mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 18:40:49 +02:00
4578e1390f
OCSP Responder Core API: - Add new public API for creating and managing an OCSP responder - Add public wrappers for internal OCSP request/response functions - OcspRespCheck: fix check when authorized responder is loaded into CM Header Cleanup: - Remove circular dependency when including `#include <wolfssl/wolfcrypt/asn.h>` from wolfssl/wolfcrypt/ecc.h and wolfssl/wolfcrypt/rsa.h OCSP Responder Example (examples/ocsp_responder/): - Add a command-line OCSP responder for interoperability testing with OpenSSL's `openssl ocsp` client Test Scripts (scripts/): - ocsp-responder-openssl-interop.test: Tests wolfSSL OCSP responder with `openssl ocsp` client - ocsp-stapling-with-wolfssl-responder.test: Tests wolfSSL OCSP responder when doing OCSP stapling Certificate Infrastructure (certs/ocsp/): - Add DER-format certificates and keys for OCSP testing - Update renewcerts.sh to generate DER versions Known Limitations (documented in src/ocsp.c header comment): - Single request/response per OCSP exchange only - Key-hash responder ID only (no name-based responder ID) - No singleExtensions support
158 lines
4.6 KiB
Plaintext
158 lines
4.6 KiB
Plaintext
# vim:ft=automake
|
|
# included from Top Level Makefile.am
|
|
# All paths should be given relative to the root
|
|
|
|
|
|
|
|
if BUILD_SNIFFTEST
|
|
dist_noinst_SCRIPTS+= scripts/sniffer-testsuite.test
|
|
endif
|
|
|
|
if BUILD_EXAMPLE_SERVERS
|
|
|
|
dist_noinst_SCRIPTS+= scripts/resume.test
|
|
|
|
# The CRL and OCSP tests use RSA certificates.
|
|
if BUILD_RSA
|
|
|
|
if BUILD_CRL
|
|
# make revoked test rely on completion of resume test
|
|
dist_noinst_SCRIPTS+= scripts/crl-revoked.test
|
|
dist_noinst_SCRIPTS+= scripts/crl-gen-openssl.test
|
|
scripts/crl-revoked.log: scripts/resume.log
|
|
scripts/crl-gen-openssl.log: scripts/crl-revoked.log
|
|
endif
|
|
|
|
# arrange to serialize ocsp.test, ocsp-stapling.test, ocsp-stapling-with-ca-as-responder.test, ocsp-stapling2.test, and testsuite,
|
|
# to help mitigate port conflicts among them.
|
|
# note that unit.test is gated on testsuite in Makefile.am, which is also helpful for these purposes.
|
|
|
|
if BUILD_OCSP_STAPLING
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-stapling.test
|
|
if BUILD_OCSP_STAPLING_MULTI
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-stapling_tls13multi.test
|
|
endif
|
|
if !BUILD_OCSP_STAPLING_V2
|
|
testsuite/testsuite.log: scripts/ocsp-stapling.log scripts/ocsp-stapling-with-ca-as-responder.log
|
|
endif
|
|
scripts/ocsp-stapling.log: scripts/ocsp.log
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-stapling-with-ca-as-responder.test
|
|
scripts/ocsp-stapling-with-ca-as-responder.log: scripts/ocsp.log
|
|
scripts/ocsp-stapling-with-ca-as-responder.log: scripts/ocsp-stapling.log
|
|
if BUILD_OCSP_STAPLING_MULTI
|
|
scripts/ocsp-stapling_tls13multi.log: scripts/ocsp-stapling-with-ca-as-responder.log
|
|
endif
|
|
endif
|
|
|
|
if BUILD_OCSP_STAPLING_V2
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-stapling2.test
|
|
|
|
if BUILD_OCSP_STAPLING
|
|
testsuite/testsuite.log: scripts/ocsp-stapling2.log
|
