name certs reflecting PK used, update examples w/ new names

2020-06-03 14:44:52 -06:00 · 2020-06-03 14:44:52 -06:00 · fdd09aa1b7
parent 8877e05680
commit fdd09aa1b7
8 changed files with 105 additions and 4 deletions
--- a/certgen/ca-cert.der
+++ b/certgen/ca-cert.der
--- a/certgen/ca-ecc-cert.der
+++ b/certgen/ca-ecc-cert.der
--- a/certgen/ca-ecc-cert.pem
+++ b/certgen/ca-ecc-cert.pem
@ -0,0 +1,53 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            43:b5:59:67:bc:60:48:29:8c:82:77:db:b5:42:36:14:e4:85:c0:3a
+        Signature Algorithm: ecdsa-with-SHA256
+        Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Validity
+            Not Before: May  7 07:39:04 2020 GMT
+            Not After : Feb  1 07:39:04 2023 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub:
+                    04:02:d3:d9:6e:d6:01:8e:45:c8:b9:90:31:e5:c0:
+                    4c:e3:9e:ad:29:38:98:ba:10:d6:e9:09:2a:80:a9:
+                    2e:17:2a:b9:8a:bf:33:83:46:e3:95:0b:e4:77:40:
+                    b5:3b:43:45:33:0f:61:53:7c:37:44:c1:cb:fc:80:
+                    ca:e8:43:ea:a7
+                ASN1 OID: prime256v1
+                NIST CURVE: P-256
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
+            X509v3 Authority Key Identifier: 
+                keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+    Signature Algorithm: ecdsa-with-SHA256
+         30:46:02:21:00:e4:87:41:d1:d5:09:b6:97:1c:7c:1c:40:f6:
+         b2:a1:df:28:57:00:a3:62:2b:d8:0b:e7:f3:d4:24:56:52:62:
+         85:02:21:00:cd:0a:3f:60:ca:33:b5:a9:1f:4b:43:2c:60:08:
+         fd:3e:bd:c4:30:5c:ff:2c:d4:58:ac:77:21:c6:2e:39:d9:11
+-----BEGIN CERTIFICATE-----
+MIICljCCAjugAwIBAgIUQ7VZZ7xgSCmMgnfbtUI2FOSFwDowCgYIKoZIzj0EAwIw
+gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
+MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
+bGZzc2wuY29tMB4XDTIwMDUwNzA3MzkwNFoXDTIzMDIwMTA3MzkwNFowgZcxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
+MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE
+AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
+Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAtPZbtYBjkXIuZAx5cBM456t
+KTiYuhDW6QkqgKkuFyq5ir8zg0bjlQvkd0C1O0NFMw9hU3w3RMHL/IDK6EPqp6Nj
+MGEwHQYDVR0OBBYEFFaOmsPwQt4YuUVVbvmTz+rD86UhMB8GA1UdIwQYMBaAFFaO
+msPwQt4YuUVVbvmTz+rD86UhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgGGMAoGCCqGSM49BAMCA0kAMEYCIQDkh0HR1Qm2lxx8HED2sqHfKFcAo2Ir2Avn
+89QkVlJihQIhAM0KP2DKM7WpH0tDLGAI/T69xDBc/yzUWKx3IcYuOdkR
+-----END CERTIFICATE-----
--- a/certgen/ca-ecc-key.der
+++ b/certgen/ca-ecc-key.der
--- a/certgen/ca-ecc-key.pem
+++ b/certgen/ca-ecc-key.pem
@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgAuEzmHeXrEpZbSib
+bqCTmwdxi01gY4WZ5rsWcOkK9oChRANCAAQC09lu1gGORci5kDHlwEzjnq0pOJi6
+ENbpCSqAqS4XKrmKvzODRuOVC+R3QLU7Q0UzD2FTfDdEwcv8gMroQ+qn
+-----END PRIVATE KEY-----
--- a/certgen/ca-key.der
+++ b/certgen/ca-key.der
--- a/certgen/certgen_example.c
+++ b/certgen/certgen_example.c
@ -25,8 +25,8 @@ int main(void) {
    Cert newCert;

    FILE* file;
-    char certToUse[] = "./ca-cert.der";
-    char caKeyFile[] = "./ca-key.der";
+    char certToUse[] = "./ca-ecc-cert.der";
+    char caKeyFile[] = "./ca-ecc-key.der";
    char newCertOutput[] = "./newCert.der";

    int derBufSz;
--- a/certgen/certgen_with_altnames.c
+++ b/certgen/certgen_with_altnames.c
@ -27,9 +27,10 @@ int main(void) {
    Cert newCert;

    FILE* file;
-    char certToUse[] = "./ca-cert.der";
-    char caKeyFile[] = "./ca-key.der";
+    char certToUse[] = "./ca-ecc-cert.der";
+    char caKeyFile[] = "./ca-ecc-key.der";
    char newCertOutput[] = "./newCert.der";
+    char newKeyOutput[] = "./newKey.der";

    int derBufSz;
    int caKeySz;
@ -229,6 +230,48 @@ int main(void) {

        printf("Resulting pem buffer is %d bytes\n", pemBufSz);

+        file = fopen(pemOutput, "wb");
+        if (!file) {
+            printf("failed to open file: %s\n", pemOutput);
+            goto fail;
+        }
+        fwrite(pemBuf, 1, pemBufSz, file);
+        fclose(file);
+        printf("Successfully converted the der to pem. Result is in:  %s\n\n",
+                                                                     pemOutput);
+    }
+    {
+        char pemOutput[] = "./newKey.pem";
+        int pemBufSz;
+
+        XMEMSET(derBuf, 0, FOURK_SZ);
+
+        printf("Convert the key to a DER buffer\n");
+        derBufSz = wc_EccKeyToDer(&newKey, derBuf, FOURK_SZ);
+        if (derBufSz < 0) goto fail;
+
+        printf("Writing new key to file \"%s\"\n", newKeyOutput);
+        file = fopen(newKeyOutput, "wb");
+        if (!file) {
+            printf("failed to open file: %s\n", newKeyOutput);
+            goto fail;
+        }
+
+        ret = (int) fwrite(derBuf, 1, derBufSz, file);
+        fclose(file);
+
+        printf("Successfully output %d bytes\n", ret);
+
+        printf("Convert the der cert to pem formatted key\n");
+
+        XMEMSET(pemBuf, 0, FOURK_SZ);
+
+        pemBufSz = wc_DerToPem(derBuf, derBufSz, pemBuf, FOURK_SZ,
+                               ECC_PRIVATEKEY_TYPE);
+        if (pemBufSz < 0) goto fail;
+
+        printf("Resulting pem buffer is %d bytes\n", pemBufSz);
+
        file = fopen(pemOutput, "wb");
        if (!file) {
            printf("failed to open file: %s\n", pemOutput);