diff options
| author | Jocelyn Turcotte <jocelyn.turcotte@digia.com> | 2014-08-08 14:30:41 +0200 |
|---|---|---|
| committer | Jocelyn Turcotte <jocelyn.turcotte@digia.com> | 2014-08-12 13:49:54 +0200 |
| commit | ab0a50979b9eb4dfa3320eff7e187e41efedf7a9 (patch) | |
| tree | 498dfb8a97ff3361a9f7486863a52bb4e26bb898 /chromium/net/data | |
| parent | 4ce69f7403811819800e7c5ae1318b2647e778d1 (diff) | |
Update Chromium to beta version 37.0.2062.68
Change-Id: I188e3b5aff1bec75566014291b654eb19f5bc8ca
Reviewed-by: Andras Becsi <andras.becsi@digia.com>
Diffstat (limited to 'chromium/net/data')
27 files changed, 1053 insertions, 428 deletions
diff --git a/chromium/net/data/ftp/dir-listing-ls-32.expected b/chromium/net/data/ftp/dir-listing-ls-32.expected index 4626652da42..ac54545ef06 100644 --- a/chromium/net/data/ftp/dir-listing-ls-32.expected +++ b/chromium/net/data/ftp/dir-listing-ls-32.expected @@ -1,98 +1,98 @@ -d -bin --1 -1994 -1 -1 -0 -0 - -d -dev --1 -1994 -1 -1 -0 -0 - -d -etc --1 -1994 -1 -1 -0 -0 - -d -mnt --1 -1994 -1 -1 -0 -0 - -d -nfs --1 -1994 -1 -1 -0 -0 - -d -proc --1 -1994 -1 -1 -0 -0 - -d -ram --1 -1994 -1 -1 -0 -0 - -d -sbin --1 -1994 -1 -1 -0 -0 - -l -tmp --1 -1994 -1 -1 -0 -0 - -d -usr --1 -1994 -1 -1 -0 -0 - -l -var --1 -1994 -1 -1 -0 -0 +d
+bin
+-1
+1994
+1
+1
+0
+0
+
+d
+dev
+-1
+1994
+1
+1
+0
+0
+
+d
+etc
+-1
+1994
+1
+1
+0
+0
+
+d
+mnt
+-1
+1994
+1
+1
+0
+0
+
+d
+nfs
+-1
+1994
+1
+1
+0
+0
+
+d
+proc
+-1
+1994
+1
+1
+0
+0
+
+d
+ram
+-1
+1994
+1
+1
+0
+0
+
+d
+sbin
+-1
+1994
+1
+1
+0
+0
+
+l
+tmp
+-1
+1994
+1
+1
+0
+0
+
+d
+usr
+-1
+1994
+1
+1
+0
+0
+
+l
+var
+-1
+1994
+1
+1
+0
+0
diff --git a/chromium/net/data/spdy_tests/examples_07.hpack b/chromium/net/data/spdy_tests/examples_07.hpack Binary files differnew file mode 100644 index 00000000000..ee573345d30 --- /dev/null +++ b/chromium/net/data/spdy_tests/examples_07.hpack diff --git a/chromium/net/data/ssl/certificates/1024-rsa-ee-by-secp256k1-ecdsa-intermediate.pem b/chromium/net/data/ssl/certificates/1024-rsa-ee-by-secp256k1-ecdsa-intermediate.pem deleted file mode 100644 index 2d47aced565..00000000000 --- a/chromium/net/data/ssl/certificates/1024-rsa-ee-by-secp256k1-ecdsa-intermediate.pem +++ /dev/null @@ -1,44 +0,0 @@ -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 237 (0xed) - Signature Algorithm: ecdsa-with-SHA1 - Issuer: CN=secp256k1 ecdsa Test intermediate CA - Validity - Not Before: Dec 10 01:51:17 2011 GMT - Not After : Dec 9 01:51:17 2012 GMT - Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (1024 bit) - Modulus (1024 bit): - 00:9b:1b:ad:af:0e:61:db:3f:dc:b7:91:5d:bf:1f: - 0a:70:6a:fa:89:b7:6e:fc:aa:ef:ce:9e:db:6c:4c: - 9a:2d:81:7b:59:96:20:eb:11:ef:e4:85:c6:ca:33: - 41:22:4a:20:86:9c:01:02:f9:63:13:9b:3b:1e:f5: - a9:3e:40:98:8e:78:1f:99:32:64:2f:4c:dc:ae:3a: - e7:cf:00:22:2f:77:f2:be:7b:64:9c:a0:92:27:b1: - 35:4d:44:de:7b:cd:75:4a:a7:9b:27:e0:3c:0b:13: - ee:57:5a:f7:c2:81:c0:b8:ea:0b:39:b5:6f:17:57: - 24:f0:c0:c5:4b:b3:0d:92:6f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Alternative Name: - IP Address:127.0.0.1 - Signature Algorithm: ecdsa-with-SHA1 - 30:46:02:21:00:83:ef:77:11:e7:67:3c:53:20:88:b6:03:10: - e8:e5:9b:a1:12:48:3a:1e:a8:3b:31:fa:1b:56:95:28:d3:6e: - 6b:02:21:00:cd:e3:2c:6e:41:59:e2:6a:d4:ec:de:11:99:99: - e6:b7:7e:90:89:91:e5:35:d1:2c:c7:15:e7:46:94:ab:11:6f ------BEGIN CERTIFICATE----- -MIIB0zCCAXkCAgDtMAkGByqGSM49BAEwLzEtMCsGA1UEAwwkc2VjcDI1NmsxIGVj -ZHNhIFRlc3QgaW50ZXJtZWRpYXRlIENBMB4XDTExMTIxMDAxNTExN1oXDTEyMTIw -OTAxNTExN1owYDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAU -BgNVBAcMDU1vdW50YWluIFZpZXcxEDAOBgNVBAoMB1Rlc3QgQ0ExEjAQBgNVBAMM -CTEyNy4wLjAuMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmxutrw5h2z/c -t5Fdvx8KcGr6ibdu/Krvzp7bbEyaLYF7WZYg6xHv5IXGyjNBIkoghpwBAvljE5s7 -HvWpPkCYjngfmTJkL0zcrjrnzwAiL3fyvntknKCSJ7E1TUTee811SqebJ+A8CxPu -V1r3woHAuOoLObVvF1ck8MDFS7MNkm8CAwEAAaMTMBEwDwYDVR0RBAgwBocEfwAA -ATAJBgcqhkjOPQQBA0kAMEYCIQCD73cR52c8UyCItgMQ6OWboRJIOh6oOzH6G1aV -KNNuawIhAM3jLG5BWeJq1OzeEZmZ5rd+kImR5TXRLMcV50aUqxFv ------END CERTIFICATE----- diff --git a/chromium/net/data/ssl/certificates/2048-rsa-ee-by-secp256k1-ecdsa-intermediate.pem b/chromium/net/data/ssl/certificates/2048-rsa-ee-by-secp256k1-ecdsa-intermediate.pem deleted file mode 100644 index d23179db870..00000000000 --- a/chromium/net/data/ssl/certificates/2048-rsa-ee-by-secp256k1-ecdsa-intermediate.pem +++ /dev/null @@ -1,56 +0,0 @@ -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 238 (0xee) - Signature Algorithm: ecdsa-with-SHA1 - Issuer: CN=secp256k1 ecdsa Test intermediate CA - Validity - Not Before: Dec 10 01:51:17 2011 GMT - Not After : Dec 9 01:51:17 2012 GMT - Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:e7:10:f2:68:0c:18:a5:e5:dd:a8:4b:2f:6b:f5: - 71:f4:bf:dd:ef:39:69:04:38:3d:52:c5:e7:cc:b3: - eb:98:57:13:4e:3e:79:cf:80:4b:d7:9d:7e:88:f3: - a9:02:47:b8:d9:ec:8a:8c:34:20:aa:29:3b:a1:d6: - 45:23:b5:6d:36:56:3c:a4:64:13:ee:23:70:09:fa: - 75:83:c6:b7:be:b5:b3:3f:80:cb:ce:7b:18:1f:ac: - 7c:25:b6:58:bc:07:b7:35:77:2b:64:1e:ca:14:0b: - d0:bb:6c:6e:1d:2f:ee:10:90:a1:ce:a9:ab:88:0a: - 28:74:ae:ae:ca:fc:da:c3:3a:ba:39:de:c8:1b:46: - bf:93:98:a2:5b:ba:b2:a6:d8:bd:54:52:be:52:31: - fa:07:3a:6d:8f:42:c2:92:80:31:5c:ae:cb:15:f0: - 72:cf:f6:5c:b9:f2:6b:91:b0:03:48:08:ae:a6:8d: - e4:bd:a1:f6:05:38:1c:70:43:b6:7d:34:b5:c1:b9: - 0b:f7:ec:71:0c:a4:20:92:2b:0f:c0:41:80:16:84: - 64:98:6d:13:38:df:ce:82:98:8c:ac:97:56:10:6d: - f8:e1:d5:19:ed:b7:60:44:c8:9e:72:61:1f:16:3b: - 81:13:a8:c3:99:99:47:ba:81:68:af:2a:39:80:c5: - 88:1b - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Alternative Name: - IP Address:127.0.0.1 - Signature Algorithm: ecdsa-with-SHA1 - 30:45:02:21:00:b4:35:4d:5d:8b:9c:bd:ea:be:86:13:75:ab: - d0:af:cc:fb:39:85:20:0b:2d:a7:84:d7:ce:8f:44:54:b6:6a: - 7c:02:20:62:49:3e:32:da:e2:fe:bb:f3:db:8d:f6:78:de:0a: - 46:e3:93:87:1c:e7:b1:6f:81:9e:1d:b2:3b:5e:a2:2c:7b ------BEGIN CERTIFICATE----- -MIICVjCCAf0CAgDuMAkGByqGSM49BAEwLzEtMCsGA1UEAwwkc2VjcDI1NmsxIGVj -ZHNhIFRlc3QgaW50ZXJtZWRpYXRlIENBMB4XDTExMTIxMDAxNTExN1oXDTEyMTIw -OTAxNTExN1owYDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAU -BgNVBAcMDU1vdW50YWluIFZpZXcxEDAOBgNVBAoMB1Rlc3QgQ0ExEjAQBgNVBAMM -CTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOcQ8mgM -GKXl3ahLL2v1cfS/3e85aQQ4PVLF58yz65hXE04+ec+AS9edfojzqQJHuNnsiow0 -IKopO6HWRSO1bTZWPKRkE+4jcAn6dYPGt761sz+Ay857GB+sfCW2WLwHtzV3K2Qe -yhQL0Ltsbh0v7hCQoc6pq4gKKHSursr82sM6ujneyBtGv5OYolu6sqbYvVRSvlIx -+gc6bY9CwpKAMVyuyxXwcs/2XLnya5GwA0gIrqaN5L2h9gU4HHBDtn00tcG5C/fs -cQykIJIrD8BBgBaEZJhtEzjfzoKYjKyXVhBt+OHVGe23YETInnJhHxY7gROow5mZ -R7qBaK8qOYDFiBsCAwEAAaMTMBEwDwYDVR0RBAgwBocEfwAAATAJBgcqhkjOPQQB -A0gAMEUCIQC0NU1di5y96r6GE3Wr0K/M+zmFIAstp4TXzo9EVLZqfAIgYkk+Mtri -/rvz2432eN4KRuOThxznsW+Bnh2yO16iLHs= ------END CERTIFICATE----- diff --git a/chromium/net/data/ssl/certificates/768-rsa-ee-by-secp256k1-ecdsa-intermediate.pem b/chromium/net/data/ssl/certificates/768-rsa-ee-by-secp256k1-ecdsa-intermediate.pem deleted file mode 100644 index 5825106a1c7..00000000000 --- a/chromium/net/data/ssl/certificates/768-rsa-ee-by-secp256k1-ecdsa-intermediate.pem +++ /dev/null @@ -1,42 +0,0 @@ -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 236 (0xec) - Signature Algorithm: ecdsa-with-SHA1 - Issuer: CN=secp256k1 ecdsa Test intermediate CA - Validity - Not Before: Dec 10 01:51:16 2011 GMT - Not After : Dec 9 01:51:16 2012 GMT - Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (768 bit) - Modulus (768 bit): - 00:cb:5e:34:c8:77:3c:55:25:ee:1c:68:96:0c:2c: - 48:2b:ed:83:ca:91:12:37:ea:71:ff:bc:c8:de:16: - 03:0c:cf:b8:40:ff:3c:43:1f:10:ab:bf:d8:e4:8f: - c1:82:cf:66:7d:c0:aa:c6:e6:3d:74:65:2d:df:f3: - f7:e1:f0:c0:4a:f8:eb:b8:5d:63:ff:78:67:b7:c6: - 1b:24:33:6d:0f:9c:39:86:72:41:03:26:8f:e0:55: - 1d:1c:72:a5:38:15:8f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Alternative Name: - IP Address:127.0.0.1 - Signature Algorithm: ecdsa-with-SHA1 - 30:44:02:20:72:f6:48:3b:5d:88:f4:fc:50:c8:74:21:a6:f2: - c4:f7:d0:40:69:a1:48:93:98:36:fe:36:16:ec:95:a6:28:12: - 02:20:48:e4:7e:32:a0:4b:c0:4d:08:5f:c8:63:f9:67:7f:2d: - dc:78:77:78:ec:0e:a2:ee:78:60:d9:07:7d:b3:0a:d3 ------BEGIN CERTIFICATE----- -MIIBrTCCAVUCAgDsMAkGByqGSM49BAEwLzEtMCsGA1UEAwwkc2VjcDI1NmsxIGVj -ZHNhIFRlc3QgaW50ZXJtZWRpYXRlIENBMB4XDTExMTIxMDAxNTExNloXDTEyMTIw -OTAxNTExNlowYDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAU -BgNVBAcMDU1vdW50YWluIFZpZXcxEDAOBgNVBAoMB1Rlc3QgQ0ExEjAQBgNVBAMM -CTEyNy4wLjAuMTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgCYQDLXjTIdzxVJe4caJYM -LEgr7YPKkRI36nH/vMjeFgMMz7hA/zxDHxCrv9jkj8GCz2Z9wKrG5j10ZS3f8/fh -8MBK+Ou4XWP/eGe3xhskM20PnDmGckEDJo/gVR0ccqU4FY8CAwEAAaMTMBEwDwYD -VR0RBAgwBocEfwAAATAJBgcqhkjOPQQBA0cAMEQCIHL2SDtdiPT8UMh0IabyxPfQ -QGmhSJOYNv42FuyVpigSAiBI5H4yoEvATQhfyGP5Z38t3Hh3eOwOou54YNkHfbMK -0w== ------END CERTIFICATE----- diff --git a/chromium/net/data/ssl/certificates/README b/chromium/net/data/ssl/certificates/README index 0ef59fca041..9634a282a8b 100644 --- a/chromium/net/data/ssl/certificates/README +++ b/chromium/net/data/ssl/certificates/README @@ -99,6 +99,13 @@ unit tests. 