You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
212 lines
11 KiB
212 lines
11 KiB
diff --git a/test/certs/embeddedSCTs1_issuer.pem b/test/certs/embeddedSCTs1_issuer.pem |
|
index 1fa449d5a098..6aa9455f09ed 100644 |
|
--- a/test/certs/embeddedSCTs1_issuer.pem |
|
+++ b/test/certs/embeddedSCTs1_issuer.pem |
|
@@ -1,18 +1,18 @@ |
|
-----BEGIN CERTIFICATE----- |
|
-MIIC0DCCAjmgAwIBAgIBADANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJHQjEk |
|
+MIIC0jCCAjugAwIBAgIBADANBgkqhkiG9w0BAQsFADBVMQswCQYDVQQGEwJHQjEk |
|
MCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENBMQ4wDAYDVQQIEwVX |
|
-YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAeFw0xMjA2MDEwMDAwMDBaFw0yMjA2MDEw |
|
-MDAwMDBaMFUxCzAJBgNVBAYTAkdCMSQwIgYDVQQKExtDZXJ0aWZpY2F0ZSBUcmFu |
|
-c3BhcmVuY3kgQ0ExDjAMBgNVBAgTBVdhbGVzMRAwDgYDVQQHEwdFcncgV2VuMIGf |
|
-MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVimhTYhCicRmTbneDIRgcKkATxtB7 |
|
-jHbrkVfT0PtLO1FuzsvRyY2RxS90P6tjXVUJnNE6uvMa5UFEJFGnTHgW8iQ8+EjP |
|
-KDHM5nugSlojgZ88ujfmJNnDvbKZuDnd/iYx0ss6hPx7srXFL8/BT/9Ab1zURmnL |
|
-svfP34b7arnRsQIDAQABo4GvMIGsMB0GA1UdDgQWBBRfnYgNyHPmVNT4DdjmsMEk |
|
-tEfDVTB9BgNVHSMEdjB0gBRfnYgNyHPmVNT4DdjmsMEktEfDVaFZpFcwVTELMAkG |
|
-A1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRyYW5zcGFyZW5jeSBDQTEO |
|
-MAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW6CAQAwDAYDVR0TBAUwAwEB |
|
-/zANBgkqhkiG9w0BAQUFAAOBgQAGCMxKbWTyIF4UbASydvkrDvqUpdryOvw4BmBt |
|
-OZDQoeojPUApV2lGOwRmYef6HReZFSCa6i4Kd1F2QRIn18ADB8dHDmFYT9czQiRy |
|
-f1HWkLxHqd81TbD26yWVXeGJPE3VICskovPkQNJ0tU4b03YmnKliibduyqQQkOFP |
|
-OwqULg== |
|
+YWxlczEQMA4GA1UEBxMHRXJ3IFdlbjAgFw0yMjA2MDExMDM4MDJaGA8yMTIyMDUw |
|
+ODEwMzgwMlowVTELMAkGA1UEBhMCR0IxJDAiBgNVBAoTG0NlcnRpZmljYXRlIFRy |
|
+YW5zcGFyZW5jeSBDQTEOMAwGA1UECBMFV2FsZXMxEDAOBgNVBAcTB0VydyBXZW4w |
|
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANWKaFNiEKJxGZNud4MhGBwqQBPG |
|
+0HuMduuRV9PQ+0s7UW7Oy9HJjZHFL3Q/q2NdVQmc0Tq68xrlQUQkUadMeBbyJDz4 |
|
+SM8oMczme6BKWiOBnzy6N+Yk2cO9spm4Od3+JjHSyzqE/HuytcUvz8FP/0BvXNRG |
|
+acuy98/fhvtqudGxAgMBAAGjga8wgawwHQYDVR0OBBYEFF+diA3Ic+ZU1PgN2Oaw |
|
+wSS0R8NVMH0GA1UdIwR2MHSAFF+diA3Ic+ZU1PgN2OawwSS0R8NVoVmkVzBVMQsw |
|
+CQYDVQQGEwJHQjEkMCIGA1UEChMbQ2VydGlmaWNhdGUgVHJhbnNwYXJlbmN5IENB |
|
+MQ4wDAYDVQQIEwVXYWxlczEQMA4GA1UEBxMHRXJ3IFdlboIBADAMBgNVHRMEBTAD |
|
+AQH/MA0GCSqGSIb3DQEBCwUAA4GBAD0aYh9OkFYfXV7kBfhrtD0PJG2U47OV/1qq |
|
++uFpqB0S1WO06eJT0pzYf1ebUcxjBkajbJZm/FHT85VthZ1lFHsky87aFD8XlJCo |
|
+2IOhKOkvvWKPUdFLoO/ZVXqEVKkcsS1eXK1glFvb07eJZya3JVG0KdMhV2YoDg6c |
|
+Doud4XrO |
|
-----END CERTIFICATE----- |
|
diff --git a/test/certs/sm2-ca-cert.pem b/test/certs/sm2-ca-cert.pem |
|
index 5677ac6c9f6a..70ce71e43091 100644 |
|
--- a/test/certs/sm2-ca-cert.pem |
|
+++ b/test/certs/sm2-ca-cert.pem |
|
@@ -1,14 +1,14 @@ |
|
-----BEGIN CERTIFICATE----- |
|
-MIICJDCCAcqgAwIBAgIJAOlkpDpSrmVbMAoGCCqBHM9VAYN1MGgxCzAJBgNVBAYT |
|
