Remove non-RFC-compliant OCSP responder chain walk. The chain walk

authorized any responder issued by an ancestor of the target's issuer;
  RFC 6960 4.2.2.2 requires direct issuance by the CA identified in the
  request.

    - Remove CheckOcspResponderChain() and WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK.
    - Drop now-unused vp parameter from CheckOcspResponder() and the
      OcspRespCheck() helper; cascade through template and non-template
      paths.

  OCSP test blobs:

    - Re-sign resp_server1_cert with intermediate1-ca (CA-direct path).
    - Add resp_server1_cert_ancestor_responder for the negative test.
    - Embed server1_cert_pem[] in test_ocsp_test_blobs.h so the new test
      runs under NO_FILESYSTEM; matching entry added to
      create_ocsp_test_blobs.py.
    - Regenerate response[] in test_certman.c with intermediate1-ca as
      signer; recipe switched from Wireshark export to openssl -respout
      + xxd -i for reproducibility.
    - Fix self-XOR in test_wolfSSL_CertManagerCheckOCSPResponse so the
      serial byte actually flips (^= 0xFF).

  Live OCSP coverage:

    - Add ocsp-responder-int1 (delegated responder issued directly by
      intermediate1-ca, with id-kp-OCSPSigning EKU) for the
      responder->intermediate->root chain.
    - scripts/ocsp-stapling.test: intermediate1 responder switched to
      ocsp-responder-int1 (delegated path).
    - scripts/ocsp-stapling2.test, scripts/ocsp-stapling_tls13multi.test:
      intermediate2 and intermediate3 sign their OCSP responses with
      their own CA keys (CA-direct path); root block unchanged
      (ocsp-responder-cert is still RFC-compliant for root-issued certs).
    - .github/workflows/ocsp.yml: server1 OCSP responder switched to
      ocsp-responder-int1 to match the cert chain.
    - New test_ocsp_ancestor_responder_rejected confirms the
      ancestor-issued response is rejected with OCSP_LOOKUP_FAIL.
This commit is contained in:
Ruby Martin
2026-05-26 13:35:18 -06:00
parent 08a7c4590e
commit 5c3100ed5c
17 changed files with 1035 additions and 588 deletions
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
run: autoreconf -ivf && ./configure --enable-ocsp --enable-ocspstapling && make
- name: Start OCSP responder 1
run: openssl ocsp -port 22221 -ndays 1000 -index certs/ocsp/index-intermediate1-ca-issued-certs.txt -rsigner certs/ocsp/ocsp-responder-cert.pem -rkey certs/ocsp/ocsp-responder-key.pem -CA certs/ocsp/intermediate1-ca-cert.pem &
run: openssl ocsp -port 22221 -ndays 1000 -index certs/ocsp/index-intermediate1-ca-issued-certs.txt -rsigner certs/ocsp/ocsp-responder-int1-cert.pem -rkey certs/ocsp/ocsp-responder-int1-key.pem -CA certs/ocsp/intermediate1-ca-cert.pem &
- name: Start OCSP responder 2
run: openssl ocsp -port 22220 -ndays 1000 -index certs/ocsp/index-ca-and-intermediate-cas.txt -rsigner certs/ocsp/ocsp-responder-cert.pem -rkey certs/ocsp/ocsp-responder-key.pem -CA certs/ocsp/root-ca-cert.pem &
+4
View File
@@ -29,6 +29,10 @@ EXTRA_DIST += \
certs/ocsp/ocsp-responder-key.der \
certs/ocsp/ocsp-responder-cert.pem \
certs/ocsp/ocsp-responder-cert.der \
certs/ocsp/ocsp-responder-int1-key.pem \
certs/ocsp/ocsp-responder-int1-key.der \
certs/ocsp/ocsp-responder-int1-cert.pem \
certs/ocsp/ocsp-responder-int1-cert.der \
certs/ocsp/server1-key.pem \
certs/ocsp/server1-key.der \
certs/ocsp/server1-cert.pem \
Binary file not shown.
+273
View File
@@ -0,0 +1,273 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1, emailAddress=info@wolfssl.com
Validity
Not Before: May 27 16:15:23 2026 GMT
Not After : Feb 20 16:15:23 2029 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL OCSP Responder Int1, emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:98:82:f0:e7:da:58:cf:85:0b:a4:de:34:41:3f:
79:5a:ff:75:78:95:c6:89:5c:b7:2e:c4:6d:05:73:
a5:b1:45:58:72:3e:2c:e2:c0:17:87:fe:b4:64:82:
00:fd:56:7d:8a:73:8d:6f:88:77:bb:98:56:a8:b6:
28:36:a8:0c:9f:d6:7a:25:1d:ad:10:b8:d0:19:7c:
80:70:9c:80:26:95:53:42:1c:90:4e:27:ed:f5:6e:
87:6f:2e:eb:92:95:e0:6f:53:fe:be:17:a9:7f:e6:
b7:09:4b:63:9c:08:97:c8:b3:36:75:38:6d:3e:ff:
d8:e1:22:75:57:1a:5f:60:30:4d:1b:bc:2f:99:7f:
02:ef:df:24:25:88:57:91:7b:2c:6f:f7:98:90:29:
9f:12:66:a9:3e:73:c4:81:73:e7:9c:eb:22:f5:6c:
d5:23:e0:7b:ba:a6:ca:16:a3:33:f9:2e:52:a3:a8:
c9:f1:dd:85:1f:c1:94:0b:1e:8f:b7:48:be:20:d0:
da:bd:3b:85:8e:92:c1:f0:7c:ec:2e:c5:27:a0:4e:
22:c5:c2:4d:1b:66:e7:ac:57:8c:34:2b:a5:55:e9:
34:9c:7f:33:29:d0:4e:cb:1a:1a:02:17:b2:45:a3:
49:05:5d:00:79:85:50:91:c0:3d:30:cb:84:0a:9a:
2d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
90:3C:B9:FB:15:20:AB:F6:6F:D3:F1:C9:71:B0:D0:1D:97:C6:A5:C5
X509v3 Authority Key Identifier:
keyid:83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:01
X509v3 Extended Key Usage:
OCSP Signing
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
3c:42:b5:c3:a3:1a:d7:2d:c6:6a:3d:b2:5c:18:49:85:26:65:
85:af:c2:2e:46:dc:a1:1c:8d:22:86:fc:a9:73:02:79:60:3e:
e7:f8:cc:ff:c9:b1:38:e0:96:4f:31:b8:e5:b5:0c:b0:1d:1c:
c2:27:29:c7:3f:70:86:5a:61:2e:11:c7:81:75:8a:72:f8:75:
0c:84:be:65:44:98:ce:29:87:02:30:ed:42:47:fc:75:d9:88:
