| OLD | NEW |
|---|
| (Empty) |
| 1 [Created by: generate-target-signed-by-512bit-rsa.py] | |
| 2 | |
| 3 Certificate chain with 1 intermediate and a trusted root. The target | |
| 4 certificate is signed using a weak RSA key (512-bit modulus), and so | |
| 5 verification is expected to fail. | |
| 6 | |
| 7 Certificate: | |
| 8 Data: | |
| 9 Version: 3 (0x2) | |
| 10 Serial Number: 1 (0x1) | |
| 11 Signature Algorithm: sha256WithRSAEncryption | |
| 12 Issuer: CN=Intermediate | |
| 13 Validity | |
| 14 Not Before: Jan 1 12:00:00 2015 GMT | |
| 15 Not After : Jan 1 12:00:00 2016 GMT | |
| 16 Subject: CN=Target | |
| 17 Subject Public Key Info: | |
| 18 Public Key Algorithm: rsaEncryption | |
| 19 Public-Key: (2048 bit) | |
| 20 Modulus: | |
| 21 00:f2:42:db:44:b2:6b:f2:0a:41:04:53:7d:0b:34: | |
| 22 a4:fe:8d:d5:3a:ff:e5:a9:0c:5d:e4:2d:69:fe:e3: | |
| 23 dd:8a:47:2f:e8:9e:5a:54:ab:0b:95:84:16:af:fa: | |
| 24 29:11:43:5c:c9:59:15:30:59:77:bb:62:dd:d6:e4: | |
| 25 27:3a:bf:a9:82:cb:b8:f4:3c:5c:1d:74:87:8d:57: | |
| 26 af:0a:69:91:68:b4:aa:f6:14:8b:25:14:60:68:c9: | |
| 27 8d:56:09:06:a6:ad:12:8a:cb:05:33:b0:1e:11:03: | |
| 28 52:bf:af:7d:87:b0:97:22:fb:5a:f4:ea:5b:14:56: | |
| 29 cc:ad:03:2a:da:75:59:35:8b:88:3a:b7:66:3b:18: | |
| 30 a8:7c:c4:29:4f:66:ac:da:1f:ba:ec:ef:fc:55:01: | |
| 31 1e:31:7a:af:ca:5c:5d:cf:73:49:2f:50:b9:0d:3b: | |
| 32 4c:0c:d9:b0:d6:25:86:ea:3d:4d:ea:de:3b:9c:2a: | |
| 33 79:b3:c6:13:9a:bb:22:53:62:7c:a9:05:a6:a3:c7: | |
| 34 f5:28:72:24:c0:d6:ec:6f:66:eb:5a:85:91:5e:cd: | |
| 35 a5:95:cc:9f:60:88:a1:bc:95:33:1f:f4:8f:99:68: | |
| 36 56:64:39:4c:a4:df:f3:41:10:14:50:e5:ba:42:e5: | |
| 37 c6:ec:50:37:44:26:de:0d:28:71:b8:63:bb:38:7e: | |
| 38 04:a9 | |
| 39 Exponent: 65537 (0x10001) | |
| 40 X509v3 extensions: | |
| 41 X509v3 Subject Key Identifier: | |
| 42 78:F8:8D:81:56:D4:CD:CF:11:9F:9E:DD:3D:6C:F2:07:FE:0F:37:7D | |
| 43 X509v3 Authority Key Identifier: | |
| 44 keyid:E9:D8:44:8D:24:EE:A1:82:18:6F:21:FA:4E:EC:FB:DF:D1:91:57:9
D | |
| 45 | |
| 46 Authority Information Access: | |
| 47 CA Issuers - URI:http://url-for-aia/Intermediate.cer | |
| 48 | |
| 49 X509v3 CRL Distribution Points: | |
| 50 | |
| 51 Full Name: | |
| 52 URI:http://url-for-crl/Intermediate.crl | |
| 53 | |
| 54 X509v3 Key Usage: critical | |
| 55 Digital Signature, Key Encipherment | |
| 56 X509v3 Extended Key Usage: | |
| 57 TLS Web Server Authentication, TLS Web Client Authentication | |
| 58 Signature Algorithm: sha256WithRSAEncryption | |
| 59 96:6a:e6:ba:df:4c:9f:c4:01:e6:e3:5a:79:d9:56:ae:76:14: | |
| 60 8a:33:3a:65:e2:28:2f:90:81:5c:1e:8b:ca:1c:0e:a5:f1:ca: | |
