WolfSSL
/
wolfssljni
mirror of https://github.com/wolfSSL/wolfssljni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add script to update example certs, update CRLs from current wolfSSL

pull/109/head
Chris Conlon 2022-11-29 10:30:41 -07:00
parent be13b9bc9d
commit 83e228013a
7 changed files with 190 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -94,6 +94,13 @@ Examples of using the wolfJSSE provider can be found in the `./examples/provider
subdirectory. See [examples/provider/README.md](./examples/provider/README.md)
for more details.
Example certificates and keys are included in this bundle. These should only
be used for testing and prototyping. Example certificates included here are
duplicates of the ones that ship with standard wolfSSL. If needed, certificates
can be easily updated from an existing wolfSSL directory by using the script
**examples/certs/update-certs.sh**. This should be run from the examples/certs
directory and given one argument which is the path to a wolfSSL certs directory.
## Debugging
wolfJSSE debug logging can be enabled by using `-Dwolfjsse.debug=true` at

54
examples/certs/crl/cliCrl.pem
View File

@ -2,41 +2,41 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Last Update: Dec 20 23:07:26 2021 GMT
Next Update: Sep 15 23:07:26 2024 GMT
Last Update: Feb 15 12:50:27 2022 GMT
Next Update: Nov 11 12:50:27 2024 GMT
CRL extensions:
X509v3 CRL Number:
6
Revoked Certificates:
Serial Number: 02
Revocation Date: Dec 20 23:07:25 2021 GMT
Revocation Date: Feb 15 12:50:27 2022 GMT
Signature Algorithm: sha256WithRSAEncryption
98:e9:a5:58:02:d9:8d:4d:d6:f8:22:6c:80:43:d5:54:82:0d:
dc:27:94:f8:b2:89:c5:4d:40:fa:03:fe:e7:4f:6f:36:41:f4:
d1:03:6d:da:dd:f8:70:94:93:d5:25:1a:47:b5:aa:33:22:56:
18:ac:d2:b4:f8:06:84:2c:ed:3d:df:7b:ee:0e:e2:50:ca:f5:
cb:20:ee:dd:c3:81:db:29:b2:f4:bd:3b:27:29:a1:55:92:d8:
4f:36:9b:ad:9c:83:b6:ef:a1:07:8e:8d:f8:22:01:c3:5a:fe:
f4:7d:4a:27:48:bb:56:6d:7d:b5:cd:f2:0f:b5:df:59:bc:66:
dd:4b:0a:c9:d2:51:7c:e4:69:5d:0d:04:60:1f:0e:b8:26:3f:
dd:5f:2b:53:11:7b:d6:a8:0b:b5:70:15:61:43:5f:22:d3:88:
77:04:28:a5:4c:ef:b5:b1:7d:04:c1:d2:92:cb:1f:3b:02:21:
d0:0d:ae:5c:e9:d7:9c:7e:81:03:11:70:43:91:13:08:12:f5:
8b:7d:d7:ff:bd:b8:ee:ef:d0:6b:76:7a:d9:11:48:a4:19:7e:
d2:e1:c2:96:c0:cc:21:56:27:19:de:27:ed:06:f2:58:cf:d1:
19:c0:56:70:aa:56:34:1c:e7:8f:9a:f5:96:c1:79:56:ab:b8:
32:63:03:ec
7e:92:50:e4:30:78:22:ed:6f:79:a5:cb:65:3c:de:7a:83:88:
1e:66:8a:e5:2e:42:c6:9f:66:31:94:22:89:30:18:a2:b4:28:
76:b1:bc:8b:4a:0d:aa:ee:92:b6:4e:b5:11:87:6b:57:18:4d:
fd:3c:b1:75:d7:b3:16:0e:7a:42:76:c5:b8:7c:22:15:11:c0:
9b:0d:a6:fe:42:86:ef:cb:79:60:4d:35:20:4c:a3:a2:37:07:
de:dd:94:fe:49:86:ae:7c:86:71:e2:86:9a:2b:e2:a2:80:6c:
96:3c:8b:13:4f:f6:52:63:6d:1c:7c:af:3f:22:c1:53:97:6b:
d0:2f:84:88:68:23:e1:8c:2d:bd:57:e3:c7:eb:6f:20:13:a7:
13:86:2f:2e:d5:3b:87:bb:08:3b:24:cb:dd:10:17:48:d9:97:
67:28:6e:40:6a:70:45:04:6f:93:52:77:a3:21:7e:58:29:95:
96:a6:3f:a2:73:83:2f:3e:d8:85:0a:f4:7d:39:04:9b:5d:cb:
7e:d4:6a:33:63:b4:67:6f:b8:e3:3a:6a:7b:57:ed:f6:bd:98:
11:fb:f1:0e:c8:29:73:fd:dd:55:93:d4:00:05:5c:be:d6:e7:
24:ec:9d:d0:41:d3:1c:dc:4b:de:df:64:e1:00:39:dc:7d:04:
75:fd:94:7c
-----BEGIN X509 CRL-----
MIICDjCB9wIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMTEy
MjAyMzA3MjZaFw0yNDA5MTUyMzA3MjZaMBQwEgIBAhcNMjExMjIwMjMwNzI1WqAO
MAwwCgYDVR0UBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAJjppVgC2Y1N1vgibIBD
1VSCDdwnlPiyicVNQPoD/udPbzZB9NEDbdrd+HCUk9UlGke1qjMiVhis0rT4BoQs
7T3fe+4O4lDK9csg7t3DgdspsvS9OycpoVWS2E82m62cg7bvoQeOjfgiAcNa/vR9
SidIu1ZtfbXN8g+131m8Zt1LCsnSUXzkaV0NBGAfDrgmP91fK1MRe9aoC7VwFWFD
XyLTiHcEKKVM77WxfQTB0pLLHzsCIdANrlzp15x+gQMRcEOREwgS9Yt91/+9uO7v
0Gt2etkRSKQZftLhwpbAzCFWJxneJ+0G8ljP0RnAVnCqVjQc54+a9ZbBeVaruDJj
A+w=
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjAy
MTUxMjUwMjdaFw0yNDExMTExMjUwMjdaMBQwEgIBAhcNMjIwMjE1MTI1MDI3WqAO
MAwwCgYDVR0UBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAH6SUOQweCLtb3mly2U8
3nqDiB5miuUuQsafZjGUIokwGKK0KHaxvItKDarukrZOtRGHa1cYTf08sXXXsxYO
ekJ2xbh8IhURwJsNpv5Chu/LeWBNNSBMo6I3B97dlP5Jhq58hnHihpor4qKAbJY8
ixNP9lJjbRx8rz8iwVOXa9AvhIhoI+GMLb1X48frbyATpxOGLy7VO4e7CDsky90Q
F0jZl2cobkBqcEUEb5NSd6MhflgplZamP6Jzgy8+2IUK9H05BJtdy37UajNjtGdv
uOM6antX7fa9mBH78Q7IKXP93VWT1AAFXL7W5yTsndBB0xzcS97fZOEAOdx9BHX9
lHw=
-----END X509 CRL-----