73:64:ad:6b:cd:32:96:55:ea:b5:fb:8e:21:ce:02:59:dc:3e:
9f:33:40:66:c4:be:f0:71:88:ce:f5:98:79:2d:dd:58:2b:28:
bf:09:89:88:05:3e:36:de:e6:b1:9a:fc:4a:80:1b:00:fd:c9:
2a:46:ce:8c:64:81:b8:25:c9:7d:d2:31:05:2c:49:57:e9:84:
c0:a4:dc:f6:20:7e:fb:c1:d7:c5:bc:ea:07:bf:e6:10:a0:53:
25:4f:7e:c5:77:a8:b4:c6:98:2c:72:76:49:ea:e5:45:bb:c4:
e5:fc:4b:9c:08:64:b4:2f:bf:97:8e:84:84:d7:30:82:7f:32:
25:73:00:d5:58:44:2b:4a:2c:08:79:86:50:0f:e9:e7:94:d1:
d4:0e:4f:a9:e0:ab:ba:8b:e8:1a:be:90:92:64:39:10:35:90:
09:7f:ed:69
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBCjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTI2MDUyNzE2MTUyM1oXDTI5MDIyMDE2MTUyM1owgaMxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEkMCIGA1UEAwwbd29s
ZlNTTCBPQ1NQIFJlc3BvbmRlciBJbnQxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmILw59pY
z4ULpN40QT95Wv91eJXGiVy3LsRtBXOlsUVYcj4s4sAXh/60ZIIA/VZ9inONb4h3
u5hWqLYoNqgMn9Z6JR2tELjQGXyAcJyAJpVTQhyQTift9W6Hby7rkpXgb1P+vhep
f+a3CUtjnAiXyLM2dThtPv/Y4SJ1VxpfYDBNG7wvmX8C798kJYhXkXssb/eYkCmf
EmapPnPEgXPnnOsi9WzVI+B7uqbKFqMz+S5So6jJ8d2FH8GUCx6Pt0i+INDavTuF
jpLB8HzsLsUnoE4ixcJNG2bnrFeMNCulVek0nH8zKdBOyxoaAheyRaNJBV0AeYVQ
kcA9MMuECpotbQIDAQABo4IBCjCCAQYwCQYDVR0TBAIwADAdBgNVHQ4EFgQUkDy5
+xUgq/Zv0/HJcbDQHZfGpcUwgcQGA1UdIwSBvDCBuYAUg8Y6iSyB9ALXnUziKsBx
gmRE2g6hgZ2kgZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9u
MRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtF
bmdpbmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tggEBMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0G
CSqGSIb3DQEBCwUAA4IBAQA8QrXDoxrXLcZqPbJcGEmFJmWFr8IuRtyhHI0ihvyp
cwJ5YD7n+Mz/ybE44JZPMbjltQywHRzCJynHP3CGWmEuEceBdYpy+HUMhL5lRJjO
KYcCMO1CR/x12YhzZK1rzTKWVeq1+44hzgJZ3D6fM0BmxL7wcYjO9Zh5Ld1YKyi/
CYmIBT423uaxmvxKgBsA/ckqRs6MZIG4Jcl90jEFLElX6YTApNz2IH77wdfFvOoH
v+YQoFMlT37Fd6i0xpgscnZJ6uVFu8Tl/EucCGS0L7+XjoSE1zCCfzIlcwDVWEQr
SiwIeYZQD+nnlNHUDk+p4Ku6i+gavpCSZDkQNZAJf+1p
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA, emailAddress=info@wolfssl.com
Validity
Not Before: Nov 13 20:41:34 2025 GMT
Not After : Aug 9 20:41:34 2028 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1, emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
77:ec:89:37:d4:35:2e:24:fd:d2:de:d9:98:87:be:52:ae:b5:
d4:f6:13:34:12:2c:f0:78:98:07:9f:f7:e4:76:df:6e:eb:97:
c7:03:a3:e6:15:6e:e2:94:16:6b:ed:59:a9:4a:10:a0:cc:c2:
61:78:c7:fb:1c:04:4a:20:c1:fc:94:c6:99:b0:3a:8c:2f:2b:
7d:15:30:53:c7:9b:73:54:6f:4d:16:a6:ab:2d:8a:51:70:1f:
1b:8e:60:0b:56:8b:f2:94:01:fd:81:5f:73:cb:ed:5e:cc:4a:
71:c1:a9:1a:d7:c7:2b:5a:66:02:77:da:10:e8:45:42:a0:7c:
ef:78:ff:dd:08:f6:84:2f:41:f5:18:c9:a2:48:d1:5d:b6:a4:
4d:32:af:83:5d:b9:64:ec:40:e9:62:38:ef:1b:d1:8e:c9:e8:
fd:b3:e8:e1:a1:da:16:1e:26:3c:82:36:cb:8d:80:67:33:ca:
30:bf:93:03:c8:9c:be:a2:6f:aa:7c:76:24:3d:06:99:ab:a7:
fe:12:f3:db:fd:a0:8a:b5:0d:c1:9c:90:b7:ca:7e:6d:fb:ff:
2a:c3:fe:7c:9f:41:e8:c2:7f:4f:fa:4b:49:c4:a0:d0:bc:fd:
38:34:22:ff:d5:83:79:70:7f:6c:30:8d:ad:93:fb:b8:77:01:
34:af:cc:0e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjUx
MTEzMjA0MTM0WhcNMjgwODA5MjA0MTM0WjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAHfsiTfUNS4k/dLe2ZiHvlKutdT2EzQSLPB4mAef9+R2327rl8cDo+YVbuKU
FmvtWalKEKDMwmF4x/scBEogwfyUxpmwOowvK30VMFPHm3NUb00WpqstilFwHxuO
YAtWi/KUAf2BX3PL7V7MSnHBqRrXxytaZgJ32hDoRUKgfO94/90I9oQvQfUYyaJI
0V22pE0yr4NduWTsQOliOO8b0Y7J6P2z6OGh2hYeJjyCNsuNgGczyjC/kwPInL6i
b6p8diQ9Bpmrp/4S89v9oIq1DcGckLfKfm37/yrD/nyfQejCf0/6S0nEoNC8/Tg0
Iv/Vg3lwf2wwja2T+7h3ATSvzA4=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA, emailAddress=info@wolfssl.com
Validity
Not Before: Nov 13 20:41:34 2025 GMT
Not After : Aug 9 20:41:34 2028 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA, emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
58:41:01:e5:1b:ce:bc:51:0c:23:b2:66:df:39:d9:1e:b1:bd:
9a:db:fa:da:16:83:26:6e:7e:2e:f9:5d:46:9a:52:a0:09:6f:
f2:c0:96:ba:49:ad:29:54:06:e9:21:d6:36:5e:d5:43:07:2c:
5d:4e:b7:bf:7c:e5:91:75:ea:0d:56:7c:a3:fd:82:d8:2e:70:
fa:fc:ab:36:36:d5:ba:63:d5:42:da:21:b4:50:9a:86:8a:df:
21:26:03:e8:ca:6f:c7:51:50:6c:cc:40:da:4e:8f:06:15:c0:
9a:0d:7a:80:2c:95:aa:5a:ad:e2:66:b0:32:d6:74:87:ea:7a:
b2:46:d5:2c:cf:fa:18:8a:2f:e0:3a:ae:17:6a:f2:ce:75:8d:
e4:4d:74:8f:e7:c6:21:29:65:5d:41:07:fb:29:d9:be:ea:b2:
e3:80:07:8c:14:8d:a3:7d:d1:51:af:26:9d:cd:01:d5:80:af:
68:12:41:2b:eb:94:cc:45:d1:c7:66:f3:f9:15:72:be:94:e3:
21:6d:f1:08:78:b6:5a:ee:73:09:4b:f4:1a:5e:02:2a:25:f0:
3d:d2:03:f2:22:15:4b:3d:aa:35:ea:90:ca:44:4e:61:77:db:
b4:94:46:77:c6:8c:33:09:b6:84:3c:4e:ac:ad:9d:e0:2f:22:
5a:be:25:19
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjUx
MTEzMjA0MTM0WhcNMjgwODA5MjA0MTM0WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWEEB5RvO
vFEMI7Jm3znZHrG9mtv62haDJm5+LvldRppSoAlv8sCWukmtKVQG6SHWNl7VQwcs
XU63v3zlkXXqDVZ8o/2C2C5w+vyrNjbVumPVQtohtFCahorfISYD6Mpvx1FQbMxA
2k6PBhXAmg16gCyVqlqt4mawMtZ0h+p6skbVLM/6GIov4DquF2ryznWN5E10j+fG
ISllXUEH+ynZvuqy44AHjBSNo33RUa8mnc0B1YCvaBJBK+uUzEXRx2bz+RVyvpTj
IW3xCHi2Wu5zCUv0Gl4CKiXwPdID8iIVSz2qNeqQykROYXfbtJRGd8aMMwm2hDxO
rK2d4C8iWr4lGQ==
-----END CERTIFICATE-----
Binary file not shown.
