starlight-apk/tiny_computer
1
0
Fork 0
mirror of https://github.com/Cateners/tiny_computer.git synced 2026-05-21 00:45:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update code to v1.0.14 (10)

Browse Source
This commit is contained in:
Caten
2024-02-29 19:35:00 +08:00
parent c2ee3b694c
commit a956d26f6d
3188 changed files with 2317293 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
android/extern/wolfssl/certs/ecc/bp256r1-key.der vendored Normal file
View File

Binary file not shown.

5
android/extern/wolfssl/certs/ecc/bp256r1-key.pem vendored Normal file
View File

@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHgCAQEEIHeA8CA7RibN9lOnDIlFqqkiDdDljIJONZlivNNdarxhoAsGCSskAwMC
CAEBB6FEA0IABKdz5H0fO5rsmAqwNIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK
3zamlt3tjZQ5cdiROFhZjcg3vaqvBa8tTcM=
-----END EC PRIVATE KEY-----

BIN
android/extern/wolfssl/certs/ecc/client-bp256r1-cert.der vendored Normal file
View File

Binary file not shown.

57
android/extern/wolfssl/certs/ecc/client-bp256r1-cert.pem vendored Normal file
View File

@@ -0,0 +1,57 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:c6:cf:ae:b4:f6:93:af:70:b4:35:16:c8:9b:c9:d8:40:6a:04:a6
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Dec 16 21:17:49 2022 GMT
Not After : Dec 13 21:17:49 2032 GMT
Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:a7:73:e4:7d:1f:3b:9a:ec:98:0a:b0:34:88:e1:
70:c9:3c:fc:18:51:1a:6f:34:40:87:72:64:d8:13:
d3:ca:db:33:91:94:db:f3:4a:df:36:a6:96:dd:ed:
8d:94:39:71:d8:91:38:58:59:8d:c8:37:bd:aa:af:
05:af:2d:4d:c3
ASN1 OID: brainpoolP256r1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Client, S/MIME
X509v3 Subject Key Identifier:
44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
X509v3 Authority Key Identifier:
keyid:44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:32:85:b0:73:61:43:4c:33:24:fe:08:c3:54:73:
d9:37:33:ec:39:67:2c:ee:c7:c0:ea:99:63:45:a2:a7:65:e4:
02:20:36:e3:0a:3b:74:ce:94:6b:8e:c0:02:a0:6e:da:27:fa:
13:a0:bb:21:00:f1:4b:ce:3e:86:11:93:da:95:10:8c
-----BEGIN CERTIFICATE-----
MIICyTCCAnCgAwIBAgIUV8bPrrT2k69wtDUWyJvJ2EBqBKYwCgYIKoZIzj0EAwIw
gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNM
STEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTMyMTIxMzIxMTc0OVowgZox
CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNMSTEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABKdz5H0fO5rsmAqw
NIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK3zamlt3tjZQ5cdiROFhZjcg3vaqv
Ba8tTcOjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0O
BBYEFERNa+IkfTMats6r5mDIn5bm2hpnMB8GA1UdIwQYMBaAFERNa+IkfTMats6r
5mDIn5bm2hpnMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
KwYBBQUHAwQwCgYIKoZIzj0EAwIDRwAwRAIgMoWwc2FDTDMk/gjDVHPZNzPsOWcs
7sfA6pljRaKnZeQCIDbjCjt0zpRrjsACoG7aJ/oToLshAPFLzj6GEZPalRCM
-----END CERTIFICATE-----

BIN
android/extern/wolfssl/certs/ecc/client-secp256k1-cert.der vendored Normal file
View File

Binary file not shown.

