mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'csr'

This commit is contained in:
Moisés Guimarães 2015-12-28 19:38:04 -03:00
parent a9894e9033
commit ec9d23a9c3
76 changed files with 5137 additions and 822 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
SCRIPTS-LIST
View File

@ -19,13 +19,20 @@ certs/
renewcerts.sh - renews test certs and crls
crl/
gencrls.sh - generates crls, used by renewcerts.sh
ocsp/
renewcerts.sh - renews ocsp certs
ocspd0.sh - ocsp responder for root-ca-cert.pem
ocspd1.sh - ocsp responder for intermediate1-ca-cert.pem
ocspd2.sh - ocsp responder for intermediate2-ca-cert.pem
scripts/
external.test - example client test against our website, part of tests
google.test - example client test against google, part of tests
resume.test - example sessoin resume test, part of tests
sniffer-testsuite.test - runs snifftest on a pcap of testsuite, part of tests
in sniffer mode
ocsp-stapling.test - example client test against globalsign, part of tests
ocsp-stapling2.test - example client test against example server, part of tests
sniffer-testsuite.test - runs snifftest on a pcap of testsuite, part of tests
in sniffer mode
swig/
PythonBuild.sh - builds and runs simple python example

13
Vagrantfile vendored
View File

@ -17,10 +17,10 @@ cd $LIB.$VER/ && ./autogen.sh && ./configure -q && make -s
sudo make install && cd .. && rm -rf $LIB.$VER*
SRC=vagrant
DST=wolfssl
cp -rp /$SRC/ $DST/
cp -rp /vagrant/ $DST/
chown -hR vagrant:vagrant $DST/
echo "cd $DST" >> .bashrc
echo "read -p 'Sync $DST? (y/n) ' -n 1 -r" >> .bashrc
@ -30,20 +30,13 @@ echo " echo -e '\e[0;32mRunning $DST sync\e[0m'" >> .bashrc
echo " ./pull_to_vagrant.sh" >> .bashrc
echo "fi" >> .bashrc
cd $DST
./autogen.sh
./configure
make check
cd ..
chown -hR vagrant:vagrant $DST/ /tmp/output
SCRIPT
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "hashicorp/precise64"
config.vm.box = "ubuntu/trusty64"
config.vm.provision "shell", inline: $setup
config.vm.network "forwarded_port", guest: 11111, host: 33333

54
certs/1024/ca-cert.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10323419125573214618 (0x8f4426ffb743e19a)
Signature Algorithm: sha1WithRSAEncryption
Serial Number: 16629652120256878762 (0xe6c8647ee63b98aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Sep 23 19:23:38 2015 GMT
Not After : Jun 19 19:23:38 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -28,38 +28,42 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:8F:44:26:FF:B7:43:E1:9A
serial:E6:C8:64:7E:E6:3B:98:AA
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
0e:46:ac:d8:29:1d:12:12:06:0c:d3:3f:7d:58:2e:0d:11:5e:
5d:0d:dd:17:c0:0f:aa:01:4d:a4:c4:84:81:6e:64:ae:d1:5d:
58:cd:19:6a:74:a4:46:2f:c8:43:79:39:c0:91:4b:7c:71:ea:
4e:63:44:66:15:41:15:de:50:82:e3:e9:d1:55:55:cc:5a:38:
1e:3a:59:b3:0e:ee:0e:54:4d:93:e7:e0:8e:27:a5:6e:08:b8:
6a:39:da:2d:47:62:c4:5b:89:c0:48:48:2a:d5:f0:55:74:fd:
a6:b1:68:3c:70:a4:52:24:81:ec:4c:57:e0:e8:18:73:9d:0a:
4d:d8
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
82:53:ec:89:0a:6a:1b:ae:c3:69:fc:22:b5:d7:d2:f4:0b:6d:
18:72:f5:64:7f:bb:80:57:e3:f3:b2:af:e1:89:47:03:19:dd:
6f:62:ed:2b:24:d3:a2:77:c0:83:6a:fb:0f:55:93:78:15:4a:
c1:e0:13:f2:65:9c:7a:8c:6c:98:57:f0:44:9d:3a:9e:6a:30:
08:9f:33:ce:0d:7e:86:6f:ef:0e:34:41:b9:c6:1d:34:c6:28:
1e:f9:81:be:68:3d:77:92:50:c5:f8:2f:4c:aa:db:5f:72:93:
42:eb:8a:cf:24:a0:d9:25:44:46:8b:ed:de:46:d5:1a:90:e9:
d6:d8
-----BEGIN CERTIFICATE-----
MIIDtTCCAx6gAwIBAgIJAI9EJv+3Q+GaMA0GCSqGSIb3DQEBBQUAMIGZMQswCQYD
MIID6jCCA1OgAwIBAgIJAObIZH7mO5iqMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MDkyMzE5MjMzOFoXDTE4MDYxOTE5MjMzOFowgZkxCzAJBgNVBAYT
Y29tMB4XDTE1MTEyMzEyNDkzN1oXDTE4MDgxOTEyNDkzN1owgZkxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW
nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i
gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq
1OWIGLMRL3PA1ikJAgMBAAGjggEBMIH+MB0GA1UdDgQWBBTTIo8oLOAF7tPtw3E9
ybI2Oh2/qDCBzgYDVR0jBIHGMIHDgBTTIo8oLOAF7tPtw3E9ybI2Oh2/qKGBn6SB
nDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEw
MjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
b0B3b2xmc3NsLmNvbYIJAI9EJv+3Q+GaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
AQEFBQADgYEADkas2CkdEhIGDNM/fVguDRFeXQ3dF8APqgFNpMSEgW5krtFdWM0Z
anSkRi/IQ3k5wJFLfHHqTmNEZhVBFd5QguPp0VVVzFo4HjpZsw7uDlRNk+fgjiel
bgi4ajnaLUdixFuJwEhIKtXwVXT9prFoPHCkUiSB7ExX4OgYc50KTdg=
1OWIGLMRL3PA1ikJAgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQU0yKPKCzgBe7T7cNx
PcmyNjodv6gwgc4GA1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+k
gZwwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb22CCQDmyGR+5juYqjAMBgNVHRMEBTADAQH/MDIGCCsGAQUF
BwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjANBgkq
hkiG9w0BAQsFAAOBgQCCU+yJCmobrsNp/CK119L0C20YcvVkf7uAV+Pzsq/hiUcD
Gd1vYu0rJNOid8CDavsPVZN4FUrB4BPyZZx6jGyYV/BEnTqeajAInzPODX6Gb+8O
NEG5xh00xige+YG+aD13klDF+C9MqttfcpNC64rPJKDZJURGi+3eRtUakOnW2A==
-----END CERTIFICATE-----

BIN
certs/1024/client-cert.der
View File

Binary file not shown.

44
certs/1024/client-cert.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16417767964199037690 (0xe3d7a0fa76df2afa)
Serial Number: 15267089231539806063 (0xd3df98c4801f1f6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_1024, OU=Programming-1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -28,39 +28,43 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_1024/OU=Programming-1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:E3:D7:A0:FA:76:DF:2A:FA
serial:D3:DF:98:C4:80:1F:1F:6F
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
1d:b7:d5:7c:e1:b1:d8:c0:67:5d:b5:d3:88:e7:50:29:71:63:
8f:cc:26:1f:33:09:55:43:9b:ab:c6:1b:bc:c7:01:95:1a:fa:
65:e0:fd:9c:eb:6f:0a:0f:14:ec:b5:2f:dc:1c:30:dd:52:97:
d4:1c:09:00:33:38:5f:cb:a8:16:8f:11:b7:b8:d0:66:e1:54:
28:f3:3f:bf:6a:6f:76:48:2a:5e:56:a7:ce:1c:f0:04:dd:17:
bd:06:78:21:6d:d6:b1:9b:75:31:92:c1:fe:d4:8d:d4:67:2f:
03:1b:27:8d:ab:ff:30:3b:c3:7f:23:e4:ab:5b:91:e1:1b:66:
e6:ed
71:39:fa:86:c3:54:e5:98:b5:e8:c3:cb:97:2f:86:bf:e8:bc:
fb:eb:d8:73:97:34:9a:16:bf:e0:b2:bd:be:7d:ff:a0:d7:e6:
db:a3:52:43:41:60:f1:d7:c3:63:c0:9b:e2:b2:28:87:70:60:
5d:2b:5d:56:15:3c:b1:1e:03:53:72:39:32:e2:47:85:f7:8b:
e8:38:50:a9:c9:d3:52:75:0e:16:14:a5:a5:c4:9f:3e:73:d8:
38:79:bf:f7:9b:4d:0d:f3:aa:ce:a2:03:84:66:14:c9:01:f5:
86:a5:66:a1:ca:6a:71:5f:2d:31:8e:1c:cc:0c:e6:46:99:5d:
0a:4c
-----BEGIN CERTIFICATE-----
MIIDxTCCAy6gAwIBAgIJAOPXoPp23yr6MA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
MIID+TCCA2KgAwIBAgIJANPfmMSAHx9vMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG
A1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0xMDI0MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb20wHhcNMTUwNTA3MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBnjELMAkG
ZnNzbC5jb20wHhcNMTUxMTIzMTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT
BgNVBAoMDHdvbGZTU0xfMTAyNDEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMTAyNDEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8cw6oSfN0oqnv
GKXaVZkh+cjss21I5TU1dXc37NFhkF8+2eTV35TKwanXGdqGyehNxGE2gv6rrX53
JbuNEaW8YjqoOMw5ogRmtPf386raTQIOu16NaUjcd8koDiLpa6Qmukzowf1Kbysf
74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFIFp
74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQABo4IBOzCCATcwHQYDVR0OBBYEFIFp
D/jf3c80KdVndXGFx3UQaVnsMIHTBgNVHSMEgcswgciAFIFpD/jf3c80KdVndXGF
x3UQaVnsoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQ
MA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQL
DBBQcm9ncmFtbWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd
BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDj16D6dt8q+jAMBgNVHRME
BTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAB231XzhsdjAZ12104jnUClxY4/MJh8z
CVVDm6vGG7zHAZUa+mXg/ZzrbwoPFOy1L9wcMN1Sl9QcCQAzOF/LqBaPEbe40Gbh
VCjzP79qb3ZIKl5Wp84c8ATdF70GeCFt1rGbdTGSwf7UjdRnLwMbJ42r/zA7w38j
5KtbkeEbZubt
BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDT35jEgB8fbzAMBgNVHRME
BTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2Fs
aG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOBgQBxOfqGw1TlmLXow8uXL4a/6Lz7
69hzlzSaFr/gsr2+ff+g1+bbo1JDQWDx18NjwJvisiiHcGBdK11WFTyxHgNTcjky
4keF94voOFCpydNSdQ4WFKWlxJ8+c9g4eb/3m00N86rOogOEZhTJAfWGpWahympx
Xy0xjhzMDOZGmV0KTA==
-----END CERTIFICATE-----

106
certs/1024/server-cert.pem
View File

@ -2,11 +2,11 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha1WithRSAEncryption
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Sep 23 19:23:38 2015 GMT
Not After : Jun 19 19:23:38 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -28,50 +28,54 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:8F:44:26:FF:B7:43:E1:9A
serial:E6:C8:64:7E:E6:3B:98:AA
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
0a:04:c7:9a:c4:f6:46:db:e4:85:d4:22:02:12:3e:53:27:25:
24:8a:9b:2f:93:7f:de:70:94:c5:6c:4c:26:25:25:7a:d7:0f:
33:b9:9c:d2:5a:94:7f:8d:30:75:ad:82:c9:bf:4b:6c:91:58:
7c:45:1a:89:df:8e:ca:31:9f:ab:38:b3:ae:c2:8f:14:87:e6:
1c:ab:12:4e:df:82:36:c9:41:46:c4:05:95:88:62:09:72:57:
66:31:80:b8:9c:55:a8:fb:74:01:32:e7:5a:40:df:9b:e4:98:
d7:5b:ea:69:5c:14:1b:9b:8b:08:2d:d9:58:28:be:c9:01:e0:
e1:a9
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
cb:33:02:ab:da:33:24:83:8f:e8:2b:29:13:94:58:f2:df:69:
69:0c:2f:79:79:4f:fc:35:fd:a5:75:59:a5:18:74:02:79:50:
49:2e:3b:16:28:4b:b5:0f:2a:a4:e7:b9:2a:33:50:eb:c4:7c:
b4:a2:af:8d:24:f3:27:48:58:01:ac:c0:5d:7a:90:6a:5b:f7:
4f:d3:a5:96:24:24:96:47:2c:81:97:3c:03:1c:ad:90:c7:22:
90:91:67:03:7f:81:51:c7:97:d7:76:85:82:66:1b:f8:03:d9:
ae:1d:b0:a1:20:05:55:68:2b:d7:eb:92:dc:ec:cd:be:c6:c8:
53:df
-----BEGIN CERTIFICATE-----
MIIDqTCCAxKgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmTELMAkGA1UEBhMCVVMx
MIID3jCCA0egAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0x
NTA5MjMxOTIzMzhaFw0xODA2MTkxOTIzMzhaMIGVMQswCQYDVQQGEwJVUzEQMA4G
NTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGVMQswCQYDVQQGEwJVUzEQMA4G
A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT
TDEVMBMGA1UECwwMU3VwcG9ydF8xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBAKo+pZzTF0llQ97Q80sc20kM/HplBW3easTkcyyKloKP
I6UGcRwGPi+SjQspNEVZ6am8YdckN121xDeNumey7wMn+sG0zWsAZrTWc3AfCDrM
d63p+TTU86AtqedYqcBhhLbsPQqt/VyGc6prR9iLLlhLaRKCJlXmFL9VcIj++XXh
AgMBAAGjggEBMIH+MB0GA1UdDgQWBBTZPDXqdA4jvpz8+imQCcHnhBaffDCBzgYD
VR0jBIHGMIHDgBTTIo8oLOAF7tPtw3E9ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UE
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
BAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMM
D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv
bYIJAI9EJv+3Q+GaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEACgTH
msT2RtvkhdQiAhI+UyclJIqbL5N/3nCUxWxMJiUletcPM7mc0lqUf40wda2Cyb9L
bJFYfEUaid+OyjGfqzizrsKPFIfmHKsSTt+CNslBRsQFlYhiCXJXZjGAuJxVqPt0
ATLnWkDfm+SY11vqaVwUG5uLCC3ZWCi+yQHg4ak=
AgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQU2Tw16nQOI76c/PopkAnB54QWn3wwgc4G
A1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+kgZwwgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYD
VQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQD
DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CCQDmyGR+5juYqjAMBgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggr
BgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOB
gQDLMwKr2jMkg4/oKykTlFjy32lpDC95eU/8Nf2ldVmlGHQCeVBJLjsWKEu1Dyqk
57kqM1DrxHy0oq+NJPMnSFgBrMBdepBqW/dP06WWJCSWRyyBlzwDHK2QxyKQkWcD
f4FRx5fXdoWCZhv4A9muHbChIAVVaCvX65Lc7M2+xshT3w==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10323419125573214618 (0x8f4426ffb743e19a)
Signature Algorithm: sha1WithRSAEncryption
Serial Number: 16629652120256878762 (0xe6c8647ee63b98aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Sep 23 19:23:38 2015 GMT
Not After : Jun 19 19:23:38 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting_1024, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -93,38 +97,42 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:8F:44:26:FF:B7:43:E1:9A
serial:E6:C8:64:7E:E6:3B:98:AA
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
0e:46:ac:d8:29:1d:12:12:06:0c:d3:3f:7d:58:2e:0d:11:5e:
5d:0d:dd:17:c0:0f:aa:01:4d:a4:c4:84:81:6e:64:ae:d1:5d:
58:cd:19:6a:74:a4:46:2f:c8:43:79:39:c0:91:4b:7c:71:ea:
4e:63:44:66:15:41:15:de:50:82:e3:e9:d1:55:55:cc:5a:38:
1e:3a:59:b3:0e:ee:0e:54:4d:93:e7:e0:8e:27:a5:6e:08:b8:
6a:39:da:2d:47:62:c4:5b:89:c0:48:48:2a:d5:f0:55:74:fd:
a6:b1:68:3c:70:a4:52:24:81:ec:4c:57:e0:e8:18:73:9d:0a:
4d:d8
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
82:53:ec:89:0a:6a:1b:ae:c3:69:fc:22:b5:d7:d2:f4:0b:6d:
18:72:f5:64:7f:bb:80:57:e3:f3:b2:af:e1:89:47:03:19:dd:
6f:62:ed:2b:24:d3:a2:77:c0:83:6a:fb:0f:55:93:78:15:4a:
c1:e0:13:f2:65:9c:7a:8c:6c:98:57:f0:44:9d:3a:9e:6a:30:
08:9f:33:ce:0d:7e:86:6f:ef:0e:34:41:b9:c6:1d:34:c6:28:
1e:f9:81:be:68:3d:77:92:50:c5:f8:2f:4c:aa:db:5f:72:93:
42:eb:8a:cf:24:a0:d9:25:44:46:8b:ed:de:46:d5:1a:90:e9:
d6:d8
-----BEGIN CERTIFICATE-----
MIIDtTCCAx6gAwIBAgIJAI9EJv+3Q+GaMA0GCSqGSIb3DQEBBQUAMIGZMQswCQYD
MIID6jCCA1OgAwIBAgIJAObIZH7mO5iqMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxGDAWBgNVBAsMD0NvbnN1bHRpbmdfMTAyNDEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MDkyMzE5MjMzOFoXDTE4MDYxOTE5MjMzOFowgZkxCzAJBgNVBAYT
Y29tMB4XDTE1MTEyMzEyNDkzN1oXDTE4MDgxOTEyNDkzN1owgZkxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2s3Ufsvrckw2MbVJh54ccxFlnW
nXedjeKL7QQXssbr5JuRvjFQYpdYtX8p3rNxJAu/lwl/Jtwt7KgusmQreis1GS2i
gMuZ/ZRxGyONVNsuYo2BCC30JHInbPnJjttMdbqbAfg/GPTmf/tXlJLMiMS0AMKq
1OWIGLMRL3PA1ikJAgMBAAGjggEBMIH+MB0GA1UdDgQWBBTTIo8oLOAF7tPtw3E9
ybI2Oh2/qDCBzgYDVR0jBIHGMIHDgBTTIo8oLOAF7tPtw3E9ybI2Oh2/qKGBn6SB
nDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEw
MjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
b0B3b2xmc3NsLmNvbYIJAI9EJv+3Q+GaMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
AQEFBQADgYEADkas2CkdEhIGDNM/fVguDRFeXQ3dF8APqgFNpMSEgW5krtFdWM0Z
anSkRi/IQ3k5wJFLfHHqTmNEZhVBFd5QguPp0VVVzFo4HjpZsw7uDlRNk+fgjiel
bgi4ajnaLUdixFuJwEhIKtXwVXT9prFoPHCkUiSB7ExX4OgYc50KTdg=
1OWIGLMRL3PA1ikJAgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQU0yKPKCzgBe7T7cNx
PcmyNjodv6gwgc4GA1UdIwSBxjCBw4AU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+k
gZwwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb22CCQDmyGR+5juYqjAMBgNVHRMEBTADAQH/MDIGCCsGAQUF
BwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjANBgkq
hkiG9w0BAQsFAAOBgQCCU+yJCmobrsNp/CK119L0C20YcvVkf7uAV+Pzsq/hiUcD
Gd1vYu0rJNOid8CDavsPVZN4FUrB4BPyZZx6jGyYV/BEnTqeajAInzPODX6Gb+8O
NEG5xh00xige+YG+aD13klDF+C9MqttfcpNC64rPJKDZJURGi+3eRtUakOnW2A==
-----END CERTIFICATE-----

BIN
certs/ca-cert.der
View File

Binary file not shown.

71
certs/ca-cert.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15672591315981621815 (0xd9803ac3d2f4da37)
Serial Number: 11990332945272134785 (0xa6663849459bdc81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37
serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
7a:af:44:3b:aa:6f:53:42:b2:33:aa:43:5f:56:30:d3:b9:96:
0b:9a:55:5a:39:2a:0b:4e:e4:2e:f1:95:66:c9:86:36:82:8d:
63:7c:4d:a2:ee:48:ba:03:c7:90:d7:a7:c6:74:60:48:5f:31:
a2:f9:5e:3e:c3:82:e1:e5:2f:41:81:83:29:25:79:d1:53:00:
69:3c:ed:0a:30:3b:41:1d:92:a1:2c:a8:9d:2c:e3:23:87:79:
e0:55:6e:91:a8:50:da:46:2f:c2:20:50:3e:2b:47:97:14:b0:
7d:04:ba:45:51:d0:6e:e1:5a:a2:4b:84:9c:4d:cd:85:04:f9:
28:31:82:93:bc:c7:59:49:91:03:e8:df:6a:e4:56:ad:6a:cb:
1f:0d:37:e4:5e:bd:e7:9f:d5:ec:9d:3c:18:25:9b:f1:2f:50:
7d:eb:31:cb:f1:63:22:9d:57:fc:f3:84:20:1a:c6:07:87:92:
26:9e:15:18:59:33:06:dc:fb:b0:b6:76:5d:f1:c1:2f:c8:2f:
62:9c:c0:d6:de:eb:65:77:f3:5c:a6:c3:88:27:96:75:b4:f4:
54:cd:ff:2d:21:2e:96:f0:07:73:4b:e9:93:92:90:de:62:d9:
a3:3b:ac:6e:24:5f:27:4a:b3:94:70:ff:30:17:e7:7e:32:8f:
65:b7:75:58
41:8f:fb:6b:65:6b:36:f2:56:4f:0c:48:b0:4d:8c:c2:cb:d6:
58:7a:83:3a:30:7d:62:7b:86:f1:15:26:b3:26:02:77:f2:c8:
57:e5:1e:60:68:8b:a4:e8:f3:a8:b2:88:a4:2f:e8:6e:25:8d:
6b:dc:53:ab:2f:d3:47:8c:d6:27:ab:39:bc:d3:ca:d8:01:96:
a4:44:57:38:93:ab:c3:f3:95:67:7f:cf:25:1d:b7:04:dc:06:
c9:5d:24:c1:54:13:71:81:21:31:ee:9f:b4:9d:ce:98:66:a4:
a0:77:c1:88:18:a4:d1:36:ee:cd:d8:c1:1b:bc:03:d6:85:9a:
2e:21:82:95:4c:b2:2a:fe:69:db:ac:e4:97:e1:e9:0e:f1:d3:
ef:20:86:03:01:66:6b:f0:26:0f:39:04:26:f5:42:98:3f:95:
48:5f:b5:5d:bc:49:4c:81:38:d5:e9:72:32:1c:66:1b:12:80:
0f:db:99:f0:97:67:61:79:ad:ab:be:6a:ea:aa:cc:3d:f9:40:
99:00:93:bb:df:4b:41:d4:7f:f1:93:b2:70:83:3a:e3:6b:44:
4b:1f:9f:77:53:ea:5d:e6:59:1e:c0:2d:4b:83:d6:f4:a3:d4:
a9:c3:91:12:e7:61:3f:56:9d:8f:b8:19:29:62:1b:58:df:73:
99:1f:49:63
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJANmAOsPS9No3MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
MIIE4DCCA8igAwIBAgIJAKZmOElFm9yBMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGUMQswCQYDVQQGEwJVUzEQ
Fw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
@ -71,16 +74,18 @@ mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYD
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeq9EO6pvU0KyM6pDX1Yw07mW
C5pVWjkqC07kLvGVZsmGNoKNY3xNou5IugPHkNenxnRgSF8xovlePsOC4eUvQYGD
KSV50VMAaTztCjA7QR2SoSyonSzjI4d54FVukahQ2kYvwiBQPitHlxSwfQS6RVHQ
buFaokuEnE3NhQT5KDGCk7zHWUmRA+jfauRWrWrLHw035F6955/V7J08GCWb8S9Q
fesxy/FjIp1X/POEIBrGB4eSJp4VGFkzBtz7sLZ2XfHBL8gvYpzA1t7rZXfzXKbD
iCeWdbT0VM3/LSEulvAHc0vpk5KQ3mLZozusbiRfJ0qzlHD/MBfnfjKPZbd1WA==
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATEw
ggEtMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAM
BgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
L2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAQY/7a2VrNvJWTwxI
sE2MwsvWWHqDOjB9YnuG8RUmsyYCd/LIV+UeYGiLpOjzqLKIpC/obiWNa9xTqy/T
R4zWJ6s5vNPK2AGWpERXOJOrw/OVZ3/PJR23BNwGyV0kwVQTcYEhMe6ftJ3OmGak
oHfBiBik0TbuzdjBG7wD1oWaLiGClUyyKv5p26zkl+HpDvHT7yCGAwFma/AmDzkE
JvVCmD+VSF+1XbxJTIE41elyMhxmGxKAD9uZ8JdnYXmtq75q6qrMPflAmQCTu99L
QdR/8ZOycIM642tESx+fd1PqXeZZHsAtS4PW9KPUqcOREudhP1adj7gZKWIbWN9z
mR9JYw==
-----END CERTIFICATE-----

BIN
certs/client-cert.der
View File

Binary file not shown.

62
certs/client-cert.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12260966172072242701 (0xaa27b3c5a9726e0d)
Serial Number: 10777134365807824960 (0x9590129b22a15040)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_2048, OU=Programming-2048, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:AA:27:B3:C5:A9:72:6E:0D
serial:95:90:12:9B:22:A1:50:40
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
51:96:a7:1c:26:5d:1c:90:c6:32:9f:96:15:f2:1d:e7:93:9c:
ac:75:56:95:fd:20:70:ab:45:6a:09:b0:f3:f2:03:a8:db:dc:
2f:bc:1f:87:7a:a3:d4:8f:d5:49:97:7e:3c:54:ac:b1:e3:f0:
39:0d:fe:09:9a:23:f6:32:a6:41:59:bd:60:e8:bd:de:00:36:
6f:3e:e9:41:6f:a9:63:c7:aa:d5:7b:f3:e4:39:48:9e:f6:60:
c6:c6:86:d5:72:86:23:cd:f5:6a:63:53:a4:f8:fc:51:6a:cd:
60:74:8e:a3:86:61:01:34:78:f7:29:97:b3:a7:34:b6:0a:de:
b5:71:7a:09:a6:3e:d6:82:58:89:67:9c:c5:68:62:ba:06:d6:
39:bb:cb:3a:c0:e0:63:1f:c7:0c:9c:12:86:ec:f7:39:6a:61:
93:d0:33:14:c6:55:3b:b6:cf:80:5b:8c:43:ef:43:44:0b:3c:
93:39:a3:4e:15:d1:0b:5f:84:98:1d:cd:9f:a9:47:eb:3b:56:
30:b6:76:92:c1:48:5f:bc:95:b0:50:1a:55:c8:4e:62:47:87:
54:64:0c:9b:91:fa:43:b3:29:48:be:e6:12:eb:e3:44:c6:52:
e4:40:c6:83:95:1b:a7:65:27:69:73:2f:c8:a0:4d:7f:be:ea:
9b:67:b2:7b
7b:91:63:8d:39:54:64:3c:b4:3f:d5:c8:4f:bf:0b:bf:af:5c:
9c:41:c7:0b:52:6d:c6:f0:de:7c:ff:9b:4e:fe:f3:22:a5:00:
13:9f:81:e4:6d:70:2c:f9:7a:f4:d8:50:be:72:e1:04:8b:b0:
05:e3:61:82:3f:65:de:f9:e9:d3:3d:97:7d:88:b7:99:85:c1:
e5:5c:57:a7:9c:1f:f2:b8:ce:ec:d7:d1:9b:ec:fb:0e:6f:02:
ad:51:c0:76:dd:66:0a:ce:0d:09:e6:a8:42:b0:06:c3:04:e7:
1c:c7:10:83:07:f2:e6:11:1a:cd:a7:b9:7e:17:ef:ea:63:9c:
f2:a5:be:6b:b6:df:eb:5a:75:01:59:05:f7:ec:49:75:10:dd:
40:1a:25:25:4f:78:6e:e1:92:21:b5:b8:82:2f:33:b3:5b:b6:
81:b8:b1:a4:0c:8d:98:74:74:da:0d:90:33:c8:a7:aa:0d:06:
5a:04:eb:37:d3:e4:55:0c:93:b6:c8:3a:e8:a7:2b:4e:b8:90:
bb:36:0b:db:7f:2e:99:23:76:68:81:a8:73:74:e7:68:fb:1d:
ff:5b:ec:b5:6b:30:d1:d0:2b:89:a6:c6:a9:fc:03:66:fe:b5:
8c:af:de:8e:2a:b4:78:9c:d7:4a:fc:9c:c4:7c:19:20:83:0e:
fd:3f:4d:a7
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIJAKons8Wpcm4NMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
MIIE/jCCA+agAwIBAgIJAJWQEpsioVBAMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG
A1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWluZy0yMDQ4MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb20wHhcNMTUwNTA3MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBnjELMAkG
ZnNzbC5jb20wHhcNMTUxMTIzMTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBnjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT
BgNVBAoMDHdvbGZTU0xfMjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@ -72,16 +75,17 @@ StIb94u6zw357+zxgR57mwNHmr9lzH9lJGmm6BSJW+Q098WwFJP1Z3s6enjhAVZW
kaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbfG36/TpfQEOioCDCBryALQxTF
dGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnNrv94bHvAEgPUTnINUG07ozuj
mV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAYE7BjtXJOMMSXhIYtVi/XFfd/
wK71/Fvl+6G60wIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeR
wK71/Fvl+6G60wIDAQABo4IBOzCCATcwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeR
xybXhWXAMIHTBgNVHSMEgcswgciAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGkpIGh
MIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96
ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFtbWlu
Zy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEW
EGluZm9Ad29sZnNzbC5jb22CCQCqJ7PFqXJuDTAMBgNVHRMEBTADAQH/MA0GCSqG
SIb3DQEBCwUAA4IBAQBRlqccJl0ckMYyn5YV8h3nk5ysdVaV/SBwq0VqCbDz8gOo
29wvvB+HeqPUj9VJl348VKyx4/A5Df4JmiP2MqZBWb1g6L3eADZvPulBb6ljx6rV
e/PkOUie9mDGxobVcoYjzfVqY1Ok+PxRas1gdI6jhmEBNHj3KZezpzS2Ct61cXoJ
pj7WgliJZ5zFaGK6BtY5u8s6wOBjH8cMnBKG7Pc5amGT0DMUxlU7ts+AW4xD70NE
CzyTOaNOFdELX4SYHc2fqUfrO1YwtnaSwUhfvJWwUBpVyE5iR4dUZAybkfpDsylI
vuYS6+NExlLkQMaDlRunZSdpcy/IoE1/vuqbZ7J7
EGluZm9Ad29sZnNzbC5jb22CCQCVkBKbIqFQQDAMBgNVHRMEBTADAQH/MDIGCCsG
AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoyMjIyMjAN
BgkqhkiG9w0BAQsFAAOCAQEAe5FjjTlUZDy0P9XIT78Lv69cnEHHC1JtxvDefP+b
Tv7zIqUAE5+B5G1wLPl69NhQvnLhBIuwBeNhgj9l3vnp0z2XfYi3mYXB5VxXp5wf
8rjO7NfRm+z7Dm8CrVHAdt1mCs4NCeaoQrAGwwTnHMcQgwfy5hEazae5fhfv6mOc
8qW+a7bf61p1AVkF9+xJdRDdQBolJU94buGSIbW4gi8zs1u2gbixpAyNmHR02g2Q
M8inqg0GWgTrN9PkVQyTtsg66KcrTriQuzYL238umSN2aIGoc3TnaPsd/1vstWsw
0dAriabGqfwDZv61jK/ejiq0eJzXSvycxHwZIIMO/T9Npw==
-----END CERTIFICATE-----

BIN
certs/client-ecc-cert.der
View File

Binary file not shown.

42
certs/client-ecc-cert.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16108595702940209934 (0xdf8d3a71e022930e)
Serial Number: 14757985853299502082 (0xcccee5f142282c02)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Oregon, L=Salem, O=Client ECC, OU=Fast, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@ -24,31 +24,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:DF:8D:3A:71:E0:22:93:0E
serial:CC:CE:E5:F1:42:28:2C:02
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:74:7b:ae:7e:9c:c8:69:95:8a:0b:ad:7f:c9:37:
3d:3c:7f:b7:ef:f3:da:9b:ea:d0:a7:76:0a:a4:77:12:f7:a8:
02:20:71:95:87:89:b7:a8:8b:bb:fa:9f:84:dc:2b:71:dc:4a:
c5:5a:65:b2:fc:33:c4:ce:36:4f:ab:c6:38:36:6c:88
30:45:02:21:00:9f:24:c2:3b:e6:e5:2a:2d:d1:99:67:ca:f5:
ed:d1:d6:90:19:16:16:f8:9e:56:a9:ed:1b:19:92:54:0e:a7:
e2:02:20:51:c1:57:81:ba:50:7f:09:38:b6:16:7d:dc:63:50:
f3:f3:ed:b0:8d:56:75:94:91:21:71:32:b7:c2:59:c9:60
-----BEGIN CERTIFICATE-----
MIIDCDCCAq+gAwIBAgIJAN+NOnHgIpMOMAoGCCqGSM49BAMCMIGNMQswCQYDVQQG
MIIDPzCCAuWgAwIBAgIJAMzO5fFCKCwCMAoGCCqGSM49BAMCMIGNMQswCQYDVQQG
EwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxlbTETMBEGA1UECgwK
Q2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE1MDUwNzE4
MjEwMVoXDTE4MDEzMTE4MjEwMVowgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZP
Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE1MTEyMzEy
NDkzN1oXDTE4MDgxOTEyNDkzN1owgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZP
cmVnb24xDjAMBgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYD
VQQLDARGYXN0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARV
v/QPRFCaPc6bt/DFTfVwe9TsJI4ZgOxaTKIkA2Ism9rvojUSQ4R2FsZWlQbMAam9
9nUaQve9qbI2Il/HXX+0o4H1MIHyMB0GA1UdDgQWBBTr1EtZa5VhP1FXtgRNiUGI
RFyr8jCBwgYDVR0jBIG6MIG3gBTr1EtZa5VhP1FXtgRNiUGIRFyr8qGBk6SBkDCB
jTELMAkGA1UEBhMCVVMxDzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0x
EzARBgNVBAoMCkNsaWVudCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJ
AN+NOnHgIpMOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDRwAwRAIgdHuufpzI
aZWKC61/yTc9PH+37/Pam+rQp3YKpHcS96gCIHGVh4m3qIu7+p+E3Ctx3ErFWmWy
/DPEzjZPq8Y4NmyI
9nUaQve9qbI2Il/HXX+0o4IBKjCCASYwHQYDVR0OBBYEFOvUS1lrlWE/UVe2BE2J
QYhEXKvyMIHCBgNVHSMEgbowgbeAFOvUS1lrlWE/UVe2BE2JQYhEXKvyoYGTpIGQ
MIGNMQswCQYDVQQGEwJVUzEPMA0GA1UECAwGT3JlZ29uMQ4wDAYDVQQHDAVTYWxl
bTETMBEGA1UECgwKQ2xpZW50IEVDQzENMAsGA1UECwwERmFzdDEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
ggkAzM7l8UIoLAIwDAYDVR0TBAUwAwEB/zAyBggrBgEFBQcBAQQmMCQwIgYIKwYB
BQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjIwCgYIKoZIzj0EAwIDSAAwRQIh
AJ8kwjvm5Sot0ZlnyvXt0daQGRYW+J5Wqe0bGZJUDqfiAiBRwVeBulB/CTi2Fn3c
Y1Dz8+2wjVZ1lJEhcTK3wlnJYA==
-----END CERTIFICATE-----

50
certs/crl/cliCrl.pem
View File

@ -2,38 +2,38 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: May 7 18:21:01 2015 GMT
Next Update: Jan 31 18:21:01 2018 GMT
Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions:
X509v3 CRL Number:
3
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
a2:15:f0:cf:70:85:49:b9:5b:c1:af:2b:22:14:9d:ee:11:8d:
93:2d:58:17:d8:f6:b6:1a:1a:25:a2:27:c9:6b:4f:b3:31:c7:
2c:52:c4:53:59:19:ef:cf:91:ee:b5:19:28:37:49:9e:b6:e0:
41:62:4c:9f:f1:34:bf:88:aa:ae:24:38:8d:29:0a:64:08:a8:
68:f4:b5:28:73:d6:94:b9:0a:3f:7c:c1:22:72:be:14:ba:c9:
1b:9d:26:af:78:c2:cf:5f:ff:1e:cc:25:c0:63:f1:9b:97:85:
5c:c0:4d:14:ed:f9:ad:cb:02:7d:05:c7:5c:c1:7c:89:72:35:
49:70:a8:b1:ae:91:96:77:9a:c6:cb:38:27:88:3f:f4:c8:ba:
c9:08:7f:dd:a6:41:82:62:65:a0:f2:0c:36:5a:d9:15:57:5e:
66:c3:a2:ff:5e:4d:7c:bc:4b:7c:30:84:44:e3:06:34:a8:42:
3b:d9:6a:04:4a:0b:e5:59:66:63:b9:7a:80:48:68:31:1c:aa:
98:bc:09:0e:a7:83:5f:a7:00:f1:fb:78:bc:08:86:73:ef:53:
25:b8:1b:5e:7c:77:a8:12:7b:52:7f:1e:63:bc:db:60:99:46:
ab:e1:2e:48:d1:28:40:68:1e:9e:a0:2f:14:04:66:b3:b1:b1:
3b:d0:46:64
09:be:cf:c6:43:19:57:e4:49:37:90:ae:a4:15:a7:a1:61:f4:
4d:62:12:f4:62:da:05:49:f6:14:78:68:1a:75:11:ee:42:53:
d2:83:32:87:40:d7:60:c2:1e:b6:b8:e4:87:a5:fb:ab:a9:df:
40:4f:a0:f9:04:d3:c4:1e:52:d8:3b:c5:72:8f:df:da:02:16:
c9:c7:0c:4b:45:8c:4a:9f:37:7b:ee:3b:7c:7b:b3:93:b2:22:
b6:8c:83:8c:56:8f:c0:a6:5d:e8:3c:1a:af:5d:ae:b4:84:91:
6c:96:03:04:32:3d:56:24:91:cf:b5:5d:d6:15:de:76:36:ea:
7d:30:12:7e:56:ab:47:00:e9:fb:11:b7:89:da:60:32:54:64:
8e:bb:09:59:ea:58:e2:08:40:85:ae:a6:4f:c9:1a:8b:31:32:
b5:2a:54:c7:80:41:19:c9:7a:96:f8:8d:1d:7b:98:45:8f:fd:
5d:ed:f5:88:b8:aa:77:1e:a4:07:29:5c:23:27:e9:89:29:a6:
2d:76:30:a4:8b:c5:af:29:19:b7:1d:0a:c9:f8:cf:f9:0e:3f:
a2:48:7f:84:29:1b:3b:f4:7a:51:6d:8e:4a:df:e6:e5:80:76:
7e:a0:7d:a4:95:bb:df:6f:99:95:83:bd:79:5c:c2:5c:8d:8a:
0e:97:ca:c8
-----BEGIN X509 CRL-----
MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTA1
MDcxODIxMDFaFw0xODAxMzExODIxMDFaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG
9w0BAQsFAAOCAQEAohXwz3CFSblbwa8rIhSd7hGNky1YF9j2thoaJaInyWtPszHH
LFLEU1kZ78+R7rUZKDdJnrbgQWJMn/E0v4iqriQ4jSkKZAioaPS1KHPWlLkKP3zB
InK+FLrJG50mr3jCz1//HswlwGPxm5eFXMBNFO35rcsCfQXHXMF8iXI1SXCosa6R
lneaxss4J4g/9Mi6yQh/3aZBgmJloPIMNlrZFVdeZsOi/15NfLxLfDCEROMGNKhC
O9lqBEoL5VlmY7l6gEhoMRyqmLwJDqeDX6cA8ft4vAiGc+9TJbgbXnx3qBJ7Un8e
Y7zbYJlGq+EuSNEoQGgenqAvFARms7GxO9BGZA==
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTEx
MjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG
9w0BAQsFAAOCAQEACb7PxkMZV+RJN5CupBWnoWH0TWIS9GLaBUn2FHhoGnUR7kJT
0oMyh0DXYMIetrjkh6X7q6nfQE+g+QTTxB5S2DvFco/f2gIWyccMS0WMSp83e+47
fHuzk7IitoyDjFaPwKZd6Dwar12utISRbJYDBDI9ViSRz7Vd1hXedjbqfTASflar
RwDp+xG3idpgMlRkjrsJWepY4ghAha6mT8kaizEytSpUx4BBGcl6lviNHXuYRY/9
Xe31iLiqdx6kBylcIyfpiSmmLXYwpIvFrykZtx0KyfjP+Q4/okh/hCkbO/R6UW2O
St/m5YB2fqB9pJW732+ZlYO9eVzCXI2KDpfKyA==
-----END X509 CRL-----

