wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'csr'

Browse Source
This commit is contained in:
Moisés Guimarães
2015-12-28 19:38:04 -03:00
parent a9894e9033
commit ec9d23a9c3
76 changed files with 5137 additions and 822 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
SCRIPTS-LIST
View File

@@ -19,11 +19,18 @@ certs/
renewcerts.sh - renews test certs and crls renewcerts.sh - renews test certs and crls
crl/ crl/
gencrls.sh - generates crls, used by renewcerts.sh gencrls.sh - generates crls, used by renewcerts.sh
ocsp/
renewcerts.sh - renews ocsp certs
ocspd0.sh - ocsp responder for root-ca-cert.pem
ocspd1.sh - ocsp responder for intermediate1-ca-cert.pem
ocspd2.sh - ocsp responder for intermediate2-ca-cert.pem
scripts/ scripts/
external.test - example client test against our website, part of tests external.test - example client test against our website, part of tests
google.test - example client test against google, part of tests google.test - example client test against google, part of tests
resume.test - example sessoin resume test, part of tests resume.test - example sessoin resume test, part of tests
ocsp-stapling.test - example client test against globalsign, part of tests
ocsp-stapling2.test - example client test against example server, part of tests
sniffer-testsuite.test - runs snifftest on a pcap of testsuite, part of tests sniffer-testsuite.test - runs snifftest on a pcap of testsuite, part of tests
in sniffer mode in sniffer mode
swig/ swig/

13
Vagrantfile vendored
View File

@@ -17,10 +17,10 @@ cd $LIB.$VER/ && ./autogen.sh && ./configure -q && make -s
sudo make install && cd .. && rm -rf $LIB.$VER* sudo make install && cd .. && rm -rf $LIB.$VER*
SRC=vagrant
DST=wolfssl DST=wolfssl
cp -rp /$SRC/ $DST/ cp -rp /vagrant/ $DST/
chown -hR vagrant:vagrant $DST/
echo "cd $DST" >> .bashrc echo "cd $DST" >> .bashrc
echo "read -p 'Sync $DST? (y/n) ' -n 1 -r" >> .bashrc echo "read -p 'Sync $DST? (y/n) ' -n 1 -r" >> .bashrc
@@ -30,20 +30,13 @@ echo " echo -e '\e[0;32mRunning $DST sync\e[0m'" >> .bashrc
echo " ./pull_to_vagrant.sh" >> .bashrc echo " ./pull_to_vagrant.sh" >> .bashrc
echo "fi" >> .bashrc echo "fi" >> .bashrc
cd $DST
./autogen.sh
./configure
make check
cd ..
chown -hR vagrant:vagrant $DST/ /tmp/output
SCRIPT SCRIPT
VAGRANTFILE_API_VERSION = "2" VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "hashicorp/precise64" config.vm.box = "ubuntu/trusty64"
config.vm.provision "shell", inline: $setup config.vm.provision "shell", inline: $setup
config.vm.network "forwarded_port", guest: 11111, host: 33333 config.vm.network "forwarded_port", guest: 11111, host: 33333

54
certs/1024/ca-cert.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 10323419125573214618 (0x8f4426ffb743e19a) Serial Number: 16629652120256878762 (0xe6c8647ee63b98aa)
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: Sep 23 19:23:38 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jun 19 19:23:38 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -28,38 +28,42 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:8F:44:26:FF:B7:43:E1:9A serial:E6:C8:64:7E:E6:3B:98:AA
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Signature Algorithm: sha1WithRSAEncryption Authority Information Access:
0e:46:ac:d8:29:1d:12:12:06:0c:d3:3f:7d:58:2e:0d:11:5e: OCSP - URI:http://localhost:22222
5d:0d:dd:17:c0:0f:aa:01:4d:a4:c4:84:81:6e:64:ae:d1:5d:
58:cd:19:6a:74:a4:46:2f:c8:43:79:39:c0:91:4b:7c:71:ea: Signature Algorithm: sha256WithRSAEncryption
4e:63:44:66:15:41:15:de:50:82:e3:e9:d1:55:55:cc:5a:38: 82:53:ec:89:0a:6a:1b:ae:c3:69:fc:22:b5:d7:d2:f4:0b:6d:
1e:3a:59:b3:0e:ee:0e:54:4d:93:e7:e0:8e:27:a5:6e:08:b8: 18:72:f5:64:7f:bb:80:57:e3:f3:b2:af:e1:89:47:03:19:dd:
6a:39:da:2d:47:62:c4:5b:89:c0:48:48:2a:d5:f0:55:74:fd: 6f:62:ed:2b:24:d3:a2:77:c0:83:6a:fb:0f:55:93:78:15:4a:
a6:b1:68:3c:70:a4:52:24:81:ec:4c:57:e0:e8:18:73:9d:0a: c1:e0:13:f2:65:9c:7a:8c:6c:98:57:f0:44:9d:3a:9e:6a:30:
4d:d8 08:9f:33:ce:0d:7e:86:6f:ef:0e:34:41:b9:c6:1d:34:c6:28:
1e:f9:81:be:68:3d:77:92:50:c5:f8:2f:4c:aa:db:5f:72:93:
42:eb:8a:cf:24:a0:d9:25:44:46:8b:ed:de:46:d5:1a:90:e9:
d6:d8
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDtTCCAx6gAwIBAgIJAI9EJv+3Q+GaMA0GCSqGSIb3DQEBBQUAMIGZMQswCQYD MIID6jCCA1OgAwIBAgIJAObIZH7mO5iqMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MDkyMzE5MjMzOFoXDTE4MDYxOTE5MjMzOFowgZkxCzAJBgNVBAYT Y29tMB4XDTE1MTEyMzEyNDkzN1oXDTE4MDgxOTEyNDkzN1owgZkxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93 DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW
nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i
gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq
1OWIGLMRL3PA1ikJAgMBAAGjggEBMIH+MB0GA1UdDgQWBBTTIo8oLOAF7tPtw3E9 1OWIGLMRL3PA1ikJAgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQU0yKPKCzgBe7T7cNx
ybI2Oh2/qDCBzgYDVR0jBIHGMIHDgBTTIo8oLOAF7tPtw3E9ybI2Oh2/qKGBn6SB PcmyNjodv6gwgc4GA1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+k
nDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv gZwwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEw b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
MjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
b0B3b2xmc3NsLmNvbYIJAI9EJv+3Q+GaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN Zm9Ad29sZnNzbC5jb22CCQDmyGR+5juYqjAMBgNVHRMEBTADAQH/MDIGCCsGAQUF
AQEFBQADgYEADkas2CkdEhIGDNM/fVguDRFeXQ3dF8APqgFNpMSEgW5krtFdWM0Z BwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjANBgkq
anSkRi/IQ3k5wJFLfHHqTmNEZhVBFd5QguPp0VVVzFo4HjpZsw7uDlRNk+fgjiel hkiG9w0BAQsFAAOBgQCCU+yJCmobrsNp/CK119L0C20YcvVkf7uAV+Pzsq/hiUcD
bgi4ajnaLUdixFuJwEhIKtXwVXT9prFoPHCkUiSB7ExX4OgYc50KTdg= Gd1vYu0rJNOid8CDavsPVZN4FUrB4BPyZZx6jGyYV/BEnTqeajAInzPODX6Gb+8O
NEG5xh00xige+YG+aD13klDF+C9MqttfcpNC64rPJKDZJURGi+3eRtUakOnW2A==
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
certs/1024/client-cert.der
View File

Binary file not shown.

44
certs/1024/client-cert.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 16417767964199037690 (0xe3d7a0fa76df2afa) Serial Number: 15267089231539806063 (0xd3df98c4801f1f6f)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -28,39 +28,43 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_1024/OU=Programming-1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_1024/OU=Programming-1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:E3:D7:A0:FA:76:DF:2A:FA serial:D3:DF:98:C4:80:1F:1F:6F
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
1d:b7:d5:7c:e1:b1:d8:c0:67:5d:b5:d3:88:e7:50:29:71:63: 71:39:fa:86:c3:54:e5:98:b5:e8:c3:cb:97:2f:86:bf:e8:bc:
8f:cc:26:1f:33:09:55:43:9b:ab:c6:1b:bc:c7:01:95:1a:fa: fb:eb:d8:73:97:34:9a:16:bf:e0:b2:bd:be:7d:ff:a0:d7:e6:
65:e0:fd:9c:eb:6f:0a:0f:14:ec:b5:2f:dc:1c:30:dd:52:97: db:a3:52:43:41:60:f1:d7:c3:63:c0:9b:e2:b2:28:87:70:60:
d4:1c:09:00:33:38:5f:cb:a8:16:8f:11:b7:b8:d0:66:e1:54: 5d:2b:5d:56:15:3c:b1:1e:03:53:72:39:32:e2:47:85:f7:8b:
28:f3:3f:bf:6a:6f:76:48:2a:5e:56:a7:ce:1c:f0:04:dd:17: e8:38:50:a9:c9:d3:52:75:0e:16:14:a5:a5:c4:9f:3e:73:d8:
bd:06:78:21:6d:d6:b1:9b:75:31:92:c1:fe:d4:8d:d4:67:2f: 38:79:bf:f7:9b:4d:0d:f3:aa:ce:a2:03:84:66:14:c9:01:f5:
03:1b:27:8d:ab:ff:30:3b:c3:7f:23:e4:ab:5b:91:e1:1b:66: 86:a5:66:a1:ca:6a:71:5f:2d:31:8e:1c:cc:0c:e6:46:99:5d:
e6:ed 0a:4c
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDxTCCAy6gAwIBAgIJAOPXoPp23yr6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD MIID+TCCA2KgAwIBAgIJANPfmMSAHx9vMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG
A1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0xMDI0MRgw A1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0xMDI0MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb20wHhcNMTUwNTA3MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBnjELMAkG ZnNzbC5jb20wHhcNMTUxMTIzMTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT
BgNVBAoMDHdvbGZTU0xfMTAyNDEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMTAyNDEY BgNVBAoMDHdvbGZTU0xfMTAyNDEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMTAyNDEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8cw6oSfN0oqnv bGZzc2wuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8cw6oSfN0oqnv
GKXaVZkh+cjss21I5TU1dXc37NFhkF8+2eTV35TKwanXGdqGyehNxGE2gv6rrX53 GKXaVZkh+cjss21I5TU1dXc37NFhkF8+2eTV35TKwanXGdqGyehNxGE2gv6rrX53
JbuNEaW8YjqoOMw5ogRmtPf386raTQIOu16NaUjcd8koDiLpa6Qmukzowf1Kbysf JbuNEaW8YjqoOMw5ogRmtPf386raTQIOu16NaUjcd8koDiLpa6Qmukzowf1Kbysf
74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFIFp 74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQABo4IBOzCCATcwHQYDVR0OBBYEFIFp
D/jf3c80KdVndXGFx3UQaVnsMIHTBgNVHSMEgcswgciAFIFpD/jf3c80KdVndXGF D/jf3c80KdVndXGFx3UQaVnsMIHTBgNVHSMEgcswgciAFIFpD/jf3c80KdVndXGF
x3UQaVnsoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQ x3UQaVnsoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQ
MA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQL MA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQL
DBBQcm9ncmFtbWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd DBBQcm9ncmFtbWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd
BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDj16D6dt8q+jAMBgNVHRME BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDT35jEgB8fbzAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAB231XzhsdjAZ12104jnUClxY4/MJh8z BTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2Fs
CVVDm6vGG7zHAZUa+mXg/ZzrbwoPFOy1L9wcMN1Sl9QcCQAzOF/LqBaPEbe40Gbh aG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOBgQBxOfqGw1TlmLXow8uXL4a/6Lz7
VCjzP79qb3ZIKl5Wp84c8ATdF70GeCFt1rGbdTGSwf7UjdRnLwMbJ42r/zA7w38j 69hzlzSaFr/gsr2+ff+g1+bbo1JDQWDx18NjwJvisiiHcGBdK11WFTyxHgNTcjky
5KtbkeEbZubt 4keF94voOFCpydNSdQ4WFKWlxJ8+c9g4eb/3m00N86rOogOEZhTJAfWGpWahympx
Xy0xjhzMDOZGmV0KTA==
-----END CERTIFICATE----- -----END CERTIFICATE-----

106
certs/1024/server-cert.pem
View File

@@ -2,11 +2,11 @@ Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 1 (0x1) Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: Sep 23 19:23:38 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jun 19 19:23:38 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -28,50 +28,54 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:8F:44:26:FF:B7:43:E1:9A serial:E6:C8:64:7E:E6:3B:98:AA
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Signature Algorithm: sha1WithRSAEncryption Authority Information Access:
0a:04:c7:9a:c4:f6:46:db:e4:85:d4:22:02:12:3e:53:27:25: OCSP - URI:http://localhost:22222
24:8a:9b:2f:93:7f:de:70:94:c5:6c:4c:26:25:25:7a:d7:0f:
33:b9:9c:d2:5a:94:7f:8d:30:75:ad:82:c9:bf:4b:6c:91:58: Signature Algorithm: sha256WithRSAEncryption
7c:45:1a:89:df:8e:ca:31:9f:ab:38:b3:ae:c2:8f:14:87:e6: cb:33:02:ab:da:33:24:83:8f:e8:2b:29:13:94:58:f2:df:69:
1c:ab:12:4e:df:82:36:c9:41:46:c4:05:95:88:62:09:72:57: 69:0c:2f:79:79:4f:fc:35:fd:a5:75:59:a5:18:74:02:79:50:
66:31:80:b8:9c:55:a8:fb:74:01:32:e7:5a:40:df:9b:e4:98: 49:2e:3b:16:28:4b:b5:0f:2a:a4:e7:b9:2a:33:50:eb:c4:7c:
d7:5b:ea:69:5c:14:1b:9b:8b:08:2d:d9:58:28:be:c9:01:e0: b4:a2:af:8d:24:f3:27:48:58:01:ac:c0:5d:7a:90:6a:5b:f7:
e1:a9 4f:d3:a5:96:24:24:96:47:2c:81:97:3c:03:1c:ad:90:c7:22:
90:91:67:03:7f:81:51:c7:97:d7:76:85:82:66:1b:f8:03:d9:
ae:1d:b0:a1:20:05:55:68:2b:d7:eb:92:dc:ec:cd:be:c6:c8:
53:df
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDqTCCAxKgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMx MIID3jCCA0egAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53 d3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0x b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0x
NTA5MjMxOTIzMzhaFw0xODA2MTkxOTIzMzhaMIGVMQswCQYDVQQGEwJVUzEQMA4G NTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGVMQswCQYDVQQGEwJVUzEQMA4G
A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT
TDEVMBMGA1UECwwMU3VwcG9ydF8xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j TDEVMBMGA1UECwwMU3VwcG9ydF8xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcN b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBAKo+pZzTF0llQ97Q80sc20kM/HplBW3easTkcyyKloKP AQEBBQADgY0AMIGJAoGBAKo+pZzTF0llQ97Q80sc20kM/HplBW3easTkcyyKloKP
I6UGcRwGPi+SjQspNEVZ6am8YdckN121xDeNumey7wMn+sG0zWsAZrTWc3AfCDrM I6UGcRwGPi+SjQspNEVZ6am8YdckN121xDeNumey7wMn+sG0zWsAZrTWc3AfCDrM
d63p+TTU86AtqedYqcBhhLbsPQqt/VyGc6prR9iLLlhLaRKCJlXmFL9VcIj++XXh d63p+TTU86AtqedYqcBhhLbsPQqt/VyGc6prR9iLLlhLaRKCJlXmFL9VcIj++XXh
AgMBAAGjggEBMIH+MB0GA1UdDgQWBBTZPDXqdA4jvpz8+imQCcHnhBaffDCBzgYD AgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQU2Tw16nQOI76c/PopkAnB54QWn3wwgc4G
VR0jBIHGMIHDgBTTIo8oLOAF7tPtw3E9ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UE A1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+kgZwwgZkxCzAJBgNV
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYD
BAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMM VQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQD
D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
bYIJAI9EJv+3Q+GaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEACgTH b22CCQDmyGR+5juYqjAMBgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggr
msT2RtvkhdQiAhI+UyclJIqbL5N/3nCUxWxMJiUletcPM7mc0lqUf40wda2Cyb9L BgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOB
bJFYfEUaid+OyjGfqzizrsKPFIfmHKsSTt+CNslBRsQFlYhiCXJXZjGAuJxVqPt0 gQDLMwKr2jMkg4/oKykTlFjy32lpDC95eU/8Nf2ldVmlGHQCeVBJLjsWKEu1Dyqk
ATLnWkDfm+SY11vqaVwUG5uLCC3ZWCi+yQHg4ak= 57kqM1DrxHy0oq+NJPMnSFgBrMBdepBqW/dP06WWJCSWRyyBlzwDHK2QxyKQkWcD
f4FRx5fXdoWCZhv4A9muHbChIAVVaCvX65Lc7M2+xshT3w==
-----END CERTIFICATE----- -----END CERTIFICATE-----
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 10323419125573214618 (0x8f4426ffb743e19a) Serial Number: 16629652120256878762 (0xe6c8647ee63b98aa)
Signature Algorithm: sha1WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: Sep 23 19:23:38 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jun 19 19:23:38 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -93,38 +97,42 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:8F:44:26:FF:B7:43:E1:9A serial:E6:C8:64:7E:E6:3B:98:AA
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Signature Algorithm: sha1WithRSAEncryption Authority Information Access:
0e:46:ac:d8:29:1d:12:12:06:0c:d3:3f:7d:58:2e:0d:11:5e: OCSP - URI:http://localhost:22222
5d:0d:dd:17:c0:0f:aa:01:4d:a4:c4:84:81:6e:64:ae:d1:5d:
58:cd:19:6a:74:a4:46:2f:c8:43:79:39:c0:91:4b:7c:71:ea: Signature Algorithm: sha256WithRSAEncryption
4e:63:44:66:15:41:15:de:50:82:e3:e9:d1:55:55:cc:5a:38: 82:53:ec:89:0a:6a:1b:ae:c3:69:fc:22:b5:d7:d2:f4:0b:6d:
1e:3a:59:b3:0e:ee:0e:54:4d:93:e7:e0:8e:27:a5:6e:08:b8: 18:72:f5:64:7f:bb:80:57:e3:f3:b2:af:e1:89:47:03:19:dd:
6a:39:da:2d:47:62:c4:5b:89:c0:48:48:2a:d5:f0:55:74:fd: 6f:62:ed:2b:24:d3:a2:77:c0:83:6a:fb:0f:55:93:78:15:4a:
a6:b1:68:3c:70:a4:52:24:81:ec:4c:57:e0:e8:18:73:9d:0a: c1:e0:13:f2:65:9c:7a:8c:6c:98:57:f0:44:9d:3a:9e:6a:30:
4d:d8 08:9f:33:ce:0d:7e:86:6f:ef:0e:34:41:b9:c6:1d:34:c6:28:
1e:f9:81:be:68:3d:77:92:50:c5:f8:2f:4c:aa:db:5f:72:93:
42:eb:8a:cf:24:a0:d9:25:44:46:8b:ed:de:46:d5:1a:90:e9:
d6:d8
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDtTCCAx6gAwIBAgIJAI9EJv+3Q+GaMA0GCSqGSIb3DQEBBQUAMIGZMQswCQYD MIID6jCCA1OgAwIBAgIJAObIZH7mO5iqMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MDkyMzE5MjMzOFoXDTE4MDYxOTE5MjMzOFowgZkxCzAJBgNVBAYT Y29tMB4XDTE1MTEyMzEyNDkzN1oXDTE4MDgxOTEyNDkzN1owgZkxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93 DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW
nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i
gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq
1OWIGLMRL3PA1ikJAgMBAAGjggEBMIH+MB0GA1UdDgQWBBTTIo8oLOAF7tPtw3E9 1OWIGLMRL3PA1ikJAgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQU0yKPKCzgBe7T7cNx
ybI2Oh2/qDCBzgYDVR0jBIHGMIHDgBTTIo8oLOAF7tPtw3E9ybI2Oh2/qKGBn6SB PcmyNjodv6gwgc4GA1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+k
nDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv gZwwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEw b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
MjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
b0B3b2xmc3NsLmNvbYIJAI9EJv+3Q+GaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN Zm9Ad29sZnNzbC5jb22CCQDmyGR+5juYqjAMBgNVHRMEBTADAQH/MDIGCCsGAQUF
AQEFBQADgYEADkas2CkdEhIGDNM/fVguDRFeXQ3dF8APqgFNpMSEgW5krtFdWM0Z BwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjANBgkq
anSkRi/IQ3k5wJFLfHHqTmNEZhVBFd5QguPp0VVVzFo4HjpZsw7uDlRNk+fgjiel hkiG9w0BAQsFAAOBgQCCU+yJCmobrsNp/CK119L0C20YcvVkf7uAV+Pzsq/hiUcD
bgi4ajnaLUdixFuJwEhIKtXwVXT9prFoPHCkUiSB7ExX4OgYc50KTdg= Gd1vYu0rJNOid8CDavsPVZN4FUrB4BPyZZx6jGyYV/BEnTqeajAInzPODX6Gb+8O
NEG5xh00xige+YG+aD13klDF+C9MqttfcpNC64rPJKDZJURGi+3eRtUakOnW2A==
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
certs/ca-cert.der
View File

Binary file not shown.

71
certs/ca-cert.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 15672591315981621815 (0xd9803ac3d2f4da37) Serial Number: 11990332945272134785 (0xa6663849459bdc81)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37 serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
7a:af:44:3b:aa:6f:53:42:b2:33:aa:43:5f:56:30:d3:b9:96: 41:8f:fb:6b:65:6b:36:f2:56:4f:0c:48:b0:4d:8c:c2:cb:d6:
0b:9a:55:5a:39:2a:0b:4e:e4:2e:f1:95:66:c9:86:36:82:8d: 58:7a:83:3a:30:7d:62:7b:86:f1:15:26:b3:26:02:77:f2:c8:
63:7c:4d:a2:ee:48:ba:03:c7:90:d7:a7:c6:74:60:48:5f:31: 57:e5:1e:60:68:8b:a4:e8:f3:a8:b2:88:a4:2f:e8:6e:25:8d:
a2:f9:5e:3e:c3:82:e1:e5:2f:41:81:83:29:25:79:d1:53:00: 6b:dc:53:ab:2f:d3:47:8c:d6:27:ab:39:bc:d3:ca:d8:01:96:
69:3c:ed:0a:30:3b:41:1d:92:a1:2c:a8:9d:2c:e3:23:87:79: a4:44:57:38:93:ab:c3:f3:95:67:7f:cf:25:1d:b7:04:dc:06:
e0:55:6e:91:a8:50:da:46:2f:c2:20:50:3e:2b:47:97:14:b0: c9:5d:24:c1:54:13:71:81:21:31:ee:9f:b4:9d:ce:98:66:a4:
7d:04:ba:45:51:d0:6e:e1:5a:a2:4b:84:9c:4d:cd:85:04:f9: a0:77:c1:88:18:a4:d1:36:ee:cd:d8:c1:1b:bc:03:d6:85:9a:
28:31:82:93:bc:c7:59:49:91:03:e8:df:6a:e4:56:ad:6a:cb: 2e:21:82:95:4c:b2:2a:fe:69:db:ac:e4:97:e1:e9:0e:f1:d3:
1f:0d:37:e4:5e:bd:e7:9f:d5:ec:9d:3c:18:25:9b:f1:2f:50: ef:20:86:03:01:66:6b:f0:26:0f:39:04:26:f5:42:98:3f:95:
7d:eb:31:cb:f1:63:22:9d:57:fc:f3:84:20:1a:c6:07:87:92: 48:5f:b5:5d:bc:49:4c:81:38:d5:e9:72:32:1c:66:1b:12:80:
26:9e:15:18:59:33:06:dc:fb:b0:b6:76:5d:f1:c1:2f:c8:2f: 0f:db:99:f0:97:67:61:79:ad:ab:be:6a:ea:aa:cc:3d:f9:40:
62:9c:c0:d6:de:eb:65:77:f3:5c:a6:c3:88:27:96:75:b4:f4: 99:00:93:bb:df:4b:41:d4:7f:f1:93:b2:70:83:3a:e3:6b:44:
54:cd:ff:2d:21:2e:96:f0:07:73:4b:e9:93:92:90:de:62:d9: 4b:1f:9f:77:53:ea:5d:e6:59:1e:c0:2d:4b:83:d6:f4:a3:d4:
a3:3b:ac:6e:24:5f:27:4a:b3:94:70:ff:30:17:e7:7e:32:8f: a9:c3:91:12:e7:61:3f:56:9d:8f:b8:19:29:62:1b:58:df:73:
65:b7:75:58 99:1f:49:63
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJANmAOsPS9No3MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD MIIE4DCCA8igAwIBAgIJAKZmOElFm9yBMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGUMQswCQYDVQQGEwJVUzEQ Fw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
@@ -71,16 +74,18 @@ mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI /hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB /pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATEw
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU ggEtMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYD b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAM
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeq9EO6pvU0KyM6pDX1Yw07mW BgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
C5pVWjkqC07kLvGVZsmGNoKNY3xNou5IugPHkNenxnRgSF8xovlePsOC4eUvQYGD L2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAQY/7a2VrNvJWTwxI
KSV50VMAaTztCjA7QR2SoSyonSzjI4d54FVukahQ2kYvwiBQPitHlxSwfQS6RVHQ sE2MwsvWWHqDOjB9YnuG8RUmsyYCd/LIV+UeYGiLpOjzqLKIpC/obiWNa9xTqy/T
buFaokuEnE3NhQT5KDGCk7zHWUmRA+jfauRWrWrLHw035F6955/V7J08GCWb8S9Q R4zWJ6s5vNPK2AGWpERXOJOrw/OVZ3/PJR23BNwGyV0kwVQTcYEhMe6ftJ3OmGak
fesxy/FjIp1X/POEIBrGB4eSJp4VGFkzBtz7sLZ2XfHBL8gvYpzA1t7rZXfzXKbD oHfBiBik0TbuzdjBG7wD1oWaLiGClUyyKv5p26zkl+HpDvHT7yCGAwFma/AmDzkE
iCeWdbT0VM3/LSEulvAHc0vpk5KQ3mLZozusbiRfJ0qzlHD/MBfnfjKPZbd1WA== JvVCmD+VSF+1XbxJTIE41elyMhxmGxKAD9uZ8JdnYXmtq75q6qrMPflAmQCTu99L
QdR/8ZOycIM642tESx+fd1PqXeZZHsAtS4PW9KPUqcOREudhP1adj7gZKWIbWN9z
mR9JYw==
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
certs/client-cert.der
View File

Binary file not shown.

62
certs/client-cert.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 12260966172072242701 (0xaa27b3c5a9726e0d) Serial Number: 10777134365807824960 (0x9590129b22a15040)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:AA:27:B3:C5:A9:72:6E:0D serial:95:90:12:9B:22:A1:50:40
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
51:96:a7:1c:26:5d:1c:90:c6:32:9f:96:15:f2:1d:e7:93:9c: 7b:91:63:8d:39:54:64:3c:b4:3f:d5:c8:4f:bf:0b:bf:af:5c:
ac:75:56:95:fd:20:70:ab:45:6a:09:b0:f3:f2:03:a8:db:dc: 9c:41:c7:0b:52:6d:c6:f0:de:7c:ff:9b:4e:fe:f3:22:a5:00:
2f:bc:1f:87:7a:a3:d4:8f:d5:49:97:7e:3c:54:ac:b1:e3:f0: 13:9f:81:e4:6d:70:2c:f9:7a:f4:d8:50:be:72:e1:04:8b:b0:
39:0d:fe:09:9a:23:f6:32:a6:41:59:bd:60:e8:bd:de:00:36: 05:e3:61:82:3f:65:de:f9:e9:d3:3d:97:7d:88:b7:99:85:c1:
6f:3e:e9:41:6f:a9:63:c7:aa:d5:7b:f3:e4:39:48:9e:f6:60: e5:5c:57:a7:9c:1f:f2:b8:ce:ec:d7:d1:9b:ec:fb:0e:6f:02:
c6:c6:86:d5:72:86:23:cd:f5:6a:63:53:a4:f8:fc:51:6a:cd: ad:51:c0:76:dd:66:0a:ce:0d:09:e6:a8:42:b0:06:c3:04:e7:
60:74:8e:a3:86:61:01:34:78:f7:29:97:b3:a7:34:b6:0a:de: 1c:c7:10:83:07:f2:e6:11:1a:cd:a7:b9:7e:17:ef:ea:63:9c:
b5:71:7a:09:a6:3e:d6:82:58:89:67:9c:c5:68:62:ba:06:d6: f2:a5:be:6b:b6:df:eb:5a:75:01:59:05:f7:ec:49:75:10:dd:
39:bb:cb:3a:c0:e0:63:1f:c7:0c:9c:12:86:ec:f7:39:6a:61: 40:1a:25:25:4f:78:6e:e1:92:21:b5:b8:82:2f:33:b3:5b:b6:
93:d0:33:14:c6:55:3b:b6:cf:80:5b:8c:43:ef:43:44:0b:3c: 81:b8:b1:a4:0c:8d:98:74:74:da:0d:90:33:c8:a7:aa:0d:06:
93:39:a3:4e:15:d1:0b:5f:84:98:1d:cd:9f:a9:47:eb:3b:56: 5a:04:eb:37:d3:e4:55:0c:93:b6:c8:3a:e8:a7:2b:4e:b8:90:
30:b6:76:92:c1:48:5f:bc:95:b0:50:1a:55:c8:4e:62:47:87: bb:36:0b:db:7f:2e:99:23:76:68:81:a8:73:74:e7:68:fb:1d:
54:64:0c:9b:91:fa:43:b3:29:48:be:e6:12:eb:e3:44:c6:52: ff:5b:ec:b5:6b:30:d1:d0:2b:89:a6:c6:a9:fc:03:66:fe:b5:
e4:40:c6:83:95:1b:a7:65:27:69:73:2f:c8:a0:4d:7f:be:ea: 8c:af:de:8e:2a:b4:78:9c:d7:4a:fc:9c:c4:7c:19:20:83:0e:
9b:67:b2:7b fd:3f:4d:a7
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIJAKons8Wpcm4NMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD MIIE/jCCA+agAwIBAgIJAJWQEpsioVBAMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG
A1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0yMDQ4MRgw A1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0yMDQ4MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb20wHhcNMTUwNTA3MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBnjELMAkG ZnNzbC5jb20wHhcNMTUxMTIzMTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT
BgNVBAoMDHdvbGZTU0xfMjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEY BgNVBAoMDHdvbGZTU0xfMjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -72,16 +75,17 @@ StIb94u6zw357+zxgR57mwNHmr9lzH9lJGmm6BSJW+Q098WwFJP1Z3s6enjhAVZW
kaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbfG36/TpfQEOioCDCBryALQxTF kaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbfG36/TpfQEOioCDCBryALQxTF
dGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnNrv94bHvAEgPUTnINUG07ozuj dGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnNrv94bHvAEgPUTnINUG07ozuj
mV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAYE7BjtXJOMMSXhIYtVi/XFfd/ mV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAYE7BjtXJOMMSXhIYtVi/XFfd/
wK71/Fvl+6G60wIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeR wK71/Fvl+6G60wIDAQABo4IBOzCCATcwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeR
xybXhWXAMIHTBgNVHSMEgcswgciAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGkpIGh xybXhWXAMIHTBgNVHSMEgcswgciAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGkpIGh
MIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96 MIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96
ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWlu ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWlu
Zy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEW Zy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEW
EGluZm9Ad29sZnNzbC5jb22CCQCqJ7PFqXJuDTAMBgNVHRMEBTADAQH/MA0GCSqG EGluZm9Ad29sZnNzbC5jb22CCQCVkBKbIqFQQDAMBgNVHRMEBTADAQH/MDIGCCsG
SIb3DQEBCwUAA4IBAQBRlqccJl0ckMYyn5YV8h3nk5ysdVaV/SBwq0VqCbDz8gOo AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjAN
29wvvB+HeqPUj9VJl348VKyx4/A5Df4JmiP2MqZBWb1g6L3eADZvPulBb6ljx6rV BgkqhkiG9w0BAQsFAAOCAQEAe5FjjTlUZDy0P9XIT78Lv69cnEHHC1JtxvDefP+b
e/PkOUie9mDGxobVcoYjzfVqY1Ok+PxRas1gdI6jhmEBNHj3KZezpzS2Ct61cXoJ Tv7zIqUAE5+B5G1wLPl69NhQvnLhBIuwBeNhgj9l3vnp0z2XfYi3mYXB5VxXp5wf
pj7WgliJZ5zFaGK6BtY5u8s6wOBjH8cMnBKG7Pc5amGT0DMUxlU7ts+AW4xD70NE 8rjO7NfRm+z7Dm8CrVHAdt1mCs4NCeaoQrAGwwTnHMcQgwfy5hEazae5fhfv6mOc
CzyTOaNOFdELX4SYHc2fqUfrO1YwtnaSwUhfvJWwUBpVyE5iR4dUZAybkfpDsylI 8qW+a7bf61p1AVkF9+xJdRDdQBolJU94buGSIbW4gi8zs1u2gbixpAyNmHR02g2Q
vuYS6+NExlLkQMaDlRunZSdpcy/IoE1/vuqbZ7J7 M8inqg0GWgTrN9PkVQyTtsg66KcrTriQuzYL238umSN2aIGoc3TnaPsd/1vstWsw
0dAriabGqfwDZv61jK/ejiq0eJzXSvycxHwZIIMO/T9Npw==
-----END CERTIFICATE----- -----END CERTIFICATE-----

BIN
certs/client-ecc-cert.der
View File

Binary file not shown.