26 Feb 2022 and are generated by net/data/ssl/scripts/generate-redundant-test-chains.sh. +- multi-root-chain1.pem +- multi-root-chain2.pem + Two chains, A -> B -> C -> D and A -> B -> C2 -> E (C and C2 share the + same public key) to test that certificate validation caching does not + interfere with the chain_verify_callback used by CertVerifyProcChromeOS. + See CertVerifyProcChromeOSTest. + - comodo.chain.pem : A certificate chain for www.comodo.com which should be recognised as EV. Expires Jun 21 2013. diff --git a/chromium/net/data/ssl/certificates/multi-root-chain1.pem b/chromium/net/data/ssl/certificates/multi-root-chain1.pem new file mode 100644 index 00000000000..da8d08aa5b5 --- /dev/null +++ b/chromium/net/data/ssl/certificates/multi-root-chain1.pem @@ -0,0 +1,328 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAvYF0kDZ7Nd/z6hjKuWSoWIWQKt4ivpoLl73+YZgq5S3PnrwM +I14hTxmttT6c1KoFWnFOt5mBp2s1CSJDhL7pccZwO2+IxCu6CrjBfEK+P9gLiIdT +gnujctRCU/N9y4RQYDQchmU2++ZHT2Fgw5t7SlduLKyQ7kcNspLiu+h84nQ+co8C +kUHoLmAagIN2uIf9818E3VaX8xEEcJ5I4pblZqOF3bL2kR7ow6Z5lLfkbiU4J6N5 +mZxTuovJz9Ze4MDGBZpgRnMlVqQCPNw21WASD8n5TsAeK3Rg7wMwilN+yArrK5vb +o2MDhbi6yv2T/fOPh5cRJNUR81Csuh+d1+QwfQIDAQABAoIBAA6ExYZq9iOZhdlw +js+HW7J0gSgXnrfVm3/DqaKWgurOCLMTmyZ2hrzFrd5N7rwITqKwPaSpWRqXhxet +DVk1OzNhTaXwFJ1a8ET0BLbdci/4AGI0Y/yCNnKMuowuAnw+Jd5I/8p4JK9F5D67 +qisyVU7LxgAcNHpc7Tq6MC7PUAoVVd7uPy0NtSD3JikwYWHUv+BtOm8P5jugy8Kr +qMN0c0/qsZ0SedfT1k/IIfu79DZZ5hBl5rUhgMYjuycd0Hi5qOa7o2fdVXJh2eLo +HY3cQTymWlibutABv//P+NsteyrXXFkcmPjNXHy5WpvmT2RR5Hxx57hJck/7xVjv +u8B7AgECgYEA9vLjrUeO2Wei5BsL9I5xB+epwaXAUsaugnRXePG5i2HhCRfOeU9f +PKuv0F4yuHNre9j1w5X/5WzxnFhDSb1QLbFXlgFCltL5a3RypygC9B0r7VFQCaLI +ODjX5h06PZq6oLLiLSyVlOSrcPXNJLuhMqNnHuOUacUtOIx4B2vpwP0CgYEAxHOU +YlMwUhgmPKZ/R7lNYMAKKUAiuKEkFM0K1K0/GnizhYDnc2atxORk54ZD6aGYuf9y +xBWmOZobNTmGw9bnQhePai/xHUoJgs8KWN5e8pBJXAouL12pqRC4sQCIVc9R3J+7 +djTPTco0oexkUsbe1rr4hCqoR9iUePxl7wY5BYECgYEA8nA6fV+HKoDINlEnR4yg +Aza4PdjQG3Pa11AIoEAP/Hq3RwoMNqRpx1J2ZIZWHSeTGh9CCCY297Ig8XDlfntR +P8qfRjEugovVOl00Qk7Rt378JRxzC0K4dhm4O73t85T4K9PyoI7ouyhT964ZHDro +YqJxFq4ugjiF0MJ3BDI5ZrECgYAItf9MZNftq/h2FAPs0ECoG5vXvGpNuYd6DKWA +TLZRnCyJrO+WZGUsJ9x5j7CPOYUmKjeSjksynqy6LXTWVj8m5RiM4tdULyZA0KFq +02FubAt0s1bc7tBJGN63qohhFbJRkBul4C2ZC3BOBcdlDEBxURUX9zRDC016F+cF +NEdvAQKBgQCtJhaEt1dzbB0qYEZz7kYr3QP1hz/6XfnAd8wmJNQQQ8yctNlJc+dH +Foo3qwU2uJWFbByBxIvkmCDTAOCJwOONP/MhigvDQth/sa+TbY6y39XywL0TyG/p +X19RWD9TYNG7C9y9Z8Jcz+u9iCd5enqLYw7Qle9gq3jwK1GXsV5zEQ== +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4096 (0x1000) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=B CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bd:81:74:90:36:7b:35:df:f3:ea:18:ca:b9:64: + a8:58:85:90:2a:de:22:be:9a:0b:97:bd:fe:61:98: + 2a:e5:2d:cf:9e:bc:0c:23:5e:21:4f:19:ad:b5:3e: + 9c:d4:aa:05:5a:71:4e:b7:99:81:a7:6b:35:09:22: + 43:84:be:e9:71:c6:70:3b:6f:88:c4:2b:ba:0a:b8: + c1:7c:42:be:3f:d8:0b:88:87:53:82:7b:a3:72:d4: + 42:53:f3:7d:cb:84:50:60:34:1c:86:65:36:fb:e6: + 47:4f:61:60:c3:9b:7b:4a:57:6e:2c:ac:90:ee:47: + 0d:b2:92:e2:bb:e8:7c:e2:74:3e:72:8f:02:91:41: + e8:2e:60:1a:80:83:76:b8:87:fd:f3:5f:04:dd:56: + 97:f3:11:04:70:9e:48:e2:96:e5:66:a3:85:dd:b2: + f6:91:1e:e8:c3:a6:79:94:b7:e4:6e:25:38:27:a3: + 79:99:9c:53:ba:8b:c9:cf:d6:5e:e0:c0:c6:05:9a: + 60:46:73:25:56:a4:02:3c:dc:36:d5:60:12:0f:c9: + f9:4e:c0:1e:2b:74:60:ef:03:30:8a:53:7e:c8:0a: + eb:2b:9b:db:a3:63:03:85:b8:ba:ca:fd:93:fd:f3: + 8f:87:97:11:24:d5:11:f3:50:ac:ba:1f:9d:d7:e4: + 30:7d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 2C:58:4E:D7:58:62:F8:D6:BF:BE:80:5C:04:3A:39:B1:41:8C:D3:D7 + X509v3 Authority Key Identifier: + keyid:CD:18:27:4F:88:B1:26:85:B9:8F:9C:00:A4:F8:1A:FD:01:86:5E:EC + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + Signature Algorithm: sha1WithRSAEncryption + 0d:09:9b:f0:11:81:5a:5d:f1:85:73:fb:f2:c8:bc:82:99:27: + fd:58:c7:6a:d6:28:f1:09:63:4e:61:fd:68:3a:23:0a:10:fe: + 58:7b:20:a3:7a:69:e6:74:55:5c:14:4f:ec:d7:e2:10:aa:8b: + a6:3f:99:c1:ef:bb:48:a9:42:b8:9a:8e:65:75:7b:cc:5c:bd: + e4:c0:63:e2:d1:6b:38:32:5f:33:b3:fc:0c:33:b0:8b:dd:10: + 54:15:99:2d:c4:62:68:3f:af:3f:e2:d9:52:33:d4:31:4c:ed: + c7:28:76:bb:21:6b:b9:41:fb:88:40:52:e1:52:76:31:af:d8: + a6:63:d1:d9:a5:e4:95:39:74:a8:73:f5:b0:c4:4e:bf:ef:a1: + 87:2e:94:a0:bd:cc:e3:90:45:5c:5a:18:15:0d:09:47:45:0f: + 1e:d7:cf:d3:8d:c6:b0:54:c4:5f:21:50:5c:b5:0d:eb:c3:15: + 3d:ee:88:fa:b4:80:93:4d:2e:00:9e:46:b6:fb:e8:64:32:51: + 8a:35:81:7a:d3:71:73:8d:2a:27:d4:57:2f:66:4c:fc:99:81: + 06:66:1f:5b:e6:a4:e5:35:eb:f3:e5:e3:f3:31:78:fe:b0:03: + f9:5d:77:97:70:d7:53:52:50:df:15:5b:3e:fc:7e:9a:1f:6a: + ce:c2:37:2f +-----BEGIN CERTIFICATE----- +MIIDWjCCAkKgAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwDzENMAsGA1UEAwwEQiBD +QTAeFw0xNDAyMDQwNDI1NThaFw0yNDAyMDIwNDI1NThaMGAxCzAJBgNVBAYTAlVT +MRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAw +DgYDVQQKDAdUZXN0IENBMRIwEAYDVQQDDAkxMjcuMC4wLjEwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC9gXSQNns13/PqGMq5ZKhYhZAq3iK+mguXvf5h +mCrlLc+evAwjXiFPGa21PpzUqgVacU63mYGnazUJIkOEvulxxnA7b4jEK7oKuMF8 +Qr4/2AuIh1OCe6Ny1EJT833LhFBgNByGZTb75kdPYWDDm3tKV24srJDuRw2ykuK7 +6HzidD5yjwKRQeguYBqAg3a4h/3zXwTdVpfzEQRwnkjiluVmo4XdsvaRHujDpnmU +t+RuJTgno3mZnFO6i8nP1l7gwMYFmmBGcyVWpAI83DbVYBIPyflOwB4rdGDvAzCK +U37ICusrm9ujYwOFuLrK/ZP984+HlxEk1RHzUKy6H53X5DB9AgMBAAGjbzBtMAwG +A1UdEwEB/wQCMAAwHQYDVR0OBBYEFCxYTtdYYvjWv76AXAQ6ObFBjNPXMB8GA1Ud +IwQYMBaAFM0YJ0+IsSaFuY+cAKT4Gv0Bhl7sMB0GA1UdJQQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOCAQEADQmb8BGBWl3xhXP78si8gpkn +/VjHatYo8QljTmH9aDojChD+WHsgo3pp5nRVXBRP7NfiEKqLpj+Zwe+7SKlCuJqO +ZXV7zFy95MBj4tFrODJfM7P8DDOwi90QVBWZLcRiaD+vP+LZUjPUMUztxyh2uyFr +uUH7iEBS4VJ2Ma/YpmPR2aXklTl0qHP1sMROv++hhy6UoL3M45BFXFoYFQ0JR0UP +HtfP043GsFTEXyFQXLUN68MVPe6I+rSAk00uAJ5GtvvoZDJRijWBetNxc40qJ9RX +L2ZM/JmBBmYfW+ak5TXr8+Xj8zF4/rAD+V13l3DXU1JQ3xVbPvx+mh9qzsI3Lw== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4097 (0x1001) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=C CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: CN=B CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ab:18:b1:0e:c2:f9:61:1a:13:c4:95:b8:65:d8: + cb:36:2f:72:e8:e1:97:44:1d:0d:55:a0:cc:02:12: + 04:a4:78:f6:df:c3:6f:c9:b8:50:15:d8:5c:21:ed: + 8f:c4:e7:db:81:da:fe:01:60:39:63:99:e4:04:dc: + 15:ea:59:6b:35:da:1a:e3:3e:dd:f0:71:8f:64:79: + 1a:30:b1:be:5a:43:9c:88:1a:a0:26:2f:5d:6c:b6: + 8b:b8:6d:10:b0:97:f4:a1:d3:7b:56:3d:dd:12:19: + a3:5e:02:24:9e:19:8e:d2:0b:e2:ea:8e:a2:cc:a1: + 8e:f0:49:e1:81:ae:3a:a6:71:d5:e8:e4:80:27:01: + 58:66:8c:bd:a0:4f:08:01:59:5c:c3:e3:d5:6f:49: + 73:24:66:f5:25:b3:9e:a1:29:21:de:e9:d5:ad:b0: + 1d:fc:b7:4c:f7:5a:9a:2b:5a:2c:af:07:aa:c2:82: + 5a:36:06:1d:27:2d:90:c7:45:1e:7b:f4:7a:8a:fe: + 90:c1:79:c9:8f:4e:67:52:48:ea:0b:dd:d7:fe:84: + 54:47:2f:d9:d0:ca:11:07:59:b0:90:08:0b:76:a2: + ec:30:a5:45:aa:d7:61:39:84:43:33:97:22:b6:45: + c8:e8:ab:73:5f:79:a8:13:55:2f:71:a2:c9:21:aa: + 9b:df + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + CD:18:27:4F:88:B1:26:85:B9:8F:9C:00:A4:F8:1A:FD:01:86:5E:EC + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 00:80:9b:99:4b:81:b1:76:49:5c:f2:99:ef:88:93:18:75:68: + eb:26:9e:87:95:b6:91:23:c0:b5:78:58:96:97:9c:27:38:fa: + f3:e5:c3:a2:34:40:91:6d:45:2c:7f:63:51:98:5b:53:4b:91: + ce:0f:e2:32:63:e7:e5:f9:21:6b:b7:f9:94:ac:33:13:5c:27: + 9b:98:e7:7f:44:50:29:98:68:81:53:6b:a1:43:d8:04:40:cb: + f2:cf:18:39:a5:24:c9:88:b6:b7:76:cb:dd:18:2e:1d:24:3e: + d3:59:e9:04:48:9d:59:0c:0f:d0:79:6a:93:7d:2b:b9:8e:50: + 34:00:0d:48:ae:10:bd:80:04:74:da:06:27:15:ad:88:ec:36: + 61:51:80:fe:6b:1d:46:37:0e:ea:23:60:c1:79:bf:03:2a:d2: + 80:9e:2c:10:3a:bc:2d:50:6e:f7:f9:d5:ec:11:d9:b4:62:bc: + 09:2c:05:31:06:bf:b9:e1:d5:1e:02:a9:1a:c5:c4:13:bf:b7: + 8e:6a:08:51:57:af:db:7b:09:74:bd:c7:bd:3c:de:0a:51:8a: + fe:82:0b:4b:34:74:10:4b:4b:34:fd:42:28:48:10:db:5d:6d: + 64:80:b1:3c:5c:04:86:32:6c:25:87:db:23:dc:e4:42:e4:71: + f9:b1:88:74 +-----BEGIN CERTIFICATE----- +MIIC3DCCAcSgAwIBAgICEAEwDQYJKoZIhvcNAQEFBQAwDzENMAsGA1UEAwwEQyBD +QTAeFw0xNDAyMDQwNDI1NThaFw0yNDAyMDIwNDI1NThaMA8xDTALBgNVBAMMBEIg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGLEOwvlhGhPElbhl +2Ms2L3Lo4ZdEHQ1VoMwCEgSkePbfw2/JuFAV2Fwh7Y/E59uB2v4BYDljmeQE3BXq +WWs12hrjPt3wcY9keRowsb5aQ5yIGqAmL11stou4bRCwl/Sh03tWPd0SGaNeAiSe +GY7SC+LqjqLMoY7wSeGBrjqmcdXo5IAnAVhmjL2gTwgBWVzD49VvSXMkZvUls56h +KSHe6dWtsB38t0z3WporWiyvB6rCglo2Bh0nLZDHRR579HqK/pDBecmPTmdSSOoL +3df+hFRHL9nQyhEHWbCQCAt2ouwwpUWq12E5hEMzlyK2Rcjoq3NfeagTVS9xoskh +qpvfAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFM0YJ0+IsSaF +uY+cAKT4Gv0Bhl7sMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEA +AICbmUuBsXZJXPKZ74iTGHVo6yaeh5W2kSPAtXhYlpecJzj68+XDojRAkW1FLH9j +UZhbU0uRzg/iMmPn5fkha7f5lKwzE1wnm5jnf0RQKZhogVNroUPYBEDL8s8YOaUk +yYi2t3bL3RguHSQ+01npBEidWQwP0Hlqk30ruY5QNAANSK4QvYAEdNoGJxWtiOw2 +YVGA/msdRjcO6iNgwXm/AyrSgJ4sEDq8LVBu9/nV7BHZtGK8CSwFMQa/ueHVHgKp +GsXEE7+3jmoIUVev23sJdL3HvTzeClGK/oILSzR0EEtLNP1CKEgQ211tZICxPFwE +hjJsJYfbI9zkQuRx+bGIdA== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4099 (0x1003) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=D Root CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: CN=C CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ca:21:76:fd:8b:0f:24:ba:dc:ab:cd:0e:31:94: + 01:90:57:79:18:3c:58:61:f5:7e:b7:2f:e6:46:d3: + 41:e8:4e:29:29:a8:9d:eb:d6:df:69:d5:b1:10:de: + 6b:17:2d:8d:8a:1c:d7:dc:80:85:74:c2:7a:6e:a6: + 75:7a:2a:76:42:fb:65:6b:8c:a9:2f:c0:5e:76:1e: + bc:35:85:b2:4b:35:a4:97:33:15:76:7d:4f:6e:d0: + 3b:45:04:fe:dc:a0:11:67:15:2d:3a:c3:07:c6:db: + f2:89:25:92:5e:db:70:bd:88:e9:f0:c7:54:6f:8e: + ab:cf:ce:ca:ad:bb:44:72:bf:e9:b5:ab:ba:68:15: + 6d:1e:e1:66:d6:60:d8:bd:dc:ab:d3:e8:2f:4c:ee: + 29:46:36:c7:b1:61:af:20:19:cc:98:1c:78:5f:4d: + 97:7a:de:2f:d9:fd:f0:b8:47:34:ff:ed:73:07:eb: + 90:54:11:e2:1b:8e:68:5a:c1:72:a9:af:df:e9:f1: + f5:ca:0e:72:03:90:1b:af:64:d6:ee:ce:67:57:1b: + fb:c7:f1:c2:5c:97:81:cd:d6:22:7c:26:bf:cd:6a: + b9:99:5f:58:63:5f:ce:05:1c:7d:f1:a9:d3:f8:4c: + fe:10:82:a4:14:2c:67:97:6c:82:2f:98:38:83:50: + bf:71 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + F5:87:AF:4C:B3:4A:88:7F:EB:92:D3:C7:28:78:91:D9:02:4A:71:DF + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 7a:34:4b:a9:c4:e0:82:72:8f:2d:a6:3e:c7:5a:60:61:18:d4: + 29:34:96:05:1e:9c:16:23:30:84:2b:72:10:3f:27:cd:0a:e1: + 23:0a:fe:6d:86:08:fb:d2:3f:fc:8d:d1:1f:c5:44:bb:89:dc: + ae:27:c3:20:99:a3:af:d8:ec:d6:cf:07:e6:59:ae:f4:26:18: + 39:78:44:24:4e:aa:93:c2:27:d3:05:ac:06:94:94:8a:d9:fc: + 5d:d8:cb:b9:71:14:c8:95:be:29:ee:65:cb:ff:3e:70:05:ef: + f9:12:6b:11:cb:37:6d:2d:8a:0e:9d:0d:3b:d8:eb:94:a2:f7: + d9:c6:0e:56:18:64:69:e6:3f:3c:64:da:37:c8:f8:f9:dd:1d: + 20:e1:af:61:54:09:5f:64:ce:b0:3e:38:fe:fc:20:23:96:d8: + 9b:d3:08:23:34:c9:0e:f9:ef:04:96:4a:c8:4c:6e:22:ff:95: + 52:db:a8:7f:58:50:eb:10:ca:6a:7b:44:fc:7b:e0:d0:9c:f1: + 3d:5a:c6:26:b4:8b:8a:cb:c9:40:94:f6:c8:14:5a:c8:7f:53: + 79:a9:d1:83:21:36:a2:ee:3a:50:45:d6:2d:a4:47:ea:67:94: + ec:5f:e5:c2:1f:0a:a5:1f:7a:62:ce:d7:b0:b2:bb:e6:af:ab: + d5:ed:f6:39 +-----BEGIN CERTIFICATE----- +MIIC4TCCAcmgAwIBAgICEAMwDQYJKoZIhvcNAQEFBQAwFDESMBAGA1UEAwwJRCBS +b290IENBMB4XDTE0MDIwNDA0MjU1OFoXDTI0MDIwMjA0MjU1OFowDzENMAsGA1UE +AwwEQyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMohdv2LDyS6 +3KvNDjGUAZBXeRg8WGH1frcv5kbTQehOKSmonevW32nVsRDeaxctjYoc19yAhXTC +em6mdXoqdkL7ZWuMqS/AXnYevDWFsks1pJczFXZ9T27QO0UE/tygEWcVLTrDB8bb +8oklkl7bcL2I6fDHVG+Oq8/Oyq27RHK/6bWrumgVbR7hZtZg2L3cq9PoL0zuKUY2 +x7FhryAZzJgceF9Nl3reL9n98LhHNP/tcwfrkFQR4huOaFrBcqmv3+nx9coOcgOQ +G69k1u7OZ1cb+8fxwlyXgc3WInwmv81quZlfWGNfzgUcffGp0/hM/hCCpBQsZ5ds +gi+YOINQv3ECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU9Yev +TLNKiH/rktPHKHiR2QJKcd8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQB6NEupxOCCco8tpj7HWmBhGNQpNJYFHpwWIzCEK3IQPyfNCuEjCv5thgj7 +0j/8jdEfxUS7idyuJ8MgmaOv2OzWzwfmWa70Jhg5eEQkTqqTwifTBawGlJSK2fxd +2Mu5cRTIlb4p7mXL/z5wBe/5EmsRyzdtLYoOnQ072OuUovfZxg5WGGRp5j88ZNo3 +yPj53R0g4a9hVAlfZM6wPjj+/CAjltib0wgjNMkO+e8ElkrITG4i/5VS26h/WFDr +EMpqe0T8e+DQnPE9WsYmtIuKy8lAlPbIFFrIf1N5qdGDITai7jpQRdYtpEfqZ5Ts +X+XCHwqlH3piztewsrvmr6vV7fY5 +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 13476701051823430697 (0xbb06dc343a119c29) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=D Root CA + Validity + Not Before: Feb 4 04:25:57 2014 GMT + Not After : Feb 2 04:25:57 2024 GMT + Subject: CN=D Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a8:4f:68:60:f8:f7:db:96:c7:0a:33:3a:bb:24: + 01:ec:06:15:68:9e:33:b1:2c:4e:b6:e0:23:bc:ef: + 4e:b6:03:09:86:21:72:85:bf:5a:c4:88:54:f8:44: + 45:a9:aa:7c:74:50:3c:43:5f:c1:e5:0f:59:8c:e2: + 57:48:8f:d9:d9:89:53:01:4a:24:8b:70:b6:38:5d: + d4:e3:14:d3:ba:49:83:a5:b7:31:0f:10:2d:06:40: + bc:11:39:53:67:04:21:b2:52:a9:61:66:34:2d:3e: + ce:0a:9e:96:e7:60:3d:e4:7a:10:9c:1d:e6:8d:a4: + 11:20:e9:c5:60:7d:00:d4:03:ff:1b:92:ba:d1:43: + 44:12:2e:b9:3e:77:0f:98:33:60:e8:df:67:d8:08: + 2d:1a:b4:62:3e:75:6b:76:b8:a1:d1:8f:09:4d:aa: + 88:f8:61:90:6c:ce:84:15:85:f8:bd:ba:40:e9:33: + 22:ed:63:fa:1b:cf:6a:0d:96:91:11:e1:c7:3a:b9: + c3:7a:42:d3:78:5c:c7:c7:b1:72:05:63:92:22:28: + b7:ea:3c:0a:d0:6d:9c:aa:6d:60:66:29:bb:43:6a: + c0:2b:ce:ef:05:5c:7c:d9:8b:c4:9e:65:80:f0:32: + 67:b9:4b:9c:65:7a:df:62:a2:2e:b4:14:50:15:87: + b5:a7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + A6:3C:3F:34:0B:14:89:E3:BF:92:BA:F8:18:0B:E3:C6:31:4C:77:D0 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 1e:e6:98:ac:39:4a:f0:c2:c4:70:76:dd:c7:26:2c:61:00:be: + fb:73:1e:fd:72:d1:25:a0:84:51:ee:e7:76:f6:72:8e:89:8b: + 69:ef:1c:10:ae:ce:4a:29:2b:d6:43:52:3f:32:30:c4:3f:3f: + 2a:3e:c8:af:cc:d8:0d:54:b9:74:ac:0c:9e:43:71:c1:56:88: + e8:92:a3:40:f4:c0:73:e3:28:bd:93:02:af:c2:1b:66:5e:8c: + 5b:0e:48:55:c6:48:aa:f5:c6:c2:c1:cc:83:ac:59:d2:40:25: + f9:84:52:8f:57:97:1d:ea:3d:24:26:19:a8:ba:60:1a:dc:bc: + 7d:cc:8d:9a:fc:0f:7f:3d:b8:b4:ef:b9:47:28:0f:07:0b:57: + ea:3a:12:c8:01:69:8e:49:46:f8:19:cf:ad:69:5a:94:48:f2: + 54:3d:b0:99:02:c8:d6:ff:4e:a7:cf:d1:b4:e5:94:92:ce:3f: + d1:86:1b:01:6b:51:cd:94:cc:c1:2c:dd:4d:43:c2:e5:cd:21: + 9f:3f:ec:88:b7:e4:9d:4c:f5:55:61:2c:75:f9:4b:f7:2f:ba: + 2f:6f:d9:f7:1e:70:b5:a5:2f:ea:e9:b6:b0:61:34:0a:20:55: + c0:73:af:4a:d3:32:64:7d:cc:c4:3f:b2:45:ad:1e:4c:f6:ad: + d9:bf:a7:e0 +-----BEGIN CERTIFICATE----- +MIIC7TCCAdWgAwIBAgIJALsG3DQ6EZwpMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV +BAMMCUQgUm9vdCBDQTAeFw0xNDAyMDQwNDI1NTdaFw0yNDAyMDIwNDI1NTdaMBQx +EjAQBgNVBAMMCUQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAKhPaGD499uWxwozOrskAewGFWieM7EsTrbgI7zvTrYDCYYhcoW/WsSIVPhE +RamqfHRQPENfweUPWYziV0iP2dmJUwFKJItwtjhd1OMU07pJg6W3MQ8QLQZAvBE5 +U2cEIbJSqWFmNC0+zgqeludgPeR6EJwd5o2kESDpxWB9ANQD/xuSutFDRBIuuT53 +D5gzYOjfZ9gILRq0Yj51a3a4odGPCU2qiPhhkGzOhBWF+L26QOkzIu1j+hvPag2W +kRHhxzq5w3pC03hcx8excgVjkiIot+o8CtBtnKptYGYpu0NqwCvO7wVcfNmLxJ5l +gPAyZ7lLnGV632KiLrQUUBWHtacCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUpjw/NAsUieO/krr4GAvjxjFMd9AwDgYDVR0PAQH/BAQDAgEGMA0G +CSqGSIb3DQEBBQUAA4IBAQAe5pisOUrwwsRwdt3HJixhAL77cx79ctEloIRR7ud2 +9nKOiYtp7xwQrs5KKSvWQ1I/MjDEPz8qPsivzNgNVLl0rAyeQ3HBVojokqNA9MBz +4yi9kwKvwhtmXoxbDkhVxkiq9cbCwcyDrFnSQCX5hFKPV5cd6j0kJhmoumAa3Lx9 +zI2a/A9/Pbi077lHKA8HC1fqOhLIAWmOSUb4Gc+taVqUSPJUPbCZAsjW/06nz9G0 +5ZSSzj/RhhsBa1HNlMzBLN1NQ8LlzSGfP+yIt+SdTPVVYSx1+Uv3L7ovb9n3HnC1 +pS/q6bawYTQKIFXAc69K0zJkfczEP7JFrR5M9q3Zv6fg +-----END CERTIFICATE----- diff --git a/chromium/net/data/ssl/certificates/multi-root-chain2.pem b/chromium/net/data/ssl/certificates/multi-root-chain2.pem new file mode 100644 index 00000000000..b853bb3f7be --- /dev/null +++ b/chromium/net/data/ssl/certificates/multi-root-chain2.pem @@ -0,0 +1,328 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAvYF0kDZ7Nd/z6hjKuWSoWIWQKt4ivpoLl73+YZgq5S3PnrwM +I14hTxmttT6c1KoFWnFOt5mBp2s1CSJDhL7pccZwO2+IxCu6CrjBfEK+P9gLiIdT +gnujctRCU/N9y4RQYDQchmU2++ZHT2Fgw5t7SlduLKyQ7kcNspLiu+h84nQ+co8C +kUHoLmAagIN2uIf9818E3VaX8xEEcJ5I4pblZqOF3bL2kR7ow6Z5lLfkbiU4J6N5 +mZxTuovJz9Ze4MDGBZpgRnMlVqQCPNw21WASD8n5TsAeK3Rg7wMwilN+yArrK5vb +o2MDhbi6yv2T/fOPh5cRJNUR81Csuh+d1+QwfQIDAQABAoIBAA6ExYZq9iOZhdlw +js+HW7J0gSgXnrfVm3/DqaKWgurOCLMTmyZ2hrzFrd5N7rwITqKwPaSpWRqXhxet +DVk1OzNhTaXwFJ1a8ET0BLbdci/4AGI0Y/yCNnKMuowuAnw+Jd5I/8p4JK9F5D67 +qisyVU7LxgAcNHpc7Tq6MC7PUAoVVd7uPy0NtSD3JikwYWHUv+BtOm8P5jugy8Kr +qMN0c0/qsZ0SedfT1k/IIfu79DZZ5hBl5rUhgMYjuycd0Hi5qOa7o2fdVXJh2eLo +HY3cQTymWlibutABv//P+NsteyrXXFkcmPjNXHy5WpvmT2RR5Hxx57hJck/7xVjv +u8B7AgECgYEA9vLjrUeO2Wei5BsL9I5xB+epwaXAUsaugnRXePG5i2HhCRfOeU9f +PKuv0F4yuHNre9j1w5X/5WzxnFhDSb1QLbFXlgFCltL5a3RypygC9B0r7VFQCaLI +ODjX5h06PZq6oLLiLSyVlOSrcPXNJLuhMqNnHuOUacUtOIx4B2vpwP0CgYEAxHOU +YlMwUhgmPKZ/R7lNYMAKKUAiuKEkFM0K1K0/GnizhYDnc2atxORk54ZD6aGYuf9y +xBWmOZobNTmGw9bnQhePai/xHUoJgs8KWN5e8pBJXAouL12pqRC4sQCIVc9R3J+7 +djTPTco0oexkUsbe1rr4hCqoR9iUePxl7wY5BYECgYEA8nA6fV+HKoDINlEnR4yg +Aza4PdjQG3Pa11AIoEAP/Hq3RwoMNqRpx1J2ZIZWHSeTGh9CCCY297Ig8XDlfntR +P8qfRjEugovVOl00Qk7Rt378JRxzC0K4dhm4O73t85T4K9PyoI7ouyhT964ZHDro +YqJxFq4ugjiF0MJ3BDI5ZrECgYAItf9MZNftq/h2FAPs0ECoG5vXvGpNuYd6DKWA +TLZRnCyJrO+WZGUsJ9x5j7CPOYUmKjeSjksynqy6LXTWVj8m5RiM4tdULyZA0KFq +02FubAt0s1bc7tBJGN63qohhFbJRkBul4C2ZC3BOBcdlDEBxURUX9zRDC016F+cF +NEdvAQKBgQCtJhaEt1dzbB0qYEZz7kYr3QP1hz/6XfnAd8wmJNQQQ8yctNlJc+dH +Foo3qwU2uJWFbByBxIvkmCDTAOCJwOONP/MhigvDQth/sa+TbY6y39XywL0TyG/p +X19RWD9TYNG7C9y9Z8Jcz+u9iCd5enqLYw7Qle9gq3jwK1GXsV5zEQ== +-----END RSA PRIVATE KEY----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4096 (0x1000) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=B CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bd:81:74:90:36:7b:35:df:f3:ea:18:ca:b9:64: + a8:58:85:90:2a:de:22:be:9a:0b:97:bd:fe:61:98: + 2a:e5:2d:cf:9e:bc:0c:23:5e:21:4f:19:ad:b5:3e: + 9c:d4:aa:05:5a:71:4e:b7:99:81:a7:6b:35:09:22: + 43:84:be:e9:71:c6:70:3b:6f:88:c4:2b:ba:0a:b8: + c1:7c:42:be:3f:d8:0b:88:87:53:82:7b:a3:72:d4: + 42:53:f3:7d:cb:84:50:60:34:1c:86:65:36:fb:e6: + 47:4f:61:60:c3:9b:7b:4a:57:6e:2c:ac:90:ee:47: + 0d:b2:92:e2:bb:e8:7c:e2:74:3e:72:8f:02:91:41: + e8:2e:60:1a:80:83:76:b8:87:fd:f3:5f:04:dd:56: + 97:f3:11:04:70:9e:48:e2:96:e5:66:a3:85:dd:b2: + f6:91:1e:e8:c3:a6:79:94:b7:e4:6e:25:38:27:a3: + 79:99:9c:53:ba:8b:c9:cf:d6:5e:e0:c0:c6:05:9a: + 60:46:73:25:56:a4:02:3c:dc:36:d5:60:12:0f:c9: + f9:4e:c0:1e:2b:74:60:ef:03:30:8a:53:7e:c8:0a: + eb:2b:9b:db:a3:63:03:85:b8:ba:ca:fd:93:fd:f3: + 8f:87:97:11:24:d5:11:f3:50:ac:ba:1f:9d:d7:e4: + 30:7d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 2C:58:4E:D7:58:62:F8:D6:BF:BE:80:5C:04:3A:39:B1:41:8C:D3:D7 + X509v3 Authority Key Identifier: + keyid:CD:18:27:4F:88:B1:26:85:B9:8F:9C:00:A4:F8:1A:FD:01:86:5E:EC + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + Signature Algorithm: sha1WithRSAEncryption + 0d:09:9b:f0:11:81:5a:5d:f1:85:73:fb:f2:c8:bc:82:99:27: + fd:58:c7:6a:d6:28:f1:09:63:4e:61:fd:68:3a:23:0a:10:fe: + 58:7b:20:a3:7a:69:e6:74:55:5c:14:4f:ec:d7:e2:10:aa:8b: + a6:3f:99:c1:ef:bb:48:a9:42:b8:9a:8e:65:75:7b:cc:5c:bd: + e4:c0:63:e2:d1:6b:38:32:5f:33:b3:fc:0c:33:b0:8b:dd:10: + 54:15:99:2d:c4:62:68:3f:af:3f:e2:d9:52:33:d4:31:4c:ed: + c7:28:76:bb:21:6b:b9:41:fb:88:40:52:e1:52:76:31:af:d8: + a6:63:d1:d9:a5:e4:95:39:74:a8:73:f5:b0:c4:4e:bf:ef:a1: + 87:2e:94:a0:bd:cc:e3:90:45:5c:5a:18:15:0d:09:47:45:0f: + 1e:d7:cf:d3:8d:c6:b0:54:c4:5f:21:50:5c:b5:0d:eb:c3:15: + 3d:ee:88:fa:b4:80:93:4d:2e:00:9e:46:b6:fb:e8:64:32:51: + 8a:35:81:7a:d3:71:73:8d:2a:27:d4:57:2f:66:4c:fc:99:81: + 06:66:1f:5b:e6:a4:e5:35:eb:f3:e5:e3:f3:31:78:fe:b0:03: + f9:5d:77:97:70:d7:53:52:50:df:15:5b:3e:fc:7e:9a:1f:6a: + ce:c2:37:2f +-----BEGIN CERTIFICATE----- +MIIDWjCCAkKgAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwDzENMAsGA1UEAwwEQiBD +QTAeFw0xNDAyMDQwNDI1NThaFw0yNDAyMDIwNDI1NThaMGAxCzAJBgNVBAYTAlVT +MRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAw +DgYDVQQKDAdUZXN0IENBMRIwEAYDVQQDDAkxMjcuMC4wLjEwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC9gXSQNns13/PqGMq5ZKhYhZAq3iK+mguXvf5h +mCrlLc+evAwjXiFPGa21PpzUqgVacU63mYGnazUJIkOEvulxxnA7b4jEK7oKuMF8 +Qr4/2AuIh1OCe6Ny1EJT833LhFBgNByGZTb75kdPYWDDm3tKV24srJDuRw2ykuK7 +6HzidD5yjwKRQeguYBqAg3a4h/3zXwTdVpfzEQRwnkjiluVmo4XdsvaRHujDpnmU +t+RuJTgno3mZnFO6i8nP1l7gwMYFmmBGcyVWpAI83DbVYBIPyflOwB4rdGDvAzCK +U37ICusrm9ujYwOFuLrK/ZP984+HlxEk1RHzUKy6H53X5DB9AgMBAAGjbzBtMAwG +A1UdEwEB/wQCMAAwHQYDVR0OBBYEFCxYTtdYYvjWv76AXAQ6ObFBjNPXMB8GA1Ud +IwQYMBaAFM0YJ0+IsSaFuY+cAKT4Gv0Bhl7sMB0GA1UdJQQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOCAQEADQmb8BGBWl3xhXP78si8gpkn +/VjHatYo8QljTmH9aDojChD+WHsgo3pp5nRVXBRP7NfiEKqLpj+Zwe+7SKlCuJqO +ZXV7zFy95MBj4tFrODJfM7P8DDOwi90QVBWZLcRiaD+vP+LZUjPUMUztxyh2uyFr +uUH7iEBS4VJ2Ma/YpmPR2aXklTl0qHP1sMROv++hhy6UoL3M45BFXFoYFQ0JR0UP +HtfP043GsFTEXyFQXLUN68MVPe6I+rSAk00uAJ5GtvvoZDJRijWBetNxc40qJ9RX +L2ZM/JmBBmYfW+ak5TXr8+Xj8zF4/rAD+V13l3DXU1JQ3xVbPvx+mh9qzsI3Lw== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4097 (0x1001) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=C CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: CN=B CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ab:18:b1:0e:c2:f9:61:1a:13:c4:95:b8:65:d8: + cb:36:2f:72:e8:e1:97:44:1d:0d:55:a0:cc:02:12: + 04:a4:78:f6:df:c3:6f:c9:b8:50:15:d8:5c:21:ed: + 8f:c4:e7:db:81:da:fe:01:60:39:63:99:e4:04:dc: + 15:ea:59:6b:35:da:1a:e3:3e:dd:f0:71:8f:64:79: + 1a:30:b1:be:5a:43:9c:88:1a:a0:26:2f:5d:6c:b6: + 8b:b8:6d:10:b0:97:f4:a1:d3:7b:56:3d:dd:12:19: + a3:5e:02:24:9e:19:8e:d2:0b:e2:ea:8e:a2:cc:a1: + 8e:f0:49:e1:81:ae:3a:a6:71:d5:e8:e4:80:27:01: + 58:66:8c:bd:a0:4f:08:01:59:5c:c3:e3:d5:6f:49: + 73:24:66:f5:25:b3:9e:a1:29:21:de:e9:d5:ad:b0: + 1d:fc:b7:4c:f7:5a:9a:2b:5a:2c:af:07:aa:c2:82: + 5a:36:06:1d:27:2d:90:c7:45:1e:7b:f4:7a:8a:fe: + 90:c1:79:c9:8f:4e:67:52:48:ea:0b:dd:d7:fe:84: + 54:47:2f:d9:d0:ca:11:07:59:b0:90:08:0b:76:a2: + ec:30:a5:45:aa:d7:61:39:84:43:33:97:22:b6:45: + c8:e8:ab:73:5f:79:a8:13:55:2f:71:a2:c9:21:aa: + 9b:df + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + CD:18:27:4F:88:B1:26:85:B9:8F:9C:00:A4:F8:1A:FD:01:86:5E:EC + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 00:80:9b:99:4b:81:b1:76:49:5c:f2:99:ef:88:93:18:75:68: + eb:26:9e:87:95:b6:91:23:c0:b5:78:58:96:97:9c:27:38:fa: + f3:e5:c3:a2:34:40:91:6d:45:2c:7f:63:51:98:5b:53:4b:91: + ce:0f:e2:32:63:e7:e5:f9:21:6b:b7:f9:94:ac:33:13:5c:27: + 9b:98:e7:7f:44:50:29:98:68:81:53:6b:a1:43:d8:04:40:cb: + f2:cf:18:39:a5:24:c9:88:b6:b7:76:cb:dd:18:2e:1d:24:3e: + d3:59:e9:04:48:9d:59:0c:0f:d0:79:6a:93:7d:2b:b9:8e:50: + 34:00:0d:48:ae:10:bd:80:04:74:da:06:27:15:ad:88:ec:36: + 61:51:80:fe:6b:1d:46:37:0e:ea:23:60:c1:79:bf:03:2a:d2: + 80:9e:2c:10:3a:bc:2d:50:6e:f7:f9:d5:ec:11:d9:b4:62:bc: + 09:2c:05:31:06:bf:b9:e1:d5:1e:02:a9:1a:c5:c4:13:bf:b7: + 8e:6a:08:51:57:af:db:7b:09:74:bd:c7:bd:3c:de:0a:51:8a: + fe:82:0b:4b:34:74:10:4b:4b:34:fd:42:28:48:10:db:5d:6d: + 64:80:b1:3c:5c:04:86:32:6c:25:87:db:23:dc:e4:42:e4:71: + f9:b1:88:74 +-----BEGIN CERTIFICATE----- +MIIC3DCCAcSgAwIBAgICEAEwDQYJKoZIhvcNAQEFBQAwDzENMAsGA1UEAwwEQyBD +QTAeFw0xNDAyMDQwNDI1NThaFw0yNDAyMDIwNDI1NThaMA8xDTALBgNVBAMMBEIg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrGLEOwvlhGhPElbhl +2Ms2L3Lo4ZdEHQ1VoMwCEgSkePbfw2/JuFAV2Fwh7Y/E59uB2v4BYDljmeQE3BXq +WWs12hrjPt3wcY9keRowsb5aQ5yIGqAmL11stou4bRCwl/Sh03tWPd0SGaNeAiSe +GY7SC+LqjqLMoY7wSeGBrjqmcdXo5IAnAVhmjL2gTwgBWVzD49VvSXMkZvUls56h +KSHe6dWtsB38t0z3WporWiyvB6rCglo2Bh0nLZDHRR579HqK/pDBecmPTmdSSOoL +3df+hFRHL9nQyhEHWbCQCAt2ouwwpUWq12E5hEMzlyK2Rcjoq3NfeagTVS9xoskh +qpvfAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFM0YJ0+IsSaF +uY+cAKT4Gv0Bhl7sMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEA +AICbmUuBsXZJXPKZ74iTGHVo6yaeh5W2kSPAtXhYlpecJzj68+XDojRAkW1FLH9j +UZhbU0uRzg/iMmPn5fkha7f5lKwzE1wnm5jnf0RQKZhogVNroUPYBEDL8s8YOaUk +yYi2t3bL3RguHSQ+01npBEidWQwP0Hlqk30ruY5QNAANSK4QvYAEdNoGJxWtiOw2 +YVGA/msdRjcO6iNgwXm/AyrSgJ4sEDq8LVBu9/nV7BHZtGK8CSwFMQa/ueHVHgKp +GsXEE7+3jmoIUVev23sJdL3HvTzeClGK/oILSzR0EEtLNP1CKEgQ211tZICxPFwE +hjJsJYfbI9zkQuRx+bGIdA== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4100 (0x1004) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=E Root CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: CN=C CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ca:21:76:fd:8b:0f:24:ba:dc:ab:cd:0e:31:94: + 01:90:57:79:18:3c:58:61:f5:7e:b7:2f:e6:46:d3: + 41:e8:4e:29:29:a8:9d:eb:d6:df:69:d5:b1:10:de: + 6b:17:2d:8d:8a:1c:d7:dc:80:85:74:c2:7a:6e:a6: + 75:7a:2a:76:42:fb:65:6b:8c:a9:2f:c0:5e:76:1e: + bc:35:85:b2:4b:35:a4:97:33:15:76:7d:4f:6e:d0: + 3b:45:04:fe:dc:a0:11:67:15:2d:3a:c3:07:c6:db: + f2:89:25:92:5e:db:70:bd:88:e9:f0:c7:54:6f:8e: + ab:cf:ce:ca:ad:bb:44:72:bf:e9:b5:ab:ba:68:15: + 6d:1e:e1:66:d6:60:d8:bd:dc:ab:d3:e8:2f:4c:ee: + 29:46:36:c7:b1:61:af:20:19:cc:98:1c:78:5f:4d: + 97:7a:de:2f:d9:fd:f0:b8:47:34:ff:ed:73:07:eb: + 90:54:11:e2:1b:8e:68:5a:c1:72:a9:af:df:e9:f1: + f5:ca:0e:72:03:90:1b:af:64:d6:ee:ce:67:57:1b: + fb:c7:f1:c2:5c:97:81:cd:d6:22:7c:26:bf:cd:6a: + b9:99:5f:58:63:5f:ce:05:1c:7d:f1:a9:d3:f8:4c: + fe:10:82:a4:14:2c:67:97:6c:82:2f:98:38:83:50: + bf:71 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + F5:87:AF:4C:B3:4A:88:7F:EB:92:D3:C7:28:78:91:D9:02:4A:71:DF + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 8c:05:c2:e8:03:57:4c:17:bd:69:1c:2f:3a:3e:9a:c5:11:2d: + 94:c1:38:4d:f1:a8:aa:29:9c:40:d6:99:63:79:8a:96:60:be: + 5a:ba:54:8b:db:a6:f0:66:ae:f1:48:54:2d:a4:9f:ec:ba:e3: + 75:77:c0:54:1d:ce:b1:87:74:61:91:19:14:28:74:b0:ca:7a: + a0:fe:da:eb:26:be:86:cc:db:65:c4:c8:17:fb:9f:78:c3:df: + 39:f5:4f:77:5c:05:49:b5:fa:c5:9e:04:35:4f:ff:72:73:6d: + 8a:31:70:83:3b:19:c2:14:09:9a:2f:f2:ea:cb:13:b4:fa:56: + d2:a9:34:88:56:9c:f2:3e:22:46:56:ad:62:05:20:3b:ed:2e: + 6d:c5:02:de:da:53:8f:79:6c:42:29:c4:b6:5b:9a:31:d2:9b: + 07:3d:62:22:fa:c9:7c:f6:96:e4:a3:f2:5f:46:65:35:ba:af: + 34:9b:2d:30:eb:de:ac:6f:b3:af:e6:7f:10:80:8d:f6:eb:0a: + 03:74:75:8f:ae:e1:13:70:4a:4a:55:e1:f0:f3:69:ff:7e:fb: + 76:7b:5e:ae:ad:5e:59:6c:af:35:e9:08:f6:16:fe:3c:85:e3: + 91:97:0c:23:63:d5:07:40:23:23:eb:20:a8:e1:05:e3:ae:44: + 9f:38:f1:61 +-----BEGIN CERTIFICATE----- +MIIC4TCCAcmgAwIBAgICEAQwDQYJKoZIhvcNAQEFBQAwFDESMBAGA1UEAwwJRSBS +b290IENBMB4XDTE0MDIwNDA0MjU1OFoXDTI0MDIwMjA0MjU1OFowDzENMAsGA1UE +AwwEQyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMohdv2LDyS6 +3KvNDjGUAZBXeRg8WGH1frcv5kbTQehOKSmonevW32nVsRDeaxctjYoc19yAhXTC +em6mdXoqdkL7ZWuMqS/AXnYevDWFsks1pJczFXZ9T27QO0UE/tygEWcVLTrDB8bb +8oklkl7bcL2I6fDHVG+Oq8/Oyq27RHK/6bWrumgVbR7hZtZg2L3cq9PoL0zuKUY2 +x7FhryAZzJgceF9Nl3reL9n98LhHNP/tcwfrkFQR4huOaFrBcqmv3+nx9coOcgOQ +G69k1u7OZ1cb+8fxwlyXgc3WInwmv81quZlfWGNfzgUcffGp0/hM/hCCpBQsZ5ds +gi+YOINQv3ECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU9Yev +TLNKiH/rktPHKHiR2QJKcd8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQCMBcLoA1dMF71pHC86PprFES2UwThN8aiqKZxA1pljeYqWYL5aulSL26bw +Zq7xSFQtpJ/suuN1d8BUHc6xh3RhkRkUKHSwynqg/trrJr6GzNtlxMgX+594w985 +9U93XAVJtfrFngQ1T/9yc22KMXCDOxnCFAmaL/LqyxO0+lbSqTSIVpzyPiJGVq1i +BSA77S5txQLe2lOPeWxCKcS2W5ox0psHPWIi+sl89pbko/JfRmU1uq80my0w696s +b7Ov5n8QgI326woDdHWPruETcEpKVeHw82n/fvt2e16urV5ZbK816Qj2Fv48heOR +lwwjY9UHQCMj6yCo4QXjrkSfOPFh +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 15337932515437853935 (0xd4db485be3963cef) + Signature Algorithm: sha1WithRSAEncryption + Issuer: CN=E Root CA + Validity + Not Before: Feb 4 04:25:58 2014 GMT + Not After : Feb 2 04:25:58 2024 GMT + Subject: CN=E Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a4:0f:61:93:2e:cc:e7:2f:fa:30:d2:6a:ca:eb: + 21:bb:f8:26:55:f3:70:42:c0:48:ca:51:2b:11:20: + 32:16:86:38:8f:d3:fe:88:5a:a4:81:3b:77:1f:82: + e0:26:08:d1:8f:d6:03:98:2d:21:eb:d0:bb:f2:fc: + 25:83:98:95:e9:d2:cc:a6:4e:0d:fb:70:6a:0c:33: + ca:bb:a1:d4:27:30:69:f7:0c:86:e7:82:26:56:c4: + 95:aa:f5:1f:50:8c:95:bf:9a:2d:40:a8:d2:9d:2b: + 78:b0:87:a9:20:b1:73:e1:99:64:cd:22:81:72:76: + d0:fa:46:80:0a:45:50:c5:c1:92:8b:f4:1d:e4:73: + 74:90:53:7f:6c:43:6a:9b:e0:8d:87:96:85:8c:86: + 72:21:8c:17:78:ab:b7:fd:1a:ad:9f:37:03:53:4f: + 94:66:5d:99:fa:cd:d8:c9:0b:0b:dc:83:5f:c8:40: + 9d:50:e8:aa:de:a1:35:8a:ea:e0:26:10:cc:c0:9d: + 0c:aa:23:df:68:b3:7e:e3:55:e4:91:b2:f5:97:15: + 22:6a:71:5e:83:19:41:cb:99:8e:84:33:cd:15:7f: + a1:90:42:5b:ab:f6:40:b8:67:97:d7:65:0f:d3:a5: + 0a:96:cd:9c:aa:fc:57:87:6b:54:ed:4f:b1:4c:01: + 81:cd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + B1:D9:42:46:8A:51:56:85:13:A1:BF:84:84:20:40:7A:ED:54:DC:9B + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 44:46:db:03:28:bd:b3:32:9d:48:cb:5f:dc:2d:3f:5e:1a:52: + a8:61:ef:fb:97:7a:0e:a9:a9:83:5c:1c:7e:b9:e4:7a:12:57: + d0:5b:8f:c1:34:b8:5a:7f:ee:d0:c5:c9:b5:a3:68:0d:ce:68: + 78:08:44:f7:0f:50:bc:c8:87:15:f6:79:5a:1e:21:cc:6d:c9: + 31:70:ad:58:fc:9d:71:d1:2f:25:eb:e1:b6:b8:50:d0:90:28: + f2:48:c7:9f:f2:a4:63:ba:13:03:05:60:41:93:4e:ab:02:0f: + 27:ae:e9:51:f2:45:ba:47:4c:f6:17:82:24:39:a7:5d:c3:eb: + 2d:47:fb:14:06:f8:10:67:e4:98:aa:57:68:9e:f3:5a:b1:82: + 24:e6:dc:0f:cc:53:83:a5:a3:53:9f:d0:31:76:21:50:d0:6c: + af:d5:19:4e:41:b9:d1:b1:eb:bf:02:34:c5:ab:b8:d6:5e:33: + 13:26:e6:82:42:01:94:77:3e:94:35:5e:d5:73:16:7d:fb:a6: + 2d:a7:b8:8a:b4:49:56:d5:7b:5f:ec:d0:fe:ca:7a:78:56:ea: + 1c:a7:61:94:30:a8:92:32:50:40:47:8f:0d:be:f9:96:e4:0a: + 6f:29:7b:41:7d:87:2a:be:b8:42:17:cc:4a:42:ec:c3:1b:2e: + b6:7f:17:54 +-----BEGIN CERTIFICATE----- +MIIC7TCCAdWgAwIBAgIJANTbSFvjljzvMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV +BAMMCUUgUm9vdCBDQTAeFw0xNDAyMDQwNDI1NThaFw0yNDAyMDIwNDI1NThaMBQx +EjAQBgNVBAMMCUUgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAKQPYZMuzOcv+jDSasrrIbv4JlXzcELASMpRKxEgMhaGOI/T/ohapIE7dx+C +4CYI0Y/WA5gtIevQu/L8JYOYlenSzKZODftwagwzyruh1CcwafcMhueCJlbElar1 +H1CMlb+aLUCo0p0reLCHqSCxc+GZZM0igXJ20PpGgApFUMXBkov0HeRzdJBTf2xD +apvgjYeWhYyGciGMF3irt/0arZ83A1NPlGZdmfrN2MkLC9yDX8hAnVDoqt6hNYrq +4CYQzMCdDKoj32izfuNV5JGy9ZcVImpxXoMZQcuZjoQzzRV/oZBCW6v2QLhnl9dl +D9OlCpbNnKr8V4drVO1PsUwBgc0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUsdlCRopRVoUTob+EhCBAeu1U3JswDgYDVR0PAQH/BAQDAgEGMA0G +CSqGSIb3DQEBBQUAA4IBAQBERtsDKL2zMp1Iy1/cLT9eGlKoYe/7l3oOqamDXBx+ +ueR6ElfQW4/BNLhaf+7Qxcm1o2gNzmh4CET3D1C8yIcV9nlaHiHMbckxcK1Y/J1x +0S8l6+G2uFDQkCjySMef8qRjuhMDBWBBk06rAg8nrulR8kW6R0z2F4IkOaddw+st +R/sUBvgQZ+SYqldonvNasYIk5twPzFODpaNTn9AxdiFQ0Gyv1RlOQbnRseu/AjTF +q7jWXjMTJuaCQgGUdz6UNV7VcxZ9+6Ytp7iKtElW1Xtf7ND+ynp4Vuocp2GUMKiS +MlBAR48NvvmW5ApvKXtBfYcqvrhCF8xKQuzDGy62fxdU +-----END CERTIFICATE----- diff --git a/chromium/net/data/ssl/scripts/generate-aia-certs.sh b/chromium/net/data/ssl/scripts/generate-aia-certs.sh index 98b858e139a..76b86cf5418 100755 --- a/chromium/net/data/ssl/scripts/generate-aia-certs.sh +++ b/chromium/net/data/ssl/scripts/generate-aia-certs.sh @@ -9,15 +9,15 @@ try() { echo "$@" - $@ || exit 1 + "$@" || exit 1 } try rm -rf out try mkdir out # Create the serial number files. -try echo 1 > out/aia-test-root-serial -try echo 1 > out/aia-test-intermediate-serial +try /bin/sh -c "echo 01 > out/aia-test-root-serial" +try /bin/sh -c "echo 01 > out/aia-test-intermediate-serial" # Create the signers' DB files. touch out/aia-test-root-index.txt @@ -47,7 +47,8 @@ CA_COMMON_NAME="AIA Test Root CA" \ -out out/aia-test-root.pem \ -signkey out/aia-test-root.key \ -extfile aia-test.cnf \ - -extensions ca_cert + -extensions ca_cert \ + -text # Generate the intermediate CA_COMMON_NAME="AIA Test Intermediate CA" \ @@ -89,3 +90,11 @@ CA_COMMON_NAME="AIA Test Intermediate CA" \ -out out/aia-test-cert.pem \ -config aia-test.cnf \ -extensions user_cert + +# Copy to the file names that are actually checked in. +try cp out/aia-test-cert.pem ../certificates/aia-cert.pem +try openssl x509 \ + -outform der \ + -in out/aia-test-intermediate.pem \ + -out ../certificates/aia-intermediate.der +try cp out/aia-test-root.pem ../certificates/aia-root.pem diff --git a/chromium/net/data/ssl/scripts/generate-bad-eku-certs.sh b/chromium/net/data/ssl/scripts/generate-bad-eku-certs.sh index 11e41d4da5a..5335b843fae 100755 --- a/chromium/net/data/ssl/scripts/generate-bad-eku-certs.sh +++ b/chromium/net/data/ssl/scripts/generate-bad-eku-certs.sh @@ -11,22 +11,22 @@ try () { echo "$@" - $@ || exit 1 + "$@" || exit 1 } try rm -rf out try mkdir out -eku_test_root="eku-test-root" +eku_test_root="2048-rsa-root" # Create the serial number files. -try echo 1 > out/$eku_test_root-serial +try /bin/sh -c "echo 01 > \"out/$eku_test_root-serial\"" # Make sure the signers' DB files exist. -touch out/$eku_test_root-index.txt +touch "out/$eku_test_root-index.txt" # Generate one root CA certificate. -try openssl genrsa -out out/$eku_test_root.key 2048 +try openssl genrsa -out "out/$eku_test_root.key" 2048 CA_COMMON_NAME="2048 RSA Test Root CA" \ CA_DIR=out \ @@ -36,9 +36,9 @@ CA_COMMON_NAME="2048 RSA Test Root CA" \ CERT_TYPE=root \ try openssl req \ -new \ - -key out/$eku_test_root.key \ + -key "out/$eku_test_root.key" \ -extensions ca_cert \ - -out out/$eku_test_root.csr \ + -out "out/$eku_test_root.csr" \ -config ca.cnf CA_COMMON_NAME="2048 RSA Test Root CA" \ @@ -46,20 +46,22 @@ CA_COMMON_NAME="2048 RSA Test Root CA" \ CA_NAME=req_env_dn \ try openssl x509 \ -req -days 3650 \ - -in out/$eku_test_root.csr \ + -in "out/$eku_test_root.csr" \ -extensions ca_cert \ - -signkey out/$eku_test_root.key \ - -out out/$eku_test_root.pem + -extfile ca.cnf \ + -signkey "out/$eku_test_root.key" \ + -out "out/$eku_test_root.pem" \ + -text # Generate EE certs. for cert_type in non-crit-codeSigning crit-codeSigning do - try openssl genrsa -out out/$cert_type.key 2048 + try openssl genrsa -out "out/$cert_type.key" 2048 try openssl req \ -new \ - -key out/$cert_type.key \ - -out out/$cert_type.csr \ + -key "out/$cert_type.key" \ + -out "out/$cert_type.csr" \ -config eku-test.cnf \ -reqexts "$cert_type" @@ -71,7 +73,14 @@ do CERT_TYPE=root \ try openssl ca \ -batch \ - -in out/$cert_type.csr \ - -out out/$cert_type.pem \ + -in "out/$cert_type.csr" \ + -out "out/$cert_type.pem" \ -config ca.cnf done + +# Copy to the file names that are actually checked in. +try cp "out/$eku_test_root.pem" ../certificates/eku-test-root.pem +try /bin/sh -c "cat out/crit-codeSigning.key out/crit-codeSigning.pem \ + > ../certificates/crit-codeSigning-chain.pem" +try /bin/sh -c "cat out/non-crit-codeSigning.key out/non-crit-codeSigning.pem \ + > ../certificates/non-crit-codeSigning-chain.pem" diff --git a/chromium/net/data/ssl/scripts/generate-client-certificates.sh b/chromium/net/data/ssl/scripts/generate-client-certificates.sh index 33782993036..7dce623a157 100755 --- a/chromium/net/data/ssl/scripts/generate-client-certificates.sh +++ b/chromium/net/data/ssl/scripts/generate-client-certificates.sh @@ -20,17 +20,17 @@ try () { echo "$@" - $@ || exit 1 + "$@" || exit 1 } try rm -rf out try mkdir out echo Create the serial number files and indices. -serial = 100 +serial=1000 for i in B C E do - try echo $serial > out/$i-serial + try /bin/sh -c "echo $serial > out/$i-serial" serial=$(expr $serial + 1) touch out/$i-index.txt touch out/$i-index.txt.attr @@ -60,6 +60,7 @@ COMMON_NAME="C Root CA" \ -req -days 3650 \ -in out/C.csr \ -extensions ca_cert \ + -extfile client-certs.cnf \ -signkey out/C.key \ -out out/C.pem @@ -138,8 +139,8 @@ COMMON_NAME="E CA" \ echo Package the client certs and private keys into PKCS12 files # This is done for easily importing all of the certs needed for clients. -cat out/A.pem out/A.key out/B.pem out/C.pem > out/A-chain.pem -cat out/D.pem out/D.key out/E.pem out/C.pem > out/D-chain.pem +try /bin/sh -c "cat out/A.pem out/A.key out/B.pem out/C.pem > out/A-chain.pem" +try /bin/sh -c "cat out/D.pem out/D.key out/E.pem out/C.pem > out/D-chain.pem" try openssl pkcs12 \ -in out/A-chain.pem \ @@ -154,10 +155,10 @@ try openssl pkcs12 \ -passout pass:chrome echo Package the client certs for unit tests -cp out/A.pem client_1.pem -cp out/A.key client_1.key -cp out/B.pem client_1_ca.pem +try cp out/A.pem ../certificates/client_1.pem +try cp out/A.key ../certificates/client_1.key +try cp out/B.pem ../certificates/client_1_ca.pem -cp out/D.pem client_2.pem -cp out/D.key client_2.key -cp out/E.pem client_2_ca.pem +try cp out/D.pem ../certificates/client_2.pem +try cp out/D.key ../certificates/client_2.key +try cp out/E.pem ../certificates/client_2_ca.pem diff --git a/chromium/net/data/ssl/scripts/generate-cross-signed-certs.sh b/chromium/net/data/ssl/scripts/generate-cross-signed-certs.sh index a40ca74a082..c9f94d02230 100755 --- a/chromium/net/data/ssl/scripts/generate-cross-signed-certs.sh +++ b/chromium/net/data/ssl/scripts/generate-cross-signed-certs.sh @@ -20,14 +20,14 @@ try() { echo "$@" - $@ || exit 1 + "$@" || exit 1 } try rm -rf out try mkdir out -try echo 1 > out/2048-sha1-root-serial -try echo 2 > out/2048-md5-root-serial +try /bin/sh -c "echo 01 > out/2048-sha1-root-serial" +try /bin/sh -c "echo 02 > out/2048-md5-root-serial" touch out/2048-sha1-root-index.txt touch out/2048-md5-root-index.txt diff --git a/chromium/net/data/ssl/scripts/generate-duplicate-cn-certs.sh b/chromium/net/data/ssl/scripts/generate-duplicate-cn-certs.sh index 8e48454342f..fa2c0df24fe 100755 --- a/chromium/net/data/ssl/scripts/generate-duplicate-cn-certs.sh +++ b/chromium/net/data/ssl/scripts/generate-duplicate-cn-certs.sh @@ -16,24 +16,14 @@ try () { echo "$@" - $@ || exit 1 -} - -generate_key_command () { - case "$1" in - rsa) - echo genrsa - ;; - *) - exit 1 - esac + "$@" || exit 1 } try rm -rf out try mkdir out echo Create the serial number and index files. -try echo 1 > out/B-serial +try /bin/sh -c "echo 01 > out/B-serial" try touch out/B-index.txt echo Generate the keys. @@ -42,12 +32,7 @@ try openssl genrsa -out out/B.key 2048 echo Generate the B CSR. CA_COMMON_NAME="B Root CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=rsa \ - CERT_TYPE=root \ - TYPE=B CERTIFICATE=B \ + CERTIFICATE=B \ try openssl req \ -new \ -key out/B.key \ @@ -56,8 +41,6 @@ CA_COMMON_NAME="B Root CA" \ echo B signs itself. CA_COMMON_NAME="B Root CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ try openssl x509 \ -req -days 3650 \ -in out/B.csr \ @@ -85,12 +68,7 @@ SUBJECT_NAME=req_duplicate_cn_2 \ echo B signs A1. CA_COMMON_NAME="B CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=sha1 \ - CERT_TYPE=intermediate \ - TYPE=B CERTIFICATE=B \ + CERTIFICATE=B \ try openssl ca \ -batch \ -extensions user_cert \ @@ -100,12 +78,7 @@ CA_COMMON_NAME="B CA" \ echo B signs A2. CA_COMMON_NAME="B CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=sha1 \ - CERT_TYPE=intermediate \ - TYPE=B CERTIFICATE=B \ + CERTIFICATE=B \ try openssl ca \ -batch \ -extensions user_cert \ @@ -128,5 +101,5 @@ try openssl pkcs12 \ -out ../certificates/duplicate_cn_2.p12 \ -passout pass:chrome -cp out/A1.pem ../certificates/duplicate_cn_1.pem -cp out/A2.pem ../certificates/duplicate_cn_2.pem +try cp out/A1.pem ../certificates/duplicate_cn_1.pem +try cp out/A2.pem ../certificates/duplicate_cn_2.pem diff --git a/chromium/net/data/ssl/scripts/generate-multi-root-test-chains.sh b/chromium/net/data/ssl/scripts/generate-multi-root-test-chains.sh new file mode 100755 index 00000000000..6f88325a3cc --- /dev/null +++ b/chromium/net/data/ssl/scripts/generate-multi-root-test-chains.sh @@ -0,0 +1,161 @@ +#!