Index: net/data/parse_certificate_unittest/tbs_serial_number_21_octets_leading_0.pem |
diff --git a/net/data/parse_certificate_unittest/tbs_serial_number_21_octets_leading_0.pem b/net/data/parse_certificate_unittest/tbs_serial_number_21_octets_leading_0.pem |
index efbf0533da48d85a56c5362ca9ce788dbedeae2e..4e7d587513cdfd1041a2d43e437fd34e8781f7ae 100644 |
--- a/net/data/parse_certificate_unittest/tbs_serial_number_21_octets_leading_0.pem |
+++ b/net/data/parse_certificate_unittest/tbs_serial_number_21_octets_leading_0.pem |
@@ -1,11 +1,11 @@ |
This is a TBSCertificate where the serial number is more than 20 octets (21 |
-octets, where first octet is a 0). This violates the rules in RFC 5280. |
- |
+octets, where first octet is a 0). This violates the rules in RFC 5280 however |
+it is still accepted for compatibility. |
$ openssl asn1parse -i < [TBS CERTIFICATE] |
0:d=0 hl=2 l= 80 cons: SEQUENCE |
2:d=1 hl=2 l= 3 cons: cont [ 0 ] |
- 4:d=2 hl=2 l= 1 prim: INTEGER :00 |
+ 4:d=2 hl=2 l= 1 prim: INTEGER :02 |
7:d=1 hl=2 l= 21 prim: INTEGER :D8C37E4D87F9C8C82BAF26EF53501DF1FCF3A520 |
30:d=1 hl=2 l= 3 cons: SEQUENCE |
32:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:01 |
@@ -19,6 +19,50 @@ $ openssl asn1parse -i < [TBS CERTIFICATE] |
77:d=1 hl=2 l= 3 cons: SEQUENCE |
79:d=2 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:F3 |
-----BEGIN TBS CERTIFICATE----- |
-MFCgAwIBAAIVANjDfk2H+cjIK68m71NQHfH886UgMAMEAQEwAwQBBTAeFw0xMjEwMTgwMzEyMDB |
+MFCgAwIBAgIVANjDfk2H+cjIK68m71NQHfH886UgMAMEAQEwAwQBBTAeFw0xMjEwMTgwMzEyMDB |
aFw0xMzEwMTgxNDU5NTlaMAMEAYMwAwQB8w== |
-----END TBS CERTIFICATE----- |
+ |
+-----BEGIN SERIAL NUMBER----- |
+ANjDfk2H+cjIK68m71NQHfH886Ug |
+-----END SERIAL NUMBER----- |
+ |
+$ openssl asn1parse -i < [SIGNATURE ALGORITHM] |
+ 0:d=0 hl=2 l= 3 cons: SEQUENCE |
+ 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:01 |
+-----BEGIN SIGNATURE ALGORITHM----- |
+MAMEAQE= |
+-----END SIGNATURE ALGORITHM----- |
+ |
+$ openssl asn1parse -i < [ISSUER] |
+ 0:d=0 hl=2 l= 3 cons: SEQUENCE |
+ 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:05 |
+-----BEGIN ISSUER----- |
+MAMEAQU= |
+-----END ISSUER----- |
+ |
+VALIDITY NOTBEFORE: year=2012, month=10, day=18, hours=3, minutes=12, seconds=0 |
+-----BEGIN VALIDITY NOTBEFORE----- |
+eWVhcj0yMDEyLCBtb250aD0xMCwgZGF5PTE4LCBob3Vycz0zLCBtaW51dGVzPTEyLCBzZWNvbmR |
+zPTA= |
+-----END VALIDITY NOTBEFORE----- |
+ |
+VALIDITY NOTAFTER: year=2013, month=10, day=18, hours=14, minutes=59, seconds=59 |
+-----BEGIN VALIDITY NOTAFTER----- |
+eWVhcj0yMDEzLCBtb250aD0xMCwgZGF5PTE4LCBob3Vycz0xNCwgbWludXRlcz01OSwgc2Vjb25 |
+kcz01OQ== |
+-----END VALIDITY NOTAFTER----- |
+ |
+$ openssl asn1parse -i < [SUBJECT] |
+ 0:d=0 hl=2 l= 3 cons: SEQUENCE |
+ 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:83 |
+-----BEGIN SUBJECT----- |
+MAMEAYM= |
+-----END SUBJECT----- |
+ |
+$ openssl asn1parse -i < [SPKI] |
+ 0:d=0 hl=2 l= 3 cons: SEQUENCE |
+ 2:d=1 hl=2 l= 1 prim: OCTET STRING [HEX DUMP]:F3 |
+-----BEGIN SPKI----- |
+MAMEAfM= |
+-----END SPKI----- |