS], buff), + GetASNItem_EndIdx(dataASN[CRLASN_IDX_TBS_REVOKEDCERTS], buff)); } if (ret == 0) { /* Parse the extensions - starting after SEQUENCE OF. */ ret = ParseCRL_Extensions(dcrl, buff, - GetASNItem_DataIdx(dataASN[13], buff), - GetASNItem_EndIdx(dataASN[13], buff)); + GetASNItem_DataIdx(dataASN[CRLASN_IDX_TBS_EXT_SEQ], buff), + GetASNItem_EndIdx(dataASN[CRLASN_IDX_TBS_EXT_SEQ], buff)); } if (ret == 0) { /* Find signer and verify signature. */ @@ -30999,22 +31824,33 @@ end: #ifdef WOLFSSL_ASN_TEMPLATE /* Template for PIV. */ static const ASNItem pivASN[] = { -/* 0 */ { 0, ASN_PIV_CERT, 0, 0, 0 }, -/* 1 */ { 0, ASN_PIV_NONCE, 0, 0, 1 }, -/* 2 */ { 0, ASN_PIV_SIGNED_NONCE, 0, 0, 1 }, +/* CERT */ { 0, ASN_PIV_CERT, 0, 0, 0 }, +/* NONCE */ { 0, ASN_PIV_NONCE, 0, 0, 1 }, +/* SIGNEDNONCE */ { 0, ASN_PIV_SIGNED_NONCE, 0, 0, 1 }, +}; +enum { + PIVASN_IDX_CERT = 0, + PIVASN_IDX_NONCE, + PIVASN_IDX_SIGNEDNONCE, }; #define pivASN_Length (sizeof(pivASN) / sizeof(ASNItem)) static const ASNItem pivCertASN[] = { - /* 0x53 = 0x40 | 0x13 */ -/* 0 */ { 1, ASN_APPLICATION | 0x13, 0, 1, 0 }, - /* 0x70 = 0x40 | 0x10 + 0x20 (CONSTRUCTED) */ -/* 1 */ { 2, ASN_APPLICATION | 0x10, 1, 0, 0 }, - /* 0x71 = 0x40 | 0x11 + 0x20 (CONSTRUCTED) */ -/* 2 */ { 2, ASN_APPLICATION | 0x11, 1, 0, 1 }, - /* 0xFE = 0xC0 | 0x1E + 0x20 (CONSTRUCTED) */ -/* 3 */ { 2, ASN_PRIVATE | 0x1e, 1, 0, 1 }, + /* 0x53 = 0x40 | 0x13 */ +/* CERT */ { 1, ASN_APPLICATION | 0x13, 0, 1, 0 }, + /* 0x70 = 0x40 | 0x10 + 0x20 (CONSTRUCTED) */ +/* X509 */ { 2, ASN_APPLICATION | 0x10, 1, 0, 0 }, + /* 0x71 = 0x40 | 0x11 + 0x20 (CONSTRUCTED) */ +/* INFO */ { 2, ASN_APPLICATION | 0x11, 1, 0, 1 }, + /* 0xFE = 0xC0 | 0x1E + 0x20 (CONSTRUCTED) */ +/* ERR */ { 2, ASN_PRIVATE | 0x1e, 1, 0, 1 }, +}; +enum { + PIVCERTASN_IDX_CERT, + PIVCERTASN_IDX_X509, + PIVCERTASN_IDX_INFO, + PIVCERTASN_IDX_ERR, }; #define pivCertASN_Length (sizeof(pivCertASN) / sizeof(ASNItem)) @@ -31119,23 +31955,24 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz) /* Identiv wrapper found. */ piv->isIdentiv = 1; /* Get nonce reference. */ - if (dataASN[1].tag != 0) { - GetASN_GetConstRef(&dataASN[1], &piv->nonce, &piv->nonceSz); + if (dataASN[PIVASN_IDX_NONCE].tag != 0) { + GetASN_GetConstRef(&dataASN[PIVASN_IDX_NONCE], &piv->nonce, + &piv->nonceSz); } /* Get signedNonce reference. */ - if (dataASN[2].tag != 0) { - GetASN_GetConstRef(&dataASN[2], &piv->signedNonce, - &piv->signedNonceSz); + if (dataASN[PIVASN_IDX_SIGNEDNONCE].tag != 0) { + GetASN_GetConstRef(&dataASN[PIVASN_IDX_SIGNEDNONCE], + &piv->signedNonce, &piv->signedNonceSz); } /* Get the certificate data for parsing. */ - GetASN_GetConstRef(&dataASN[0], &buf, &totalSz); + GetASN_GetConstRef(&dataASN[PIVASN_IDX_CERT], &buf, &totalSz); } ret = 0; } if (ret == 0) { /* Clear dynamic data and set variable to put cert info into. */ XMEMSET(dataASN, 0, sizeof(*dataASN) * pivCertASN_Length); - GetASN_Int8Bit(&dataASN[2], &info); + GetASN_Int8Bit(&dataASN[PIVCERTASN_IDX_INFO], &info); /* Start parsing from start of buffer. */ idx = 0; /* Parse PIV cetificate data. */ @@ -31143,16 +31980,17 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz) totalSz); if (ret == 0) { /* Get X.509 certificate reference. */ - GetASN_GetConstRef(&dataASN[1], &piv->cert, &piv->certSz); + GetASN_GetConstRef(&dataASN[PIVCERTASN_IDX_X509], &piv->cert, + &piv->certSz); /* Set