+MIICJzCCAcygAwIBAgIJAOlkpDpSrmVbMAoGCCqBHM9VAYN1MGgxCzAJBgNVBAYT |
|
AkNOMQswCQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRl |
|
-c3QgT3JnMRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTAe |
|
-Fw0xOTAyMTkwNzA1NDhaFw0yMzAzMzAwNzA1NDhaMGgxCzAJBgNVBAYTAkNOMQsw |
|
-CQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRlc3QgT3Jn |
|
-MRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTBZMBMGByqG |
|
-SM49AgEGCCqBHM9VAYItA0IABHRYnqErofBdXPptvvO7+BSVJxcpHuTGnZ+UPrbU |
|
-5kVEUMaUnNOeMJZl/vRGimZCm/AkReJmRfnb15ESHR+ssp6jXTBbMB0GA1UdDgQW |
|
-BBTFjcWu/zJgSZ5SKUlU5Vx4/0W5dDAfBgNVHSMEGDAWgBTFjcWu/zJgSZ5SKUlU |
|
-5Vx4/0W5dDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqgRzPVQGDdQNI |
|
-ADBFAiEAs6byi1nSQtFELOw/2tQIv5AEsZFR5MJ/oB2ztXzs2LYCIEfIw4xlUH6X |
|
-YFhs4RnIa0K9Ng1ebsGPrifYkudwBIk3 |
|
+c3QgT3JnMRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTAg |
|
+Fw0yMjA2MDIxNTQ5MzlaGA8yMTIyMDUwOTE1NDkzOVowaDELMAkGA1UEBhMCQ04x |
|
+CzAJBgNVBAgMAkxOMREwDwYDVQQHDAhTaGVueWFuZzERMA8GA1UECgwIVGVzdCBP |
|
+cmcxEDAOBgNVBAsMB1Rlc3QgT1UxFDASBgNVBAMMC1Rlc3QgU00yIENBMFkwEwYH |
|
+KoZIzj0CAQYIKoEcz1UBgi0DQgAEdFieoSuh8F1c+m2+87v4FJUnFyke5Madn5Q+ |
|
+ttTmRURQxpSc054wlmX+9EaKZkKb8CRF4mZF+dvXkRIdH6yynqNdMFswHQYDVR0O |
|
+BBYEFMWNxa7/MmBJnlIpSVTlXHj/Rbl0MB8GA1UdIwQYMBaAFMWNxa7/MmBJnlIp |
|
+SVTlXHj/Rbl0MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqBHM9VAYN1 |
|
+A0kAMEYCIQC3c2TkO6Lyxt5GNZqoZNuMEphjL9K7W1TsX6mHzlhHDwIhAICXy2XC |
|
+WsTzdrMZUXLtrDDFOq+3FaD4pe1HP2LZFNpu |
|
-----END CERTIFICATE----- |
|
diff --git a/test/certs/sm2-root.crt b/test/certs/sm2-root.crt |
|
index 5677ac6c9f6a..70ce71e43091 100644 |
|
--- a/test/certs/sm2-root.crt |
|
+++ b/test/certs/sm2-root.crt |
|
@@ -1,14 +1,14 @@ |
|
-----BEGIN CERTIFICATE----- |
|
-MIICJDCCAcqgAwIBAgIJAOlkpDpSrmVbMAoGCCqBHM9VAYN1MGgxCzAJBgNVBAYT |
|
+MIICJzCCAcygAwIBAgIJAOlkpDpSrmVbMAoGCCqBHM9VAYN1MGgxCzAJBgNVBAYT |
|
AkNOMQswCQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRl |
|
-c3QgT3JnMRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTAe |
|
-Fw0xOTAyMTkwNzA1NDhaFw0yMzAzMzAwNzA1NDhaMGgxCzAJBgNVBAYTAkNOMQsw |
|
-CQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRlc3QgT3Jn |
|
-MRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTBZMBMGByqG |
|
-SM49AgEGCCqBHM9VAYItA0IABHRYnqErofBdXPptvvO7+BSVJxcpHuTGnZ+UPrbU |
|
-5kVEUMaUnNOeMJZl/vRGimZCm/AkReJmRfnb15ESHR+ssp6jXTBbMB0GA1UdDgQW |
|
-BBTFjcWu/zJgSZ5SKUlU5Vx4/0W5dDAfBgNVHSMEGDAWgBTFjcWu/zJgSZ5SKUlU |
|
-5Vx4/0W5dDAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqgRzPVQGDdQNI |
|
-ADBFAiEAs6byi1nSQtFELOw/2tQIv5AEsZFR5MJ/oB2ztXzs2LYCIEfIw4xlUH6X |
|
-YFhs4RnIa0K9Ng1ebsGPrifYkudwBIk3 |
|
+c3QgT3JnMRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTAg |
|
+Fw0yMjA2MDIxNTQ5MzlaGA8yMTIyMDUwOTE1NDkzOVowaDELMAkGA1UEBhMCQ04x |
|
+CzAJBgNVBAgMAkxOMREwDwYDVQQHDAhTaGVueWFuZzERMA8GA1UECgwIVGVzdCBP |
|
+cmcxEDAOBgNVBAsMB1Rlc3QgT1UxFDASBgNVBAMMC1Rlc3QgU00yIENBMFkwEwYH |
