diff options
Diffstat (limited to 'tests/auto/network/ssl/qsslcertificate')
13 files changed, 224 insertions, 514 deletions
diff --git a/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt b/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt index caeac8d68a..6f81a5e030 100644 --- a/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt +++ b/tests/auto/network/ssl/qsslcertificate/CMakeLists.txt @@ -1,15 +1,20 @@ -# Generated from qsslcertificate.pro. +# Copyright (C) 2022 The Qt Company Ltd. +# SPDX-License-Identifier: BSD-3-Clause ##################################################################### ## tst_qsslcertificate Test: ##################################################################### -# special case begin +if(NOT QT_BUILD_STANDALONE_TESTS AND NOT QT_BUILDING_QT) + cmake_minimum_required(VERSION 3.16) + project(tst_qsslcertificate LANGUAGES CXX) + find_package(Qt6BuildInternals REQUIRED COMPONENTS STANDALONE_TEST) +endif() + # This test requires private tests to properly build if (NOT QT_FEATURE_private_tests) return() endif() -# special case end # Collect test data file(GLOB_RECURSE test_data_glob @@ -32,7 +37,8 @@ list(APPEND test_data ${test_data_glob}) qt_internal_add_test(tst_qsslcertificate SOURCES tst_qsslcertificate.cpp - PUBLIC_LIBRARIES + LIBRARIES Qt::Network TESTDATA ${test_data} + BUNDLE_ANDROID_OPENSSL_LIBS ) diff --git a/tests/auto/network/ssl/qsslcertificate/certificates/gencertificates.sh b/tests/auto/network/ssl/qsslcertificate/certificates/gencertificates.sh index 4d68549396..cdc1019dcb 100755 --- a/tests/auto/network/ssl/qsslcertificate/certificates/gencertificates.sh +++ b/tests/auto/network/ssl/qsslcertificate/certificates/gencertificates.sh @@ -1,31 +1,6 @@ #!/bin/sh -############################################################################# -## -## Copyright (C) 2016 The Qt Company Ltd. -## Contact: https://www.qt.io/licensing/ -## -## This file is the build configuration utility of the Qt Toolkit. -## -## $QT_BEGIN_LICENSE:GPL-EXCEPT$ -## Commercial License Usage -## Licensees holding valid commercial Qt licenses may use this file in -## accordance with the commercial license agreement provided with the -## Software or, alternatively, in accordance with the terms contained in -## a written agreement between you and The Qt Company. For licensing terms -## and conditions see https://www.qt.io/terms-conditions. For further -## information use the contact form at https://www.qt.io/contact-us. -## -## GNU General Public License Usage -## Alternatively, this file may be used under the terms of the GNU -## General Public License version 3 as published by the Free Software -## Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT -## included in the packaging of this file. Please review the following -## information to ensure the GNU General Public License requirements will -## be met: https://www.gnu.org/licenses/gpl-3.0.html. -## -## $QT_END_LICENSE$ -## -############################################################################# +# Copyright (C) 2016 The Qt Company Ltd. +# SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only WITH Qt-GPL-exception-1.0 # This script generates digital certificates of different types. diff --git a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.0.9.8 b/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.0.9.8 deleted file mode 100644 index 20500b221f..0000000000 --- a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.0.9.8 +++ /dev/null @@ -1,42 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - ce:db:31:28:45:c4:05:40 - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd - Validity - Not Before: Aug 4 09:53:41 2010 GMT - Not After : Aug 29 09:53:41 2051 GMT - Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:cd:aa:db:6f:d6:34:c9:a7:f1:c0:be:e4:41:18: - 19:e2:02:c9:22:e6:a7:d5:ba:03:2e:9e:28:7a:f4: - 5f:1a:77:5f:77:a9:11:3b:8f:7e:f0:2e:c6:9e:eb: - 3a:d9:12:d7:c1:0c:51:e8:24:52:3f:23:c3:42:0c: - 11:c6:f2:1c:a1:42:fe:b4:c2:69:83:ad:f7:70:b1: - 18:15:cc:20:28:62:30:f0:2c:15:e6:33:19:af:c3: - eb:1c:c0:91:f7:11:68:94:50:f8:49:37:08:32:d7: - 3e:75:df:a3:bc:69:00:15:de:cd:87:0f:5c:02:6b: - 82:c8:01:7d:6a:f0:1d:dc:73 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - X509v3 Authority Key Identifier: - keyid:8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - a1:74:8e:5d:36:96:2c:05:7e:ea:66:cc:2e:68:c7:3d:93:dc: - 8c:a3:11:ad:b5:7e:6e:d0:04:c4:09:bd:0a:f9:39:3b:97:d7: - f0:bb:0c:09:7b:83:fe:bf:87:b0:47:e8:94:b7:aa:9c:79:ad: - 71:9e:b7:c4:99:98:6f:1d:38:32:f8:a3:75:38:c4:e5:e7:37: - 37:21:ec:7b:50:8b:15:b0:97:1e:17:9c:50:17:3c:c1:df:94: - 55:fb:60:2e:50:40:d1:ea:23:c6:3c:21:6f:97:8c:06:16:a5: - 82:72:c1:63:14:64:86:eb:d7:ff:72:f6:09:f5:6d:e6:04:13: - 7a:6a diff --git a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.1 b/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.1 deleted file mode 100644 index 1a7d945b76..0000000000 --- a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.1 +++ /dev/null @@ -1,42 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - ce:db:31:28:45:c4:05:40 - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd - Validity - Not Before: Aug 4 09:53:41 2010 GMT - Not After : Aug 29 09:53:41 2051 GMT - Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:cd:aa:db:6f:d6:34:c9:a7:f1:c0:be:e4:41:18: - 19:e2:02:c9:22:e6:a7:d5:ba:03:2e:9e:28:7a:f4: - 5f:1a:77:5f:77:a9:11:3b:8f:7e:f0:2e:c6:9e:eb: - 3a:d9:12:d7:c1:0c:51:e8:24:52:3f:23:c3:42:0c: - 11:c6:f2:1c:a1:42:fe:b4:c2:69:83:ad:f7:70:b1: - 18:15:cc:20:28:62:30:f0:2c:15:e6:33:19:af:c3: - eb:1c:c0:91:f7:11:68:94:50:f8:49:37:08:32:d7: - 3e:75:df:a3:bc:69:00:15:de:cd:87:0f:5c:02:6b: - 82:c8:01:7d:6a:f0:1d:dc:73 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - X509v3 Authority Key Identifier: - keyid:8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - a1:74:8e:5d:36:96:2c:05:7e:ea:66:cc:2e:68:c7:3d:93:dc: - 8c:a3:11:ad:b5:7e:6e:d0:04:c4:09:bd:0a:f9:39:3b:97:d7: - f0:bb:0c:09:7b:83:fe:bf:87:b0:47:e8:94:b7:aa:9c:79:ad: - 71:9e:b7:c4:99:98:6f:1d:38:32:f8:a3:75:38:c4:e5:e7:37: - 37:21:ec:7b:50:8b:15:b0:97:1e:17:9c:50:17:3c:c1:df:94: - 55:fb:60:2e:50:40:d1:ea:23:c6:3c:21:6f:97:8c:06:16:a5: - 82:72:c1:63:14:64:86:eb:d7:ff:72:f6:09:f5:6d:e6:04:13: - 7a:6a diff --git a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.1c b/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.1c deleted file mode 100644 index a45ed864f4..0000000000 --- a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.1c +++ /dev/null @@ -1,41 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 14905561440751715648 (0xcedb312845c40540) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd - Validity - Not Before: Aug 4 09:53:41 2010 GMT - Not After : Aug 29 09:53:41 2051 GMT - Subject: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:cd:aa:db:6f:d6:34:c9:a7:f1:c0:be:e4:41:18: - 19:e2:02:c9:22:e6:a7:d5:ba:03:2e:9e:28:7a:f4: - 5f:1a:77:5f:77:a9:11:3b:8f:7e:f0:2e:c6:9e:eb: - 3a:d9:12:d7:c1:0c:51:e8:24:52:3f:23:c3:42:0c: - 11:c6:f2:1c:a1:42:fe:b4:c2:69:83:ad:f7:70:b1: - 18:15:cc:20:28:62:30:f0:2c:15:e6:33:19:af:c3: - eb:1c:c0:91:f7:11:68:94:50:f8:49:37:08:32:d7: - 3e:75:df:a3:bc:69:00:15:de:cd:87:0f:5c:02:6b: - 82:c8:01:7d:6a:f0:1d:dc:73 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - X509v3 Authority Key Identifier: - keyid:8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - a1:74:8e:5d:36:96:2c:05:7e:ea:66:cc:2e:68:c7:3d:93:dc: - 8c:a3:11:ad:b5:7e:6e:d0:04:c4:09:bd:0a:f9:39:3b:97:d7: - f0:bb:0c:09:7b:83:fe:bf:87:b0:47:e8:94:b7:aa:9c:79:ad: - 71:9e:b7:c4:99:98:6f:1d:38:32:f8:a3:75:38:c4:e5:e7:37: - 37:21:ec:7b:50:8b:15:b0:97:1e:17:9c:50:17:3c:c1:df:94: - 55:fb:60:2e:50:40:d1:ea:23:c6:3c:21:6f:97:8c:06:16:a5: - 82:72:c1:63:14:64:86:eb:d7:ff:72:f6:09:f5:6d:e6:04:13: - 7a:6a diff --git a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.0 b/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.3.0.5 index b2ccb2751e..a2cf759c10 100644 --- a/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.1.0.0 +++ b/tests/auto/network/ssl/qsslcertificate/more-certificates/cert-large-expiration-date.txt.3.0.5 @@ -27,11 +27,11 @@ Certificate: X509v3 Subject Key Identifier: 8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 X509v3 Authority Key Identifier: - keyid:8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 - + 8A:6E:19:E7:97:9B:8F:D9:7F:B3:BB:01:4F:E8:6A:2F:52:95:0D:D9 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption + Signature Value: a1:74:8e:5d:36:96:2c:05:7e:ea:66:cc:2e:68:c7:3d:93:dc: 8c:a3:11:ad:b5:7e:6e:d0:04:c4:09:bd:0a:f9:39:3b:97:d7: f0:bb:0c:09:7b:83:fe:bf:87:b0:47:e8:94:b7:aa:9c:79:ad: diff --git a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp index 1213e99b58..b51053effd 100644 --- a/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp +++ b/tests/auto/network/ssl/qsslcertificate/tst_qsslcertificate.cpp @@ -1,43 +1,22 @@ -/**************************************************************************** -** -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the test suite of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:GPL-EXCEPT$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 3 as published by the Free Software -** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - +// Copyright (C) 2016 The Qt Company Ltd. +// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only #include <QTest> #include <QtNetwork/qtnetworkglobal.h> +#include <QtCore/qdatetime.h> +#include <QtCore/qtimezone.h> +#include <QtCore/qscopeguard.h> +#include <QtCore/qset.h> + #include <qsslcertificate.h> #include <qsslkey.h> #include <qsslsocket.h> #include <qsslcertificateextension.h> -#include <qscopeguard.h> #ifndef QT_NO_OPENSSL +#include <openssl/opensslv.h> #include <openssl/obj_mac.h> #endif @@ -123,7 +102,31 @@ private slots: #endif // QT_CONFIG(ssl) private: QString testDataDir; - bool isNonOpenSslTls = false; + + enum class TLSBackend { + OpenSSL, + Schannel, + SecureTransport, + CertOnly, + Unknown, + }; + static TLSBackend currentBackend() + { + static TLSBackend activeBackend = []() { + using namespace Qt::StringLiterals; + const QString active = QSslSocket::activeBackend(); + if (active == "openssl"_L1) + return TLSBackend::OpenSSL; + if (active == "schannel") + return TLSBackend::Schannel; + if (active == "securetransport") + return TLSBackend::SecureTransport; + if (active == "cert-only") + return TLSBackend::CertOnly; + return TLSBackend::Unknown; + }(); + return activeBackend; + } }; void tst_QSslCertificate::initTestCase() @@ -133,22 +136,15 @@ void tst_QSslCertificate::initTestCase() testDataDir = QCoreApplication::applicationDirPath(); if (!testDataDir.endsWith(QLatin1String("/"))) testDataDir += QLatin1String("/"); -#if QT_CONFIG(opensslv11) - // In the presence of 'openssl' backend, QSslSocket will - // select 'openssl' as the default one. - isNonOpenSslTls = QSslSocket::activeBackend() != QStringLiteral("openssl"); -#else - isNonOpenSslTls = true; -#endif // QT_CONFIG(ssl) QDir dir(testDataDir + "certificates"); - QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); + const QFileInfoList fileInfoList = dir.entryInfoList(QDir::Files | QDir::Readable); QRegularExpression rxCert(QLatin1String("^.+\\.(pem|der)$")); QRegularExpression rxSan(QLatin1String("^(.+\\.(?:pem|der))\\.san$")); QRegularExpression rxPubKey(QLatin1String("^(.+\\.(?:pem|der))\\.pubkey$")); QRegularExpression rxDigest(QLatin1String("^(.+\\.