42
certs/client-ecc-cert.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 16108595702940209934 (0xdf8d3a71e022930e) Serial Number: 14757985853299502082 (0xcccee5f142282c02)
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey Public Key Algorithm: id-ecPublicKey
@@ -24,31 +24,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2 keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:DF:8D:3A:71:E0:22:93:0E serial:CC:CE:E5:F1:42:28:2C:02
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:74:7b:ae:7e:9c:c8:69:95:8a:0b:ad:7f:c9:37: 30:45:02:21:00:9f:24:c2:3b:e6:e5:2a:2d:d1:99:67:ca:f5:
3d:3c:7f:b7:ef:f3:da:9b:ea:d0:a7:76:0a:a4:77:12:f7:a8: ed:d1:d6:90:19:16:16:f8:9e:56:a9:ed:1b:19:92:54:0e:a7:
02:20:71:95:87:89:b7:a8:8b:bb:fa:9f:84:dc:2b:71:dc:4a: e2:02:20:51:c1:57:81:ba:50:7f:09:38:b6:16:7d:dc:63:50:
c5:5a:65:b2:fc:33:c4:ce:36:4f:ab:c6:38:36:6c:88 f3:f3:ed:b0:8d:56:75:94:91:21:71:32:b7:c2:59:c9:60
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDCDCCAq+gAwIBAgIJAN+NOnHgIpMOMAoGCCqGSM49BAMCMIGNMQswCQYDVQQG MIIDPzCCAuWgAwIBAgIJAMzO5fFCKCwCMAoGCCqGSM49BAMCMIGNMQswCQYDVQQG
EwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxlbTETMBEGA1UECgwK EwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxlbTETMBEGA1UECgwK
Q2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu Q2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE1MDUwNzE4 Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE1MTEyMzEy
MjEwMVoXDTE4MDEzMTE4MjEwMVowgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZP NDkzN1oXDTE4MDgxOTEyNDkzN1owgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZP
cmVnb24xDjAMBgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYD cmVnb24xDjAMBgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYD
VQQLDARGYXN0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B VQQLDARGYXN0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARV CQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARV
v/QPRFCaPc6bt/DFTfVwe9TsJI4ZgOxaTKIkA2Ism9rvojUSQ4R2FsZWlQbMAam9 v/QPRFCaPc6bt/DFTfVwe9TsJI4ZgOxaTKIkA2Ism9rvojUSQ4R2FsZWlQbMAam9
9nUaQve9qbI2Il/HXX+0o4H1MIHyMB0GA1UdDgQWBBTr1EtZa5VhP1FXtgRNiUGI 9nUaQve9qbI2Il/HXX+0o4IBKjCCASYwHQYDVR0OBBYEFOvUS1lrlWE/UVe2BE2J
RFyr8jCBwgYDVR0jBIG6MIG3gBTr1EtZa5VhP1FXtgRNiUGIRFyr8qGBk6SBkDCB QYhEXKvyMIHCBgNVHSMEgbowgbeAFOvUS1lrlWE/UVe2BE2JQYhEXKvyoYGTpIGQ
jTELMAkGA1UEBhMCVVMxDzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0x MIGNMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxl
EzARBgNVBAoMCkNsaWVudCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3 bTETMBEGA1UECgwKQ2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwP
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJ d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
AN+NOnHgIpMOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgdHuufpzI ggkAzM7l8UIoLAIwDAYDVR0TBAUwAwEB/zAyBggrBgEFBQcBAQQmMCQwIgYIKwYB
aZWKC61/yTc9PH+37/Pam+rQp3YKpHcS96gCIHGVh4m3qIu7+p+E3Ctx3ErFWmWy BQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjIwCgYIKoZIzj0EAwIDSAAwRQIh
/DPEzjZPq8Y4NmyI AJ8kwjvm5Sot0ZlnyvXt0daQGRYW+J5Wqe0bGZJUDqfiAiBRwVeBulB/CTi2Fn3c
Y1Dz8+2wjVZ1lJEhcTK3wlnJYA==
-----END CERTIFICATE----- -----END CERTIFICATE-----

50
certs/crl/cliCrl.pem
View File

@@ -2,38 +2,38 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: May 7 18:21:01 2015 GMT Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Jan 31 18:21:01 2018 GMT Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
3 3
No Revoked Certificates. No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
a2:15:f0:cf:70:85:49:b9:5b:c1:af:2b:22:14:9d:ee:11:8d: 09:be:cf:c6:43:19:57:e4:49:37:90:ae:a4:15:a7:a1:61:f4:
93:2d:58:17:d8:f6:b6:1a:1a:25:a2:27:c9:6b:4f:b3:31:c7: 4d:62:12:f4:62:da:05:49:f6:14:78:68:1a:75:11:ee:42:53:
2c:52:c4:53:59:19:ef:cf:91:ee:b5:19:28:37:49:9e:b6:e0: d2:83:32:87:40:d7:60:c2:1e:b6:b8:e4:87:a5:fb:ab:a9:df:
41:62:4c:9f:f1:34:bf:88:aa:ae:24:38:8d:29:0a:64:08:a8: 40:4f:a0:f9:04:d3:c4:1e:52:d8:3b:c5:72:8f:df:da:02:16:
68:f4:b5:28:73:d6:94:b9:0a:3f:7c:c1:22:72:be:14:ba:c9: c9:c7:0c:4b:45:8c:4a:9f:37:7b:ee:3b:7c:7b:b3:93:b2:22:
1b:9d:26:af:78:c2:cf:5f:ff:1e:cc:25:c0:63:f1:9b:97:85: b6:8c:83:8c:56:8f:c0:a6:5d:e8:3c:1a:af:5d:ae:b4:84:91:
5c:c0:4d:14:ed:f9:ad:cb:02:7d:05:c7:5c:c1:7c:89:72:35: 6c:96:03:04:32:3d:56:24:91:cf:b5:5d:d6:15:de:76:36:ea:
49:70:a8:b1:ae:91:96:77:9a:c6:cb:38:27:88:3f:f4:c8:ba: 7d:30:12:7e:56:ab:47:00:e9:fb:11:b7:89:da:60:32:54:64:
c9:08:7f:dd:a6:41:82:62:65:a0:f2:0c:36:5a:d9:15:57:5e: 8e:bb:09:59:ea:58:e2:08:40:85:ae:a6:4f:c9:1a:8b:31:32:
66:c3:a2:ff:5e:4d:7c:bc:4b:7c:30:84:44:e3:06:34:a8:42: b5:2a:54:c7:80:41:19:c9:7a:96:f8:8d:1d:7b:98:45:8f:fd:
3b:d9:6a:04:4a:0b:e5:59:66:63:b9:7a:80:48:68:31:1c:aa: 5d:ed:f5:88:b8:aa:77:1e:a4:07:29:5c:23:27:e9:89:29:a6:
98:bc:09:0e:a7:83:5f:a7:00:f1:fb:78:bc:08:86:73:ef:53: 2d:76:30:a4:8b:c5:af:29:19:b7:1d:0a:c9:f8:cf:f9:0e:3f:
25:b8:1b:5e:7c:77:a8:12:7b:52:7f:1e:63:bc:db:60:99:46: a2:48:7f:84:29:1b:3b:f4:7a:51:6d:8e:4a:df:e6:e5:80:76:
ab:e1:2e:48:d1:28:40:68:1e:9e:a0:2f:14:04:66:b3:b1:b1: 7e:a0:7d:a4:95:bb:df:6f:99:95:83:bd:79:5c:c2:5c:8d:8a:
3b:d0:46:64 0e:97:ca:c8
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTA1 bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTEx
MDcxODIxMDFaFw0xODAxMzExODIxMDFaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG MjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG
9w0BAQsFAAOCAQEAohXwz3CFSblbwa8rIhSd7hGNky1YF9j2thoaJaInyWtPszHH 9w0BAQsFAAOCAQEACb7PxkMZV+RJN5CupBWnoWH0TWIS9GLaBUn2FHhoGnUR7kJT
LFLEU1kZ78+R7rUZKDdJnrbgQWJMn/E0v4iqriQ4jSkKZAioaPS1KHPWlLkKP3zB 0oMyh0DXYMIetrjkh6X7q6nfQE+g+QTTxB5S2DvFco/f2gIWyccMS0WMSp83e+47
InK+FLrJG50mr3jCz1//HswlwGPxm5eFXMBNFO35rcsCfQXHXMF8iXI1SXCosa6R fHuzk7IitoyDjFaPwKZd6Dwar12utISRbJYDBDI9ViSRz7Vd1hXedjbqfTASflar
lneaxss4J4g/9Mi6yQh/3aZBgmJloPIMNlrZFVdeZsOi/15NfLxLfDCEROMGNKhC RwDp+xG3idpgMlRkjrsJWepY4ghAha6mT8kaizEytSpUx4BBGcl6lviNHXuYRY/9
O9lqBEoL5VlmY7l6gEhoMRyqmLwJDqeDX6cA8ft4vAiGc+9TJbgbXnx3qBJ7Un8e Xe31iLiqdx6kBylcIyfpiSmmLXYwpIvFrykZtx0KyfjP+Q4/okh/hCkbO/R6UW2O
Y7zbYJlGq+EuSNEoQGgenqAvFARms7GxO9BGZA== St/m5YB2fqB9pJW732+ZlYO9eVzCXI2KDpfKyA==
-----END X509 CRL----- -----END X509 CRL-----

52
certs/crl/crl.pem
View File

@@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Jul 23 22:05:10 2015 GMT Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Apr 18 22:05:10 2018 GMT Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
1 1
Revoked Certificates: Revoked Certificates:
Serial Number: 02 Serial Number: 02
Revocation Date: Jul 23 22:05:10 2015 GMT Revocation Date: Nov 23 12:49:37 2015 GMT
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
68:55:84:c7:53:54:06:ea:3e:f2:d0:3d:e6:30:84:d5:12:82: 3c:36:71:b3:df:e4:08:16:59:55:3c:2c:f4:80:4e:e6:2f:db:
55:5b:4c:74:60:49:5d:4f:73:cd:cc:5f:42:bf:0d:93:93:a6: 9c:26:8d:3f:ef:c4:99:3e:14:7f:de:51:ea:ca:4a:6b:c5:ee:
81:60:9d:0c:7f:c6:75:f0:77:77:1f:81:cf:02:4a:7f:2e:e3: 54:04:c8:87:54:43:d7:df:ad:33:1c:7e:b6:09:e2:fb:da:27:
1b:c4:b0:eb:0f:25:53:3d:78:7b:3e:8f:16:5e:37:c6:fd:f5: 9d:ca:5e:fd:3c:f5:78:64:6f:2d:3d:05:26:68:e0:ed:36:25:
93:bb:9a:d7:f1:78:eb:78:9f:5d:44:85:e0:5e:14:8b:b5:2b: 8f:95:57:0e:85:16:3d:01:bd:69:9f:70:b9:12:bc:2f:45:dc:
c5:af:23:43:82:27:0b:db:de:12:4a:1a:23:a7:f3:d9:3a:3f: 20:30:e0:55:a3:50:e2:d8:bd:94:50:01:11:ec:fa:19:a0:85:
6f:23:e2:53:a0:ef:1e:b5:f2:da:c8:00:d2:f0:57:78:af:5d: 75:a3:bc:74:f5:08:48:b6:c8:09:10:e2:4c:f5:73:e3:c9:38:
e3:8e:c4:06:27:7d:3d:ee:04:06:96:7a:9b:34:d9:e9:bc:a3: 7e:4f:cc:9d:9c:51:04:0d:2f:5e:fb:b3:49:66:86:8e:16:d6:
2d:6c:01:36:c4:5d:bf:c5:7f:74:f3:bb:55:75:ff:a1:a9:66: 2d:97:50:b2:b0:d9:5e:ed:4f:fc:f3:db:03:6e:25:a7:b7:e3:
cc:b2:e0:a0:f6:0b:05:e1:ac:69:42:3f:df:b4:dd:8f:37:5c: 81:f8:6a:21:0d:fa:aa:96:30:80:11:fa:67:ea:f4:92:f8:69:
f5:09:4f:a7:c3:d6:ae:a2:c6:63:f3:ed:03:df:3c:ee:58:c1: cc:a0:1d:04:ec:3f:21:58:70:f9:f4:50:b3:79:ad:2b:ae:07:
45:e8:85:7b:99:aa:fc:7d:ae:69:94:b9:50:0a:76:7d:b9:fd: a4:c6:6b:2f:45:85:e2:bf:de:64:a0:50:2b:15:c9:c1:ae:5e:
74:55:b8:b1:37:75:7d:f7:e6:1a:91:cd:68:b6:49:37:cb:c8: 7f:ff:4d:c0:e5:d0:13:7d:cc:0d:cf:7c:4d:28:7b:8e:4b:4a:
e1:69:57:1b:c6:ef:ec:0a:fa:d3:72:92:95:ec:f1:c1:c3:53: c0:02:0d:b6:1e:9a:38:b8:99:70:be:fa:1f:35:d7:92:ac:36:
7d:fb:d0:66 c8:0c:07:d8
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE1MDcyMzIyMDUxMFoX HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE1MTEyMzEyNDkzN1oX
DTE4MDQxODIyMDUxMFowFDASAgECFw0xNTA3MjMyMjA1MTBaoA4wDDAKBgNVHRQE DTE4MDgxOTEyNDkzN1owFDASAgECFw0xNTExMjMxMjQ5MzdaoA4wDDAKBgNVHRQE
AwIBATANBgkqhkiG9w0BAQsFAAOCAQEAaFWEx1NUBuo+8tA95jCE1RKCVVtMdGBJ AwIBATANBgkqhkiG9w0BAQsFAAOCAQEAPDZxs9/kCBZZVTws9IBO5i/bnCaNP+/E
XU9zzcxfQr8Nk5OmgWCdDH/GdfB3dx+BzwJKfy7jG8Sw6w8lUz14ez6PFl43xv31 mT4Uf95R6spKa8XuVATIh1RD19+tMxx+tgni+9onncpe/Tz1eGRvLT0FJmjg7TYl
k7ua1/F463ifXUSF4F4Ui7Urxa8jQ4InC9veEkoaI6fz2To/byPiU6DvHrXy2sgA j5VXDoUWPQG9aZ9wuRK8L0XcIDDgVaNQ4ti9lFABEez6GaCFdaO8dPUISLbICRDi
0vBXeK9d447EBid9Pe4EBpZ6mzTZ6byjLWwBNsRdv8V/dPO7VXX/oalmzLLgoPYL TPVz48k4fk/MnZxRBA0vXvuzSWaGjhbWLZdQsrDZXu1P/PPbA24lp7fjgfhqIQ36
BeGsaUI/37Tdjzdc9QlPp8PWrqLGY/PtA9887ljBReiFe5mq/H2uaZS5UAp2fbn9 qpYwgBH6Z+r0kvhpzKAdBOw/IVhw+fRQs3mtK64HpMZrL0WF4r/eZKBQKxXJwa5e
dFW4sTd1fffmGpHNaLZJN8vI4WlXG8bv7Ar603KSlezxwcNTffvQZg== f/9NwOXQE33MDc98TSh7jktKwAINth6aOLiZcL76HzXXkqw2yAwH2A==
-----END X509 CRL----- -----END X509 CRL-----

58
certs/crl/crl.revoked
View File

@@ -2,43 +2,43 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Jul 22 16:17:45 2015 GMT Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Apr 17 16:17:45 2018 GMT Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
7 2
Revoked Certificates: Revoked Certificates:
Serial Number: 01 Serial Number: 01
Revocation Date: Jul 22 16:17:45 2015 GMT Revocation Date: Nov 23 12:49:37 2015 GMT
Serial Number: 02 Serial Number: 02
Revocation Date: Jul 22 16:17:45 2015 GMT Revocation Date: Nov 23 12:49:37 2015 GMT
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
7f:61:91:8a:8c:c1:23:f1:d4:98:d9:67:67:1e:d2:54:2a:ce: 33:65:94:a5:92:9f:6e:21:0f:75:3a:d2:05:f5:5e:f2:ef:8c:
b8:41:d1:f7:c4:88:84:01:a5:52:d6:42:d1:af:e6:c8:fb:13: 85:5f:a1:27:d3:25:41:06:e3:fd:76:54:86:c8:cf:ed:b3:99:
51:9e:2e:18:c1:e7:9d:83:81:79:d3:34:a3:14:a8:1c:7b:9e: e9:9b:de:e9:b4:b5:59:7a:79:98:77:3a:1a:08:d9:08:fc:ad:
07:2b:fb:73:31:ce:17:52:69:80:cc:f7:fd:42:e3:1c:e0:63: b1:22:67:c8:86:03:24:db:61:e7:0d:92:57:8f:71:e9:59:c7:
66:70:52:81:09:cc:be:51:02:2c:33:9a:ec:21:15:81:9f:7a: 42:8a:ec:03:ff:0e:c1:c3:bb:59:06:db:14:70:5b:21:c2:19:
10:d0:9c:23:f4:e6:b3:2b:e2:36:0e:fb:79:da:52:2c:bc:fa: 3a:52:ab:e6:15:19:32:42:f7:db:90:7e:d8:3f:f3:e6:70:61:
dd:9c:53:6b:48:b0:6a:56:5c:7b:87:53:18:94:c4:37:03:bf: b7:ba:56:6c:c7:a8:9b:2e:43:a7:de:f8:25:99:e4:2b:d8:fb:
13:18:e3:a4:26:e0:66:0c:dc:e5:99:84:5d:36:69:01:f4:69: 5c:c3:43:a6:d9:4e:cd:7b:7c:e4:6f:8d:12:80:de:92:1d:73:
d4:06:eb:43:ff:4f:f5:17:46:9d:b7:cb:45:ec:0d:9e:9c:4a: c5:41:8d:9a:ca:e7:ac:c4:49:71:9d:be:44:f0:a3:e5:e7:62:
96:3c:0b:92:c5:fb:de:d4:3f:af:a9:5e:b1:6f:9d:d7:8b:b5: 3e:9e:ce:41:9c:2c:0d:27:f9:4d:1b:03:18:5e:4b:04:71:46:
ab:86:b6:eb:00:da:b1:f4:6d:72:2d:9b:ec:f3:1b:2f:24:99: 5f:9e:8f:2e:b4:46:84:ee:09:bd:82:a8:01:26:59:31:1a:b0:
d5:04:7b:4f:f8:7a:2e:4e:b6:ee:be:f8:50:d2:96:96:6f:f6: b3:79:73:67:06:c3:85:a3:6f:69:99:e0:35:67:8a:20:bb:c7:
3a:c2:7f:35:48:82:1a:84:64:03:e8:58:8e:0c:dc:62:97:cd: 4e:ac:c4:76:50:1b:43:47:89:b9:85:e0:bc:fc:21:1c:dc:0b:
82:ff:16:93:ac:44:14:e1:ae:fc:fb:52:25:b6:0d:70:ec:c4: 4b:14:46:e0:2f:81:e2:75:04:ff:5f:d9:ed:65:38:1d:d8:5f:
93:42:37:af 58:a0:21:7a
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTA3MjIxNjE3NDVa MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTExMjMxMjQ5Mzda
Fw0xODA0MTcxNjE3NDVaMCgwEgIBARcNMTUwNzIyMTYxNzQ1WjASAgECFw0xNTA3 Fw0xODA4MTkxMjQ5MzdaMCgwEgIBARcNMTUxMTIzMTI0OTM3WjASAgECFw0xNTEx
MjIxNjE3NDVaoA4wDDAKBgNVHRQEAwIBBzANBgkqhkiG9w0BAQsFAAOCAQEAf2GR MjMxMjQ5MzdaoA4wDDAKBgNVHRQEAwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAM2WU
iozBI/HUmNlnZx7SVCrOuEHR98SIhAGlUtZC0a/myPsTUZ4uGMHnnYOBedM0oxSo pZKfbiEPdTrSBfVe8u+MhV+hJ9MlQQbj/XZUhsjP7bOZ6Zve6bS1WXp5mHc6GgjZ
HHueByv7czHOF1JpgMz3/ULjHOBjZnBSgQnMvlECLDOa7CEVgZ96ENCcI/Tmsyvi CPytsSJnyIYDJNth5w2SV49x6VnHQorsA/8OwcO7WQbbFHBbIcIZOlKr5hUZMkL3
Ng77edpSLLz63ZxTa0iwalZce4dTGJTENwO/ExjjpCbgZgzc5ZmEXTZpAfRp1Abr 25B+2D/z5nBht7pWbMeomy5Dp974JZnkK9j7XMNDptlOzXt85G+NEoDekh1zxUGN
Q/9P9RdGnbfLRewNnpxKljwLksX73tQ/r6lesW+d14u1q4a26wDasfRtci2b7PMb msrnrMRJcZ2+RPCj5ediPp7OQZwsDSf5TRsDGF5LBHFGX56PLrRGhO4JvYKoASZZ
LySZ1QR7T/h6Lk627r74UNKWlm/2OsJ/NUiCGoRkA+hYjgzcYpfNgv8Wk6xEFOGu MRqws3lzZwbDhaNvaZngNWeKILvHTqzEdlAbQ0eJuYXgvPwhHNwLSxRG4C+B4nUE
/PtSJbYNcOzEk0I3rw== /1/Z7WU4HdhfWKAheg==
-----END X509 CRL----- -----END X509 CRL-----

22
certs/crl/eccCliCRL.pem
View File

@@ -2,23 +2,23 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: May 7 18:21:01 2015 GMT Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Jan 31 18:21:01 2018 GMT Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
4 4
No Revoked Certificates. No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:62:9b:53:ee:21:52:bc:61:e8:ec:7b:f8:28:35: 30:46:02:21:00:e7:d9:ab:e9:39:c3:65:d9:12:3c:c5:31:85:
43:98:b8:57:9c:c7:73:cc:a0:45:e8:b9:96:2e:1c:c6:62:ff: ad:d6:b8:00:91:24:a3:ff:4d:fc:88:27:3d:7c:e2:2e:ae:0f:
02:20:2b:64:b8:3a:30:2c:15:7f:cf:57:99:60:9d:51:82:82: c1:02:21:00:9e:94:0b:f7:1c:e3:21:39:48:ff:d1:b0:b4:48:
ef:b6:13:cc:86:93:a2:19:41:12:a0:ec:7e:1e:07:09 38:e3:e4:4b:90:b8:35:8b:7a:0d:79:f5:09:22:85:b1:fe:83
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIBJTCBzQIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM MIIBJzCBzQIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL
BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3 BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMTUwNTA3MTgyMTAxWhcNMTgwMTMxMTgy DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMTUxMTIzMTI0OTM3WhcNMTgwODE5MTI0
MTAxWqAOMAwwCgYDVR0UBAMCAQQwCgYIKoZIzj0EAwIDRwAwRAIgYptT7iFSvGHo OTM3WqAOMAwwCgYDVR0UBAMCAQQwCgYIKoZIzj0EAwIDSQAwRgIhAOfZq+k5w2XZ
7Hv4KDVDmLhXnMdzzKBF6LmWLhzGYv8CICtkuDowLBV/z1eZYJ1RgoLvthPMhpOi EjzFMYWt1rgAkSSj/038iCc9fOIurg/BAiEAnpQL9xzjITlI/9GwtEg44+RLkLg1
GUESoOx+HgcJ i3oNefUJIoWx/oM=
-----END X509 CRL----- -----END X509 CRL-----

20
certs/crl/eccSrvCRL.pem
View File

@@ -2,23 +2,23 @@ Certificate Revocation List (CRL):
Version 2 (0x1) Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: May 7 18:21:01 2015 GMT Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Jan 31 18:21:01 2018 GMT Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions: CRL extensions:
X509v3 CRL Number: X509v3 CRL Number:
5 5
No Revoked Certificates. No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:0d:fe:b7:79:fb:66:6c:cb:36:0a:1a:f3:6d:73: 30:45:02:21:00:8a:64:7e:f4:81:8e:83:c1:49:61:47:c6:29:
ea:68:ab:fc:46:7e:49:bd:15:2a:9f:a1:17:50:56:82:cf:1f: a6:d5:7b:c2:6d:29:23:f2:25:10:a6:2b:6b:5d:27:4e:e8:fb:
02:21:00:ff:13:85:80:29:a4:60:54:10:93:fb:20:13:b8:9c: 99:02:20:5f:98:76:40:29:c5:c1:c6:9c:ab:e4:aa:df:4b:06:
25:48:53:5e:4b:33:ef:5c:aa:9e:98:74:e0:c8:c3:ef:df e9:e7:6a:5c:cf:b1:6b:b1:36:98:32:91:a9:fe:d5:65:eb
-----BEGIN X509 CRL----- -----BEGIN X509 CRL-----
MIIBKDCBzwIBATAKBggqhkjOPQQDAjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM MIIBKDCBzwIBATAKBggqhkjOPQQDAjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTA1MDcxODIxMDFaFw0xODAxMzEx hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTExMjMxMjQ5MzdaFw0xODA4MTkx
ODIxMDFaoA4wDDAKBgNVHRQEAwIBBTAKBggqhkjOPQQDAgNIADBFAiAN/rd5+2Zs MjQ5MzdaoA4wDDAKBgNVHRQEAwIBBTAKBggqhkjOPQQDAgNIADBFAiEAimR+9IGO
yzYKGvNtc+poq/xGfkm9FSqfoRdQVoLPHwIhAP8ThYAppGBUEJP7IBO4nCVIU15L g8FJYUfGKabVe8JtKSPyJRCmK2tdJ07o+5kCIF+YdkApxcHGnKvkqt9LBunnalzP
M+9cqp6YdODIw+/f sWuxNpgykan+1WXr
-----END X509 CRL----- -----END X509 CRL-----

22
certs/external/ca-globalsign-root-r2.pem vendored Normal file
View File

@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
-----END CERTIFICATE-----

28
certs/external/ca-verisign-g5.pem vendored Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----

4
certs/ocsp/index0.txt Normal file
View File

@@ -0,0 +1,4 @@
V 161213070133Z 63 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
V 161213070133Z 01 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
V 161213070133Z 02 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
R 161213070133Z 151201070133Z 03 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com

2
certs/ocsp/index1.txt Normal file
View File

@@ -0,0 +1,2 @@
V 161213070133Z 05 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www1.wolfssl.com/emailAddress=info@wolfssl.com
R 161213070133Z 151201070133Z 06 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www2.wolfssl.com/emailAddress=info@wolfssl.com

2
certs/ocsp/index2.txt Normal file
View File

@@ -0,0 +1,2 @@
V 161213070133Z 07 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www3.wolfssl.com/emailAddress=info@wolfssl.com
R 161213070133Z 151201070133Z 08 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www4.wolfssl.com/emailAddress=info@wolfssl.com

1
certs/ocsp/index3.txt Normal file
View File

@@ -0,0 +1 @@
V 161213070133Z 09 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www5.wolfssl.com/emailAddress=info@wolfssl.com

186
certs/ocsp/intermediate1-ca-cert.pem Normal file
View File

@@ -0,0 +1,186 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
1e:07:eb:03:66:a7:54:e8:c5:e1:fe:c9:08:58:91:d8:1b:d6:
c8:69:a5:65:03:a3:1a:f4:eb:9d:cd:4a:c1:9d:cd:ac:39:0b:
49:09:e7:9c:0f:12:cb:3f:29:e1:9c:d1:f4:68:14:02:2e:d3:
fe:3d:63:3c:26:80:38:91:03:c3:52:52:9e:66:4d:59:d1:80:
97:eb:91:99:5f:e7:d5:8e:e7:c4:c0:d3:f3:12:2e:c9:05:3a:
54:ed:38:f3:6f:f3:ae:74:18:47:b5:25:c6:e3:44:8c:27:bd:
3f:bc:e3:f1:0e:e4:50:ff:4c:ec:30:d6:0d:9f:8f:d0:f6:be:
43:73:94:8f:48:97:38:7c:e8:8a:53:fd:02:4e:0f:2c:14:53:
f4:4c:80:8a:09:b2:b8:a8:0e:11:75:a6:15:6a:5f:c8:06:7b:
ff:a3:76:d0:e8:70:0a:e0:b1:6d:88:54:06:c2:04:f9:81:b0:
77:af:a4:80:1b:88:64:5e:db:ff:36:dc:e8:d2:7b:4e:55:40:
3c:f7:cd:33:f9:66:59:2e:9c:18:c7:50:e6:b5:b9:c1:94:3b:
78:46:05:a6:24:41:2a:28:b5:e8:92:d0:0d:47:18:e8:cc:6e:
e8:11:d2:2a:94:47:75:b5:80:f2:e8:83:34:cc:7f:22:8a:9e:
49:be:30:c1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAB4H6wNmp1ToxeH+yQhYkdgb1shppWUDoxr0653NSsGdzaw5C0kJ55wPEss/
KeGc0fRoFAIu0/49YzwmgDiRA8NSUp5mTVnRgJfrkZlf59WO58TA0/MSLskFOlTt
OPNv8650GEe1JcbjRIwnvT+84/EO5FD/TOww1g2fj9D2vkNzlI9Ilzh86IpT/QJO
DywUU/RMgIoJsrioDhF1phVqX8gGe/+jdtDocArgsW2IVAbCBPmBsHevpIAbiGRe
2/823OjSe05VQDz3zTP5ZlkunBjHUOa1ucGUO3hGBaYkQSooteiS0A1HGOjMbugR
0iqUR3W1gPLogzTMfyKKnkm+MME=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/intermediate1-ca-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDetMhcd+AtsfW5
rRZHNaA1ZWXG4UCrHrS5E7fLjLt3pXbabYeH9kpNE+QmPieH7lvHaj9FMGFVXPY1
0WX6mBGjp1XVvpGCS/y+kNZQU2OaLCLhNRHceAKXiuRGkpxTCHbeH1O2uMp3Pnlu
vNDjDTBbTPaUDTApZJ8E5dv7iWBnu68mg1F3JC8rC6GUgRCY6OsmqB585MRsZwaV
VUrdUvTyYG0BKxmRNW2kCEcGcSQA2d7GVvOLUyzimpal82LlxOMj8tL8IeoPYnaN
1ZlIztxYxLt/2pQsgHSDxeCwFX5B/Q7y9PB4dnutJg2qSJYXLyHjlSsmN/mqgC/+
3vZevJd/AgMBAAECggEBAJC4sitEyy1mo+QREpUbyAxq5ASlhDyvK4nJwnpH7dsG
b4HqA1TbO9Vyw6QGZ/HxdzrTVGJF2jp6upSmirqZ73yF1UWdHTmq34eG3347clJR
tCjdL8oxQp3v5//kbimXKoeVm/T1iLyMoKTRlny1qWLrVKFJIK8FcEDijl2bHEbL
fdlPSJTN+y0zWoS3urRi/IPrsob23B4ILj0n+yUR4eOK25I3trqgsqcfTyMhX8tH
eyD4C+ir0j5evnmBhsKL0cUgGxGj8aVdOgab8dlKlDNi7HH5fe/FTMAQ344uege8
D5dytc1H4wWq3le1PsvCh56lyPx7P4BamNzuJ85OnWECgYEA8xSw544oIe6RzMxh
51pYLyf1aU8zd9w0ISkXnXQ4RxcNubbFHLu/S/vSlbE5qqSf128H3XkAP6HT6UJe
JS/WqJbUcdWkzULjj7fLXJ2oer3hrVXq2L9Me1l0XrYoBvRuap15AtQ/cxafxMUZ
HpEWam0EPxoTkTp4EUWi++U09yMCgYEA6org2l1qdqChHw3ihlfl3rKMY/DT+f1b
uMnbMKNhqgyV3ItSh7MnVJurvJ56CQVuVay+T11qfyo3cKzxNYLYTGLvAtBeK/aC
B/hdCvxMBpXd71Vlnz0w6qJi0mkGNNTFGzxwqwPByqP0NyKStPN3W98HwFhiqKmU
y8wpv5ZeUfUCgYEAx1Ba8bLdc10zzbJ0QIgSsK/aCXx4njo/wET6aQ/HqXrctT+J
BlNnur0EYduMhkAwFCylTVMPAh4GLUhO+7zrDReHoMNmOywyfUBeDlXztJkHd+Jw
C0NoSegChDpmPbWk5+SxOcGhORP+8xAN1cNvltpG1hrimn1PwBHSXysEr/MCgYEA
hLVUCPp2dOzqfcHDfLRbcqigWyQ3LOo4bdR5W4n2httcKFAEwJeUF4GFqNIaxuP1
zDBT9mArFAz1FaIlUVvZu073YiY4QrPWW2AidUbQVaGS1AsD1xguh3SeaePXCSmi
5YhLT9huXJRsaI39aLmhva/ymNjp6fkaIj5BGRCiCckCgYEAkZjADCg9gcqJo5oc
RDMpHT8C6SjE6+W0+00AnH1rSK0ev7uAGb6/rOpsShRiGubo7Ekil1MyMuOFmLPK
9K5oi4KKmVfTaPMfm2UnVCC2Dv2nMXkmYdQKiGgwbAhYfu/wGQXj682r2YYD4Xsa
qz7cWosuOKihAVhA52vZ7YacW2c=
-----END PRIVATE KEY-----

186
certs/ocsp/intermediate2-ca-cert.pem Normal file
View File

@@ -0,0 +1,186 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4:
6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7:
11:02:a1:ab:58:3d:fb:dc:51:ca:3a:1d:1f:95:a6:
56:82:f7:8f:ff:6b:50:bb:ea:10:e1:47:1d:35:77:
2e:4b:28:c5:53:46:23:2b:82:fd:5a:d3:f4:21:db:
0e:e0:f2:76:33:47:b3:00:be:3a:b1:23:98:53:eb:
ea:a0:de:1b:cc:05:4e:ee:63:a8:2c:93:24:d6:98:
78:74:03:e4:c8:89:43:61:f1:25:b8:cd:3b:87:c1:
31:25:fd:ba:4c:fc:29:94:45:9e:69:d7:67:0a:8a:
8e:d5:52:93:30:a2:0e:dd:6a:1c:b0:94:77:db:52:
52:b7:89:21:be:96:75:24:cb:e9:49:df:81:9d:9d:
f8:55:7d:01:2a:eb:78:03:12:e2:20:6e:db:63:35:
cd:a1:96:f0:f8:8c:20:35:69:87:01:ca:b4:54:36:
a0:15:e0:23:7d:b9:fb:be:99:05:50:f0:bf:ec:7f:
12:e1:3d:75:15:4e:c8:c2:30:e6:8b:fe:e5:8b:55:
f8:44:5e:e5:e3:56:e0:66:2d:6f:42:5a:45:6b:96:
aa:c7:5d:41:08:5f:ce:d7:dc:9f:20:e4:46:78:ff:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
6a:f5:af:1f:f7:43:ef:10:74:6d:1f:e5:2e:72:5f:d1:84:40:
c8:60:79:b7:66:2e:46:39:bf:95:ca:fe:83:0a:8a:f4:52:6e:
d2:d3:a5:54:7b:0c:29:35:a0:75:7a:e5:35:5d:99:0a:d9:13:
ca:80:46:a0:a2:6d:d5:c4:ff:0c:d5:da:ec:54:86:df:ce:a7:
92:1a:c7:f6:12:74:04:74:9f:06:39:82:b1:1e:af:47:de:b5:
b7:21:c1:3b:22:27:e3:d0:3f:70:d3:27:1c:63:e0:01:12:80:
20:e7:ac:6c:f0:8f:7a:72:54:8a:21:2d:0e:17:6c:9d:01:fd:
42:96:e1:7a:d5:43:d5:65:9b:0b:7c:dd:b6:90:da:cc:3c:d7:
7a:d3:e2:63:07:e3:96:a7:96:84:d6:0c:9e:31:e0:72:cd:91:
54:cf:16:38:af:c8:23:04:ce:98:2c:61:11:28:70:d7:34:69:
55:b7:e0:5b:87:a6:c4:a4:c5:bf:8f:e0:04:5d:e4:14:22:04:
21:a1:9b:01:19:50:29:03:9d:81:be:e4:ba:4d:68:1c:2f:e4:
e6:05:02:c2:e7:b4:ef:45:be:80:dc:a3:86:58:cf:02:cf:6a:
69:8d:2b:69:69:cd:81:27:63:e8:2d:55:2a:00:de:0b:15:2c:
53:95:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA8NRlvLES0fkLHdbRqK6kj
hb+HtO7K10sfMdcRAqGrWD373FHKOh0flaZWgveP/2tQu+oQ4UcdNXcuSyjFU0Yj
K4L9WtP0IdsO4PJ2M0ezAL46sSOYU+vqoN4bzAVO7mOoLJMk1ph4dAPkyIlDYfEl
uM07h8ExJf26TPwplEWeaddnCoqO1VKTMKIO3WocsJR321JSt4khvpZ1JMvpSd+B
nZ34VX0BKut4AxLiIG7bYzXNoZbw+IwgNWmHAcq0VDagFeAjfbn7vpkFUPC/7H8S
4T11FU7IwjDmi/7li1X4RF7l41bgZi1vQlpFa5aqx11BCF/O19yfIORGeP/ZmQID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUBdG6hgCi7ioFJLcR
rS1g8ZAUjxcwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAGr1rx/3Q+8QdG0f5S5yX9GEQMhgebdmLkY5v5XK/oMKivRSbtLTpVR7DCk1
oHV65TVdmQrZE8qARqCibdXE/wzV2uxUht/Op5Iax/YSdAR0nwY5grEer0fetbch
wTsiJ+PQP3DTJxxj4AESgCDnrGzwj3pyVIohLQ4XbJ0B/UKW4XrVQ9Vlmwt83baQ
2sw813rT4mMH45anloTWDJ4x4HLNkVTPFjivyCMEzpgsYREocNc0aVW34FuHpsSk
xb+P4ARd5BQiBCGhmwEZUCkDnYG+5LpNaBwv5OYFAsLntO9FvoDco4ZYzwLPammN
K2lpzYEnY+gtVSoA3gsVLFOVcik=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/intermediate2-ca-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDQIDw1GW8sRLR+
Qsd1tGorqSOFv4e07srXSx8x1xECoatYPfvcUco6HR+VplaC94//a1C76hDhRx01
dy5LKMVTRiMrgv1a0/Qh2w7g8nYzR7MAvjqxI5hT6+qg3hvMBU7uY6gskyTWmHh0
A+TIiUNh8SW4zTuHwTEl/bpM/CmURZ5p12cKio7VUpMwog7dahywlHfbUlK3iSG+
lnUky+lJ34GdnfhVfQEq63gDEuIgbttjNc2hlvD4jCA1aYcByrRUNqAV4CN9ufu+
mQVQ8L/sfxLhPXUVTsjCMOaL/uWLVfhEXuXjVuBmLW9CWkVrlqrHXUEIX87X3J8g
5EZ4/9mZAgMBAAECggEAR2vofWhfCFgDgJi2DiR9ksIWWJ2jmmmf3kX/TIE7ayXD
wSJ0PeUresnnvtk4MvV1yvcu2221oTlgQqrFjjFNlggppZLsErFNxBiCgJt0CKEA
Qq8FQSiv64y4FcBi1Z60uYYlfjZ4m9Py8g0sA81m/ENe6I41cZ7QmPL7bdPTCPhE
cGwPKjkw1xwDn6EeK5x5sscfCrlKXsH4zhXH67r2iwQ7x5+t4pWApdT15rMX+r0E
HzBoj4wjhR7yo9nZDqhBZiOJF/zQGTCkj6J451Rj47s42fLTYgVyW5D1DO9wBvQQ
i7AwwDuimVqKNGW7J/oRjhiBAKFr2IOGcAFJJbM3SQKBgQD1JRO9umdNfqj38kw5
DMeydVITvhYjSfc+F2R1hldX9kSdowttJ3GwArnjsZLSfttj7/gnRVPJC+OWvJGm
AmegmCXJGl/mtDAlN+MDJw2/KEdcC4CHMqRokrNNF3zafbTDIDq24kAMx1wef46k
8+9F3IPY+arD50LSkS5+gUUk1wKBgQDZV4R9yCeAE8o+ejks7lBC8kk5CxZKbXPA
o4vPHGKOknmZGqfKJY9Auk7nk4g56K9GxlotlsjwCwuSBdkqjDkqMypHG9odh6s8
8iFjVGvJvY6x+PXONW6cjG2K6Lif0o0/bx+C+2Sy05koV1eYY4+EskafqTxbQgSa
0t85a6u3DwKBgGK4g7KsFl3G3BS9pqRy2Ris1ljM++1KJB8FHJeXeiUaL5eryTYz
5DyVXHatVAsguwkL4ksuSAd2mjhhx+WqokCyBMVvsZ8egST71Je4anjIp7QRjbjk
VAEo0rwA8W6roNfTatGrW0/KGPbPN4qGEZ14qEAAixxJTUeu36JiPI4RAoGASK43
pEh2zSHRFCuTSy82r+yOCAFpJuKLPvRyIISBgOQCvexoB/WffinPkSmI+LSTSLu0
FGLEN2G6MM673LqfszkA/l6WBiIEZZEjETB+CyzUtzdmG9tKbheX2kgQ1YF3sqra
gtbGyfZw1UjABjnlGJ71dxcFFA9zssKp223iMokCgYAEBpHy/x90qWR6d9ApXZnC
PMvcZCa2EgQWBabOkyxF7Ao8mIu0K4rqRM9XBlboRRBQdEP3qL7whJ2voZ7frZYH
E9hcwnH4F6rBki9PHbEaU80FfTUplKr+qMJavhQ8O1zGhWr7JSF6ByqTQDYWI8BX
3Q6DAbgdQeeCKFpi4256AA==
-----END PRIVATE KEY-----