+28
View File
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCYgvDn2ljPhQuk
3jRBP3la/3V4lcaJXLcuxG0Fc6WxRVhyPiziwBeH/rRkggD9Vn2Kc41viHe7mFao
tig2qAyf1nolHa0QuNAZfIBwnIAmlVNCHJBOJ+31bodvLuuSleBvU/6+F6l/5rcJ
S2OcCJfIszZ1OG0+/9jhInVXGl9gME0bvC+ZfwLv3yQliFeReyxv95iQKZ8SZqk+
c8SBc+ec6yL1bNUj4Hu6psoWozP5LlKjqMnx3YUfwZQLHo+3SL4g0Nq9O4WOksHw
fOwuxSegTiLFwk0bZuesV4w0K6VV6TScfzMp0E7LGhoCF7JFo0kFXQB5hVCRwD0w
y4QKmi1tAgMBAAECggEAExWnocvP+z/x4hKwRU31GK8I+yr66iuA/Mg1wE3leRZt
Z/Zh1YomJ61203D1QL52/UFSfJd+LCp3BautwpEq60GCjWx2QLZvzBCpXe4nlyxu
e8JpSG50t5a6Oe6MKg65RBUltpHtcwTi+LXHZDorDEFo2ihSe2S2tg2C04CIWNfh
CkvSCtth7HmLYtNtQJzjHY7N+I2PQDFW/VxeXBlnVHpyVFqJj3m3t6WFJS9P9Z+J
0VX3iz1UZjdSZec7V0KwIaKQS8+24f2gPIzNM4O488rh6sB8SVZBdHdioDdE3gVv
YuGEVaB1nLqCYKuuzhi5k16n020/OkXL/UdUFy6AIQKBgQDGm0qXuF6xfwW45CVM
cjMG5Q44XRAgfWe3s7N3wzC4ympbd6d/xZuiKKOJuQnHbGMRBwmB7qwjXdsz0hTw
ywC69JwzlCtur3ylfadUsQYhQJOnV2qO15+gnrOVWsJiNFpGRUlyUw3t4mcKbrsn
8VPNj4gKO+6hctkNGfKW+a/iyQKBgQDElZTDR4AgP9N2C2O6TbH585yRklp14Wy5
NP2NwDyFQyLjb4Jo4K3yeBikA+77VSbsTZ84/cPrbs/5nBi4uRYuDY+2GdxH46jB
Ywm60UgkE0FP1YeAhpAoOIktpTDKWTTcablSHMBXkdKF4KZRxftFxC0T5JchwoD6
vT+VPYkDhQKBgQDGI9GkUg0u2cH0trA7d0dPHqA0PSxErbgW/tISropiIZdAT7ys
7ZGakx6s3Q1Tht/C8hlbJqlX02BIb9PycyT0X+uiTbWTBMK/O///r2ilLg7hCYZG
ofogPZR+cgCyBvb1WlSvGQsxhAk20EgpzkrELukTBL3LFpBS0MtEMjB2eQKBgQCi
Ryhqm5d1B7sz8ur8XC7TOvrAYKQ0M0ZhDRFR9qL/DxC51s88bFyrj+AnZOfeqchb
wSfzD+ivbOZaEzWFJ6Tbl25O0MI6xgAExBDAGwsGXK7JjGcy/eH6kdEL0RWZtFIi
sVO+KOXOZB35Th1924U1bmAXz9fCkqGOWrMmK4nzUQKBgCgiCQcgsqpfSIfFknD6
HTHlCV3+tJAeaimw9C9ctxvT6/JlfU/nWQCCi7cAiHp+cYoQmzE7TKAlhdIOgx5Z
MRPoZstFgVHu5VvLRJZEIXBXmGg5hEZilwOUpRXAtC2Nm7yA9J6vrjAyp10jnk+K
NbOQKX7lqmFEo8pmTXqIhwyg
-----END PRIVATE KEY-----
+12 -3
View File
@@ -131,6 +131,13 @@ update_cert intermediate3-ca "wolfSSL REVOKED intermediate CA" root-ca
update_cert ocsp-responder "wolfSSL OCSP Responder" root-ca v3_ocsp 04
# Delegated OCSP responder issued directly by intermediate1-ca. RFC 6960
# 4.2.2.2 authorizes a delegated responder only for the CA that issued it.
# We keep one (int1) to exercise the delegated-responder path in the live
# tests; the intermediate2/3 responders sign their OCSP responses directly
# with the CA key (the CA-direct path), so no extra responder certs are needed.
update_cert ocsp-responder-int1 "wolfSSL OCSP Responder Int1" intermediate1-ca v3_ocsp 10
update_cert server1 "www1.wolfssl.com" intermediate1-ca v3_req1 05
update_cert server2 "www2.wolfssl.com" intermediate1-ca v3_req1 06 # REVOKED
update_cert server3 "www3.wolfssl.com" intermediate2-ca v3_req2 07
@@ -153,10 +160,12 @@ openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -cert
kill $PID
wait $PID
# Create a response DER buffer for testing leaf certificate
# Create a response DER buffer for testing leaf certificate. Signed by the
# intermediate1-issued responder (RFC 6960 4.2.2.2 requires the delegated
# responder to be directly issued by the CA named in the CertID).
openssl ocsp -port 22221 -ndays 1000 -index \
./index-intermediate1-ca-issued-certs.txt -rsigner ocsp-responder-cert.pem \
-rkey ocsp-responder-key.pem -CA intermediate1-ca-cert.pem -partial_chain &
./index-intermediate1-ca-issued-certs.txt -rsigner ocsp-responder-int1-cert.pem \
-rkey ocsp-responder-int1-key.pem -CA intermediate1-ca-cert.pem -partial_chain &
PID=$!
sleep 1 # Make sure server is ready
Binary file not shown.
+2 -2
View File
@@ -363,8 +363,8 @@ fi
# purposes!
openssl ocsp -port "$port2" -nmin 1 \
-index certs/ocsp/index-intermediate1-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-rsigner certs/ocsp/ocsp-responder-int1-cert.pem \
-rkey certs/ocsp/ocsp-responder-int1-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \
"$@" &
+4 -4
View File
@@ -335,8 +335,8 @@ openssl ocsp -port "$port1" -nmin 1 \
# purposes!
openssl ocsp -port "$port2" -nmin 1 \
-index certs/ocsp/index-intermediate2-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-rsigner certs/ocsp/intermediate2-ca-cert.pem \
-rkey certs/ocsp/intermediate2-ca-key.pem \
-CA certs/ocsp/intermediate2-ca-cert.pem \
"$@" \
&
@@ -346,8 +346,8 @@ openssl ocsp -port "$port2" -nmin 1 \
# purposes!
openssl ocsp -port "$port3" -nmin 1 \
-index certs/ocsp/index-intermediate3-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-rsigner certs/ocsp/intermediate3-ca-cert.pem \
