summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--extra/yassl/README23
-rw-r--r--extra/yassl/certs/ca-cert.pem115
-rw-r--r--extra/yassl/certs/ca-key.pem32
-rw-r--r--extra/yassl/certs/client-cert.pem106
-rw-r--r--extra/yassl/certs/client-key.pem32
-rw-r--r--extra/yassl/certs/client-keyEnc.pem32
-rw-r--r--extra/yassl/certs/dsa-cert.pem88
-rw-r--r--extra/yassl/certs/server-cert.pem178
-rw-r--r--extra/yassl/certs/server-key.pem32
-rw-r--r--extra/yassl/certs/server-keyEnc.pem32
-rw-r--r--extra/yassl/include/cert_wrapper.hpp7
-rw-r--r--extra/yassl/include/openssl/ssl.h4
-rw-r--r--extra/yassl/src/cert_wrapper.cpp14
-rw-r--r--extra/yassl/src/handshake.cpp4
-rw-r--r--extra/yassl/src/yassl_imp.cpp38
-rw-r--r--extra/yassl/taocrypt/test/test.cpp14
16 files changed, 514 insertions, 237 deletions
diff --git a/extra/yassl/README b/extra/yassl/README
index 24bdf32f989..b9746aff708 100644
--- a/extra/yassl/README
+++ b/extra/yassl/README
@@ -12,7 +12,28 @@ before calling SSL_new();
*** end Note ***
-yaSSL Release notes, version 2.2.2 (7/5/2012)
+yaSSL Release notes, version 2.2.3b (4/23/2013)
+
+ This release of yaSSL updates the test certificates as they were expired
+
+See normal build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0 and note in 1.5.8.
+
+
+*****************yaSSL Release notes, version 2.2.2d (2/5/2013)
+
+ This release of yaSSL contains countermeasuers for the Lucky 13 TLS 1.1
+ CBC timing padding attack identified by Nadhem AlFardan and Kenneth Paterson
+ see: http://www.isg.rhul.ac.uk/tls/
+
+ It also adds SHA2 certificate verification and better checks for malicious
+ input.
+
+See normal build instructions below under 1.0.6.
+See libcurl build instructions below under 1.3.0 and note in 1.5.8.
+
+
+*****************yaSSL Release notes, version 2.2.2 (7/5/2012)
This release of yaSSL contains bug fixes and more security checks around
malicious certificates.
diff --git a/extra/yassl/certs/ca-cert.pem b/extra/yassl/certs/ca-cert.pem
index 6a0cf898e53..b2dc6ae6ee3 100644
--- a/extra/yassl/certs/ca-cert.pem
+++ b/extra/yassl/certs/ca-cert.pem
@@ -1,56 +1,87 @@
+-----BEGIN CERTIFICATE-----
+MIIEnjCCA4agAwIBAgIJAOnQp195JfQ8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
+A1UEChMIU2F3dG9vdGgxEzARBgNVBAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3
+dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTEx
+MTAyNDE4MTgxNVoXDTE0MDcyMDE4MTgxNVowgZAxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290
+aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC/DMotFLIehEJbzTgfSvJNdRDxtjWf38p9A5jTrN4DZu4q
+8diwfW4HVAsQmCFNgMsSIOfMT95FfclydzLqypC7aVIQAy+o85XF8YtiVhvvZ2+k
+EEGVrQqb46XAsNJwdlAwW6joCCx87aeieo04KRysx+3yfJWwlYJ9SVw4zXcl772A
+dVOUPD3KY1ufFbXTHRMvGdE823Y6zLh9yeXC19pAb9gh3HMbQi1TnP4a/H2rejY/
+mN6EfAVnzmoUOIep8Yy1aMtof3EgK/WgY/VWL6Mm0rdvsVoX1ziZCP6TWG/+wxNJ
+CBYLp01nAFIxZyNOmO1RRR25BNkL7Ngos0u97TZ5AgMBAAGjgfgwgfUwHQYDVR0O
+BBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHFBgNVHSMEgb0wgbqAFCeOZxF0wyYd
+P+0zY7Ok2B0w5ejVoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHTW9u
+dGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8GA1UEChMIU2F3dG9vdGgxEzARBgNV
+BAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG
+9w0BCQEWDmluZm9AeWFzc2wuY29tggkA6dCnX3kl9DwwDAYDVR0TBAUwAwEB/zAN
+BgkqhkiG9w0BAQUFAAOCAQEAX4YU9FGLvKVOMNperJr4bNkmS5P54xyJb57us513
+PokgdqPm6IYVIdviM7I01dCf88Gkh5Jc+dH/MC+OA7yzPAwyo5BfGpAer53zntcH
+Aql9J2ZjL68Y16wYmIyDjzjzC6w2EHX7ynYTUFsCj3O/46Dug1IlVM4mzpy9L3mr
+G2C4kvEDwPw7CNnArdVyCCWAYS3cn6eDYgdH4AdMSwcwBKmHHFV/BxLQy0Jdy89m
+ARoX7vkPYLfbb2jlTkFibtNvYE9LJ97PGAfxE13LP6klRNpSXMgE4VYS9SqQTtHi
+rwG1I6HsMdp7Y2nEuPPnzqE9wNtt87LZRsifw7hwWh9/yg==
+-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 8a:37:22:65:73:f5:aa:e8
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ e9:d0:a7:5f:79:25:f4:3c
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
Validity
- Not Before: Jun 30 18:47:10 2010 GMT
- Not After : Mar 26 18:47:10 2013 GMT
- Subject: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ Not Before: Oct 24 18:18:15 2011 GMT
+ Not After : Jul 20 18:18:15 2014 GMT
+ Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:97:30:b9:1a:92:ef:25:4f:ca:4c:11:31:95:1a:
- e1:c0:10:19:0a:20:b9:37:80:1a:57:38:02:4e:1b:
- c5:0f:28:4f:da:e3:c9:16:aa:50:bd:4a:fb:b7:71:
- c7:35:cc:63:81:c1:dd:9d:33:f9:38:16:88:32:a0:
- aa:56:23:03:a3
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
+ f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
+ de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
+ 21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
+ 32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
+ 8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
+ a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
+ a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
+ 82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
+ 3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
+ 76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
+ 73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
+ de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
+ cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
+ b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
+ 13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
+ ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
+ 36:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
+ 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
X509v3 Authority Key Identifier:
- keyid:3B:66:FD:A0:40:C6:F4:E2:70:CF:21:1A:0C:4F:67:FE:B7:4B:42:09
- DirName:/C=US/ST=Montana/L=Bozeman/O=sawtooth/OU=consulting/CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
- serial:8A:37:22:65:73:F5:AA:E8
+ keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+ DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
+ serial:E9:D0:A7:5F:79:25:F4:3C
X509v3 Basic Constraints:
CA:TRUE
- Signature Algorithm: md5WithRSAEncryption
- 32:65:a2:b1:dc:6d:e0:8d:8b:c8:58:29:8e:b8:18:4b:62:88:
- 13:67:f8:6c:75:46:75:8f:8a:19:a6:a3:d5:3c:fc:57:4e:7a:
- 68:a9:fc:93:dc:ae:29:7d:bb:4e:ec:ea:55:fa:a4:e3:00:61:
- f4:b0:34:6d:d1:d5:a4:64:24:f8
------BEGIN CERTIFICATE-----
-MIIDQDCCAuqgAwIBAgIJAIo3ImVz9aroMA0GCSqGSIb3DQEBBAUAMIGeMQswCQYD
-VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
-A1UEChMIc2F3dG9vdGgxEzARBgNVBAsTCmNvbnN1bHRpbmcxJDAiBgNVBAMTG3d3
-dy5zYXd0b290aC1jb25zdWx0aW5nLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5
-YXNzbC5jb20wHhcNMTAwNjMwMTg0NzEwWhcNMTMwMzI2MTg0NzEwWjCBnjELMAkG
-A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
-BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
-d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
-eWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJcwuRqS7yVPykwRMZUa
-4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaqUL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYj
-A6MCAwEAAaOCAQcwggEDMB0GA1UdDgQWBBQ7Zv2gQMb04nDPIRoMT2f+t0tCCTCB
-0wYDVR0jBIHLMIHIgBQ7Zv2gQMb04nDPIRoMT2f+t0tCCaGBpKSBoTCBnjELMAkG
-A1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAP
-BgNVBAoTCHNhd3Rvb3RoMRMwEQYDVQQLEwpjb25zdWx0aW5nMSQwIgYDVQQDExt3
-d3cuc2F3dG9vdGgtY29uc3VsdGluZy5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9A
-eWFzc2wuY29tggkAijciZXP1qugwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQF
-AANBADJlorHcbeCNi8hYKY64GEtiiBNn+Gx1RnWPihmmo9U8/FdOemip/JPcril9
-u07s6lX6pOMAYfSwNG3R1aRkJPg=
------END CERTIFICATE-----
+ Signature Algorithm: sha1WithRSAEncryption
+ 5f:86:14:f4:51:8b:bc:a5:4e:30:da:5e:ac:9a:f8:6c:d9:26:
+ 4b:93:f9:e3:1c:89:6f:9e:ee:b3:9d:77:3e:89:20:76:a3:e6:
+ e8:86:15:21:db:e2:33:b2:34:d5:d0:9f:f3:c1:a4:87:92:5c:
+ f9:d1:ff:30:2f:8e:03:bc:b3:3c:0c:32:a3:90:5f:1a:90:1e:
+ af:9d:f3:9e:d7:07:02:a9:7d:27:66:63:2f:af:18:d7:ac:18:
+ 98:8c:83:8f:38:f3:0b:ac:36:10:75:fb:ca:76:13:50:5b:02:
+ 8f:73:bf:e3:a0:ee:83:52:25:54:ce:26:ce:9c:bd:2f:79:ab:
+ 1b:60:b8:92:f1:03:c0:fc:3b:08:d9:c0:ad:d5:72:08:25:80:
+ 61:2d:dc:9f:a7:83:62:07:47:e0:07:4c:4b:07:30:04:a9:87:
+ 1c:55:7f:07:12:d0:cb:42:5d:cb:cf:66:01:1a:17:ee:f9:0f:
+ 60:b7:db:6f:68:e5:4e:41:62:6e:d3:6f:60:4f:4b:27:de:cf:
+ 18:07:f1:13:5d:cb:3f:a9:25:44:da:52:5c:c8:04:e1:56:12:
+ f5:2a:90:4e:d1:e2:af:01:b5:23:a1:ec:31:da:7b:63:69:c4:
+ b8:f3:e7:ce:a1:3d:c0:db:6d:f3:b2:d9:46:c8:9f:c3:b8:70:
+ 5a:1f:7f:ca
diff --git a/extra/yassl/certs/ca-key.pem b/extra/yassl/certs/ca-key.pem
index 45d7b149857..774feba0548 100644
--- a/extra/yassl/certs/ca-key.pem
+++ b/extra/yassl/certs/ca-key.pem
@@ -1,9 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIBOQIBAAJBAJcwuRqS7yVPykwRMZUa4cAQGQoguTeAGlc4Ak4bxQ8oT9rjyRaq
-UL1K+7dxxzXMY4HB3Z0z+TgWiDKgqlYjA6MCAwEAAQJAEQ9TY7c+uuQU/J5YDO4a
-mRR37tegbq3Kyxqrz+p8QuhqLDtVh13GaF7rVU70vyNHm+cgihUyzho/PViAkPBo
-qQIhAMU8/RDhDLgL5BxID4sxKIVBtg+imFSbyKVyg7oQLUcXAiEAxDu94O45Cf4a
-np9R0thumY/QqWpCkycWAB7fFEuaf1UCIEH+bg4/vqm2ENUFp23DPPOZUPlaRe3J
-UhFJh5mx3/RxAiBq++8vfHFYg1Lb/BxOCXVy/zdRxf753ytdcXdJx1Y56QIgVgpN
-FNfYJofQfWaP96sjlc0usrT28uceHx0QmHqolVc=
+MIIEpAIBAAKCAQEAvwzKLRSyHoRCW804H0ryTXUQ8bY1n9/KfQOY06zeA2buKvHY
+sH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQu2lSEAMvqPOVxfGLYlYb72dvpBBB
+la0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkcrMft8nyVsJWCfUlcOM13Je+9gHVT
+lDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfaQG/YIdxzG0ItU5z+Gvx9q3o2P5je
+hHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+jJtK3b7FaF9c4mQj+k1hv/sMTSQgW
+C6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02eQIDAQABAoIBAD1uTmAahH+dhXzh
+Swd84NaZKt6d+TY0DncOPgjqT+UGJtT2OPffDQ8cLgai9CponGNy4zXmBJGRtcGx
+pFSs18b7QaDWdW+9C06/sVLoX0kmmFZHx97p6jxgAb8o3DG/SV+TSYd6gVuWS03K
+XDhPt+Gy08ch2jwShwfkG9xD7OjsVGHn9u2mCy7134J/xh9hGZykgznfIYWJb3ev
+hhUyCKJaCyZh+3AMypw4fbwi7uujqBYA+YqAHgCEqEpB+IQDZy8jWy+baybDBzSU
+owM7ctWfcuCtzDSrvcfV9SYwhQ8wIzlS/zzLmSFNiKWr7mK5x+C7R4fBac9z8zC+
+zjkEnOUCgYEA4XZFgFm200nfCu8S1g/wt8sqN7+n+LVN9TE1reSjlKHb8ZattQVk
+hYP8G1spqr74Jj92fq0c8MvXJrQbBY5Whn4IYiHBhtZHeT63XaTGOtexdCD2UJdB
+BFPtPybWb5H6aCbsKtya8efc+3PweUMbIaNZBGNSB8nX5tEbXV6W+lMCgYEA2O1O
+ZGFrkQxhAbUPu0RnUx7cB8Qkfp5shCORDOQSBBZNeJjMlj0gTg9Fmrb4s5MNsqIb
+KfImecjF0nh+XnPy13Bhu0DOYQX+aR6CKeYUuKHnltAjPwWTAPLhTX7tt5Zs9/Dk
+0c8BmE/cdFSqbV5aQTH+/5q2oAXdqRBU+GvQqoMCgYAh0wSKROtQt3xmv4cr5ihO
+6oPi6TXh8hFH/6H1/J8t5TqB/AEDb1OtVCe2Uu7lVtETq+GzD3WQCoS0ocCMDNae
+RrorPrUx7WO7pNUNj3LN0R4mNeu+G3L9mzm0h7cT9eqDRZOYuo/kSsy0TKh/CLpB
+SahJKD1ePcHONwDL+SzdUQKBgQChV58+udavg22DP4/70NyozgMJI7GhG2PKxElW
+NSvRLmVglQVVmRE1/dXfRMeliHJfsoJRqHFFkzbPXB9hUQwFgOivxXu6XiLjPHXD
+hAVVbdY6LYSJkzPLONqqMQXNzmwt3VXTVwvwpTVqsK4xukOWygDHS+MZEkPTQvpv
+6oDA0QKBgQC524kgNCdwYjTqXyViEvOdgb9I7poOwY0Q/2WanS0aipRayMClpYRh
+ntQkue+pncl3C8dwZj26yFTf0jPh9X/5J2G+V0Xdt0UXJPUj5DgOkSfu4yDYFMiU
+R3dAd0UYng3OeT9XMVYJSWe+lFhP9sSr4onj44rABVUsJMBKlwQnmg==
-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/client-cert.pem b/extra/yassl/certs/client-cert.pem
index 7acc9a850d5..278b43fe65c 100644
--- a/extra/yassl/certs/client-cert.pem
+++ b/extra/yassl/certs/client-cert.pem
@@ -2,54 +2,86 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- c5:d7:6c:11:36:f0:35:e1
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=programming, CN=www.yassl.com/emailAddress=info@yassl.com
+ 87:4a:75:be:91:66:d8:3d
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com
Validity
- Not Before: Jun 30 18:39:39 2010 GMT
- Not After : Mar 26 18:39:40 2013 GMT
- Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=programming, CN=www.yassl.com/emailAddress=info@yassl.com
+ Not Before: Oct 24 18:21:55 2011 GMT
+ Not After : Jul 20 18:21:55 2014 GMT
+ Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:bd:51:4a:14:fd:6a:19:84:0c:33:38:fc:27:32:
- 9c:97:0b:fc:a4:18:60:69:4e:d9:d8:78:50:0b:e9:
- 20:5d:d6:1d:70:1c:0c:24:9f:23:82:cc:3a:01:d5:
- 97:17:b2:73:6c:86:cf:b5:f1:e5:ce:68:0c:d9:a2:
- 12:39:7c:f2:53