the certificate info if available. */ - if (dataASN[2].tag != 0) { + if (dataASN[PIVCERTASN_IDX_INFO].tag != 0) { /* Bits 1 and 2 are compression. */ piv->compression = info & ASN_PIV_CERT_INFO_COMPRESSED; /* Bits 3 is X509 flag. */ piv->isX509 = ((info & ASN_PIV_CERT_INFO_ISX509) != 0); } - /* Get X.509 certificate error detecton reference. */ - GetASN_GetConstRef(&dataASN[3], &piv->certErrDet, + /* Get X.509 certificate error detection reference. */ + GetASN_GetConstRef(&dataASN[PIVCERTASN_IDX_ERR], &piv->certErrDet, &piv->certErrDetSz); } ret = 0; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 74aa48ce7..801ed5e4e 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -32724,9 +32724,15 @@ static int verifyBundle(byte* derBuf, word32 derSz, int keyHint) int decodedSz = FOURK_BUF/2; WOLFSSL_SMALL_STACK_STATIC const byte expectedSid[] = { +#ifdef USE_CERT_BUFFERS_1024 + 0x81, 0x69, 0x0f, 0xf8, 0xdf, 0xdd, 0xcf, 0x34, + 0x29, 0xd5, 0x67, 0x75, 0x71, 0x85, 0xc7, 0x75, + 0x10, 0x69, 0x59, 0xec, +#else 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0 +#endif }; decoded = (byte *)XMALLOC(decodedSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); diff --git a/wolfssl/test.h b/wolfssl/test.h index 05d1fc60c..8753df920 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -5176,4 +5176,11 @@ static WC_INLINE void EarlyDataStatus(WOLFSSL* ssl) } #endif /* WOLFSSL_EARLY_DATA */ + +#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \ + defined(DEBUG_UNIT_TEST_CERTS) +void DEBUG_WRITE_CERT_X509(WOLFSSL_X509* x509, const char* fileName); +void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName); +#endif + #endif /* wolfSSL_TEST_H */ diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 8bbf3a119..0094e9191 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -127,6 +127,33 @@ enum ASN_Tags { ASN_DIR_TYPE = 0x04, ASN_URI_TYPE = 0x06, /* the value 6 is from GeneralName OID */ ASN_IP_TYPE = 0x07, /* the value 7 is from GeneralName OID */ + + /* PKCS #7 types */ + ASN_ENC_CONTENT = 0x00, + ASN_OTHERNAME_VALUE = 0x00, + + /* AuthorityKeyIdentifier fields */ + ASN_AUTHKEYID_KEYID = 0x00, + ASN_AUTHKEYID_ISSUER = 0x01, + ASN_AUTHKEYID_SERIAL = 0x02, + + /* GeneralSubtree fields */ + ASN_SUBTREE_MIN = 0x00, + ASN_SUBTREE_MAX = 0x01, + + /* x509 Cert Fields */ + ASN_X509_CERT_VERSION = 0x00, + + /* x509 Cert Extension Fields */ + ASN_AKID_KEYID = 0x00, + + /* ECC Key Fields */ + ASN_ECC_PARAMS = 0x00, + ASN_ECC_PUBKEY = 0x01, + + /* OneAsymmetricKey Fields */ + ASN_ASYMKEY_ATTRS = 0x00, + ASN_ASYMKEY_PUBKEY = 0x01, }; #define ASN_UTC_TIME_SIZE 14 @@ -606,6 +633,25 @@ WOLFSSL_LOCAL void SetASN_OID(ASNSetData *dataASN, int oid, int oidType); } \ while (0) +/* Set the node and all nodes below to not be encoded. + * + * @param [in] dataASN Dynamic ASN data item. + * @param [in] node Node which should not be encoded. Child nodes will + * also not be encoded. + * @param [in] dataASNLen Number of items in dataASN. + */ +#define SetASNItem_NoOutNode(dataASN, asn, node, dataASNLen) \ + do { \ + int ii; \ + dataASN[node].noOut = 1; \ + for (ii = node + 1; ii < (int)(dataASNLen); ii++) { \ + if (asn[ii].depth <= asn[node].depth) \ + break; \ + dataASN[ii].noOut = 1; \ + } \ + } \ + while (0) + #endif /* WOLFSSL_ASN_TEMPLATE */