| Index: net/data/verify_certificate_chain_unittest/serverauth-ec-ku-decipheronly.pem
|
| diff --git a/net/data/verify_certificate_chain_unittest/serverauth-ec-ku-decipheronly.pem b/net/data/verify_certificate_chain_unittest/serverauth-ec-ku-decipheronly.pem
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..1ff051c83fd818630b4e190f27c7de3aef7a59cd
|
| --- /dev/null
|
| +++ b/net/data/verify_certificate_chain_unittest/serverauth-ec-ku-decipheronly.pem
|
| @@ -0,0 +1,272 @@
|
| +[Created by: generate-serverauth-ec-ku-decipheronly.py]
|
| +
|
| +Certificate chain with 1 intermediate, a trusted root, and a target
|
| +certificate for serverAuth that has only decipherOnly.
|
| +
|
| +Certificate:
|
| + Data:
|
| + Version: 3 (0x2)
|
| + Serial Number: 1 (0x1)
|
| + Signature Algorithm: sha256WithRSAEncryption
|
| + Issuer: CN=Intermediate
|
| + Validity
|
| + Not Before: Jan 1 12:00:00 2015 GMT
|
| + Not After : Jan 1 12:00:00 2016 GMT
|
| + Subject: CN=Target
|
| + Subject Public Key Info:
|
| + Public Key Algorithm: id-ecPublicKey
|
| + Public-Key: (384 bit)
|
| + pub:
|
| + 04:d1:cf:61:33:ef:4c:6f:37:a7:7c:f9:f4:4b:27:
|
| + ff:db:db:e5:62:a9:49:ad:91:ca:b5:c6:a2:28:b1:
|
| + b4:c9:07:7e:00:d0:6f:ac:52:7b:a3:71:98:21:a4:
|
| + 2a:25:90:8e:ea:25:53:0e:b4:16:cd:6b:b1:6d:a3:
|
| + 82:da:97:63:6e:1f:b1:ad:51:43:19:88:65:98:ce:
|
| + 0c:d2:72:32:6f:9f:03:61:90:a1:14:1d:be:22:36:
|
| + ef:04:ad:e2:c6:2c:be
|
| + ASN1 OID: secp384r1
|
| + X509v3 extensions:
|
| + X509v3 Subject Key Identifier:
|
| + 7F:D2:AB:42:C8:F5:F8:00:89:AC:48:F5:4E:C5:9F:A9:2F:31:CC:C2
|
| + X509v3 Authority Key Identifier:
|
| + keyid:37:12:75:29:6D:FF:89:6B:05:DB:4C:84:34:8A:E4:7E:3E:29:61:1F
|
| +
|
| + Authority Information Access:
|
| + CA Issuers - URI:http://url-for-aia/Intermediate.cer
|
| +
|
| + X509v3 CRL Distribution Points:
|
| +
|
| + Full Name:
|
| + URI:http://url-for-crl/Intermediate.crl
|
| +
|
| + X509v3 Key Usage: critical
|
| + Decipher Only
|
| + X509v3 Extended Key Usage:
|
| + TLS Web Server Authentication
|
| + Signature Algorithm: sha256WithRSAEncryption
|
| + 64:5d:c0:4d:04:16:26:f9:17:cb:a9:e8:e3:5f:a8:87:fd:9a:
|
| + 12:b5:f7:25:d8:95:d9:54:f9:a1:6c:77:ce:dd:e0:cb:5b:8f:
|
| + ea:b2:45:b6:57:61:5f:8d:f7:d7:54:1c:0c:09:36:14:d7:c9:
|
| + 22:ca:57:d1:cd:6a:5c:aa:94:1c:39:4a:20:78:9c:16:4c:14:
|
| + ab:51:ac:04:67:8d:25:dd:96:06:d1:8b:37:0c:2f:89:d7:b9:
|
| + 32:cc:60:f3:63:e1:4d:d4:dd:1f:fb:41:e1:24:98:0d:85:ec:
|
| + db:47:27:b5:77:65:6f:1c:44:48:a4:d2:bf:b8:35:17:ad:62:
|
| + b4:92:65:83:f0:05:ac:5e:98:d6:e8:15:74:ce:db:f1:0e:21:
|
| + 94:cf:89:d5:52:47:02:f3:3b:b7:b8:b8:33:6f:03:fb:9b:ac:
|
| + d3:a5:61:33:e5:75:96:66:df:7c:1d:10:b2:ef:74:b6:97:2b:
|
| + 8c:68:d0:03:ac:82:43:fc:2f:35:77:e7:22:be:fa:a0:2a:92:
|
| + 80:f9:50:83:3b:fe:ce:41:50:92:80:2b:a3:0d:80:e1:6f:32:
|
| + fa:0a:79:d4:5b:e9:91:8c:86:b2:2a:66:37:8e:84:72:93:06:
|
| + 5c:25:c5:bd:0d:9e:e6:a8:ac:a7:79:6f:dc:6e:a5:8a:d5:e5:
|
| + 49:e4:06:d5
|
| +-----BEGIN CERTIFICATE-----
|
| +MIIC1jCCAb6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
|
| +cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
|
| +VQQDDAZUYXJnZXQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATRz2Ez70xvN6d8+fRL
|
| +J//b2+ViqUmtkcq1xqIosbTJB34A0G+sUnujcZghpColkI7qJVMOtBbNa7Fto4La
|
| +l2NuH7GtUUMZiGWYzgzScjJvnwNhkKEUHb4iNu8EreLGLL6jgeAwgd0wHQYDVR0O
|
| +BBYEFH/Sq0LI9fgAiaxI9U7Fn6kvMczCMB8GA1UdIwQYMBaAFDcSdSlt/4lrBdtM
|
| +hDSK5H4+KWEfMD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3Vy
|
| +bC1mb3ItYWlhL0ludGVybWVkaWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0
|
| +cDovL3VybC1mb3ItY3JsL0ludGVybWVkaWF0ZS5jcmwwDwYDVR0PAQH/BAUDAwcA
|
| +gDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAQEAZF3ATQQW
|
| +JvkXy6no41+oh/2aErX3JdiV2VT5oWx3zt3gy1uP6rJFtldhX43311QcDAk2FNfJ
|
| +IspX0c1qXKqUHDlKIHicFkwUq1GsBGeNJd2WBtGLNwwvide5Msxg82PhTdTdH/tB
|
| +4SSYDYXs20cntXdlbxxESKTSv7g1F61itJJlg/AFrF6Y1ugVdM7b8Q4hlM+J1VJH
|
| +AvM7t7i4M28D+5us06VhM+V1lmbffB0Qsu90tpcrjGjQA6yCQ/wvNXfnIr76oCqS
|
| +gPlQgzv+zkFQkoArow2A4W8y+gp51FvpkYyGsipmN46EcpMGXCXFvQ2e5qisp3lv
|
| +3G6litXlSeQG1Q==
|
| +-----END CERTIFICATE-----
|
| +
|
| +Certificate:
|
| + Data:
|
| + Version: 3 (0x2)
|
| + Serial Number: 2 (0x2)
|
| + Signature Algorithm: sha256WithRSAEncryption
|
| + Issuer: CN=Root
|
| + Validity
|
| + Not Before: Jan 1 12:00:00 2015 GMT
|
| + Not After : Jan 1 12:00:00 2016 GMT
|
| + Subject: CN=Intermediate
|
| + Subject Public Key Info:
|
| + Public Key Algorithm: rsaEncryption
|
| + Public-Key: (2048 bit)
|
| + Modulus:
|
| + 00:b8:8b:90:32:c2:17:b6:29:eb:5a:a1:95:9d:f7:
|
| + 02:ba:e3:c6:f2:1a:24:97:1d:66:04:4e:9c:82:80:
|
| + fd:a6:e9:76:95:43:4d:57:e5:0d:a8:48:88:bc:2c:
|
| + 38:08:60:68:3f:c3:08:f5:0c:03:e5:26:10:1c:3d:
|
| + a7:f1:a6:9a:48:ff:a1:4a:fb:8e:bc:4f:48:41:7c:
|
| + 32:a1:30:b9:3b:7b:c7:3b:79:d4:f6:52:f7:47:73:
|
| + 7c:d1:c4:3f:cc:33:36:82:d7:25:b8:14:46:90:41:
|
| + 2e:d1:43:b4:99:c5:24:ec:84:16:82:c2:39:e3:8b:
|
| + f6:e1:19:82:06:eb:71:8f:ed:cf:50:c7:ba:c2:d0:
|
| + 88:eb:a9:e6:6e:2a:4f:0b:e7:03:13:72:4e:29:ba:
|
| + ca:4c:92:10:a0:39:e4:85:6a:1a:74:17:39:39:2e:
|
| + c8:97:54:01:68:4f:0b:5c:80:3d:8f:b1:ae:a5:58:
|
| + 43:ab:5c:69:67:a2:c4:27:24:6d:71:60:dd:7b:14:
|
| + e3:56:61:96:09:e6:7b:3b:f0:e9:3b:07:b4:43:32:
|
| + 9f:3e:8b:52:fe:50:1e:3d:b7:e5:cd:f8:97:82:48:
|
| + f6:42:7b:69:3d:bb:90:1b:aa:f2:82:f6:d5:fd:30:
|
| + 48:c3:c6:96:e6:62:91:7f:73:5b:ab:34:0c:ef:be:
|
| + 65:bf
|
| + Exponent: 65537 (0x10001)
|
| + X509v3 extensions:
|
| + X509v3 Subject Key Identifier:
|
| + 37:12:75:29:6D:FF:89:6B:05:DB:4C:84:34:8A:E4:7E:3E:29:61:1F
|
| + X509v3 Authority Key Identifier:
|
| + keyid:B9:85:5C:53:ED:42:DC:3E:51:38:73:99:A1:EF:87:D4:E2:28:0E:9D
|
| +
|
| + Authority Information Access:
|
| + CA Issuers - URI:http://url-for-aia/Root.cer
|
| +
|
| + X509v3 CRL Distribution Points:
|
| +
|
| + Full Name:
|
| + URI:http://url-for-crl/Root.crl
|
| +
|
| + X509v3 Key Usage: critical
|
| + Certificate Sign, CRL Sign
|
| + X509v3 Basic Constraints: critical
|
| + CA:TRUE
|
| + Signature Algorithm: sha256WithRSAEncryption
|
| + 95:d5:38:db:53:98:3b:48:9f:4b:18:fa:59:98:e2:9f:ee:13:
|
| + 9f:90:c9:84:46:28:1d:a3:bc:9c:56:46:73:25:c1:16:43:00:
|
| + 44:77:27:e8:73:13:db:6e:9f:b7:12:aa:08:0b:8a:6f:58:89:
|
| + 56:a3:19:6a:c6:8e:fc:2e:90:fd:93:7f:a4:75:73:fb:fd:23:
|
| + 31:e3:cb:51:50:57:3d:04:b8:3f:ac:b3:97:c2:4d:a9:95:38:
|
| + a9:04:27:6a:c9:a5:b0:cc:bf:d8:d3:fd:dd:a6:42:d3:ff:ee:
|
| + cb:b5:15:10:a8:b3:e1:12:6f:80:3a:a4:c1:f6:b7:bf:6a:1d:
|
| + d2:cc:23:d6:fe:54:06:26:6b:af:ed:d8:75:ea:62:12:68:be:
|
| + 6c:75:9a:cc:59:86:a1:f8:88:28:1d:77:18:01:c7:ed:f4:30:
|
| + 65:b8:aa:96:77:d9:2e:92:11:f2:d9:7b:e5:4f:0d:dc:80:28:
|
| + 0b:69:0a:c0:86:df:c0:41:cd:50:d0:15:ba:3c:a3:26:b0:0f:
|
| + ce:53:06:bd:97:f8:9a:ed:29:f5:5a:8b:23:a6:e3:26:ac:f5:
|
| + 5c:31:0b:20:1f:03:5d:06:c7:2f:6a:51:f4:44:5c:02:98:b2:
|
| + b4:3e:ea:f3:fc:ef:b4:d0:ac:13:d2:f9:8e:fd:e8:65:a8:69:
|
| + 9b:1d:ac:10
|
| +-----BEGIN CERTIFICATE-----
|
| +MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
|
| +MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
|
| +ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIuQMsIX
|
| +tinrWqGVnfcCuuPG8hoklx1mBE6cgoD9pul2lUNNV+UNqEiIvCw4CGBoP8MI9QwD
|
| +5SYQHD2n8aaaSP+hSvuOvE9IQXwyoTC5O3vHO3nU9lL3R3N80cQ/zDM2gtcluBRG
|
| +kEEu0UO0mcUk7IQWgsI544v24RmCButxj+3PUMe6wtCI66nmbipPC+cDE3JOKbrK
|
| +TJIQoDnkhWoadBc5OS7Il1QBaE8LXIA9j7GupVhDq1xpZ6LEJyRtcWDdexTjVmGW
|
| +CeZ7O/DpOwe0QzKfPotS/lAePbflzfiXgkj2QntpPbuQG6rygvbV/TBIw8aW5mKR
|
| +f3NbqzQM775lvwIDAQABo4HLMIHIMB0GA1UdDgQWBBQ3EnUpbf+JawXbTIQ0iuR+
|
| +PilhHzAfBgNVHSMEGDAWgBS5hVxT7ULcPlE4c5mh74fU4igOnTA3BggrBgEFBQcB
|
| +AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
