mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,393 Commits 5 Branches 160 Tags 772 MiB
Commit Graph

30 Commits

Author SHA1 Message Date
Jacob Barthelmeh e41f5de556 default generate ed25519 cert with renew and add ecc crls to script 2018-03-09 14:09:34 -07:00
David Garske d7ae1df778 Fix to add `keyUsage` `keyAgreement` for the ECC server certificate. Resolves issue with openssl test using "ECDH-ECDSA" cipher suite. 2017-10-20 11:26:15 -07:00
David Garske 024c8725ad Testing improvements for cert gen and TLS cert validation: 
* Fixes to support certificate generation (`WOLFSSL_CERT_GEN`) without RSA enabled.
* Added new ECC CA for 384-bit tests.
* Created new server cert chain (ECC CA for 256-bit that signs server-ecc.pem)
* Created new `./certs/ecc/genecc.sh` script for generating all ECC CA's, generated server cert req (CSR), signing with CA and the required CRL.
* Moved the wolfCrypt ECC CA / ECC cert gen test into `ecc_test` as `ecc_test_cert_gen`.
* Refactor duplicate code that saves DER to disk, converts DER to PEM and saves PEM to disk into SaveDerAndPem function.
* Changed `ecc_test_make_pub` and `ecc_test_key_gen` to use XMALLOC for temp buffers (uses heap instead of stack).
* Cleanup to combine all certificate subject information into global `certDefaultName`.
* Updated cert request info to use wolfSSL instead of Yassl.
* Cleanup to combine keyUsage into `certKeyUsage` and `certKeyUsage2`.
* Re-number error codes in rsa_test.
* Moved the certext_test after the ecc_test, since it uses a file generated in `ecc_test_cert_gen`.
 2017-10-19 16:17:51 -07:00
Sean Parkinson 4d77e80d04 Fix loading of CRLs and certs. 
Change function wolfSSL_X509_LOOKUP_load_file to load multiple CRLs and
certificates from a file.
Change CRL loading to have a flag to not verify CRL signature - only do
this when using wolfSSL_X509_LOOKUP_load_file() as the certificate is
not always available.
Add test case for loading multiple CRLs in one file without certificate.
 2017-05-15 10:04:42 +10:00
kaleb-himes 03295ec6d7 update certs, extend ntru to 1000 days, add der formatted ecc, new ecc buffer test 
changes from first review

move to 256 bit defines
 2016-08-12 13:00:52 -06:00
kaleb-himes 4121667586 update certs pre-release: NTRU certs expired in mid june 2016-07-25 13:05:52 -06:00
Moisés Guimarães 858da86c05 restore original certs, without OCSP Authority Information Access; 2016-01-04 17:15:29 -03:00
Moisés Guimarães ec9d23a9c3 Merge branch 'csr' 2015-12-28 19:38:04 -03:00
kaleb-himes 1a0a9de9c6 changes post review 
crl-revoked dash compliant. revoked-cert has unique fields

new print statements
 2015-07-23 17:05:25 -06:00
Nickolas Lapp 3732d31955 Fixed file cleanup in gencrls, finished support for crl.test update crls sign revoked cert 2015-07-22 10:37:24 -06:00
kaleb-himes d2de4719eb added way to gen revoked without running renewcerts 2015-07-22 09:31:23 -06:00
Nickolas Lapp 27202912e8 Adjusted gencrls and renewcerts to add a revoked server cert 2015-07-21 17:17:41 -06:00
kaleb-himes 173b1147b5 updated certs 2015-05-07 12:21:50 -06:00
kaleb-himes c539393ca4 updated all certs 2015-02-04 23:34:04 -07:00
kaleb-himes 9261aa1d6d crls updated 2015-02-02 11:24:30 -07:00
kaleb-himes bd1ff08aa9 certs name changes 2014-12-29 11:53:25 -07:00
Kaleb Himes 2f18af2f5f added --override-ntru, -h, -help, and error checking 2014-07-21 15:13:37 -06:00
Kaleb Himes ba34ba0f0f crls to sha1 from sha256 2014-07-11 14:41:57 -06:00
Kaleb Himes 15f432c521 updated certs 2014-07-11 13:55:10 -06:00
John Safranek 9a275fbe8b updated CRLs for a year 2014-02-07 12:17:01 -08:00
toddouska 85d25798a5 update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing 2013-06-17 14:48:51 -07:00
toddouska 0480b2b60e update test crls 2013-04-01 15:55:03 -07:00
toddouska 5e4c0c426c update test CRLs 2012-11-29 11:49:57 -08:00
toddouska 15fe7f4d94 update CRLs switch to 120 days, add gen script 2012-08-10 11:02:46 -07:00
toddouska 82a56daaaf ecc crls 2012-05-25 13:26:28 -07:00
toddouska 0aea2607b5 don't install example certs and keys 2012-05-23 10:28:02 -07:00
toddouska 5b5b7e231d fix crl dist and dev build 2012-05-18 16:35:19 -07:00
toddouska 86408406fd add metatdata to crls 2012-05-18 16:29:57 -07:00
toddouska 3d67caa353 normal crl doesn't revoke test certs, crl.revoked revokes test server 2012-05-18 16:24:23 -07:00
toddouska 3ec2b9dbbc crl stage 2 2012-05-16 17:04:56 -07:00