- use SHA-256 instead of SHA-1 for "server5-rsa-signed.crt". This change is
not applied to "server11.crt" because the goal there is to have as many
features as possible which are _not_ part of suite-b (and SHA-1 is not
part of it).
- move start/end dates forward so that certificates are valid for the
next 10 years.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is almost identical to "server5-rsa-signed.crt" in the sense that it
includes an EC public key and it's signed with an RSA one.
The main difference compared to "server5-rsa-signed.crt" is that in this
case we're using a secp256k1 key, instead the companion one uses a
secp256r1. The important thing here is that the "k1" type does not belong
to "suite-b", while "r1" does.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This is basically identical to "server3.crt", i.e. it contains an EC public
key and it's signed by a RSA one. The difference is that in this case
we're using a secp256r1 EC key, instead of the secp192r1 that was used
in "server3.crt".
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
- there was already a SEC1 formatted EC file for secp256r1 so
ec_256_prv.sec1.der was useless;
- all other ec_256_[pub|priv] files should be generated starting from
ec_256_prv.pem
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Valerio Setti