-rkey certs/ocsp/intermediate3-ca-key.pem \
-CA certs/ocsp/intermediate3-ca-cert.pem \
"$@" \
&
+4 -4
View File
@@ -353,8 +353,8 @@ openssl ocsp -port "$port1" -nmin 1 \
# purposes!
openssl ocsp -port "$port2" -nmin 1 \
-index certs/ocsp/index-intermediate2-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-rsigner certs/ocsp/intermediate2-ca-cert.pem \
-rkey certs/ocsp/intermediate2-ca-key.pem \
-CA certs/ocsp/intermediate2-ca-cert.pem \
"$@" \
&
@@ -364,8 +364,8 @@ openssl ocsp -port "$port2" -nmin 1 \
# purposes!
openssl ocsp -port "$port3" -nmin 1 \
-index certs/ocsp/index-intermediate3-ca-issued-certs.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-rsigner certs/ocsp/intermediate3-ca-cert.pem \
-rkey certs/ocsp/intermediate3-ca-key.pem \
-CA certs/ocsp/intermediate3-ca-cert.pem \
"$@" \
&
+1
View File
@@ -34574,6 +34574,7 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_inject),
TEST_DECL(test_ocsp_status_callback),
TEST_DECL(test_ocsp_basic_verify),
TEST_DECL(test_ocsp_ancestor_responder_rejected),
TEST_DECL(test_ocsp_responder_keyhash_binding),
TEST_DECL(test_ocsp_response_parsing),
TEST_DECL(test_ocsp_certid_enc_dec),
+19 -1
View File
@@ -421,6 +421,23 @@ if __name__ == '__main__':
'name': 'resp_bad_embedded_cert'
},
{
# intermediate1 signs OCSP for its subordinate server1
'response_status': 0,
'signature_algorithm': signature_algorithm(),
'responder_by_name': True,
'responder_cert': WOLFSSL_OCSP_CERT_PATH + 'intermediate1-ca-cert.pem',
'responses': [
{
'issuer_cert': WOLFSSL_OCSP_CERT_PATH + 'intermediate1-ca-cert.pem',
'serial': 0x05,
'status': CERT_GOOD
}
],
'responder_key': WOLFSSL_OCSP_CERT_PATH + 'intermediate1-ca-key.pem',
'name': 'resp_server1_cert'
},
{
# Ancestor-issued responder; rejected by RFC 6960 4.2.2.2 enforcement
'response_status': 0,
'signature_algorithm': signature_algorithm(),
'certs_path': [WOLFSSL_OCSP_CERT_PATH + 'ocsp-responder-cert.pem'],
@@ -433,7 +450,7 @@ if __name__ == '__main__':
}
],
'responder_key': WOLFSSL_OCSP_CERT_PATH + 'ocsp-responder-key.pem',
'name': 'resp_server1_cert'
'name': 'resp_server1_cert_ancestor_responder'
},
{
'response_status': 0,
@@ -557,6 +574,7 @@ if __name__ == '__main__':
add_certificate(WOLFSSL_OCSP_CERT_PATH + '../server-cert.pem', f)
add_certificate(WOLFSSL_OCSP_CERT_PATH + 'intermediate1-ca-cert.pem', f)
add_certificate(WOLFSSL_OCSP_CERT_PATH + 'imposter-root-ca-cert.pem', f)
add_certificate(WOLFSSL_OCSP_CERT_PATH + 'server1-cert.pem', f)
br = create_bad_response({
'response_status': 0,
'responder_by_key': True,
+165 -240
View File
@@ -2933,253 +2933,178 @@ int test_wolfSSL_CertManagerCheckOCSPResponse(void)
* - Run responder with
* openssl ocsp -port 9999 -ndays 9999
* -index certs/ocsp/index-intermediate1-ca-issued-certs.txt
* -rsigner certs/ocsp/ocsp-responder-cert.pem
* -rkey certs/ocsp/ocsp-responder-key.pem
* -rsigner certs/ocsp/intermediate1-ca-cert.pem
* -rkey certs/ocsp/intermediate1-ca-key.pem
* -CA certs/ocsp/intermediate1-ca-cert.pem
* - Run client with
* openssl ocsp -host 127.0.0.1:9999 -respout resp.out
* -issuer certs/ocsp/intermediate1-ca-cert.pem
* -cert certs/ocsp/server1-cert.pem
* -CAfile certs/ocsp/root-ca-cert.pem -noverify
* - Select the response packet in Wireshark, and export it using
* "File->Export Packet Dissection->As "C" Arrays". Select "Selected
* packets only". After importing into the editor, remove the initial
* ~148 bytes of header, ending with the Content-Length and the \r\n\r\n.
* - Convert resp.out to a C array (e.g. xxd -i -c 12 resp.out) and paste
* the bytes below.
*/
static const byte response[] = {
0x30, 0x82, 0x07, 0x40, /* ....0..@ */
0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, /* ......90 */
0x82, 0x07, 0x35, 0x06, 0x09, 0x2b, 0x06, 0x01, /* ..5..+.. */
0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, /* ...0.... */
0x07, 0x26, 0x30, 0x82, 0x07, 0x22, 0x30, 0x82, /* .&0.."0. */
0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, /* .@...0.. */
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, /* ring1.0. */
0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, /* olfSSL O */
0x43, 0x53, 0x50, 0x20, 0x52, 0x65, 0x73, 0x70, /* CSP Resp */
0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, /* onder1.0 */
0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, /* ...*.H.. */
0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, /* ......in */
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, /* sl.com.. */
0x32, 0x30, 0x32, 0x34, 0x31, 0x32, 0x32, 0x30, /* 20241220 */
0x31, 0x37, 0x30, 0x37, 0x30, 0x34, 0x5a, 0x30, /* 170704Z0 */
0x64, 0x30, 0x62, 0x30, 0x3a, 0x30, 0x09, 0x06, /* d0b0:0.. */
0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, /* .+...... */
0x04, 0x14, 0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, /* ..qM.#@Y */
0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, /* ...7C.1. */
0xba, 0xb1, 0x43, 0x18, 0xda, 0x04, 0x04, 0x14, /* ..C..... */
0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, /* ..:.,... */
0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, /* ..L.*.q. */
0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, /* dD...... */
0x00, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x34, 0x31, /* ...20241 */
0x32, 0x32, 0x30, 0x31, 0x37, 0x30, 0x37, 0x30, /* 22017070 */
0x34, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30, /* 4Z....20 */
0x35, 0x32, 0x30, 0x35, 0x30, 0x36, 0x31, 0x37, /* 52050617 */
0x30, 0x37, 0x30, 0x34, 0x5a, 0xa1, 0x23, 0x30, /* 0704Z.#0 */
0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, /* !0...+.. */
0x05, 0x05, 0x07, 0x30, 0x01, 0x02, 0x04, 0x12, /* ...0.... */
0x04, 0x10, 0x12, 0x7c, 0x27, 0xbd, 0x22, 0x28, /* ...|'."( */
0x5e, 0x62, 0x81, 0xed, 0x6d, 0x2c, 0x2d, 0x59, /* ^b..m,-Y */