52
certs/crl/crl.pem
View File

@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Jul 23 22:05:10 2015 GMT
Next Update: Apr 18 22:05:10 2018 GMT
Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions:
X509v3 CRL Number:
1
Revoked Certificates:
Serial Number: 02
Revocation Date: Jul 23 22:05:10 2015 GMT
Revocation Date: Nov 23 12:49:37 2015 GMT
Signature Algorithm: sha256WithRSAEncryption
68:55:84:c7:53:54:06:ea:3e:f2:d0:3d:e6:30:84:d5:12:82:
55:5b:4c:74:60:49:5d:4f:73:cd:cc:5f:42:bf:0d:93:93:a6:
81:60:9d:0c:7f:c6:75:f0:77:77:1f:81:cf:02:4a:7f:2e:e3:
1b:c4:b0:eb:0f:25:53:3d:78:7b:3e:8f:16:5e:37:c6:fd:f5:
93:bb:9a:d7:f1:78:eb:78:9f:5d:44:85:e0:5e:14:8b:b5:2b:
c5:af:23:43:82:27:0b:db:de:12:4a:1a:23:a7:f3:d9:3a:3f:
6f:23:e2:53:a0:ef:1e:b5:f2:da:c8:00:d2:f0:57:78:af:5d:
e3:8e:c4:06:27:7d:3d:ee:04:06:96:7a:9b:34:d9:e9:bc:a3:
2d:6c:01:36:c4:5d:bf:c5:7f:74:f3:bb:55:75:ff:a1:a9:66:
cc:b2:e0:a0:f6:0b:05:e1:ac:69:42:3f:df:b4:dd:8f:37:5c:
f5:09:4f:a7:c3:d6:ae:a2:c6:63:f3:ed:03:df:3c:ee:58:c1:
45:e8:85:7b:99:aa:fc:7d:ae:69:94:b9:50:0a:76:7d:b9:fd:
74:55:b8:b1:37:75:7d:f7:e6:1a:91:cd:68:b6:49:37:cb:c8:
e1:69:57:1b:c6:ef:ec:0a:fa:d3:72:92:95:ec:f1:c1:c3:53:
7d:fb:d0:66
3c:36:71:b3:df:e4:08:16:59:55:3c:2c:f4:80:4e:e6:2f:db:
9c:26:8d:3f:ef:c4:99:3e:14:7f:de:51:ea:ca:4a:6b:c5:ee:
54:04:c8:87:54:43:d7:df:ad:33:1c:7e:b6:09:e2:fb:da:27:
9d:ca:5e:fd:3c:f5:78:64:6f:2d:3d:05:26:68:e0:ed:36:25:
8f:95:57:0e:85:16:3d:01:bd:69:9f:70:b9:12:bc:2f:45:dc:
20:30:e0:55:a3:50:e2:d8:bd:94:50:01:11:ec:fa:19:a0:85:
75:a3:bc:74:f5:08:48:b6:c8:09:10:e2:4c:f5:73:e3:c9:38:
7e:4f:cc:9d:9c:51:04:0d:2f:5e:fb:b3:49:66:86:8e:16:d6:
2d:97:50:b2:b0:d9:5e:ed:4f:fc:f3:db:03:6e:25:a7:b7:e3:
81:f8:6a:21:0d:fa:aa:96:30:80:11:fa:67:ea:f4:92:f8:69:
cc:a0:1d:04:ec:3f:21:58:70:f9:f4:50:b3:79:ad:2b:ae:07:
a4:c6:6b:2f:45:85:e2:bf:de:64:a0:50:2b:15:c9:c1:ae:5e:
7f:ff:4d:c0:e5:d0:13:7d:cc:0d:cf:7c:4d:28:7b:8e:4b:4a:
c0:02:0d:b6:1e:9a:38:b8:99:70:be:fa:1f:35:d7:92:ac:36:
c8:0c:07:d8
-----BEGIN X509 CRL-----
MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE1MDcyMzIyMDUxMFoX
DTE4MDQxODIyMDUxMFowFDASAgECFw0xNTA3MjMyMjA1MTBaoA4wDDAKBgNVHRQE
AwIBATANBgkqhkiG9w0BAQsFAAOCAQEAaFWEx1NUBuo+8tA95jCE1RKCVVtMdGBJ
XU9zzcxfQr8Nk5OmgWCdDH/GdfB3dx+BzwJKfy7jG8Sw6w8lUz14ez6PFl43xv31
k7ua1/F463ifXUSF4F4Ui7Urxa8jQ4InC9veEkoaI6fz2To/byPiU6DvHrXy2sgA
0vBXeK9d447EBid9Pe4EBpZ6mzTZ6byjLWwBNsRdv8V/dPO7VXX/oalmzLLgoPYL
BeGsaUI/37Tdjzdc9QlPp8PWrqLGY/PtA9887ljBReiFe5mq/H2uaZS5UAp2fbn9
dFW4sTd1fffmGpHNaLZJN8vI4WlXG8bv7Ar603KSlezxwcNTffvQZg==
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE1MTEyMzEyNDkzN1oX
DTE4MDgxOTEyNDkzN1owFDASAgECFw0xNTExMjMxMjQ5MzdaoA4wDDAKBgNVHRQE
AwIBATANBgkqhkiG9w0BAQsFAAOCAQEAPDZxs9/kCBZZVTws9IBO5i/bnCaNP+/E
mT4Uf95R6spKa8XuVATIh1RD19+tMxx+tgni+9onncpe/Tz1eGRvLT0FJmjg7TYl
j5VXDoUWPQG9aZ9wuRK8L0XcIDDgVaNQ4ti9lFABEez6GaCFdaO8dPUISLbICRDi
TPVz48k4fk/MnZxRBA0vXvuzSWaGjhbWLZdQsrDZXu1P/PPbA24lp7fjgfhqIQ36
qpYwgBH6Z+r0kvhpzKAdBOw/IVhw+fRQs3mtK64HpMZrL0WF4r/eZKBQKxXJwa5e
f/9NwOXQE33MDc98TSh7jktKwAINth6aOLiZcL76HzXXkqw2yAwH2A==
-----END X509 CRL-----

58
certs/crl/crl.revoked
View File

@ -2,43 +2,43 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: Jul 22 16:17:45 2015 GMT
Next Update: Apr 17 16:17:45 2018 GMT
Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions:
X509v3 CRL Number:
7
2
Revoked Certificates:
Serial Number: 01
Revocation Date: Jul 22 16:17:45 2015 GMT
Revocation Date: Nov 23 12:49:37 2015 GMT
Serial Number: 02
Revocation Date: Jul 22 16:17:45 2015 GMT
Revocation Date: Nov 23 12:49:37 2015 GMT
Signature Algorithm: sha256WithRSAEncryption
7f:61:91:8a:8c:c1:23:f1:d4:98:d9:67:67:1e:d2:54:2a:ce:
b8:41:d1:f7:c4:88:84:01:a5:52:d6:42:d1:af:e6:c8:fb:13:
51:9e:2e:18:c1:e7:9d:83:81:79:d3:34:a3:14:a8:1c:7b:9e:
07:2b:fb:73:31:ce:17:52:69:80:cc:f7:fd:42:e3:1c:e0:63:
66:70:52:81:09:cc:be:51:02:2c:33:9a:ec:21:15:81:9f:7a:
10:d0:9c:23:f4:e6:b3:2b:e2:36:0e:fb:79:da:52:2c:bc:fa:
dd:9c:53:6b:48:b0:6a:56:5c:7b:87:53:18:94:c4:37:03:bf:
13:18:e3:a4:26:e0:66:0c:dc:e5:99:84:5d:36:69:01:f4:69:
d4:06:eb:43:ff:4f:f5:17:46:9d:b7:cb:45:ec:0d:9e:9c:4a:
96:3c:0b:92:c5:fb:de:d4:3f:af:a9:5e:b1:6f:9d:d7:8b:b5:
ab:86:b6:eb:00:da:b1:f4:6d:72:2d:9b:ec:f3:1b:2f:24:99:
d5:04:7b:4f:f8:7a:2e:4e:b6:ee:be:f8:50:d2:96:96:6f:f6:
3a:c2:7f:35:48:82:1a:84:64:03:e8:58:8e:0c:dc:62:97:cd:
82:ff:16:93:ac:44:14:e1:ae:fc:fb:52:25:b6:0d:70:ec:c4:
93:42:37:af
33:65:94:a5:92:9f:6e:21:0f:75:3a:d2:05:f5:5e:f2:ef:8c:
85:5f:a1:27:d3:25:41:06:e3:fd:76:54:86:c8:cf:ed:b3:99:
e9:9b:de:e9:b4:b5:59:7a:79:98:77:3a:1a:08:d9:08:fc:ad:
b1:22:67:c8:86:03:24:db:61:e7:0d:92:57:8f:71:e9:59:c7:
42:8a:ec:03:ff:0e:c1:c3:bb:59:06:db:14:70:5b:21:c2:19:
3a:52:ab:e6:15:19:32:42:f7:db:90:7e:d8:3f:f3:e6:70:61:
b7:ba:56:6c:c7:a8:9b:2e:43:a7:de:f8:25:99:e4:2b:d8:fb:
5c:c3:43:a6:d9:4e:cd:7b:7c:e4:6f:8d:12:80:de:92:1d:73:
c5:41:8d:9a:ca:e7:ac:c4:49:71:9d:be:44:f0:a3:e5:e7:62:
3e:9e:ce:41:9c:2c:0d:27:f9:4d:1b:03:18:5e:4b:04:71:46:
5f:9e:8f:2e:b4:46:84:ee:09:bd:82:a8:01:26:59:31:1a:b0:
b3:79:73:67:06:c3:85:a3:6f:69:99:e0:35:67:8a:20:bb:c7:
4e:ac:c4:76:50:1b:43:47:89:b9:85:e0:bc:fc:21:1c:dc:0b:
4b:14:46:e0:2f:81:e2:75:04:ff:5f:d9:ed:65:38:1d:d8:5f:
58:a0:21:7a
-----BEGIN X509 CRL-----
MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTA3MjIxNjE3NDVa
Fw0xODA0MTcxNjE3NDVaMCgwEgIBARcNMTUwNzIyMTYxNzQ1WjASAgECFw0xNTA3
MjIxNjE3NDVaoA4wDDAKBgNVHRQEAwIBBzANBgkqhkiG9w0BAQsFAAOCAQEAf2GR
iozBI/HUmNlnZx7SVCrOuEHR98SIhAGlUtZC0a/myPsTUZ4uGMHnnYOBedM0oxSo
HHueByv7czHOF1JpgMz3/ULjHOBjZnBSgQnMvlECLDOa7CEVgZ96ENCcI/Tmsyvi
Ng77edpSLLz63ZxTa0iwalZce4dTGJTENwO/ExjjpCbgZgzc5ZmEXTZpAfRp1Abr
Q/9P9RdGnbfLRewNnpxKljwLksX73tQ/r6lesW+d14u1q4a26wDasfRtci2b7PMb
LySZ1QR7T/h6Lk627r74UNKWlm/2OsJ/NUiCGoRkA+hYjgzcYpfNgv8Wk6xEFOGu
/PtSJbYNcOzEk0I3rw==
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTExMjMxMjQ5Mzda
Fw0xODA4MTkxMjQ5MzdaMCgwEgIBARcNMTUxMTIzMTI0OTM3WjASAgECFw0xNTEx
MjMxMjQ5MzdaoA4wDDAKBgNVHRQEAwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAM2WU
pZKfbiEPdTrSBfVe8u+MhV+hJ9MlQQbj/XZUhsjP7bOZ6Zve6bS1WXp5mHc6GgjZ
CPytsSJnyIYDJNth5w2SV49x6VnHQorsA/8OwcO7WQbbFHBbIcIZOlKr5hUZMkL3
25B+2D/z5nBht7pWbMeomy5Dp974JZnkK9j7XMNDptlOzXt85G+NEoDekh1zxUGN
msrnrMRJcZ2+RPCj5ediPp7OQZwsDSf5TRsDGF5LBHFGX56PLrRGhO4JvYKoASZZ
MRqws3lzZwbDhaNvaZngNWeKILvHTqzEdlAbQ0eJuYXgvPwhHNwLSxRG4C+B4nUE
/1/Z7WU4HdhfWKAheg==
-----END X509 CRL-----

22
certs/crl/eccCliCRL.pem
View File

@ -2,23 +2,23 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: May 7 18:21:01 2015 GMT
Next Update: Jan 31 18:21:01 2018 GMT
Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions:
X509v3 CRL Number:
4
No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:62:9b:53:ee:21:52:bc:61:e8:ec:7b:f8:28:35:
43:98:b8:57:9c:c7:73:cc:a0:45:e8:b9:96:2e:1c:c6:62:ff:
02:20:2b:64:b8:3a:30:2c:15:7f:cf:57:99:60:9d:51:82:82:
ef:b6:13:cc:86:93:a2:19:41:12:a0:ec:7e:1e:07:09
30:46:02:21:00:e7:d9:ab:e9:39:c3:65:d9:12:3c:c5:31:85:
ad:d6:b8:00:91:24:a3:ff:4d:fc:88:27:3d:7c:e2:2e:ae:0f:
c1:02:21:00:9e:94:0b:f7:1c:e3:21:39:48:ff:d1:b0:b4:48:
38:e3:e4:4b:90:b8:35:8b:7a:0d:79:f5:09:22:85:b1:fe:83
-----BEGIN X509 CRL-----
MIIBJTCBzQIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
MIIBJzCBzQIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL
BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMTUwNTA3MTgyMTAxWhcNMTgwMTMxMTgy
MTAxWqAOMAwwCgYDVR0UBAMCAQQwCgYIKoZIzj0EAwIDRwAwRAIgYptT7iFSvGHo
7Hv4KDVDmLhXnMdzzKBF6LmWLhzGYv8CICtkuDowLBV/z1eZYJ1RgoLvthPMhpOi
GUESoOx+HgcJ
DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMTUxMTIzMTI0OTM3WhcNMTgwODE5MTI0
OTM3WqAOMAwwCgYDVR0UBAMCAQQwCgYIKoZIzj0EAwIDSQAwRgIhAOfZq+k5w2XZ
EjzFMYWt1rgAkSSj/038iCc9fOIurg/BAiEAnpQL9xzjITlI/9GwtEg44+RLkLg1
i3oNefUJIoWx/oM=
-----END X509 CRL-----

20
certs/crl/eccSrvCRL.pem
View File

@ -2,23 +2,23 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Last Update: May 7 18:21:01 2015 GMT
Next Update: Jan 31 18:21:01 2018 GMT
Last Update: Nov 23 12:49:37 2015 GMT
Next Update: Aug 19 12:49:37 2018 GMT
CRL extensions:
X509v3 CRL Number:
5
No Revoked Certificates.
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:0d:fe:b7:79:fb:66:6c:cb:36:0a:1a:f3:6d:73:
ea:68:ab:fc:46:7e:49:bd:15:2a:9f:a1:17:50:56:82:cf:1f:
02:21:00:ff:13:85:80:29:a4:60:54:10:93:fb:20:13:b8:9c:
25:48:53:5e:4b:33:ef:5c:aa:9e:98:74:e0:c8:c3:ef:df
30:45:02:21:00:8a:64:7e:f4:81:8e:83:c1:49:61:47:c6:29:
a6:d5:7b:c2:6d:29:23:f2:25:10:a6:2b:6b:5d:27:4e:e8:fb:
99:02:20:5f:98:76:40:29:c5:c1:c6:9c:ab:e4:aa:df:4b:06:
e9:e7:6a:5c:cf:b1:6b:b1:36:98:32:91:a9:fe:d5:65:eb
-----BEGIN X509 CRL-----
MIIBKDCBzwIBATAKBggqhkjOPQQDAjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTA1MDcxODIxMDFaFw0xODAxMzEx
ODIxMDFaoA4wDDAKBgNVHRQEAwIBBTAKBggqhkjOPQQDAgNIADBFAiAN/rd5+2Zs
yzYKGvNtc+poq/xGfkm9FSqfoRdQVoLPHwIhAP8ThYAppGBUEJP7IBO4nCVIU15L
M+9cqp6YdODIw+/f
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0xNTExMjMxMjQ5MzdaFw0xODA4MTkx
MjQ5MzdaoA4wDDAKBgNVHRQEAwIBBTAKBggqhkjOPQQDAgNIADBFAiEAimR+9IGO
g8FJYUfGKabVe8JtKSPyJRCmK2tdJ07o+5kCIF+YdkApxcHGnKvkqt9LBunnalzP
sWuxNpgykan+1WXr
-----END X509 CRL-----

22
certs/external/ca-globalsign-root-r2.pem vendored Normal file
View File

@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
-----END CERTIFICATE-----

28
certs/external/ca-verisign-g5.pem vendored Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----

4
certs/ocsp/index0.txt Normal file
View File

@ -0,0 +1,4 @@
V 161213070133Z 63 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
V 161213070133Z 01 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
V 161213070133Z 02 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
R 161213070133Z 151201070133Z 03 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com

2
certs/ocsp/index1.txt Normal file
View File

@ -0,0 +1,2 @@
V 161213070133Z 05 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www1.wolfssl.com/emailAddress=info@wolfssl.com
R 161213070133Z 151201070133Z 06 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www2.wolfssl.com/emailAddress=info@wolfssl.com

2
certs/ocsp/index2.txt Normal file
View File

@ -0,0 +1,2 @@
V 161213070133Z 07 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www3.wolfssl.com/emailAddress=info@wolfssl.com
R 161213070133Z 151201070133Z 08 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www4.wolfssl.com/emailAddress=info@wolfssl.com

1
certs/ocsp/index3.txt Normal file
View File

@ -0,0 +1 @@
V 161213070133Z 09 unknown /C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=www5.wolfssl.com/emailAddress=info@wolfssl.com

186
certs/ocsp/intermediate1-ca-cert.pem Normal file
View File

@ -0,0 +1,186 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
1e:07:eb:03:66:a7:54:e8:c5:e1:fe:c9:08:58:91:d8:1b:d6:
c8:69:a5:65:03:a3:1a:f4:eb:9d:cd:4a:c1:9d:cd:ac:39:0b:
49:09:e7:9c:0f:12:cb:3f:29:e1:9c:d1:f4:68:14:02:2e:d3:
fe:3d:63:3c:26:80:38:91:03:c3:52:52:9e:66:4d:59:d1:80:
97:eb:91:99:5f:e7:d5:8e:e7:c4:c0:d3:f3:12:2e:c9:05:3a:
54:ed:38:f3:6f:f3:ae:74:18:47:b5:25:c6:e3:44:8c:27:bd:
3f:bc:e3:f1:0e:e4:50:ff:4c:ec:30:d6:0d:9f:8f:d0:f6:be:
43:73:94:8f:48:97:38:7c:e8:8a:53:fd:02:4e:0f:2c:14:53:
f4:4c:80:8a:09:b2:b8:a8:0e:11:75:a6:15:6a:5f:c8:06:7b:
ff:a3:76:d0:e8:70:0a:e0:b1:6d:88:54:06:c2:04:f9:81:b0:
77:af:a4:80:1b:88:64:5e:db:ff:36:dc:e8:d2:7b:4e:55:40:
3c:f7:cd:33:f9:66:59:2e:9c:18:c7:50:e6:b5:b9:c1:94:3b:
78:46:05:a6:24:41:2a:28:b5:e8:92:d0:0d:47:18:e8:cc:6e:
e8:11:d2:2a:94:47:75:b5:80:f2:e8:83:34:cc:7f:22:8a:9e:
49:be:30:c1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAB4H6wNmp1ToxeH+yQhYkdgb1shppWUDoxr0653NSsGdzaw5C0kJ55wPEss/
KeGc0fRoFAIu0/49YzwmgDiRA8NSUp5mTVnRgJfrkZlf59WO58TA0/MSLskFOlTt
OPNv8650GEe1JcbjRIwnvT+84/EO5FD/TOww1g2fj9D2vkNzlI9Ilzh86IpT/QJO
DywUU/RMgIoJsrioDhF1phVqX8gGe/+jdtDocArgsW2IVAbCBPmBsHevpIAbiGRe
2/823OjSe05VQDz3zTP5ZlkunBjHUOa1ucGUO3hGBaYkQSooteiS0A1HGOjMbugR
0iqUR3W1gPLogzTMfyKKnkm+MME=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/intermediate1-ca-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDetMhcd+AtsfW5
rRZHNaA1ZWXG4UCrHrS5E7fLjLt3pXbabYeH9kpNE+QmPieH7lvHaj9FMGFVXPY1
0WX6mBGjp1XVvpGCS/y+kNZQU2OaLCLhNRHceAKXiuRGkpxTCHbeH1O2uMp3Pnlu
vNDjDTBbTPaUDTApZJ8E5dv7iWBnu68mg1F3JC8rC6GUgRCY6OsmqB585MRsZwaV
VUrdUvTyYG0BKxmRNW2kCEcGcSQA2d7GVvOLUyzimpal82LlxOMj8tL8IeoPYnaN
1ZlIztxYxLt/2pQsgHSDxeCwFX5B/Q7y9PB4dnutJg2qSJYXLyHjlSsmN/mqgC/+
3vZevJd/AgMBAAECggEBAJC4sitEyy1mo+QREpUbyAxq5ASlhDyvK4nJwnpH7dsG
b4HqA1TbO9Vyw6QGZ/HxdzrTVGJF2jp6upSmirqZ73yF1UWdHTmq34eG3347clJR
tCjdL8oxQp3v5//kbimXKoeVm/T1iLyMoKTRlny1qWLrVKFJIK8FcEDijl2bHEbL
fdlPSJTN+y0zWoS3urRi/IPrsob23B4ILj0n+yUR4eOK25I3trqgsqcfTyMhX8tH
eyD4C+ir0j5evnmBhsKL0cUgGxGj8aVdOgab8dlKlDNi7HH5fe/FTMAQ344uege8
D5dytc1H4wWq3le1PsvCh56lyPx7P4BamNzuJ85OnWECgYEA8xSw544oIe6RzMxh
51pYLyf1aU8zd9w0ISkXnXQ4RxcNubbFHLu/S/vSlbE5qqSf128H3XkAP6HT6UJe
JS/WqJbUcdWkzULjj7fLXJ2oer3hrVXq2L9Me1l0XrYoBvRuap15AtQ/cxafxMUZ
HpEWam0EPxoTkTp4EUWi++U09yMCgYEA6org2l1qdqChHw3ihlfl3rKMY/DT+f1b
uMnbMKNhqgyV3ItSh7MnVJurvJ56CQVuVay+T11qfyo3cKzxNYLYTGLvAtBeK/aC
B/hdCvxMBpXd71Vlnz0w6qJi0mkGNNTFGzxwqwPByqP0NyKStPN3W98HwFhiqKmU
y8wpv5ZeUfUCgYEAx1Ba8bLdc10zzbJ0QIgSsK/aCXx4njo/wET6aQ/HqXrctT+J
BlNnur0EYduMhkAwFCylTVMPAh4GLUhO+7zrDReHoMNmOywyfUBeDlXztJkHd+Jw
C0NoSegChDpmPbWk5+SxOcGhORP+8xAN1cNvltpG1hrimn1PwBHSXysEr/MCgYEA
hLVUCPp2dOzqfcHDfLRbcqigWyQ3LOo4bdR5W4n2httcKFAEwJeUF4GFqNIaxuP1
zDBT9mArFAz1FaIlUVvZu073YiY4QrPWW2AidUbQVaGS1AsD1xguh3SeaePXCSmi
5YhLT9huXJRsaI39aLmhva/ymNjp6fkaIj5BGRCiCckCgYEAkZjADCg9gcqJo5oc
RDMpHT8C6SjE6+W0+00AnH1rSK0ev7uAGb6/rOpsShRiGubo7Ekil1MyMuOFmLPK
9K5oi4KKmVfTaPMfm2UnVCC2Dv2nMXkmYdQKiGgwbAhYfu/wGQXj682r2YYD4Xsa
qz7cWosuOKihAVhA52vZ7YacW2c=
-----END PRIVATE KEY-----

186
certs/ocsp/intermediate2-ca-cert.pem Normal file
View File

@ -0,0 +1,186 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4:
6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7:
11:02:a1:ab:58:3d:fb:dc:51:ca:3a:1d:1f:95:a6:
56:82:f7:8f:ff:6b:50:bb:ea:10:e1:47:1d:35:77:
2e:4b:28:c5:53:46:23:2b:82:fd:5a:d3:f4:21:db:
0e:e0:f2:76:33:47:b3:00:be:3a:b1:23:98:53:eb:
ea:a0:de:1b:cc:05:4e:ee:63:a8:2c:93:24:d6:98:
78:74:03:e4:c8:89:43:61:f1:25:b8:cd:3b:87:c1:
31:25:fd:ba:4c:fc:29:94:45:9e:69:d7:67:0a:8a:
8e:d5:52:93:30:a2:0e:dd:6a:1c:b0:94:77:db:52:
52:b7:89:21:be:96:75:24:cb:e9:49:df:81:9d:9d:
f8:55:7d:01:2a:eb:78:03:12:e2:20:6e:db:63:35:
cd:a1:96:f0:f8:8c:20:35:69:87:01:ca:b4:54:36:
a0:15:e0:23:7d:b9:fb:be:99:05:50:f0:bf:ec:7f:
12:e1:3d:75:15:4e:c8:c2:30:e6:8b:fe:e5:8b:55:
f8:44:5e:e5:e3:56:e0:66:2d:6f:42:5a:45:6b:96:
aa:c7:5d:41:08:5f:ce:d7:dc:9f:20:e4:46:78:ff:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
6a:f5:af:1f:f7:43:ef:10:74:6d:1f:e5:2e:72:5f:d1:84:40:
c8:60:79:b7:66:2e:46:39:bf:95:ca:fe:83:0a:8a:f4:52:6e:
d2:d3:a5:54:7b:0c:29:35:a0:75:7a:e5:35:5d:99:0a:d9:13:
ca:80:46:a0:a2:6d:d5:c4:ff:0c:d5:da:ec:54:86:df:ce:a7:
92:1a:c7:f6:12:74:04:74:9f:06:39:82:b1:1e:af:47:de:b5:
b7:21:c1:3b:22:27:e3:d0:3f:70:d3:27:1c:63:e0:01:12:80:
20:e7:ac:6c:f0:8f:7a:72:54:8a:21:2d:0e:17:6c:9d:01:fd:
42:96:e1:7a:d5:43:d5:65:9b:0b:7c:dd:b6:90:da:cc:3c:d7:
7a:d3:e2:63:07:e3:96:a7:96:84:d6:0c:9e:31:e0:72:cd:91:
54:cf:16:38:af:c8:23:04:ce:98:2c:61:11:28:70:d7:34:69:
55:b7:e0:5b:87:a6:c4:a4:c5:bf:8f:e0:04:5d:e4:14:22:04:
21:a1:9b:01:19:50:29:03:9d:81:be:e4:ba:4d:68:1c:2f:e4:
e6:05:02:c2:e7:b4:ef:45:be:80:dc:a3:86:58:cf:02:cf:6a:
69:8d:2b:69:69:cd:81:27:63:e8:2d:55:2a:00:de:0b:15:2c:
53:95:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA8NRlvLES0fkLHdbRqK6kj
hb+HtO7K10sfMdcRAqGrWD373FHKOh0flaZWgveP/2tQu+oQ4UcdNXcuSyjFU0Yj
K4L9WtP0IdsO4PJ2M0ezAL46sSOYU+vqoN4bzAVO7mOoLJMk1ph4dAPkyIlDYfEl
uM07h8ExJf26TPwplEWeaddnCoqO1VKTMKIO3WocsJR321JSt4khvpZ1JMvpSd+B
nZ34VX0BKut4AxLiIG7bYzXNoZbw+IwgNWmHAcq0VDagFeAjfbn7vpkFUPC/7H8S
4T11FU7IwjDmi/7li1X4RF7l41bgZi1vQlpFa5aqx11BCF/O19yfIORGeP/ZmQID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUBdG6hgCi7ioFJLcR
rS1g8ZAUjxcwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAGr1rx/3Q+8QdG0f5S5yX9GEQMhgebdmLkY5v5XK/oMKivRSbtLTpVR7DCk1
oHV65TVdmQrZE8qARqCibdXE/wzV2uxUht/Op5Iax/YSdAR0nwY5grEer0fetbch
wTsiJ+PQP3DTJxxj4AESgCDnrGzwj3pyVIohLQ4XbJ0B/UKW4XrVQ9Vlmwt83baQ
2sw813rT4mMH45anloTWDJ4x4HLNkVTPFjivyCMEzpgsYREocNc0aVW34FuHpsSk
xb+P4ARd5BQiBCGhmwEZUCkDnYG+5LpNaBwv5OYFAsLntO9FvoDco4ZYzwLPammN
K2lpzYEnY+gtVSoA3gsVLFOVcik=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/intermediate2-ca-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDQIDw1GW8sRLR+
Qsd1tGorqSOFv4e07srXSx8x1xECoatYPfvcUco6HR+VplaC94//a1C76hDhRx01
dy5LKMVTRiMrgv1a0/Qh2w7g8nYzR7MAvjqxI5hT6+qg3hvMBU7uY6gskyTWmHh0
A+TIiUNh8SW4zTuHwTEl/bpM/CmURZ5p12cKio7VUpMwog7dahywlHfbUlK3iSG+
lnUky+lJ34GdnfhVfQEq63gDEuIgbttjNc2hlvD4jCA1aYcByrRUNqAV4CN9ufu+
mQVQ8L/sfxLhPXUVTsjCMOaL/uWLVfhEXuXjVuBmLW9CWkVrlqrHXUEIX87X3J8g
5EZ4/9mZAgMBAAECggEAR2vofWhfCFgDgJi2DiR9ksIWWJ2jmmmf3kX/TIE7ayXD
wSJ0PeUresnnvtk4MvV1yvcu2221oTlgQqrFjjFNlggppZLsErFNxBiCgJt0CKEA
Qq8FQSiv64y4FcBi1Z60uYYlfjZ4m9Py8g0sA81m/ENe6I41cZ7QmPL7bdPTCPhE
cGwPKjkw1xwDn6EeK5x5sscfCrlKXsH4zhXH67r2iwQ7x5+t4pWApdT15rMX+r0E
HzBoj4wjhR7yo9nZDqhBZiOJF/zQGTCkj6J451Rj47s42fLTYgVyW5D1DO9wBvQQ
i7AwwDuimVqKNGW7J/oRjhiBAKFr2IOGcAFJJbM3SQKBgQD1JRO9umdNfqj38kw5
DMeydVITvhYjSfc+F2R1hldX9kSdowttJ3GwArnjsZLSfttj7/gnRVPJC+OWvJGm
AmegmCXJGl/mtDAlN+MDJw2/KEdcC4CHMqRokrNNF3zafbTDIDq24kAMx1wef46k
8+9F3IPY+arD50LSkS5+gUUk1wKBgQDZV4R9yCeAE8o+ejks7lBC8kk5CxZKbXPA
o4vPHGKOknmZGqfKJY9Auk7nk4g56K9GxlotlsjwCwuSBdkqjDkqMypHG9odh6s8
8iFjVGvJvY6x+PXONW6cjG2K6Lif0o0/bx+C+2Sy05koV1eYY4+EskafqTxbQgSa
0t85a6u3DwKBgGK4g7KsFl3G3BS9pqRy2Ris1ljM++1KJB8FHJeXeiUaL5eryTYz
5DyVXHatVAsguwkL4ksuSAd2mjhhx+WqokCyBMVvsZ8egST71Je4anjIp7QRjbjk
VAEo0rwA8W6roNfTatGrW0/KGPbPN4qGEZ14qEAAixxJTUeu36JiPI4RAoGASK43
pEh2zSHRFCuTSy82r+yOCAFpJuKLPvRyIISBgOQCvexoB/WffinPkSmI+LSTSLu0
FGLEN2G6MM673LqfszkA/l6WBiIEZZEjETB+CyzUtzdmG9tKbheX2kgQ1YF3sqra
gtbGyfZw1UjABjnlGJ71dxcFFA9zssKp223iMokCgYAEBpHy/x90qWR6d9ApXZnC
PMvcZCa2EgQWBabOkyxF7Ao8mIu0K4rqRM9XBlboRRBQdEP3qL7whJ2voZ7frZYH
E9hcwnH4F6rBki9PHbEaU80FfTUplKr+qMJavhQ8O1zGhWr7JSF6ByqTQDYWI8BX
3Q6DAbgdQeeCKFpi4256AA==
-----END PRIVATE KEY-----