(?:pem|der))\\.digest-(md5|sha1)$")); QRegularExpressionMatch match; - foreach (QFileInfo fileInfo, fileInfoList) { + for (const QFileInfo &fileInfo : fileInfoList) { if ((match = rxCert.match(fileInfo.fileName())).hasMatch()) certInfoList << CertInfo(fileInfo, @@ -180,7 +176,7 @@ static QByteArray readFile(const QString &absFilePath) { QFile file(absFilePath); if (!file.open(QIODevice::ReadOnly)) { - QWARN("failed to open file"); + qWarning("failed to open file"); return QByteArray(); } return file.readAll(); @@ -211,7 +207,7 @@ void tst_QSslCertificate::createTestRows() { QTest::addColumn<QString>("absFilePath"); QTest::addColumn<QSsl::EncodingFormat>("format"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QTest::newRow(certInfo.fileInfo.fileName().toLatin1()) << certInfo.fileInfo.absoluteFilePath() << certInfo.format; } @@ -342,7 +338,7 @@ void tst_QSslCertificate::digest_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("absFilePath_digest_md5"); QTest::addColumn<QString>("absFilePath_digest_sha1"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); QTest::newRow(certName.toLatin1()) << certInfo.fileInfo.absoluteFilePath() @@ -395,7 +391,7 @@ void tst_QSslCertificate::subjectAlternativeNames_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("subjAltNameFilePath"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); if (subjAltNameMap.contains(certName)) QTest::newRow(certName.toLatin1()) @@ -477,7 +473,7 @@ void tst_QSslCertificate::subjectInfoToString() QVERIFY(testInfo(QSslCertificate::DistinguishedNameQualifier, QString())); QVERIFY(testInfo(QSslCertificate::SerialNumber, QString())); // TODO: check why generic code does not handle this! - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) QVERIFY(testInfo(QSslCertificate::EmailAddress, QStringLiteral("ababic@trolltech.com"))); } @@ -489,9 +485,8 @@ void tst_QSslCertificate::subjectIssuerDisplayName_data() QTest::addRow("CommonName") << QStringLiteral("more-certificates/cert-cn.pem") << QStringLiteral("YOUR name"); QTest::addRow("OrganizationName") << QStringLiteral("more-certificates/cert-on.pem") << QStringLiteral("R&D"); QTest::addRow("OrganizationUnitName") << QStringLiteral("more-certificates/cert-oun.pem") << QStringLiteral("Foundations"); -#ifndef QT_NO_OPENSSL - QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); -#endif + if (currentBackend() == TLSBackend::OpenSSL) + QTest::addRow("NoSubjectName") << QStringLiteral("more-certificates/cert-noname.pem") << QString(); } void tst_QSslCertificate::subjectIssuerDisplayName() @@ -521,7 +516,7 @@ void tst_QSslCertificate::utf8SubjectNames() static const char *ou = "\xe3\x88\xa7" "A" "\xe3\x89\x81\xef\xbd\xab" "BC"; // the following two tests should help find "\x"-literal encoding bugs in the test itself - QCOMPARE(cert.subjectInfo("O")[0].length(), QString::fromUtf8(o).length()); + QCOMPARE(cert.subjectInfo("O")[0].size(), QString::fromUtf8(o).size()); QCOMPARE (cert.subjectInfo("O")[0].toUtf8().toHex(), QByteArray(o).toHex()); QCOMPARE(cert.subjectInfo("O")[0], QString::fromUtf8(o)); @@ -534,7 +529,7 @@ void tst_QSslCertificate::publicKey_data() QTest::addColumn<QSsl::EncodingFormat>("format"); QTest::addColumn<QString>("pubkeyFilePath"); - foreach (CertInfo certInfo, certInfoList) { + for (const CertInfo &certInfo : std::as_const(certInfoList)) { QString certName = certInfo.fileInfo.fileName(); if (pubkeyMap.contains(certName)) QTest::newRow(certName.toLatin1()) @@ -836,8 +831,10 @@ void tst_QSslCertificate::certInfo() QCOMPARE(cert.digest(QCryptographicHash::Sha1), QByteArray::fromHex("B6:D1:51:82:E0:29:CA:59:96:38:BD:B6:F9:40:05:91:6D:49:09:60")); - QCOMPARE(cert.effectiveDate().toUTC(), QDateTime(QDate(2007, 4, 17), QTime(7,40,26), Qt::UTC)); - QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2007, 5, 17), QTime(7,40,26), Qt::UTC)); + QCOMPARE(cert.effectiveDate().toUTC(), + QDateTime(QDate(2007, 4, 17), QTime(7,40,26), QTimeZone::UTC)); + QCOMPARE(cert.expiryDate().toUTC(), + QDateTime(QDate(2007, 5, 17), QTime(7,40,26), QTimeZone::UTC)); QVERIFY(cert.expiryDate() < QDateTime::currentDateTime()); // cert has expired QSslCertificate copy = cert; @@ -899,7 +896,7 @@ void tst_QSslCertificate::task256066toPem() void tst_QSslCertificate::nulInCN() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -919,7 +916,7 @@ void tst_QSslCertificate::nulInCN() void tst_QSslCertificate::nulInSan() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("Generic QSslCertificatePrivate fails this test"); QList<QSslCertificate> certList = @@ -961,16 +958,18 @@ void tst_QSslCertificate::largeExpirationDate() // QTBUG-12489 const QSslCertificate &cert = certList.at(0); QVERIFY(!cert.isNull()); - QCOMPARE(cert.effectiveDate().toUTC(), QDateTime(QDate(2010, 8, 4), QTime(9, 53, 41), Qt::UTC)); + QCOMPARE(cert.effectiveDate().toUTC(), + QDateTime(QDate(2010, 8, 4), QTime(9, 53, 41), QTimeZone::UTC)); // if the date is larger than 2049, then the generalized time format is used - QCOMPARE(cert.expiryDate().toUTC(), QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), Qt::UTC)); + QCOMPARE(cert.expiryDate().toUTC(), + QDateTime(QDate(2051, 8, 29), QTime(9, 53, 41), QTimeZone::UTC)); } void tst_QSslCertificate::blacklistedCertificates() { QList<QSslCertificate> blacklistedCerts = QSslCertificate::fromPath(testDataDir + "more-certificates/blacklisted*.pem", QSsl::Pem, QSslCertificate::PatternSyntax::Wildcard); - QVERIFY(blacklistedCerts.count() > 0); - for (int a = 0; a < blacklistedCerts.count(); a++) { + QVERIFY(blacklistedCerts.size() > 0); + for (int a = 0; a < blacklistedCerts.size(); a++) { QVERIFY(blacklistedCerts.at(a).isBlacklisted()); } } @@ -984,7 +983,7 @@ void tst_QSslCertificate::selfsignedCertificates() void tst_QSslCertificate::toText() { - if (isNonOpenSslTls) + if (currentBackend() != TLSBackend::OpenSSL) QSKIP("QSslCertificate::toText is not implemented on platforms which do not use openssl"); QList<QSslCertificate> certList = @@ -993,42 +992,26 @@ void tst_QSslCertificate::toText() QCOMPARE(certList.size(), 1); const QSslCertificate &cert = certList.at(0); - // Openssl's cert dump method changed slightly between 0.9.8, 1.0.0 and 1.01 versions, so we want it to match any output - - QFile f098(testDataDir + "more-certificates/cert-large-expiration-date.txt.0.9.8"); - QVERIFY(f098.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt098 = f098.readAll(); - - QFile f100(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.0.0"); - QVERIFY(f100.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt100 = f100.readAll(); - - QFile f101(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.0.1"); - QVERIFY(f101.