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
+ 2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
+ 32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d:
+ 68:a2:8b:67:bb:a1:75:c8:36:2c:4a:d2:1b:f7:8b:
+ ba:cf:0d:f9:ef:ec:f1:81:1e:7b:9b:03:47:9a:bf:
+ 65:cc:7f:65:24:69:a6:e8:14:89:5b:e4:34:f7:c5:
+ b0:14:93:f5:67:7b:3a:7a:78:e1:01:56:56:91:a6:
+ 13:42:8d:d2:3c:40:9c:4c:ef:d1:86:df:37:51:1b:
+ 0c:a1:3b:f5:f1:a3:4a:35:e4:e1:ce:96:df:1b:7e:
+ bf:4e:97:d0:10:e8:a8:08:30:81:af:20:0b:43:14:
+ c5:74:67:b4:32:82:6f:8d:86:c2:88:40:99:36:83:
+ ba:1e:40:72:22:17:d7:52:65:24:73:b0:ce:ef:19:
+ cd:ae:ff:78:6c:7b:c0:12:03:d4:4e:72:0d:50:6d:
+ 3b:a3:3b:a3:99:5e:9d:c8:d9:0c:85:b3:d9:8a:d9:
+ 54:26:db:6d:fa:ac:bb:ff:25:4c:c4:d1:79:f4:71:
+ d3:86:40:18:13:b0:63:b5:72:4e:30:c4:97:84:86:
+ 2d:56:2f:d7:15:f7:7f:c0:ae:f5:fc:5b:e5:fb:a1:
+ ba:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 5C:F7:29:21:69:7A:09:78:9E:7B:CD:53:42:02:EC:CE:29:0D:11:DF
+ 33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
X509v3 Authority Key Identifier:
- keyid:5C:F7:29:21:69:7A:09:78:9E:7B:CD:53:42:02:EC:CE:29:0D:11:DF
- DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=programming/CN=www.yassl.com/emailAddress=info@yassl.com
- serial:C5:D7:6C:11:36:F0:35:E1
+ keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
+ DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com
+ serial:87:4A:75:BE:91:66:D8:3D
X509v3 Basic Constraints:
CA:TRUE
- Signature Algorithm: md5WithRSAEncryption
- b4:a5:f1:71:26:4d:b9:ff:54:f3:09:1f:ac:e1:19:59:e5:ec:
- 57:e3:f1:0b:b2:8f:f3:29:eb:6b:c6:fa:27:33:3e:91:d0:77:
- 43:c9:ce:1e:0f:71:07:a9:f7:26:e0:7e:ff:30:7d:52:0a:e1:
- 80:48:46:bb:99:e9:d9:77:ce:75
+ Signature Algorithm: sha1WithRSAEncryption
+ 1c:7c:42:81:29:9e:21:cf:d0:d8:c1:54:6f:cc:ae:14:09:38:
+ ff:68:98:9a:95:53:76:18:7b:e6:30:76:ec:28:0d:75:a7:de:
+ e0:cd:8e:d5:55:23:6a:47:2b:4e:8d:fc:7d:06:a3:d8:0f:ad:
+ 5e:d6:04:c9:00:33:fb:77:27:d3:b5:03:b3:7b:21:74:31:0b:
+ 4a:af:2d:1a:b3:93:8e:cc:f3:5f:3d:90:3f:cc:e3:55:19:91:
+ 7b:78:24:2e:4a:09:bb:18:4e:61:2d:9c:c6:0a:a0:34:91:88:
+ 70:6b:3b:48:47:bc:79:94:a2:a0:4d:32:47:54:c2:a3:dc:2e:
+ d2:51:4c:29:39:11:ff:e2:15:5e:58:97:36:f6:e9:06:06:86:
+ 0e:8d:9d:95:03:72:b2:8b:19:7c:e9:14:6e:a1:88:73:68:58:
+ 6d:71:5e:c2:d5:d3:13:d2:5f:de:ea:03:be:e2:00:40:e5:ce:
+ fd:e6:92:31:57:c3:eb:bb:66:ac:cb:2f:1a:fa:e0:62:a2:47:
+ f4:93:43:2a:4b:6c:5e:0a:2f:f9:e7:e6:4a:63:86:b0:ac:2a:
+ a1:eb:b4:5b:67:cd:32:e4:b6:11:4b:9a:72:66:0d:a2:4a:76:
+ 8f:fe:22:bc:83:fd:db:b7:d5:a9:ee:05:c9:b1:71:7e:1b:2b:
+ e1:e3:af:c0
-----BEGIN CERTIFICATE-----
-MIIDDjCCArigAwIBAgIJAMXXbBE28DXhMA0GCSqGSIb3DQEBBAUAMIGOMQswCQYD
+MIIEmDCCA4CgAwIBAgIJAIdKdb6RZtg9MA0GCSqGSIb3DQEBBQUAMIGOMQswCQYD
VQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwG
-A1UEChMFeWFTU0wxFDASBgNVBAsTC3Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cu
-eWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0xMDA2
-MzAxODM5MzlaFw0xMzAzMjYxODM5NDBaMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UE
+A1UEChMFeWFTU0wxFDASBgNVBAsTC1Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cu
+eWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0xMTEw
+MjQxODIxNTVaFw0xNDA3MjAxODIxNTVaMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UE
CBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwGA1UEChMFeWFTU0wxFDAS
-BgNVBAsTC3Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJ
-KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQC9UUoU/WoZhAwzOPwnMpyXC/ykGGBpTtnYeFAL6SBd1h1wHAwknyOCzDoB1ZcX
-snNshs+18eXOaAzZohI5fPJTAgMBAAGjgfYwgfMwHQYDVR0OBBYEFFz3KSFpegl4
-nnvNU0IC7M4pDRHfMIHDBgNVHSMEgbswgbiAFFz3KSFpegl4nnvNU0IC7M4pDRHf
-oYGUpIGRMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQH
-EwhQb3J0bGFuZDEOMAwGA1UEChMFeWFTU0wxFDASBgNVBAsTC3Byb2dyYW1taW5n
-MRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlh
-c3NsLmNvbYIJAMXXbBE28DXhMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQAD
-QQC0pfFxJk25/1TzCR+s4RlZ5exX4/ELso/zKetrxvonMz6R0HdDyc4eD3EHqfcm
-4H7/MH1SCuGASEa7menZd851
+BgNVBAsTC1Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJ
+KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9amNrIHMo7Quml7xsNE
+ntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/Zcx/ZSRppugUiVvk
+NPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE79fGjSjXk4c6W3xt+
+v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX11JlJHOwzu8Zza7/
+eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8lTMTRefRx04ZAGBOw
+Y7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB9jCB8zAdBgNVHQ4EFgQU
+M9hFZtdohxh+VA1wJ5HHJteFZcAwgcMGA1UdIwSBuzCBuIAUM9hFZtdohxh+VA1w
+J5HHJteFZcChgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24x
+ETAPBgNVBAcTCFBvcnRsYW5kMQ4wDAYDVQQKEwV5YVNTTDEUMBIGA1UECxMLUHJv
+Z3JhbW1pbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEW
+DmluZm9AeWFzc2wuY29tggkAh0p1vpFm2D0wDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQUFAAOCAQEAHHxCgSmeIc/Q2MFUb8yuFAk4/2iYmpVTdhh75jB27CgNdafe
+4M2O1VUjakcrTo38fQaj2A+tXtYEyQAz+3cn07UDs3shdDELSq8tGrOTjszzXz2Q
+P8zjVRmRe3gkLkoJuxhOYS2cxgqgNJGIcGs7SEe8eZSioE0yR1TCo9wu0lFMKTkR
+/+IVXliXNvbpBgaGDo2dlQNysosZfOkUbqGIc2hYbXFewtXTE9Jf3uoDvuIAQOXO
+/eaSMVfD67tmrMsvGvrgYqJH9JNDKktsXgov+efmSmOGsKwqoeu0W2fNMuS2EUua
+cmYNokp2j/4ivIP927fVqe4FybFxfhsr4eOvwA==
-----END CERTIFICATE-----
diff --git a/extra/yassl/certs/client-key.pem b/extra/yassl/certs/client-key.pem
index 92c052fef84..c4e7ad22c09 100644
--- a/extra/yassl/certs/client-key.pem
+++ b/extra/yassl/certs/client-key.pem
@@ -1,9 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAL1RShT9ahmEDDM4/CcynJcL/KQYYGlO2dh4UAvpIF3WHXAcDCSf
-I4LMOgHVlxeyc2yGz7Xx5c5oDNmiEjl88lMCAwEAAQJAVGHWLlLhpqvXsEEXCvWh
-HCYono+K8YVGzhiaPSTU212fCoQryIxsXQKGBjhFdZm96DZWp+Vd/t/u+B4ZeaqY
-+QIhAOBEfbFtdZqk5OmbbRsRVPI7+YYmubgY1TVIPqmxHQ4NAiEA2BrTQkjOb3ul
-A/SZO04fJUZsm7Ng92FWHDJsRancSd8CIQCmGbQqZBK1TamJZ6dAY+7RViAx/p6Q
