diff --git a/certs/renewcerts/wolfssl.cnf b/certs/renewcerts/wolfssl.cnf index 1ad47d9c9..da9752c5b 100644 --- a/certs/renewcerts/wolfssl.cnf +++ b/certs/renewcerts/wolfssl.cnf @@ -125,6 +125,13 @@ subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:true +#wolfssl extensions for intermediate CAs +[wolfssl_opts_ICA] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true +keyUsage=keyCertSign, cRLSign + # CA with pathlen 0 [ pathlen_0 ] subjectKeyIdentifier=hash diff --git a/certs/test-pathlen/assemble-chains.sh b/certs/test-pathlen/assemble-chains.sh index 41bf2b287..8f8a067da 100755 --- a/certs/test-pathlen/assemble-chains.sh +++ b/certs/test-pathlen/assemble-chains.sh @@ -24,20 +24,37 @@ create_an_intermediate(){ pathLen="$3" signer="$4" signerKey="$5" -echo "pathLen = $3, $pathLen" - echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + echo "pathLen = $3, $pathLen" echo "" #pipe the following arguments to openssl req... - echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem - check_result $? "Step 1" - openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha1 > "$chainID-$icaNum-pathlen$pathLen.pem" - check_result $? "Step 2" + if [ "$pathLen" = "no_pathlen" ]; then + echo "Updating $chainID-$icaNum-$pathLen.pem" - rm temp-req.pem - openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem - check_result $? "Step 3" - mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem + check_result $? "Step 1" + + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions wolfssl_opts_ICA -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha256 > "$chainID-$icaNum-$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-$pathLen.pem" + else + echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem + check_result $? "Step 1" + + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha256 > "$chainID-$icaNum-pathlen$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + fi echo "End of Section" echo "-------------------------------------------------------------------------" } @@ -58,10 +75,10 @@ create_an_entity(){ echo "Updating $chainID-entity.pem" echo "" #pipe the following arguments to openssl req... - echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem check_result $? "Step 1" - openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha1 > "$chainID"-entity.pem + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha256 > "$chainID"-entity.pem check_result $? "Step 2" rm temp-req.pem @@ -112,6 +129,18 @@ create_an_intermediate "chainH" "ICA2" "2" "chainH-ICA3-pathlen2.pem" "chainH-IC create_an_intermediate "chainH" "ICA1" "0" "chainH-ICA2-pathlen2.pem" "chainH-ICA2-key.pem" create_an_entity "chainH" "chainH-ICA1-pathlen0.pem" "chainH-ICA1-key.pem" +# Success, PathLen of 2 followed by 2 Intermediates with no pathLen set +create_an_intermediate "chainI" "ICA3" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainI" "ICA2" "no_pathlen" "chainI-ICA3-pathlen2.pem" "chainI-ICA3-key.pem" +create_an_intermediate "chainI" "ICA1" "no_pathlen" "chainI-ICA2-no_pathlen.pem" "chainI-ICA2-key.pem" +create_an_entity "chainI" "chainI-ICA1-no_pathlen.pem" "chainI-ICA1-key.pem" + +# Fail: PathLen of 2 followed by 3 Intermediates with no pathLen set +create_an_intermediate "chainJ" "ICA4" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainJ" "ICA3" "no_pathlen" "chainJ-ICA4-pathlen2.pem" "chainJ-ICA4-key.pem" +create_an_intermediate "chainJ" "ICA2" "no_pathlen" "chainJ-ICA3-no_pathlen.pem" "chainJ-ICA3-key.pem" +create_an_intermediate "chainJ" "ICA1" "no_pathlen" "chainJ-ICA2-no_pathlen.pem" "chainJ-ICA2-key.pem" +create_an_entity "chainJ" "chainJ-ICA1-no_pathlen.pem" "chainJ-ICA1-key.pem" ########################################################### ########## Assemble Chains ################ @@ -157,3 +186,14 @@ cat chainG-ICA6-pathlen10.pem chainG-ICA7-pathlen100.pem >> chainG-assembled.pem cat chainH-entity.pem chainH-ICA1-pathlen0.pem > chainH-assembled.pem cat chainH-ICA2-pathlen2.pem chainH-ICA3-pathlen2.pem >> chainH-assembled.pem cat chainH-ICA4-pathlen2.pem >> chainH-assembled.pem + +# Fail: +cat chainI-entity.pem chainI-ICA1-no_pathlen.pem > chainI-assembled.pem +cat chainI-ICA2-no_pathlen.pem chainI-ICA3-pathlen2.pem >> chainI-assembled.pem + +# Fail: PathLen of 2, signing PathLen of 2, signing Pathlen of 2, signing PathLen 0 +# max_path_len = 2, max_path_len -= 1 (1), max_path_len -= 1 (0), max-path_len 0, non-entity cert. +cat chainJ-entity.pem chainJ-ICA1-no_pathlen.pem > chainJ-assembled.pem +cat chainJ-ICA2-no_pathlen.pem chainJ-ICA3-no_pathlen.pem >> chainJ-assembled.pem +cat chainJ-ICA4-pathlen2.pem >> chainJ-assembled.pem + diff --git a/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/certs/test-pathlen/chainA-ICA1-pathlen0.pem index 183b27324..f4e62b953 100644 --- a/certs/test-pathlen/chainA-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainA-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:41 2019 GMT - Not After : Jul 6 21:32:41 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: - be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: - de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: - df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: - c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: - 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: - 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: - 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: - fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: - f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: - e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: - 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: - e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: - 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: - fd:7f:af:c2 + Signature Algorithm: sha256WithRSAEncryption + 2a:15:34:be:88:ed:0b:5d:97:b4:c0:9e:f7:45:a2:ba:bb:a0: + 7f:a0:b3:93:15:79:38:27:36:25:91:5d:73:10:bb:d0:f9:f3: + e9:5f:98:c6:9b:6b:da:08:60:48:3e:26:17:2b:ae:22:08:ac: + 10:ed:a1:28:65:96:7f:94:75:c8:da:6c:c9:f6:4c:4c:b1:a3: + 45:4b:74:c7:de:49:f6:c1:1c:2c:eb:41:3c:2d:56:52:75:5b: + 7c:13:c0:dc:41:34:02:c0:e5:5e:79:71:65:ac:d1:f3:36:f7: + 55:d5:13:8f:0a:42:49:d9:fc:7f:5c:a4:cb:ad:7b:72:2f:98: + e2:56:92:9e:11:1a:b2:9d:5b:b9:2c:14:1e:51:f5:c5:b7:2c: + c2:39:52:90:0f:4e:04:5e:59:23:6f:d8:f9:75:2b:54:b0:6e: + 98:0a:54:3a:45:fd:9a:63:31:ce:a3:a8:ae:7b:be:03:81:a5: + 18:d3:00:51:a4:29:d4:f7:8d:53:31:72:85:80:c0:62:71:06: + 2b:07:b6:0a:b2:12:cf:2b:bd:99:34:6b:5e:ea:94:0c:1a:e8: + 2b:ee:e5:d6:3d:cb:7a:f6:f8:6e:e4:e2:f4:25:07:13:11:b1: + 18:b3:75:29:40:dc:bc:31:57:37:71:7c:09:bb:74:1c:9e:b4: + 3e:1d:47:20 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 -RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG -1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p -AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX -Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 -fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAqFTS+iO0LXZe0wJ73RaK6u6B/oLOTFXk4JzYlkV1zELvQ+fPpX5jGm2va +CGBIPiYXK64iCKwQ7aEoZZZ/lHXI2mzJ9kxMsaNFS3TH3kn2wRws60E8LVZSdVt8 +E8DcQTQCwOVeeXFlrNHzNvdV1ROPCkJJ2fx/XKTLrXtyL5jiVpKeERqynVu5LBQe +UfXFtyzCOVKQD04EXlkjb9j5dStUsG6YClQ6Rf2aYzHOo6iue74DgaUY0wBRpCnU +941TMXKFgMBicQYrB7YKshLPK72ZNGte6pQMGugr7uXWPct69vhu5OL0JQcTEbEY +s3UpQNy8MVc3cXwJu3QcnrQ+HUcg -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-assembled.pem b/certs/test-pathlen/chainA-assembled.pem index d02e53a49..0661644ff 100644 --- a/certs/test-pathlen/chainA-assembled.pem +++ b/certs/test-pathlen/chainA-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: - de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: - b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: - 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: - b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: - 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: - 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: - a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: - ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: - fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: - 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: - 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: - 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: - 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: - 5b:44:0b:a0 + Signature Algorithm: sha256WithRSAEncryption + 72:8d:c5:a7:a8:d5:4a:bc:d9:72:ef:46:79:53:5c:e8:32:10: + f5:29:ee:b0:6c:ef:68:80:a3:f6:0f:fe:ba:73:ce:a9:c4:93: + 01:ba:78:eb:a9:4a:f3:32:e2:4c:74:6c:f7:23:c9:70:44:a1: + d1:f7:59:d7:fd:34:12:ab:81:91:16:20:60:59:dd:ff:d5:6f: + 1f:d6:25:d9:95:85:7f:9d:dc:18:49:39:44:43:03:03:98:db: + 2e:03:a8:88:27:13:d2:a5:52:0e:15:a0:e5:5d:15:81:2b:3d: + 1c:cb:41:58:46:d3:4f:37:be:ae:45:eb:7d:9c:52:91:50:98: + a5:c1:e6:7b:1a:60:e0:d6:61:7e:88:19:b7:ec:8a:33:07:24: + 04:9f:78:89:50:97:9c:a4:1e:15:fc:ef:bf:29:4d:c3:8c:19: + d7:59:68:30:d2:08:d8:80:d8:7e:32:31:2b:ee:cf:7f:b4:47: + a4:bb:7d:cf:b6:64:9d:55:5c:e9:44:0a:43:ed:3b:c2:ae:1d: + 34:1c:bf:7e:5b:91:8c:26:76:fb:68:d9:3e:6b:68:22:ae:60: + 56:d3:4e:f3:b7:d1:de:da:47:03:2e:22:74:85:ea:52:de:22: + fd:90:55:21:8d:b2:e4:35:c3:15:44:f6:1a:01:3c:0a:56:f8: + 89:98:59:4a -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,22 +77,22 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B -3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH -6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko -eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 -/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 -WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAco3Fp6jVSrzZcu9GeVNc6DIQ +9SnusGzvaICj9g/+unPOqcSTAbp466lK8zLiTHRs9yPJcESh0fdZ1/00EquBkRYg +YFnd/9VvH9Yl2ZWFf53cGEk5REMDA5jbLgOoiCcT0qVSDhWg5V0VgSs9HMtBWEbT +Tze+rkXrfZxSkVCYpcHmexpg4NZhfogZt+yKMwckBJ94iVCXnKQeFfzvvylNw4wZ +11loMNII2IDYfjIxK+7Pf7RHpLt9z7ZknVVc6UQKQ+07wq4dNBy/fluRjCZ2+2jZ +PmtoIq5gVtNO87fR3tpHAy4idIXqUt4i/ZBVIY2y5DXDFUT2GgE8Clb4iZhZSg== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:41 2019 GMT - Not After : Jul 6 21:32:41 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: - be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: - de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: - df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: - c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: - 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: - 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: - 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: - fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: - f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: - e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: - 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: - e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: - 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: - fd:7f:af:c2 + Signature Algorithm: sha256WithRSAEncryption + 2a:15:34:be:88:ed:0b:5d:97:b4:c0:9e:f7:45:a2:ba:bb:a0: + 7f:a0:b3:93:15:79:38:27:36:25:91:5d:73:10:bb:d0:f9:f3: + e9:5f:98:c6:9b:6b:da:08:60:48:3e:26:17:2b:ae:22:08:ac: + 10:ed:a1:28:65:96:7f:94:75:c8:da:6c:c9:f6:4c:4c:b1:a3: + 45:4b:74:c7:de:49:f6:c1:1c:2c:eb:41:3c:2d:56:52:75:5b: + 7c:13:c0:dc:41:34:02:c0:e5:5e:79:71:65:ac:d1:f3:36:f7: + 55:d5:13:8f:0a:42:49:d9:fc:7f:5c:a4:cb:ad:7b:72:2f:98: + e2:56:92:9e:11:1a:b2:9d:5b:b9:2c:14:1e:51:f5:c5:b7:2c: + c2:39:52:90:0f:4e:04:5e:59:23:6f:d8:f9:75:2b:54:b0:6e: + 98:0a:54:3a:45:fd:9a:63:31:ce:a3:a8:ae:7b:be:03:81:a5: + 18:d3:00:51:a4:29:d4:f7:8d:53:31:72:85:80:c0:62:71:06: + 2b:07:b6:0a:b2:12:cf:2b:bd:99:34:6b:5e:ea:94:0c:1a:e8: + 2b:ee:e5:d6:3d:cb:7a:f6:f8:6e:e4:e2:f4:25:07:13:11:b1: + 18:b3:75:29:40:dc:bc:31:57:37:71:7c:09:bb:74:1c:9e:b4: + 3e:1d:47:20 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -165,11 +165,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 -RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG -1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p -AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX -Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 -fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAqFTS+iO0LXZe0wJ73RaK6u6B/oLOTFXk4JzYlkV1zELvQ+fPpX5jGm2va +CGBIPiYXK64iCKwQ7aEoZZZ/lHXI2mzJ9kxMsaNFS3TH3kn2wRws60E8LVZSdVt8 +E8DcQTQCwOVeeXFlrNHzNvdV1ROPCkJJ2fx/XKTLrXtyL5jiVpKeERqynVu5LBQe +UfXFtyzCOVKQD04EXlkjb9j5dStUsG6YClQ6Rf2aYzHOo6iue74DgaUY0wBRpCnU +941TMXKFgMBicQYrB7YKshLPK72ZNGte6pQMGugr7uXWPct69vhu5OL0JQcTEbEY +s3UpQNy8MVc3cXwJu3QcnrQ+HUcg -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-entity.pem b/certs/test-pathlen/chainA-entity.pem index 855d8c4bd..277c4a644 100644 --- a/certs/test-pathlen/chainA-entity.pem +++ b/certs/test-pathlen/chainA-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: - de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: - b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: - 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: - b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: - 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: - 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: - a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: - ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: - fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: - 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: - 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: - 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: - 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: - 5b:44:0b:a0 + Signature Algorithm: sha256WithRSAEncryption + 72:8d:c5:a7:a8:d5:4a:bc:d9:72:ef:46:79:53:5c:e8:32:10: + f5:29:ee:b0:6c:ef:68:80:a3:f6:0f:fe:ba:73:ce:a9:c4:93: + 01:ba:78:eb:a9:4a:f3:32:e2:4c:74:6c:f7:23:c9:70:44:a1: + d1:f7:59:d7:fd:34:12:ab:81:91:16:20:60:59:dd:ff:d5:6f: + 1f:d6:25:d9:95:85:7f:9d:dc:18:49:39:44:43:03:03:98:db: + 2e:03:a8:88:27:13:d2:a5:52:0e:15:a0:e5:5d:15:81:2b:3d: + 1c:cb:41:58:46:d3:4f:37:be:ae:45:eb:7d:9c:52:91:50:98: + a5:c1:e6:7b:1a:60:e0:d6:61:7e:88:19:b7:ec:8a:33:07:24: + 04:9f:78:89:50:97:9c:a4:1e:15:fc:ef:bf:29:4d:c3:8c:19: + d7:59:68:30:d2:08:d8:80:d8:7e:32:31:2b:ee:cf:7f:b4:47: + a4:bb:7d:cf:b6:64:9d:55:5c:e9:44:0a:43:ed:3b:c2:ae:1d: + 34:1c:bf:7e:5b:91:8c:26:76:fb:68:d9:3e:6b:68:22:ae:60: + 56:d3:4e:f3:b7:d1:de:da:47:03:2e:22:74:85:ea:52:de:22: + fd:90:55:21:8d:b2:e4:35:c3:15:44:f6:1a:01:3c:0a:56:f8: + 89:98:59:4a -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B -3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH -6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko -eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 -/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 -WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAco3Fp6jVSrzZcu9GeVNc6DIQ +9SnusGzvaICj9g/+unPOqcSTAbp466lK8zLiTHRs9yPJcESh0fdZ1/00EquBkRYg +YFnd/9VvH9Yl2ZWFf53cGEk5REMDA5jbLgOoiCcT0qVSDhWg5V0VgSs9HMtBWEbT +Tze+rkXrfZxSkVCYpcHmexpg4NZhfogZt+yKMwckBJ94iVCXnKQeFfzvvylNw4wZ +11loMNII2IDYfjIxK+7Pf7RHpLt9z7ZknVVc6UQKQ+07wq4dNBy/fluRjCZ2+2jZ +PmtoIq5gVtNO87fR3tpHAy4idIXqUt4i/ZBVIY2y5DXDFUT2GgE8Clb4iZhZSg== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/certs/test-pathlen/chainB-ICA1-pathlen0.pem index 7f180ba4e..138560784 100644 --- a/certs/test-pathlen/chainB-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainB-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: - 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: - b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: - 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: - 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: - 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: - cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: - 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: - c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: - bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: - 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: - dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: - af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: - f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: - d8:0d:95:d4 + Signature Algorithm: sha256WithRSAEncryption + cd:0b:7e:66:b9:1d:a8:14:81:a8:e0:b3:74:d9:79:8a:c1:e5: + 15:cf:6a:a7:a3:ca:d2:ad:f8:f6:9f:c2:be:67:ee:cf:9a:3c: + 1c:a3:c4:db:2b:c8:a9:b1:55:94:a1:9e:e3:c2:6c:3a:95:90: + 7e:8f:29:56:c6:99:d2:e5:3b:8f:f3:9a:11:4a:97:22:07:d9: + e2:e5:f8:3e:0f:08:50:43:ea:66:13:6c:20:2e:71:95:10:07: + 88:89:2d:30:9c:96:b1:7e:42:5f:63:c3:8b:71:c6:1d:00:ee: + 83:d7:80:1b:fa:f4:fe:f5:b1:29:f8:c1:ca:1d:89:9b:7c:2a: + 84:00:e4:f5:04:2d:35:be:12:c1:fa:78:cb:bc:c9:04:8a:bf: + 87:57:99:3a:9f:0a:88:a5:e8:94:db:2b:8f:ba:5f:b4:75:7f: + ac:56:75:b4:db:7f:57:24:17:cb:89:f8:cb:8b:c4:b2:44:4a: + d9:57:82:fb:ce:0c:84:e2:2b:a5:f2:90:63:aa:b3:c5:e1:00: + 22:60:8f:23:1f:a8:97:4b:49:f7:f7:cb:92:f7:94:80:52:5b: + 8d:4a:c1:f1:d1:3e:9f:28:96:61:af:8e:72:8d:b6:9e:14:ed: + 14:db:ea:f0:fc:50:39:ca:c8:ab:1e:49:c3:9e:97:0a:d7:1c: + 6f:b2:17:9a -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr -S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 -8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ -K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I -S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 -NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +AQELBQADggEBAM0Lfma5HagUgajgs3TZeYrB5RXPaqejytKt+Pafwr5n7s+aPByj +xNsryKmxVZShnuPCbDqVkH6PKVbGmdLlO4/zmhFKlyIH2eLl+D4PCFBD6mYTbCAu +cZUQB4iJLTCclrF+Ql9jw4txxh0A7oPXgBv69P71sSn4wcodiZt8KoQA5PUELTW+ +EsH6eMu8yQSKv4dXmTqfCoil6JTbK4+6X7R1f6xWdbTbf1ckF8uJ+MuLxLJEStlX +gvvODITiK6XykGOqs8XhACJgjyMfqJdLSff3y5L3lIBSW41KwfHRPp8olmGvjnKN +tp4U7RTb6vD8UDnKyKseScOelwrXHG+yF5o= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/certs/test-pathlen/chainB-ICA2-pathlen1.pem index 2f1eea71c..5197a077d 100644 --- a/certs/test-pathlen/chainB-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainB-ICA2-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: - 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: - 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: - 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: - 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: - e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: - 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: - aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: - d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: - 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: - 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: - 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: - 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: - eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: - 2c:b1:c1:34 + Signature Algorithm: sha256WithRSAEncryption + ab:c7:2b:9d:15:73:97:47:e0:88:32:9d:10:71:81:53:62:97: + dc:c4:72:73:49:3e:50:50:10:03:1e:22:58:82:e0:b3:da:ca: + 89:92:70:c8:54:0d:8e:a6:44:a0:26:5d:5d:52:d2:fb:63:e4: + 13:7e:30:9a:13:25:4e:c8:34:a1:c9:e6:69:24:64:98:e3:88: + 9c:86:18:62:53:70:ae:f0:d9:ed:f3:0c:e8:ec:5b:e5:27:85: + 16:d0:b0:f6:bd:5d:9a:62:41:26:25:31:88:70:fe:25:97:48: + f1:e6:21:1c:78:f7:68:03:59:21:db:f1:c5:92:96:24:b8:23: + fc:ab:52:95:70:6a:52:16:4d:fc:36:6b:5f:58:4f:3f:c9:f4: + e7:6e:52:41:42:99:41:07:c2:75:74:db:c2:49:84:7c:3f:c1: + ac:bd:d4:d5:8f:d0:73:95:18:8a:5d:f0:8d:dd:2d:f0:b7:61: + 8d:8a:ef:14:9f:fd:30:ba:10:e8:57:d3:1b:8e:2d:9b:74:b3: + 63:0d:0e:8c:f9:a2:f7:42:c8:e6:5e:83:6f:0f:9a:85:3b:6e: + 66:48:b9:a7:a8:fc:da:19:47:0c:90:26:0d:ce:15:fe:6a:1e: + 47:5a:49:f8:76:0f:3a:a8:68:cd:a6:38:4c:a6:ca:b2:b0:9b: + c7:46:43:cd -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ -CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg -YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW -6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R -kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr -sJQyRfcOsjskBVJ/iUhPJeIsscE0 +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQCrxyudFXOXR+CIMp0QcYFTYpfcxHJzST5QUBADHiJYguCz2sqJknDIVA2O +pkSgJl1dUtL7Y+QTfjCaEyVOyDShyeZpJGSY44ichhhiU3Cu8Nnt8wzo7FvlJ4UW +0LD2vV2aYkEmJTGIcP4ll0jx5iEcePdoA1kh2/HFkpYkuCP8q1KVcGpSFk38Nmtf +WE8/yfTnblJBQplBB8J1dNvCSYR8P8GsvdTVj9BzlRiKXfCN3S3wt2GNiu8Un/0w +uhDoV9Mbji2bdLNjDQ6M+aL3QsjmXoNvD5qFO25mSLmnqPzaGUcMkCYNzhX+ah5H +Wkn4dg86qGjNpjhMpsqysJvHRkPN -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-assembled.pem b/certs/test-pathlen/chainB-assembled.pem index 310d83f88..7f83c5f55 100644 --- a/certs/test-pathlen/chainB-assembled.pem +++ b/certs/test-pathlen/chainB-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: - 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: - 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: - b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: - 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: - 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: - 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: - ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: - ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: - fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: - d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: - d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: - 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: - 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: - a5:75:99:ad + Signature Algorithm: sha256WithRSAEncryption + 1f:ee:5c:85:ed:4e:3b:39:6b:29:a2:ef:65:b9:f3:c7:47:85: + 8e:79:a0:35:1b:aa:0e:98:67:a8:df:03:9c:2b:81:24:ed:cb: + cc:c0:42:49:76:bf:78:7b:b9:39:ca:f6:06:35:76:dd:e3:59: + c5:70:3b:b3:cf:62:0a:09:1d:07:90:96:c4:0e:0a:38:97:f7: + 31:1d:ad:44:f9:03:f9:30:22:b6:68:01:00:38:23:3d:f6:e7: + 71:5a:e4:d4:59:52:4f:80:86:ec:8f:ca:92:1d:9b:07:93:fe: + 34:22:ac:9a:a2:aa:9e:fe:f5:7b:99:fd:72:32:40:98:88:d8: + 42:1d:33:59:4c:38:2e:97:f2:9d:a2:fc:b7:33:cd:84:c1:c6: + ef:f5:c5:d9:be:32:ba:44:66:06:62:5c:55:31:38:b4:25:1a: + 6a:64:de:14:39:b4:38:74:1b:d7:c4:ec:81:fc:3a:13:4b:e1: + d1:b1:5f:3c:8e:25:bc:63:7f:30:78:04:4e:79:3a:83:97:52: + f6:00:6a:9e:d8:b5:c6:06:21:97:4a:98:ee:cf:e8:83:94:23: + 11:6c:00:d7:e9:35:1f:89:77:85:9a:d7:8f:29:90:c6:61:14: + e5:7d:55:5b:66:65:60:44:79:8a:1b:58:88:b9:0f:5f:a6:5f: + 7a:ca:6b:0c -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 -7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 -RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO -oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa -EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU -zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu -xBu8E79NhaV1ma0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAB/uXIXt +Tjs5aymi72W588dHhY55oDUbqg6YZ6jfA5wrgSTty8zAQkl2v3h7uTnK9gY1dt3j +WcVwO7PPYgoJHQeQlsQOCjiX9zEdrUT5A/kwIrZoAQA4Iz3253Fa5NRZUk+AhuyP +ypIdmweT/jQirJqiqp7+9XuZ/XIyQJiI2EIdM1lMOC6X8p2i/LczzYTBxu/1xdm+ +MrpEZgZiXFUxOLQlGmpk3hQ5tDh0G9fE7IH8OhNL4dGxXzyOJbxjfzB4BE55OoOX +UvYAap7YtcYGIZdKmO7P6IOUIxFsANfpNR+Jd4Wa148pkMZhFOV9VVtmZWBEeYob +WIi5D1+mX3rKaww= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: - 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: - b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: - 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: - 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: - 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: - cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: - 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: - c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: - bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: - 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: - dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: - af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: - f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: - d8:0d:95:d4 + Signature Algorithm: sha256WithRSAEncryption + cd:0b:7e:66:b9:1d:a8:14:81:a8:e0:b3:74:d9:79:8a:c1:e5: + 15:cf:6a:a7:a3:ca:d2:ad:f8:f6:9f:c2:be:67:ee:cf:9a:3c: + 1c:a3:c4:db:2b:c8:a9:b1:55:94:a1:9e:e3:c2:6c:3a:95:90: + 7e:8f:29:56:c6:99:d2:e5:3b:8f:f3:9a:11:4a:97:22:07:d9: + e2:e5:f8:3e:0f:08:50:43:ea:66:13:6c:20:2e:71:95:10:07: + 88:89:2d:30:9c:96:b1:7e:42:5f:63:c3:8b:71:c6:1d:00:ee: + 83:d7:80:1b:fa:f4:fe:f5:b1:29:f8:c1:ca:1d:89:9b:7c:2a: + 84:00:e4:f5:04:2d:35:be:12:c1:fa:78:cb:bc:c9:04:8a:bf: + 87:57:99:3a:9f:0a:88:a5:e8:94:db:2b:8f:ba:5f:b4:75:7f: + ac:56:75:b4:db:7f:57:24:17:cb:89:f8:cb:8b:c4:b2:44:4a: + d9:57:82:fb:ce:0c:84:e2:2b:a5:f2:90:63:aa:b3:c5:e1:00: + 22:60:8f:23:1f:a8:97:4b:49:f7:f7:cb:92:f7:94:80:52:5b: + 8d:4a:c1:f1:d1:3e:9f:28:96:61:af:8e:72:8d:b6:9e:14:ed: + 14:db:ea:f0:fc:50:39:ca:c8:ab:1e:49:c3:9e:97:0a:d7:1c: + 6f:b2:17:9a -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr -S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 -8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ -K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I -S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 -NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +AQELBQADggEBAM0Lfma5HagUgajgs3TZeYrB5RXPaqejytKt+Pafwr5n7s+aPByj +xNsryKmxVZShnuPCbDqVkH6PKVbGmdLlO4/zmhFKlyIH2eLl+D4PCFBD6mYTbCAu +cZUQB4iJLTCclrF+Ql9jw4txxh0A7oPXgBv69P71sSn4wcodiZt8KoQA5PUELTW+ +EsH6eMu8yQSKv4dXmTqfCoil6JTbK4+6X7R1f6xWdbTbf1ckF8uJ+MuLxLJEStlX +gvvODITiK6XykGOqs8XhACJgjyMfqJdLSff3y5L3lIBSW41KwfHRPp8olmGvjnKN +tp4U7RTb6vD8UDnKyKseScOelwrXHG+yF5o= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: - 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: - 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: - 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: - 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: - e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: - 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: - aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: - d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: - 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: - 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: - 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: - 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: - eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: - 2c:b1:c1:34 + Signature Algorithm: sha256WithRSAEncryption + ab:c7:2b:9d:15:73:97:47:e0:88:32:9d:10:71:81:53:62:97: + dc:c4:72:73:49:3e:50:50:10:03:1e:22:58:82:e0:b3:da:ca: + 89:92:70:c8:54:0d:8e:a6:44:a0:26:5d:5d:52:d2:fb:63:e4: + 13:7e:30:9a:13:25:4e:c8:34:a1:c9:e6:69:24:64:98:e3:88: + 9c:86:18:62:53:70:ae:f0:d9:ed:f3:0c:e8:ec:5b:e5:27:85: + 16:d0:b0:f6:bd:5d:9a:62:41:26:25:31:88:70:fe:25:97:48: + f1:e6:21:1c:78:f7:68:03:59:21:db:f1:c5:92:96:24:b8:23: + fc:ab:52:95:70:6a:52:16:4d:fc:36:6b:5f:58:4f:3f:c9:f4: + e7:6e:52:41:42:99:41:07:c2:75:74:db:c2:49:84:7c:3f:c1: + ac:bd:d4:d5:8f:d0:73:95:18:8a:5d:f0:8d:dd:2d:f0:b7:61: + 8d:8a:ef:14:9f:fd:30:ba:10:e8:57:d3:1b:8e:2d:9b:74:b3: + 63:0d:0e:8c:f9:a2:f7:42:c8:e6:5e:83:6f:0f:9a:85:3b:6e: + 66:48:b9:a7:a8:fc:da:19:47:0c:90:26:0d:ce:15:fe:6a:1e: + 47:5a:49:f8:76:0f:3a:a8:68:cd:a6:38:4c:a6:ca:b2:b0:9b: + c7:46:43:cd -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -255,11 +255,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ -CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg -YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW -6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R -kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr -sJQyRfcOsjskBVJ/iUhPJeIsscE0 +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQCrxyudFXOXR+CIMp0QcYFTYpfcxHJzST5QUBADHiJYguCz2sqJknDIVA2O +pkSgJl1dUtL7Y+QTfjCaEyVOyDShyeZpJGSY44ichhhiU3Cu8Nnt8wzo7FvlJ4UW +0LD2vV2aYkEmJTGIcP4ll0jx5iEcePdoA1kh2/HFkpYkuCP8q1KVcGpSFk38Nmtf +WE8/yfTnblJBQplBB8J1dNvCSYR8P8GsvdTVj9BzlRiKXfCN3S3wt2GNiu8Un/0w +uhDoV9Mbji2bdLNjDQ6M+aL3QsjmXoNvD5qFO25mSLmnqPzaGUcMkCYNzhX+ah5H +Wkn4dg86qGjNpjhMpsqysJvHRkPN -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-entity.pem b/certs/test-pathlen/chainB-entity.pem index 054e7f6bd..cca6f6697 100644 --- a/certs/test-pathlen/chainB-entity.pem +++ b/certs/test-pathlen/chainB-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: - 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: - 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: - b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: - 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: - 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: - 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: - ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: - ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: - fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: - d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: - d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: - 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: - 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: - a5:75:99:ad + Signature Algorithm: sha256WithRSAEncryption + 1f:ee:5c:85:ed:4e:3b:39:6b:29:a2:ef:65:b9:f3:c7:47:85: + 8e:79:a0:35:1b:aa:0e:98:67:a8:df:03:9c:2b:81:24:ed:cb: + cc:c0:42:49:76:bf:78:7b:b9:39:ca:f6:06:35:76:dd:e3:59: + c5:70:3b:b3:cf:62:0a:09:1d:07:90:96:c4:0e:0a:38:97:f7: + 31:1d:ad:44:f9:03:f9:30:22:b6:68:01:00:38:23:3d:f6:e7: + 71:5a:e4:d4:59:52:4f:80:86:ec:8f:ca:92:1d:9b:07:93:fe: + 34:22:ac:9a:a2:aa:9e:fe:f5:7b:99:fd:72:32:40:98:88:d8: + 42:1d:33:59:4c:38:2e:97:f2:9d:a2:fc:b7:33:cd:84:c1:c6: + ef:f5:c5:d9:be:32:ba:44:66:06:62:5c:55:31:38:b4:25:1a: + 6a:64:de:14:39:b4:38:74:1b:d7:c4:ec:81:fc:3a:13:4b:e1: + d1:b1:5f:3c:8e:25:bc:63:7f:30:78:04:4e:79:3a:83:97:52: + f6:00:6a:9e:d8:b5:c6:06:21:97:4a:98:ee:cf:e8:83:94:23: + 11:6c:00:d7:e9:35:1f:89:77:85:9a:d7:8f:29:90:c6:61:14: + e5:7d:55:5b:66:65:60:44:79:8a:1b:58:88:b9:0f:5f:a6:5f: + 7a:ca:6b:0c -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 -7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 -RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO -oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa -EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU -zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu -xBu8E79NhaV1ma0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAB/uXIXt +Tjs5aymi72W588dHhY55oDUbqg6YZ6jfA5wrgSTty8zAQkl2v3h7uTnK9gY1dt3j +WcVwO7PPYgoJHQeQlsQOCjiX9zEdrUT5A/kwIrZoAQA4Iz3253Fa5NRZUk+AhuyP +ypIdmweT/jQirJqiqp7+9XuZ/XIyQJiI2EIdM1lMOC6X8p2i/LczzYTBxu/1xdm+ +MrpEZgZiXFUxOLQlGmpk3hQ5tDh0G9fE7IH8OhNL4dGxXzyOJbxjfzB4BE55OoOX +UvYAap7YtcYGIZdKmO7P6IOUIxFsANfpNR+Jd4Wa148pkMZhFOV9VVtmZWBEeYob +WIi5D1+mX3rKaww= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/certs/test-pathlen/chainC-ICA1-pathlen1.pem index 9ae15cd0c..64cbc0c6b 100644 --- a/certs/test-pathlen/chainC-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainC-ICA1-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: - 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: - a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: - 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: - f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: - 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: - 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: - 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: - 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: - cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: - e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: - 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: - 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: - 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: - 14:e2:60:25 + Signature Algorithm: sha256WithRSAEncryption + 65:d2:6a:a3:a2:98:ac:5a:53:e4:b4:02:66:8e:9c:64:fa:53: + 88:a7:31:09:fa:31:4d:27:7a:17:7a:1c:8f:13:2a:e5:60:e4: + f2:0f:6a:e6:a6:48:ed:e4:17:0e:cb:57:77:66:98:c0:37:2f: + 00:26:1e:1a:a8:e4:ad:9e:c9:47:4d:6c:c5:57:75:79:97:be: + 0f:82:92:aa:b0:df:0d:f4:25:49:fd:c6:6f:e7:70:f1:f0:0d: + e7:13:81:ed:a1:1e:69:f3:10:3d:3e:3c:5b:c0:71:fb:44:47: + e2:bc:51:62:6c:21:7a:ea:ad:74:f5:46:35:63:93:ab:f9:89: + 31:e6:01:5f:eb:ca:df:d3:93:86:3d:8b:0a:88:79:f1:b1:47: + df:1f:2e:a0:7e:34:f6:80:30:7d:bd:e5:70:43:0d:76:2a:fc: + fe:38:4f:3a:bc:58:52:81:37:5e:e9:3b:26:f4:8d:20:5f:f2: + 44:56:e8:b8:cc:42:7a:5e:67:28:34:c3:8f:a9:08:87:92:4b: + bc:1d:3b:d1:1a:d8:79:20:eb:4a:6f:87:b3:3b:ef:2f:a6:98: + 34:48:a6:43:ba:d4:fa:65:6f:54:9b:28:a1:e1:77:fe:0e:91: + 0b:4f:f5:95:3e:b3:c9:4e:2d:17:67:37:5b:d5:dd:83:ef:a4: + b4:41:53:36 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS -pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme -ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ -3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl -EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ -1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBl0mqjopisWlPktAJmjpxk+lOIpzEJ+jFNJ3oXehyPEyrlYOTyD2rmpkjt +5BcOy1d3ZpjANy8AJh4aqOStnslHTWzFV3V5l74PgpKqsN8N9CVJ/cZv53Dx8A3n +E4HtoR5p8xA9PjxbwHH7REfivFFibCF66q109UY1Y5Or+Ykx5gFf68rf05OGPYsK +iHnxsUffHy6gfjT2gDB9veVwQw12Kvz+OE86vFhSgTde6Tsm9I0gX/JEVui4zEJ6 +XmcoNMOPqQiHkku8HTvRGth5IOtKb4ezO+8vppg0SKZDutT6ZW9Umyih4Xf+DpEL +T/WVPrPJTi0XZzdb1d2D76S0QVM2 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-assembled.pem b/certs/test-pathlen/chainC-assembled.pem index 3c15b3aa5..0fae68780 100644 --- a/certs/test-pathlen/chainC-assembled.pem +++ b/certs/test-pathlen/chainC-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: - 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: - 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: - 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: - 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: - ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: - cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: - e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: - 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: - d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: - 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: - 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: - 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: - 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: - c6:bd:25:6b + Signature Algorithm: sha256WithRSAEncryption + b7:d0:5e:86:77:76:45:77:c3:f8:5c:cd:9b:84:52:b7:8b:d6: + 84:ed:d3:1b:fa:7f:27:d1:24:05:11:9d:bf:74:eb:14:93:ee: + 08:2c:16:0a:d8:00:46:31:e3:43:f1:95:64:b1:72:93:49:fa: + fe:73:e8:be:2a:02:95:e8:3a:56:f3:aa:8b:fa:cb:3a:f5:06: + a2:00:ae:19:36:86:be:93:79:3f:58:f7:95:de:a8:e2:12:89: + 52:2f:a0:be:09:3e:18:69:19:d5:96:7c:94:9a:ee:ab:f1:2b: + 74:54:c9:1c:0a:5f:aa:d1:62:34:24:33:f8:5e:b2:43:9c:c9: + e6:8c:fa:b5:89:a7:3e:6b:51:00:a6:e3:d5:c4:f9:ac:78:a5: + 4d:85:7c:e3:7d:f9:b5:e8:ad:3e:32:56:fb:99:bf:f9:3b:a4: + 98:04:72:cd:ea:95:08:af:7e:62:2d:74:e4:25:48:43:25:ba: + 07:7c:00:c9:31:41:6f:59:ff:da:bb:ac:08:06:18:1a:0a:3d: + 1d:2e:ad:98:2c:06:72:51:f2:75:7c:87:ef:e0:37:f6:80:70: + aa:8d:d9:a8:13:e5:31:91:3c:e3:0f:21:33:0a:15:91:1c:4d: + 3a:1b:35:f6:4c:f5:5f:70:34:b2:dc:ed:10:5d:37:58:16:e4: + e0:83:12:90 -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,22 +77,22 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K -mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE -9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL -xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy -1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR -EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAt9Behnd2RXfD+FzNm4RSt4vW +hO3TG/p/J9EkBRGdv3TrFJPuCCwWCtgARjHjQ/GVZLFyk0n6/nPovioCleg6VvOq +i/rLOvUGogCuGTaGvpN5P1j3ld6o4hKJUi+gvgk+GGkZ1ZZ8lJruq/ErdFTJHApf +qtFiNCQz+F6yQ5zJ5oz6tYmnPmtRAKbj1cT5rHilTYV84335teitPjJW+5m/+Tuk +mARyzeqVCK9+Yi105CVIQyW6B3wAyTFBb1n/2rusCAYYGgo9HS6tmCwGclHydXyH +7+A39oBwqo3ZqBPlMZE84w8hMwoVkRxNOhs19kz1X3A0stztEF03WBbk4IMSkA== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: - 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: - a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: - 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: - f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: - 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: - 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: - 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: - 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: - cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: - e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: - 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: - 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: - 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: - 14:e2:60:25 + Signature Algorithm: sha256WithRSAEncryption + 65:d2:6a:a3:a2:98:ac:5a:53:e4:b4:02:66:8e:9c:64:fa:53: + 88:a7:31:09:fa:31:4d:27:7a:17:7a:1c:8f:13:2a:e5:60:e4: + f2:0f:6a:e6:a6:48:ed:e4:17:0e:cb:57:77:66:98:c0:37:2f: + 00:26:1e:1a:a8:e4:ad:9e:c9:47:4d:6c:c5:57:75:79:97:be: + 0f:82:92:aa:b0:df:0d:f4:25:49:fd:c6:6f:e7:70:f1:f0:0d: + e7:13:81:ed:a1:1e:69:f3:10:3d:3e:3c:5b:c0:71:fb:44:47: + e2:bc:51:62:6c:21:7a:ea:ad:74:f5:46:35:63:93:ab:f9:89: + 31:e6:01:5f:eb:ca:df:d3:93:86:3d:8b:0a:88:79:f1:b1:47: + df:1f:2e:a0:7e:34:f6:80:30:7d:bd:e5:70:43:0d:76:2a:fc: + fe:38:4f:3a:bc:58:52:81:37:5e:e9:3b:26:f4:8d:20:5f:f2: + 44:56:e8:b8:cc:42:7a:5e:67:28:34:c3:8f:a9:08:87:92:4b: + bc:1d:3b:d1:1a:d8:79:20:eb:4a:6f:87:b3:3b:ef:2f:a6:98: + 34:48:a6:43:ba:d4:fa:65:6f:54:9b:28:a1:e1:77:fe:0e:91: + 0b:4f:f5:95:3e:b3:c9:4e:2d:17:67:37:5b:d5:dd:83:ef:a4: + b4:41:53:36 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -165,11 +165,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS -pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme -ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ -3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl -EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ -1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBl0mqjopisWlPktAJmjpxk+lOIpzEJ+jFNJ3oXehyPEyrlYOTyD2rmpkjt +5BcOy1d3ZpjANy8AJh4aqOStnslHTWzFV3V5l74PgpKqsN8N9CVJ/cZv53Dx8A3n +E4HtoR5p8xA9PjxbwHH7REfivFFibCF66q109UY1Y5Or+Ykx5gFf68rf05OGPYsK +iHnxsUffHy6gfjT2gDB9veVwQw12Kvz+OE86vFhSgTde6Tsm9I0gX/JEVui4zEJ6 +XmcoNMOPqQiHkku8HTvRGth5IOtKb4ezO+8vppg0SKZDutT6ZW9Umyih4Xf+DpEL +T/WVPrPJTi0XZzdb1d2D76S0QVM2 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-entity.pem b/certs/test-pathlen/chainC-entity.pem index 5747494a0..34f198f2e 100644 --- a/certs/test-pathlen/chainC-entity.pem +++ b/certs/test-pathlen/chainC-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: - 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: - 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: - 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: - 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: - ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: - cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: - e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: - 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: - d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: - 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: - 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: - 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: - 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: - c6:bd:25:6b + Signature Algorithm: sha256WithRSAEncryption + b7:d0:5e:86:77:76:45:77:c3:f8:5c:cd:9b:84:52:b7:8b:d6: + 84:ed:d3:1b:fa:7f:27:d1:24:05:11:9d:bf:74:eb:14:93:ee: + 08:2c:16:0a:d8:00:46:31:e3:43:f1:95:64:b1:72:93:49:fa: + fe:73:e8:be:2a:02:95:e8:3a:56:f3:aa:8b:fa:cb:3a:f5:06: + a2:00:ae:19:36:86:be:93:79:3f:58:f7:95:de:a8:e2:12:89: + 52:2f:a0:be:09:3e:18:69:19:d5:96:7c:94:9a:ee:ab:f1:2b: + 74:54:c9:1c:0a:5f:aa:d1:62:34:24:33:f8:5e:b2:43:9c:c9: + e6:8c:fa:b5:89:a7:3e:6b:51:00:a6:e3:d5:c4:f9:ac:78:a5: + 4d:85:7c:e3:7d:f9:b5:e8:ad:3e:32:56:fb:99:bf:f9:3b:a4: + 98:04:72:cd:ea:95:08:af:7e:62:2d:74:e4:25:48:43:25:ba: + 07:7c:00:c9:31:41:6f:59:ff:da:bb:ac:08:06:18:1a:0a:3d: + 1d:2e:ad:98:2c:06:72:51:f2:75:7c:87:ef:e0:37:f6:80:70: + aa:8d:d9:a8:13:e5:31:91:3c:e3:0f:21:33:0a:15:91:1c:4d: + 3a:1b:35:f6:4c:f5:5f:70:34:b2:dc:ed:10:5d:37:58:16:e4: + e0:83:12:90 -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K -mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE -9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL -xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy -1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR -EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAt9Behnd2RXfD+FzNm4RSt4vW +hO3TG/p/J9EkBRGdv3TrFJPuCCwWCtgARjHjQ/GVZLFyk0n6/nPovioCleg6VvOq +i/rLOvUGogCuGTaGvpN5P1j3ld6o4hKJUi+gvgk+GGkZ1ZZ8lJruq/ErdFTJHApf +qtFiNCQz+F6yQ5zJ5oz6tYmnPmtRAKbj1cT5rHilTYV84335teitPjJW+5m/+Tuk +mARyzeqVCK9+Yi105CVIQyW6B3wAyTFBb1n/2rusCAYYGgo9HS6tmCwGclHydXyH +7+A39oBwqo3ZqBPlMZE84w8hMwoVkRxNOhs19kz1X3A0stztEF03WBbk4IMSkA== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/certs/test-pathlen/chainD-ICA1-pathlen127.pem index 525d7b7cb..97ad8d4f5 100644 --- a/certs/test-pathlen/chainD-ICA1-pathlen127.pem +++ b/certs/test-pathlen/chainD-ICA1-pathlen127.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: - 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: - 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: - 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: - ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: - 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: - 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: - 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: - fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: - e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: - 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: - ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: - af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: - ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: - df:41:9e:ea + Signature Algorithm: sha256WithRSAEncryption + 12:87:4f:82:bb:5a:21:b0:95:f6:b5:2b:95:53:a5:10:fc:f6: + fe:7e:03:9c:fa:cf:d7:d5:a1:72:1d:33:69:1b:0e:07:07:62: + 74:9b:0c:2b:46:d2:b8:80:b1:72:f3:c1:83:13:62:fd:dd:17: + 15:14:0b:64:57:26:db:70:e5:3d:44:88:05:f9:91:b0:9a:4a: + c0:f9:87:3c:70:16:d6:1c:58:51:d9:b9:b8:ac:11:d2:4d:94: + 58:cf:fd:9e:74:51:28:b0:4f:ed:7d:88:25:ce:6b:eb:5e:ca: + e8:f9:ce:31:e1:b9:2d:e6:d9:0c:13:ff:3f:24:1f:fa:25:e8: + cd:cd:25:88:e7:98:dc:b5:f8:cd:21:d2:a8:71:d1:b9:18:dd: + 18:5d:0b:97:a7:82:04:d5:e8:36:29:4b:dc:7f:d9:42:85:55: + 81:dc:da:f9:ca:58:38:f3:2c:df:b4:2c:23:65:d3:17:01:ed: + f4:8b:f6:9b:0b:b5:32:ea:28:cb:c2:fb:16:2a:fe:3d:3d:0b: + e6:f3:bf:8f:43:75:a7:d1:b8:c9:04:31:4f:60:3a:3a:4a:b0: + 1b:16:7d:24:b8:78:be:be:7a:80:a5:81:8c:77:7c:aa:79:75: + 4d:3f:a2:14:36:5a:81:1f:6c:44:7d:d1:9a:db:a6:f6:e3:48: + d3:bb:ea:9c -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -79,11 +79,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL -6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE -cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc -otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX -jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA -zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBABKHT4K7WiGwlfa1K5VTpRD89v5+A5z6z9fVoXIdM2kbDgcHYnSbDCtG +0riAsXLzwYMTYv3dFxUUC2RXJttw5T1EiAX5kbCaSsD5hzxwFtYcWFHZubisEdJN +lFjP/Z50USiwT+19iCXOa+teyuj5zjHhuS3m2QwT/z8kH/ol6M3NJYjnmNy1+M0h +0qhx0bkY3RhdC5enggTV6DYpS9x/2UKFVYHc2vnKWDjzLN+0LCNl0xcB7fSL9psL +tTLqKMvC+xYq/j09C+bzv49DdafRuMkEMU9gOjpKsBsWfSS4eL6+eoClgYx3fKp5 +dU0/ohQ2WoEfbER90ZrbpvbjSNO76pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-assembled.pem b/certs/test-pathlen/chainD-assembled.pem index c406fd750..28cc30acd 100644 --- a/certs/test-pathlen/chainD-assembled.pem +++ b/certs/test-pathlen/chainD-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: - e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: - 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: - 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: - 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: - 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: - 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: - e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: - 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: - 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: - 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: - 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: - 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: - 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: - a5:75:09:4d + Signature Algorithm: sha256WithRSAEncryption + 58:fd:0d:2f:47:32:d2:11:b4:b5:a5:b5:ea:26:23:66:85:cc: + 46:b5:42:fc:63:98:57:14:84:ca:2a:02:30:9e:a0:64:d4:24: + cb:42:2e:53:a3:0f:d7:24:46:cb:37:0c:ba:d9:73:50:11:15: + d0:4a:4a:f5:10:15:db:c9:e5:e6:a2:c3:91:89:70:c8:df:59: + c3:2f:c3:94:a4:50:5b:f5:d8:71:e8:ba:fa:85:ee:aa:f4:b1: + 64:29:54:62:08:cc:89:a3:41:be:df:03:d3:75:f8:92:41:95: + 4b:06:cc:95:30:ef:a8:6f:01:9a:2e:bc:a0:7e:4c:08:4e:d4: + f0:91:fe:b4:a3:67:0f:9c:5d:4d:7d:ad:04:d7:cf:e4:79:d8: + b2:18:78:33:fd:a3:cb:14:d3:50:1b:50:62:ef:9d:1b:88:8d: + 7b:42:76:ce:c7:88:70:58:40:f4:bf:7c:1e:c5:26:8c:23:b7: + 7e:d2:85:67:c7:fe:ae:59:98:06:60:54:43:1e:31:74:25:c9: + 1e:4c:05:d2:6d:01:3e:33:ac:5d:42:c5:47:c4:20:9f:04:30: + ca:c7:22:63:bd:8e:16:0a:42:4c:5b:2c:3b:b4:77:3c:b4:43: + bb:6d:4d:40:d6:ed:30:df:29:a4:3e:e2:78:c3:4f:11:a4:53: + 65:33:e0:c9 -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,22 +77,22 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz -D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x -qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG -gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 -wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq -8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY/Q0vRzLSEbS1pbXqJiNm +hcxGtUL8Y5hXFITKKgIwnqBk1CTLQi5Tow/XJEbLNwy62XNQERXQSkr1EBXbyeXm +osORiXDI31nDL8OUpFBb9dhx6Lr6he6q9LFkKVRiCMyJo0G+3wPTdfiSQZVLBsyV +MO+obwGaLrygfkwITtTwkf60o2cPnF1Nfa0E18/kediyGHgz/aPLFNNQG1Bi750b +iI17QnbOx4hwWED0v3wexSaMI7d+0oVnx/6uWZgGYFRDHjF0JckeTAXSbQE+M6xd +QsVHxCCfBDDKxyJjvY4WCkJMWyw7tHc8tEO7bU1A1u0w3ymkPuJ4w08RpFNlM+DJ -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: - 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: - 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: - 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: - ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: - 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: - 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: - 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: - fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: - e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: - 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: - ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: - af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: - ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: - df:41:9e:ea + Signature Algorithm: sha256WithRSAEncryption + 12:87:4f:82:bb:5a:21:b0:95:f6:b5:2b:95:53:a5:10:fc:f6: + fe:7e:03:9c:fa:cf:d7:d5:a1:72:1d:33:69:1b:0e:07:07:62: + 74:9b:0c:2b:46:d2:b8:80:b1:72:f3:c1:83:13:62:fd:dd:17: + 15:14:0b:64:57:26:db:70:e5:3d:44:88:05:f9:91:b0:9a:4a: + c0:f9:87:3c:70:16:d6:1c:58:51:d9:b9:b8:ac:11:d2:4d:94: + 58:cf:fd:9e:74:51:28:b0:4f:ed:7d:88:25:ce:6b:eb:5e:ca: + e8:f9:ce:31:e1:b9:2d:e6:d9:0c:13:ff:3f:24:1f:fa:25:e8: + cd:cd:25:88:e7:98:dc:b5:f8:cd:21:d2:a8:71:d1:b9:18:dd: + 18:5d:0b:97:a7:82:04:d5:e8:36:29:4b:dc:7f:d9:42:85:55: + 81:dc:da:f9:ca:58:38:f3:2c:df:b4:2c:23:65:d3:17:01:ed: + f4:8b:f6:9b:0b:b5:32:ea:28:cb:c2:fb:16:2a:fe:3d:3d:0b: + e6:f3:bf:8f:43:75:a7:d1:b8:c9:04:31:4f:60:3a:3a:4a:b0: + 1b:16:7d:24:b8:78:be:be:7a:80:a5:81:8c:77:7c:aa:79:75: + 4d:3f:a2:14:36:5a:81:1f:6c:44:7d:d1:9a:db:a6:f6:e3:48: + d3:bb:ea:9c -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -165,11 +165,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL -6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE -cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc -otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX -jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA -zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBABKHT4K7WiGwlfa1K5VTpRD89v5+A5z6z9fVoXIdM2kbDgcHYnSbDCtG +0riAsXLzwYMTYv3dFxUUC2RXJttw5T1EiAX5kbCaSsD5hzxwFtYcWFHZubisEdJN +lFjP/Z50USiwT+19iCXOa+teyuj5zjHhuS3m2QwT/z8kH/ol6M3NJYjnmNy1+M0h +0qhx0bkY3RhdC5enggTV6DYpS9x/2UKFVYHc2vnKWDjzLN+0LCNl0xcB7fSL9psL +tTLqKMvC+xYq/j09C+bzv49DdafRuMkEMU9gOjpKsBsWfSS4eL6+eoClgYx3fKp5 +dU0/ohQ2WoEfbER90ZrbpvbjSNO76pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-entity.pem b/certs/test-pathlen/chainD-entity.pem index 011d61687..640b8394e 100644 --- a/certs/test-pathlen/chainD-entity.pem +++ b/certs/test-pathlen/chainD-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: - e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: - 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: - 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: - 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: - 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: - 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: - e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: - 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: - 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: - 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: - 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: - 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: - 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: - a5:75:09:4d + Signature Algorithm: sha256WithRSAEncryption + 58:fd:0d:2f:47:32:d2:11:b4:b5:a5:b5:ea:26:23:66:85:cc: + 46:b5:42:fc:63:98:57:14:84:ca:2a:02:30:9e:a0:64:d4:24: + cb:42:2e:53:a3:0f:d7:24:46:cb:37:0c:ba:d9:73:50:11:15: + d0:4a:4a:f5:10:15:db:c9:e5:e6:a2:c3:91:89:70:c8:df:59: + c3:2f:c3:94:a4:50:5b:f5:d8:71:e8:ba:fa:85:ee:aa:f4:b1: + 64:29:54:62:08:cc:89:a3:41:be:df:03:d3:75:f8:92:41:95: + 4b:06:cc:95:30:ef:a8:6f:01:9a:2e:bc:a0:7e:4c:08:4e:d4: + f0:91:fe:b4:a3:67:0f:9c:5d:4d:7d:ad:04:d7:cf:e4:79:d8: + b2:18:78:33:fd:a3:cb:14:d3:50:1b:50:62:ef:9d:1b:88:8d: + 7b:42:76:ce:c7:88:70:58:40:f4:bf:7c:1e:c5:26:8c:23:b7: + 7e:d2:85:67:c7:fe:ae:59:98:06:60:54:43:1e:31:74:25:c9: + 1e:4c:05:d2:6d:01:3e:33:ac:5d:42:c5:47:c4:20:9f:04:30: + ca:c7:22:63:bd:8e:16:0a:42:4c:5b:2c:3b:b4:77:3c:b4:43: + bb:6d:4d:40:d6:ed:30:df:29:a4:3e:e2:78:c3:4f:11:a4:53: + 65:33:e0:c9 -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz -D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x -qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG -gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 -wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq -8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY/Q0vRzLSEbS1pbXqJiNm +hcxGtUL8Y5hXFITKKgIwnqBk1CTLQi5Tow/XJEbLNwy62XNQERXQSkr1EBXbyeXm +osORiXDI31nDL8OUpFBb9dhx6Lr6he6q9LFkKVRiCMyJo0G+3wPTdfiSQZVLBsyV +MO+obwGaLrygfkwITtTwkf60o2cPnF1Nfa0E18/kediyGHgz/aPLFNNQG1Bi750b +iI17QnbOx4hwWED0v3wexSaMI7d+0oVnx/6uWZgGYFRDHjF0JckeTAXSbQE+M6xd +QsVHxCCfBDDKxyJjvY4WCkJMWyw7tHc8tEO7bU1A1u0w3ymkPuJ4w08RpFNlM+DJ -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/certs/test-pathlen/chainE-ICA1-pathlen128.pem index 92c5bb9a6..da10c86f7 100644 --- a/certs/test-pathlen/chainE-ICA1-pathlen128.pem +++ b/certs/test-pathlen/chainE-ICA1-pathlen128.