186
certs/ocsp/intermediate3-ca-cert.pem Normal file
View File

@@ -0,0 +1,186 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:c5:04:10:7d:c2:21:e9:12:45:da:d5:ba:28:
fd:a6:f4:30:44:a0:df:f9:70:5e:17:26:97:59:5c:
31:eb:13:70:ea:4a:dd:58:3e:4f:33:14:66:59:69:
7a:aa:90:e0:7c:c4:b2:36:c1:0a:f4:df:3e:34:6c:
1a:e9:2b:f1:a5:92:7e:a9:68:70:ba:a4:68:88:f3:
ec:10:40:64:a5:64:7d:d9:1e:51:49:9d:7f:c8:cc:
2b:6d:71:2a:06:ff:e6:1f:84:28:8a:c1:ed:a8:52:
f4:89:a5:c0:77:d8:13:66:c2:65:a5:63:03:98:b0:
4b:05:4f:0c:84:a0:f4:2d:72:73:6b:fa:0d:e1:cf:
45:27:ed:a3:8c:02:d7:ee:99:e2:a1:f0:e3:a0:ad:
69:ed:59:e4:27:41:8f:ef:fa:83:73:8f:5f:2b:68:
89:13:46:26:dc:f6:28:6b:3b:b2:b8:9b:52:2a:17:
1b:dc:72:45:73:da:75:24:35:8b:00:5e:23:37:64:
6a:16:74:b8:ee:fe:b7:11:71:be:0a:73:c8:54:c2:
d9:04:d2:1b:f5:53:ac:8d:2a:4f:fe:33:79:e6:5e:
e7:f3:86:d3:dc:bb:4b:d7:39:7f:5b:3c:67:fe:5e:
88:51:05:96:f2:b4:9a:45:09:4c:51:f0:6a:4d:88:
2a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
BB:15:9E:32:4D:E0:F8:AA:8A:B0:2E:0C:17:2B:5A:41:74:4B:06:45
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
0c:5e:0d:55:3c:e7:fb:5e:c2:09:19:c8:0b:f4:c2:b2:2b:14:
79:dc:e8:63:f6:8a:0c:03:57:9e:15:47:7e:b6:15:a3:71:90:
01:11:39:4b:ff:3d:13:34:e4:f3:5b:a3:6c:58:4f:00:d5:c4:
b0:63:6c:90:c9:89:a8:5d:16:87:0a:da:08:40:12:b4:94:00:
3e:44:00:13:de:34:75:90:38:79:d4:c2:39:6d:ed:17:cb:7e:
50:ff:da:0b:eb:49:1a:66:e6:dd:eb:66:a5:92:ef:68:d5:c9:
93:8f:aa:c7:2a:92:6b:95:af:3d:74:de:aa:29:fd:c9:53:56:
ad:9f:e0:05:d1:97:0c:01:3b:f1:c6:a6:90:7e:5c:08:11:5e:
c1:77:5d:64:09:56:ea:78:29:15:a3:ea:44:2a:4c:d6:09:a7:
a0:5f:05:54:2a:61:ca:7a:09:07:14:34:c2:0d:c5:93:cd:28:
8b:62:26:af:30:25:8a:f1:da:65:fa:db:da:84:ab:d5:0c:37:
ae:5d:95:bd:55:2a:4b:09:e0:d3:3d:8b:3c:ea:f2:b9:68:5e:
e6:21:53:8b:28:78:39:f4:bf:9b:dc:92:bc:4b:14:06:fe:17:
21:64:be:af:20:e8:e7:fb:67:c8:5e:ec:59:bf:27:a4:cb:e3:
8a:6d:c3:ac
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sUEEH3CIekSRdrV
uij9pvQwRKDf+XBeFyaXWVwx6xNw6krdWD5PMxRmWWl6qpDgfMSyNsEK9N8+NGwa
6SvxpZJ+qWhwuqRoiPPsEEBkpWR92R5RSZ1/yMwrbXEqBv/mH4QoisHtqFL0iaXA
d9gTZsJlpWMDmLBLBU8MhKD0LXJza/oN4c9FJ+2jjALX7pniofDjoK1p7VnkJ0GP
7/qDc49fK2iJE0Ym3PYoazuyuJtSKhcb3HJFc9p1JDWLAF4jN2RqFnS47v63EXG+
CnPIVMLZBNIb9VOsjSpP/jN55l7n84bT3LtL1zl/Wzxn/l6IUQWW8rSaRQlMUfBq
TYgqFwIDAQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUuxWeMk3g
+KqKsC4MFytaQXRLBkUwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5y
FSGhgZ2kgZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAw
DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcN
AQELBQADggEBAAxeDVU85/tewgkZyAv0wrIrFHnc6GP2igwDV54VR362FaNxkAER
OUv/PRM05PNbo2xYTwDVxLBjbJDJiahdFocK2ghAErSUAD5EABPeNHWQOHnUwjlt
7RfLflD/2gvrSRpm5t3rZqWS72jVyZOPqscqkmuVrz103qop/clTVq2f4AXRlwwB
O/HGppB+XAgRXsF3XWQJVup4KRWj6kQqTNYJp6BfBVQqYcp6CQcUNMINxZPNKIti
Jq8wJYrx2mX629qEq9UMN65dlb1VKksJ4NM9izzq8rloXuYhU4soeDn0v5vckrxL
FAb+FyFkvq8g6Of7Z8he7Fm/J6TL44ptw6w=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/intermediate3-ca-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDexQQQfcIh6RJF
2tW6KP2m9DBEoN/5cF4XJpdZXDHrE3DqSt1YPk8zFGZZaXqqkOB8xLI2wQr03z40
bBrpK/Glkn6paHC6pGiI8+wQQGSlZH3ZHlFJnX/IzCttcSoG/+YfhCiKwe2oUvSJ
pcB32BNmwmWlYwOYsEsFTwyEoPQtcnNr+g3hz0Un7aOMAtfumeKh8OOgrWntWeQn
QY/v+oNzj18raIkTRibc9ihrO7K4m1IqFxvcckVz2nUkNYsAXiM3ZGoWdLju/rcR
cb4Kc8hUwtkE0hv1U6yNKk/+M3nmXufzhtPcu0vXOX9bPGf+XohRBZbytJpFCUxR
8GpNiCoXAgMBAAECggEAFkESRd96TE7vT2EsJru/kzUjuUdk+JM8Iw3s4rVuGzDG
//DYqd8XpF+uVdJOucldU7mGoCeqw4mlujDug0qrikHXO28+i7au5rePZpQ4ObmP
ROhdcIA2asXStM0wSKC5yX43Wp1C86TN3w5a6t4AGizjYKFCk7dQ10ftVTaLDhsI
I4uuEZAHA7ruKmQp1DbE+/696kY4GUh2SXYQxee1zb/yYDvA6lGhuDW2Jev+4v4l
+1LZq8E2bE4GsmiLEALiHAdGvOrkZ5MUkiHVTnhGz7THK0OMj/4dJlNCwusyO+O5
4Zr2LJQ2rnAtVGdtKuVsgwHwQBPpV9bJPkDXEzlXUQKBgQD38kxnjJ5nv0plMA+E
QViItp0qgQeXX18YTlh8yicqVe+t9kKnHm1tqZx/djvvR/51p0SkMfWNvMn8JYXa
dfT3ZX0djrzR9o6FgR8rL+LmPg6jyIn71wBqmMf7A6WQVYuG7fQk3IJNtx52BKcS
f8r2tsdPX8d/FBsCn3m/ZxaEyQKBgQDmAV5xxTbJKdea5pfH33BOCp6HTqSYgf4Y
/5GEO0YLmQoBXAKbX+zcAeiaOt5WvLQgw7LfkznitPlxCkpHr9VcgVarlEjXHa7y
SeJfik5cIFbMZtXqaQ/DIUvOTgnb/ngLxEdrzX4JUnlv/z1BEhWvEYaHn0asEsc4
zbbcKoEH3wKBgQDRisobcPGmSDm9TmKuqPMDhyFH/IfH2+foCL4rqER1OO84G7i0
t7hPR1plNizsyfE4yUXvZfFZ+cTR/Xwj5jBCrFiSlEDrSO2l0jvfKbceUi/ZJu/G
ECvf6oKHlstjMYibXZpJVLoip7Fsl/4CWlHTMyE56X4V3Y3+J3yiz6JuUQKBgDPS
byMXGibs5IUkG2KPN1B+GAXIdFFgSI39Vx4B9OA8FQMFZhj33fgb/fpx9RJ55ePT
9ANnuo0X1XPgq6fHOD1lbs+t01OUfoxclUKNeOZM6wGW0e/EyCZg5CGRd6s3hHiy
Op1RaWpUSMQxL+3vUy9ktXjtLBEtEfH8d4zXjsblAoGBAMPAdSskbG+upEYcNR2O
++R9X8BkWhaTDqkAuygsGJDomIgH89wROdlTnsi5LXe/r3uCocRC+M1ChRXm7Zqs
81QjVdls6HVZu5rG82S8itqdXHOXCajb1ls+lNiu7/9tPJVmpYfjfjD4/QHV0vF/
FqdfthIOUXePjrAKccJDiJIk
-----END PRIVATE KEY-----

182
certs/ocsp/ocsp-responder-cert.pem Normal file
View File

@@ -0,0 +1,182 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL OCSP Responder/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b8:ba:23:b4:f6:c3:7b:14:c3:a4:f5:1d:61:a1:
f5:1e:63:b9:85:23:34:50:6d:f8:7c:a2:8a:04:8b:
d5:75:5c:2d:f7:63:88:d1:07:7a:ea:0b:45:35:2b:
eb:1f:b1:22:b4:94:41:38:e2:9d:74:d6:8b:30:22:
10:51:c5:db:ca:3f:46:2b:fe:e5:5a:3f:41:74:67:
75:95:a9:94:d5:c3:ee:42:f8:8d:eb:92:95:e1:d9:
65:b7:43:c4:18:de:16:80:90:ce:24:35:21:c4:55:
ac:5a:51:e0:2e:2d:b3:0a:5a:4f:4a:73:31:50:ee:
4a:16:bd:39:8b:ad:05:48:87:b1:99:e2:10:a7:06:
72:67:ca:5c:d1:97:bd:c8:f1:76:f8:e0:4a:ec:bc:
93:f4:66:4c:28:71:d1:d8:66:03:b4:90:30:bb:17:
b0:fe:97:f5:1e:e8:c7:5d:9b:8b:11:19:12:3c:ab:
82:71:78:ff:ae:3f:32:b2:08:71:b2:1b:8c:27:ac:
11:b8:d8:43:49:cf:b0:70:b1:f0:8c:ae:da:24:87:
17:3b:d8:04:65:6c:00:76:50:ef:15:08:d7:b4:73:
68:26:14:87:95:c3:5f:6e:61:b8:87:84:fa:80:1a:
0a:8b:98:f3:e3:ff:4e:44:1c:65:74:7c:71:54:65:
e5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
32:67:E1:B1:79:D2:81:FC:9F:23:0C:70:40:50:B5:46:56:B8:30:36
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Extended Key Usage:
OCSP Signing
Signature Algorithm: sha256WithRSAEncryption
47:86:d8:ff:a5:6e:18:e4:28:b7:8a:74:f6:81:97:89:be:c7:
cf:8d:1e:15:c2:d3:e1:ff:3e:82:b8:6d:8f:92:c8:a2:55:ff:
df:7a:ed:2b:ee:d5:6f:d3:9e:8e:30:d0:08:d3:6a:39:8f:23:
45:a3:2d:e6:99:d4:18:49:a3:f9:17:88:b5:68:86:c8:8c:17:
a7:ac:6a:a6:46:6f:b1:a4:6b:f8:8d:e5:d8:68:75:ca:a6:2d:
36:72:12:0d:1f:12:af:c2:90:e7:bf:4a:3a:f2:02:a0:89:dd:
6b:f8:92:4b:9b:9c:69:5a:24:a7:3f:9b:b9:8e:60:ef:33:54:
cf:aa:53:01:c2:f9:0d:9d:75:bc:c9:09:0f:40:06:6f:ab:f9:
f2:e7:0d:26:84:24:0c:b0:b2:bb:f0:13:e1:bc:82:e7:48:ce:
46:d2:36:e6:d9:7a:4e:b3:d3:55:6c:93:a0:6c:1a:83:d5:22:
a1:2c:84:e7:cc:9e:a5:ef:d5:e1:85:36:38:c5:35:a6:87:49:
74:2c:b0:7c:3d:e7:68:47:5d:46:35:cb:d3:9c:bb:8c:8a:3e:
fd:f9:42:ad:7d:c4:bf:0a:d9:e2:49:04:14:24:11:c1:a4:3d:
86:93:6e:0c:55:49:ed:3f:f9:82:ec:f8:26:3e:bf:9f:33:21:
41:55:23:8c
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBnjELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQDDBZ3b2xmU1NMIE9DU1Ag
UmVzcG9uZGVyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLojtPbDexTDpPUdYaH1HmO5hSM0
UG34fKKKBIvVdVwt92OI0Qd66gtFNSvrH7EitJRBOOKddNaLMCIQUcXbyj9GK/7l
Wj9BdGd1lamU1cPuQviN65KV4dllt0PEGN4WgJDOJDUhxFWsWlHgLi2zClpPSnMx
UO5KFr05i60FSIexmeIQpwZyZ8pc0Ze9yPF2+OBK7LyT9GZMKHHR2GYDtJAwuxew
/pf1HujHXZuLERkSPKuCcXj/rj8ysghxshuMJ6wRuNhDSc+wcLHwjK7aJIcXO9gE
ZWwAdlDvFQjXtHNoJhSHlcNfbmG4h4T6gBoKi5jz4/9ORBxldHxxVGXlOQIDAQAB
o4IBCjCCAQYwCQYDVR0TBAIwADAdBgNVHQ4EFgQUMmfhsXnSgfyfIwxwQFC1Rla4
MDYwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2kgZowgZcx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG
A1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFjMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
AQBHhtj/pW4Y5Ci3inT2gZeJvsfPjR4VwtPh/z6CuG2PksiiVf/feu0r7tVv056O
MNAI02o5jyNFoy3mmdQYSaP5F4i1aIbIjBenrGqmRm+xpGv4jeXYaHXKpi02chIN
HxKvwpDnv0o68gKgid1r+JJLm5xpWiSnP5u5jmDvM1TPqlMBwvkNnXW8yQkPQAZv
q/ny5w0mhCQMsLK78BPhvILnSM5G0jbm2XpOs9NVbJOgbBqD1SKhLITnzJ6l79Xh
hTY4xTWmh0l0LLB8PedoR11GNcvTnLuMij79+UKtfcS/CtniSQQUJBHBpD2Gk24M
VUntP/mC7PgmPr+fMyFBVSOM
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

27
certs/ocsp/ocsp-responder-key.pem Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAuLojtPbDexTDpPUdYaH1HmO5hSM0UG34fKKKBIvVdVwt92OI
0Qd66gtFNSvrH7EitJRBOOKddNaLMCIQUcXbyj9GK/7lWj9BdGd1lamU1cPuQviN
65KV4dllt0PEGN4WgJDOJDUhxFWsWlHgLi2zClpPSnMxUO5KFr05i60FSIexmeIQ
pwZyZ8pc0Ze9yPF2+OBK7LyT9GZMKHHR2GYDtJAwuxew/pf1HujHXZuLERkSPKuC
cXj/rj8ysghxshuMJ6wRuNhDSc+wcLHwjK7aJIcXO9gEZWwAdlDvFQjXtHNoJhSH
lcNfbmG4h4T6gBoKi5jz4/9ORBxldHxxVGXlOQIDAQABAoIBAGI2tR1VxYD+/TYL
DGAIV+acZtqeaQYKMf8x++eG4SrQo6/QP8HDFFqzO0yV2SC0cRtJZ5PzCHxCRSaG
Nd8EL2NMWOazUwW0c/yLtTypOPSeg2Mf+3SwLvgxOZ9CbFQ8YAJi+vbNOPLGCijL
N0HWEkcC1P1kWWgKCWIloR7eEt0IQOb5PPSCu3buq/rForb6qUf+L+ESpWed6bnc
uhIrHDuQ/PopW05fW1r61zI286wKdLRyatQsljNqPvVdFVhtCKqCqMHdIzMg2cbh
q9DJMWc/KLjzBk6YPMZKm/4k4RXj+IwS+iITbpUNrhYj2TMevBMPW3AIRobD823D
ehQv+rECgYEA3CWL+G9zJ5PXRDAdQ69lN+CE/Uf9444CN5idMO+qRQ+QE8hWYT/U
PFH/aUgd1k3WJZseR/GTWx29VsRPSDWZXzwzLfUNKnqvp0b2oZe/EdYiRSo8OCPp
kF07HbTKe4Cyma7HdgDkNkS+UW5JujnuLcuee+wTq6xU0289juwFBc8CgYEA1s/d
VtwXqBf3qMxfi+eMa77fqxptAFGtZNKNkYwX42Ow6Hehj8EnoPqYEF+9MzKn/BFh
ROnQ76axKBN8mkRUjpv7d2+zMlDnGrWul8q6VrfGiU2P7jd4L6GY/V1MYktnIBsd
Ld/jW8P0FFfI2RIREPWdrATxBhQpTJfXd/7rLncCgYB1wrvyBCQUSrg/KIGvADbj
wf1Bw23jeMZk2QVU9Q8e7ClE+8iBMvSj47T9q28SgQaJjUWQdIA/oFP1AwPp+4n0
cK5r6gbF72Tg1Uv+ur6hmuswFlyqJ0O8TrLdvCUIFZr0LJNT4zwwb2tjAdz8ehqX
crFvVqRbE884XuwN9ODm7wKBgQDIEnKlI/kkpq4UmcWkGNXAxNauFr7PPUOyVCln
FoRpVcC/xCzGJ7ExTjWzing950BulgFynhPsIeV+3id/x4S6Dq34YCEXDCMzzWQA
HOHRQvm3iHY1+ZQHSQulb/Bk3LYAQUC8KXspTSlYiSqYgytCEIH6Zd/XOY/9tq8J
JHUHoQKBgHYIB2mRCuDK5C3dCspdPVeAUqptK1nnXxWY/MXA6v+M4wFsIxV7Iwg7
HEjeD5yKH4619syPCFz3jrCxL0oJqVTD2tnrbLf8idEt2eaV/3o2mUGFjvWpTywg
F8DewhrGh6z7FWHp4cMrxpq1hkdi6k+481T1GKBJ1zBSTzskTHQB
-----END RSA PRIVATE KEY-----

8
certs/ocsp/ocspd0.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22220 -nmin 1 \
-index certs/ocsp/index0.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/root-ca-cert.pem \
$@

8
certs/ocsp/ocspd1.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22221 -nmin 1 \
-index certs/ocsp/index1.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \
$@

8
certs/ocsp/ocspd2.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22222 -nmin 1 \
-index certs/ocsp/index2.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate2-ca-cert.pem \
$@

8
certs/ocsp/ocspd3.sh Executable file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22223 -nmin 1 \
-index certs/ocsp/index3.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate3-ca-cert.pem \
$@

42
certs/ocsp/openssl.cnf Normal file
View File

@@ -0,0 +1,42 @@
#
# openssl configuration file for OCSP certificates
#
# Extensions to add to a certificate request (intermediate1-ca)
[ v3_req1 ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
authorityInfoAccess = OCSP;URI:http://localhost:22221
# Extensions to add to a certificate request (intermediate2-ca)
[ v3_req2 ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
authorityInfoAccess = OCSP;URI:http://localhost:22222
# Extensions to add to a certificate request (intermediate3-ca)
[ v3_req3 ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
authorityInfoAccess = OCSP;URI:http://localhost:22223
# Extensions for a typical CA
[ v3_ca ]
basicConstraints = CA:true
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = keyCertSign, cRLSign
authorityInfoAccess = OCSP;URI:http://localhost:22220
# OCSP extensions.
[ v3_ocsp ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
extendedKeyUsage = OCSPSigning

54
certs/ocsp/renewcerts.sh Executable file
View File

@@ -0,0 +1,54 @@
openssl req \
-new \
-key root-ca-key.pem \
-out root-ca-cert.csr \
-subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com"
openssl x509 \
-req -in root-ca-cert.csr \
-extfile openssl.cnf \
-extensions v3_ca \
-days 1000 \
-signkey root-ca-key.pem \
-set_serial 99 \
-out root-ca-cert.pem
rm root-ca-cert.csr
openssl x509 -in root-ca-cert.pem -text > tmp.pem
mv tmp.pem root-ca-cert.pem
# $1 cert, $2 name, $3 ca, $4 extensions, $5 serial
function update_cert() {
openssl req \
-new \
-key $1-key.pem \
-out $1-cert.csr \
-subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=$2/emailAddress=info@wolfssl.com"
openssl x509 \
-req -in $1-cert.csr \
-extfile openssl.cnf \
-extensions $4 \
-days 1000 \
-CA $3-cert.pem \
-CAkey $3-key.pem \
-set_serial $5 \
-out $1-cert.pem
rm $1-cert.csr
openssl x509 -in $1-cert.pem -text > $1_tmp.pem
mv $1_tmp.pem $1-cert.pem
cat $3-cert.pem >> $1-cert.pem
}
update_cert intermediate1-ca "wolfSSL intermediate CA 1" root-ca v3_ca 01
update_cert intermediate2-ca "wolfSSL intermediate CA 2" root-ca v3_ca 02
update_cert intermediate3-ca "wolfSSL REVOKED intermediate CA" root-ca v3_ca 03 # REVOKED
update_cert ocsp-responder "wolfSSL OCSP Responder" root-ca v3_ocsp 04
update_cert server1 "www1.wolfssl.com" intermediate1-ca v3_req1 05
update_cert server2 "www2.wolfssl.com" intermediate1-ca v3_req1 06 # REVOKED
update_cert server3 "www3.wolfssl.com" intermediate2-ca v3_req2 07
update_cert server4 "www4.wolfssl.com" intermediate2-ca v3_req2 08 # REVOKED
update_cert server5 "www5.wolfssl.com" intermediate3-ca v3_req3 09

93
certs/ocsp/root-ca-cert.pem Normal file
View File

@@ -0,0 +1,93 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/root-ca-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCrLLQvHQYJ704p
hoR+zL+meXzwwMFkJYx1txAFykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRx
kK3MBbmfFccKP19p9ApfjHG1LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4
hc0BiKzFsrFZuM1a9AkJOJvaWs/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4
yHDM4WcGsysvk7Vpz4N+iFObD0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tb
ipKXrf2XuXXKwtRFfRdrzS/zY3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsV
roxb+ZmBAgMBAAECggEAd0Qjm3wOfBeYD0jhwnOoyTZ2vkyfssaS0mYlrNMfaM12
iqYBELQo5miReaHZ5ZfYCweNX8guVUAkMCiNX81RYy3KTDKRqYJXQ/HYPFMcXXP2
7Ja6jMfub1FXJ1xULtJs/5XilVwxad1ZgHbBu2LedrUl6wzfUJMeRKWDuiVyCzpK
J2+F1iVH+whBI/eN8qopHM4JeR0W9k7rFJayQZ9iAIfrl2In1hTay9S7HCEdmWz/
BVI818QXsgCuulR9G2erS0gS181P090YcZeuzh5YfvAnzn7m8BTboJojix5pkfQt
gM5E7YD4nYU1V796P2cfAaMJoQyCW4NSn+kwgLT5rQKBgQDXnHvs/fk+gxFiBt/U
tRfU+iUoiMofrcAZswMBvOZVy40RbtxuNXwnGo9+Bko7XVKekVO6TGUyPSpv1VXR
QCjlk+PsXyx0DD2+Hb3r69wXJ3Wfxe0K+p6CHIuspJUmNrHdpJOBTO8GbHNxuaD/
kDJvBq+ZkXEKUm9a5BeU5WiwMwKBgQDLPUkr+Mm2pJIIEBF8z3Lr3bWIbZsinxhM
ErQRAQC0J+oBj1kuUoXYoh1hzQK/E90bM2fRUMhgVGIBvwDMv0c+Z2Fb6zK0r3mP
dOLYGOrfavl/f7zhd4TjzPkAF1fbbYbciFQIWW3//q8PXY68eKvwrhGqT+CCwLef
tWC3xrpLewKBgQC7Ht7abgxa+UsjxQ2Kv+O//Zw0EotAdP2sEBUC9Br+yJpUT99U
cmyeT0nLONBBtxtV7JA6tcR5lmX3CrHg2Yrku7XqVSrySBFppsxGLLslCSTnFdJE
Xf8ksntxyKB8uqkgz40IgWlMLOEACPc19MIgYzAQ2g29xI9J1Xy1x2dUywKBgBFo
HVU7yKLw82TnY2gKKHCVG5Akuw27DIyvaWavbE0BwiQCEARMoxQLxnJy6ZJN9Dj5
LSIbRh4h/AbkQgBHPaXVmtwRh9U71jB4NVmGwM8DzXyjBx1UbDhKfOUKGsc7WTqY
HoJcjnRHbtzlCW2Q9ED316F7l+H6+X8fPLpgteHzAoGARc6B/pWJWkUVM87ObGmr
hiA5YByyC6Rq8HyFEeXiS2fiQPfQF0UC9Qxq9/CBkezb8v+Yb/UT4ieL26c270s5
JkyYqMoBLgkOKG6nPDD4hxoR24cFmC090RNQOhwwHskh+KjVmf3c/m9wNBSdHTpt
URu+xdmbaoKaH9dIJMUKasc=
-----END PRIVATE KEY-----

279
certs/ocsp/server1-cert.pem Normal file
View File

@@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www1.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e6:96:55:75:cf:8a:97:68:8c:b6:38:f6:7a:05:
be:33:b6:51:47:37:8a:f7:db:91:be:92:6b:b7:00:
8c:f2:c5:24:6e:18:e9:92:00:81:01:dc:b3:4c:28:
a9:b7:80:f1:96:cf:23:7a:2f:ae:f8:e3:0f:2d:d3:
5e:23:e7:db:4c:b2:5d:89:16:17:be:be:81:db:fb:
12:6d:28:4b:10:a0:12:04:27:c1:c9:d0:79:95:ef:
e8:8d:8c:59:9b:4e:72:7d:bc:49:2b:22:4e:f8:4f:
e2:0c:f1:e9:e9:97:f9:df:8c:5a:0a:aa:38:1d:43:
04:a3:a7:89:a1:e2:83:a4:4b:b5:4e:45:88:a6:22:
5d:ac:a9:58:67:88:c1:d5:61:ef:bd:11:05:27:94:
47:bb:33:a5:8a:ca:ee:1f:8d:c0:6e:24:af:cd:ca:
bf:80:47:71:95:ac:a9:f1:5d:23:6c:f5:4b:b4:a9:
e1:c4:66:fb:e5:c4:a1:9f:a7:51:d1:78:cd:2e:b4:
3f:2e:e2:82:f3:7f:c4:a7:f4:31:cf:76:27:3f:db:
2e:d2:6e:c3:47:23:82:a3:48:40:8c:a7:c1:13:f0:
63:50:54:43:f6:71:12:e1:6f:a5:7a:58:26:f7:fd:
8b:3b:70:18:a0:43:ba:01:6b:b3:f8:d5:be:05:13:
64:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
CC:55:15:00:E2:44:89:92:63:6D:10:5D:B9:9E:73:B6:5D:3A:19:CA
X509v3 Authority Key Identifier:
keyid:83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:01
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22221
Signature Algorithm: sha256WithRSAEncryption
cc:2e:e2:e4:a8:f6:e8:73:e4:e8:d9:ee:05:e6:2c:a9:0f:54:
d5:b0:be:ce:20:a6:12:38:63:b8:19:32:c1:12:2f:d4:ee:a5:
73:2b:72:5c:ad:c7:ed:d7:a4:5e:97:d2:a4:fd:9e:db:3d:e0:
df:a2:96:a9:36:c8:e3:f9:93:d6:84:dc:ad:a4:5f:1e:d4:af:
de:b4:05:9a:e5:ac:c6:b4:f4:9b:69:a0:e8:81:28:32:d7:a0:
83:1b:2d:18:92:87:33:3f:23:11:11:f5:c9:01:11:35:de:44:
8d:1d:6b:c4:3a:20:72:64:5d:c1:59:60:cb:5c:3b:ca:a0:27:
ab:e6:6c:ac:31:ec:a9:3a:a0:ec:10:e5:48:34:9b:d3:1c:9e:
1e:93:2a:ba:47:40:b6:5d:45:c4:b9:cb:d6:63:5b:1a:70:26:
23:f6:0a:41:53:de:ba:02:db:df:ce:df:6d:7a:9c:85:55:a4:
01:3e:f5:d1:9c:4a:59:bf:1f:f5:83:fa:92:9a:3d:80:4d:49:
aa:f6:92:5f:94:ee:ef:38:b3:71:9f:96:30:7d:b2:d2:8d:bb:
16:ed:e1:6f:cd:8e:4e:d2:e0:5b:59:5c:dd:95:de:9f:69:63:
d4:b2:54:52:51:40:e5:50:5c:4b:1c:5e:51:5b:10:b7:19:1f:
31:08:70:cb
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
MS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOaWVXXPipdojLY49noFvjO2
UUc3ivfbkb6Sa7cAjPLFJG4Y6ZIAgQHcs0woqbeA8ZbPI3ovrvjjDy3TXiPn20yy
XYkWF76+gdv7Em0oSxCgEgQnwcnQeZXv6I2MWZtOcn28SSsiTvhP4gzx6emX+d+M
WgqqOB1DBKOniaHig6RLtU5FiKYiXaypWGeIwdVh770RBSeUR7szpYrK7h+NwG4k
r83Kv4BHcZWsqfFdI2z1S7Sp4cRm++XEoZ+nUdF4zS60Py7igvN/xKf0Mc92Jz/b
LtJuw0cjgqNIQIynwRPwY1BUQ/ZxEuFvpXpYJvf9iztwGKBDugFrs/jVvgUTZDEC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFMxVFQDiRImSY20QXbme
c7ZdOhnKMIHEBgNVHSMEgbwwgbmAFIPGOoksgfQC151M4irAcYJkRNoOoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
AQDMLuLkqPboc+To2e4F5iypD1TVsL7OIKYSOGO4GTLBEi/U7qVzK3Jcrcft16Re
l9Kk/Z7bPeDfopapNsjj+ZPWhNytpF8e1K/etAWa5azGtPSbaaDogSgy16CDGy0Y
koczPyMREfXJARE13kSNHWvEOiByZF3BWWDLXDvKoCer5mysMeypOqDsEOVINJvT
HJ4ekyq6R0C2XUXEucvWY1sacCYj9gpBU966Atvfzt9tepyFVaQBPvXRnEpZvx/1
g/qSmj2ATUmq9pJflO7vOLNxn5YwfbLSjbsW7eFvzY5O0uBbWVzdld6faWPUslRS
UUDlUFxLHF5RWxC3GR8xCHDL
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
1e:07:eb:03:66:a7:54:e8:c5:e1:fe:c9:08:58:91:d8:1b:d6:
c8:69:a5:65:03:a3:1a:f4:eb:9d:cd:4a:c1:9d:cd:ac:39:0b:
49:09:e7:9c:0f:12:cb:3f:29:e1:9c:d1:f4:68:14:02:2e:d3:
fe:3d:63:3c:26:80:38:91:03:c3:52:52:9e:66:4d:59:d1:80:
97:eb:91:99:5f:e7:d5:8e:e7:c4:c0:d3:f3:12:2e:c9:05:3a:
54:ed:38:f3:6f:f3:ae:74:18:47:b5:25:c6:e3:44:8c:27:bd:
3f:bc:e3:f1:0e:e4:50:ff:4c:ec:30:d6:0d:9f:8f:d0:f6:be:
43:73:94:8f:48:97:38:7c:e8:8a:53:fd:02:4e:0f:2c:14:53:
f4:4c:80:8a:09:b2:b8:a8:0e:11:75:a6:15:6a:5f:c8:06:7b:
ff:a3:76:d0:e8:70:0a:e0:b1:6d:88:54:06:c2:04:f9:81:b0:
77:af:a4:80:1b:88:64:5e:db:ff:36:dc:e8:d2:7b:4e:55:40:
3c:f7:cd:33:f9:66:59:2e:9c:18:c7:50:e6:b5:b9:c1:94:3b:
78:46:05:a6:24:41:2a:28:b5:e8:92:d0:0d:47:18:e8:cc:6e:
e8:11:d2:2a:94:47:75:b5:80:f2:e8:83:34:cc:7f:22:8a:9e:
49:be:30:c1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAB4H6wNmp1ToxeH+yQhYkdgb1shppWUDoxr0653NSsGdzaw5C0kJ55wPEss/
KeGc0fRoFAIu0/49YzwmgDiRA8NSUp5mTVnRgJfrkZlf59WO58TA0/MSLskFOlTt
OPNv8650GEe1JcbjRIwnvT+84/EO5FD/TOww1g2fj9D2vkNzlI9Ilzh86IpT/QJO
DywUU/RMgIoJsrioDhF1phVqX8gGe/+jdtDocArgsW2IVAbCBPmBsHevpIAbiGRe
2/823OjSe05VQDz3zTP5ZlkunBjHUOa1ucGUO3hGBaYkQSooteiS0A1HGOjMbugR
0iqUR3W1gPLogzTMfyKKnkm+MME=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server1-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDmllV1z4qXaIy2
OPZ6Bb4ztlFHN4r325G+kmu3AIzyxSRuGOmSAIEB3LNMKKm3gPGWzyN6L6744w8t
014j59tMsl2JFhe+voHb+xJtKEsQoBIEJ8HJ0HmV7+iNjFmbTnJ9vEkrIk74T+IM
8enpl/nfjFoKqjgdQwSjp4mh4oOkS7VORYimIl2sqVhniMHVYe+9EQUnlEe7M6WK
yu4fjcBuJK/Nyr+AR3GVrKnxXSNs9Uu0qeHEZvvlxKGfp1HReM0utD8u4oLzf8Sn
9DHPdic/2y7SbsNHI4KjSECMp8ET8GNQVEP2cRLhb6V6WCb3/Ys7cBigQ7oBa7P4
1b4FE2QxAgMBAAECggEBAMcAl2DFbOae5FGfd5h3vF8EycCcvuKKLI4775pQb1RV
r8sU1P+cT7o7rsHblh04u0dcHVImNOu3ijISaPyz7R+UEAVve66y23/uf0iVrbL7
cpEDfsudkFFGa30901elrEm3Za5EPcMvrfdeEHH5Jz02876giS032ZkjzjRYOSRg
TuFhiqjRTMfE6AB63KSRWcb6AYEocHV/jF+IEQcz9ctsv6XKKKJtge4+Y3+gQU4N
ALUE6OjBsD5KpMVuMYBSfTucYi5g2eOK05PoCOR8lTqgvsbof+ALj+84zEpG20aK
p0KdMVwiMolXaYcvKBOGPxZKt7sQaIMitbs0iuErMQECgYEA+cLVZh4qkRnsjPVc
/27qC/VLeWo2QAL7TWC7YgkY0MgNtZXRkJZdKOlzYWo/iJmuxHj7eUFLkoHpPNV2
X6WG+CGHD1qq/BqLQNlJKS/MtI2VNzOjBJ/J3SktOGo3BwL+Q5uSRNHukQip0YnD
c9GCU4UhfBHr/UNitMBH6N5aPqUCgYEA7FjjTGomVseF5wNbfw2xLjBmRuQ2DDgJ
/OvCtV6it+OiVU9R+cYcz/hVl1QLIkGBHt5hb8O6np4tW5ehKd5LNTtolIO+/BLL
2xPZCLY7U+LES5dgUTC/wb5t5igAmPuOMi9qNQ1kYxbKYJVLRUdwfOM8FNE4gjZF
kj2BIb6OxZ0CgYEAmuXXvWZ2FdmTGHTPwWdDZjkyHtHdZWO0AXA9pnZn2oxH3FdX
SinHCymFsmPXlVtixV0W8UOqn+lMAruMl5MsGtWIUuBzbLj1pjlcI1wOw+ePJFY1
AxgqdKwl7HgLOqEDmmBwnZfpMi/CSj77ZegIwM2vT6g5yK+zFtCtiGHmbDUCgYBf
L2VLbyzFolGBOk7tGnyTF5b5UguaXC9ZlzGxjc2Gtby5Etr29xy/fUorSgO55hu0
bOdc9b0BCL9HtgeILyim5ag2t+CA8Kj9MD8mTQ4TuK5Jq0t1J2bzBliIau/irN0V
xRbHCv+1EIas4zOPUTgyc+nMkH5roqPeQ7rv9ijV2QKBgQDJiNmAJv3dlie2x+bj
rX5RDF1Q/egVVGx41jPyuzh0oFLwEQG2lSHEAKgF+gWt0ZMwNzPB9oue2LBSpNFl
7ZdpFCpzD+3OcaxnWYEGT+qNhczbf0PvVNBOzOI33Trr7maktWi0Mh9qmXqoNuwG
uCnrEriJlBk2MV88tIG/ZJ+bvQ==
-----END PRIVATE KEY-----

