mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-01 03:34:39 +02:00
remove extra cert and key, plus add new test
This commit is contained in:
Jacob Barthelmeh
@@ -27,10 +27,7 @@ EXTRA_DIST += \
|
||||
certs/server-keyPkcs8.pem \
|
||||
certs/server-revoked-cert.pem \
|
||||
certs/server-revoked-key.pem \
|
||||
certs/wolfssl-website-ca.pem \
|
||||
certs/rsa-ecc-key.pem \
|
||||
certs/rsa-signed-ecc-cert.pem \
|
||||
certs/rsa-signed-ecc-ca.pem
|
||||
certs/wolfssl-website-ca.pem
|
||||
EXTRA_DIST += \
|
||||
certs/ca-key.der \
|
||||
certs/ca-cert.der \
|
||||
|
||||
@@ -94,16 +94,6 @@ function run_renewcerts(){
|
||||
|
||||
openssl x509 -in \1024/ca-cert.pem -text > \1024/tmp.pem
|
||||
mv \1024/tmp.pem \1024/ca-cert.pem
|
||||
############################################################
|
||||
########## update the self-signed rsa-signed-ecc-ca.pem ####
|
||||
############################################################
|
||||
echo "Updating rsa-signed-ecc-ca.pem"
|
||||
echo ""
|
||||
#pipe the following arguments to openssl req...
|
||||
echo -e "US\nMontana\nBozeman\nwolfSSL\nConsulting_rsa-ecc\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ca-key.pem -nodes -out ca-rsa-ecc-cert.csr
|
||||
|
||||
openssl x509 -req -in ca-rsa-ecc-cert.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey ca-key.pem -out rsa-signed-ecc-ca.pem
|
||||
rm ca-rsa-ecc-cert.csr
|
||||
###########################################################
|
||||
########## update and sign server-cert.pem ################
|
||||
###########################################################
|
||||
@@ -212,17 +202,6 @@ function run_renewcerts(){
|
||||
openssl x509 -in server-ecc-comp.pem -text > tmp.pem
|
||||
mv tmp.pem server-ecc-comp.pem
|
||||
|
||||
############################################################
|
||||
###### update rsa-signed-ecc-cert.pem ##########
|
||||
############################################################
|
||||
echo "Updating rsa-signed-ecc-cert.pem"
|
||||
echo ""
|
||||
#pipe the following arguments to openssl req...
|
||||
echo -e "US\nMontana\nBozeman\nwolfSSL\nConsulting_rsa-ecc\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key rsa-ecc-key.pem -out server-rsa-signed-ecc.csr
|
||||
|
||||
|
||||
openssl req -x509 -in server-rsa-signed-ecc.csr -days 1000 -key ca-key.pem -out rsa-signed-ecc-cert.pem
|
||||
rm server-rsa-signed-ecc.csr
|
||||
############################################################
|
||||
########## make .der files from .pem files #################
|
||||
############################################################
|
||||
|
||||
@@ -1,5 +0,0 @@
|
||||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEIIdLUY+7ywLvHw3hXcRh3Yjk2isYn3xRzNzh8PL8c++doAoGCCqGSM49
|
||||
AwEHoUQDQgAE5N/MA+vrmu1j6+9L9x53MwRlxQVYreEo6GbI08kMZg7Xcdo9wJ06
|
||||
6EBsqo5FdrTtYLMgKLCtvXAVcwTOj8wA9A==
|
||||
-----END EC PRIVATE KEY-----
|
||||
@@ -1,28 +0,0 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEwTCCA6mgAwIBAgIJANSPE5wECQHCMA0GCSqGSIb3DQEBCwUAMIGbMQswCQYD
|
||||
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4G
|
||||
A1UECgwHd29sZlNTTDEbMBkGA1UECwwSQ29uc3VsdGluZ19yc2EtZWNjMRgwFgYD
|
||||
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
|
||||
bC5jb20wHhcNMTYwMjEwMTc0NjMxWhcNMTgxMTA2MTc0NjMxWjCBmzELMAkGA1UE
|
||||
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNV
|
||||
BAoMB3dvbGZTU0wxGzAZBgNVBAsMEkNvbnN1bHRpbmdfcnNhLWVjYzEYMBYGA1UE
|
||||
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
|
||||
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwzKLRSyHoRCW804
|
||||
H0ryTXUQ8bY1n9/KfQOY06zeA2buKvHYsH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy
|
||||
6sqQu2lSEAMvqPOVxfGLYlYb72dvpBBBla0Km+OlwLDScHZQMFuo6AgsfO2nonqN
|
||||
OCkcrMft8nyVsJWCfUlcOM13Je+9gHVTlDw9ymNbnxW10x0TLxnRPNt2Osy4fcnl