57
android/extern/wolfssl/certs/ecc/client-secp256k1-cert.pem vendored Normal file
View File

@@ -0,0 +1,57 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:9c:30:ec:ee:53:da:f2:24:a6:2c:bb:81:07:09:cb:30:e5:8e:94
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Dec 16 21:17:49 2022 GMT
Not After : Dec 13 21:17:49 2032 GMT
Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:b1:4d:01:8b:58:19:36:3b:ed:bb:89:5e:d1:86:
05:c6:6a:d4:88:44:fc:59:80:f6:16:32:9d:54:5d:
b8:af:c0:5c:24:0e:cc:ee:e8:65:45:44:7a:ee:43:
89:49:7c:eb:db:11:ac:23:ea:e5:17:6b:59:6d:78:
19:61:98:5f:47
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Client, S/MIME
X509v3 Subject Key Identifier:
55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
X509v3 Authority Key Identifier:
keyid:55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: ecdsa-with-SHA256
30:45:02:20:23:dc:b7:ce:8d:09:31:e4:52:0e:89:fb:3e:59:
92:8b:57:d7:7b:3f:6c:b8:61:fb:d7:eb:fc:87:cb:4f:b9:19:
02:21:00:ec:67:9b:5f:41:e1:47:af:3d:ac:d0:a6:b1:d0:24:
b0:a6:a0:b7:d6:2d:5b:a2:e3:c2:6e:c1:76:08:d3:69:87
-----BEGIN CERTIFICATE-----
MIICwjCCAmigAwIBAgIUApww7O5T2vIkpiy7gQcJyzDljpQwCgYIKoZIzj0EAwIw
gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1DTEkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGYMQsw
CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs
ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtQ0xJMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASxTQGLWBk2O+27iV7RhgXGatSI
RPxZgPYWMp1UXbivwFwkDszu6GVFRHruQ4lJfOvbEawj6uUXa1lteBlhmF9Ho4GQ
MIGNMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMB0GA1UdDgQWBBRVQ/DQ
0wSYDOt86oPTvfSBRjHRDzAfBgNVHSMEGDAWgBRVQ/DQ0wSYDOt86oPTvfSBRjHR
DzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME
MAoGCCqGSM49BAMCA0gAMEUCICPct86NCTHkUg6J+z5ZkotX13s/bLhh+9fr/IfL
T7kZAiEA7GebX0HhR689rNCmsdAksKagt9YtW6Ljwm7BdgjTaYc=
-----END CERTIFICATE-----