279
certs/ocsp/server2-cert.pem Normal file
View File

@@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www2.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:35:8a:e8:aa:bd:33:c9:5e:84:43:67:42:65:
2a:3c:e3:89:b4:a6:67:a1:3b:ee:6d:85:d1:d3:2b:
6e:b1:62:d4:f1:22:43:a0:d5:b7:a5:7d:b5:f5:6c:
09:06:7c:8c:ef:87:af:4f:34:ce:27:eb:f3:4a:37:
57:c3:d7:d8:ee:e4:a0:77:65:2c:a7:c2:10:65:6b:
7b:48:c4:d8:28:fe:4c:4e:4f:7e:2f:20:c4:49:5b:
71:38:40:0d:36:a3:57:b3:44:da:be:cd:54:14:15:
66:0f:d3:05:08:f2:2e:03:67:2e:5c:5d:e1:b0:e6:
c0:25:8f:58:77:5b:d3:d7:a8:22:ea:56:d3:0e:01:
6d:38:34:56:47:aa:12:c4:ba:2a:ef:ec:18:f5:d4:
db:b9:fa:6f:dc:50:eb:ee:10:a2:14:b5:9a:12:e1:
e3:85:0f:79:14:b8:70:6d:0d:1c:1d:38:57:85:6a:
82:0c:d6:bd:2c:bf:20:f1:28:2e:f6:34:80:a7:0d:
32:82:35:4f:c1:b1:e5:9e:26:d5:f8:b9:39:57:43:
ef:ed:f1:10:5c:3e:32:ba:d9:e4:9e:40:cd:28:ea:
26:46:9b:a9:34:8d:9f:b9:fd:45:7d:14:f7:ce:ca:
3b:85:87:a7:64:74:9c:65:29:18:b3:f5:b1:ad:92:
62:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
7D:6D:FD:F6:0B:4F:3F:4A:62:91:F5:F3:13:60:51:86:C3:5A:9F:D6
X509v3 Authority Key Identifier:
keyid:83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:01
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22221
Signature Algorithm: sha256WithRSAEncryption
84:39:12:8b:3b:47:c1:57:60:70:5d:21:e4:1f:60:33:20:94:
ab:7d:50:62:55:bf:cc:78:13:40:9d:40:75:14:55:d5:71:e8:
8a:26:3d:4a:85:94:02:6f:be:1c:84:69:6b:03:9d:74:a7:8c:
f1:0e:e4:4e:79:e3:fc:bd:1f:c7:fb:d6:bb:6e:aa:55:7f:ac:
6f:da:84:08:b0:97:ef:24:d5:a3:d9:c1:67:78:08:7d:05:18:
c0:58:50:e8:fc:20:65:c6:0a:4e:3a:81:7a:64:0b:81:be:12:
87:33:18:85:d3:e3:c3:ba:b5:b0:03:9a:16:e3:01:ae:a9:9a:
9a:ea:84:5f:0e:5c:dd:d4:16:b8:38:e2:63:0a:4f:75:5f:44:
0b:60:08:f3:d4:df:32:cf:5b:f9:7b:a0:b1:ba:ae:ed:0f:a1:
c5:71:6b:1a:19:13:b7:5f:18:e8:97:51:a2:d3:66:52:b9:8b:
0e:47:22:c9:61:17:94:80:7c:3d:39:6f:5a:58:18:7b:2e:42:
ea:20:fa:67:58:bf:4c:58:7e:e8:c0:3d:15:08:96:84:57:a8:
6c:66:58:9d:93:30:64:93:28:7e:cc:1b:a2:e4:f7:d8:69:9c:
19:07:9f:90:7f:53:a8:4f:59:86:a2:0a:87:c7:35:3d:b7:9d:
51:61:51:69
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
Mi53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMY1iuiqvTPJXoRDZ0JlKjzj
ibSmZ6E77m2F0dMrbrFi1PEiQ6DVt6V9tfVsCQZ8jO+Hr080zifr80o3V8PX2O7k
oHdlLKfCEGVre0jE2Cj+TE5Pfi8gxElbcThADTajV7NE2r7NVBQVZg/TBQjyLgNn
Llxd4bDmwCWPWHdb09eoIupW0w4BbTg0VkeqEsS6Ku/sGPXU27n6b9xQ6+4QohS1
mhLh44UPeRS4cG0NHB04V4VqggzWvSy/IPEoLvY0gKcNMoI1T8Gx5Z4m1fi5OVdD
7+3xEFw+MrrZ5J5AzSjqJkabqTSNn7n9RX0U987KO4WHp2R0nGUpGLP1sa2SYjkC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFH1t/fYLTz9KYpH18xNg
UYbDWp/WMIHEBgNVHSMEgbwwgbmAFIPGOoksgfQC151M4irAcYJkRNoOoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
AQCEORKLO0fBV2BwXSHkH2AzIJSrfVBiVb/MeBNAnUB1FFXVceiKJj1KhZQCb74c
hGlrA510p4zxDuROeeP8vR/H+9a7bqpVf6xv2oQIsJfvJNWj2cFneAh9BRjAWFDo
/CBlxgpOOoF6ZAuBvhKHMxiF0+PDurWwA5oW4wGuqZqa6oRfDlzd1Ba4OOJjCk91
X0QLYAjz1N8yz1v5e6Cxuq7tD6HFcWsaGRO3Xxjol1Gi02ZSuYsORyLJYReUgHw9
OW9aWBh7LkLqIPpnWL9MWH7owD0VCJaEV6hsZlidkzBkkyh+zBui5PfYaZwZB5+Q
f1OoT1mGogqHxzU9t51RYVFp
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
1e:07:eb:03:66:a7:54:e8:c5:e1:fe:c9:08:58:91:d8:1b:d6:
c8:69:a5:65:03:a3:1a:f4:eb:9d:cd:4a:c1:9d:cd:ac:39:0b:
49:09:e7:9c:0f:12:cb:3f:29:e1:9c:d1:f4:68:14:02:2e:d3:
fe:3d:63:3c:26:80:38:91:03:c3:52:52:9e:66:4d:59:d1:80:
97:eb:91:99:5f:e7:d5:8e:e7:c4:c0:d3:f3:12:2e:c9:05:3a:
54:ed:38:f3:6f:f3:ae:74:18:47:b5:25:c6:e3:44:8c:27:bd:
3f:bc:e3:f1:0e:e4:50:ff:4c:ec:30:d6:0d:9f:8f:d0:f6:be:
43:73:94:8f:48:97:38:7c:e8:8a:53:fd:02:4e:0f:2c:14:53:
f4:4c:80:8a:09:b2:b8:a8:0e:11:75:a6:15:6a:5f:c8:06:7b:
ff:a3:76:d0:e8:70:0a:e0:b1:6d:88:54:06:c2:04:f9:81:b0:
77:af:a4:80:1b:88:64:5e:db:ff:36:dc:e8:d2:7b:4e:55:40:
3c:f7:cd:33:f9:66:59:2e:9c:18:c7:50:e6:b5:b9:c1:94:3b:
78:46:05:a6:24:41:2a:28:b5:e8:92:d0:0d:47:18:e8:cc:6e:
e8:11:d2:2a:94:47:75:b5:80:f2:e8:83:34:cc:7f:22:8a:9e:
49:be:30:c1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAB4H6wNmp1ToxeH+yQhYkdgb1shppWUDoxr0653NSsGdzaw5C0kJ55wPEss/
KeGc0fRoFAIu0/49YzwmgDiRA8NSUp5mTVnRgJfrkZlf59WO58TA0/MSLskFOlTt
OPNv8650GEe1JcbjRIwnvT+84/EO5FD/TOww1g2fj9D2vkNzlI9Ilzh86IpT/QJO
DywUU/RMgIoJsrioDhF1phVqX8gGe/+jdtDocArgsW2IVAbCBPmBsHevpIAbiGRe
2/823OjSe05VQDz3zTP5ZlkunBjHUOa1ucGUO3hGBaYkQSooteiS0A1HGOjMbugR
0iqUR3W1gPLogzTMfyKKnkm+MME=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server2-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDGNYroqr0zyV6E
Q2dCZSo844m0pmehO+5thdHTK26xYtTxIkOg1belfbX1bAkGfIzvh69PNM4n6/NK
N1fD19ju5KB3ZSynwhBla3tIxNgo/kxOT34vIMRJW3E4QA02o1ezRNq+zVQUFWYP
0wUI8i4DZy5cXeGw5sAlj1h3W9PXqCLqVtMOAW04NFZHqhLEuirv7Bj11Nu5+m/c
UOvuEKIUtZoS4eOFD3kUuHBtDRwdOFeFaoIM1r0svyDxKC72NICnDTKCNU/BseWe
JtX4uTlXQ+/t8RBcPjK62eSeQM0o6iZGm6k0jZ+5/UV9FPfOyjuFh6dkdJxlKRiz
9bGtkmI5AgMBAAECggEAL6rWwke1gsvNyD8xiR0tQEF0b5aJW5Q/LeW95WwPjed3
0Jnt67MaHFmUNfaKYR35Au39si2/2of7FYEjwTyatjETikMxrxKTwOBNYN2+InWt
wjOJ5CmcKwwruVxmERrNT5aiiLp2mvHefrXAAzvC5xycYKhPS6zizuWfX+0ckEM5
yJnl8TRTjfqExxHS1ciTY4B1w8nfWdYY/xiQW23sCPZ8toqsqAuHJjREmMcj+oer
z8Md1tZNa0ujDy0ejSovCnqzWIi4Umg3SndhRDYKNRAFGPNQmYRM+EWEqQufMaXP
ghD+Heb5RUPSkNW98KdjDGK4WiIeqF45tb+YQ4AvgQKBgQDt2X+FMHG/s7FAEAxA
x6TzIcDedqwEKtO3JbaC+Q0FKwRTGwP1tGOnyqbVrw4cSlza5EvUnK8CZK9I2HFd
qfbP3rtFCtHl9/bpVZPNkaVImzqkfmzmGJIREsCDIPu8THFNyxL2TC27VKCNsSmZ
ui2tuxRJ6/O0DroGdvdnFL89SQKBgQDVVaZjiA5Cr1e5Eo6q3dNNeMSBfTuI90Ja
W1OmVovp2yWYjfFFTW2B9vb4RDaRvIuykGhHgAnGKGmHtv7f0GlY7n6Qr0czvyn5
6s+fRVIcPzEaTVnxC1g20+XHc41XdqnIOcaUjUz7oqC6g7+Y56WKdvvKitV0Lb98
ua7ZOM6tcQKBgGWtRMY7H2VD+9HXCmXm8qy9ESYItSBS7o6soIj8zoQXD5I3SkoP
A0sHZqqSWwXdBDTOw1vwXyA2ynfpjwzrS4cxP/0T0wbsKbE11ClcybtwIHGRWhxD
BK4nxgRIZVTpmMYYudJwXlxmoPvxcEc3P6+0+cdgBp5CbWO2F60JQXeBAoGAHxLs
u46z1Q7JTlHfqg/JmX0/0kS1iUvKxHKNCquMkbG0FjaGsDuI+edJLfxxnmTCTG4w
YknKIqz8QiJrmZo33hZPJTACxQzRRm/nciGcxjSGKHif4zZt0P6od5bjPZwxOtL/
k9/JGNYlZ0WNgO4s9LBEGMqEMPoA7F/3kfhuUmECgYEA6WzFZjs31OqTLE0vnCfL
/b/wPeozaAyjtR/24TNkAFwP/LrBAA5gFOoL8p94ce87yXdm80x3bK6OGbNmor7c
qT/OJgnXV1wTrKYSkFUu7LTC7DihpYy2MqyGg8xGxB4kK1IR+ROB4v3c5RkIqaGF
lTSpXFge771NjCimucIOl/Y=
-----END PRIVATE KEY-----

279
certs/ocsp/server3-cert.pem Normal file
View File

@@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www3.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:be:19:65:1e:17:39:d4:33:fc:97:64:69:80:51:
fb:6c:7c:ca:e1:ba:2a:ab:d2:dd:30:61:f3:2e:47:
c1:d4:33:c0:ff:53:21:ba:2d:14:a6:b9:7c:66:ca:
45:7b:1c:7d:8f:fc:75:f3:9a:69:f1:6c:25:46:a0:
92:5d:00:93:e3:22:a6:60:b9:97:05:37:7f:a1:aa:
cd:22:81:72:b1:22:47:3d:7c:8d:46:55:bc:32:4d:
d2:84:43:5c:15:43:07:22:70:36:39:93:1b:e8:a1:
46:bb:02:85:ba:1d:31:ac:b1:3c:84:5b:eb:8f:1f:
62:8a:71:52:9e:0b:63:b6:e6:d6:46:cc:19:06:d6:
bb:06:81:e4:0b:25:14:6c:63:94:70:1a:27:37:95:
24:40:07:30:f5:24:73:c3:bd:f9:0e:5f:b6:cd:4f:
18:88:f0:d7:a3:9b:f5:b0:1e:fe:04:03:a5:8d:73:
f7:6b:31:74:85:fd:61:fa:9e:53:37:75:90:e6:f8:
b5:98:66:e8:52:4d:4a:4c:39:05:65:c1:34:f9:c6:
95:27:b0:07:c1:51:96:a8:82:1b:22:cf:41:df:de:
b4:94:b7:0d:ba:61:fb:f4:40:7c:a1:fc:a2:29:a3:
47:4d:b4:94:9d:7b:51:ec:e4:13:fb:cd:e9:26:ca:
a7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
C1:CD:C0:2C:34:F4:3B:BB:E3:CA:98:35:7D:6A:15:33:94:5C:11:3A
X509v3 Authority Key Identifier:
keyid:05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:02
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
12:62:57:58:a4:74:c0:b3:f1:d7:63:8b:1d:ba:79:99:88:76:
5f:88:3b:e3:53:8d:d3:88:d0:98:91:3b:72:31:e9:03:5d:d5:
1d:fe:6a:59:e8:a0:46:5b:4a:5a:3c:ce:60:27:00:36:68:49:
35:22:cd:16:01:5f:94:67:5e:80:1a:2f:a6:21:4b:1a:d2:f8:
70:ba:39:0f:d4:54:44:c8:6d:f4:1c:bc:fa:b3:72:32:e5:56:
18:b8:c0:4c:98:21:56:36:a3:83:94:60:a9:a1:de:8c:7d:22:
46:40:ac:92:7c:4a:44:6c:24:36:78:ab:f6:93:4f:44:f6:82:
2e:ba:bc:7f:45:c2:51:be:fa:05:bb:d1:8a:95:84:38:f0:1d:
c7:66:8d:5e:44:05:26:48:b2:bd:4e:56:7a:17:28:b2:fa:3a:
25:ce:7e:83:9a:ee:76:b0:02:54:a3:65:78:7c:7b:1e:49:ad:
7f:65:5e:a8:cc:59:1e:fb:61:27:b6:3f:df:31:11:49:06:01:
58:55:84:35:3e:f6:db:5a:e9:fd:2f:0a:b0:f7:c7:fb:d9:59:
86:c6:cd:0c:f2:a6:f9:0a:ef:4b:ab:ca:a6:16:b4:df:0f:0d:
c6:d1:32:4f:0d:f9:a8:2a:28:a1:be:e2:c3:62:7e:74:90:58:
bc:67:89:20
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
My53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4ZZR4XOdQz/JdkaYBR+2x8
yuG6KqvS3TBh8y5HwdQzwP9TIbotFKa5fGbKRXscfY/8dfOaafFsJUagkl0Ak+Mi
pmC5lwU3f6GqzSKBcrEiRz18jUZVvDJN0oRDXBVDByJwNjmTG+ihRrsChbodMayx
PIRb648fYopxUp4LY7bm1kbMGQbWuwaB5AslFGxjlHAaJzeVJEAHMPUkc8O9+Q5f
ts1PGIjw16Ob9bAe/gQDpY1z92sxdIX9YfqeUzd1kOb4tZhm6FJNSkw5BWXBNPnG
lSewB8FRlqiCGyLPQd/etJS3Dbph+/RAfKH8oimjR020lJ17UezkE/vN6SbKp5MC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFMHNwCw09Du748qYNX1q
FTOUXBE6MIHEBgNVHSMEgbwwgbmAFAXRuoYAou4qBSS3Ea0tYPGQFI8XoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
AQASYldYpHTAs/HXY4sdunmZiHZfiDvjU43TiNCYkTtyMekDXdUd/mpZ6KBGW0pa
PM5gJwA2aEk1Is0WAV+UZ16AGi+mIUsa0vhwujkP1FREyG30HLz6s3Iy5VYYuMBM
mCFWNqODlGCpod6MfSJGQKySfEpEbCQ2eKv2k09E9oIuurx/RcJRvvoFu9GKlYQ4
8B3HZo1eRAUmSLK9TlZ6Fyiy+jolzn6Dmu52sAJUo2V4fHseSa1/ZV6ozFke+2En
tj/fMRFJBgFYVYQ1PvbbWun9Lwqw98f72VmGxs0M8qb5Cu9Lq8qmFrTfDw3G0TJP
DfmoKiihvuLDYn50kFi8Z4kg
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4:
6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7:
11:02:a1:ab:58:3d:fb:dc:51:ca:3a:1d:1f:95:a6:
56:82:f7:8f:ff:6b:50:bb:ea:10:e1:47:1d:35:77:
2e:4b:28:c5:53:46:23:2b:82:fd:5a:d3:f4:21:db:
0e:e0:f2:76:33:47:b3:00:be:3a:b1:23:98:53:eb:
ea:a0:de:1b:cc:05:4e:ee:63:a8:2c:93:24:d6:98:
78:74:03:e4:c8:89:43:61:f1:25:b8:cd:3b:87:c1:
31:25:fd:ba:4c:fc:29:94:45:9e:69:d7:67:0a:8a:
8e:d5:52:93:30:a2:0e:dd:6a:1c:b0:94:77:db:52:
52:b7:89:21:be:96:75:24:cb:e9:49:df:81:9d:9d:
f8:55:7d:01:2a:eb:78:03:12:e2:20:6e:db:63:35:
cd:a1:96:f0:f8:8c:20:35:69:87:01:ca:b4:54:36:
a0:15:e0:23:7d:b9:fb:be:99:05:50:f0:bf:ec:7f:
12:e1:3d:75:15:4e:c8:c2:30:e6:8b:fe:e5:8b:55:
f8:44:5e:e5:e3:56:e0:66:2d:6f:42:5a:45:6b:96:
aa:c7:5d:41:08:5f:ce:d7:dc:9f:20:e4:46:78:ff:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
6a:f5:af:1f:f7:43:ef:10:74:6d:1f:e5:2e:72:5f:d1:84:40:
c8:60:79:b7:66:2e:46:39:bf:95:ca:fe:83:0a:8a:f4:52:6e:
d2:d3:a5:54:7b:0c:29:35:a0:75:7a:e5:35:5d:99:0a:d9:13:
ca:80:46:a0:a2:6d:d5:c4:ff:0c:d5:da:ec:54:86:df:ce:a7:
92:1a:c7:f6:12:74:04:74:9f:06:39:82:b1:1e:af:47:de:b5:
b7:21:c1:3b:22:27:e3:d0:3f:70:d3:27:1c:63:e0:01:12:80:
20:e7:ac:6c:f0:8f:7a:72:54:8a:21:2d:0e:17:6c:9d:01:fd:
42:96:e1:7a:d5:43:d5:65:9b:0b:7c:dd:b6:90:da:cc:3c:d7:
7a:d3:e2:63:07:e3:96:a7:96:84:d6:0c:9e:31:e0:72:cd:91:
54:cf:16:38:af:c8:23:04:ce:98:2c:61:11:28:70:d7:34:69:
55:b7:e0:5b:87:a6:c4:a4:c5:bf:8f:e0:04:5d:e4:14:22:04:
21:a1:9b:01:19:50:29:03:9d:81:be:e4:ba:4d:68:1c:2f:e4:
e6:05:02:c2:e7:b4:ef:45:be:80:dc:a3:86:58:cf:02:cf:6a:
69:8d:2b:69:69:cd:81:27:63:e8:2d:55:2a:00:de:0b:15:2c:
53:95:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA8NRlvLES0fkLHdbRqK6kj
hb+HtO7K10sfMdcRAqGrWD373FHKOh0flaZWgveP/2tQu+oQ4UcdNXcuSyjFU0Yj
K4L9WtP0IdsO4PJ2M0ezAL46sSOYU+vqoN4bzAVO7mOoLJMk1ph4dAPkyIlDYfEl
uM07h8ExJf26TPwplEWeaddnCoqO1VKTMKIO3WocsJR321JSt4khvpZ1JMvpSd+B
nZ34VX0BKut4AxLiIG7bYzXNoZbw+IwgNWmHAcq0VDagFeAjfbn7vpkFUPC/7H8S
4T11FU7IwjDmi/7li1X4RF7l41bgZi1vQlpFa5aqx11BCF/O19yfIORGeP/ZmQID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUBdG6hgCi7ioFJLcR
rS1g8ZAUjxcwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAGr1rx/3Q+8QdG0f5S5yX9GEQMhgebdmLkY5v5XK/oMKivRSbtLTpVR7DCk1
oHV65TVdmQrZE8qARqCibdXE/wzV2uxUht/Op5Iax/YSdAR0nwY5grEer0fetbch
wTsiJ+PQP3DTJxxj4AESgCDnrGzwj3pyVIohLQ4XbJ0B/UKW4XrVQ9Vlmwt83baQ
2sw813rT4mMH45anloTWDJ4x4HLNkVTPFjivyCMEzpgsYREocNc0aVW34FuHpsSk
xb+P4ARd5BQiBCGhmwEZUCkDnYG+5LpNaBwv5OYFAsLntO9FvoDco4ZYzwLPammN
K2lpzYEnY+gtVSoA3gsVLFOVcik=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server3-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC+GWUeFznUM/yX
ZGmAUftsfMrhuiqr0t0wYfMuR8HUM8D/UyG6LRSmuXxmykV7HH2P/HXzmmnxbCVG
oJJdAJPjIqZguZcFN3+hqs0igXKxIkc9fI1GVbwyTdKEQ1wVQwcicDY5kxvooUa7
AoW6HTGssTyEW+uPH2KKcVKeC2O25tZGzBkG1rsGgeQLJRRsY5RwGic3lSRABzD1
JHPDvfkOX7bNTxiI8Nejm/WwHv4EA6WNc/drMXSF/WH6nlM3dZDm+LWYZuhSTUpM
OQVlwTT5xpUnsAfBUZaoghsiz0Hf3rSUtw26Yfv0QHyh/KIpo0dNtJSde1Hs5BP7
zekmyqeTAgMBAAECggEARDViddCJnF1m5X9O548C8qM4PJQK2YoYeVK76cAviQ9k
0XgnouCoB0aIn202Tv0jBHXmcJjYKJrQKS5WNe6OIbJ+FjihOmr2bbCWWCowV+Rf
wW0eV71NgJMx1OlCchKRzcaLfk8NdYPgmBtIlkYBW+BgQXGl7L2rIteUeEbH6Yj9
yCn7ORQeFSbhZJTn2WdXhK3GWjV+1GyHyUyL2SSa2+G2LZ54Ifquq/F6rMGYB9lY
2K6Q6DB18aVxd/I/OYKeyBZcmJ9COgPUW7/fg0He73aduYdVvWZCRP1ygGdqSZFr
oqLVe34bEVFANUKylzRplRJdC4oKSUyTSubiOMKZ+QKBgQDf0mk3PolyvsfE2YGb
9/DsURIxZg14o9Pysp3yD1vvIYNz6WaddtJaj5OM7NzN8spu3wJSoeVgL6KYI6ah
ZTIYqy4ehOGPKBVL7SvLF+7q/QBMTdfllpdK7GLTtjBnz92TZl9bS/rBc9dCnnBC
EDkPPrc3nbk5/ADWd+K4RPG3HwKBgQDZbdiQCKY2ulppRcwjcAEIjhrFpShV21P6
JNKt17HDBqULIAn+G9T/Gg/6yHWeY1DUgVBu1avb4L3jdnMPe2O+1jeaDzNRo6Xj
9v6PgGsiv4q7gfz7XqVwylUWIY7O52Ox/q+/QJBfwE0qe+E0t4syb44W4QvD9+k7
fv77R7dFDQKBgQCe0SfVimtvX05TMN9V87YhiVk2ciqm6uDO+s02YI2kfgxPqFMm
8pRKrExPmBcJj/jyeQ2l4rjm6oYeHFX1ed/1PyoHf9SphxCtgoornzzpw0J94lKK
17Nc96Ucgs+QKiAYonCRULWKpY8d91zCk85ZMfBB54nySg2yIPlgNZOqkwKBgFO/
Xqnj2vm7f7WKv91qd8tuyNsWCVpAl7EC2+8/5GVlOs71MUQiPkFgLYWADuXKBUlE
4dE/FeokP5/McPcmpL3Nzy7U6gRpDy2mZlipsxp4QpyErge4Zery1CEpHdOOBrV5
jwIQgUuQS2iwvIbMp53uoAEp/5kk9T4IZXguIGZFAoGAMA/j0kHArT7FINf+O6R4
3EyUTR139emLKHU2OlH/HfHVRZhHo4AmfUYksf+Njb81A6MKFd1XVmNnaumBIfq+
6Ohoz1VMoO6aUiMMqbmBGaTHc30FVEtAQIRq2C8UDrEN67Sx3O/ngl0Br7lNri29
LMSCe8fxf8+Kq0k+6tcsht4=
-----END PRIVATE KEY-----

279
certs/ocsp/server4-cert.pem Normal file
View File

@@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www4.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9c:ef:8a:7e:84:4d:58:7a:b1:91:c8:cb:68:76:
df:fe:0a:29:fe:7f:74:35:d5:c3:fd:43:be:d7:89:
fc:59:51:5a:30:e9:50:14:84:24:d0:c8:72:7d:d6:
75:42:12:8b:16:ad:5a:e8:d3:84:a7:07:2b:9e:12:
ef:6a:cd:3e:83:14:b7:26:a2:53:7b:3d:6c:96:7f:
9c:c5:09:08:0e:55:08:19:b7:5a:1c:46:32:09:da:
44:b2:ca:fd:4a:e4:be:d0:02:c9:c9:48:03:13:a5:
ad:3e:7b:21:cf:05:3a:b9:25:f5:c1:b8:4e:4d:eb:
33:99:d1:50:4a:eb:f7:1a:08:6b:d0:5c:9d:48:eb:
98:fd:dc:89:0f:aa:74:d3:7f:03:1b:59:65:f5:86:
e1:d9:53:ab:e4:53:ab:85:3c:79:8b:45:39:7b:fd:
e9:a2:10:b9:fa:92:71:0e:68:36:66:6e:8c:fb:e2:
8a:5d:5f:72:66:b0:47:2d:c5:b4:93:ce:61:7f:90:
1a:64:02:dd:57:9d:f1:f1:e8:75:21:e2:af:44:e3:
96:f5:1c:e3:73:87:dc:b7:05:12:ad:a5:8f:0c:d8:
2c:b4:90:b3:d9:e7:13:e1:e5:5e:4c:9b:24:89:08:
07:9e:aa:6b:9f:64:01:da:ec:95:05:45:84:d9:a9:
db:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
9A:D6:EF:4E:0A:7B:8B:74:E6:14:EC:35:9A:05:2A:94:68:09:61:58
X509v3 Authority Key Identifier:
keyid:05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:02
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
4e:d7:ac:3b:e2:2a:7c:2d:17:95:15:60:7d:d9:59:5f:53:9d:
d7:e4:8d:cf:9d:34:db:ea:e9:6b:1d:8c:d4:6e:4b:df:53:30:
3f:8e:5b:65:2e:e6:bb:7b:96:b1:2e:9b:65:fa:72:a8:eb:97:
af:47:33:f5:ae:0b:9b:6f:d6:25:9e:60:e4:b2:e5:88:3b:64:
26:8c:d4:8b:d5:4b:6b:85:23:c3:08:06:ca:b5:d3:88:f3:6b:
19:be:16:c0:a6:a3:68:25:4b:68:a2:be:a0:38:51:7b:6f:7d:
a7:74:5f:1a:57:cd:29:01:4c:33:e4:52:bf:b9:f9:52:4e:c5:
a1:85:16:90:e3:c4:26:d7:b2:db:07:75:78:1f:90:99:db:cc:
18:da:7d:58:af:52:e3:67:6a:8f:d2:33:f3:07:7f:da:09:24:
54:03:cd:9a:ef:8f:15:f2:11:a9:42:71:d6:0b:6b:c8:76:f4:
62:65:8c:d8:d3:10:19:af:34:9d:01:86:05:02:59:e8:4b:03:
6d:06:0d:c4:98:38:b5:f2:85:65:29:74:2a:c2:c6:47:8b:e1:
0e:d4:ee:9b:5d:a6:a5:55:8d:b0:e7:61:55:de:2e:30:50:cf:
51:ba:c1:64:c0:3a:d0:55:73:fe:3c:79:e8:d7:33:0c:7e:a2:
dc:df:45:ad
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
NC53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzvin6ETVh6sZHIy2h23/4K
Kf5/dDXVw/1DvteJ/FlRWjDpUBSEJNDIcn3WdUISixatWujThKcHK54S72rNPoMU
tyaiU3s9bJZ/nMUJCA5VCBm3WhxGMgnaRLLK/UrkvtACyclIAxOlrT57Ic8FOrkl
9cG4Tk3rM5nRUErr9xoIa9BcnUjrmP3ciQ+qdNN/AxtZZfWG4dlTq+RTq4U8eYtF
OXv96aIQufqScQ5oNmZujPviil1fcmawRy3FtJPOYX+QGmQC3Ved8fHodSHir0Tj
lvUc43OH3LcFEq2ljwzYLLSQs9nnE+HlXkybJIkIB56qa59kAdrslQVFhNmp28cC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJrW704Ke4t05hTsNZoF
KpRoCWFYMIHEBgNVHSMEgbwwgbmAFAXRuoYAou4qBSS3Ea0tYPGQFI8XoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
AQBO16w74ip8LReVFWB92VlfU53X5I3PnTTb6ulrHYzUbkvfUzA/jltlLua7e5ax
Lptl+nKo65evRzP1rgubb9YlnmDksuWIO2QmjNSL1UtrhSPDCAbKtdOI82sZvhbA
pqNoJUtoor6gOFF7b32ndF8aV80pAUwz5FK/uflSTsWhhRaQ48Qm17LbB3V4H5CZ
28wY2n1Yr1LjZ2qP0jPzB3/aCSRUA82a748V8hGpQnHWC2vIdvRiZYzY0xAZrzSd
AYYFAlnoSwNtBg3EmDi18oVlKXQqwsZHi+EO1O6bXaalVY2w52FV3i4wUM9RusFk
wDrQVXP+PHno1zMMfqLc30Wt
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4:
6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7:
11:02:a1:ab:58:3d:fb:dc:51:ca:3a:1d:1f:95:a6:
56:82:f7:8f:ff:6b:50:bb:ea:10:e1:47:1d:35:77:
2e:4b:28:c5:53:46:23:2b:82:fd:5a:d3:f4:21:db:
0e:e0:f2:76:33:47:b3:00:be:3a:b1:23:98:53:eb:
ea:a0:de:1b:cc:05:4e:ee:63:a8:2c:93:24:d6:98:
78:74:03:e4:c8:89:43:61:f1:25:b8:cd:3b:87:c1:
31:25:fd:ba:4c:fc:29:94:45:9e:69:d7:67:0a:8a:
8e:d5:52:93:30:a2:0e:dd:6a:1c:b0:94:77:db:52:
52:b7:89:21:be:96:75:24:cb:e9:49:df:81:9d:9d:
f8:55:7d:01:2a:eb:78:03:12:e2:20:6e:db:63:35:
cd:a1:96:f0:f8:8c:20:35:69:87:01:ca:b4:54:36:
a0:15:e0:23:7d:b9:fb:be:99:05:50:f0:bf:ec:7f:
12:e1:3d:75:15:4e:c8:c2:30:e6:8b:fe:e5:8b:55:
f8:44:5e:e5:e3:56:e0:66:2d:6f:42:5a:45:6b:96:
aa:c7:5d:41:08:5f:ce:d7:dc:9f:20:e4:46:78:ff:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
6a:f5:af:1f:f7:43:ef:10:74:6d:1f:e5:2e:72:5f:d1:84:40:
c8:60:79:b7:66:2e:46:39:bf:95:ca:fe:83:0a:8a:f4:52:6e:
d2:d3:a5:54:7b:0c:29:35:a0:75:7a:e5:35:5d:99:0a:d9:13:
ca:80:46:a0:a2:6d:d5:c4:ff:0c:d5:da:ec:54:86:df:ce:a7:
92:1a:c7:f6:12:74:04:74:9f:06:39:82:b1:1e:af:47:de:b5:
b7:21:c1:3b:22:27:e3:d0:3f:70:d3:27:1c:63:e0:01:12:80:
20:e7:ac:6c:f0:8f:7a:72:54:8a:21:2d:0e:17:6c:9d:01:fd:
42:96:e1:7a:d5:43:d5:65:9b:0b:7c:dd:b6:90:da:cc:3c:d7:
7a:d3:e2:63:07:e3:96:a7:96:84:d6:0c:9e:31:e0:72:cd:91:
54:cf:16:38:af:c8:23:04:ce:98:2c:61:11:28:70:d7:34:69:
55:b7:e0:5b:87:a6:c4:a4:c5:bf:8f:e0:04:5d:e4:14:22:04:
21:a1:9b:01:19:50:29:03:9d:81:be:e4:ba:4d:68:1c:2f:e4:
e6:05:02:c2:e7:b4:ef:45:be:80:dc:a3:86:58:cf:02:cf:6a:
69:8d:2b:69:69:cd:81:27:63:e8:2d:55:2a:00:de:0b:15:2c:
53:95:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA8NRlvLES0fkLHdbRqK6kj
hb+HtO7K10sfMdcRAqGrWD373FHKOh0flaZWgveP/2tQu+oQ4UcdNXcuSyjFU0Yj
K4L9WtP0IdsO4PJ2M0ezAL46sSOYU+vqoN4bzAVO7mOoLJMk1ph4dAPkyIlDYfEl
uM07h8ExJf26TPwplEWeaddnCoqO1VKTMKIO3WocsJR321JSt4khvpZ1JMvpSd+B
nZ34VX0BKut4AxLiIG7bYzXNoZbw+IwgNWmHAcq0VDagFeAjfbn7vpkFUPC/7H8S
4T11FU7IwjDmi/7li1X4RF7l41bgZi1vQlpFa5aqx11BCF/O19yfIORGeP/ZmQID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUBdG6hgCi7ioFJLcR
rS1g8ZAUjxcwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAGr1rx/3Q+8QdG0f5S5yX9GEQMhgebdmLkY5v5XK/oMKivRSbtLTpVR7DCk1
oHV65TVdmQrZE8qARqCibdXE/wzV2uxUht/Op5Iax/YSdAR0nwY5grEer0fetbch
wTsiJ+PQP3DTJxxj4AESgCDnrGzwj3pyVIohLQ4XbJ0B/UKW4XrVQ9Vlmwt83baQ
2sw813rT4mMH45anloTWDJ4x4HLNkVTPFjivyCMEzpgsYREocNc0aVW34FuHpsSk
xb+P4ARd5BQiBCGhmwEZUCkDnYG+5LpNaBwv5OYFAsLntO9FvoDco4ZYzwLPammN
K2lpzYEnY+gtVSoA3gsVLFOVcik=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server4-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCc74p+hE1YerGR
yMtodt/+Cin+f3Q11cP9Q77XifxZUVow6VAUhCTQyHJ91nVCEosWrVro04SnByue
Eu9qzT6DFLcmolN7PWyWf5zFCQgOVQgZt1ocRjIJ2kSyyv1K5L7QAsnJSAMTpa0+
eyHPBTq5JfXBuE5N6zOZ0VBK6/caCGvQXJ1I65j93IkPqnTTfwMbWWX1huHZU6vk
U6uFPHmLRTl7/emiELn6knEOaDZmboz74opdX3JmsEctxbSTzmF/kBpkAt1XnfHx
6HUh4q9E45b1HONzh9y3BRKtpY8M2Cy0kLPZ5xPh5V5MmySJCAeeqmufZAHa7JUF
RYTZqdvHAgMBAAECggEAMmlQF6vwHIftGmNh08C72yLwsmvGrLRqLKTiXOJaSWa0
jhmkO7LnEJoTDREiwYKrYzF0jm3DotPO0wxKFAiyF/FDlAl4v5HPm9iKR1DLYa82
1uvq6kIyOLAAeV5zVud7093Ra/LR6jHCINv01EddwbPL6dqGbMks3jA6lpaN3bJt
85VSy3h6rC2pIZrGddJxDV5jR2gm4N4j8GJoPWpYIGZa/i+GhFmx0OJfUAWTBsGQ
flt4HxtxoR0OkAQ1MnBbBLqadQQiJ3tt47vD5Ma98GGkuq/l9y2rCuJ/t7sjY7+1
1dnXrMj4VHKTNYEIkmpNti9lblT55P9v5HAYj4SoIQKBgQDP6/Tf1sf12XKZoQvi
qwww32brRqMnj7xpiK9PfsPdnBvq1u8aApQ2XRsHLkH/aq7S91DdLKhn+5fX9TZq
fGtix0V5/JVB11+0Y8hB6YonKtmTxGPScSKQdsSdnvo27yuBfSSp2QuSqYsAqKdV
dU/F++jAeNJFr5lg+X3zo+7gMwKBgQDBOXB3cO6Xjr1vzkxdtxpbKYTVYK5XGFpy
lGDJ9QasDMD6iX8EsTzp0/3CRtITnfYFBiBDXSFDwoUm7TqjdlDh9ahFcvkre/33
6SmXqHshn/RBl+JCAKYolw7cJmuWAFrJNZPbnbfiuqDNg8wkD3P2VTVkKWjsDpxA
f+99Xm2yHQKBgBBlWvoLxdjtPMxAlt9Y/a0c8NC80UDdZM4tqSVrqaZgGRN7v38d
lPJ0hR0b2Lh7gS3Bsu6+BsmsXVz6SUA8b3tqm1/zOxHmGfXvqGsKL4rHJkEwy25c
3Yzm0LpdPv31/khHxgxewTrfg8aZhhiHF7NVGhWTcYFtR3sOMZB07PFhAoGAf9to
RkDeQD9druwNsD2HHSeeFCvDcTJWN1djrH+MiLBvydjNyecV7YwvcCy4ue5eavig
xLKNXm8K+LUlhiC2aK7LSBlKM7H6Xd9VfFsqDxfu4rCEMTSIvncmiBqMOlfFuzrO
uhXlJgxkd1ls7bej/i5oA/06xmjsj+mYKZcgcykCgYAbONjSKF28CILSDKLepNqx
euRSnKaSgTjcu8B5C6ZWUY8+EsD3Lw6VK2Xn+PPPSS2+Pw7dgLdYybyCgPOLXV+9
we3d0OyuIPiLiRpfnHVTXdYQBc7qa8khw12LZpodkXwKT85St8jdwJzL1KTZAWqf
N2KyjDHPGPz8paCzS8LfuQ==
-----END PRIVATE KEY-----