|
+KoZIzj0CAQYIKoEcz1UBgi0DQgAEdFieoSuh8F1c+m2+87v4FJUnFyke5Madn5Q+ |
|
+ttTmRURQxpSc054wlmX+9EaKZkKb8CRF4mZF+dvXkRIdH6yynqNdMFswHQYDVR0O |
|
+BBYEFMWNxa7/MmBJnlIpSVTlXHj/Rbl0MB8GA1UdIwQYMBaAFMWNxa7/MmBJnlIp |
|
+SVTlXHj/Rbl0MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAoGCCqBHM9VAYN1 |
|
+A0kAMEYCIQC3c2TkO6Lyxt5GNZqoZNuMEphjL9K7W1TsX6mHzlhHDwIhAICXy2XC |
|
+WsTzdrMZUXLtrDDFOq+3FaD4pe1HP2LZFNpu |
|
-----END CERTIFICATE----- |
|
diff --git a/test/certs/sm2.pem b/test/certs/sm2.pem |
|
index 189abb137625..daf12926aff9 100644 |
|
--- a/test/certs/sm2.pem |
|
+++ b/test/certs/sm2.pem |
|
@@ -1,13 +1,14 @@ |
|
-----BEGIN CERTIFICATE----- |
|
-MIIB6DCCAY6gAwIBAgIJAKH2BR6ITHZeMAoGCCqBHM9VAYN1MGgxCzAJBgNVBAYT |
|
-AkNOMQswCQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRl |
|
-c3QgT3JnMRAwDgYDVQQLDAdUZXN0IE9VMRQwEgYDVQQDDAtUZXN0IFNNMiBDQTAe |
|
-Fw0xOTAyMTkwNzA1NDhaFw0yMzAzMzAwNzA1NDhaMG8xCzAJBgNVBAYTAkNOMQsw |
|
-CQYDVQQIDAJMTjERMA8GA1UEBwwIU2hlbnlhbmcxETAPBgNVBAoMCFRlc3QgT3Jn |
|
-MRAwDgYDVQQLDAdUZXN0IE9VMRswGQYDVQQDDBJUZXN0IFNNMiBTaWduIENlcnQw |
|
-WTATBgcqhkjOPQIBBggqgRzPVQGCLQNCAAQwqeNkWp7fiu1KZnuDkAucpM8piEzE |
|
-TL1ymrcrOBvv8mhNNkeb20asbWgFQI2zOrSM99/sXGn9rM2/usM/MlcaoxowGDAJ |
|
-BgNVHRMEAjAAMAsGA1UdDwQEAwIGwDAKBggqgRzPVQGDdQNIADBFAiEA9edBnAqT |
|
-TNuGIUIvXsj6/nP+AzXA9HGtAIY4nrqW8LkCIHyZzhRTlxYtgfqkDl0OK5QQRCZH |
|
-OZOfmtx613VyzXwc |
|
+MIICNDCCAdugAwIBAgIUOMbsiFLCy2BCPtfHQSdG4R1+3BowCgYIKoEcz1UBg3Uw |
|
+aDELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkxOMREwDwYDVQQHDAhTaGVueWFuZzER |
|
+MA8GA1UECgwIVGVzdCBPcmcxEDAOBgNVBAsMB1Rlc3QgT1UxFDASBgNVBAMMC1Rl |
|
+c3QgU00yIENBMCAXDTIyMDYwMjE1NTU0OFoYDzIxMjIwNTA5MTU1NTQ4WjBvMQsw |
|
+CQYDVQQGEwJDTjELMAkGA1UECAwCTE4xETAPBgNVBAcMCFNoZW55YW5nMREwDwYD |
|
+VQQKDAhUZXN0IE9yZzEQMA4GA1UECwwHVGVzdCBPVTEbMBkGA1UEAwwSVGVzdCBT |
|
+TTIgU2lnbiBDZXJ0MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEMKnjZFqe34rt |
|
+SmZ7g5ALnKTPKYhMxEy9cpq3Kzgb7/JoTTZHm9tGrG1oBUCNszq0jPff7Fxp/azN |
|
+v7rDPzJXGqNaMFgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBsAwHQYDVR0OBBYEFNPl |
|
+u8JjXkhQPiJ5bYrrq+voqBUlMB8GA1UdIwQYMBaAFMWNxa7/MmBJnlIpSVTlXHj/ |
|
+Rbl0MAoGCCqBHM9VAYN1A0cAMEQCIG3gG1D7T7ltn6Gz1UksBZahgBE6jmkQ9Sp9 |
|
+/3aY5trlAiB5adxiK0avV0LEKfbzTdff9skoZpd7vje1QTW0l0HaGg== |
|
-----END CERTIFICATE----- |
|
diff --git a/test/smime-certs/mksmime-certs.sh b/test/smime-certs/mksmime-certs.sh |
|
index 12e8a7305402..109b9c4abc28 100644 |
|
--- a/test/smime-certs/mksmime-certs.sh |
|
+++ b/test/smime-certs/mksmime-certs.sh |
|
@@ -15,23 +15,23 @@ export OPENSSL_CONF |
|
|
|
# Root CA: create certificate directly |
|
CN="Test S/MIME RSA Root" $OPENSSL req -config ca.cnf -x509 -noenc \ |
|
- -keyout smroot.pem -out smroot.pem -newkey rsa:2048 -days 3650 |
|
+ -keyout smroot.pem -out smroot.pem -newkey rsa:2048 -days 36501 |
|
|
|
# EE RSA certificates: create request first |
|