186
certs/ocsp/intermediate3-ca-cert.pem Normal file
View File

@ -0,0 +1,186 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:c5:04:10:7d:c2:21:e9:12:45:da:d5:ba:28:
fd:a6:f4:30:44:a0:df:f9:70:5e:17:26:97:59:5c:
31:eb:13:70:ea:4a:dd:58:3e:4f:33:14:66:59:69:
7a:aa:90:e0:7c:c4:b2:36:c1:0a:f4:df:3e:34:6c:
1a:e9:2b:f1:a5:92:7e:a9:68:70:ba:a4:68:88:f3:
ec:10:40:64:a5:64:7d:d9:1e:51:49:9d:7f:c8:cc:
2b:6d:71:2a:06:ff:e6:1f:84:28:8a:c1:ed:a8:52:
f4:89:a5:c0:77:d8:13:66:c2:65:a5:63:03:98:b0:
4b:05:4f:0c:84:a0:f4:2d:72:73:6b:fa:0d:e1:cf:
45:27:ed:a3:8c:02:d7:ee:99:e2:a1:f0:e3:a0:ad:
69:ed:59:e4:27:41:8f:ef:fa:83:73:8f:5f:2b:68:
89:13:46:26:dc:f6:28:6b:3b:b2:b8:9b:52:2a:17:
1b:dc:72:45:73:da:75:24:35:8b:00:5e:23:37:64:
6a:16:74:b8:ee:fe:b7:11:71:be:0a:73:c8:54:c2:
d9:04:d2:1b:f5:53:ac:8d:2a:4f:fe:33:79:e6:5e:
e7:f3:86:d3:dc:bb:4b:d7:39:7f:5b:3c:67:fe:5e:
88:51:05:96:f2:b4:9a:45:09:4c:51:f0:6a:4d:88:
2a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
BB:15:9E:32:4D:E0:F8:AA:8A:B0:2E:0C:17:2B:5A:41:74:4B:06:45
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
0c:5e:0d:55:3c:e7:fb:5e:c2:09:19:c8:0b:f4:c2:b2:2b:14:
79:dc:e8:63:f6:8a:0c:03:57:9e:15:47:7e:b6:15:a3:71:90:
01:11:39:4b:ff:3d:13:34:e4:f3:5b:a3:6c:58:4f:00:d5:c4:
b0:63:6c:90:c9:89:a8:5d:16:87:0a:da:08:40:12:b4:94:00:
3e:44:00:13:de:34:75:90:38:79:d4:c2:39:6d:ed:17:cb:7e:
50:ff:da:0b:eb:49:1a:66:e6:dd:eb:66:a5:92:ef:68:d5:c9:
93:8f:aa:c7:2a:92:6b:95:af:3d:74:de:aa:29:fd:c9:53:56:
ad:9f:e0:05:d1:97:0c:01:3b:f1:c6:a6:90:7e:5c:08:11:5e:
c1:77:5d:64:09:56:ea:78:29:15:a3:ea:44:2a:4c:d6:09:a7:
a0:5f:05:54:2a:61:ca:7a:09:07:14:34:c2:0d:c5:93:cd:28:
8b:62:26:af:30:25:8a:f1:da:65:fa:db:da:84:ab:d5:0c:37:
ae:5d:95:bd:55:2a:4b:09:e0:d3:3d:8b:3c:ea:f2:b9:68:5e:
e6:21:53:8b:28:78:39:f4:bf:9b:dc:92:bc:4b:14:06:fe:17:
21:64:be:af:20:e8:e7:fb:67:c8:5e:ec:59:bf:27:a4:cb:e3:
8a:6d:c3:ac
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sUEEH3CIekSRdrV
uij9pvQwRKDf+XBeFyaXWVwx6xNw6krdWD5PMxRmWWl6qpDgfMSyNsEK9N8+NGwa
6SvxpZJ+qWhwuqRoiPPsEEBkpWR92R5RSZ1/yMwrbXEqBv/mH4QoisHtqFL0iaXA
d9gTZsJlpWMDmLBLBU8MhKD0LXJza/oN4c9FJ+2jjALX7pniofDjoK1p7VnkJ0GP
7/qDc49fK2iJE0Ym3PYoazuyuJtSKhcb3HJFc9p1JDWLAF4jN2RqFnS47v63EXG+
CnPIVMLZBNIb9VOsjSpP/jN55l7n84bT3LtL1zl/Wzxn/l6IUQWW8rSaRQlMUfBq
TYgqFwIDAQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUuxWeMk3g
+KqKsC4MFytaQXRLBkUwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5y
FSGhgZ2kgZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAw
DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcN
AQELBQADggEBAAxeDVU85/tewgkZyAv0wrIrFHnc6GP2igwDV54VR362FaNxkAER
OUv/PRM05PNbo2xYTwDVxLBjbJDJiahdFocK2ghAErSUAD5EABPeNHWQOHnUwjlt
7RfLflD/2gvrSRpm5t3rZqWS72jVyZOPqscqkmuVrz103qop/clTVq2f4AXRlwwB
O/HGppB+XAgRXsF3XWQJVup4KRWj6kQqTNYJp6BfBVQqYcp6CQcUNMINxZPNKIti
Jq8wJYrx2mX629qEq9UMN65dlb1VKksJ4NM9izzq8rloXuYhU4soeDn0v5vckrxL
FAb+FyFkvq8g6Of7Z8he7Fm/J6TL44ptw6w=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/intermediate3-ca-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDexQQQfcIh6RJF
2tW6KP2m9DBEoN/5cF4XJpdZXDHrE3DqSt1YPk8zFGZZaXqqkOB8xLI2wQr03z40
bBrpK/Glkn6paHC6pGiI8+wQQGSlZH3ZHlFJnX/IzCttcSoG/+YfhCiKwe2oUvSJ
pcB32BNmwmWlYwOYsEsFTwyEoPQtcnNr+g3hz0Un7aOMAtfumeKh8OOgrWntWeQn
QY/v+oNzj18raIkTRibc9ihrO7K4m1IqFxvcckVz2nUkNYsAXiM3ZGoWdLju/rcR
cb4Kc8hUwtkE0hv1U6yNKk/+M3nmXufzhtPcu0vXOX9bPGf+XohRBZbytJpFCUxR
8GpNiCoXAgMBAAECggEAFkESRd96TE7vT2EsJru/kzUjuUdk+JM8Iw3s4rVuGzDG
//DYqd8XpF+uVdJOucldU7mGoCeqw4mlujDug0qrikHXO28+i7au5rePZpQ4ObmP
ROhdcIA2asXStM0wSKC5yX43Wp1C86TN3w5a6t4AGizjYKFCk7dQ10ftVTaLDhsI
I4uuEZAHA7ruKmQp1DbE+/696kY4GUh2SXYQxee1zb/yYDvA6lGhuDW2Jev+4v4l
+1LZq8E2bE4GsmiLEALiHAdGvOrkZ5MUkiHVTnhGz7THK0OMj/4dJlNCwusyO+O5
4Zr2LJQ2rnAtVGdtKuVsgwHwQBPpV9bJPkDXEzlXUQKBgQD38kxnjJ5nv0plMA+E
QViItp0qgQeXX18YTlh8yicqVe+t9kKnHm1tqZx/djvvR/51p0SkMfWNvMn8JYXa
dfT3ZX0djrzR9o6FgR8rL+LmPg6jyIn71wBqmMf7A6WQVYuG7fQk3IJNtx52BKcS
f8r2tsdPX8d/FBsCn3m/ZxaEyQKBgQDmAV5xxTbJKdea5pfH33BOCp6HTqSYgf4Y
/5GEO0YLmQoBXAKbX+zcAeiaOt5WvLQgw7LfkznitPlxCkpHr9VcgVarlEjXHa7y
SeJfik5cIFbMZtXqaQ/DIUvOTgnb/ngLxEdrzX4JUnlv/z1BEhWvEYaHn0asEsc4
zbbcKoEH3wKBgQDRisobcPGmSDm9TmKuqPMDhyFH/IfH2+foCL4rqER1OO84G7i0
t7hPR1plNizsyfE4yUXvZfFZ+cTR/Xwj5jBCrFiSlEDrSO2l0jvfKbceUi/ZJu/G
ECvf6oKHlstjMYibXZpJVLoip7Fsl/4CWlHTMyE56X4V3Y3+J3yiz6JuUQKBgDPS
byMXGibs5IUkG2KPN1B+GAXIdFFgSI39Vx4B9OA8FQMFZhj33fgb/fpx9RJ55ePT
9ANnuo0X1XPgq6fHOD1lbs+t01OUfoxclUKNeOZM6wGW0e/EyCZg5CGRd6s3hHiy
Op1RaWpUSMQxL+3vUy9ktXjtLBEtEfH8d4zXjsblAoGBAMPAdSskbG+upEYcNR2O
++R9X8BkWhaTDqkAuygsGJDomIgH89wROdlTnsi5LXe/r3uCocRC+M1ChRXm7Zqs
81QjVdls6HVZu5rG82S8itqdXHOXCajb1ls+lNiu7/9tPJVmpYfjfjD4/QHV0vF/
FqdfthIOUXePjrAKccJDiJIk
-----END PRIVATE KEY-----

182
certs/ocsp/ocsp-responder-cert.pem Normal file
View File

@ -0,0 +1,182 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL OCSP Responder/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b8:ba:23:b4:f6:c3:7b:14:c3:a4:f5:1d:61:a1:
f5:1e:63:b9:85:23:34:50:6d:f8:7c:a2:8a:04:8b:
d5:75:5c:2d:f7:63:88:d1:07:7a:ea:0b:45:35:2b:
eb:1f:b1:22:b4:94:41:38:e2:9d:74:d6:8b:30:22:
10:51:c5:db:ca:3f:46:2b:fe:e5:5a:3f:41:74:67:
75:95:a9:94:d5:c3:ee:42:f8:8d:eb:92:95:e1:d9:
65:b7:43:c4:18:de:16:80:90:ce:24:35:21:c4:55:
ac:5a:51:e0:2e:2d:b3:0a:5a:4f:4a:73:31:50:ee:
4a:16:bd:39:8b:ad:05:48:87:b1:99:e2:10:a7:06:
72:67:ca:5c:d1:97:bd:c8:f1:76:f8:e0:4a:ec:bc:
93:f4:66:4c:28:71:d1:d8:66:03:b4:90:30:bb:17:
b0:fe:97:f5:1e:e8:c7:5d:9b:8b:11:19:12:3c:ab:
82:71:78:ff:ae:3f:32:b2:08:71:b2:1b:8c:27:ac:
11:b8:d8:43:49:cf:b0:70:b1:f0:8c:ae:da:24:87:
17:3b:d8:04:65:6c:00:76:50:ef:15:08:d7:b4:73:
68:26:14:87:95:c3:5f:6e:61:b8:87:84:fa:80:1a:
0a:8b:98:f3:e3:ff:4e:44:1c:65:74:7c:71:54:65:
e5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
32:67:E1:B1:79:D2:81:FC:9F:23:0C:70:40:50:B5:46:56:B8:30:36
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Extended Key Usage:
OCSP Signing
Signature Algorithm: sha256WithRSAEncryption
47:86:d8:ff:a5:6e:18:e4:28:b7:8a:74:f6:81:97:89:be:c7:
cf:8d:1e:15:c2:d3:e1:ff:3e:82:b8:6d:8f:92:c8:a2:55:ff:
df:7a:ed:2b:ee:d5:6f:d3:9e:8e:30:d0:08:d3:6a:39:8f:23:
45:a3:2d:e6:99:d4:18:49:a3:f9:17:88:b5:68:86:c8:8c:17:
a7:ac:6a:a6:46:6f:b1:a4:6b:f8:8d:e5:d8:68:75:ca:a6:2d:
36:72:12:0d:1f:12:af:c2:90:e7:bf:4a:3a:f2:02:a0:89:dd:
6b:f8:92:4b:9b:9c:69:5a:24:a7:3f:9b:b9:8e:60:ef:33:54:
cf:aa:53:01:c2:f9:0d:9d:75:bc:c9:09:0f:40:06:6f:ab:f9:
f2:e7:0d:26:84:24:0c:b0:b2:bb:f0:13:e1:bc:82:e7:48:ce:
46:d2:36:e6:d9:7a:4e:b3:d3:55:6c:93:a0:6c:1a:83:d5:22:
a1:2c:84:e7:cc:9e:a5:ef:d5:e1:85:36:38:c5:35:a6:87:49:
74:2c:b0:7c:3d:e7:68:47:5d:46:35:cb:d3:9c:bb:8c:8a:3e:
fd:f9:42:ad:7d:c4:bf:0a:d9:e2:49:04:14:24:11:c1:a4:3d:
86:93:6e:0c:55:49:ed:3f:f9:82:ec:f8:26:3e:bf:9f:33:21:
41:55:23:8c
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBnjELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQDDBZ3b2xmU1NMIE9DU1Ag
UmVzcG9uZGVyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLojtPbDexTDpPUdYaH1HmO5hSM0
UG34fKKKBIvVdVwt92OI0Qd66gtFNSvrH7EitJRBOOKddNaLMCIQUcXbyj9GK/7l
Wj9BdGd1lamU1cPuQviN65KV4dllt0PEGN4WgJDOJDUhxFWsWlHgLi2zClpPSnMx
UO5KFr05i60FSIexmeIQpwZyZ8pc0Ze9yPF2+OBK7LyT9GZMKHHR2GYDtJAwuxew
/pf1HujHXZuLERkSPKuCcXj/rj8ysghxshuMJ6wRuNhDSc+wcLHwjK7aJIcXO9gE
ZWwAdlDvFQjXtHNoJhSHlcNfbmG4h4T6gBoKi5jz4/9ORBxldHxxVGXlOQIDAQAB
o4IBCjCCAQYwCQYDVR0TBAIwADAdBgNVHQ4EFgQUMmfhsXnSgfyfIwxwQFC1Rla4
MDYwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2kgZowgZcx
CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG
A1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFjMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
AQBHhtj/pW4Y5Ci3inT2gZeJvsfPjR4VwtPh/z6CuG2PksiiVf/feu0r7tVv056O
MNAI02o5jyNFoy3mmdQYSaP5F4i1aIbIjBenrGqmRm+xpGv4jeXYaHXKpi02chIN
HxKvwpDnv0o68gKgid1r+JJLm5xpWiSnP5u5jmDvM1TPqlMBwvkNnXW8yQkPQAZv
q/ny5w0mhCQMsLK78BPhvILnSM5G0jbm2XpOs9NVbJOgbBqD1SKhLITnzJ6l79Xh
hTY4xTWmh0l0LLB8PedoR11GNcvTnLuMij79+UKtfcS/CtniSQQUJBHBpD2Gk24M
VUntP/mC7PgmPr+fMyFBVSOM
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

27
certs/ocsp/ocsp-responder-key.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAuLojtPbDexTDpPUdYaH1HmO5hSM0UG34fKKKBIvVdVwt92OI
0Qd66gtFNSvrH7EitJRBOOKddNaLMCIQUcXbyj9GK/7lWj9BdGd1lamU1cPuQviN
65KV4dllt0PEGN4WgJDOJDUhxFWsWlHgLi2zClpPSnMxUO5KFr05i60FSIexmeIQ
pwZyZ8pc0Ze9yPF2+OBK7LyT9GZMKHHR2GYDtJAwuxew/pf1HujHXZuLERkSPKuC
cXj/rj8ysghxshuMJ6wRuNhDSc+wcLHwjK7aJIcXO9gEZWwAdlDvFQjXtHNoJhSH
lcNfbmG4h4T6gBoKi5jz4/9ORBxldHxxVGXlOQIDAQABAoIBAGI2tR1VxYD+/TYL
DGAIV+acZtqeaQYKMf8x++eG4SrQo6/QP8HDFFqzO0yV2SC0cRtJZ5PzCHxCRSaG
Nd8EL2NMWOazUwW0c/yLtTypOPSeg2Mf+3SwLvgxOZ9CbFQ8YAJi+vbNOPLGCijL
N0HWEkcC1P1kWWgKCWIloR7eEt0IQOb5PPSCu3buq/rForb6qUf+L+ESpWed6bnc
uhIrHDuQ/PopW05fW1r61zI286wKdLRyatQsljNqPvVdFVhtCKqCqMHdIzMg2cbh
q9DJMWc/KLjzBk6YPMZKm/4k4RXj+IwS+iITbpUNrhYj2TMevBMPW3AIRobD823D
ehQv+rECgYEA3CWL+G9zJ5PXRDAdQ69lN+CE/Uf9444CN5idMO+qRQ+QE8hWYT/U
PFH/aUgd1k3WJZseR/GTWx29VsRPSDWZXzwzLfUNKnqvp0b2oZe/EdYiRSo8OCPp
kF07HbTKe4Cyma7HdgDkNkS+UW5JujnuLcuee+wTq6xU0289juwFBc8CgYEA1s/d
VtwXqBf3qMxfi+eMa77fqxptAFGtZNKNkYwX42Ow6Hehj8EnoPqYEF+9MzKn/BFh
ROnQ76axKBN8mkRUjpv7d2+zMlDnGrWul8q6VrfGiU2P7jd4L6GY/V1MYktnIBsd
Ld/jW8P0FFfI2RIREPWdrATxBhQpTJfXd/7rLncCgYB1wrvyBCQUSrg/KIGvADbj
wf1Bw23jeMZk2QVU9Q8e7ClE+8iBMvSj47T9q28SgQaJjUWQdIA/oFP1AwPp+4n0
cK5r6gbF72Tg1Uv+ur6hmuswFlyqJ0O8TrLdvCUIFZr0LJNT4zwwb2tjAdz8ehqX
crFvVqRbE884XuwN9ODm7wKBgQDIEnKlI/kkpq4UmcWkGNXAxNauFr7PPUOyVCln
FoRpVcC/xCzGJ7ExTjWzing950BulgFynhPsIeV+3id/x4S6Dq34YCEXDCMzzWQA
HOHRQvm3iHY1+ZQHSQulb/Bk3LYAQUC8KXspTSlYiSqYgytCEIH6Zd/XOY/9tq8J
JHUHoQKBgHYIB2mRCuDK5C3dCspdPVeAUqptK1nnXxWY/MXA6v+M4wFsIxV7Iwg7
HEjeD5yKH4619syPCFz3jrCxL0oJqVTD2tnrbLf8idEt2eaV/3o2mUGFjvWpTywg
F8DewhrGh6z7FWHp4cMrxpq1hkdi6k+481T1GKBJ1zBSTzskTHQB
-----END RSA PRIVATE KEY-----

8
certs/ocsp/ocspd0.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22220 -nmin 1 \
-index certs/ocsp/index0.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/root-ca-cert.pem \
$@

8
certs/ocsp/ocspd1.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22221 -nmin 1 \
-index certs/ocsp/index1.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate1-ca-cert.pem \
$@

8
certs/ocsp/ocspd2.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22222 -nmin 1 \
-index certs/ocsp/index2.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate2-ca-cert.pem \
$@

8
certs/ocsp/ocspd3.sh Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
openssl ocsp -port 22223 -nmin 1 \
-index certs/ocsp/index3.txt \
-rsigner certs/ocsp/ocsp-responder-cert.pem \
-rkey certs/ocsp/ocsp-responder-key.pem \
-CA certs/ocsp/intermediate3-ca-cert.pem \
$@

42
certs/ocsp/openssl.cnf Normal file
View File

@ -0,0 +1,42 @@
#
# openssl configuration file for OCSP certificates
#
# Extensions to add to a certificate request (intermediate1-ca)
[ v3_req1 ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
authorityInfoAccess = OCSP;URI:http://localhost:22221
# Extensions to add to a certificate request (intermediate2-ca)
[ v3_req2 ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
authorityInfoAccess = OCSP;URI:http://localhost:22222
# Extensions to add to a certificate request (intermediate3-ca)
[ v3_req3 ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
authorityInfoAccess = OCSP;URI:http://localhost:22223
# Extensions for a typical CA
[ v3_ca ]
basicConstraints = CA:true
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage = keyCertSign, cRLSign
authorityInfoAccess = OCSP;URI:http://localhost:22220
# OCSP extensions.
[ v3_ocsp ]
basicConstraints = CA:false
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
extendedKeyUsage = OCSPSigning

54
certs/ocsp/renewcerts.sh Executable file
View File

@ -0,0 +1,54 @@
openssl req \
-new \
-key root-ca-key.pem \
-out root-ca-cert.csr \
-subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com"
openssl x509 \
-req -in root-ca-cert.csr \
-extfile openssl.cnf \
-extensions v3_ca \
-days 1000 \
-signkey root-ca-key.pem \
-set_serial 99 \
-out root-ca-cert.pem
rm root-ca-cert.csr
openssl x509 -in root-ca-cert.pem -text > tmp.pem
mv tmp.pem root-ca-cert.pem
# $1 cert, $2 name, $3 ca, $4 extensions, $5 serial
function update_cert() {
openssl req \
-new \
-key $1-key.pem \
-out $1-cert.csr \
-subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=$2/emailAddress=info@wolfssl.com"
openssl x509 \
-req -in $1-cert.csr \
-extfile openssl.cnf \
-extensions $4 \
-days 1000 \
-CA $3-cert.pem \
-CAkey $3-key.pem \
-set_serial $5 \
-out $1-cert.pem
rm $1-cert.csr
openssl x509 -in $1-cert.pem -text > $1_tmp.pem
mv $1_tmp.pem $1-cert.pem
cat $3-cert.pem >> $1-cert.pem
}
update_cert intermediate1-ca "wolfSSL intermediate CA 1" root-ca v3_ca 01
update_cert intermediate2-ca "wolfSSL intermediate CA 2" root-ca v3_ca 02
update_cert intermediate3-ca "wolfSSL REVOKED intermediate CA" root-ca v3_ca 03 # REVOKED
update_cert ocsp-responder "wolfSSL OCSP Responder" root-ca v3_ocsp 04
update_cert server1 "www1.wolfssl.com" intermediate1-ca v3_req1 05
update_cert server2 "www2.wolfssl.com" intermediate1-ca v3_req1 06 # REVOKED
update_cert server3 "www3.wolfssl.com" intermediate2-ca v3_req2 07
update_cert server4 "www4.wolfssl.com" intermediate2-ca v3_req2 08 # REVOKED
update_cert server5 "www5.wolfssl.com" intermediate3-ca v3_req3 09

93
certs/ocsp/root-ca-cert.pem Normal file
View File

@ -0,0 +1,93 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/root-ca-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCrLLQvHQYJ704p
hoR+zL+meXzwwMFkJYx1txAFykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRx
kK3MBbmfFccKP19p9ApfjHG1LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4
hc0BiKzFsrFZuM1a9AkJOJvaWs/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4
yHDM4WcGsysvk7Vpz4N+iFObD0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tb
ipKXrf2XuXXKwtRFfRdrzS/zY3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsV
roxb+ZmBAgMBAAECggEAd0Qjm3wOfBeYD0jhwnOoyTZ2vkyfssaS0mYlrNMfaM12
iqYBELQo5miReaHZ5ZfYCweNX8guVUAkMCiNX81RYy3KTDKRqYJXQ/HYPFMcXXP2
7Ja6jMfub1FXJ1xULtJs/5XilVwxad1ZgHbBu2LedrUl6wzfUJMeRKWDuiVyCzpK
J2+F1iVH+whBI/eN8qopHM4JeR0W9k7rFJayQZ9iAIfrl2In1hTay9S7HCEdmWz/
BVI818QXsgCuulR9G2erS0gS181P090YcZeuzh5YfvAnzn7m8BTboJojix5pkfQt
gM5E7YD4nYU1V796P2cfAaMJoQyCW4NSn+kwgLT5rQKBgQDXnHvs/fk+gxFiBt/U
tRfU+iUoiMofrcAZswMBvOZVy40RbtxuNXwnGo9+Bko7XVKekVO6TGUyPSpv1VXR
QCjlk+PsXyx0DD2+Hb3r69wXJ3Wfxe0K+p6CHIuspJUmNrHdpJOBTO8GbHNxuaD/
kDJvBq+ZkXEKUm9a5BeU5WiwMwKBgQDLPUkr+Mm2pJIIEBF8z3Lr3bWIbZsinxhM
ErQRAQC0J+oBj1kuUoXYoh1hzQK/E90bM2fRUMhgVGIBvwDMv0c+Z2Fb6zK0r3mP
dOLYGOrfavl/f7zhd4TjzPkAF1fbbYbciFQIWW3//q8PXY68eKvwrhGqT+CCwLef
tWC3xrpLewKBgQC7Ht7abgxa+UsjxQ2Kv+O//Zw0EotAdP2sEBUC9Br+yJpUT99U
cmyeT0nLONBBtxtV7JA6tcR5lmX3CrHg2Yrku7XqVSrySBFppsxGLLslCSTnFdJE
Xf8ksntxyKB8uqkgz40IgWlMLOEACPc19MIgYzAQ2g29xI9J1Xy1x2dUywKBgBFo
HVU7yKLw82TnY2gKKHCVG5Akuw27DIyvaWavbE0BwiQCEARMoxQLxnJy6ZJN9Dj5
LSIbRh4h/AbkQgBHPaXVmtwRh9U71jB4NVmGwM8DzXyjBx1UbDhKfOUKGsc7WTqY
HoJcjnRHbtzlCW2Q9ED316F7l+H6+X8fPLpgteHzAoGARc6B/pWJWkUVM87ObGmr
hiA5YByyC6Rq8HyFEeXiS2fiQPfQF0UC9Qxq9/CBkezb8v+Yb/UT4ieL26c270s5
JkyYqMoBLgkOKG6nPDD4hxoR24cFmC090RNQOhwwHskh+KjVmf3c/m9wNBSdHTpt
URu+xdmbaoKaH9dIJMUKasc=
-----END PRIVATE KEY-----

279
certs/ocsp/server1-cert.pem Normal file
View File

@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www1.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e6:96:55:75:cf:8a:97:68:8c:b6:38:f6:7a:05:
be:33:b6:51:47:37:8a:f7:db:91:be:92:6b:b7:00:
8c:f2:c5:24:6e:18:e9:92:00:81:01:dc:b3:4c:28:
a9:b7:80:f1:96:cf:23:7a:2f:ae:f8:e3:0f:2d:d3:
5e:23:e7:db:4c:b2:5d:89:16:17:be:be:81:db:fb:
12:6d:28:4b:10:a0:12:04:27:c1:c9:d0:79:95:ef:
e8:8d:8c:59:9b:4e:72:7d:bc:49:2b:22:4e:f8:4f:
e2:0c:f1:e9:e9:97:f9:df:8c:5a:0a:aa:38:1d:43:
04:a3:a7:89:a1:e2:83:a4:4b:b5:4e:45:88:a6:22:
5d:ac:a9:58:67:88:c1:d5:61:ef:bd:11:05:27:94:
47:bb:33:a5:8a:ca:ee:1f:8d:c0:6e:24:af:cd:ca:
bf:80:47:71:95:ac:a9:f1:5d:23:6c:f5:4b:b4:a9:
e1:c4:66:fb:e5:c4:a1:9f:a7:51:d1:78:cd:2e:b4:
3f:2e:e2:82:f3:7f:c4:a7:f4:31:cf:76:27:3f:db:
2e:d2:6e:c3:47:23:82:a3:48:40:8c:a7:c1:13:f0:
63:50:54:43:f6:71:12:e1:6f:a5:7a:58:26:f7:fd:
8b:3b:70:18:a0:43:ba:01:6b:b3:f8:d5:be:05:13:
64:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
CC:55:15:00:E2:44:89:92:63:6D:10:5D:B9:9E:73:B6:5D:3A:19:CA
X509v3 Authority Key Identifier:
keyid:83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:01
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22221
Signature Algorithm: sha256WithRSAEncryption
cc:2e:e2:e4:a8:f6:e8:73:e4:e8:d9:ee:05:e6:2c:a9:0f:54:
d5:b0:be:ce:20:a6:12:38:63:b8:19:32:c1:12:2f:d4:ee:a5:
73:2b:72:5c:ad:c7:ed:d7:a4:5e:97:d2:a4:fd:9e:db:3d:e0:
df:a2:96:a9:36:c8:e3:f9:93:d6:84:dc:ad:a4:5f:1e:d4:af:
de:b4:05:9a:e5:ac:c6:b4:f4:9b:69:a0:e8:81:28:32:d7:a0:
83:1b:2d:18:92:87:33:3f:23:11:11:f5:c9:01:11:35:de:44:
8d:1d:6b:c4:3a:20:72:64:5d:c1:59:60:cb:5c:3b:ca:a0:27:
ab:e6:6c:ac:31:ec:a9:3a:a0:ec:10:e5:48:34:9b:d3:1c:9e:
1e:93:2a:ba:47:40:b6:5d:45:c4:b9:cb:d6:63:5b:1a:70:26:
23:f6:0a:41:53:de:ba:02:db:df:ce:df:6d:7a:9c:85:55:a4:
01:3e:f5:d1:9c:4a:59:bf:1f:f5:83:fa:92:9a:3d:80:4d:49:
aa:f6:92:5f:94:ee:ef:38:b3:71:9f:96:30:7d:b2:d2:8d:bb:
16:ed:e1:6f:cd:8e:4e:d2:e0:5b:59:5c:dd:95:de:9f:69:63:
d4:b2:54:52:51:40:e5:50:5c:4b:1c:5e:51:5b:10:b7:19:1f:
31:08:70:cb
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
MS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOaWVXXPipdojLY49noFvjO2
UUc3ivfbkb6Sa7cAjPLFJG4Y6ZIAgQHcs0woqbeA8ZbPI3ovrvjjDy3TXiPn20yy
XYkWF76+gdv7Em0oSxCgEgQnwcnQeZXv6I2MWZtOcn28SSsiTvhP4gzx6emX+d+M
WgqqOB1DBKOniaHig6RLtU5FiKYiXaypWGeIwdVh770RBSeUR7szpYrK7h+NwG4k
r83Kv4BHcZWsqfFdI2z1S7Sp4cRm++XEoZ+nUdF4zS60Py7igvN/xKf0Mc92Jz/b
LtJuw0cjgqNIQIynwRPwY1BUQ/ZxEuFvpXpYJvf9iztwGKBDugFrs/jVvgUTZDEC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFMxVFQDiRImSY20QXbme
c7ZdOhnKMIHEBgNVHSMEgbwwgbmAFIPGOoksgfQC151M4irAcYJkRNoOoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
AQDMLuLkqPboc+To2e4F5iypD1TVsL7OIKYSOGO4GTLBEi/U7qVzK3Jcrcft16Re
l9Kk/Z7bPeDfopapNsjj+ZPWhNytpF8e1K/etAWa5azGtPSbaaDogSgy16CDGy0Y
koczPyMREfXJARE13kSNHWvEOiByZF3BWWDLXDvKoCer5mysMeypOqDsEOVINJvT
HJ4ekyq6R0C2XUXEucvWY1sacCYj9gpBU966Atvfzt9tepyFVaQBPvXRnEpZvx/1
g/qSmj2ATUmq9pJflO7vOLNxn5YwfbLSjbsW7eFvzY5O0uBbWVzdld6faWPUslRS
UUDlUFxLHF5RWxC3GR8xCHDL
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
1e:07:eb:03:66:a7:54:e8:c5:e1:fe:c9:08:58:91:d8:1b:d6:
c8:69:a5:65:03:a3:1a:f4:eb:9d:cd:4a:c1:9d:cd:ac:39:0b:
49:09:e7:9c:0f:12:cb:3f:29:e1:9c:d1:f4:68:14:02:2e:d3:
fe:3d:63:3c:26:80:38:91:03:c3:52:52:9e:66:4d:59:d1:80:
97:eb:91:99:5f:e7:d5:8e:e7:c4:c0:d3:f3:12:2e:c9:05:3a:
54:ed:38:f3:6f:f3:ae:74:18:47:b5:25:c6:e3:44:8c:27:bd:
3f:bc:e3:f1:0e:e4:50:ff:4c:ec:30:d6:0d:9f:8f:d0:f6:be:
43:73:94:8f:48:97:38:7c:e8:8a:53:fd:02:4e:0f:2c:14:53:
f4:4c:80:8a:09:b2:b8:a8:0e:11:75:a6:15:6a:5f:c8:06:7b:
ff:a3:76:d0:e8:70:0a:e0:b1:6d:88:54:06:c2:04:f9:81:b0:
77:af:a4:80:1b:88:64:5e:db:ff:36:dc:e8:d2:7b:4e:55:40:
3c:f7:cd:33:f9:66:59:2e:9c:18:c7:50:e6:b5:b9:c1:94:3b:
78:46:05:a6:24:41:2a:28:b5:e8:92:d0:0d:47:18:e8:cc:6e:
e8:11:d2:2a:94:47:75:b5:80:f2:e8:83:34:cc:7f:22:8a:9e:
49:be:30:c1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAB4H6wNmp1ToxeH+yQhYkdgb1shppWUDoxr0653NSsGdzaw5C0kJ55wPEss/
KeGc0fRoFAIu0/49YzwmgDiRA8NSUp5mTVnRgJfrkZlf59WO58TA0/MSLskFOlTt
OPNv8650GEe1JcbjRIwnvT+84/EO5FD/TOww1g2fj9D2vkNzlI9Ilzh86IpT/QJO
DywUU/RMgIoJsrioDhF1phVqX8gGe/+jdtDocArgsW2IVAbCBPmBsHevpIAbiGRe
2/823OjSe05VQDz3zTP5ZlkunBjHUOa1ucGUO3hGBaYkQSooteiS0A1HGOjMbugR
0iqUR3W1gPLogzTMfyKKnkm+MME=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server1-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDmllV1z4qXaIy2
OPZ6Bb4ztlFHN4r325G+kmu3AIzyxSRuGOmSAIEB3LNMKKm3gPGWzyN6L6744w8t
014j59tMsl2JFhe+voHb+xJtKEsQoBIEJ8HJ0HmV7+iNjFmbTnJ9vEkrIk74T+IM
8enpl/nfjFoKqjgdQwSjp4mh4oOkS7VORYimIl2sqVhniMHVYe+9EQUnlEe7M6WK
yu4fjcBuJK/Nyr+AR3GVrKnxXSNs9Uu0qeHEZvvlxKGfp1HReM0utD8u4oLzf8Sn
9DHPdic/2y7SbsNHI4KjSECMp8ET8GNQVEP2cRLhb6V6WCb3/Ys7cBigQ7oBa7P4
1b4FE2QxAgMBAAECggEBAMcAl2DFbOae5FGfd5h3vF8EycCcvuKKLI4775pQb1RV
r8sU1P+cT7o7rsHblh04u0dcHVImNOu3ijISaPyz7R+UEAVve66y23/uf0iVrbL7
cpEDfsudkFFGa30901elrEm3Za5EPcMvrfdeEHH5Jz02876giS032ZkjzjRYOSRg
TuFhiqjRTMfE6AB63KSRWcb6AYEocHV/jF+IEQcz9ctsv6XKKKJtge4+Y3+gQU4N
ALUE6OjBsD5KpMVuMYBSfTucYi5g2eOK05PoCOR8lTqgvsbof+ALj+84zEpG20aK
p0KdMVwiMolXaYcvKBOGPxZKt7sQaIMitbs0iuErMQECgYEA+cLVZh4qkRnsjPVc
/27qC/VLeWo2QAL7TWC7YgkY0MgNtZXRkJZdKOlzYWo/iJmuxHj7eUFLkoHpPNV2
X6WG+CGHD1qq/BqLQNlJKS/MtI2VNzOjBJ/J3SktOGo3BwL+Q5uSRNHukQip0YnD
c9GCU4UhfBHr/UNitMBH6N5aPqUCgYEA7FjjTGomVseF5wNbfw2xLjBmRuQ2DDgJ
/OvCtV6it+OiVU9R+cYcz/hVl1QLIkGBHt5hb8O6np4tW5ehKd5LNTtolIO+/BLL
2xPZCLY7U+LES5dgUTC/wb5t5igAmPuOMi9qNQ1kYxbKYJVLRUdwfOM8FNE4gjZF
kj2BIb6OxZ0CgYEAmuXXvWZ2FdmTGHTPwWdDZjkyHtHdZWO0AXA9pnZn2oxH3FdX
SinHCymFsmPXlVtixV0W8UOqn+lMAruMl5MsGtWIUuBzbLj1pjlcI1wOw+ePJFY1
AxgqdKwl7HgLOqEDmmBwnZfpMi/CSj77ZegIwM2vT6g5yK+zFtCtiGHmbDUCgYBf
L2VLbyzFolGBOk7tGnyTF5b5UguaXC9ZlzGxjc2Gtby5Etr29xy/fUorSgO55hu0
bOdc9b0BCL9HtgeILyim5ag2t+CA8Kj9MD8mTQ4TuK5Jq0t1J2bzBliIau/irN0V
xRbHCv+1EIas4zOPUTgyc+nMkH5roqPeQ7rv9ijV2QKBgQDJiNmAJv3dlie2x+bj
rX5RDF1Q/egVVGx41jPyuzh0oFLwEQG2lSHEAKgF+gWt0ZMwNzPB9oue2LBSpNFl
7ZdpFCpzD+3OcaxnWYEGT+qNhczbf0PvVNBOzOI33Trr7maktWi0Mh9qmXqoNuwG
uCnrEriJlBk2MV88tIG/ZJ+bvQ==
-----END PRIVATE KEY-----

