Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed project by removing the wolfssl.patch and renewing certificates. #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fixed project by removing the wolfssl.patch and renewing certificates. #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -394,3 +394,25 @@ the point where they don't cross packet boundaries anymore.

----

## Updating Test Certificates

The currently checked in certificates will work until end of 2034.
After that they can be regenerated with:

## CA Certificate

```shell
openssl req -x509 -newkey rsa:2048 -sha256 -days 3650 -nodes \
-keyout certs/ca-key.pem -out certs/ca-cert.pem -subj \
"/CN=Test CA"
```

## Server Certificate

```shell
openssl req -x509 -newkey rsa:2048 -sha256 -days 3650 -nodes \
-CA certs/ca-cert.pem -CAkey certs/ca-key.pem \
-keyout certs/server-key.pem -out certs/server-cert.pem \
-subj "/CN=example.com" \
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
```
7 changes: 4 additions & 3 deletions build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
#!/bin/sh

# shellcheck disable=SC2086 # Double quote to prevent globbing and word splitting ($WOLFSSL_LIBS).

set -x -e

WOLFSSL_GIT=https://github.com/wolfSSL/wolfssl
Expand All @@ -25,19 +27,18 @@ if [ ! -d ./wolfssl ]; then
git clone $WOLFSSL_GIT
cd wolfssl
./autogen.sh
patch -p1 < ../wolfssl.patch
cd -
fi

build_wolfssl()
{
if [ $1 -eq 1 ]; then
if [ "$1" -eq 1 ]; then
TLS12="--enable-tlsv12"
else
TLS12="--disable-tlsv12"
fi

if [ $2 -eq 1 ]; then
if [ "$2" -eq 1 ]; then
TLS13="--enable-tls13"
else
TLS13="--disable-tls13"
Expand Down
107 changes: 17 additions & 90 deletions certs/ca-cert.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,92 +1,19 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12309252214903945037 (0xaad33fac180a374d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/[email protected]
Validity
Not Before: Feb 10 19:49:52 2021 GMT
Not After : Nov 7 19:49:52 2023 GMT
Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/[email protected]
serial:AA:D3:3F:AC:18:0A:37:4D

