Google Git
Sign in
chromium / chromium / src / 8cccf2141e0fbf642d1254943ee6452f73692bea / . / net / data / verify_certificate_chain_unittest / incorrect-trust-anchor.pem
blob: ba601d6c436aa0240b8d6ea72432bc2080b994d8 [file] [log] [blame]
[Created by: generate-incorrect-trust-anchor.py]
Certificate chain with 1 intermediate, but the trust anchor used is
incorrect (neither subject nor signature matches). Verification is expected to
fail.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a3:7b:69:ed:ad:13:3f:59:75:63:cf:2a:9e:b0:
78:06:62:e2:5e:40:3f:12:2e:61:1c:7f:2e:f8:4f:
0e:92:28:80:18:d8:e2:e2:f4:b4:63:84:c8:0b:4d:
ae:1b:f0:4d:d5:49:91:89:b9:a4:11:b3:77:72:ba:
12:16:3e:29:7c:51:28:99:37:69:57:6d:3b:68:e1:
58:83:c0:ad:13:af:63:2e:85:63:ab:92:11:7a:92:
8b:fa:66:33:f9:3b:c9:ab:22:75:9f:6c:91:1b:22:
6b:c9:2d:c8:6d:58:2b:bc:a9:f3:cf:24:8f:7a:37:
9b:83:67:e5:b2:eb:ea:35:c6:9d:e4:a8:24:74:18:
5b:8b:62:6b:cd:92:d7:c3:6c:b1:40:e1:2f:a3:16:
52:92:df:59:70:bc:cc:37:27:8f:8e:3d:b9:fc:d6:
ca:fb:63:89:b3:d0:64:24:2b:97:e3:a7:bc:6f:76:
7e:e6:82:36:9f:c4:ea:b2:96:60:ac:86:57:09:55:
d7:3b:45:a8:23:b8:b1:4a:92:f8:a9:66:1f:1a:0f:
c5:f6:da:4e:6d:02:56:1b:8a:9f:52:9f:bd:b5:16:
a6:fb:85:3d:fa:04:1d:8e:25:b4:03:9e:74:e4:98:
4a:da:39:7b:d0:f2:7d:f9:f4:97:ce:d1:d8:4d:31:
88:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D6:3E:50:DE:FF:47:B8:65:1A:C6:33:78:79:87:8D:F2:32:32:BA
X509v3 Authority Key Identifier:
keyid:CC:11:88:FF:DF:7E:14:06:07:B5:10:B6:C1:BC:CB:2B:65:FC:83:77
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
b4:9a:15:da:2b:7d:d4:26:f2:41:a2:04:1e:13:f3:b3:28:bf:
a3:85:34:fc:42:b1:57:05:0f:97:e5:f5:d9:d4:0e:eb:43:e8:
63:ce:5b:23:8b:48:ab:2f:25:03:81:43:ba:7e:9a:14:e4:4e:
9c:5b:d3:08:56:b7:00:7c:7f:fd:9e:ab:50:ce:09:95:2c:21:
00:74:22:26:83:fb:08:47:34:1b:67:0e:eb:e0:c4:ab:3d:00:
76:b2:9a:b1:00:c8:d0:17:0d:2e:81:43:71:51:f8:d7:f5:ad:
e9:f0:81:12:2a:e0:6f:c7:10:11:d7:f4:55:73:a4:7c:cb:97:
6c:fd:2b:34:bf:7e:a9:57:d8:e1:a9:05:01:5a:09:2b:49:bf:
bc:99:a3:a5:7c:b0:df:7a:32:0f:c2:94:0f:e0:15:f2:86:8f:
c3:19:44:49:02:10:56:f6:a9:58:38:7f:4d:f1:66:58:00:f9:
17:18:ab:b4:0c:c1:9e:f3:8d:5d:61:4d:02:8c:3a:97:89:8d:
5f:d0:98:f3:57:5c:85:35:b0:94:f8:02:7c:6f:bf:69:bf:7b:
91:5a:c3:38:88:0d:ec:42:3b:b5:29:6b:0a:2d:10:19:ae:bc:
6c:18:95:2e:cd:74:04:af:95:79:ab:8e:4a:cc:53:6e:4d:ad:
83:58:6d:c5
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCje2nt
rRM/WXVjzyqesHgGYuJeQD8SLmEcfy74Tw6SKIAY2OLi9LRjhMgLTa4b8E3VSZGJ
uaQRs3dyuhIWPil8USiZN2lXbTto4ViDwK0Tr2MuhWOrkhF6kov6ZjP5O8mrInWf