52
examples/certs/crl/crl.pem
View File

@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Last Update: Dec 20 23:07:25 2021 GMT
Next Update: Sep 15 23:07:25 2024 GMT
Last Update: Feb 15 12:50:27 2022 GMT
Next Update: Nov 11 12:50:27 2024 GMT
CRL extensions:
X509v3 CRL Number:
2
Revoked Certificates:
Serial Number: 02
Revocation Date: Dec 20 23:07:25 2021 GMT
Revocation Date: Feb 15 12:50:27 2022 GMT
Signature Algorithm: sha256WithRSAEncryption
8b:c0:b8:cb:03:5c:8c:d1:53:b2:c5:b1:4d:f3:b3:e8:13:bf:
5f:a7:1a:cc:74:e8:06:66:c1:cb:89:c3:e3:b3:fb:68:4e:8f:
d0:5b:33:d8:ed:5e:14:b3:21:c8:c0:06:66:97:6d:69:96:78:
bd:a9:d1:59:85:0f:13:29:2d:2f:49:87:94:84:14:94:38:74:
04:16:94:10:ea:f2:31:d8:34:b7:65:e8:5e:52:4f:96:ac:bf:
5f:4f:6c:ee:5d:04:2a:26:b2:29:7c:9d:06:82:b3:b5:e6:5b:
d5:11:72:56:d5:34:75:82:5e:2a:f3:c6:67:72:94:c6:02:83:
e8:58:85:2d:73:db:55:30:a2:c2:b1:bb:4c:bf:f6:a2:d8:b3:
fc:1b:bd:51:97:4e:f4:c2:04:4f:04:ee:61:e7:51:4b:4f:09:
fe:10:5c:3c:1e:e0:cb:51:1f:54:f4:38:3f:6c:58:ee:4e:f8:
ca:34:cd:37:ee:bb:06:53:14:c7:60:a4:89:ac:9a:50:4a:b5:
9e:b3:59:97:9b:27:5e:5c:fa:14:74:3d:a2:76:62:63:ae:e8:
d2:f9:b7:ad:0c:3f:07:40:50:5c:e4:fb:95:3c:3d:df:2e:81:
f2:6a:9e:01:69:c3:a2:1e:d7:00:2b:6d:6c:67:f0:fb:13:ce:
f1:a5:08:d6
43:e6:3b:30:0e:32:53:32:a4:08:3c:e5:d5:2e:f1:ce:e9:95:
ff:ba:d6:fe:2e:59:80:f8:0a:2f:cf:1e:e0:37:fe:ca:cc:33:
66:8b:ed:65:50:7d:44:92:d3:5c:52:9a:95:a5:9d:a5:4e:77:
8b:b4:7f:59:c8:7a:e0:eb:34:32:ae:a1:03:99:d2:3c:c0:f4:
7e:1c:87:4c:6c:5a:ba:0a:95:e8:a1:44:01:7b:8f:3e:a4:e3:
e8:1e:07:19:f0:09:7a:85:8f:f3:82:62:f8:1e:08:51:a3:60:
30:5b:06:c8:a2:b3:ff:aa:28:66:ad:fe:4b:81:49:30:ef:5f:
5d:ac:d9:ad:17:9f:2a:b6:22:d6:35:cc:9f:d9:11:26:dd:7a:
06:35:d0:d5:c7:41:6c:52:97:8c:aa:82:5a:e5:a8:58:d4:b7:
2b:31:84:34:15:bd:08:e4:9e:71:9e:c5:40:f8:02:a3:a0:1e:
4f:98:72:2b:eb:9e:8a:4e:01:83:88:e5:cb:6e:3b:52:e3:a9:
34:a1:7c:e4:79:2c:d1:e0:0b:74:22:ba:6d:cb:c3:a1:56:f9:
c9:f4:20:bf:00:49:df:6b:59:49:18:c7:75:27:8e:a1:5a:a6:
ff:f2:be:34:4a:c9:6d:6e:24:a3:1f:15:7e:34:90:b6:81:bf:
15:80:c3:ac
-----BEGIN X509 CRL-----
MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIxMTIyMDIzMDcyNVoX
DTI0MDkxNTIzMDcyNVowFDASAgECFw0yMTEyMjAyMzA3MjVaoA4wDDAKBgNVHRQE
AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAi8C4ywNcjNFTssWxTfOz6BO/X6cazHTo
BmbBy4nD47P7aE6P0Fsz2O1eFLMhyMAGZpdtaZZ4vanRWYUPEyktL0mHlIQUlDh0
BBaUEOryMdg0t2XoXlJPlqy/X09s7l0EKiayKXydBoKzteZb1RFyVtU0dYJeKvPG
Z3KUxgKD6FiFLXPbVTCiwrG7TL/2otiz/Bu9UZdO9MIETwTuYedRS08J/hBcPB7g
y1EfVPQ4P2xY7k74yjTNN+67BlMUx2CkiayaUEq1nrNZl5snXlz6FHQ9onZiY67o
0vm3rQw/B0BQXOT7lTw93y6B8mqeAWnDoh7XACttbGfw+xPO8aUI1g==
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMDIxNTEyNTAyN1oX
DTI0MTExMTEyNTAyN1owFDASAgECFw0yMjAyMTUxMjUwMjdaoA4wDDAKBgNVHRQE
AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAQ+Y7MA4yUzKkCDzl1S7xzumV/7rW/i5Z
gPgKL88e4Df+yswzZovtZVB9RJLTXFKalaWdpU53i7R/Wch64Os0Mq6hA5nSPMD0
fhyHTGxaugqV6KFEAXuPPqTj6B4HGfAJeoWP84Ji+B4IUaNgMFsGyKKz/6ooZq3+
S4FJMO9fXazZrRefKrYi1jXMn9kRJt16BjXQ1cdBbFKXjKqCWuWoWNS3KzGENBW9
COSecZ7FQPgCo6AeT5hyK+ueik4Bg4jly247UuOpNKF85Hks0eALdCK6bcvDoVb5
yfQgvwBJ32tZSRjHdSeOoVqm//K+NErJbW4kox8VfjSQtoG/FYDDrA==
-----END X509 CRL-----

