net/data/verify_certificate_chain_unittest/constrained-root-bad-eku.pem - Issue 2832703002: Allow the TrustStore interface to return matching intermediates, and identify distrusted certs.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: net/data/verify_certificate_chain_unittest/constrained-root-bad-eku.pem

Issue 2832703002: Allow the TrustStore interface to return matching intermediates, and identify distrusted certs. (Closed)

Patch Set: address comments Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« components/cast_certificate/cast_cert_validator_test_helpers.cc ('K') | « net/cert/internal/verify_certificate_chain_unittest.cc ('k') | net/data/verify_certificate_chain_unittest/generate-constrained-root-bad-eku.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 [Created by: generate-constrained-root-bad-eku.py]	1 [Created by: generate-constrained-root-bad-eku.py]

2	2

3 Certificate chain with 1 intermediate and a trust anchor. The trust anchor	3 Certificate chain with 1 intermediate and a trust anchor. The trust anchor

4 has an EKU that restricts it to clientAuth. Verification is expected to fail as	4 has an EKU that restricts it to clientAuth. Verification is expected to fail as

5 the end-entity is verified for serverAuth, and the trust anchor enforces	5 the end-entity is verified for serverAuth, and the trust anchor enforces

6 constraints.	6 constraints.

7	7

8 Certificate:	8 Certificate:

9 Data:	9 Data:

10 Version: 3 (0x2)	10 Version: 3 (0x2)

(...skipping 272 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
283 FAIL	283 FAIL

284 -----BEGIN VERIFY_RESULT-----	284 -----BEGIN VERIFY_RESULT-----

285 RkFJTA==	285 RkFJTA==

286 -----END VERIFY_RESULT-----	286 -----END VERIFY_RESULT-----

287	287

288 serverAuth	288 serverAuth

289 -----BEGIN KEY_PURPOSE-----	289 -----BEGIN KEY_PURPOSE-----

290 c2VydmVyQXV0aA==	290 c2VydmVyQXV0aA==

291 -----END KEY_PURPOSE-----	291 -----END KEY_PURPOSE-----

292	292

293 ----- Certificate i=2 -----	293 ----- Certificate i=2 (CN=Root) -----

294 ERROR: The extended key usage does not include server auth	294 ERROR: The extended key usage does not include server auth

295	295

296	296

297 -----BEGIN ERRORS-----	297 -----BEGIN ERRORS-----

298 LS0tLS0gQ2VydGlmaWNhdGUgaT0yIC0tLS0tCkVSUk9SOiBUaGUgZXh0ZW5kZWQga2V5IHVzYWdlIGRv ZXMgbm90IGluY2x1ZGUgc2VydmVyIGF1dGgKCg==	298 LS0tLS0gQ2VydGlmaWNhdGUgaT0yIChDTj1Sb290KSAtLS0tLQpFUlJPUjogVGhlIGV4dGVuZGVkIGtl eSB1c2FnZSBkb2VzIG5vdCBpbmNsdWRlIHNlcnZlciBhdXRoCgo=

299 -----END ERRORS-----	299 -----END ERRORS-----

OLD	NEW