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt101 = f101.readAll(); - - QFile f101c(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.0.1c"); - QVERIFY(f101c.open(QIODevice::ReadOnly | QFile::Text)); - QByteArray txt101c = f101c.readAll(); - + // Openssl's cert dump method changed slightly between 1.1.1 and 3.0.5 versions, so we want it to match any output QFile f111(testDataDir + "more-certificates/cert-large-expiration-date.txt.1.1.1"); QVERIFY(f111.open(QIODevice::ReadOnly | QFile::Text)); QByteArray txt111 = f111.readAll(); + QFile f305(testDataDir + "more-certificates/cert-large-expiration-date.txt.3.0.5"); + QVERIFY(f305.open(QIODevice::ReadOnly | QFile::Text)); + QByteArray txt305 = f305.readAll(); + QString txtcert = cert.toText(); - QVERIFY(QString::fromLatin1(txt098) == txtcert || - QString::fromLatin1(txt100) == txtcert || - QString::fromLatin1(txt101) == txtcert || - QString::fromLatin1(txt101c) == txtcert || - QString::fromLatin1(txt111) == txtcert ); + QVERIFY(QString::fromLatin1(txt111) == txtcert || + QString::fromLatin1(txt305) == txtcert); } void tst_QSslCertificate::multipleCommonNames() { QList<QSslCertificate> certList = QSslCertificate::fromPath(testDataDir + "more-certificates/test-cn-two-cns-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); - QVERIFY(certList.count() > 0); + QVERIFY(certList.size() > 0); QStringList commonNames = certList[0].subjectInfo(QSslCertificate::CommonName); QVERIFY(commonNames.contains(QString("www.example.com"))); @@ -1039,18 +1022,18 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() { QList<QSslCertificate> certList = QSslCertificate::fromPath(testDataDir + "more-certificates/test-cn-with-drink-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); - QVERIFY(certList.count() > 0); + QVERIFY(certList.size() > 0); QList<QByteArray> attributes = certList[0].subjectInfoAttributes(); QVERIFY(attributes.contains(QByteArray("favouriteDrink"))); attributes.clear(); certList = QSslCertificate::fromPath(testDataDir + "more-certificates/natwest-banking.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); - QVERIFY(certList.count() > 0); + QVERIFY(certList.size() > 0); QByteArray shortName("1.3.6.1.4.1.311.60.2.1.3"); #if !defined(QT_NO_OPENSSL) && defined(SN_jurisdictionCountryName) - if (!isNonOpenSslTls) + if (currentBackend() == TLSBackend::OpenSSL) shortName = SN_jurisdictionCountryName; #endif attributes = certList[0].subjectInfoAttributes(); @@ -1059,8 +1042,8 @@ void tst_QSslCertificate::subjectAndIssuerAttributes() void tst_QSslCertificate::verify() { - if (isNonOpenSslTls) - QSKIP("Not implemented in SecureTransport or Schannel"); + if (currentBackend() != TLSBackend::OpenSSL) + QSKIP("Only implemented for OpenSSL"); QList<QSslError> errors; QList<QSslCertificate> toVerify; @@ -1073,7 +1056,7 @@ void tst_QSslCertificate::verify() // Empty chain is unspecified error errors = QSslCertificate::verify(toVerify); - VERIFY_VERBOSE(errors.count() == 1); + VERIFY_VERBOSE(errors.size() == 1); VERIFY_VERBOSE(errors[0] == QSslError(QSslError::UnspecifiedError)); errors.clear(); @@ -1092,14 +1075,14 @@ void tst_QSslCertificate::verify() toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-ocsp-good-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); errors = QSslCertificate::verify(toVerify); - VERIFY_VERBOSE(errors.count() == 0); + VERIFY_VERBOSE(errors.size() == 0); errors.clear(); // Test a blacklisted certificate toVerify = QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); errors = QSslCertificate::verify(toVerify); bool foundBlack = false; - foreach (const QSslError &error, errors) { + for (const QSslError &error : std::as_const(errors)) { if (error.error() == QSslError::CertificateBlacklisted) { foundBlack = true; break; @@ -1127,11 +1110,11 @@ void tst_QSslCertificate::verify() toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-is-ca-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString).first(); toVerify << QSslCertificate::fromPath(testDataDir + "verify-certs/test-intermediate-ca-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString).first(); errors = QSslCertificate::verify(toVerify); - VERIFY_VERBOSE(errors.count() == 0); + VERIFY_VERBOSE(errors.size() == 0); // Recheck the above with hostname validation errors = QSslCertificate::verify(toVerify, QLatin1String("example.com")); - VERIFY_VERBOSE(errors.count() == 0); + VERIFY_VERBOSE(errors.size() == 0); // Recheck the above with a bad hostname errors = QSslCertificate::verify(toVerify, QLatin1String("fail.example.com")); @@ -1145,9 +1128,8 @@ QString tst_QSslCertificate::toString(const QList<QSslError>& errors) { QStringList errorStrings; - foreach (const QSslError& error, errors) { + for (const QSslError &error : errors) errorStrings.append(QLatin1Char('"') + error.errorString() + QLatin1Char('"')); - } return QLatin1String("[ ") + errorStrings.join(QLatin1String(", ")) + QLatin1String(" ]"); } @@ -1156,11 +1138,11 @@ void tst_QSslCertificate::extensions() { QList<QSslCertificate> certList = QSslCertificate::fromPath(testDataDir + "more-certificates/natwest-banking.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); - QVERIFY(certList.count() > 0); + QVERIFY(certList.size() > 0); QSslCertificate cert = certList[0]; QList<QSslCertificateExtension> extensions = cert.extensions(); - QCOMPARE(extensions.count(), 9); + QCOMPARE(extensions.size(), 9); int unknown_idx = -1; int authority_info_idx = -1; @@ -1168,7 +1150,7 @@ void tst_QSslCertificate::extensions() int subject_key_idx = -1; int auth_key_idx = -1; - for (int i=0; i < extensions.length(); ++i) { + for (int i=0; i < extensions.size(); ++i) { QSslCertificateExtension ext = extensions[i]; //qDebug() << i << ":" << ext.name() << ext.oid(); @@ -1254,16 +1236,16 @@ void tst_QSslCertificate::extensionsCritical() { QList<QSslCertificate> certList = QSslCertificate::fromPath(testDataDir + "verify-certs/test-addons-mozilla-org-cert.pem", QSsl::Pem, QSslCertificate::PatternSyntax::FixedString); - QVERIFY(certList.count() > 0); + QVERIFY(certList.size() > 0); QSslCertificate cert = certList[0]; QList<QSslCertificateExtension> extensions = cert.extensions(); - QCOMPARE(extensions.count(), 9); + QCOMPARE(extensions.size(), 9); int basic_constraints_idx = -1; int key_usage_idx = -1; - for (int i=0; i < extensions.length(); ++i) { + for (int i=0; i < extensions.size(); ++i) { QSslCertificateExtension ext = extensions[i]; if (ext.name() == QStringLiteral("basicConstraints")) @@ -1401,6 +1383,9 @@ void tst_QSslCertificate::pkcs12() return; } + if (currentBackend() == TLSBackend::OpenSSL && QSslSocket::sslLibraryVersionNumber() >= 0x30000000L) + QSKIP("leaf.p12 is using RC2, which is disabled by default in OpenSSL v >= 3"); + QFile f(testDataDir + QLatin1String("pkcs12/leaf.p12")); bool ok = f.open(QIODevice::ReadOnly); QVERIFY(ok); @@ -1409,8 +1394,8 @@ void tst_QSslCertificate::pkcs12() QSslCertificate cert; QList<QSslCertificate> caCerts; - if (isNonOpenSslTls) - QEXPECT_FAIL("", "pkcs12 imports are only supported when openssl is used", Abort); // TODO? + if (currentBackend() != TLSBackend::OpenSSL) + QEXPECT_FAIL("", "pkcs12 imports are not available with the current TLS backend", Abort); // TODO? ok = QSslCertificate::importPkcs12(&f, &key, &cert, &caCerts); QVERIFY(ok); @@ -1442,7 +1427,8 @@ void tst_QSslCertificate::pkcs12() QFile nocert(testDataDir + QLatin1String("pkcs12/leaf-nokey.p12")); ok = nocert.open(QIODevice::ReadOnly); QVERIFY(ok); - QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); + if (currentBackend() == TLSBackend::OpenSSL) + QTest::ignoreMessage(QtWarningMsg, "Unable to convert private key"); ok = QSslCertificate::importPkcs12(&nocert, &key, &cert, &caCerts); QVERIFY(!ok); nocert.close(); diff --git a/tests/auto/network/ssl/qsslcertificate/verify-certs/README b/tests/auto/network/ssl/qsslcertificate/verify-certs/README index 87cb293ef6..f4317331b6 100644 --- a/tests/auto/network/ssl/qsslcertificate/verify-certs/README +++ b/tests/auto/network/ssl/qsslcertificate/verify-certs/README @@ -1,2 +1,9 @@ openssl verify -CAfile cacert.pem -untrusted test-intermediate-ca-cert.pem test-intermediate-is-ca-cert.pem openssl verify -CAfile cacert.pem -untrusted test-ocsp-good-cert.pem test-intermediate-not-ca-cert.pem + +1. cacert.pem is, obviously, a root CA certificate. +2. test-intermediate-ca-cert.pem is a certificate, signed by the root CA, an intermediate CA. +3. test-intermediate-is-ca-cert.pem is a certificate, signed by test-intermediate-ca-cert.pem. +4. test-ocsp-good-cert.pem is signed by root CA, it has CA:FALSE but keyUsage allowing to sign + CSRs - this is how OpenSSL would report us 'invalid CA certificate' instead of 'No issuer found'. +5. test-intermediate-not-ca-cert.pem is signed by test-ocsp-good-cert.pem. diff --git a/tests/auto/network/ssl/qsslcertificate/verify-certs/cacert.pem b/tests/auto/network/ssl/qsslcertificate/verify-certs/cacert.pem index 8c75c54bcb..5b9b570479 100644 --- a/tests/auto/network/ssl/qsslcertificate/verify-certs/cacert.pem +++ b/tests/auto/network/ssl/qsslcertificate/verify-certs/cacert.pem @@ -1,23 +1,25 @@ -----BEGIN CERTIFICATE----- -MIID6zCCAtOgAwIBAgIJAP4bjANFSx0BMA0GCSqGSIb3DQEBBQUAMIGrMSYwJAYD -VQQDEx1XZXN0cG9pbnQgQ2VydGlmaWNhdGUgVGVzdCBDQTETMBEGA1UECBMKTGFu -Y2FzaGlyZTELMAkGA1UEBhMCVUsxHTAbBgkqhkiG9w0BCQEWDmNhQGV4YW1wbGUu -Y29tMUAwPgYDVQQKEzdXZXN0cG9pbnQgQ2VydGlmaWNhdGUgVGVzdCBSb290IENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTExMDczMTIxMDExNloXDTIxMDcyODIx -MDExNlowgasxJjAkBgNVBAMTHVdlc3Rwb2ludCBDZXJ0aWZpY2F0ZSBUZXN0IENB -MRMwEQYDVQQIEwpMYW5jYXNoaXJlMQswCQYDVQQGEwJVSzEdMBsGCSqGSIb3DQEJ -ARYOY2FAZXhhbXBsZS5jb20xQDA+BgNVBAoTN1dlc3Rwb2ludCBDZXJ0aWZpY2F0 -ZSBUZXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQC5xMKXviXuxFO67WzFIImO5RY3Y+dqt7maTB+p -JiHkn98rJoBB4J1cDnEUIs5ErO+kqOjW7JwF50fePNJ5K+I6SbRVn9gxAI59ZA6O -9UvOPZOw4/6GM24UY4B4mUcp8oXg9fhwgtjVhfXiMD2GvKQq3RazIiCoSW4aJWEq -L58Q+sIo+jL72qwk648xIwIhuC3XzcOOE/+rCOtZmu812/NN08UfsL2qup0aaaGv -aL36n6OIx5AYFcCD5uOxXAmUy14mhwQyDHAl6K42ghSm5b43VMMSQ+N9AQpentWl -RH6Vt1eY52YTxjNxpRlj88GBnYxdr8WgjKOV7v8OPGXP6zWlAgMBAAGjEDAOMAwG -A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADptDEfvsh8aq/tTc7ciGkHG -jh7WFELVTcdWBTyveZ24298Hl9UOfsAfLqjMGMs3delAaZocchba9Og2xSZyRstH -GUtlJXd4PnSJSx/TksPf2DCANo5sxBWBITs1Iprm3Nlm3/xPZM2QLIamRYi2J6Ed -JTfWvMpoaW1umJX49jKqk1gfdcS6eUSaXetgYP2FQV7DstqPLYfQ731nEXZ1LXFM -PO7IoPccqk4YJ0KOV7hFb7NCq4a6cz/Gf0S0qJ44vqHz6iRZpmWIo5UFivwtLw9r -iMbdJ1mCCMR0oN5om3muKc7Sz+l2ItxdYMcLkZ1/3ouvQqOX+qIOrYEUN1RZCzI= +MIIENzCCAx+gAwIBAgIUdn+WSglXIMBvW46H1+kauM81p1UwDQYJKoZIhvcNAQEL +BQAwgaIxCzAJBgNVBAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxDTALBgNVBAcMBE9z +bG8xDTALBgNVBAoMBFRRdEMxLzAtBgNVBAsMJlRRdEMgVGVzdCBSb290IEF1dGhv +cml6YXRpb24gQXV0aG9yaXR5MRowGAYDVQQDDBFUUXRDIHRlc3Qgcm9vdCBDQTEX +MBUGCSqGSIb3DQEJARYIY2FAcXQuaW8wHhcNMjEwNzI5MTIzNDM5WhcNMzEwNzI3 +MTIzNDM5WjCBojELMAkGA1UEBhMCTk8xDzANBgNVBAgMBk5vcndheTENMAsGA1UE +BwwET3NsbzENMAsGA1UECgwEVFF0QzEvMC0GA1UECwwmVFF0QyBUZXN0IFJvb3Qg +QXV0aG9yaXphdGlvbiBBdXRob3JpdHkxGjAYBgNVBAMMEVRRdEMgdGVzdCByb290 +IENBMRcwFQYJKoZIhvcNAQkBFghjYUBxdC5pbzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAOXrt0DU0NCmvB/vsw3d5Ztn3Ab77AmnVSNSkWKOyei7bQ55 +Qx2FR+ihcPL3+HRQ+UAZsV/ryurkrCdFOOpkBC8a1Kq1ErXM9RbBdX9kyX7IG1KD +iwnFuci/2cDgounfxNDLPCWImukKfWGUfWlpnbbF4nYdaeP/S+LvsCklgphGdtLE +uO+bNLUNFT61X3d0eg/NQ0tMFFgjTQkKYueYpoAtS8zsHfJxLKzNVjdkUaqEsN1x +AmE6LLVhMwf7EHwlgCMb3H59R9N+kz8bjCNQrErctF0crvdZjlX9AudZGz6e6xso +Mmw6epkGSGF6eMjK62mQX4Y/15ruNIvuLla1dzcCAwEAAaNjMGEwHQYDVR0OBBYE +FFpvgro1qjV/QzO+gq/hScIGw7CpMB8GA1UdIwQYMBaAFFpvgro1qjV/QzO+gq/h +ScIGw7CpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3 +DQEBCwUAA4IBAQC+Xbv1f2r2YBXTM7/Uc48DFjdCb4dOKOF8anIGmsG5IfcG77DW +PkyVvPVBVQYw11GtyEwdl5nYyM5VMUT2Jv0kL3sRjQASaQLQCJa3KpYKUV6/7+0W +h8oUSb6FyP8Ks/GTVgHGlSSWU6TixG2k85kKSDNinUDHqrjyS+EYXR4FZHY68lu1 +JSSDBrdEEMmBcChj7Yze9LcdcEUbsALori4363rJCsDmfE6M5nZCFGSn1oUAB8LS +XJ62DI16XbKjwSSFsvJA87n3Ujivytjgdq0e1EgpeNjFvcq5lJ83pQHK/G6+hIna +toLOSqYHUzZv5+NalkbfTUOLSuecUMDTz+KG -----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-ca-cert.pem