161
android/extern/wolfssl/certs/ecc/genecc.sh vendored Normal file
View File

@@ -0,0 +1,161 @@
#!/bin/bash
# run from wolfssl root
rm ./certs/ecc/*.old
rm ./certs/ecc/index.txt*
rm ./certs/ecc/serial
rm ./certs/ecc/crlnumber
touch ./certs/ecc/index.txt
echo 1000 > ./certs/ecc/serial
echo 2000 > ./certs/ecc/crlnumber
# generate ECC 256-bit CA
if [ -f ./certs/ca-ecc-key.pem ]; then
openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \
-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
else
openssl ecparam -out ./certs/ca-ecc-key.par -name prime256v1
openssl req -config ./certs/ecc/wolfssl.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc-key.par -keyout ./certs/ca-ecc-key.pem -out ./certs/ca-ecc-cert.pem -sha256 \
-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
fi
openssl x509 -in ./certs/ca-ecc-cert.pem -inform PEM -out ./certs/ca-ecc-cert.der -outform DER
openssl ec -in ./certs/ca-ecc-key.pem -inform PEM -out ./certs/ca-ecc-key.der -outform DER
rm ./certs/ca-ecc-key.par
# Gen CA CRL
openssl ca -batch -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./certs/crl/caEccCrl.pem -keyfile ./certs/ca-ecc-key.pem -cert ./certs/ca-ecc-cert.pem
# Generate ECC 256-bit server cert
openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pem -out ./certs/server-ecc-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/server-ecc-req.pem -CA ./certs/ca-ecc-cert.pem -CAkey ./certs/ca-ecc-key.pem -CAcreateserial -out ./certs/server-ecc.pem -sha256
# Sign server certificate
openssl ca -batch -config ./certs/ecc/wolfssl.cnf -extensions server_cert -days 3650 -notext -md sha256 -in ./certs/server-ecc-req.pem -out ./certs/server-ecc.pem
openssl x509 -in ./certs/server-ecc.pem -outform der -out ./certs/server-ecc.der
# Generate ECC 256-bit self-signed server cert
openssl x509 -req -in ./certs/server-ecc-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc-key.pem -text -out ./certs/server-ecc-self.pem
openssl x509 -inform pem -in ./certs/server-ecc-self.pem -outform der -out ./certs/server-ecc-self.der
rm ./certs/server-ecc-req.pem
# generate ECC 384-bit CA
if [ -f ./certs/ca-ecc384-key.pem ]; then
openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -key ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \
-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
else
openssl ecparam -out ./certs/ca-ecc384-key.par -name secp384r1
openssl req -config ./certs/ecc/wolfssl_384.cnf -extensions v3_ca -x509 -nodes -newkey ec:./certs/ca-ecc384-key.par -keyout ./certs/ca-ecc384-key.pem -out ./certs/ca-ecc384-cert.pem -sha384 \
-days 7300 -batch -subj "/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=www.wolfssl.com/emailAddress=info@wolfssl.com"
fi
openssl x509 -in ./certs/ca-ecc384-cert.pem -inform PEM -out ./certs/ca-ecc384-cert.der -outform DER
openssl ec -in ./certs/ca-ecc384-key.pem -inform PEM -out ./certs/ca-ecc384-key.der -outform DER
rm ./certs/ca-ecc384-key.par
# Gen CA CRL
openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out ./certs/crl/caEcc384Crl.pem -keyfile ./certs/ca-ecc384-key.pem -cert ./certs/ca-ecc384-cert.pem
# Generate ECC 384-bit server cert
if [ -f ./certs/server-ecc384-key.pem ]; then
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
else
openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
fi
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER
# Sign server certificate
openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions server_cert -days 10950 -notext -md sha384 -in ./certs/server-ecc384-req.pem -out ./certs/server-ecc384-cert.pem
openssl x509 -in ./certs/server-ecc384-cert.pem -outform der -out ./certs/server-ecc384-cert.der
rm ./certs/server-ecc384-req.pem
rm ./certs/server-ecc384-key.par
# Generate ECC 384-bit client cert
if [ -f ./certs/client-ecc384-key.pem ]; then
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
else
openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
fi
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER
# Sign client certificate
openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -extensions usr_cert -days 10950 -notext -md sha384 -in ./certs/client-ecc384-req.pem -out ./certs/client-ecc384-cert.pem
openssl x509 -in ./certs/client-ecc384-cert.pem -outform der -out ./certs/client-ecc384-cert.der
rm ./certs/client-ecc384-req.pem
rm ./certs/client-ecc384-key.par
# Generate ECC Kerberos Keys
if [ -f ./certs/ecc/secp256k1-key.pem ]; then
openssl ecparam -name secp256k1 -genkey -noout -out ./certs/ecc/secp256k1-key.pem
openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER
fi
# Create self-signed ECC Kerberos certificates
openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/server-secp256k1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc/secp256k1-key.pem -text -out ./certs/ecc/server-secp256k1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/server-secp256k1-cert.pem -outform der -out ./certs/ecc/server-secp256k1-cert.der
rm ./certs/ecc/server-secp256k1-req.pem
openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/client-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/client-secp256k1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions usr_cert -signkey ./certs/ecc/secp256k1-key.pem -text -out ./certs/ecc/client-secp256k1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/client-secp256k1-cert.pem -outform der -out ./certs/ecc/client-secp256k1-cert.der
rm ./certs/ecc/client-secp256k1-req.pem
# Generate ECC Brainpool Keys
if [ -f ./certs/ecc/bp256r1-key.pem ]; then
openssl ecparam -name brainpoolP256r1 -genkey -noout -out ./certs/ecc/bp256r1-key.pem
openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER
fi
# Create self-signed ECC Brainpool certificates
openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/server-bp256r1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc/bp256r1-key.pem -text -out ./certs/ecc/server-bp256r1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/server-bp256r1-cert.pem -outform der -out ./certs/ecc/server-bp256r1-cert.der
rm ./certs/ecc/server-bp256r1-req.pem
openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/client-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/client-bp256r1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions usr_cert -signkey ./certs/ecc/bp256r1-key.pem -text -out ./certs/ecc/client-bp256r1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/client-bp256r1-cert.pem -outform der -out ./certs/ecc/client-bp256r1-cert.der
rm ./certs/ecc/client-bp256r1-req.pem
# update bad certificate with last byte in signature changed
cp ./certs/server-ecc.der ./certs/test/server-cert-ecc-badsig.der
sed '$s/.$/W/' ./certs/test/server-cert-ecc-badsig.der >> ./certs/test/server-cert-ecc-badsig-altered.der
mv ./certs/test/server-cert-ecc-badsig-altered.der ./certs/test/server-cert-ecc-badsig.der
openssl x509 -inform der -in ./certs/test/server-cert-ecc-badsig.der -outform pem -out ./certs/test/server-cert-ecc-badsig.pem
rm ./certs/ecc/*.old
rm ./certs/ecc/index.txt*
rm ./certs/ecc/serial
rm ./certs/ecc/crlnumber
rm ./certs/ecc/index.txt
rm ./certs/1000.pem
rm ./certs/1001.pem
rm ./certs/1002.pem
rm ./certs/ca-ecc-cert.srl
exit 0