| 61 8a:f3:fc:17:f4:2f:0d:3b:cf:ee:06:23:d8:81:6e:14:e4:72: | |
| 62 1b:9c:05:50:37:ca:ce:da:ea:f8 | |
| 63 -----BEGIN CERTIFICATE----- | |
| 64 MIICyzCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl | |
| 65 cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD | |
| 66 VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyQttE | |
| 67 smvyCkEEU30LNKT+jdU6/+WpDF3kLWn+492KRy/onlpUqwuVhBav+ikRQ1zJWRUw | |
| 68 WXe7Yt3W5Cc6v6mCy7j0PFwddIeNV68KaZFotKr2FIslFGBoyY1WCQamrRKKywUz | |
| 69 sB4RA1K/r32HsJci+1r06lsUVsytAyradVk1i4g6t2Y7GKh8xClPZqzaH7rs7/xV | |
| 70 AR4xeq/KXF3Pc0kvULkNO0wM2bDWJYbqPU3q3jucKnmzxhOauyJTYnypBaajx/Uo | |
| 71 ciTA1uxvZutahZFezaWVzJ9giKG8lTMf9I+ZaFZkOUyk3/NBEBRQ5bpC5cbsUDdE | |
| 72 Jt4NKHG4Y7s4fgSpAgMBAAGjgekwgeYwHQYDVR0OBBYEFHj4jYFW1M3PEZ+e3T1s | |
| 73 8gf+Dzd9MB8GA1UdIwQYMBaAFOnYRI0k7qGCGG8h+k7s+9/RkVedMD8GCCsGAQUF | |
| 74 BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk | |
| 75 aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu | |
| 76 dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF | |
| 77 BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAANBAJZq5rrfTJ/EAebjWnnZVq52 | |
| 78 FIozOmXiKC+QgVwei8ocDqXxyorz/Bf0Lw07z+4GI9iBbhTkchucBVA3ys7a6vg= | |
| 79 -----END CERTIFICATE----- | |
| 80 | |
| 81 Certificate: | |
| 82 Data: | |
| 83 Version: 3 (0x2) | |
| 84 Serial Number: 2 (0x2) | |
| 85 Signature Algorithm: sha256WithRSAEncryption | |
| 86 Issuer: CN=Root | |
| 87 Validity | |
| 88 Not Before: Jan 1 12:00:00 2015 GMT | |
| 89 Not After : Jan 1 12:00:00 2016 GMT | |
| 90 Subject: CN=Intermediate | |
| 91 Subject Public Key Info: | |
| 92 Public Key Algorithm: rsaEncryption | |
| 93 Public-Key: (512 bit) | |
| 94 Modulus: | |
| 95 00:d5:13:bb:52:bf:ca:19:1a:06:19:68:07:1d:e6: | |
| 96 87:16:d3:f0:e0:12:ba:a2:b5:2a:3d:ed:b3:64:16: | |
| 97 06:a3:50:fc:b0:a4:49:f2:f9:ab:34:ad:4f:db:0a: | |
| 98 3d:2b:25:92:86:3f:94:df:fb:fc:54:f2:c7:6d:9e: | |
| 99 d2:10:e0:cd:0d | |
| 100 Exponent: 65537 (0x10001) | |
| 101 X509v3 extensions: | |
| 102 X509v3 Subject Key Identifier: | |
| 103 E9:D8:44:8D:24:EE:A1:82:18:6F:21:FA:4E:EC:FB:DF:D1:91:57:9D | |
| 104 X509v3 Authority Key Identifier: | |
| 105 keyid:BE:33:72:47:C2:B1:97:41:99:C0:31:57:52:56:0C:B5:53:78:5A:A
4 | |
| 106 | |
| 107 Authority Information Access: | |
| 108 CA Issuers - URI:http://url-for-aia/Root.cer | |
| 109 | |
| 110 X509v3 CRL Distribution Points: | |
| 111 | |
| 112 Full Name: | |
| 113 URI:http://url-for-crl/Root.crl | |
| 114 | |
| 115 X509v3 Key Usage: critical | |
| 116 Certificate Sign, CRL Sign | |
| 117 X509v3 Basic Constraints: critical | |