0x42, 0xd7, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, /* B.0...*. */
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, /* H....... */
0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x6c, 0xce, /* ......l. */
0xa8, 0xe8, 0xfe, 0xaf, 0x33, 0xe2, 0xce, 0x4e, /* ....3..N */
0x63, 0x8d, 0x61, 0x16, 0x0f, 0x70, 0xb2, 0x0c, /* c.a..p.. */
0x9a, 0xe3, 0x01, 0xd5, 0xca, 0xe5, 0x9b, 0x70, /* .......p */
0x81, 0x6f, 0x94, 0x09, 0xe8, 0x88, 0x98, 0x1a, /* .o...... */
0x67, 0xa0, 0xc2, 0xe7, 0x8f, 0x9b, 0x5f, 0x13, /* g....._. */
0x17, 0x8d, 0x93, 0x8c, 0x31, 0x61, 0x7d, 0x72, /* ....1a}r */
0x34, 0xbd, 0x21, 0x48, 0xca, 0xb2, 0xc9, 0xae, /* 4.!H.... */
0x28, 0x5f, 0x97, 0x19, 0xcb, 0xdf, 0xed, 0xd4, /* (_...... */
0x6e, 0x89, 0x30, 0x89, 0x11, 0xd1, 0x05, 0x08, /* n.0..... */
0x81, 0xe9, 0xa7, 0xba, 0xf7, 0x16, 0x0c, 0xbe, /* ........ */
0x48, 0x2e, 0xc0, 0x05, 0xac, 0x90, 0xc2, 0x35, /* H......5 */
0xce, 0x6c, 0x94, 0x5d, 0x2b, 0xad, 0x4f, 0x19, /* .l.]+.O. */
0xea, 0x7b, 0xd9, 0x4f, 0x49, 0x20, 0x8d, 0x98, /* .{.OI .. */
0xa9, 0xe4, 0x53, 0x6d, 0xca, 0x34, 0xdb, 0x4a, /* ..Sm.4.J */
0x28, 0xb3, 0x33, 0xfb, 0xfd, 0xcc, 0x4b, 0xfa, /* (.3...K. */
0xdb, 0x70, 0xe1, 0x96, 0xc8, 0xd4, 0xf1, 0x85, /* .p...... */
0x99, 0xaf, 0x06, 0xeb, 0xfd, 0x96, 0x21, 0x86, /* ......!. */
0x81, 0xee, 0xcf, 0xd2, 0xf4, 0x83, 0xc9, 0x1d, /* ........ */
0x8f, 0x42, 0xd1, 0xc1, 0xbc, 0x50, 0x0a, 0xfb, /* .B...P.. */
0x95, 0x39, 0x4c, 0x36, 0xa8, 0xfe, 0x2b, 0x8e, /* .9L6..+. */
0xc5, 0xb5, 0xe0, 0xab, 0xdb, 0xc0, 0xbf, 0x1d, /* ........ */
0x35, 0x4d, 0xc0, 0x52, 0xfb, 0x08, 0x04, 0x4c, /* 5M.R...L */
0x98, 0xf0, 0xb5, 0x5b, 0xff, 0x99, 0x74, 0xce, /* ...[..t. */
0xb7, 0xc9, 0xe3, 0xe5, 0x70, 0x2e, 0xd3, 0x1d, /* ....p... */
0x46, 0x38, 0xf9, 0x51, 0x17, 0x73, 0xd1, 0x08, /* F8.Q.s.. */
0x8d, 0x3d, 0x12, 0x47, 0xd0, 0x66, 0x77, 0xaf, /* .=.G.fw. */
0xfd, 0x4c, 0x75, 0x1f, 0xe9, 0x6c, 0xf4, 0x5a, /* .Lu..l.Z */
0xde, 0xec, 0x37, 0xc7, 0xc4, 0x0a, 0xbe, 0x91, /* ..7..... */
0xbc, 0x05, 0x08, 0x86, 0x47, 0x30, 0x2a, 0xc6, /* ....G0*. */
0x85, 0x4b, 0x55, 0x6c, 0xef, 0xdf, 0x2d, 0x5a, /* .KUl..-Z */
0xf7, 0x5b, 0xb5, 0xba, 0xed, 0x38, 0xb0, 0xcb, /* .[...8.. */
0xeb, 0x7e, 0x84, 0x3a, 0x69, 0x2c, 0xa0, 0x82, /* .~.:i,.. */
0x04, 0xc6, 0x30, 0x82, 0x04, 0xc2, 0x30, 0x82, /* ..0...0. */
0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, /* ..0..... */
0x02, 0x01, 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, /* ......0. */
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* ..*.H... */
0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x97, /* .....0.. */
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, /* ring1.0. */
0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, /* ..U....w */
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, /* olfSSL r */
0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, /* oot CA1. */
0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, /* 0...*.H. */
0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, /* .......i */
0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, /* nfo@wolf */
0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, /* ssl.com0 */
0x1e, 0x17, 0x0d, 0x32, 0x34, 0x31, 0x32, 0x31, /* ...24121 */
0x38, 0x32, 0x31, 0x32, 0x35, 0x33, 0x31, 0x5a, /* 8212531Z */
0x17, 0x0d, 0x32, 0x37, 0x30, 0x39, 0x31, 0x34, /* ..270914 */
0x32, 0x31, 0x32, 0x35, 0x33, 0x31, 0x5a, 0x30, /* 212531Z0 */
0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, /* ..1.0... */
0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, /* U....US1 */
0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, /* .0...U.. */
0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, /* ..Washin */
0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, /* gton1.0. */
0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, /* ..U....S */
0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, /* eattle1. */
0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, /* 0...U... */
0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, /* ...Engin */
0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, /* eering1. */
0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, /* 0...U... */
0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
0x20, 0x4f, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, /* OCSP Re */
0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, /* sponder1 */
0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, /* .0...*.H */
0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, /* ........ */
0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, /* info@wol */
0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, /* fssl.com */
0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, /* 0.."0... */
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, /* ........ */
0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, /* 0....... */
0x00, 0xb8, 0xba, 0x23, 0xb4, 0xf6, 0xc3, 0x7b, /* ...#...{ */
0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, /* .....a.. */
0x1e, 0x63, 0xb9, 0x85, 0x23, 0x34, 0x50, 0x6d, /* .c..#4Pm */
0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, /* .|.....u */
0x5c, 0x2d, 0xf7, 0x63, 0x88, 0xd1, 0x07, 0x7a, /* \-.c...z */
0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, /* ..E5+... */
0x22, 0xb4, 0x94, 0x41, 0x38, 0xe2, 0x9d, 0x74, /* "..A8..t */
0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, /* ..0".Q.. */
0xca, 0x3f, 0x46, 0x2b, 0xfe, 0xe5, 0x5a, 0x3f, /* .?F+..Z? */
0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, /* Atgu.... */
0xc3, 0xee, 0x42, 0xf8, 0x8d, 0xeb, 0x92, 0x95, /* ..B..... */
0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, /* ..e.C... */
0x16, 0x80, 0x90, 0xce, 0x24, 0x35, 0x21, 0xc4, /* ....$5!. */