CN="Test S/MIME EE RSA #1" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smrsa1.pem -out req.pem -newkey rsa:2048 |
|
# Sign request: end entity extensions |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smrsa1.pem |
|
|
|
CN="Test S/MIME EE RSA #2" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smrsa2.pem -out req.pem -newkey rsa:2048 |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smrsa2.pem |
|
|
|
CN="Test S/MIME EE RSA #3" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smrsa3.pem -out req.pem -newkey rsa:2048 |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smrsa3.pem |
|
|
|
# Create DSA parameters |
|
@@ -40,15 +40,15 @@ $OPENSSL dsaparam -out dsap.pem 2048 |
|
|
|
CN="Test S/MIME EE DSA #1" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smdsa1.pem -out req.pem -newkey dsa:dsap.pem |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdsa1.pem |
|
CN="Test S/MIME EE DSA #2" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smdsa2.pem -out req.pem -newkey dsa:dsap.pem |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdsa2.pem |
|
CN="Test S/MIME EE DSA #3" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smdsa3.pem -out req.pem -newkey dsa:dsap.pem |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdsa3.pem |
|
|
|
# Create EC parameters |
|
@@ -58,16 +58,17 @@ $OPENSSL ecparam -out ecp2.pem -name K-283 |
|
|
|
CN="Test S/MIME EE EC #1" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smec1.pem -out req.pem -newkey ec:ecp.pem |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smec1.pem |
|
CN="Test S/MIME EE EC #2" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smec2.pem -out req.pem -newkey ec:ecp2.pem |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smec2.pem |
|
-CN="Test S/MIME EE EC #3" $OPENSSL req -config ca.cnf -noenc \ |
|
- -keyout smec3.pem -out req.pem -newkey ec:ecp.pem |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
- -extfile ca.cnf -extensions usr_cert -CAcreateserial >>smec3.pem |
|
+# Do not renew this cert as it is used for legacy data decrypt test |
|
+#CN="Test S/MIME EE EC #3" $OPENSSL req -config ca.cnf -noenc \ |
|
+# -keyout smec3.pem -out req.pem -newkey ec:ecp.pem |
|
+#$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
+# -extfile ca.cnf -extensions usr_cert -CAcreateserial >>smec3.pem |
|
# Create X9.42 DH parameters. |
|
$OPENSSL genpkey -genparam -algorithm DHX -out dhp.pem |
|
# Generate X9.42 DH key. |
|
@@ -77,7 +78,7 @@ $OPENSSL pkey -pubout -in smdh.pem -out dhpub.pem |
|
CN="Test S/MIME EE DH #1" $OPENSSL req -config ca.cnf -noenc \ |
|
-keyout smtmp.pem -out req.pem -newkey rsa:2048 |
|
# Sign request but force public key to DH |
|
-$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \ |
|
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 36500 \ |
|
-force_pubkey dhpub.pem \ |
|
-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdh.pem |
|
# Remove temp files.
|
|
|