| 118 CA:TRUE | |
| 119 Signature Algorithm: sha256WithRSAEncryption | |
| 120 71:33:95:7f:18:b3:82:8b:63:87:5b:f0:c3:e5:6b:06:f4:07: | |
| 121 42:35:3d:af:0f:b9:e9:9e:91:07:04:c4:6d:00:de:11:81:0e: | |
| 122 49:ce:7c:92:ad:c7:5d:c6:42:9f:b9:8f:c7:ab:02:46:f6:ef: | |
| 123 8b:47:be:ad:f6:1f:ee:04:aa:b8:07:1a:43:66:6d:1f:39:2a: | |
| 124 f5:98:4f:4f:60:2d:ca:2f:f7:0e:d8:f3:16:7b:48:03:42:00: | |
| 125 dc:ff:7e:d7:cf:e3:5e:d5:29:33:46:16:a8:42:65:ae:42:bd: | |
| 126 e6:15:2a:07:bb:05:25:cd:b9:99:05:87:61:69:ef:b5:3d:7e: | |
| 127 10:af:7e:7a:64:44:cb:73:65:b5:bc:e3:db:a6:7f:92:5d:31: | |
| 128 87:f3:6c:4d:ac:6a:7f:1b:12:ba:ff:16:2a:80:16:3c:a5:cc: | |
| 129 d4:4d:a4:ed:28:0b:5d:cb:d5:7d:c0:a4:7e:c7:10:df:d1:25: | |
| 130 a9:8a:a3:f1:fc:e1:27:2e:f8:27:0c:09:36:78:2c:a3:6f:78: | |
| 131 0c:b3:4b:7c:f3:5a:31:93:94:74:61:94:0e:c3:ba:3d:94:54: | |
| 132 f5:c1:1e:e9:c1:a9:07:a1:d2:78:e5:6b:e6:06:34:77:62:bb: | |
| 133 80:5a:98:c0:bf:10:38:b9:6f:ed:11:36:01:b1:ad:72:42:30: | |
| 134 c1:da:ad:2b | |
| 135 -----BEGIN CERTIFICATE----- | |
| 136 MIICpTCCAY2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 | |
| 137 MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50 | |
| 138 ZXJtZWRpYXRlMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANUTu1K/yhkaBhloBx3m | |
| 139 hxbT8OASuqK1Kj3ts2QWBqNQ/LCkSfL5qzStT9sKPSslkoY/lN/7/FTyx22e0hDg | |
| 140 zQ0CAwEAAaOByzCByDAdBgNVHQ4EFgQU6dhEjSTuoYIYbyH6Tuz739GRV50wHwYD | |
| 141 VR0jBBgwFoAUvjNyR8Kxl0GZwDFXUlYMtVN4WqQwNwYIKwYBBQUHAQEEKzApMCcG | |
| 142 CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw | |
| 143 IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE | |
| 144 AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBxM5V/GLOC | |
| 145 i2OHW/DD5WsG9AdCNT2vD7npnpEHBMRtAN4RgQ5JznySrcddxkKfuY/HqwJG9u+L | |
| 146 R76t9h/uBKq4BxpDZm0fOSr1mE9PYC3KL/cO2PMWe0gDQgDc/37Xz+Ne1SkzRhao | |
| 147 QmWuQr3mFSoHuwUlzbmZBYdhae+1PX4Qr356ZETLc2W1vOPbpn+SXTGH82xNrGp/ | |
| 148 GxK6/xYqgBY8pczUTaTtKAtdy9V9wKR+xxDf0SWpiqPx/OEnLvgnDAk2eCyjb3gM | |
| 149 s0t881oxk5R0YZQOw7o9lFT1wR7pwakHodJ45WvmBjR3YruAWpjAvxA4uW/tETYB | |
| 150 sa1yQjDB2q0r | |
| 151 -----END CERTIFICATE----- | |
| 152 | |
| 153 Certificate: | |
| 154 Data: | |
| 155 Version: 3 (0x2) | |
| 156 Serial Number: 1 (0x1) | |
| 157 Signature Algorithm: sha256WithRSAEncryption | |
| 158 Issuer: CN=Root | |
| 159 Validity | |
| 160 Not Before: Jan 1 12:00:00 2015 GMT | |
| 161 Not After : Jan 1 12:00:00 2016 GMT | |
| 162 Subject: CN=Root | |
| 163 Subject Public Key Info: | |
| 164 Public Key Algorithm: rsaEncryption | |
| 165 Public-Key: (2048 bit) | |