|
||||
wtfaQG/YIdxzG0ItU5z+Gvx9q3o2P5jehHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1
|
||||
Vi+jJtK3b7FaF9c4mQj+k1hv/sMTSQgWC6dNZwBSMWcjTpjtUUUduQTZC+zYKLNL
|
||||
ve02eQIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejV
|
||||
MIHQBgNVHSMEgcgwgcWAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGhpIGeMIGbMQsw
|
||||
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQ
|
||||
MA4GA1UECgwHd29sZlNTTDEbMBkGA1UECwwSQ29uc3VsdGluZ19yc2EtZWNjMRgw
|
||||
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
|
||||
ZnNzbC5jb22CCQDUjxOcBAkBwjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA
|
||||
A4IBAQCInkcGU17ednsQj9aUge/19pr8hTvIyOgSjo6jeyNFYR3dwtSCyiNp+3xy
|
||||
0751Qr3bsZFypZ6KYdq262592jS1FCA8PPT0lj2b+rs7ltt0+SWwNa5gd53i6bqL
|
||||
F2eGuJxB8+eaYCNtvHb+vVt4wE+xc4arEXohNOK98Ue8a1z4t5GJgld2qIO596fC
|
||||
5AF51wT2W+nmkPD8Uc57qbT0dGcYMrbV1CEzRznKlEM7/lwQzosanq2WAej/LuoK
|
||||
E7fFK/HsKmGNo5h9xmp8Mffrhv/FtNY8goOzGgGVLIBEJhhAXdxMD7StDJ/wO4Yn
|
||||
YVhUYNYXHRfLqlfrOKTlpom0tSTm
|
||||
-----END CERTIFICATE-----
|
||||
@@ -1,20 +0,0 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDQDCCAiigAwIBAgIJAIsWzJR4pzZ8MA0GCSqGSIb3DQEBCwUAMIGbMQswCQYD
|
||||
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4G
|
||||
A1UECgwHd29sZlNTTDEbMBkGA1UECwwSQ29uc3VsdGluZ19yc2EtZWNjMRgwFgYD
|
||||
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
|
||||
bC5jb20wHhcNMTYwMjEwMTc0NjMxWhcNMTgxMTA2MTc0NjMxWjCBmzELMAkGA1UE
|
||||
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNV
|
||||
BAoMB3dvbGZTU0wxGzAZBgNVBAsMEkNvbnN1bHRpbmdfcnNhLWVjYzEYMBYGA1UE
|
||||
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
|
||||
Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5N/MA+vrmu1j6+9L9x53MwRl
|
||||
xQVYreEo6GbI08kMZg7Xcdo9wJ066EBsqo5FdrTtYLMgKLCtvXAVcwTOj8wA9KNQ
|
||||
ME4wHQYDVR0OBBYEFJG5qzs7kKdpUhrSzNazXAYADDbDMB8GA1UdIwQYMBaAFJG5
|
||||
qzs7kKdpUhrSzNazXAYADDbDMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQAD
|
||||
ggEBAE6wOs43QszCln/y1KlG6AQz2KhnW+qWLhc7tfjHxAzH3OjgSPZ2nbVfE0w9
|
||||
PKakWrbOYfDpMAPH4HHwbQpwJ6glHYb/ARqcRDobj8Myx4OKG7UsIRjwnyQl0BhR
|
||||
sx1V1ATnNeJ/LEKm3PdO3OvfnyHUwSeH2iA8bXfpIE1jUirsbA/pAA88vJ04u4fC
|
||||
uCFWQqpoCZSxqDqT4kBqKjbcfPR/2jP5XxbTbfboSdyZ6Zx2P7/AuoWgW/Nxej2P
|
||||
up0rgYptHMbN+UPvjg6z2WPadC1gmJ81HEag5Mx9kl1HyDavUN/pgX+9eGYuKR5J
|
||||
wJ9nFJSlBHlndOp+CSUHtI0cw1M=
|
||||
-----END CERTIFICATE-----
|
||||
@@ -22,5 +22,6 @@ EXTRA_DIST += tests/unit.h
|
||||
EXTRA_DIST += tests/test.conf \
|
||||
tests/test-qsh.conf \
|
||||
tests/test-psk-no-id.conf \
|
||||
tests/test-dtls.conf
|
||||
tests/test-dtls.conf \
|
||||
tests/test-sig.conf
|
||||
DISTCLEANFILES+= tests/.libs/unit.test
|
||||
|
||||
@@ -498,8 +498,18 @@ int SuiteTest(void)
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
#endif
|
||||
#ifndef WC_STRICT_SIG
|
||||
/* add extra signature test suites */
|
||||
strcpy(argv0[1], "tests/test-sig.conf");
|
||||
printf("starting sig extra cipher suite tests\n");
|
||||
test_harness(&args);
|
||||
if (args.return_code != 0) {
|
||||
printf("error from script %d\n", args.return_code);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_QSH
|
||||
/* add dtls extra suites */
|
||||
/* add QSH extra suites */
|
||||
strcpy(argv0[1], "tests/test-qsh.conf");
|
||||
printf("starting qsh extra cipher suite tests\n");
|
||||
test_harness(&args);
|
||||
|
||||
199
tests/test-sig.conf
Normal file
199
tests/test-sig.conf
Normal file
@@ -0,0 +1,199 @@
|
||||
# server TLSv1 ECDHE-ECDSA-DES3
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-DES-CBC3-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1 ECDHE-ECDSA-DES3
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-DES-CBC3-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1 ECDHE-ECDSA-AES128