0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, /* U.ZQ..-. */
0x0a, 0x5a, 0x4f, 0x4a, 0x73, 0x31, 0x50, 0xee, /* .ZOJs1P. */
0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, /* J..9...H */
0x87, 0xb1, 0x99, 0xe2, 0x10, 0xa7, 0x06, 0x72, /* .......r */
0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, /* g.\..... */
0x76, 0xf8, 0xe0, 0x4a, 0xec, 0xbc, 0x93, 0xf4, /* v..J.... */
0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, /* fL(q..f. */
0xb4, 0x90, 0x30, 0xbb, 0x17, 0xb0, 0xfe, 0x97, /* ..0..... */
0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, /* ....]... */
0x19, 0x12, 0x3c, 0xab, 0x82, 0x71, 0x78, 0xff, /* ..<..qx. */
0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, /* .?2..q.. */
0x8c, 0x27, 0xac, 0x11, 0xb8, 0xd8, 0x43, 0x49, /* .'....CI */
0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, /* ..p..... */
0x24, 0x87, 0x17, 0x3b, 0xd8, 0x04, 0x65, 0x6c, /* $..;..el */
0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, /* .vP..... */
0x73, 0x68, 0x26, 0x14, 0x87, 0x95, 0xc3, 0x5f, /* sh&...._ */
0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, /* na...... */
0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, /* .et|qTe. */
0x39, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, /* 9....... */
0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, /* ..0...0. */
0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, /* ..U....0 */
0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, /* .0...U.. */
0x04, 0x16, 0x04, 0x14, 0x32, 0x67, 0xe1, 0xb1, /* ....2g.. */
0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, /* y....#.p */
0x40, 0x50, 0xb5, 0x46, 0x56, 0xb8, 0x30, 0x36, /* @P.FV.06 */
0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, /* 0....U.# */
0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14, /* ...0.... */
0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, /* s.../... */
0x47, 0xa5, 0x38, 0xd7, 0xb0, 0x04, 0x82, 0x3a, /* G.8....: */
0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, /* ~r.!.... */
0x81, 0x9a, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, /* ..0..1.0 */
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, /* ...U.... */
0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, /* US1.0... */
0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, /* U....Was */
0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, /* hington1 */
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, /* .0...U.. */
0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, /* ..Seattl */
0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, /* e1.0...U */
0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, /* SSL1.0.. */
0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, /* .U....En */
0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, /* gineerin */
0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, /* g1.0...U */
0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, /* SSL root */
0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, /* CA1.0.. */
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* .*.H.... */
0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, /* ....info */
0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, /* @wolfssl */
0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, /* .com..c0 */
0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, /* ...U.%.. */
0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, /* 0...+... */
0x05, 0x07, 0x03, 0x09, 0x30, 0x0d, 0x06, 0x09, /* ....0... */
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, /* ........ */
0x4d, 0xa2, 0xd8, 0x55, 0xe0, 0x2b, 0xf4, 0xad, /* M..U.+.. */
0x65, 0xe2, 0x92, 0x35, 0xcb, 0x60, 0xa0, 0xa2, /* e..5.`.. */
0x6b, 0xa6, 0x88, 0xc1, 0x86, 0x58, 0x57, 0x37, /* k....XW7 */
0xbd, 0x2e, 0x28, 0x6e, 0x1c, 0x56, 0x2a, 0x35, /* ..(n.V*5 */
0xde, 0xff, 0x3e, 0x8e, 0x3d, 0x47, 0x21, 0x1a, /* ..>.=G!. */
0xe9, 0xd3, 0xc6, 0xb4, 0xe2, 0xcb, 0x3e, 0xc6, /* ......>. */
0xaf, 0x9b, 0xef, 0x23, 0x88, 0x56, 0x95, 0x73, /* ...#.V.s */
0x2e, 0xb3, 0xed, 0xc5, 0x11, 0x4b, 0x69, 0xf7, /* .....Ki. */
0x13, 0x3a, 0x05, 0xe1, 0xaf, 0xba, 0xc9, 0x59, /* .:.....Y */
0xfd, 0xe2, 0xa0, 0x81, 0xa0, 0x4c, 0x0c, 0x2c, /* .....L., */
0xcb, 0x57, 0xad, 0x96, 0x3a, 0x8c, 0x32, 0xa6, /* .W..:.2. */
0x4a, 0xf8, 0x72, 0xb8, 0xec, 0xb3, 0x26, 0x69, /* J.r...&i */
0xd6, 0x6a, 0x4c, 0x4c, 0x78, 0x18, 0x3c, 0xca, /* .jLLx.<. */
0x19, 0xf1, 0xb5, 0x8e, 0x23, 0x81, 0x5b, 0x27, /* ....#.[' */
0x90, 0xe0, 0x5c, 0x2b, 0x17, 0x4d, 0x78, 0x99, /* ..\+.Mx. */
0x6b, 0x25, 0xbd, 0x2f, 0xae, 0x1b, 0xaa, 0xce, /* k%./.... */
0x84, 0xb9, 0x44, 0x21, 0x46, 0xc0, 0x34, 0x6b, /* ..D!F.4k */
0x5b, 0xb9, 0x1b, 0xca, 0x5c, 0x60, 0xf1, 0xef, /* [...\`.. */
0xe6, 0x66, 0xbc, 0x84, 0x63, 0x56, 0x50, 0x7d, /* .f..cVP} */
0xbb, 0x2c, 0x2f, 0x7b, 0x47, 0xb4, 0xfd, 0x58, /* .,/{G..X */
0x77, 0x87, 0xee, 0x27, 0x20, 0x96, 0x72, 0x8e, /* w..' .r. */
0x4c, 0x7e, 0x4f, 0x93, 0xeb, 0x5f, 0x8f, 0x9c, /* L~O.._.. */
0x1e, 0x59, 0x7a, 0x96, 0xaa, 0x53, 0x77, 0x22, /* .Yz..Sw" */
0x41, 0xd8, 0xd3, 0xf9, 0x89, 0x8f, 0xe8, 0x9d, /* A....... */
0x65, 0xbd, 0x0c, 0x71, 0x3c, 0xbb, 0xa3, 0x07, /* e..q<... */
0xbf, 0xfb, 0xa8, 0xd1, 0x18, 0x0a, 0xb4, 0xc4, /* ........ */
0xf7, 0x83, 0xb3, 0x86, 0x2b, 0xf0, 0x5b, 0x05, /* ....+.[. */
0x28, 0xc1, 0x01, 0x31, 0x73, 0x5c, 0x2b, 0xbd, /* (..1s\+. */
0x60, 0x97, 0xa3, 0x36, 0x82, 0x96, 0xd7, 0x83, /* `..6.... */
0xdf, 0x75, 0xee, 0x29, 0x42, 0x97, 0x86, 0x41, /* .u.)B..A */
0x55, 0xb9, 0x70, 0x87, 0xd5, 0x02, 0x85, 0x13, /* U.p..... */
0x41, 0xf8, 0x25, 0x05, 0xab, 0x6a, 0xaa, 0x57 /* A.%..j.W */
0x30, 0x82, 0x07, 0x75, 0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x6e, 0x30,