56
examples/certs/crl/crl.revoked
View File

@ -2,43 +2,43 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Last Update: Dec 20 23:07:25 2021 GMT
Next Update: Sep 15 23:07:25 2024 GMT
Last Update: Feb 15 12:50:27 2022 GMT
Next Update: Nov 11 12:50:27 2024 GMT
CRL extensions:
X509v3 CRL Number:
3
Revoked Certificates:
Serial Number: 01
Revocation Date: Dec 20 23:07:25 2021 GMT
Revocation Date: Feb 15 12:50:27 2022 GMT
Serial Number: 02
Revocation Date: Dec 20 23:07:25 2021 GMT
Revocation Date: Feb 15 12:50:27 2022 GMT
Signature Algorithm: sha256WithRSAEncryption
1a:64:b8:03:b0:03:c9:e1:75:c4:c1:6e:ab:af:8e:68:9b:b1:
d0:e1:12:c0:2c:c0:8e:74:6d:27:e2:e9:36:25:c3:be:10:d7:
00:e0:1e:a0:27:84:13:bb:75:73:d8:e7:c5:0b:14:3b:f3:3d:
ef:bc:dc:ad:5c:4c:bf:e3:67:82:ef:a3:84:2d:72:c6:15:f7:
4e:13:66:92:44:6f:78:d9:25:36:10:96:49:e1:37:9a:6f:db:
61:2b:4c:88:ff:d1:fa:fa:2c:d4:76:38:2d:c1:f8:14:e9:7e:
18:52:46:69:7c:74:8a:e4:fc:a2:a1:bc:f8:a5:cf:1f:61:dd:
b8:c7:61:d5:0c:e2:a1:24:3c:fe:6b:a7:61:dc:e0:39:2b:73:
56:d5:13:47:d5:2a:2f:03:83:07:bc:aa:4b:5e:46:87:09:03:
f2:f2:e7:64:63:ad:99:3e:c4:a8:e3:e6:98:ed:31:b8:4d:1e:
00:a0:95:ba:35:3a:c1:e1:50:4d:30:f6:65:e2:4f:8c:3a:87:
e3:0b:8d:a8:ec:15:aa:99:f0:65:57:b2:f4:f0:ed:5a:b6:ce:
56:a7:af:d1:cf:48:10:cb:a6:27:36:d8:05:ac:54:d4:2e:fb:
b9:64:79:44:59:9b:e9:81:c5:e2:11:59:ea:8f:78:ae:8f:7f:
2e:cf:3d:e8
0f:69:fc:a3:54:d7:9c:94:db:71:a8:6c:b6:af:3c:df:0d:bb:
bb:cb:2e:45:6f:6d:a5:27:dc:ee:67:39:36:d4:33:22:02:5e:
fe:4f:27:00:4a:ba:b0:51:7c:3e:98:ee:a2:d3:58:31:6c:60:
02:34:f0:ec:67:ec:fa:66:44:8d:27:f7:70:57:4b:a1:10:e3:
a1:fb:f4:3a:ac:ec:ca:cb:d8:d7:d8:ca:45:41:d4:17:18:30:
f1:4e:f6:a4:8b:17:0c:4f:b0:b6:79:17:f3:a8:57:8f:8d:89:
ad:73:b9:d4:95:c1:e2:19:0e:f6:ca:dd:bd:dc:d1:0b:eb:a7:
c7:85:c6:49:8f:7d:e4:9b:fb:1a:a9:da:92:0a:52:7a:87:f3:
32:dc:a8:9f:cf:a3:3b:47:ee:66:f4:61:48:a0:60:4c:50:66:
87:07:33:55:11:ed:8b:5d:df:d8:10:de:ce:ea:4a:98:41:ca:
6a:90:7c:35:0d:df:ac:4d:19:d6:5f:37:a5:a7:48:40:31:59:
62:84:a8:21:a6:b5:8d:63:54:e0:2e:b9:83:92:b0:20:bc:66:
b2:bf:4d:5a:0b:00:a7:c0:cb:29:c3:54:be:92:91:1d:b0:d0:
ec:b4:5d:fe:a4:90:ed:08:21:71:18:91:4b:97:3d:75:4f:f0:
bc:56:8e:db
-----BEGIN X509 CRL-----
MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMTEyMjAyMzA3MjVa
Fw0yNDA5MTUyMzA3MjVaMCgwEgIBARcNMjExMjIwMjMwNzI1WjASAgECFw0yMTEy
MjAyMzA3MjVaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAGmS4
A7ADyeF1xMFuq6+OaJux0OESwCzAjnRtJ+LpNiXDvhDXAOAeoCeEE7t1c9jnxQsU
O/M977zcrVxMv+Nngu+jhC1yxhX3ThNmkkRveNklNhCWSeE3mm/bYStMiP/R+vos
1HY4LcH4FOl+GFJGaXx0iuT8oqG8+KXPH2HduMdh1QzioSQ8/munYdzgOStzVtUT
R9UqLwODB7yqS15GhwkD8vLnZGOtmT7EqOPmmO0xuE0eAKCVujU6weFQTTD2ZeJP
jDqH4wuNqOwVqpnwZVey9PDtWrbOVqev0c9IEMumJzbYBaxU1C77uWR5RFmb6YHF
4hFZ6o94ro9/Ls896A==
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjAyMTUxMjUwMjda
Fw0yNDExMTExMjUwMjdaMCgwEgIBARcNMjIwMjE1MTI1MDI3WjASAgECFw0yMjAy
MTUxMjUwMjdaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAD2n8
o1TXnJTbcahstq883w27u8suRW9tpSfc7mc5NtQzIgJe/k8nAEq6sFF8PpjuotNY
MWxgAjTw7Gfs+mZEjSf3cFdLoRDjofv0OqzsysvY19jKRUHUFxgw8U72pIsXDE+w
tnkX86hXj42JrXO51JXB4hkO9srdvdzRC+unx4XGSY995Jv7GqnakgpSeofzMtyo
n8+jO0fuZvRhSKBgTFBmhwczVRHti13f2BDezupKmEHKapB8NQ3frE0Z1l83padI
QDFZYoSoIaa1jWNU4C65g5KwILxmsr9NWgsAp8DLKcNUvpKRHbDQ7LRd/qSQ7Qgh
cRiRS5c9dU/wvFaO2w==
-----END X509 CRL-----