26
android/extern/wolfssl/certs/ecc/include.am vendored Normal file
View File

@@ -0,0 +1,26 @@
# vim:ft=automake
# All paths should be given relative to the root
#
EXTRA_DIST += \
certs/ecc/genecc.sh \
certs/ecc/wolfssl.cnf \
certs/ecc/wolfssl_384.cnf
# Koblitz Curves
EXTRA_DIST += \
certs/ecc/secp256k1-key.der \
certs/ecc/secp256k1-key.pem \
certs/ecc/client-secp256k1-cert.der \
certs/ecc/client-secp256k1-cert.pem \
certs/ecc/server-secp256k1-cert.der \
certs/ecc/server-secp256k1-cert.pem
# Brainpool Curves
EXTRA_DIST += \
certs/ecc/bp256r1-key.der \
certs/ecc/bp256r1-key.pem \
certs/ecc/client-bp256r1-cert.der \
certs/ecc/client-bp256r1-cert.pem \
certs/ecc/server-bp256r1-cert.der \
certs/ecc/server-bp256r1-cert.pem

BIN
android/extern/wolfssl/certs/ecc/secp256k1-key.der vendored Normal file
View File

Binary file not shown.

5
android/extern/wolfssl/certs/ecc/secp256k1-key.pem vendored Normal file
View File

@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHQCAQEEICTreBjyv+lbvmHMdmlhGIgC8YFT2d8aDeFXJY8gm6K0oAcGBSuBBAAK
oUQDQgAEsU0Bi1gZNjvtu4le0YYFxmrUiET8WYD2FjKdVF24r8BcJA7M7uhlRUR6
7kOJSXzr2xGsI+rlF2tZbXgZYZhfRw==
-----END EC PRIVATE KEY-----

BIN
android/extern/wolfssl/certs/ecc/server-bp256r1-cert.der vendored Normal file
View File

Binary file not shown.

63
android/extern/wolfssl/certs/ecc/server-bp256r1-cert.pem vendored Normal file
View File

@@ -0,0 +1,63 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:2c:3b:52:7f:63:95:4f:23:ff:51:44:ec:ae:27:ae:e5:e7:02:85
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Dec 16 21:17:49 2022 GMT
Not After : Dec 13 21:17:49 2032 GMT
Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:a7:73:e4:7d:1f:3b:9a:ec:98:0a:b0:34:88:e1:
70:c9:3c:fc:18:51:1a:6f:34:40:87:72:64:d8:13:
d3:ca:db:33:91:94:db:f3:4a:df:36:a6:96:dd:ed:
8d:94:39:71:d8:91:38:58:59:8d:c8:37:bd:aa:af:
05:af:2d:4d:c3
ASN1 OID: brainpoolP256r1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
X509v3 Authority Key Identifier:
keyid:44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:27:2C:3B:52:7F:63:95:4F:23:FF:51:44:EC:AE:27:AE:E5:E7:02:85
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:a1:4c:75:71:fd:dc:f1:ff:9d:45:32:50:c2:
04:84:c5:a8:af:55:a0:4c:b8:54:31:04:fb:ce:e3:00:07:28:
81:02:20:05:10:20:8e:17:94:78:05:f8:48:27:df:26:79:c2:
6e:18:b0:60:74:39:5c:1d:da:11:0b:62:54:f6:bf:e6:fa
-----BEGIN CERTIFICATE-----
MIIDfjCCAySgAwIBAgIUJyw7Un9jlU8j/1FE7K4nruXnAoUwCgYIKoZIzj0EAwIw
gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNS
VjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTMyMTIxMzIxMTc0OVowgZox
CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABKdz5H0fO5rsmAqw
NIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK3zamlt3tjZQ5cdiROFhZjcg3vaqv
Ba8tTcOjggFDMIIBPzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNV
HQ4EFgQURE1r4iR9Mxq2zqvmYMiflubaGmcwgdoGA1UdIwSB0jCBz4AURE1r4iR9
Mxq2zqvmYMiflubaGmehgaCkgZ0wgZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX
YXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcw
FQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQnLDtSf2OVTyP/UUTs
rieu5ecChTAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYI
KoZIzj0EAwIDSAAwRQIhAKFMdXH93PH/nUUyUMIEhMWor1WgTLhUMQT7zuMAByiB
AiAFECCOF5R4BfhIJ98mecJuGLBgdDlcHdoRC2JU9r/m+g==
-----END CERTIFICATE-----