0x82, 0x07, 0x6a, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
0x01, 0x01, 0x04, 0x82, 0x07, 0x5b, 0x30, 0x82, 0x07, 0x57, 0x30, 0x82,
0x01, 0x43, 0xa1, 0x81, 0xa4, 0x30, 0x81, 0xa1, 0x31, 0x0b, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30,
0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68,
0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65,
0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77,
0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65,
0x72, 0x69, 0x6e, 0x67, 0x31, 0x22, 0x30, 0x20, 0x06, 0x03, 0x55, 0x04,
0x03, 0x0c, 0x19, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x69,
0x6e, 0x74, 0x65, 0x72, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74, 0x65, 0x20,
0x43, 0x41, 0x20, 0x31, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66,
0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f,
0x6d, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x36, 0x30, 0x35, 0x32, 0x36, 0x31,
0x35, 0x30, 0x35, 0x30, 0x31, 0x5a, 0x30, 0x64, 0x30, 0x62, 0x30, 0x3a,
0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04,
0x14, 0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43,
0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04, 0x04, 0x14, 0x83,
0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a,
0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, 0x00,
0x18, 0x0f, 0x32, 0x30, 0x32, 0x36, 0x30, 0x35, 0x32, 0x36, 0x31, 0x35,
0x30, 0x35, 0x30, 0x31, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30, 0x35,
0x33, 0x31, 0x30, 0x31, 0x30, 0x31, 0x35, 0x30, 0x35, 0x30, 0x31, 0x5a,
0xa1, 0x23, 0x30, 0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x05,
0x05, 0x07, 0x30, 0x01, 0x02, 0x04, 0x12, 0x04, 0x10, 0x8b, 0xb7, 0x65,
0x51, 0xcf, 0x19, 0x82, 0x34, 0x51, 0x0a, 0xfb, 0x1a, 0x20, 0xad, 0x7c,
0x9a, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x1a, 0x5d, 0xa2,
0xf4, 0x02, 0x97, 0x5e, 0x0f, 0xf8, 0x6d, 0x9c, 0x81, 0xc1, 0x40, 0x5c,
0xae, 0xe4, 0x4f, 0x06, 0x68, 0x5b, 0x9c, 0xc3, 0xb0, 0x48, 0x51, 0xd7,
0x28, 0x59, 0x78, 0x97, 0x4b, 0x87, 0xca, 0x91, 0x78, 0x44, 0xaa, 0x63,
0xfd, 0x2e, 0xb3, 0xd0, 0x38, 0x79, 0xc3, 0x89, 0xee, 0xa5, 0x98, 0xf9,
0xb9, 0xfc, 0x5b, 0x40, 0x5d, 0x7b, 0x0b, 0xf0, 0xd9, 0xf0, 0x31, 0x00,
0xe8, 0x31, 0x47, 0xb9, 0x58, 0x0b, 0x20, 0x0d, 0x07, 0x9e, 0x2f, 0x6e,
0xba, 0xb2, 0x6d, 0x1e, 0x03, 0x9a, 0xa9, 0xd3, 0xac, 0x8e, 0xf0, 0x7f,
0x27, 0x3f, 0xd3, 0x30, 0x11, 0x17, 0x72, 0x5c, 0x46, 0x94, 0xc8, 0xb3,
0x23, 0xdc, 0x4a, 0x93, 0xe8, 0x8a, 0xdc, 0x9e, 0x55, 0x8f, 0x2b, 0xbf,
0x9f, 0x75, 0x05, 0xfc, 0xc6, 0x6f, 0xcc, 0x90, 0x80, 0x78, 0xc3, 0x13,
0x60, 0xe2, 0x53, 0xf2, 0xeb, 0xc0, 0x1b, 0xb8, 0x88, 0x1b, 0x01, 0xf7,
0x71, 0x6e, 0x4b, 0xdc, 0xdc, 0x9b, 0x0f, 0x6d, 0x5e, 0xe3, 0x2c, 0x58,
0x3d, 0xff, 0x74, 0xbc, 0xcd, 0x91, 0x0a, 0x80, 0x4a, 0xd9, 0xb4, 0xe2,
0x88, 0x7a, 0x6d, 0x16, 0x5d, 0xbc, 0x33, 0x1e, 0xae, 0x0d, 0xa3, 0xd8,
0xcb, 0xd6, 0x94, 0x31, 0xfa, 0x03, 0x80, 0xcd, 0x36, 0xa8, 0xbc, 0xce,
0xa4, 0x0f, 0x36, 0xc5, 0x44, 0x71, 0x34, 0xab, 0xe0, 0xbd, 0x56, 0xbd,
0x9b, 0x28, 0xde, 0x85, 0xf3, 0xe7, 0x66, 0x36, 0x0f, 0x80, 0x1c, 0x94,
0x4d, 0xd0, 0xb3, 0x5d, 0xbd, 0x0b, 0x93, 0xff, 0x67, 0x35, 0x40, 0xff,
0x85, 0xb8, 0xb9, 0xa8, 0xdc, 0xda, 0x90, 0xee, 0x18, 0x10, 0x6c, 0x2f,
0x1d, 0xbd, 0x5e, 0x2a, 0x29, 0x00, 0x62, 0x82, 0x33, 0xe4, 0xac, 0x82,
0x4f, 0x79, 0x53, 0x05, 0xf2, 0x38, 0x12, 0x9a, 0x3b, 0xe2, 0xce, 0xec,
0xd3, 0xa0, 0x82, 0x04, 0xf8, 0x30, 0x82, 0x04, 0xf4, 0x30, 0x82, 0x04,
0xf0, 0x30, 0x82, 0x03, 0xd8, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01,
0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11,
0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69,
0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f,
0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72,
0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f,
0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e,
0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63,
0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x35, 0x31, 0x31, 0x31, 0x33,
0x32, 0x30, 0x34, 0x31, 0x33, 0x34, 0x5a, 0x17, 0x0d, 0x32, 0x38, 0x30,
0x38, 0x30, 0x39, 0x32, 0x30, 0x34, 0x31, 0x33, 0x34, 0x5a, 0x30, 0x81,
0xa1, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c,
0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31,
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65,
0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31,
0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e,
0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x22, 0x30,
0x20, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x19, 0x77, 0x6f, 0x6c, 0x66,
0x53, 0x53, 0x4c, 0x20, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6d, 0x65, 0x64,
0x69, 0x61, 0x74, 0x65, 0x20, 0x43, 0x41, 0x20, 0x31, 0x31, 0x1f, 0x30,
0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01,
0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73,
0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d,
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82,
0x01, 0x01, 0x00, 0xde, 0xb4, 0xc8, 0x5c, 0x77, 0xe0, 0x2d, 0xb1, 0xf5,
0xb9, 0xad, 0x16, 0x47, 0x35, 0xa0, 0x35, 0x65, 0x65, 0xc6, 0xe1, 0x40,
0xab, 0x1e, 0xb4, 0xb9, 0x13, 0xb7, 0xcb, 0x8c, 0xbb, 0x77, 0xa5, 0x76,
0xda, 0x6d, 0x87, 0x87, 0xf6, 0x4a, 0x4d, 0x13, 0xe4, 0x26, 0x3e, 0x27,
0x87, 0xee, 0x5b, 0xc7, 0x6a, 0x3f, 0x45, 0x30, 0x61, 0x55, 0x5c, 0xf6,
0x35, 0xd1, 0x65, 0xfa, 0x98, 0x11, 0xa3, 0xa7, 0x55, 0xd5, 0xbe, 0x91,
0x82, 0x4b, 0xfc, 0xbe, 0x90, 0xd6, 0x50, 0x53, 0x63, 0x9a, 0x2c, 0x22,
0xe1, 0x35, 0x11, 0xdc, 0x78, 0x02, 0x97, 0x8a, 0xe4, 0x46, 0x92, 0x9c,
0x53, 0x08, 0x76, 0xde, 0x1f, 0x53, 0xb6, 0xb8, 0xca, 0x77, 0x3e, 0x79,
0x6e, 0xbc, 0xd0, 0xe3, 0x0d, 0x30, 0x5b, 0x4c, 0xf6, 0x94, 0x0d, 0x30,
0x29, 0x64, 0x9f, 0x04, 0xe5, 0xdb, 0xfb, 0x89, 0x60, 0x67, 0xbb, 0xaf,