-vjuzMeXPUrFdRQIhAMkfBhg9bCqjFyt8PBPOm/vz8+ZgZlE0/JAXeV7IPCVfAiEA
-gZwCFm1ghGxmaoB424YC4DHeDeN/g9xwJHT7EuM9Mvc=
+MIIEpAIBAAKCAQEAwwPRK/45pDJFO1PIhCsqfHSavaoqUgdH1qY2sgcyjtC6aXvG
+w0Se1IFI/S1oootnu6F1yDYsStIb94u6zw357+zxgR57mwNHmr9lzH9lJGmm6BSJ
+W+Q098WwFJP1Z3s6enjhAVZWkaYTQo3SPECcTO/Rht83URsMoTv18aNKNeThzpbf
+G36/TpfQEOioCDCBryALQxTFdGe0MoJvjYbCiECZNoO6HkByIhfXUmUkc7DO7xnN
+rv94bHvAEgPUTnINUG07ozujmV6dyNkMhbPZitlUJttt+qy7/yVMxNF59HHThkAY
+E7BjtXJOMMSXhIYtVi/XFfd/wK71/Fvl+6G60wIDAQABAoIBAQCi5thfEHFkCJ4u
+bdFtHoXSCrGMR84sUWqgEp5T3pFMHW3qWXvyd6rZxtmKq9jhFuRjJv+1bBNZuOOl
+yHIXLgyfb+VZP3ZvSbERwlouFikN3reO3EDVou7gHqH0vpfbhmOWFM2YCWAtMHac
+PM3miO5HknkLWgDiXl8RfH35CLcgBokqXf0AqyLh8LO8JKleJg4fAC3+IZpTW23T
+K6uUgmhDNtj2L8Yi/LVBXQ0zYOqkfX7oS1WRVtNcV48flBcvqt7pnqj0z4pMjqDk
+VnOyz0+GxWk88yQgi1yWDPprEjuaZ8HfxpaypdWSDZsJQmgkEEXUUOQXOUjQNYuU
+bRHej8pZAoGBAOokp/lpM+lx3FJ9iCEoL0neunIW6cxHeogNlFeEWBY6gbA/os+m
+bB6wBikAj+d3dqzbysfZXps/JpBSrvw4kAAUu7QPWJTnL2p+HE9BIdQxWR9OihqN
+p1dsItjl9H4yphDLZKVVA4emJwWMw9e2J7JNujDaR49U0z2LhI2UmFilAoGBANU4
+G8OPxZMMRwtvNZLFsI1GyJIYj/WACvfvof6AubUqusoYsF2lB9CTjdicBBzUYo6m
+JoEB/86KKmM0NUCqbYDeiSNqV02ebq2TTlaQC22dc4sMric93k7wqsVseGdslFKc
+N2dsLe+7r9+mkDzER8+Nlp6YqbSfxaZQ3LPw+3QXAoGAXoMJYr26fKK/QnT1fBzS
+ackEDYV+Pj0kEsMYe/Mp818OdmxZdeRBhGmdMvPNIquwNbpKsjzl2Vi2Yk9d3uWe
+CspTsiz3nrNrClt5ZexukU6SIPb8/Bbt03YM4ux/smkTa3gOWkZktF63JaBadTpL
+78c8Pvf9JrggxJkKmnO+wxkCgYEAukSTFKw0GTtfkWCs97TWgQU2UVM96GXcry7c
+YT7Jfbh/h/A7mwOCKTfOck4R1bHBDAegmZFKjX/sec/xObXphexi99p9vGRNIjwO
+8tZR9YfYmcARIF0PKf1b4q7ZHNkhVm38hNBf7RAVHBgh58Q9S9fQnmqVzyLJA3ue
+42AB/C8CgYAR0EvPG2e5nxB1R4ZlrjHCxjCsWQZQ2Q+1cAb38NPIYnyo2m72IT/T
+f1/qiqs/2Spe81HSwjA34y2jdQ0eTSE01VdwXIm/cuxKbmjVzRh0M06MOkWP5pZA
+62P5GYY6Ud2JS7Dz+Z9dKJU4vjWrylznk1M0oUVdEzllQkahn831vw==
-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/client-keyEnc.pem b/extra/yassl/certs/client-keyEnc.pem
index f6b857fc48c..6f29eac50c1 100644
--- a/extra/yassl/certs/client-keyEnc.pem
+++ b/extra/yassl/certs/client-keyEnc.pem
@@ -2,11 +2,29 @@
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,B9D8FB94E38635AB
-e7bVyzL1RF6p7hl8GDaOrRTcgB4ip+pWWUcnNf6y2tsuAQx/c/Bd5c9ZDc3L5AXC
-oOAzWYB+ay1vWkmAQB4ivFS5QzGDf8870d4FbOejwmgPhiHdZNw5xNwscAN6ps0v
-dFaUrR9nzWmbycsQCjXZGIZtGFCtXkA8Gdl5OMO4o+rzM0muNPS5fb++x7oNl1YG
-gjReu2sQ85dPfMlnoHhr8Pz9LBcxVyOmcqtmT0SOSuPcoj6aDtcZ+EY9MQf6SR9E
-ysmrJKMtp+ABgXglAj5hbT0dMpoJ2KpJYk62JAh/A6DDyv5YYUI0W57xY5+QzaV+
-YXnIvqwLjJ3cXEV4YH7ozLHAESgnAAUoQsin42rrRKt7GxjSdBoFhWjH69V2nl65
-LYRNjE1O5BBEX+rz0S+fe2ZZgT17kUr7eLZCq15J+L5xWQ7R4ERc0w==
+3OTcffWLy2Ddlu2oUwnMWkvIb3e9wLL1jrKOpC0aeb//uiawgw50+KuU4pewB5fN
+lfEJwpX4NjfPL+Nk+B1VAVrv5gwk5/SY9SwIJluutzmGS4TfVOhqi2SVd0mc9kOD
+cSWQ9ltAohFu67jdx36j2u+eghDTOjls1lM8EpzL5cu3Bp4G+ST0nXAdnGtSZdV6
+eToLWjIHiC/JqeRSsKAlG0M5verw14sbb5MO4ZQF4Tdu0fCFgFvDSUM2V4ZLtS1N
+VysLEkHoF56YKZ5H2FYLxOVDpn5lSiLnOgRbteEzsysyJ1zLxXWFFwJPCpLVNL0e
+P7OoEoCR+oAdzGkkPF+EdMoULtQP+n6U7jGx3oFVS17NORIFvyxyP0hD4pGTGLnl
+qAEk30lhKGAE5GgvA2itxZIno/sxPKr5T5Sc2yWh9RdQuLWYNrOb8Kz8J1iXV5l6
+/5TLGu5XVWIlBnUtjMFUe5M54tqGQ6SuDUlL2ud5YeLVN0T+RU/bqV2fXGoBUqKb
+Oe8PECm62Ls0wjv27BIOXXV32WSXwsywSzBqq2YXZ5zc9Q0+Mf1Zl6jKwcr8rXhv
+rA2kcpicONryggsPZnn/us1bVuWKndsCbm7A5om6HowpamNMPuxhISigzzE59L6X
+X6Sl2F0N0zhrfUVlAAlfYTrwcQVtyBDj1xp2nzJFocurJt9EylLaT0Sw3nxWtuOg
+yQuF05UPCzxqow/7dMVqtQKng0ptpsn/E+Kr/Egk1YaTpUUxref6mD3R1S+qWML8
+uqTa3y1CWd4u+aJZH2oZU3gmEd8GvuWnmhsw8iTyq1bzYIga1rQZqh4W5Ok9V+jR
+GioT/x3mTIhtuEZ1Cmhne5qM3gWYgM3rC3D4+RnUFeThOC5lHtOYHtIEpg66cs7g
+QYAn75ghEkyfG7ZvdxAU9Ngn6hckux9tFu3GmeEtdqhVOHaOMaYi60uGSk6uBnTv
+P1sUqi70kMrIBWU7TgldKlTqVdReM87Nkb2O5v1xqtoswLWIi65hFWTqt/H65c1H
+aEBG1cBqnqBMYuFk8b4TzZbuU9o1UKj0/6N5mpm//BmW65B0htEDP7IYpGF0mt0H
+LkU+4ISmuLfPfQeviYio6/yASaFkHpxfK7N8CQvmyAG9U8FHRio2QCGSb2EO+BnT
+Bti6L9oMiQbAsCLWTbvBhCVxdncFw1ncq8gkPMXjEEVUsqAo5Kg+903pRHUyHLzS
+R6R3C6tTJnNtucJ0zqQMF3K1FHS1m8GrOm+hskJLTHgZLdz6tFTYkXfZBSCwIl7s
+plg0wq9CrNC2B8MczWn/j3/h7qSI3wBNqADHMdoiOHECffCeyGEYjW3+0iMoj1m1
+wY0DIym4DDRzk6wsEesxVi8iiCVpYwWnjJAvWYECEO+hWuwCez+eGVkhCT/5g3xW
+hPSRhivNuJT05tdR5o+yqONHn1eAQH7Ar3cj+neY5WC0iS5FK9axTqbHXotofD1e
+pJX17ZVWsmIIpRvAWGD+LOcfTMZsaB9DJbkrPSWlMW3lC2S5JOq8OgfMNWIDDUN1
+guwpK5Z/lWV1qMMnaWeDVgPH/G0FssECXlCU5+/Ol654h8tm2bRXYAYHPM+OoW67
-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/dsa-cert.pem b/extra/yassl/certs/dsa-cert.pem
index ed1138dad01..10d533edc88 100644
--- a/extra/yassl/certs/dsa-cert.pem
+++ b/extra/yassl/certs/dsa-cert.pem
@@ -1,70 +1,22 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number:
- ce:df:23:31:64:b4:13:da
- Signature Algorithm: dsaWithSHA1
- Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=testing, CN=www.yassl.com/emailAddress=info@yassl.com
- Validity
- Not Before: Jun 30 18:56:38 2010 GMT
- Not After : Mar 26 18:56:39 2013 GMT
- Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=testing, CN=www.yassl.com/emailAddress=info@yassl.com
- Subject Public Key Info:
- Public Key Algorithm: dsaEncryption
- DSA Public Key:
- pub:
- 04:84:a0:26:31:72:0c:e8:4f:5d:53:17:62:b1:80:
- ca:c0:16:5f:c3:1e:ea:c5:d9:98:38:f9:be:56:53:
- 47:68:ce:08:22:57:1c:bb:0d:77:91:cf:5b:36:ed:
- f3:24:82:90:8a:cd:90:7c:db:77:f9:17:2d:73:73:
- ef:bb:b9:82
- P:
- 00:99:29:69:80:c9:3c:98:68:45:a9:82:fe:67:eb:
- 95:88:c5:b4:0c:d6:26:45:95:19:2c:a0:20:5b:7e:
- df:69:e9:dc:c3:0f:f3:61:0a:25:9b:f2:21:01:6a:
- cd:aa:8c:37:e7:ca:66:db:56:f4:0f:7d:7a:d1:18:
- b9:42:fd:1b:11
- Q:
- 00:ad:25:29:ab:0a:9f:09:1c:c1:ad:03:20:76:7f:
- a6:b7:dd:4d:03:09
- G:
- 12:88:99:da:e7:d0:0b:93:9b:e6:ee:3c:21:7f:9c:
- b3:b4:8d:a5:8c:e2:37:80:3f:17:d1:81:4f:bd:f0:
- 71:b6:32:08:54:dd:bf:01:e2:b3:77:06:64:75:8a:
- 04:d6:79:39:b1:02:03:03:c6:06:74:e5:90:05:0a:
- 10:46:19:31
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2
- X509v3 Authority Key Identifier:
- keyid:BE:F9:8C:5D:D6:1C:B4:EE:81:DD:36:56:0A:21:E4:61:44:73:E9:E2
- DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=testing/CN=www.yassl.com/emailAddress=info@yassl.com