279
certs/ocsp/server2-cert.pem Normal file
View File

@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www2.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c6:35:8a:e8:aa:bd:33:c9:5e:84:43:67:42:65:
2a:3c:e3:89:b4:a6:67:a1:3b:ee:6d:85:d1:d3:2b:
6e:b1:62:d4:f1:22:43:a0:d5:b7:a5:7d:b5:f5:6c:
09:06:7c:8c:ef:87:af:4f:34:ce:27:eb:f3:4a:37:
57:c3:d7:d8:ee:e4:a0:77:65:2c:a7:c2:10:65:6b:
7b:48:c4:d8:28:fe:4c:4e:4f:7e:2f:20:c4:49:5b:
71:38:40:0d:36:a3:57:b3:44:da:be:cd:54:14:15:
66:0f:d3:05:08:f2:2e:03:67:2e:5c:5d:e1:b0:e6:
c0:25:8f:58:77:5b:d3:d7:a8:22:ea:56:d3:0e:01:
6d:38:34:56:47:aa:12:c4:ba:2a:ef:ec:18:f5:d4:
db:b9:fa:6f:dc:50:eb:ee:10:a2:14:b5:9a:12:e1:
e3:85:0f:79:14:b8:70:6d:0d:1c:1d:38:57:85:6a:
82:0c:d6:bd:2c:bf:20:f1:28:2e:f6:34:80:a7:0d:
32:82:35:4f:c1:b1:e5:9e:26:d5:f8:b9:39:57:43:
ef:ed:f1:10:5c:3e:32:ba:d9:e4:9e:40:cd:28:ea:
26:46:9b:a9:34:8d:9f:b9:fd:45:7d:14:f7:ce:ca:
3b:85:87:a7:64:74:9c:65:29:18:b3:f5:b1:ad:92:
62:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
7D:6D:FD:F6:0B:4F:3F:4A:62:91:F5:F3:13:60:51:86:C3:5A:9F:D6
X509v3 Authority Key Identifier:
keyid:83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:01
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22221
Signature Algorithm: sha256WithRSAEncryption
84:39:12:8b:3b:47:c1:57:60:70:5d:21:e4:1f:60:33:20:94:
ab:7d:50:62:55:bf:cc:78:13:40:9d:40:75:14:55:d5:71:e8:
8a:26:3d:4a:85:94:02:6f:be:1c:84:69:6b:03:9d:74:a7:8c:
f1:0e:e4:4e:79:e3:fc:bd:1f:c7:fb:d6:bb:6e:aa:55:7f:ac:
6f:da:84:08:b0:97:ef:24:d5:a3:d9:c1:67:78:08:7d:05:18:
c0:58:50:e8:fc:20:65:c6:0a:4e:3a:81:7a:64:0b:81:be:12:
87:33:18:85:d3:e3:c3:ba:b5:b0:03:9a:16:e3:01:ae:a9:9a:
9a:ea:84:5f:0e:5c:dd:d4:16:b8:38:e2:63:0a:4f:75:5f:44:
0b:60:08:f3:d4:df:32:cf:5b:f9:7b:a0:b1:ba:ae:ed:0f:a1:
c5:71:6b:1a:19:13:b7:5f:18:e8:97:51:a2:d3:66:52:b9:8b:
0e:47:22:c9:61:17:94:80:7c:3d:39:6f:5a:58:18:7b:2e:42:
ea:20:fa:67:58:bf:4c:58:7e:e8:c0:3d:15:08:96:84:57:a8:
6c:66:58:9d:93:30:64:93:28:7e:cc:1b:a2:e4:f7:d8:69:9c:
19:07:9f:90:7f:53:a8:4f:59:86:a2:0a:87:c7:35:3d:b7:9d:
51:61:51:69
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
Mi53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMY1iuiqvTPJXoRDZ0JlKjzj
ibSmZ6E77m2F0dMrbrFi1PEiQ6DVt6V9tfVsCQZ8jO+Hr080zifr80o3V8PX2O7k
oHdlLKfCEGVre0jE2Cj+TE5Pfi8gxElbcThADTajV7NE2r7NVBQVZg/TBQjyLgNn
Llxd4bDmwCWPWHdb09eoIupW0w4BbTg0VkeqEsS6Ku/sGPXU27n6b9xQ6+4QohS1
mhLh44UPeRS4cG0NHB04V4VqggzWvSy/IPEoLvY0gKcNMoI1T8Gx5Z4m1fi5OVdD
7+3xEFw+MrrZ5J5AzSjqJkabqTSNn7n9RX0U987KO4WHp2R0nGUpGLP1sa2SYjkC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFH1t/fYLTz9KYpH18xNg
UYbDWp/WMIHEBgNVHSMEgbwwgbmAFIPGOoksgfQC151M4irAcYJkRNoOoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
AQCEORKLO0fBV2BwXSHkH2AzIJSrfVBiVb/MeBNAnUB1FFXVceiKJj1KhZQCb74c
hGlrA510p4zxDuROeeP8vR/H+9a7bqpVf6xv2oQIsJfvJNWj2cFneAh9BRjAWFDo
/CBlxgpOOoF6ZAuBvhKHMxiF0+PDurWwA5oW4wGuqZqa6oRfDlzd1Ba4OOJjCk91
X0QLYAjz1N8yz1v5e6Cxuq7tD6HFcWsaGRO3Xxjol1Gi02ZSuYsORyLJYReUgHw9
OW9aWBh7LkLqIPpnWL9MWH7owD0VCJaEV6hsZlidkzBkkyh+zBui5PfYaZwZB5+Q
f1OoT1mGogqHxzU9t51RYVFp
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 1/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:b4:c8:5c:77:e0:2d:b1:f5:b9:ad:16:47:35:
a0:35:65:65:c6:e1:40:ab:1e:b4:b9:13:b7:cb:8c:
bb:77:a5:76:da:6d:87:87:f6:4a:4d:13:e4:26:3e:
27:87:ee:5b:c7:6a:3f:45:30:61:55:5c:f6:35:d1:
65:fa:98:11:a3:a7:55:d5:be:91:82:4b:fc:be:90:
d6:50:53:63:9a:2c:22:e1:35:11:dc:78:02:97:8a:
e4:46:92:9c:53:08:76:de:1f:53:b6:b8:ca:77:3e:
79:6e:bc:d0:e3:0d:30:5b:4c:f6:94:0d:30:29:64:
9f:04:e5:db:fb:89:60:67:bb:af:26:83:51:77:24:
2f:2b:0b:a1:94:81:10:98:e8:eb:26:a8:1e:7c:e4:
c4:6c:67:06:95:55:4a:dd:52:f4:f2:60:6d:01:2b:
19:91:35:6d:a4:08:47:06:71:24:00:d9:de:c6:56:
f3:8b:53:2c:e2:9a:96:a5:f3:62:e5:c4:e3:23:f2:
d2:fc:21:ea:0f:62:76:8d:d5:99:48:ce:dc:58:c4:
bb:7f:da:94:2c:80:74:83:c5:e0:b0:15:7e:41:fd:
0e:f2:f4:f0:78:76:7b:ad:26:0d:aa:48:96:17:2f:
21:e3:95:2b:26:37:f9:aa:80:2f:fe:de:f6:5e:bc:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
83:C6:3A:89:2C:81:F4:02:D7:9D:4C:E2:2A:C0:71:82:64:44:DA:0E
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
1e:07:eb:03:66:a7:54:e8:c5:e1:fe:c9:08:58:91:d8:1b:d6:
c8:69:a5:65:03:a3:1a:f4:eb:9d:cd:4a:c1:9d:cd:ac:39:0b:
49:09:e7:9c:0f:12:cb:3f:29:e1:9c:d1:f4:68:14:02:2e:d3:
fe:3d:63:3c:26:80:38:91:03:c3:52:52:9e:66:4d:59:d1:80:
97:eb:91:99:5f:e7:d5:8e:e7:c4:c0:d3:f3:12:2e:c9:05:3a:
54:ed:38:f3:6f:f3:ae:74:18:47:b5:25:c6:e3:44:8c:27:bd:
3f:bc:e3:f1:0e:e4:50:ff:4c:ec:30:d6:0d:9f:8f:d0:f6:be:
43:73:94:8f:48:97:38:7c:e8:8a:53:fd:02:4e:0f:2c:14:53:
f4:4c:80:8a:09:b2:b8:a8:0e:11:75:a6:15:6a:5f:c8:06:7b:
ff:a3:76:d0:e8:70:0a:e0:b1:6d:88:54:06:c2:04:f9:81:b0:
77:af:a4:80:1b:88:64:5e:db:ff:36:dc:e8:d2:7b:4e:55:40:
3c:f7:cd:33:f9:66:59:2e:9c:18:c7:50:e6:b5:b9:c1:94:3b:
78:46:05:a6:24:41:2a:28:b5:e8:92:d0:0d:47:18:e8:cc:6e:
e8:11:d2:2a:94:47:75:b5:80:f2:e8:83:34:cc:7f:22:8a:9e:
49:be:30:c1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rTIXHfgLbH1ua0WRzWgNWVl
xuFAqx60uRO3y4y7d6V22m2Hh/ZKTRPkJj4nh+5bx2o/RTBhVVz2NdFl+pgRo6dV
1b6Rgkv8vpDWUFNjmiwi4TUR3HgCl4rkRpKcUwh23h9TtrjKdz55brzQ4w0wW0z2
lA0wKWSfBOXb+4lgZ7uvJoNRdyQvKwuhlIEQmOjrJqgefOTEbGcGlVVK3VL08mBt
ASsZkTVtpAhHBnEkANnexlbzi1Ms4pqWpfNi5cTjI/LS/CHqD2J2jdWZSM7cWMS7
f9qULIB0g8XgsBV+Qf0O8vTweHZ7rSYNqkiWFy8h45UrJjf5qoAv/t72XryXfwID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUg8Y6iSyB9ALXnUzi
KsBxgmRE2g4wgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAB4H6wNmp1ToxeH+yQhYkdgb1shppWUDoxr0653NSsGdzaw5C0kJ55wPEss/
KeGc0fRoFAIu0/49YzwmgDiRA8NSUp5mTVnRgJfrkZlf59WO58TA0/MSLskFOlTt
OPNv8650GEe1JcbjRIwnvT+84/EO5FD/TOww1g2fj9D2vkNzlI9Ilzh86IpT/QJO
DywUU/RMgIoJsrioDhF1phVqX8gGe/+jdtDocArgsW2IVAbCBPmBsHevpIAbiGRe
2/823OjSe05VQDz3zTP5ZlkunBjHUOa1ucGUO3hGBaYkQSooteiS0A1HGOjMbugR
0iqUR3W1gPLogzTMfyKKnkm+MME=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server2-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDGNYroqr0zyV6E
Q2dCZSo844m0pmehO+5thdHTK26xYtTxIkOg1belfbX1bAkGfIzvh69PNM4n6/NK
N1fD19ju5KB3ZSynwhBla3tIxNgo/kxOT34vIMRJW3E4QA02o1ezRNq+zVQUFWYP
0wUI8i4DZy5cXeGw5sAlj1h3W9PXqCLqVtMOAW04NFZHqhLEuirv7Bj11Nu5+m/c
UOvuEKIUtZoS4eOFD3kUuHBtDRwdOFeFaoIM1r0svyDxKC72NICnDTKCNU/BseWe
JtX4uTlXQ+/t8RBcPjK62eSeQM0o6iZGm6k0jZ+5/UV9FPfOyjuFh6dkdJxlKRiz
9bGtkmI5AgMBAAECggEAL6rWwke1gsvNyD8xiR0tQEF0b5aJW5Q/LeW95WwPjed3
0Jnt67MaHFmUNfaKYR35Au39si2/2of7FYEjwTyatjETikMxrxKTwOBNYN2+InWt
wjOJ5CmcKwwruVxmERrNT5aiiLp2mvHefrXAAzvC5xycYKhPS6zizuWfX+0ckEM5
yJnl8TRTjfqExxHS1ciTY4B1w8nfWdYY/xiQW23sCPZ8toqsqAuHJjREmMcj+oer
z8Md1tZNa0ujDy0ejSovCnqzWIi4Umg3SndhRDYKNRAFGPNQmYRM+EWEqQufMaXP
ghD+Heb5RUPSkNW98KdjDGK4WiIeqF45tb+YQ4AvgQKBgQDt2X+FMHG/s7FAEAxA
x6TzIcDedqwEKtO3JbaC+Q0FKwRTGwP1tGOnyqbVrw4cSlza5EvUnK8CZK9I2HFd
qfbP3rtFCtHl9/bpVZPNkaVImzqkfmzmGJIREsCDIPu8THFNyxL2TC27VKCNsSmZ
ui2tuxRJ6/O0DroGdvdnFL89SQKBgQDVVaZjiA5Cr1e5Eo6q3dNNeMSBfTuI90Ja
W1OmVovp2yWYjfFFTW2B9vb4RDaRvIuykGhHgAnGKGmHtv7f0GlY7n6Qr0czvyn5
6s+fRVIcPzEaTVnxC1g20+XHc41XdqnIOcaUjUz7oqC6g7+Y56WKdvvKitV0Lb98
ua7ZOM6tcQKBgGWtRMY7H2VD+9HXCmXm8qy9ESYItSBS7o6soIj8zoQXD5I3SkoP
A0sHZqqSWwXdBDTOw1vwXyA2ynfpjwzrS4cxP/0T0wbsKbE11ClcybtwIHGRWhxD
BK4nxgRIZVTpmMYYudJwXlxmoPvxcEc3P6+0+cdgBp5CbWO2F60JQXeBAoGAHxLs
u46z1Q7JTlHfqg/JmX0/0kS1iUvKxHKNCquMkbG0FjaGsDuI+edJLfxxnmTCTG4w
YknKIqz8QiJrmZo33hZPJTACxQzRRm/nciGcxjSGKHif4zZt0P6od5bjPZwxOtL/
k9/JGNYlZ0WNgO4s9LBEGMqEMPoA7F/3kfhuUmECgYEA6WzFZjs31OqTLE0vnCfL
/b/wPeozaAyjtR/24TNkAFwP/LrBAA5gFOoL8p94ce87yXdm80x3bK6OGbNmor7c
qT/OJgnXV1wTrKYSkFUu7LTC7DihpYy2MqyGg8xGxB4kK1IR+ROB4v3c5RkIqaGF
lTSpXFge771NjCimucIOl/Y=
-----END PRIVATE KEY-----

279
certs/ocsp/server3-cert.pem Normal file
View File

@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www3.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:be:19:65:1e:17:39:d4:33:fc:97:64:69:80:51:
fb:6c:7c:ca:e1:ba:2a:ab:d2:dd:30:61:f3:2e:47:
c1:d4:33:c0:ff:53:21:ba:2d:14:a6:b9:7c:66:ca:
45:7b:1c:7d:8f:fc:75:f3:9a:69:f1:6c:25:46:a0:
92:5d:00:93:e3:22:a6:60:b9:97:05:37:7f:a1:aa:
cd:22:81:72:b1:22:47:3d:7c:8d:46:55:bc:32:4d:
d2:84:43:5c:15:43:07:22:70:36:39:93:1b:e8:a1:
46:bb:02:85:ba:1d:31:ac:b1:3c:84:5b:eb:8f:1f:
62:8a:71:52:9e:0b:63:b6:e6:d6:46:cc:19:06:d6:
bb:06:81:e4:0b:25:14:6c:63:94:70:1a:27:37:95:
24:40:07:30:f5:24:73:c3:bd:f9:0e:5f:b6:cd:4f:
18:88:f0:d7:a3:9b:f5:b0:1e:fe:04:03:a5:8d:73:
f7:6b:31:74:85:fd:61:fa:9e:53:37:75:90:e6:f8:
b5:98:66:e8:52:4d:4a:4c:39:05:65:c1:34:f9:c6:
95:27:b0:07:c1:51:96:a8:82:1b:22:cf:41:df:de:
b4:94:b7:0d:ba:61:fb:f4:40:7c:a1:fc:a2:29:a3:
47:4d:b4:94:9d:7b:51:ec:e4:13:fb:cd:e9:26:ca:
a7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
C1:CD:C0:2C:34:F4:3B:BB:E3:CA:98:35:7D:6A:15:33:94:5C:11:3A
X509v3 Authority Key Identifier:
keyid:05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:02
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
12:62:57:58:a4:74:c0:b3:f1:d7:63:8b:1d:ba:79:99:88:76:
5f:88:3b:e3:53:8d:d3:88:d0:98:91:3b:72:31:e9:03:5d:d5:
1d:fe:6a:59:e8:a0:46:5b:4a:5a:3c:ce:60:27:00:36:68:49:
35:22:cd:16:01:5f:94:67:5e:80:1a:2f:a6:21:4b:1a:d2:f8:
70:ba:39:0f:d4:54:44:c8:6d:f4:1c:bc:fa:b3:72:32:e5:56:
18:b8:c0:4c:98:21:56:36:a3:83:94:60:a9:a1:de:8c:7d:22:
46:40:ac:92:7c:4a:44:6c:24:36:78:ab:f6:93:4f:44:f6:82:
2e:ba:bc:7f:45:c2:51:be:fa:05:bb:d1:8a:95:84:38:f0:1d:
c7:66:8d:5e:44:05:26:48:b2:bd:4e:56:7a:17:28:b2:fa:3a:
25:ce:7e:83:9a:ee:76:b0:02:54:a3:65:78:7c:7b:1e:49:ad:
7f:65:5e:a8:cc:59:1e:fb:61:27:b6:3f:df:31:11:49:06:01:
58:55:84:35:3e:f6:db:5a:e9:fd:2f:0a:b0:f7:c7:fb:d9:59:
86:c6:cd:0c:f2:a6:f9:0a:ef:4b:ab:ca:a6:16:b4:df:0f:0d:
c6:d1:32:4f:0d:f9:a8:2a:28:a1:be:e2:c3:62:7e:74:90:58:
bc:67:89:20
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
My53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4ZZR4XOdQz/JdkaYBR+2x8
yuG6KqvS3TBh8y5HwdQzwP9TIbotFKa5fGbKRXscfY/8dfOaafFsJUagkl0Ak+Mi
pmC5lwU3f6GqzSKBcrEiRz18jUZVvDJN0oRDXBVDByJwNjmTG+ihRrsChbodMayx
PIRb648fYopxUp4LY7bm1kbMGQbWuwaB5AslFGxjlHAaJzeVJEAHMPUkc8O9+Q5f
ts1PGIjw16Ob9bAe/gQDpY1z92sxdIX9YfqeUzd1kOb4tZhm6FJNSkw5BWXBNPnG
lSewB8FRlqiCGyLPQd/etJS3Dbph+/RAfKH8oimjR020lJ17UezkE/vN6SbKp5MC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFMHNwCw09Du748qYNX1q
FTOUXBE6MIHEBgNVHSMEgbwwgbmAFAXRuoYAou4qBSS3Ea0tYPGQFI8XoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
AQASYldYpHTAs/HXY4sdunmZiHZfiDvjU43TiNCYkTtyMekDXdUd/mpZ6KBGW0pa
PM5gJwA2aEk1Is0WAV+UZ16AGi+mIUsa0vhwujkP1FREyG30HLz6s3Iy5VYYuMBM
mCFWNqODlGCpod6MfSJGQKySfEpEbCQ2eKv2k09E9oIuurx/RcJRvvoFu9GKlYQ4
8B3HZo1eRAUmSLK9TlZ6Fyiy+jolzn6Dmu52sAJUo2V4fHseSa1/ZV6ozFke+2En
tj/fMRFJBgFYVYQ1PvbbWun9Lwqw98f72VmGxs0M8qb5Cu9Lq8qmFrTfDw3G0TJP
DfmoKiihvuLDYn50kFi8Z4kg
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4:
6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7:
11:02:a1:ab:58:3d:fb:dc:51:ca:3a:1d:1f:95:a6:
56:82:f7:8f:ff:6b:50:bb:ea:10:e1:47:1d:35:77:
2e:4b:28:c5:53:46:23:2b:82:fd:5a:d3:f4:21:db:
0e:e0:f2:76:33:47:b3:00:be:3a:b1:23:98:53:eb:
ea:a0:de:1b:cc:05:4e:ee:63:a8:2c:93:24:d6:98:
78:74:03:e4:c8:89:43:61:f1:25:b8:cd:3b:87:c1:
31:25:fd:ba:4c:fc:29:94:45:9e:69:d7:67:0a:8a:
8e:d5:52:93:30:a2:0e:dd:6a:1c:b0:94:77:db:52:
52:b7:89:21:be:96:75:24:cb:e9:49:df:81:9d:9d:
f8:55:7d:01:2a:eb:78:03:12:e2:20:6e:db:63:35:
cd:a1:96:f0:f8:8c:20:35:69:87:01:ca:b4:54:36:
a0:15:e0:23:7d:b9:fb:be:99:05:50:f0:bf:ec:7f:
12:e1:3d:75:15:4e:c8:c2:30:e6:8b:fe:e5:8b:55:
f8:44:5e:e5:e3:56:e0:66:2d:6f:42:5a:45:6b:96:
aa:c7:5d:41:08:5f:ce:d7:dc:9f:20:e4:46:78:ff:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
6a:f5:af:1f:f7:43:ef:10:74:6d:1f:e5:2e:72:5f:d1:84:40:
c8:60:79:b7:66:2e:46:39:bf:95:ca:fe:83:0a:8a:f4:52:6e:
d2:d3:a5:54:7b:0c:29:35:a0:75:7a:e5:35:5d:99:0a:d9:13:
ca:80:46:a0:a2:6d:d5:c4:ff:0c:d5:da:ec:54:86:df:ce:a7:
92:1a:c7:f6:12:74:04:74:9f:06:39:82:b1:1e:af:47:de:b5:
b7:21:c1:3b:22:27:e3:d0:3f:70:d3:27:1c:63:e0:01:12:80:
20:e7:ac:6c:f0:8f:7a:72:54:8a:21:2d:0e:17:6c:9d:01:fd:
42:96:e1:7a:d5:43:d5:65:9b:0b:7c:dd:b6:90:da:cc:3c:d7:
7a:d3:e2:63:07:e3:96:a7:96:84:d6:0c:9e:31:e0:72:cd:91:
54:cf:16:38:af:c8:23:04:ce:98:2c:61:11:28:70:d7:34:69:
55:b7:e0:5b:87:a6:c4:a4:c5:bf:8f:e0:04:5d:e4:14:22:04:
21:a1:9b:01:19:50:29:03:9d:81:be:e4:ba:4d:68:1c:2f:e4:
e6:05:02:c2:e7:b4:ef:45:be:80:dc:a3:86:58:cf:02:cf:6a:
69:8d:2b:69:69:cd:81:27:63:e8:2d:55:2a:00:de:0b:15:2c:
53:95:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA8NRlvLES0fkLHdbRqK6kj
hb+HtO7K10sfMdcRAqGrWD373FHKOh0flaZWgveP/2tQu+oQ4UcdNXcuSyjFU0Yj
K4L9WtP0IdsO4PJ2M0ezAL46sSOYU+vqoN4bzAVO7mOoLJMk1ph4dAPkyIlDYfEl
uM07h8ExJf26TPwplEWeaddnCoqO1VKTMKIO3WocsJR321JSt4khvpZ1JMvpSd+B
nZ34VX0BKut4AxLiIG7bYzXNoZbw+IwgNWmHAcq0VDagFeAjfbn7vpkFUPC/7H8S
4T11FU7IwjDmi/7li1X4RF7l41bgZi1vQlpFa5aqx11BCF/O19yfIORGeP/ZmQID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUBdG6hgCi7ioFJLcR
rS1g8ZAUjxcwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAGr1rx/3Q+8QdG0f5S5yX9GEQMhgebdmLkY5v5XK/oMKivRSbtLTpVR7DCk1
oHV65TVdmQrZE8qARqCibdXE/wzV2uxUht/Op5Iax/YSdAR0nwY5grEer0fetbch
wTsiJ+PQP3DTJxxj4AESgCDnrGzwj3pyVIohLQ4XbJ0B/UKW4XrVQ9Vlmwt83baQ
2sw813rT4mMH45anloTWDJ4x4HLNkVTPFjivyCMEzpgsYREocNc0aVW34FuHpsSk
xb+P4ARd5BQiBCGhmwEZUCkDnYG+5LpNaBwv5OYFAsLntO9FvoDco4ZYzwLPammN
K2lpzYEnY+gtVSoA3gsVLFOVcik=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server3-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC+GWUeFznUM/yX
ZGmAUftsfMrhuiqr0t0wYfMuR8HUM8D/UyG6LRSmuXxmykV7HH2P/HXzmmnxbCVG
oJJdAJPjIqZguZcFN3+hqs0igXKxIkc9fI1GVbwyTdKEQ1wVQwcicDY5kxvooUa7
AoW6HTGssTyEW+uPH2KKcVKeC2O25tZGzBkG1rsGgeQLJRRsY5RwGic3lSRABzD1
JHPDvfkOX7bNTxiI8Nejm/WwHv4EA6WNc/drMXSF/WH6nlM3dZDm+LWYZuhSTUpM
OQVlwTT5xpUnsAfBUZaoghsiz0Hf3rSUtw26Yfv0QHyh/KIpo0dNtJSde1Hs5BP7
zekmyqeTAgMBAAECggEARDViddCJnF1m5X9O548C8qM4PJQK2YoYeVK76cAviQ9k
0XgnouCoB0aIn202Tv0jBHXmcJjYKJrQKS5WNe6OIbJ+FjihOmr2bbCWWCowV+Rf
wW0eV71NgJMx1OlCchKRzcaLfk8NdYPgmBtIlkYBW+BgQXGl7L2rIteUeEbH6Yj9
yCn7ORQeFSbhZJTn2WdXhK3GWjV+1GyHyUyL2SSa2+G2LZ54Ifquq/F6rMGYB9lY
2K6Q6DB18aVxd/I/OYKeyBZcmJ9COgPUW7/fg0He73aduYdVvWZCRP1ygGdqSZFr
oqLVe34bEVFANUKylzRplRJdC4oKSUyTSubiOMKZ+QKBgQDf0mk3PolyvsfE2YGb
9/DsURIxZg14o9Pysp3yD1vvIYNz6WaddtJaj5OM7NzN8spu3wJSoeVgL6KYI6ah
ZTIYqy4ehOGPKBVL7SvLF+7q/QBMTdfllpdK7GLTtjBnz92TZl9bS/rBc9dCnnBC
EDkPPrc3nbk5/ADWd+K4RPG3HwKBgQDZbdiQCKY2ulppRcwjcAEIjhrFpShV21P6
JNKt17HDBqULIAn+G9T/Gg/6yHWeY1DUgVBu1avb4L3jdnMPe2O+1jeaDzNRo6Xj
9v6PgGsiv4q7gfz7XqVwylUWIY7O52Ox/q+/QJBfwE0qe+E0t4syb44W4QvD9+k7
fv77R7dFDQKBgQCe0SfVimtvX05TMN9V87YhiVk2ciqm6uDO+s02YI2kfgxPqFMm
8pRKrExPmBcJj/jyeQ2l4rjm6oYeHFX1ed/1PyoHf9SphxCtgoornzzpw0J94lKK
17Nc96Ucgs+QKiAYonCRULWKpY8d91zCk85ZMfBB54nySg2yIPlgNZOqkwKBgFO/
Xqnj2vm7f7WKv91qd8tuyNsWCVpAl7EC2+8/5GVlOs71MUQiPkFgLYWADuXKBUlE
4dE/FeokP5/McPcmpL3Nzy7U6gRpDy2mZlipsxp4QpyErge4Zery1CEpHdOOBrV5
jwIQgUuQS2iwvIbMp53uoAEp/5kk9T4IZXguIGZFAoGAMA/j0kHArT7FINf+O6R4
3EyUTR139emLKHU2OlH/HfHVRZhHo4AmfUYksf+Njb81A6MKFd1XVmNnaumBIfq+
6Ohoz1VMoO6aUiMMqbmBGaTHc30FVEtAQIRq2C8UDrEN67Sx3O/ngl0Br7lNri29
LMSCe8fxf8+Kq0k+6tcsht4=
-----END PRIVATE KEY-----

279
certs/ocsp/server4-cert.pem Normal file
View File

@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www4.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:9c:ef:8a:7e:84:4d:58:7a:b1:91:c8:cb:68:76:
df:fe:0a:29:fe:7f:74:35:d5:c3:fd:43:be:d7:89:
fc:59:51:5a:30:e9:50:14:84:24:d0:c8:72:7d:d6:
75:42:12:8b:16:ad:5a:e8:d3:84:a7:07:2b:9e:12:
ef:6a:cd:3e:83:14:b7:26:a2:53:7b:3d:6c:96:7f:
9c:c5:09:08:0e:55:08:19:b7:5a:1c:46:32:09:da:
44:b2:ca:fd:4a:e4:be:d0:02:c9:c9:48:03:13:a5:
ad:3e:7b:21:cf:05:3a:b9:25:f5:c1:b8:4e:4d:eb:
33:99:d1:50:4a:eb:f7:1a:08:6b:d0:5c:9d:48:eb:
98:fd:dc:89:0f:aa:74:d3:7f:03:1b:59:65:f5:86:
e1:d9:53:ab:e4:53:ab:85:3c:79:8b:45:39:7b:fd:
e9:a2:10:b9:fa:92:71:0e:68:36:66:6e:8c:fb:e2:
8a:5d:5f:72:66:b0:47:2d:c5:b4:93:ce:61:7f:90:
1a:64:02:dd:57:9d:f1:f1:e8:75:21:e2:af:44:e3:
96:f5:1c:e3:73:87:dc:b7:05:12:ad:a5:8f:0c:d8:
2c:b4:90:b3:d9:e7:13:e1:e5:5e:4c:9b:24:89:08:
07:9e:aa:6b:9f:64:01:da:ec:95:05:45:84:d9:a9:
db:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
9A:D6:EF:4E:0A:7B:8B:74:E6:14:EC:35:9A:05:2A:94:68:09:61:58
X509v3 Authority Key Identifier:
keyid:05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:02
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
4e:d7:ac:3b:e2:2a:7c:2d:17:95:15:60:7d:d9:59:5f:53:9d:
d7:e4:8d:cf:9d:34:db:ea:e9:6b:1d:8c:d4:6e:4b:df:53:30:
3f:8e:5b:65:2e:e6:bb:7b:96:b1:2e:9b:65:fa:72:a8:eb:97:
af:47:33:f5:ae:0b:9b:6f:d6:25:9e:60:e4:b2:e5:88:3b:64:
26:8c:d4:8b:d5:4b:6b:85:23:c3:08:06:ca:b5:d3:88:f3:6b:
19:be:16:c0:a6:a3:68:25:4b:68:a2:be:a0:38:51:7b:6f:7d:
a7:74:5f:1a:57:cd:29:01:4c:33:e4:52:bf:b9:f9:52:4e:c5:
a1:85:16:90:e3:c4:26:d7:b2:db:07:75:78:1f:90:99:db:cc:
18:da:7d:58:af:52:e3:67:6a:8f:d2:33:f3:07:7f:da:09:24:
54:03:cd:9a:ef:8f:15:f2:11:a9:42:71:d6:0b:6b:c8:76:f4:
62:65:8c:d8:d3:10:19:af:34:9d:01:86:05:02:59:e8:4b:03:
6d:06:0d:c4:98:38:b5:f2:85:65:29:74:2a:c2:c6:47:8b:e1:
0e:d4:ee:9b:5d:a6:a5:55:8d:b0:e7:61:55:de:2e:30:50:cf:
51:ba:c1:64:c0:3a:d0:55:73:fe:3c:79:e8:d7:33:0c:7e:a2:
dc:df:45:ad
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
NC53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzvin6ETVh6sZHIy2h23/4K
Kf5/dDXVw/1DvteJ/FlRWjDpUBSEJNDIcn3WdUISixatWujThKcHK54S72rNPoMU
tyaiU3s9bJZ/nMUJCA5VCBm3WhxGMgnaRLLK/UrkvtACyclIAxOlrT57Ic8FOrkl
9cG4Tk3rM5nRUErr9xoIa9BcnUjrmP3ciQ+qdNN/AxtZZfWG4dlTq+RTq4U8eYtF
OXv96aIQufqScQ5oNmZujPviil1fcmawRy3FtJPOYX+QGmQC3Ved8fHodSHir0Tj
lvUc43OH3LcFEq2ljwzYLLSQs9nnE+HlXkybJIkIB56qa59kAdrslQVFhNmp28cC
AwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFJrW704Ke4t05hTsNZoF
KpRoCWFYMIHEBgNVHSMEgbwwgbmAFAXRuoYAou4qBSS3Ea0tYPGQFI8XoYGdpIGa
MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
AQBO16w74ip8LReVFWB92VlfU53X5I3PnTTb6ulrHYzUbkvfUzA/jltlLua7e5ax
Lptl+nKo65evRzP1rgubb9YlnmDksuWIO2QmjNSL1UtrhSPDCAbKtdOI82sZvhbA
pqNoJUtoor6gOFF7b32ndF8aV80pAUwz5FK/uflSTsWhhRaQ48Qm17LbB3V4H5CZ
28wY2n1Yr1LjZ2qP0jPzB3/aCSRUA82a748V8hGpQnHWC2vIdvRiZYzY0xAZrzSd
AYYFAlnoSwNtBg3EmDi18oVlKXQqwsZHi+EO1O6bXaalVY2w52FV3i4wUM9RusFk
wDrQVXP+PHno1zMMfqLc30Wt
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL intermediate CA 2/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:20:3c:35:19:6f:2c:44:b4:7e:42:c7:75:b4:
6a:2b:a9:23:85:bf:87:b4:ee:ca:d7:4b:1f:31:d7:
11:02:a1:ab:58:3d:fb:dc:51:ca:3a:1d:1f:95:a6:
56:82:f7:8f:ff:6b:50:bb:ea:10:e1:47:1d:35:77:
2e:4b:28:c5:53:46:23:2b:82:fd:5a:d3:f4:21:db:
0e:e0:f2:76:33:47:b3:00:be:3a:b1:23:98:53:eb:
ea:a0:de:1b:cc:05:4e:ee:63:a8:2c:93:24:d6:98:
78:74:03:e4:c8:89:43:61:f1:25:b8:cd:3b:87:c1:
31:25:fd:ba:4c:fc:29:94:45:9e:69:d7:67:0a:8a:
8e:d5:52:93:30:a2:0e:dd:6a:1c:b0:94:77:db:52:
52:b7:89:21:be:96:75:24:cb:e9:49:df:81:9d:9d:
f8:55:7d:01:2a:eb:78:03:12:e2:20:6e:db:63:35:
cd:a1:96:f0:f8:8c:20:35:69:87:01:ca:b4:54:36:
a0:15:e0:23:7d:b9:fb:be:99:05:50:f0:bf:ec:7f:
12:e1:3d:75:15:4e:c8:c2:30:e6:8b:fe:e5:8b:55:
f8:44:5e:e5:e3:56:e0:66:2d:6f:42:5a:45:6b:96:
aa:c7:5d:41:08:5f:ce:d7:dc:9f:20:e4:46:78:ff:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
05:D1:BA:86:00:A2:EE:2A:05:24:B7:11:AD:2D:60:F1:90:14:8F:17
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
6a:f5:af:1f:f7:43:ef:10:74:6d:1f:e5:2e:72:5f:d1:84:40:
c8:60:79:b7:66:2e:46:39:bf:95:ca:fe:83:0a:8a:f4:52:6e:
d2:d3:a5:54:7b:0c:29:35:a0:75:7a:e5:35:5d:99:0a:d9:13:
ca:80:46:a0:a2:6d:d5:c4:ff:0c:d5:da:ec:54:86:df:ce:a7:
92:1a:c7:f6:12:74:04:74:9f:06:39:82:b1:1e:af:47:de:b5:
b7:21:c1:3b:22:27:e3:d0:3f:70:d3:27:1c:63:e0:01:12:80:
20:e7:ac:6c:f0:8f:7a:72:54:8a:21:2d:0e:17:6c:9d:01:fd:
42:96:e1:7a:d5:43:d5:65:9b:0b:7c:dd:b6:90:da:cc:3c:d7:
7a:d3:e2:63:07:e3:96:a7:96:84:d6:0c:9e:31:e0:72:cd:91:
54:cf:16:38:af:c8:23:04:ce:98:2c:61:11:28:70:d7:34:69:
55:b7:e0:5b:87:a6:c4:a4:c5:bf:8f:e0:04:5d:e4:14:22:04:
21:a1:9b:01:19:50:29:03:9d:81:be:e4:ba:4d:68:1c:2f:e4:
e6:05:02:c2:e7:b4:ef:45:be:80:dc:a3:86:58:cf:02:cf:6a:
69:8d:2b:69:69:cd:81:27:63:e8:2d:55:2a:00:de:0b:15:2c:
53:95:72:29
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CA8NRlvLES0fkLHdbRqK6kj
hb+HtO7K10sfMdcRAqGrWD373FHKOh0flaZWgveP/2tQu+oQ4UcdNXcuSyjFU0Yj
K4L9WtP0IdsO4PJ2M0ezAL46sSOYU+vqoN4bzAVO7mOoLJMk1ph4dAPkyIlDYfEl
uM07h8ExJf26TPwplEWeaddnCoqO1VKTMKIO3WocsJR321JSt4khvpZ1JMvpSd+B
nZ34VX0BKut4AxLiIG7bYzXNoZbw+IwgNWmHAcq0VDagFeAjfbn7vpkFUPC/7H8S
4T11FU7IwjDmi/7li1X4RF7l41bgZi1vQlpFa5aqx11BCF/O19yfIORGeP/ZmQID
AQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUBdG6hgCi7ioFJLcR
rS1g8ZAUjxcwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5yFSGhgZ2k
gZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcNAQELBQAD
ggEBAGr1rx/3Q+8QdG0f5S5yX9GEQMhgebdmLkY5v5XK/oMKivRSbtLTpVR7DCk1
oHV65TVdmQrZE8qARqCibdXE/wzV2uxUht/Op5Iax/YSdAR0nwY5grEer0fetbch
wTsiJ+PQP3DTJxxj4AESgCDnrGzwj3pyVIohLQ4XbJ0B/UKW4XrVQ9Vlmwt83baQ
2sw813rT4mMH45anloTWDJ4x4HLNkVTPFjivyCMEzpgsYREocNc0aVW34FuHpsSk
xb+P4ARd5BQiBCGhmwEZUCkDnYG+5LpNaBwv5OYFAsLntO9FvoDco4ZYzwLPammN
K2lpzYEnY+gtVSoA3gsVLFOVcik=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server4-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCc74p+hE1YerGR
yMtodt/+Cin+f3Q11cP9Q77XifxZUVow6VAUhCTQyHJ91nVCEosWrVro04SnByue
Eu9qzT6DFLcmolN7PWyWf5zFCQgOVQgZt1ocRjIJ2kSyyv1K5L7QAsnJSAMTpa0+
eyHPBTq5JfXBuE5N6zOZ0VBK6/caCGvQXJ1I65j93IkPqnTTfwMbWWX1huHZU6vk
U6uFPHmLRTl7/emiELn6knEOaDZmboz74opdX3JmsEctxbSTzmF/kBpkAt1XnfHx
6HUh4q9E45b1HONzh9y3BRKtpY8M2Cy0kLPZ5xPh5V5MmySJCAeeqmufZAHa7JUF
RYTZqdvHAgMBAAECggEAMmlQF6vwHIftGmNh08C72yLwsmvGrLRqLKTiXOJaSWa0
jhmkO7LnEJoTDREiwYKrYzF0jm3DotPO0wxKFAiyF/FDlAl4v5HPm9iKR1DLYa82
1uvq6kIyOLAAeV5zVud7093Ra/LR6jHCINv01EddwbPL6dqGbMks3jA6lpaN3bJt
85VSy3h6rC2pIZrGddJxDV5jR2gm4N4j8GJoPWpYIGZa/i+GhFmx0OJfUAWTBsGQ
flt4HxtxoR0OkAQ1MnBbBLqadQQiJ3tt47vD5Ma98GGkuq/l9y2rCuJ/t7sjY7+1
1dnXrMj4VHKTNYEIkmpNti9lblT55P9v5HAYj4SoIQKBgQDP6/Tf1sf12XKZoQvi
qwww32brRqMnj7xpiK9PfsPdnBvq1u8aApQ2XRsHLkH/aq7S91DdLKhn+5fX9TZq
fGtix0V5/JVB11+0Y8hB6YonKtmTxGPScSKQdsSdnvo27yuBfSSp2QuSqYsAqKdV
dU/F++jAeNJFr5lg+X3zo+7gMwKBgQDBOXB3cO6Xjr1vzkxdtxpbKYTVYK5XGFpy
lGDJ9QasDMD6iX8EsTzp0/3CRtITnfYFBiBDXSFDwoUm7TqjdlDh9ahFcvkre/33
6SmXqHshn/RBl+JCAKYolw7cJmuWAFrJNZPbnbfiuqDNg8wkD3P2VTVkKWjsDpxA
f+99Xm2yHQKBgBBlWvoLxdjtPMxAlt9Y/a0c8NC80UDdZM4tqSVrqaZgGRN7v38d
lPJ0hR0b2Lh7gS3Bsu6+BsmsXVz6SUA8b3tqm1/zOxHmGfXvqGsKL4rHJkEwy25c
3Yzm0LpdPv31/khHxgxewTrfg8aZhhiHF7NVGhWTcYFtR3sOMZB07PFhAoGAf9to
RkDeQD9druwNsD2HHSeeFCvDcTJWN1djrH+MiLBvydjNyecV7YwvcCy4ue5eavig
xLKNXm8K+LUlhiC2aK7LSBlKM7H6Xd9VfFsqDxfu4rCEMTSIvncmiBqMOlfFuzrO
uhXlJgxkd1ls7bej/i5oA/06xmjsj+mYKZcgcykCgYAbONjSKF28CILSDKLepNqx
euRSnKaSgTjcu8B5C6ZWUY8+EsD3Lw6VK2Xn+PPPSS2+Pw7dgLdYybyCgPOLXV+9
we3d0OyuIPiLiRpfnHVTXdYQBc7qa8khw12LZpodkXwKT85St8jdwJzL1KTZAWqf
N2KyjDHPGPz8paCzS8LfuQ==
-----END PRIVATE KEY-----