279
certs/ocsp/server5-cert.pem Normal file
View File

@@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www5.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ac:73:6d:e9:fa:8c:36:72:3e:89:3b:52:29:bd:
14:70:a2:00:b4:08:58:b6:c6:c0:bf:80:6a:1f:a5:
f0:15:fc:f4:19:a2:67:f9:6a:5d:22:69:2e:9c:29:
53:1e:5a:4a:d1:27:d5:b8:3b:65:37:8a:a2:eb:1b:
d4:5d:90:11:35:11:af:e3:d1:8c:24:5b:b5:90:c0:
bf:de:cb:7a:05:71:1b:ef:76:d7:9d:43:47:85:dc:
24:b8:b8:54:fc:53:bf:c3:fd:e1:12:c6:fc:1b:6f:
95:aa:cf:bb:8e:22:af:83:bd:4e:6b:66:fe:7e:7e:
98:6f:b1:b9:fc:f9:8a:8a:18:92:9a:4c:27:5d:78:
6b:e9:d0:14:1c:ed:69:6d:29:4c:4e:52:e6:92:24:
53:b0:2e:c3:a4:94:8f:20:1c:29:5c:97:70:1a:32:
85:90:71:f7:d7:a5:99:4f:48:c7:3d:fc:3d:a7:e1:
f9:96:ea:c1:6b:ea:31:e0:9b:fb:68:3e:4b:ad:a4:
2b:06:90:c2:b4:27:ea:f3:a3:3e:6e:32:75:aa:70:
6a:e3:33:29:fb:42:09:94:79:a5:eb:3c:4e:89:02:
77:08:fd:da:ba:fc:14:c6:8e:c1:5e:db:6d:d0:07:
4f:02:79:60:e7:95:c3:c8:f4:54:83:21:12:79:03:
7f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
2A:48:B6:8B:00:F0:4B:35:73:94:07:87:52:A3:69:5E:E6:D8:42:87
X509v3 Authority Key Identifier:
keyid:BB:15:9E:32:4D:E0:F8:AA:8A:B0:2E:0C:17:2B:5A:41:74:4B:06:45
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:03
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22223
Signature Algorithm: sha256WithRSAEncryption
65:c1:7f:66:88:19:db:04:76:f3:ec:eb:c8:9c:38:3f:3f:83:
4c:6c:c9:3a:67:2f:cf:45:8d:72:28:d1:85:64:fd:53:0a:4a:
4a:22:9d:2f:2f:76:19:f5:97:04:cb:a7:1e:83:43:42:58:01:
ca:9b:25:42:bb:d1:5c:05:4f:c1:94:22:40:df:30:42:c1:be:
b9:f2:c0:a4:64:37:9b:9b:ed:20:44:e8:f0:5c:c6:2f:b6:24:
7f:13:b8:52:02:61:ac:69:4e:f4:bd:72:9d:e9:31:13:5f:12:
d2:cc:e7:eb:16:b3:84:cc:86:40:ee:f9:e1:4c:d8:ea:73:a1:
32:2a:2c:c7:f6:ba:4f:bf:ba:35:49:71:4c:d1:83:86:7a:44:
14:f3:b3:12:02:99:33:01:46:50:e0:0c:74:34:03:45:9d:d2:
2c:e1:83:31:59:d6:e7:69:8f:26:0a:12:5d:90:97:c4:ae:93:
67:c6:9b:a9:5b:a0:8f:22:ad:e9:e2:17:74:19:93:92:cb:9c:
cc:30:8e:7e:57:8f:37:44:82:04:f0:29:9e:79:37:0a:d6:55:
56:8e:b6:eb:d8:0f:a5:c4:ec:65:88:98:15:2f:2a:cd:9f:d8:
11:26:c6:d7:0e:12:4e:62:c5:5c:92:b2:99:db:c2:72:71:6f:
c1:94:24:06
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NM
IFJFVk9LRUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UE
AwwQd3d3NS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxzben6jDZyPok7
Uim9FHCiALQIWLbGwL+Aah+l8BX89BmiZ/lqXSJpLpwpUx5aStEn1bg7ZTeKousb
1F2QETURr+PRjCRbtZDAv97LegVxG+92151DR4XcJLi4VPxTv8P94RLG/BtvlarP
u44ir4O9Tmtm/n5+mG+xufz5iooYkppMJ114a+nQFBztaW0pTE5S5pIkU7Auw6SU
jyAcKVyXcBoyhZBx99elmU9Ixz38Pafh+ZbqwWvqMeCb+2g+S62kKwaQwrQn6vOj
Pm4ydapwauMzKftCCZR5pes8TokCdwj92rr8FMaOwV7bbdAHTwJ5YOeVw8j0VIMh
EnkDf+ECAwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFCpItosA8Es1
c5QHh1KjaV7m2EKHMIHEBgNVHSMEgbwwgbmAFLsVnjJN4PiqirAuDBcrWkF0SwZF
oYGdpIGaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4G
A1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5l
ZXJpbmcxGDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQ
aW5mb0B3b2xmc3NsLmNvbYIBAzALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAk
MCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIzMA0GCSqGSIb3DQEB
CwUAA4IBAQBlwX9miBnbBHbz7OvInDg/P4NMbMk6Zy/PRY1yKNGFZP1TCkpKIp0v
L3YZ9ZcEy6ceg0NCWAHKmyVCu9FcBU/BlCJA3zBCwb658sCkZDebm+0gROjwXMYv
tiR/E7hSAmGsaU70vXKd6TETXxLSzOfrFrOEzIZA7vnhTNjqc6EyKizH9rpPv7o1
SXFM0YOGekQU87MSApkzAUZQ4Ax0NANFndIs4YMxWdbnaY8mChJdkJfErpNnxpup
W6CPIq3p4hd0GZOSy5zMMI5+V483RIIE8CmeeTcK1lVWjrbr2A+lxOxliJgVLyrN
n9gRJsbXDhJOYsVckrKZ28JycW/BlCQG
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:c5:04:10:7d:c2:21:e9:12:45:da:d5:ba:28:
fd:a6:f4:30:44:a0:df:f9:70:5e:17:26:97:59:5c:
31:eb:13:70:ea:4a:dd:58:3e:4f:33:14:66:59:69:
7a:aa:90:e0:7c:c4:b2:36:c1:0a:f4:df:3e:34:6c:
1a:e9:2b:f1:a5:92:7e:a9:68:70:ba:a4:68:88:f3:
ec:10:40:64:a5:64:7d:d9:1e:51:49:9d:7f:c8:cc:
2b:6d:71:2a:06:ff:e6:1f:84:28:8a:c1:ed:a8:52:
f4:89:a5:c0:77:d8:13:66:c2:65:a5:63:03:98:b0:
4b:05:4f:0c:84:a0:f4:2d:72:73:6b:fa:0d:e1:cf:
45:27:ed:a3:8c:02:d7:ee:99:e2:a1:f0:e3:a0:ad:
69:ed:59:e4:27:41:8f:ef:fa:83:73:8f:5f:2b:68:
89:13:46:26:dc:f6:28:6b:3b:b2:b8:9b:52:2a:17:
1b:dc:72:45:73:da:75:24:35:8b:00:5e:23:37:64:
6a:16:74:b8:ee:fe:b7:11:71:be:0a:73:c8:54:c2:
d9:04:d2:1b:f5:53:ac:8d:2a:4f:fe:33:79:e6:5e:
e7:f3:86:d3:dc:bb:4b:d7:39:7f:5b:3c:67:fe:5e:
88:51:05:96:f2:b4:9a:45:09:4c:51:f0:6a:4d:88:
2a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
BB:15:9E:32:4D:E0:F8:AA:8A:B0:2E:0C:17:2B:5A:41:74:4B:06:45
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
0c:5e:0d:55:3c:e7:fb:5e:c2:09:19:c8:0b:f4:c2:b2:2b:14:
79:dc:e8:63:f6:8a:0c:03:57:9e:15:47:7e:b6:15:a3:71:90:
01:11:39:4b:ff:3d:13:34:e4:f3:5b:a3:6c:58:4f:00:d5:c4:
b0:63:6c:90:c9:89:a8:5d:16:87:0a:da:08:40:12:b4:94:00:
3e:44:00:13:de:34:75:90:38:79:d4:c2:39:6d:ed:17:cb:7e:
50:ff:da:0b:eb:49:1a:66:e6:dd:eb:66:a5:92:ef:68:d5:c9:
93:8f:aa:c7:2a:92:6b:95:af:3d:74:de:aa:29:fd:c9:53:56:
ad:9f:e0:05:d1:97:0c:01:3b:f1:c6:a6:90:7e:5c:08:11:5e:
c1:77:5d:64:09:56:ea:78:29:15:a3:ea:44:2a:4c:d6:09:a7:
a0:5f:05:54:2a:61:ca:7a:09:07:14:34:c2:0d:c5:93:cd:28:
8b:62:26:af:30:25:8a:f1:da:65:fa:db:da:84:ab:d5:0c:37:
ae:5d:95:bd:55:2a:4b:09:e0:d3:3d:8b:3c:ea:f2:b9:68:5e:
e6:21:53:8b:28:78:39:f4:bf:9b:dc:92:bc:4b:14:06:fe:17:
21:64:be:af:20:e8:e7:fb:67:c8:5e:ec:59:bf:27:a4:cb:e3:
8a:6d:c3:ac
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sUEEH3CIekSRdrV
uij9pvQwRKDf+XBeFyaXWVwx6xNw6krdWD5PMxRmWWl6qpDgfMSyNsEK9N8+NGwa
6SvxpZJ+qWhwuqRoiPPsEEBkpWR92R5RSZ1/yMwrbXEqBv/mH4QoisHtqFL0iaXA
d9gTZsJlpWMDmLBLBU8MhKD0LXJza/oN4c9FJ+2jjALX7pniofDjoK1p7VnkJ0GP
7/qDc49fK2iJE0Ym3PYoazuyuJtSKhcb3HJFc9p1JDWLAF4jN2RqFnS47v63EXG+
CnPIVMLZBNIb9VOsjSpP/jN55l7n84bT3LtL1zl/Wzxn/l6IUQWW8rSaRQlMUfBq
TYgqFwIDAQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUuxWeMk3g
+KqKsC4MFytaQXRLBkUwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5y
FSGhgZ2kgZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAw
DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcN
AQELBQADggEBAAxeDVU85/tewgkZyAv0wrIrFHnc6GP2igwDV54VR362FaNxkAER
OUv/PRM05PNbo2xYTwDVxLBjbJDJiahdFocK2ghAErSUAD5EABPeNHWQOHnUwjlt
7RfLflD/2gvrSRpm5t3rZqWS72jVyZOPqscqkmuVrz103qop/clTVq2f4AXRlwwB
O/HGppB+XAgRXsF3XWQJVup4KRWj6kQqTNYJp6BfBVQqYcp6CQcUNMINxZPNKIti
Jq8wJYrx2mX629qEq9UMN65dlb1VKksJ4NM9izzq8rloXuYhU4soeDn0v5vckrxL
FAb+FyFkvq8g6Of7Z8he7Fm/J6TL44ptw6w=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server5-key.pem Normal file
View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCsc23p+ow2cj6J
O1IpvRRwogC0CFi2xsC/gGofpfAV/PQZomf5al0iaS6cKVMeWkrRJ9W4O2U3iqLr
G9RdkBE1Ea/j0YwkW7WQwL/ey3oFcRvvdtedQ0eF3CS4uFT8U7/D/eESxvwbb5Wq
z7uOIq+DvU5rZv5+fphvsbn8+YqKGJKaTCddeGvp0BQc7WltKUxOUuaSJFOwLsOk
lI8gHClcl3AaMoWQcffXpZlPSMc9/D2n4fmW6sFr6jHgm/toPkutpCsGkMK0J+rz
oz5uMnWqcGrjMyn7QgmUeaXrPE6JAncI/dq6/BTGjsFe223QB08CeWDnlcPI9FSD
IRJ5A3/hAgMBAAECggEABz5+EoMc2rin2dntFKXFswmLIATtvRfSRvkc/CFbWYEb
u+vvlDGcofJrK9IslKzUUb7romaUVOX0/A1aOWfw4RrSGa7WxTw4/1CpfrFreckL
lF6YphmKapwZysyrfUIDXzdN+hzzwC9KyTcauNjKKK2OGsLj0+p7es2rc24EHNLj
vFpNj5TC84qsibATY1ny3tcL7SBcNLtiHsm+0JDagGqlW3ptT0oErrzH6jtUAI9j
LLm87mxwJyp4rBZvnP3s4jnOLLCJH40QyrCPKR6L4bAzSaA9kEnBUu+y1y1PyUP7
goWIPJmfclDFqgB2U7K/QbbfPFpt8pFB9SmbsoIlMQKBgQDgvgf/pdc6q9jAL9UQ
sTYa+iJJIFcjQKA95aCRoUeUjWvjA+2ROmYgLcMi7pxfNyFvYkaOXjBTL+aqSEWI
wQVbnGK4aqG16w2o/P+bWUatpMMWNbwsZGAkXpcgdrg+SbNjrQ2lY35EdmPc025G
Fqx5ouOk7wDlKWQolIwWDh3WNQKBgQDEb47VbrIo8BNnO/xxVjAsU7uQIYZkr/GR
6V5oN+kIXrttReZnY/bUVrV84r49E3cNfoZXlfZa7fAEVb9GWbZMk+9M/s78aU5M
xeFNj7HBfbgG3I+1SZQZaAEK6BZuq8GRCLV2JKOn9iInVQQL57/qz6APjC/a52zJ
asNmmcdIfQKBgBmEWgIjwUEvG8gOZkGj7UG43sWwv1QIVWlRth5y0l7Cg9pdqs6P
c+L5byt7LhP9fXVZEiu98/yt9qGk3Qg+6i3Rnr/Tk5LFImLqftcTltvGVkQiS8A6
kVPvzXbpI9gmpBCQKHl7x21ch9AdzWp1zpVs8i3a2R4ryex1mUYzyh11AoGAWhKZ
WS7IDNOA4i50Y/fUYQ8IC2AEAvlWeMScoIc6mLbvlHyf2LrSvK0BzUEfYFwjlBF3
QoQmEa3XB/XVnkmWuOiAqzqP6NfUqol19R21sXaXQrYyQzt46GlzSPABEUA6oulu
Y70LOgI3yPdHwrnCm8YWq+ppKyRBEt6cuNg8s/UCgYEAl3J4fMTYcDjt4H/OTgba
IjKLPV0LuBUfx/PTA0oi81x1c11fM8a/ZeD0QkXDjjrjXM33mbkR0lzFEl7ZOCnh
sRDkkM8MvOsq4KMGnBLQBN0QvKSgsuYDqIEUmFdMHiyckBjuwntMVXnfKYtEJ1Q9
zYHlJn4e4/2VqGK9PWrgAtA=
-----END PRIVATE KEY-----

17
certs/renewcerts.sh
View File

@@ -202,6 +202,23 @@ function run_renewcerts(){
openssl x509 -in server-ecc-comp.pem -text > tmp.pem openssl x509 -in server-ecc-comp.pem -text > tmp.pem
mv tmp.pem server-ecc-comp.pem mv tmp.pem server-ecc-comp.pem
###########################################################
########## update and sign ocsp-cert.pem ##################
###########################################################
echo "Updating ocsp-cert.pem"
echo ""
#pipe the following arguments to openssl req...
echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport\ocsp.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ocsp/ocsp-key.pem -nodes > ocsp-req.pem
openssl x509 -req -in ocsp-req.pem -extfile wolfssl.cnf -extensions v3_ocsp -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 03 > ocsp/ocsp-cert.pem
rm ocsp-req.pem
openssl x509 -in ca-cert.pem -text > ca_tmp.pem
openssl x509 -in ocsp/ocsp-cert.pem -text > ocsp_tmp.pem
mv ocsp_tmp.pem ocsp/ocsp-cert.pem
cat ca_tmp.pem >> ocsp/ocsp-cert.pem
rm ca_tmp.pem
############################################################ ############################################################
########## make .der files from .pem files ################# ########## make .der files from .pem files #################
############################################################ ############################################################

9
certs/renewcerts/wolfssl.cnf
View File

@@ -124,6 +124,7 @@ authorityKeyIdentifier=keyid,issuer
subjectKeyIdentifier=hash subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints=CA:true basicConstraints=CA:true
authorityInfoAccess = OCSP;URI:http://localhost:22222
# Extensions to add to a certificate request # Extensions to add to a certificate request
[ v3_req ] [ v3_req ]
@@ -140,6 +141,14 @@ basicConstraints = CA:true
[ crl_ext ] [ crl_ext ]
authorityKeyIdentifier=keyid:always authorityKeyIdentifier=keyid:always
# OCSP extensions.
[ v3_ocsp ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = OCSPSigning
basicConstraints = CA:false
# These extensions should be added when creating a proxy certificate # These extensions should be added when creating a proxy certificate
[ proxy_cert_ext ] [ proxy_cert_ext ]
basicConstraints=CA:FALSE basicConstraints=CA:FALSE

BIN
certs/server-cert.der
View File

Binary file not shown.

141
certs/server-cert.pem
View File

@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37 serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
67:c0:2c:a9:43:47:e7:11:14:77:ae:cc:d8:e0:6b:23:82:91: 71:17:8f:6f:7d:d6:11:01:79:ac:e9:c2:fb:71:69:6b:0c:64:
63:e8:a8:0d:21:c5:c8:47:97:2f:d5:f3:86:fb:6c:ce:25:f9: 91:c1:32:8b:9c:62:72:b5:62:bb:f8:cf:6c:27:df:f0:64:d6:
7c:78:c8:3a:22:68:f2:16:1e:d2:d2:3f:24:04:87:f2:b7:c1: 4a:55:4f:7f:4a:8b:7b:80:5b:3c:a0:31:b0:25:92:02:02:9c:
62:63:ba:c5:fa:ae:d2:20:81:1a:d2:0c:ae:26:6b:1b:2b:10: 99:a5:8e:0c:61:ef:b4:1e:01:2e:1c:e9:9c:59:2d:ef:6e:03:
d3:e1:9a:4e:64:6c:97:db:36:a8:8f:f8:05:63:bf:ba:0d:88: 4d:f1:59:e5:5f:69:66:5c:0a:e6:cd:f6:74:20:86:4c:f6:8f:
0b:87:46:c9:e4:64:e3:d7:bd:b8:2d:d5:c1:c3:c4:db:55:68: 22:86:68:7e:fe:67:3f:3d:19:b8:61:ef:c5:a5:58:a8:2a:ce:
dc:a3:7a:40:b9:a9:f6:04:4a:22:cf:98:76:1c:e4:a3:ff:79: d3:2c:a7:1b:dd:c8:59:c7:e7:cf:42:42:db:af:fe:15:82:c9:
19:96:57:63:07:6f:f6:32:77:16:50:9b:e3:34:18:d4:eb:be: e5:53:fa:b4:37:55:67:47:0f:e7:24:88:14:a3:6c:be:5f:72:
fd:b6:6f:e3:c7:f6:85:bf:ac:32:ad:98:57:be:13:92:44:10: 05:5f:56:33:aa:7f:ac:2e:10:92:b7:a2:f9:c1:62:0c:3b:0c:
a5:f3:ae:e2:66:da:44:a9:94:71:3f:d0:2f:20:59:87:e4:5a: 69:9a:71:15:11:bc:37:bf:8e:23:14:c2:b1:0d:df:89:45:1e:
40:ee:d2:e4:0c:ce:25:94:dc:0f:fe:38:e0:41:52:34:5c:bb: df:14:e8:95:35:88:27:a8:ab:dd:7c:23:3f:bb:fe:4e:0e:ea:
c3:db:c1:5f:76:c3:5d:0e:32:69:2b:9d:01:ed:50:1b:4f:77: a6:ee:f5:77:fb:aa:b8:28:33:f9:61:b0:d2:79:46:a4:ba:a0:
a9:a9:d8:71:30:cb:2e:2c:70:00:ab:78:4b:d7:15:d9:17:f8: 90:c8:e7:96:8f:27:e9:1e:d0:92:43:bb:84:c7:f3:28:0c:41:
64:b2:f7:3a:da:e1:0b:8b:0a:e1:4e:b1:03:46:14:ca:94:e3: aa:77:39:65:aa:0d:02:b0:e0:4d:b1:17:41:c9:f0:d4:47:87:
44:77:d7:59 fb:0f:f0:40
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx MIIE1DCCA7ygAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNTA3 bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
@@ -71,28 +74,29 @@ f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X
GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM
QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq
0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ 0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ
6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU 6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOCATEwggEtMB0GA1UdDgQW
sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj BBSzETLJkpiE4sn40DtuA0LKHw6OPDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t
s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
AQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYDVR0TBAUwAwEB/zAN 9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAMBgNVHRMEBTADAQH/
BgkqhkiG9w0BAQsFAAOCAQEAZ8AsqUNH5xEUd67M2OBrI4KRY+ioDSHFyEeXL9Xz MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoy
hvtsziX5fHjIOiJo8hYe0tI/JASH8rfBYmO6xfqu0iCBGtIMriZrGysQ0+GaTmRs MjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAcRePb33WEQF5rOnC+3FpawxkkcEyi5xi
l9s2qI/4BWO/ug2IC4dGyeRk49e9uC3VwcPE21Vo3KN6QLmp9gRKIs+Ydhzko/95 crViu/jPbCff8GTWSlVPf0qLe4BbPKAxsCWSAgKcmaWODGHvtB4BLhzpnFkt724D
GZZXYwdv9jJ3FlCb4zQY1Ou+/bZv48f2hb+sMq2YV74TkkQQpfOu4mbaRKmUcT/Q TfFZ5V9pZlwK5s32dCCGTPaPIoZofv5nPz0ZuGHvxaVYqCrO0yynG93IWcfnz0JC
LyBZh+RaQO7S5AzOJZTcD/444EFSNFy7w9vBX3bDXQ4yaSudAe1QG093qanYcTDL 26/+FYLJ5VP6tDdVZ0cP5ySIFKNsvl9yBV9WM6p/rC4Qkrei+cFiDDsMaZpxFRG8
LixwAKt4S9cV2Rf4ZLL3OtrhC4sK4U6xA0YUypTjRHfXWQ== N7+OIxTCsQ3fiUUe3xTolTWIJ6ir3XwjP7v+Tg7qpu71d/uquCgz+WGw0nlGpLqg
kMjnlo8n6R7QkkO7hMfzKAxBqnc5ZaoNArDgTbEXQcnw1EeH+w/wQA==
-----END CERTIFICATE----- -----END CERTIFICATE-----
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 15672591315981621815 (0xd9803ac3d2f4da37) Serial Number: 11990332945272134785 (0xa6663849459bdc81)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -123,32 +127,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37 serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
7a:af:44:3b:aa:6f:53:42:b2:33:aa:43:5f:56:30:d3:b9:96: 41:8f:fb:6b:65:6b:36:f2:56:4f:0c:48:b0:4d:8c:c2:cb:d6:
0b:9a:55:5a:39:2a:0b:4e:e4:2e:f1:95:66:c9:86:36:82:8d: 58:7a:83:3a:30:7d:62:7b:86:f1:15:26:b3:26:02:77:f2:c8:
63:7c:4d:a2:ee:48:ba:03:c7:90:d7:a7:c6:74:60:48:5f:31: 57:e5:1e:60:68:8b:a4:e8:f3:a8:b2:88:a4:2f:e8:6e:25:8d:
a2:f9:5e:3e:c3:82:e1:e5:2f:41:81:83:29:25:79:d1:53:00: 6b:dc:53:ab:2f:d3:47:8c:d6:27:ab:39:bc:d3:ca:d8:01:96:
69:3c:ed:0a:30:3b:41:1d:92:a1:2c:a8:9d:2c:e3:23:87:79: a4:44:57:38:93:ab:c3:f3:95:67:7f:cf:25:1d:b7:04:dc:06:
e0:55:6e:91:a8:50:da:46:2f:c2:20:50:3e:2b:47:97:14:b0: c9:5d:24:c1:54:13:71:81:21:31:ee:9f:b4:9d:ce:98:66:a4:
7d:04:ba:45:51:d0:6e:e1:5a:a2:4b:84:9c:4d:cd:85:04:f9: a0:77:c1:88:18:a4:d1:36:ee:cd:d8:c1:1b:bc:03:d6:85:9a:
28:31:82:93:bc:c7:59:49:91:03:e8:df:6a:e4:56:ad:6a:cb: 2e:21:82:95:4c:b2:2a:fe:69:db:ac:e4:97:e1:e9:0e:f1:d3:
1f:0d:37:e4:5e:bd:e7:9f:d5:ec:9d:3c:18:25:9b:f1:2f:50: ef:20:86:03:01:66:6b:f0:26:0f:39:04:26:f5:42:98:3f:95:
7d:eb:31:cb:f1:63:22:9d:57:fc:f3:84:20:1a:c6:07:87:92: 48:5f:b5:5d:bc:49:4c:81:38:d5:e9:72:32:1c:66:1b:12:80:
26:9e:15:18:59:33:06:dc:fb:b0:b6:76:5d:f1:c1:2f:c8:2f: 0f:db:99:f0:97:67:61:79:ad:ab:be:6a:ea:aa:cc:3d:f9:40:
62:9c:c0:d6:de:eb:65:77:f3:5c:a6:c3:88:27:96:75:b4:f4: 99:00:93:bb:df:4b:41:d4:7f:f1:93:b2:70:83:3a:e3:6b:44:
54:cd:ff:2d:21:2e:96:f0:07:73:4b:e9:93:92:90:de:62:d9: 4b:1f:9f:77:53:ea:5d:e6:59:1e:c0:2d:4b:83:d6:f4:a3:d4:
a3:3b:ac:6e:24:5f:27:4a:b3:94:70:ff:30:17:e7:7e:32:8f: a9:c3:91:12:e7:61:3f:56:9d:8f:b8:19:29:62:1b:58:df:73:
65:b7:75:58 99:1f:49:63
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJANmAOsPS9No3MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD MIIE4DCCA8igAwIBAgIJAKZmOElFm9yBMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGUMQswCQYDVQQGEwJVUzEQ Fw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
@@ -157,16 +164,18 @@ mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI /hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB /pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATEw
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU ggEtMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYD b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAM
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeq9EO6pvU0KyM6pDX1Yw07mW BgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
C5pVWjkqC07kLvGVZsmGNoKNY3xNou5IugPHkNenxnRgSF8xovlePsOC4eUvQYGD L2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAQY/7a2VrNvJWTwxI
KSV50VMAaTztCjA7QR2SoSyonSzjI4d54FVukahQ2kYvwiBQPitHlxSwfQS6RVHQ sE2MwsvWWHqDOjB9YnuG8RUmsyYCd/LIV+UeYGiLpOjzqLKIpC/obiWNa9xTqy/T
buFaokuEnE3NhQT5KDGCk7zHWUmRA+jfauRWrWrLHw035F6955/V7J08GCWb8S9Q R4zWJ6s5vNPK2AGWpERXOJOrw/OVZ3/PJR23BNwGyV0kwVQTcYEhMe6ftJ3OmGak
fesxy/FjIp1X/POEIBrGB4eSJp4VGFkzBtz7sLZ2XfHBL8gvYpzA1t7rZXfzXKbD oHfBiBik0TbuzdjBG7wD1oWaLiGClUyyKv5p26zkl+HpDvHT7yCGAwFma/AmDzkE
iCeWdbT0VM3/LSEulvAHc0vpk5KQ3mLZozusbiRfJ0qzlHD/MBfnfjKPZbd1WA== JvVCmD+VSF+1XbxJTIE41elyMhxmGxKAD9uZ8JdnYXmtq75q6qrMPflAmQCTu99L
QdR/8ZOycIM642tESx+fd1PqXeZZHsAtS4PW9KPUqcOREudhP1adj7gZKWIbWN9z
mR9JYw==
-----END CERTIFICATE----- -----END CERTIFICATE-----

32
certs/server-ecc-comp.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 17764616133298603308 (0xf6889840946fc52c) Serial Number: 11822929415875787476 (0xa4137ba9c5cafad4)
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey Public Key Algorithm: id-ecPublicKey
@@ -22,31 +22,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18 keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18
DirName:/C=US/ST=Montana/L=Bozeman/O=Elliptic - comp/OU=Server ECC-comp/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Elliptic - comp/OU=Server ECC-comp/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:F6:88:98:40:94:6F:C5:2C serial:A4:13:7B:A9:C5:CA:FA:D4
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:9c:f8:3e:f6:5e:cd:da:b1:08:fe:e2:bd:78: 30:44:02:20:49:71:5d:49:af:24:71:91:d3:64:0f:f2:bd:be:
14:b5:33:b3:29:69:d0:a0:de:19:05:ec:c3:46:29:01:8c:4c: 51:47:4e:5b:04:c4:04:fe:bf:16:73:d1:7a:a5:05:fe:19:99:
56:02:21:00:e2:e7:ea:37:c1:08:f6:15:73:0c:92:4f:25:63: 02:20:2c:ab:64:34:e8:c7:7b:c7:79:38:32:64:d9:e1:1b:e8:
f6:53:96:31:4c:9f:1d:1a:1f:c0:a0:a3:48:bd:71:ce:13:11 1e:d6:31:67:ef:e2:67:4b:e3:86:7f:94:cb:fa:d2:d4
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDJTCCAsqgAwIBAgIJAPaImECUb8UsMAoGCCqGSM49BAMCMIGgMQswCQYDVQQG MIIDVzCCAv6gAwIBAgIJAKQTe6nFyvrUMAoGCCqGSM49BAMCMIGgMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UE EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UE
CgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAxGDAW CgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAxGDAW
BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTAeFw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGgMQswCQYD c3NsLmNvbTAeFw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGgMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYG VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYG
A1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAx A1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTA5MBMGByqGSM49AgEGCCqGSM49AwEHAyIAArszrEwnUErGSqUE b2xmc3NsLmNvbTA5MBMGByqGSM49AgEGCCqGSM49AwEHAyIAArszrEwnUErGSqUE
wzzenzbbci3OlOor+ssgCTksFuhho4IBCTCCAQUwHQYDVR0OBBYEFIw4Omu4JLff wzzenzbbci3OlOor+ssgCTksFuhho4IBPTCCATkwHQYDVR0OBBYEFIw4Omu4JLff
bvRZrFZOquJYploYMIHVBgNVHSMEgc0wgcqAFIw4Omu4JLffbvRZrFZOquJYploY bvRZrFZOquJYploYMIHVBgNVHSMEgc0wgcqAFIw4Omu4JLffbvRZrFZOquJYploY
oYGmpIGjMIGgMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UE oYGmpIGjMIGgMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UE
BwwHQm96ZW1hbjEYMBYGA1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9T BwwHQm96ZW1hbjEYMBYGA1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9T
ZXJ2ZXIgRUNDLWNvbXAxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG ZXJ2ZXIgRUNDLWNvbXAxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAPaImECUb8UsMAwGA1UdEwQFMAMB SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKQTe6nFyvrUMAwGA1UdEwQFMAMB
Af8wCgYIKoZIzj0EAwIDSQAwRgIhAJz4PvZezdqxCP7ivXgUtTOzKWnQoN4ZBezD Af8wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0
RikBjExWAiEA4ufqN8EI9hVzDJJPJWP2U5YxTJ8dGh/AoKNIvXHOExE= OjIyMjIyMAoGCCqGSM49BAMCA0cAMEQCIElxXUmvJHGR02QP8r2+UUdOWwTEBP6/
FnPReqUF/hmZAiAsq2Q06Md7x3k4MmTZ4RvoHtYxZ+/iZ0vjhn+Uy/rS1A==
-----END CERTIFICATE----- -----END CERTIFICATE-----

70
certs/server-ecc-rsa.pem
View File

@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - RSAsig, OU=ECC-RSAsig, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - RSAsig, OU=ECC-RSAsig, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey Public Key Algorithm: id-ecPublicKey
@@ -24,46 +24,50 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37 serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
ac:2b:a9:d9:15:3b:9a:42:fb:86:2b:c1:f2:18:7c:a6:ca:27: 59:56:ea:45:49:9c:ae:e2:07:31:cd:d0:a0:db:af:7d:6d:60:
0b:48:81:64:20:3b:d3:4f:ee:95:d4:c5:fd:5f:c7:d6:ab:a1: ef:ac:e0:30:46:01:f7:43:fc:5c:ab:32:1b:2f:8b:97:14:b4:
41:85:cc:e1:16:e1:fd:ce:8a:af:95:27:f2:f0:7a:3d:59:5d: dc:68:1c:f2:11:a7:f4:b8:9a:84:02:10:0c:52:ba:c1:7a:f2:
3a:5d:03:99:cb:4c:5c:19:35:9c:b2:6e:7e:2b:10:e2:7f:ef: 3f:aa:09:cb:e4:08:70:c5:76:8f:9c:7e:24:7a:62:55:0f:ae:
14:35:79:ca:67:eb:51:a9:e9:bb:5f:52:af:9d:79:80:b5:31: b8:b8:5f:57:22:9e:8d:85:75:67:88:b3:39:2c:57:bd:aa:8a:
5c:f0:20:ca:c7:e9:9b:29:82:c4:a4:74:0a:2a:76:ea:ad:59: e5:d6:5b:64:0f:1b:47:a7:83:6d:fa:73:4f:ac:f7:ae:6a:ea:
a2:f9:a2:cf:53:40:11:ac:1a:de:fc:ab:28:96:9f:cf:ff:b9: 4d:ca:36:d6:b7:21:a6:01:c3:b5:a2:0e:27:44:2b:f3:62:8f:
74:31:95:c4:6d:d2:76:c1:93:97:75:a6:9f:69:a3:7d:92:75: 96:70:45:c3:31:48:8e:fc:e7:64:7e:8a:93:42:f7:03:d5:71:
b8:27:a2:bd:4d:4b:54:11:b4:8a:43:f2:fc:10:a5:82:fb:51: d2:a5:8f:f5:60:6e:88:9b:d4:6a:fc:a1:1e:ae:a4:b4:34:13:
45:57:86:00:85:71:91:21:37:5c:9f:f3:68:06:ae:9e:86:46: 9b:4c:2c:67:1e:2f:f3:bb:bf:73:87:a0:18:16:af:df:02:bf:
8d:4b:e3:d0:42:a4:cf:c1:5d:95:bc:1a:92:f8:44:1e:a0:1b: f1:a5:89:61:af:29:48:59:c8:a5:13:70:05:c2:f8:ca:30:91:
c8:98:41:af:8e:94:41:60:69:b1:7c:8e:70:ce:88:42:44:3a: 82:22:cf:09:c1:0f:a7:96:fb:19:59:09:72:03:b3:9a:be:89:
2d:3f:de:6e:3a:aa:d1:64:be:03:68:60:b6:ac:e5:44:c1:bb: 62:5a:cd:ab:d0:e5:43:50:5f:3f:d8:d0:b3:66:63:5e:8f:c1:
f1:c9:40:90:c2:c9:8f:ec:32:9d:e0:b4:4b:1a:e7:da:99:94: e4:35:fa:1f:f5:88:31:5f:a1:71:f4:e7:ab:c4:4e:64:74:72:
fe:e2:b6:2a c6:ca:1c:aa
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx MIIEFjCCAv6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNTA3 bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g
UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO
PQIBBggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBbo PQIBBggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBbo
YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4H8MIH5MB0GA1UdDgQW YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBMTCCAS0wHQYDVR0O
BBRdXSbvrH42+Zt2FStKJQIj77KJMDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t BBYEFF1dJu+sfjb5m3YVK0olAiPvsokwMIHJBgNVHSMEgcEwgb6AFCeOZxF0wyYd
M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh P+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u
bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgxEzARBgNV
DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG BAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDZgDrD0vTaNzAMBgNVHRMEBTADAQH/ SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKZmOElFm9yBMAwGA1UdEwQFMAMB
MA0GCSqGSIb3DQEBCwUAA4IBAQCsK6nZFTuaQvuGK8HyGHymyicLSIFkIDvTT+6V Af8wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0
1MX9X8fWq6FBhczhFuH9zoqvlSfy8Ho9WV06XQOZy0xcGTWcsm5+KxDif+8UNXnK OjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IBAQBZVupFSZyu4gcxzdCg2699bWDvrOAw
Z+tRqem7X1KvnXmAtTFc8CDKx+mbKYLEpHQKKnbqrVmi+aLPU0ARrBre/Ksolp/P RgH3Q/xcqzIbL4uXFLTcaBzyEaf0uJqEAhAMUrrBevI/qgnL5AhwxXaPnH4kemJV
/7l0MZXEbdJ2wZOXdaafaaN9knW4J6K9TUtUEbSKQ/L8EKWC+1FFV4YAhXGRITdc D664uF9XIp6NhXVniLM5LFe9qorl1ltkDxtHp4Nt+nNPrPeuaupNyjbWtyGmAcO1
n/NoBq6ehkaNS+PQQqTPwV2VvBqS+EQeoBvImEGvjpRBYGmxfI5wzohCRDotP95u og4nRCvzYo+WcEXDMUiO/OdkfoqTQvcD1XHSpY/1YG6Im9Rq/KEerqS0NBObTCxn
OqrRZL4DaGC2rOVEwbvxyUCQwsmP7DKd4LRLGufamZT+4rYq Hi/zu79zh6AYFq/fAr/xpYlhrylIWcilE3AFwvjKMJGCIs8JwQ+nlvsZWQlyA7Oa
voliWs2r0OVDUF8/2NCzZmNej8HkNfof9YgxX6Fx9OerxE5kdHLGyhyq
-----END CERTIFICATE----- -----END CERTIFICATE-----