24
examples/certs/crl/eccCliCRL.pem
View File

@ -2,25 +2,25 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Last Update: Dec 20 23:07:26 2021 GMT
Next Update: Sep 15 23:07:26 2024 GMT
Last Update: Feb 15 12:50:27 2022 GMT
Next Update: Nov 11 12:50:27 2024 GMT
CRL extensions:
X509v3 CRL Number:
7
Revoked Certificates:
Serial Number: 02
Revocation Date: Dec 20 23:07:25 2021 GMT
Revocation Date: Feb 15 12:50:27 2022 GMT
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:7f:f8:7b:01:25:3c:02:e6:ad:1a:cd:ce:66:72:
db:ab:8b:42:3f:24:26:9f:c2:36:86:b7:49:b4:fe:09:05:61:
02:20:3f:0c:6c:bf:76:07:72:91:e6:49:bc:4b:23:d3:e1:62:
c3:12:b7:92:8c:f6:e2:8a:36:58:b6:49:c2:38:35:0a
30:46:02:21:00:c3:8c:e6:ec:41:6c:c8:c7:eb:97:dd:f0:5b:
be:bf:38:68:fe:0a:62:ff:c2:f9:23:db:98:41:0e:b1:64:b8:
46:02:21:00:d7:d8:77:8c:e7:c7:8a:45:9f:fe:c0:4c:bd:f4:
4c:aa:06:ea:5f:82:b6:8b:93:09:57:60:85:d4:82:09:7d:f8
-----BEGIN X509 CRL-----
MIIBOzCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
MIIBPTCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL
BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjExMjIwMjMwNzI2WhcNMjQwOTE1MjMw
NzI2WjAUMBICAQIXDTIxMTIyMDIzMDcyNVqgDjAMMAoGA1UdFAQDAgEHMAoGCCqG
SM49BAMCA0cAMEQCIH/4ewElPALmrRrNzmZy26uLQj8kJp/CNoa3SbT+CQVhAiA/
DGy/dgdykeZJvEsj0+FiwxK3koz24oo2WLZJwjg1Cg==
DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjIwMjE1MTI1MDI3WhcNMjQxMTExMTI1
MDI3WjAUMBICAQIXDTIyMDIxNTEyNTAyN1qgDjAMMAoGA1UdFAQDAgEHMAoGCCqG
SM49BAMCA0kAMEYCIQDDjObsQWzIx+uX3fBbvr84aP4KYv/C+SPbmEEOsWS4RgIh
ANfYd4znx4pFn/7ATL30TKoG6l+CtouTCVdghdSCCX34
-----END X509 CRL-----

22
examples/certs/crl/eccSrvCRL.pem
View File

@ -2,25 +2,25 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Last Update: Dec 20 23:07:26 2021 GMT
Next Update: Sep 15 23:07:26 2024 GMT
Last Update: Feb 15 12:50:27 2022 GMT
Next Update: Nov 11 12:50:27 2024 GMT
CRL extensions:
X509v3 CRL Number:
8
Revoked Certificates:
Serial Number: 02
Revocation Date: Dec 20 23:07:25 2021 GMT
Revocation Date: Feb 15 12:50:27 2022 GMT
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:80:d2:8e:ac:40:68:9b:f9:16:b9:4a:ae:9a:
c9:25:d9:6c:6f:ea:ed:c9:97:4a:e4:8e:50:c8:c1:4e:24:36:
69:02:21:00:b5:9d:01:c8:8c:2a:1c:a7:57:28:79:fa:94:30:
f7:18:d7:c7:78:ab:41:12:0d:de:7b:e0:7d:ee:8a:17:cb:06
30:46:02:21:00:df:77:ba:80:37:b2:31:55:06:a9:96:02:6f:
53:1c:8f:a7:ab:69:43:37:e8:23:35:5a:42:db:71:cd:b7:7c:
a2:02:21:00:f1:cf:b2:64:30:18:a3:52:0d:04:ad:89:ae:a2:
43:35:60:b4:90:0f:12:63:c7:87:7f:24:6e:c8:33:af:39:1e
-----BEGIN X509 CRL-----
MIIBPzCB5QIBATAKBggqhkjOPQQDAjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMTEyMjAyMzA3MjZaFw0yNDA5MTUy
MzA3MjZaMBQwEgIBAhcNMjExMjIwMjMwNzI1WqAOMAwwCgYDVR0UBAMCAQgwCgYI
KoZIzj0EAwIDSQAwRgIhAIDSjqxAaJv5FrlKrprJJdlsb+rtyZdK5I5QyMFOJDZp
AiEAtZ0ByIwqHKdXKHn6lDD3GNfHeKtBEg3ee+B97ooXywY=
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjAyMTUxMjUwMjdaFw0yNDExMTEx
MjUwMjdaMBQwEgIBAhcNMjIwMjE1MTI1MDI3WqAOMAwwCgYDVR0UBAMCAQgwCgYI
KoZIzj0EAwIDSQAwRgIhAN93uoA3sjFVBqmWAm9THI+nq2lDN+gjNVpC23HNt3yi
AiEA8c+yZDAYo1INBK2JrqJDNWC0kA8SY8eHfyRuyDOvOR4=
-----END X509 CRL-----