b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-ca-cert.pem index d00490caba..4e850907ad 100644 --- a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-ca-cert.pem +++ b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-ca-cert.pem @@ -1,66 +1,26 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 28 (0x1c) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=Westpoint Certificate Test CA, ST=Lancashire, C=UK/emailAddress=ca@example.com, O=Westpoint Certificate Test Root Certification Authority - Validity - Not Before: Jul 31 21:01:18 2011 GMT - Not After : Jul 28 21:01:18 2021 GMT - Subject: ST=Lancashire, C=UK/emailAddress=test@example.com, O=Test intermediate CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:bc:bd:83:c1:bc:36:d8:9c:74:68:5a:46:48:25: - 83:59:f8:35:1e:8f:dc:2c:52:3b:7c:2e:ea:40:c4: - 93:b6:39:31:df:f5:a6:f8:01:17:67:93:21:59:9b: - 89:7f:ed:2a:19:7b:25:a5:e1:71:12:99:e5:14:28: - df:75:b5:17:1c:3b:1d:3d:74:48:4f:b7:42:f4:3a: - ab:56:05:2b:fc:d3:27:97:01:08:5b:ad:26:9b:f2: - 87:51:9c:7e:e1:f1:ef:1c:bf:ad:7e:38:d9:76:89: - 30:a6:8c:2f:6f:87:9f:9e:57:13:14:b4:45:30:f3: - be:58:df:8a:d2:ee:7b:1d:89 - Exponent: 65537 (0x10001) - X509v3 extensions: - Authority Information Access: - OCSP - URI:http://ocsp.example.com:8888/ - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 33:84:9d:0e:b2:59:04:dc:ef:e3:04:8b:00:6c:64:ea:58:9e: - 36:59:76:27:59:a0:b8:ee:0d:86:83:ff:db:65:eb:6c:1f:16: - 47:e7:f5:e6:c3:88:81:73:7e:ed:12:8d:7e:fd:5e:b1:5c:68: - 47:f8:f9:ca:e3:e0:c0:f3:12:b2:24:3b:77:2c:98:de:05:6d: - a8:ec:27:b8:af:ab:84:25:26:73:b4:58:4c:7c:c1:74:97:98: - ab:0e:e6:99:70:bc:38:b0:9a:e3:d9:5c:75:fa:46:d2:87:55: - 09:86:8f:ef:4a:e4:ef:3e:32:c6:ac:9d:27:86:29:b8:78:38: - 7b:87:6c:57:72:bd:57:99:73:36:db:fa:52:bd:7b:a7:05:cd: - 28:b8:85:fc:11:47:5e:c6:77:72:6a:fb:73:3e:8b:a4:6d:f8: - 17:f4:12:d5:36:e0:ef:5c:f8:b2:a1:69:3e:4c:cf:86:5f:63: - f6:02:60:95:7f:61:e8:cb:7f:14:66:da:36:2e:78:13:3e:68: - ae:3f:13:c1:79:88:18:18:3f:23:f3:9a:e1:e7:7e:ae:50:e4: - b7:80:76:31:92:74:79:2c:de:d0:74:fe:81:7c:f6:01:14:6a: - 1f:5f:88:85:6a:11:1d:50:af:f1:97:4d:67:40:c3:e9:ae:6f: - 60:e2:bc:e2 -----BEGIN CERTIFICATE----- -MIIDUDCCAjigAwIBAgIBHDANBgkqhkiG9w0BAQUFADCBqzEmMCQGA1UEAxMdV2Vz -dHBvaW50IENlcnRpZmljYXRlIFRlc3QgQ0ExEzARBgNVBAgTCkxhbmNhc2hpcmUx -CzAJBgNVBAYTAlVLMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLmNvbTFAMD4G -A1UEChM3V2VzdHBvaW50IENlcnRpZmljYXRlIFRlc3QgUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eTAeFw0xMTA3MzEyMTAxMThaFw0yMTA3MjgyMTAxMThaMGIx -EzARBgNVBAgTCkxhbmNhc2hpcmUxCzAJBgNVBAYTAlVLMR8wHQYJKoZIhvcNAQkB -FhB0ZXN0QGV4YW1wbGUuY29tMR0wGwYDVQQKExRUZXN0IGludGVybWVkaWF0ZSBD -QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvL2Dwbw22Jx0aFpGSCWDWfg1 -Ho/cLFI7fC7qQMSTtjkx3/Wm+AEXZ5MhWZuJf+0qGXslpeFxEpnlFCjfdbUXHDsd -PXRIT7dC9DqrVgUr/NMnlwEIW60mm/KHUZx+4fHvHL+tfjjZdokwpowvb4efnlcT -FLRFMPO+WN+K0u57HYkCAwEAAaNLMEkwOQYIKwYBBQUHAQEELTArMCkGCCsGAQUF -BzABhh1odHRwOi8vb2NzcC5leGFtcGxlLmNvbTo4ODg4LzAMBgNVHRMEBTADAQH/ -MA0GCSqGSIb3DQEBBQUAA4IBAQAzhJ0OslkE3O/jBIsAbGTqWJ42WXYnWaC47g2G -g//bZetsHxZH5/Xmw4iBc37tEo1+/V6xXGhH+PnK4+DA8xKyJDt3LJjeBW2o7Ce4 -r6uEJSZztFhMfMF0l5irDuaZcLw4sJrj2Vx1+kbSh1UJho/vSuTvPjLGrJ0nhim4 -eDh7h2xXcr1XmXM22/pSvXunBc0ouIX8EUdexndyavtzPoukbfgX9BLVNuDvXPiy -oWk+TM+GX2P2AmCVf2Hoy38UZto2LngTPmiuPxPBeYgYGD8j85rh536uUOS3gHYx -knR5LN7QdP6BfPYBFGofX4iFahEdUK/xl01nQMPprm9g4rzi +MIIEbTCCA1WgAwIBAgICEAcwDQYJKoZIhvcNAQELBQAwgaIxCzAJBgNVBAYTAk5P +MQ8wDQYDVQQIDAZOb3J3YXkxDTALBgNVBAcMBE9zbG8xDTALBgNVBAoMBFRRdEMx +LzAtBgNVBAsMJlRRdEMgVGVzdCBSb290IEF1dGhvcml6YXRpb24gQXV0aG9yaXR5 +MRowGAYDVQQDDBFUUXRDIHRlc3Qgcm9vdCBDQTEXMBUGCSqGSIb3DQEJARYIY2FA +cXQuaW8wHhcNMjEwNzI5MTcxNjA3WhcNMzEwNjA3MTcxNjA3WjCBqzELMAkGA1UE +BhMCTk8xDzANBgNVBAgMBk5vcndheTENMAsGA1UECgwEVFF0QzEwMC4GA1UECwwn +VFF0QyBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MTAwLgYDVQQD +DCdUUXRDIEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxGDAWBgkq +hkiG9w0BCQEWCWljYUBxdC5pbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAK1zsW+VafypIPdVrDavxgPJ8LIdYyIJtijHNvWmGDl9fgK8EZWm6uIsvHOL +D2ZtHmBRXCGXOuXFonZh2vpuPUzBdD8E4CQVE31QHHb2eoalpNgiIRODJEfOwMJZ +V5FP/iE5g5TJmbiqMwui2v4g4AWoQpsiSYnlgLd/XbZePpSSAqyZYsxGmzbcf2Vq +v5Tv8SbjLjuRZdwHsrXi/7S4qyybiPHLLoLD7+woDRo8wy+z0wQ8v2XsRzjqvBUn +QvuOvk5MXKHQzXheClMizcDDOcjaK0AKzVopQa6s0+Pmg+DW162DOrK4SGqpeBlp +OujEtiQk9+1hycAadbntYQ+/kHcCAwEAAaOBoTCBnjAdBgNVHQ4EFgQUemD1HaWM +WxNLlSONkvAiFhlmtVowHwYDVR0jBBgwFoAUWm+CujWqNX9DM76Cr+FJwgbDsKkw +EgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwOAYIKwYBBQUHAQEE +LDAqMCgGCCsGAQUFBzABhhxodHRwOi8vb2NzcC5leGFtcGxlLmNvbTo4ODg4MA0G +CSqGSIb3DQEBCwUAA4IBAQBxfeQrh/xnjL8vLLQB0PrPawCUB4X0RHheNAB8BZh/ +5t96StDZspB1p14iW1b9ziiN+w8hghdLO+UbEmbnfK9m0sxXPxGdO/dK5PeKkEZA +1Clbu1qPEwmbCeuPDHpcXMzYUEm/vHTJFNxfvLgiLYwZpxhYZiHeMMEUYxQRrmI1 +DJbcpZT4nYyaVKinvMmw5KG85cLsyjIgzhUwLGSAfB+p4pIX+R8GQZtdn26+FN9c +U+ZDfAUJ0hrPmd89KuSXm96tarx/EYnGzwletTL2IJWS1zxpGFlpyFgWq3m054iD +UAWX8IPCQRMwhoKmSqNbhtYIKLXyDe3Xg6yD0ySDKjlB -----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-is-ca-cert.pem b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-is-ca-cert.pem index 396cad86cb..3f13c93473 100644 --- a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-is-ca-cert.pem +++ b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-is-ca-cert.pem @@ -1,53 +1,25 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 29 (0x1d) - Signature Algorithm: sha1WithRSAEncryption - Issuer: ST=Lancashire, C=UK/emailAddress=test@example.com, O=Test intermediate CA - Validity - Not Before: Jul 31 21:01:18 2011 GMT - Not After : Jul 28 21:01:18 2021 GMT - Subject: CN=example.