Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(356)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/test/test_certificate_data.h

Issue 20628006: Reject certificates that are valid for too long. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Make a new cert for IntranetHostsRejected. Tests pass now. Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/data/ssl/scripts/generate-test-certs.sh ('K') | « net/data/ssl/scripts/generate-test-certs.sh ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 namespace { 5 namespace {
6 6
7 // This is the SHA1 hash of the SubjectPublicKeyInfo of nist.der. 7 // This is the SHA1 hash of the SubjectPublicKeyInfo of nist.der.
8 static const char kNistSPKIHash[] = 8 static const char kNistSPKIHash[] =
9 "\x15\x60\xde\x65\x4e\x03\x9f\xd0\x08\x82" 9 "\x15\x60\xde\x65\x4e\x03\x9f\xd0\x08\x82"
10 "\xa9\x6a\xc4\x65\x8e\x6f\x92\x06\x84\x35"; 10 "\xa9\x6a\xc4\x65\x8e\x6f\x92\x06\x84\x35";
11 11
12 // kSatvedaSPKIs contains the SHA1 hashes of the SPKIs of the satveda.pem 12 // kTwitterSPKIs contains the SHA1 hashes of the SPKIs of the twitter-chain.pem
13 // certificate chain, in order. 13 // certificate chain, in order.
14 static const char kSatvedaSPKIs[2][21] = { 14 static const char kTwitterSPKIs[3][21] = {
15 "\xd6\x2d\x7a\x12\x02\x7f\x9b\x8e\x4f\x2b" 15 "\x26\x9a\x19\xa3\x88\x28\xc1\xdd\x70\x1b"
16 "\x07\xc5\xfb\xf9\x2a\x2e\x9a\xcc\x0e\xe3", 16 "\xa0\xca\x2c\x98\xdb\xc6\xe1\x4f\x37\x3e",
17 "\xba\x2e\xb5\xa8\x3e\x13\x23\xd9\x53\x4b" 17 "\x47\x49\xdf\x16\x57\xf4\x6c\x8b\xd2\x8c"
18 "\x5e\x65\xbc\xe7\xa3\x13\x5d\xd0\xa9\x96", 18 "\x79\x1b\x99\xfb\x9f\x28\x81\x2a\x60\xe0",
19 "\xb1\x81\x08\x1a\x19\xa4\xc0\x94\x1f\xfa"
20 "\xe8\x95\x28\xc1\x24\xc9\x9b\x34\xac\xc7",
19 }; 21 };
20 22
21 // kSatvedaSPKIsSHA256 contains the SHA256 hashes of the SPKIs of the 23 // kTwitterSPKIsSHA256 contains the SHA256 hashes of the SPKIs of the
22 // satveda.pem certificate chain, in order. 24 // twitter-chain.pem certificate chain, in order.
23 static const char kSatvedaSPKIsSHA256[2][33] = { 25 static const char kTwitterSPKIsSHA256[3][33] = {
24 "\xb9\x42\xab\xf2\x08\x63\xef\x81\x70\x88\x45\xc4\x39\xa2\x6e\x9c" 26 "\x20\xec\x5d\x0a\xfb\xc6\xc0\xe2\xe1\x95\x56\xc5\x35\x2b\x3c\x60"
25 "\x2f\x9a\xf9\xf4\xcb\x23\x61\xd4\x83\x97\x61\x6d\xf2\x5b\x27\xa8", 27 "\x78\xa6\xed\x95\x55\xc2\xfa\x86\x82\x40\x4f\xdb\x55\x29\xd3\xad",
26 "\x32\xb6\x4b\x66\x72\x7a\x20\x63\xe4\x06\x6f\x3b\x95\x8c\xb0\xaa" 28 "\x80\xcc\x56\x3a\xb5\xf8\x3c\xc4\x1e\xb0\xaf\x6a\x14\xd6\xd8\x07"
27 "\xee\x57\x6a\x5e\xce\xfd\x95\x33\x99\xbb\x88\x74\x73\x1d\x95\x87", 29 "\x18\xc1\x7e\x35\x2f\x96\x49\xff\xbc\xdd\x67\xf8\xbf\x65\x13\x91",
30 "\x25\xb4\x1b\x50\x6e\x49\x30\x95\x28\x23\xa6\xeb\x9f\x1d\x31\xde"
31 "\xf6\x45\xea\x38\xa5\xc6\xc6\xa9\x6d\x71\x95\x7e\x38\x4d\xf0\x58",
28 }; 32 };
29 33
30 // Certificates for test data. They're obtained with: 34 // Certificates for test data. They're obtained with:
31 // 35 //
32 // $ openssl s_client -connect [host]:443 -showcerts > /tmp/host.pem < /dev/null 36 // $ openssl s_client -connect [host]:443 -showcerts > /tmp/host.pem < /dev/null
33 // $ openssl x509 -inform PEM -outform DER < /tmp/host.pem > /tmp/host.der 37 // $ openssl x509 -inform PEM -outform DER < /tmp/host.pem > /tmp/host.der
34 // $ xxd -i /tmp/host.der 38 // $ xxd -i /tmp/host.der
35 // 39 //
36 // TODO(wtc): move these certificates to data files in the 40 // TODO(wtc): move these certificates to data files in the
37 // src/net/data/ssl/certificates directory. 41 // src/net/data/ssl/certificates directory.
(...skipping 739 matching lines...) Expand 10 before | Expand all | Expand 10 after
777 0x74, 0x74, 0x73, 0x31, 0x2E, 0x30, 0x2C, 0x06, 0x03, 0x55, 0x04, 0x0A, 781 0x74, 0x74, 0x73, 0x31, 0x2E, 0x30, 0x2C, 0x06, 0x03, 0x55, 0x04, 0x0A,
778 0x13, 0x25, 0x4D, 0x61, 0x73, 0x73, 0x61, 0x63, 0x68, 0x75, 0x73, 0x65, 782 0x13, 0x25, 0x4D, 0x61, 0x73, 0x73, 0x61, 0x63, 0x68, 0x75, 0x73, 0x65,
779 0x74, 0x74, 0x73, 0x20, 0x49, 0x6E, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74, 783 0x74, 0x74, 0x73, 0x20, 0x49, 0x6E, 0x73, 0x74, 0x69, 0x74, 0x75, 0x74,
780 0x65, 0x20, 0x6F, 0x66, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C, 784 0x65, 0x20, 0x6F, 0x66, 0x20, 0x54, 0x65, 0x63, 0x68, 0x6E, 0x6F, 0x6C,
781 0x6F, 0x67, 0x79, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0B, 785 0x6F, 0x67, 0x79, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0B,
782 0x13, 0x0C, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x43, 0x41, 0x20, 786 0x13, 0x0C, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x43, 0x41, 0x20,
783 0x76, 0x31 787 0x76, 0x31
784 }; 788 };
785 789
786 } // namespace 790 } // namespace
OLDNEW
« net/data/ssl/scripts/generate-test-certs.sh ('K') | « net/data/ssl/scripts/generate-test-certs.sh ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698