| OLD | NEW |
|---|
| 1 This is a very basic TBSCertificate. It is valid from the perspective of | 1 SEQUENCE (2 elem) |
| 2 ParseTbsCertificate(), however its sub-fields are mainly bogus. This | 2 GeneralizedTime 2014-01-31 00:00:00 UTC |
| 3 TBSCertificate contains no optional fields (no issuerUniqueID, subjectUniqueID, | 3 GeneralizedTime 2016-02-29 00:00:00 UTC |
| 4 extensions) | |
| 5 | 4 |
| 6 | 5 |
| 7 | 6 |
| 8 -----BEGIN TBS CERTIFICATE----- | 7 -----BEGIN TBS CERTIFICATE----- |
| 9 MCGgAwIBAgIBATADBAEBMAMEAQUwAwQBCDADBAEKMAMEAfM= | 8 MECgAwIBAgIBATADBAEBMAMEAQUwIhgPMjAxNDAxMzEwMDAwMDBaGA8yMDE2MDIyOTAwMDAwMFo |
| 9 wAwQBgzADBAHz |
| 10 -----END TBS CERTIFICATE----- | 10 -----END TBS CERTIFICATE----- |
| 11 | 11 |
| 12 $ openssl asn1parse -i < [TBS CERTIFICATE] | 12 $ openssl asn1parse -i < [TBS CERTIFICATE] |
| 13 0:d=0 hl=2 l= 33 cons: SEQUENCE | 13 0:d=0 hl=2 l= 64 cons: SEQUENCE |
| 14 2:d=1 hl=2 l= 3 cons: cont [ 0 ] | 14 2:d=1 hl=2 l= 3 cons: cont [ 0 ] |
| 15 4:d=2 hl=2 l= 1 prim: INTEGER :02 | 15 4:d=2 hl=2 l= 1 prim: INTEGER :02 |
| 16 7:d=1 hl=2 l= 1 prim: INTEGER :01 | 16 7:d=1 hl=2 l= 1 prim: INTEGER :01 |
| 17 10:d=1 hl=2 l= 3 cons: SEQUENCE | 17 10:d=1 hl=2 l= 3 cons: SEQUENCE |
| 18 12:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:01 | 18 12:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:01 |
| 19 15:d=1 hl=2 l= 3 cons: SEQUENCE | 19 15:d=1 hl=2 l= 3 cons: SEQUENCE |
| 20 17:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:05 | 20 17:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:05 |
| 21 20:d=1 hl=2 l= 3 cons: SEQUENCE | 21 20:d=1 hl=2 l= 34 cons: SEQUENCE |
| 22 22:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:08 | 22 22:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20140131000000Z |
| 23 25:d=1 hl=2 l= 3 cons: SEQUENCE | 23 39:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160229000000Z |
| 24 27:d=2 hl=2 l= 1 prim: OCTET STRING : | 24 56:d=1 hl=2 l= 3 cons: SEQUENCE |
| 25 | 25 58:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:83 |
| 26 30:d=1 hl=2 l= 3 cons: SEQUENCE | 26 61:d=1 hl=2 l= 3 cons: SEQUENCE |
| 27 32:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:F3 | 27 63:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:F3 |
| 28 | 28 |
| 29 | 29 |
| 30 | 30 |
| 31 -----BEGIN SERIAL NUMBER----- | 31 -----BEGIN SERIAL NUMBER----- |
| 32 AQ== | 32 AQ== |
| 33 -----END SERIAL NUMBER----- | 33 -----END SERIAL NUMBER----- |
| 34 | 34 |
| 35 | 35 |
| 36 | 36 |
| 37 -----BEGIN SIGNATURE ALGORITHM----- | 37 -----BEGIN SIGNATURE ALGORITHM----- |
| 38 MAMEAQE= | 38 MAMEAQE= |
| 39 -----END SIGNATURE ALGORITHM----- | 39 -----END SIGNATURE ALGORITHM----- |