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: - af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: - 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: - 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: - 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: - 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: - 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: - 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: - a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: - 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: - c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: - 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: - 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: - 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: - 4f:a6:b7:df + Signature Algorithm: sha256WithRSAEncryption + 81:17:73:e0:8e:30:5f:5e:a7:25:a8:c0:89:f0:2a:c5:cc:72: + 30:0a:55:f2:c8:13:34:de:3c:7c:5e:e1:56:5e:72:04:10:8b: + 4b:05:3b:14:3c:37:0e:48:68:23:a1:2c:f5:72:f0:36:57:79: + fa:6f:ee:b0:17:83:f0:8a:1f:f0:6b:88:3b:57:c8:b2:57:c9: + 4e:35:14:a8:d7:31:db:68:74:8c:30:24:b3:9d:c9:8d:8c:36: + 34:30:0e:f3:4e:74:bd:14:77:c8:13:7f:bc:d3:21:34:e8:87: + e7:a3:80:62:ea:20:4b:40:ef:f5:97:db:c7:63:6b:e4:06:12: + 1a:b7:55:da:5a:34:32:95:59:c4:68:85:2c:87:dd:77:5f:ff: + 28:cf:95:c3:68:f8:c4:32:af:8e:c6:2c:39:6b:bd:3a:dd:18: + 16:a8:a7:0e:9d:93:6d:8e:77:b1:0e:86:55:0d:a4:aa:e6:3f: + f5:69:1d:d5:c0:5e:1a:b1:bc:ab:5f:eb:1f:76:6a:c5:22:57: + a9:f1:ee:55:56:37:61:9e:49:e6:bc:8b:e9:9d:6b:11:6f:90: + cb:d6:18:3c:81:f2:c8:4c:92:e4:4d:73:d1:a1:be:8d:fe:d7: + 54:20:d4:df:43:7d:e7:57:f1:dd:9f:a0:6d:cd:e3:ab:30:fa: + cc:29:0b:01 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -80,10 +80,10 @@ AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE -4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu -k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti -wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ -aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ -gelbLrLvK7YaG0svwuSBn7/e4XNPprff +CwUAA4IBAQCBF3PgjjBfXqclqMCJ8CrFzHIwClXyyBM03jx8XuFWXnIEEItLBTsU +PDcOSGgjoSz1cvA2V3n6b+6wF4Pwih/wa4g7V8iyV8lONRSo1zHbaHSMMCSzncmN +jDY0MA7zTnS9FHfIE3+80yE06Ifno4Bi6iBLQO/1l9vHY2vkBhIat1XaWjQylVnE +aIUsh913X/8oz5XDaPjEMq+Oxiw5a7063RgWqKcOnZNtjnexDoZVDaSq5j/1aR3V +wF4asbyrX+sfdmrFIlep8e5VVjdhnknmvIvpnWsRb5DL1hg8gfLITJLkTXPRob6N +/tdUINTfQ33nV/Hdn6BtzeOrMPrMKQsB -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-assembled.pem b/certs/test-pathlen/chainE-assembled.pem index 5af7bd598..be49ab5be 100644 --- a/certs/test-pathlen/chainE-assembled.pem +++ b/certs/test-pathlen/chainE-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: - 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: - b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: - c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: - 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: - 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: - e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: - 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: - f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: - ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: - 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: - da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: - fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: - ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: - 8a:9b:b5:8c + Signature Algorithm: sha256WithRSAEncryption + 1a:af:fd:cb:5e:63:ed:ac:39:c5:e1:0f:32:2c:6e:f2:0b:23: + 1d:d8:61:e4:39:d6:a6:e6:69:a3:df:f7:3b:80:84:22:72:58: + 0e:bc:ef:92:10:65:93:16:20:e4:69:d7:d1:58:0b:33:f2:68: + a2:6b:76:36:d0:f0:36:3c:61:31:dc:44:a0:00:e2:80:9e:62: + d5:fe:cc:08:66:ca:23:88:b3:e0:48:32:be:d8:dd:d2:a6:f9: + 20:13:1a:1f:a0:65:80:8d:d8:c5:c6:c5:3f:1a:ec:ae:2a:a5: + ac:de:97:eb:56:96:c7:55:16:ee:5f:e2:74:e2:03:1f:91:69: + 70:b8:fb:5a:42:26:7a:fa:5e:8d:19:eb:5a:2e:32:09:c9:95: + be:9e:34:d4:90:88:42:7e:ad:70:8b:cf:7d:5d:d0:a8:91:aa: + 93:1a:d1:15:7c:2d:a7:af:c2:d2:d7:65:20:5e:8b:3d:b1:df: + 98:5f:56:ad:ed:57:ca:53:ac:0e:f7:86:a4:80:d2:ea:f2:01: + e6:b0:5f:6f:4f:12:17:31:7c:8e:24:43:ac:94:06:aa:6d:a4: + eb:eb:43:b6:64:ed:76:24:bf:73:d8:7c:56:7e:d5:8b:66:f6: + cb:09:0d:f7:44:34:a3:93:d8:e7:36:1a:5f:0f:51:22:09:79: + 24:dd:31:9e -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,22 +77,22 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ -uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz -0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS -samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV -15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv -f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAar/3LXmPtrDnF4Q8yLG7y +CyMd2GHkOdam5mmj3/c7gIQiclgOvO+SEGWTFiDkadfRWAsz8miia3Y20PA2PGEx +3ESgAOKAnmLV/swIZsojiLPgSDK+2N3SpvkgExofoGWAjdjFxsU/GuyuKqWs3pfr +VpbHVRbuX+J04gMfkWlwuPtaQiZ6+l6NGetaLjIJyZW+njTUkIhCfq1wi899XdCo +kaqTGtEVfC2nr8LS12UgXos9sd+YX1at7VfKU6wO94akgNLq8gHmsF9vTxIXMXyO +JEOslAaqbaTr60O2ZO12JL9z2HxWftWLZvbLCQ33RDSjk9jnNhpfD1EiCXkk3TGe -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: - af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: - 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: - 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: - 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: - 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: - 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: - 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: - a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: - 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: - c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: - 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: - 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: - 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: - 4f:a6:b7:df + Signature Algorithm: sha256WithRSAEncryption + 81:17:73:e0:8e:30:5f:5e:a7:25:a8:c0:89:f0:2a:c5:cc:72: + 30:0a:55:f2:c8:13:34:de:3c:7c:5e:e1:56:5e:72:04:10:8b: + 4b:05:3b:14:3c:37:0e:48:68:23:a1:2c:f5:72:f0:36:57:79: + fa:6f:ee:b0:17:83:f0:8a:1f:f0:6b:88:3b:57:c8:b2:57:c9: + 4e:35:14:a8:d7:31:db:68:74:8c:30:24:b3:9d:c9:8d:8c:36: + 34:30:0e:f3:4e:74:bd:14:77:c8:13:7f:bc:d3:21:34:e8:87: + e7:a3:80:62:ea:20:4b:40:ef:f5:97:db:c7:63:6b:e4:06:12: + 1a:b7:55:da:5a:34:32:95:59:c4:68:85:2c:87:dd:77:5f:ff: + 28:cf:95:c3:68:f8:c4:32:af:8e:c6:2c:39:6b:bd:3a:dd:18: + 16:a8:a7:0e:9d:93:6d:8e:77:b1:0e:86:55:0d:a4:aa:e6:3f: + f5:69:1d:d5:c0:5e:1a:b1:bc:ab:5f:eb:1f:76:6a:c5:22:57: + a9:f1:ee:55:56:37:61:9e:49:e6:bc:8b:e9:9d:6b:11:6f:90: + cb:d6:18:3c:81:f2:c8:4c:92:e4:4d:73:d1:a1:be:8d:fe:d7: + 54:20:d4:df:43:7d:e7:57:f1:dd:9f:a0:6d:cd:e3:ab:30:fa: + cc:29:0b:01 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -166,10 +166,10 @@ AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE -4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu -k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti -wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ -aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ -gelbLrLvK7YaG0svwuSBn7/e4XNPprff +CwUAA4IBAQCBF3PgjjBfXqclqMCJ8CrFzHIwClXyyBM03jx8XuFWXnIEEItLBTsU +PDcOSGgjoSz1cvA2V3n6b+6wF4Pwih/wa4g7V8iyV8lONRSo1zHbaHSMMCSzncmN +jDY0MA7zTnS9FHfIE3+80yE06Ifno4Bi6iBLQO/1l9vHY2vkBhIat1XaWjQylVnE +aIUsh913X/8oz5XDaPjEMq+Oxiw5a7063RgWqKcOnZNtjnexDoZVDaSq5j/1aR3V +wF4asbyrX+sfdmrFIlep8e5VVjdhnknmvIvpnWsRb5DL1hg8gfLITJLkTXPRob6N +/tdUINTfQ33nV/Hdn6BtzeOrMPrMKQsB -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-entity.pem b/certs/test-pathlen/chainE-entity.pem index 2c01733ca..a4b979416 100644 --- a/certs/test-pathlen/chainE-entity.pem +++ b/certs/test-pathlen/chainE-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: - 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: - b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: - c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: - 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: - 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: - e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: - 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: - f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: - ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: - 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: - da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: - fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: - ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: - 8a:9b:b5:8c + Signature Algorithm: sha256WithRSAEncryption + 1a:af:fd:cb:5e:63:ed:ac:39:c5:e1:0f:32:2c:6e:f2:0b:23: + 1d:d8:61:e4:39:d6:a6:e6:69:a3:df:f7:3b:80:84:22:72:58: + 0e:bc:ef:92:10:65:93:16:20:e4:69:d7:d1:58:0b:33:f2:68: + a2:6b:76:36:d0:f0:36:3c:61:31:dc:44:a0:00:e2:80:9e:62: + d5:fe:cc:08:66:ca:23:88:b3:e0:48:32:be:d8:dd:d2:a6:f9: + 20:13:1a:1f:a0:65:80:8d:d8:c5:c6:c5:3f:1a:ec:ae:2a:a5: + ac:de:97:eb:56:96:c7:55:16:ee:5f:e2:74:e2:03:1f:91:69: + 70:b8:fb:5a:42:26:7a:fa:5e:8d:19:eb:5a:2e:32:09:c9:95: + be:9e:34:d4:90:88:42:7e:ad:70:8b:cf:7d:5d:d0:a8:91:aa: + 93:1a:d1:15:7c:2d:a7:af:c2:d2:d7:65:20:5e:8b:3d:b1:df: + 98:5f:56:ad:ed:57:ca:53:ac:0e:f7:86:a4:80:d2:ea:f2:01: + e6:b0:5f:6f:4f:12:17:31:7c:8e:24:43:ac:94:06:aa:6d:a4: + eb:eb:43:b6:64:ed:76:24:bf:73:d8:7c:56:7e:d5:8b:66:f6: + cb:09:0d:f7:44:34:a3:93:d8:e7:36:1a:5f:0f:51:22:09:79: + 24:dd:31:9e -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ -uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz -0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS -samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV -15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv -f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAar/3LXmPtrDnF4Q8yLG7y +CyMd2GHkOdam5mmj3/c7gIQiclgOvO+SEGWTFiDkadfRWAsz8miia3Y20PA2PGEx +3ESgAOKAnmLV/swIZsojiLPgSDK+2N3SpvkgExofoGWAjdjFxsU/GuyuKqWs3pfr +VpbHVRbuX+J04gMfkWlwuPtaQiZ6+l6NGetaLjIJyZW+njTUkIhCfq1wi899XdCo +kaqTGtEVfC2nr8LS12UgXos9sd+YX1at7VfKU6wO94akgNLq8gHmsF9vTxIXMXyO +JEOslAaqbaTr60O2ZO12JL9z2HxWftWLZvbLCQ33RDSjk9jnNhpfD1EiCXkk3TGe -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/certs/test-pathlen/chainF-ICA1-pathlen1.pem index 5f7f14c97..580610852 100644 --- a/certs/test-pathlen/chainF-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainF-ICA1-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: - 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: - 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: - 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: - cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: - da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: - 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: - d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: - 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: - af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: - 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: - 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: - d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: - a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: - 25:b2:22:37 + Signature Algorithm: sha256WithRSAEncryption + 6a:e9:07:00:56:3b:70:9a:2b:3d:42:e9:93:ad:76:a9:43:82: + a9:44:2a:35:a2:c7:56:d4:1e:cd:26:7c:d4:3f:49:19:3a:1e: + 88:ed:f7:3d:b5:88:65:41:b4:69:81:59:fd:bd:93:b3:5c:ba: + ae:60:b9:0b:e7:4b:60:a7:e4:b1:fa:ec:85:09:2b:e8:ff:84: + 77:71:75:63:c2:8a:10:51:76:7a:c9:6f:9a:a3:8b:10:b4:ed: + 9d:75:18:52:f5:a9:8a:ed:e0:0c:a4:23:96:f8:39:f6:fd:ce: + 58:21:54:2c:b1:a2:a1:73:eb:9f:93:99:0c:12:1e:9a:bb:3d: + 1e:91:da:df:b3:66:6a:cb:44:33:a8:d2:5d:31:76:d5:96:30: + 51:dd:d0:12:e9:7b:9b:9f:98:ac:35:03:0f:6f:2d:b5:b6:e1: + 30:14:50:31:2e:4c:fd:65:f5:d2:20:7b:8d:1d:a3:7f:6c:4f: + 47:d6:c8:97:26:cf:28:65:d8:a0:19:d1:ca:2e:e8:f7:11:cb: + ab:a6:32:2b:82:4d:c1:df:0a:c5:e5:9e:00:39:65:20:7e:55: + ad:81:ac:14:b1:f9:f3:88:96:94:26:e1:66:44:96:68:1b:1a: + 8d:db:f3:b9:e7:b8:9b:50:0b:03:19:53:70:c8:58:75:70:1f: + 0e:a4:bb:9f -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL -D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP -xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh -Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc -8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR -23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +AQELBQADggEBAGrpBwBWO3CaKz1C6ZOtdqlDgqlEKjWix1bUHs0mfNQ/SRk6Hojt +9z21iGVBtGmBWf29k7Ncuq5guQvnS2Cn5LH67IUJK+j/hHdxdWPCihBRdnrJb5qj +ixC07Z11GFL1qYrt4AykI5b4Ofb9zlghVCyxoqFz65+TmQwSHpq7PR6R2t+zZmrL +RDOo0l0xdtWWMFHd0BLpe5ufmKw1Aw9vLbW24TAUUDEuTP1l9dIge40do39sT0fW +yJcmzyhl2KAZ0cou6PcRy6umMiuCTcHfCsXlngA5ZSB+Va2BrBSx+fOIlpQm4WZE +lmgbGo3b87nnuJtQCwMZU3DIWHVwHw6ku58= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/certs/test-pathlen/chainF-ICA2-pathlen0.pem index b3e68dd43..128b32370 100644 --- a/certs/test-pathlen/chainF-ICA2-pathlen0.pem +++ b/certs/test-pathlen/chainF-ICA2-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: - 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: - 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: - 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: - 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: - 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: - 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: - 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: - 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: - b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: - 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: - e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: - 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: - e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: - 24:0e:d6:0d + Signature Algorithm: sha256WithRSAEncryption + 1a:93:21:25:ab:3a:1a:d6:18:60:81:26:16:9c:d6:4b:2f:62: + 3e:57:e2:e7:a8:59:77:fc:22:33:8b:0d:bd:14:79:80:cf:95: + 8a:d5:4f:3c:92:a0:eb:65:42:76:81:80:10:aa:03:21:ea:68: + 5d:72:98:ce:e3:01:65:f8:b2:1a:e8:8d:a9:d6:0a:2b:22:cf: + 11:22:fb:d0:7c:9f:d2:bb:04:4a:34:07:b4:4d:71:31:48:5b: + a0:08:83:ec:96:6d:5e:9a:fb:e3:da:63:32:b6:83:87:37:cb: + 67:dc:8e:7f:9d:a7:83:5c:13:bc:af:82:a0:9a:d2:b2:b7:1e: + 38:38:5c:e5:64:75:37:10:4a:82:a0:4d:f6:f8:5e:bf:36:f3: + 68:01:1a:0a:6b:e3:03:50:79:d6:14:da:26:48:d9:b6:8e:23: + 28:8a:a7:6e:c9:b0:54:c3:0b:48:25:7b:bf:e6:9f:be:f3:f0: + b9:1d:c2:30:11:e4:fc:5f:90:96:69:d9:c0:cd:89:89:58:51: + 43:8b:4c:d9:2a:d0:90:04:fc:db:21:32:c0:32:50:e4:4b:88: + 4c:42:9c:d5:2a:ba:30:6e:5e:49:87:a1:c7:03:9e:6c:45:cc: + bb:cf:d2:4a:af:1d:18:1c:9e:cb:66:50:e9:f9:b8:0b:08:bf: + 39:95:bb:62 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH -dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 -EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI -k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY -R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m -VcjCowsmYI95sNGPgx82kaokDtYN +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAakyElqzoa1hhggSYWnNZLL2I+V+LnqFl3/CIziw29FHmAz5WK1U88kqDr +ZUJ2gYAQqgMh6mhdcpjO4wFl+LIa6I2p1gorIs8RIvvQfJ/SuwRKNAe0TXExSFug +CIPslm1emvvj2mMytoOHN8tn3I5/naeDXBO8r4KgmtKytx44OFzlZHU3EEqCoE32 ++F6/NvNoARoKa+MDUHnWFNomSNm2jiMoiqduybBUwwtIJXu/5p++8/C5HcIwEeT8 +X5CWadnAzYmJWFFDi0zZKtCQBPzbITLAMlDkS4hMQpzVKrowbl5Jh6HHA55sRcy7 +z9JKrx0YHJ7LZlDp+bgLCL85lbti -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-assembled.pem b/certs/test-pathlen/chainF-assembled.pem index 8103382d3..14b0e0b25 100644 --- a/certs/test-pathlen/chainF-assembled.pem +++ b/certs/test-pathlen/chainF-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: - c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: - 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: - 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: - 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: - af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: - 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: - aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: - a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: - 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: - a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: - f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: - 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: - fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: - 9a:28:91:3b + Signature Algorithm: sha256WithRSAEncryption + 24:20:aa:3a:98:e1:d4:42:a1:0f:7b:58:10:83:72:da:d4:ed: + e2:e6:08:0d:d2:fb:c0:ff:5b:97:72:03:b1:20:fa:b1:88:60: + 29:af:44:64:82:51:44:75:a7:cb:90:0d:af:63:a3:93:6f:a8: + 12:18:16:60:2f:58:37:ec:be:23:64:1b:06:ad:a7:d6:fa:cf: + 34:06:3d:99:21:19:d4:27:24:19:a0:00:8a:28:80:7b:8a:48: + ea:61:63:20:4f:14:f2:60:a0:a3:3a:5a:45:4a:b1:24:1d:46: + 69:84:76:0e:ff:29:5b:4b:74:a2:75:2c:f1:4b:ba:dc:c5:4b: + dd:b3:52:b9:fd:45:8d:fd:71:68:78:71:f8:3e:7c:62:50:a2: + 8d:07:df:45:a7:39:9c:df:df:9d:78:de:a4:9e:ef:e6:0a:7a: + 53:42:0c:9e:7e:4a:bf:9c:70:66:a7:08:ab:bf:b5:f8:b3:3b: + 99:28:2c:73:f4:6f:da:4d:21:59:35:82:58:f4:5e:59:25:1e: + d6:7a:0a:c8:7f:4a:74:33:16:86:b4:bb:65:2e:9b:32:e5:78: + 53:95:33:38:a4:8a:04:36:eb:fa:51:d5:46:94:72:7d:d7:16: + c9:e7:e3:45:94:ab:ec:08:b6:87:e4:3a:34:7c:ca:dd:f9:27: + 65:21:c5:5f -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ -dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb -tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a -cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd -6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 -jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU -Jz+ZNb5M+JookTs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACQgqjqY +4dRCoQ97WBCDctrU7eLmCA3S+8D/W5dyA7Eg+rGIYCmvRGSCUUR1p8uQDa9jo5Nv +qBIYFmAvWDfsviNkGwatp9b6zzQGPZkhGdQnJBmgAIoogHuKSOphYyBPFPJgoKM6 +WkVKsSQdRmmEdg7/KVtLdKJ1LPFLutzFS92zUrn9RY39cWh4cfg+fGJQoo0H30Wn +OZzf35143qSe7+YKelNCDJ5+Sr+ccGanCKu/tfizO5koLHP0b9pNIVk1glj0Xlkl +HtZ6Csh/SnQzFoa0u2UumzLleFOVMzikigQ26/pR1UaUcn3XFsnn40WUq+wItofk +OjR8yt35J2UhxV8= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: - 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: - 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: - 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: - cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: - da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: - 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: - d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: - 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: - af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: - 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: - 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: - d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: - a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: - 25:b2:22:37 + Signature Algorithm: sha256WithRSAEncryption + 6a:e9:07:00:56:3b:70:9a:2b:3d:42:e9:93:ad:76:a9:43:82: + a9:44:2a:35:a2:c7:56:d4:1e:cd:26:7c:d4:3f:49:19:3a:1e: + 88:ed:f7:3d:b5:88:65:41:b4:69:81:59:fd:bd:93:b3:5c:ba: + ae:60:b9:0b:e7:4b:60:a7:e4:b1:fa:ec:85:09:2b:e8:ff:84: + 77:71:75:63:c2:8a:10:51:76:7a:c9:6f:9a:a3:8b:10:b4:ed: + 9d:75:18:52:f5:a9:8a:ed:e0:0c:a4:23:96:f8:39:f6:fd:ce: + 58:21:54:2c:b1:a2:a1:73:eb:9f:93:99:0c:12:1e:9a:bb:3d: + 1e:91:da:df:b3:66:6a:cb:44:33:a8:d2:5d:31:76:d5:96:30: + 51:dd:d0:12:e9:7b:9b:9f:98:ac:35:03:0f:6f:2d:b5:b6:e1: + 30:14:50:31:2e:4c:fd:65:f5:d2:20:7b:8d:1d:a3:7f:6c:4f: + 47:d6:c8:97:26:cf:28:65:d8:a0:19:d1:ca:2e:e8:f7:11:cb: + ab:a6:32:2b:82:4d:c1:df:0a:c5:e5:9e:00:39:65:20:7e:55: + ad:81:ac:14:b1:f9:f3:88:96:94:26:e1:66:44:96:68:1b:1a: + 8d:db:f3:b9:e7:b8:9b:50:0b:03:19:53:70:c8:58:75:70:1f: + 0e:a4:bb:9f -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL -D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP -xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh -Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc -8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR -23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +AQELBQADggEBAGrpBwBWO3CaKz1C6ZOtdqlDgqlEKjWix1bUHs0mfNQ/SRk6Hojt +9z21iGVBtGmBWf29k7Ncuq5guQvnS2Cn5LH67IUJK+j/hHdxdWPCihBRdnrJb5qj +ixC07Z11GFL1qYrt4AykI5b4Ofb9zlghVCyxoqFz65+TmQwSHpq7PR6R2t+zZmrL +RDOo0l0xdtWWMFHd0BLpe5ufmKw1Aw9vLbW24TAUUDEuTP1l9dIge40do39sT0fW +yJcmzyhl2KAZ0cou6PcRy6umMiuCTcHfCsXlngA5ZSB+Va2BrBSx+fOIlpQm4WZE +lmgbGo3b87nnuJtQCwMZU3DIWHVwHw6ku58= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: - 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: - 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: - 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: - 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: - 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: - 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: - 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: - 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: - b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: - 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: - e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: - 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: - e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: - 24:0e:d6:0d + Signature Algorithm: sha256WithRSAEncryption + 1a:93:21:25:ab:3a:1a:d6:18:60:81:26:16:9c:d6:4b:2f:62: + 3e:57:e2:e7:a8:59:77:fc:22:33:8b:0d:bd:14:79:80:cf:95: + 8a:d5:4f:3c:92:a0:eb:65:42:76:81:80:10:aa:03:21:ea:68: + 5d:72:98:ce:e3:01:65:f8:b2:1a:e8:8d:a9:d6:0a:2b:22:cf: + 11:22:fb:d0:7c:9f:d2:bb:04:4a:34:07:b4:4d:71:31:48:5b: + a0:08:83:ec:96:6d:5e:9a:fb:e3:da:63:32:b6:83:87:37:cb: + 67:dc:8e:7f:9d:a7:83:5c:13:bc:af:82:a0:9a:d2:b2:b7:1e: + 38:38:5c:e5:64:75:37:10:4a:82:a0:4d:f6:f8:5e:bf:36:f3: + 68:01:1a:0a:6b:e3:03:50:79:d6:14:da:26:48:d9:b6:8e:23: + 28:8a:a7:6e:c9:b0:54:c3:0b:48:25:7b:bf:e6:9f:be:f3:f0: + b9:1d:c2:30:11:e4:fc:5f:90:96:69:d9:c0:cd:89:89:58:51: + 43:8b:4c:d9:2a:d0:90:04:fc:db:21:32:c0:32:50:e4:4b:88: + 4c:42:9c:d5:2a:ba:30:6e:5e:49:87:a1:c7:03:9e:6c:45:cc: + bb:cf:d2:4a:af:1d:18:1c:9e:cb:66:50:e9:f9:b8:0b:08:bf: + 39:95:bb:62 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -255,11 +255,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH -dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 -EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI -k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY -R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m -VcjCowsmYI95sNGPgx82kaokDtYN +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAakyElqzoa1hhggSYWnNZLL2I+V+LnqFl3/CIziw29FHmAz5WK1U88kqDr +ZUJ2gYAQqgMh6mhdcpjO4wFl+LIa6I2p1gorIs8RIvvQfJ/SuwRKNAe0TXExSFug +CIPslm1emvvj2mMytoOHN8tn3I5/naeDXBO8r4KgmtKytx44OFzlZHU3EEqCoE32 ++F6/NvNoARoKa+MDUHnWFNomSNm2jiMoiqduybBUwwtIJXu/5p++8/C5HcIwEeT8 +X5CWadnAzYmJWFFDi0zZKtCQBPzbITLAMlDkS4hMQpzVKrowbl5Jh6HHA55sRcy7 +z9JKrx0YHJ7LZlDp+bgLCL85lbti -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-entity.pem b/certs/test-pathlen/chainF-entity.pem index 6a7870de6..27bd2dcd7 100644 --- a/certs/test-pathlen/chainF-entity.pem +++ b/certs/test-pathlen/chainF-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: - c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: - 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: - 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: - 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: - af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: - 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: - aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: - a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: - 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: - a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: - f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: - 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: - fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: - 9a:28:91:3b + Signature Algorithm: sha256WithRSAEncryption + 24:20:aa:3a:98:e1:d4:42:a1:0f:7b:58:10:83:72:da:d4:ed: + e2:e6:08:0d:d2:fb:c0:ff:5b:97:72:03:b1:20:fa:b1:88:60: + 29:af:44:64:82:51:44:75:a7:cb:90:0d:af:63:a3:93:6f:a8: + 12:18:16:60:2f:58:37:ec:be:23:64:1b:06:ad:a7:d6:fa:cf: + 34:06:3d:99:21:19:d4:27:24:19:a0:00:8a:28:80:7b:8a:48: + ea:61:63:20:4f:14:f2:60:a0:a3:3a:5a:45:4a:b1:24:1d:46: + 69:84:76:0e:ff:29:5b:4b:74:a2:75:2c:f1:4b:ba:dc:c5:4b: + dd:b3:52:b9:fd:45:8d:fd:71:68:78:71:f8:3e:7c:62:50:a2: + 8d:07:df:45:a7:39:9c:df:df:9d:78:de:a4:9e:ef:e6:0a:7a: + 53:42:0c:9e:7e:4a:bf:9c:70:66:a7:08:ab:bf:b5:f8:b3:3b: + 99:28:2c:73:f4:6f:da:4d:21:59:35:82:58:f4:5e:59:25:1e: + d6:7a:0a:c8:7f:4a:74:33:16:86:b4:bb:65:2e:9b:32:e5:78: + 53:95:33:38:a4:8a:04:36:eb:fa:51:d5:46:94:72:7d:d7:16: + c9:e7:e3:45:94:ab:ec:08:b6:87:e4:3a:34:7c:ca:dd:f9:27: + 65:21:c5:5f -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ -dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb -tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a -cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd -6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 -jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU -Jz+ZNb5M+JookTs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACQgqjqY +4dRCoQ97WBCDctrU7eLmCA3S+8D/W5dyA7Eg+rGIYCmvRGSCUUR1p8uQDa9jo5Nv +qBIYFmAvWDfsviNkGwatp9b6zzQGPZkhGdQnJBmgAIoogHuKSOphYyBPFPJgoKM6 +WkVKsSQdRmmEdg7/KVtLdKJ1LPFLutzFS92zUrn9RY39cWh4cfg+fGJQoo0H30Wn +OZzf35143qSe7+YKelNCDJ5+Sr+ccGanCKu/tfizO5koLHP0b9pNIVk1glj0Xlkl +HtZ6Csh/SnQzFoa0u2UumzLleFOVMzikigQ26/pR1UaUcn3XFsnn40WUq+wItofk +OjR8yt35J2UhxV8= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/certs/test-pathlen/chainG-ICA1-pathlen0.pem index 6cbd907d5..ad1f9456c 100644 --- a/certs/test-pathlen/chainG-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainG-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: - 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: - 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: - d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: - 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: - ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: - 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: - f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: - 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: - 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: - 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: - 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: - c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: - 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: - 13:a4:f1:d3 + Signature Algorithm: sha256WithRSAEncryption + 56:81:8e:f1:e8:5f:b2:9f:ab:8f:2e:ec:79:c7:3d:0d:af:f2: + 18:f7:d2:2e:07:2c:d0:1d:2a:90:c7:c1:fc:ac:aa:0d:86:f0: + 78:6d:33:43:81:02:70:3b:e6:d9:75:db:2e:ca:4a:61:4d:20: + cb:a9:3e:0c:a9:b3:ca:ff:bb:52:cb:06:14:2d:53:b5:68:9f: + a7:02:83:90:3d:f8:b6:a2:46:e4:2b:c5:48:ed:50:7f:ea:27: + cf:7b:9d:88:1f:1c:5d:16:b7:21:0a:42:95:0b:67:6c:29:34: + 64:61:c0:f5:00:6f:36:dc:e9:68:e3:81:bd:07:a6:bc:6c:9d: + f0:61:b0:50:14:d5:89:46:1f:34:b0:90:42:a0:c3:09:64:6e: + a4:46:13:c6:6a:86:98:63:c7:8e:79:d3:a2:d6:73:23:68:a9: + 8d:ac:b0:93:b0:89:f5:ee:08:cc:47:14:95:3b:1f:d3:eb:42: + 3f:68:b8:6b:80:11:8d:85:8c:90:39:29:e8:5d:7d:e5:c1:c2: + 5c:e7:92:8c:ab:79:17:74:60:a5:ee:fe:52:ff:4a:78:62:5c: + 1b:4b:f8:44:41:8c:05:c7:11:e7:5a:c9:a1:a1:d3:6b:82:36: + c3:1f:23:19:ce:68:9d:c3:80:d5:08:8d:68:d2:49:52:95:44: + 3f:1b:50:9d -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 -t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 -lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc -RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 -r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL -yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVoGO8ehfsp+rjy7secc9Da/yGPfSLgcs +0B0qkMfB/KyqDYbweG0zQ4ECcDvm2XXbLspKYU0gy6k+DKmzyv+7UssGFC1TtWif +pwKDkD34tqJG5CvFSO1Qf+onz3udiB8cXRa3IQpClQtnbCk0ZGHA9QBvNtzpaOOB +vQemvGyd8GGwUBTViUYfNLCQQqDDCWRupEYTxmqGmGPHjnnTotZzI2ipjaywk7CJ +9e4IzEcUlTsf0+tCP2i4a4ARjYWMkDkp6F195cHCXOeSjKt5F3Rgpe7+Uv9KeGJc +G0v4REGMBccR51rJoaHTa4I2wx8jGc5oncOA1QiNaNJJUpVEPxtQnQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/certs/test-pathlen/chainG-ICA2-pathlen1.pem index e5306aede..1592a0143 100644 --- a/certs/test-pathlen/chainG-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainG-ICA2-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: - ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: - 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: - da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: - aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: - 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: - 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: - 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: - 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: - 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: - b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: - 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: - 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: - 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: - 65:12:f6:ae + Signature Algorithm: sha256WithRSAEncryption + 3b:e4:43:62:32:48:75:cf:da:f6:fa:38:4f:1b:b2:25:84:5b: + 79:8f:ce:9c:19:10:ef:ab:b4:b5:f0:2b:d1:16:77:f6:cc:f6: + 43:c7:1f:ca:92:f9:d7:69:3c:82:02:02:19:55:a4:a1:d0:1c: + 7c:e8:b8:8f:4c:7b:42:6c:68:0d:0c:b0:05:ad:39:29:7c:45: + 8e:e2:b3:54:e7:98:84:95:21:3d:73:26:33:5e:5b:59:59:f2: + 03:13:28:86:e1:2c:da:a8:37:7e:2e:93:5e:e1:41:9c:6d:03: + 16:0f:8a:b2:4d:67:b6:1b:65:8a:cb:30:b5:ed:ad:e7:9f:81: + 21:a7:6d:39:f7:af:93:82:1c:89:55:ae:0d:e8:88:be:a5:27: + 60:56:7b:f3:5c:1d:57:49:36:c2:9f:cc:50:62:a7:82:54:61: + 36:10:01:2f:cf:85:b2:dd:d7:56:cc:18:7e:85:5d:f1:b7:b7: + b6:c3:04:6b:01:5e:b8:68:28:9a:6b:fc:83:33:b7:28:64:55: + 38:ee:a4:5a:d5:87:ef:89:07:c4:60:9d:8a:25:d5:71:94:5b: + 96:3f:a4:3f:1d:80:3e:ef:97:9e:c4:25:f1:82:01:27:40:27: + cc:61:e6:67:e0:58:33:e9:9f:35:65:89:40:17:6a:a7:6c:d9: + 70:2c:59:a1 -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 -aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ -qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN -Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 -Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ -I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAO+RDYjJIdc/a9vo4TxuyJYRbeY/OnBkQ +76u0tfAr0RZ39sz2Q8cfypL512k8ggICGVWkodAcfOi4j0x7QmxoDQywBa05KXxF +juKzVOeYhJUhPXMmM15bWVnyAxMohuEs2qg3fi6TXuFBnG0DFg+Ksk1nthtlissw +te2t55+BIadtOfevk4IciVWuDeiIvqUnYFZ781wdV0k2wp/MUGKnglRhNhABL8+F +st3XVswYfoVd8be3tsMEawFeuGgommv8gzO3KGRVOO6kWtWH74kHxGCdiiXVcZRb +lj+kPx2APu+XnsQl8YIBJ0AnzGHmZ+BYM+mfNWWJQBdqp2zZcCxZoQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/certs/test-pathlen/chainG-ICA3-pathlen99.pem index f2b79d6e6..9c6429cff 100644 --- a/certs/test-pathlen/chainG-ICA3-pathlen99.pem +++ b/certs/test-pathlen/chainG-ICA3-pathlen99.