279
certs/ocsp/server5-cert.pem Normal file
View File

@ -0,0 +1,279 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=www5.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ac:73:6d:e9:fa:8c:36:72:3e:89:3b:52:29:bd:
14:70:a2:00:b4:08:58:b6:c6:c0:bf:80:6a:1f:a5:
f0:15:fc:f4:19:a2:67:f9:6a:5d:22:69:2e:9c:29:
53:1e:5a:4a:d1:27:d5:b8:3b:65:37:8a:a2:eb:1b:
d4:5d:90:11:35:11:af:e3:d1:8c:24:5b:b5:90:c0:
bf:de:cb:7a:05:71:1b:ef:76:d7:9d:43:47:85:dc:
24:b8:b8:54:fc:53:bf:c3:fd:e1:12:c6:fc:1b:6f:
95:aa:cf:bb:8e:22:af:83:bd:4e:6b:66:fe:7e:7e:
98:6f:b1:b9:fc:f9:8a:8a:18:92:9a:4c:27:5d:78:
6b:e9:d0:14:1c:ed:69:6d:29:4c:4e:52:e6:92:24:
53:b0:2e:c3:a4:94:8f:20:1c:29:5c:97:70:1a:32:
85:90:71:f7:d7:a5:99:4f:48:c7:3d:fc:3d:a7:e1:
f9:96:ea:c1:6b:ea:31:e0:9b:fb:68:3e:4b:ad:a4:
2b:06:90:c2:b4:27:ea:f3:a3:3e:6e:32:75:aa:70:
6a:e3:33:29:fb:42:09:94:79:a5:eb:3c:4e:89:02:
77:08:fd:da:ba:fc:14:c6:8e:c1:5e:db:6d:d0:07:
4f:02:79:60:e7:95:c3:c8:f4:54:83:21:12:79:03:
7f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
2A:48:B6:8B:00:F0:4B:35:73:94:07:87:52:A3:69:5E:E6:D8:42:87
X509v3 Authority Key Identifier:
keyid:BB:15:9E:32:4D:E0:F8:AA:8A:B0:2E:0C:17:2B:5A:41:74:4B:06:45
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:03
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Authority Information Access:
OCSP - URI:http://localhost:22223
Signature Algorithm: sha256WithRSAEncryption
65:c1:7f:66:88:19:db:04:76:f3:ec:eb:c8:9c:38:3f:3f:83:
4c:6c:c9:3a:67:2f:cf:45:8d:72:28:d1:85:64:fd:53:0a:4a:
4a:22:9d:2f:2f:76:19:f5:97:04:cb:a7:1e:83:43:42:58:01:
ca:9b:25:42:bb:d1:5c:05:4f:c1:94:22:40:df:30:42:c1:be:
b9:f2:c0:a4:64:37:9b:9b:ed:20:44:e8:f0:5c:c6:2f:b6:24:
7f:13:b8:52:02:61:ac:69:4e:f4:bd:72:9d:e9:31:13:5f:12:
d2:cc:e7:eb:16:b3:84:cc:86:40:ee:f9:e1:4c:d8:ea:73:a1:
32:2a:2c:c7:f6:ba:4f:bf:ba:35:49:71:4c:d1:83:86:7a:44:
14:f3:b3:12:02:99:33:01:46:50:e0:0c:74:34:03:45:9d:d2:
2c:e1:83:31:59:d6:e7:69:8f:26:0a:12:5d:90:97:c4:ae:93:
67:c6:9b:a9:5b:a0:8f:22:ad:e9:e2:17:74:19:93:92:cb:9c:
cc:30:8e:7e:57:8f:37:44:82:04:f0:29:9e:79:37:0a:d6:55:
56:8e:b6:eb:d8:0f:a5:c4:ec:65:88:98:15:2f:2a:cd:9f:d8:
11:26:c6:d7:0e:12:4e:62:c5:5c:92:b2:99:db:c2:72:71:6f:
c1:94:24:06
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NM
IFJFVk9LRUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMB4XDTE1MTIxNTAxMjcyM1oXDTE4MDkxMDAxMjcyM1owgZgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UE
AwwQd3d3NS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxzben6jDZyPok7
Uim9FHCiALQIWLbGwL+Aah+l8BX89BmiZ/lqXSJpLpwpUx5aStEn1bg7ZTeKousb
1F2QETURr+PRjCRbtZDAv97LegVxG+92151DR4XcJLi4VPxTv8P94RLG/BtvlarP
u44ir4O9Tmtm/n5+mG+xufz5iooYkppMJ114a+nQFBztaW0pTE5S5pIkU7Auw6SU
jyAcKVyXcBoyhZBx99elmU9Ixz38Pafh+ZbqwWvqMeCb+2g+S62kKwaQwrQn6vOj
Pm4ydapwauMzKftCCZR5pes8TokCdwj92rr8FMaOwV7bbdAHTwJ5YOeVw8j0VIMh
EnkDf+ECAwEAAaOCATYwggEyMAkGA1UdEwQCMAAwHQYDVR0OBBYEFCpItosA8Es1
c5QHh1KjaV7m2EKHMIHEBgNVHSMEgbwwgbmAFLsVnjJN4PiqirAuDBcrWkF0SwZF
oYGdpIGaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4G
A1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5l
ZXJpbmcxGDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQ
aW5mb0B3b2xmc3NsLmNvbYIBAzALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAk
MCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0OjIyMjIzMA0GCSqGSIb3DQEB
CwUAA4IBAQBlwX9miBnbBHbz7OvInDg/P4NMbMk6Zy/PRY1yKNGFZP1TCkpKIp0v
L3YZ9ZcEy6ceg0NCWAHKmyVCu9FcBU/BlCJA3zBCwb658sCkZDebm+0gROjwXMYv
tiR/E7hSAmGsaU70vXKd6TETXxLSzOfrFrOEzIZA7vnhTNjqc6EyKizH9rpPv7o1
SXFM0YOGekQU87MSApkzAUZQ4Ax0NANFndIs4YMxWdbnaY8mChJdkJfErpNnxpup
W6CPIq3p4hd0GZOSy5zMMI5+V483RIIE8CmeeTcK1lVWjrbr2A+lxOxliJgVLyrN
n9gRJsbXDhJOYsVckrKZ28JycW/BlCQG
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL REVOKED intermediate CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:c5:04:10:7d:c2:21:e9:12:45:da:d5:ba:28:
fd:a6:f4:30:44:a0:df:f9:70:5e:17:26:97:59:5c:
31:eb:13:70:ea:4a:dd:58:3e:4f:33:14:66:59:69:
7a:aa:90:e0:7c:c4:b2:36:c1:0a:f4:df:3e:34:6c:
1a:e9:2b:f1:a5:92:7e:a9:68:70:ba:a4:68:88:f3:
ec:10:40:64:a5:64:7d:d9:1e:51:49:9d:7f:c8:cc:
2b:6d:71:2a:06:ff:e6:1f:84:28:8a:c1:ed:a8:52:
f4:89:a5:c0:77:d8:13:66:c2:65:a5:63:03:98:b0:
4b:05:4f:0c:84:a0:f4:2d:72:73:6b:fa:0d:e1:cf:
45:27:ed:a3:8c:02:d7:ee:99:e2:a1:f0:e3:a0:ad:
69:ed:59:e4:27:41:8f:ef:fa:83:73:8f:5f:2b:68:
89:13:46:26:dc:f6:28:6b:3b:b2:b8:9b:52:2a:17:
1b:dc:72:45:73:da:75:24:35:8b:00:5e:23:37:64:
6a:16:74:b8:ee:fe:b7:11:71:be:0a:73:c8:54:c2:
d9:04:d2:1b:f5:53:ac:8d:2a:4f:fe:33:79:e6:5e:
e7:f3:86:d3:dc:bb:4b:d7:39:7f:5b:3c:67:fe:5e:
88:51:05:96:f2:b4:9a:45:09:4c:51:f0:6a:4d:88:
2a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
BB:15:9E:32:4D:E0:F8:AA:8A:B0:2E:0C:17:2B:5A:41:74:4B:06:45
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
0c:5e:0d:55:3c:e7:fb:5e:c2:09:19:c8:0b:f4:c2:b2:2b:14:
79:dc:e8:63:f6:8a:0c:03:57:9e:15:47:7e:b6:15:a3:71:90:
01:11:39:4b:ff:3d:13:34:e4:f3:5b:a3:6c:58:4f:00:d5:c4:
b0:63:6c:90:c9:89:a8:5d:16:87:0a:da:08:40:12:b4:94:00:
3e:44:00:13:de:34:75:90:38:79:d4:c2:39:6d:ed:17:cb:7e:
50:ff:da:0b:eb:49:1a:66:e6:dd:eb:66:a5:92:ef:68:d5:c9:
93:8f:aa:c7:2a:92:6b:95:af:3d:74:de:aa:29:fd:c9:53:56:
ad:9f:e0:05:d1:97:0c:01:3b:f1:c6:a6:90:7e:5c:08:11:5e:
c1:77:5d:64:09:56:ea:78:29:15:a3:ea:44:2a:4c:d6:09:a7:
a0:5f:05:54:2a:61:ca:7a:09:07:14:34:c2:0d:c5:93:cd:28:
8b:62:26:af:30:25:8a:f1:da:65:fa:db:da:84:ab:d5:0c:37:
ae:5d:95:bd:55:2a:4b:09:e0:d3:3d:8b:3c:ea:f2:b9:68:5e:
e6:21:53:8b:28:78:39:f4:bf:9b:dc:92:bc:4b:14:06:fe:17:
21:64:be:af:20:e8:e7:fb:67:c8:5e:ec:59:bf:27:a4:cb:e3:
8a:6d:c3:ac
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sUEEH3CIekSRdrV
uij9pvQwRKDf+XBeFyaXWVwx6xNw6krdWD5PMxRmWWl6qpDgfMSyNsEK9N8+NGwa
6SvxpZJ+qWhwuqRoiPPsEEBkpWR92R5RSZ1/yMwrbXEqBv/mH4QoisHtqFL0iaXA
d9gTZsJlpWMDmLBLBU8MhKD0LXJza/oN4c9FJ+2jjALX7pniofDjoK1p7VnkJ0GP
7/qDc49fK2iJE0Ym3PYoazuyuJtSKhcb3HJFc9p1JDWLAF4jN2RqFnS47v63EXG+
CnPIVMLZBNIb9VOsjSpP/jN55l7n84bT3LtL1zl/Wzxn/l6IUQWW8rSaRQlMUfBq
TYgqFwIDAQABo4IBOTCCATUwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUuxWeMk3g
+KqKsC4MFytaQXRLBkUwgcQGA1UdIwSBvDCBuYAUc7AcpC+Cy89HpTjXsASCOn5y
FSGhgZ2kgZowgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAw
DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjAwDQYJKoZIhvcN
AQELBQADggEBAAxeDVU85/tewgkZyAv0wrIrFHnc6GP2igwDV54VR362FaNxkAER
OUv/PRM05PNbo2xYTwDVxLBjbJDJiahdFocK2ghAErSUAD5EABPeNHWQOHnUwjlt
7RfLflD/2gvrSRpm5t3rZqWS72jVyZOPqscqkmuVrz103qop/clTVq2f4AXRlwwB
O/HGppB+XAgRXsF3XWQJVup4KRWj6kQqTNYJp6BfBVQqYcp6CQcUNMINxZPNKIti
Jq8wJYrx2mX629qEq9UMN65dlb1VKksJ4NM9izzq8rloXuYhU4soeDn0v5vckrxL
FAb+FyFkvq8g6Of7Z8he7Fm/J6TL44ptw6w=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99 (0x63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Validity
Not Before: Dec 15 01:27:23 2015 GMT
Not After : Sep 10 01:27:23 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL, OU=Engineering, CN=wolfSSL root CA/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ab:2c:b4:2f:1d:06:09:ef:4e:29:86:84:7e:cc:
bf:a6:79:7c:f0:c0:c1:64:25:8c:75:b7:10:05:ca:
48:27:0c:0e:32:1c:b0:fe:99:85:39:b6:b9:a2:f7:
27:ff:6d:3c:8c:16:73:29:21:7f:8b:a6:54:71:90:
ad:cc:05:b9:9f:15:c7:0a:3f:5f:69:f4:0a:5f:8c:
71:b5:2c:bf:66:e2:03:9a:32:f4:d2:ec:2a:89:4b:
f9:35:88:14:33:47:4e:2e:05:79:01:ed:64:36:76:
b9:f8:85:cd:01:88:ac:c5:b2:b1:59:b8:cd:5a:f4:
09:09:38:9b:da:5a:cf:ce:78:99:1f:49:3d:41:d6:
06:7c:52:99:c8:97:d1:b3:80:3a:a2:4f:36:c4:c5:
96:30:77:31:38:c8:70:cc:e1:67:06:b3:2b:2f:93:
b5:69:cf:83:7e:88:53:9b:0f:46:21:4c:d6:05:36:
44:99:60:68:47:e5:32:01:12:d4:10:73:ae:9a:34:
94:fa:6e:b8:58:4f:7b:5b:8a:92:97:ad:fd:97:b9:
75:ca:c2:d4:45:7d:17:6b:cd:2f:f3:63:7a:0e:30:
b5:0b:a9:d9:a6:7c:74:60:9d:cc:09:03:43:f1:0f:
90:d3:b7:fe:6c:9f:d9:cd:78:4b:15:ae:8c:5b:f9:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Key Identifier:
73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
X509v3 Authority Key Identifier:
keyid:73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Engineering/CN=wolfSSL root CA/emailAddress=info@wolfssl.com
serial:63
X509v3 Key Usage:
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://localhost:22220
Signature Algorithm: sha256WithRSAEncryption
5a:9d:7f:40:a7:10:51:e5:d7:b3:23:dd:e7:25:c2:bc:00:5a:
d0:6e:cf:26:bb:c1:1d:38:89:ac:3c:0c:37:60:6c:aa:8a:54:
6b:a4:44:79:d5:49:f5:13:ed:bc:00:4c:dd:ed:eb:2e:64:44:
9c:4c:96:8a:6a:e6:f6:4d:0a:63:f0:f5:18:e3:5e:72:fc:5a:
3f:1b:4c:27:eb:6e:57:9d:d5:8e:3d:ee:28:3f:1b:7b:e0:25:
b9:0c:95:21:cd:bd:12:8f:4a:c4:b2:cc:80:da:b5:59:49:4d:
32:d5:96:90:a0:ec:47:8c:15:0b:de:2a:22:be:d6:d4:d7:09:
d1:85:48:4f:33:92:04:30:d1:d5:14:cb:bd:ab:96:06:93:18:
62:ed:8f:29:f8:b6:66:06:a7:f1:3a:ae:15:62:36:90:89:de:
41:41:f2:44:35:ea:4c:7b:fc:0b:6f:08:46:09:de:35:5f:e3:
e6:f3:5a:08:70:a4:28:df:a6:c7:17:d1:c3:ec:70:09:c2:06:
c7:12:29:b9:d6:d6:26:7d:2c:df:86:c7:4d:0a:c6:98:2b:61:
14:b3:b3:29:8e:c1:85:18:db:fd:54:9d:fe:99:a9:90:d1:c6:
08:2b:4f:6c:16:47:d9:16:fc:7b:0c:84:a7:15:b0:78:41:48:
87:f5:98:78
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUx
MjE1MDEyNzIzWhcNMTgwOTEwMDEyNzIzWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCrLLQvHQYJ704phoR+zL+meXzwwMFkJYx1txAF
ykgnDA4yHLD+mYU5trmi9yf/bTyMFnMpIX+LplRxkK3MBbmfFccKP19p9ApfjHG1
LL9m4gOaMvTS7CqJS/k1iBQzR04uBXkB7WQ2drn4hc0BiKzFsrFZuM1a9AkJOJva
Ws/OeJkfST1B1gZ8UpnIl9GzgDqiTzbExZYwdzE4yHDM4WcGsysvk7Vpz4N+iFOb
D0YhTNYFNkSZYGhH5TIBEtQQc66aNJT6brhYT3tbipKXrf2XuXXKwtRFfRdrzS/z
Y3oOMLULqdmmfHRgncwJA0PxD5DTt/5sn9nNeEsVroxb+ZmBAgMBAAGjggE5MIIB
NTAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRzsBykL4LLz0elONewBII6fnIVITCB
xAYDVR0jBIG8MIG5gBRzsBykL4LLz0elONewBII6fnIVIaGBnaSBmjCBlzELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
aHR0cDovL2xvY2FsaG9zdDoyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAWp1/QKcQ
UeXXsyPd5yXCvABa0G7PJrvBHTiJrDwMN2BsqopUa6REedVJ9RPtvABM3e3rLmRE
nEyWimrm9k0KY/D1GONecvxaPxtMJ+tuV53Vjj3uKD8be+AluQyVIc29Eo9KxLLM
gNq1WUlNMtWWkKDsR4wVC94qIr7W1NcJ0YVITzOSBDDR1RTLvauWBpMYYu2PKfi2
Zgan8TquFWI2kIneQUHyRDXqTHv8C28IRgneNV/j5vNaCHCkKN+mxxfRw+xwCcIG
xxIpudbWJn0s34bHTQrGmCthFLOzKY7BhRjb/VSd/pmpkNHGCCtPbBZH2Rb8ewyE
pxWweEFIh/WYeA==
-----END CERTIFICATE-----

28
certs/ocsp/server5-key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCsc23p+ow2cj6J
O1IpvRRwogC0CFi2xsC/gGofpfAV/PQZomf5al0iaS6cKVMeWkrRJ9W4O2U3iqLr
G9RdkBE1Ea/j0YwkW7WQwL/ey3oFcRvvdtedQ0eF3CS4uFT8U7/D/eESxvwbb5Wq
z7uOIq+DvU5rZv5+fphvsbn8+YqKGJKaTCddeGvp0BQc7WltKUxOUuaSJFOwLsOk
lI8gHClcl3AaMoWQcffXpZlPSMc9/D2n4fmW6sFr6jHgm/toPkutpCsGkMK0J+rz
oz5uMnWqcGrjMyn7QgmUeaXrPE6JAncI/dq6/BTGjsFe223QB08CeWDnlcPI9FSD
IRJ5A3/hAgMBAAECggEABz5+EoMc2rin2dntFKXFswmLIATtvRfSRvkc/CFbWYEb
u+vvlDGcofJrK9IslKzUUb7romaUVOX0/A1aOWfw4RrSGa7WxTw4/1CpfrFreckL
lF6YphmKapwZysyrfUIDXzdN+hzzwC9KyTcauNjKKK2OGsLj0+p7es2rc24EHNLj
vFpNj5TC84qsibATY1ny3tcL7SBcNLtiHsm+0JDagGqlW3ptT0oErrzH6jtUAI9j
LLm87mxwJyp4rBZvnP3s4jnOLLCJH40QyrCPKR6L4bAzSaA9kEnBUu+y1y1PyUP7
goWIPJmfclDFqgB2U7K/QbbfPFpt8pFB9SmbsoIlMQKBgQDgvgf/pdc6q9jAL9UQ
sTYa+iJJIFcjQKA95aCRoUeUjWvjA+2ROmYgLcMi7pxfNyFvYkaOXjBTL+aqSEWI
wQVbnGK4aqG16w2o/P+bWUatpMMWNbwsZGAkXpcgdrg+SbNjrQ2lY35EdmPc025G
Fqx5ouOk7wDlKWQolIwWDh3WNQKBgQDEb47VbrIo8BNnO/xxVjAsU7uQIYZkr/GR
6V5oN+kIXrttReZnY/bUVrV84r49E3cNfoZXlfZa7fAEVb9GWbZMk+9M/s78aU5M
xeFNj7HBfbgG3I+1SZQZaAEK6BZuq8GRCLV2JKOn9iInVQQL57/qz6APjC/a52zJ
asNmmcdIfQKBgBmEWgIjwUEvG8gOZkGj7UG43sWwv1QIVWlRth5y0l7Cg9pdqs6P
c+L5byt7LhP9fXVZEiu98/yt9qGk3Qg+6i3Rnr/Tk5LFImLqftcTltvGVkQiS8A6
kVPvzXbpI9gmpBCQKHl7x21ch9AdzWp1zpVs8i3a2R4ryex1mUYzyh11AoGAWhKZ
WS7IDNOA4i50Y/fUYQ8IC2AEAvlWeMScoIc6mLbvlHyf2LrSvK0BzUEfYFwjlBF3
QoQmEa3XB/XVnkmWuOiAqzqP6NfUqol19R21sXaXQrYyQzt46GlzSPABEUA6oulu
Y70LOgI3yPdHwrnCm8YWq+ppKyRBEt6cuNg8s/UCgYEAl3J4fMTYcDjt4H/OTgba
IjKLPV0LuBUfx/PTA0oi81x1c11fM8a/ZeD0QkXDjjrjXM33mbkR0lzFEl7ZOCnh
sRDkkM8MvOsq4KMGnBLQBN0QvKSgsuYDqIEUmFdMHiyckBjuwntMVXnfKYtEJ1Q9
zYHlJn4e4/2VqGK9PWrgAtA=
-----END PRIVATE KEY-----

21
certs/renewcerts.sh
View File

@ -202,6 +202,23 @@ function run_renewcerts(){
openssl x509 -in server-ecc-comp.pem -text > tmp.pem
mv tmp.pem server-ecc-comp.pem
###########################################################
########## update and sign ocsp-cert.pem ##################
###########################################################
echo "Updating ocsp-cert.pem"
echo ""
#pipe the following arguments to openssl req...
echo -e "US\nMontana\nBozeman\nwolfSSL\nSupport\ocsp.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -key ocsp/ocsp-key.pem -nodes > ocsp-req.pem
openssl x509 -req -in ocsp-req.pem -extfile wolfssl.cnf -extensions v3_ocsp -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 03 > ocsp/ocsp-cert.pem
rm ocsp-req.pem
openssl x509 -in ca-cert.pem -text > ca_tmp.pem
openssl x509 -in ocsp/ocsp-cert.pem -text > ocsp_tmp.pem
mv ocsp_tmp.pem ocsp/ocsp-cert.pem
cat ca_tmp.pem >> ocsp/ocsp-cert.pem
rm ca_tmp.pem
############################################################
########## make .der files from .pem files #################
############################################################
@ -302,7 +319,7 @@ elif [ ! -z "$1" ]; then
echo ""
echo ""
#else the argument was invalid, tell user to use -h or -help
else
else
echo ""
echo "That is not a valid option."
echo ""
@ -328,7 +345,7 @@ else
# check options.h a second time, if the user had
# ntru installed on their system and in the default
# path location, then it will now be defined, if the
# path location, then it will now be defined, if the
# user does not have ntru on their system this will fail
# again and we will not update any certs until user installs
# ntru in the default location

15
certs/renewcerts/wolfssl.cnf
View File

@ -1,5 +1,5 @@
#
# wolfssl configuration file
# wolfssl configuration file
#
HOME = .
RANDFILE = $ENV::HOME/.rnd
@ -20,7 +20,7 @@ default_ca = CA_default # The default ca section
[ CA_default ]
####################################################################
# CHANGE THIS LINE TO BE YOUR WOLFSSL_ROOT DIRECTORY #
# CHANGE THIS LINE TO BE YOUR WOLFSSL_ROOT DIRECTORY #
# #
dir = $HOME./.. #
####################################################################
@ -124,6 +124,7 @@ authorityKeyIdentifier=keyid,issuer
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints=CA:true
authorityInfoAccess = OCSP;URI:http://localhost:22222
# Extensions to add to a certificate request
[ v3_req ]
@ -140,6 +141,14 @@ basicConstraints = CA:true
[ crl_ext ]
authorityKeyIdentifier=keyid:always
# OCSP extensions.
[ v3_ocsp ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = OCSPSigning
basicConstraints = CA:false
# These extensions should be added when creating a proxy certificate
[ proxy_cert_ext ]
basicConstraints=CA:FALSE
@ -158,7 +167,7 @@ dir = ./demoCA # directory
serial = $dir/tsaserial # (mandatory)
crypto_device = builtin # engine
signer_cert = $dir/tsacert.pem # certificate
certs = $dir/cacert.pem # chain
certs = $dir/cacert.pem # chain
signer_key = $dir/private/tsakey.pem # (optional)
default_policy = tsa_policy1 # Policy
other_policies = tsa_policy2, tsa_policy3 # (optional)

BIN
certs/server-cert.der
View File

Binary file not shown.

141
certs/server-cert.pem
View File

@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37
serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
67:c0:2c:a9:43:47:e7:11:14:77:ae:cc:d8:e0:6b:23:82:91:
63:e8:a8:0d:21:c5:c8:47:97:2f:d5:f3:86:fb:6c:ce:25:f9:
7c:78:c8:3a:22:68:f2:16:1e:d2:d2:3f:24:04:87:f2:b7:c1:
62:63:ba:c5:fa:ae:d2:20:81:1a:d2:0c:ae:26:6b:1b:2b:10:
d3:e1:9a:4e:64:6c:97:db:36:a8:8f:f8:05:63:bf:ba:0d:88:
0b:87:46:c9:e4:64:e3:d7:bd:b8:2d:d5:c1:c3:c4:db:55:68:
dc:a3:7a:40:b9:a9:f6:04:4a:22:cf:98:76:1c:e4:a3:ff:79:
19:96:57:63:07:6f:f6:32:77:16:50:9b:e3:34:18:d4:eb:be:
fd:b6:6f:e3:c7:f6:85:bf:ac:32:ad:98:57:be:13:92:44:10:
a5:f3:ae:e2:66:da:44:a9:94:71:3f:d0:2f:20:59:87:e4:5a:
40:ee:d2:e4:0c:ce:25:94:dc:0f:fe:38:e0:41:52:34:5c:bb:
c3:db:c1:5f:76:c3:5d:0e:32:69:2b:9d:01:ed:50:1b:4f:77:
a9:a9:d8:71:30:cb:2e:2c:70:00:ab:78:4b:d7:15:d9:17:f8:
64:b2:f7:3a:da:e1:0b:8b:0a:e1:4e:b1:03:46:14:ca:94:e3:
44:77:d7:59
71:17:8f:6f:7d:d6:11:01:79:ac:e9:c2:fb:71:69:6b:0c:64:
91:c1:32:8b:9c:62:72:b5:62:bb:f8:cf:6c:27:df:f0:64:d6:
4a:55:4f:7f:4a:8b:7b:80:5b:3c:a0:31:b0:25:92:02:02:9c:
99:a5:8e:0c:61:ef:b4:1e:01:2e:1c:e9:9c:59:2d:ef:6e:03:
4d:f1:59:e5:5f:69:66:5c:0a:e6:cd:f6:74:20:86:4c:f6:8f:
22:86:68:7e:fe:67:3f:3d:19:b8:61:ef:c5:a5:58:a8:2a:ce:
d3:2c:a7:1b:dd:c8:59:c7:e7:cf:42:42:db:af:fe:15:82:c9:
e5:53:fa:b4:37:55:67:47:0f:e7:24:88:14:a3:6c:be:5f:72:
05:5f:56:33:aa:7f:ac:2e:10:92:b7:a2:f9:c1:62:0c:3b:0c:
69:9a:71:15:11:bc:37:bf:8e:23:14:c2:b1:0d:df:89:45:1e:
df:14:e8:95:35:88:27:a8:ab:dd:7c:23:3f:bb:fe:4e:0e:ea:
a6:ee:f5:77:fb:aa:b8:28:33:f9:61:b0:d2:79:46:a4:ba:a0:
90:c8:e7:96:8f:27:e9:1e:d0:92:43:bb:84:c7:f3:28:0c:41:
aa:77:39:65:aa:0d:02:b0:e0:4d:b1:17:41:c9:f0:d4:47:87:
fb:0f:f0:40
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
MIIE1DCCA7ygAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNTA3
MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
@ -71,28 +74,29 @@ f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X
GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM
QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq
0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ
6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU
sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj
s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h
MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK
Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYDVR0TBAUwAwEB/zAN
BgkqhkiG9w0BAQsFAAOCAQEAZ8AsqUNH5xEUd67M2OBrI4KRY+ioDSHFyEeXL9Xz
hvtsziX5fHjIOiJo8hYe0tI/JASH8rfBYmO6xfqu0iCBGtIMriZrGysQ0+GaTmRs
l9s2qI/4BWO/ug2IC4dGyeRk49e9uC3VwcPE21Vo3KN6QLmp9gRKIs+Ydhzko/95
GZZXYwdv9jJ3FlCb4zQY1Ou+/bZv48f2hb+sMq2YV74TkkQQpfOu4mbaRKmUcT/Q
LyBZh+RaQO7S5AzOJZTcD/444EFSNFy7w9vBX3bDXQ4yaSudAe1QG093qanYcTDL
LixwAKt4S9cV2Rf4ZLL3OtrhC4sK4U6xA0YUypTjRHfXWQ==
6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOCATEwggEtMB0GA1UdDgQW
BBSzETLJkpiE4sn40DtuA0LKHw6OPDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t
M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAMBgNVHRMEBTADAQH/
MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDoy
MjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAcRePb33WEQF5rOnC+3FpawxkkcEyi5xi
crViu/jPbCff8GTWSlVPf0qLe4BbPKAxsCWSAgKcmaWODGHvtB4BLhzpnFkt724D
TfFZ5V9pZlwK5s32dCCGTPaPIoZofv5nPz0ZuGHvxaVYqCrO0yynG93IWcfnz0JC
26/+FYLJ5VP6tDdVZ0cP5ySIFKNsvl9yBV9WM6p/rC4Qkrei+cFiDDsMaZpxFRG8
N7+OIxTCsQ3fiUUe3xTolTWIJ6ir3XwjP7v+Tg7qpu71d/uquCgz+WGw0nlGpLqg
kMjnlo8n6R7QkkO7hMfzKAxBqnc5ZaoNArDgTbEXQcnw1EeH+w/wQA==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15672591315981621815 (0xd9803ac3d2f4da37)
Serial Number: 11990332945272134785 (0xa6663849459bdc81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -123,32 +127,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37
serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
7a:af:44:3b:aa:6f:53:42:b2:33:aa:43:5f:56:30:d3:b9:96:
0b:9a:55:5a:39:2a:0b:4e:e4:2e:f1:95:66:c9:86:36:82:8d:
63:7c:4d:a2:ee:48:ba:03:c7:90:d7:a7:c6:74:60:48:5f:31:
a2:f9:5e:3e:c3:82:e1:e5:2f:41:81:83:29:25:79:d1:53:00:
69:3c:ed:0a:30:3b:41:1d:92:a1:2c:a8:9d:2c:e3:23:87:79:
e0:55:6e:91:a8:50:da:46:2f:c2:20:50:3e:2b:47:97:14:b0:
7d:04:ba:45:51:d0:6e:e1:5a:a2:4b:84:9c:4d:cd:85:04:f9:
28:31:82:93:bc:c7:59:49:91:03:e8:df:6a:e4:56:ad:6a:cb:
1f:0d:37:e4:5e:bd:e7:9f:d5:ec:9d:3c:18:25:9b:f1:2f:50:
7d:eb:31:cb:f1:63:22:9d:57:fc:f3:84:20:1a:c6:07:87:92:
26:9e:15:18:59:33:06:dc:fb:b0:b6:76:5d:f1:c1:2f:c8:2f:
62:9c:c0:d6:de:eb:65:77:f3:5c:a6:c3:88:27:96:75:b4:f4:
54:cd:ff:2d:21:2e:96:f0:07:73:4b:e9:93:92:90:de:62:d9:
a3:3b:ac:6e:24:5f:27:4a:b3:94:70:ff:30:17:e7:7e:32:8f:
65:b7:75:58
41:8f:fb:6b:65:6b:36:f2:56:4f:0c:48:b0:4d:8c:c2:cb:d6:
58:7a:83:3a:30:7d:62:7b:86:f1:15:26:b3:26:02:77:f2:c8:
57:e5:1e:60:68:8b:a4:e8:f3:a8:b2:88:a4:2f:e8:6e:25:8d:
6b:dc:53:ab:2f:d3:47:8c:d6:27:ab:39:bc:d3:ca:d8:01:96:
a4:44:57:38:93:ab:c3:f3:95:67:7f:cf:25:1d:b7:04:dc:06:
c9:5d:24:c1:54:13:71:81:21:31:ee:9f:b4:9d:ce:98:66:a4:
a0:77:c1:88:18:a4:d1:36:ee:cd:d8:c1:1b:bc:03:d6:85:9a:
2e:21:82:95:4c:b2:2a:fe:69:db:ac:e4:97:e1:e9:0e:f1:d3:
ef:20:86:03:01:66:6b:f0:26:0f:39:04:26:f5:42:98:3f:95:
48:5f:b5:5d:bc:49:4c:81:38:d5:e9:72:32:1c:66:1b:12:80:
0f:db:99:f0:97:67:61:79:ad:ab:be:6a:ea:aa:cc:3d:f9:40:
99:00:93:bb:df:4b:41:d4:7f:f1:93:b2:70:83:3a:e3:6b:44:
4b:1f:9f:77:53:ea:5d:e6:59:1e:c0:2d:4b:83:d6:f4:a3:d4:
a9:c3:91:12:e7:61:3f:56:9d:8f:b8:19:29:62:1b:58:df:73:
99:1f:49:63
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJANmAOsPS9No3MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
MIIE4DCCA8igAwIBAgIJAKZmOElFm9yBMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGUMQswCQYDVQQGEwJVUzEQ
Fw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
@ -157,16 +164,18 @@ mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYD
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeq9EO6pvU0KyM6pDX1Yw07mW
C5pVWjkqC07kLvGVZsmGNoKNY3xNou5IugPHkNenxnRgSF8xovlePsOC4eUvQYGD
KSV50VMAaTztCjA7QR2SoSyonSzjI4d54FVukahQ2kYvwiBQPitHlxSwfQS6RVHQ
buFaokuEnE3NhQT5KDGCk7zHWUmRA+jfauRWrWrLHw035F6955/V7J08GCWb8S9Q
fesxy/FjIp1X/POEIBrGB4eSJp4VGFkzBtz7sLZ2XfHBL8gvYpzA1t7rZXfzXKbD
iCeWdbT0VM3/LSEulvAHc0vpk5KQ3mLZozusbiRfJ0qzlHD/MBfnfjKPZbd1WA==
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATEw
ggEtMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAM
BgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
L2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAQY/7a2VrNvJWTwxI
sE2MwsvWWHqDOjB9YnuG8RUmsyYCd/LIV+UeYGiLpOjzqLKIpC/obiWNa9xTqy/T
R4zWJ6s5vNPK2AGWpERXOJOrw/OVZ3/PJR23BNwGyV0kwVQTcYEhMe6ftJ3OmGak
oHfBiBik0TbuzdjBG7wD1oWaLiGClUyyKv5p26zkl+HpDvHT7yCGAwFma/AmDzkE
JvVCmD+VSF+1XbxJTIE41elyMhxmGxKAD9uZ8JdnYXmtq75q6qrMPflAmQCTu99L
QdR/8ZOycIM642tESx+fd1PqXeZZHsAtS4PW9KPUqcOREudhP1adj7gZKWIbWN9z
mR9JYw==
-----END CERTIFICATE-----

32
certs/server-ecc-comp.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17764616133298603308 (0xf6889840946fc52c)
Serial Number: 11822929415875787476 (0xa4137ba9c5cafad4)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - comp, OU=Server ECC-comp, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@ -22,31 +22,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18
DirName:/C=US/ST=Montana/L=Bozeman/O=Elliptic - comp/OU=Server ECC-comp/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:F6:88:98:40:94:6F:C5:2C
serial:A4:13:7B:A9:C5:CA:FA:D4
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:9c:f8:3e:f6:5e:cd:da:b1:08:fe:e2:bd:78:
14:b5:33:b3:29:69:d0:a0:de:19:05:ec:c3:46:29:01:8c:4c:
56:02:21:00:e2:e7:ea:37:c1:08:f6:15:73:0c:92:4f:25:63:
f6:53:96:31:4c:9f:1d:1a:1f:c0:a0:a3:48:bd:71:ce:13:11
30:44:02:20:49:71:5d:49:af:24:71:91:d3:64:0f:f2:bd:be:
51:47:4e:5b:04:c4:04:fe:bf:16:73:d1:7a:a5:05:fe:19:99:
02:20:2c:ab:64:34:e8:c7:7b:c7:79:38:32:64:d9:e1:1b:e8:
1e:d6:31:67:ef:e2:67:4b:e3:86:7f:94:cb:fa:d2:d4
-----BEGIN CERTIFICATE-----
MIIDJTCCAsqgAwIBAgIJAPaImECUb8UsMAoGCCqGSM49BAMCMIGgMQswCQYDVQQG
MIIDVzCCAv6gAwIBAgIJAKQTe6nFyvrUMAoGCCqGSM49BAMCMIGgMQswCQYDVQQG
EwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UE
CgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAxGDAW
BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTAeFw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGgMQswCQYD
c3NsLmNvbTAeFw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGgMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYG
A1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9TZXJ2ZXIgRUNDLWNvbXAx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTA5MBMGByqGSM49AgEGCCqGSM49AwEHAyIAArszrEwnUErGSqUE
wzzenzbbci3OlOor+ssgCTksFuhho4IBCTCCAQUwHQYDVR0OBBYEFIw4Omu4JLff
wzzenzbbci3OlOor+ssgCTksFuhho4IBPTCCATkwHQYDVR0OBBYEFIw4Omu4JLff
bvRZrFZOquJYploYMIHVBgNVHSMEgc0wgcqAFIw4Omu4JLffbvRZrFZOquJYploY
oYGmpIGjMIGgMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UE
BwwHQm96ZW1hbjEYMBYGA1UECgwPRWxsaXB0aWMgLSBjb21wMRgwFgYDVQQLDA9T
ZXJ2ZXIgRUNDLWNvbXAxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAPaImECUb8UsMAwGA1UdEwQFMAMB
Af8wCgYIKoZIzj0EAwIDSQAwRgIhAJz4PvZezdqxCP7ivXgUtTOzKWnQoN4ZBezD
RikBjExWAiEA4ufqN8EI9hVzDJJPJWP2U5YxTJ8dGh/AoKNIvXHOExE=
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKQTe6nFyvrUMAwGA1UdEwQFMAMB
Af8wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0
OjIyMjIyMAoGCCqGSM49BAMCA0cAMEQCIElxXUmvJHGR02QP8r2+UUdOWwTEBP6/
FnPReqUF/hmZAiAsq2Q06Md7x3k4MmTZ4RvoHtYxZ+/iZ0vjhn+Uy/rS1A==
-----END CERTIFICATE-----