42
certs/server-ecc.pem
View File

@@ -1,12 +1,12 @@
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 12841786837162396166 (0xb2373116f65a0a06) Serial Number: 16848175057268226162 (0xe9d0bdf2fa11b872)
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey Public Key Algorithm: id-ecPublicKey
@@ -24,31 +24,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30 keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:B2:37:31:16:F6:5A:0A:06 serial:E9:D0:BD:F2:FA:11:B8:72
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: ecdsa-with-SHA256 Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:35:25:33:ea:7c:3b:e2:2e:ed:e4:2e:9a:91:f1: 30:45:02:21:00:f1:2d:c5:41:b2:f3:7d:ae:f5:58:d9:96:b3:
c3:86:ff:a7:27:35:a9:f6:29:d6:f8:d5:9a:0b:35:f1:21:c7: b8:d5:d6:c6:71:b2:de:45:8f:78:56:74:d3:6b:7c:e6:c8:42:
02:21:00:bc:79:f7:fd:66:d4:d3:46:61:e4:19:e5:f7:74:03: 6a:02:20:53:2d:22:00:e8:61:39:0c:d2:bc:29:11:51:eb:0e:
83:27:f8:26:c0:86:15:a9:e2:10:e3:ad:6b:b9:1c:1d:eb fa:ec:bd:b0:f6:5d:58:e7:1e:49:e4:f2:2a:77:b1:15:3e
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDDzCCArWgAwIBAgIJALI3MRb2WgoGMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG MIIDRTCCAuugAwIBAgIJAOnQvfL6EbhyMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNz A1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNTA3 bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
f/DPGNqREQI0huggWDMLgDSJ2KOB9zCB9DAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr f/DPGNqREQI0huggWDMLgDSJ2KOCASwwggEoMB0GA1UdDgQWBBRdXSbvrH42+Zt2
SiUCI++yiTAwgcQGA1UdIwSBvDCBuYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZWk FStKJQIj77KJMDCBxAYDVR0jBIG8MIG5gBRdXSbvrH42+Zt2FStKJQIj77KJMKGB
gZIwgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH laSBkjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNV
DAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNV BAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMxDDAKBgNVBAsMA0VDQzEYMBYG
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
LmNvbYIJALI3MRb2WgoGMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIg c2wuY29tggkA6dC98voRuHIwDAYDVR0TBAUwAwEB/zAyBggrBgEFBQcBAQQmMCQw
NSUz6nw74i7t5C6akfHDhv+nJzWp9inW+NWaCzXxIccCIQC8eff9ZtTTRmHkGeX3 IgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjIwCgYIKoZIzj0EAwID
dAODJ/gmwIYVqeIQ461ruRwd6w== SAAwRQIhAPEtxUGy832u9VjZlrO41dbGcbLeRY94VnTTa3zmyEJqAiBTLSIA6GE5
DNK8KRFR6w767L2w9l1Y5x5J5PIqd7EVPg==
-----END CERTIFICATE----- -----END CERTIFICATE-----

141
certs/server-revoked-cert.pem
View File

@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: Jul 23 22:04:57 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Apr 18 22:04:57 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_revoked, OU=Support_revoked, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_revoked, OU=Support_revoked, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37 serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
34:66:48:5b:30:5c:6e:fa:76:c9:6a:ce:07:79:d9:99:fa:7a: 34:08:b8:9f:36:68:00:9b:46:f1:f5:b5:ec:b8:4e:7d:b2:5e:
9d:80:2d:fc:51:78:71:c4:31:2c:40:28:c8:63:26:6f:d2:39: 83:c1:5a:f1:37:56:ed:9a:99:c7:69:34:65:51:b0:ce:0d:2e:
63:97:3f:00:d3:d0:69:10:3f:a9:00:07:7b:59:44:85:29:03: 49:e8:99:c4:ed:aa:ba:cf:2d:ef:33:da:49:20:bb:31:d8:39:
31:0a:d8:ed:88:e5:1e:fa:e0:8c:9b:e0:7e:6e:d6:fb:7c:cc: 96:26:5a:4d:99:56:43:e6:8e:84:a8:c2:09:10:db:27:7e:7d:
cf:bd:43:0a:df:15:bd:8f:2a:6f:b2:51:19:b8:2a:64:0e:25: a3:f4:6a:09:3e:01:84:6b:a4:22:3e:4f:fb:8c:42:e5:cb:99:
68:75:af:43:5a:bf:40:2b:69:9c:27:81:0c:5d:78:a1:55:a4: 82:7c:05:c1:c3:1d:bc:a1:eb:c1:d2:02:b1:b6:5a:e5:59:e0:
21:a0:87:9e:a2:aa:60:ac:da:2f:30:f5:d5:c9:c1:22:6b:c1: d1:e0:8f:90:6b:97:2c:bf:d1:e3:67:a9:42:08:16:b4:2e:e7:
06:c2:42:c7:56:35:13:cd:af:5f:c9:89:bf:e9:30:b3:92:bc: d2:39:d6:6a:e3:7e:4c:a6:11:4e:04:7a:0c:6f:69:c3:44:ff:
21:6d:b8:23:85:46:44:3f:52:72:a4:7b:95:41:1a:b1:03:92: d7:d2:8f:44:7d:94:a5:73:8a:db:9f:0a:10:76:53:81:b9:f3:
aa:0c:5c:2e:16:95:c5:60:7a:6c:6b:f8:ae:9b:b7:08:c9:1f: 5d:98:24:f4:09:2d:77:95:79:c8:29:e8:64:20:15:b4:4b:47:
0d:85:91:e0:7f:bc:0d:0d:c7:69:2d:5f:99:b7:88:06:be:c5: 56:67:a5:b4:51:23:dc:0f:f9:e1:f2:aa:2a:3f:cb:1e:2b:9d:
d3:84:1a:46:b6:cb:53:04:27:e9:71:36:72:41:f6:63:9b:cb: 71:fd:7e:2d:b6:23:aa:c4:c3:b6:b8:88:1a:d5:08:68:8a:2e:
25:6f:16:8b:0e:ef:42:db:b5:27:45:cf:a7:3e:3e:ae:78:7c: 50:48:39:f6:fe:fb:f9:dc:0f:da:eb:8c:0e:39:21:3b:79:9a:
d8:6b:a8:f6:52:e4:a7:93:b7:8c:94:d2:4a:93:04:20:67:aa: dc:cc:1c:79:35:a4:35:ac:06:6f:f8:f2:3c:56:0a:03:08:77:
c3:ea:24:f9 b8:26:e3:c7
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIErjCCA5agAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx MIIE5DCCA8ygAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNzIz bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MjIwNDU3WhcNMTgwNDE4MjIwNDU3WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2
b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s
ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
@@ -72,28 +75,29 @@ ayQbdkisxiOlp+QFGb239t76/+1bPHmKqdXx++vIseSyq1JyiZMiXLrNijYqLNFA
Hf3mQ8cbM7j05RtZORI4TS2bZGiY/I1yEpHyJCVsTEpIV5IAzH7Y1D24HfKe6rIj Hf3mQ8cbM7j05RtZORI4TS2bZGiY/I1yEpHyJCVsTEpIV5IAzH7Y1D24HfKe6rIj
D1EPEUEc9ScAGwh6EjoFWwMk/rF7IPrkqFjGys5/vpUBEp0F5jkTG8A+Vi4rn3Y3 D1EPEUEc9ScAGwh6EjoFWwMk/rF7IPrkqFjGys5/vpUBEp0F5jkTG8A+Vi4rn3Y3
3t6b4A16Yw2nIljbMcf3tEZcurZLSLEYmmizY0f9rxJfL/4Qy1grM2iFAgMBAAGj 3t6b4A16Yw2nIljbMcf3tEZcurZLSLEYmmizY0f9rxJfL/4Qy1grM2iFAgMBAAGj
gfwwgfkwHQYDVR0OBBYEFNgJK1nhKu7Z7kCqnKvwXSgJTyK7MIHJBgNVHSMEgcEw ggExMIIBLTAdBgNVHQ4EFgQU2AkrWeEq7tnuQKqcq/BdKAlPIrswgckGA1UdIwSB
gb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ wTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVT
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJANmAOsPS9No3 c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkApmY4SUWb
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADRmSFswXG76dslqzgd5 3IEwDAYDVR0TBAUwAwEB/zAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0
2Zn6ep2ALfxReHHEMSxAKMhjJm/SOWOXPwDT0GkQP6kAB3tZRIUpAzEK2O2I5R76 dHA6Ly9sb2NhbGhvc3Q6MjIyMjIwDQYJKoZIhvcNAQELBQADggEBADQIuJ82aACb
4Iyb4H5u1vt8zM+9QwrfFb2PKm+yURm4KmQOJWh1r0Nav0AraZwngQxdeKFVpCGg RvH1tey4Tn2yXoPBWvE3Vu2amcdpNGVRsM4NLknomcTtqrrPLe8z2kkguzHYOZYm
h56iqmCs2i8w9dXJwSJrwQbCQsdWNRPNr1/Jib/pMLOSvCFtuCOFRkQ/UnKke5VB Wk2ZVkPmjoSowgkQ2yd+faP0agk+AYRrpCI+T/uMQuXLmYJ8BcHDHbyh68HSArG2
GrEDkqoMXC4WlcVgemxr+K6btwjJHw2FkeB/vA0Nx2ktX5m3iAa+xdOEGka2y1ME WuVZ4NHgj5Brlyy/0eNnqUIIFrQu59I51mrjfkymEU4EegxvacNE/9fSj0R9lKVz
J+lxNnJB9mObyyVvFosO70LbtSdFz6c+Pq54fNhrqPZS5KeTt4yU0kqTBCBnqsPq itufChB2U4G5812YJPQJLXeVecgp6GQgFbRLR1ZnpbRRI9wP+eHyqio/yx4rnXH9
JPk= fi22I6rEw7a4iBrVCGiKLlBIOfb++/ncD9rrjA45ITt5mtzMHHk1pDWsBm/48jxW
CgMId7gm48c=
-----END CERTIFICATE----- -----END CERTIFICATE-----
Certificate: Certificate:
Data: Data:
Version: 3 (0x2) Version: 3 (0x2)
Serial Number: 15672591315981621815 (0xd9803ac3d2f4da37) Serial Number: 11990332945272134785 (0xa6663849459bdc81)
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity Validity
Not Before: May 7 18:21:01 2015 GMT Not Before: Nov 23 12:49:37 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info: Subject Public Key Info:
Public Key Algorithm: rsaEncryption Public Key Algorithm: rsaEncryption
@@ -124,32 +128,35 @@ Certificate:
X509v3 Authority Key Identifier: X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37 serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints: X509v3 Basic Constraints:
CA:TRUE CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
7a:af:44:3b:aa:6f:53:42:b2:33:aa:43:5f:56:30:d3:b9:96: 41:8f:fb:6b:65:6b:36:f2:56:4f:0c:48:b0:4d:8c:c2:cb:d6:
0b:9a:55:5a:39:2a:0b:4e:e4:2e:f1:95:66:c9:86:36:82:8d: 58:7a:83:3a:30:7d:62:7b:86:f1:15:26:b3:26:02:77:f2:c8:
63:7c:4d:a2:ee:48:ba:03:c7:90:d7:a7:c6:74:60:48:5f:31: 57:e5:1e:60:68:8b:a4:e8:f3:a8:b2:88:a4:2f:e8:6e:25:8d:
a2:f9:5e:3e:c3:82:e1:e5:2f:41:81:83:29:25:79:d1:53:00: 6b:dc:53:ab:2f:d3:47:8c:d6:27:ab:39:bc:d3:ca:d8:01:96:
69:3c:ed:0a:30:3b:41:1d:92:a1:2c:a8:9d:2c:e3:23:87:79: a4:44:57:38:93:ab:c3:f3:95:67:7f:cf:25:1d:b7:04:dc:06:
e0:55:6e:91:a8:50:da:46:2f:c2:20:50:3e:2b:47:97:14:b0: c9:5d:24:c1:54:13:71:81:21:31:ee:9f:b4:9d:ce:98:66:a4:
7d:04:ba:45:51:d0:6e:e1:5a:a2:4b:84:9c:4d:cd:85:04:f9: a0:77:c1:88:18:a4:d1:36:ee:cd:d8:c1:1b:bc:03:d6:85:9a:
28:31:82:93:bc:c7:59:49:91:03:e8:df:6a:e4:56:ad:6a:cb: 2e:21:82:95:4c:b2:2a:fe:69:db:ac:e4:97:e1:e9:0e:f1:d3:
1f:0d:37:e4:5e:bd:e7:9f:d5:ec:9d:3c:18:25:9b:f1:2f:50: ef:20:86:03:01:66:6b:f0:26:0f:39:04:26:f5:42:98:3f:95:
7d:eb:31:cb:f1:63:22:9d:57:fc:f3:84:20:1a:c6:07:87:92: 48:5f:b5:5d:bc:49:4c:81:38:d5:e9:72:32:1c:66:1b:12:80:
26:9e:15:18:59:33:06:dc:fb:b0:b6:76:5d:f1:c1:2f:c8:2f: 0f:db:99:f0:97:67:61:79:ad:ab:be:6a:ea:aa:cc:3d:f9:40:
62:9c:c0:d6:de:eb:65:77:f3:5c:a6:c3:88:27:96:75:b4:f4: 99:00:93:bb:df:4b:41:d4:7f:f1:93:b2:70:83:3a:e3:6b:44:
54:cd:ff:2d:21:2e:96:f0:07:73:4b:e9:93:92:90:de:62:d9: 4b:1f:9f:77:53:ea:5d:e6:59:1e:c0:2d:4b:83:d6:f4:a3:d4:
a3:3b:ac:6e:24:5f:27:4a:b3:94:70:ff:30:17:e7:7e:32:8f: a9:c3:91:12:e7:61:3f:56:9d:8f:b8:19:29:62:1b:58:df:73:
65:b7:75:58 99:1f:49:63
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJANmAOsPS9No3MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD MIIE4DCCA8igAwIBAgIJAKZmOElFm9yBMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGUMQswCQYDVQQGEwJVUzEQ Fw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
@@ -158,16 +165,18 @@ mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI /hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB /pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATEw
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU ggEtMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYD b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAM
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeq9EO6pvU0KyM6pDX1Yw07mW BgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
C5pVWjkqC07kLvGVZsmGNoKNY3xNou5IugPHkNenxnRgSF8xovlePsOC4eUvQYGD L2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAQY/7a2VrNvJWTwxI
KSV50VMAaTztCjA7QR2SoSyonSzjI4d54FVukahQ2kYvwiBQPitHlxSwfQS6RVHQ sE2MwsvWWHqDOjB9YnuG8RUmsyYCd/LIV+UeYGiLpOjzqLKIpC/obiWNa9xTqy/T
buFaokuEnE3NhQT5KDGCk7zHWUmRA+jfauRWrWrLHw035F6955/V7J08GCWb8S9Q R4zWJ6s5vNPK2AGWpERXOJOrw/OVZ3/PJR23BNwGyV0kwVQTcYEhMe6ftJ3OmGak
fesxy/FjIp1X/POEIBrGB4eSJp4VGFkzBtz7sLZ2XfHBL8gvYpzA1t7rZXfzXKbD oHfBiBik0TbuzdjBG7wD1oWaLiGClUyyKv5p26zkl+HpDvHT7yCGAwFma/AmDzkE
iCeWdbT0VM3/LSEulvAHc0vpk5KQ3mLZozusbiRfJ0qzlHD/MBfnfjKPZbd1WA== JvVCmD+VSF+1XbxJTIE41elyMhxmGxKAD9uZ8JdnYXmtq75q6qrMPflAmQCTu99L
QdR/8ZOycIM642tESx+fd1PqXeZZHsAtS4PW9KPUqcOREudhP1adj7gZKWIbWN9z
mR9JYw==
-----END CERTIFICATE----- -----END CERTIFICATE-----

29
configure.ac
View File

@@ -1658,7 +1658,7 @@ fi
# Certificate Status Request : a.k.a. OCSP Stapling # Certificate Status Request : a.k.a. OCSP Stapling
AC_ARG_ENABLE([ocspstapling], AC_ARG_ENABLE([ocspstapling],
[AS_HELP_STRING([--enable-ocspstapling],[Enable Certificate Status Request - a.k.a. OCSP Stapling (default: disabled)])], [AS_HELP_STRING([--enable-ocspstapling],[Enable OCSP Stapling (default: disabled)])],
[ ENABLED_CERTIFICATE_STATUS_REQUEST=$enableval ], [ ENABLED_CERTIFICATE_STATUS_REQUEST=$enableval ],
[ ENABLED_CERTIFICATE_STATUS_REQUEST=no ] [ ENABLED_CERTIFICATE_STATUS_REQUEST=no ]
) )
@@ -1676,6 +1676,30 @@ then
fi fi
fi fi
AM_CONDITIONAL([BUILD_OCSP_STAPLING], [test "x$ENABLED_CERTIFICATE_STATUS_REQUEST" = "xyes"])
# Certificate Status Request v2 : a.k.a. OCSP stapling v2
AC_ARG_ENABLE([ocspstapling2],
[AS_HELP_STRING([--enable-ocspstapling2],[Enable OCSP Stapling v2 (default: disabled)])],
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=$enableval ],
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ]
)
if test "x$ENABLED_CERTIFICATE_STATUS_REQUEST_V2" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_CERTIFICATE_STATUS_REQUEST_V2"
# Requires OCSP make sure on
if test "x$ENABLED_OCSP" = "xno"
then
ENABLED_OCSP="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
fi
fi
AM_CONDITIONAL([BUILD_OCSP_STAPLING_V2], [test "x$ENABLED_CERTIFICATE_STATUS_REQUEST_V2" = "xyes"])
# Renegotiation Indication - (FAKE Secure Renegotiation) # Renegotiation Indication - (FAKE Secure Renegotiation)
AC_ARG_ENABLE([renegotiation-indication], AC_ARG_ENABLE([renegotiation-indication],
[AS_HELP_STRING([--enable-renegotiation-indication],[Enable Renegotiation Indication (default: disabled)])], [AS_HELP_STRING([--enable-renegotiation-indication],[Enable Renegotiation Indication (default: disabled)])],
@@ -2737,7 +2761,8 @@ echo " * Server Name Indication: $ENABLED_SNI"
echo " * ALPN: $ENABLED_ALPN" echo " * ALPN: $ENABLED_ALPN"
echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT"
echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC"
echo " * Certificate Status Request: $ENABLED_CERTIFICATE_STATUS_REQUEST" echo " * OCSP Stapling: $ENABLED_CERTIFICATE_STATUS_REQUEST"
echo " * OCSP Stapling v2: $ENABLED_CERTIFICATE_STATUS_REQUEST_V2"
echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES" echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
echo " * Session Ticket: $ENABLED_SESSION_TICKET" echo " * Session Ticket: $ENABLED_SESSION_TICKET"
echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION" echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION"

41
examples/client/client.c
View File

@@ -364,7 +364,8 @@ static void Usage(void)
printf("-o Perform OCSP lookup on peer certificate\n"); printf("-o Perform OCSP lookup on peer certificate\n");
printf("-O <url> Perform OCSP lookup using <url> as responder\n"); printf("-O <url> Perform OCSP lookup using <url> as responder\n");
#endif #endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
printf("-W Use OCSP Stapling\n"); printf("-W Use OCSP Stapling\n");
#endif #endif
#ifdef ATOMIC_USER #ifdef ATOMIC_USER
@@ -446,7 +447,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef HAVE_TRUNCATED_HMAC #ifdef HAVE_TRUNCATED_HMAC
byte truncatedHMAC = 0; byte truncatedHMAC = 0;
#endif #endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
byte statusRequest = 0; byte statusRequest = 0;
#endif #endif
@@ -488,7 +490,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef WOLFSSL_VXWORKS #ifndef WOLFSSL_VXWORKS
while ((ch = mygetopt(argc, argv, while ((ch = mygetopt(argc, argv,
"?gdeDusmNrwRitfxXUPCVh:p:v:l:A:c:k:Z:b:zS:F:L:ToO:aB:W")) != -1) { "?gdeDusmNrwRitfxXUPCVh:p:v:l:A:c:k:Z:b:zS:F:L:ToO:aB:W:")) != -1) {
switch (ch) { switch (ch) {
case '?' : case '?' :
Usage(); Usage();
@@ -680,8 +682,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break; break;
case 'W' : case 'W' :
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
statusRequest = 1; || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
statusRequest = atoi(myoptarg);
#endif #endif
break; break;
@@ -1009,10 +1012,36 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif #endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (statusRequest) { if (statusRequest) {
if (wolfSSL_UseCertificateStatusRequest(ssl, WOLFSSL_CSR_OCSP, switch (statusRequest) {
case WOLFSSL_CSR_OCSP:
if (wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR_OCSP,
WOLFSSL_CSR_OCSP_USE_NONCE) != SSL_SUCCESS) WOLFSSL_CSR_OCSP_USE_NONCE) != SSL_SUCCESS)
err_sys("UseCertificateStatusRequest failed"); err_sys("UseCertificateStatusRequest failed");
break;
}
wolfSSL_CTX_EnableOCSP(ctx, 0);
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (statusRequest) {
switch (statusRequest) {
case WOLFSSL_CSR2_OCSP:
if (wolfSSL_UseOCSPStaplingV2(ssl,
WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE)
!= SSL_SUCCESS)
err_sys("UseCertificateStatusRequest failed");
break;
case WOLFSSL_CSR2_OCSP_MULTI:
if (wolfSSL_UseOCSPStaplingV2(ssl,
WOLFSSL_CSR2_OCSP_MULTI, 0)
!= SSL_SUCCESS)
err_sys("UseCertificateStatusRequest failed");
break;
}
wolfSSL_CTX_EnableOCSP(ctx, 0); wolfSSL_CTX_EnableOCSP(ctx, 0);
} }
#endif #endif

15
examples/server/server.c
View File

@@ -610,7 +610,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
if (!usePsk && !useAnon) { if (!usePsk && !useAnon) {
if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) if (SSL_CTX_use_certificate_chain_file(ctx, ourCert)
!= SSL_SUCCESS) != SSL_SUCCESS)
err_sys("can't load server cert file, check file and run from" err_sys("can't load server cert file, check file and run from"
" wolfSSL home dir"); " wolfSSL home dir");
@@ -743,6 +743,17 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
} }
#endif #endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (wolfSSL_CTX_EnableOCSPStapling(ctx) != SSL_SUCCESS)
err_sys("can't enable OCSP Stapling Certificate Manager");
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate1-ca-cert.pem", 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate2-ca-cert.pem", 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate3-ca-cert.pem", 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#endif
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
if (pkCallbacks) if (pkCallbacks)
SetupPkCallbacks(ctx, ssl); SetupPkCallbacks(ctx, ssl);
@@ -986,5 +997,3 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
return 0; return 0;
} }
#endif #endif

22
scripts/include.am
View File

@@ -9,6 +9,7 @@ dist_noinst_SCRIPTS+= scripts/sniffer-testsuite.test
endif endif
if BUILD_EXAMPLES if BUILD_EXAMPLES
dist_noinst_SCRIPTS+= scripts/resume.test dist_noinst_SCRIPTS+= scripts/resume.test
EXTRA_DIST+= scripts/benchmark.test EXTRA_DIST+= scripts/benchmark.test
@@ -23,6 +24,27 @@ dist_noinst_SCRIPTS+= scripts/external.test
dist_noinst_SCRIPTS+= scripts/google.test dist_noinst_SCRIPTS+= scripts/google.test
#dist_noinst_SCRIPTS+= scripts/openssl.test #dist_noinst_SCRIPTS+= scripts/openssl.test
endif endif
if BUILD_OCSP
dist_noinst_SCRIPTS+= scripts/ocsp.test
endif
if BUILD_OCSP_STAPLING
dist_noinst_SCRIPTS+= scripts/ocsp-stapling.test
scripts/ocsp-stapling.log: scripts/ocsp.log
endif
if BUILD_OCSP_STAPLING_V2
dist_noinst_SCRIPTS+= scripts/ocsp-stapling2.test
if BUILD_OCSP_STAPLING
scripts/ocsp-stapling2.log: scripts/ocsp-stapling.log
else
scripts/ocsp-stapling2.log: scripts/ocsp.log
endif
endif
endif endif

41
scripts/ocsp-stapling.test Executable file
View File

@@ -0,0 +1,41 @@
#!/bin/sh
# ocsp-stapling.test
trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
server=login.live.com
ca=certs/external/ca-verisign-g5.pem
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# is our desired server there? - login.live.com doesn't answers PING
# ping -c 2 $server
# RESULT=$?
# [ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# setup ocsp responder
./certs/ocsp/ocspd1.sh &
sleep 1
[ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
# client test against our own server - GOOD CERT
./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# client test against our own server - REVOKED CERT
./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
exit 0

55
scripts/ocsp-stapling2.test Executable file
View File

@@ -0,0 +1,55 @@
#!/bin/sh
# ocsp-stapling.test
trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# setup ocsp responders
./certs/ocsp/ocspd0.sh &
./certs/ocsp/ocspd2.sh &
./certs/ocsp/ocspd3.sh &
sleep 1
[ $(jobs -r | wc -l) -ne 3 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
# client test against our own server - GOOD CERTS
./examples/server/server -c certs/ocsp/server3-cert.pem -k certs/ocsp/server3-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
./examples/server/server -c certs/ocsp/server3-cert.pem -k certs/ocsp/server3-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# client test against our own server - REVOKED SERVER CERT
./examples/server/server -c certs/ocsp/server4-cert.pem -k certs/ocsp/server4-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
./examples/server/server -c certs/ocsp/server4-cert.pem -k certs/ocsp/server4-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
# client test against our own server - REVOKED INTERMEDIATE CERT
./examples/server/server -c certs/ocsp/server5-cert.pem -k certs/ocsp/server5-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed $RESULT" && exit 1
./examples/server/server -c certs/ocsp/server5-cert.pem -k certs/ocsp/server5-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
exit 0

20
scripts/ocsp.test Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
# ocsp-stapling.test
server=www.globalsign.com
ca=certs/external/ca-globalsign-root-r2.pem
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# is our desired server there?
ping -c 2 $server
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
exit 0

608
src/internal.c
View File

@@ -541,6 +541,10 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
/* In case contexts are held in array and don't want to free actual ctx */ /* In case contexts are held in array and don't want to free actual ctx */
void SSL_CtxResourceFree(WOLFSSL_CTX* ctx) void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
{ {
int i;
(void)i;
XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD); XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD);
if (ctx->suites) if (ctx->suites)
XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES); XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES);
@@ -549,15 +553,39 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH); XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH); XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
#endif #endif
#ifndef NO_CERTS #ifndef NO_CERTS
XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY); XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY);
XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT); XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT); XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
wolfSSL_CertManagerFree(ctx->cm); wolfSSL_CertManagerFree(ctx->cm);
#endif #endif
#ifdef HAVE_TLS_EXTENSIONS #ifdef HAVE_TLS_EXTENSIONS
TLSX_FreeAll(ctx->extensions); TLSX_FreeAll(ctx->extensions);
#ifndef NO_WOLFSSL_SERVER
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (ctx->certOcspRequest) {
FreeOcspRequest(ctx->certOcspRequest);
XFREE(ctx->certOcspRequest, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
#endif #endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
for (i = 0; i < MAX_CHAIN_DEPTH; i++) {
if (ctx->chainOcspRequest[i]) {
FreeOcspRequest(ctx->chainOcspRequest[i]);
XFREE(ctx->chainOcspRequest[i], NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
}
#endif
#endif /* NO_WOLFSSL_SERVER */
#endif /* HAVE_TLS_EXTENSIONS */
} }
@@ -4507,10 +4535,16 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#if defined(HAVE_OCSP) || defined(HAVE_CRL) #if defined(HAVE_OCSP) || defined(HAVE_CRL)
if (ret == 0) { if (ret == 0) {
int doCrlLookup = 1; int doCrlLookup = 1;
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2)
ret = TLSX_CSR2_InitRequests(ssl->extensions, dCert, 0);
else /* skips OCSP and force CRL check */
#endif
if (ssl->ctx->cm->ocspEnabled && ssl->ctx->cm->ocspCheckAll) { if (ssl->ctx->cm->ocspEnabled && ssl->ctx->cm->ocspCheckAll) {
WOLFSSL_MSG("Doing Non Leaf OCSP check"); WOLFSSL_MSG("Doing Non Leaf OCSP check");
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert); ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert, NULL);
doCrlLookup = (ret == OCSP_CERT_UNKNOWN); doCrlLookup = (ret == OCSP_CERT_UNKNOWN);
if (ret != 0) { if (ret != 0) {
doCrlLookup = 0; doCrlLookup = 0;
@@ -4520,7 +4554,7 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif /* HAVE_OCSP */ #endif /* HAVE_OCSP */
#ifdef HAVE_CRL #ifdef HAVE_CRL
if (doCrlLookup && ssl->ctx->cm->crlEnabled if (ret == 0 && doCrlLookup && ssl->ctx->cm->crlEnabled
&& ssl->ctx->cm->crlCheckAll) { && ssl->ctx->cm->crlCheckAll) {
WOLFSSL_MSG("Doing Non Leaf CRL check"); WOLFSSL_MSG("Doing Non Leaf CRL check");
ret = CheckCertCRL(ssl->ctx->cm->crl, dCert); ret = CheckCertCRL(ssl->ctx->cm->crl, dCert);
@@ -4599,19 +4633,25 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (fatal == 0) { if (fatal == 0) {
int doLookup = 1; int doLookup = 1;
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->options.side == WOLFSSL_CLIENT_END) { if (ssl->options.side == WOLFSSL_CLIENT_END) {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->status_request) { if (ssl->status_request) {
fatal = TLSX_CSR_InitRequest(ssl->extensions, dCert); fatal = TLSX_CSR_InitRequest(ssl->extensions, dCert);
doLookup = 0; doLookup = 0;
} }
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2) {
fatal = TLSX_CSR2_InitRequests(ssl->extensions, dCert, 1);
doLookup = 0;
} }
#endif #endif
}
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
if (doLookup && ssl->ctx->cm->ocspEnabled) { if (doLookup && ssl->ctx->cm->ocspEnabled) {
WOLFSSL_MSG("Doing Leaf OCSP check"); WOLFSSL_MSG("Doing Leaf OCSP check");
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert); ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert, NULL);
doLookup = (ret == OCSP_CERT_UNKNOWN); doLookup = (ret == OCSP_CERT_UNKNOWN);
if (ret != 0) { if (ret != 0) {
WOLFSSL_MSG("\tOCSP Lookup not ok"); WOLFSSL_MSG("\tOCSP Lookup not ok");
@@ -4957,10 +4997,13 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return BUFFER_ERROR; return BUFFER_ERROR;
switch (status_type) { switch (status_type) {
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST)
case WOLFSSL_CSR_OCSP: { #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
OcspRequest* request = TLSX_CSR_GetRequest(ssl->extensions); || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
/* WOLFSSL_CSR_OCSP overlaps with WOLFSSL_CSR2_OCSP */
case WOLFSSL_CSR2_OCSP: {
OcspRequest* request;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
CertStatus* status; CertStatus* status;
@@ -4973,13 +5016,27 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
do { do {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->status_request) { if (ssl->status_request) {
request = TLSX_CSR_GetRequest(ssl->extensions);
ssl->status_request = 0; ssl->status_request = 0;
break; break;
} }
#endif #endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2) {
request = TLSX_CSR2_GetRequest(ssl->extensions,
status_type, 0);
ssl->status_request_v2 = 0;
break;
}
#endif
return BUFFER_ERROR; return BUFFER_ERROR;
} while(0); } while(0);
if (request == NULL)
return BAD_CERTIFICATE_STATUS_ERROR; /* not expected */
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
@@ -4987,8 +5044,10 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (status == NULL || response == NULL) { if (status == NULL || response == NULL) {
if (status) XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (status)
if (response) XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (response)
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_ERROR; return MEMORY_ERROR;
} }
@@ -4996,14 +5055,11 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
InitOcspResponse(response, status, input +*inOutIdx, status_length); InitOcspResponse(response, status, input +*inOutIdx, status_length);
if ((ret = OcspResponseDecode(response, ssl->ctx->cm)) == 0) { if ((OcspResponseDecode(response, ssl->ctx->cm) != 0)
if (response->responseStatus != OCSP_SUCCESSFUL) || (response->responseStatus != OCSP_SUCCESSFUL)
|| (response->status->status != CERT_GOOD)
|| (CompareOcspReqResp(request, response) != 0))
ret = BAD_CERTIFICATE_STATUS_ERROR; ret = BAD_CERTIFICATE_STATUS_ERROR;
else if (CompareOcspReqResp(request, response) != 0)
ret = BAD_CERTIFICATE_STATUS_ERROR;
else if (response->status->status != CERT_GOOD)
ret = BAD_CERTIFICATE_STATUS_ERROR;
}
*inOutIdx += status_length; *inOutIdx += status_length;
@@ -5014,6 +5070,102 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
} }
break; break;
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
case WOLFSSL_CSR2_OCSP_MULTI: {
OcspRequest* request;
word32 list_length = status_length;
byte index = 0;
#ifdef WOLFSSL_SMALL_STACK
CertStatus* status;
OcspResponse* response;
#else
CertStatus status[1];
OcspResponse response[1];
#endif
do {
if (ssl->status_request_v2) {
ssl->status_request_v2 = 0;
break;
}
return BUFFER_ERROR;
} while(0);
#ifdef WOLFSSL_SMALL_STACK
status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (status == NULL || response == NULL) {
if (status)
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (response)
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_ERROR;
}
#endif
while (list_length && ret == 0) {
if (OPAQUE24_LEN > list_length) {
ret = BUFFER_ERROR;
break;
}
c24to32(input + *inOutIdx, &status_length);
*inOutIdx += OPAQUE24_LEN;
list_length -= OPAQUE24_LEN;
if (status_length > list_length) {
ret = BUFFER_ERROR;
break;
}
if (status_length) {
InitOcspResponse(response, status, input +*inOutIdx,
status_length);
if ((OcspResponseDecode(response, ssl->ctx->cm) != 0)
|| (response->responseStatus != OCSP_SUCCESSFUL)
|| (response->status->status != CERT_GOOD))
ret = BAD_CERTIFICATE_STATUS_ERROR;
while (ret == 0) {
request = TLSX_CSR2_GetRequest(ssl->extensions,
status_type, index++);
if (request == NULL)
ret = BAD_CERTIFICATE_STATUS_ERROR;
else if (CompareOcspReqResp(request, response) == 0)
break;
else if (index == 1) /* server cert must be OK */
ret = BAD_CERTIFICATE_STATUS_ERROR;
}
*inOutIdx += status_length;
list_length -= status_length;
}
}
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
ssl->status_request_v2 = 0;
#endif
#ifdef WOLFSSL_SMALL_STACK
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
break;
#endif #endif
default: default:
@@ -5246,6 +5398,15 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
if ((ret = TLSX_CSR_ForceRequest(ssl)) != 0) if ((ret = TLSX_CSR_ForceRequest(ssl)) != 0)
return ret; return ret;
} }
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2) {
int ret;
WOLFSSL_MSG("No CertificateStatus before ServerKeyExchange");
if ((ret = TLSX_CSR2_ForceRequest(ssl)) != 0)
return ret;
}
#endif #endif
} }
@@ -8243,6 +8404,421 @@ int SendCertificateRequest(WOLFSSL* ssl)
else else
return SendBuffered(ssl); return SendBuffered(ssl);
} }
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
static int BuildCertificateStatus(WOLFSSL* ssl, byte type, buffer* status,
byte count)
{
byte* output = NULL;
word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
word32 length = ENUM_LEN;
int sendSz = 0;
int ret = 0;
int i = 0;
WOLFSSL_ENTER("BuildCertificateStatus");
switch (type) {
case WOLFSSL_CSR2_OCSP_MULTI:
length += OPAQUE24_LEN;
/* followed by */
case WOLFSSL_CSR2_OCSP:
for (i = 0; i < count; i++)
length += OPAQUE24_LEN + status[i].length;
break;
default:
return 0;
}
sendSz = idx + length;
if (ssl->keys.encryptionOn)
sendSz += MAX_MSG_EXTRA;
if ((ret = CheckAvailableSize(ssl, sendSz)) == 0) {
output = ssl->buffers.outputBuffer.buffer +
ssl->buffers.outputBuffer.length;
AddHeaders(output, length, certificate_status, ssl);
output[idx++] = type;
if (type == WOLFSSL_CSR2_OCSP_MULTI) {
c32to24(length - (ENUM_LEN + OPAQUE24_LEN), output + idx);
idx += OPAQUE24_LEN;
}
for (i = 0; i < count; i++) {
c32to24(status[i].length, output + idx);
idx += OPAQUE24_LEN;
XMEMCPY(output + idx, status[i].buffer, status[i].length);
idx += status[i].length;
}
if (IsEncryptionOn(ssl, 1)) {
byte* input;
int inputSz = idx - RECORD_HEADER_SZ;
input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (input == NULL)
return MEMORY_E;
XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
handshake, 1);
XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (sendSz < 0)
ret = sendSz;
}
else
ret = HashOutput(ssl, output, sendSz, 0);
#ifdef WOLFSSL_DTLS
if (ret == 0 && ssl->options.dtls)
ret = DtlsPoolSave(ssl, output, sendSz));
#endif
#ifdef WOLFSSL_CALLBACKS
if (ret == 0 && ssl->hsInfoOn)
AddPacketName("CertificateStatus", &ssl->handShakeInfo);
if (ret == 0 && ssl->toInfoOn)
AddPacketInfo("CertificateStatus", &ssl->timeoutInfo, output,
sendSz, ssl->heap);
#endif
if (ret == 0) {
ssl->buffers.outputBuffer.length += sendSz;
if (!ssl->options.groupMessages)
ret = SendBuffered(ssl);
}
}
WOLFSSL_LEAVE("BuildCertificateStatus", ret);
return ret;
}
#endif
int SendCertificateStatus(WOLFSSL* ssl)
{
int ret = 0;
byte status_type = 0;
WOLFSSL_ENTER("SendCertificateStatus");
(void) ssl;
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
status_type = ssl->status_request;
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
status_type = status_type ? status_type : ssl->status_request_v2;
#endif
switch (status_type) {
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
/* case WOLFSSL_CSR_OCSP: */
case WOLFSSL_CSR2_OCSP: {
OcspRequest* request = ssl->ctx->certOcspRequest;
buffer response = {NULL, 0};
/* unable to fetch status. skip. */
if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0)
return 0;
if (!request || ssl->buffers.weOwnCert) {
buffer der = ssl->buffers.certificate;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
/* unable to fetch status. skip. */
if (der.buffer == NULL || der.length == 0)
return 0;
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return MEMORY_E;
#endif
InitDecodedCert(cert, der.buffer, der.length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
ssl->ctx->cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
}
else {
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
DYNAMIC_TYPE_OCSP_REQUEST);
if (request == NULL) {
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
ret = InitOcspRequest(request, cert, 0);
if (ret != 0) {
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
else if (!ssl->buffers.weOwnCert && 0 == LockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
if (!ssl->ctx->certOcspRequest)
ssl->ctx->certOcspRequest = request;
UnLockMutex(&ssl->ctx->cm->ocsp_stapling->ocspLock);
}
}
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
if (ret == 0) {
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request,
&response);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
if (response.buffer) {
if (ret == 0)
ret = BuildCertificateStatus(ssl, status_type,
&response, 1);
XFREE(response.buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
}
if (request != ssl->ctx->certOcspRequest)
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
break;
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
/* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
#if defined HAVE_CERTIFICATE_STATUS_REQUEST_V2
case WOLFSSL_CSR2_OCSP_MULTI: {
OcspRequest* request = ssl->ctx->certOcspRequest;
buffer responses[1 + MAX_CHAIN_DEPTH];
int i = 0;
ForceZero(responses, sizeof(responses));
/* unable to fetch status. skip. */
if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0)
return 0;
if (!request || ssl->buffers.weOwnCert) {
buffer der = ssl->buffers.certificate;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
/* unable to fetch status. skip. */
if (der.buffer == NULL || der.length == 0)
return 0;
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return MEMORY_E;
#endif
InitDecodedCert(cert, der.buffer, der.length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
ssl->ctx->cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
}
else {
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
DYNAMIC_TYPE_OCSP_REQUEST);
if (request == NULL) {
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
ret = InitOcspRequest(request, cert, 0);
if (ret != 0) {
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
else if (!ssl->buffers.weOwnCert && 0 == LockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
if (!ssl->ctx->certOcspRequest)
ssl->ctx->certOcspRequest = request;
UnLockMutex(&ssl->ctx->cm->ocsp_stapling->ocspLock);
}
}
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
if (ret == 0) {
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request,
&responses[0]);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
}
if (request != ssl->ctx->certOcspRequest)
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
if (ret == 0 && (!ssl->ctx->chainOcspRequest[0]
|| ssl->buffers.weOwnCertChain)) {
buffer der = {NULL, 0};
word32 idx = 0;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return MEMORY_E;
#endif
while (idx + OPAQUE24_LEN < ssl->buffers.certChain.length) {
c24to32(ssl->buffers.certChain.buffer + idx, &der.length);
idx += OPAQUE24_LEN;
der.buffer = ssl->buffers.certChain.buffer + idx;
idx += der.length;
if (idx > ssl->buffers.certChain.length)
break;
InitDecodedCert(cert, der.buffer, der.length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
ssl->ctx->cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
break;
}
else {
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),
NULL, DYNAMIC_TYPE_OCSP_REQUEST);
if (request == NULL) {
ret = MEMORY_E;
break;
}
ret = InitOcspRequest(request, cert, 0);
if (ret != 0) {
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
break;
}
else if (!ssl->buffers.weOwnCertChain && 0 ==
LockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
if (!ssl->ctx->chainOcspRequest[i])
ssl->ctx->chainOcspRequest[i] = request;
UnLockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock);
}
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling,
request, &responses[i + 1]);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
if (request != ssl->ctx->chainOcspRequest[i])
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
i++;
}
FreeDecodedCert(cert);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
else {
while (ret == 0 &&
NULL != (request = ssl->ctx->chainOcspRequest[i])) {
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling,
request, &responses[++i]);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
}
}
if (responses[0].buffer) {
if (ret == 0)
ret = BuildCertificateStatus(ssl, status_type,
responses, i + 1);
for (i = 0; i < 1 + MAX_CHAIN_DEPTH; i++)
if (responses[i].buffer)
XFREE(responses[i].buffer, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
}
}
break;
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
default:
break;
}
return ret;
}
#endif /* !NO_CERTS */ #endif /* !NO_CERTS */