| 166 Modulus: | |
| 167 00:ca:3f:f8:1f:42:8f:55:98:f8:9f:fb:94:03:42: | |
| 168 2a:c1:42:3a:2b:2a:f3:54:14:f3:fe:67:25:24:d3: | |
| 169 9a:7f:66:1a:60:0b:9d:d8:bd:65:71:b5:f5:d9:fe: | |
| 170 eb:f6:04:72:57:97:bc:23:b0:be:bd:ce:94:9e:58: | |
| 171 1a:10:e7:33:09:0b:57:a8:1c:6f:fa:f7:ce:d1:31: | |
| 172 34:90:1a:b4:60:2d:d2:7f:29:9b:4e:ec:f4:6e:99: | |
| 173 21:6b:98:9c:90:09:fc:bd:2f:55:c3:34:38:48:4a: | |
| 174 73:fe:58:e2:09:b9:d9:f9:53:f6:84:e2:5d:fc:eb: | |
| 175 3c:ba:92:f5:bc:97:cc:ef:43:54:f7:4f:c9:b4:2c: | |
| 176 86:95:32:a6:e8:91:f5:8e:31:f8:de:b5:d9:c9:3d: | |
| 177 4d:d7:24:4c:8c:58:aa:8a:c5:79:ab:e7:cd:3b:5c: | |
| 178 84:67:52:5a:88:33:c3:55:d5:a9:2e:c9:5b:61:7c: | |
| 179 87:05:c1:0b:d7:19:4a:fe:bd:ba:af:d7:e5:70:d1: | |
| 180 a4:92:08:d2:f2:ca:2b:b1:94:d0:84:57:f9:30:92: | |
| 181 fc:3a:67:82:10:6e:e3:89:9f:b3:df:75:6e:99:46: | |
| 182 bd:ce:b1:e8:ac:a2:3b:21:80:da:11:13:bd:df:93: | |
| 183 0e:0e:ee:5d:f5:39:a2:a8:f7:41:c8:cb:00:5c:ac: | |
| 184 ee:b1 | |
| 185 Exponent: 65537 (0x10001) | |
| 186 X509v3 extensions: | |
| 187 X509v3 Subject Key Identifier: | |
| 188 BE:33:72:47:C2:B1:97:41:99:C0:31:57:52:56:0C:B5:53:78:5A:A4 | |
| 189 X509v3 Authority Key Identifier: | |
| 190 keyid:BE:33:72:47:C2:B1:97:41:99:C0:31:57:52:56:0C:B5:53:78:5A:A
4 | |
| 191 | |
| 192 Authority Information Access: | |
| 193 CA Issuers - URI:http://url-for-aia/Root.cer | |
| 194 | |
| 195 X509v3 CRL Distribution Points: | |
| 196 | |
| 197 Full Name: | |
| 198 URI:http://url-for-crl/Root.crl | |
| 199 | |
| 200 X509v3 Key Usage: critical | |
| 201 Certificate Sign, CRL Sign | |
| 202 X509v3 Basic Constraints: critical | |
| 203 CA:TRUE | |
| 204 Signature Algorithm: sha256WithRSAEncryption | |
| 205 6a:f1:5f:9d:b3:dd:07:5a:5c:44:0a:17:df:04:6c:e5:17:03: | |
| 206 a6:ba:c1:85:f3:4f:ff:15:52:85:7c:98:aa:58:ab:39:b2:6d: | |
| 207 ae:71:ff:85:36:de:d6:72:c6:3f:7b:6e:e3:13:32:d5:cd:d8: | |
| 208 22:c3:48:71:e7:ed:02:97:5a:b0:bd:e7:fd:d4:21:53:66:7e: | |
| 209 17:df:97:cd:c0:75:18:f3:a8:6a:0c:bc:de:c3:02:36:17:eb: | |
| 210 99:a4:b7:01:be:89:27:3c:43:9e:d4:e8:24:2a:81:0b:fa:32: | |
| 211 74:90:53:5f:c1:3c:2e:cf:04:ec:90:5e:f4:20:8e:39:06:49: | |
| 212 ee:8d:69:1e:5f:7f:e0:90:ea:b3:cd:70:42:40:76:22:ec:53: | |
| 213 b4:c7:cd:bf:41:34:92:29:80:97:9a:28:f1:f4:8c:65:a2:74: | |
| 214 f3:79:a5:0a:fa:4f:a7:df:d2:c2:a8:23:9f:51:15:19:2c:40: | |
| 215 fd:67:75:3a:24:8c:5b:9a:71:df:02:92:90:d8:e2:58:22:79: | |
| 216 44:10:e5:2c:fd:7e:25:6e:e2:42:ec:02:67:44:17:8a:ac:e5: | |
| 217 9c:b2:0b:d3:22:f5:88:2f:53:e6:e8:a5:43:a4:65:97:a6:36: | |