70
certs/server-ecc-rsa.pem
View File

@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Elliptic - RSAsig, OU=ECC-RSAsig, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@ -24,46 +24,50 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37
serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
ac:2b:a9:d9:15:3b:9a:42:fb:86:2b:c1:f2:18:7c:a6:ca:27:
0b:48:81:64:20:3b:d3:4f:ee:95:d4:c5:fd:5f:c7:d6:ab:a1:
41:85:cc:e1:16:e1:fd:ce:8a:af:95:27:f2:f0:7a:3d:59:5d:
3a:5d:03:99:cb:4c:5c:19:35:9c:b2:6e:7e:2b:10:e2:7f:ef:
14:35:79:ca:67:eb:51:a9:e9:bb:5f:52:af:9d:79:80:b5:31:
5c:f0:20:ca:c7:e9:9b:29:82:c4:a4:74:0a:2a:76:ea:ad:59:
a2:f9:a2:cf:53:40:11:ac:1a:de:fc:ab:28:96:9f:cf:ff:b9:
74:31:95:c4:6d:d2:76:c1:93:97:75:a6:9f:69:a3:7d:92:75:
b8:27:a2:bd:4d:4b:54:11:b4:8a:43:f2:fc:10:a5:82:fb:51:
45:57:86:00:85:71:91:21:37:5c:9f:f3:68:06:ae:9e:86:46:
8d:4b:e3:d0:42:a4:cf:c1:5d:95:bc:1a:92:f8:44:1e:a0:1b:
c8:98:41:af:8e:94:41:60:69:b1:7c:8e:70:ce:88:42:44:3a:
2d:3f:de:6e:3a:aa:d1:64:be:03:68:60:b6:ac:e5:44:c1:bb:
f1:c9:40:90:c2:c9:8f:ec:32:9d:e0:b4:4b:1a:e7:da:99:94:
fe:e2:b6:2a
59:56:ea:45:49:9c:ae:e2:07:31:cd:d0:a0:db:af:7d:6d:60:
ef:ac:e0:30:46:01:f7:43:fc:5c:ab:32:1b:2f:8b:97:14:b4:
dc:68:1c:f2:11:a7:f4:b8:9a:84:02:10:0c:52:ba:c1:7a:f2:
3f:aa:09:cb:e4:08:70:c5:76:8f:9c:7e:24:7a:62:55:0f:ae:
b8:b8:5f:57:22:9e:8d:85:75:67:88:b3:39:2c:57:bd:aa:8a:
e5:d6:5b:64:0f:1b:47:a7:83:6d:fa:73:4f:ac:f7:ae:6a:ea:
4d:ca:36:d6:b7:21:a6:01:c3:b5:a2:0e:27:44:2b:f3:62:8f:
96:70:45:c3:31:48:8e:fc:e7:64:7e:8a:93:42:f7:03:d5:71:
d2:a5:8f:f5:60:6e:88:9b:d4:6a:fc:a1:1e:ae:a4:b4:34:13:
9b:4c:2c:67:1e:2f:f3:bb:bf:73:87:a0:18:16:af:df:02:bf:
f1:a5:89:61:af:29:48:59:c8:a5:13:70:05:c2:f8:ca:30:91:
82:22:cf:09:c1:0f:a7:96:fb:19:59:09:72:03:b3:9a:be:89:
62:5a:cd:ab:d0:e5:43:50:5f:3f:d8:d0:b3:66:63:5e:8f:c1:
e4:35:fa:1f:f5:88:31:5f:a1:71:f4:e7:ab:c4:4e:64:74:72:
c6:ca:1c:aa
-----BEGIN CERTIFICATE-----
MIID4DCCAsigAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
MIIEFjCCAv6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNTA3
MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g
UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO
PQIBBggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBbo
YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4H8MIH5MB0GA1UdDgQW
BBRdXSbvrH42+Zt2FStKJQIj77KJMDCByQYDVR0jBIHBMIG+gBQnjmcRdMMmHT/t
M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQDZgDrD0vTaNzAMBgNVHRMEBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQCsK6nZFTuaQvuGK8HyGHymyicLSIFkIDvTT+6V
1MX9X8fWq6FBhczhFuH9zoqvlSfy8Ho9WV06XQOZy0xcGTWcsm5+KxDif+8UNXnK
Z+tRqem7X1KvnXmAtTFc8CDKx+mbKYLEpHQKKnbqrVmi+aLPU0ARrBre/Ksolp/P
/7l0MZXEbdJ2wZOXdaafaaN9knW4J6K9TUtUEbSKQ/L8EKWC+1FFV4YAhXGRITdc
n/NoBq6ehkaNS+PQQqTPwV2VvBqS+EQeoBvImEGvjpRBYGmxfI5wzohCRDotP95u
OqrRZL4DaGC2rOVEwbvxyUCQwsmP7DKd4LRLGufamZT+4rYq
YQLpr03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBMTCCAS0wHQYDVR0O
BBYEFF1dJu+sfjb5m3YVK0olAiPvsokwMIHJBgNVHSMEgcEwgb6AFCeOZxF0wyYd
P+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u
dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgxEzARBgNV
BAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAKZmOElFm9yBMAwGA1UdEwQFMAMB
Af8wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0
OjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IBAQBZVupFSZyu4gcxzdCg2699bWDvrOAw
RgH3Q/xcqzIbL4uXFLTcaBzyEaf0uJqEAhAMUrrBevI/qgnL5AhwxXaPnH4kemJV
D664uF9XIp6NhXVniLM5LFe9qorl1ltkDxtHp4Nt+nNPrPeuaupNyjbWtyGmAcO1
og4nRCvzYo+WcEXDMUiO/OdkfoqTQvcD1XHSpY/1YG6Im9Rq/KEerqS0NBObTCxn
Hi/zu79zh6AYFq/fAr/xpYlhrylIWcilE3AFwvjKMJGCIs8JwQ+nlvsZWQlyA7Oa
voliWs2r0OVDUF8/2NCzZmNej8HkNfof9YgxX6Fx9OerxE5kdHLGyhyq
-----END CERTIFICATE-----

42
certs/server-ecc.pem
View File

@ -1,12 +1,12 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12841786837162396166 (0xb2373116f65a0a06)
Serial Number: 16848175057268226162 (0xe9d0bdf2fa11b872)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Washington, L=Seattle, O=Eliptic, OU=ECC, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@ -24,31 +24,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:B2:37:31:16:F6:5A:0A:06
serial:E9:D0:BD:F2:FA:11:B8:72
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:35:25:33:ea:7c:3b:e2:2e:ed:e4:2e:9a:91:f1:
c3:86:ff:a7:27:35:a9:f6:29:d6:f8:d5:9a:0b:35:f1:21:c7:
02:21:00:bc:79:f7:fd:66:d4:d3:46:61:e4:19:e5:f7:74:03:
83:27:f8:26:c0:86:15:a9:e2:10:e3:ad:6b:b9:1c:1d:eb
30:45:02:21:00:f1:2d:c5:41:b2:f3:7d:ae:f5:58:d9:96:b3:
b8:d5:d6:c6:71:b2:de:45:8f:78:56:74:d3:6b:7c:e6:c8:42:
6a:02:20:53:2d:22:00:e8:61:39:0c:d2:bc:29:11:51:eb:0e:
fa:ec:bd:b0:f6:5d:58:e7:1e:49:e4:f2:2a:77:b1:15:3e
-----BEGIN CERTIFICATE-----
MIIDDzCCArWgAwIBAgIJALI3MRb2WgoGMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG
MIIDRTCCAuugAwIBAgIJAOnQvfL6EbhyMAoGCCqGSM49BAMCMIGPMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNTA3
MTgyMTAxWhcNMTgwMTMxMTgyMTAxWjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
f/DPGNqREQI0huggWDMLgDSJ2KOB9zCB9DAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
SiUCI++yiTAwgcQGA1UdIwSBvDCBuYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZWk
gZIwgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
LmNvbYIJALI3MRb2WgoGMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIg
NSUz6nw74i7t5C6akfHDhv+nJzWp9inW+NWaCzXxIccCIQC8eff9ZtTTRmHkGeX3
dAODJ/gmwIYVqeIQ461ruRwd6w==
f/DPGNqREQI0huggWDMLgDSJ2KOCASwwggEoMB0GA1UdDgQWBBRdXSbvrH42+Zt2
FStKJQIj77KJMDCBxAYDVR0jBIG8MIG5gBRdXSbvrH42+Zt2FStKJQIj77KJMKGB
laSBkjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNV
BAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMxDDAKBgNVBAsMA0VDQzEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggkA6dC98voRuHIwDAYDVR0TBAUwAwEB/zAyBggrBgEFBQcBAQQmMCQw
IgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6MjIyMjIwCgYIKoZIzj0EAwID
SAAwRQIhAPEtxUGy832u9VjZlrO41dbGcbLeRY94VnTTa3zmyEJqAiBTLSIA6GE5
DNK8KRFR6w767L2w9l1Y5x5J5PIqd7EVPg==
-----END CERTIFICATE-----

141
certs/server-revoked-cert.pem
View File

@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: Jul 23 22:04:57 2015 GMT
Not After : Apr 18 22:04:57 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL_revoked, OU=Support_revoked, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -37,32 +37,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37
serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
34:66:48:5b:30:5c:6e:fa:76:c9:6a:ce:07:79:d9:99:fa:7a:
9d:80:2d:fc:51:78:71:c4:31:2c:40:28:c8:63:26:6f:d2:39:
63:97:3f:00:d3:d0:69:10:3f:a9:00:07:7b:59:44:85:29:03:
31:0a:d8:ed:88:e5:1e:fa:e0:8c:9b:e0:7e:6e:d6:fb:7c:cc:
cf:bd:43:0a:df:15:bd:8f:2a:6f:b2:51:19:b8:2a:64:0e:25:
68:75:af:43:5a:bf:40:2b:69:9c:27:81:0c:5d:78:a1:55:a4:
21:a0:87:9e:a2:aa:60:ac:da:2f:30:f5:d5:c9:c1:22:6b:c1:
06:c2:42:c7:56:35:13:cd:af:5f:c9:89:bf:e9:30:b3:92:bc:
21:6d:b8:23:85:46:44:3f:52:72:a4:7b:95:41:1a:b1:03:92:
aa:0c:5c:2e:16:95:c5:60:7a:6c:6b:f8:ae:9b:b7:08:c9:1f:
0d:85:91:e0:7f:bc:0d:0d:c7:69:2d:5f:99:b7:88:06:be:c5:
d3:84:1a:46:b6:cb:53:04:27:e9:71:36:72:41:f6:63:9b:cb:
25:6f:16:8b:0e:ef:42:db:b5:27:45:cf:a7:3e:3e:ae:78:7c:
d8:6b:a8:f6:52:e4:a7:93:b7:8c:94:d2:4a:93:04:20:67:aa:
c3:ea:24:f9
34:08:b8:9f:36:68:00:9b:46:f1:f5:b5:ec:b8:4e:7d:b2:5e:
83:c1:5a:f1:37:56:ed:9a:99:c7:69:34:65:51:b0:ce:0d:2e:
49:e8:99:c4:ed:aa:ba:cf:2d:ef:33:da:49:20:bb:31:d8:39:
96:26:5a:4d:99:56:43:e6:8e:84:a8:c2:09:10:db:27:7e:7d:
a3:f4:6a:09:3e:01:84:6b:a4:22:3e:4f:fb:8c:42:e5:cb:99:
82:7c:05:c1:c3:1d:bc:a1:eb:c1:d2:02:b1:b6:5a:e5:59:e0:
d1:e0:8f:90:6b:97:2c:bf:d1:e3:67:a9:42:08:16:b4:2e:e7:
d2:39:d6:6a:e3:7e:4c:a6:11:4e:04:7a:0c:6f:69:c3:44:ff:
d7:d2:8f:44:7d:94:a5:73:8a:db:9f:0a:10:76:53:81:b9:f3:
5d:98:24:f4:09:2d:77:95:79:c8:29:e8:64:20:15:b4:4b:47:
56:67:a5:b4:51:23:dc:0f:f9:e1:f2:aa:2a:3f:cb:1e:2b:9d:
71:fd:7e:2d:b6:23:aa:c4:c3:b6:b8:88:1a:d5:08:68:8a:2e:
50:48:39:f6:fe:fb:f9:dc:0f:da:eb:8c:0e:39:21:3b:79:9a:
dc:cc:1c:79:35:a4:35:ac:06:6f:f8:f2:3c:56:0a:03:08:77:
b8:26:e3:c7
-----BEGIN CERTIFICATE-----
MIIErjCCA5agAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
MIIE5DCCA8ygAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUwNzIz
MjIwNDU3WhcNMTgwNDE4MjIwNDU3WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTUxMTIz
MTI0OTM3WhcNMTgwODE5MTI0OTM3WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2
b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s
ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
@ -72,28 +75,29 @@ ayQbdkisxiOlp+QFGb239t76/+1bPHmKqdXx++vIseSyq1JyiZMiXLrNijYqLNFA
Hf3mQ8cbM7j05RtZORI4TS2bZGiY/I1yEpHyJCVsTEpIV5IAzH7Y1D24HfKe6rIj
D1EPEUEc9ScAGwh6EjoFWwMk/rF7IPrkqFjGys5/vpUBEp0F5jkTG8A+Vi4rn3Y3
3t6b4A16Yw2nIljbMcf3tEZcurZLSLEYmmizY0f9rxJfL/4Qy1grM2iFAgMBAAGj
gfwwgfkwHQYDVR0OBBYEFNgJK1nhKu7Z7kCqnKvwXSgJTyK7MIHJBgNVHSMEgcEw
gb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJANmAOsPS9No3
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADRmSFswXG76dslqzgd5
2Zn6ep2ALfxReHHEMSxAKMhjJm/SOWOXPwDT0GkQP6kAB3tZRIUpAzEK2O2I5R76
4Iyb4H5u1vt8zM+9QwrfFb2PKm+yURm4KmQOJWh1r0Nav0AraZwngQxdeKFVpCGg
h56iqmCs2i8w9dXJwSJrwQbCQsdWNRPNr1/Jib/pMLOSvCFtuCOFRkQ/UnKke5VB
GrEDkqoMXC4WlcVgemxr+K6btwjJHw2FkeB/vA0Nx2ktX5m3iAa+xdOEGka2y1ME
J+lxNnJB9mObyyVvFosO70LbtSdFz6c+Pq54fNhrqPZS5KeTt4yU0kqTBCBnqsPq
JPk=
ggExMIIBLTAdBgNVHQ4EFgQU2AkrWeEq7tnuQKqcq/BdKAlPIrswgckGA1UdIwSB
wTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkApmY4SUWb
3IEwDAYDVR0TBAUwAwEB/zAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0
dHA6Ly9sb2NhbGhvc3Q6MjIyMjIwDQYJKoZIhvcNAQELBQADggEBADQIuJ82aACb
RvH1tey4Tn2yXoPBWvE3Vu2amcdpNGVRsM4NLknomcTtqrrPLe8z2kkguzHYOZYm
Wk2ZVkPmjoSowgkQ2yd+faP0agk+AYRrpCI+T/uMQuXLmYJ8BcHDHbyh68HSArG2
WuVZ4NHgj5Brlyy/0eNnqUIIFrQu59I51mrjfkymEU4EegxvacNE/9fSj0R9lKVz
itufChB2U4G5812YJPQJLXeVecgp6GQgFbRLR1ZnpbRRI9wP+eHyqio/yx4rnXH9
fi22I6rEw7a4iBrVCGiKLlBIOfb++/ncD9rrjA45ITt5mtzMHHk1pDWsBm/48jxW
CgMId7gm48c=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15672591315981621815 (0xd9803ac3d2f4da37)
Serial Number: 11990332945272134785 (0xa6663849459bdc81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Validity
Not Before: May 7 18:21:01 2015 GMT
Not After : Jan 31 18:21:01 2018 GMT
Not Before: Nov 23 12:49:37 2015 GMT
Not After : Aug 19 12:49:37 2018 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@ -124,32 +128,35 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:D9:80:3A:C3:D2:F4:DA:37
serial:A6:66:38:49:45:9B:DC:81
X509v3 Basic Constraints:
CA:TRUE
Authority Information Access:
OCSP - URI:http://localhost:22222
Signature Algorithm: sha256WithRSAEncryption
7a:af:44:3b:aa:6f:53:42:b2:33:aa:43:5f:56:30:d3:b9:96:
0b:9a:55:5a:39:2a:0b:4e:e4:2e:f1:95:66:c9:86:36:82:8d:
63:7c:4d:a2:ee:48:ba:03:c7:90:d7:a7:c6:74:60:48:5f:31:
a2:f9:5e:3e:c3:82:e1:e5:2f:41:81:83:29:25:79:d1:53:00:
69:3c:ed:0a:30:3b:41:1d:92:a1:2c:a8:9d:2c:e3:23:87:79:
e0:55:6e:91:a8:50:da:46:2f:c2:20:50:3e:2b:47:97:14:b0:
7d:04:ba:45:51:d0:6e:e1:5a:a2:4b:84:9c:4d:cd:85:04:f9:
28:31:82:93:bc:c7:59:49:91:03:e8:df:6a:e4:56:ad:6a:cb:
1f:0d:37:e4:5e:bd:e7:9f:d5:ec:9d:3c:18:25:9b:f1:2f:50:
7d:eb:31:cb:f1:63:22:9d:57:fc:f3:84:20:1a:c6:07:87:92:
26:9e:15:18:59:33:06:dc:fb:b0:b6:76:5d:f1:c1:2f:c8:2f:
62:9c:c0:d6:de:eb:65:77:f3:5c:a6:c3:88:27:96:75:b4:f4:
54:cd:ff:2d:21:2e:96:f0:07:73:4b:e9:93:92:90:de:62:d9:
a3:3b:ac:6e:24:5f:27:4a:b3:94:70:ff:30:17:e7:7e:32:8f:
65:b7:75:58
41:8f:fb:6b:65:6b:36:f2:56:4f:0c:48:b0:4d:8c:c2:cb:d6:
58:7a:83:3a:30:7d:62:7b:86:f1:15:26:b3:26:02:77:f2:c8:
57:e5:1e:60:68:8b:a4:e8:f3:a8:b2:88:a4:2f:e8:6e:25:8d:
6b:dc:53:ab:2f:d3:47:8c:d6:27:ab:39:bc:d3:ca:d8:01:96:
a4:44:57:38:93:ab:c3:f3:95:67:7f:cf:25:1d:b7:04:dc:06:
c9:5d:24:c1:54:13:71:81:21:31:ee:9f:b4:9d:ce:98:66:a4:
a0:77:c1:88:18:a4:d1:36:ee:cd:d8:c1:1b:bc:03:d6:85:9a:
2e:21:82:95:4c:b2:2a:fe:69:db:ac:e4:97:e1:e9:0e:f1:d3:
ef:20:86:03:01:66:6b:f0:26:0f:39:04:26:f5:42:98:3f:95:
48:5f:b5:5d:bc:49:4c:81:38:d5:e9:72:32:1c:66:1b:12:80:
0f:db:99:f0:97:67:61:79:ad:ab:be:6a:ea:aa:cc:3d:f9:40:
99:00:93:bb:df:4b:41:d4:7f:f1:93:b2:70:83:3a:e3:6b:44:
4b:1f:9f:77:53:ea:5d:e6:59:1e:c0:2d:4b:83:d6:f4:a3:d4:
a9:c3:91:12:e7:61:3f:56:9d:8f:b8:19:29:62:1b:58:df:73:
99:1f:49:63
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIJANmAOsPS9No3MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
MIIE4DCCA8igAwIBAgIJAKZmOElFm9yBMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0xNTA1MDcxODIxMDFaFw0xODAxMzExODIxMDFaMIGUMQswCQYDVQQGEwJVUzEQ
Fw0xNTExMjMxMjQ5MzdaFw0xODA4MTkxMjQ5MzdaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
@ -158,16 +165,18 @@ mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB
+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU
J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkA2YA6w9L02jcwDAYD
VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAeq9EO6pvU0KyM6pDX1Yw07mW
C5pVWjkqC07kLvGVZsmGNoKNY3xNou5IugPHkNenxnRgSF8xovlePsOC4eUvQYGD
KSV50VMAaTztCjA7QR2SoSyonSzjI4d54FVukahQ2kYvwiBQPitHlxSwfQS6RVHQ
buFaokuEnE3NhQT5KDGCk7zHWUmRA+jfauRWrWrLHw035F6955/V7J08GCWb8S9Q
fesxy/FjIp1X/POEIBrGB4eSJp4VGFkzBtz7sLZ2XfHBL8gvYpzA1t7rZXfzXKbD
iCeWdbT0VM3/LSEulvAHc0vpk5KQ3mLZozusbiRfJ0qzlHD/MBfnfjKPZbd1WA==
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATEw
ggEtMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCmZjhJRZvcgTAM
BgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
L2xvY2FsaG9zdDoyMjIyMjANBgkqhkiG9w0BAQsFAAOCAQEAQY/7a2VrNvJWTwxI
sE2MwsvWWHqDOjB9YnuG8RUmsyYCd/LIV+UeYGiLpOjzqLKIpC/obiWNa9xTqy/T
R4zWJ6s5vNPK2AGWpERXOJOrw/OVZ3/PJR23BNwGyV0kwVQTcYEhMe6ftJ3OmGak
oHfBiBik0TbuzdjBG7wD1oWaLiGClUyyKv5p26zkl+HpDvHT7yCGAwFma/AmDzkE
JvVCmD+VSF+1XbxJTIE41elyMhxmGxKAD9uZ8JdnYXmtq75q6qrMPflAmQCTu99L
QdR/8ZOycIM642tESx+fd1PqXeZZHsAtS4PW9KPUqcOREudhP1adj7gZKWIbWN9z
mR9JYw==
-----END CERTIFICATE-----

29
configure.ac
View File

@ -1658,7 +1658,7 @@ fi
# Certificate Status Request : a.k.a. OCSP Stapling
AC_ARG_ENABLE([ocspstapling],
[AS_HELP_STRING([--enable-ocspstapling],[Enable Certificate Status Request - a.k.a. OCSP Stapling (default: disabled)])],
[AS_HELP_STRING([--enable-ocspstapling],[Enable OCSP Stapling (default: disabled)])],
[ ENABLED_CERTIFICATE_STATUS_REQUEST=$enableval ],
[ ENABLED_CERTIFICATE_STATUS_REQUEST=no ]
)
@ -1676,6 +1676,30 @@ then
fi
fi
AM_CONDITIONAL([BUILD_OCSP_STAPLING], [test "x$ENABLED_CERTIFICATE_STATUS_REQUEST" = "xyes"])
# Certificate Status Request v2 : a.k.a. OCSP stapling v2
AC_ARG_ENABLE([ocspstapling2],
[AS_HELP_STRING([--enable-ocspstapling2],[Enable OCSP Stapling v2 (default: disabled)])],
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=$enableval ],
[ ENABLED_CERTIFICATE_STATUS_REQUEST_V2=no ]
)
if test "x$ENABLED_CERTIFICATE_STATUS_REQUEST_V2" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_CERTIFICATE_STATUS_REQUEST_V2"
# Requires OCSP make sure on
if test "x$ENABLED_OCSP" = "xno"
then
ENABLED_OCSP="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP"
AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"])
fi
fi
AM_CONDITIONAL([BUILD_OCSP_STAPLING_V2], [test "x$ENABLED_CERTIFICATE_STATUS_REQUEST_V2" = "xyes"])
# Renegotiation Indication - (FAKE Secure Renegotiation)
AC_ARG_ENABLE([renegotiation-indication],
[AS_HELP_STRING([--enable-renegotiation-indication],[Enable Renegotiation Indication (default: disabled)])],
@ -2737,7 +2761,8 @@ echo " * Server Name Indication: $ENABLED_SNI"
echo " * ALPN: $ENABLED_ALPN"
echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT"
echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC"
echo " * Certificate Status Request: $ENABLED_CERTIFICATE_STATUS_REQUEST"
echo " * OCSP Stapling: $ENABLED_CERTIFICATE_STATUS_REQUEST"
echo " * OCSP Stapling v2: $ENABLED_CERTIFICATE_STATUS_REQUEST_V2"
echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES"
echo " * Session Ticket: $ENABLED_SESSION_TICKET"
echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION"

43
examples/client/client.c
View File

@ -364,7 +364,8 @@ static void Usage(void)
printf("-o Perform OCSP lookup on peer certificate\n");
printf("-O <url> Perform OCSP lookup using <url> as responder\n");
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
printf("-W Use OCSP Stapling\n");
#endif
#ifdef ATOMIC_USER
@ -446,7 +447,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef HAVE_TRUNCATED_HMAC
byte truncatedHMAC = 0;
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
byte statusRequest = 0;
#endif
@ -488,7 +490,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef WOLFSSL_VXWORKS
while ((ch = mygetopt(argc, argv,
"?gdeDusmNrwRitfxXUPCVh:p:v:l:A:c:k:Z:b:zS:F:L:ToO:aB:W")) != -1) {
"?gdeDusmNrwRitfxXUPCVh:p:v:l:A:c:k:Z:b:zS:F:L:ToO:aB:W:")) != -1) {
switch (ch) {
case '?' :
Usage();
@ -680,8 +682,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break;
case 'W' :
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
statusRequest = 1;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
statusRequest = atoi(myoptarg);
#endif
break;
@ -1009,9 +1012,35 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (statusRequest) {
if (wolfSSL_UseCertificateStatusRequest(ssl, WOLFSSL_CSR_OCSP,
switch (statusRequest) {
case WOLFSSL_CSR_OCSP:
if (wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR_OCSP,
WOLFSSL_CSR_OCSP_USE_NONCE) != SSL_SUCCESS)
err_sys("UseCertificateStatusRequest failed");
err_sys("UseCertificateStatusRequest failed");
break;
}
wolfSSL_CTX_EnableOCSP(ctx, 0);
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (statusRequest) {
switch (statusRequest) {
case WOLFSSL_CSR2_OCSP:
if (wolfSSL_UseOCSPStaplingV2(ssl,
WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE)
!= SSL_SUCCESS)
err_sys("UseCertificateStatusRequest failed");
break;
case WOLFSSL_CSR2_OCSP_MULTI:
if (wolfSSL_UseOCSPStaplingV2(ssl,
WOLFSSL_CSR2_OCSP_MULTI, 0)
!= SSL_SUCCESS)
err_sys("UseCertificateStatusRequest failed");
break;
}
wolfSSL_CTX_EnableOCSP(ctx, 0);
}

15
examples/server/server.c
View File

@ -610,7 +610,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
if (!usePsk && !useAnon) {
if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
if (SSL_CTX_use_certificate_chain_file(ctx, ourCert)
!= SSL_SUCCESS)
err_sys("can't load server cert file, check file and run from"
" wolfSSL home dir");
@ -743,6 +743,17 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
}
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (wolfSSL_CTX_EnableOCSPStapling(ctx) != SSL_SUCCESS)
err_sys("can't enable OCSP Stapling Certificate Manager");
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate1-ca-cert.pem", 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate2-ca-cert.pem", 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
if (SSL_CTX_load_verify_locations(ctx, "certs/ocsp/intermediate3-ca-cert.pem", 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from wolfSSL home dir");
#endif
#ifdef HAVE_PK_CALLBACKS
if (pkCallbacks)
SetupPkCallbacks(ctx, ssl);
@ -986,5 +997,3 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
return 0;
}
#endif

24
scripts/include.am
View File

@ -9,8 +9,9 @@ dist_noinst_SCRIPTS+= scripts/sniffer-testsuite.test
endif
if BUILD_EXAMPLES
dist_noinst_SCRIPTS+= scripts/resume.test
EXTRA_DIST+= scripts/benchmark.test
EXTRA_DIST+= scripts/benchmark.test
if BUILD_CRL
# make revoked test rely on completion of resume test
@ -23,6 +24,27 @@ dist_noinst_SCRIPTS+= scripts/external.test
dist_noinst_SCRIPTS+= scripts/google.test
#dist_noinst_SCRIPTS+= scripts/openssl.test
endif
if BUILD_OCSP
dist_noinst_SCRIPTS+= scripts/ocsp.test
endif
if BUILD_OCSP_STAPLING
dist_noinst_SCRIPTS+= scripts/ocsp-stapling.test
scripts/ocsp-stapling.log: scripts/ocsp.log
endif
if BUILD_OCSP_STAPLING_V2
dist_noinst_SCRIPTS+= scripts/ocsp-stapling2.test
if BUILD_OCSP_STAPLING
scripts/ocsp-stapling2.log: scripts/ocsp-stapling.log
else
scripts/ocsp-stapling2.log: scripts/ocsp.log
endif
endif
endif

41
scripts/ocsp-stapling.test Executable file
View File

@ -0,0 +1,41 @@
#!/bin/sh
# ocsp-stapling.test
trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
server=login.live.com
ca=certs/external/ca-verisign-g5.pem
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# is our desired server there? - login.live.com doesn't answers PING
# ping -c 2 $server
# RESULT=$?
# [ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# setup ocsp responder
./certs/ocsp/ocspd1.sh &
sleep 1
[ $(jobs -r | wc -l) -ne 1 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
# client test against our own server - GOOD CERT
./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# client test against our own server - REVOKED CERT
./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
exit 0

55
scripts/ocsp-stapling2.test Executable file
View File

@ -0,0 +1,55 @@
#!/bin/sh
# ocsp-stapling.test
trap 'for i in `jobs -p`; do pkill -TERM -P $i; kill $i; done' EXIT
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# setup ocsp responders
./certs/ocsp/ocspd0.sh &
./certs/ocsp/ocspd2.sh &
./certs/ocsp/ocspd3.sh &
sleep 1
[ $(jobs -r | wc -l) -ne 3 ] && echo -e "\n\nSetup ocsp responder failed, skipping" && exit 0
# client test against our own server - GOOD CERTS
./examples/server/server -c certs/ocsp/server3-cert.pem -k certs/ocsp/server3-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
./examples/server/server -c certs/ocsp/server3-cert.pem -k certs/ocsp/server3-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
# client test against our own server - REVOKED SERVER CERT
./examples/server/server -c certs/ocsp/server4-cert.pem -k certs/ocsp/server4-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
./examples/server/server -c certs/ocsp/server4-cert.pem -k certs/ocsp/server4-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
# client test against our own server - REVOKED INTERMEDIATE CERT
./examples/server/server -c certs/ocsp/server5-cert.pem -k certs/ocsp/server5-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed $RESULT" && exit 1
./examples/server/server -c certs/ocsp/server5-cert.pem -k certs/ocsp/server5-key.pem &
sleep 1
./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2
RESULT=$?
[ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1
exit 0

20
scripts/ocsp.test Executable file
View File

@ -0,0 +1,20 @@
#!/bin/sh
# ocsp-stapling.test
server=www.globalsign.com
ca=certs/external/ca-globalsign-root-r2.pem
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# is our desired server there?
ping -c 2 $server
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nCouldn't find $server, skipping" && exit 0
# client test against the server
./examples/client/client -X -C -h $server -p 443 -A $ca -g -o
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
exit 0

648
src/internal.c
View File

@ -541,6 +541,10 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
/* In case contexts are held in array and don't want to free actual ctx */
void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
{
int i;
(void)i;
XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD);
if (ctx->suites)
XFREE(ctx->suites, ctx->heap, DYNAMIC_TYPE_SUITES);
@ -549,15 +553,39 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
#endif
#ifndef NO_CERTS
XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY);
XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT);
wolfSSL_CertManagerFree(ctx->cm);
#endif
#ifdef HAVE_TLS_EXTENSIONS
TLSX_FreeAll(ctx->extensions);
#ifndef NO_WOLFSSL_SERVER
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (ctx->certOcspRequest) {
FreeOcspRequest(ctx->certOcspRequest);
XFREE(ctx->certOcspRequest, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
for (i = 0; i < MAX_CHAIN_DEPTH; i++) {
if (ctx->chainOcspRequest[i]) {
FreeOcspRequest(ctx->chainOcspRequest[i]);
XFREE(ctx->chainOcspRequest[i], NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
}
#endif
#endif /* NO_WOLFSSL_SERVER */
#endif /* HAVE_TLS_EXTENSIONS */
}
@ -4507,10 +4535,16 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#if defined(HAVE_OCSP) || defined(HAVE_CRL)
if (ret == 0) {
int doCrlLookup = 1;
#ifdef HAVE_OCSP
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2)
ret = TLSX_CSR2_InitRequests(ssl->extensions, dCert, 0);
else /* skips OCSP and force CRL check */
#endif
if (ssl->ctx->cm->ocspEnabled && ssl->ctx->cm->ocspCheckAll) {
WOLFSSL_MSG("Doing Non Leaf OCSP check");
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert);
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert, NULL);
doCrlLookup = (ret == OCSP_CERT_UNKNOWN);
if (ret != 0) {
doCrlLookup = 0;
@ -4520,7 +4554,7 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif /* HAVE_OCSP */
#ifdef HAVE_CRL
if (doCrlLookup && ssl->ctx->cm->crlEnabled
if (ret == 0 && doCrlLookup && ssl->ctx->cm->crlEnabled
&& ssl->ctx->cm->crlCheckAll) {
WOLFSSL_MSG("Doing Non Leaf CRL check");
ret = CheckCertCRL(ssl->ctx->cm->crl, dCert);
@ -4599,19 +4633,25 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (fatal == 0) {
int doLookup = 1;
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->options.side == WOLFSSL_CLIENT_END) {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->status_request) {
fatal = TLSX_CSR_InitRequest(ssl->extensions, dCert);
doLookup = 0;
}
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2) {
fatal = TLSX_CSR2_InitRequests(ssl->extensions, dCert, 1);
doLookup = 0;
}
#endif
}
#ifdef HAVE_OCSP
if (doLookup && ssl->ctx->cm->ocspEnabled) {
WOLFSSL_MSG("Doing Leaf OCSP check");
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert);
ret = CheckCertOCSP(ssl->ctx->cm->ocsp, dCert, NULL);
doLookup = (ret == OCSP_CERT_UNKNOWN);
if (ret != 0) {
WOLFSSL_MSG("\tOCSP Lookup not ok");
@ -4957,63 +4997,175 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return BUFFER_ERROR;
switch (status_type) {
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST)
case WOLFSSL_CSR_OCSP: {
OcspRequest* request = TLSX_CSR_GetRequest(ssl->extensions);
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
#ifdef WOLFSSL_SMALL_STACK
CertStatus* status;
OcspResponse* response;
#else
CertStatus status[1];
OcspResponse response[1];
#endif
/* WOLFSSL_CSR_OCSP overlaps with WOLFSSL_CSR2_OCSP */
case WOLFSSL_CSR2_OCSP: {
OcspRequest* request;
#ifdef WOLFSSL_SMALL_STACK
CertStatus* status;
OcspResponse* response;
#else
CertStatus status[1];
OcspResponse response[1];
#endif
do {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->status_request) {
request = TLSX_CSR_GetRequest(ssl->extensions);
ssl->status_request = 0;
break;
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2) {
request = TLSX_CSR2_GetRequest(ssl->extensions,
status_type, 0);
ssl->status_request_v2 = 0;
break;
}
#endif
return BUFFER_ERROR;
} while(0);
#ifdef WOLFSSL_SMALL_STACK
status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
if (request == NULL)
return BAD_CERTIFICATE_STATUS_ERROR; /* not expected */
#ifdef WOLFSSL_SMALL_STACK
status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (status == NULL || response == NULL) {
if (status) XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (response) XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (status == NULL || response == NULL) {
if (status)
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (response)
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_ERROR;
}
#endif
return MEMORY_ERROR;
}
#endif
InitOcspResponse(response, status, input +*inOutIdx, status_length);
if ((ret = OcspResponseDecode(response, ssl->ctx->cm)) == 0) {
if (response->responseStatus != OCSP_SUCCESSFUL)
ret = BAD_CERTIFICATE_STATUS_ERROR;
else if (CompareOcspReqResp(request, response) != 0)
ret = BAD_CERTIFICATE_STATUS_ERROR;
else if (response->status->status != CERT_GOOD)
ret = BAD_CERTIFICATE_STATUS_ERROR;
}
if ((OcspResponseDecode(response, ssl->ctx->cm) != 0)
|| (response->responseStatus != OCSP_SUCCESSFUL)
|| (response->status->status != CERT_GOOD)
|| (CompareOcspReqResp(request, response) != 0))
ret = BAD_CERTIFICATE_STATUS_ERROR;
*inOutIdx += status_length;
#ifdef WOLFSSL_SMALL_STACK
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#ifdef WOLFSSL_SMALL_STACK
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
break;
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
case WOLFSSL_CSR2_OCSP_MULTI: {
OcspRequest* request;
word32 list_length = status_length;
byte index = 0;
#ifdef WOLFSSL_SMALL_STACK
CertStatus* status;
OcspResponse* response;
#else
CertStatus status[1];
OcspResponse response[1];
#endif
do {
if (ssl->status_request_v2) {
ssl->status_request_v2 = 0;
break;
}
return BUFFER_ERROR;
} while(0);
#ifdef WOLFSSL_SMALL_STACK
status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
response = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (status == NULL || response == NULL) {
if (status)
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (response)
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_ERROR;
}
#endif
while (list_length && ret == 0) {
if (OPAQUE24_LEN > list_length) {
ret = BUFFER_ERROR;
break;
}
c24to32(input + *inOutIdx, &status_length);
*inOutIdx += OPAQUE24_LEN;
list_length -= OPAQUE24_LEN;
if (status_length > list_length) {
ret = BUFFER_ERROR;
break;
}
if (status_length) {
InitOcspResponse(response, status, input +*inOutIdx,
status_length);
if ((OcspResponseDecode(response, ssl->ctx->cm) != 0)
|| (response->responseStatus != OCSP_SUCCESSFUL)
|| (response->status->status != CERT_GOOD))
ret = BAD_CERTIFICATE_STATUS_ERROR;
while (ret == 0) {
request = TLSX_CSR2_GetRequest(ssl->extensions,
status_type, index++);
if (request == NULL)
ret = BAD_CERTIFICATE_STATUS_ERROR;
else if (CompareOcspReqResp(request, response) == 0)
break;
else if (index == 1) /* server cert must be OK */
ret = BAD_CERTIFICATE_STATUS_ERROR;
}
*inOutIdx += status_length;
list_length -= status_length;
}
}
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
ssl->status_request_v2 = 0;
#endif
#ifdef WOLFSSL_SMALL_STACK
XFREE(status, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(response, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
break;
#endif
default:
@ -5246,6 +5398,15 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
if ((ret = TLSX_CSR_ForceRequest(ssl)) != 0)
return ret;
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2) {
int ret;
WOLFSSL_MSG("No CertificateStatus before ServerKeyExchange");
if ((ret = TLSX_CSR2_ForceRequest(ssl)) != 0)
return ret;
}
#endif
}
@ -8243,6 +8404,421 @@ int SendCertificateRequest(WOLFSSL* ssl)
else
return SendBuffered(ssl);
}
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
static int BuildCertificateStatus(WOLFSSL* ssl, byte type, buffer* status,
byte count)
{
byte* output = NULL;
word32 idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
word32 length = ENUM_LEN;
int sendSz = 0;
int ret = 0;
int i = 0;
WOLFSSL_ENTER("BuildCertificateStatus");
switch (type) {
case WOLFSSL_CSR2_OCSP_MULTI:
length += OPAQUE24_LEN;
/* followed by */
case WOLFSSL_CSR2_OCSP:
for (i = 0; i < count; i++)
length += OPAQUE24_LEN + status[i].length;
break;
default:
return 0;
}
sendSz = idx + length;
if (ssl->keys.encryptionOn)
sendSz += MAX_MSG_EXTRA;
if ((ret = CheckAvailableSize(ssl, sendSz)) == 0) {
output = ssl->buffers.outputBuffer.buffer +
ssl->buffers.outputBuffer.length;
AddHeaders(output, length, certificate_status, ssl);
output[idx++] = type;
if (type == WOLFSSL_CSR2_OCSP_MULTI) {
c32to24(length - (ENUM_LEN + OPAQUE24_LEN), output + idx);
idx += OPAQUE24_LEN;
}
for (i = 0; i < count; i++) {
c32to24(status[i].length, output + idx);
idx += OPAQUE24_LEN;
XMEMCPY(output + idx, status[i].buffer, status[i].length);
idx += status[i].length;
}
if (IsEncryptionOn(ssl, 1)) {
byte* input;
int inputSz = idx - RECORD_HEADER_SZ;
input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (input == NULL)
return MEMORY_E;
XMEMCPY(input, output + RECORD_HEADER_SZ, inputSz);
sendSz = BuildMessage(ssl, output, sendSz, input, inputSz,
handshake, 1);
XFREE(input, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (sendSz < 0)
ret = sendSz;
}
else
ret = HashOutput(ssl, output, sendSz, 0);
#ifdef WOLFSSL_DTLS
if (ret == 0 && ssl->options.dtls)
ret = DtlsPoolSave(ssl, output, sendSz));
#endif
#ifdef WOLFSSL_CALLBACKS
if (ret == 0 && ssl->hsInfoOn)
AddPacketName("CertificateStatus", &ssl->handShakeInfo);
if (ret == 0 && ssl->toInfoOn)
AddPacketInfo("CertificateStatus", &ssl->timeoutInfo, output,
sendSz, ssl->heap);
#endif
if (ret == 0) {
ssl->buffers.outputBuffer.length += sendSz;
if (!ssl->options.groupMessages)
ret = SendBuffered(ssl);
}
}
WOLFSSL_LEAVE("BuildCertificateStatus", ret);
return ret;
}
#endif
int SendCertificateStatus(WOLFSSL* ssl)
{
int ret = 0;
byte status_type = 0;
WOLFSSL_ENTER("SendCertificateStatus");
(void) ssl;
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
status_type = ssl->status_request;
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
status_type = status_type ? status_type : ssl->status_request_v2;
#endif
switch (status_type) {
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
/* case WOLFSSL_CSR_OCSP: */
case WOLFSSL_CSR2_OCSP: {
OcspRequest* request = ssl->ctx->certOcspRequest;
buffer response = {NULL, 0};
/* unable to fetch status. skip. */
if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0)
return 0;
if (!request || ssl->buffers.weOwnCert) {
buffer der = ssl->buffers.certificate;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
/* unable to fetch status. skip. */
if (der.buffer == NULL || der.length == 0)
return 0;
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return MEMORY_E;
#endif
InitDecodedCert(cert, der.buffer, der.length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
ssl->ctx->cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
}
else {
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
DYNAMIC_TYPE_OCSP_REQUEST);
if (request == NULL) {
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
ret = InitOcspRequest(request, cert, 0);
if (ret != 0) {
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
else if (!ssl->buffers.weOwnCert && 0 == LockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
if (!ssl->ctx->certOcspRequest)
ssl->ctx->certOcspRequest = request;
UnLockMutex(&ssl->ctx->cm->ocsp_stapling->ocspLock);
}
}
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
if (ret == 0) {
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request,
&response);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
if (response.buffer) {
if (ret == 0)
ret = BuildCertificateStatus(ssl, status_type,
&response, 1);
XFREE(response.buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
}
if (request != ssl->ctx->certOcspRequest)
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
break;
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
/* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
#if defined HAVE_CERTIFICATE_STATUS_REQUEST_V2
case WOLFSSL_CSR2_OCSP_MULTI: {
OcspRequest* request = ssl->ctx->certOcspRequest;
buffer responses[1 + MAX_CHAIN_DEPTH];
int i = 0;
ForceZero(responses, sizeof(responses));
/* unable to fetch status. skip. */
if (ssl->ctx->cm == NULL || ssl->ctx->cm->ocspStaplingEnabled == 0)
return 0;
if (!request || ssl->buffers.weOwnCert) {
buffer der = ssl->buffers.certificate;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
/* unable to fetch status. skip. */
if (der.buffer == NULL || der.length == 0)
return 0;
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return MEMORY_E;
#endif
InitDecodedCert(cert, der.buffer, der.length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
ssl->ctx->cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
}
else {
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
DYNAMIC_TYPE_OCSP_REQUEST);
if (request == NULL) {
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E;
}
ret = InitOcspRequest(request, cert, 0);
if (ret != 0) {
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
}
else if (!ssl->buffers.weOwnCert && 0 == LockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
if (!ssl->ctx->certOcspRequest)
ssl->ctx->certOcspRequest = request;
UnLockMutex(&ssl->ctx->cm->ocsp_stapling->ocspLock);
}
}
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
if (ret == 0) {
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling, request,
&responses[0]);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
}
if (request != ssl->ctx->certOcspRequest)
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
if (ret == 0 && (!ssl->ctx->chainOcspRequest[0]
|| ssl->buffers.weOwnCertChain)) {
buffer der = {NULL, 0};
word32 idx = 0;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (cert == NULL)
return MEMORY_E;
#endif
while (idx + OPAQUE24_LEN < ssl->buffers.certChain.length) {
c24to32(ssl->buffers.certChain.buffer + idx, &der.length);
idx += OPAQUE24_LEN;
der.buffer = ssl->buffers.certChain.buffer + idx;
idx += der.length;
if (idx > ssl->buffers.certChain.length)
break;
InitDecodedCert(cert, der.buffer, der.length, NULL);
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
ssl->ctx->cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
break;
}
else {
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),
NULL, DYNAMIC_TYPE_OCSP_REQUEST);
if (request == NULL) {
ret = MEMORY_E;
break;
}
ret = InitOcspRequest(request, cert, 0);
if (ret != 0) {
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
break;
}
else if (!ssl->buffers.weOwnCertChain && 0 ==
LockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
if (!ssl->ctx->chainOcspRequest[i])
ssl->ctx->chainOcspRequest[i] = request;
UnLockMutex(
&ssl->ctx->cm->ocsp_stapling->ocspLock);
}
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling,
request, &responses[i + 1]);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
if (request != ssl->ctx->chainOcspRequest[i])
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
i++;
}
FreeDecodedCert(cert);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
else {
while (ret == 0 &&
NULL != (request = ssl->ctx->chainOcspRequest[i])) {
ret = CheckOcspRequest(ssl->ctx->cm->ocsp_stapling,
request, &responses[++i]);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED
|| ret == OCSP_CERT_UNKNOWN
|| ret == OCSP_LOOKUP_FAIL)
ret = 0;
}
}
if (responses[0].buffer) {
if (ret == 0)
ret = BuildCertificateStatus(ssl, status_type,
responses, i + 1);
for (i = 0; i < 1 + MAX_CHAIN_DEPTH; i++)
if (responses[i].buffer)
XFREE(responses[i].buffer, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
}
}
break;
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
default:
break;
}
return ret;
}
#endif /* !NO_CERTS */