BIN
android/extern/wolfssl/certs/ecc/server-secp256k1-cert.der vendored Normal file
View File

Binary file not shown.

63
android/extern/wolfssl/certs/ecc/server-secp256k1-cert.pem vendored Normal file
View File

@@ -0,0 +1,63 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:5e:bd:82:85:40:71:f7:15:53:aa:04:43:b0:ae:7d:e7:5e:70:f3
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
Not Before: Dec 16 21:17:49 2022 GMT
Not After : Dec 13 21:17:49 2032 GMT
Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:b1:4d:01:8b:58:19:36:3b:ed:bb:89:5e:d1:86:
05:c6:6a:d4:88:44:fc:59:80:f6:16:32:9d:54:5d:
b8:af:c0:5c:24:0e:cc:ee:e8:65:45:44:7a:ee:43:
89:49:7c:eb:db:11:ac:23:ea:e5:17:6b:59:6d:78:
19:61:98:5f:47
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
X509v3 Authority Key Identifier:
keyid:55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
serial:6F:5E:BD:82:85:40:71:F7:15:53:AA:04:43:B0:AE:7D:E7:5E:70:F3
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:e2:fb:1e:0b:92:fd:b1:10:4e:bd:dc:2c:5c:
d1:23:59:12:4c:b0:f3:5d:4a:fc:69:ad:b9:3b:c8:06:17:11:
63:02:20:5c:63:ab:3a:67:dc:2b:08:ca:39:9f:88:43:e7:82:
d0:9c:e7:05:4e:f2:b6:f2:ce:e0:8c:3d:b6:c6:8f:81:8a
-----BEGIN CERTIFICATE-----
MIIDdDCCAxqgAwIBAgIUb169goVAcfcVU6oEQ7CufedecPMwCgYIKoZIzj0EAwIw
gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1TUlYx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGYMQsw
CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs
ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtU1JWMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASxTQGLWBk2O+27iV7RhgXGatSI
RPxZgPYWMp1UXbivwFwkDszu6GVFRHruQ4lJfOvbEawj6uUXa1lteBlhmF9Ho4IB
QTCCAT0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwHQYDVR0OBBYEFFVD
8NDTBJgM63zqg9O99IFGMdEPMIHYBgNVHSMEgdAwgc2AFFVD8NDTBJgM63zqg9O9
9IFGMdEPoYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3Rv
bjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwM
RUNDMjU2SzEtU1JWMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFG9evYKFQHH3FVOqBEOwrn3nXnDzMA4G
A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNI
ADBFAiEA4vseC5L9sRBOvdwsXNEjWRJMsPNdSvxprbk7yAYXEWMCIFxjqzpn3CsI
yjmfiEPngtCc5wVO8rbyzuCMPbbGj4GK
-----END CERTIFICATE-----