75
src/ocsp.c
View File

@@ -77,6 +77,10 @@ static void FreeOcspEntry(OcspEntry* entry)
for (status = entry->status; status; status = next) { for (status = entry->status; status; status = next) {
next = status->next; next = status->next;
if (status->rawOcspResponse)
XFREE(status->rawOcspResponse, NULL, DYNAMIC_TYPE_OCSP_STATUS);
XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS); XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS);
} }
} }
@@ -114,7 +118,7 @@ static int xstat2err(int stat)
} }
int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert) int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert, void* encodedResponse)
{ {
int ret = OCSP_LOOKUP_FAIL; int ret = OCSP_LOOKUP_FAIL;
@@ -137,7 +141,7 @@ int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
#endif #endif
if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce) == 0) { if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce) == 0) {
ret = CheckOcspRequest(ocsp, ocspRequest); ret = CheckOcspRequest(ocsp, ocspRequest, encodedResponse);
FreeOcspRequest(ocspRequest); FreeOcspRequest(ocspRequest);
} }
@@ -186,7 +190,7 @@ static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request, static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
OcspEntry* entry, CertStatus** status) OcspEntry* entry, CertStatus** status, buffer* responseBuffer)
{ {
int ret = OCSP_INVALID_STATUS; int ret = OCSP_INVALID_STATUS;
@@ -204,11 +208,29 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
&& !XMEMCMP((*status)->serial, request->serial, (*status)->serialSz)) && !XMEMCMP((*status)->serial, request->serial, (*status)->serialSz))
break; break;
if (*status) { if (responseBuffer && *status && !(*status)->rawOcspResponse) {
/* force fetching again */
ret = OCSP_INVALID_STATUS;
}
else if (*status) {
if (ValidateDate((*status)->thisDate, (*status)->thisDateFormat, BEFORE) if (ValidateDate((*status)->thisDate, (*status)->thisDateFormat, BEFORE)
&& ((*status)->nextDate[0] != 0) && ((*status)->nextDate[0] != 0)
&& ValidateDate((*status)->nextDate, (*status)->nextDateFormat, AFTER)) && ValidateDate((*status)->nextDate, (*status)->nextDateFormat, AFTER))
{
ret = xstat2err((*status)->status); ret = xstat2err((*status)->status);
if (responseBuffer) {
responseBuffer->buffer = (byte*)XMALLOC(
(*status)->rawOcspResponseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (responseBuffer->buffer) {
responseBuffer->length = (*status)->rawOcspResponseSz;
XMEMCPY(responseBuffer->buffer,
(*status)->rawOcspResponse,
(*status)->rawOcspResponseSz);
}
}
}
} }
UnLockMutex(&ocsp->ocspLock); UnLockMutex(&ocsp->ocspLock);
@@ -216,15 +238,17 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
return ret; return ret;
} }
int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest) int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
void* encodedResponse)
{ {
OcspEntry* entry = NULL; OcspEntry* entry = NULL;
CertStatus* status = NULL; CertStatus* status = NULL;
byte* request = NULL; byte* request = NULL;
int requestSz = 2048; int requestSz = 2048;
byte* response = NULL; byte* response = NULL;
const char* url; buffer* responseBuffer = (buffer*) encodedResponse;
int urlSz; const char* url = NULL;
int urlSz = 0;
int ret = -1; int ret = -1;
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -237,11 +261,16 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
WOLFSSL_ENTER("CheckOcspRequest"); WOLFSSL_ENTER("CheckOcspRequest");
if (responseBuffer) {
responseBuffer->buffer = NULL;
responseBuffer->length = 0;
}
ret = GetOcspEntry(ocsp, ocspRequest, &entry); ret = GetOcspEntry(ocsp, ocspRequest, &entry);
if (ret != 0) if (ret != 0)
return ret; return ret;
ret = GetOcspStatus(ocsp, ocspRequest, entry, &status); ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer);
if (ret != OCSP_INVALID_STATUS) if (ret != OCSP_INVALID_STATUS)
return ret; return ret;
@@ -300,14 +329,29 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
ret = OCSP_LOOKUP_FAIL; ret = OCSP_LOOKUP_FAIL;
else { else {
if (CompareOcspReqResp(ocspRequest, ocspResponse) == 0) { if (CompareOcspReqResp(ocspRequest, ocspResponse) == 0) {
if (responseBuffer) {
responseBuffer->buffer = (byte*)XMALLOC(ret, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (responseBuffer->buffer) {
responseBuffer->length = ret;
XMEMCPY(responseBuffer->buffer, response, ret);
}
}
ret = xstat2err(ocspResponse->status->status); ret = xstat2err(ocspResponse->status->status);
if (LockMutex(&ocsp->ocspLock) != 0) if (LockMutex(&ocsp->ocspLock) != 0)
ret = BAD_MUTEX_E; ret = BAD_MUTEX_E;
else { else {
if (status != NULL) if (status != NULL) {
if (status->rawOcspResponse)
XFREE(status->rawOcspResponse, NULL,
DYNAMIC_TYPE_OCSP_STATUS);
/* Replace existing certificate entry with updated */ /* Replace existing certificate entry with updated */
XMEMCPY(status, newStatus, sizeof(CertStatus)); XMEMCPY(status, newStatus, sizeof(CertStatus));
}
else { else {
/* Save new certificate entry */ /* Save new certificate entry */
status = (CertStatus*)XMALLOC(sizeof(CertStatus), status = (CertStatus*)XMALLOC(sizeof(CertStatus),
@@ -320,6 +364,19 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
} }
} }
if (status && responseBuffer && responseBuffer->buffer) {
status->rawOcspResponse = (byte*)XMALLOC(
responseBuffer->length, NULL,
DYNAMIC_TYPE_OCSP_STATUS);
if (status->rawOcspResponse) {
status->rawOcspResponseSz = responseBuffer->length;
XMEMCPY(status->rawOcspResponse,
responseBuffer->buffer,
responseBuffer->length);
}
}
UnLockMutex(&ocsp->ocspLock); UnLockMutex(&ocsp->ocspLock);
} }
} }

93
src/ssl.c
View File

@@ -803,8 +803,7 @@ int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx)
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
int wolfSSL_UseCertificateStatusRequest(WOLFSSL* ssl, byte status_type, int wolfSSL_UseOCSPStapling(WOLFSSL* ssl, byte status_type, byte options)
byte options)
{ {
if (ssl == NULL || ssl->options.side != WOLFSSL_CLIENT_END) if (ssl == NULL || ssl->options.side != WOLFSSL_CLIENT_END)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@@ -814,7 +813,7 @@ int wolfSSL_UseCertificateStatusRequest(WOLFSSL* ssl, byte status_type,
} }
int wolfSSL_CTX_UseCertificateStatusRequest(WOLFSSL_CTX* ctx, byte status_type, int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx, byte status_type,
byte options) byte options)
{ {
if (ctx == NULL || ctx->method->side != WOLFSSL_CLIENT_END) if (ctx == NULL || ctx->method->side != WOLFSSL_CLIENT_END)
@@ -826,6 +825,30 @@ int wolfSSL_CTX_UseCertificateStatusRequest(WOLFSSL_CTX* ctx, byte status_type,
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl, byte status_type, byte options)
{
if (ssl == NULL || ssl->options.side != WOLFSSL_CLIENT_END)
return BAD_FUNC_ARG;
return TLSX_UseCertificateStatusRequestV2(&ssl->extensions, status_type,
options);
}
int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
byte status_type, byte options)
{
if (ctx == NULL || ctx->method->side != WOLFSSL_CLIENT_END)
return BAD_FUNC_ARG;
return TLSX_UseCertificateStatusRequestV2(&ctx->extensions, status_type,
options);
}
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
/* Elliptic Curves */ /* Elliptic Curves */
#ifdef HAVE_SUPPORTED_CURVES #ifdef HAVE_SUPPORTED_CURVES
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
@@ -1643,6 +1666,11 @@ void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
if (cm->ocsp) if (cm->ocsp)
FreeOCSP(cm->ocsp, 1); FreeOCSP(cm->ocsp, 1);
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (cm->ocsp_stapling)
FreeOCSP(cm->ocsp_stapling, 1);
#endif
#endif #endif
FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL); FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);
FreeMutex(&cm->caLock); FreeMutex(&cm->caLock);
@@ -3461,6 +3489,43 @@ int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
return SSL_SUCCESS; return SSL_SUCCESS;
} }
/* turn on OCSP Stapling if off and compiled in, set options */
int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
{
int ret = SSL_SUCCESS;
WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPStapling");
if (cm == NULL)
return BAD_FUNC_ARG;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (cm->ocsp_stapling == NULL) {
cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP),
cm->heap, DYNAMIC_TYPE_OCSP);
if (cm->ocsp_stapling == NULL)
return MEMORY_E;
if (InitOCSP(cm->ocsp_stapling, cm) != 0) {
WOLFSSL_MSG("Init OCSP failed");
FreeOCSP(cm->ocsp_stapling, 1);
cm->ocsp_stapling = NULL;
return SSL_FAILURE;
}
}
cm->ocspStaplingEnabled = 1;
#ifndef WOLFSSL_USER_IO
cm->ocspIOCb = EmbedOcspLookup;
cm->ocspRespFreeCb = EmbedOcspRespFree;
#endif /* WOLFSSL_USER_IO */
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}
#ifdef HAVE_OCSP #ifdef HAVE_OCSP
@@ -3495,7 +3560,7 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
if ((ret = ParseCertRelative(cert, CERT_TYPE, NO_VERIFY, cm)) != 0) { if ((ret = ParseCertRelative(cert, CERT_TYPE, NO_VERIFY, cm)) != 0) {
WOLFSSL_MSG("ParseCert failed"); WOLFSSL_MSG("ParseCert failed");
} }
else if ((ret = CheckCertOCSP(cm->ocsp, cert)) != 0) { else if ((ret = CheckCertOCSP(cm->ocsp, cert, NULL)) != 0) {
WOLFSSL_MSG("CheckCertOCSP failed"); WOLFSSL_MSG("CheckCertOCSP failed");
} }
@@ -3630,6 +3695,17 @@ int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx, CbOCSPIO ioCb,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX* ctx)
{
WOLFSSL_ENTER("wolfSSL_CTX_EnableOCSPStapling");
if (ctx)
return wolfSSL_CertManagerEnableOCSPStapling(ctx->cm);
else
return BAD_FUNC_ARG;
}
#endif
#endif /* HAVE_OCSP */ #endif /* HAVE_OCSP */
@@ -6077,6 +6153,15 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_MSG("accept state CERT_SENT"); WOLFSSL_MSG("accept state CERT_SENT");
case CERT_SENT : case CERT_SENT :
if (!ssl->options.resuming)
if ( (ssl->error = SendCertificateStatus(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error);
return SSL_FATAL_ERROR;
}
ssl->options.acceptState = CERT_STATUS_SENT;
WOLFSSL_MSG("accept state CERT_STATUS_SENT");
case CERT_STATUS_SENT :
if (!ssl->options.resuming) if (!ssl->options.resuming)
if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) { if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error); WOLFSSL_ERROR(ssl->error);

502
src/tls.c
View File

@@ -1891,11 +1891,6 @@ int TLSX_UseTruncatedHMAC(TLSX** extensions)
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
#ifndef HAVE_OCSP
#error Status Request Extension requires OCSP. \
Use --enable-ocsp in the configure script or define HAVE_OCSP.
#endif
static void TLSX_CSR_Free(CertificateStatusRequest* csr) static void TLSX_CSR_Free(CertificateStatusRequest* csr)
{ {
switch (csr->status_type) { switch (csr->status_type) {
@@ -1922,6 +1917,7 @@ static word16 TLSX_CSR_GetSize(CertificateStatusRequest* csr, byte isRequest)
if (csr->request.ocsp.nonceSz) if (csr->request.ocsp.nonceSz)
size += OCSP_NONCE_EXT_SZ; size += OCSP_NONCE_EXT_SZ;
break;
} }
} }
#endif #endif
@@ -1954,7 +1950,7 @@ static word16 TLSX_CSR_Write(CertificateStatusRequest* csr, byte* output,
length = EncodeOcspRequestExtensions( length = EncodeOcspRequestExtensions(
&csr->request.ocsp, &csr->request.ocsp,
output + offset + OPAQUE16_LEN, output + offset + OPAQUE16_LEN,
MAX_OCSP_EXT_SZ); OCSP_NONCE_EXT_SZ);
c16toa(length, output + offset); c16toa(length, output + offset);
offset += OPAQUE16_LEN + length; offset += OPAQUE16_LEN + length;
@@ -1972,7 +1968,7 @@ static word16 TLSX_CSR_Write(CertificateStatusRequest* csr, byte* output,
static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length, static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
byte isRequest) byte isRequest)
{ {
int ret = 0; int ret;
/* shut up compiler warnings */ /* shut up compiler warnings */
(void) ssl; (void) input; (void) ssl; (void) input;
@@ -2019,8 +2015,63 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
return length ? BUFFER_ERROR : 0; /* extension_data MUST be empty. */ return length ? BUFFER_ERROR : 0; /* extension_data MUST be empty. */
#endif #endif
} }
else {
#ifndef NO_WOLFSSL_SERVER
byte status_type;
word16 offset = 0;
word16 size = 0;
return ret; if (length < ENUM_LEN)
return BUFFER_ERROR;
status_type = input[offset++];
switch (status_type) {
case WOLFSSL_CSR_OCSP: {
/* skip responder_id_list */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
/* skip request_extensions */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
if (offset > length)
return BUFFER_ERROR;
/* is able to send OCSP response? */
if (ssl->ctx->cm == NULL || !ssl->ctx->cm->ocspStaplingEnabled)
return 0;
}
break;
}
/* if using status_request and already sending it, skip this one */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2)
return 0;
#endif
/* accept the first good status_type and return */
ret = TLSX_UseCertificateStatusRequest(&ssl->extensions, status_type,
0);
if (ret != SSL_SUCCESS)
return ret; /* throw error */
TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST);
ssl->status_request = status_type;
#endif
}
return 0;
} }
int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert) int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert)
@@ -2078,7 +2129,7 @@ int TLSX_CSR_ForceRequest(WOLFSSL* ssl)
case WOLFSSL_CSR_OCSP: case WOLFSSL_CSR_OCSP:
if (ssl->ctx->cm->ocspEnabled) if (ssl->ctx->cm->ocspEnabled)
return CheckOcspRequest(ssl->ctx->cm->ocsp, return CheckOcspRequest(ssl->ctx->cm->ocsp,
&csr->request.ocsp); &csr->request.ocsp, NULL);
else else
return OCSP_LOOKUP_FAIL; return OCSP_LOOKUP_FAIL;
} }
@@ -2144,6 +2195,420 @@ int TLSX_UseCertificateStatusRequest(TLSX** extensions, byte status_type,
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */ #endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
/******************************************************************************/
/* Certificate Status Request v2 */
/******************************************************************************/
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
static void TLSX_CSR2_FreeAll(CertificateStatusRequestItemV2* csr2)
{
CertificateStatusRequestItemV2* next;
for (; csr2; csr2 = next) {
next = csr2->next;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
while(csr2->requests--)
FreeOcspRequest(&csr2->request.ocsp[csr2->requests]);
break;
}
XFREE(csr2, NULL, DYNAMIC_TYPE_TLSX);
}
}
static word16 TLSX_CSR2_GetSize(CertificateStatusRequestItemV2* csr2,
byte isRequest)
{
word16 size = 0;
/* shut up compiler warnings */
(void) csr2; (void) isRequest;
#ifndef NO_WOLFSSL_CLIENT
if (isRequest) {
CertificateStatusRequestItemV2* next;
for (size = OPAQUE16_LEN; csr2; csr2 = next) {
next = csr2->next;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
size += ENUM_LEN + 3 * OPAQUE16_LEN;
if (csr2->request.ocsp[0].nonceSz)
size += OCSP_NONCE_EXT_SZ;
break;
}
}
}
#endif
return size;
}
static word16 TLSX_CSR2_Write(CertificateStatusRequestItemV2* csr2,
byte* output, byte isRequest)
{
/* shut up compiler warnings */
(void) csr2; (void) output; (void) isRequest;
#ifndef NO_WOLFSSL_CLIENT
if (isRequest) {
word16 offset;
word16 length;
for (offset = OPAQUE16_LEN; csr2 != NULL; csr2 = csr2->next) {
/* status_type */
output[offset++] = csr2->status_type;
/* request */
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
/* request_length */
length = 2 * OPAQUE16_LEN;
if (csr2->request.ocsp[0].nonceSz)
length += OCSP_NONCE_EXT_SZ;
c16toa(length, output + offset);
offset += OPAQUE16_LEN;
/* responder id list */
c16toa(0, output + offset);
offset += OPAQUE16_LEN;
/* request extensions */
length = 0;
if (csr2->request.ocsp[0].nonceSz)
length = EncodeOcspRequestExtensions(
&csr2->request.ocsp[0],
output + offset + OPAQUE16_LEN,
OCSP_NONCE_EXT_SZ);
c16toa(length, output + offset);
offset += OPAQUE16_LEN + length;
break;
}
}
/* list size */
c16toa(offset - OPAQUE16_LEN, output);
return offset;
}
#endif
return 0;
}
static int TLSX_CSR2_Parse(WOLFSSL* ssl, byte* input, word16 length,
byte isRequest)
{
int ret;
/* shut up compiler warnings */
(void) ssl; (void) input;
if (!isRequest) {
#ifndef NO_WOLFSSL_CLIENT
TLSX* extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data
: NULL;
if (!csr2) {
/* look at context level */
extension = TLSX_Find(ssl->ctx->extensions, TLSX_STATUS_REQUEST_V2);
csr2 = extension ? extension->data : NULL;
if (!csr2)
return BUFFER_ERROR; /* unexpected extension */
/* enable extension at ssl level */
for (; csr2; csr2 = csr2->next) {
ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions,
csr2->status_type, csr2->options);
if (ret != SSL_SUCCESS)
return ret;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI:
/* propagate nonce */
if (csr2->request.ocsp[0].nonceSz) {
OcspRequest* request =
TLSX_CSR2_GetRequest(ssl->extensions,
csr2->status_type, 0);
if (request) {
XMEMCPY(request->nonce,
csr2->request.ocsp[0].nonce,
csr2->request.ocsp[0].nonceSz);
request->nonceSz =
csr2->request.ocsp[0].nonceSz;
}
}
break;
}
}
}
ssl->status_request_v2 = 1;
return length ? BUFFER_ERROR : 0; /* extension_data MUST be empty. */
#endif
}
else {
#ifndef NO_WOLFSSL_SERVER
byte status_type;
word16 request_length;
word16 offset = 0;
word16 size = 0;
/* list size */
ato16(input + offset, &request_length);
offset += OPAQUE16_LEN;
if (length - OPAQUE16_LEN != request_length)
return BUFFER_ERROR;
while (length > offset) {
if (length - offset < ENUM_LEN + OPAQUE16_LEN)
return BUFFER_ERROR;
status_type = input[offset++];
ato16(input + offset, &request_length);
offset += OPAQUE16_LEN;
if (length - offset < request_length)
return BUFFER_ERROR;
switch (status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
/* skip responder_id_list */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
/* skip request_extensions */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
if (offset > length)
return BUFFER_ERROR;
/* is able to send OCSP response? */
if (ssl->ctx->cm == NULL
|| !ssl->ctx->cm->ocspStaplingEnabled)
continue;
break;
default:
/* unkown status type, skipping! */
offset += request_length;
continue;
}
/* if using status_request and already sending it, skip this one */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->status_request)
return 0;
#endif
/* accept the first good status_type and return */
ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions,
status_type, 0);
if (ret != SSL_SUCCESS)
return ret; /* throw error */
TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST_V2);
ssl->status_request_v2 = status_type;
return 0;
}
#endif
}
return 0;
}
int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer)
{
TLSX* extension = TLSX_Find(extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data : NULL;
int ret = 0;
for (; csr2; csr2 = csr2->next) {
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
if (!isPeer || csr2->requests != 0)
break;
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI: {
if (csr2->requests < 1 + MAX_CHAIN_DEPTH) {
byte nonce[MAX_OCSP_NONCE_SZ];
int nonceSz = csr2->request.ocsp[0].nonceSz;
/* preserve nonce, replicating nonce of ocsp[0] */
XMEMCPY(nonce, csr2->request.ocsp[0].nonce, nonceSz);
if ((ret = InitOcspRequest(
&csr2->request.ocsp[csr2->requests], cert, 0)) != 0)
return ret;
/* restore nonce */
XMEMCPY(csr2->request.ocsp[csr2->requests].nonce,
nonce, nonceSz);
csr2->request.ocsp[csr2->requests].nonceSz = nonceSz;
csr2->requests++;
}
}
break;
}
}
return ret;
}
void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type, byte index)
{
TLSX* extension = TLSX_Find(extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data : NULL;
for (; csr2; csr2 = csr2->next) {
if (csr2->status_type == status_type) {
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI:
/* requests are initialized in the reverse order */
return index < csr2->requests
? &csr2->request.ocsp[csr2->requests - index - 1]
: NULL;
break;
}
}
}
return NULL;
}
int TLSX_CSR2_ForceRequest(WOLFSSL* ssl)
{
TLSX* extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data : NULL;
/* forces only the first one */
if (csr2) {
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI:
if (ssl->ctx->cm->ocspEnabled)
return CheckOcspRequest(ssl->ctx->cm->ocsp,
&csr2->request.ocsp[0], NULL);
else
return OCSP_LOOKUP_FAIL;
}
}
return 0;
}
int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
byte options)
{
TLSX* extension = NULL;
CertificateStatusRequestItemV2* csr2 = NULL;
int ret = 0;
if (!extensions)
return BAD_FUNC_ARG;
if (status_type != WOLFSSL_CSR2_OCSP
&& status_type != WOLFSSL_CSR2_OCSP_MULTI)
return BAD_FUNC_ARG;
csr2 = (CertificateStatusRequestItemV2*)
XMALLOC(sizeof(CertificateStatusRequestItemV2), NULL, DYNAMIC_TYPE_TLSX);
if (!csr2)
return MEMORY_E;
ForceZero(csr2, sizeof(CertificateStatusRequestItemV2));
csr2->status_type = status_type;
csr2->options = options;
csr2->next = NULL;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
if (options & WOLFSSL_CSR2_OCSP_USE_NONCE) {
WC_RNG rng;
if (wc_InitRng(&rng) == 0) {
if (wc_RNG_GenerateBlock(&rng, csr2->request.ocsp[0].nonce,
MAX_OCSP_NONCE_SZ) == 0)
csr2->request.ocsp[0].nonceSz = MAX_OCSP_NONCE_SZ;
wc_FreeRng(&rng);
}
}
break;
}
/* append new item */
if ((extension = TLSX_Find(*extensions, TLSX_STATUS_REQUEST_V2))) {
CertificateStatusRequestItemV2* last =
(CertificateStatusRequestItemV2*)extension->data;
for (; last->next; last = last->next);
last->next = csr2;
}
else if ((ret = TLSX_Push(extensions, TLSX_STATUS_REQUEST_V2, csr2))) {
XFREE(csr2, NULL, DYNAMIC_TYPE_TLSX);
return ret;
}
return SSL_SUCCESS;
}
#define CSR2_FREE_ALL TLSX_CSR2_FreeAll
#define CSR2_GET_SIZE TLSX_CSR2_GetSize
#define CSR2_WRITE TLSX_CSR2_Write
#define CSR2_PARSE TLSX_CSR2_Parse
#else
#define CSR2_FREE_ALL(data)
#define CSR2_GET_SIZE(a, b) 0
#define CSR2_WRITE(a, b, c) 0
#define CSR2_PARSE(a, b, c, d) 0
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
/******************************************************************************/ /******************************************************************************/
/* Supported Elliptic Curves */ /* Supported Elliptic Curves */
/******************************************************************************/ /******************************************************************************/
@@ -3359,6 +3824,10 @@ void TLSX_FreeAll(TLSX* list)
CSR_FREE_ALL(extension->data); CSR_FREE_ALL(extension->data);
break; break;
case TLSX_STATUS_REQUEST_V2:
CSR2_FREE_ALL(extension->data);
break;
case TLSX_RENEGOTIATION_INFO: case TLSX_RENEGOTIATION_INFO:
SCR_FREE_ALL(extension->data); SCR_FREE_ALL(extension->data);
break; break;
@@ -3430,6 +3899,10 @@ static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte isRequest)
length += CSR_GET_SIZE(extension->data, isRequest); length += CSR_GET_SIZE(extension->data, isRequest);
break; break;
case TLSX_STATUS_REQUEST_V2:
length += CSR2_GET_SIZE(extension->data, isRequest);
break;
case TLSX_RENEGOTIATION_INFO: case TLSX_RENEGOTIATION_INFO:
length += SCR_GET_SIZE(extension->data, isRequest); length += SCR_GET_SIZE(extension->data, isRequest);
break; break;
@@ -3504,6 +3977,11 @@ static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore,
isRequest); isRequest);
break; break;
case TLSX_STATUS_REQUEST_V2:
offset += CSR2_WRITE(extension->data, output + offset,
isRequest);
break;
case TLSX_RENEGOTIATION_INFO: case TLSX_RENEGOTIATION_INFO:
offset += SCR_WRITE(extension->data, output + offset, offset += SCR_WRITE(extension->data, output + offset,
isRequest); isRequest);
@@ -4005,6 +4483,12 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
ret = CSR_PARSE(ssl, input + offset, size, isRequest); ret = CSR_PARSE(ssl, input + offset, size, isRequest);
break; break;
case TLSX_STATUS_REQUEST_V2:
WOLFSSL_MSG("Certificate Status Request v2 extension received");
ret = CSR2_PARSE(ssl, input + offset, size, isRequest);
break;
case TLSX_RENEGOTIATION_INFO: case TLSX_RENEGOTIATION_INFO:
WOLFSSL_MSG("Secure Renegotiation extension received"); WOLFSSL_MSG("Secure Renegotiation extension received");

23
wolfcrypt/src/asn.c
View File

@@ -8786,6 +8786,8 @@ static int DecodeSingleResponse(byte* source,
if (GetBasicDate(source, &idx, cs->nextDate, if (GetBasicDate(source, &idx, cs->nextDate,
&cs->nextDateFormat, size) < 0) &cs->nextDateFormat, size) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
if (!XVALIDATE_DATE(cs->nextDate, cs->nextDateFormat, AFTER))
return ASN_AFTER_DATE_E;
} }
if (((int)(idx - prevIndex) < wrapperSz) && if (((int)(idx - prevIndex) < wrapperSz) &&
(source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))) (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)))
@@ -9042,18 +9044,11 @@ void InitOcspResponse(OcspResponse* resp, CertStatus* status,
{ {
WOLFSSL_ENTER("InitOcspResponse"); WOLFSSL_ENTER("InitOcspResponse");
XMEMSET(status, 0, sizeof(CertStatus));
XMEMSET(resp, 0, sizeof(OcspResponse));
resp->responseStatus = -1; resp->responseStatus = -1;
resp->response = NULL;
resp->responseSz = 0;
resp->producedDateFormat = 0;
resp->issuerHash = NULL;
resp->issuerKeyHash = NULL;
resp->sig = NULL;
resp->sigSz = 0;
resp->sigOID = 0;
resp->status = status; resp->status = status;
resp->nonce = NULL;
resp->nonceSz = 0;
resp->source = source; resp->source = source;
resp->maxIdx = inSz; resp->maxIdx = inSz;
} }
@@ -9131,8 +9126,9 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
totalSz += seqSz[4] = SetSequence(totalSz, seqArray[4]); totalSz += seqSz[4] = SetSequence(totalSz, seqArray[4]);
totalSz += seqSz[5] = SetExplicit(2, totalSz, seqArray[5]); totalSz += seqSz[5] = SetExplicit(2, totalSz, seqArray[5]);
if (totalSz < size) if (totalSz > size)
{ return 0;
totalSz = 0; totalSz = 0;
XMEMCPY(output + totalSz, seqArray[5], seqSz[5]); XMEMCPY(output + totalSz, seqArray[5], seqSz[5]);
@@ -9158,7 +9154,6 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
XMEMCPY(output + totalSz, req->nonce, req->nonceSz); XMEMCPY(output + totalSz, req->nonce, req->nonceSz);
totalSz += req->nonceSz; totalSz += req->nonceSz;
}
return totalSz; return totalSz;
} }
@@ -9190,7 +9185,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
extSz = 0; extSz = 0;
if (req->nonceSz) if (req->nonceSz)
extSz = EncodeOcspRequestExtensions(req, extArray, MAX_OCSP_EXT_SZ); extSz = EncodeOcspRequestExtensions(req, extArray, OCSP_NONCE_EXT_SZ);
totalSz = algoSz + issuerSz + issuerKeySz + snSz; totalSz = algoSz + issuerSz + issuerKeySz + snSz;
for (i = 4; i >= 0; i--) { for (i = 4; i >= 0; i--) {

38
wolfcrypt/src/logging.c
View File

@@ -136,6 +136,44 @@ void WOLFSSL_MSG(const char* msg)
} }
void WOLFSSL_BUFFER(byte* buffer, word32 length)
{
#define LINE_LEN 16
if (loggingEnabled) {
word32 i;
char line[80];
if (!buffer) {
wolfssl_log(INFO_LOG, "\tNULL");
return;
}
sprintf(line, "\t");
for (i = 0; i < LINE_LEN; i++) {
if (i < length)
sprintf(line + 1 + i * 3,"%02x ", buffer[i]);
else
sprintf(line + 1 + i * 3, " ");
}
sprintf(line + 1 + LINE_LEN * 3, "| ");
for (i = 0; i < LINE_LEN; i++)
if (i < length)
sprintf(line + 3 + LINE_LEN * 3 + i,
"%c", 31 < buffer[i] && buffer[i] < 127 ? buffer[i] : '.');
wolfssl_log(INFO_LOG, line);
if (length > LINE_LEN)
WOLFSSL_BUFFER(buffer + LINE_LEN, length - LINE_LEN);
}
}
void WOLFSSL_ENTER(const char* msg) void WOLFSSL_ENTER(const char* msg)
{ {
if (loggingEnabled) { if (loggingEnabled) {