87
src/ocsp.c
View File

@ -77,6 +77,10 @@ static void FreeOcspEntry(OcspEntry* entry)
for (status = entry->status; status; status = next) {
next = status->next;
if (status->rawOcspResponse)
XFREE(status->rawOcspResponse, NULL, DYNAMIC_TYPE_OCSP_STATUS);
XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS);
}
}
@ -114,7 +118,7 @@ static int xstat2err(int stat)
}
int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert, void* encodedResponse)
{
int ret = OCSP_LOOKUP_FAIL;
@ -137,7 +141,7 @@ int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
#endif
if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce) == 0) {
ret = CheckOcspRequest(ocsp, ocspRequest);
ret = CheckOcspRequest(ocsp, ocspRequest, encodedResponse);
FreeOcspRequest(ocspRequest);
}
@ -186,7 +190,7 @@ static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
OcspEntry* entry, CertStatus** status)
OcspEntry* entry, CertStatus** status, buffer* responseBuffer)
{
int ret = OCSP_INVALID_STATUS;
@ -204,11 +208,29 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
&& !XMEMCMP((*status)->serial, request->serial, (*status)->serialSz))
break;
if (*status) {
if (responseBuffer && *status && !(*status)->rawOcspResponse) {
/* force fetching again */
ret = OCSP_INVALID_STATUS;
}
else if (*status) {
if (ValidateDate((*status)->thisDate, (*status)->thisDateFormat, BEFORE)
&& ((*status)->nextDate[0] != 0)
&& ValidateDate((*status)->nextDate, (*status)->nextDateFormat, AFTER))
{
ret = xstat2err((*status)->status);
if (responseBuffer) {
responseBuffer->buffer = (byte*)XMALLOC(
(*status)->rawOcspResponseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (responseBuffer->buffer) {
responseBuffer->length = (*status)->rawOcspResponseSz;
XMEMCPY(responseBuffer->buffer,
(*status)->rawOcspResponse,
(*status)->rawOcspResponseSz);
}
}
}
}
UnLockMutex(&ocsp->ocspLock);
@ -216,16 +238,18 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
return ret;
}
int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
void* encodedResponse)
{
OcspEntry* entry = NULL;
CertStatus* status = NULL;
byte* request = NULL;
int requestSz = 2048;
byte* response = NULL;
const char* url;
int urlSz;
int ret = -1;
OcspEntry* entry = NULL;
CertStatus* status = NULL;
byte* request = NULL;
int requestSz = 2048;
byte* response = NULL;
buffer* responseBuffer = (buffer*) encodedResponse;
const char* url = NULL;
int urlSz = 0;
int ret = -1;
#ifdef WOLFSSL_SMALL_STACK
CertStatus* newStatus;
@ -237,11 +261,16 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
WOLFSSL_ENTER("CheckOcspRequest");
if (responseBuffer) {
responseBuffer->buffer = NULL;
responseBuffer->length = 0;
}
ret = GetOcspEntry(ocsp, ocspRequest, &entry);
if (ret != 0)
return ret;
ret = GetOcspStatus(ocsp, ocspRequest, entry, &status);
ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer);
if (ret != OCSP_INVALID_STATUS)
return ret;
@ -300,14 +329,29 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
ret = OCSP_LOOKUP_FAIL;
else {
if (CompareOcspReqResp(ocspRequest, ocspResponse) == 0) {
if (responseBuffer) {
responseBuffer->buffer = (byte*)XMALLOC(ret, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (responseBuffer->buffer) {
responseBuffer->length = ret;
XMEMCPY(responseBuffer->buffer, response, ret);
}
}
ret = xstat2err(ocspResponse->status->status);
if (LockMutex(&ocsp->ocspLock) != 0)
ret = BAD_MUTEX_E;
else {
if (status != NULL)
if (status != NULL) {
if (status->rawOcspResponse)
XFREE(status->rawOcspResponse, NULL,
DYNAMIC_TYPE_OCSP_STATUS);
/* Replace existing certificate entry with updated */
XMEMCPY(status, newStatus, sizeof(CertStatus));
}
else {
/* Save new certificate entry */
status = (CertStatus*)XMALLOC(sizeof(CertStatus),
@ -320,6 +364,19 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest)
}
}
if (status && responseBuffer && responseBuffer->buffer) {
status->rawOcspResponse = (byte*)XMALLOC(
responseBuffer->length, NULL,
DYNAMIC_TYPE_OCSP_STATUS);
if (status->rawOcspResponse) {
status->rawOcspResponseSz = responseBuffer->length;
XMEMCPY(status->rawOcspResponse,
responseBuffer->buffer,
responseBuffer->length);
}
}
UnLockMutex(&ocsp->ocspLock);
}
}

93
src/ssl.c
View File

@ -803,8 +803,7 @@ int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx)
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
int wolfSSL_UseCertificateStatusRequest(WOLFSSL* ssl, byte status_type,
byte options)
int wolfSSL_UseOCSPStapling(WOLFSSL* ssl, byte status_type, byte options)
{
if (ssl == NULL || ssl->options.side != WOLFSSL_CLIENT_END)
return BAD_FUNC_ARG;
@ -814,7 +813,7 @@ int wolfSSL_UseCertificateStatusRequest(WOLFSSL* ssl, byte status_type,
}
int wolfSSL_CTX_UseCertificateStatusRequest(WOLFSSL_CTX* ctx, byte status_type,
int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx, byte status_type,
byte options)
{
if (ctx == NULL || ctx->method->side != WOLFSSL_CLIENT_END)
@ -826,6 +825,30 @@ int wolfSSL_CTX_UseCertificateStatusRequest(WOLFSSL_CTX* ctx, byte status_type,
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl, byte status_type, byte options)
{
if (ssl == NULL || ssl->options.side != WOLFSSL_CLIENT_END)
return BAD_FUNC_ARG;
return TLSX_UseCertificateStatusRequestV2(&ssl->extensions, status_type,
options);
}
int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
byte status_type, byte options)
{
if (ctx == NULL || ctx->method->side != WOLFSSL_CLIENT_END)
return BAD_FUNC_ARG;
return TLSX_UseCertificateStatusRequestV2(&ctx->extensions, status_type,
options);
}
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
/* Elliptic Curves */
#ifdef HAVE_SUPPORTED_CURVES
#ifndef NO_WOLFSSL_CLIENT
@ -1643,6 +1666,11 @@ void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
#ifdef HAVE_OCSP
if (cm->ocsp)
FreeOCSP(cm->ocsp, 1);
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (cm->ocsp_stapling)
FreeOCSP(cm->ocsp_stapling, 1);
#endif
#endif
FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);
FreeMutex(&cm->caLock);
@ -3461,6 +3489,43 @@ int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
return SSL_SUCCESS;
}
/* turn on OCSP Stapling if off and compiled in, set options */
int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
{
int ret = SSL_SUCCESS;
WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPStapling");
if (cm == NULL)
return BAD_FUNC_ARG;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (cm->ocsp_stapling == NULL) {
cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP),
cm->heap, DYNAMIC_TYPE_OCSP);
if (cm->ocsp_stapling == NULL)
return MEMORY_E;
if (InitOCSP(cm->ocsp_stapling, cm) != 0) {
WOLFSSL_MSG("Init OCSP failed");
FreeOCSP(cm->ocsp_stapling, 1);
cm->ocsp_stapling = NULL;
return SSL_FAILURE;
}
}
cm->ocspStaplingEnabled = 1;
#ifndef WOLFSSL_USER_IO
cm->ocspIOCb = EmbedOcspLookup;
cm->ocspRespFreeCb = EmbedOcspRespFree;
#endif /* WOLFSSL_USER_IO */
#else
ret = NOT_COMPILED_IN;
#endif
return ret;
}
#ifdef HAVE_OCSP
@ -3495,7 +3560,7 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
if ((ret = ParseCertRelative(cert, CERT_TYPE, NO_VERIFY, cm)) != 0) {
WOLFSSL_MSG("ParseCert failed");
}
else if ((ret = CheckCertOCSP(cm->ocsp, cert)) != 0) {
else if ((ret = CheckCertOCSP(cm->ocsp, cert, NULL)) != 0) {
WOLFSSL_MSG("CheckCertOCSP failed");
}
@ -3630,6 +3695,17 @@ int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx, CbOCSPIO ioCb,
return BAD_FUNC_ARG;
}
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX* ctx)
{
WOLFSSL_ENTER("wolfSSL_CTX_EnableOCSPStapling");
if (ctx)
return wolfSSL_CertManagerEnableOCSPStapling(ctx->cm);
else
return BAD_FUNC_ARG;
}
#endif
#endif /* HAVE_OCSP */
@ -6077,6 +6153,15 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_MSG("accept state CERT_SENT");
case CERT_SENT :
if (!ssl->options.resuming)
if ( (ssl->error = SendCertificateStatus(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error);
return SSL_FATAL_ERROR;
}
ssl->options.acceptState = CERT_STATUS_SENT;
WOLFSSL_MSG("accept state CERT_STATUS_SENT");
case CERT_STATUS_SENT :
if (!ssl->options.resuming)
if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error);

506
src/tls.c
View File

@ -919,7 +919,7 @@ static word16 TLSX_ALPN_GetSize(ALPN *list)
length++; /* protocol name length is on one byte */
length += (word16)XSTRLEN(alpn->protocol_name);
}
return length;
}
@ -946,7 +946,7 @@ static word16 TLSX_ALPN_Write(ALPN *list, byte *output)
/* writing list length */
c16toa(offset - OPAQUE16_LEN, output);
return offset;
}
@ -1891,11 +1891,6 @@ int TLSX_UseTruncatedHMAC(TLSX** extensions)
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
#ifndef HAVE_OCSP
#error Status Request Extension requires OCSP. \
Use --enable-ocsp in the configure script or define HAVE_OCSP.
#endif
static void TLSX_CSR_Free(CertificateStatusRequest* csr)
{
switch (csr->status_type) {
@ -1922,6 +1917,7 @@ static word16 TLSX_CSR_GetSize(CertificateStatusRequest* csr, byte isRequest)
if (csr->request.ocsp.nonceSz)
size += OCSP_NONCE_EXT_SZ;
break;
}
}
#endif
@ -1954,7 +1950,7 @@ static word16 TLSX_CSR_Write(CertificateStatusRequest* csr, byte* output,
length = EncodeOcspRequestExtensions(
&csr->request.ocsp,
output + offset + OPAQUE16_LEN,
MAX_OCSP_EXT_SZ);
OCSP_NONCE_EXT_SZ);
c16toa(length, output + offset);
offset += OPAQUE16_LEN + length;
@ -1972,7 +1968,7 @@ static word16 TLSX_CSR_Write(CertificateStatusRequest* csr, byte* output,
static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
byte isRequest)
{
int ret = 0;
int ret;
/* shut up compiler warnings */
(void) ssl; (void) input;
@ -2019,8 +2015,63 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
return length ? BUFFER_ERROR : 0; /* extension_data MUST be empty. */
#endif
}
else {
#ifndef NO_WOLFSSL_SERVER
byte status_type;
word16 offset = 0;
word16 size = 0;
return ret;
if (length < ENUM_LEN)
return BUFFER_ERROR;
status_type = input[offset++];
switch (status_type) {
case WOLFSSL_CSR_OCSP: {
/* skip responder_id_list */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
/* skip request_extensions */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
if (offset > length)
return BUFFER_ERROR;
/* is able to send OCSP response? */
if (ssl->ctx->cm == NULL || !ssl->ctx->cm->ocspStaplingEnabled)
return 0;
}
break;
}
/* if using status_request and already sending it, skip this one */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
if (ssl->status_request_v2)
return 0;
#endif
/* accept the first good status_type and return */
ret = TLSX_UseCertificateStatusRequest(&ssl->extensions, status_type,
0);
if (ret != SSL_SUCCESS)
return ret; /* throw error */
TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST);
ssl->status_request = status_type;
#endif
}
return 0;
}
int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert)
@ -2078,7 +2129,7 @@ int TLSX_CSR_ForceRequest(WOLFSSL* ssl)
case WOLFSSL_CSR_OCSP:
if (ssl->ctx->cm->ocspEnabled)
return CheckOcspRequest(ssl->ctx->cm->ocsp,
&csr->request.ocsp);
&csr->request.ocsp, NULL);
else
return OCSP_LOOKUP_FAIL;
}
@ -2144,6 +2195,420 @@ int TLSX_UseCertificateStatusRequest(TLSX** extensions, byte status_type,
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST */
/******************************************************************************/
/* Certificate Status Request v2 */
/******************************************************************************/
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
static void TLSX_CSR2_FreeAll(CertificateStatusRequestItemV2* csr2)
{
CertificateStatusRequestItemV2* next;
for (; csr2; csr2 = next) {
next = csr2->next;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
while(csr2->requests--)
FreeOcspRequest(&csr2->request.ocsp[csr2->requests]);
break;
}
XFREE(csr2, NULL, DYNAMIC_TYPE_TLSX);
}
}
static word16 TLSX_CSR2_GetSize(CertificateStatusRequestItemV2* csr2,
byte isRequest)
{
word16 size = 0;
/* shut up compiler warnings */
(void) csr2; (void) isRequest;
#ifndef NO_WOLFSSL_CLIENT
if (isRequest) {
CertificateStatusRequestItemV2* next;
for (size = OPAQUE16_LEN; csr2; csr2 = next) {
next = csr2->next;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
size += ENUM_LEN + 3 * OPAQUE16_LEN;
if (csr2->request.ocsp[0].nonceSz)
size += OCSP_NONCE_EXT_SZ;
break;
}
}
}
#endif
return size;
}
static word16 TLSX_CSR2_Write(CertificateStatusRequestItemV2* csr2,
byte* output, byte isRequest)
{
/* shut up compiler warnings */
(void) csr2; (void) output; (void) isRequest;
#ifndef NO_WOLFSSL_CLIENT
if (isRequest) {
word16 offset;
word16 length;
for (offset = OPAQUE16_LEN; csr2 != NULL; csr2 = csr2->next) {
/* status_type */
output[offset++] = csr2->status_type;
/* request */
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
/* request_length */
length = 2 * OPAQUE16_LEN;
if (csr2->request.ocsp[0].nonceSz)
length += OCSP_NONCE_EXT_SZ;
c16toa(length, output + offset);
offset += OPAQUE16_LEN;
/* responder id list */
c16toa(0, output + offset);
offset += OPAQUE16_LEN;
/* request extensions */
length = 0;
if (csr2->request.ocsp[0].nonceSz)
length = EncodeOcspRequestExtensions(
&csr2->request.ocsp[0],
output + offset + OPAQUE16_LEN,
OCSP_NONCE_EXT_SZ);
c16toa(length, output + offset);
offset += OPAQUE16_LEN + length;
break;
}
}
/* list size */
c16toa(offset - OPAQUE16_LEN, output);
return offset;
}
#endif
return 0;
}
static int TLSX_CSR2_Parse(WOLFSSL* ssl, byte* input, word16 length,
byte isRequest)
{
int ret;
/* shut up compiler warnings */
(void) ssl; (void) input;
if (!isRequest) {
#ifndef NO_WOLFSSL_CLIENT
TLSX* extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data
: NULL;
if (!csr2) {
/* look at context level */
extension = TLSX_Find(ssl->ctx->extensions, TLSX_STATUS_REQUEST_V2);
csr2 = extension ? extension->data : NULL;
if (!csr2)
return BUFFER_ERROR; /* unexpected extension */
/* enable extension at ssl level */
for (; csr2; csr2 = csr2->next) {
ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions,
csr2->status_type, csr2->options);
if (ret != SSL_SUCCESS)
return ret;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI:
/* propagate nonce */
if (csr2->request.ocsp[0].nonceSz) {
OcspRequest* request =
TLSX_CSR2_GetRequest(ssl->extensions,
csr2->status_type, 0);
if (request) {
XMEMCPY(request->nonce,
csr2->request.ocsp[0].nonce,
csr2->request.ocsp[0].nonceSz);
request->nonceSz =
csr2->request.ocsp[0].nonceSz;
}
}
break;
}
}
}
ssl->status_request_v2 = 1;
return length ? BUFFER_ERROR : 0; /* extension_data MUST be empty. */
#endif
}
else {
#ifndef NO_WOLFSSL_SERVER
byte status_type;
word16 request_length;
word16 offset = 0;
word16 size = 0;
/* list size */
ato16(input + offset, &request_length);
offset += OPAQUE16_LEN;
if (length - OPAQUE16_LEN != request_length)
return BUFFER_ERROR;
while (length > offset) {
if (length - offset < ENUM_LEN + OPAQUE16_LEN)
return BUFFER_ERROR;
status_type = input[offset++];
ato16(input + offset, &request_length);
offset += OPAQUE16_LEN;
if (length - offset < request_length)
return BUFFER_ERROR;
switch (status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
/* skip responder_id_list */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
/* skip request_extensions */
if (length - offset < OPAQUE16_LEN)
return BUFFER_ERROR;
ato16(input + offset, &size);
offset += OPAQUE16_LEN + size;
if (offset > length)
return BUFFER_ERROR;
/* is able to send OCSP response? */
if (ssl->ctx->cm == NULL
|| !ssl->ctx->cm->ocspStaplingEnabled)
continue;
break;
default:
/* unkown status type, skipping! */
offset += request_length;
continue;
}
/* if using status_request and already sending it, skip this one */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
if (ssl->status_request)
return 0;
#endif
/* accept the first good status_type and return */
ret = TLSX_UseCertificateStatusRequestV2(&ssl->extensions,
status_type, 0);
if (ret != SSL_SUCCESS)
return ret; /* throw error */
TLSX_SetResponse(ssl, TLSX_STATUS_REQUEST_V2);
ssl->status_request_v2 = status_type;
return 0;
}
#endif
}
return 0;
}
int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer)
{
TLSX* extension = TLSX_Find(extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data : NULL;
int ret = 0;
for (; csr2; csr2 = csr2->next) {
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
if (!isPeer || csr2->requests != 0)
break;
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI: {
if (csr2->requests < 1 + MAX_CHAIN_DEPTH) {
byte nonce[MAX_OCSP_NONCE_SZ];
int nonceSz = csr2->request.ocsp[0].nonceSz;
/* preserve nonce, replicating nonce of ocsp[0] */
XMEMCPY(nonce, csr2->request.ocsp[0].nonce, nonceSz);
if ((ret = InitOcspRequest(
&csr2->request.ocsp[csr2->requests], cert, 0)) != 0)
return ret;
/* restore nonce */
XMEMCPY(csr2->request.ocsp[csr2->requests].nonce,
nonce, nonceSz);
csr2->request.ocsp[csr2->requests].nonceSz = nonceSz;
csr2->requests++;
}
}
break;
}
}
return ret;
}
void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type, byte index)
{
TLSX* extension = TLSX_Find(extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data : NULL;
for (; csr2; csr2 = csr2->next) {
if (csr2->status_type == status_type) {
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI:
/* requests are initialized in the reverse order */
return index < csr2->requests
? &csr2->request.ocsp[csr2->requests - index - 1]
: NULL;
break;
}
}
}
return NULL;
}
int TLSX_CSR2_ForceRequest(WOLFSSL* ssl)
{
TLSX* extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST_V2);
CertificateStatusRequestItemV2* csr2 = extension ? extension->data : NULL;
/* forces only the first one */
if (csr2) {
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
/* followed by */
case WOLFSSL_CSR2_OCSP_MULTI:
if (ssl->ctx->cm->ocspEnabled)
return CheckOcspRequest(ssl->ctx->cm->ocsp,
&csr2->request.ocsp[0], NULL);
else
return OCSP_LOOKUP_FAIL;
}
}
return 0;
}
int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
byte options)
{
TLSX* extension = NULL;
CertificateStatusRequestItemV2* csr2 = NULL;
int ret = 0;
if (!extensions)
return BAD_FUNC_ARG;
if (status_type != WOLFSSL_CSR2_OCSP
&& status_type != WOLFSSL_CSR2_OCSP_MULTI)
return BAD_FUNC_ARG;
csr2 = (CertificateStatusRequestItemV2*)
XMALLOC(sizeof(CertificateStatusRequestItemV2), NULL, DYNAMIC_TYPE_TLSX);
if (!csr2)
return MEMORY_E;
ForceZero(csr2, sizeof(CertificateStatusRequestItemV2));
csr2->status_type = status_type;
csr2->options = options;
csr2->next = NULL;
switch (csr2->status_type) {
case WOLFSSL_CSR2_OCSP:
case WOLFSSL_CSR2_OCSP_MULTI:
if (options & WOLFSSL_CSR2_OCSP_USE_NONCE) {
WC_RNG rng;
if (wc_InitRng(&rng) == 0) {
if (wc_RNG_GenerateBlock(&rng, csr2->request.ocsp[0].nonce,
MAX_OCSP_NONCE_SZ) == 0)
csr2->request.ocsp[0].nonceSz = MAX_OCSP_NONCE_SZ;
wc_FreeRng(&rng);
}
}
break;
}
/* append new item */
if ((extension = TLSX_Find(*extensions, TLSX_STATUS_REQUEST_V2))) {
CertificateStatusRequestItemV2* last =
(CertificateStatusRequestItemV2*)extension->data;
for (; last->next; last = last->next);
last->next = csr2;
}
else if ((ret = TLSX_Push(extensions, TLSX_STATUS_REQUEST_V2, csr2))) {
XFREE(csr2, NULL, DYNAMIC_TYPE_TLSX);
return ret;
}
return SSL_SUCCESS;
}
#define CSR2_FREE_ALL TLSX_CSR2_FreeAll
#define CSR2_GET_SIZE TLSX_CSR2_GetSize
#define CSR2_WRITE TLSX_CSR2_Write
#define CSR2_PARSE TLSX_CSR2_Parse
#else
#define CSR2_FREE_ALL(data)
#define CSR2_GET_SIZE(a, b) 0
#define CSR2_WRITE(a, b, c) 0
#define CSR2_PARSE(a, b, c, d) 0
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
/******************************************************************************/
/* Supported Elliptic Curves */
/******************************************************************************/
@ -3359,6 +3824,10 @@ void TLSX_FreeAll(TLSX* list)
CSR_FREE_ALL(extension->data);
break;
case TLSX_STATUS_REQUEST_V2:
CSR2_FREE_ALL(extension->data);
break;
case TLSX_RENEGOTIATION_INFO:
SCR_FREE_ALL(extension->data);
break;
@ -3430,6 +3899,10 @@ static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte isRequest)
length += CSR_GET_SIZE(extension->data, isRequest);
break;
case TLSX_STATUS_REQUEST_V2:
length += CSR2_GET_SIZE(extension->data, isRequest);
break;
case TLSX_RENEGOTIATION_INFO:
length += SCR_GET_SIZE(extension->data, isRequest);
break;
@ -3504,6 +3977,11 @@ static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore,
isRequest);
break;
case TLSX_STATUS_REQUEST_V2:
offset += CSR2_WRITE(extension->data, output + offset,
isRequest);
break;
case TLSX_RENEGOTIATION_INFO:
offset += SCR_WRITE(extension->data, output + offset,
isRequest);
@ -4005,6 +4483,12 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
ret = CSR_PARSE(ssl, input + offset, size, isRequest);
break;
case TLSX_STATUS_REQUEST_V2:
WOLFSSL_MSG("Certificate Status Request v2 extension received");
ret = CSR2_PARSE(ssl, input + offset, size, isRequest);
break;
case TLSX_RENEGOTIATION_INFO:
WOLFSSL_MSG("Secure Renegotiation extension received");

85
wolfcrypt/src/asn.c
View File

@ -8786,6 +8786,8 @@ static int DecodeSingleResponse(byte* source,
if (GetBasicDate(source, &idx, cs->nextDate,
&cs->nextDateFormat, size) < 0)
return ASN_PARSE_E;
if (!XVALIDATE_DATE(cs->nextDate, cs->nextDateFormat, AFTER))
return ASN_AFTER_DATE_E;
}
if (((int)(idx - prevIndex) < wrapperSz) &&
(source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)))
@ -8860,7 +8862,7 @@ static int DecodeOcspRespExtensions(byte* source,
WOLFSSL_MSG("\tfail: extension data length");
return ASN_PARSE_E;
}
resp->nonce = source + idx;
resp->nonceSz = length;
}
@ -9024,8 +9026,8 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
else {
Signer* ca = GetCA(cm, resp->issuerHash);
if (!ca || !ConfirmSignature(resp->response, resp->responseSz,
ca->publicKey, ca->pubKeySize, ca->keyOID,
if (!ca || !ConfirmSignature(resp->response, resp->responseSz,
ca->publicKey, ca->pubKeySize, ca->keyOID,
resp->sig, resp->sigSz, resp->sigOID, NULL)) {
WOLFSSL_MSG("\tOCSP Confirm signature failed");
return ASN_OCSP_CONFIRM_E;
@ -9042,20 +9044,13 @@ void InitOcspResponse(OcspResponse* resp, CertStatus* status,
{
WOLFSSL_ENTER("InitOcspResponse");
XMEMSET(status, 0, sizeof(CertStatus));
XMEMSET(resp, 0, sizeof(OcspResponse));
resp->responseStatus = -1;
resp->response = NULL;
resp->responseSz = 0;
resp->producedDateFormat = 0;
resp->issuerHash = NULL;
resp->issuerKeyHash = NULL;
resp->sig = NULL;
resp->sigSz = 0;
resp->sigOID = 0;
resp->status = status;
resp->nonce = NULL;
resp->nonceSz = 0;
resp->source = source;
resp->maxIdx = inSz;
resp->status = status;
resp->source = source;
resp->maxIdx = inSz;
}
@ -9131,34 +9126,34 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
totalSz += seqSz[4] = SetSequence(totalSz, seqArray[4]);
totalSz += seqSz[5] = SetExplicit(2, totalSz, seqArray[5]);
if (totalSz < size)
{
totalSz = 0;
XMEMCPY(output + totalSz, seqArray[5], seqSz[5]);
totalSz += seqSz[5];
XMEMCPY(output + totalSz, seqArray[4], seqSz[4]);
totalSz += seqSz[4];
XMEMCPY(output + totalSz, seqArray[3], seqSz[3]);
totalSz += seqSz[3];
XMEMCPY(output + totalSz, seqArray[2], seqSz[2]);
totalSz += seqSz[2];
XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
totalSz += (word32)sizeof(NonceObjId);
XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
totalSz += seqSz[1];
XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
totalSz += seqSz[0];
XMEMCPY(output + totalSz, req->nonce, req->nonceSz);
totalSz += req->nonceSz;
}
if (totalSz > size)
return 0;
totalSz = 0;
XMEMCPY(output + totalSz, seqArray[5], seqSz[5]);
totalSz += seqSz[5];
XMEMCPY(output + totalSz, seqArray[4], seqSz[4]);
totalSz += seqSz[4];
XMEMCPY(output + totalSz, seqArray[3], seqSz[3]);
totalSz += seqSz[3];
XMEMCPY(output + totalSz, seqArray[2], seqSz[2]);
totalSz += seqSz[2];
XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
totalSz += (word32)sizeof(NonceObjId);
XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
totalSz += seqSz[1];
XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
totalSz += seqSz[0];
XMEMCPY(output + totalSz, req->nonce, req->nonceSz);
totalSz += req->nonceSz;
return totalSz;
}
@ -9190,7 +9185,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
extSz = 0;
if (req->nonceSz)
extSz = EncodeOcspRequestExtensions(req, extArray, MAX_OCSP_EXT_SZ);
extSz = EncodeOcspRequestExtensions(req, extArray, OCSP_NONCE_EXT_SZ);
totalSz = algoSz + issuerSz + issuerKeySz + snSz;
for (i = 4; i >= 0; i--) {

38
wolfcrypt/src/logging.c
View File

@ -136,6 +136,44 @@ void WOLFSSL_MSG(const char* msg)
}
void WOLFSSL_BUFFER(byte* buffer, word32 length)
{
#define LINE_LEN 16
if (loggingEnabled) {
word32 i;
char line[80];
if (!buffer) {
wolfssl_log(INFO_LOG, "\tNULL");
return;
}
sprintf(line, "\t");
for (i = 0; i < LINE_LEN; i++) {
if (i < length)
sprintf(line + 1 + i * 3,"%02x ", buffer[i]);
else
sprintf(line + 1 + i * 3, " ");
}
sprintf(line + 1 + LINE_LEN * 3, "| ");
for (i = 0; i < LINE_LEN; i++)
if (i < length)
sprintf(line + 3 + LINE_LEN * 3 + i,
"%c", 31 < buffer[i] && buffer[i] < 127 ? buffer[i] : '.');
wolfssl_log(INFO_LOG, line);
if (length > LINE_LEN)
WOLFSSL_BUFFER(buffer + LINE_LEN, length - LINE_LEN);
}
}
void WOLFSSL_ENTER(const char* msg)
{
if (loggingEnabled) {