110
android/extern/wolfssl/certs/ecc/wolfssl.cnf vendored Normal file
View File

@@ -0,0 +1,110 @@
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations relevant to where the script is executing
dir = .
certs = $dir/certs
new_certs_dir = $dir/certs
database = $dir/certs/ecc/index.txt
serial = $dir/certs/ecc/serial
# This should come from the system disregard local pathing
RANDFILE = $dir/private/.rand
# The root key and root certificate.
private_key = $dir/certs/ca-ecc-key.pem
certificate = $dir/certs/ca-ecc-cert.pem
# For certificate revocation lists.
crlnumber = $dir/certs/ecc/crlnumber
crl_extensions = crl_ext
default_crl_days = 1000
# SHA-1 is deprecated, so use SHA-2 instead.
default_md = sha256
name_opt = ca_default
cert_opt = ca_default
default_days = 3650
preserve = no
policy = policy_loose
[ policy_strict ]
# The root CA should only sign intermediate certificates that match.
# See the POLICY FORMAT section of `man ca`.
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ policy_loose ]
# Allow the intermediate CA to sign a more diverse range of certificates.
# See the POLICY FORMAT section of the `ca` man page.
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
# Options for the `req` tool (`man req`).
default_bits = 2048
distinguished_name = req_distinguished_name
string_mask = utf8only
# SHA-1 is deprecated, so use SHA-2 instead.
default_md = sha256
# Extension to add when the -x509 option is used.
x509_extensions = v3_ca
[ req_distinguished_name ]
countryName = US
stateOrProvinceName = Washington
localityName = Seattle
0.organizationName = wolfSSL
organizationalUnitName = Development
commonName = www.wolfssl.com
emailAddress = info@wolfssl.com
[ v3_ca ]
# Extensions for a typical CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ v3_intermediate_ca ]
# Extensions for a typical intermediate CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true, pathlen:0
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ usr_cert ]
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = client, email
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, emailProtection
[ server_cert ]
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = server
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = serverAuth
[ crl_ext ]
# Extension for CRLs (`man x509v3_config`).
authorityKeyIdentifier=keyid:always

110
android/extern/wolfssl/certs/ecc/wolfssl_384.cnf vendored Normal file
View File

@@ -0,0 +1,110 @@
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations relevant to where the script is executing
dir = .
certs = $dir/certs
new_certs_dir = $dir/certs
database = $dir/certs/ecc/index.txt
serial = $dir/certs/ecc/serial
# This should come from the system disregard local pathing
RANDFILE = $dir/private/.rand
# The root key and root certificate.
private_key = $dir/certs/ca-ecc384-key.pem
certificate = $dir/certs/ca-ecc384-cert.pem
# For certificate revocation lists.
crlnumber = $dir/certs/ecc/crlnumber
crl_extensions = crl_ext
default_crl_days = 1000
# SHA-384 is default
default_md = sha384
name_opt = ca_default
cert_opt = ca_default
default_days = 3650
preserve = no
policy = policy_loose
[ policy_strict ]
# The root CA should only sign intermediate certificates that match.
# See the POLICY FORMAT section of `man ca`.
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ policy_loose ]
# Allow the intermediate CA to sign a more diverse range of certificates.
# See the POLICY FORMAT section of the `ca` man page.
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[ req ]
# Options for the `req` tool (`man req`).
default_bits = 2048
distinguished_name = req_distinguished_name
string_mask = utf8only
# SHA-384 is default
default_md = sha384
# Extension to add when the -x509 option is used.
x509_extensions = v3_ca
[ req_distinguished_name ]
countryName = US
stateOrProvinceName = Washington
localityName = Seattle
0.organizationName = wolfSSL
organizationalUnitName = Development
commonName = www.wolfssl.com
emailAddress = info@wolfssl.com
[ v3_ca ]
# Extensions for a typical CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ v3_intermediate_ca ]
# Extensions for a typical intermediate CA (`man x509v3_config`).
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical, CA:true, pathlen:0
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
[ usr_cert ]
# Extensions for client certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = client, email
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = clientAuth, emailProtection
[ server_cert ]
# Extensions for server certificates (`man x509v3_config`).
basicConstraints = CA:FALSE
nsCertType = server
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer:always
keyUsage = critical, digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage = serverAuth
[ crl_ext ]
# Extension for CRLs (`man x509v3_config`).
authorityKeyIdentifier=keyid:always