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:c9:bb:98:5b:27:cd:b1:8a:a9:38:fc:aa:bb:ad: - a1:ed:cb:94:94:3e:79:90:ae:35:f3:87:b1:2a:4e: - d5:ff:55:93:e0:1a:68:2a:36:94:05:38:a7:72:64: - a3:31:0f:61:5c:ec:76:41:f1:35:4a:5e:bc:ef:51: - 90:9e:33:b4:08:7a:3f:f0:04:a8:46:99:96:25:b3: - 03:c8:cd:8c:33:42:76:82:b9:db:61:c6:91:ed:76: - 86:ae:04:38:d7:e5:5c:a9:a9:f9:b6:13:f4:90:40: - 6d:ec:2f:ba:ed:bc:ff:88:05:f0:7b:c8:ac:bd:d0: - 72:3a:91:64:86:06:89:66:0d - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - Authority Information Access: - OCSP - URI:http://ocsp.example.com:8888/ - - Signature Algorithm: sha1WithRSAEncryption - 22:30:97:01:ea:d0:a8:d8:b5:32:97:c8:c9:8b:7d:01:02:53: - 74:f8:0a:10:dc:fc:73:b2:50:bb:59:47:f3:e4:9f:44:94:d5: - ca:c0:64:da:83:00:95:43:15:a5:e3:30:ce:66:ca:55:8c:16: - 03:1e:55:02:8b:c7:ad:ed:2e:ae:ee:31:59:53:37:ff:26:86: - 93:9d:e2:69:2e:c0:2a:66:38:a5:b5:54:a1:02:0a:83:67:e0: - 91:cf:fc:09:c3:70:71:b6:cf:fc:d3:e9:9f:f5:1c:4d:55:ec: - 66:f7:07:71:fc:d6:17:de:e1:ab:e6:f2:7b:83:46:1e:b9:96: - 95:8f -----BEGIN CERTIFICATE----- -MIICNjCCAZ+gAwIBAgIBHTANBgkqhkiG9w0BAQUFADBiMRMwEQYDVQQIEwpMYW5j -YXNoaXJlMQswCQYDVQQGEwJVSzEfMB0GCSqGSIb3DQEJARYQdGVzdEBleGFtcGxl -LmNvbTEdMBsGA1UEChMUVGVzdCBpbnRlcm1lZGlhdGUgQ0EwHhcNMTEwNzMxMjEw -MTE4WhcNMjEwNzI4MjEwMTE4WjAWMRQwEgYDVQQDEwtleGFtcGxlLmNvbTCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAybuYWyfNsYqpOPyqu62h7cuUlD55kK41 -84exKk7V/1WT4BpoKjaUBTincmSjMQ9hXOx2QfE1Sl6871GQnjO0CHo/8ASoRpmW -JbMDyM2MM0J2grnbYcaR7XaGrgQ41+Vcqan5thP0kEBt7C+67bz/iAXwe8isvdBy -OpFkhgaJZg0CAwEAAaNIMEYwCQYDVR0TBAIwADA5BggrBgEFBQcBAQQtMCswKQYI -KwYBBQUHMAGGHWh0dHA6Ly9vY3NwLmV4YW1wbGUuY29tOjg4ODgvMA0GCSqGSIb3 -DQEBBQUAA4GBACIwlwHq0KjYtTKXyMmLfQECU3T4ChDc/HOyULtZR/Pkn0SU1crA -ZNqDAJVDFaXjMM5mylWMFgMeVQKLx63tLq7uMVlTN/8mhpOd4mkuwCpmOKW1VKEC -CoNn4JHP/AnDcHG2z/zT6Z/1HE1V7Gb3B3H81hfe4avm8nuDRh65lpWP +MIIEMjCCAxqgAwIBAgIUaR2Q0yCxxvaNVph0ASc+zhzQj2wwDQYJKoZIhvcNAQEL +BQAwgasxCzAJBgNVBAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxDTALBgNVBAoMBFRR +dEMxMDAuBgNVBAsMJ1RRdEMgSW50ZXJtZWRpYXRlIENlcnRpZmljYXRlIEF1dGhv +cml0eTEwMC4GA1UEAwwnVFF0QyBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUgQXV0 +aG9yaXR5MRgwFgYJKoZIhvcNAQkBFglpY2FAcXQuaW8wHhcNMjEwNzI5MTcyODQy +WhcNMzEwNjA3MTcyODQyWjCBjDELMAkGA1UEBhMCTk8xDzANBgNVBAgMBk5vcndh +eTENMAsGA1UEBwwET3NsbzENMAsGA1UECgwEVFF0QzEXMBUGA1UECwwOUXQgRm91 +bmRhdGlvbnMxFDASBgNVBAMMC2V4YW1wbGUuY29tMR8wHQYJKoZIhvcNAQkBFhB0 +ZXN0QGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +4oQJn7Q5RC3suFgq+mDXbheEG8CQWlCgRoiX4s6ZYVvkwAyh+AfKz6bF6uAkGhSU +BqRGfrTnU46V+IHZT3mxa9KUThhQKzGwEACAoZK1IivDRxA6y/BK3LfJc/hcFqA1 +kVWAs949fOgmJpai8LHXlGMdVnoWJE9jL4OnfHDloVzFLXqUzcvJWOFiEHnGvD8J +S+VmYbMc5Yyw73hrqVgpe302TdGr5x4vgeQwk99r37v1dmHKWiI9PcQyy/Qp576Y +V6pdL164D4cD6OgohSzqd0d3BwAvC8lO9MCJiL5l2TiaJpcEMxS8ycQCwaUp6HC1 +y+HHtfSYu9DRu4PXKccWlQIDAQABo2swaTAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0l +BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDgGCCsGAQUFBwEBBCwwKjAoBggrBgEF +BQcwAYYcaHR0cDovL29jc3AuZXhhbXBsZS5jb206ODg4ODANBgkqhkiG9w0BAQsF +AAOCAQEAcMAO6aZesrll+VnceYD2A77Uckqu7UaJ+Cno/aXxaZuBVmfyhdUyK9DF +bqLNGooR2DGbCjnoOpAaNGngfEkLH/aiDOaGgF9hPOfeUo2Axw7ElfVvwoyEy4zy +h7GLaA491mjg3XF5ZB56wxbWiBO7nvnHP2ln6x8L5A9RZIofxmChwNuDulB5aog5 +xfoZn8nqM+HQZNUNx5gX/QgPaVu3ytcVy0t8KYQesATc4hu3kaUPP372Unm4qOyA +WjX8g4zgCs4aVhjNqWEuX4FPyZQeY0IE5BK+H50z0m+rfH02Amlvq7TYpN50A9wL +qLirP+moVzEWJKJP0HWT/jo7Ze53FA== -----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-not-ca-cert.pem b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-not-ca-cert.pem index 34ad2b10a8..836afd85d3 100644 --- a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-not-ca-cert.pem +++ b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-intermediate-not-ca-cert.pem @@ -1,54 +1,24 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 27 (0x1b) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=example.com, ST=Lancashire, C=UK/emailAddress=test@example.com, O=Some organisation - Validity - Not Before: Jul 31 21:01:18 2011 GMT - Not After : Jul 28 21:01:18 2021 GMT - Subject: CN=example.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:ea:d6:97:b5:3c:f4:37:8a:58:b4:7a:49:31:55: - dd:c8:84:ee:36:f6:72:3a:31:99:d1:df:af:bb:f9: - 17:e9:d8:47:d2:20:4b:94:ce:ea:c1:6b:23:9a:da: - 02:41:29:51:34:05:13:c0:98:4d:87:f8:91:a8:85: - 81:e4:ab:26:3d:26:59:29:16:7d:04:db:57:7b:f0: - b6:2b:5d:cf:e7:82:ba:83:a7:bc:63:43:03:2a:2b: - 18:40:89:4c:1e:90:bc:bf:10:24:81:50:0d:2e:e8: - 8e:a9:0a:fc:f8:cd:97:98:3c:cc:55:b7:f2:b2:0d: - 0e:36:53:3a:b2:d0:45:90:8b - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - Authority Information Access: - OCSP - URI:http://ocsp.example.com:8888/ - - Signature Algorithm: sha1WithRSAEncryption - 82:d8:53:9c:d8:0b:0a:b3:9d:b4:0a:9f:93:ec:96:a6:31:6b: - 79:c9:d2:1c:76:0b:b7:f3:9f:b9:7a:dd:d7:b7:7b:26:ba:0a: - 54:2a:a3:ad:89:8e:3c:b8:8e:ea:09:53:58:73:9a:b3:a0:40: - 90:02:f2:60:04:b8:f0:2a:61:bd:91:9b:5e:81:5f:bf:cc:f2: - 33:33:8a:70:07:f5:ea:c0:05:38:34:f7:dc:ea:0c:74:01:5d: - dd:92:ab:f2:87:64:1b:7c:be:ae:37:c1:6c:ae:99:73:a5:aa: - 45:20:32:57:19:cb:30:45:61:2c:3b:23:52:ee:f0:cc:12:80: - 97:34 -----BEGIN CERTIFICATE----- -MIICSTCCAbKgAwIBAgIBGzANBgkqhkiG9w0BAQUFADB1MRQwEgYDVQQDEwtleGFt -cGxlLmNvbTETMBEGA1UECBMKTGFuY2FzaGlyZTELMAkGA1UEBhMCVUsxHzAdBgkq -hkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5jb20xGjAYBgNVBAoTEVNvbWUgb3JnYW5p -c2F0aW9uMB4XDTExMDczMTIxMDExOFoXDTIxMDcyODIxMDExOFowFjEUMBIGA1UE -AxMLZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOrWl7U8 -9DeKWLR6STFV3ciE7jb2cjoxmdHfr7v5F+nYR9IgS5TO6sFrI5raAkEpUTQFE8CY -TYf4kaiFgeSrJj0mWSkWfQTbV3vwtitdz+eCuoOnvGNDAyorGECJTB6QvL8QJIFQ -DS7ojqkK/PjNl5g8zFW38rINDjZTOrLQRZCLAgMBAAGjSDBGMAkGA1UdEwQCMAAw -OQYIKwYBBQUHAQEELTArMCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcC5leGFtcGxl -LmNvbTo4ODg4LzANBgkqhkiG9w0BAQUFAAOBgQCC2FOc2AsKs520Cp+T7JamMWt5 -ydIcdgu385+5et3Xt3smugpUKqOtiY48uI7qCVNYc5qzoECQAvJgBLjwKmG9kZte -gV+/zPIzM4pwB/XqwAU4NPfc6gx0AV3dkqvyh2QbfL6uN8FsrplzpapFIDJXGcsw -RWEsOyNS7vDMEoCXNA== +MIID+jCCAuKgAwIBAgIUM3pG/f45Mn2QOCxAjTxuzXfIYj4wDQYJKoZIhvcNAQEL +BQAwgYcxCzAJBgNVBAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxDTALBgNVBAcMBE9z +bG8xDTALBgNVBAoMBFRRdEMxEjAQBgNVBAsMCVNvbWUgVW5pdDEUMBIGA1UEAwwL +ZXhhbXBsZS5jb20xHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5jb20wHhcN +MjEwODA2MDQ0MjE1WhcNMzEwNjE1MDQ0MjE1WjCBjDELMAkGA1UEBhMCTk8xDzAN +BgNVBAgMBk5vcndheTENMAsGA1UEBwwET3NsbzENMAsGA1UECgwEVFF0QzEUMBIG +A1UECwwLRm91bmRhdGlvbnMxFDASBgNVBAMMC2V4YW1wbGUuY29tMSIwIAYJKoZI +hvcNAQkBFhNzaWduZWRieW5vbmNhQHF0LmlvMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEApXDPgUmyVw89XB1o+9yPepTyXOUnY4/4JHu333l3IQcEsK17 +tmOftWOa2TGzScrN0sbi73IhCx48/hYI3skHNiocXhHlrNI8tHkwHKWf5k957tMN +xeSIgddRXMegMc4Xxo9IMxFmvAi1q7gnIkEpBg+6NWRGhB3N2Iw8nUtyOc+wx6Us +EzRi/HpITzNsmeuwHPzlKe8HQsL5VeM9oo7HdH7Bb2M7t4+oizZe8jbvhbUWbylb +HDkD1ZoxDRyYAPYkYyvsIodDBSFOQmon7kZtshrmZO+VGPEDisaDJFYppyZNOmmA +g65IUf+0oJW73uuG5dZWwmjEhHlKhkmvqXBoUQIDAQABo1cwVTAOBgNVHQ8BAf8E +BAMCBeAwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxodHRwOi8vb2NzcC5l +eGFtcGxlLmNvbTo4ODg4MAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACBb +ERwLEJ9zGMk4lpnSK4hr2v8JZdVRbozKHUo0Vky3yyVoaFfKZqha9JpP0Ig71lSv +h8tmM41uFmIWCBc+JEu3PIGvZcs45/Py7NHHY5bua3/szRhkz0FbsEYbrCCE/Fom +rYxOd21q9+Aj0/ZGFccpc5v47SW8UFFjn5rhDKXqX7IZjFY/O6ILD/MnDePK963C +pGltAzKw1RRTQoXQWWWOQZx6jT+JFRQ1cc+QlY106461/qg1m1AhBG6/S6tjkcdI +h1jq4yMhfPP9BhxquZB4/mrBUY2rvUO40973m50trszjXSsdRgyScmEJKWco4MAZ +ZccSsplcBjL5ksfejH4= -----END CERTIFICATE----- diff --git a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-ocsp-good-cert.pem b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-ocsp-good-cert.pem index 34b26c6d5e..d4cd3e1f92 100644 --- a/tests/auto/network/ssl/qsslcertificate/verify-certs/test-ocsp-good-cert.pem +++ b/tests/auto/network/ssl/qsslcertificate/verify-certs/test-ocsp-good-cert.pem @@ -1,67 +1,24 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: CN=Westpoint Certificate Test CA, ST=Lancashire, C=UK/emailAddress=ca@example.com, O=Westpoint Certificate Test Root Certification Authority - Validity - Not Before: Jul 31 21:01:16 2011 GMT - Not After : Jul 28 21:01:16 2021 GMT - Subject: CN=example.com, ST=Lancashire, C=UK/emailAddress=test@example.com, O=Some organisation - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:97:c9:92:27:81:a7:4c:64:82:a2:30:d6:07:b7: - 57:e0:9c:ea:cd:eb:53:be:ea:b6:b5:47:66:d0:68: - 54:25:a7:ed:21:5c:dc:fd:da:41:f6:c7:c0:35:ae: - 97:72:fd:8b:af:29:3d:38:5a:67:8b:39:8a:ce:86: - 25:0f:38:a7:b5:38:b3:8e:81:f0:ea:79:99:cb:f5: - 23:64:55:f3:4b:a4:b6:23:64:29:ea:ba:f3:29:52: - a7:7f:32:dc:0d:b6:d9:d4:e6:13:de:01:41:86:9a: - 2d:8f:bb:0c:18:88:09:ac:d4:6a:e9:cb:8a:17:8a: - 85:09:a6:ae:a6:1c:05:e9:55 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: - CA:FALSE - Authority Information Access: - OCSP - URI:http://ocsp.example.com:8888/ - - Signature Algorithm: sha1WithRSAEncryption - 8b:9b:96:fb:8e:1b:77:f5:70:39:fe:76:51:ac:a9:6b:80:a5: - b7:95:8b:c3:1a:9c:1f:bb:d1:d1:68:43:40:96:62:d6:a6:da: - d9:fd:9d:9a:9e:8a:84:fa:f5:54:ce:a8:d7:37:c7:0c:95:fc: - 11:8b:e9:32:53:e5:59:61:0a:53:70:f3:d6:ed:3f:b1:f4:49: - bf:86:c1:77:0d:b1:ac:65:7e:62:d2:f2:5a:31:50:a7:ed:28: - bb:63:d5:f3:4f:43:3a:3f:bf:3b:d0:94:aa:a1:74:95:be:a4: - 0f:8b:e0:6f:d8:33:84:76:71:b2:da:f4:0e:1e:d2:eb:f0:c3: - 1e:33:79:21:35:93:18:05:38:db:63:85:1a:e4:84:41:0a:c3: - fb:fd:5c:69:3d:18:0a:38:b8:16:18:d3:23:b9:51:47:2e:54: - 08:d1:fc:2e:b6:63:62:78:9c:26:59:c2:5e:5a:38:76:47:e7: - f0:f8:7b:b7:00:46:34:b0:44:28:a9:33:d7:e5:1d:52:c8:fb: - 32:a5:25:86:21:0c:80:f0:4b:37:60:a0:45:69:9f:6b:b0:34: - 91:5e:4c:62:45:99:83:1d:80:48:78:bb:ee:d4:83:39:76:c3: - e6:fb:31:e9:20:f0:64:90:24:4e:c6:07:75:40:1f:7e:97:77: - 1f:bf:a2:ef -----BEGIN CERTIFICATE----- -MIIDYDCCAkigAwIBAgIBATANBgkqhkiG9w0BAQUFADCBqzEmMCQGA1UEAxMdV2Vz -dHBvaW50IENlcnRpZmljYXRlIFRlc3QgQ0ExEzARBgNVBAgTCkxhbmNhc2hpcmUx -CzAJBgNVBAYTAlVLMR0wGwYJKoZIhvcNAQkBFg5jYUBleGFtcGxlLmNvbTFAMD4G -A1UEChM3V2VzdHBvaW50IENlcnRpZmljYXRlIFRlc3QgUm9vdCBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eTAeFw0xMTA3MzEyMTAxMTZaFw0yMTA3MjgyMTAxMTZaMHUx -FDASBgNVBAMTC2V4YW1wbGUuY29tMRMwEQYDVQQIEwpMYW5jYXNoaXJlMQswCQYD -VQQGEwJVSzEfMB0GCSqGSIb3DQEJARYQdGVzdEBleGFtcGxlLmNvbTEaMBgGA1UE -ChMRU29tZSBvcmdhbmlzYXRpb24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB -AJfJkieBp0xkgqIw1ge3V+Cc6s3rU77qtrVHZtBoVCWn7SFc3P3aQfbHwDWul3L9 -i68pPThaZ4s5is6GJQ84p7U4s46B8Op5mcv1I2RV80uktiNkKeq68ylSp38y3A22 -2dTmE94BQYaaLY+7DBiICazUaunLiheKhQmmrqYcBelVAgMBAAGjSDBGMAkGA1Ud -EwQCMAAwOQYIKwYBBQUHAQEELTArMCkGCCsGAQUFBzABhh1odHRwOi8vb2NzcC5l -eGFtcGxlLmNvbTo4ODg4LzANBgkqhkiG9w0BAQUFAAOCAQEAi5uW+44bd/VwOf52 -Uaypa4Clt5WLwxqcH7vR0WhDQJZi1qba2f2dmp6KhPr1VM6o1zfHDJX8EYvpMlPl -WWEKU3Dz1u0/sfRJv4bBdw2xrGV+YtLyWjFQp+0ou2PV809DOj+/O9CUqqF0lb6k -D4vgb9gzhHZxstr0Dh7S6/DDHjN5ITWTGAU422OFGuSEQQrD+/1caT0YCji4FhjT -I7lRRy5UCNH8LrZjYnicJlnCXlo4dkfn8Ph7twBGNLBEKKkz1+UdUsj7MqUlhiEM -gPBLN2CgRWmfa7A0kV5MYkWZgx2ASHi77tSDOXbD5vsx6SDwZJAkTsYHdUAffpd3 -H7+i7w== +MIIEEDCCAvigAwIBAgIUQrpDlYwLae3IBtw7fjH/oCSCWMYwDQYJKoZIhvcNAQEL +BQAwgaIxCzAJBgNVBAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxDTALBgNVBAcMBE9z +bG8xDTALBgNVBAoMBFRRdEMxLzAtBgNVBAsMJlRRdEMgVGVzdCBSb290IEF1dGhv +cml6YXRpb24gQXV0aG9yaXR5MRowGAYDVQQDDBFUUXRDIHRlc3Qgcm9vdCBDQTEX +MBUGCSqGSIb3DQEJARYIY2FAcXQuaW8wHhcNMjEwODA2MDQzNzIyWhcNMzEwNjE1 +MDQzNzIyWjCBhzELMAkGA1UEBhMCTk8xDzANBgNVBAgMBk5vcndheTENMAsGA1UE +BwwET3NsbzENMAsGA1UECgwEVFF0QzESMBAGA1UECwwJU29tZSBVbml0MRQwEgYD +VQQDDAtleGFtcGxlLmNvbTEfMB0GCSqGSIb3DQEJARYQdGVzdEBleGFtcGxlLmNv +bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMEmu/GCuiQwbQf8qluK +5UovaQ4L3MHScVFbHlHu1Nyc12wmhhpzC3jC+OikxdCPpvxdNmdsOHonhNkO55sL +YygX4c4sCNM4B6VbJTfdOKHRBV6ySxFVS4jjBwB88Ouz9KieGiOAA6Lf6nqIBitU +eYQtBPye1lSqX4dAFHx7Il6Ad8Z3U9hUkqEpcW3AGSxFS6GebfTNleN85lXyLhHm +v66vEcHOGM7YSjWjUDto4C5LpYQHMvKe4/oZylQkRwevy8pZ+dK6ZiJuxzKVu2M2 ++LuYFeCRnFry5NBUBhpeLSOgJO2BYJZroRWygjBNUD6yToZFOX77ctL0+lXIgqZ8 +vT0CAwEAAaNXMFUwDgYDVR0PAQH/BAQDAgLkMDgGCCsGAQUFBwEBBCwwKjAoBggr +BgEFBQcwAYYcaHR0cDovL29jc3AuZXhhbXBsZS5jb206ODg4ODAJBgNVHRMEAjAA +MA0GCSqGSIb3DQEBCwUAA4IBAQAReaLhTl0k8+pmVNvnqkPg7UvwmZ1EStWyz0hn +Ar+NZSIdHUWqGqvoQVzcH5ODW3yfkNadhwfm8BJcFuy0ioTqhGuho3cI8Qr9MRQl +s0NNIjeENYbBElBXmJup4OdgCSy0GL3DeCoe3xR+IwHYeER/oH6VDBZrpVovHAk9 +6FlL6eBXgWu1YzXhKU4/enVIJ0A4LRF9WnyhQSucLwo3+bOvPxLBtmP+lWtXyKap +wMMNPu6EULAQ2IYcTgafCW9BWR1UWDXHBRO5ytBV4KFrhXiPoPmA4x0ACxnclH41 +b3Pj0pBur9cQuvap/FSz1uEfJdsYISw6srTfD4zNUuXXhSbz -----END CERTIFICATE----- |