389
wolfssl/certs_test.h
View File

@@ -98,9 +98,9 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024);
/* ./certs/1024/client-cert.der, 1024-bit */ /* ./certs/1024/client-cert.der, 1024-bit */
static const unsigned char client_cert_der_1024[] = static const unsigned char client_cert_der_1024[] =
{ {
0x30, 0x82, 0x03, 0xC5, 0x30, 0x82, 0x03, 0x2E, 0xA0, 0x03, 0x30, 0x82, 0x03, 0xF9, 0x30, 0x82, 0x03, 0x62, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE3, 0xD7, 0xA0, 0xFA, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xD3, 0xDF, 0x98, 0xC4,
0x76, 0xDF, 0x2A, 0xFA, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x80, 0x1F, 0x1F, 0x6F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
@@ -118,10 +118,10 @@ static const unsigned char client_cert_der_1024[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x30, 0x37, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31, 0x32, 0x33,
0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x0D, 0x31, 0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x31, 0x30, 0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34, 0x39, 0x33,
0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x37, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@@ -153,8 +153,8 @@ static const unsigned char client_cert_der_1024[] =
0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A,
0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C,
0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9,
0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x07, 0x30, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3B, 0x30,
0x82, 0x01, 0x03, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x82, 0x01, 0x37, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD,
0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75,
0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55, 0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55,
@@ -178,23 +178,29 @@ static const unsigned char client_cert_der_1024[] =
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00,
0xE3, 0xD7, 0xA0, 0xFA, 0x76, 0xDF, 0x2A, 0xFA, 0x30, 0x0C, 0xD3, 0xDF, 0x98, 0xC4, 0x80, 0x1F, 0x1F, 0x6F, 0x30, 0x0C,
0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24, 0x30, 0x22,
0x00, 0x1D, 0xB7, 0xD5, 0x7C, 0xE1, 0xB1, 0xD8, 0xC0, 0x67, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
0x5D, 0xB5, 0xD3, 0x88, 0xE7, 0x50, 0x29, 0x71, 0x63, 0x8F, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C,
0xCC, 0x26, 0x1F, 0x33, 0x09, 0x55, 0x43, 0x9B, 0xAB, 0xC6, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x3A, 0x32,
0x1B, 0xBC, 0xC7, 0x01, 0x95, 0x1A, 0xFA, 0x65, 0xE0, 0xFD, 0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x9C, 0xEB, 0x6F, 0x0A, 0x0F, 0x14, 0xEC, 0xB5, 0x2F, 0xDC, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
0x1C, 0x30, 0xDD, 0x52, 0x97, 0xD4, 0x1C, 0x09, 0x00, 0x33, 0x81, 0x81, 0x00, 0x71, 0x39, 0xFA, 0x86, 0xC3, 0x54, 0xE5,
0x38, 0x5F, 0xCB, 0xA8, 0x16, 0x8F, 0x11, 0xB7, 0xB8, 0xD0, 0x98, 0xB5, 0xE8, 0xC3, 0xCB, 0x97, 0x2F, 0x86, 0xBF, 0xE8,
0x66, 0xE1, 0x54, 0x28, 0xF3, 0x3F, 0xBF, 0x6A, 0x6F, 0x76, 0xBC, 0xFB, 0xEB, 0xD8, 0x73, 0x97, 0x34, 0x9A, 0x16, 0xBF,
0x48, 0x2A, 0x5E, 0x56, 0xA7, 0xCE, 0x1C, 0xF0, 0x04, 0xDD, 0xE0, 0xB2, 0xBD, 0xBE, 0x7D, 0xFF, 0xA0, 0xD7, 0xE6, 0xDB,
0x17, 0xBD, 0x06, 0x78, 0x21, 0x6D, 0xD6, 0xB1, 0x9B, 0x75, 0xA3, 0x52, 0x43, 0x41, 0x60, 0xF1, 0xD7, 0xC3, 0x63, 0xC0,
0x31, 0x92, 0xC1, 0xFE, 0xD4, 0x8D, 0xD4, 0x67, 0x2F, 0x03, 0x9B, 0xE2, 0xB2, 0x28, 0x87, 0x70, 0x60, 0x5D, 0x2B, 0x5D,
0x1B, 0x27, 0x8D, 0xAB, 0xFF, 0x30, 0x3B, 0xC3, 0x7F, 0x23, 0x56, 0x15, 0x3C, 0xB1, 0x1E, 0x03, 0x53, 0x72, 0x39, 0x32,
0xE4, 0xAB, 0x5B, 0x91, 0xE1, 0x1B, 0x66, 0xE6, 0xED 0xE2, 0x47, 0x85, 0xF7, 0x8B, 0xE8, 0x38, 0x50, 0xA9, 0xC9,
0xD3, 0x52, 0x75, 0x0E, 0x16, 0x14, 0xA5, 0xA5, 0xC4, 0x9F,
0x3E, 0x73, 0xD8, 0x38, 0x79, 0xBF, 0xF7, 0x9B, 0x4D, 0x0D,
0xF3, 0xAA, 0xCE, 0xA2, 0x03, 0x84, 0x66, 0x14, 0xC9, 0x01,
0xF5, 0x86, 0xA5, 0x66, 0xA1, 0xCA, 0x6A, 0x71, 0x5F, 0x2D,
0x31, 0x8E, 0x1C, 0xCC, 0x0C, 0xE6, 0x46, 0x99, 0x5D, 0x0A,
0x4C
}; };
static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024); static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024);
@@ -775,9 +781,9 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048);
/* ./certs/client-cert.der, 2048-bit */ /* ./certs/client-cert.der, 2048-bit */
static const unsigned char client_cert_der_2048[] = static const unsigned char client_cert_der_2048[] =
{ {
0x30, 0x82, 0x04, 0xCA, 0x30, 0x82, 0x03, 0xB2, 0xA0, 0x03, 0x30, 0x82, 0x04, 0xFE, 0x30, 0x82, 0x03, 0xE6, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xAA, 0x27, 0xB3, 0xC5, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x95, 0x90, 0x12, 0x9B,
0xA9, 0x72, 0x6E, 0x0D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x22, 0xA1, 0x50, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
@@ -795,10 +801,10 @@ static const unsigned char client_cert_der_2048[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x30, 0x37, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31, 0x32, 0x33,
0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x0D, 0x31, 0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x31, 0x30, 0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34, 0x39, 0x33,
0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x37, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@@ -844,7 +850,7 @@ static const unsigned char client_cert_der_2048[] =
0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15,
0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1,
0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01,
0x07, 0x30, 0x82, 0x01, 0x03, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x3B, 0x30, 0x82, 0x01, 0x37, 0x30, 0x1D, 0x06, 0x03, 0x55,
0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66,
0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91,
0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06,
@@ -868,37 +874,42 @@ static const unsigned char client_cert_der_2048[] =
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
0x09, 0x00, 0xAA, 0x27, 0xB3, 0xC5, 0xA9, 0x72, 0x6E, 0x0D, 0x09, 0x00, 0x95, 0x90, 0x12, 0x9B, 0x22, 0xA1, 0x50, 0x40,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24,
0x82, 0x01, 0x01, 0x00, 0x51, 0x96, 0xA7, 0x1C, 0x26, 0x5D, 0x30, 0x22, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
0x1C, 0x90, 0xC6, 0x32, 0x9F, 0x96, 0x15, 0xF2, 0x1D, 0xE7, 0x30, 0x01, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F,
0x93, 0x9C, 0xAC, 0x75, 0x56, 0x95, 0xFD, 0x20, 0x70, 0xAB, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74,
0x45, 0x6A, 0x09, 0xB0, 0xF3, 0xF2, 0x03, 0xA8, 0xDB, 0xDC, 0x3A, 0x32, 0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09,
0x2F, 0xBC, 0x1F, 0x87, 0x7A, 0xA3, 0xD4, 0x8F, 0xD5, 0x49, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05,
0x97, 0x7E, 0x3C, 0x54, 0xAC, 0xB1, 0xE3, 0xF0, 0x39, 0x0D, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x7B, 0x91, 0x63, 0x8D,
0xFE, 0x09, 0x9A, 0x23, 0xF6, 0x32, 0xA6, 0x41, 0x59, 0xBD, 0x39, 0x54, 0x64, 0x3C, 0xB4, 0x3F, 0xD5, 0xC8, 0x4F, 0xBF,
0x60, 0xE8, 0xBD, 0xDE, 0x00, 0x36, 0x6F, 0x3E, 0xE9, 0x41, 0x0B, 0xBF, 0xAF, 0x5C, 0x9C, 0x41, 0xC7, 0x0B, 0x52, 0x6D,
0x6F, 0xA9, 0x63, 0xC7, 0xAA, 0xD5, 0x7B, 0xF3, 0xE4, 0x39, 0xC6, 0xF0, 0xDE, 0x7C, 0xFF, 0x9B, 0x4E, 0xFE, 0xF3, 0x22,
0x48, 0x9E, 0xF6, 0x60, 0xC6, 0xC6, 0x86, 0xD5, 0x72, 0x86, 0xA5, 0x00, 0x13, 0x9F, 0x81, 0xE4, 0x6D, 0x70, 0x2C, 0xF9,
0x23, 0xCD, 0xF5, 0x6A, 0x63, 0x53, 0xA4, 0xF8, 0xFC, 0x51, 0x7A, 0xF4, 0xD8, 0x50, 0xBE, 0x72, 0xE1, 0x04, 0x8B, 0xB0,
0x6A, 0xCD, 0x60, 0x74, 0x8E, 0xA3, 0x86, 0x61, 0x01, 0x34, 0x05, 0xE3, 0x61, 0x82, 0x3F, 0x65, 0xDE, 0xF9, 0xE9, 0xD3,
0x78, 0xF7, 0x29, 0x97, 0xB3, 0xA7, 0x34, 0xB6, 0x0A, 0xDE, 0x3D, 0x97, 0x7D, 0x88, 0xB7, 0x99, 0x85, 0xC1, 0xE5, 0x5C,
0xB5, 0x71, 0x7A, 0x09, 0xA6, 0x3E, 0xD6, 0x82, 0x58, 0x89, 0x57, 0xA7, 0x9C, 0x1F, 0xF2, 0xB8, 0xCE, 0xEC, 0xD7, 0xD1,
0x67, 0x9C, 0xC5, 0x68, 0x62, 0xBA, 0x06, 0xD6, 0x39, 0xBB, 0x9B, 0xEC, 0xFB, 0x0E, 0x6F, 0x02, 0xAD, 0x51, 0xC0, 0x76,
0xCB, 0x3A, 0xC0, 0xE0, 0x63, 0x1F, 0xC7, 0x0C, 0x9C, 0x12, 0xDD, 0x66, 0x0A, 0xCE, 0x0D, 0x09, 0xE6, 0xA8, 0x42, 0xB0,
0x86, 0xEC, 0xF7, 0x39, 0x6A, 0x61, 0x93, 0xD0, 0x33, 0x14, 0x06, 0xC3, 0x04, 0xE7, 0x1C, 0xC7, 0x10, 0x83, 0x07, 0xF2,
0xC6, 0x55, 0x3B, 0xB6, 0xCF, 0x80, 0x5B, 0x8C, 0x43, 0xEF, 0xE6, 0x11, 0x1A, 0xCD, 0xA7, 0xB9, 0x7E, 0x17, 0xEF, 0xEA,
0x43, 0x44, 0x0B, 0x3C, 0x93, 0x39, 0xA3, 0x4E, 0x15, 0xD1, 0x63, 0x9C, 0xF2, 0xA5, 0xBE, 0x6B, 0xB6, 0xDF, 0xEB, 0x5A,
0x0B, 0x5F, 0x84, 0x98, 0x1D, 0xCD, 0x9F, 0xA9, 0x47, 0xEB, 0x75, 0x01, 0x59, 0x05, 0xF7, 0xEC, 0x49, 0x75, 0x10, 0xDD,
0x3B, 0x56, 0x30, 0xB6, 0x76, 0x92, 0xC1, 0x48, 0x5F, 0xBC, 0x40, 0x1A, 0x25, 0x25, 0x4F, 0x78, 0x6E, 0xE1, 0x92, 0x21,
0x95, 0xB0, 0x50, 0x1A, 0x55, 0xC8, 0x4E, 0x62, 0x47, 0x87, 0xB5, 0xB8, 0x82, 0x2F, 0x33, 0xB3, 0x5B, 0xB6, 0x81, 0xB8,
0x54, 0x64, 0x0C, 0x9B, 0x91, 0xFA, 0x43, 0xB3, 0x29, 0x48, 0xB1, 0xA4, 0x0C, 0x8D, 0x98, 0x74, 0x74, 0xDA, 0x0D, 0x90,
0xBE, 0xE6, 0x12, 0xEB, 0xE3, 0x44, 0xC6, 0x52, 0xE4, 0x40, 0x33, 0xC8, 0xA7, 0xAA, 0x0D, 0x06, 0x5A, 0x04, 0xEB, 0x37,
0xC6, 0x83, 0x95, 0x1B, 0xA7, 0x65, 0x27, 0x69, 0x73, 0x2F, 0xD3, 0xE4, 0x55, 0x0C, 0x93, 0xB6, 0xC8, 0x3A, 0xE8, 0xA7,
0xC8, 0xA0, 0x4D, 0x7F, 0xBE, 0xEA, 0x9B, 0x67, 0xB2, 0x7B 0x2B, 0x4E, 0xB8, 0x90, 0xBB, 0x36, 0x0B, 0xDB, 0x7F, 0x2E,
0x99, 0x23, 0x76, 0x68, 0x81, 0xA8, 0x73, 0x74, 0xE7, 0x68,
0xFB, 0x1D, 0xFF, 0x5B, 0xEC, 0xB5, 0x6B, 0x30, 0xD1, 0xD0,
0x2B, 0x89, 0xA6, 0xC6, 0xA9, 0xFC, 0x03, 0x66, 0xFE, 0xB5,
0x8C, 0xAF, 0xDE, 0x8E, 0x2A, 0xB4, 0x78, 0x9C, 0xD7, 0x4A,
0xFC, 0x9C, 0xC4, 0x7C, 0x19, 0x20, 0x83, 0x0E, 0xFD, 0x3F,
0x4D, 0xA7
}; };
static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048); static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048);
@@ -1154,9 +1165,9 @@ static const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048);
/* ./certs/ca-cert.der, 2048-bit */ /* ./certs/ca-cert.der, 2048-bit */
static const unsigned char ca_cert_der_2048[] = static const unsigned char ca_cert_der_2048[] =
{ {
0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03, 0x30, 0x82, 0x04, 0xE0, 0x30, 0x82, 0x03, 0xC8, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xD9, 0x80, 0x3A, 0xC3, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA6, 0x66, 0x38, 0x49,
0xD2, 0xF4, 0xDA, 0x37, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x45, 0x9B, 0xDC, 0x81, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
@@ -1173,10 +1184,10 @@ static const unsigned char ca_cert_der_2048[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x30, 0x37, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31, 0x32, 0x33,
0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x0D, 0x31, 0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x31, 0x30, 0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34, 0x39, 0x33,
0x31, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x37, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@@ -1220,60 +1231,66 @@ static const unsigned char ca_cert_der_2048[] =
0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52,
0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9,
0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED,
0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01,
0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x31, 0x30, 0x82, 0x01, 0x2D, 0x30, 0x1D, 0x06, 0x03, 0x55,
0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11,
0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4,
0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06,
0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE,
0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D,
0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5,
0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81,
0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31,
0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A,
0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C,
0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73,
0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
0xD9, 0x80, 0x3A, 0xC3, 0xD2, 0xF4, 0xDA, 0x37, 0x30, 0x0C, 0x09, 0x00, 0xA6, 0x66, 0x38, 0x49, 0x45, 0x9B, 0xDC, 0x81,
0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06,
0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24,
0x01, 0x00, 0x7A, 0xAF, 0x44, 0x3B, 0xAA, 0x6F, 0x53, 0x42, 0x30, 0x22, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
0xB2, 0x33, 0xAA, 0x43, 0x5F, 0x56, 0x30, 0xD3, 0xB9, 0x96, 0x30, 0x01, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F,
0x0B, 0x9A, 0x55, 0x5A, 0x39, 0x2A, 0x0B, 0x4E, 0xE4, 0x2E, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74,
0xF1, 0x95, 0x66, 0xC9, 0x86, 0x36, 0x82, 0x8D, 0x63, 0x7C, 0x3A, 0x32, 0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09,
0x4D, 0xA2, 0xEE, 0x48, 0xBA, 0x03, 0xC7, 0x90, 0xD7, 0xA7, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05,
0xC6, 0x74, 0x60, 0x48, 0x5F, 0x31, 0xA2, 0xF9, 0x5E, 0x3E, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x41, 0x8F, 0xFB, 0x6B,
0xC3, 0x82, 0xE1, 0xE5, 0x2F, 0x41, 0x81, 0x83, 0x29, 0x25, 0x65, 0x6B, 0x36, 0xF2, 0x56, 0x4F, 0x0C, 0x48, 0xB0, 0x4D,
0x79, 0xD1, 0x53, 0x00, 0x69, 0x3C, 0xED, 0x0A, 0x30, 0x3B, 0x8C, 0xC2, 0xCB, 0xD6, 0x58, 0x7A, 0x83, 0x3A, 0x30, 0x7D,
0x41, 0x1D, 0x92, 0xA1, 0x2C, 0xA8, 0x9D, 0x2C, 0xE3, 0x23, 0x62, 0x7B, 0x86, 0xF1, 0x15, 0x26, 0xB3, 0x26, 0x02, 0x77,
0x87, 0x79, 0xE0, 0x55, 0x6E, 0x91, 0xA8, 0x50, 0xDA, 0x46, 0xF2, 0xC8, 0x57, 0xE5, 0x1E, 0x60, 0x68, 0x8B, 0xA4, 0xE8,
0x2F, 0xC2, 0x20, 0x50, 0x3E, 0x2B, 0x47, 0x97, 0x14, 0xB0, 0xF3, 0xA8, 0xB2, 0x88, 0xA4, 0x2F, 0xE8, 0x6E, 0x25, 0x8D,
0x7D, 0x04, 0xBA, 0x45, 0x51, 0xD0, 0x6E, 0xE1, 0x5A, 0xA2, 0x6B, 0xDC, 0x53, 0xAB, 0x2F, 0xD3, 0x47, 0x8C, 0xD6, 0x27,
0x4B, 0x84, 0x9C, 0x4D, 0xCD, 0x85, 0x04, 0xF9, 0x28, 0x31, 0xAB, 0x39, 0xBC, 0xD3, 0xCA, 0xD8, 0x01, 0x96, 0xA4, 0x44,
0x82, 0x93, 0xBC, 0xC7, 0x59, 0x49, 0x91, 0x03, 0xE8, 0xDF, 0x57, 0x38, 0x93, 0xAB, 0xC3, 0xF3, 0x95, 0x67, 0x7F, 0xCF,
0x6A, 0xE4, 0x56, 0xAD, 0x6A, 0xCB, 0x1F, 0x0D, 0x37, 0xE4, 0x25, 0x1D, 0xB7, 0x04, 0xDC, 0x06, 0xC9, 0x5D, 0x24, 0xC1,
0x5E, 0xBD, 0xE7, 0x9F, 0xD5, 0xEC, 0x9D, 0x3C, 0x18, 0x25, 0x54, 0x13, 0x71, 0x81, 0x21, 0x31, 0xEE, 0x9F, 0xB4, 0x9D,
0x9B, 0xF1, 0x2F, 0x50, 0x7D, 0xEB, 0x31, 0xCB, 0xF1, 0x63, 0xCE, 0x98, 0x66, 0xA4, 0xA0, 0x77, 0xC1, 0x88, 0x18, 0xA4,
0x22, 0x9D, 0x57, 0xFC, 0xF3, 0x84, 0x20, 0x1A, 0xC6, 0x07, 0xD1, 0x36, 0xEE, 0xCD, 0xD8, 0xC1, 0x1B, 0xBC, 0x03, 0xD6,
0x87, 0x92, 0x26, 0x9E, 0x15, 0x18, 0x59, 0x33, 0x06, 0xDC, 0x85, 0x9A, 0x2E, 0x21, 0x82, 0x95, 0x4C, 0xB2, 0x2A, 0xFE,
0xFB, 0xB0, 0xB6, 0x76, 0x5D, 0xF1, 0xC1, 0x2F, 0xC8, 0x2F, 0x69, 0xDB, 0xAC, 0xE4, 0x97, 0xE1, 0xE9, 0x0E, 0xF1, 0xD3,
0x62, 0x9C, 0xC0, 0xD6, 0xDE, 0xEB, 0x65, 0x77, 0xF3, 0x5C, 0xEF, 0x20, 0x86, 0x03, 0x01, 0x66, 0x6B, 0xF0, 0x26, 0x0F,
0xA6, 0xC3, 0x88, 0x27, 0x96, 0x75, 0xB4, 0xF4, 0x54, 0xCD, 0x39, 0x04, 0x26, 0xF5, 0x42, 0x98, 0x3F, 0x95, 0x48, 0x5F,
0xFF, 0x2D, 0x21, 0x2E, 0x96, 0xF0, 0x07, 0x73, 0x4B, 0xE9, 0xB5, 0x5D, 0xBC, 0x49, 0x4C, 0x81, 0x38, 0xD5, 0xE9, 0x72,
0x93, 0x92, 0x90, 0xDE, 0x62, 0xD9, 0xA3, 0x3B, 0xAC, 0x6E, 0x32, 0x1C, 0x66, 0x1B, 0x12, 0x80, 0x0F, 0xDB, 0x99, 0xF0,
0x24, 0x5F, 0x27, 0x4A, 0xB3, 0x94, 0x70, 0xFF, 0x30, 0x17, 0x97, 0x67, 0x61, 0x79, 0xAD, 0xAB, 0xBE, 0x6A, 0xEA, 0xAA,
0xE7, 0x7E, 0x32, 0x8F, 0x65, 0xB7, 0x75, 0x58 0xCC, 0x3D, 0xF9, 0x40, 0x99, 0x00, 0x93, 0xBB, 0xDF, 0x4B,
0x41, 0xD4, 0x7F, 0xF1, 0x93, 0xB2, 0x70, 0x83, 0x3A, 0xE3,
0x6B, 0x44, 0x4B, 0x1F, 0x9F, 0x77, 0x53, 0xEA, 0x5D, 0xE6,
0x59, 0x1E, 0xC0, 0x2D, 0x4B, 0x83, 0xD6, 0xF4, 0xA3, 0xD4,
0xA9, 0xC3, 0x91, 0x12, 0xE7, 0x61, 0x3F, 0x56, 0x9D, 0x8F,
0xB8, 0x19, 0x29, 0x62, 0x1B, 0x58, 0xDF, 0x73, 0x99, 0x1F,
0x49, 0x63
}; };
static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
@@ -1406,7 +1423,7 @@ static const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048);
/* ./certs/server-cert.der, 2048-bit */ /* ./certs/server-cert.der, 2048-bit */
static const unsigned char server_cert_der_2048[] = static const unsigned char server_cert_der_2048[] =
{ {
0x30, 0x82, 0x04, 0x9E, 0x30, 0x82, 0x03, 0x86, 0xA0, 0x03, 0x30, 0x82, 0x04, 0xD4, 0x30, 0x82, 0x03, 0xBC, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05,
0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03,
@@ -1424,10 +1441,10 @@ static const unsigned char server_cert_der_2048[] =
0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31,
0x30, 0x37, 0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x32, 0x33, 0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17,
0x0D, 0x31, 0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x0D, 0x31, 0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34,
0x31, 0x30, 0x31, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, 0x39, 0x33, 0x37, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
@@ -1471,60 +1488,66 @@ static const unsigned char server_cert_der_2048[] =
0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20,
0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61,
0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7,
0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x30, 0x81, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x31, 0x30,
0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x82, 0x01, 0x2D, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, 0x04, 0x16, 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98,
0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, 0x1F, 0x0E, 0x84, 0xE2, 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA,
0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55,
0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14,
0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED,
0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5,
0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C,
0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11,
0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53,
0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30,
0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F,
0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18,
0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77,
0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xD9, 0x80, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00,
0x3A, 0xC3, 0xD2, 0xF4, 0xDA, 0x37, 0x30, 0x0C, 0x06, 0x03, 0xA6, 0x66, 0x38, 0x49, 0x45, 0x9B, 0xDC, 0x81, 0x30, 0x0C,
0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24, 0x30, 0x22,
0x67, 0xC0, 0x2C, 0xA9, 0x43, 0x47, 0xE7, 0x11, 0x14, 0x77, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
0xAE, 0xCC, 0xD8, 0xE0, 0x6B, 0x23, 0x82, 0x91, 0x63, 0xE8, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C,
0xA8, 0x0D, 0x21, 0xC5, 0xC8, 0x47, 0x97, 0x2F, 0xD5, 0xF3, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x3A, 0x32,
0x86, 0xFB, 0x6C, 0xCE, 0x25, 0xF9, 0x7C, 0x78, 0xC8, 0x3A, 0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x22, 0x68, 0xF2, 0x16, 0x1E, 0xD2, 0xD2, 0x3F, 0x24, 0x04, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
0x87, 0xF2, 0xB7, 0xC1, 0x62, 0x63, 0xBA, 0xC5, 0xFA, 0xAE, 0x82, 0x01, 0x01, 0x00, 0x71, 0x17, 0x8F, 0x6F, 0x7D, 0xD6,
0xD2, 0x20, 0x81, 0x1A, 0xD2, 0x0C, 0xAE, 0x26, 0x6B, 0x1B, 0x11, 0x01, 0x79, 0xAC, 0xE9, 0xC2, 0xFB, 0x71, 0x69, 0x6B,
0x2B, 0x10, 0xD3, 0xE1, 0x9A, 0x4E, 0x64, 0x6C, 0x97, 0xDB, 0x0C, 0x64, 0x91, 0xC1, 0x32, 0x8B, 0x9C, 0x62, 0x72, 0xB5,
0x36, 0xA8, 0x8F, 0xF8, 0x05, 0x63, 0xBF, 0xBA, 0x0D, 0x88, 0x62, 0xBB, 0xF8, 0xCF, 0x6C, 0x27, 0xDF, 0xF0, 0x64, 0xD6,
0x0B, 0x87, 0x46, 0xC9, 0xE4, 0x64, 0xE3, 0xD7, 0xBD, 0xB8, 0x4A, 0x55, 0x4F, 0x7F, 0x4A, 0x8B, 0x7B, 0x80, 0x5B, 0x3C,
0x2D, 0xD5, 0xC1, 0xC3, 0xC4, 0xDB, 0x55, 0x68, 0xDC, 0xA3, 0xA0, 0x31, 0xB0, 0x25, 0x92, 0x02, 0x02, 0x9C, 0x99, 0xA5,
0x7A, 0x40, 0xB9, 0xA9, 0xF6, 0x04, 0x4A, 0x22, 0xCF, 0x98, 0x8E, 0x0C, 0x61, 0xEF, 0xB4, 0x1E, 0x01, 0x2E, 0x1C, 0xE9,
0x76, 0x1C, 0xE4, 0xA3, 0xFF, 0x79, 0x19, 0x96, 0x57, 0x63, 0x9C, 0x59, 0x2D, 0xEF, 0x6E, 0x03, 0x4D, 0xF1, 0x59, 0xE5,
0x07, 0x6F, 0xF6, 0x32, 0x77, 0x16, 0x50, 0x9B, 0xE3, 0x34, 0x5F, 0x69, 0x66, 0x5C, 0x0A, 0xE6, 0xCD, 0xF6, 0x74, 0x20,
0x18, 0xD4, 0xEB, 0xBE, 0xFD, 0xB6, 0x6F, 0xE3, 0xC7, 0xF6, 0x86, 0x4C, 0xF6, 0x8F, 0x22, 0x86, 0x68, 0x7E, 0xFE, 0x67,
0x85, 0xBF, 0xAC, 0x32, 0xAD, 0x98, 0x57, 0xBE, 0x13, 0x92, 0x3F, 0x3D, 0x19, 0xB8, 0x61, 0xEF, 0xC5, 0xA5, 0x58, 0xA8,
0x44, 0x10, 0xA5, 0xF3, 0xAE, 0xE2, 0x66, 0xDA, 0x44, 0xA9, 0x2A, 0xCE, 0xD3, 0x2C, 0xA7, 0x1B, 0xDD, 0xC8, 0x59, 0xC7,
0x94, 0x71, 0x3F, 0xD0, 0x2F, 0x20, 0x59, 0x87, 0xE4, 0x5A, 0xE7, 0xCF, 0x42, 0x42, 0xDB, 0xAF, 0xFE, 0x15, 0x82, 0xC9,
0x40, 0xEE, 0xD2, 0xE4, 0x0C, 0xCE, 0x25, 0x94, 0xDC, 0x0F, 0xE5, 0x53, 0xFA, 0xB4, 0x37, 0x55, 0x67, 0x47, 0x0F, 0xE7,
0xFE, 0x38, 0xE0, 0x41, 0x52, 0x34, 0x5C, 0xBB, 0xC3, 0xDB, 0x24, 0x88, 0x14, 0xA3, 0x6C, 0xBE, 0x5F, 0x72, 0x05, 0x5F,
0xC1, 0x5F, 0x76, 0xC3, 0x5D, 0x0E, 0x32, 0x69, 0x2B, 0x9D, 0x56, 0x33, 0xAA, 0x7F, 0xAC, 0x2E, 0x10, 0x92, 0xB7, 0xA2,
0x01, 0xED, 0x50, 0x1B, 0x4F, 0x77, 0xA9, 0xA9, 0xD8, 0x71, 0xF9, 0xC1, 0x62, 0x0C, 0x3B, 0x0C, 0x69, 0x9A, 0x71, 0x15,
0x30, 0xCB, 0x2E, 0x2C, 0x70, 0x00, 0xAB, 0x78, 0x4B, 0xD7, 0x11, 0xBC, 0x37, 0xBF, 0x8E, 0x23, 0x14, 0xC2, 0xB1, 0x0D,
0x15, 0xD9, 0x17, 0xF8, 0x64, 0xB2, 0xF7, 0x3A, 0xDA, 0xE1, 0xDF, 0x89, 0x45, 0x1E, 0xDF, 0x14, 0xE8, 0x95, 0x35, 0x88,
0x0B, 0x8B, 0x0A, 0xE1, 0x4E, 0xB1, 0x03, 0x46, 0x14, 0xCA, 0x27, 0xA8, 0xAB, 0xDD, 0x7C, 0x23, 0x3F, 0xBB, 0xFE, 0x4E,
0x94, 0xE3, 0x44, 0x77, 0xD7, 0x59 0x0E, 0xEA, 0xA6, 0xEE, 0xF5, 0x77, 0xFB, 0xAA, 0xB8, 0x28,
0x33, 0xF9, 0x61, 0xB0, 0xD2, 0x79, 0x46, 0xA4, 0xBA, 0xA0,
0x90, 0xC8, 0xE7, 0x96, 0x8F, 0x27, 0xE9, 0x1E, 0xD0, 0x92,
0x43, 0xBB, 0x84, 0xC7, 0xF3, 0x28, 0x0C, 0x41, 0xAA, 0x77,
0x39, 0x65, 0xAA, 0x0D, 0x02, 0xB0, 0xE0, 0x4D, 0xB1, 0x17,
0x41, 0xC9, 0xF0, 0xD4, 0x47, 0x87, 0xFB, 0x0F, 0xF0, 0x40
}; };
static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048); static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048);

43
wolfssl/internal.h
View File

@@ -1373,6 +1373,10 @@ struct WOLFSSL_CERT_MANAGER {
void* heap; /* heap helper */ void* heap; /* heap helper */
WOLFSSL_CRL* crl; /* CRL checker */ WOLFSSL_CRL* crl; /* CRL checker */
WOLFSSL_OCSP* ocsp; /* OCSP checker */ WOLFSSL_OCSP* ocsp; /* OCSP checker */
#if !defined(NO_WOLFSSL_SEVER) && (defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
WOLFSSL_OCSP* ocsp_stapling; /* OCSP checker for OCSP stapling */
#endif
char* ocspOverrideURL; /* use this responder */ char* ocspOverrideURL; /* use this responder */
void* ocspIOCtx; /* I/O callback CTX */ void* ocspIOCtx; /* I/O callback CTX */
CallbackCACache caCacheCallback; /* CA cache addition callback */ CallbackCACache caCacheCallback; /* CA cache addition callback */
@@ -1386,6 +1390,7 @@ struct WOLFSSL_CERT_MANAGER {
byte ocspCheckAll; /* always leaf, but all ? */ byte ocspCheckAll; /* always leaf, but all ? */
byte ocspSendNonce; /* send the OCSP nonce ? */ byte ocspSendNonce; /* send the OCSP nonce ? */
byte ocspUseOverrideURL; /* ignore cert's responder, override */ byte ocspUseOverrideURL; /* ignore cert's responder, override */
byte ocspStaplingEnabled; /* is OCSP Stapling on ? */
}; };
WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*); WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*);
@@ -1476,6 +1481,7 @@ typedef enum {
TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stappling */ TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stappling */
TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */ TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */
TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */ TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stappling v2 */
TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */ TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */
TLSX_SESSION_TICKET = 0x0023, TLSX_SESSION_TICKET = 0x0023,
TLSX_RENEGOTIATION_INFO = 0xff01 TLSX_RENEGOTIATION_INFO = 0xff01
@@ -1510,6 +1516,7 @@ WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length,
|| defined(HAVE_MAX_FRAGMENT) \ || defined(HAVE_MAX_FRAGMENT) \
|| defined(HAVE_TRUNCATED_HMAC) \ || defined(HAVE_TRUNCATED_HMAC) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ || defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) \
|| defined(HAVE_SUPPORTED_CURVES) \ || defined(HAVE_SUPPORTED_CURVES) \
|| defined(HAVE_ALPN) \ || defined(HAVE_ALPN) \
|| defined(HAVE_QSH) \ || defined(HAVE_QSH) \
@@ -1600,6 +1607,28 @@ WOLFSSL_LOCAL int TLSX_CSR_ForceRequest(WOLFSSL* ssl);
#endif #endif
/** Certificate Status Request v2 - RFC 6961 */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
typedef struct CSRIv2 {
byte status_type;
byte options;
word16 requests;
union {
OcspRequest ocsp[1 + MAX_CHAIN_DEPTH];
} request;
struct CSRIv2* next;
} CertificateStatusRequestItemV2;
WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequestV2(TLSX** extensions,
byte status_type, byte options);
WOLFSSL_LOCAL int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer);
WOLFSSL_LOCAL void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type,
byte index);
WOLFSSL_LOCAL int TLSX_CSR2_ForceRequest(WOLFSSL* ssl);
#endif
/** Supported Elliptic Curves - RFC 4492 (session 4) */ /** Supported Elliptic Curves - RFC 4492 (session 4) */
#ifdef HAVE_SUPPORTED_CURVES #ifdef HAVE_SUPPORTED_CURVES
@@ -1775,6 +1804,15 @@ struct WOLFSSL_CTX {
#endif #endif
#ifdef HAVE_TLS_EXTENSIONS #ifdef HAVE_TLS_EXTENSIONS
TLSX* extensions; /* RFC 6066 TLS Extensions data */ TLSX* extensions; /* RFC 6066 TLS Extensions data */
#ifndef NO_WOLFSSL_SERVER
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
OcspRequest* certOcspRequest;
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
OcspRequest* chainOcspRequest[MAX_CHAIN_DEPTH];
#endif
#endif
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SEVER) #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SEVER)
SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */ SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */
void* ticketEncCtx; /* session encrypt context */ void* ticketEncCtx; /* session encrypt context */
@@ -2043,6 +2081,7 @@ enum AcceptState {
ACCEPT_FIRST_REPLY_DONE, ACCEPT_FIRST_REPLY_DONE,
SERVER_HELLO_SENT, SERVER_HELLO_SENT,
CERT_SENT, CERT_SENT,
CERT_STATUS_SENT,
KEY_EXCHANGE_SENT, KEY_EXCHANGE_SENT,
CERT_REQ_SENT, CERT_REQ_SENT,
SERVER_HELLO_DONE, SERVER_HELLO_DONE,
@@ -2497,6 +2536,9 @@ struct WOLFSSL {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
byte status_request; byte status_request;
#endif #endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
byte status_request_v2;
#endif
#ifdef HAVE_SECURE_RENEGOTIATION #ifdef HAVE_SECURE_RENEGOTIATION
SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */ SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
#endif /* user turned on */ #endif /* user turned on */
@@ -2660,6 +2702,7 @@ WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32);
WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int); WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
WOLFSSL_LOCAL int SendCertificate(WOLFSSL*); WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*); WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateStatus(WOLFSSL*);
WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*); WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*);
WOLFSSL_LOCAL int SendBuffered(WOLFSSL*); WOLFSSL_LOCAL int SendBuffered(WOLFSSL*);
WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int); WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int);

4
wolfssl/ocsp.h
View File

@@ -39,9 +39,9 @@ typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*); WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic); WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*); WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*, void*);
WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp, WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp,
OcspRequest* ocspRequest); OcspRequest* ocspRequest, void*);
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */

33
wolfssl/ssl.h
View File

@@ -1269,6 +1269,9 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*, WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*,
CbOCSPIO, CbOCSPRespFree, void*); CbOCSPIO, CbOCSPRespFree, void*);
WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling(
WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options); WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl); WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int); WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int);
@@ -1287,6 +1290,8 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*); WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*);
WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*, WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*,
CbOCSPIO, CbOCSPRespFree, void*); CbOCSPIO, CbOCSPRespFree, void*);
WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
#endif /* !NO_CERTS */ #endif /* !NO_CERTS */
/* end of handshake frees temporary arrays, if user needs for get_keys or /* end of handshake frees temporary arrays, if user needs for get_keys or
@@ -1425,10 +1430,34 @@ enum {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
WOLFSSL_API int wolfSSL_UseCertificateStatusRequest(WOLFSSL* ssl, WOLFSSL_API int wolfSSL_UseOCSPStapling(WOLFSSL* ssl,
unsigned char status_type, unsigned char options); unsigned char status_type, unsigned char options);
WOLFSSL_API int wolfSSL_CTX_UseCertificateStatusRequest(WOLFSSL_CTX* ctx, WOLFSSL_API int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx,
unsigned char status_type, unsigned char options);
#endif
#endif
/* Certificate Status Request v2 */
/* Certificate Status Type */
enum {
WOLFSSL_CSR2_OCSP = 1,
WOLFSSL_CSR2_OCSP_MULTI = 2
};
/* Certificate Status v2 Options (flags) */
enum {
WOLFSSL_CSR2_OCSP_USE_NONCE = 0x01
};
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_API int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl,
unsigned char status_type, unsigned char options);
WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
unsigned char status_type, unsigned char options); unsigned char status_type, unsigned char options);
#endif #endif

3
wolfssl/wolfcrypt/asn.h
View File

@@ -684,6 +684,9 @@ struct CertStatus {
byte nextDate[MAX_DATE_SIZE]; byte nextDate[MAX_DATE_SIZE];
byte thisDateFormat; byte thisDateFormat;
byte nextDateFormat; byte nextDateFormat;
byte* rawOcspResponse;
word32 rawOcspResponseSz;
}; };

2
wolfssl/wolfcrypt/logging.h
View File

@@ -56,6 +56,7 @@ WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
void WOLFSSL_ERROR(int); void WOLFSSL_ERROR(int);
void WOLFSSL_MSG(const char* msg); void WOLFSSL_MSG(const char* msg);
void WOLFSSL_BUFFER(byte* buffer, word32 length);
#else /* DEBUG_WOLFSSL */ #else /* DEBUG_WOLFSSL */
@@ -65,6 +66,7 @@ WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
#define WOLFSSL_ERROR(e) #define WOLFSSL_ERROR(e)
#define WOLFSSL_MSG(m) #define WOLFSSL_MSG(m)
#define WOLFSSL_BUFFER(b, l)
#endif /* DEBUG_WOLFSSL */ #endif /* DEBUG_WOLFSSL */