|
scripts/ocsp-stapling2.log: scripts/ocsp.log
|
|
scripts/ocsp-stapling2.log: scripts/ocsp-stapling.log
|
|
scripts/ocsp-stapling2.log: scripts/ocsp-stapling-with-ca-as-responder.log
|
|
else
|
|
scripts/ocsp-stapling2.log: scripts/ocsp.log
|
|
endif
|
|
|
|
endif
|
|
|
|
if BUILD_OCSP_RESPONDER
|
|
if BUILD_OCSP_STAPLING
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-stapling-with-wolfssl-responder.test
|
|
scripts/ocsp-stapling-with-wolfssl-responder.log: scripts/ocsp-stapling-with-ca-as-responder.log
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-responder-openssl-interop.test
|
|
scripts/ocsp-responder-openssl-interop.log: scripts/ocsp-stapling-with-wolfssl-responder.log
|
|
testsuite/testsuite.log: scripts/ocsp-responder-openssl-interop.log
|
|
else
|
|
dist_noinst_SCRIPTS+= scripts/ocsp-responder-openssl-interop.test
|
|
scripts/ocsp-responder-openssl-interop.log: scripts/ocsp.log
|
|
testsuite/testsuite.log: scripts/ocsp-responder-openssl-interop.log
|
|
endif
|
|
endif
|
|
|
|
endif
|
|
|
|
if BUILD_PSK
|
|
dist_noinst_SCRIPTS+= scripts/psk.test
|
|
endif
|
|
|
|
if BUILD_TRUST_PEER_CERT
|
|
dist_noinst_SCRIPTS+= scripts/trusted_peer.test
|
|
endif
|
|
|
|
if BUILD_PKCALLBACKS
|
|
dist_noinst_SCRIPTS+= scripts/pkcallbacks.test
|
|
scripts/pkcallbacks.log: scripts/resume.log
|
|
endif
|
|
|
|
if BUILD_TLS13
|
|
dist_noinst_SCRIPTS+= scripts/tls13.test
|
|
endif
|
|
|
|
endif # end of BUILD_EXAMPLE_SERVERS
|
|
|
|
if BUILD_EXAMPLE_CLIENTS
|
|
if !BUILD_IPV6
|
|
dist_noinst_SCRIPTS+= scripts/external.test
|
|
dist_noinst_SCRIPTS+= scripts/google.test
|
|
dist_noinst_SCRIPTS+= scripts/openssl.test
|
|
|
|
if BUILD_OCSP
|
|
dist_noinst_SCRIPTS+= scripts/ocsp.test
|
|
endif
|
|
|
|
dist_noinst_SCRIPTS+= scripts/unit.test
|
|
noinst_SCRIPTS+= scripts/unit.test.in
|
|
|
|
endif
|
|
endif
|
|
|
|
dist_noinst_SCRIPTS+= scripts/pem.test
|
|
|
|
EXTRA_DIST += scripts/sniffer-static-rsa.pcap \
|
|
scripts/sniffer-ipv6.pcap \
|
|
scripts/sniffer-tls13-dh.pcap \
|
|
scripts/sniffer-tls13-dh-resume.pcap \
|
|
scripts/sniffer-tls13-ecc.pcap \
|
|
scripts/sniffer-tls13-ecc-resume.pcap \
|
|
scripts/sniffer-tls13-x25519.pcap \
|
|
scripts/sniffer-tls13-x25519-resume.pcap \
|
|
scripts/sniffer-tls13-hrr.pcap \
|
|
scripts/sniffer-gen.sh \
|
|
scripts/ping.test \
|
|
scripts/benchmark.test \
|
|
scripts/memtest.sh \
|
|
scripts/makedistsmall.sh \
|
|
scripts/openssl_srtp.test \
|
|
scripts/aria-cmake-build-test.sh \
|
|
scripts/asn1_oid_sum.pl
|
|
|
|
|
|
# leave openssl.test as extra until non bash works
|
|
EXTRA_DIST += scripts/openssl.test
|
|
EXTRA_DIST += scripts/rsapss.test
|
|
|
|
EXTRA_DIST += scripts/dertoc.pl
|
|
|
|
# for use with wolfssl-x.x.x-commercial-fips-stm32l4-v2
|
|
EXTRA_DIST += scripts/stm32l4-v4_0_1_build.sh
|
|
|
|
EXTRA_DIST += scripts/cleanup_testfiles.sh
|
|
|
|
EXTRA_DIST += scripts/dtls.test
|
|
|
|
if BUILD_DTLS13
|
|
EXTRA_DIST += scripts/dtlscid.test
|
|
endif
|
|
|
|
if BUILD_DTLS_CID
|
|
dist_noinst_SCRIPTS+= scripts/dtlscid.test
|
|
endif
|
|
|
|
EXTRA_DIST += scripts/bench/bench_functions.sh
|
|
EXTRA_DIST += scripts/benchmark_compare.sh
|
|
|
|
EXTRA_DIST += scripts/user_settings_asm.sh
|