| 218 f6:57:d3:4b:15:28:55:05:df:52:b5:19:c8:7e:a8:3a:4a:79: | |
| 219 52:33:b9:52 | |
| 220 -----BEGIN TRUST_ANCHOR_UNCONSTRAINED----- | |
| 221 MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 | |
| 222 MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v | |
| 223 dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMo/+B9Cj1WY+J/7lANC | |
| 224 KsFCOisq81QU8/5nJSTTmn9mGmALndi9ZXG19dn+6/YEcleXvCOwvr3OlJ5YGhDn | |
| 225 MwkLV6gcb/r3ztExNJAatGAt0n8pm07s9G6ZIWuYnJAJ/L0vVcM0OEhKc/5Y4gm5 | |
| 226 2flT9oTiXfzrPLqS9byXzO9DVPdPybQshpUypuiR9Y4x+N612ck9TdckTIxYqorF | |
| 227 eavnzTtchGdSWogzw1XVqS7JW2F8hwXBC9cZSv69uq/X5XDRpJII0vLKK7GU0IRX | |
| 228 +TCS/DpnghBu44mfs991bplGvc6x6KyiOyGA2hETvd+TDg7uXfU5oqj3QcjLAFys | |
| 229 7rECAwEAAaOByzCByDAdBgNVHQ4EFgQUvjNyR8Kxl0GZwDFXUlYMtVN4WqQwHwYD | |
| 230 VR0jBBgwFoAUvjNyR8Kxl0GZwDFXUlYMtVN4WqQwNwYIKwYBBQUHAQEEKzApMCcG | |
| 231 CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw | |
| 232 IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE | |
| 233 AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBq8V+ds90H | |
| 234 WlxEChffBGzlFwOmusGF80//FVKFfJiqWKs5sm2ucf+FNt7WcsY/e27jEzLVzdgi | |
| 235 w0hx5+0Cl1qwvef91CFTZn4X35fNwHUY86hqDLzewwI2F+uZpLcBvoknPEOe1Ogk | |
| 236 KoEL+jJ0kFNfwTwuzwTskF70II45BknujWkeX3/gkOqzzXBCQHYi7FO0x82/QTSS | |
| 237 KYCXmijx9IxlonTzeaUK+k+n39LCqCOfURUZLED9Z3U6JIxbmnHfApKQ2OJYInlE | |
| 238 EOUs/X4lbuJC7AJnRBeKrOWcsgvTIvWIL1Pm6KVDpGWXpjb2V9NLFShVBd9StRnI | |
| 239 fqg6SnlSM7lS | |
| 240 -----END TRUST_ANCHOR_UNCONSTRAINED----- | |
| 241 | |
| 242 150302120000Z | |
| 243 -----BEGIN TIME----- | |
| 244 MTUwMzAyMTIwMDAwWg== | |
| 245 -----END TIME----- | |
| 246 | |
| 247 FAIL | |
| 248 -----BEGIN VERIFY_RESULT----- | |
| 249 RkFJTA== | |
| 250 -----END VERIFY_RESULT----- | |
| 251 | |
| 252 serverAuth | |
| 253 -----BEGIN KEY_PURPOSE----- | |
| 254 c2VydmVyQXV0aA== | |
| 255 -----END KEY_PURPOSE----- | |
| 256 | |
| 257 ----- Certificate i=0 (CN=Target) ----- | |
| 258 ERROR: RSA modulus too small | |
| 259 actual: 512 | |
| 260 minimum: 1024 | |
| 261 ERROR: Unacceptable modulus length for RSA key | |
| 262 ERROR: VerifySignedData failed | |
| 263 | |
| 264 | |
| 265 -----BEGIN ERRORS----- | |
| 266 LS0tLS0gQ2VydGlmaWNhdGUgaT0wIChDTj1UYXJnZXQpIC0tLS0tCkVSUk9SOiBSU0EgbW9kdWx1cyB0
b28gc21hbGwKICBhY3R1YWw6IDUxMgogIG1pbmltdW06IDEwMjQKRVJST1I6IFVuYWNjZXB0YWJsZSBt
b2R1bHVzIGxlbmd0aCBmb3IgUlNBIGtleQpFUlJPUjogVmVyaWZ5U2lnbmVkRGF0YSBmYWlsZWQKCg== | |
| 267 -----END ERRORS----- | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2805213004:
Refactor how net/data/verify_certificate_chain_unittest/* (Closed)