79
examples/certs/update-certs.sh 100755
View File

@ -0,0 +1,79 @@
#!/bin/bash
# Example Certificate and Key Update Script
#
# This script is used to update all example certificates and keys by copying
# them over from a specified wolfSSL library directory.
#
# Script should be run from the <wolfssljni>/examples/certs directory.
# One argument should be provided, the path to a wolfSSL directory's "cert"
# directory.
#
# Script behavior:
#
# 1. Copy certs from wolfSSL certs directory to this certs directory.
# 2. Convert certs from PEM to DER where needed.
# 3. Remove text info from intermediate certs (for Android use)
#
# Certs not updated, which need to be checked/updated manually if needed:
#
# 1. ca-google-root.der
# 2. example-com.der
printf "Removing and updating example certificates and keys\n"
if [ -z "$1" ]; then
printf "\tNo directory to certs provided\n"
printf "\tExample use ./update-certs.sh ~/wolfssl/certs\n"
exit 1;
fi
CERT_LOCATION=$1
# Copy cert files from wolfssl/certs to local examples/certs
certList=(
"ca-cert.pem"
"ca-ecc-cert.pem"
"ca-ecc-key.pem"
"ca-key.pem"
"client-cert.der"
"client-cert.pem"
"client-key.pem"
"dh2048.pem"
"ecc-client-key.pem"
"ecc-key.pem"
"server-cert.pem"
"server-ecc.pem"
"server-key.pem"
"crl/cliCrl.pem"
"crl/crl.pem"
"crl/crl.revoked"
"crl/eccCliCRL.pem"
"crl/eccSrvCRL.pem"
"intermediate/ca-int2-cert.pem"
"intermediate/ca-int2-ecc-cert.pem"
"intermediate/ca-int-cert.pem"
"intermediate/ca-int-ecc-cert.pem"
"intermediate/server-int-cert.pem"
"intermediate/server-int-ecc-cert.pem"
)
for i in ${!certList[@]};
do
printf "Updating: ${certList[$i]}\n"
cp $CERT_LOCATION/${certList[$i]} ./${certList[$i]}
if [ $? -ne 0 ]; then
printf "Failed to copy cert: ${certList[$i]}\n"
exit 1
fi
done
# Remove text info from intermediate certs, causes issues on Android (WRONG TAG)
printf "Removing text info from intermediate certs\n"
sed -i -n '/-----BEGIN CERTIFICATE-----/,$p' intermediate/ca-int2-cert.pem
sed -i -n '/-----BEGIN CERTIFICATE-----/,$p' intermediate/ca-int2-ecc-cert.pem
sed -i -n '/-----BEGIN CERTIFICATE-----/,$p' intermediate/ca-int-cert.pem
sed -i -n '/-----BEGIN CERTIFICATE-----/,$p' intermediate/ca-int-ecc-cert.pem
sed -i -n '/-----BEGIN CERTIFICATE-----/,$p' intermediate/server-int-cert.pem
sed -i -n '/-----BEGIN CERTIFICATE-----/,$p' intermediate/server-int-ecc-cert.pem
printf "Finished successfully\n"