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-c ./certs/server-ecc.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1 ECDHE-ECDSA-AES128
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-A ./certs/server-ecc.pem
|
||||
|
||||
# server TLSv1 ECDHE-ECDSA-AES128
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1 ECDHE-ECDSA-AES128
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1 ECDHE-ECDSA-AES256
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-AES256-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1 ECDHE-ECDSA-AES256
|
||||
-v 1
|
||||
-l ECDHE-ECDSA-AES256-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.1 ECDHE-ECDSA-DES3
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-DES-CBC3-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.1 ECDHE-ECDSA-DES3
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-DES-CBC3-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.1 ECDHE-ECDSA-AES128
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-c ./certs/server-ecc.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.1 ECDHE-ECDSA-AES128
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-A ./certs/server-ecc.pem
|
||||
|
||||
# server TLSv1.1 ECDHE-ECDSA-AES128
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.1 ECDHE-ECDSA-AES128
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.1 ECDHE-ECDSA-AES256
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-AES256-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.1 ECDHE-ECDSA-AES256
|
||||
-v 2
|
||||
-l ECDHE-ECDSA-AES256-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-DES3
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-DES-CBC3-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-DES3
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-DES-CBC3-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-AES128
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-c ./certs/server-ecc.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-AES128
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-SHA
|
||||
-A ./certs/server-ecc.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-AES128-SHA256
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-SHA256
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-AES128-SHA256
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-SHA256
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-AES256
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES256-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-AES256
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES256-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-CHACHA20-POLY1305
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-CHACHA20-POLY1305
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDH-ECDSA-AES128-SHA256
|
||||
-v 3
|
||||
-l ECDH-ECDSA-AES128-SHA256
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDH-ECDSA-AES128-SHA256
|
||||
-v 3
|
||||
-l ECDH-ECDSA-AES128-SHA256
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDH-ECDSA-AES256
|
||||
-v 3
|
||||
-l ECDH-ECDSA-AES256-SHA
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDH-ECDSA-AES256
|
||||
-v 3
|
||||
-l ECDH-ECDSA-AES256-SHA
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-GCM-SHA256
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES256-GCM-SHA384
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES256-GCM-SHA384
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
# server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-CCM-8
|
||||
-c ./certs/server-ecc-rsa.pem
|
||||
-k ./certs/ecc-key.pem
|
||||
|
||||
# client TLSv1.2 ECDHE-ECDSA-AES128-CCM-8
|
||||
-v 3
|
||||
-l ECDHE-ECDSA-AES128-CCM-8
|
||||
-A ./certs/ca-cert.pem
|
||||
|
||||
|
||||
Reference in New Issue
Block a user