0x26, 0x83, 0x51, 0x77, 0x24, 0x2f, 0x2b, 0x0b, 0xa1, 0x94, 0x81, 0x10,
0x98, 0xe8, 0xeb, 0x26, 0xa8, 0x1e, 0x7c, 0xe4, 0xc4, 0x6c, 0x67, 0x06,
0x95, 0x55, 0x4a, 0xdd, 0x52, 0xf4, 0xf2, 0x60, 0x6d, 0x01, 0x2b, 0x19,
0x91, 0x35, 0x6d, 0xa4, 0x08, 0x47, 0x06, 0x71, 0x24, 0x00, 0xd9, 0xde,
0xc6, 0x56, 0xf3, 0x8b, 0x53, 0x2c, 0xe2, 0x9a, 0x96, 0xa5, 0xf3, 0x62,
0xe5, 0xc4, 0xe3, 0x23, 0xf2, 0xd2, 0xfc, 0x21, 0xea, 0x0f, 0x62, 0x76,
0x8d, 0xd5, 0x99, 0x48, 0xce, 0xdc, 0x58, 0xc4, 0xbb, 0x7f, 0xda, 0x94,
0x2c, 0x80, 0x74, 0x83, 0xc5, 0xe0, 0xb0, 0x15, 0x7e, 0x41, 0xfd, 0x0e,
0xf2, 0xf4, 0xf0, 0x78, 0x76, 0x7b, 0xad, 0x26, 0x0d, 0xaa, 0x48, 0x96,
0x17, 0x2f, 0x21, 0xe3, 0x95, 0x2b, 0x26, 0x37, 0xf9, 0xaa, 0x80, 0x2f,
0xfe, 0xde, 0xf6, 0x5e, 0xbc, 0x97, 0x7f, 0x02, 0x03, 0x01, 0x00, 0x01,
0xa3, 0x82, 0x01, 0x39, 0x30, 0x82, 0x01, 0x35, 0x30, 0x0c, 0x06, 0x03,
0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, 0x1d,
0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x83, 0xc6, 0x3a,
0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71,
0x82, 0x64, 0x44, 0xda, 0x0e, 0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d,
0x23, 0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14, 0x73, 0xb0, 0x1c,
0xa4, 0x2f, 0x82, 0xcb, 0xcf, 0x47, 0xa5, 0x38, 0xd7, 0xb0, 0x04, 0x82,
0x3a, 0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, 0x81, 0x9a, 0x30,
0x81, 0x97, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,
0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e,
0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53,
0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03,
0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c,
0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45,
0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c,
0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41,
0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f,
0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63,
0x30, 0x0b, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x04, 0x04, 0x03, 0x02, 0x01,
0x06, 0x30, 0x32, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01,
0x01, 0x04, 0x26, 0x30, 0x24, 0x30, 0x22, 0x06, 0x08, 0x2b, 0x06, 0x01,
0x05, 0x05, 0x07, 0x30, 0x01, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3a,
0x2f, 0x2f, 0x31, 0x32, 0x37, 0x2e, 0x30, 0x2e, 0x30, 0x2e, 0x31, 0x3a,
0x32, 0x32, 0x32, 0x32, 0x30, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01,
0x00, 0x77, 0xec, 0x89, 0x37, 0xd4, 0x35, 0x2e, 0x24, 0xfd, 0xd2, 0xde,
0xd9, 0x98, 0x87, 0xbe, 0x52, 0xae, 0xb5, 0xd4, 0xf6, 0x13, 0x34, 0x12,
0x2c, 0xf0, 0x78, 0x98, 0x07, 0x9f, 0xf7, 0xe4, 0x76, 0xdf, 0x6e, 0xeb,
0x97, 0xc7, 0x03, 0xa3, 0xe6, 0x15, 0x6e, 0xe2, 0x94, 0x16, 0x6b, 0xed,
0x59, 0xa9, 0x4a, 0x10, 0xa0, 0xcc, 0xc2, 0x61, 0x78, 0xc7, 0xfb, 0x1c,
0x04, 0x4a, 0x20, 0xc1, 0xfc, 0x94, 0xc6, 0x99, 0xb0, 0x3a, 0x8c, 0x2f,
0x2b, 0x7d, 0x15, 0x30, 0x53, 0xc7, 0x9b, 0x73, 0x54, 0x6f, 0x4d, 0x16,
0xa6, 0xab, 0x2d, 0x8a, 0x51, 0x70, 0x1f, 0x1b, 0x8e, 0x60, 0x0b, 0x56,
0x8b, 0xf2, 0x94, 0x01, 0xfd, 0x81, 0x5f, 0x73, 0xcb, 0xed, 0x5e, 0xcc,
0x4a, 0x71, 0xc1, 0xa9, 0x1a, 0xd7, 0xc7, 0x2b, 0x5a, 0x66, 0x02, 0x77,
0xda, 0x10, 0xe8, 0x45, 0x42, 0xa0, 0x7c, 0xef, 0x78, 0xff, 0xdd, 0x08,
0xf6, 0x84, 0x2f, 0x41, 0xf5, 0x18, 0xc9, 0xa2, 0x48, 0xd1, 0x5d, 0xb6,
0xa4, 0x4d, 0x32, 0xaf, 0x83, 0x5d, 0xb9, 0x64, 0xec, 0x40, 0xe9, 0x62,
0x38, 0xef, 0x1b, 0xd1, 0x8e, 0xc9, 0xe8, 0xfd, 0xb3, 0xe8, 0xe1, 0xa1,
0xda, 0x16, 0x1e, 0x26, 0x3c, 0x82, 0x36, 0xcb, 0x8d, 0x80, 0x67, 0x33,
0xca, 0x30, 0xbf, 0x93, 0x03, 0xc8, 0x9c, 0xbe, 0xa2, 0x6f, 0xaa, 0x7c,
0x76, 0x24, 0x3d, 0x06, 0x99, 0xab, 0xa7, 0xfe, 0x12, 0xf3, 0xdb, 0xfd,
0xa0, 0x8a, 0xb5, 0x0d, 0xc1, 0x9c, 0x90, 0xb7, 0xca, 0x7e, 0x6d, 0xfb,
0xff, 0x2a, 0xc3, 0xfe, 0x7c, 0x9f, 0x41, 0xe8, 0xc2, 0x7f, 0x4f, 0xfa,
0x4b, 0x49, 0xc4, 0xa0, 0xd0, 0xbc, 0xfd, 0x38, 0x34, 0x22, 0xff, 0xd5,
0x83, 0x79, 0x70, 0x7f, 0x6c, 0x30, 0x8d, 0xad, 0x93, 0xfb, 0xb8, 0x77,
0x01, 0x34, 0xaf, 0xcc, 0x0e
};
OcspEntry entry[1];
CertStatus status[1];
@@ -3227,7 +3152,7 @@ int test_wolfSSL_CertManagerCheckOCSPResponse(void)
/* Flip a byte in the request serial number, response should be invalid
* now. */
if ((request != NULL) && (request->serial != NULL))
request->serial[0] ^= request->serial[0];
request->serial[0] ^= 0xFF;
ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
+27
View File
@@ -170,6 +170,33 @@ int test_ocsp_response_parsing(void)
}
#endif /* HAVE_OCSP && !NO_SHA */
#if defined(HAVE_OCSP) && !defined(NO_SHA) && !defined(NO_RSA) && \
!defined(WOLFSSL_NO_OCSP_ISSUER_CHECK)
int test_ocsp_ancestor_responder_rejected(void)
{
EXPECT_DECLS;
struct test_conf conf;
conf.resp = (unsigned char*)resp_server1_cert_ancestor_responder;
conf.respSz = sizeof(resp_server1_cert_ancestor_responder);
conf.ca0 = root_ca_cert_pem;
conf.ca0Sz = sizeof(root_ca_cert_pem);
conf.ca1 = intermediate1_ca_cert_pem;
conf.ca1Sz = sizeof(intermediate1_ca_cert_pem);
conf.targetCert = server1_cert_pem;
conf.targetCertSz = sizeof(server1_cert_pem);
ExpectIntEQ(test_ocsp_response_with_cm(&conf, OCSP_LOOKUP_FAIL),
TEST_SUCCESS);
return EXPECT_RESULT();
}
#else
int test_ocsp_ancestor_responder_rejected(void)
{
return TEST_SKIPPED;
}
#endif
#if defined(HAVE_OCSP) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && \
!defined(NO_RSA)
static int test_ocsp_create_x509store(WOLFSSL_X509_STORE** store,
+1
View File
@@ -33,5 +33,6 @@ int test_ocsp_cert_unknown_crl_fallback(void);
int test_ocsp_cert_unknown_crl_fallback_nonleaf(void);
int test_tls13_nonblock_ocsp_low_mfl(void);
int test_ocsp_responder(void);
int test_ocsp_ancestor_responder_rejected(void);
#endif /* WOLFSSL_TEST_OCSP_H */
File diff suppressed because it is too large Load Diff