|
| +BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
|
| +VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
|
| +AJXVONtTmDtIn0sY+lmY4p/uE5+QyYRGKB2jvJxWRnMlwRZDAER3J+hzE9tun7cS
|
| +qggLim9YiVajGWrGjvwukP2Tf6R1c/v9IzHjy1FQVz0EuD+ss5fCTamVOKkEJ2rJ
|
| +pbDMv9jT/d2mQtP/7su1FRCos+ESb4A6pMH2t79qHdLMI9b+VAYma6/t2HXqYhJo
|
| +vmx1msxZhqH4iCgddxgBx+30MGW4qpZ32S6SEfLZe+VPDdyAKAtpCsCG38BBzVDQ
|
| +Fbo8oyawD85TBr2X+JrtKfVaiyOm4yas9VwxCyAfA10Gxy9qUfREXAKYsrQ+6vP8
|
| +77TQrBPS+Y796GWoaZsdrBA=
|
| +-----END CERTIFICATE-----
|
| +
|
| +Certificate:
|
| + Data:
|
| + Version: 3 (0x2)
|
| + Serial Number: 1 (0x1)
|
| + Signature Algorithm: sha256WithRSAEncryption
|
| + Issuer: CN=Root
|
| + Validity
|
| + Not Before: Jan 1 12:00:00 2015 GMT
|
| + Not After : Jan 1 12:00:00 2016 GMT
|
| + Subject: CN=Root
|
| + Subject Public Key Info:
|
| + Public Key Algorithm: rsaEncryption
|
| + Public-Key: (2048 bit)
|
| + Modulus:
|
| + 00:b3:fe:a1:cc:0e:bd:61:9d:d2:4d:30:ca:ea:9a:
|
| + b8:96:8f:c1:31:da:d0:a5:26:32:30:42:a2:e0:a4:
|
| + ad:2c:71:c3:b5:bf:18:81:b8:12:a1:a9:fd:a7:97:
|
| + b1:16:ed:78:4a:38:45:2a:2e:59:0d:40:0a:8d:b4:
|
| + b7:31:49:c6:7c:1e:c7:7f:42:88:47:65:20:c0:dc:
|
| + fe:91:87:1f:01:da:70:be:5c:8e:31:cf:92:69:bf:
|
| + 95:64:54:d9:76:3e:df:9d:eb:c3:7c:81:03:f3:97:
|
| + aa:46:ba:82:48:03:57:99:86:9e:f4:83:0a:e6:01:
|
| + 40:cc:c0:b0:42:66:63:e6:51:26:ae:b2:0f:d5:0f:
|
| + 32:08:02:17:29:7e:75:8a:d1:df:42:da:67:a9:3b:
|
| + 47:71:90:7c:9f:52:6d:d5:4a:0f:f9:20:56:25:e9:
|
| + a9:2b:aa:01:73:af:28:1f:00:45:30:13:69:94:21:
|
| + e7:e6:f0:76:39:7b:c8:e7:07:c3:39:f3:f6:da:42:
|
| + 3f:57:6b:47:fe:fa:30:a8:08:d3:de:4d:40:38:aa:
|
| + e4:97:bd:82:f5:e9:e8:2e:92:14:69:9f:d1:22:41:
|
| + 7e:05:40:74:07:ab:79:63:31:5b:e3:95:c3:4e:23:
|
| + a8:a6:7f:f8:b7:8a:5d:d4:f8:e1:8b:75:5b:44:06:
|
| + 08:c1
|
| + Exponent: 65537 (0x10001)
|
| + X509v3 extensions:
|
| + X509v3 Subject Key Identifier:
|
| + B9:85:5C:53:ED:42:DC:3E:51:38:73:99:A1:EF:87:D4:E2:28:0E:9D
|
| + X509v3 Authority Key Identifier:
|
| + keyid:B9:85:5C:53:ED:42:DC:3E:51:38:73:99:A1:EF:87:D4:E2:28:0E:9D
|
| +
|
| + Authority Information Access:
|
| + CA Issuers - URI:http://url-for-aia/Root.cer
|
| +
|
| + X509v3 CRL Distribution Points:
|
| +
|
| + Full Name:
|
| + URI:http://url-for-crl/Root.crl
|
| +
|
| + X509v3 Key Usage: critical
|
| + Certificate Sign, CRL Sign
|
| + X509v3 Basic Constraints: critical
|
| + CA:TRUE
|
| + Signature Algorithm: sha256WithRSAEncryption
|
| + 2f:23:ee:6a:dd:bb:59:2d:57:cf:94:f3:1b:5c:fb:d9:6e:dd:
|