- serial:CE:DF:23:31:64:B4:13:DA
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: dsaWithSHA1
- 30:2d:02:14:00:a3:21:20:34:6a:2c:f9:fb:76:d7:20:c9:c0:
- 35:1b:64:9a:c2:83:02:15:00:a4:59:ac:6d:da:85:48:ff:f5:
- 0d:49:72:c8:cd:91:fc:ec:2f:5c:63
-----BEGIN CERTIFICATE-----
-MIIDfjCCAz2gAwIBAgIJAM7fIzFktBPaMAkGByqGSM44BAMwgYoxCzAJBgNVBAYT
-AlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRsYW5kMQ4wDAYDVQQK
-EwV5YVNTTDEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNv
-bTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wHhcNMTAwNjMwMTg1NjM4
-WhcNMTMwMzI2MTg1NjM5WjCBijELMAkGA1UEBhMCVVMxDzANBgNVBAgTBk9yZWdv
-bjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRAwDgYDVQQLEwd0
-ZXN0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5p
-bmZvQHlhc3NsLmNvbTCB8DCBqAYHKoZIzjgEATCBnAJBAJkpaYDJPJhoRamC/mfr
-lYjFtAzWJkWVGSygIFt+32np3MMP82EKJZvyIQFqzaqMN+fKZttW9A99etEYuUL9
-GxECFQCtJSmrCp8JHMGtAyB2f6a33U0DCQJAEoiZ2ufQC5Ob5u48IX+cs7SNpYzi
-N4A/F9GBT73wcbYyCFTdvwHis3cGZHWKBNZ5ObECAwPGBnTlkAUKEEYZMQNDAAJA
-BISgJjFyDOhPXVMXYrGAysAWX8Me6sXZmDj5vlZTR2jOCCJXHLsNd5HPWzbt8ySC
-kIrNkHzbd/kXLXNz77u5gqOB8jCB7zAdBgNVHQ4EFgQUvvmMXdYctO6B3TZWCiHk
-YURz6eIwgb8GA1UdIwSBtzCBtIAUvvmMXdYctO6B3TZWCiHkYURz6eKhgZCkgY0w
-gYoxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24xETAPBgNVBAcTCFBvcnRs
-YW5kMQ4wDAYDVQQKEwV5YVNTTDEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMN
-d3d3Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb22CCQDO
-3yMxZLQT2jAMBgNVHRMEBTADAQH/MAkGByqGSM44BAMDMAAwLQIUAKMhIDRqLPn7
-dtcgycA1G2SawoMCFQCkWaxt2oVI//UNSXLIzZH87C9cYw==
+MIIDqzCCA2ugAwIBAgIJAMGqrgDU6DyhMAkGByqGSM44BAMwgY4xCzAJBgNVBAYT
+AlVTMQ8wDQYDVQQIDAZPcmVnb24xETAPBgNVBAcMCFBvcnRsYW5kMRAwDgYDVQQK
+DAd3b2xmU1NMMRAwDgYDVQQLDAd0ZXN0aW5nMRYwFAYDVQQDDA13d3cueWFzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTEzMDQyMjIw
+MDk0NFoXDTE2MDExNzIwMDk0NFowgY4xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZP
+cmVnb24xETAPBgNVBAcMCFBvcnRsYW5kMRAwDgYDVQQKDAd3b2xmU1NMMRAwDgYD
+VQQLDAd0ZXN0aW5nMRYwFAYDVQQDDA13d3cueWFzc2wuY29tMR8wHQYJKoZIhvcN
+AQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBuDCCASwGByqGSM44BAEwggEfAoGBAL1R
+7koy4IrH6sbh6nDEUUPPKgfhxxLCWCVexF2+qzANEr+hC9M002haJXFOfeS9DyoO
+WFbL0qMZOuqv+22CaHnoUWl7q3PjJOAI3JH0P54ZyUPuU1909RzgTdIDp5+ikbr7
+KYjnltL73FQVMbjTZQKthIpPn3MjYcF+4jp2W2zFAhUAkcntYND6MGf+eYzIJDN2
+L7SonHUCgYEAklpxErfqznIZjVvqqHFaq+mgAL5J8QrKVmdhYZh/Y8z4jCjoCA8o
+TDoFKxf7s2ZzgaPKvglaEKiYqLqic9qY78DYJswzQMLFvjsF4sFZ+pYCBdWPQI4N
+PgxCiznK6Ce+JH9ikSBvMvG+tevjr2UpawDIHX3+AWYaZBZwKADAaboDgYUAAoGB
+AJ3LY89yHyvQ/TsQ6zlYbovjbk/ogndsMqPdNUvL4RuPTgJP/caaDDa0XJ7ak6A7
+TJ+QheLNwOXoZPYJC4EGFSDAXpYniGhbWIrVTCGe6lmZDfnx40WXS0kk3m/DHaC0
+3ElLAiybxVGxyqoUfbT3Zv1JwftWMuiqHH5uADhdXuXVo1AwTjAdBgNVHQ4EFgQU
+IJjk416o4v8qpH9LBtXlR9v8gccwHwYDVR0jBBgwFoAUIJjk416o4v8qpH9LBtXl
+R9v8gccwDAYDVR0TBAUwAwEB/zAJBgcqhkjOOAQDAy8AMCwCFCjGKIdOSV12LcTu
+k08owGM6YkO1AhQe+K173VuaO/OsDNsxZlKpyH8+1g==
-----END CERTIFICATE-----
diff --git a/extra/yassl/certs/server-cert.pem b/extra/yassl/certs/server-cert.pem
index 1ec53c02628..cfe4b7b8228 100644
--- a/extra/yassl/certs/server-cert.pem
+++ b/extra/yassl/certs/server-cert.pem
@@ -1,39 +1,157 @@
Certificate:
Data:
Version: 1 (0x0)
- Serial Number: 1 (0x1)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=US, ST=Montana, L=Bozeman, O=sawtooth, OU=consulting, CN=www.sawtooth-consulting.com/emailAddress=info@yassl.com
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
Validity
- Not Before: Jun 30 18:52:17 2010 GMT
- Not After : Mar 26 18:52:17 2013 GMT
- Subject: C=US, ST=Montana, L=Bozeman, O=yaSSL, OU=support, CN=www.yassl.com/emailAddress=info@yassl.com
+ Not Before: Oct 24 18:27:13 2011 GMT
+ Not After : Jul 20 18:27:13 2014 GMT
+ Subject: C=US, ST=Montana, L=Bozeman, O=yaSSL, OU=Support, CN=www.yassl.com/emailAddress=info@yassl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:c6:7b:c0:68:81:2f:de:82:3f:f9:ac:c3:86:4a:
- 66:b7:ec:d4:f1:f6:64:21:ff:f5:a2:34:42:d0:38:
- 9f:c6:dd:3b:6e:26:65:6a:54:96:dd:d2:7b:eb:36:
- a2:ae:7e:2a:9e:7e:56:a5:b6:87:9f:15:c7:18:66:
- 7e:16:77:e2:a7
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
+ 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
+ f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75:
+ f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab:
+ 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e:
+ 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25:
+ 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c:
+ 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6:
+ 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc:
+ 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8:
+ dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3:
+ e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9:
+ 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0:
+ c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77:
+ ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4:
+ b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22:
+ a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f:
+ ad:d7
Exponent: 65537 (0x10001)
- Signature Algorithm: md5WithRSAEncryption
- 58:a9:98:e7:16:52:4c:40:e7:e1:47:92:19:1b:3a:8f:97:6c:
- 7b:b7:b0:cb:20:6d:ad:b5:d3:47:58:d8:e4:f2:3e:32:e9:ef:
- 87:77:e5:54:36:f4:8d:50:8d:07:b4:77:45:ea:9d:a4:33:36:
- 9b:0b:e0:74:58:11:c5:01:7b:4d
+ Signature Algorithm: sha1WithRSAEncryption
+ 71:4e:d3:62:df:cc:4c:f7:cd:b7:6e:52:0b:6c:6e:e0:bd:c2:
+ 2d:07:d7:c0:b0:6e:43:1e:35:bc:30:01:50:f0:ff:99:23:6c:
+ 18:1a:41:b6:11:d6:d4:19:61:fd:e4:77:97:1c:39:e1:57:ab:
+ c5:15:63:77:11:36:5e:74:e2:24:0b:1f:41:78:ad:b7:81:e7:
+ b4:40:66:80:f0:4b:91:a0:6d:a8:6e:3d:53:d9:8b:ce:2a:e1:
+ 0b:45:65:87:a1:96:ae:ee:3e:88:d5:12:1f:78:17:ae:2c:c5:
+ 73:44:d8:dc:f4:af:d8:cc:ae:4c:e1:0c:be:55:a4:99:f7:6e:
+ 96:c0:c8:45:87:bf:dc:51:57:ff:9e:73:37:6a:18:9c:c3:f9:
+ 22:7a:f4:b0:52:bd:fc:21:30:f8:c5:ff:1e:87:7d:ad:a2:5a:
+ 35:f5:22:a8:b4:0a:76:38:e6:76:b0:98:af:1b:ec:8a:0a:43:
+ 74:d2:85:34:37:84:07:e1:f6:23:b2:29:de:a6:b6:b7:4c:57:
+ 7e:96:06:cb:a9:16:25:29:3a:03:2d:55:7d:a6:8c:a4:f7:9e:
+ 81:c9:95:b6:7c:c1:4a:ce:94:66:0c:ca:88:eb:d2:09:f5:5b:
+ 19:58:82:df:27:fd:67:95:78:b7:02:06:d5:a7:61:bd:ef:3a:
+ fc:b2:61:cd
-----BEGIN CERTIFICATE-----
-MIICFDCCAb4CAQEwDQYJKoZIhvcNAQEEBQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYD
-VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhzYXd0b290
-aDETMBEGA1UECxMKY29uc3VsdGluZzEkMCIGA1UEAxMbd3d3LnNhd3Rvb3RoLWNv
-bnN1bHRpbmcuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0x
-MDA2MzAxODUyMTdaFw0xMzAzMjYxODUyMTdaMIGKMQswCQYDVQQGEwJVUzEQMA4G
-A1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjEOMAwGA1UEChMFeWFTU0wx
-EDAOBgNVBAsTB3N1cHBvcnQxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkq
-hkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJB
-AMZ7wGiBL96CP/msw4ZKZrfs1PH2ZCH/9aI0QtA4n8bdO24mZWpUlt3Se+s2oq5+
-Kp5+VqW2h58VxxhmfhZ34qcCAwEAATANBgkqhkiG9w0BAQQFAANBAFipmOcWUkxA
-5+FHkhkbOo+XbHu3sMsgba2100dY2OTyPjLp74d35VQ29I1QjQe0d0XqnaQzNpsL
-4HRYEcUBe00=
+MIIDkDCCAngCAQIwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290
+aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wHhcNMTExMDI0MTgyNzEzWhcN
+MTQwNzIwMTgyNzEzWjCBijELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmEx
+EDAOBgNVBAcTB0JvemVtYW4xDjAMBgNVBAoTBXlhU1NMMRAwDgYDVQQLEwdTdXBw
+b3J0MRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZv
+QHlhc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFX
+QfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hnf/5cnFF194rKB+c1L4/h
+vXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4
+pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo
+3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4
+D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHm
+YYPF0pbf2dBPrdcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAcU7TYt/MTPfNt25S
+C2xu4L3CLQfXwLBuQx41vDABUPD/mSNsGBpBthHW1Blh/eR3lxw54VerxRVjdxE2
+XnTiJAsfQXitt4HntEBmgPBLkaBtqG49U9mLzirhC0Vlh6GWru4+iNUSH3gXrizF
+c0TY3PSv2MyuTOEMvlWkmfdulsDIRYe/3FFX/55zN2oYnMP5Inr0sFK9/CEw+MX/
+Hod9raJaNfUiqLQKdjjmdrCYrxvsigpDdNKFNDeEB+H2I7Ip3qa2t0xXfpYGy6kW
+JSk6Ay1VfaaMpPeegcmVtnzBSs6UZgzKiOvSCfVbGViC3yf9Z5V4twIG1adhve86
+/LJhzQ==
-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ e9:d0:a7:5f:79:25:f4:3c
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
+ Validity
+ Not Before: Oct 24 18:18:15 2011 GMT
+ Not After : Jul 20 18:18:15 2014 GMT
+ Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (2048 bit)
+ Modulus (2048 bit):
+ 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a:
+ f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac:
+ de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98:
+ 21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77:
+ 32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1:
+ 8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3:
+ a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed:
+ a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95:
+ 82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c:
+ 3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db:
+ 76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc:
+ 73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98:
+ de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68:
+ cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2:
+ b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3:
+ 13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98:
+ ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed:
+ 36:79
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+ X509v3 Authority Key Identifier:
+ keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
+ DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com
+ serial:E9:D0:A7:5F:79:25:F4:3C
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 5f:86:14:f4:51:8b:bc:a5:4e:30:da:5e:ac:9a:f8:6c:d9:26:
+ 4b:93:f9:e3:1c:89:6f:9e:ee:b3:9d:77:3e:89:20:76:a3:e6:
+ e8:86:15:21:db:e2:33:b2:34:d5:d0:9f:f3:c1:a4:87:92:5c:
+ f9:d1:ff:30:2f:8e:03:bc:b3:3c:0c:32:a3:90:5f:1a:90:1e:
+ af:9d:f3:9e:d7:07:02:a9:7d:27:66:63:2f:af:18:d7:ac:18:
+ 98:8c:83:8f:38:f3:0b:ac:36:10:75:fb:ca:76:13:50:5b:02:
+ 8f:73:bf:e3:a0:ee:83:52:25:54:ce:26:ce:9c:bd:2f:79:ab:
+ 1b:60:b8:92:f1:03:c0:fc:3b:08:d9:c0:ad:d5:72:08:25:80:
+ 61:2d:dc:9f:a7:83:62:07:47:e0:07:4c:4b:07:30:04:a9:87:
+ 1c:55:7f:07:12:d0:cb:42:5d:cb:cf:66:01:1a:17:ee:f9:0f:
+ 60:b7:db:6f:68:e5:4e:41:62:6e:d3:6f:60:4f:4b:27:de:cf:
+ 18:07:f1:13:5d:cb:3f:a9:25:44:da:52:5c:c8:04:e1:56:12:
+ f5:2a:90:4e:d1:e2:af:01:b5:23:a1:ec:31:da:7b:63:69:c4:
+ b8:f3:e7:ce:a1:3d:c0:db:6d:f3:b2:d9:46:c8:9f:c3:b8:70:
+ 5a:1f:7f:ca
+-----BEGIN CERTIFICATE-----
+MIIEnjCCA4agAwIBAgIJAOnQp195JfQ8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
+VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G
+A1UEChMIU2F3dG9vdGgxEzARBgNVBAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3
+dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTEx
+MTAyNDE4MTgxNVoXDTE0MDcyMDE4MTgxNVowgZAxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290
+aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd
+MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC/DMotFLIehEJbzTgfSvJNdRDxtjWf38p9A5jTrN4DZu4q
+8diwfW4HVAsQmCFNgMsSIOfMT95FfclydzLqypC7aVIQAy+o85XF8YtiVhvvZ2+k
+EEGVrQqb46XAsNJwdlAwW6joCCx87aeieo04KRysx+3yfJWwlYJ9SVw4zXcl772A
+dVOUPD3KY1ufFbXTHRMvGdE823Y6zLh9yeXC19pAb9gh3HMbQi1TnP4a/H2rejY/
+mN6EfAVnzmoUOIep8Yy1aMtof3EgK/WgY/VWL6Mm0rdvsVoX1ziZCP6TWG/+wxNJ
+CBYLp01nAFIxZyNOmO1RRR25BNkL7Ngos0u97TZ5AgMBAAGjgfgwgfUwHQYDVR0O
+BBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHFBgNVHSMEgb0wgbqAFCeOZxF0wyYd
+P+0zY7Ok2B0w5ejVoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHTW9u
+dGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8GA1UEChMIU2F3dG9vdGgxEzARBgNV
+BAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG
+9w0BCQEWDmluZm9AeWFzc2wuY29tggkA6dCnX3kl9DwwDAYDVR0TBAUwAwEB/zAN
+BgkqhkiG9w0BAQUFAAOCAQEAX4YU9FGLvKVOMNperJr4bNkmS5P54xyJb57us513
+PokgdqPm6IYVIdviM7I01dCf88Gkh5Jc+dH/MC+OA7yzPAwyo5BfGpAer53zntcH
+Aql9J2ZjL68Y16wYmIyDjzjzC6w2EHX7ynYTUFsCj3O/46Dug1IlVM4mzpy9L3mr
+G2C4kvEDwPw7CNnArdVyCCWAYS3cn6eDYgdH4AdMSwcwBKmHHFV/BxLQy0Jdy89m
+ARoX7vkPYLfbb2jlTkFibtNvYE9LJ97PGAfxE13LP6klRNpSXMgE4VYS9SqQTtHi
+rwG1I6HsMdp7Y2nEuPPnzqE9wNtt87LZRsifw7hwWh9/yg==
diff --git a/extra/yassl/certs/server-key.pem b/extra/yassl/certs/server-key.pem
index 154d661b1df..d1627f4d4a7 100644
--- a/extra/yassl/certs/server-key.pem
+++ b/extra/yassl/certs/server-key.pem
@@ -1,9 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIBOwIBAAJBAMZ7wGiBL96CP/msw4ZKZrfs1PH2ZCH/9aI0QtA4n8bdO24mZWpU
-lt3Se+s2oq5+Kp5+VqW2h58VxxhmfhZ34qcCAwEAAQJBAJSbGxgjgV+rTZL2Ev58
-viN/IoB25cm/Bn4Heu7DNn2A2kpdGX2cCaf7rEQoIKCiHxvopvxOcd/7nLS/gNli
-dCECIQD/cX/9fvB1Uajw0fmvwNON9+3P9uJSqpig90zL32pwjQIhAMbqee9TBMN4
-TxXbgWqA92PrCXe8WDZ3PwoJqdR6MRUDAiEAny+TDF1z6hiWiGTCDgXDkKBlwgjf
-p5aKgR077XzwLu0CICVpWEGg1ZaF/CnaPP7w/pZ2UDOK4vRrfRnAM4bY7H5NAiBS
-1eXJ/MCZ2uPfpl7XK2BU9P69KdKUk5WHxdRchVvcDg==
+MIIEpQIBAAKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2HIi8fJ/7
+qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lf
+P9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDj
+xsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlk
+wyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlC
+Qgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABAoIBAQCa0DQPUmIFUAHv
+n+1kbsLE2hryhNeSEEiSxOlq64t1bMZ5OPLJckqGZFSVd8vDmp231B2kAMieTuTd
+x7pnFsF0vKnWlI8rMBr77d8hBSPZSjm9mGtlmrjcxH3upkMVLj2+HSJgKnMw1T7Y
+oqyGQy7E9WReP4l1DxHYUSVOn9iqo85gs+KK2X4b8GTKmlsFC1uqy+XjP24yIgXz
+0PrvdFKB4l90073/MYNFdfpjepcu1rYZxpIm5CgGUFAOeC6peA0Ul7QS2DFAq6EB
+QcIw+AdfFuRhd9Jg8p+N6PS662PeKpeB70xs5lU0USsoNPRTHMRYCj+7r7X3SoVD
+LTzxWFiBAoGBAPIsVHY5I2PJEDK3k62vvhl1loFk5rW4iUJB0W3QHBv4G6xpyzY8
+ZH3c9Bm4w2CxV0hfUk9ZOlV/MsAZQ1A/rs5vF/MOn0DKTq0VO8l56cBZOHNwnAp8
+yTpIMqfYSXUKhcLC/RVz2pkJKmmanwpxv7AEpox6Wm9IWlQ7xrFTF9/nAoGBAMuT
+3ncVXbdcXHzYkKmYLdZpDmOzo9ymzItqpKISjI57SCyySzfcBhh96v52odSh6T8N
+zRtfr1+elltbD6F8r7ObkNtXczrtsCNErkFPHwdCEyNMy/r0FKTV9542fFufqDzB
+hV900jkt/9CE3/uzIHoumxeu5roLrl9TpFLtG8SRAoGBAOyY2rvV/vlSSn0CVUlv
+VW5SL4SjK7OGYrNU0mNS2uOIdqDvixWl0xgUcndex6MEH54ZYrUbG57D8rUy+UzB
+qusMJn3UX0pRXKRFBnBEp1bA1CIUdp7YY1CJkNPiv4GVkjFBhzkaQwsYpVMfORpf
+H0O8h2rfbtMiAP4imHBOGhkpAoGBAIpBVihRnl/Ungs7mKNU8mxW1KrpaTOFJAza
+1AwtxL9PAmk4fNTm3Ezt1xYRwz4A58MmwFEC3rt1nG9WnHrzju/PisUr0toGakTJ
+c/5umYf4W77xfOZltU9s8MnF/xbKixsX4lg9ojerAby/QM5TjI7t7+5ZneBj5nxe
+9Y5L8TvBAoGATUX5QIzFW/QqGoq08hysa+kMVja3TnKW1eWK0uL/8fEYEz2GCbjY
+dqfJHHFSlDBD4PF4dP1hG0wJzOZoKnGtHN9DvFbbpaS+NXCkXs9P/ABVmTo9I89n
+WvUi+LUp0EQR6zUuRr79jhiyX6i/GTKh9dwD5nyaHwx8qbAOITc78bA=
-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/certs/server-keyEnc.pem b/extra/yassl/certs/server-keyEnc.pem
index d3500a1b647..278a0946c68 100644
--- a/extra/yassl/certs/server-keyEnc.pem
+++ b/extra/yassl/certs/server-keyEnc.pem
@@ -2,11 +2,29 @@
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,08132C1FFF5BC8CC
-gsvuAsGmB8AkR23M25w4E6wuywfBey1Jqh3g71gJcnsUYwynex9dvfAU0lTowOXh
-sb7ld1KNjEMzrht9AC1IC0iE1rLqvRQZOdJ7h3n7aHZQ4a/HjcwAhqJq0ZW45m6Q
-mpoO5fRISjx2VbKFRUz6Xj2x0/do3IjQhpuUDVrTFFe1sEySM6APZ6CVpcnTOyPR
-ADyLDKzOi2E+sj1UXs58pct56FaqTIZPUEflICU3k6q9FPU6gsYANRLfzegclkv4
-JAx6mKVSJuYnjCCppx8WBwGJa1J1GcYRJ3qFfdbUzL4bcXTvoFkJEnDkHsXgDUS6
-xmT0XGT3IMaW8cwQ8KD8m5YYI/L26Mas/w3eA2ekyMR8pYICjXp/YZtcKxxkQSVE
-Uv/+D+20KbNAHIW5Mrxf61cX/CggGEbVP8ZhDY1flh8=
+W+krChiFlNU+koE0Bep+U45OG4V4IFZv67ex6yJHgcsPd+HQ692A/h+5dYc8rdlW
+2LDgSODHHIMTt6RVJDxXxXs3qFmJQbnVXeXxV209X8EfaRarh+yiMKeUP6K8hIvj
++IYRma6iKOs+d4KlcZZudGs2f/x8nhxXbmQtrLhGd4h91mnJk2sKmiz7UkUy6Qng
+gOHnT2dfF4Qk2ZYsjisRHjpWZiqh40GO1LuTgUjZoH+LGhMwMwOAE6+ss5xa+yE+
+Xd9Yljm0/QW68JILkCJQjLDRvPGxDJyvYq6TT/kSElsRlI/AuRrZH1YVD3hn/xjx
+tDoEB+JEbH6iu9ne2srxnGSKLzoUbb4XPaCjLIW9BJf7oANmmFQpZZQiRTyIUVWi
+IE5hJciqF7ra7IwfZAW/PeWGXpzNOVN9QAvyAMsmvUCzJdxd1ySUatjhZ+mSFYGk
+rDVtyrgt4ZQgV0EdJV0Yn1ZWMOk1qEKXT0JAnI+9S6Y+QEdwXmdz3xlVuq61Jvub
+iJUVepnD/1QeFfWy8JwlscWpWFrkr569f3SNG+FGb6fufnUP7K6sX3urj+pj1QET
+f9NmmvLBsVsbj1Egg3wnxbVHIUPky64LY04wtNJaAwhuG6mKCvaClKYMTmTCyrzP
+aRwghhMQ3yHUbo2A1ZppYsXXg8lX30eW+5O77N9Q3xfP0phODHXsnXhBH09ml1JQ
+MmiCaL5n6sIVcjtFmN/kyaEuz/1VrBSaDCPeW88n61UXUidXrGOZN/2c/2xFir8B
+2rdE82lQLl07SJxzQQ6aJVvrc5tnbV/ENDySS5dG6Yl/w89/nuu0RFHmAweKqfGC
+8m0XOkmonIk6h3YT7XrkE0b/2jkf1mMaMKrGGfRmxqNt1nGxMCJHAO/Sn9v+I9rU
+W7HCZ04RTnRp1BXcqDxdwlveDKJRVfiKOSSEOpEXXlexS5R1vikmxrCwK5YVUTkT
+3tgahVtHJkFHnBHBzXyHUDwWahxZaU9TO43z0JFxs0zINWUWppldf0oyWjP1FSrI
+a9tXBs7aoykUY9Av9K0p4UJJU005qzD/tuegZFX34wRETJO0BJnlZHTTZSqLSVX+
+KZg4nPq8Xii1VHta3tgw7up2z1tpepsBerTsRQ1+IDpxLaIxgt9am0hXVTiMLex/
+DD9UvQC/eBUmpmWraK/Mqeq/UrPl+lmeoXsG6LWIvEp9d19rJ/3OhIJf2pDh9dC8
+NzJoNP9qOrDajAwzeeF5dbQxCaG+X8am9s4wryC0p+NrQ0tzv8efey0zBodDIOgo
+F1G7+ADgHy+V565q8sdL52xx0xB9Ty5p9IOfOUbxa3K65TJf/I/QAQjl4LyTbkfr
+kzpYAG2uF55EB3Eq3aMrj47pzZy0ELXXN2qYJ9Oelgl+h6MzYbmd+Wm+A2Cofv3u
+7ANAyjAYN7/Lo3lTFAt7sXAXGKnqw62JNSSMkIqZVrG5dn7Jxj5AJCVyYxTrm6Y+
+DDcblX47XrWxVoVJN/dLJZ8FzWs4o/8w9Yn8U54Ci7F0g+j2f+OpDy9PGFYT9pKw
+xWG8chkYE6QPilEYvdi26ZnZ3u236q9PMtyRP87NmBN2sLkj/rbBTzBxWIaGS+Mt
-----END RSA PRIVATE KEY-----
diff --git a/extra/yassl/include/cert_wrapper.hpp b/extra/yassl/include/cert_wrapper.hpp
index 8be0f3b3e6a..7e9f197e58d 100644
--- a/extra/yassl/include/cert_wrapper.hpp
+++ b/extra/yassl/include/cert_wrapper.hpp
@@ -1,5 +1,5 @@
/*
- Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -88,6 +88,7 @@ class CertManager {
bool verifyNone_; // no error if verify fails
bool failNoCert_;
bool sendVerify_;
+ bool sendBlankCert_;
VerifyCallback verifyCallback_; // user verify callback
public:
CertManager();