bJEbImvJLchtWCu8qfPPJI96N5uDZ+Wy6+o1xp3kqCR0GFuLYmvNktfDbLFA4S+j
FlKS31lwvMw3J4+OPbn81sr7Y4mz0GQkK5fjp7xvdn7mgjafxOqylmCshlcJVdc7
RagjuLFKkvipZh8aD8X22k5tAlYbip9Sn721Fqb7hT36BB2OJbQDnnTkmEraOXvQ
8n359JfO0dhNMYhHAgMBAAGjgekwgeYwHQYDVR0OBBYEFJTWPlDe/0e4ZRrGM3h5
h43yMjK6MB8GA1UdIwQYMBaAFMwRiP/ffhQGB7UQtsG8yytl/IN3MD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAtJoV2it91CbyQaIEHhPz
syi/o4U0/EKxVwUPl+X12dQO60PoY85bI4tIqy8lA4FDun6aFOROnFvTCFa3AHx/
/Z6rUM4JlSwhAHQiJoP7CEc0G2cO6+DEqz0AdrKasQDI0BcNLoFDcVH41/Wt6fCB
Eirgb8cQEdf0VXOkfMuXbP0rNL9+qVfY4akFAVoJK0m/vJmjpXyw33oyD8KUD+AV
8oaPwxlESQIQVvapWDh/TfFmWAD5FxirtAzBnvONXWFNAow6l4mNX9CY81dchTWw
lPgCfG+/ab97kVrDOIgN7EI7tSlrCi0QGa68bBiVLs10BK+VeauOSsxTbk2tg1ht
xQ==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b6:cf:57:a5:6e:7c:9a:78:f2:c1:bd:99:eb:7c:
af:6a:c8:38:2e:8e:cf:e5:20:c0:f9:57:5c:e2:83:
29:33:2c:b1:9d:2b:91:ce:4c:da:27:62:5f:18:08:
a8:f1:03:eb:0e:be:f2:1e:00:8c:63:f2:8f:d3:c1:
e4:df:0a:d3:d4:82:0d:6c:c4:98:87:eb:5b:81:66:
43:f3:38:5e:d4:8b:91:47:70:8b:89:90:a0:0b:9d:
63:56:4f:58:4b:e2:36:e1:97:df:37:71:7a:90:f5:
62:2c:3e:57:71:6a:75:db:10:66:22:4c:fd:e9:a0:
78:5e:4c:e3:8c:d5:c2:c9:a0:10:3d:ec:bd:7b:76:
9f:5f:54:e3:c3:88:9b:d7:7f:8c:80:79:87:0f:3c:
aa:28:d9:f5:63:e8:f3:a5:6b:2b:e0:45:1c:af:94:
00:84:b4:e4:fc:3a:5d:9c:bc:05:c2:04:b7:3a:23:
84:56:66:a2:50:fc:8d:00:06:52:7f:a2:d3:9e:0b:
fa:d5:ba:1b:1e:10:e9:13:60:56:a6:cd:ab:67:90:
66:0c:3d:71:c0:46:42:13:48:74:a8:a8:6d:0c:a8:
6d:7b:6b:57:f1:ba:c0:c5:c8:cd:d9:75:20:d3:59:
ed:32:ed:5c:b6:63:b4:9b:0b:3a:05:7b:ad:38:70:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:11:88:FF:DF:7E:14:06:07:B5:10:B6:C1:BC:CB:2B:65:FC:83:77
X509v3 Authority Key Identifier:
keyid:A7:26:DB:0B:03:E6:0B:32:0B:8C:34:AD:CE:60:CD:4C:89:9B:59:6E
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
69:10:d5:c3:ff:f0:65:c6:79:55:be:ba:6b:7c:7f:49:a2:47:
b0:d7:e9:28:9f:14:f6:11:6a:d7:1f:e3:11:30:c1:d0:0c:21:
8c:b3:21:95:c1:f3:2e:7c:8a:34:f6:d6:c7:49:9a:75:4c:93:
35:c4:88:f7:be:d6:ed:e0:75:22:29:4d:0f:59:80:1a:1b:9b:
a4:fd:86:af:1e:76:44:03:f9:42:f2:74:1e:6b:74:fc:fa:64:
67:33:4a:14:93:fc:84:1f:92:0c:62:ac:aa:e1:f0:6f:3e:09:
90:d5:67:68:2a:28:9c:5f:86:29:8d:48:ef:3e:a5:48:60:08:
b5:cf:ac:ba:ff:ba:d7:7d:9a:8e:b4:63:10:e3:14:12:12:89:
37:00:42:fb:4c:e5:b7:0d:e5:b8:28:5b:9f:79:48:aa:e4:ef:
17:ec:eb:f1:c3:82:d9:48:ec:cd:f4:f7:1f:8f:e2:9e:ec:71:
a6:7a:ce:c0:fc:14:8f:48:17:56:10:02:27:aa:d9:10:bb:fc:
6d:e2:d8:b6:66:27:08:e5:31:4d:fb:24:45:0f:da:7a:9c:8d:
e5:91:0c:80:91:1e:44:78:01:28:ca:db:40:87:db:38:0f:18:
1a:a9:ff:68:8c:03:b2:89:82:e2:80:ee:3c:77:e2:4e:85:a5:
cf:72:3f:24
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts9XpW58
mnjywb2Z63yvasg4Lo7P5SDA+Vdc4oMpMyyxnSuRzkzaJ2JfGAio8QPrDr7yHgCM
Y/KP08Hk3wrT1IINbMSYh+tbgWZD8zhe1IuRR3CLiZCgC51jVk9YS+I24ZffN3F6
kPViLD5XcWp12xBmIkz96aB4XkzjjNXCyaAQPey9e3afX1Tjw4ib13+MgHmHDzyq
KNn1Y+jzpWsr4EUcr5QAhLTk/DpdnLwFwgS3OiOEVmaiUPyNAAZSf6LTngv61bob
HhDpE2BWps2rZ5BmDD1xwEZCE0h0qKhtDKhte2tX8brAxcjN2XUg01ntMu1ctmO0
mws6BXutOHDkPQIDAQABo4HLMIHIMB0GA1UdDgQWBBTMEYj/334UBge1ELbBvMsr
ZfyDdzAfBgNVHSMEGDAWgBSnJtsLA+YLMguMNK3OYM1MiZtZbjA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
AGkQ1cP/8GXGeVW+umt8f0miR7DX6SifFPYRatcf4xEwwdAMIYyzIZXB8y58ijT2
1sdJmnVMkzXEiPe+1u3gdSIpTQ9ZgBobm6T9hq8edkQD+ULydB5rdPz6ZGczShST
/IQfkgxirKrh8G8+CZDVZ2gqKJxfhimNSO8+pUhgCLXPrLr/utd9mo60YxDjFBIS
iTcAQvtM5bcN5bgoW595SKrk7xfs6/HDgtlI7M309x+P4p7scaZ6zsD8FI9IF1YQ
Aieq2RC7/G3i2LZmJwjlMU37JEUP2nqcjeWRDICRHkR4ASjK20CH2zgPGBqp/2iM
A7KJguKA7jx34k6Fpc9yPyQ=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BogusRoot
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=BogusRoot
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a6:2e:77:a3:0d:0b:86:02:e4:79:46:6d:76:0e:
de:ba:55:19:76:07:90:e5:7a:4b:9a:99:70:f2:91:
f2:28:94:e7:e0:8b:aa:c4:a5:c1:82:36:d8:30:be:
84:43:45:ae:2a:60:e7:fe:d4:a0:a1:a7:e9:30:56:
d0:c9:5d:f8:5f:86:9c:ba:c9:ad:cc:29:77:15:0c:
e8:7b:78:52:42:ec:69:db:db:38:d6:f5:25:75:50:
6f:21:a0:9a:b2:4e:3a:33:6c:47:60:b2:a4:e7:ec:
bc:c0:9f:d7:46:1b:bb:82:43:2a:22:6d:fb:65:0d:
b5:cf:48:b9:a6:e3:2b:26:77:32:db:a6:80:b6:a7:
63:f5:b9:d7:bf:f3:37:bd:2b:88:15:b5:50:06:0c:
c9:6f:05:2b:97:ac:ff:01:d9:9e:55:b8:2d:90:62:
a4:38:d4:d3:19:87:8f:b0:dd:88:4d:ca:19:f3:c9:
2f:95:22:a8:19:be:98:38:6d:0f:17:65:d7:ee:5b:
82:73:f8:c5:28:43:76:96:a6:ef:00:9c:5e:d0:9d:
cc:52:dc:c8:6c:d6:4a:8e:2c:5a:c0:9b:e0:b4:1b:
f4:5f:43:84:b7:ad:7d:d1:07:c6:79:16:d8:01:c2:
73:e7:ad:dc:4c:d4:a5:bc:ab:99:60:6d:18:34:14:
ed:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:21:11:AF:90:99:E9:F8:9A:0B:80:16:9C:63:C3:DC:45:08:84:91
X509v3 Authority Key Identifier:
keyid:60:21:11:AF:90:99:E9:F8:9A:0B:80:16:9C:63:C3:DC:45:08:84:91
Authority Information Access:
CA Issuers - URI:http://url-for-aia/BogusRoot.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/BogusRoot.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
97:aa:1c:16:64:05:60:ea:e0:5b:ae:7e:31:f3:6e:04:07:fe:
ba:34:6d:fd:b3:c9:74:d1:f8:b4:da:c2:97:1e:00:da:05:b6:
08:de:e3:8e:6e:5e:a9:9b:15:62:41:0b:2f:d2:bc:24:4a:47:
e9:7a:0c:6b:ba:c9:04:7c:82:ea:c5:89:5c:03:6f:8a:e6:a1:
13:4c:02:1a:5b:2e:ae:48:8b:16:f5:6d:01:89:89:66:29:06:
40:49:fe:b9:51:19:9e:ea:6d:76:ce:a7:78:7e:72:bf:04:4c:
bf:f6:17:b0:bc:79:3e:67:47:89:ec:d9:07:40:55:6e:5b:7c:
79:6e:7f:97:e9:1b:d3:df:b6:54:e5:53:44:32:e2:39:17:ea:
17:be:6c:82:8a:b6:c2:6a:b4:c5:b7:8c:6d:38:34:b4:b8:27:
66:1f:4f:70:1d:65:77:6c:73:d8:69:24:6f:06:09:d4:f9:a9:
7a:eb:47:cb:9b:3e:ec:42:89:2e:f4:2b:20:36:f1:fc:70:e2:
3b:83:0a:e0:3a:04:1e:bf:53:cb:b6:ca:fe:2f:25:d5:c6:aa:
71:39:a9:8e:25:4a:75:bb:15:fc:29:4f:ba:d6:a9:02:c7:8d:
d8:06:48:aa:6d:0b:34:bd:36:19:ea:87:a9:50:e5:a8:d8:31:
73:a2:30:44
-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
MIIDeTCCAmGgAwIBAgIBATANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDDAlCb2d1
c1Jvb3QwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjAUMRIwEAYDVQQD
DAlCb2d1c1Jvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmLnej
DQuGAuR5Rm12Dt66VRl2B5DlekuamXDykfIolOfgi6rEpcGCNtgwvoRDRa4qYOf+
1KChp+kwVtDJXfhfhpy6ya3MKXcVDOh7eFJC7Gnb2zjW9SV1UG8hoJqyTjozbEdg
sqTn7LzAn9dGG7uCQyoibftlDbXPSLmm4ysmdzLbpoC2p2P1ude/8ze9K4gVtVAG
DMlvBSuXrP8B2Z5VuC2QYqQ41NMZh4+w3YhNyhnzyS+VIqgZvpg4bQ8XZdfuW4Jz
+MUoQ3aWpu8AnF7QncxS3Mhs1kqOLFrAm+C0G/RfQ4S3rX3RB8Z5FtgBwnPnrdxM
1KW8q5lgbRg0FO0HAgMBAAGjgdUwgdIwHQYDVR0OBBYEFGAhEa+Qmen4mguAFpxj
w9xFCISRMB8GA1UdIwQYMBaAFGAhEa+Qmen4mguAFpxjw9xFCISRMDwGCCsGAQUF
BwEBBDAwLjAsBggrBgEFBQcwAoYgaHR0cDovL3VybC1mb3ItYWlhL0JvZ3VzUm9v
dC5jZXIwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL3VybC1mb3ItY3JsL0JvZ3Vz
Um9vdC5jcmwwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI
hvcNAQELBQADggEBAJeqHBZkBWDq4FuufjHzbgQH/ro0bf2zyXTR+LTawpceANoF
tgje445uXqmbFWJBCy/SvCRKR+l6DGu6yQR8gurFiVwDb4rmoRNMAhpbLq5Iixb1
bQGJiWYpBkBJ/rlRGZ7qbXbOp3h+cr8ETL/2F7C8eT5nR4ns2QdAVW5bfHluf5fp
G9PftlTlU0Qy4jkX6he+bIKKtsJqtMW3jG04NLS4J2YfT3AdZXdsc9hpJG8GCdT5
qXrrR8ubPuxCiS70KyA28fxw4juDCuA6BB6/U8u2yv4vJdXGqnE5qY4lSnW7Ffwp
T7rWqQLHjdgGSKptCzS9Nhnqh6lQ5ajYMXOiMEQ=
-----END TRUST_ANCHOR_UNCONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
FAIL
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----
[Context] Processing Certificate
index: 0
[Error] Signature verification failed
[Error] VerifySignedData failed
-----BEGIN ERRORS-----
W0NvbnRleHRdIFByb2Nlc3NpbmcgQ2VydGlmaWNhdGUKICBpbmRleDogMAogICAgICBbRXJyb3JdIFNpZ25hdHVyZSB2ZXJpZmljYXRpb24gZmFpbGVkCiAgICAgIFtFcnJvcl0gVmVyaWZ5U2lnbmVkRGF0YSBmYWlsZWQK
-----END ERRORS-----