Google Git
Sign in
chromium / chromium / src / 8cccf2141e0fbf642d1254943ee6452f73692bea / . / net / data / verify_certificate_chain_unittest / target-unknown-critical-extension.pem
blob: a5afd225886e6bb225f3728621f5223de4c1d82b [file] [log] [blame]
[Created by: generate-target-unknown-critical-extension.py]
Certificate chain with 1 intermediate and a trusted root. The target
certificate has an unknown X.509v3 extension (OID=1.2.3.4) that is marked as
critical. Verifying this certificate chain is expected to fail because there is
an unrecognized critical extension.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d5:9d:3b:85:e5:81:69:52:70:67:33:4a:2b:76:
6a:e5:61:db:af:e5:32:74:85:dd:54:d2:c7:76:5a:
5c:38:d8:46:fc:b4:33:f5:9d:8e:80:83:ab:31:96:
41:c4:c2:52:af:8c:4d:0e:5c:69:c5:5d:cc:b4:1b:
ef:de:61:58:88:e2:c4:bf:6a:cb:74:bd:f5:bd:61:
57:1c:22:9f:6d:e8:38:c6:70:b8:1e:a5:2b:4f:35:
9f:65:fc:c1:36:17:3e:d7:fa:33:21:70:fb:e0:ce:
ab:23:41:3f:fc:7b:74:1d:6b:ba:21:b7:5b:fd:a1:
77:11:1a:8d:5b:2a:be:38:2e:79:a0:b7:2d:45:5c:
d7:32:fd:4c:70:f1:95:1c:38:a3:15:4f:57:f3:75:
59:fe:75:14:39:ea:44:16:b9:2e:06:df:67:30:dd:
5a:b1:7e:95:09:fd:12:cc:87:b1:66:fa:7e:b9:e5:
b5:38:0a:46:73:53:1a:b2:aa:12:e3:6d:99:56:e8:
c7:cc:eb:6b:00:9b:c1:ba:02:23:2b:32:be:9b:f8:
ab:b2:b5:be:50:f6:7f:95:b6:6b:1c:e6:ad:f1:69:
5a:e0:41:1e:85:64:91:37:7b:9a:28:43:a5:ee:33:
25:ab:82:97:03:07:94:b8:d3:34:95:bf:33:d2:14:
b1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FD:B6:08:AB:82:83:50:E7:F0:85:51:1C:CC:78:E5:22:50:91:60
X509v3 Authority Key Identifier:
keyid:5B:B2:D8:DC:1B:60:39:B5:6B:10:A5:70:37:93:E7:3C:F5:52:46:C8
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
1.2.3.4: critical
....
Signature Algorithm: sha256WithRSAEncryption
39:19:04:31:e9:20:03:1b:e9:d3:91:25:94:68:4f:8d:07:16:
08:e8:7f:99:01:37:56:8d:f4:15:6b:a8:7c:e4:3d:32:ad:3d:
62:0f:5e:93:6f:b9:21:ba:e8:c3:48:13:e5:eb:ad:26:f0:9b:
4c:fe:76:8e:73:a2:be:01:b5:48:7c:11:7e:cc:47:4b:0c:0c:
17:65:54:ab:0e:79:6c:e5:75:67:52:ab:f7:26:97:36:3d:71:
6d:88:54:b9:ef:b1:00:42:56:64:88:db:0f:9c:be:25:e0:6e:
2b:df:c6:55:3a:89:af:92:1c:21:71:6e:22:ab:5a:b8:de:53:
a1:8d:84:0f:0e:55:43:08:45:0b:fd:4a:6f:fa:e4:89:55:a0:
8d:10:c0:3a:06:42:7c:f1:b8:7a:19:a7:61:cc:c0:b1:e2:f1:
14:d5:bd:ff:41:a5:50:f6:ac:a4:3f:ec:6a:6a:3e:7b:60:29:
f4:9d:c8:57:81:12:59:7b:0f:b2:2a:43:29:03:a5:eb:e7:e8:
cd:15:fe:53:07:e0:12:0a:35:29:e8:fe:7f:51:ae:19:98:d5:
89:9c:05:0a:ba:51:89:0f:1f:3c:8e:2a:eb:e7:93:0a:fd:c1:
f3:0e:ce:67:5b:f2:73:dc:e6:2e:db:2b:88:11:3b:07:d8:ff:
79:0c:6a:e1
-----BEGIN CERTIFICATE-----
MIIDnTCCAoWgAwIBAgIBATANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxJbnRl
cm1lZGlhdGUwHhcNMTUwMTAxMTIwMDAwWhcNMTYwMTAxMTIwMDAwWjARMQ8wDQYD
VQQDDAZUYXJnZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVnTuF
5YFpUnBnM0ordmrlYduv5TJ0hd1U0sd2Wlw42Eb8tDP1nY6Ag6sxlkHEwlKvjE0O
XGnFXcy0G+/eYViI4sS/ast0vfW9YVccIp9t6DjGcLgepStPNZ9l/ME2Fz7X+jMh
cPvgzqsjQT/8e3Qda7oht1v9oXcRGo1bKr44Lnmgty1FXNcy/Uxw8ZUcOKMVT1fz
dVn+dRQ56kQWuS4G32cw3VqxfpUJ/RLMh7Fm+n655bU4CkZzUxqyqhLjbZlW6MfM
62sAm8G6AiMrMr6b+Kuytb5Q9n+Vtmsc5q3xaVrgQR6FZJE3e5ooQ6XuMyWrgpcD
B5S40zSVvzPSFLFhAgMBAAGjgfkwgfYwHQYDVR0OBBYEFLP9tgirgoNQ5/CFURzM
eOUiUJFgMB8GA1UdIwQYMBaAFFuy2NwbYDm1axClcDeT5zz1UkbIMD8GCCsGAQUF
BwEBBDMwMTAvBggrBgEFBQcwAoYjaHR0cDovL3VybC1mb3ItYWlhL0ludGVybWVk
aWF0ZS5jZXIwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL3VybC1mb3ItY3JsL0lu
dGVybWVkaWF0ZS5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAOBgMqAwQBAf8EBAECAwQwDQYJKoZIhvcNAQELBQADggEB
ADkZBDHpIAMb6dORJZRoT40HFgjof5kBN1aN9BVrqHzkPTKtPWIPXpNvuSG66MNI
E+XrrSbwm0z+do5zor4BtUh8EX7MR0sMDBdlVKsOeWzldWdSq/cmlzY9cW2IVLnv
sQBCVmSI2w+cviXgbivfxlU6ia+SHCFxbiKrWrjeU6GNhA8OVUMIRQv9Sm/65IlV
oI0QwDoGQnzxuHoZp2HMwLHi8RTVvf9BpVD2rKQ/7GpqPntgKfSdyFeBEll7D7Iq
QykDpevn6M0V/lMH4BIKNSno/n9RrhmY1YmcBQq6UYkPHzyOKuvnkwr9wfMOzmdb
8nPc5i7bK4gROwfY/3kMauE=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b9:ec:7c:da:f2:c7:b4:02:ee:82:a9:58:98:60:
67:07:a2:c2:9d:2c:a1:76:50:f7:4a:0a:04:80:45:
7b:3d:f6:31:fe:1d:e9:45:40:76:1d:38:df:c9:e1:
42:df:13:7e:16:26:2b:41:14:6b:6e:5e:f3:39:4e:
61:9d:fd:5f:bf:2a:f9:b7:cf:3f:af:34:b1:17:ef:
97:1f:bf:3d:4c:0a:93:91:bd:ee:11:7a:64:ee:69:
22:75:60:8b:c3:10:cd:9e:91:8a:d8:54:c7:43:f4:
fb:88:db:09:7a:22:5d:26:58:ab:7d:d0:41:11:47:
10:62:ed:cc:e6:bb:d2:da:a4:7c:e9:0a:39:5b:9f:
93:b0:06:27:50:38:ea:63:e2:6b:a0:eb:c5:d3:7f:
87:71:d8:08:64:d5:87:0a:6e:59:99:d7:74:7c:da:
eb:30:68:9d:f8:09:31:c7:66:5f:9a:fb:2d:9b:f1:
c1:ff:cb:57:67:46:03:99:a3:4b:e0:bc:2b:17:f4:
0b:7b:61:3f:5e:cf:c9:41:9b:15:ee:f9:90:46:ad:
b4:a2:86:3f:87:3c:dd:7e:97:6f:97:30:88:f8:e6:
88:83:15:ad:77:6a:fd:1e:f1:ae:88:a2:f5:52:6d:
6e:d9:5d:5d:c1:1b:0a:49:10:f4:5a:e8:42:53:67:
d1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B2:D8:DC:1B:60:39:B5:6B:10:A5:70:37:93:E7:3C:F5:52:46:C8
X509v3 Authority Key Identifier:
keyid:50:25:07:BE:12:C8:A2:18:2F:32:21:59:CC:2B:5A:A7:4E:19:5D:55
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
12:72:ee:b6:62:1b:0d:70:52:a6:02:3c:13:2a:88:cf:cb:9a:
e2:07:5f:cf:3e:be:75:d3:f9:a6:23:47:ca:fb:88:87:bd:e1:
52:8e:8b:fe:e9:c1:7a:8c:30:91:c5:0c:fe:9d:31:fa:fc:c0:
d7:fe:7a:7a:18:6f:3c:67:50:b0:22:b2:09:48:ca:dc:d7:d3:
29:86:eb:f4:cf:e0:3e:6e:d1:88:fa:20:93:b3:05:4c:c6:29:
06:df:4a:8b:72:3e:c8:3c:2b:33:56:26:de:91:1a:11:bc:21:
7b:b8:b5:b6:7c:ca:0d:f7:d6:e8:b0:a8:99:e8:7a:2b:f0:c4:
78:e5:54:9e:3f:73:dc:85:41:97:11:36:45:73:b9:f2:49:8d:
d7:83:cf:b4:1a:ed:33:dc:0b:cd:7e:83:77:ce:aa:2f:0e:1f:
4d:e0:19:96:cd:74:79:de:18:8b:ad:9f:0c:96:20:14:63:5e:
e2:58:8e:4a:d8:fd:59:0d:a6:a4:02:85:ac:23:d4:43:b2:da:
2d:6b:87:79:9e:2e:1e:f4:d3:95:ef:3d:91:7a:f7:17:16:c7:
9f:1f:b7:42:7e:f4:fa:d9:81:18:26:23:03:1e:86:99:7d:28:
ef:a3:ac:be:bb:55:fa:38:62:3c:e6:6e:47:4b:f1:45:ef:de:
38:ea:c3:a3
-----BEGIN CERTIFICATE-----
MIIDbTCCAlWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowFzEVMBMGA1UEAwwMSW50
ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuex82vLH
tALugqlYmGBnB6LCnSyhdlD3SgoEgEV7PfYx/h3pRUB2HTjfyeFC3xN+FiYrQRRr
bl7zOU5hnf1fvyr5t88/rzSxF++XH789TAqTkb3uEXpk7mkidWCLwxDNnpGK2FTH
Q/T7iNsJeiJdJlirfdBBEUcQYu3M5rvS2qR86Qo5W5+TsAYnUDjqY+JroOvF03+H
cdgIZNWHCm5Zmdd0fNrrMGid+Akxx2Zfmvstm/HB/8tXZ0YDmaNL4LwrF/QLe2E/
Xs/JQZsV7vmQRq20ooY/hzzdfpdvlzCI+OaIgxWtd2r9HvGuiKL1Um1u2V1dwRsK
SRD0WuhCU2fRzQIDAQABo4HLMIHIMB0GA1UdDgQWBBRbstjcG2A5tWsQpXA3k+c8
9VJGyDAfBgNVHSMEGDAWgBRQJQe+EsiiGC8yIVnMK1qnThldVTA3BggrBgEFBQcB
AQQrMCkwJwYIKwYBBQUHMAKGG2h0dHA6Ly91cmwtZm9yLWFpYS9Sb290LmNlcjAs
BgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vdXJsLWZvci1jcmwvUm9vdC5jcmwwDgYD
VR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
ABJy7rZiGw1wUqYCPBMqiM/LmuIHX88+vnXT+aYjR8r7iIe94VKOi/7pwXqMMJHF
DP6dMfr8wNf+enoYbzxnULAisglIytzX0ymG6/TP4D5u0Yj6IJOzBUzGKQbfSoty
Psg8KzNWJt6RGhG8IXu4tbZ8yg331uiwqJnoeivwxHjlVJ4/c9yFQZcRNkVzufJJ
jdeDz7Qa7TPcC81+g3fOqi8OH03gGZbNdHneGIutnwyWIBRjXuJYjkrY/VkNpqQC
hawj1EOy2i1rh3meLh7005XvPZF69xcWx58ft0J+9PrZgRgmIwMehpl9KO+jrL67
Vfo4YjzmbkdL8UXv3jjqw6M=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Jan 1 12:00:00 2015 GMT
Not After : Jan 1 12:00:00 2016 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a9:09:72:27:8b:f5:e4:bb:33:ee:14:1d:da:11:
7c:b1:f1:53:3a:a3:77:3f:b2:f5:1f:b6:23:a3:69:
f8:9d:52:97:4c:92:af:07:46:c5:82:3f:97:a5:b2:
fc:e0:b3:3e:29:53:e5:75:07:04:30:7b:bb:55:a3:
af:ec:c3:bd:a0:c5:f1:58:4b:a8:5a:77:49:c7:fc:
a2:13:97:5c:3a:95:58:9b:95:4c:a0:18:b3:3a:18:
1d:fe:5f:c1:c7:9b:d3:9a:0d:f3:4c:a6:3d:28:21:
50:9d:ae:90:ae:aa:96:23:d6:4f:9b:ec:ff:59:67:
0a:ff:8a:89:df:bc:99:ff:f6:75:b5:da:c7:79:d8:
54:c8:f3:96:3a:c6:e9:60:0c:ee:9e:52:e1:e9:5f:
58:1e:29:a3:1a:c3:4f:91:8c:2e:85:33:87:f0:c7:
c6:74:91:cc:fb:dd:ca:1e:71:6f:e2:c1:41:bc:ef:
e8:7f:48:07:a9:5c:aa:21:60:43:fd:3e:98:8b:4c:
8d:95:55:48:3b:35:1a:2a:f4:e3:ef:85:01:11:c4:
f4:a3:15:e3:68:df:bb:94:f9:26:10:35:83:96:83:
00:ce:cf:71:d4:e9:01:18:80:c2:dd:f0:9d:52:f6:
fa:11:de:a1:7f:79:d9:13:a6:eb:33:3e:04:57:b6:
75:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:25:07:BE:12:C8:A2:18:2F:32:21:59:CC:2B:5A:A7:4E:19:5D:55
X509v3 Authority Key Identifier:
keyid:50:25:07:BE:12:C8:A2:18:2F:32:21:59:CC:2B:5A:A7:4E:19:5D:55
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
3d:e1:85:32:4c:43:1e:f2:0d:ff:d3:ec:90:97:7d:8f:9c:16:
b1:6e:cb:55:f1:4f:d9:46:1c:c8:d7:3c:3e:8c:2c:8a:21:b8:
38:a4:a9:a8:ac:69:51:32:3c:99:57:f8:73:2a:56:4a:ba:6e:
6a:a8:89:f0:03:14:d2:7f:d2:22:55:84:47:e7:05:9c:3b:72:
5d:39:02:b0:fc:68:90:14:02:12:d8:9b:85:1c:cf:77:92:c7:
73:80:38:e4:f4:f9:72:b7:dd:ca:0f:3d:f2:1c:6a:82:1f:21:
90:d3:e3:77:e5:ee:e9:0e:23:9e:69:f6:29:38:51:4f:e9:73:
7d:3d:32:54:b2:96:04:9b:62:36:99:8b:ea:9c:3f:87:7f:5e:
e8:ed:28:c8:15:ac:59:f8:f5:d9:3b:b3:fd:d4:a9:e4:55:1b:
07:ee:d9:18:77:d4:68:8d:b0:ce:a3:60:fe:60:2c:ca:b4:2f:
08:8a:19:1a:fc:a3:6b:1b:b4:72:28:7a:63:cc:cc:cd:18:ae:
99:86:4d:67:12:48:a6:33:f3:19:ce:fa:5a:a5:d7:0d:4d:50:
c6:1f:f2:d9:e6:41:d6:29:4a:a6:3c:ff:80:4f:e6:e8:90:f5:
ab:cb:bf:93:3b:90:da:e6:fb:d5:59:c3:9f:ec:91:bf:3e:0a:
a3:23:ef:ee
-----BEGIN TRUST_ANCHOR_UNCONSTRAINED-----
MIIDZTCCAk2gAwIBAgIBATANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290
MB4XDTE1MDEwMTEyMDAwMFoXDTE2MDEwMTEyMDAwMFowDzENMAsGA1UEAwwEUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkJcieL9eS7M+4UHdoR
fLHxUzqjdz+y9R+2I6Np+J1Sl0ySrwdGxYI/l6Wy/OCzPilT5XUHBDB7u1Wjr+zD
vaDF8VhLqFp3Scf8ohOXXDqVWJuVTKAYszoYHf5fwceb05oN80ymPSghUJ2ukK6q
liPWT5vs/1lnCv+Kid+8mf/2dbXax3nYVMjzljrG6WAM7p5S4elfWB4poxrDT5GM
LoUzh/DHxnSRzPvdyh5xb+LBQbzv6H9IB6lcqiFgQ/0+mItMjZVVSDs1Gir04++F
ARHE9KMV42jfu5T5JhA1g5aDAM7PcdTpARiAwt3wnVL2+hHeoX952ROm6zM+BFe2
dbkCAwEAAaOByzCByDAdBgNVHQ4EFgQUUCUHvhLIohgvMiFZzCtap04ZXVUwHwYD
VR0jBBgwFoAUUCUHvhLIohgvMiFZzCtap04ZXVUwNwYIKwYBBQUHAQEEKzApMCcG
CCsGAQUFBzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUw
IzAhoB+gHYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQE
AwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQA94YUyTEMe
8g3/0+yQl32PnBaxbstV8U/ZRhzI1zw+jCyKIbg4pKmorGlRMjyZV/hzKlZKum5q
qInwAxTSf9IiVYRH5wWcO3JdOQKw/GiQFAIS2JuFHM93ksdzgDjk9Plyt93KDz3y
HGqCHyGQ0+N35e7pDiOeafYpOFFP6XN9PTJUspYEm2I2mYvqnD+Hf17o7SjIFaxZ
+PXZO7P91KnkVRsH7tkYd9RojbDOo2D+YCzKtC8Iihka/KNrG7RyKHpjzMzNGK6Z
hk1nEkimM/MZzvpapdcNTVDGH/LZ5kHWKUqmPP+AT+bokPWry7+TO5Da5vvVWcOf
7JG/PgqjI+/u
-----END TRUST_ANCHOR_UNCONSTRAINED-----
150302120000Z
-----BEGIN TIME-----
MTUwMzAyMTIwMDAwWg==
-----END TIME-----
FAIL
-----BEGIN VERIFY_RESULT-----
RkFJTA==
-----END VERIFY_RESULT-----
[Context] Processing Certificate
index: 1
[Error] Unconsumed critical extension
oid: 2A0304
value: 01020304
-----BEGIN ERRORS-----
W0NvbnRleHRdIFByb2Nlc3NpbmcgQ2VydGlmaWNhdGUKICBpbmRleDogMQogICAgICBbRXJyb3JdIFVuY29uc3VtZWQgY3JpdGljYWwgZXh0ZW5zaW9uCiAgICAgICAgb2lkOiAyQTAzMDQKICAgICAgICB2YWx1ZTogMDEwMjAzMDQK
-----END ERRORS-----