From 3a682feb7515c636329f62b0c3465da6ce0d5b8e Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 Dec 2025 10:38:35 +0100 Subject: [PATCH] data_files: update dates and MD alg in server[5|11]-rsa-signed.crt - use SHA-256 instead of SHA-1 for "server5-rsa-signed.crt". This change is not applied to "server11.crt" because the goal there is to have as many features as possible which are _not_ part of suite-b (and SHA-1 is not part of it). - move start/end dates forward so that certificates are valid for the next 10 years. Signed-off-by: Valerio Setti --- data_files/Makefile | 6 +++--- data_files/parse_input/server5-rsa-signed.crt | 16 ++++++++-------- data_files/server11-rsa-signed.crt | 14 +++++++------- data_files/server5-rsa-signed.crt | 16 ++++++++-------- 4 files changed, 26 insertions(+), 26 deletions(-) diff --git a/data_files/Makefile b/data_files/Makefile index 14799fc39..71277b9d8 100644 --- a/data_files/Makefile +++ b/data_files/Makefile @@ -476,8 +476,8 @@ all_final += server5-selfsigned.crt parse_input/server5-rsa-signed.crt server5-rsa-signed.crt: server5.key $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \ issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ - not_before=20190210144406 not_after=20290210144406 \ - md=SHA1 version=3 output_file=$@ + not_before=20251201101530 not_after=20351201101530 \ + md=SHA256 version=3 output_file=$@ all_final += server5-rsa-signed.crt parse_input/server5-othername.crt.der: server5.key @@ -644,7 +644,7 @@ all_final += server10_int3_spurious_int-ca2.crt server11-rsa-signed.crt: server11.key $(MBEDTLS_CERT_WRITE) subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=13 \ issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \ - not_before=20190210144406 not_after=20290210144406 \ + not_before=20251201101530 not_after=20351201101530 \ md=SHA1 version=3 output_file=$@ all_final += server11-rsa-signed.crt diff --git a/data_files/parse_input/server5-rsa-signed.crt b/data_files/parse_input/server5-rsa-signed.crt index 259311072..f04c4326e 100644 --- a/data_files/parse_input/server5-rsa-signed.crt +++ b/data_files/parse_input/server5-rsa-signed.crt @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICbDCCAVSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIICbDCCAVSgAwIBAgIBDTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +MjUxMjAxMTAxNTMwWhcNMzUxMjAxMTAxNTMwWjA0MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jTTBLMAkGA1UdEwQCMAAwHQYD VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFLRa5KWz3tJS -9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQB+zsQEaDKqrSH0dhpwxOy7 -P5VY4D8ka3Fm4lpjQGMG4bV7XYMmw4epP7ULXnbpka2GUOa8hHS51koZrEwp2XgO -RG90sWFnxa3bQ1JwZVWMvhQsNLKm8TV/uPrHhHdMDXw0wTwp3e+MwZnrq/KY+rsQ -J37e86Z+xcgaibkxh0JtCsfvZEieNS2wS1bnZ1n4SsglJuEcNJvXmhWIEYeDkYbB -6y3MAECU2ZkZJBdROcanUz3F4AuIH7dNTqhlMAPQkdC1SD/sMgE2G3aIowKc0ntV -UykhWs7kIU96PnApXgu5zLypkZnKMPvmrpDc5o1ddfBdD1aNSNtsIL699AczJgM6 +9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IBAQBFbdhHbGhpR2TXjHDMqRTx +epceYFPm0bL8h/gWUMsZ196DgrInm4u42txiWX6Ckekv/yeEOUEx90faACLmGGfk +1QwWWVGShgUcl5d6DljtgTTx6jHiH3tHbcG8Rmmfmh+DKZ/4wjQ80FgbW7gEUyis +xizhFI8+gYH6aT4fdYicyIzysul/0FF3c9nzn+Mt+VRzaPIAYgIujkQAiJO4/QB8 +2wuET09K9uWeHseXbjQ8O7yPnIpimX7G3TrUwBKb0QEE9IoDTbHjnxM0nxWkPSht +wCZFuTfCcnjBi5ps+KJE2iJeK4D5zjS42VX08/ysFViejtY4vUMz3SXrulGg7NKE -----END CERTIFICATE----- diff --git a/data_files/server11-rsa-signed.crt b/data_files/server11-rsa-signed.crt index 544e386ba..4c657356f 100644 --- a/data_files/server11-rsa-signed.crt +++ b/data_files/server11-rsa-signed.crt @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE----- MIICaTCCAVGgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +MjUxMjAxMTAxNTMwWhcNMzUxMjAxMTAxNTMwWjA0MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBWMBAGByqGSM49AgEG BSuBBAAKA0IABITn/L3s9+4MXRDenn1V/4T4B0igjlPW52BKcl5ZNS5jMqDOOUjl zXShWMqz2Izhsa29cxsTOZN8eT4p8BedD6ujTTBLMAkGA1UdEwQCMAAwHQYDVR0O BBYEFE8fs/ywDn6xlnYK1tDkG/lCZ0ZmMB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnV -ppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQAyVbsxPW8wUqo23j0KinXKJIFJ -KakGvPiQsl7cV+go9W2kJSlUKBtaUcdZQpQsm3FLnDMhz9j1VBSic46/msH2I7Cv -eUrPlmP9Y1spYCuUo3c/tOyAPhgwVFdNWuYTwPRD+D2yugQMhnggoemaYzu+Mw0z -FTbY/kXSsW47n8qbHbE5kvo40lGFSPmcbvJDMGwfw1o2adQm43Zce4uxL4WbC6Y6 -8FvkMmyFBRVRKnt1ViIyaeEjlgCVxhfUZO8kvy9So86m2xZtQTuEFHN/Cn7xdRLG -GILYv5GAbYXNcrzfpz9UyU9VUGLKJIHpmrmKBUl8GsV0z9bSIApiE+wDq+F7 +ppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQAC/yhdzzdYHCSmvg+Hp9UjWR4l +7g2g+AjeecH3zPNwzXXoFTMQh9oVNlwJf0Kohit24GTfkOu9jgDFm2Os5HQudLJj +QBxdN5D/hCa7ZMT5ing8CFYPoMovlJBqFwtVVVNs+zTGwnij3el+96fTm/qXg2+L +DjulIeKmxylY8RZxbEZfOpaC/krWvYlVrX2OWE0/FsTFJQDYLIJF1mJi90+lbIKN +vn68o5WLRahn9Om20AE3ZLshBsMtprkXo7IR/P8bPzGaaC/WZ13A7rI6ZSsRGKKr +sWZ0fOLEXylcbzaEhkNEPcKUQTFs9JzcvS5Z0sP8bB8nAtQgRzwFhW9rqFyc -----END CERTIFICATE----- diff --git a/data_files/server5-rsa-signed.crt b/data_files/server5-rsa-signed.crt index 259311072..f04c4326e 100644 --- a/data_files/server5-rsa-signed.crt +++ b/data_files/server5-rsa-signed.crt @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE----- -MIICbDCCAVSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER +MIICbDCCAVSgAwIBAgIBDTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN -MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G +MjUxMjAxMTAxNTMwWhcNMzUxMjAxMTAxNTMwWjA0MQswCQYDVQQGEwJOTDERMA8G A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA 2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jTTBLMAkGA1UdEwQCMAAwHQYD VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFLRa5KWz3tJS -9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBBQUAA4IBAQB+zsQEaDKqrSH0dhpwxOy7 -P5VY4D8ka3Fm4lpjQGMG4bV7XYMmw4epP7ULXnbpka2GUOa8hHS51koZrEwp2XgO -RG90sWFnxa3bQ1JwZVWMvhQsNLKm8TV/uPrHhHdMDXw0wTwp3e+MwZnrq/KY+rsQ -J37e86Z+xcgaibkxh0JtCsfvZEieNS2wS1bnZ1n4SsglJuEcNJvXmhWIEYeDkYbB -6y3MAECU2ZkZJBdROcanUz3F4AuIH7dNTqhlMAPQkdC1SD/sMgE2G3aIowKc0ntV -UykhWs7kIU96PnApXgu5zLypkZnKMPvmrpDc5o1ddfBdD1aNSNtsIL699AczJgM6 +9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IBAQBFbdhHbGhpR2TXjHDMqRTx +epceYFPm0bL8h/gWUMsZ196DgrInm4u42txiWX6Ckekv/yeEOUEx90faACLmGGfk +1QwWWVGShgUcl5d6DljtgTTx6jHiH3tHbcG8Rmmfmh+DKZ/4wjQ80FgbW7gEUyis +xizhFI8+gYH6aT4fdYicyIzysul/0FF3c9nzn+Mt+VRzaPIAYgIujkQAiJO4/QB8 +2wuET09K9uWeHseXbjQ8O7yPnIpimX7G3TrUwBKb0QEE9IoDTbHjnxM0nxWkPSht +wCZFuTfCcnjBi5ps+KJE2iJeK4D5zjS42VX08/ysFViejtY4vUMz3SXrulGg7NKE -----END CERTIFICATE-----