@@ -114,16 +115,18 @@ public:
bool verifyNone() const;
bool failNoCert() const;
bool sendVerify() const;
+ bool sendBlankCert() const;
void setVerifyPeer();
void setVerifyNone();
void setFailNoCert();
void setSendVerify();
+ void setSendBlankCert();
void setPeerX509(X509*);
void setVerifyCallback(VerifyCallback);
private:
CertManager(const CertManager&); // hide copy
- CertManager& operator=(const CertManager&); // and assign
+ CertManager& operator=(const CertManager&); // and assigin
};
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
index 2fcba67cfdd..c0192153051 100644
--- a/extra/yassl/include/openssl/ssl.h
+++ b/extra/yassl/include/openssl/ssl.h
@@ -1,5 +1,5 @@
/*
- Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
Use is subject to license terms.
This program is free software; you can redistribute it and/or modify
@@ -35,7 +35,7 @@
#include "rsa.h"
-#define YASSL_VERSION "2.2.2"
+#define YASSL_VERSION "2.2.3b"
#if defined(__cplusplus)
diff --git a/extra/yassl/src/cert_wrapper.cpp b/extra/yassl/src/cert_wrapper.cpp
index 639f0996d7e..ff359c6ad71 100644
--- a/extra/yassl/src/cert_wrapper.cpp
+++ b/extra/yassl/src/cert_wrapper.cpp
@@ -1,5 +1,5 @@
/*
- Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -91,7 +91,7 @@ opaque* x509::use_buffer()
//CertManager
CertManager::CertManager()
: peerX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false),
- sendVerify_(false), verifyCallback_(0)
+ sendVerify_(false), sendBlankCert_(false), verifyCallback_(0)
{}
@@ -142,6 +142,11 @@ void CertManager::setVerifyNone()
verifyNone_ = true;
}
+bool CertManager::sendBlankCert() const
+{
+ return sendBlankCert_;
+}
+
void CertManager::setFailNoCert()
{
@@ -154,6 +159,11 @@ void CertManager::setSendVerify()
sendVerify_ = true;
}
+void CertManager::setSendBlankCert()
+{
+ sendBlankCert_ = true;
+}
+
void CertManager::setVerifyCallback(VerifyCallback vc)
{
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp
index d99adf88ce9..058f8596546 100644
--- a/extra/yassl/src/handshake.cpp
+++ b/extra/yassl/src/handshake.cpp
@@ -1,5 +1,5 @@
/*
- Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -1159,6 +1159,8 @@ void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
{
if (ssl.GetError()) return;
+ if(ssl.getCrypto().get_certManager().sendBlankCert()) return;
+
CertificateVerify verify;
verify.Build(ssl);
RecordLayerHeader rlHeader;
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp
index e7dab13cc64..db960d307ff 100644
--- a/extra/yassl/src/yassl_imp.cpp
+++ b/extra/yassl/src/yassl_imp.cpp
@@ -1,5 +1,5 @@
/*
- Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -1199,22 +1199,38 @@ output_buffer& operator<<(output_buffer& output, const HandShakeBase& hs)
Certificate::Certificate(const x509* cert) : cert_(cert)
{
- set_length(cert_->get_length() + 2 * CERT_HEADER); // list and cert size
+ if (cert)
+ set_length(cert_->get_length() + 2 * CERT_HEADER); // list and cert size
+ else
+ set_length(CERT_HEADER); // total blank cert size, just list header
}
const opaque* Certificate::get_buffer() const
{
- return cert_->get_buffer();
+ if (cert_)
+ return cert_->get_buffer();
+
+ return NULL;
}
// output operator for Certificate
output_buffer& operator<<(output_buffer& output, const Certificate& cert)
{
- uint sz = cert.get_length() - 2 * CERT_HEADER;
+ uint sz = cert.get_length();
opaque tmp[CERT_HEADER];
+ if ((int)sz > CERT_HEADER)
+ sz -= 2 * CERT_HEADER; // actual cert, not including headers
+ else {
+ sz = 0; // blank cert case
+ c32to24(sz, tmp);
+ output.write(tmp, CERT_HEADER);
+
+ return output;
+ }
+
c32to24(sz + CERT_HEADER, tmp);
output.write(tmp, CERT_HEADER);
c32to24(sz, tmp);
@@ -1264,9 +1280,11 @@ void Certificate::Process(input_buffer& input, SSL& ssl)
ssl.SetError(YasslError(bad_input));
return;
}
- x509* myCert;
- cm.AddPeerCert(myCert = NEW_YS x509(cert_sz));
- input.read(myCert->use_buffer(), myCert->get_length());
+ if (cert_sz) {
+ x509* myCert;
+ cm.AddPeerCert(myCert = NEW_YS x509(cert_sz));
+ input.read(myCert->use_buffer(), myCert->get_length());
+ }
list_sz -= cert_sz + CERT_HEADER;
}
@@ -1969,9 +1987,9 @@ void CertificateRequest::Process(input_buffer&, SSL& ssl)
{
CertManager& cm = ssl.useCrypto().use_certManager();
- // make sure user provided cert and key before sending and using
- if (cm.get_cert() && cm.get_privateKey())
- cm.setSendVerify();
+ cm.setSendVerify();
+ if (cm.get_cert() == NULL || cm.get_privateKey() == NULL)
+ cm.setSendBlankCert(); // send blank cert, OpenSSL requires now
}
diff --git a/extra/yassl/taocrypt/test/test.cpp b/extra/yassl/taocrypt/test/test.cpp
index 0643b79e51b..a7d5cb3e8af 100644
--- a/extra/yassl/taocrypt/test/test.cpp
+++ b/extra/yassl/taocrypt/test/test.cpp
@@ -1,5 +1,5 @@
/*
- Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
+ Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -1165,12 +1165,12 @@ int rsa_test()
RSAES_Encryptor enc(priv);
byte message[] = "Everyone gets Friday off.";
const word32 len = (word32)strlen((char*)message);
- byte cipher[64];
+ byte cipher[512];
enc.Encrypt(message, len, cipher, rng);
RSAES_Decryptor dec(priv);
- byte plain[64];
- dec.Decrypt(cipher, sizeof(plain), plain, rng);
+ byte plain[512];
+ dec.Decrypt(cipher, priv.FixedCiphertextLength(), plain, rng);
if (memcmp(plain, message, len))
return -70;
@@ -1242,11 +1242,11 @@ int dh_test()
int dsa_test()
{
Source source;
- FileSource("../certs/dsa512.der", source);
+ FileSource("../certs/dsa1024.der", source);
if (source.size() == 0) {
- FileSource("../../certs/dsa512.der", source); // for testsuite
+ FileSource("../../certs/dsa1024.der", source); // for testsuite
if (source.size() == 0) {
- FileSource("../../../certs/dsa512.der", source); // win32 Debug dir
+ FileSource("../../../certs/dsa1024.der", source); // win32 Debug dir
if (source.size() == 0)
err_sys("where's your certs dir?", -89);
}
View Lorry Controller Status