| 40 | 40 |
| 41 $ openssl asn1parse -i < [SIGNATURE ALGORITHM] | 41 $ openssl asn1parse -i < [SIGNATURE ALGORITHM] |
| 42 0:d=0 hl=2 l= 3 cons: SEQUENCE | 42 0:d=0 hl=2 l= 3 cons: SEQUENCE |
| 43 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:01 | 43 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:01 |
| 44 | 44 |
| 45 | 45 |
| 46 | 46 |
| 47 -----BEGIN ISSUER----- | 47 -----BEGIN ISSUER----- |
| 48 MAMEAQU= | 48 MAMEAQU= |
| 49 -----END ISSUER----- | 49 -----END ISSUER----- |
| 50 | 50 |
| 51 $ openssl asn1parse -i < [ISSUER] | 51 $ openssl asn1parse -i < [ISSUER] |
| 52 0:d=0 hl=2 l= 3 cons: SEQUENCE | 52 0:d=0 hl=2 l= 3 cons: SEQUENCE |
| 53 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:05 | 53 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:05 |
| 54 | 54 |
| 55 | 55 |
| 56 | 56 |
| 57 -----BEGIN VALIDITY----- | 57 -----BEGIN VALIDITY NOTBEFORE----- |
| 58 MAMEAQg= | 58 eWVhcj0yMDE0LCBtb250aD0xLCBkYXk9MzEsIGhvdXJzPTAsIG1pbnV0ZXM9MCwgc2Vjb25kcz0 |
| 59 -----END VALIDITY----- | 59 w |
| 60 -----END VALIDITY NOTBEFORE----- |
| 60 | 61 |
| 61 $ openssl asn1parse -i < [VALIDITY] | 62 VALIDITY NOTBEFORE: year=2014, month=1, day=31, hours=0, minutes=0, seconds=0 |
| 62 0:d=0 hl=2 l= 3 cons: SEQUENCE | 63 |
| 63 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:08 | 64 |
| 65 |
| 66 -----BEGIN VALIDITY NOTAFTER----- |
| 67 eWVhcj0yMDE2LCBtb250aD0yLCBkYXk9MjksIGhvdXJzPTAsIG1pbnV0ZXM9MCwgc2Vjb25kcz0 |
| 68 w |
| 69 -----END VALIDITY NOTAFTER----- |
| 70 |
| 71 VALIDITY NOTAFTER: year=2016, month=2, day=29, hours=0, minutes=0, seconds=0 |
| 64 | 72 |
| 65 | 73 |
| 66 | 74 |
| 67 -----BEGIN SUBJECT----- | 75 -----BEGIN SUBJECT----- |
| 68 MAMEAQo= | 76 MAMEAYM= |
| 69 -----END SUBJECT----- | 77 -----END SUBJECT----- |
| 70 | 78 |
| 71 $ openssl asn1parse -i < [SUBJECT] | 79 $ openssl asn1parse -i < [SUBJECT] |
| 72 0:d=0 hl=2 l= 3 cons: SEQUENCE | 80 0:d=0 hl=2 l= 3 cons: SEQUENCE |
| 73 2:d=1 hl=2 l= 1 prim: OCTET STRING : | 81 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:83 |
| 74 | 82 |
| 75 | 83 |
| 76 | 84 |
| 77 -----BEGIN SPKI----- | 85 -----BEGIN SPKI----- |
| 78 MAMEAfM= | 86 MAMEAfM= |
| 79 -----END SPKI----- | 87 -----END SPKI----- |
| 80 | 88 |
| 81 $ openssl asn1parse -i < [SPKI] | 89 $ openssl asn1parse -i < [SPKI] |
| 82 0:d=0 hl=2 l= 3 cons: SEQUENCE | 90 0:d=0 hl=2 l= 3 cons: SEQUENCE |
| 83 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:F3 | 91 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:F3 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1285593003:
Add parsing code for TBSCertificate's "validity" field. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@cert_parsing