389
wolfssl/certs_test.h
View File

@ -98,9 +98,9 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024);
/* ./certs/1024/client-cert.der, 1024-bit */
static const unsigned char client_cert_der_1024[] =
{
0x30, 0x82, 0x03, 0xC5, 0x30, 0x82, 0x03, 0x2E, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xE3, 0xD7, 0xA0, 0xFA,
0x76, 0xDF, 0x2A, 0xFA, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x30, 0x82, 0x03, 0xF9, 0x30, 0x82, 0x03, 0x62, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xD3, 0xDF, 0x98, 0xC4,
0x80, 0x1F, 0x1F, 0x6F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
@ -118,10 +118,10 @@ static const unsigned char client_cert_der_1024[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x30, 0x37,
0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x31, 0x30,
0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31, 0x32, 0x33,
0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34, 0x39, 0x33,
0x37, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@ -153,8 +153,8 @@ static const unsigned char client_cert_der_1024[] =
0x4C, 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A,
0xAE, 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C,
0x67, 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9,
0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x07, 0x30,
0x82, 0x01, 0x03, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x3B, 0x30,
0x82, 0x01, 0x37, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
0x04, 0x16, 0x04, 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD,
0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75,
0x10, 0x69, 0x59, 0xEC, 0x30, 0x81, 0xD3, 0x06, 0x03, 0x55,
@ -178,23 +178,29 @@ static const unsigned char client_cert_der_1024[] =
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00,
0xE3, 0xD7, 0xA0, 0xFA, 0x76, 0xDF, 0x2A, 0xFA, 0x30, 0x0C,
0xD3, 0xDF, 0x98, 0xC4, 0x80, 0x1F, 0x1F, 0x6F, 0x30, 0x0C,
0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81,
0x00, 0x1D, 0xB7, 0xD5, 0x7C, 0xE1, 0xB1, 0xD8, 0xC0, 0x67,
0x5D, 0xB5, 0xD3, 0x88, 0xE7, 0x50, 0x29, 0x71, 0x63, 0x8F,
0xCC, 0x26, 0x1F, 0x33, 0x09, 0x55, 0x43, 0x9B, 0xAB, 0xC6,
0x1B, 0xBC, 0xC7, 0x01, 0x95, 0x1A, 0xFA, 0x65, 0xE0, 0xFD,
0x9C, 0xEB, 0x6F, 0x0A, 0x0F, 0x14, 0xEC, 0xB5, 0x2F, 0xDC,
0x1C, 0x30, 0xDD, 0x52, 0x97, 0xD4, 0x1C, 0x09, 0x00, 0x33,
0x38, 0x5F, 0xCB, 0xA8, 0x16, 0x8F, 0x11, 0xB7, 0xB8, 0xD0,
0x66, 0xE1, 0x54, 0x28, 0xF3, 0x3F, 0xBF, 0x6A, 0x6F, 0x76,
0x48, 0x2A, 0x5E, 0x56, 0xA7, 0xCE, 0x1C, 0xF0, 0x04, 0xDD,
0x17, 0xBD, 0x06, 0x78, 0x21, 0x6D, 0xD6, 0xB1, 0x9B, 0x75,
0x31, 0x92, 0xC1, 0xFE, 0xD4, 0x8D, 0xD4, 0x67, 0x2F, 0x03,
0x1B, 0x27, 0x8D, 0xAB, 0xFF, 0x30, 0x3B, 0xC3, 0x7F, 0x23,
0xE4, 0xAB, 0x5B, 0x91, 0xE1, 0x1B, 0x66, 0xE6, 0xED
0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24, 0x30, 0x22,
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C,
0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x3A, 0x32,
0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
0x81, 0x81, 0x00, 0x71, 0x39, 0xFA, 0x86, 0xC3, 0x54, 0xE5,
0x98, 0xB5, 0xE8, 0xC3, 0xCB, 0x97, 0x2F, 0x86, 0xBF, 0xE8,
0xBC, 0xFB, 0xEB, 0xD8, 0x73, 0x97, 0x34, 0x9A, 0x16, 0xBF,
0xE0, 0xB2, 0xBD, 0xBE, 0x7D, 0xFF, 0xA0, 0xD7, 0xE6, 0xDB,
0xA3, 0x52, 0x43, 0x41, 0x60, 0xF1, 0xD7, 0xC3, 0x63, 0xC0,
0x9B, 0xE2, 0xB2, 0x28, 0x87, 0x70, 0x60, 0x5D, 0x2B, 0x5D,
0x56, 0x15, 0x3C, 0xB1, 0x1E, 0x03, 0x53, 0x72, 0x39, 0x32,
0xE2, 0x47, 0x85, 0xF7, 0x8B, 0xE8, 0x38, 0x50, 0xA9, 0xC9,
0xD3, 0x52, 0x75, 0x0E, 0x16, 0x14, 0xA5, 0xA5, 0xC4, 0x9F,
0x3E, 0x73, 0xD8, 0x38, 0x79, 0xBF, 0xF7, 0x9B, 0x4D, 0x0D,
0xF3, 0xAA, 0xCE, 0xA2, 0x03, 0x84, 0x66, 0x14, 0xC9, 0x01,
0xF5, 0x86, 0xA5, 0x66, 0xA1, 0xCA, 0x6A, 0x71, 0x5F, 0x2D,
0x31, 0x8E, 0x1C, 0xCC, 0x0C, 0xE6, 0x46, 0x99, 0x5D, 0x0A,
0x4C
};
static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024);
@ -775,9 +781,9 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048);
/* ./certs/client-cert.der, 2048-bit */
static const unsigned char client_cert_der_2048[] =
{
0x30, 0x82, 0x04, 0xCA, 0x30, 0x82, 0x03, 0xB2, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xAA, 0x27, 0xB3, 0xC5,
0xA9, 0x72, 0x6E, 0x0D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x30, 0x82, 0x04, 0xFE, 0x30, 0x82, 0x03, 0xE6, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x95, 0x90, 0x12, 0x9B,
0x22, 0xA1, 0x50, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
@ -795,10 +801,10 @@ static const unsigned char client_cert_der_2048[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x30, 0x37,
0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x31, 0x30,
0x31, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31, 0x32, 0x33,
0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34, 0x39, 0x33,
0x37, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@ -844,7 +850,7 @@ static const unsigned char client_cert_der_2048[] =
0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15,
0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1,
0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01,
0x07, 0x30, 0x82, 0x01, 0x03, 0x30, 0x1D, 0x06, 0x03, 0x55,
0x3B, 0x30, 0x82, 0x01, 0x37, 0x30, 0x1D, 0x06, 0x03, 0x55,
0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66,
0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91,
0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xD3, 0x06,
@ -868,37 +874,42 @@ static const unsigned char client_cert_der_2048[] =
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
0x09, 0x00, 0xAA, 0x27, 0xB3, 0xC5, 0xA9, 0x72, 0x6E, 0x0D,
0x09, 0x00, 0x95, 0x90, 0x12, 0x9B, 0x22, 0xA1, 0x50, 0x40,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
0x82, 0x01, 0x01, 0x00, 0x51, 0x96, 0xA7, 0x1C, 0x26, 0x5D,
0x1C, 0x90, 0xC6, 0x32, 0x9F, 0x96, 0x15, 0xF2, 0x1D, 0xE7,
0x93, 0x9C, 0xAC, 0x75, 0x56, 0x95, 0xFD, 0x20, 0x70, 0xAB,
0x45, 0x6A, 0x09, 0xB0, 0xF3, 0xF2, 0x03, 0xA8, 0xDB, 0xDC,
0x2F, 0xBC, 0x1F, 0x87, 0x7A, 0xA3, 0xD4, 0x8F, 0xD5, 0x49,
0x97, 0x7E, 0x3C, 0x54, 0xAC, 0xB1, 0xE3, 0xF0, 0x39, 0x0D,
0xFE, 0x09, 0x9A, 0x23, 0xF6, 0x32, 0xA6, 0x41, 0x59, 0xBD,
0x60, 0xE8, 0xBD, 0xDE, 0x00, 0x36, 0x6F, 0x3E, 0xE9, 0x41,
0x6F, 0xA9, 0x63, 0xC7, 0xAA, 0xD5, 0x7B, 0xF3, 0xE4, 0x39,
0x48, 0x9E, 0xF6, 0x60, 0xC6, 0xC6, 0x86, 0xD5, 0x72, 0x86,
0x23, 0xCD, 0xF5, 0x6A, 0x63, 0x53, 0xA4, 0xF8, 0xFC, 0x51,
0x6A, 0xCD, 0x60, 0x74, 0x8E, 0xA3, 0x86, 0x61, 0x01, 0x34,
0x78, 0xF7, 0x29, 0x97, 0xB3, 0xA7, 0x34, 0xB6, 0x0A, 0xDE,
0xB5, 0x71, 0x7A, 0x09, 0xA6, 0x3E, 0xD6, 0x82, 0x58, 0x89,
0x67, 0x9C, 0xC5, 0x68, 0x62, 0xBA, 0x06, 0xD6, 0x39, 0xBB,
0xCB, 0x3A, 0xC0, 0xE0, 0x63, 0x1F, 0xC7, 0x0C, 0x9C, 0x12,
0x86, 0xEC, 0xF7, 0x39, 0x6A, 0x61, 0x93, 0xD0, 0x33, 0x14,
0xC6, 0x55, 0x3B, 0xB6, 0xCF, 0x80, 0x5B, 0x8C, 0x43, 0xEF,
0x43, 0x44, 0x0B, 0x3C, 0x93, 0x39, 0xA3, 0x4E, 0x15, 0xD1,
0x0B, 0x5F, 0x84, 0x98, 0x1D, 0xCD, 0x9F, 0xA9, 0x47, 0xEB,
0x3B, 0x56, 0x30, 0xB6, 0x76, 0x92, 0xC1, 0x48, 0x5F, 0xBC,
0x95, 0xB0, 0x50, 0x1A, 0x55, 0xC8, 0x4E, 0x62, 0x47, 0x87,
0x54, 0x64, 0x0C, 0x9B, 0x91, 0xFA, 0x43, 0xB3, 0x29, 0x48,
0xBE, 0xE6, 0x12, 0xEB, 0xE3, 0x44, 0xC6, 0x52, 0xE4, 0x40,
0xC6, 0x83, 0x95, 0x1B, 0xA7, 0x65, 0x27, 0x69, 0x73, 0x2F,
0xC8, 0xA0, 0x4D, 0x7F, 0xBE, 0xEA, 0x9B, 0x67, 0xB2, 0x7B
0x03, 0x01, 0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24,
0x30, 0x22, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
0x30, 0x01, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F,
0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74,
0x3A, 0x32, 0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05,
0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x7B, 0x91, 0x63, 0x8D,
0x39, 0x54, 0x64, 0x3C, 0xB4, 0x3F, 0xD5, 0xC8, 0x4F, 0xBF,
0x0B, 0xBF, 0xAF, 0x5C, 0x9C, 0x41, 0xC7, 0x0B, 0x52, 0x6D,
0xC6, 0xF0, 0xDE, 0x7C, 0xFF, 0x9B, 0x4E, 0xFE, 0xF3, 0x22,
0xA5, 0x00, 0x13, 0x9F, 0x81, 0xE4, 0x6D, 0x70, 0x2C, 0xF9,
0x7A, 0xF4, 0xD8, 0x50, 0xBE, 0x72, 0xE1, 0x04, 0x8B, 0xB0,
0x05, 0xE3, 0x61, 0x82, 0x3F, 0x65, 0xDE, 0xF9, 0xE9, 0xD3,
0x3D, 0x97, 0x7D, 0x88, 0xB7, 0x99, 0x85, 0xC1, 0xE5, 0x5C,
0x57, 0xA7, 0x9C, 0x1F, 0xF2, 0xB8, 0xCE, 0xEC, 0xD7, 0xD1,
0x9B, 0xEC, 0xFB, 0x0E, 0x6F, 0x02, 0xAD, 0x51, 0xC0, 0x76,
0xDD, 0x66, 0x0A, 0xCE, 0x0D, 0x09, 0xE6, 0xA8, 0x42, 0xB0,
0x06, 0xC3, 0x04, 0xE7, 0x1C, 0xC7, 0x10, 0x83, 0x07, 0xF2,
0xE6, 0x11, 0x1A, 0xCD, 0xA7, 0xB9, 0x7E, 0x17, 0xEF, 0xEA,
0x63, 0x9C, 0xF2, 0xA5, 0xBE, 0x6B, 0xB6, 0xDF, 0xEB, 0x5A,
0x75, 0x01, 0x59, 0x05, 0xF7, 0xEC, 0x49, 0x75, 0x10, 0xDD,
0x40, 0x1A, 0x25, 0x25, 0x4F, 0x78, 0x6E, 0xE1, 0x92, 0x21,
0xB5, 0xB8, 0x82, 0x2F, 0x33, 0xB3, 0x5B, 0xB6, 0x81, 0xB8,
0xB1, 0xA4, 0x0C, 0x8D, 0x98, 0x74, 0x74, 0xDA, 0x0D, 0x90,
0x33, 0xC8, 0xA7, 0xAA, 0x0D, 0x06, 0x5A, 0x04, 0xEB, 0x37,
0xD3, 0xE4, 0x55, 0x0C, 0x93, 0xB6, 0xC8, 0x3A, 0xE8, 0xA7,
0x2B, 0x4E, 0xB8, 0x90, 0xBB, 0x36, 0x0B, 0xDB, 0x7F, 0x2E,
0x99, 0x23, 0x76, 0x68, 0x81, 0xA8, 0x73, 0x74, 0xE7, 0x68,
0xFB, 0x1D, 0xFF, 0x5B, 0xEC, 0xB5, 0x6B, 0x30, 0xD1, 0xD0,
0x2B, 0x89, 0xA6, 0xC6, 0xA9, 0xFC, 0x03, 0x66, 0xFE, 0xB5,
0x8C, 0xAF, 0xDE, 0x8E, 0x2A, 0xB4, 0x78, 0x9C, 0xD7, 0x4A,
0xFC, 0x9C, 0xC4, 0x7C, 0x19, 0x20, 0x83, 0x0E, 0xFD, 0x3F,
0x4D, 0xA7
};
static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048);
@ -1154,9 +1165,9 @@ static const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048);
/* ./certs/ca-cert.der, 2048-bit */
static const unsigned char ca_cert_der_2048[] =
{
0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xD9, 0x80, 0x3A, 0xC3,
0xD2, 0xF4, 0xDA, 0x37, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x30, 0x82, 0x04, 0xE0, 0x30, 0x82, 0x03, 0xC8, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xA6, 0x66, 0x38, 0x49,
0x45, 0x9B, 0xDC, 0x81, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
@ -1173,10 +1184,10 @@ static const unsigned char ca_cert_der_2048[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35, 0x30, 0x37,
0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32, 0x31, 0x30,
0x31, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31, 0x32, 0x33,
0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17, 0x0D, 0x31,
0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34, 0x39, 0x33,
0x37, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@ -1220,60 +1231,66 @@ static const unsigned char ca_cert_der_2048[] =
0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52,
0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9,
0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED,
0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC,
0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3,
0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D,
0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55,
0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14,
0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED,
0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5,
0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31,
0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C,
0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11,
0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53,
0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30,
0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F,
0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77,
0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00,
0xD9, 0x80, 0x3A, 0xC3, 0xD2, 0xF4, 0xDA, 0x37, 0x30, 0x0C,
0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01,
0x01, 0x00, 0x7A, 0xAF, 0x44, 0x3B, 0xAA, 0x6F, 0x53, 0x42,
0xB2, 0x33, 0xAA, 0x43, 0x5F, 0x56, 0x30, 0xD3, 0xB9, 0x96,
0x0B, 0x9A, 0x55, 0x5A, 0x39, 0x2A, 0x0B, 0x4E, 0xE4, 0x2E,
0xF1, 0x95, 0x66, 0xC9, 0x86, 0x36, 0x82, 0x8D, 0x63, 0x7C,
0x4D, 0xA2, 0xEE, 0x48, 0xBA, 0x03, 0xC7, 0x90, 0xD7, 0xA7,
0xC6, 0x74, 0x60, 0x48, 0x5F, 0x31, 0xA2, 0xF9, 0x5E, 0x3E,
0xC3, 0x82, 0xE1, 0xE5, 0x2F, 0x41, 0x81, 0x83, 0x29, 0x25,
0x79, 0xD1, 0x53, 0x00, 0x69, 0x3C, 0xED, 0x0A, 0x30, 0x3B,
0x41, 0x1D, 0x92, 0xA1, 0x2C, 0xA8, 0x9D, 0x2C, 0xE3, 0x23,
0x87, 0x79, 0xE0, 0x55, 0x6E, 0x91, 0xA8, 0x50, 0xDA, 0x46,
0x2F, 0xC2, 0x20, 0x50, 0x3E, 0x2B, 0x47, 0x97, 0x14, 0xB0,
0x7D, 0x04, 0xBA, 0x45, 0x51, 0xD0, 0x6E, 0xE1, 0x5A, 0xA2,
0x4B, 0x84, 0x9C, 0x4D, 0xCD, 0x85, 0x04, 0xF9, 0x28, 0x31,
0x82, 0x93, 0xBC, 0xC7, 0x59, 0x49, 0x91, 0x03, 0xE8, 0xDF,
0x6A, 0xE4, 0x56, 0xAD, 0x6A, 0xCB, 0x1F, 0x0D, 0x37, 0xE4,
0x5E, 0xBD, 0xE7, 0x9F, 0xD5, 0xEC, 0x9D, 0x3C, 0x18, 0x25,
0x9B, 0xF1, 0x2F, 0x50, 0x7D, 0xEB, 0x31, 0xCB, 0xF1, 0x63,
0x22, 0x9D, 0x57, 0xFC, 0xF3, 0x84, 0x20, 0x1A, 0xC6, 0x07,
0x87, 0x92, 0x26, 0x9E, 0x15, 0x18, 0x59, 0x33, 0x06, 0xDC,
0xFB, 0xB0, 0xB6, 0x76, 0x5D, 0xF1, 0xC1, 0x2F, 0xC8, 0x2F,
0x62, 0x9C, 0xC0, 0xD6, 0xDE, 0xEB, 0x65, 0x77, 0xF3, 0x5C,
0xA6, 0xC3, 0x88, 0x27, 0x96, 0x75, 0xB4, 0xF4, 0x54, 0xCD,
0xFF, 0x2D, 0x21, 0x2E, 0x96, 0xF0, 0x07, 0x73, 0x4B, 0xE9,
0x93, 0x92, 0x90, 0xDE, 0x62, 0xD9, 0xA3, 0x3B, 0xAC, 0x6E,
0x24, 0x5F, 0x27, 0x4A, 0xB3, 0x94, 0x70, 0xFF, 0x30, 0x17,
0xE7, 0x7E, 0x32, 0x8F, 0x65, 0xB7, 0x75, 0x58
0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01,
0x31, 0x30, 0x82, 0x01, 0x2D, 0x30, 0x1D, 0x06, 0x03, 0x55,
0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11,
0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4,
0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06,
0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE,
0x80, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D,
0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5,
0xE8, 0xD5, 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81,
0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31,
0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A,
0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67,
0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C,
0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73,
0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D,
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82,
0x09, 0x00, 0xA6, 0x66, 0x38, 0x49, 0x45, 0x9B, 0xDC, 0x81,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24,
0x30, 0x22, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
0x30, 0x01, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F,
0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74,
0x3A, 0x32, 0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05,
0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x41, 0x8F, 0xFB, 0x6B,
0x65, 0x6B, 0x36, 0xF2, 0x56, 0x4F, 0x0C, 0x48, 0xB0, 0x4D,
0x8C, 0xC2, 0xCB, 0xD6, 0x58, 0x7A, 0x83, 0x3A, 0x30, 0x7D,
0x62, 0x7B, 0x86, 0xF1, 0x15, 0x26, 0xB3, 0x26, 0x02, 0x77,
0xF2, 0xC8, 0x57, 0xE5, 0x1E, 0x60, 0x68, 0x8B, 0xA4, 0xE8,
0xF3, 0xA8, 0xB2, 0x88, 0xA4, 0x2F, 0xE8, 0x6E, 0x25, 0x8D,
0x6B, 0xDC, 0x53, 0xAB, 0x2F, 0xD3, 0x47, 0x8C, 0xD6, 0x27,
0xAB, 0x39, 0xBC, 0xD3, 0xCA, 0xD8, 0x01, 0x96, 0xA4, 0x44,
0x57, 0x38, 0x93, 0xAB, 0xC3, 0xF3, 0x95, 0x67, 0x7F, 0xCF,
0x25, 0x1D, 0xB7, 0x04, 0xDC, 0x06, 0xC9, 0x5D, 0x24, 0xC1,
0x54, 0x13, 0x71, 0x81, 0x21, 0x31, 0xEE, 0x9F, 0xB4, 0x9D,
0xCE, 0x98, 0x66, 0xA4, 0xA0, 0x77, 0xC1, 0x88, 0x18, 0xA4,
0xD1, 0x36, 0xEE, 0xCD, 0xD8, 0xC1, 0x1B, 0xBC, 0x03, 0xD6,
0x85, 0x9A, 0x2E, 0x21, 0x82, 0x95, 0x4C, 0xB2, 0x2A, 0xFE,
0x69, 0xDB, 0xAC, 0xE4, 0x97, 0xE1, 0xE9, 0x0E, 0xF1, 0xD3,
0xEF, 0x20, 0x86, 0x03, 0x01, 0x66, 0x6B, 0xF0, 0x26, 0x0F,
0x39, 0x04, 0x26, 0xF5, 0x42, 0x98, 0x3F, 0x95, 0x48, 0x5F,
0xB5, 0x5D, 0xBC, 0x49, 0x4C, 0x81, 0x38, 0xD5, 0xE9, 0x72,
0x32, 0x1C, 0x66, 0x1B, 0x12, 0x80, 0x0F, 0xDB, 0x99, 0xF0,
0x97, 0x67, 0x61, 0x79, 0xAD, 0xAB, 0xBE, 0x6A, 0xEA, 0xAA,
0xCC, 0x3D, 0xF9, 0x40, 0x99, 0x00, 0x93, 0xBB, 0xDF, 0x4B,
0x41, 0xD4, 0x7F, 0xF1, 0x93, 0xB2, 0x70, 0x83, 0x3A, 0xE3,
0x6B, 0x44, 0x4B, 0x1F, 0x9F, 0x77, 0x53, 0xEA, 0x5D, 0xE6,
0x59, 0x1E, 0xC0, 0x2D, 0x4B, 0x83, 0xD6, 0xF4, 0xA3, 0xD4,
0xA9, 0xC3, 0x91, 0x12, 0xE7, 0x61, 0x3F, 0x56, 0x9D, 0x8F,
0xB8, 0x19, 0x29, 0x62, 0x1B, 0x58, 0xDF, 0x73, 0x99, 0x1F,
0x49, 0x63
};
static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
@ -1406,7 +1423,7 @@ static const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048);
/* ./certs/server-cert.der, 2048-bit */
static const unsigned char server_cert_der_2048[] =
{
0x30, 0x82, 0x04, 0x9E, 0x30, 0x82, 0x03, 0x86, 0xA0, 0x03,
0x30, 0x82, 0x04, 0xD4, 0x30, 0x82, 0x03, 0xBC, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05,
0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03,
@ -1424,10 +1441,10 @@ static const unsigned char server_cert_der_2048[] =
0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x30, 0x35,
0x30, 0x37, 0x31, 0x38, 0x32, 0x31, 0x30, 0x31, 0x5A, 0x17,
0x0D, 0x31, 0x38, 0x30, 0x31, 0x33, 0x31, 0x31, 0x38, 0x32,
0x31, 0x30, 0x31, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x31,
0x32, 0x33, 0x31, 0x32, 0x34, 0x39, 0x33, 0x37, 0x5A, 0x17,
0x0D, 0x31, 0x38, 0x30, 0x38, 0x31, 0x39, 0x31, 0x32, 0x34,
0x39, 0x33, 0x37, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
@ -1471,60 +1488,66 @@ static const unsigned char server_cert_der_2048[] =
0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20,
0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61,
0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7,
0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x30, 0x81,
0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16,
0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2,
0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, 0x1F, 0x0E,
0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23,
0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E,
0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63,
0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81,
0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42,
0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F,
0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77,
0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06,
0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73,
0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16,
0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77,
0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69,
0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0xD9, 0x80,
0x3A, 0xC3, 0xD2, 0xF4, 0xDA, 0x37, 0x30, 0x0C, 0x06, 0x03,
0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF,
0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00,
0x67, 0xC0, 0x2C, 0xA9, 0x43, 0x47, 0xE7, 0x11, 0x14, 0x77,
0xAE, 0xCC, 0xD8, 0xE0, 0x6B, 0x23, 0x82, 0x91, 0x63, 0xE8,
0xA8, 0x0D, 0x21, 0xC5, 0xC8, 0x47, 0x97, 0x2F, 0xD5, 0xF3,
0x86, 0xFB, 0x6C, 0xCE, 0x25, 0xF9, 0x7C, 0x78, 0xC8, 0x3A,
0x22, 0x68, 0xF2, 0x16, 0x1E, 0xD2, 0xD2, 0x3F, 0x24, 0x04,
0x87, 0xF2, 0xB7, 0xC1, 0x62, 0x63, 0xBA, 0xC5, 0xFA, 0xAE,
0xD2, 0x20, 0x81, 0x1A, 0xD2, 0x0C, 0xAE, 0x26, 0x6B, 0x1B,
0x2B, 0x10, 0xD3, 0xE1, 0x9A, 0x4E, 0x64, 0x6C, 0x97, 0xDB,
0x36, 0xA8, 0x8F, 0xF8, 0x05, 0x63, 0xBF, 0xBA, 0x0D, 0x88,
0x0B, 0x87, 0x46, 0xC9, 0xE4, 0x64, 0xE3, 0xD7, 0xBD, 0xB8,
0x2D, 0xD5, 0xC1, 0xC3, 0xC4, 0xDB, 0x55, 0x68, 0xDC, 0xA3,
0x7A, 0x40, 0xB9, 0xA9, 0xF6, 0x04, 0x4A, 0x22, 0xCF, 0x98,
0x76, 0x1C, 0xE4, 0xA3, 0xFF, 0x79, 0x19, 0x96, 0x57, 0x63,
0x07, 0x6F, 0xF6, 0x32, 0x77, 0x16, 0x50, 0x9B, 0xE3, 0x34,
0x18, 0xD4, 0xEB, 0xBE, 0xFD, 0xB6, 0x6F, 0xE3, 0xC7, 0xF6,
0x85, 0xBF, 0xAC, 0x32, 0xAD, 0x98, 0x57, 0xBE, 0x13, 0x92,
0x44, 0x10, 0xA5, 0xF3, 0xAE, 0xE2, 0x66, 0xDA, 0x44, 0xA9,
0x94, 0x71, 0x3F, 0xD0, 0x2F, 0x20, 0x59, 0x87, 0xE4, 0x5A,
0x40, 0xEE, 0xD2, 0xE4, 0x0C, 0xCE, 0x25, 0x94, 0xDC, 0x0F,
0xFE, 0x38, 0xE0, 0x41, 0x52, 0x34, 0x5C, 0xBB, 0xC3, 0xDB,
0xC1, 0x5F, 0x76, 0xC3, 0x5D, 0x0E, 0x32, 0x69, 0x2B, 0x9D,
0x01, 0xED, 0x50, 0x1B, 0x4F, 0x77, 0xA9, 0xA9, 0xD8, 0x71,
0x30, 0xCB, 0x2E, 0x2C, 0x70, 0x00, 0xAB, 0x78, 0x4B, 0xD7,
0x15, 0xD9, 0x17, 0xF8, 0x64, 0xB2, 0xF7, 0x3A, 0xDA, 0xE1,
0x0B, 0x8B, 0x0A, 0xE1, 0x4E, 0xB1, 0x03, 0x46, 0x14, 0xCA,
0x94, 0xE3, 0x44, 0x77, 0xD7, 0x59
0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x31, 0x30,
0x82, 0x01, 0x2D, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
0x04, 0x16, 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98,
0x84, 0xE2, 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA,
0x1F, 0x0E, 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55,
0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14,
0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED,
0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5,
0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31,
0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02,
0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C,
0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11,
0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53,
0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30,
0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F,
0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18,
0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77,
0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00,
0xA6, 0x66, 0x38, 0x49, 0x45, 0x9B, 0xDC, 0x81, 0x30, 0x0C,
0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
0x01, 0xFF, 0x30, 0x32, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
0x05, 0x07, 0x01, 0x01, 0x04, 0x26, 0x30, 0x24, 0x30, 0x22,
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01,
0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C,
0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x3A, 0x32,
0x32, 0x32, 0x32, 0x32, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
0x82, 0x01, 0x01, 0x00, 0x71, 0x17, 0x8F, 0x6F, 0x7D, 0xD6,
0x11, 0x01, 0x79, 0xAC, 0xE9, 0xC2, 0xFB, 0x71, 0x69, 0x6B,
0x0C, 0x64, 0x91, 0xC1, 0x32, 0x8B, 0x9C, 0x62, 0x72, 0xB5,
0x62, 0xBB, 0xF8, 0xCF, 0x6C, 0x27, 0xDF, 0xF0, 0x64, 0xD6,
0x4A, 0x55, 0x4F, 0x7F, 0x4A, 0x8B, 0x7B, 0x80, 0x5B, 0x3C,
0xA0, 0x31, 0xB0, 0x25, 0x92, 0x02, 0x02, 0x9C, 0x99, 0xA5,
0x8E, 0x0C, 0x61, 0xEF, 0xB4, 0x1E, 0x01, 0x2E, 0x1C, 0xE9,
0x9C, 0x59, 0x2D, 0xEF, 0x6E, 0x03, 0x4D, 0xF1, 0x59, 0xE5,
0x5F, 0x69, 0x66, 0x5C, 0x0A, 0xE6, 0xCD, 0xF6, 0x74, 0x20,
0x86, 0x4C, 0xF6, 0x8F, 0x22, 0x86, 0x68, 0x7E, 0xFE, 0x67,
0x3F, 0x3D, 0x19, 0xB8, 0x61, 0xEF, 0xC5, 0xA5, 0x58, 0xA8,
0x2A, 0xCE, 0xD3, 0x2C, 0xA7, 0x1B, 0xDD, 0xC8, 0x59, 0xC7,
0xE7, 0xCF, 0x42, 0x42, 0xDB, 0xAF, 0xFE, 0x15, 0x82, 0xC9,
0xE5, 0x53, 0xFA, 0xB4, 0x37, 0x55, 0x67, 0x47, 0x0F, 0xE7,
0x24, 0x88, 0x14, 0xA3, 0x6C, 0xBE, 0x5F, 0x72, 0x05, 0x5F,
0x56, 0x33, 0xAA, 0x7F, 0xAC, 0x2E, 0x10, 0x92, 0xB7, 0xA2,
0xF9, 0xC1, 0x62, 0x0C, 0x3B, 0x0C, 0x69, 0x9A, 0x71, 0x15,
0x11, 0xBC, 0x37, 0xBF, 0x8E, 0x23, 0x14, 0xC2, 0xB1, 0x0D,
0xDF, 0x89, 0x45, 0x1E, 0xDF, 0x14, 0xE8, 0x95, 0x35, 0x88,
0x27, 0xA8, 0xAB, 0xDD, 0x7C, 0x23, 0x3F, 0xBB, 0xFE, 0x4E,
0x0E, 0xEA, 0xA6, 0xEE, 0xF5, 0x77, 0xFB, 0xAA, 0xB8, 0x28,
0x33, 0xF9, 0x61, 0xB0, 0xD2, 0x79, 0x46, 0xA4, 0xBA, 0xA0,
0x90, 0xC8, 0xE7, 0x96, 0x8F, 0x27, 0xE9, 0x1E, 0xD0, 0x92,
0x43, 0xBB, 0x84, 0xC7, 0xF3, 0x28, 0x0C, 0x41, 0xAA, 0x77,
0x39, 0x65, 0xAA, 0x0D, 0x02, 0xB0, 0xE0, 0x4D, 0xB1, 0x17,
0x41, 0xC9, 0xF0, 0xD4, 0x47, 0x87, 0xFB, 0x0F, 0xF0, 0x40
};
static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048);

83
wolfssl/internal.h
View File

@ -1370,22 +1370,27 @@ struct WOLFSSL_CRL {
/* wolfSSL Certificate Manager */
struct WOLFSSL_CERT_MANAGER {
Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */
void* heap; /* heap helper */
WOLFSSL_CRL* crl; /* CRL checker */
WOLFSSL_OCSP* ocsp; /* OCSP checker */
char* ocspOverrideURL; /* use this responder */
void* ocspIOCtx; /* I/O callback CTX */
CallbackCACache caCacheCallback; /* CA cache addition callback */
CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
wolfSSL_Mutex caLock; /* CA list lock */
byte crlEnabled; /* is CRL on ? */
byte crlCheckAll; /* always leaf, but all ? */
byte ocspEnabled; /* is OCSP on ? */
byte ocspCheckAll; /* always leaf, but all ? */
byte ocspSendNonce; /* send the OCSP nonce ? */
byte ocspUseOverrideURL; /* ignore cert's responder, override */
void* heap; /* heap helper */
WOLFSSL_CRL* crl; /* CRL checker */
WOLFSSL_OCSP* ocsp; /* OCSP checker */
#if !defined(NO_WOLFSSL_SEVER) && (defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
WOLFSSL_OCSP* ocsp_stapling; /* OCSP checker for OCSP stapling */
#endif
char* ocspOverrideURL; /* use this responder */
void* ocspIOCtx; /* I/O callback CTX */
CallbackCACache caCacheCallback; /* CA cache addition callback */
CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */
CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */
CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */
wolfSSL_Mutex caLock; /* CA list lock */
byte crlEnabled; /* is CRL on ? */
byte crlCheckAll; /* always leaf, but all ? */
byte ocspEnabled; /* is OCSP on ? */
byte ocspCheckAll; /* always leaf, but all ? */
byte ocspSendNonce; /* send the OCSP nonce ? */
byte ocspUseOverrideURL; /* ignore cert's responder, override */
byte ocspStaplingEnabled; /* is OCSP Stapling on ? */
};
WOLFSSL_LOCAL int CM_SaveCertCache(WOLFSSL_CERT_MANAGER*, const char*);
@ -1476,6 +1481,7 @@ typedef enum {
TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stappling */
TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */
TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stappling v2 */
TLSX_QUANTUM_SAFE_HYBRID = 0x0018, /* a.k.a. QSH */
TLSX_SESSION_TICKET = 0x0023,
TLSX_RENEGOTIATION_INFO = 0xff01
@ -1510,6 +1516,7 @@ WOLFSSL_LOCAL int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length,
|| defined(HAVE_MAX_FRAGMENT) \
|| defined(HAVE_TRUNCATED_HMAC) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) \
|| defined(HAVE_SUPPORTED_CURVES) \
|| defined(HAVE_ALPN) \
|| defined(HAVE_QSH) \
@ -1592,11 +1599,33 @@ typedef struct {
} request;
} CertificateStatusRequest;
WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequest(TLSX** extensions,
WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequest(TLSX** extensions,
byte status_type, byte options);
WOLFSSL_LOCAL int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert);
WOLFSSL_LOCAL void* TLSX_CSR_GetRequest(TLSX* extensions);
WOLFSSL_LOCAL int TLSX_CSR_ForceRequest(WOLFSSL* ssl);
WOLFSSL_LOCAL int TLSX_CSR_InitRequest(TLSX* extensions, DecodedCert* cert);
WOLFSSL_LOCAL void* TLSX_CSR_GetRequest(TLSX* extensions);
WOLFSSL_LOCAL int TLSX_CSR_ForceRequest(WOLFSSL* ssl);
#endif
/** Certificate Status Request v2 - RFC 6961 */
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
typedef struct CSRIv2 {
byte status_type;
byte options;
word16 requests;
union {
OcspRequest ocsp[1 + MAX_CHAIN_DEPTH];
} request;
struct CSRIv2* next;
} CertificateStatusRequestItemV2;
WOLFSSL_LOCAL int TLSX_UseCertificateStatusRequestV2(TLSX** extensions,
byte status_type, byte options);
WOLFSSL_LOCAL int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer);
WOLFSSL_LOCAL void* TLSX_CSR2_GetRequest(TLSX* extensions, byte status_type,
byte index);
WOLFSSL_LOCAL int TLSX_CSR2_ForceRequest(WOLFSSL* ssl);
#endif
@ -1775,6 +1804,15 @@ struct WOLFSSL_CTX {
#endif
#ifdef HAVE_TLS_EXTENSIONS
TLSX* extensions; /* RFC 6066 TLS Extensions data */
#ifndef NO_WOLFSSL_SERVER
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
OcspRequest* certOcspRequest;
#endif
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
OcspRequest* chainOcspRequest[MAX_CHAIN_DEPTH];
#endif
#endif
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SEVER)
SessionTicketEncCb ticketEncCb; /* enc/dec session ticket Cb */
void* ticketEncCtx; /* session encrypt context */
@ -2043,6 +2081,7 @@ enum AcceptState {
ACCEPT_FIRST_REPLY_DONE,
SERVER_HELLO_SENT,
CERT_SENT,
CERT_STATUS_SENT,
KEY_EXCHANGE_SENT,
CERT_REQ_SENT,
SERVER_HELLO_DONE,
@ -2497,6 +2536,9 @@ struct WOLFSSL {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
byte status_request;
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
byte status_request_v2;
#endif
#ifdef HAVE_SECURE_RENEGOTIATION
SecureRenegotiation* secure_renegotiation; /* valid pointer indicates */
#endif /* user turned on */
@ -2660,6 +2702,7 @@ WOLFSSL_LOCAL int DoClientTicket(WOLFSSL*, const byte*, word32);
WOLFSSL_LOCAL int SendData(WOLFSSL*, const void*, int);
WOLFSSL_LOCAL int SendCertificate(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateRequest(WOLFSSL*);
WOLFSSL_LOCAL int SendCertificateStatus(WOLFSSL*);
WOLFSSL_LOCAL int SendServerKeyExchange(WOLFSSL*);
WOLFSSL_LOCAL int SendBuffered(WOLFSSL*);
WOLFSSL_LOCAL int ReceiveData(WOLFSSL*, byte*, int, int);

4
wolfssl/ocsp.h
View File

@ -39,9 +39,9 @@ typedef struct WOLFSSL_OCSP WOLFSSL_OCSP;
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP*, WOLFSSL_CERT_MANAGER*);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP*, int dynamic);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*);
WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP*, DecodedCert*, void*);
WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp,
OcspRequest* ocspRequest);
OcspRequest* ocspRequest, void*);
#ifdef __cplusplus
} /* extern "C" */

33
wolfssl/ssl.h
View File

@ -1269,6 +1269,9 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER*,
CbOCSPIO, CbOCSPRespFree, void*);
WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling(
WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_LoadCRL(WOLFSSL*, const char*, int, int);
@ -1287,6 +1290,8 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX*, const char*);
WOLFSSL_API int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX*,
CbOCSPIO, CbOCSPRespFree, void*);
WOLFSSL_API int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
#endif /* !NO_CERTS */
/* end of handshake frees temporary arrays, if user needs for get_keys or
@ -1425,10 +1430,34 @@ enum {
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_API int wolfSSL_UseCertificateStatusRequest(WOLFSSL* ssl,
WOLFSSL_API int wolfSSL_UseOCSPStapling(WOLFSSL* ssl,
unsigned char status_type, unsigned char options);
WOLFSSL_API int wolfSSL_CTX_UseCertificateStatusRequest(WOLFSSL_CTX* ctx,
WOLFSSL_API int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx,
unsigned char status_type, unsigned char options);
#endif
#endif
/* Certificate Status Request v2 */
/* Certificate Status Type */
enum {
WOLFSSL_CSR2_OCSP = 1,
WOLFSSL_CSR2_OCSP_MULTI = 2
};
/* Certificate Status v2 Options (flags) */
enum {
WOLFSSL_CSR2_OCSP_USE_NONCE = 0x01
};
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
#ifndef NO_WOLFSSL_CLIENT
WOLFSSL_API int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl,
unsigned char status_type, unsigned char options);
WOLFSSL_API int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
unsigned char status_type, unsigned char options);
#endif

3
wolfssl/wolfcrypt/asn.h
View File

@ -684,6 +684,9 @@ struct CertStatus {
byte nextDate[MAX_DATE_SIZE];
byte thisDateFormat;
byte nextDateFormat;
byte* rawOcspResponse;
word32 rawOcspResponseSz;
};

2
wolfssl/wolfcrypt/logging.h
View File

@ -56,6 +56,7 @@ WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
void WOLFSSL_ERROR(int);
void WOLFSSL_MSG(const char* msg);
void WOLFSSL_BUFFER(byte* buffer, word32 length);
#else /* DEBUG_WOLFSSL */
@ -65,6 +66,7 @@ WOLFSSL_API int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb log_function);
#define WOLFSSL_ERROR(e)
#define WOLFSSL_MSG(m)
#define WOLFSSL_BUFFER(b, l)
#endif /* DEBUG_WOLFSSL */