/bin/sh + +# Copyright 2014 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# This script generates two chains of test certificates: +# +# 1. A (end-entity) -> B -> C -> D (self-signed root) +# 2. A (end-entity) -> B -> C2 -> E (self-signed root) +# +# C and C2 have the same subject and keypair. +# +# We use these cert chains in CertVerifyProcChromeOSTest +# to ensure that multiple verification paths are properly handled. + +try () { + echo "$@" + "$@" || exit 1 +} + +try rm -rf out +try mkdir out + +echo Create the serial number files. +serial=1000 +for i in B C C2 D E +do + try /bin/sh -c "echo $serial > out/$i-serial" + serial=$(expr $serial + 1) +done + +echo Generate the keys. +try openssl genrsa -out out/A.key 2048 +try openssl genrsa -out out/B.key 2048 +try openssl genrsa -out out/C.key 2048 +try openssl genrsa -out out/D.key 2048 +try openssl genrsa -out out/E.key 2048 + +echo Generate the D CSR. +CA_COMMON_NAME="D Root CA" \ + CERTIFICATE=D \ + try openssl req \ + -new \ + -key out/D.key \ + -out out/D.csr \ + -config redundant-ca.cnf + +echo D signs itself. +CA_COMMON_NAME="D Root CA" \ + try openssl x509 \ + -req -days 3650 \ + -in out/D.csr \ + -extensions ca_cert \ + -extfile redundant-ca.cnf \ + -signkey out/D.key \ + -out out/D.pem \ + -text + +echo Generate the E CSR. +CA_COMMON_NAME="E Root CA" \ + CERTIFICATE=E \ + try openssl req \ + -new \ + -key out/E.key \ + -out out/E.csr \ + -config redundant-ca.cnf + +echo E signs itself. +CA_COMMON_NAME="E Root CA" \ + try openssl x509 \ + -req -days 3650 \ + -in out/E.csr \ + -extensions ca_cert \ + -extfile redundant-ca.cnf \ + -signkey out/E.key \ + -out out/E.pem \ + -text + +echo Generate the C2 intermediary CSR. +CA_COMMON_NAME="C CA" \ + CERTIFICATE=C2 \ + try openssl req \ + -new \ + -key out/C.key \ + -out out/C2.csr \ + -config redundant-ca.cnf + +echo Generate the B and C intermediaries\' CSRs. +for i in B C +do + CA_COMMON_NAME="$i CA" \ + CERTIFICATE="$i" \ + try openssl req \ + -new \ + -key "out/$i.key" \ + -out "out/$i.csr" \ + -config redundant-ca.cnf +done + +echo D signs the C intermediate. +# Make sure the signer's DB file exists. +touch out/D-index.txt +CA_COMMON_NAME="D Root CA" \ + CERTIFICATE=D \ + try openssl ca \ + -batch \ + -extensions ca_cert \ + -in out/C.csr \ + -out out/C.pem \ + -config redundant-ca.cnf + +echo E signs the C2 intermediate. +# Make sure the signer's DB file exists. +touch out/E-index.txt +CA_COMMON_NAME="E Root CA" \ + CERTIFICATE=E \ + try openssl ca \ + -batch \ + -extensions ca_cert \ + -in out/C2.csr \ + -out out/C2.pem \ + -config redundant-ca.cnf + +echo C signs the B intermediate. +touch out/C-index.txt +CA_COMMON_NAME="C CA" \ + CERTIFICATE=C \ + try openssl ca \ + -batch \ + -extensions ca_cert \ + -in out/B.csr \ + -out out/B.pem \ + -config redundant-ca.cnf + +echo Generate the A end-entity CSR. +try openssl req \ + -new \ + -key out/A.key \ + -out out/A.csr \ + -config ee.cnf + +echo B signs A. +touch out/B-index.txt +CA_COMMON_NAME="B CA" \ + CERTIFICATE=B \ + try openssl ca \ + -batch \ + -extensions user_cert \ + -in out/A.csr \ + -out out/A.pem \ + -config redundant-ca.cnf + +echo Create multi-root-chain1.pem +try /bin/sh -c "cat out/A.key out/A.pem out/B.pem out/C.pem out/D.pem \ + > ../certificates/multi-root-chain1.pem" + +echo Create multi-root-chain2.pem +try /bin/sh -c "cat out/A.key out/A.pem out/B.pem out/C2.pem out/E.pem \ + > ../certificates/multi-root-chain2.pem" + diff --git a/chromium/net/data/ssl/scripts/generate-policy-certs.sh b/chromium/net/data/ssl/scripts/generate-policy-certs.sh index 4a6b35dc463..5507d5b1399 100755 --- a/chromium/net/data/ssl/scripts/generate-policy-certs.sh +++ b/chromium/net/data/ssl/scripts/generate-policy-certs.sh @@ -12,15 +12,15 @@ try() { echo "$@" - $@ || exit 1 + "$@" || exit 1 } try rm -rf out try mkdir out # Create the serial number files. -try echo 1 > out/policy-root-serial -try echo 1 > out/policy-intermediate-serial +try /bin/sh -c "echo 01 > out/policy-root-serial" +try /bin/sh -c "echo 01 > out/policy-intermediate-serial" # Create the signers' DB files. touch out/policy-root-index.txt @@ -50,7 +50,8 @@ COMMON_NAME="Policy Test Root CA" \ -out out/policy-root.pem \ -signkey out/policy-root.key \ -extfile policy.cnf \ - -extensions ca_cert + -extensions ca_cert \ + -text # Generate the intermediate COMMON_NAME="Policy Test Intermediate CA" \ @@ -91,6 +92,6 @@ COMMON_NAME="Policy Test Intermediate CA" \ -config policy.cnf \ -extensions user_cert -cat out/policy-cert.pem \ +try /bin/sh -c "cat out/policy-cert.pem \ out/policy-intermediate.pem \ - out/policy-root.pem >../certificates/explicit-policy-chain.pem + out/policy-root.pem >../certificates/explicit-policy-chain.pem" diff --git a/chromium/net/data/ssl/scripts/generate-redundant-test-chains.sh b/chromium/net/data/ssl/scripts/generate-redundant-test-chains.sh index 58768e84963..d7fd17bdc86 100755 --- a/chromium/net/data/ssl/scripts/generate-redundant-test-chains.sh +++ b/chromium/net/data/ssl/scripts/generate-redundant-test-chains.sh @@ -21,27 +21,17 @@ try () { echo "$@" - $@ || exit 1 -} - -generate_key_command () { - case "$1" in - rsa) - echo genrsa - ;; - *) - exit 1 - esac + "$@" || exit 1 } try rm -rf out try mkdir out echo Create the serial number files. -serial=100 +serial=1000 for i in B C C2 D do - try echo $serial > out/$i-serial + try /bin/sh -c "echo $serial > out/$i-serial" serial=$(expr $serial + 1) done @@ -53,12 +43,7 @@ try openssl genrsa -out out/D.key 2048 echo Generate the D CSR. CA_COMMON_NAME="D Root CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=rsa \ - CERT_TYPE=root \ - TYPE=D CERTIFICATE=D \ + CERTIFICATE=D \ try openssl req \ -new \ -key out/D.key \ @@ -67,23 +52,18 @@ CA_COMMON_NAME="D Root CA" \ echo D signs itself. CA_COMMON_NAME="D Root CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ try openssl x509 \ -req -days 3650 \ -in out/D.csr \ -extensions ca_cert \ + -extfile redundant-ca.cnf \ -signkey out/D.key \ - -out out/D.pem + -out out/D.pem \ + -text echo Generate the C2 root CSR. CA_COMMON_NAME="C CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=rsa \ - CERT_TYPE=root \ - TYPE=C2 CERTIFICATE=C2 \ + CERTIFICATE=C2 \ try openssl req \ -new \ -key out/C.key \ @@ -92,26 +72,21 @@ CA_COMMON_NAME="C CA" \ echo C2 signs itself. CA_COMMON_NAME="C CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ try openssl x509 \ -req -days 3650 \ -in out/C2.csr \ -extensions ca_cert \ + -extfile redundant-ca.cnf \ -signkey out/C.key \ - -out out/C2.pem + -out out/C2.pem \ + -text echo Generate the B and C intermediaries\' CSRs. for i in B C do name="$i Intermediate CA" CA_COMMON_NAME="$i CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=rsa \ - CERT_TYPE=root \ - TYPE=$i CERTIFICATE=$i \ + CERTIFICATE=$i \ try openssl req \ -new \ -key out/$i.key \ @@ -123,12 +98,7 @@ echo D signs the C intermediate. # Make sure the signer's DB file exists. touch out/D-index.txt CA_COMMON_NAME="D Root CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=rsa \ - CERT_TYPE=root \ - TYPE=D CERTIFICATE=D \ + CERTIFICATE=D \ try openssl ca \ -batch \ -extensions ca_cert \ @@ -139,12 +109,7 @@ CA_COMMON_NAME="D Root CA" \ echo C signs the B intermediate. touch out/C-index.txt CA_COMMON_NAME="C CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=2048 \ - ALGO=rsa \ - CERT_TYPE=root \ - TYPE=C CERTIFICATE=C \ + CERTIFICATE=C \ try openssl ca \ -batch \ -extensions ca_cert \ @@ -162,12 +127,7 @@ try openssl req \ echo B signs A. touch out/B-index.txt CA_COMMON_NAME="B CA" \ - CA_DIR=out \ - CA_NAME=req_env_dn \ - KEY_SIZE=$signer_key_size \ - ALGO=$signer_algo \ - CERT_TYPE=intermediate \ - TYPE=B CERTIFICATE=B \ + CERTIFICATE=B \ try openssl ca \ -batch \ -extensions user_cert \ @@ -176,12 +136,13 @@ CA_COMMON_NAME="B CA" \ -config redundant-ca.cnf echo Create redundant-server-chain.pem -cat out/A.key out/A.pem out/B.pem out/C.pem out/D.pem \ - > redundant-server-chain.pem +try /bin/sh -c "cat out/A.key out/A.pem out/B.pem out/C.pem out/D.pem \ + > ../certificates/redundant-server-chain.pem" echo Create redundant-validated-chain.pem -cat out/A.key out/A.pem out/B.pem out/C2.pem > redundant-validated-chain.pem +try /bin/sh -c "cat out/A.key out/A.pem out/B.pem out/C2.pem \ + > ../certificates/redundant-validated-chain.pem" echo Create redundant-validated-chain-root.pem -cp out/C2.pem redundant-validated-chain-root.pem +try cp out/C2.pem ../certificates/redundant-validated-chain-root.pem diff --git a/chromium/net/data/ssl/scripts/generate-test-certs.sh b/chromium/net/data/ssl/scripts/generate-test-certs.sh index 9cff81072c6..6323de312fd 100755 --- a/chromium/net/data/ssl/scripts/generate-test-certs.sh +++ b/chromium/net/data/ssl/scripts/generate-test-certs.sh @@ -9,13 +9,13 @@ try() { echo "$@" - $@ || exit 1 + "$@" || exit 1 } try rm -rf out try mkdir out -try echo 1 > out/2048-sha1-root-serial +try /bin/sh -c "echo 01 > out/2048-sha1-root-serial" touch out/2048-sha1-root-index.txt # Generate the key @@ -34,10 +34,10 @@ CA_COMMON_NAME="Test Root CA" \ -req -days 3650 \ -in out/2048-sha1-root.req \ -out out/2048-sha1-root.pem \ - -text \ -signkey out/2048-sha1-root.key \ -extfile ca.cnf \ - -extensions ca_cert + -extensions ca_cert \ + -text # Generate the leaf certificate requests try openssl req \ @@ -72,10 +72,10 @@ CA_COMMON_NAME="Test Root CA" \ -out out/ok_cert.pem \ -config ca.cnf -cat out/ok_cert.key out/ok_cert.pem \ - > ../certificates/ok_cert.pem -cat out/expired_cert.key out/expired_cert.pem \ - > ../certificates/expired_cert.pem -cat out/2048-sha1-root.key out/2048-sha1-root.pem \ - > ../certificates/root_ca_cert.pem +try /bin/sh -c "cat out/ok_cert.key out/ok_cert.pem \ + > ../certificates/ok_cert.pem" +try /bin/sh -c "cat out/expired_cert.key out/expired_cert.pem \ + > ../certificates/expired_cert.pem" +try /bin/sh -c "cat out/2048-sha1-root.key out/2048-sha1-root.pem \ + > ../certificates/root_ca_cert.pem" diff --git a/chromium/net/data/ssl/scripts/generate-weak-test-chains.sh b/chromium/net/data/ssl/scripts/generate-weak-test-chains.sh index 845c8ab60e3..3bf239c5aaa 100755 --- a/chromium/net/data/ssl/scripts/generate-weak-test-chains.sh +++ b/chromium/net/data/ssl/scripts/generate-weak-test-chains.sh @@ -11,7 +11,7 @@ key_types="768-rsa 1024-rsa 2048-rsa prime256v1-ecdsa" try () { echo "$@" - $@ || exit 1 + "$@" || exit 1 } generate_key_command () { @@ -34,10 +34,10 @@ try rm -rf out try mkdir out # Create the serial number files. -try echo 1 > out/2048-rsa-root-serial +try /bin/sh -c "echo 01 > out/2048-rsa-root-serial" for key_type in $key_types do - try echo 1 > out/$key_type-intermediate-serial + try /bin/sh -c "echo 01 > out/$key_type-intermediate-serial" done # Generate one root CA certificate. @@ -63,8 +63,10 @@ CA_COMMON_NAME="2048 RSA Test Root CA" \ -req -days 3650 \ -in out/2048-rsa-root.csr \ -extensions ca_cert \ + -extfile ca.cnf \ -signkey out/2048-rsa-root.key \ - -out out/2048-rsa-root.pem + -out out/2048-rsa-root.pem \ + -text # Generate private keys of all types and strengths for intermediate CAs and # end-entities. @@ -166,3 +168,5 @@ do done done +# Copy final outputs. +try cp out/*root*pem out/*intermediate*pem ../certificates diff --git a/chromium/net/data/ssl/scripts/redundant-ca.cnf b/chromium/net/data/ssl/scripts/redundant-ca.cnf index e1b24e0cc40..b03eb817a3b 100644 --- a/chromium/net/data/ssl/scripts/redundant-ca.cnf +++ b/chromium/net/data/ssl/scripts/redundant-ca.cnf @@ -1,21 +1,18 @@ +CA_DIR = out + [ca] default_ca = CA_root preserve = yes # The default test root, used to generate certificates and CRLs. [CA_root] -dir = $ENV::CA_DIR -key_size = $ENV::KEY_SIZE -algo = $ENV::ALGO -cert_type = $ENV::CERT_TYPE -type = $ENV::TYPE -certificate = $ENV::CERTIFICATE -database = $dir/$type-index.txt -new_certs_dir = $dir -serial = $dir/$type-serial -certificate = $dir/$certificate.pem -private_key = $dir/$type.key -RANDFILE = $dir/rand +dir = ${ENV::CA_DIR} +database = ${dir}/${ENV::CERTIFICATE}-index.txt +new_certs_dir = ${dir} +serial = ${dir}/${ENV::CERTIFICATE}-serial +certificate = ${dir}/${ENV::CERTIFICATE}.pem +private_key = ${dir}/${ENV::CERTIFICATE}.key +RANDFILE = ${dir}/rand default_days = 3650 default_crl_days = 30 default_md = sha1 @@ -51,30 +48,13 @@ commonName = optional emailAddress = optional [req] -# The request section used to generate the root CA certificate. This should -# not be used to generate end-entity certificates. For certificates other -# than the root CA, see README to find the appropriate configuration file -# (ie: openssl_cert.cnf). -default_bits = $ENV::KEY_SIZE +# The request section used to generate certificate requests. +default_bits = 2048 default_md = sha1 string_mask = utf8only prompt = no encrypt_key = no -distinguished_name = $ENV::CA_NAME - -[req_ca_dn] -C = US -ST = California -L = Mountain View -O = Test CA -CN = Test Root 2 CA - -[req_intermediate_dn] -C = US -ST = California -L = Mountain View -O = Test CA -CN = Test Intermediate 2 CA +distinguished_name = req_env_dn [req_env_dn] -CN = $ENV::CA_COMMON_NAME +CN = ${ENV::CA_COMMON_NAME} diff --git a/chromium/net/data/url_request_unittest/308-without-location-header b/chromium/net/data/url_request_unittest/308-without-location-header new file mode 100644 index 00000000000..b6d7cb2762d --- /dev/null +++ b/chromium/net/data/url_request_unittest/308-without-location-header @@ -0,0 +1 @@ +This is not a redirect.
\ No newline at end of file diff --git a/chromium/net/data/url_request_unittest/308-without-location-header.mock-http-headers b/chromium/net/data/url_request_unittest/308-without-location-header.mock-http-headers new file mode 100644 index 00000000000..c04ed8afc08 --- /dev/null +++ b/chromium/net/data/url_request_unittest/308-without-location-header.mock-http-headers @@ -0,0 +1 @@ +HTTP/1.0 308 Resume Incomplete diff --git a/chromium/net/data/url_request_unittest/redirect302-to-echo-cacheable b/chromium/net/data/url_request_unittest/redirect302-to-echo-cacheable new file mode 100644 index 00000000000..78981922613 --- /dev/null +++ b/chromium/net/data/url_request_unittest/redirect302-to-echo-cacheable @@ -0,0 +1 @@ +a diff --git a/chromium/net/data/url_request_unittest/redirect302-to-echo-cacheable.mock-http-headers b/chromium/net/data/url_request_unittest/redirect302-to-echo-cacheable.mock-http-headers new file mode 100644 index 00000000000..fce22716064 --- /dev/null +++ b/chromium/net/data/url_request_unittest/redirect302-to-echo-cacheable.mock-http-headers @@ -0,0 +1,4 @@ +HTTP/1.1 302 Yo +Location: /echo +Content-Length: 1 +Cache-control: max-age=60000 diff --git a/chromium/net/data/url_request_unittest/redirect308-to-echo b/chromium/net/data/url_request_unittest/redirect308-to-echo new file mode 100644 index 00000000000..78981922613 --- /dev/null +++ b/chromium/net/data/url_request_unittest/redirect308-to-echo @@ -0,0 +1 @@ +a diff --git a/chromium/net/data/url_request_unittest/redirect308-to-echo.mock-http-headers b/chromium/net/data/url_request_unittest/redirect308-to-echo.mock-http-headers new file mode 100644 index 00000000000..17a1a2244ed --- /dev/null +++ b/chromium/net/data/url_request_unittest/redirect308-to-echo.mock-http-headers @@ -0,0 +1,2 @@ +HTTP/1.1 308 Yo +Location: /echo diff --git a/chromium/net/data/websocket/close-with-split-packet_wsh.py b/chromium/net/data/websocket/close-with-split-packet_wsh.py index d5185c4114b..3bd5b58b25a 100644 --- a/chromium/net/data/websocket/close-with-split-packet_wsh.py +++ b/chromium/net/data/websocket/close-with-split-packet_wsh.py @@ -13,17 +13,12 @@ def web_socket_do_extra_handshake(_request): def web_socket_transfer_data(request): - line = request.ws_stream.receive_message() - if line is None: - return - if isinstance(line, unicode): - request.ws_stream.send_message(line, binary=False) - else: - request.ws_stream.send_message(line, binary=True) + # Just waiting... + request.ws_stream.receive_message() def web_socket_passive_closing_handshake(request): - code = struct.pack('!H', 1000) + code = struct.pack('!H', 3004) packet = stream.create_close_frame(code + 'split test'.encode('utf-8')) request.connection.write(packet[:1]) request.connection.write(packet[1:]) diff --git a/chromium/net/data/websocket/split_packet_check.html b/chromium/net/data/websocket/split_packet_check.html index 8e273ec2849..a7f4c365f56 100644 --- a/chromium/net/data/websocket/split_packet_check.html +++ b/chromium/net/data/websocket/split_packet_check.html @@ -26,7 +26,7 @@ ws.onopen = function() ws.onclose = function(event) { // Check wasClean, then set proper title. - if (event.wasClean) + if (event.wasClean && event.code === 3004 && event.reason === 'split test') document.title = 'PASS'; else document.title = 'FAIL'; |