X509v3 Basic Constraints:
CA:TRUE
X509v3 Subject Alternative Name:
DNS:example.com, IP Address:127.0.0.1
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
62:98:c8:58:cf:56:03:86:5b:1b:71:49:7d:05:03:5d:e0:08:
86:ad:db:4a:de:ab:22:96:a8:c3:59:68:c1:37:90:40:df:bd:
89:d0:bc:da:8e:ef:87:b2:c2:62:52:e1:1a:29:17:6a:96:99:
c8:4e:d8:32:fe:b8:d1:5c:3b:0a:c2:3c:5f:a1:1e:98:7f:ce:
89:26:21:1f:64:9c:15:7a:9c:ef:fb:1d:85:6a:fa:98:ce:a8:
a9:ab:c3:a2:c0:eb:87:ed:bc:21:df:f3:07:5b:ae:fd:40:d4:
ae:20:d0:76:8a:31:0a:a2:62:7c:61:0d:ce:5d:9a:1e:e4:20:
88:51:49:fb:77:a9:cd:4d:c6:bf:54:99:33:ef:4b:a0:73:70:
6d:2e:d9:3d:08:f6:12:39:31:68:c6:61:5c:41:b5:1b:f4:38:
7d:fc:be:73:66:2d:f7:ca:5b:2c:5b:31:aa:cf:f6:7f:30:e4:
12:2c:8e:d6:38:51:e6:45:ee:d5:da:c3:83:d6:ed:5e:ec:d6:
b6:14:b3:93:59:e1:55:4a:7f:04:df:ce:65:d4:df:18:4f:dd:
b4:45:7f:a6:56:30:c4:05:44:98:9d:4f:26:6d:84:80:a0:5e:
ed:23:d1:48:87:0e:05:06:91:3b:b0:3c:bb:8c:8f:3c:7b:4c:
4f:a1:ca:98
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIJAKrTP6wYCjdNMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe
Fw0yMTAyMTAxOTQ5NTJaFw0yMzExMDcxOTQ5NTJaMIGUMQswCQYDVQQGEwJVUzEQ
MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3
dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D
mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx
i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J
XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc
/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI
/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOCATow
ggE2MB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCByQYDVR0jBIHBMIG+
gBQnjmcRdMMmHT/tM2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rv
b3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CCQCq0z+sGAo3TTAM
BgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAYpjI
WM9WA4ZbG3FJfQUDXeAIhq3bSt6rIpaow1lowTeQQN+9idC82o7vh7LCYlLhGikX
apaZyE7YMv640Vw7CsI8X6EemH/OiSYhH2ScFXqc7/sdhWr6mM6oqavDosDrh+28
Id/zB1uu/UDUriDQdooxCqJifGENzl2aHuQgiFFJ+3epzU3Gv1SZM+9LoHNwbS7Z
PQj2EjkxaMZhXEG1G/Q4ffy+c2Yt98pbLFsxqs/2fzDkEiyO1jhR5kXu1drDg9bt
XuzWthSzk1nhVUp/BN/OZdTfGE/dtEV/plYwxAVEmJ1PJm2EgKBe7SPRSIcOBQaR
O7A8u4yPPHtMT6HKmA==
MIIDBTCCAe2gAwIBAgIULl4zfZuRE9d05aSWLR0w34dfs3cwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAwwHVGVzdCBDQTAeFw0yNDEyMzExMTUwNDFaFw0zNDEyMjkx
MTUwNDFaMBIxEDAOBgNVBAMMB1Rlc3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/LL68R5o9KX1YuLHuIHwP2+xq73UYXL2m+u/BnF5P/KHyVxfD
8F66s8aSjW69qqJw8fjN1qlKIU4nhUmX4gZ1R1/t3XR95G7xTKKx7/j2CoEdJeib
HaISrCh8OmWOoFvyFbHNBRIsOY6C12PLJsumMnMfmcLxO2tILzBkdhkkGprMpIpc
msfccvxW87zyCPW3mszBshSfHBZDbXGhqotFRBd+8seBQrC7c3XJ6S+E74q4sj8u
rWOS0+Pil19bywSPSoU7LXtYbyZ2iw8qH/el1FA4n0nhP7ncic5LmstatmAK9/K4
pF8/h3LzlIPshdYYJNk7VRt3wqv29So3DPvdAgMBAAGjUzBRMB0GA1UdDgQWBBSh
OUVlaN6CwBa6SwiRMFJ/eUm8EjAfBgNVHSMEGDAWgBShOUVlaN6CwBa6SwiRMFJ/
eUm8EjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCTCk4oMreJ
bd6UpZ/GHrHpyEEk+EsdqKpEHqMftTwNtLIHED7B2ZYABhNLiZiCXo5O+jlZiHh+
yLPc6itq1XJ4iTt8J6XAo+Cn6VmmPXejEqM6fqkR5AM0Q6bAdFvAy4xWNSUWPfrN
cQBvBZ71qo4c7en8euizhvbtHmN6YUiqw0aYyVJKt47pvo52PAtPZDHxkwgCWN2M
blPsXBKxVfb5BVeBciXY1FXEjYSUaMT3Jf4UYvC++V57M7nsWhYQH7R/+v8JD+P2
fEhgRPbJwxV8GECJVZ2oFAAGTunZh38Ssiq9J+77Sk5WrWgqzCPjb5MJac7gWXB6
gwRwsJ0pfL+E
-----END CERTIFICATE-----
28 changes: 28 additions & 0 deletions certs/ca-key.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/LL68R5o9KX1Y
uLHuIHwP2+xq73UYXL2m+u/BnF5P/KHyVxfD8F66s8aSjW69qqJw8fjN1qlKIU4n
hUmX4gZ1R1/t3XR95G7xTKKx7/j2CoEdJeibHaISrCh8OmWOoFvyFbHNBRIsOY6C
12PLJsumMnMfmcLxO2tILzBkdhkkGprMpIpcmsfccvxW87zyCPW3mszBshSfHBZD
bXGhqotFRBd+8seBQrC7c3XJ6S+E74q4sj8urWOS0+Pil19bywSPSoU7LXtYbyZ2
iw8qH/el1FA4n0nhP7ncic5LmstatmAK9/K4pF8/h3LzlIPshdYYJNk7VRt3wqv2
9So3DPvdAgMBAAECggEAGrDmmGbu0+c9BuwSe4qxh41O/scb9CDOocebPc7VJBnD
ipA6UzL2Jt7+tGtmsLhoIZjHAgYccKshvEbRtZDrEei7LfyjTQhdrPbkKC+29LMW
v7kRNsb2X+EFbgLBNx6Qd8YrotI4bVBD42SrHCv4duXISPswynlfSx67hOswK2gF
q1XGX/mYMOzBdRSlg0FhAVHsrlBNZqRPFZ3Vmi/cLrPPnE0x/mE/R4fcJ1rZbNr8
ZUkti/oqazaa+A6Vj3iAl1fnamphJhtDuQhuaNX+onMj2fn0M9irut//qc8004j8
LpOAjDeGhwAaXW5uLyq7m1KmFvBj1mT7DpUqw43KiQKBgQDnL9rOwrhaqt7GFlKe
wIt3rPVnebG0EAWrJQ/IalyZK4JLK43camXToEQHLhlhtKJZfSCiS3452kYvCFWG
R07jx3SabdDRMgQqo+sHs4sE17EdpcGaG0wZhuOYUJ+5CgJmgDhHz0sftplxMl9u
Gbzv6gRwlcfYm7zVufGl+py3HwKBgQDTsYHkn8LAKYz7nWboJG1s9JLDHP/hrfvK
eF+ygRHk72X3Er3+EgQK6aHQxyZYtJd3njtOEZR9HPdnHFqlterAe/HuGDy5zeIs
41oLHvFnLo51ExE3pASJdg438bk/yXZDTf0wJrsJ+FIvtTXhH7LxUF1cklhqrasJ
AL4X1B7ZgwKBgBLGFhS4R1RFj/WyFl+B71F2oC8Y+M9QhcVSKyfxSze9CsWj8c82
bLJ0z1Ft8u22R4DQ4neLfeKg0RY8rQVMgSGKLvPjexOh5ii4SvvDHsTz5xQrQ7+J
+/IOvCjAU1gpcex0+R0LvmQC5g8FMi60tF0fOeESqLn0W69XfEIoSdWtAoGBAJVl
oYDiisOozzlHhTdxddQ96lFOZvszGQ5z0z2bvzAtD23FyVXECxxUc4Fu+o4BrR+b
CMl4uK1vQt5+8S4fa3O6RSu96SVLukHplUNh7AXgomLXOQBmfVkxeqlaq1zr5c1r
/bH8s2U+3WmT3llpUJTjHXBWS5XFyH3LC1yvs7HXAoGAeAajAsB26gyw8MahwSF/
QEXbIEYeVEZJoSQ0dCAQzow4NuzmJVpElr3qzT4Znm0Ynky3s2XLRkPWn9b4xeM4
BF6m+d8mh0dgSMh3ptQjTmFDJsctLSWHrdjyRkevbh/bc+Mfq0mj+RzyrYZy5tuU
VETRskwNNvL97fBcWNWzkHM=
-----END PRIVATE KEY-----
Loading