| + 74:12:96:6e:7f:31:8c:00:ee:60:03:80:89:d8:78:4a:71:60:
|
| + 31:df:74:f5:e6:26:67:6e:91:5e:e8:a2:ef:b6:da:e4:03:bd:
|
| + 30:e1:4b:4b:bb:9e:5f:d3:4b:31:af:64:bd:76:48:de:68:4b:
|
| + 80:59:85:93:12:ac:65:42:01:ea:33:28:6c:af:c5:af:cc:0a:
|
| + 41:89:12:98:f1:1d:54:b6:dd:f1:ff:45:d4:3f:64:84:15:46:
|
| + d7:35:bb:09:19:66:f0:8b:db:11:8d:7a:fb:11:ea:7f:e2:57:
|
| + 96:47:da:23:81:c1:b6:71:d2:33:98:88:35:d5:90:e1:93:87:
|
| + 32:36:c7:a7:f1:c0:55:a5:94:65:62:14:e4:18:e7:64:2d:6d:
|
| + 40:6e:ba:5b:66:39:a4:d8:1f:1c:a8:9f:80:5a:d7:35:5a:47:
|
| + 44:32:b6:a2:18:26:08:08:2e:8f:9a:6b:f6:f5:5c:95:46:27:
|
| + 8e:d5:fb:c0:d5:52:3d:e5:a4:23:0e:f4:30:ba:ce:79:b8:63:
|
| + fd:e2:aa:56:05:b4:15:f7:4f:41:b3:88:31:29:97:51:71:52:
|
| + 04:95:00:64:7c:7a:c7:35:b9:22:d0:32:9a:bd:2f:c6:ea:7d:
|
| + 3a:2d:29:39
|
| +-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
|
| +MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
|
| +MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
|
| +dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALP+ocwOvWGd0k0wyuqa
|
| +uJaPwTHa0KUmMjBCouCkrSxxw7W/GIG4EqGp/aeXsRbteEo4RSouWQ1ACo20tzFJ
|
| +xnwex39CiEdlIMDc/pGHHwHacL5cjjHPkmm/lWRU2XY+353rw3yBA/OXqka6gkgD
|
| +V5mGnvSDCuYBQMzAsEJmY+ZRJq6yD9UPMggCFyl+dYrR30LaZ6k7R3GQfJ9SbdVK
|
| +D/kgViXpqSuqAXOvKB8ARTATaZQh5+bwdjl7yOcHwznz9tpCP1drR/76MKgI095N
|
| +QDiq5Je9gvXp6C6SFGmf0SJBfgVAdAereWMxW+OVw04jqKZ/+LeKXdT44Yt1W0QG
|
| +CMECAwEAAaOByzCByDAdBgNVHQ4EFgQUuYVcU+1C3D5ROHOZoe+H1OIoDp0wHwYD
|
| +VR0jBBgwFoAUuYVcU+1C3D5ROHOZoe+H1OIoDp0wNwYIKwYBBQUHAQEEKzApMCcG
|
| +CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
|
| +IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
|
| +AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAvI+5q3btZ
|
| +LVfPlPMbXPvZbt10EpZufzGMAO5gA4CJ2HhKcWAx33T15iZnbpFe6KLvttrkA70w
|
| +4UtLu55f00sxr2S9dkjeaEuAWYWTEqxlQgHqMyhsr8WvzApBiRKY8R1Utt3x/0XU
|
| +P2SEFUbXNbsJGWbwi9sRjXr7Eep/4leWR9ojgcG2cdIzmIg11ZDhk4cyNsen8cBV
|
| +pZRlYhTkGOdkLW1AbrpbZjmk2B8cqJ+AWtc1WkdEMraiGCYICC6Pmmv29VyVRieO
|
| +1fvA1VI95aQjDvQwus55uGP94qpWBbQV909Bs4gxKZdRcVIElQBkfHrHNbki0DKa
|
| +vS/G6n06LSk5
|
| +-----END TRUST_ANCHOR_UNCONSTRAINED-----
|
| +
|
| +150302120000Z
|
| +-----BEGIN TIME-----
|
| +MTUwMzAyMTIwMDAwWg==
|
| +-----END TIME-----
|
| +
|
| +SUCCESS
|
| +-----BEGIN VERIFY_RESULT-----
|
| +U1VDQ0VTUw==
|
| +-----END VERIFY_RESULT-----
|
| +
|
| +serverAuth
|
| +-----BEGIN KEY_PURPOSE-----
|
| +c2VydmVyQXV0aA==
|
| +-----END KEY_PURPOSE-----
|
|
|
Chromium Code Reviews
Issue 2813043002:
Add tests for keyUsage to the built-in cert verifier. (Closed)