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:99 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: - ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: - c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: - a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: - 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: - 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: - 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: - 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: - bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: - 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: - 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: - 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: - ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: - a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: - c8:5e:14:b5 + Signature Algorithm: sha256WithRSAEncryption + 77:4b:04:d7:e6:fd:c1:bb:55:0c:2d:23:bf:90:a3:20:af:cd: + 54:11:34:97:fb:06:55:c1:11:ee:c5:bc:fe:5c:34:73:08:f9: + e9:c3:81:b8:0d:fa:6b:44:cd:ed:4a:d0:3b:40:6d:96:e5:cf: + 96:7d:aa:0d:65:fa:d7:6d:f7:3d:c9:9d:e5:e1:5e:be:34:7d: + b8:62:0c:22:e1:88:c8:02:b8:90:89:9f:1c:1d:18:5c:2d:01: + c9:95:f4:19:01:a6:5b:7a:26:6a:38:71:16:87:88:19:3f:60: + 35:99:71:4c:79:90:db:f9:9b:73:0d:74:45:87:b1:4f:e5:63: + a2:21:b4:38:32:d2:78:f0:15:a6:3a:ac:50:2a:a1:b2:41:f9: + 2b:0a:5c:5b:9a:94:17:42:88:44:41:fa:aa:d3:17:49:c1:31: + eb:a2:89:1f:c7:e7:b2:b0:71:98:64:4e:d6:de:b9:c2:5d:de: + 0e:86:68:1d:9c:ea:7c:b0:72:ee:2a:fa:26:26:1a:21:99:60: + 03:a2:01:67:0e:7d:4a:00:d9:23:2e:c2:c8:c8:3d:04:7a:78: + 08:81:f7:e4:0d:dc:e2:db:b6:1f:8a:33:ab:6f:a1:0d:5f:86: + cd:b7:c9:e1:35:a3:c8:81:da:15:3c:de:39:30:b7:d3:ec:4f: + d3:44:fe:dc -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV -6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM -YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ -ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm -grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp -Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHdLBNfm/cG7VQwtI7+QoyCvzVQRNJf7 +BlXBEe7FvP5cNHMI+enDgbgN+mtEze1K0DtAbZblz5Z9qg1l+tdt9z3JneXhXr40 +fbhiDCLhiMgCuJCJnxwdGFwtAcmV9BkBplt6Jmo4cRaHiBk/YDWZcUx5kNv5m3MN +dEWHsU/lY6IhtDgy0njwFaY6rFAqobJB+SsKXFualBdCiERB+qrTF0nBMeuiiR/H +57KwcZhkTtbeucJd3g6GaB2c6nywcu4q+iYmGiGZYAOiAWcOfUoA2SMuwsjIPQR6 +eAiB9+QN3OLbth+KM6tvoQ1fhs23yeE1o8iB2hU83jkwt9PsT9NE/tw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/certs/test-pathlen/chainG-ICA4-pathlen5.pem index 438c971d6..8467d9f36 100644 --- a/certs/test-pathlen/chainG-ICA4-pathlen5.pem +++ b/certs/test-pathlen/chainG-ICA4-pathlen5.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:5 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: - 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: - 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: - df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: - 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: - 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: - 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: - b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: - f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: - fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: - 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: - d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: - a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: - 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: - 13:29:2a:18 + Signature Algorithm: sha256WithRSAEncryption + ab:ff:d4:87:51:61:f9:a5:68:8d:4e:fd:01:0c:e3:75:9a:c5: + 16:f2:c4:1e:d8:bd:d4:ce:9e:b9:bd:72:db:f2:89:2b:7a:46: + b4:6c:16:e5:dc:5a:eb:d0:3f:63:a8:98:82:0e:df:c6:1a:40: + a2:1a:a0:d5:49:10:a6:f4:ae:10:61:0a:2e:91:0d:bc:cf:e9: + bf:9e:98:23:38:30:f2:00:e3:ca:47:df:ad:46:e8:7b:b2:ae: + 1e:af:fd:c7:2e:b7:7d:b7:46:df:cd:bf:06:77:19:29:2b:fc: + 7c:f9:f7:2f:59:ce:90:a6:9e:70:33:58:b6:72:a4:ed:63:9b: + 50:62:6c:38:01:73:63:48:4e:6b:34:3f:c4:d5:de:45:09:a9: + 27:d1:78:36:59:1e:21:ad:a9:a3:1f:14:25:d1:ce:ab:90:3f: + c0:82:7a:54:fe:6b:48:fc:52:e1:f4:69:2d:84:2e:1c:7b:6f: + 42:4a:7b:05:91:70:0d:f3:ae:b3:d6:bc:7a:fa:9c:c8:0a:e8: + f1:a0:fa:ee:f3:fe:1d:34:0e:31:79:d8:80:57:53:23:af:65: + 92:94:ef:16:de:e0:9f:0a:5a:17:ba:e8:81:90:e1:e4:24:97: + b4:73:82:4c:38:4c:45:2f:82:75:55:4b:af:b8:58:b3:b1:d1: + 60:ab:53:5f -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 -8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy -xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq -J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp -0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA -Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKv/1IdRYfmlaI1O/QEM43WaxRbyxB7Y +vdTOnrm9ctvyiSt6RrRsFuXcWuvQP2OomIIO38YaQKIaoNVJEKb0rhBhCi6RDbzP +6b+emCM4MPIA48pH361G6Huyrh6v/ccut323Rt/NvwZ3GSkr/Hz59y9ZzpCmnnAz +WLZypO1jm1BibDgBc2NITms0P8TV3kUJqSfReDZZHiGtqaMfFCXRzquQP8CCelT+ +a0j8UuH0aS2ELhx7b0JKewWRcA3zrrPWvHr6nMgK6PGg+u7z/h00DjF52IBXUyOv +ZZKU7xbe4J8KWhe66IGQ4eQkl7Rzgkw4TEUvgnVVS6+4WLOx0WCrU18= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/certs/test-pathlen/chainG-ICA5-pathlen20.pem index aca0a3128..f9c3486bb 100644 --- a/certs/test-pathlen/chainG-ICA5-pathlen20.pem +++ b/certs/test-pathlen/chainG-ICA5-pathlen20.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:20 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: - 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: - f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: - de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: - 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: - 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: - 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: - 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: - 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: - cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: - 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: - 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: - 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: - 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: - 5c:9c:5d:21 + Signature Algorithm: sha256WithRSAEncryption + a4:e7:16:a9:20:7b:9c:89:49:48:94:e7:58:31:71:34:10:35: + d5:b6:91:5f:5e:2d:63:66:48:ff:45:7f:d4:dc:53:39:6f:7b: + 13:0a:de:37:7c:c1:43:e9:f9:b2:71:b8:93:22:12:7f:50:9b: + b9:0c:e4:3a:47:7a:95:bc:a4:08:41:73:f0:a3:9a:88:98:7e: + d0:7c:bb:76:ab:5c:ad:3c:41:73:78:5b:b1:0d:06:ae:46:d2: + 81:af:9a:53:f7:d2:45:66:99:45:5e:2e:05:48:47:78:49:b4: + 27:c9:76:5f:93:be:d4:f7:3d:a7:16:39:ef:dc:a1:57:7f:78: + ca:d3:33:94:87:cb:dd:aa:88:07:0b:62:fa:eb:f0:c9:5f:d8: + 3f:a3:6d:d5:dc:ea:a0:b9:c6:dc:7f:08:46:9e:ed:41:52:46: + d2:7a:96:20:37:f6:69:ef:85:23:43:fa:a8:27:1c:2b:70:37: + 7d:50:ce:48:4b:f7:ce:2d:6a:08:3d:45:f3:a3:e4:1f:ef:1f: + 0e:72:e2:f2:f1:e7:5f:72:1f:84:53:1b:d6:b4:2b:e4:4a:3d: + 39:db:a7:02:6a:02:5e:de:3a:43:05:32:de:16:e9:5e:cf:12: + b2:0e:60:36:e1:47:12:ab:98:ce:ef:c4:76:d5:30:b6:72:ae: + af:13:14:17 -----BEGIN CERTIFICATE----- -MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -80,10 +80,10 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk -+Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB -lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld -LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 -X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 -g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEApOcWqSB7nIlJSJTnWDFxNBA11baR +X14tY2ZI/0V/1NxTOW97EwreN3zBQ+n5snG4kyISf1CbuQzkOkd6lbykCEFz8KOa +iJh+0Hy7dqtcrTxBc3hbsQ0GrkbSga+aU/fSRWaZRV4uBUhHeEm0J8l2X5O+1Pc9 +pxY579yhV394ytMzlIfL3aqIBwti+uvwyV/YP6Nt1dzqoLnG3H8IRp7tQVJG0nqW +IDf2ae+FI0P6qCccK3A3fVDOSEv3zi1qCD1F86PkH+8fDnLi8vHnX3IfhFMb1rQr +5Eo9OdunAmoCXt46QwUy3hbpXs8Ssg5gNuFHEquYzu/EdtUwtnKurxMUFw== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/certs/test-pathlen/chainG-ICA6-pathlen10.pem index 2833da61f..8de172a62 100644 --- a/certs/test-pathlen/chainG-ICA6-pathlen10.pem +++ b/certs/test-pathlen/chainG-ICA6-pathlen10.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:10 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: - 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: - 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: - 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: - 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: - 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: - e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: - da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: - 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: - 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: - fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: - 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: - 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: - 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: - 66:ec:5d:71 + Signature Algorithm: sha256WithRSAEncryption + 70:24:57:3f:1a:0c:94:f9:64:14:2e:20:81:bf:02:ba:bb:a5: + 21:02:2b:c0:09:0b:9e:8a:e3:c8:b2:39:4d:05:c1:34:62:44: + 62:5c:d5:ae:0f:17:cf:c0:ab:71:f8:5c:d5:74:8d:3d:eb:90: + d5:d6:a5:97:b8:c1:ab:d7:9c:e7:ca:4f:ee:8f:f2:5d:c7:81: + 22:fc:2e:b0:2d:f2:ff:e3:1a:c5:85:31:21:49:3f:38:f9:5b: + 55:e6:f3:f8:5c:63:fc:9a:c8:76:f0:3d:87:d2:fb:06:6d:5e: + f4:f4:e9:8c:3a:99:7b:1c:8f:29:fb:f6:c3:0c:23:9a:2c:1e: + f4:97:4f:b8:48:37:33:b4:aa:15:a6:5a:75:09:e9:c4:d5:44: + c6:e8:4e:a2:f0:70:a8:9f:10:91:56:55:59:f4:4a:b6:36:4a: + fc:b9:3a:60:01:e6:6e:61:58:f3:b0:ac:cd:02:38:97:bd:eb: + d3:6b:9e:b5:a6:58:ee:ce:86:c2:1b:cf:12:b3:1b:78:00:df: + 5f:da:77:5d:9c:8e:a5:ca:f1:77:87:c1:ed:ad:fd:cf:ea:05: + 53:f9:7e:34:e7:95:23:de:36:36:65:59:08:76:11:6f:d9:6e: + 55:17:af:33:1f:9e:0b:fe:fb:53:5c:67:1a:4d:8a:83:7f:5b: + ca:ff:e4:94 -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -80,10 +80,10 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF -FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 -31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO -+/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 -K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP -s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +hvcNAQELBQADggEBAHAkVz8aDJT5ZBQuIIG/Arq7pSECK8AJC56K48iyOU0FwTRi +RGJc1a4PF8/Aq3H4XNV0jT3rkNXWpZe4wavXnOfKT+6P8l3HgSL8LrAt8v/jGsWF +MSFJPzj5W1Xm8/hcY/yayHbwPYfS+wZtXvT06Yw6mXscjyn79sMMI5osHvSXT7hI +NzO0qhWmWnUJ6cTVRMboTqLwcKifEJFWVVn0SrY2Svy5OmAB5m5hWPOwrM0COJe9 +69NrnrWmWO7OhsIbzxKzG3gA31/ad12cjqXK8XeHwe2t/c/qBVP5fjTnlSPeNjZl +WQh2EW/ZblUXrzMfngv++1NcZxpNioN/W8r/5JQ= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/certs/test-pathlen/chainG-ICA7-pathlen100.pem index 203523a28..5382cbae0 100644 --- a/certs/test-pathlen/chainG-ICA7-pathlen100.pem +++ b/certs/test-pathlen/chainG-ICA7-pathlen100.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: - f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: - c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: - 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: - 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: - 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: - 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: - df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: - e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: - 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: - 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: - 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: - f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: - 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: - ca:8c:2f:a8 + Signature Algorithm: sha256WithRSAEncryption + ae:bd:d0:c5:e1:4f:80:0f:85:0d:d2:e0:b5:c3:dc:73:99:94: + 90:19:01:f2:23:66:83:da:92:f2:e8:14:dc:70:e0:20:14:26: + c5:63:88:6a:1b:b3:f3:2f:5c:28:39:1e:6b:a7:40:9b:02:12: + ac:88:06:1e:c6:dd:9d:d4:6a:b8:22:cb:b7:aa:7a:9c:77:9a: + 37:0a:62:54:23:f3:e7:b9:4f:e0:8a:41:bd:74:21:69:be:7c: + 19:50:7d:d1:93:98:7c:4a:06:60:64:72:f0:09:71:6e:86:43: + 2f:89:dc:38:4a:c1:e4:cc:bc:72:6f:c2:b1:c1:9c:38:ff:98: + 87:92:3b:a6:f2:b5:2d:0a:41:38:0d:e7:b5:41:cf:c1:6d:96: + 34:98:9e:97:c8:87:a9:9e:4b:bb:73:bb:34:d6:bd:61:ef:36: + c8:45:f3:c9:31:36:2c:f1:11:68:4b:a0:f8:b6:9d:c4:a6:8a: + dc:e3:fc:60:f7:50:d2:d4:98:d4:e5:f9:76:ca:4a:3c:74:9a: + bb:95:ce:3c:29:ce:be:b5:9e:07:55:e2:c4:a1:1f:b4:0d:eb: + 87:03:1d:79:1b:e2:fc:f3:aa:4b:df:3e:24:72:56:00:b9:b4: + a0:fc:48:80:6a:76:84:1b:79:ea:03:95:32:42:bc:9d:7a:83: + 87:be:51:d2 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -79,11 +79,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW -BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX -H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x -lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F -/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS -JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBAK690MXhT4APhQ3S4LXD3HOZlJAZAfIjZoPakvLoFNxw4CAUJsVjiGob +s/MvXCg5HmunQJsCEqyIBh7G3Z3Uargiy7eqepx3mjcKYlQj8+e5T+CKQb10IWm+ +fBlQfdGTmHxKBmBkcvAJcW6GQy+J3DhKweTMvHJvwrHBnDj/mIeSO6bytS0KQTgN +57VBz8FtljSYnpfIh6meS7tzuzTWvWHvNshF88kxNizxEWhLoPi2ncSmitzj/GD3 +UNLUmNTl+XbKSjx0mruVzjwpzr61ngdV4sShH7QN64cDHXkb4vzzqkvfPiRyVgC5 +tKD8SIBqdoQbeeoDlTJCvJ16g4e+UdI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-assembled.pem b/certs/test-pathlen/chainG-assembled.pem index aa0c41fb4..39ee469f7 100644 --- a/certs/test-pathlen/chainG-assembled.pem +++ b/certs/test-pathlen/chainG-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: - 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: - 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: - 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: - cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: - ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: - 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: - 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: - e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: - 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: - ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: - ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: - 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: - 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: - 49:95:7e:49 + Signature Algorithm: sha256WithRSAEncryption + 06:c8:08:8c:cc:5d:4e:b5:81:35:06:f3:e5:9d:4e:c8:38:3f: + ec:87:8b:55:3c:fc:6e:4c:f8:3c:78:7d:46:03:33:a7:49:55: + 6c:13:37:e9:11:d5:dd:8c:51:70:2c:28:18:6a:01:63:9b:35: + 04:ba:79:49:95:10:ed:31:4b:70:5f:be:a4:67:d4:8d:2f:95: + 45:f7:1f:3d:a0:fc:29:db:55:65:8d:98:ae:79:ad:ce:c7:b9: + 97:54:9d:69:ca:fa:87:01:fb:0d:9b:57:67:b8:44:f6:91:14: + e5:31:b5:c1:d8:96:b7:1d:7a:05:ed:53:d5:04:8a:8b:8e:74: + f1:13:3d:93:d6:16:10:17:d7:de:b1:4e:13:e8:72:ae:83:91: + 1f:46:3e:86:bd:49:79:9c:99:a9:aa:67:ff:cf:7c:34:b1:2c: + d8:bf:e5:3a:22:c2:70:97:47:db:d0:05:77:e9:46:09:f0:c1: + 06:1c:61:df:8b:8f:6d:a6:5b:d5:ae:9a:52:71:ed:5e:9e:38: + e3:8c:9a:52:cf:8a:8f:20:e9:f1:e4:a3:11:bd:b9:ff:a9:1e: + b7:f9:83:26:18:a8:0b:7b:2b:74:f5:c5:3a:58:e1:0b:71:0a: + 3d:ef:15:ee:2c:28:b3:ba:0e:59:3c:a4:46:24:d3:b7:14:b5: + 4a:8f:c1:25 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg -DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx -txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH -BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI -yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER -P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u -ObIaOLEvt0mVfkk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbICIzM +XU61gTUG8+WdTsg4P+yHi1U8/G5M+Dx4fUYDM6dJVWwTN+kR1d2MUXAsKBhqAWOb +NQS6eUmVEO0xS3BfvqRn1I0vlUX3Hz2g/CnbVWWNmK55rc7HuZdUnWnK+ocB+w2b +V2e4RPaRFOUxtcHYlrcdegXtU9UEiouOdPETPZPWFhAX196xThPocq6DkR9GPoa9 +SXmcmamqZ//PfDSxLNi/5ToiwnCXR9vQBXfpRgnwwQYcYd+Lj22mW9WumlJx7V6e +OOOMmlLPio8g6fHkoxG9uf+pHrf5gyYYqAt7K3T1xTpY4QtxCj3vFe4sKLO6Dlk8 +pEYk07cUtUqPwSU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: - 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: - 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: - d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: - 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: - ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: - 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: - f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: - 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: - 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: - 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: - 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: - c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: - 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: - 13:a4:f1:d3 + Signature Algorithm: sha256WithRSAEncryption + 56:81:8e:f1:e8:5f:b2:9f:ab:8f:2e:ec:79:c7:3d:0d:af:f2: + 18:f7:d2:2e:07:2c:d0:1d:2a:90:c7:c1:fc:ac:aa:0d:86:f0: + 78:6d:33:43:81:02:70:3b:e6:d9:75:db:2e:ca:4a:61:4d:20: + cb:a9:3e:0c:a9:b3:ca:ff:bb:52:cb:06:14:2d:53:b5:68:9f: + a7:02:83:90:3d:f8:b6:a2:46:e4:2b:c5:48:ed:50:7f:ea:27: + cf:7b:9d:88:1f:1c:5d:16:b7:21:0a:42:95:0b:67:6c:29:34: + 64:61:c0:f5:00:6f:36:dc:e9:68:e3:81:bd:07:a6:bc:6c:9d: + f0:61:b0:50:14:d5:89:46:1f:34:b0:90:42:a0:c3:09:64:6e: + a4:46:13:c6:6a:86:98:63:c7:8e:79:d3:a2:d6:73:23:68:a9: + 8d:ac:b0:93:b0:89:f5:ee:08:cc:47:14:95:3b:1f:d3:eb:42: + 3f:68:b8:6b:80:11:8d:85:8c:90:39:29:e8:5d:7d:e5:c1:c2: + 5c:e7:92:8c:ab:79:17:74:60:a5:ee:fe:52:ff:4a:78:62:5c: + 1b:4b:f8:44:41:8c:05:c7:11:e7:5a:c9:a1:a1:d3:6b:82:36: + c3:1f:23:19:ce:68:9d:c3:80:d5:08:8d:68:d2:49:52:95:44: + 3f:1b:50:9d -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 -t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 -lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc -RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 -r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL -yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVoGO8ehfsp+rjy7secc9Da/yGPfSLgcs +0B0qkMfB/KyqDYbweG0zQ4ECcDvm2XXbLspKYU0gy6k+DKmzyv+7UssGFC1TtWif +pwKDkD34tqJG5CvFSO1Qf+onz3udiB8cXRa3IQpClQtnbCk0ZGHA9QBvNtzpaOOB +vQemvGyd8GGwUBTViUYfNLCQQqDDCWRupEYTxmqGmGPHjnnTotZzI2ipjaywk7CJ +9e4IzEcUlTsf0+tCP2i4a4ARjYWMkDkp6F195cHCXOeSjKt5F3Rgpe7+Uv9KeGJc +G0v4REGMBccR51rJoaHTa4I2wx8jGc5oncOA1QiNaNJJUpVEPxtQnQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: - ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: - 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: - da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: - aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: - 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: - 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: - 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: - 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: - 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: - b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: - 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: - 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: - 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: - 65:12:f6:ae + Signature Algorithm: sha256WithRSAEncryption + 3b:e4:43:62:32:48:75:cf:da:f6:fa:38:4f:1b:b2:25:84:5b: + 79:8f:ce:9c:19:10:ef:ab:b4:b5:f0:2b:d1:16:77:f6:cc:f6: + 43:c7:1f:ca:92:f9:d7:69:3c:82:02:02:19:55:a4:a1:d0:1c: + 7c:e8:b8:8f:4c:7b:42:6c:68:0d:0c:b0:05:ad:39:29:7c:45: + 8e:e2:b3:54:e7:98:84:95:21:3d:73:26:33:5e:5b:59:59:f2: + 03:13:28:86:e1:2c:da:a8:37:7e:2e:93:5e:e1:41:9c:6d:03: + 16:0f:8a:b2:4d:67:b6:1b:65:8a:cb:30:b5:ed:ad:e7:9f:81: + 21:a7:6d:39:f7:af:93:82:1c:89:55:ae:0d:e8:88:be:a5:27: + 60:56:7b:f3:5c:1d:57:49:36:c2:9f:cc:50:62:a7:82:54:61: + 36:10:01:2f:cf:85:b2:dd:d7:56:cc:18:7e:85:5d:f1:b7:b7: + b6:c3:04:6b:01:5e:b8:68:28:9a:6b:fc:83:33:b7:28:64:55: + 38:ee:a4:5a:d5:87:ef:89:07:c4:60:9d:8a:25:d5:71:94:5b: + 96:3f:a4:3f:1d:80:3e:ef:97:9e:c4:25:f1:82:01:27:40:27: + cc:61:e6:67:e0:58:33:e9:9f:35:65:89:40:17:6a:a7:6c:d9: + 70:2c:59:a1 -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -256,22 +256,22 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 -aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ -qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN -Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 -Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ -I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAO+RDYjJIdc/a9vo4TxuyJYRbeY/OnBkQ +76u0tfAr0RZ39sz2Q8cfypL512k8ggICGVWkodAcfOi4j0x7QmxoDQywBa05KXxF +juKzVOeYhJUhPXMmM15bWVnyAxMohuEs2qg3fi6TXuFBnG0DFg+Ksk1nthtlissw +te2t55+BIadtOfevk4IciVWuDeiIvqUnYFZ781wdV0k2wp/MUGKnglRhNhABL8+F +st3XVswYfoVd8be3tsMEawFeuGgommv8gzO3KGRVOO6kWtWH74kHxGCdiiXVcZRb +lj+kPx2APu+XnsQl8YIBJ0AnzGHmZ+BYM+mfNWWJQBdqp2zZcCxZoQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -308,28 +308,28 @@ Certificate: CA:TRUE, pathlen:99 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: - ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: - c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: - a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: - 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: - 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: - 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: - 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: - bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: - 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: - 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: - 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: - ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: - a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: - c8:5e:14:b5 + Signature Algorithm: sha256WithRSAEncryption + 77:4b:04:d7:e6:fd:c1:bb:55:0c:2d:23:bf:90:a3:20:af:cd: + 54:11:34:97:fb:06:55:c1:11:ee:c5:bc:fe:5c:34:73:08:f9: + e9:c3:81:b8:0d:fa:6b:44:cd:ed:4a:d0:3b:40:6d:96:e5:cf: + 96:7d:aa:0d:65:fa:d7:6d:f7:3d:c9:9d:e5:e1:5e:be:34:7d: + b8:62:0c:22:e1:88:c8:02:b8:90:89:9f:1c:1d:18:5c:2d:01: + c9:95:f4:19:01:a6:5b:7a:26:6a:38:71:16:87:88:19:3f:60: + 35:99:71:4c:79:90:db:f9:9b:73:0d:74:45:87:b1:4f:e5:63: + a2:21:b4:38:32:d2:78:f0:15:a6:3a:ac:50:2a:a1:b2:41:f9: + 2b:0a:5c:5b:9a:94:17:42:88:44:41:fa:aa:d3:17:49:c1:31: + eb:a2:89:1f:c7:e7:b2:b0:71:98:64:4e:d6:de:b9:c2:5d:de: + 0e:86:68:1d:9c:ea:7c:b0:72:ee:2a:fa:26:26:1a:21:99:60: + 03:a2:01:67:0e:7d:4a:00:d9:23:2e:c2:c8:c8:3d:04:7a:78: + 08:81:f7:e4:0d:dc:e2:db:b6:1f:8a:33:ab:6f:a1:0d:5f:86: + cd:b7:c9:e1:35:a3:c8:81:da:15:3c:de:39:30:b7:d3:ec:4f: + d3:44:fe:dc -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -345,22 +345,22 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV -6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM -YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ -ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm -grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp -Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHdLBNfm/cG7VQwtI7+QoyCvzVQRNJf7 +BlXBEe7FvP5cNHMI+enDgbgN+mtEze1K0DtAbZblz5Z9qg1l+tdt9z3JneXhXr40 +fbhiDCLhiMgCuJCJnxwdGFwtAcmV9BkBplt6Jmo4cRaHiBk/YDWZcUx5kNv5m3MN +dEWHsU/lY6IhtDgy0njwFaY6rFAqobJB+SsKXFualBdCiERB+qrTF0nBMeuiiR/H +57KwcZhkTtbeucJd3g6GaB2c6nywcu4q+iYmGiGZYAOiAWcOfUoA2SMuwsjIPQR6 +eAiB9+QN3OLbth+KM6tvoQ1fhs23yeE1o8iB2hU83jkwt9PsT9NE/tw= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -397,28 +397,28 @@ Certificate: CA:TRUE, pathlen:5 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: - 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: - 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: - df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: - 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: - 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: - 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: - b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: - f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: - fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: - 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: - d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: - a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: - 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: - 13:29:2a:18 + Signature Algorithm: sha256WithRSAEncryption + ab:ff:d4:87:51:61:f9:a5:68:8d:4e:fd:01:0c:e3:75:9a:c5: + 16:f2:c4:1e:d8:bd:d4:ce:9e:b9:bd:72:db:f2:89:2b:7a:46: + b4:6c:16:e5:dc:5a:eb:d0:3f:63:a8:98:82:0e:df:c6:1a:40: + a2:1a:a0:d5:49:10:a6:f4:ae:10:61:0a:2e:91:0d:bc:cf:e9: + bf:9e:98:23:38:30:f2:00:e3:ca:47:df:ad:46:e8:7b:b2:ae: + 1e:af:fd:c7:2e:b7:7d:b7:46:df:cd:bf:06:77:19:29:2b:fc: + 7c:f9:f7:2f:59:ce:90:a6:9e:70:33:58:b6:72:a4:ed:63:9b: + 50:62:6c:38:01:73:63:48:4e:6b:34:3f:c4:d5:de:45:09:a9: + 27:d1:78:36:59:1e:21:ad:a9:a3:1f:14:25:d1:ce:ab:90:3f: + c0:82:7a:54:fe:6b:48:fc:52:e1:f4:69:2d:84:2e:1c:7b:6f: + 42:4a:7b:05:91:70:0d:f3:ae:b3:d6:bc:7a:fa:9c:c8:0a:e8: + f1:a0:fa:ee:f3:fe:1d:34:0e:31:79:d8:80:57:53:23:af:65: + 92:94:ef:16:de:e0:9f:0a:5a:17:ba:e8:81:90:e1:e4:24:97: + b4:73:82:4c:38:4c:45:2f:82:75:55:4b:af:b8:58:b3:b1:d1: + 60:ab:53:5f -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -434,22 +434,22 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 -8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy -xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq -J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp -0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA -Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKv/1IdRYfmlaI1O/QEM43WaxRbyxB7Y +vdTOnrm9ctvyiSt6RrRsFuXcWuvQP2OomIIO38YaQKIaoNVJEKb0rhBhCi6RDbzP +6b+emCM4MPIA48pH361G6Huyrh6v/ccut323Rt/NvwZ3GSkr/Hz59y9ZzpCmnnAz +WLZypO1jm1BibDgBc2NITms0P8TV3kUJqSfReDZZHiGtqaMfFCXRzquQP8CCelT+ +a0j8UuH0aS2ELhx7b0JKewWRcA3zrrPWvHr6nMgK6PGg+u7z/h00DjF52IBXUyOv +ZZKU7xbe4J8KWhe66IGQ4eQkl7Rzgkw4TEUvgnVVS6+4WLOx0WCrU18= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -486,28 +486,28 @@ Certificate: CA:TRUE, pathlen:20 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: - 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: - f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: - de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: - 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: - 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: - 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: - 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: - 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: - cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: - 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: - 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: - 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: - 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: - 5c:9c:5d:21 + Signature Algorithm: sha256WithRSAEncryption + a4:e7:16:a9:20:7b:9c:89:49:48:94:e7:58:31:71:34:10:35: + d5:b6:91:5f:5e:2d:63:66:48:ff:45:7f:d4:dc:53:39:6f:7b: + 13:0a:de:37:7c:c1:43:e9:f9:b2:71:b8:93:22:12:7f:50:9b: + b9:0c:e4:3a:47:7a:95:bc:a4:08:41:73:f0:a3:9a:88:98:7e: + d0:7c:bb:76:ab:5c:ad:3c:41:73:78:5b:b1:0d:06:ae:46:d2: + 81:af:9a:53:f7:d2:45:66:99:45:5e:2e:05:48:47:78:49:b4: + 27:c9:76:5f:93:be:d4:f7:3d:a7:16:39:ef:dc:a1:57:7f:78: + ca:d3:33:94:87:cb:dd:aa:88:07:0b:62:fa:eb:f0:c9:5f:d8: + 3f:a3:6d:d5:dc:ea:a0:b9:c6:dc:7f:08:46:9e:ed:41:52:46: + d2:7a:96:20:37:f6:69:ef:85:23:43:fa:a8:27:1c:2b:70:37: + 7d:50:ce:48:4b:f7:ce:2d:6a:08:3d:45:f3:a3:e4:1f:ef:1f: + 0e:72:e2:f2:f1:e7:5f:72:1f:84:53:1b:d6:b4:2b:e4:4a:3d: + 39:db:a7:02:6a:02:5e:de:3a:43:05:32:de:16:e9:5e:cf:12: + b2:0e:60:36:e1:47:12:ab:98:ce:ef:c4:76:d5:30:b6:72:ae: + af:13:14:17 -----BEGIN CERTIFICATE----- -MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -523,22 +523,22 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk -+Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB -lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld -LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 -X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 -g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEApOcWqSB7nIlJSJTnWDFxNBA11baR +X14tY2ZI/0V/1NxTOW97EwreN3zBQ+n5snG4kyISf1CbuQzkOkd6lbykCEFz8KOa +iJh+0Hy7dqtcrTxBc3hbsQ0GrkbSga+aU/fSRWaZRV4uBUhHeEm0J8l2X5O+1Pc9 +pxY579yhV394ytMzlIfL3aqIBwti+uvwyV/YP6Nt1dzqoLnG3H8IRp7tQVJG0nqW +IDf2ae+FI0P6qCccK3A3fVDOSEv3zi1qCD1F86PkH+8fDnLi8vHnX3IfhFMb1rQr +5Eo9OdunAmoCXt46QwUy3hbpXs8Ssg5gNuFHEquYzu/EdtUwtnKurxMUFw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -575,28 +575,28 @@ Certificate: CA:TRUE, pathlen:10 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: - 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: - 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: - 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: - 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: - 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: - e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: - da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: - 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: - 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: - fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: - 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: - 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: - 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: - 66:ec:5d:71 + Signature Algorithm: sha256WithRSAEncryption + 70:24:57:3f:1a:0c:94:f9:64:14:2e:20:81:bf:02:ba:bb:a5: + 21:02:2b:c0:09:0b:9e:8a:e3:c8:b2:39:4d:05:c1:34:62:44: + 62:5c:d5:ae:0f:17:cf:c0:ab:71:f8:5c:d5:74:8d:3d:eb:90: + d5:d6:a5:97:b8:c1:ab:d7:9c:e7:ca:4f:ee:8f:f2:5d:c7:81: + 22:fc:2e:b0:2d:f2:ff:e3:1a:c5:85:31:21:49:3f:38:f9:5b: + 55:e6:f3:f8:5c:63:fc:9a:c8:76:f0:3d:87:d2:fb:06:6d:5e: + f4:f4:e9:8c:3a:99:7b:1c:8f:29:fb:f6:c3:0c:23:9a:2c:1e: + f4:97:4f:b8:48:37:33:b4:aa:15:a6:5a:75:09:e9:c4:d5:44: + c6:e8:4e:a2:f0:70:a8:9f:10:91:56:55:59:f4:4a:b6:36:4a: + fc:b9:3a:60:01:e6:6e:61:58:f3:b0:ac:cd:02:38:97:bd:eb: + d3:6b:9e:b5:a6:58:ee:ce:86:c2:1b:cf:12:b3:1b:78:00:df: + 5f:da:77:5d:9c:8e:a5:ca:f1:77:87:c1:ed:ad:fd:cf:ea:05: + 53:f9:7e:34:e7:95:23:de:36:36:65:59:08:76:11:6f:d9:6e: + 55:17:af:33:1f:9e:0b:fe:fb:53:5c:67:1a:4d:8a:83:7f:5b: + ca:ff:e4:94 -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -612,22 +612,22 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF -FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 -31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO -+/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 -K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP -s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +hvcNAQELBQADggEBAHAkVz8aDJT5ZBQuIIG/Arq7pSECK8AJC56K48iyOU0FwTRi +RGJc1a4PF8/Aq3H4XNV0jT3rkNXWpZe4wavXnOfKT+6P8l3HgSL8LrAt8v/jGsWF +MSFJPzj5W1Xm8/hcY/yayHbwPYfS+wZtXvT06Yw6mXscjyn79sMMI5osHvSXT7hI +NzO0qhWmWnUJ6cTVRMboTqLwcKifEJFWVVn0SrY2Svy5OmAB5m5hWPOwrM0COJe9 +69NrnrWmWO7OhsIbzxKzG3gA31/ad12cjqXK8XeHwe2t/c/qBVP5fjTnlSPeNjZl +WQh2EW/ZblUXrzMfngv++1NcZxpNioN/W8r/5JQ= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -664,28 +664,28 @@ Certificate: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: - f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: - c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: - 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: - 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: - 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: - 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: - df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: - e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: - 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: - 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: - 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: - f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: - 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: - ca:8c:2f:a8 + Signature Algorithm: sha256WithRSAEncryption + ae:bd:d0:c5:e1:4f:80:0f:85:0d:d2:e0:b5:c3:dc:73:99:94: + 90:19:01:f2:23:66:83:da:92:f2:e8:14:dc:70:e0:20:14:26: + c5:63:88:6a:1b:b3:f3:2f:5c:28:39:1e:6b:a7:40:9b:02:12: + ac:88:06:1e:c6:dd:9d:d4:6a:b8:22:cb:b7:aa:7a:9c:77:9a: + 37:0a:62:54:23:f3:e7:b9:4f:e0:8a:41:bd:74:21:69:be:7c: + 19:50:7d:d1:93:98:7c:4a:06:60:64:72:f0:09:71:6e:86:43: + 2f:89:dc:38:4a:c1:e4:cc:bc:72:6f:c2:b1:c1:9c:38:ff:98: + 87:92:3b:a6:f2:b5:2d:0a:41:38:0d:e7:b5:41:cf:c1:6d:96: + 34:98:9e:97:c8:87:a9:9e:4b:bb:73:bb:34:d6:bd:61:ef:36: + c8:45:f3:c9:31:36:2c:f1:11:68:4b:a0:f8:b6:9d:c4:a6:8a: + dc:e3:fc:60:f7:50:d2:d4:98:d4:e5:f9:76:ca:4a:3c:74:9a: + bb:95:ce:3c:29:ce:be:b5:9e:07:55:e2:c4:a1:1f:b4:0d:eb: + 87:03:1d:79:1b:e2:fc:f3:aa:4b:df:3e:24:72:56:00:b9:b4: + a0:fc:48:80:6a:76:84:1b:79:ea:03:95:32:42:bc:9d:7a:83: + 87:be:51:d2 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -700,11 +700,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW -BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX -H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x -lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F -/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS -JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBAK690MXhT4APhQ3S4LXD3HOZlJAZAfIjZoPakvLoFNxw4CAUJsVjiGob +s/MvXCg5HmunQJsCEqyIBh7G3Z3Uargiy7eqepx3mjcKYlQj8+e5T+CKQb10IWm+ +fBlQfdGTmHxKBmBkcvAJcW6GQy+J3DhKweTMvHJvwrHBnDj/mIeSO6bytS0KQTgN +57VBz8FtljSYnpfIh6meS7tzuzTWvWHvNshF88kxNizxEWhLoPi2ncSmitzj/GD3 +UNLUmNTl+XbKSjx0mruVzjwpzr61ngdV4sShH7QN64cDHXkb4vzzqkvfPiRyVgC5 +tKD8SIBqdoQbeeoDlTJCvJ16g4e+UdI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-entity.pem b/certs/test-pathlen/chainG-entity.pem index fc8a96ca2..d563eef64 100644 --- a/certs/test-pathlen/chainG-entity.pem +++ b/certs/test-pathlen/chainG-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: - 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: - 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: - 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: - cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: - ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: - 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: - 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: - e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: - 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: - ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: - ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: - 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: - 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: - 49:95:7e:49 + Signature Algorithm: sha256WithRSAEncryption + 06:c8:08:8c:cc:5d:4e:b5:81:35:06:f3:e5:9d:4e:c8:38:3f: + ec:87:8b:55:3c:fc:6e:4c:f8:3c:78:7d:46:03:33:a7:49:55: + 6c:13:37:e9:11:d5:dd:8c:51:70:2c:28:18:6a:01:63:9b:35: + 04:ba:79:49:95:10:ed:31:4b:70:5f:be:a4:67:d4:8d:2f:95: + 45:f7:1f:3d:a0:fc:29:db:55:65:8d:98:ae:79:ad:ce:c7:b9: + 97:54:9d:69:ca:fa:87:01:fb:0d:9b:57:67:b8:44:f6:91:14: + e5:31:b5:c1:d8:96:b7:1d:7a:05:ed:53:d5:04:8a:8b:8e:74: + f1:13:3d:93:d6:16:10:17:d7:de:b1:4e:13:e8:72:ae:83:91: + 1f:46:3e:86:bd:49:79:9c:99:a9:aa:67:ff:cf:7c:34:b1:2c: + d8:bf:e5:3a:22:c2:70:97:47:db:d0:05:77:e9:46:09:f0:c1: + 06:1c:61:df:8b:8f:6d:a6:5b:d5:ae:9a:52:71:ed:5e:9e:38: + e3:8c:9a:52:cf:8a:8f:20:e9:f1:e4:a3:11:bd:b9:ff:a9:1e: + b7:f9:83:26:18:a8:0b:7b:2b:74:f5:c5:3a:58:e1:0b:71:0a: + 3d:ef:15:ee:2c:28:b3:ba:0e:59:3c:a4:46:24:d3:b7:14:b5: + 4a:8f:c1:25 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg -DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx -txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH -BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI -yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER -P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u -ObIaOLEvt0mVfkk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbICIzM +XU61gTUG8+WdTsg4P+yHi1U8/G5M+Dx4fUYDM6dJVWwTN+kR1d2MUXAsKBhqAWOb +NQS6eUmVEO0xS3BfvqRn1I0vlUX3Hz2g/CnbVWWNmK55rc7HuZdUnWnK+ocB+w2b +V2e4RPaRFOUxtcHYlrcdegXtU9UEiouOdPETPZPWFhAX196xThPocq6DkR9GPoa9 +SXmcmamqZ//PfDSxLNi/5ToiwnCXR9vQBXfpRgnwwQYcYd+Lj22mW9WumlJx7V6e +OOOMmlLPio8g6fHkoxG9uf+pHrf5gyYYqAt7K3T1xTpY4QtxCj3vFe4sKLO6Dlk8 +pEYk07cUtUqPwSU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/certs/test-pathlen/chainH-ICA1-pathlen0.pem index 767778cf9..974ddd46a 100644 --- a/certs/test-pathlen/chainH-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainH-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: - d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: - 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: - 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: - 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: - ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: - ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: - d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: - 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: - c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: - d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: - 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: - e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: - 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: - cf:03:8c:6f + Signature Algorithm: sha256WithRSAEncryption + 5f:77:d6:d2:55:4e:25:be:4b:f4:9f:9d:a8:ff:92:ac:4d:19: + 1f:0b:50:5b:51:01:7f:b8:a2:56:0d:cd:0c:c8:66:7a:08:bf: + 1e:07:6a:a5:6d:ad:68:c4:bb:da:99:d7:f3:62:bb:b5:28:de: + 47:dc:e2:b0:e1:27:cd:14:4b:7d:1c:7d:1a:60:eb:37:6f:fc: + ff:4e:1f:9f:ce:52:da:b4:a7:f4:6c:92:b5:65:b5:8f:53:1b: + d8:bd:7d:f6:a8:7e:23:9f:7d:b6:09:18:f2:a3:17:55:aa:fe: + 57:87:3d:a9:18:52:76:6e:fe:7c:ed:2a:85:45:63:d3:4d:7b: + f2:5e:ff:0f:a7:ae:24:ef:5f:71:66:25:29:31:9e:4a:12:a0: + 56:5b:39:2c:79:64:d0:1a:fb:97:99:df:42:9c:23:b4:f1:1d: + be:fc:da:41:16:b1:a0:fc:3a:b8:6e:a7:cf:3c:21:ea:22:7c: + f6:d2:a1:25:96:1e:b9:2f:eb:bf:61:c2:ee:58:c6:a1:7e:d0: + 73:e3:fd:58:62:ca:44:95:2b:b1:a8:d0:f8:1a:0d:40:9a:fb: + b1:27:4b:fc:57:4c:32:b5:09:5e:6e:ac:1d:dc:bc:77:f5:1b: + 27:88:40:df:70:da:f7:28:32:ef:8f:2e:53:41:78:69:e9:3e: + 7b:64:da:e4 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG -2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX -HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj -J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ -xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m -fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBfd9bSVU4lvkv0n52o/5KsTRkfC1BbUQF/ +uKJWDc0MyGZ6CL8eB2qlba1oxLvamdfzYru1KN5H3OKw4SfNFEt9HH0aYOs3b/z/ +Th+fzlLatKf0bJK1ZbWPUxvYvX32qH4jn322CRjyoxdVqv5Xhz2pGFJ2bv587SqF +RWPTTXvyXv8Pp64k719xZiUpMZ5KEqBWWzkseWTQGvuXmd9CnCO08R2+/NpBFrGg +/Dq4bqfPPCHqInz20qEllh65L+u/YcLuWMahftBz4/1YYspElSuxqND4Gg1Amvux +J0v8V0wytQlebqwd3Lx39RsniEDfcNr3KDLvjy5TQXhp6T57ZNrk -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/certs/test-pathlen/chainH-ICA2-pathlen2.pem index 38a3d79af..31230193c 100644 --- a/certs/test-pathlen/chainH-ICA2-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA2-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: - cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: - 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: - 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: - cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: - d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: - c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: - f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: - 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: - 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: - 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: - e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: - 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: - 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: - ec:b2:af:6c + Signature Algorithm: sha256WithRSAEncryption + 16:6f:a3:cd:f6:de:87:1c:86:f8:b4:b8:e6:e0:dc:11:2f:f3: + bb:f1:57:34:ec:1a:59:8a:81:63:40:01:df:53:24:a7:50:b0: + 6d:3d:29:2a:41:e7:08:71:0f:37:4b:10:b5:95:ae:a0:81:ba: + ba:b5:3e:72:48:be:6b:9e:be:34:3b:0d:15:f8:8f:9d:24:68: + 01:0c:d4:4a:0d:86:d5:b3:71:b6:d6:8e:71:44:16:7e:e3:db: + ba:7d:0e:5f:b3:2f:e2:60:f9:ff:bc:91:a6:ae:3c:ba:30:e4: + f5:55:bf:1e:72:0b:cc:5e:b4:7e:1f:09:aa:b4:52:bd:8c:2c: + 37:d0:0d:82:b4:ec:ff:c1:cf:91:a2:43:24:b8:b4:c0:ac:f2: + 29:eb:84:1d:49:ef:a4:8f:65:b3:06:01:2f:23:cf:a6:27:42: + cd:99:17:b9:69:40:1d:df:99:f6:f8:c4:61:cc:4a:a1:f0:38: + ce:4e:c4:27:f6:8f:d2:ae:74:5f:39:93:66:77:55:b2:25:8d: + 7e:7f:7d:b4:2b:f1:ee:83:9e:7b:f5:31:3f:d7:27:53:e6:21: + bd:69:a5:ca:0e:d8:6e:54:67:56:bf:f3:ec:e8:e1:aa:a4:76: + fa:0d:42:d4:7d:26:bd:f5:e5:25:ee:81:c4:ed:59:eb:0a:54: + d3:c9:18:30 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l -HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN -bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np -uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch -gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY -MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAWb6PN9t6HHIb4tLjm4NwRL/O78Vc07BpZ +ioFjQAHfUySnULBtPSkqQecIcQ83SxC1la6ggbq6tT5ySL5rnr40Ow0V+I+dJGgB +DNRKDYbVs3G21o5xRBZ+49u6fQ5fsy/iYPn/vJGmrjy6MOT1Vb8ecgvMXrR+Hwmq +tFK9jCw30A2CtOz/wc+RokMkuLTArPIp64QdSe+kj2WzBgEvI8+mJ0LNmRe5aUAd +35n2+MRhzEqh8DjOTsQn9o/SrnRfOZNmd1WyJY1+f320K/Hug5579TE/1ydT5iG9 +aaXKDthuVGdWv/Ps6OGqpHb6DULUfSa99eUl7oHE7VnrClTTyRgw -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/certs/test-pathlen/chainH-ICA3-pathlen2.pem index 563e9156a..7f4dd677b 100644 --- a/certs/test-pathlen/chainH-ICA3-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA3-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: - 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: - eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: - 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: - 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: - 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: - 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: - 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: - 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: - fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: - df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: - e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: - 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: - 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: - 7e:4b:ec:a0 + Signature Algorithm: sha256WithRSAEncryption + 2a:35:ca:d5:dd:97:31:4d:29:21:90:67:ba:68:ef:2a:56:b0: + 08:0a:c5:a2:cc:30:11:71:59:1b:59:2b:ca:c4:cc:22:52:d7: + f3:a7:d2:14:c5:fc:e4:c5:6f:9d:45:ce:7f:d0:dd:ec:5f:6b: + c3:d1:78:7a:29:bb:73:98:b6:15:9b:41:37:7a:50:b3:04:1d: + 72:90:9b:e9:f2:4b:68:f3:60:e9:bb:34:6e:2a:6c:6c:50:a6: + 38:ac:61:bc:ca:25:23:f5:f5:70:3a:8a:33:94:cf:97:1c:5c: + a3:76:b0:7b:88:35:8a:6e:18:44:01:e6:80:23:e9:14:ea:66: + 56:34:9a:0b:ca:1a:37:c8:e7:00:03:39:7d:73:e5:13:cb:be: + 9e:df:c6:87:c3:24:a7:7f:39:1d:cc:ca:1f:e7:14:38:fe:3d: + 06:7a:2f:95:f3:9a:79:49:e9:9c:f3:72:e5:b4:b5:fb:87:13: + 83:4f:9f:76:2f:41:8f:a4:55:1d:e4:74:2f:0a:0f:cd:ee:a8: + 50:06:1e:a7:9e:25:9f:f3:9d:b2:c1:44:de:c5:44:3e:42:64: + e1:75:16:33:56:a7:93:68:bb:fa:96:46:33:de:58:c1:81:42: + ca:1c:28:4f:09:71:db:60:e1:88:ac:d6:0d:37:3a:63:8d:50: + b7:35:2d:e5 -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts -wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX -CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg -GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z -UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 -CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +AQELBQADggEBACo1ytXdlzFNKSGQZ7po7ypWsAgKxaLMMBFxWRtZK8rEzCJS1/On +0hTF/OTFb51Fzn/Q3exfa8PReHopu3OYthWbQTd6ULMEHXKQm+nyS2jzYOm7NG4q +bGxQpjisYbzKJSP19XA6ijOUz5ccXKN2sHuINYpuGEQB5oAj6RTqZlY0mgvKGjfI +5wADOX1z5RPLvp7fxofDJKd/OR3Myh/nFDj+PQZ6L5XzmnlJ6ZzzcuW0tfuHE4NP +n3YvQY+kVR3kdC8KD83uqFAGHqeeJZ/znbLBRN7FRD5CZOF1FjNWp5Nou/qWRjPe +WMGBQsocKE8Jcdtg4Yis1g03OmONULc1LeU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/certs/test-pathlen/chainH-ICA4-pathlen2.pem index 91aa44ad3..df74193db 100644 --- a/certs/test-pathlen/chainH-ICA4-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA4-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: - 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: - fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: - be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: - 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: - 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: - 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: - 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: - 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: - c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: - 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: - 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: - b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: - e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: - 0f:90:4c:f8 + Signature Algorithm: sha256WithRSAEncryption + 61:c0:d8:c4:02:cd:b4:54:d3:44:e9:06:78:0b:a2:16:b5:4a: + b6:b5:09:f1:d1:fc:9f:be:e5:12:0b:6c:61:8d:66:3f:ce:8f: + 95:98:24:ea:d2:99:3a:4f:89:e3:2d:a9:f7:69:cb:05:9e:90: + af:5a:f1:93:ac:ee:fe:78:f8:e3:22:fa:69:7f:e4:71:1d:c9: + 1e:ac:61:81:8d:93:33:bc:b2:e4:67:75:97:9d:af:0a:db:ab: + 24:3f:8d:1d:16:c6:05:c6:89:a7:5f:cf:2d:73:39:de:8f:40: + 94:4b:7a:a4:ea:35:1e:70:ce:3a:f5:75:76:e5:ab:e4:8a:9a: + a4:a1:ec:49:59:3d:b7:23:fa:3c:af:dd:09:d7:aa:47:60:11: + 07:07:f4:8b:a1:40:b2:d9:bb:0f:88:b8:d1:a5:e2:88:22:76: + 8b:45:d6:96:2c:45:11:98:04:85:22:99:1f:49:a7:30:b0:b0: + 74:c3:ea:1a:a6:53:ed:c9:48:40:1a:d8:02:a8:fb:35:3a:f7: + 69:42:b2:75:dd:98:41:30:a9:e3:b1:ec:c6:66:f1:61:16:5b: + f6:e3:bc:31:8e:46:66:fa:39:34:66:cc:95:1d:69:15:12:41: + 16:ce:e6:a6:d4:4c:eb:f4:99:b4:6d:66:99:76:ae:5a:e8:24: + 92:a7:ef:45 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt -Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP -sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM -MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl -zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni -nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBhwNjEAs20VNNE6QZ4C6IWtUq2tQnx0fyfvuUSC2xhjWY/zo+VmCTq0pk6 +T4njLan3acsFnpCvWvGTrO7+ePjjIvppf+RxHckerGGBjZMzvLLkZ3WXna8K26sk +P40dFsYFxomnX88tcznej0CUS3qk6jUecM469XV25avkipqkoexJWT23I/o8r90J +16pHYBEHB/SLoUCy2bsPiLjRpeKIInaLRdaWLEURmASFIpkfSacwsLB0w+oaplPt +yUhAGtgCqPs1OvdpQrJ13ZhBMKnjsezGZvFhFlv247wxjkZm+jk0ZsyVHWkVEkEW +zuam1Ezr9Jm0bWaZdq5a6CSSp+9F -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-assembled.pem b/certs/test-pathlen/chainH-assembled.pem index 402c392b8..bbf203142 100644 --- a/certs/test-pathlen/chainH-assembled.pem +++ b/certs/test-pathlen/chainH-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: - d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: - 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: - fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: - 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: - 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: - d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: - 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: - e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: - 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: - d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: - cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: - c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: - 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: - 86:2f:da:d9 + Signature Algorithm: sha256WithRSAEncryption + bc:fc:a7:c3:c9:a4:57:9e:37:9d:f7:71:eb:5b:7c:a2:1a:0d: + 24:97:12:92:18:fd:0f:5e:5b:f9:27:c9:98:2c:9a:06:bd:77: + 85:63:3c:a4:ed:90:92:3a:79:41:82:c3:54:66:f6:c6:a0:d3: + ba:a3:19:93:d9:5f:54:90:fc:2b:37:d1:96:88:ba:be:e1:71: + 8c:a2:24:d7:ce:d8:7c:5e:87:9f:4f:f2:52:51:1c:82:5b:2c: + 8b:b4:5d:7e:d6:03:95:a0:e9:29:68:5e:76:18:2b:93:6f:a1: + 58:a6:f6:35:8b:37:b9:6b:82:5d:3a:8c:bc:a6:bd:18:ca:2f: + ea:0c:4d:36:7a:58:80:52:9c:b3:fa:a4:2b:0e:97:e6:0f:fc: + 41:62:6d:45:19:15:6d:3e:16:e5:bc:81:ce:c0:34:d3:b5:d4: + 0c:54:a5:62:a6:55:57:ad:e8:6f:94:58:cb:31:ff:0f:1c:13: + 63:82:91:1f:a3:68:f5:9f:9c:d9:dd:54:e0:d0:36:ea:ad:2a: + 9d:4e:66:be:c7:2f:1a:16:70:be:b4:1b:c5:2d:b2:1b:0c:87: + 64:10:4d:db:8b:79:5b:2e:10:a4:95:25:7b:be:b2:21:26:47: + e9:d2:74:c8:34:b1:e3:7b:73:8c:93:7a:82:ce:50:d4:46:34: + ab:11:71:c0 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg -6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN -svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb -i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS -si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC -8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva -Cy5boaUAb4Yv2tk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBALz8p8PJ +pFeeN533cetbfKIaDSSXEpIY/Q9eW/knyZgsmga9d4VjPKTtkJI6eUGCw1Rm9sag +07qjGZPZX1SQ/Cs30ZaIur7hcYyiJNfO2Hxeh59P8lJRHIJbLIu0XX7WA5Wg6Slo +XnYYK5NvoVim9jWLN7lrgl06jLymvRjKL+oMTTZ6WIBSnLP6pCsOl+YP/EFibUUZ +FW0+FuW8gc7ANNO11AxUpWKmVVet6G+UWMsx/w8cE2OCkR+jaPWfnNndVODQNuqt +Kp1OZr7HLxoWcL60G8UtshsMh2QQTduLeVsuEKSVJXu+siEmR+nSdMg0seN7c4yT +eoLOUNRGNKsRccA= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: - d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: - 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: - 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: - 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: - ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: - ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: - d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: - 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: - c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: - d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: - 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: - e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: - 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: - cf:03:8c:6f + Signature Algorithm: sha256WithRSAEncryption + 5f:77:d6:d2:55:4e:25:be:4b:f4:9f:9d:a8:ff:92:ac:4d:19: + 1f:0b:50:5b:51:01:7f:b8:a2:56:0d:cd:0c:c8:66:7a:08:bf: + 1e:07:6a:a5:6d:ad:68:c4:bb:da:99:d7:f3:62:bb:b5:28:de: + 47:dc:e2:b0:e1:27:cd:14:4b:7d:1c:7d:1a:60:eb:37:6f:fc: + ff:4e:1f:9f:ce:52:da:b4:a7:f4:6c:92:b5:65:b5:8f:53:1b: + d8:bd:7d:f6:a8:7e:23:9f:7d:b6:09:18:f2:a3:17:55:aa:fe: + 57:87:3d:a9:18:52:76:6e:fe:7c:ed:2a:85:45:63:d3:4d:7b: + f2:5e:ff:0f:a7:ae:24:ef:5f:71:66:25:29:31:9e:4a:12:a0: + 56:5b:39:2c:79:64:d0:1a:fb:97:99:df:42:9c:23:b4:f1:1d: + be:fc:da:41:16:b1:a0:fc:3a:b8:6e:a7:cf:3c:21:ea:22:7c: + f6:d2:a1:25:96:1e:b9:2f:eb:bf:61:c2:ee:58:c6:a1:7e:d0: + 73:e3:fd:58:62:ca:44:95:2b:b1:a8:d0:f8:1a:0d:40:9a:fb: + b1:27:4b:fc:57:4c:32:b5:09:5e:6e:ac:1d:dc:bc:77:f5:1b: + 27:88:40:df:70:da:f7:28:32:ef:8f:2e:53:41:78:69:e9:3e: + 7b:64:da:e4 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG -2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX -HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj -J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ -xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m -fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBfd9bSVU4lvkv0n52o/5KsTRkfC1BbUQF/ +uKJWDc0MyGZ6CL8eB2qlba1oxLvamdfzYru1KN5H3OKw4SfNFEt9HH0aYOs3b/z/ +Th+fzlLatKf0bJK1ZbWPUxvYvX32qH4jn322CRjyoxdVqv5Xhz2pGFJ2bv587SqF +RWPTTXvyXv8Pp64k719xZiUpMZ5KEqBWWzkseWTQGvuXmd9CnCO08R2+/NpBFrGg +/Dq4bqfPPCHqInz20qEllh65L+u/YcLuWMahftBz4/1YYspElSuxqND4Gg1Amvux +J0v8V0wytQlebqwd3Lx39RsniEDfcNr3KDLvjy5TQXhp6T57ZNrk -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: - cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: - 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: - 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: - cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: - d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: - c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: - f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: - 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: - 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: - 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: - e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: - 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: - 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: - ec:b2:af:6c + Signature Algorithm: sha256WithRSAEncryption + 16:6f:a3:cd:f6:de:87:1c:86:f8:b4:b8:e6:e0:dc:11:2f:f3: + bb:f1:57:34:ec:1a:59:8a:81:63:40:01:df:53:24:a7:50:b0: + 6d:3d:29:2a:41:e7:08:71:0f:37:4b:10:b5:95:ae:a0:81:ba: + ba:b5:3e:72:48:be:6b:9e:be:34:3b:0d:15:f8:8f:9d:24:68: + 01:0c:d4:4a:0d:86:d5:b3:71:b6:d6:8e:71:44:16:7e:e3:db: + ba:7d:0e:5f:b3:2f:e2:60:f9:ff:bc:91:a6:ae:3c:ba:30:e4: + f5:55:bf:1e:72:0b:cc:5e:b4:7e:1f:09:aa:b4:52:bd:8c:2c: + 37:d0:0d:82:b4:ec:ff:c1:cf:91:a2:43:24:b8:b4:c0:ac:f2: + 29:eb:84:1d:49:ef:a4:8f:65:b3:06:01:2f:23:cf:a6:27:42: + cd:99:17:b9:69:40:1d:df:99:f6:f8:c4:61:cc:4a:a1:f0:38: + ce:4e:c4:27:f6:8f:d2:ae:74:5f:39:93:66:77:55:b2:25:8d: + 7e:7f:7d:b4:2b:f1:ee:83:9e:7b:f5:31:3f:d7:27:53:e6:21: + bd:69:a5:ca:0e:d8:6e:54:67:56:bf:f3:ec:e8:e1:aa:a4:76: + fa:0d:42:d4:7d:26:bd:f5:e5:25:ee:81:c4:ed:59:eb:0a:54: + d3:c9:18:30 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -256,22 +256,22 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l -HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN -bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np -uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch -gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY -MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAWb6PN9t6HHIb4tLjm4NwRL/O78Vc07BpZ +ioFjQAHfUySnULBtPSkqQecIcQ83SxC1la6ggbq6tT5ySL5rnr40Ow0V+I+dJGgB +DNRKDYbVs3G21o5xRBZ+49u6fQ5fsy/iYPn/vJGmrjy6MOT1Vb8ecgvMXrR+Hwmq +tFK9jCw30A2CtOz/wc+RokMkuLTArPIp64QdSe+kj2WzBgEvI8+mJ0LNmRe5aUAd +35n2+MRhzEqh8DjOTsQn9o/SrnRfOZNmd1WyJY1+f320K/Hug5579TE/1ydT5iG9 +aaXKDthuVGdWv/Ps6OGqpHb6DULUfSa99eUl7oHE7VnrClTTyRgw -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -308,28 +308,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: - 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: - eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: - 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: - 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: - 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: - 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: - 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: - 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: - fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: - df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: - e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: - 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: - 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: - 7e:4b:ec:a0 + Signature Algorithm: sha256WithRSAEncryption + 2a:35:ca:d5:dd:97:31:4d:29:21:90:67:ba:68:ef:2a:56:b0: + 08:0a:c5:a2:cc:30:11:71:59:1b:59:2b:ca:c4:cc:22:52:d7: + f3:a7:d2:14:c5:fc:e4:c5:6f:9d:45:ce:7f:d0:dd:ec:5f:6b: + c3:d1:78:7a:29:bb:73:98:b6:15:9b:41:37:7a:50:b3:04:1d: + 72:90:9b:e9:f2:4b:68:f3:60:e9:bb:34:6e:2a:6c:6c:50:a6: + 38:ac:61:bc:ca:25:23:f5:f5:70:3a:8a:33:94:cf:97:1c:5c: + a3:76:b0:7b:88:35:8a:6e:18:44:01:e6:80:23:e9:14:ea:66: + 56:34:9a:0b:ca:1a:37:c8:e7:00:03:39:7d:73:e5:13:cb:be: + 9e:df:c6:87:c3:24:a7:7f:39:1d:cc:ca:1f:e7:14:38:fe:3d: + 06:7a:2f:95:f3:9a:79:49:e9:9c:f3:72:e5:b4:b5:fb:87:13: + 83:4f:9f:76:2f:41:8f:a4:55:1d:e4:74:2f:0a:0f:cd:ee:a8: + 50:06:1e:a7:9e:25:9f:f3:9d:b2:c1:44:de:c5:44:3e:42:64: + e1:75:16:33:56:a7:93:68:bb:fa:96:46:33:de:58:c1:81:42: + ca:1c:28:4f:09:71:db:60:e1:88:ac:d6:0d:37:3a:63:8d:50: + b7:35:2d:e5 -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -345,22 +345,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts -wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX -CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg -GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z -UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 -CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +AQELBQADggEBACo1ytXdlzFNKSGQZ7po7ypWsAgKxaLMMBFxWRtZK8rEzCJS1/On +0hTF/OTFb51Fzn/Q3exfa8PReHopu3OYthWbQTd6ULMEHXKQm+nyS2jzYOm7NG4q +bGxQpjisYbzKJSP19XA6ijOUz5ccXKN2sHuINYpuGEQB5oAj6RTqZlY0mgvKGjfI +5wADOX1z5RPLvp7fxofDJKd/OR3Myh/nFDj+PQZ6L5XzmnlJ6ZzzcuW0tfuHE4NP +n3YvQY+kVR3kdC8KD83uqFAGHqeeJZ/znbLBRN7FRD5CZOF1FjNWp5Nou/qWRjPe +WMGBQsocKE8Jcdtg4Yis1g03OmONULc1LeU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -397,28 +397,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: - 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: - fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: - be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: - 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: - 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: - 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: - 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: - 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: - c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: - 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: - 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: - b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: - e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: - 0f:90:4c:f8 + Signature Algorithm: sha256WithRSAEncryption + 61:c0:d8:c4:02:cd:b4:54:d3:44:e9:06:78:0b:a2:16:b5:4a: + b6:b5:09:f1:d1:fc:9f:be:e5:12:0b:6c:61:8d:66:3f:ce:8f: + 95:98:24:ea:d2:99:3a:4f:89:e3:2d:a9:f7:69:cb:05:9e:90: + af:5a:f1:93:ac:ee:fe:78:f8:e3:22:fa:69:7f:e4:71:1d:c9: + 1e:ac:61:81:8d:93:33:bc:b2:e4:67:75:97:9d:af:0a:db:ab: + 24:3f:8d:1d:16:c6:05:c6:89:a7:5f:cf:2d:73:39:de:8f:40: + 94:4b:7a:a4:ea:35:1e:70:ce:3a:f5:75:76:e5:ab:e4:8a:9a: + a4:a1:ec:49:59:3d:b7:23:fa:3c:af:dd:09:d7:aa:47:60:11: + 07:07:f4:8b:a1:40:b2:d9:bb:0f:88:b8:d1:a5:e2:88:22:76: + 8b:45:d6:96:2c:45:11:98:04:85:22:99:1f:49:a7:30:b0:b0: + 74:c3:ea:1a:a6:53:ed:c9:48:40:1a:d8:02:a8:fb:35:3a:f7: + 69:42:b2:75:dd:98:41:30:a9:e3:b1:ec:c6:66:f1:61:16:5b: + f6:e3:bc:31:8e:46:66:fa:39:34:66:cc:95:1d:69:15:12:41: + 16:ce:e6:a6:d4:4c:eb:f4:99:b4:6d:66:99:76:ae:5a:e8:24: + 92:a7:ef:45 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -433,11 +433,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt -Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP -sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM -MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl -zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni -nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBhwNjEAs20VNNE6QZ4C6IWtUq2tQnx0fyfvuUSC2xhjWY/zo+VmCTq0pk6 +T4njLan3acsFnpCvWvGTrO7+ePjjIvppf+RxHckerGGBjZMzvLLkZ3WXna8K26sk +P40dFsYFxomnX88tcznej0CUS3qk6jUecM469XV25avkipqkoexJWT23I/o8r90J +16pHYBEHB/SLoUCy2bsPiLjRpeKIInaLRdaWLEURmASFIpkfSacwsLB0w+oaplPt +yUhAGtgCqPs1OvdpQrJ13ZhBMKnjsezGZvFhFlv247wxjkZm+jk0ZsyVHWkVEkEW +zuam1Ezr9Jm0bWaZdq5a6CSSp+9F -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-entity.pem b/certs/test-pathlen/chainH-entity.pem index 54339c4ab..b125341e5 100644 --- a/certs/test-pathlen/chainH-entity.pem +++ b/certs/test-pathlen/chainH-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: - d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: - 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: - fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: - 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: - 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: - d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: - 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: - e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: - 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: - d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: - cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: - c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: - 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: - 86:2f:da:d9 + Signature Algorithm: sha256WithRSAEncryption + bc:fc:a7:c3:c9:a4:57:9e:37:9d:f7:71:eb:5b:7c:a2:1a:0d: + 24:97:12:92:18:fd:0f:5e:5b:f9:27:c9:98:2c:9a:06:bd:77: + 85:63:3c:a4:ed:90:92:3a:79:41:82:c3:54:66:f6:c6:a0:d3: + ba:a3:19:93:d9:5f:54:90:fc:2b:37:d1:96:88:ba:be:e1:71: + 8c:a2:24:d7:ce:d8:7c:5e:87:9f:4f:f2:52:51:1c:82:5b:2c: + 8b:b4:5d:7e:d6:03:95:a0:e9:29:68:5e:76:18:2b:93:6f:a1: + 58:a6:f6:35:8b:37:b9:6b:82:5d:3a:8c:bc:a6:bd:18:ca:2f: + ea:0c:4d:36:7a:58:80:52:9c:b3:fa:a4:2b:0e:97:e6:0f:fc: + 41:62:6d:45:19:15:6d:3e:16:e5:bc:81:ce:c0:34:d3:b5:d4: + 0c:54:a5:62:a6:55:57:ad:e8:6f:94:58:cb:31:ff:0f:1c:13: + 63:82:91:1f:a3:68:f5:9f:9c:d9:dd:54:e0:d0:36:ea:ad:2a: + 9d:4e:66:be:c7:2f:1a:16:70:be:b4:1b:c5:2d:b2:1b:0c:87: + 64:10:4d:db:8b:79:5b:2e:10:a4:95:25:7b:be:b2:21:26:47: + e9:d2:74:c8:34:b1:e3:7b:73:8c:93:7a:82:ce:50:d4:46:34: + ab:11:71:c0 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg -6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN -svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb -i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS -si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC -8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva -Cy5boaUAb4Yv2tk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBALz8p8PJ +pFeeN533cetbfKIaDSSXEpIY/Q9eW/knyZgsmga9d4VjPKTtkJI6eUGCw1Rm9sag +07qjGZPZX1SQ/Cs30ZaIur7hcYyiJNfO2Hxeh59P8lJRHIJbLIu0XX7WA5Wg6Slo +XnYYK5NvoVim9jWLN7lrgl06jLymvRjKL+oMTTZ6WIBSnLP6pCsOl+YP/EFibUUZ +FW0+FuW8gc7ANNO11AxUpWKmVVet6G+UWMsx/w8cE2OCkR+jaPWfnNndVODQNuqt +Kp1OZr7HLxoWcL60G8UtshsMh2QQTduLeVsuEKSVJXu+siEmR+nSdMg0seN7c4yT +eoLOUNRGNKsRccA= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA1-key.pem b/certs/test-pathlen/chainI-ICA1-key.pem new file mode 100644 index 000000000..6b05b9f49 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEAu7oGrRPP2vvRy2X+JlhJagEUpniyLB26utC9JzhmfKAbKAg8 +av34h75Jou048kywi5P/0sU/zQPFFHnodmN6qqdUHg4nvRu+6D8rVUDwWSPYP+gF +Ggtx8P0k2fkLmSXar5Y07uGRy/yPoEGPnOFPV1+21lVpb8NkwxGpaUCF3/OaWbXu +kMAi7nIoLtPaZSc7ukLAnnO6ovJFE3rFHTClt9t1XW/MCHeAZ40YKsoCjY7TnCr6 +t48bfe9id6T6tthaPmacPhNFqM9h+/9BRRQh4mOsgU1liePVcSABGXbspBam7zy8 +8qJWKwcxZw3ll4jo28tNmMuZ5uC9YkgrsQQSBwIDAQABAoIBAQCiKVvC/q46l/Tu +IricHv+r1iskcnZWrYe0AMSksI+3cAaFWjf2pFSfzbyGRS1AAQcwSzRduY4XZv5D +ZdttCRnZeJmtLMUfEmyi6o5gIqx8E/6llaNykBho+ANxVzSxooV5z+MBx1DOSOk4 +oemQtwB2lXO3Sii+JqdP6l3RUa9Td/khmGLGCo0/8Htlw5a+lWYRzkGK4DbTxFxM +V6Nk58ZjWv/rM4rsRlStfvhNlKKP74tTromI37/Znx3QH1FugZ5u3fd1LDCLsxLU +d684plIKNZE6QiG7zQ+viyviFEvJ6PPo3Tc/x8bAQ/SS23e9obRzqqU4nRbXfSrU +rnHNrWlBAoGBAPlzL3Od/5/3GKvx7EJGU1v46kIxJwog8zGHvTSloz5b18+UVHBo +3YuyfDlq7OL61H+2+wE05o9uo/FrZi7VS2XK/Qofv39hAVxlz/BiigEcggSzLXs9 +k9QFqXBvJ/TylmVU25GPisF2mP2tKKbL6P98J6jGKo2cEF24tM1gLq6fAoGBAMCn +7xBKSsed/J/TM+fFM2TeZMKvo3fbLJFFy1k95DYgsoIIncyaJrZy9KmomSp6SAhh +lqeqKCeqOTF9asLrUotbbQPcJQucyLqKnX3Zq2E338JALDJxSjg97DG3KxKLS7PI +3Fk3uK35PkPUctOjC/Ep0DVwosAxePrZcuzilyuZAoGBAJ5rdaZSoGZiEgwZHzdT +3FrbsUKKXsXC+U/qadIGo67VuzA8fofJQXIXz2bTrk/UhqH5fl1c0FQlKv8GeyWh +Fjo2eQ817HMkEy4wBqgenJBqH3SGqorLJ5gOZHZgUZrxeWwvQSanZ7LH9A+fKeMM +OxQOME2yVJIMnCQ5SrHntJ33AoGBAKWQbImCXwt3gT/U4JmAxm8cFFmfWYtKRt29 +rkjOQI4nwWCwiPPpUfWfixU2eBKiLb9OJouGVqXnyuj2EEbctv5eHqyfhxKYtYRi +VYBvDLIqs1gbkB/1bkQxKwd6k0CHhxJFPuBJW6PfO5xNOjUYvM2PEoiqeKNUoNRr +BTIAdMuZAoGBAMlyqDi5jbcZ53PE9PrwSepUOaOVIKlCAUwQlol+aAtlGGQksYM0 +HPoYXZsx+XzHBtXed5E+OvOY6zxfgtkal03RrleUQo7rJArL3cxOunPODzjemEJq +qysAp0Dnk+PenIabUfv9McAFQ9Sr8WG4K6xZTgedeTU194ZQw2BJeq8E +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA1-no_pathlen.pem b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem new file mode 100644 index 000000000..0013267db --- /dev/null +++ b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: + 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: + 66:7c:a0:1b:28:08:3c:6a:fd:f8:87:be:49:a2:ed: + 38:f2:4c:b0:8b:93:ff:d2:c5:3f:cd:03:c5:14:79: + e8:76:63:7a:aa:a7:54:1e:0e:27:bd:1b:be:e8:3f: + 2b:55:40:f0:59:23:d8:3f:e8:05:1a:0b:71:f0:fd: + 24:d9:f9:0b:99:25:da:af:96:34:ee:e1:91:cb:fc: + 8f:a0:41:8f:9c:e1:4f:57:5f:b6:d6:55:69:6f:c3: + 64:c3:11:a9:69:40:85:df:f3:9a:59:b5:ee:90:c0: + 22:ee:72:28:2e:d3:da:65:27:3b:ba:42:c0:9e:73: + ba:a2:f2:45:13:7a:c5:1d:30:a5:b7:db:75:5d:6f: + cc:08:77:80:67:8d:18:2a:ca:02:8d:8e:d3:9c:2a: + fa:b7:8f:1b:7d:ef:62:77:a4:fa:b6:d8:5a:3e:66: + 9c:3e:13:45:a8:cf:61:fb:ff:41:45:14:21:e2:63: + ac:81:4d:65:89:e3:d5:71:20:01:19:76:ec:a4:16: + a6:ef:3c:bc:f2:a2:56:2b:07:31:67:0d:e5:97:88: + e8:db:cb:4d:98:cb:99:e6:e0:bd:62:48:2b:b1:04: + 12:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + X509v3 Authority Key Identifier: + keyid:D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + b3:b8:b9:c2:44:3a:36:0a:cf:fd:da:80:8c:81:54:c1:cd:a6: + 52:a8:60:b1:f8:fd:62:01:fc:d9:85:89:15:9a:df:45:f0:68: + 3e:bb:fe:f3:94:dc:1c:69:3c:7c:47:df:04:0c:7b:2f:4f:3f: + 56:58:9a:fa:1a:4c:16:21:cf:f2:21:a5:f9:d9:49:1b:69:b4: + 4d:df:d0:c2:d7:2c:fa:0f:23:d6:45:61:12:cd:2a:5a:06:db: + 22:6f:99:7a:a0:fc:17:ba:05:bc:02:79:db:f8:cd:ec:a0:98: + 7c:7f:6b:d6:ca:5c:cd:07:89:b6:0d:3e:0b:d3:d7:7f:7c:6b: + 73:7b:b9:28:69:d2:5f:27:1c:13:60:a0:50:23:16:00:d1:cb: + 7a:1d:62:7c:a1:c2:63:1d:c9:0b:0f:d7:5c:91:af:7a:5b:93: + 7e:e5:12:36:f0:3b:fa:59:7b:a8:88:f7:bf:11:19:4b:6a:81: + 61:77:54:61:a3:73:b6:54:64:92:49:22:c9:6a:19:73:33:6d: + 01:4c:5a:9c:0a:fa:ce:a1:34:50:b1:54:de:0b:7b:ce:fe:e0: + 00:fa:8e:7f:48:36:58:ed:98:42:ce:8d:a4:a0:67:c9:88:1c: + 7f:58:df:fb:62:0f:ee:4b:7d:5a:c7:52:2f:9f:2d:13:13:0b: + 72:bd:a0:2e +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ugat +E8/a+9HLZf4mWElqARSmeLIsHbq60L0nOGZ8oBsoCDxq/fiHvkmi7TjyTLCLk//S +xT/NA8UUeeh2Y3qqp1QeDie9G77oPytVQPBZI9g/6AUaC3Hw/STZ+QuZJdqvljTu +4ZHL/I+gQY+c4U9XX7bWVWlvw2TDEalpQIXf85pZte6QwCLucigu09plJzu6QsCe +c7qi8kUTesUdMKW323Vdb8wId4BnjRgqygKNjtOcKvq3jxt972J3pPq22Fo+Zpw+ +E0Woz2H7/0FFFCHiY6yBTWWJ49VxIAEZduykFqbvPLzyolYrBzFnDeWXiOjby02Y +y5nm4L1iSCuxBBIHAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUnlS2leqJB6bJ5ILo +0DRkXQjNVqAwgc4GA1UdIwSBxjCBw4AU0br7/x0pQYpqX7Lzp0EFRwkfSEKhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAs7i5wkQ6NgrP/dqAjIFUwc2mUqhgsfj9 +YgH82YWJFZrfRfBoPrv+85TcHGk8fEffBAx7L08/Vlia+hpMFiHP8iGl+dlJG2m0 +Td/Qwtcs+g8j1kVhEs0qWgbbIm+ZeqD8F7oFvAJ52/jN7KCYfH9r1spczQeJtg0+ +C9PXf3xrc3u5KGnSXyccE2CgUCMWANHLeh1ifKHCYx3JCw/XXJGveluTfuUSNvA7 ++ll7qIj3vxEZS2qBYXdUYaNztlRkkkkiyWoZczNtAUxanAr6zqE0ULFU3gt7zv7g +APqOf0g2WO2YQs6NpKBnyYgcf1jf+2IP7kt9WsdSL58tExMLcr2gLg== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA2-key.pem b/certs/test-pathlen/chainI-ICA2-key.pem new file mode 100644 index 000000000..1e7788141 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEoQIBAAKCAQEA3h4IZhL+IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1z +KxbpBelMG4KtR50zMFO1m9It6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIH +ItV7Zxg4xPzqjQmAoLBEM/3BqoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dC +UqCssjg4jROW2db6j8SJFAacHwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqa +YLwU7c9NQvxcKOpC0a7McX5SXYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdb +VDgJLPBdhgw0t5IzXD4ZsU2gYpu0aDY2OOwpswIDAQABAoH/VQcqL+kVXy1U/T6z +tKWqcOcsvdUKLKupl9lop+5IDVGndXIQpG4gxiKI//8GVmPXNKjW3M+Yw8ikSZ7h +j2jUJ2MKRHWNGBgRysmTiCtde4iAKo0cLjmLA+xBzycCovsAQoM3mK+Lc73+NIjq +y+fHcPoXup+OkPeH9fktQ/w5kyonK0Qz7nyb6P9FjFG/f3+WbTaA1FgchELqX00g +bA6nMHEnhm9MoKKsVZbZKG9gIUCtejrd+YaOBHHWVG47QQI+iFCDrSk2dn8CJq8j +8w1VD2QkBSWeW1K5QTbQyOwShYKfmpPthy2LAAfC5TNSpeEBRf2uwzi9Vzqa89cX +UPMBAoGBAPQWwv283d72JaGOEQ+AL32Q5KEydtrzMLzBSHRrb2NhEvq4tev6/Ihl +jklZ+KuPkxtV/dI0bz/x7JikbQvT3a76zqwv2LbpYJdz8CLqh52dOAhfdkYOCapP +2FnlHcwWt35kXC11Srb1jnJ40VNxDq3DNYNgGQohrEjVCMNfrb7BAoGBAOj0y3Wz +TnPhrDzBYmh6+D5/ZVBCnPhkWMV4yYimidAWE0TB7DvEKqQ7gbHmpiOzaWefoRs6 +8qHu02l0EHW6TJUJqSWBMFiEkwnZStEKAw2LCqjLW/xFH/7Yw6Hkpb7Fp9kumh3r +tkdNZSdT3ETvyFjKrUX7QFYXOLQ+bAdWhrlzAoGAPnZwscQaNwtgd+ZGIWRZQtXI +XCPw3HjtWPBRXVF88L6Pv89y5o+U/kaW0diPVT/pkk5AJQG8Em4TcMBrE2LFURjn +uJKJ78zrJfbKVfUUfVYVV7cuKiE/gfDq2Z5TML4DePmvyQZB924BZPPcBXFiIz9Y +O2VlIv2Y/A5gLrcWXEECgYBTReZRDaaWr+4EzdAirwp8NMf/l8BK3nwJIvNPwNB0 +rN94baXHe4kOqiLjeCKdkm20WBCcDkdbcWbrREz5+H2VrR1kxbiFe+af16fx75VF +yxUlX4RjOkaEr/HGtlg1SKyGay02UuMWu+jT1RthHSHN861a3cSSwbxIWiP9v4Vr +VwKBgQDkjIEnH1yzKsAIdxa4Nb3OG3vBIplB3d/PaRzCXNfcrwIj58KcEDKGOSlj +LKcH42K2wJrpyRH+n87NH5Nt73fRLEQ7IBkb4gA918BPMp6Q5OU99CBld5WO3/F0 +LWDySahHuH4ymEeM45Y+1lZQjc4cQb9/Sbzi1fZsvTQRen3yWw== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA2-no_pathlen.pem b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem new file mode 100644 index 000000000..4e39c84b6 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: + 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: + 97:77:1e:94:51:3d:73:2b:16:e9:05:e9:4c:1b:82: + ad:47:9d:33:30:53:b5:9b:d2:2d:e9:7b:d6:63:f3: + 61:20:1b:23:6e:47:09:8b:c0:d5:09:85:a6:e2:e4: + 3a:4d:b3:f9:dd:c6:7c:9a:42:07:22:d5:7b:67:18: + 38:c4:fc:ea:8d:09:80:a0:b0:44:33:fd:c1:aa:8b: + 9c:98:e3:95:c3:74:71:3b:71:b8:b3:80:bf:30:63: + 85:09:27:8b:12:b5:86:b0:0b:99:ff:97:42:52:a0: + ac:b2:38:38:8d:13:96:d9:d6:fa:8f:c4:89:14:06: + 9c:1f:0a:a3:3a:a2:f7:1f:83:d8:ae:41:44:9e:21: + b2:5b:b7:a2:19:e9:46:58:de:e5:a2:ab:07:7a:9a: + 9a:60:bc:14:ed:cf:4d:42:fc:5c:28:ea:42:d1:ae: + cc:71:7e:52:5d:84:88:de:b6:7d:72:6e:ab:73:4b: + 0d:ab:92:9f:11:b4:51:da:14:54:9a:0e:ec:ac:42: + fc:71:87:5b:54:38:09:2c:f0:5d:86:0c:34:b7:92: + 33:5c:3e:19:b1:4d:a0:62:9b:b4:68:36:36:38:ec: + 29:b3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + X509v3 Authority Key Identifier: + keyid:EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 8f:9b:f7:bd:1a:90:58:f0:ab:0f:1d:45:b2:29:10:66:2d:cc: + 96:d6:3c:f4:3c:a8:49:e2:cf:db:17:16:8c:e8:76:de:79:c9: + 42:10:a7:ad:b7:c3:c2:82:93:6b:19:3e:56:af:be:c8:d7:dd: + ee:87:1d:5f:1d:ad:6a:02:8d:14:22:9f:54:58:d7:d8:16:79: + 64:4d:eb:55:88:74:74:f6:59:2c:40:9f:d0:f4:a8:36:ea:c9: + 4f:9c:2b:3a:72:5f:20:2d:25:b3:b2:fb:c1:03:11:ab:57:57: + d0:55:13:b9:f5:10:09:9e:56:a2:0d:95:3c:16:3e:59:f3:71: + 60:50:06:53:45:ff:0f:e2:f8:61:5b:d2:fc:0a:65:59:dc:ee: + 6f:c6:26:c4:7d:27:69:4d:76:55:2f:07:01:3f:30:ea:17:3d: + bb:8a:f0:df:ae:c8:47:70:0e:b4:28:c9:e9:7b:8c:8a:22:a0: + ea:32:9b:f8:1e:35:a4:f0:a5:09:81:dc:9a:a4:d1:63:34:9e: + 3c:32:2f:f3:b1:f0:43:3b:f1:31:9b:8b:99:bf:c2:b4:eb:78: + 39:a3:e7:d8:2c:e6:6c:f2:8b:2f:21:83:c3:28:1b:77:f3:75: + 9b:79:f7:f0:73:a0:a2:47:af:93:32:0b:d2:88:04:14:3a:cd: + 48:7f:58:32 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h4IZhL+ +IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1zKxbpBelMG4KtR50zMFO1m9It +6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIHItV7Zxg4xPzqjQmAoLBEM/3B +qoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dCUqCssjg4jROW2db6j8SJFAac +HwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqaYLwU7c9NQvxcKOpC0a7McX5S +XYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdbVDgJLPBdhgw0t5IzXD4ZsU2g +Ypu0aDY2OOwpswIDAQABo4IBATCB/jAdBgNVHQ4EFgQU0br7/x0pQYpqX7Lzp0EF +RwkfSEIwgcEGA1UdIwSBuTCBtoAU7jem8kDQ7/0ix6O0bFdHQLmZ+Y2hgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCPm/e9GpBY8KsPHUWyKRBmLcyW1jz0PKhJ4s/bFxaM6HbeeclCEKet +t8PCgpNrGT5Wr77I193uhx1fHa1qAo0UIp9UWNfYFnlkTetViHR09lksQJ/Q9Kg2 +6slPnCs6cl8gLSWzsvvBAxGrV1fQVRO59RAJnlaiDZU8Fj5Z83FgUAZTRf8P4vhh +W9L8CmVZ3O5vxibEfSdpTXZVLwcBPzDqFz27ivDfrshHcA60KMnpe4yKIqDqMpv4 +HjWk8KUJgdyapNFjNJ48Mi/zsfBDO/Exm4uZv8K063g5o+fYLOZs8osvIYPDKBt3 +83Wbeffwc6CiR6+TMgvSiAQUOs1If1gy +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA3-key.pem b/certs/test-pathlen/chainI-ICA3-key.pem new file mode 100644 index 000000000..47df99a7f --- /dev/null +++ b/certs/test-pathlen/chainI-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO03F/Ikp3yB8BeBNPldBn8 +z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sHdTmJcCqcAOAubHx0Jxg0 +/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk5kkGYqQjCGBol4mpssCU +jk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbtRsZw+zShKByCscKrpsHw +Ext9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6Ei6dDcmw70DRpAJeUuj7 +1JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQABAoIBAFDLI9VC/UFYgX0c +b18rWGP97fDpOsINIKNtsuHDdXkYluK9IyzBmMa0h9hq3rkDaGytPsEse8M6pKfV +aFFWxgiUEXiiubqoaadQiOu5Z6MdUrRy4YrH24iBIpXgh3JCdJ/ynFBPpWV2cafd +4vt4Oxq6R3XBRZfbH3nUE6lw327Wqox7I/t4rYdAVTnyCcSo3MX35K37/xnplLos +ehyeDMJok+C/y2+jeICs/A89FcTAA6JrNqznE5ZWNBORSKOMJQcscNHWBGZ5vmpH +jW8WPpMPhtA4q26fz/XI2BwrHRKwsEKsVyULd3bfAEBLQbktuwMMylWsnrw/wzRN +aD+dbwECgYEA8ZJb0syBWlJD1/+p+1wgtteJ9RSZyXFHLRDglAYUKjVoZqhczSP2 +M/wkkTk71gI54lQBejNAKU+eH+IAsXCQDx3ePxlAlu3JSMaXd8KzgZwBd2rr3iNJ +grAUoYj9sr237oi2Lyc+vKMS+IUrbkYZKbAtn/D6bp5GkxWscmWt7UcCgYEAwzak +4J7ZsFWeuomlRfR/FNMidGUBc+J/7wo3NXwTH3PPZisrPv38smD7bc1zi/c7MS7+ +ptJpHApnjqqXf85vBHmH2hkyuIAJ+UYuNs29iAcvu1E9XmE4wz/GdrzxvhdCW/PW +qFPQAsNCYB/NQi0YQSwABkEIDPTq1F11aXV1TdECgYBcHD9w8FN+OhHuYWjSFD3R +Gfxbe8Br5AqMr3vCVVMJCRZG1nmUKtss1T6oNReQsYaauwdZLgOP/PDBHW7AObhk +WzIsAxfytLZkTnzgyFej2vVgMF/BctkLwNINCewaZGamyHAXKLKuQMvyAO0ffhEI +KUosSzliRm2IleIMOKMJ7wKBgQCJWML8fwcud68sE3hDFdjrr/lH52D0ReI5LvjV +Gqzhrju36JuOwGiwoGeGQ80OJy5wVl44xUXKws9Fo2TgOUAG5/LbUmtLQFrEFcqi +KHM3Z8b/hhMlekXTqeVa2WlEk1zPEWpwGDf8GaFzvCxQaSXthKWnwM2HQDKQpAjd +4BReYQKBgQCmJllIBUfS61JNstfV++kK3aEP7heGeUdYmFu255DK6UlsDmDx1TJ3 +NacApBE5y/xUEg7hZB3gBpn2PFZO6uVEJX+vrIoOzsOXMQSgWbeCOTe3BLZn+mF3 +tpfeW+xALGvvEajlv1/xUd2o/9DmgEIIIQWKPOKVjb6H5B1WnHa19Q== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA3-pathlen2.pem b/certs/test-pathlen/chainI-ICA3-pathlen2.pem new file mode 100644 index 000000000..44e10332d --- /dev/null +++ b/certs/test-pathlen/chainI-ICA3-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: + be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: + 5e:04:d3:e5:74:19:fc:cf:85:7f:f7:91:8c:d5:58: + 7c:02:4c:88:f1:4d:43:e3:07:bd:2a:4e:df:51:87: + 29:74:c5:24:67:1d:f1:6f:8b:07:75:39:89:70:2a: + 9c:00:e0:2e:6c:7c:74:27:18:34:fd:29:98:43:83: + d6:e1:51:b3:13:41:1c:bc:29:dc:8b:2f:93:08:95: + 8b:90:22:4b:e4:98:f5:d6:70:2a:9b:8b:64:e6:49: + 06:62:a4:23:08:60:68:97:89:a9:b2:c0:94:8e:4f: + 39:1c:25:3b:0f:e4:c5:1d:7d:89:89:5e:c6:02:69: + 68:fc:13:55:b5:80:6b:77:f7:59:57:0b:1c:7e:c6: + ed:46:c6:70:fb:34:a1:28:1c:82:b1:c2:ab:a6:c1: + f0:13:1b:7d:0b:bc:1a:39:23:3c:e7:1d:ee:c8:ee: + 2f:69:5f:a1:31:3f:1a:2f:98:5d:53:d7:42:93:db: + 49:ac:d6:7a:12:2e:9d:0d:c9:b0:ef:40:d1:a4:02: + 5e:52:e8:fb:d4:92:07:98:b1:76:d9:16:0f:e4:8b: + de:dc:88:65:e0:fd:52:1d:8b:e2:e3:ed:08:37:d0: + 11:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5a:8e:b7:fa:c9:b8:f9:a7:1e:fd:16:5b:75:4d:5e:b6:f2:6e: + c0:48:f3:7f:3e:61:59:25:64:8e:6a:e5:19:fb:03:20:93:de: + 0c:d9:88:68:e6:c3:9c:ad:b8:b1:08:a4:74:ef:e7:5c:1e:ea: + 3b:9f:0a:64:40:74:ff:d8:9d:14:38:d8:c7:68:f4:8c:b2:76: + cb:77:40:c4:55:23:b6:42:4c:82:16:47:a4:97:31:12:f0:ac: + e8:b9:aa:72:d8:e7:e5:5f:6c:92:0e:07:d7:9f:df:4b:53:85: + e5:d3:8b:74:ad:b3:58:09:d0:cf:2f:66:a3:28:8c:86:3a:5a: + c8:39:f5:03:35:42:72:8b:b8:fc:28:51:37:b0:31:f6:29:c4: + ab:f3:4f:ff:42:de:48:6d:bd:94:cd:3c:5a:bf:f3:a5:d2:13: + 2c:7b:81:d8:0d:2f:f0:49:bf:c2:07:25:a5:2a:ae:3c:9f:4a: + 3e:74:03:70:36:a9:67:68:1a:e8:72:18:2d:79:7e:65:2c:95: + 3a:5c:9d:46:50:d0:9a:fd:c1:7a:6d:cd:d6:6c:83:f2:cb:aa: + 19:c2:03:7c:2e:95:30:40:88:25:47:3c:d2:7a:ad:ac:a1:12: + 25:42:17:d0:17:00:53:4b:32:ae:70:a4:08:7b:9b:fc:bc:93: + 08:e6:b1:7a +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO0 +3F/Ikp3yB8BeBNPldBn8z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sH +dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk +5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt +RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 +Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBajrf6ybj5px79Flt1TV628m7ASPN/PmFZJWSOauUZ+wMgk94M2Yho5sOc +rbixCKR07+dcHuo7nwpkQHT/2J0UONjHaPSMsnbLd0DEVSO2QkyCFkeklzES8Kzo +uapy2OflX2ySDgfXn99LU4Xl04t0rbNYCdDPL2ajKIyGOlrIOfUDNUJyi7j8KFE3 +sDH2KcSr80//Qt5Ibb2UzTxav/Ol0hMse4HYDS/wSb/CByWlKq48n0o+dANwNqln +aBrochgteX5lLJU6XJ1GUNCa/cF6bc3WbIPyy6oZwgN8LpUwQIglRzzSeq2soRIl +QhfQFwBTSzKucKQIe5v8vJMI5rF6 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-assembled.pem b/certs/test-pathlen/chainI-assembled.pem new file mode 100644 index 000000000..baf1cdcf0 --- /dev/null +++ b/certs/test-pathlen/chainI-assembled.pem @@ -0,0 +1,354 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: + e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: + cf:c8:f1:8a:f6:55:1e:59:fa:97:fe:e7:9b:07:2a: + b6:80:2a:92:d9:39:95:9e:0c:1f:d7:ad:1f:74:4d: + 8e:61:6f:64:24:4c:d4:95:03:8f:d3:f2:3d:6e:d8: + d8:d5:aa:64:7d:82:ee:74:07:16:68:fa:95:17:9b: + 35:8f:c3:6c:47:88:3e:40:de:93:36:ed:62:f4:cc: + 67:45:ee:ea:45:9f:fc:f1:63:6d:b7:fa:f8:c3:e0: + 6f:c7:4a:3e:04:49:04:37:8b:3a:99:e8:64:0a:86: + 43:ab:5b:34:1e:6c:33:a2:a4:26:7c:c7:6c:48:99: + 7d:85:f5:1f:c1:9c:a9:c7:8f:51:6b:8a:86:8d:1c: + b0:d2:82:ba:a4:a7:09:29:8b:0a:20:d1:7c:b1:67: + 0c:61:cd:88:33:5e:38:ab:08:78:0b:80:0b:ce:63: + 03:b9:40:7b:67:3e:a8:ac:4e:44:92:09:4c:3f:e0: + 3d:55:cb:aa:5a:bc:17:9c:4e:9e:40:5c:82:fc:3b: + 3a:54:40:90:f9:22:3c:f4:00:5f:95:13:72:49:29: + ae:5f:31:22:30:04:05:6a:7b:b5:0a:0a:a6:5e:72: + 4d:5f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EB:B5:A2:7B:24:95:03:11:6B:56:CB:13:3E:A8:B2:8F:B1:CF:5D:C4 + X509v3 Authority Key Identifier: + keyid:9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 78:f3:ac:4b:db:c6:63:c3:f5:67:97:b8:99:f4:72:6f:b2:07: + 3b:99:ce:85:e7:5c:59:c1:80:bf:06:92:a8:34:be:1b:74:d1: + 61:b6:75:07:18:0e:2e:77:7f:77:c7:e9:5d:cc:1e:7b:b5:04: + 95:5b:99:a1:15:2e:b6:2b:67:13:09:0f:b7:6e:62:04:dd:01: + 27:fd:18:f3:d9:b2:d7:8f:6e:bb:b3:1d:57:76:91:42:dd:78: + 77:22:b3:ed:79:10:63:94:40:c5:88:09:bb:bf:fd:fe:6e:60: + 23:53:30:8e:11:e2:b7:3d:39:24:96:f2:86:cc:59:eb:83:07: + ad:7a:2e:85:63:be:70:15:92:f8:f2:2b:f1:6f:5f:c2:4d:3a: + 7d:c6:b9:9d:c4:82:6a:fe:b2:7e:ec:5d:eb:b3:ba:82:09:04: + f9:7e:47:37:a9:8a:e2:2a:4f:30:7d:b7:dd:1f:c2:f4:db:61: + f3:b1:81:5d:10:8c:41:22:76:93:5b:a3:b9:b2:69:85:88:3a: + eb:ae:42:0f:16:e7:2f:f3:cd:03:4c:08:65:90:a9:4f:dd:89: + 23:d7:56:bd:e9:d7:cf:9f:bf:0f:a2:11:5b:e1:89:2c:d4:76: + 16:1f:83:5c:e9:8c:f6:93:7c:b5:f2:f1:ef:d3:07:35:2f:93: + 33:16:9c:63 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzrDKPUq+pz54jpJaO +6egKOrdqe7pwhWjiUvM4Oc/I8Yr2VR5Z+pf+55sHKraAKpLZOZWeDB/XrR90TY5h +b2QkTNSVA4/T8j1u2NjVqmR9gu50BxZo+pUXmzWPw2xHiD5A3pM27WL0zGdF7upF +n/zxY223+vjD4G/HSj4ESQQ3izqZ6GQKhkOrWzQebDOipCZ8x2xImX2F9R/BnKnH +j1FrioaNHLDSgrqkpwkpiwog0XyxZwxhzYgzXjirCHgLgAvOYwO5QHtnPqisTkSS +CUw/4D1Vy6pavBecTp5AXIL8OzpUQJD5Ijz0AF+VE3JJKa5fMSIwBAVqe7UKCqZe +ck1fAgMBAAGjggEAMIH9MB0GA1UdDgQWBBTrtaJ7JJUDEWtWyxM+qLKPsc9dxDCB +0AYDVR0jBIHIMIHFgBSeVLaV6okHpsnkgujQNGRdCM1WoKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +ePOsS9vGY8P1Z5e4mfRyb7IHO5nOhedcWcGAvwaSqDS+G3TRYbZ1BxgOLnd/d8fp +Xcwee7UElVuZoRUutitnEwkPt25iBN0BJ/0Y89my149uu7MdV3aRQt14dyKz7XkQ +Y5RAxYgJu7/9/m5gI1MwjhHitz05JJbyhsxZ64MHrXouhWO+cBWS+PIr8W9fwk06 +fca5ncSCav6yfuxd67O6ggkE+X5HN6mK4ipPMH233R/C9Nth87GBXRCMQSJ2k1uj +ubJphYg6665CDxbnL/PNA0wIZZCpT92JI9dWvenXz5+/D6IRW+GJLNR2Fh+DXOmM +9pN8tfLx79MHNS+TMxacYw== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: + 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: + 66:7c:a0:1b:28:08:3c:6a:fd:f8:87:be:49:a2:ed: + 38:f2:4c:b0:8b:93:ff:d2:c5:3f:cd:03:c5:14:79: + e8:76:63:7a:aa:a7:54:1e:0e:27:bd:1b:be:e8:3f: + 2b:55:40:f0:59:23:d8:3f:e8:05:1a:0b:71:f0:fd: + 24:d9:f9:0b:99:25:da:af:96:34:ee:e1:91:cb:fc: + 8f:a0:41:8f:9c:e1:4f:57:5f:b6:d6:55:69:6f:c3: + 64:c3:11:a9:69:40:85:df:f3:9a:59:b5:ee:90:c0: + 22:ee:72:28:2e:d3:da:65:27:3b:ba:42:c0:9e:73: + ba:a2:f2:45:13:7a:c5:1d:30:a5:b7:db:75:5d:6f: + cc:08:77:80:67:8d:18:2a:ca:02:8d:8e:d3:9c:2a: + fa:b7:8f:1b:7d:ef:62:77:a4:fa:b6:d8:5a:3e:66: + 9c:3e:13:45:a8:cf:61:fb:ff:41:45:14:21:e2:63: + ac:81:4d:65:89:e3:d5:71:20:01:19:76:ec:a4:16: + a6:ef:3c:bc:f2:a2:56:2b:07:31:67:0d:e5:97:88: + e8:db:cb:4d:98:cb:99:e6:e0:bd:62:48:2b:b1:04: + 12:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + X509v3 Authority Key Identifier: + keyid:D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + b3:b8:b9:c2:44:3a:36:0a:cf:fd:da:80:8c:81:54:c1:cd:a6: + 52:a8:60:b1:f8:fd:62:01:fc:d9:85:89:15:9a:df:45:f0:68: + 3e:bb:fe:f3:94:dc:1c:69:3c:7c:47:df:04:0c:7b:2f:4f:3f: + 56:58:9a:fa:1a:4c:16:21:cf:f2:21:a5:f9:d9:49:1b:69:b4: + 4d:df:d0:c2:d7:2c:fa:0f:23:d6:45:61:12:cd:2a:5a:06:db: + 22:6f:99:7a:a0:fc:17:ba:05:bc:02:79:db:f8:cd:ec:a0:98: + 7c:7f:6b:d6:ca:5c:cd:07:89:b6:0d:3e:0b:d3:d7:7f:7c:6b: + 73:7b:b9:28:69:d2:5f:27:1c:13:60:a0:50:23:16:00:d1:cb: + 7a:1d:62:7c:a1:c2:63:1d:c9:0b:0f:d7:5c:91:af:7a:5b:93: + 7e:e5:12:36:f0:3b:fa:59:7b:a8:88:f7:bf:11:19:4b:6a:81: + 61:77:54:61:a3:73:b6:54:64:92:49:22:c9:6a:19:73:33:6d: + 01:4c:5a:9c:0a:fa:ce:a1:34:50:b1:54:de:0b:7b:ce:fe:e0: + 00:fa:8e:7f:48:36:58:ed:98:42:ce:8d:a4:a0:67:c9:88:1c: + 7f:58:df:fb:62:0f:ee:4b:7d:5a:c7:52:2f:9f:2d:13:13:0b: + 72:bd:a0:2e +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ugat +E8/a+9HLZf4mWElqARSmeLIsHbq60L0nOGZ8oBsoCDxq/fiHvkmi7TjyTLCLk//S +xT/NA8UUeeh2Y3qqp1QeDie9G77oPytVQPBZI9g/6AUaC3Hw/STZ+QuZJdqvljTu +4ZHL/I+gQY+c4U9XX7bWVWlvw2TDEalpQIXf85pZte6QwCLucigu09plJzu6QsCe +c7qi8kUTesUdMKW323Vdb8wId4BnjRgqygKNjtOcKvq3jxt972J3pPq22Fo+Zpw+ +E0Woz2H7/0FFFCHiY6yBTWWJ49VxIAEZduykFqbvPLzyolYrBzFnDeWXiOjby02Y +y5nm4L1iSCuxBBIHAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUnlS2leqJB6bJ5ILo +0DRkXQjNVqAwgc4GA1UdIwSBxjCBw4AU0br7/x0pQYpqX7Lzp0EFRwkfSEKhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAs7i5wkQ6NgrP/dqAjIFUwc2mUqhgsfj9 +YgH82YWJFZrfRfBoPrv+85TcHGk8fEffBAx7L08/Vlia+hpMFiHP8iGl+dlJG2m0 +Td/Qwtcs+g8j1kVhEs0qWgbbIm+ZeqD8F7oFvAJ52/jN7KCYfH9r1spczQeJtg0+ +C9PXf3xrc3u5KGnSXyccE2CgUCMWANHLeh1ifKHCYx3JCw/XXJGveluTfuUSNvA7 ++ll7qIj3vxEZS2qBYXdUYaNztlRkkkkiyWoZczNtAUxanAr6zqE0ULFU3gt7zv7g +APqOf0g2WO2YQs6NpKBnyYgcf1jf+2IP7kt9WsdSL58tExMLcr2gLg== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: + 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: + 97:77:1e:94:51:3d:73:2b:16:e9:05:e9:4c:1b:82: + ad:47:9d:33:30:53:b5:9b:d2:2d:e9:7b:d6:63:f3: + 61:20:1b:23:6e:47:09:8b:c0:d5:09:85:a6:e2:e4: + 3a:4d:b3:f9:dd:c6:7c:9a:42:07:22:d5:7b:67:18: + 38:c4:fc:ea:8d:09:80:a0:b0:44:33:fd:c1:aa:8b: + 9c:98:e3:95:c3:74:71:3b:71:b8:b3:80:bf:30:63: + 85:09:27:8b:12:b5:86:b0:0b:99:ff:97:42:52:a0: + ac:b2:38:38:8d:13:96:d9:d6:fa:8f:c4:89:14:06: + 9c:1f:0a:a3:3a:a2:f7:1f:83:d8:ae:41:44:9e:21: + b2:5b:b7:a2:19:e9:46:58:de:e5:a2:ab:07:7a:9a: + 9a:60:bc:14:ed:cf:4d:42:fc:5c:28:ea:42:d1:ae: + cc:71:7e:52:5d:84:88:de:b6:7d:72:6e:ab:73:4b: + 0d:ab:92:9f:11:b4:51:da:14:54:9a:0e:ec:ac:42: + fc:71:87:5b:54:38:09:2c:f0:5d:86:0c:34:b7:92: + 33:5c:3e:19:b1:4d:a0:62:9b:b4:68:36:36:38:ec: + 29:b3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + X509v3 Authority Key Identifier: + keyid:EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 8f:9b:f7:bd:1a:90:58:f0:ab:0f:1d:45:b2:29:10:66:2d:cc: + 96:d6:3c:f4:3c:a8:49:e2:cf:db:17:16:8c:e8:76:de:79:c9: + 42:10:a7:ad:b7:c3:c2:82:93:6b:19:3e:56:af:be:c8:d7:dd: + ee:87:1d:5f:1d:ad:6a:02:8d:14:22:9f:54:58:d7:d8:16:79: + 64:4d:eb:55:88:74:74:f6:59:2c:40:9f:d0:f4:a8:36:ea:c9: + 4f:9c:2b:3a:72:5f:20:2d:25:b3:b2:fb:c1:03:11:ab:57:57: + d0:55:13:b9:f5:10:09:9e:56:a2:0d:95:3c:16:3e:59:f3:71: + 60:50:06:53:45:ff:0f:e2:f8:61:5b:d2:fc:0a:65:59:dc:ee: + 6f:c6:26:c4:7d:27:69:4d:76:55:2f:07:01:3f:30:ea:17:3d: + bb:8a:f0:df:ae:c8:47:70:0e:b4:28:c9:e9:7b:8c:8a:22:a0: + ea:32:9b:f8:1e:35:a4:f0:a5:09:81:dc:9a:a4:d1:63:34:9e: + 3c:32:2f:f3:b1:f0:43:3b:f1:31:9b:8b:99:bf:c2:b4:eb:78: + 39:a3:e7:d8:2c:e6:6c:f2:8b:2f:21:83:c3:28:1b:77:f3:75: + 9b:79:f7:f0:73:a0:a2:47:af:93:32:0b:d2:88:04:14:3a:cd: + 48:7f:58:32 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h4IZhL+ +IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1zKxbpBelMG4KtR50zMFO1m9It +6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIHItV7Zxg4xPzqjQmAoLBEM/3B +qoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dCUqCssjg4jROW2db6j8SJFAac +HwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqaYLwU7c9NQvxcKOpC0a7McX5S +XYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdbVDgJLPBdhgw0t5IzXD4ZsU2g +Ypu0aDY2OOwpswIDAQABo4IBATCB/jAdBgNVHQ4EFgQU0br7/x0pQYpqX7Lzp0EF +RwkfSEIwgcEGA1UdIwSBuTCBtoAU7jem8kDQ7/0ix6O0bFdHQLmZ+Y2hgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCPm/e9GpBY8KsPHUWyKRBmLcyW1jz0PKhJ4s/bFxaM6HbeeclCEKet +t8PCgpNrGT5Wr77I193uhx1fHa1qAo0UIp9UWNfYFnlkTetViHR09lksQJ/Q9Kg2 +6slPnCs6cl8gLSWzsvvBAxGrV1fQVRO59RAJnlaiDZU8Fj5Z83FgUAZTRf8P4vhh +W9L8CmVZ3O5vxibEfSdpTXZVLwcBPzDqFz27ivDfrshHcA60KMnpe4yKIqDqMpv4 +HjWk8KUJgdyapNFjNJ48Mi/zsfBDO/Exm4uZv8K063g5o+fYLOZs8osvIYPDKBt3 +83Wbeffwc6CiR6+TMgvSiAQUOs1If1gy +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: + be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: + 5e:04:d3:e5:74:19:fc:cf:85:7f:f7:91:8c:d5:58: + 7c:02:4c:88:f1:4d:43:e3:07:bd:2a:4e:df:51:87: + 29:74:c5:24:67:1d:f1:6f:8b:07:75:39:89:70:2a: + 9c:00:e0:2e:6c:7c:74:27:18:34:fd:29:98:43:83: + d6:e1:51:b3:13:41:1c:bc:29:dc:8b:2f:93:08:95: + 8b:90:22:4b:e4:98:f5:d6:70:2a:9b:8b:64:e6:49: + 06:62:a4:23:08:60:68:97:89:a9:b2:c0:94:8e:4f: + 39:1c:25:3b:0f:e4:c5:1d:7d:89:89:5e:c6:02:69: + 68:fc:13:55:b5:80:6b:77:f7:59:57:0b:1c:7e:c6: + ed:46:c6:70:fb:34:a1:28:1c:82:b1:c2:ab:a6:c1: + f0:13:1b:7d:0b:bc:1a:39:23:3c:e7:1d:ee:c8:ee: + 2f:69:5f:a1:31:3f:1a:2f:98:5d:53:d7:42:93:db: + 49:ac:d6:7a:12:2e:9d:0d:c9:b0:ef:40:d1:a4:02: + 5e:52:e8:fb:d4:92:07:98:b1:76:d9:16:0f:e4:8b: + de:dc:88:65:e0:fd:52:1d:8b:e2:e3:ed:08:37:d0: + 11:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5a:8e:b7:fa:c9:b8:f9:a7:1e:fd:16:5b:75:4d:5e:b6:f2:6e: + c0:48:f3:7f:3e:61:59:25:64:8e:6a:e5:19:fb:03:20:93:de: + 0c:d9:88:68:e6:c3:9c:ad:b8:b1:08:a4:74:ef:e7:5c:1e:ea: + 3b:9f:0a:64:40:74:ff:d8:9d:14:38:d8:c7:68:f4:8c:b2:76: + cb:77:40:c4:55:23:b6:42:4c:82:16:47:a4:97:31:12:f0:ac: + e8:b9:aa:72:d8:e7:e5:5f:6c:92:0e:07:d7:9f:df:4b:53:85: + e5:d3:8b:74:ad:b3:58:09:d0:cf:2f:66:a3:28:8c:86:3a:5a: + c8:39:f5:03:35:42:72:8b:b8:fc:28:51:37:b0:31:f6:29:c4: + ab:f3:4f:ff:42:de:48:6d:bd:94:cd:3c:5a:bf:f3:a5:d2:13: + 2c:7b:81:d8:0d:2f:f0:49:bf:c2:07:25:a5:2a:ae:3c:9f:4a: + 3e:74:03:70:36:a9:67:68:1a:e8:72:18:2d:79:7e:65:2c:95: + 3a:5c:9d:46:50:d0:9a:fd:c1:7a:6d:cd:d6:6c:83:f2:cb:aa: + 19:c2:03:7c:2e:95:30:40:88:25:47:3c:d2:7a:ad:ac:a1:12: + 25:42:17:d0:17:00:53:4b:32:ae:70:a4:08:7b:9b:fc:bc:93: + 08:e6:b1:7a +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO0 +3F/Ikp3yB8BeBNPldBn8z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sH +dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk +5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt +RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 +Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBajrf6ybj5px79Flt1TV628m7ASPN/PmFZJWSOauUZ+wMgk94M2Yho5sOc +rbixCKR07+dcHuo7nwpkQHT/2J0UONjHaPSMsnbLd0DEVSO2QkyCFkeklzES8Kzo +uapy2OflX2ySDgfXn99LU4Xl04t0rbNYCdDPL2ajKIyGOlrIOfUDNUJyi7j8KFE3 +sDH2KcSr80//Qt5Ibb2UzTxav/Ol0hMse4HYDS/wSb/CByWlKq48n0o+dANwNqln +aBrochgteX5lLJU6XJ1GUNCa/cF6bc3WbIPyy6oZwgN8LpUwQIglRzzSeq2soRIl +QhfQFwBTSzKucKQIe5v8vJMI5rF6 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-entity-key.pem b/certs/test-pathlen/chainI-entity-key.pem new file mode 100644 index 000000000..e0a823b0c --- /dev/null +++ b/certs/test-pathlen/chainI-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA86wyj1Kvqc+eI6SWjunoCjq3anu6cIVo4lLzODnPyPGK9lUe +WfqX/uebByq2gCqS2TmVngwf160fdE2OYW9kJEzUlQOP0/I9btjY1apkfYLudAcW +aPqVF5s1j8NsR4g+QN6TNu1i9MxnRe7qRZ/88WNtt/r4w+Bvx0o+BEkEN4s6mehk +CoZDq1s0HmwzoqQmfMdsSJl9hfUfwZypx49Ra4qGjRyw0oK6pKcJKYsKINF8sWcM +Yc2IM144qwh4C4ALzmMDuUB7Zz6orE5EkglMP+A9VcuqWrwXnE6eQFyC/Ds6VECQ ++SI89ABflRNySSmuXzEiMAQFanu1CgqmXnJNXwIDAQABAoIBACx9nmWo1UYOEHO1 +k3/YmXN0sRSSLsJouXPJbXswow2vfI3pkLchGCuEoju2wse3/kQHTZgj4pSAmaOk +nYCQ1BoEpTPoCJTMQAdDNKQejmaUR3GL8b2NMzeyMR9ksRqGd8dkXEDFKzJDN//+ +1WuNAKQaYWgcPNuW2RHsLlKd+lUhjYR/Qe6pj+Jzxhh9Kbt5GHAyj1BTXQzkv5O5 +FpshP331WryxI0r/Q4lwKHrthBXm2PgKUEeh5M7dokAMCaBZmN0ZTbI644tvNsi5 +FR9rTqRHhxtwmk5sMKEavncISY85T+R63XKfUHTQZkWXEiPB3DJoJAbsDVpBb+BI +j3Ton2ECgYEA/WDYGonfKB7x8wwZgBVnnvoMGOqSm8mj42kw3cAaXqtIrJOF+iL8 +kKMq5YJ2W+GlbdNF1oawG+I9gWK9THOcp0JnRXedGNWlfKrW7HHeugT6OR9D8ZiX +4O0M7QJqIdWWN9QpVHhPfySdzF+PopT73o38MtnEF28cIck3ptFqQpcCgYEA9jGl +DSxfFXjoPKinHf6QWkyKeOqHIWYEuIxv2tQ+KpsvTzZ6hEdS2ZeiWcGRCxvlGNxu +/e7sCVUOCVs+FYyb3kN0TW9Hx+0l8H02Lnt3ar7lQmfp4fDw2HsRm6ONTUPZnXCV +2Odpi7PlnHOSR4j2kta4HQL7l2pZJ3n6wPasTHkCgYEA+2UbBTnGMAiEBqH6qxqR +tSpi1lXnIKrv8LJtyZbQkx1e/dthEs2jyd4asZy/0moPuOfmYvM/yGqwm69cIn6S +72DzFfmX5QwVJZxboj1YvzgxDHv47bx49LI+IOpEY02HvdzDJQw50+yApEYsPSOU +wzwc/lcSOC4Fu3/pt5oP1AECgYEA52eCW/944BXlNB7R9b9wr2+COGU43oulpFFc +UbNtO17h+PKb9fmURjHgx7zJOEff7p5DNSt9cMghiWnZ0Sd42lFM3/vY3HJrVsBa +TRaACDWmB+TkURrHRrNmuYPhLN65jOJl9pqM+mL9TzDSLarvGNX5+Er1cDzlz9U3 +fGhfSwECgYEAzUUcI9nvFvh4XQWCbJVDr3iQrupozRCfYmFjuJpx8KHm+Z01lY50 +uTJ+NOBJHCgS6Ikyz4VIkqpbw4AbxlWN0Se7FjlaoiUkj9KAl1ifM5cl70KN13az +1i3a0a8yrIdCAxDenm9UCQH2NIfL4NdFlI2BZglB6PI/HwQ/NwZAkEc= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-entity.pem b/certs/test-pathlen/chainI-entity.pem new file mode 100644 index 000000000..1e7564198 --- /dev/null +++ b/certs/test-pathlen/chainI-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: + e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: + cf:c8:f1:8a:f6:55:1e:59:fa:97:fe:e7:9b:07:2a: + b6:80:2a:92:d9:39:95:9e:0c:1f:d7:ad:1f:74:4d: + 8e:61:6f:64:24:4c:d4:95:03:8f:d3:f2:3d:6e:d8: + d8:d5:aa:64:7d:82:ee:74:07:16:68:fa:95:17:9b: + 35:8f:c3:6c:47:88:3e:40:de:93:36:ed:62:f4:cc: + 67:45:ee:ea:45:9f:fc:f1:63:6d:b7:fa:f8:c3:e0: + 6f:c7:4a:3e:04:49:04:37:8b:3a:99:e8:64:0a:86: + 43:ab:5b:34:1e:6c:33:a2:a4:26:7c:c7:6c:48:99: + 7d:85:f5:1f:c1:9c:a9:c7:8f:51:6b:8a:86:8d:1c: + b0:d2:82:ba:a4:a7:09:29:8b:0a:20:d1:7c:b1:67: + 0c:61:cd:88:33:5e:38:ab:08:78:0b:80:0b:ce:63: + 03:b9:40:7b:67:3e:a8:ac:4e:44:92:09:4c:3f:e0: + 3d:55:cb:aa:5a:bc:17:9c:4e:9e:40:5c:82:fc:3b: + 3a:54:40:90:f9:22:3c:f4:00:5f:95:13:72:49:29: + ae:5f:31:22:30:04:05:6a:7b:b5:0a:0a:a6:5e:72: + 4d:5f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EB:B5:A2:7B:24:95:03:11:6B:56:CB:13:3E:A8:B2:8F:B1:CF:5D:C4 + X509v3 Authority Key Identifier: + keyid:9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 78:f3:ac:4b:db:c6:63:c3:f5:67:97:b8:99:f4:72:6f:b2:07: + 3b:99:ce:85:e7:5c:59:c1:80:bf:06:92:a8:34:be:1b:74:d1: + 61:b6:75:07:18:0e:2e:77:7f:77:c7:e9:5d:cc:1e:7b:b5:04: + 95:5b:99:a1:15:2e:b6:2b:67:13:09:0f:b7:6e:62:04:dd:01: + 27:fd:18:f3:d9:b2:d7:8f:6e:bb:b3:1d:57:76:91:42:dd:78: + 77:22:b3:ed:79:10:63:94:40:c5:88:09:bb:bf:fd:fe:6e:60: + 23:53:30:8e:11:e2:b7:3d:39:24:96:f2:86:cc:59:eb:83:07: + ad:7a:2e:85:63:be:70:15:92:f8:f2:2b:f1:6f:5f:c2:4d:3a: + 7d:c6:b9:9d:c4:82:6a:fe:b2:7e:ec:5d:eb:b3:ba:82:09:04: + f9:7e:47:37:a9:8a:e2:2a:4f:30:7d:b7:dd:1f:c2:f4:db:61: + f3:b1:81:5d:10:8c:41:22:76:93:5b:a3:b9:b2:69:85:88:3a: + eb:ae:42:0f:16:e7:2f:f3:cd:03:4c:08:65:90:a9:4f:dd:89: + 23:d7:56:bd:e9:d7:cf:9f:bf:0f:a2:11:5b:e1:89:2c:d4:76: + 16:1f:83:5c:e9:8c:f6:93:7c:b5:f2:f1:ef:d3:07:35:2f:93: + 33:16:9c:63 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzrDKPUq+pz54jpJaO +6egKOrdqe7pwhWjiUvM4Oc/I8Yr2VR5Z+pf+55sHKraAKpLZOZWeDB/XrR90TY5h +b2QkTNSVA4/T8j1u2NjVqmR9gu50BxZo+pUXmzWPw2xHiD5A3pM27WL0zGdF7upF +n/zxY223+vjD4G/HSj4ESQQ3izqZ6GQKhkOrWzQebDOipCZ8x2xImX2F9R/BnKnH +j1FrioaNHLDSgrqkpwkpiwog0XyxZwxhzYgzXjirCHgLgAvOYwO5QHtnPqisTkSS +CUw/4D1Vy6pavBecTp5AXIL8OzpUQJD5Ijz0AF+VE3JJKa5fMSIwBAVqe7UKCqZe +ck1fAgMBAAGjggEAMIH9MB0GA1UdDgQWBBTrtaJ7JJUDEWtWyxM+qLKPsc9dxDCB +0AYDVR0jBIHIMIHFgBSeVLaV6okHpsnkgujQNGRdCM1WoKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +ePOsS9vGY8P1Z5e4mfRyb7IHO5nOhedcWcGAvwaSqDS+G3TRYbZ1BxgOLnd/d8fp +Xcwee7UElVuZoRUutitnEwkPt25iBN0BJ/0Y89my149uu7MdV3aRQt14dyKz7XkQ +Y5RAxYgJu7/9/m5gI1MwjhHitz05JJbyhsxZ64MHrXouhWO+cBWS+PIr8W9fwk06 +fca5ncSCav6yfuxd67O6ggkE+X5HN6mK4ipPMH233R/C9Nth87GBXRCMQSJ2k1uj +ubJphYg6665CDxbnL/PNA0wIZZCpT92JI9dWvenXz5+/D6IRW+GJLNR2Fh+DXOmM +9pN8tfLx79MHNS+TMxacYw== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA1-key.pem b/certs/test-pathlen/chainJ-ICA1-key.pem new file mode 100644 index 000000000..e67a06832 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAp29EwhHMLPQqpagIU0sOzZYjuxVKKt35pxkrkSjoc6NXtEk6 +N4KPFThaqq+tciYuhMIN3vzwvjuiEakSINQ93mKFhZEIYNvASruJtvSRHlGjsvcI +md9ISlmE0aoJNg3NaKWuQcjXGtjqSYcgIif5RVQ+x8gARH40cqqNLU1qPnWJ4tQX +V/nNK9C3FGpUG2Gvm2gisRZz6wVsQertEE68gwRoyDrhAxKtKFwkTBmhftjvG4Dk +DkkMaYb2HucB+ypvVhttCq3pKT8xu0goQHkrtfOq7OkJTIL8lygZozrA0l6jipjI +irfSxJC8/8xHE5CtAKuK7PeUNQlgEDWfMsUAGwIDAQABAoIBAD9XZ8Knav+Cq3OZ ++vRPy9zYtNG8vx8ydJTTf9jdifrdS3unzD9dw/V6KUqzRUGO0kBlDUxTklvVQX2+ +4V3MDU/JI8wgzvOdjsR26CVvpkq7BdvZesaDYtzFuup6khuB4zh4nVDDwySj9RY1 +6WEikDm7IjkAH6HJwNu0S85coBnaTs7Sxi+LcAwFlHybEZfb5hz0MdLcLlJ3E7Oz +6Ni/W/SsFBPsO7u7BlNB37tvBlxwpws1sKgpN1EHaDhctQxGODkfAK66PPbG75lO +vqROQWdFc7e3IKQ//A3ORXjNGfCYs8kV/VLA2RjjDPrVb3d7OHxufaAXUxNN5+N1 +7chonQECgYEA00PYedTkZiY2ljJBQB5vxoCZt9wGMe91u/SjWUfLMs2upBgGWDCx +5loZybzUMkBXRK+TSy0kdJndNSPWFxnSmOEFE6Im99MBFJu2iuy7HyHjSTlUEQp1 +Y1CbSzQRCXMNsdJjWnTEz9y8r6gQMhbhMB1Gn5MK3cSmrfv1LwTOvIECgYEAyuN8 +jLWMVfBTN9B/hWTLMLQF7fHhxT53ZBzA9+xnMo+TCDTqZABeyyO1/9jVIvcF4PEO +tmGFaQYaGlxP9fMJyuEEcmYXU8pSqFmK/HHvaHL+MDBjRPudz9En9visBtcoVyYq +z6oRFKsNCjcctxZ9/N20gfaYCrgzFTCTkPWh3psCgYAQKBwiFRnyhfGewvEiijFa +KPOYkAcZQorqeOcVKNxtYjV87yltDSxNxY47U2mW/jyuUA8frLAhCrNUIQ16bssg +TfUpbzkzsrtebBolvb0BwIG1U+EN/JLFqaB2u+ChrF7bvo9Cl7OFgggcFupGKmHG +YDbKdWBbXXKx05cIpYF6AQKBgH4pobyZ9E9IZ2cwxut7NwLtHzbMj7ko0/M0EibZ +IX8GWsbiqNJQjKHDbhxPiJH6i/RJ0f1FfUFGoxq7RpnJbNB0xmAg7eaTzHyVWeEL +NHV99GSg4kn2MTcWd8SS8945EwPGXx7NQVvZ1f0BMmEDooqIjwO2BOu9iT5m+4xL +wkF7AoGADQdu9lCbE0oFa4Ys9p7F7nAh7CCMvKGGIWZzQZBUf3Xr0RuZYRBaeUs2 +U7R/dXpUEOdxcDxSvfsnOz4yJ5++ixj0GaETgxHfHJd4JbBVW3ziCjPNSLj7Slgf +EmHy80ElH+97Z1nK5dHZNAi6m4u+eNjpnv/zbaWsLXsglPuzmsg= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem new file mode 100644 index 000000000..302d2c78d --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: + 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: + e8:73:a3:57:b4:49:3a:37:82:8f:15:38:5a:aa:af: + ad:72:26:2e:84:c2:0d:de:fc:f0:be:3b:a2:11:a9: + 12:20:d4:3d:de:62:85:85:91:08:60:db:c0:4a:bb: + 89:b6:f4:91:1e:51:a3:b2:f7:08:99:df:48:4a:59: + 84:d1:aa:09:36:0d:cd:68:a5:ae:41:c8:d7:1a:d8: + ea:49:87:20:22:27:f9:45:54:3e:c7:c8:00:44:7e: + 34:72:aa:8d:2d:4d:6a:3e:75:89:e2:d4:17:57:f9: + cd:2b:d0:b7:14:6a:54:1b:61:af:9b:68:22:b1:16: + 73:eb:05:6c:41:ea:ed:10:4e:bc:83:04:68:c8:3a: + e1:03:12:ad:28:5c:24:4c:19:a1:7e:d8:ef:1b:80: + e4:0e:49:0c:69:86:f6:1e:e7:01:fb:2a:6f:56:1b: + 6d:0a:ad:e9:29:3f:31:bb:48:28:40:79:2b:b5:f3: + aa:ec:e9:09:4c:82:fc:97:28:19:a3:3a:c0:d2:5e: + a3:8a:98:c8:8a:b7:d2:c4:90:bc:ff:cc:47:13:90: + ad:00:ab:8a:ec:f7:94:35:09:60:10:35:9f:32:c5: + 00:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + X509v3 Authority Key Identifier: + keyid:A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 1c:0b:c0:44:10:dc:db:df:b9:3e:a0:95:09:d7:13:63:81:f7: + 32:57:19:84:72:2d:8e:60:66:0e:78:f3:35:7d:71:f8:95:88: + bc:90:52:e1:e2:4e:fe:4a:f7:bd:66:fe:b7:73:84:7f:96:ee: + ba:93:97:31:01:af:74:4f:60:40:74:d2:b5:a1:2f:e0:79:1a: + e2:67:08:ee:d4:60:43:1d:bc:79:9d:61:ae:fe:5e:9b:c8:b3: + 69:4e:d0:2b:2b:61:7a:51:1a:c9:bf:8c:b5:ff:ee:ee:42:eb: + ad:e4:90:53:1c:ed:a6:6f:27:51:1f:bf:b1:e3:0e:28:70:46: + 36:91:2e:72:82:b8:05:ee:42:c0:bd:17:0a:38:96:da:13:a4: + d5:a3:9d:bd:82:c3:aa:9f:ff:a8:cd:28:38:ae:18:44:a6:e3: + 60:eb:e0:4c:bd:1f:9e:99:e9:47:38:86:08:29:61:64:d6:6a: + 55:a0:eb:5a:62:24:d5:48:36:5b:51:5c:7f:5f:94:21:ea:d4: + 5e:7d:ee:ec:e7:3f:5b:35:59:8f:84:b9:00:53:80:3e:6a:a0: + db:de:a9:36:9e:f2:1e:48:77:cb:df:94:af:4c:a8:cc:93:c4: + 03:74:ca:ec:d8:86:a3:b9:49:76:b7:af:44:b3:b4:51:ca:a8: + 8b:78:73:f5 +-----BEGIN CERTIFICATE----- +MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnb0TC +Ecws9CqlqAhTSw7NliO7FUoq3fmnGSuRKOhzo1e0STo3go8VOFqqr61yJi6Ewg3e +/PC+O6IRqRIg1D3eYoWFkQhg28BKu4m29JEeUaOy9wiZ30hKWYTRqgk2Dc1opa5B +yNca2OpJhyAiJ/lFVD7HyABEfjRyqo0tTWo+dYni1BdX+c0r0LcUalQbYa+baCKx +FnPrBWxB6u0QTryDBGjIOuEDEq0oXCRMGaF+2O8bgOQOSQxphvYe5wH7Km9WG20K +rekpPzG7SChAeSu186rs6QlMgvyXKBmjOsDSXqOKmMiKt9LEkLz/zEcTkK0Aq4rs +95Q1CWAQNZ8yxQAbAgMBAAGjggERMIIBDTAdBgNVHQ4EFgQUnHs6ELMImQUArz7g +pF3Zr4K8TcAwgdAGA1UdIwSByDCBxYAUo/VximCAPJNkF9kutcDOqcEUF8Shgamk +gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAcC8BEENzb37k+oJUJ1xNjgfcyVxmE +ci2OYGYOePM1fXH4lYi8kFLh4k7+Sve9Zv63c4R/lu66k5cxAa90T2BAdNK1oS/g +eRriZwju1GBDHbx5nWGu/l6byLNpTtArK2F6URrJv4y1/+7uQuut5JBTHO2mbydR +H7+x4w4ocEY2kS5ygrgF7kLAvRcKOJbaE6TVo529gsOqn/+ozSg4rhhEpuNg6+BM +vR+emelHOIYIKWFk1mpVoOtaYiTVSDZbUVx/X5Qh6tRefe7s5z9bNVmPhLkAU4A+ +aqDb3qk2nvIeSHfL35SvTKjMk8QDdMrs2IajuUl2t69Es7RRyqiLeHP1 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA2-key.pem b/certs/test-pathlen/chainJ-ICA2-key.pem new file mode 100644 index 000000000..fa3f5aef5 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuyn9iaqC4B0EeGnsYVhRUoR+a1VpLPQj1h/Y7asZljh7xojX +fYWTADVAC8Cp/2YPnqEdiG6pivGtR7RxyRVQxg81npVKZtO9Gzh73GeFlxuzY8ly +1kNa8V419gWWx0C8I6uUNIJZArIz0OZ/GVdlaDwEYVDvIpVP7xi/FbFNjs2noJgi +9RwFAWtLNb+Iw0fDJCm0RcuVoawWHd24aKxROSQnar4x8ewGEFW+RAJP6BJ71v4y +yUg3ayBoy1P1STquSsdDwa/mUxHZ+HEaotY3xytFUElRT1VsPx5pe1gSOn5ZoFed +KJyKbYLnExU7BI/igg8vz9kl2WWjPAPAzbZR1QIDAQABAoIBAFvaUK5WOyKHuyDp +QvPHJynrEivU3+gK7Odx+8EwHj+F+uDFWZQlkK4idAsQg51u1i2QfnDtdlFVKCgv +m0QHLPv2jOcF91ydf4ozXz4cpAgztQc83xneNmyMQsk5lvS0hWCwHOzkJ5DWKe3U +oP2r0X2lLrUfxixfwLnjmCuqNxjkZlx1sB+rb5wafmW6GOx2kUS+jr02RG20wNIT +lPgCLYyRyn636F7eBSTDd2ogwwpugk0cqBWFnqzvJfltIFQd47bhSyQ4ot12rTrH +GzQ764Ll6pxuNmBYo9ys3HHhFs8A66vIpC7ITZRUWa7aHFzQn+rzJGeJ4+USJvCf +fCbyS4ECgYEA+B0tCuWCK6qiszfFdPAwTnQFTcdKBH9wnwI1f6gdgqOofYfSKJ/3 +6rgtuYv3/MPZ0wXTNP6QxYKjD3Zfa2oclxO/5JRejiahKYBNPrON1CbN3bMESZj4 +5Br5SxjLcDN8OFEKExn9U13lD7wfF2AVVUMkflkfao9ajziBkZUE1TUCgYEAwRzi +XJ7wOQgAAuz2rG9Kw70oQ8ry3VyU5L4xqEJsVIMBpxCQ+LfvWNMuR/awFECVnrxG +UpUgvzrY+JJ3EVDRD3bbCZW7TtglLi9vi7VomFv5S2tPPl+abktY9zPe76nF/bWg +joLTfWrla6OAUldaCBJPvmBlmsqEOJTMDM0kPiECgYBJI5ieiK9JngBeIkejxBYJ +Wmwh1Gh+UO7rAKSyn+UrGIFXl80cyqMzXt2jv533teglK6dqDMyyXGMi8LsKF/qb +kmfTwuTotHx3lmmu3REnA9VV0CqoY16jJ0xrlcCKr7Kji0gT/2pMw/X9IHBt3JYN +T0CXuj/nkqCYbYjMWIhXLQKBgQCYdtOIyLtka5qGtMu0LFHc5FUL4QmKF3Q+fKL7 +8yVQO/ZsDjpHBAFmIaUij/NIqgz2vDLRNIgcMrvm1MxI0YOdL/uTP7IYd7IzGqR4 +qwsfb04Na3WvCxAEEFz3Hu7eTS3SNznCCiwrkt/68aV4XRrp0HtBFR5i7Y0ilufb +G4OHwQKBgQCd0TSu7ntTRmQBddjtAylB5tP7BTxgdV39IrBs9AyZnEti8hVLn3bs +AuENwmUX2KGRkH9xmA3hf8QHYFWz2n7NiygZ60yjIvpQhd4z2eCEpmqrRVV44QtT +z/NoqKUN6ywGoDu60LV1PmoYpiWXM1qTxdKJhcUhdkuVSH22tKoVeQ== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem new file mode 100644 index 000000000..92fa68dc2 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: + 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: + 19:96:38:7b:c6:88:d7:7d:85:93:00:35:40:0b:c0: + a9:ff:66:0f:9e:a1:1d:88:6e:a9:8a:f1:ad:47:b4: + 71:c9:15:50:c6:0f:35:9e:95:4a:66:d3:bd:1b:38: + 7b:dc:67:85:97:1b:b3:63:c9:72:d6:43:5a:f1:5e: + 35:f6:05:96:c7:40:bc:23:ab:94:34:82:59:02:b2: + 33:d0:e6:7f:19:57:65:68:3c:04:61:50:ef:22:95: + 4f:ef:18:bf:15:b1:4d:8e:cd:a7:a0:98:22:f5:1c: + 05:01:6b:4b:35:bf:88:c3:47:c3:24:29:b4:45:cb: + 95:a1:ac:16:1d:dd:b8:68:ac:51:39:24:27:6a:be: + 31:f1:ec:06:10:55:be:44:02:4f:e8:12:7b:d6:fe: + 32:c9:48:37:6b:20:68:cb:53:f5:49:3a:ae:4a:c7: + 43:c1:af:e6:53:11:d9:f8:71:1a:a2:d6:37:c7:2b: + 45:50:49:51:4f:55:6c:3f:1e:69:7b:58:12:3a:7e: + 59:a0:57:9d:28:9c:8a:6d:82:e7:13:15:3b:04:8f: + e2:82:0f:2f:cf:d9:25:d9:65:a3:3c:03:c0:cd:b6: + 51:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + X509v3 Authority Key Identifier: + keyid:CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5b:56:cd:5e:fc:3a:fb:2b:be:7c:63:ad:a7:7b:e4:9a:00:78: + cb:d8:e6:00:41:3d:3d:e3:f6:43:78:75:d7:c9:07:61:0c:2b: + 43:46:8f:12:a3:5a:f0:3d:22:f4:72:ea:27:1a:70:57:48:c5: + ec:7d:00:dd:5d:83:a6:71:f7:90:ec:69:bd:2e:86:97:06:dc: + 9c:be:4e:a8:4c:9f:db:93:5e:fd:d8:ba:ae:89:55:65:16:cf: + ab:a5:a4:4e:ae:21:ce:5e:e0:91:e1:77:de:e3:b4:3d:ba:d2: + 12:f3:54:c0:50:94:16:e5:b2:62:71:58:03:2c:d1:f4:1f:ce: + 9d:a5:ce:2a:57:9f:f7:19:41:b0:4d:e8:27:5d:f2:e6:c8:44: + 1b:c3:57:51:76:d4:15:1a:05:31:61:c3:02:db:56:81:1e:24: + f2:23:04:a9:5a:31:ee:08:1d:08:1f:49:d7:2c:ba:1e:00:5a: + e5:57:8b:fd:aa:a4:2f:6a:d7:93:19:09:92:30:7d:95:68:3b: + b7:ce:a3:f2:b9:e4:e4:e4:48:a4:22:6b:00:33:91:56:28:fc: + 50:f7:1d:f6:70:5b:83:a8:99:98:2d:7a:6c:aa:9b:5a:a5:56: + 5b:89:95:a8:50:27:68:ce:63:5e:d3:84:cb:80:1b:ae:3e:a2: + 5c:13:9b:ff +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Kf2J +qoLgHQR4aexhWFFShH5rVWks9CPWH9jtqxmWOHvGiNd9hZMANUALwKn/Zg+eoR2I +bqmK8a1HtHHJFVDGDzWelUpm070bOHvcZ4WXG7NjyXLWQ1rxXjX2BZbHQLwjq5Q0 +glkCsjPQ5n8ZV2VoPARhUO8ilU/vGL8VsU2OzaegmCL1HAUBa0s1v4jDR8MkKbRF +y5WhrBYd3bhorFE5JCdqvjHx7AYQVb5EAk/oEnvW/jLJSDdrIGjLU/VJOq5Kx0PB +r+ZTEdn4cRqi1jfHK0VQSVFPVWw/Hml7WBI6flmgV50onIptgucTFTsEj+KCDy/P +2SXZZaM8A8DNtlHVAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUo/VximCAPJNkF9ku +tcDOqcEUF8Qwgc4GA1UdIwSBxjCBw4AUzZdJePcxYe0vcRpo6UUsQHhRk1uhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAW1bNXvw6+yu+fGOtp3vkmgB4y9jmAEE9 +PeP2Q3h118kHYQwrQ0aPEqNa8D0i9HLqJxpwV0jF7H0A3V2DpnH3kOxpvS6Glwbc +nL5OqEyf25Ne/di6rolVZRbPq6WkTq4hzl7gkeF33uO0PbrSEvNUwFCUFuWyYnFY +AyzR9B/OnaXOKlef9xlBsE3oJ13y5shEG8NXUXbUFRoFMWHDAttWgR4k8iMEqVox +7ggdCB9J1yy6HgBa5VeL/aqkL2rXkxkJkjB9lWg7t86j8rnk5ORIpCJrADORVij8 +UPcd9nBbg6iZmC16bKqbWqVWW4mVqFAnaM5jXtOEy4Abrj6iXBOb/w== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA3-key.pem b/certs/test-pathlen/chainJ-ICA3-key.pem new file mode 100644 index 000000000..af221fe25 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA2Kr2BZVwWlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClI +JeG19SXfZHvq7aofiw3n6/UvripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQ +qnzeIPh1OSOF7oQTiFQqlvUWJ5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6c +nq48u7bYEKy3WUlbcwC+r5IhFFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7 +p3BTFMa3Ufoj8PVL0bs/m/w1ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba ++e8b4J+11TJltU7kvjZrZWUalqJHtT6fsA1jQQIDAQABAoIBAFxbg8Odj+bxD25S +bGJpSzPQZXzj/poQBhoPC1B/6IyDLLtV3YtIS2fUXQVYTSxB+HAt3U6XlVuIci7w +4E5j92fF+ZTZMvlPluFGk2r9fIs28V8xZyFFWOp0/oL8wXqKkkjql70BfBAn0kPa +kTT0QAD9thcuUaWUvhQk9gacDgTDa824zjrJmU/st0XkAL238VGZitW0n3FuIO/G +FLg3wPE6VJRvbdg5KT7UplvP1gj37tIWZmRtOxwGcr5NGhHiceGD99ubFAvkZPLe +RfRrQB/0vJ0TQLrVBhWtnRsrHuywUllrhLDUcJTnylrK/CMimmtvx03geDjo9jso +J+RaYAECgYEA9WJzlwjAR/a5K+6b/Wds1Oqsq3KVfRPLas5DENDCAfoabVQadJWh +DG/PtAoOWaK6Kvjg6qZyjlaB3gVVmUt7aflGYW2Ik7hpDlHY5D7tD7gOrhYzU/X9 +gnH0I9jRD9KhyRKIxMcgtQwMUX8EksfJsNm2uSbgvdLtWAad8uNg2zECgYEA4gp7 +PgBzfXq+2kt0qTbXG/+UCNXFUUChr/SrSb3g+gM/AMqmNVuRPJ3hNSEnHWt7g9Pi +3lIKFsQel5HZZR7o/H6GOtmIBD53ropX6foSMuJ8WlDEf1+44WvfpntESED9C1Hq +cEHTFKMWek5b8izfQBR/OzWmB33nh0AXHeBM5RECgYAw5kGqo2/N53jXLGGhie7C +L1HhiKAJoNw0mI38190Rj8mcZ9otyXOiitWVRzu82RTIY3hOyoShoNOYbu+z8LrT +T32bBLzm0yT8WYsjUPbk3wTt5DauUKMIT7UbP6XJxWvAKhVfQV9fNNtvkiRTK8Uh +nQEwvHKk4Vey5v6q3Gz8wQKBgF2X+W+ywB80s9GvbJ6kFm2BZcpCuXDrUgeJR2NB +O+ZJccziG+/7+icfOCDHmWqVFo9/LHDhh0vl6MTZnyo/ojjqKqozaB5ZvzSGE+DN +qrtnDBZZWwNinyq3f+NvJtbEEgKd6HSSzNO+s4/w4iFkcwwVcJkTnat8dmGKKAg2 +16ABAoGBAMiKDbjbCoiCHfUDjozrEuXL7IF0sUgctVBRl/llmvFjXwOY+yE+Fchj +bcPJw25UVJAcSvRn0U/0/eqsZCFEcrDCSlU+wU+3JDSMrf6nNFpgCYSU5a8juHXA +tI5ofONIJ72Dt7QARgP+jpV7QZSKrsh2vZe+6uaXNgCENkSr3XrV +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem new file mode 100644 index 000000000..7c1bfed06 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: + 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: + 39:e1:e7:4e:48:29:48:25:e1:b5:f5:25:df:64:7b: + ea:ed:aa:1f:8b:0d:e7:eb:f5:2f:ae:2a:5a:3d:50: + c7:fb:ef:0b:8b:44:0b:63:94:be:c6:d7:63:45:2e: + 85:96:00:5c:be:7e:10:09:b3:d0:aa:7c:de:20:f8: + 75:39:23:85:ee:84:13:88:54:2a:96:f5:16:27:9f: + 8b:b0:a6:2a:f4:9d:13:8c:71:1c:0c:a6:59:53:ec: + f9:0b:2b:c9:45:13:d6:12:ef:39:d1:8e:9c:9e:ae: + 3c:bb:b6:d8:10:ac:b7:59:49:5b:73:00:be:af:92: + 21:14:54:a3:fa:b6:17:ae:b6:dc:b1:f1:61:f0:75: + 07:43:5e:48:fa:e7:80:56:cf:df:ad:46:52:85:42: + fb:a7:70:53:14:c6:b7:51:fa:23:f0:f5:4b:d1:bb: + 3f:9b:fc:35:ca:d2:85:f1:a0:77:02:06:7c:79:99: + 13:b5:68:b4:16:47:42:88:f7:bc:eb:78:b2:e8:11: + 2f:62:f6:da:f9:ef:1b:e0:9f:b5:d5:32:65:b5:4e: + e4:be:36:6b:65:65:1a:96:a2:47:b5:3e:9f:b0:0d: + 63:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + X509v3 Authority Key Identifier: + keyid:FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 38:56:e6:30:a8:f8:db:32:4c:53:e0:8f:c5:08:98:3f:ce:bf: + b1:04:b0:52:24:63:6a:14:86:41:08:13:78:aa:98:7e:07:9b: + 1d:22:9e:61:b6:69:fb:f9:24:a3:8e:4b:f2:1f:39:6a:0b:a1: + ff:1f:9b:65:7c:7f:85:8c:d8:ce:3d:83:93:4c:00:4e:7f:d0: + 44:53:b1:a8:7d:bf:43:f1:d7:f2:2c:86:20:b8:cf:11:39:bb: + 7e:21:28:ca:20:4b:0a:46:97:d3:c6:82:2c:4e:25:8a:e4:92: + 84:da:c2:9b:15:3a:5c:8b:fc:a1:b7:76:f9:e8:80:79:1f:fc: + 4f:d4:18:f1:17:fa:19:87:4d:3c:81:e1:82:ce:e2:5c:d2:c0: + cd:e8:44:5a:dd:f1:41:5f:a2:df:27:a9:d4:4e:f7:2c:7a:8c: + 5f:dd:f2:3e:e3:c5:1f:7b:5f:0e:6f:9c:9a:c8:eb:63:0f:98: + eb:7e:e6:89:56:d9:c7:f4:6d:20:d9:0f:a5:81:82:90:90:95: + 53:62:80:9d:e3:93:44:4c:33:00:1e:b9:c8:b2:13:53:d2:a3: + 18:96:86:40:92:74:bf:a9:8e:77:ff:a8:3b:7f:c6:92:c8:b4: + 4e:6c:17:7f:36:9d:f6:64:11:f9:26:5e:55:09:36:fe:8c:84: + 81:08:0e:a3 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kr2BZVw +WlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClIJeG19SXfZHvq7aofiw3n6/Uv +ripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQqnzeIPh1OSOF7oQTiFQqlvUW +J5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6cnq48u7bYEKy3WUlbcwC+r5Ih +FFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7p3BTFMa3Ufoj8PVL0bs/m/w1 +ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba+e8b4J+11TJltU7kvjZrZWUa +lqJHtT6fsA1jQQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUzZdJePcxYe0vcRpo6UUs +QHhRk1swgcEGA1UdIwSBuTCBtoAU/BgTUrszStscW9GAmD5AhpVYcvmhgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQA4VuYwqPjbMkxT4I/FCJg/zr+xBLBSJGNqFIZBCBN4qph+B5sdIp5h +tmn7+SSjjkvyHzlqC6H/H5tlfH+FjNjOPYOTTABOf9BEU7Gofb9D8dfyLIYguM8R +Obt+ISjKIEsKRpfTxoIsTiWK5JKE2sKbFTpci/yht3b56IB5H/xP1BjxF/oZh008 +geGCzuJc0sDN6ERa3fFBX6LfJ6nUTvcseoxf3fI+48Ufe18Ob5yayOtjD5jrfuaJ +VtnH9G0g2Q+lgYKQkJVTYoCd45NETDMAHrnIshNT0qMYloZAknS/qY53/6g7f8aS +yLRObBd/Np32ZBH5Jl5VCTb+jISBCA6j +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA4-key.pem b/certs/test-pathlen/chainJ-ICA4-key.pem new file mode 100644 index 000000000..f795822c3 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA4-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAnUrua/+27IghI4QDtoi7PloblQMvJFMtVz8ROF0SHUBrENvC +0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muRJo/8HgYX8N5Yh+8eppES +OWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr42YqG4fFhQNFsM7hD8EP +knDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RVptq7H57RhQDgjUrE0oYI +df3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnACg79u2DGJs/IWmL4n9hRa +6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQABAoIBAFOs+QkbEATkpjxu +jksckf+pj+LFvt5kIUq4kkCZwnktO8fMIOj4Z51f7ueIplpMLf6qd9L+mteYN2q8 +y9ILmddqwta/QohxMH4IX9QTdKVb38JcioVf1epElfzguvOm2J5DXqVVhcFwY6HQ +9+6hDkZyfVb99aMTRnM+1yTbiMd1cTV/hee0cCaS/A4WjJicldbLMUQ9GFlfoaNa +z7Vik0XnQZoAJKLFIqo+r3At1x4HQ6CTeIKLrUUCiIJp2AKTw1ZddSS+n1ELb7ms +MavRWChI5aYk9IhVTIzjFgsY5SWj5z2ta5dCngX0miTtr3CegUH8r7BAHTosezAW +CALcj8ECgYEA0S2AMpTdv2LdzTB9KLCGhHHbZSGgf/RBqvtkY2vCOKUSnZ3eT6Vy +wdVsRumbwMzmgzDP91SPsb7h0kq8VvplAyREsIm7lo+C1rZOjefBXRTMbZezjkPA ++OIA7DauyRpeICjhraMC3a5VDJgHPYb21juJZLf6wmA79uiye4ElbqcCgYEAwIBD +85yw4N7zH+0h9h9aJH7JU9CAQQ0EETJyDgCRqk5eSepoQEG3WpJw2tuP1cQpvJS8 +WCo1/k5eeyawOVHtkXoSXmsJF4QcGkyK/bbrlqpqzqB9hWw2s0XY8yY22PWOV64H +ugxTAr59G4Fp1LthyzL0Si4c/u5O3iSV9eJWCu8CgYBYPTd9HutEFvK14iSKC51T +Nax1RvAryeABvrakcgqmVow5zSTAuGxmdB+O8nDvrf/3i5nPHe7X7kvYqAo3Lr15 +y8zmI9PsOXHaHWGZ3w/ksidie8IU22QGGWCGRLMKxoK6UkSRONi2pxndjCxRuiNa +UBcvU6UGZg4lpBfWna4qtQKBgCaOyo2WOhugrKQddGr/FqguuRbPsZDWEZV8PDov +xP2O2vYFPMJ6J0a+BFriFapks1Nxm1QxiEUa33PdaPjiPyqff+RnnheWv6ZI5KIz +LHcuRVyD6wB5j29TM0RoyB2m+c74LdYHN+1ZyGdlAZS5v7nax/G/0NEDXMrEG0F4 +B3IDAoGBAKi0u0aMsVKOY1X9AR/4PWwe2zD6JWIT9oGWXGmp3CjXH+RxoSCTtYYr +1eLmgVkKA0dYrJO4QqZ26pLst3FZ0trAH0zhbn5y7NWy2AdDFMFClk5D8a+VEm1S +ejTDoNtohKlDFgaGC15mrHpv6JfpKGlBpRuTH8DRuCpaoqLQ9bOO +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA4-pathlen2.pem b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem new file mode 100644 index 000000000..0d3e8258a --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: + bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: + 12:1d:40:6b:10:db:c2:d3:e4:dd:80:77:74:7b:88: + 44:65:e0:cf:52:c5:8a:42:e5:6e:b7:6a:ab:50:a0: + 2e:29:c2:fe:ba:d5:c7:da:6b:91:26:8f:fc:1e:06: + 17:f0:de:58:87:ef:1e:a6:91:12:39:68:a5:05:f3: + 8c:67:c9:e5:99:18:a4:fc:90:3f:bd:a6:ca:f2:a6: + dd:b5:e6:93:cb:14:89:83:3c:88:5a:31:ab:e3:66: + 2a:1b:87:c5:85:03:45:b0:ce:e1:0f:c1:0f:92:70: + d7:ac:65:ea:a8:09:c1:fe:1d:db:b7:e7:dd:98:d3: + c6:b1:16:b4:54:58:c1:aa:ba:a1:cf:19:14:a7:e4: + 55:a6:da:bb:1f:9e:d1:85:00:e0:8d:4a:c4:d2:86: + 08:75:fd:d8:1e:85:21:6c:27:8f:18:d5:44:73:58: + ab:94:75:4a:36:3d:8d:4d:c6:7a:86:9d:00:db:c5: + ba:be:70:02:83:bf:6e:d8:31:89:b3:f2:16:98:be: + 27:f6:14:5a:e9:d4:72:67:8d:a9:df:76:27:bf:19: + ac:20:59:28:5b:1b:42:d9:d5:5b:6d:fb:6e:a2:5e: + d3:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 0d:bc:87:df:e4:68:a5:56:54:d2:89:42:d8:b4:1b:45:6f:88: + b2:39:d1:ad:38:f4:0b:68:5e:e1:3e:88:60:4f:69:be:a8:ee: + 1d:14:08:69:86:ee:6a:08:42:35:6e:44:4f:5f:be:13:00:81: + ca:41:a7:70:d3:48:9f:60:03:14:a4:4b:7f:35:7e:6d:94:0b: + cf:63:00:fe:8e:54:2c:4c:ac:fb:ef:4c:68:91:9a:0f:45:3e: + 07:12:f2:74:e6:83:36:8e:61:49:f9:03:17:e2:16:72:eb:6b: + c3:c1:7b:95:37:31:1f:10:b9:fc:7b:e4:54:d4:4f:81:a0:f8: + 0e:be:99:43:50:dd:19:7e:f9:41:8b:0d:2e:b2:e5:2c:ec:9b: + 20:42:f4:3a:da:03:99:bc:c1:c2:6c:69:4e:8e:6e:ad:22:57: + dc:2c:1a:e3:4f:15:c4:b3:b4:5d:2d:be:d8:62:0a:a4:c9:62: + fb:9a:53:26:ee:8f:8e:43:a6:e2:77:9b:1f:1f:4f:86:b5:65: + 22:3c:0d:f7:75:ab:24:2d:5b:6f:96:3f:26:22:b0:de:b2:4e: + 37:fd:f9:9a:22:81:15:91:c5:b0:54:f2:ee:f0:e9:7f:23:ab: + 43:1c:43:e1:e4:bf:61:20:13:f3:4f:b6:71:77:a3:23:89:fb: + 02:c2:24:5e +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrua/+27IghI4QDtoi7PloblQMv +JFMtVz8ROF0SHUBrENvC0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muR +Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr +42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV +ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC +g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQANvIff5GilVlTSiULYtBtFb4iyOdGtOPQLaF7hPohgT2m+qO4dFAhphu5q +CEI1bkRPX74TAIHKQadw00ifYAMUpEt/NX5tlAvPYwD+jlQsTKz770xokZoPRT4H +EvJ05oM2jmFJ+QMX4hZy62vDwXuVNzEfELn8e+RU1E+BoPgOvplDUN0ZfvlBiw0u +suUs7JsgQvQ62gOZvMHCbGlOjm6tIlfcLBrjTxXEs7RdLb7YYgqkyWL7mlMm7o+O +Q6bid5sfH0+GtWUiPA33daskLVtvlj8mIrDesk43/fmaIoEVkcWwVPLu8Ol/I6tD +HEPh5L9hIBPzT7Zxd6MjifsCwiRe +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-assembled.pem b/certs/test-pathlen/chainJ-assembled.pem new file mode 100644 index 000000000..4e93b51f6 --- /dev/null +++ b/certs/test-pathlen/chainJ-assembled.pem @@ -0,0 +1,443 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: + 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: + 0e:de:cf:05:74:df:37:a4:37:33:a6:6f:59:06:c8: + 9f:19:35:c3:94:f7:05:ba:52:eb:3e:92:29:61:48: + 88:fa:6d:42:b4:30:de:ce:df:94:ed:92:88:60:c8: + 55:36:50:ee:36:b5:ed:35:6f:95:01:f4:88:4b:7b: + 3e:fe:b5:9c:64:c0:72:be:8c:74:6a:8c:f5:e4:65: + 66:87:52:9d:7b:b0:20:f6:d8:c3:de:76:b9:70:7c: + 01:82:6e:fc:fa:1b:e7:c4:c1:5f:38:ce:50:dc:3a: + 22:87:bc:19:9a:45:d5:8a:7a:93:f9:78:59:c7:0a: + f9:8f:eb:c3:79:eb:b5:ee:36:f0:5e:5d:2f:8f:46: + e8:63:c2:31:82:fc:fb:5d:8c:ca:01:b1:bb:72:2b: + e7:2f:82:3c:a6:24:a6:3f:58:7e:69:5b:4a:00:b4: + 25:b3:b3:c3:b3:b0:c2:3f:a3:d7:ee:04:12:1d:ab: + 0b:bb:02:b0:6c:0b:36:64:56:a9:5d:37:e5:0a:28: + 44:5e:15:e4:f5:ab:73:98:0a:b3:28:90:1d:30:f2: + 8c:e7:db:13:6a:0f:b4:cb:8d:06:15:86:ce:35:12: + e3:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 13:92:E0:30:5E:36:4F:BF:D5:E3:0D:5D:40:0B:64:95:EC:8E:77:4E + X509v3 Authority Key Identifier: + keyid:9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 10:a0:e0:ea:4b:df:4c:5b:92:da:6b:13:5a:4b:e9:46:1a:17: + 48:42:5e:08:c8:28:e4:ce:69:46:25:55:70:57:bd:4e:b2:0b: + a4:75:22:b6:5b:d7:e0:54:3f:31:14:99:09:c1:3b:6f:b7:59: + 5a:52:67:46:0c:4f:ec:fa:31:4a:6e:59:04:50:99:60:1e:74: + ed:3a:ac:4d:cd:98:31:4d:b1:54:07:3e:76:bb:92:e2:1d:53: + 65:08:38:e3:4d:b0:d8:74:14:5f:00:94:e7:d2:c9:9d:80:23: + f5:9e:3d:8c:22:72:b3:20:5a:01:a3:02:f2:9c:cc:b8:1d:73: + db:eb:cc:cb:27:4f:75:17:1d:23:68:07:4f:15:be:00:cc:a9: + 2a:14:82:2c:0e:e3:92:40:dc:62:ac:d9:61:24:99:19:43:d5: + 3e:85:ca:e5:6d:e1:76:9a:4e:01:ef:34:98:7a:1b:ca:8b:c3: + de:99:22:75:28:11:0c:17:7a:58:7b:44:33:22:58:61:24:8c: + 96:a5:a7:63:19:31:6d:61:83:1c:5f:50:66:48:29:b4:2d:8e: + 5e:f3:63:85:e8:9c:d8:6e:93:4a:4d:ff:b1:d5:60:96:d0:9f: + 4e:3f:6f:c9:b4:e1:04:b8:ef:55:c2:77:c1:e1:50:d0:a7:b8: + 9d:a3:81:71 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+1GgrGmLNQa/eu60 +oYp+rjF1redFe+bZu3zpcw7ezwV03zekNzOmb1kGyJ8ZNcOU9wW6Uus+kilhSIj6 +bUK0MN7O35TtkohgyFU2UO42te01b5UB9IhLez7+tZxkwHK+jHRqjPXkZWaHUp17 +sCD22MPedrlwfAGCbvz6G+fEwV84zlDcOiKHvBmaRdWKepP5eFnHCvmP68N567Xu +NvBeXS+PRuhjwjGC/PtdjMoBsbtyK+cvgjymJKY/WH5pW0oAtCWzs8OzsMI/o9fu +BBIdqwu7ArBsCzZkVqldN+UKKEReFeT1q3OYCrMokB0w8ozn2xNqD7TLjQYVhs41 +EuOpAgMBAAGjggEAMIH9MB0GA1UdDgQWBBQTkuAwXjZPv9XjDV1AC2SV7I53TjCB +0AYDVR0jBIHIMIHFgBScezoQswiZBQCvPuCkXdmvgrxNwKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +EKDg6kvfTFuS2msTWkvpRhoXSEJeCMgo5M5pRiVVcFe9TrILpHUitlvX4FQ/MRSZ +CcE7b7dZWlJnRgxP7PoxSm5ZBFCZYB507TqsTc2YMU2xVAc+druS4h1TZQg4402w +2HQUXwCU59LJnYAj9Z49jCJysyBaAaMC8pzMuB1z2+vMyydPdRcdI2gHTxW+AMyp +KhSCLA7jkkDcYqzZYSSZGUPVPoXK5W3hdppOAe80mHobyovD3pkidSgRDBd6WHtE +MyJYYSSMlqWnYxkxbWGDHF9QZkgptC2OXvNjheic2G6TSk3/sdVgltCfTj9vybTh +BLjvVcJ3weFQ0Ke4naOBcQ== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: + 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: + e8:73:a3:57:b4:49:3a:37:82:8f:15:38:5a:aa:af: + ad:72:26:2e:84:c2:0d:de:fc:f0:be:3b:a2:11:a9: + 12:20:d4:3d:de:62:85:85:91:08:60:db:c0:4a:bb: + 89:b6:f4:91:1e:51:a3:b2:f7:08:99:df:48:4a:59: + 84:d1:aa:09:36:0d:cd:68:a5:ae:41:c8:d7:1a:d8: + ea:49:87:20:22:27:f9:45:54:3e:c7:c8:00:44:7e: + 34:72:aa:8d:2d:4d:6a:3e:75:89:e2:d4:17:57:f9: + cd:2b:d0:b7:14:6a:54:1b:61:af:9b:68:22:b1:16: + 73:eb:05:6c:41:ea:ed:10:4e:bc:83:04:68:c8:3a: + e1:03:12:ad:28:5c:24:4c:19:a1:7e:d8:ef:1b:80: + e4:0e:49:0c:69:86:f6:1e:e7:01:fb:2a:6f:56:1b: + 6d:0a:ad:e9:29:3f:31:bb:48:28:40:79:2b:b5:f3: + aa:ec:e9:09:4c:82:fc:97:28:19:a3:3a:c0:d2:5e: + a3:8a:98:c8:8a:b7:d2:c4:90:bc:ff:cc:47:13:90: + ad:00:ab:8a:ec:f7:94:35:09:60:10:35:9f:32:c5: + 00:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + X509v3 Authority Key Identifier: + keyid:A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 1c:0b:c0:44:10:dc:db:df:b9:3e:a0:95:09:d7:13:63:81:f7: + 32:57:19:84:72:2d:8e:60:66:0e:78:f3:35:7d:71:f8:95:88: + bc:90:52:e1:e2:4e:fe:4a:f7:bd:66:fe:b7:73:84:7f:96:ee: + ba:93:97:31:01:af:74:4f:60:40:74:d2:b5:a1:2f:e0:79:1a: + e2:67:08:ee:d4:60:43:1d:bc:79:9d:61:ae:fe:5e:9b:c8:b3: + 69:4e:d0:2b:2b:61:7a:51:1a:c9:bf:8c:b5:ff:ee:ee:42:eb: + ad:e4:90:53:1c:ed:a6:6f:27:51:1f:bf:b1:e3:0e:28:70:46: + 36:91:2e:72:82:b8:05:ee:42:c0:bd:17:0a:38:96:da:13:a4: + d5:a3:9d:bd:82:c3:aa:9f:ff:a8:cd:28:38:ae:18:44:a6:e3: + 60:eb:e0:4c:bd:1f:9e:99:e9:47:38:86:08:29:61:64:d6:6a: + 55:a0:eb:5a:62:24:d5:48:36:5b:51:5c:7f:5f:94:21:ea:d4: + 5e:7d:ee:ec:e7:3f:5b:35:59:8f:84:b9:00:53:80:3e:6a:a0: + db:de:a9:36:9e:f2:1e:48:77:cb:df:94:af:4c:a8:cc:93:c4: + 03:74:ca:ec:d8:86:a3:b9:49:76:b7:af:44:b3:b4:51:ca:a8: + 8b:78:73:f5 +-----BEGIN CERTIFICATE----- +MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnb0TC +Ecws9CqlqAhTSw7NliO7FUoq3fmnGSuRKOhzo1e0STo3go8VOFqqr61yJi6Ewg3e +/PC+O6IRqRIg1D3eYoWFkQhg28BKu4m29JEeUaOy9wiZ30hKWYTRqgk2Dc1opa5B +yNca2OpJhyAiJ/lFVD7HyABEfjRyqo0tTWo+dYni1BdX+c0r0LcUalQbYa+baCKx +FnPrBWxB6u0QTryDBGjIOuEDEq0oXCRMGaF+2O8bgOQOSQxphvYe5wH7Km9WG20K +rekpPzG7SChAeSu186rs6QlMgvyXKBmjOsDSXqOKmMiKt9LEkLz/zEcTkK0Aq4rs +95Q1CWAQNZ8yxQAbAgMBAAGjggERMIIBDTAdBgNVHQ4EFgQUnHs6ELMImQUArz7g +pF3Zr4K8TcAwgdAGA1UdIwSByDCBxYAUo/VximCAPJNkF9kutcDOqcEUF8Shgamk +gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAcC8BEENzb37k+oJUJ1xNjgfcyVxmE +ci2OYGYOePM1fXH4lYi8kFLh4k7+Sve9Zv63c4R/lu66k5cxAa90T2BAdNK1oS/g +eRriZwju1GBDHbx5nWGu/l6byLNpTtArK2F6URrJv4y1/+7uQuut5JBTHO2mbydR +H7+x4w4ocEY2kS5ygrgF7kLAvRcKOJbaE6TVo529gsOqn/+ozSg4rhhEpuNg6+BM +vR+emelHOIYIKWFk1mpVoOtaYiTVSDZbUVx/X5Qh6tRefe7s5z9bNVmPhLkAU4A+ +aqDb3qk2nvIeSHfL35SvTKjMk8QDdMrs2IajuUl2t69Es7RRyqiLeHP1 +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: + 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: + 19:96:38:7b:c6:88:d7:7d:85:93:00:35:40:0b:c0: + a9:ff:66:0f:9e:a1:1d:88:6e:a9:8a:f1:ad:47:b4: + 71:c9:15:50:c6:0f:35:9e:95:4a:66:d3:bd:1b:38: + 7b:dc:67:85:97:1b:b3:63:c9:72:d6:43:5a:f1:5e: + 35:f6:05:96:c7:40:bc:23:ab:94:34:82:59:02:b2: + 33:d0:e6:7f:19:57:65:68:3c:04:61:50:ef:22:95: + 4f:ef:18:bf:15:b1:4d:8e:cd:a7:a0:98:22:f5:1c: + 05:01:6b:4b:35:bf:88:c3:47:c3:24:29:b4:45:cb: + 95:a1:ac:16:1d:dd:b8:68:ac:51:39:24:27:6a:be: + 31:f1:ec:06:10:55:be:44:02:4f:e8:12:7b:d6:fe: + 32:c9:48:37:6b:20:68:cb:53:f5:49:3a:ae:4a:c7: + 43:c1:af:e6:53:11:d9:f8:71:1a:a2:d6:37:c7:2b: + 45:50:49:51:4f:55:6c:3f:1e:69:7b:58:12:3a:7e: + 59:a0:57:9d:28:9c:8a:6d:82:e7:13:15:3b:04:8f: + e2:82:0f:2f:cf:d9:25:d9:65:a3:3c:03:c0:cd:b6: + 51:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + X509v3 Authority Key Identifier: + keyid:CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5b:56:cd:5e:fc:3a:fb:2b:be:7c:63:ad:a7:7b:e4:9a:00:78: + cb:d8:e6:00:41:3d:3d:e3:f6:43:78:75:d7:c9:07:61:0c:2b: + 43:46:8f:12:a3:5a:f0:3d:22:f4:72:ea:27:1a:70:57:48:c5: + ec:7d:00:dd:5d:83:a6:71:f7:90:ec:69:bd:2e:86:97:06:dc: + 9c:be:4e:a8:4c:9f:db:93:5e:fd:d8:ba:ae:89:55:65:16:cf: + ab:a5:a4:4e:ae:21:ce:5e:e0:91:e1:77:de:e3:b4:3d:ba:d2: + 12:f3:54:c0:50:94:16:e5:b2:62:71:58:03:2c:d1:f4:1f:ce: + 9d:a5:ce:2a:57:9f:f7:19:41:b0:4d:e8:27:5d:f2:e6:c8:44: + 1b:c3:57:51:76:d4:15:1a:05:31:61:c3:02:db:56:81:1e:24: + f2:23:04:a9:5a:31:ee:08:1d:08:1f:49:d7:2c:ba:1e:00:5a: + e5:57:8b:fd:aa:a4:2f:6a:d7:93:19:09:92:30:7d:95:68:3b: + b7:ce:a3:f2:b9:e4:e4:e4:48:a4:22:6b:00:33:91:56:28:fc: + 50:f7:1d:f6:70:5b:83:a8:99:98:2d:7a:6c:aa:9b:5a:a5:56: + 5b:89:95:a8:50:27:68:ce:63:5e:d3:84:cb:80:1b:ae:3e:a2: + 5c:13:9b:ff +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Kf2J +qoLgHQR4aexhWFFShH5rVWks9CPWH9jtqxmWOHvGiNd9hZMANUALwKn/Zg+eoR2I +bqmK8a1HtHHJFVDGDzWelUpm070bOHvcZ4WXG7NjyXLWQ1rxXjX2BZbHQLwjq5Q0 +glkCsjPQ5n8ZV2VoPARhUO8ilU/vGL8VsU2OzaegmCL1HAUBa0s1v4jDR8MkKbRF +y5WhrBYd3bhorFE5JCdqvjHx7AYQVb5EAk/oEnvW/jLJSDdrIGjLU/VJOq5Kx0PB +r+ZTEdn4cRqi1jfHK0VQSVFPVWw/Hml7WBI6flmgV50onIptgucTFTsEj+KCDy/P +2SXZZaM8A8DNtlHVAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUo/VximCAPJNkF9ku +tcDOqcEUF8Qwgc4GA1UdIwSBxjCBw4AUzZdJePcxYe0vcRpo6UUsQHhRk1uhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAW1bNXvw6+yu+fGOtp3vkmgB4y9jmAEE9 +PeP2Q3h118kHYQwrQ0aPEqNa8D0i9HLqJxpwV0jF7H0A3V2DpnH3kOxpvS6Glwbc +nL5OqEyf25Ne/di6rolVZRbPq6WkTq4hzl7gkeF33uO0PbrSEvNUwFCUFuWyYnFY +AyzR9B/OnaXOKlef9xlBsE3oJ13y5shEG8NXUXbUFRoFMWHDAttWgR4k8iMEqVox +7ggdCB9J1yy6HgBa5VeL/aqkL2rXkxkJkjB9lWg7t86j8rnk5ORIpCJrADORVij8 +UPcd9nBbg6iZmC16bKqbWqVWW4mVqFAnaM5jXtOEy4Abrj6iXBOb/w== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: + 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: + 39:e1:e7:4e:48:29:48:25:e1:b5:f5:25:df:64:7b: + ea:ed:aa:1f:8b:0d:e7:eb:f5:2f:ae:2a:5a:3d:50: + c7:fb:ef:0b:8b:44:0b:63:94:be:c6:d7:63:45:2e: + 85:96:00:5c:be:7e:10:09:b3:d0:aa:7c:de:20:f8: + 75:39:23:85:ee:84:13:88:54:2a:96:f5:16:27:9f: + 8b:b0:a6:2a:f4:9d:13:8c:71:1c:0c:a6:59:53:ec: + f9:0b:2b:c9:45:13:d6:12:ef:39:d1:8e:9c:9e:ae: + 3c:bb:b6:d8:10:ac:b7:59:49:5b:73:00:be:af:92: + 21:14:54:a3:fa:b6:17:ae:b6:dc:b1:f1:61:f0:75: + 07:43:5e:48:fa:e7:80:56:cf:df:ad:46:52:85:42: + fb:a7:70:53:14:c6:b7:51:fa:23:f0:f5:4b:d1:bb: + 3f:9b:fc:35:ca:d2:85:f1:a0:77:02:06:7c:79:99: + 13:b5:68:b4:16:47:42:88:f7:bc:eb:78:b2:e8:11: + 2f:62:f6:da:f9:ef:1b:e0:9f:b5:d5:32:65:b5:4e: + e4:be:36:6b:65:65:1a:96:a2:47:b5:3e:9f:b0:0d: + 63:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + X509v3 Authority Key Identifier: + keyid:FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 38:56:e6:30:a8:f8:db:32:4c:53:e0:8f:c5:08:98:3f:ce:bf: + b1:04:b0:52:24:63:6a:14:86:41:08:13:78:aa:98:7e:07:9b: + 1d:22:9e:61:b6:69:fb:f9:24:a3:8e:4b:f2:1f:39:6a:0b:a1: + ff:1f:9b:65:7c:7f:85:8c:d8:ce:3d:83:93:4c:00:4e:7f:d0: + 44:53:b1:a8:7d:bf:43:f1:d7:f2:2c:86:20:b8:cf:11:39:bb: + 7e:21:28:ca:20:4b:0a:46:97:d3:c6:82:2c:4e:25:8a:e4:92: + 84:da:c2:9b:15:3a:5c:8b:fc:a1:b7:76:f9:e8:80:79:1f:fc: + 4f:d4:18:f1:17:fa:19:87:4d:3c:81:e1:82:ce:e2:5c:d2:c0: + cd:e8:44:5a:dd:f1:41:5f:a2:df:27:a9:d4:4e:f7:2c:7a:8c: + 5f:dd:f2:3e:e3:c5:1f:7b:5f:0e:6f:9c:9a:c8:eb:63:0f:98: + eb:7e:e6:89:56:d9:c7:f4:6d:20:d9:0f:a5:81:82:90:90:95: + 53:62:80:9d:e3:93:44:4c:33:00:1e:b9:c8:b2:13:53:d2:a3: + 18:96:86:40:92:74:bf:a9:8e:77:ff:a8:3b:7f:c6:92:c8:b4: + 4e:6c:17:7f:36:9d:f6:64:11:f9:26:5e:55:09:36:fe:8c:84: + 81:08:0e:a3 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kr2BZVw +WlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClIJeG19SXfZHvq7aofiw3n6/Uv +ripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQqnzeIPh1OSOF7oQTiFQqlvUW +J5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6cnq48u7bYEKy3WUlbcwC+r5Ih +FFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7p3BTFMa3Ufoj8PVL0bs/m/w1 +ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba+e8b4J+11TJltU7kvjZrZWUa +lqJHtT6fsA1jQQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUzZdJePcxYe0vcRpo6UUs +QHhRk1swgcEGA1UdIwSBuTCBtoAU/BgTUrszStscW9GAmD5AhpVYcvmhgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQA4VuYwqPjbMkxT4I/FCJg/zr+xBLBSJGNqFIZBCBN4qph+B5sdIp5h +tmn7+SSjjkvyHzlqC6H/H5tlfH+FjNjOPYOTTABOf9BEU7Gofb9D8dfyLIYguM8R +Obt+ISjKIEsKRpfTxoIsTiWK5JKE2sKbFTpci/yht3b56IB5H/xP1BjxF/oZh008 +geGCzuJc0sDN6ERa3fFBX6LfJ6nUTvcseoxf3fI+48Ufe18Ob5yayOtjD5jrfuaJ +VtnH9G0g2Q+lgYKQkJVTYoCd45NETDMAHrnIshNT0qMYloZAknS/qY53/6g7f8aS +yLRObBd/Np32ZBH5Jl5VCTb+jISBCA6j +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: + bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: + 12:1d:40:6b:10:db:c2:d3:e4:dd:80:77:74:7b:88: + 44:65:e0:cf:52:c5:8a:42:e5:6e:b7:6a:ab:50:a0: + 2e:29:c2:fe:ba:d5:c7:da:6b:91:26:8f:fc:1e:06: + 17:f0:de:58:87:ef:1e:a6:91:12:39:68:a5:05:f3: + 8c:67:c9:e5:99:18:a4:fc:90:3f:bd:a6:ca:f2:a6: + dd:b5:e6:93:cb:14:89:83:3c:88:5a:31:ab:e3:66: + 2a:1b:87:c5:85:03:45:b0:ce:e1:0f:c1:0f:92:70: + d7:ac:65:ea:a8:09:c1:fe:1d:db:b7:e7:dd:98:d3: + c6:b1:16:b4:54:58:c1:aa:ba:a1:cf:19:14:a7:e4: + 55:a6:da:bb:1f:9e:d1:85:00:e0:8d:4a:c4:d2:86: + 08:75:fd:d8:1e:85:21:6c:27:8f:18:d5:44:73:58: + ab:94:75:4a:36:3d:8d:4d:c6:7a:86:9d:00:db:c5: + ba:be:70:02:83:bf:6e:d8:31:89:b3:f2:16:98:be: + 27:f6:14:5a:e9:d4:72:67:8d:a9:df:76:27:bf:19: + ac:20:59:28:5b:1b:42:d9:d5:5b:6d:fb:6e:a2:5e: + d3:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 0d:bc:87:df:e4:68:a5:56:54:d2:89:42:d8:b4:1b:45:6f:88: + b2:39:d1:ad:38:f4:0b:68:5e:e1:3e:88:60:4f:69:be:a8:ee: + 1d:14:08:69:86:ee:6a:08:42:35:6e:44:4f:5f:be:13:00:81: + ca:41:a7:70:d3:48:9f:60:03:14:a4:4b:7f:35:7e:6d:94:0b: + cf:63:00:fe:8e:54:2c:4c:ac:fb:ef:4c:68:91:9a:0f:45:3e: + 07:12:f2:74:e6:83:36:8e:61:49:f9:03:17:e2:16:72:eb:6b: + c3:c1:7b:95:37:31:1f:10:b9:fc:7b:e4:54:d4:4f:81:a0:f8: + 0e:be:99:43:50:dd:19:7e:f9:41:8b:0d:2e:b2:e5:2c:ec:9b: + 20:42:f4:3a:da:03:99:bc:c1:c2:6c:69:4e:8e:6e:ad:22:57: + dc:2c:1a:e3:4f:15:c4:b3:b4:5d:2d:be:d8:62:0a:a4:c9:62: + fb:9a:53:26:ee:8f:8e:43:a6:e2:77:9b:1f:1f:4f:86:b5:65: + 22:3c:0d:f7:75:ab:24:2d:5b:6f:96:3f:26:22:b0:de:b2:4e: + 37:fd:f9:9a:22:81:15:91:c5:b0:54:f2:ee:f0:e9:7f:23:ab: + 43:1c:43:e1:e4:bf:61:20:13:f3:4f:b6:71:77:a3:23:89:fb: + 02:c2:24:5e +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrua/+27IghI4QDtoi7PloblQMv +JFMtVz8ROF0SHUBrENvC0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muR +Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr +42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV +ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC +g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQANvIff5GilVlTSiULYtBtFb4iyOdGtOPQLaF7hPohgT2m+qO4dFAhphu5q +CEI1bkRPX74TAIHKQadw00ifYAMUpEt/NX5tlAvPYwD+jlQsTKz770xokZoPRT4H +EvJ05oM2jmFJ+QMX4hZy62vDwXuVNzEfELn8e+RU1E+BoPgOvplDUN0ZfvlBiw0u +suUs7JsgQvQ62gOZvMHCbGlOjm6tIlfcLBrjTxXEs7RdLb7YYgqkyWL7mlMm7o+O +Q6bid5sfH0+GtWUiPA33daskLVtvlj8mIrDesk43/fmaIoEVkcWwVPLu8Ol/I6tD +HEPh5L9hIBPzT7Zxd6MjifsCwiRe +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-entity-key.pem b/certs/test-pathlen/chainJ-entity-key.pem new file mode 100644 index 000000000..f935b9046 --- /dev/null +++ b/certs/test-pathlen/chainJ-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAs/tRoKxpizUGv3rutKGKfq4xda3nRXvm2bt86XMO3s8FdN83 +pDczpm9ZBsifGTXDlPcFulLrPpIpYUiI+m1CtDDezt+U7ZKIYMhVNlDuNrXtNW+V +AfSIS3s+/rWcZMByvox0aoz15GVmh1Kde7Ag9tjD3na5cHwBgm78+hvnxMFfOM5Q +3Doih7wZmkXVinqT+XhZxwr5j+vDeeu17jbwXl0vj0boY8Ixgvz7XYzKAbG7civn +L4I8piSmP1h+aVtKALQls7PDs7DCP6PX7gQSHasLuwKwbAs2ZFapXTflCihEXhXk +9atzmAqzKJAdMPKM59sTag+0y40GFYbONRLjqQIDAQABAoIBABmsC2SjsxpMIf5G +Bq51LFANgLiMaaSbm74K5DJYWxKk7N5SyJj/1royv7wb+bWa2Z7x7Ts6gJuYNZbO +xdsSoqUZI27WrWOFtzY23RC2UoQzRvaMR/DTdG1v0vh55yjn2nYbiq94E8rUO9+p +hRUTdmA/YxDkVmcZCQ4VzrfOKy0BOr6SnC3U0QghQ+UGPFeFRvd8vnBk76U8+XMV +xUybnbU17hoEB2p9nle6h0G0GtXI9dnJ0BD2RJMIhvs1cfrOkW/s8dkAXsokH4UU +XRIyRESkb+lVMWv8n8qcHZ3rjH+mxjkTxKdlnNy9qTfPoGJiaDb3LMfyd2xWReAq +VdirDVECgYEA5B0Cy5WrjuQ8aWPOoQbV24mDZGqhAb66oJ9yMkbzQ5DHZdZrt7s9 +k/dBMWOD4tc7w5WPwjYSxY7QOBSq1TETYIafOK1NqR9lnLJnOKiMYp49O9nAfK/y +6AgXQo9fqIIYhmmqEQYl9MSgQjEa5d9CdDg4mh6YzhaVoXn06UF+H4cCgYEAyfv9 +nZT2PBasmZWZdFRG4l78WsQO0+/00HnhPXs0Dn31N9A9aQDj5O4wJoiRDJPYkO0o +9wANtibayIvUoB72L9gc+8KIEU8Xuda+JtB+oPVi88Limxw3iBwrBUF9QA8Jjmrk +KtNOm5IrSpYpTEvOQkZFlskhQajey4Kys69Pz08CgYEAouqtUmVEr7sGAmcL7imJ +l0+xDYiyESL8+zalQo81si22m172c7RAmGrgnrtqOBpsTpWEpLol0f7baxInqDdy +lV/QW5Q6gO0xjyZDXk3SZaSKKzKrrOGk5F7S7fCj6x9vEKBqm9n+RcAgjOWxRjeb +qJF2q2vqylWK7FbDucvSngUCgYAOFa5XwL1y7znV8+KhhAb1Xh5GzgkiqkbuCrG0 +MdUtdYcV/0Vo/xDlM97TsQ48TEr7wC3tG2nZW9hBx85p4/7S00UiISyP2G4VHW5h +EoTiAHqH+P0IR+1vZldxpGFxiBrofXevrNB8dLLkHph+o4KciH3tx9Sz2Wy/0DtZ +4E22bQKBgCOb2dGVVS7fmM81Mg1Al9k9USVxp4wnS1iIHK1c/rBB61TPEyblhiqF +aveFoCse8SparMJ9utkqSqA7zQ3qwoPJZJ9p4T2pI0xp8yu15yBLeYgO0R7kriEC +XIapznOZvvC0/vSUT3kTOX27HlIcPqNOPnpYjsfdZ10okplrXnKB +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-entity.pem b/certs/test-pathlen/chainJ-entity.pem new file mode 100644 index 000000000..35c5f6367 --- /dev/null +++ b/certs/test-pathlen/chainJ-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: + 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: + 0e:de:cf:05:74:df:37:a4:37:33:a6:6f:59:06:c8: + 9f:19:35:c3:94:f7:05:ba:52:eb:3e:92:29:61:48: + 88:fa:6d:42:b4:30:de:ce:df:94:ed:92:88:60:c8: + 55:36:50:ee:36:b5:ed:35:6f:95:01:f4:88:4b:7b: + 3e:fe:b5:9c:64:c0:72:be:8c:74:6a:8c:f5:e4:65: + 66:87:52:9d:7b:b0:20:f6:d8:c3:de:76:b9:70:7c: + 01:82:6e:fc:fa:1b:e7:c4:c1:5f:38:ce:50:dc:3a: + 22:87:bc:19:9a:45:d5:8a:7a:93:f9:78:59:c7:0a: + f9:8f:eb:c3:79:eb:b5:ee:36:f0:5e:5d:2f:8f:46: + e8:63:c2:31:82:fc:fb:5d:8c:ca:01:b1:bb:72:2b: + e7:2f:82:3c:a6:24:a6:3f:58:7e:69:5b:4a:00:b4: + 25:b3:b3:c3:b3:b0:c2:3f:a3:d7:ee:04:12:1d:ab: + 0b:bb:02:b0:6c:0b:36:64:56:a9:5d:37:e5:0a:28: + 44:5e:15:e4:f5:ab:73:98:0a:b3:28:90:1d:30:f2: + 8c:e7:db:13:6a:0f:b4:cb:8d:06:15:86:ce:35:12: + e3:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 13:92:E0:30:5E:36:4F:BF:D5:E3:0D:5D:40:0B:64:95:EC:8E:77:4E + X509v3 Authority Key Identifier: + keyid:9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 10:a0:e0:ea:4b:df:4c:5b:92:da:6b:13:5a:4b:e9:46:1a:17: + 48:42:5e:08:c8:28:e4:ce:69:46:25:55:70:57:bd:4e:b2:0b: + a4:75:22:b6:5b:d7:e0:54:3f:31:14:99:09:c1:3b:6f:b7:59: + 5a:52:67:46:0c:4f:ec:fa:31:4a:6e:59:04:50:99:60:1e:74: + ed:3a:ac:4d:cd:98:31:4d:b1:54:07:3e:76:bb:92:e2:1d:53: + 65:08:38:e3:4d:b0:d8:74:14:5f:00:94:e7:d2:c9:9d:80:23: + f5:9e:3d:8c:22:72:b3:20:5a:01:a3:02:f2:9c:cc:b8:1d:73: + db:eb:cc:cb:27:4f:75:17:1d:23:68:07:4f:15:be:00:cc:a9: + 2a:14:82:2c:0e:e3:92:40:dc:62:ac:d9:61:24:99:19:43:d5: + 3e:85:ca:e5:6d:e1:76:9a:4e:01:ef:34:98:7a:1b:ca:8b:c3: + de:99:22:75:28:11:0c:17:7a:58:7b:44:33:22:58:61:24:8c: + 96:a5:a7:63:19:31:6d:61:83:1c:5f:50:66:48:29:b4:2d:8e: + 5e:f3:63:85:e8:9c:d8:6e:93:4a:4d:ff:b1:d5:60:96:d0:9f: + 4e:3f:6f:c9:b4:e1:04:b8:ef:55:c2:77:c1:e1:50:d0:a7:b8: + 9d:a3:81:71 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+1GgrGmLNQa/eu60 +oYp+rjF1redFe+bZu3zpcw7ezwV03zekNzOmb1kGyJ8ZNcOU9wW6Uus+kilhSIj6 +bUK0MN7O35TtkohgyFU2UO42te01b5UB9IhLez7+tZxkwHK+jHRqjPXkZWaHUp17 +sCD22MPedrlwfAGCbvz6G+fEwV84zlDcOiKHvBmaRdWKepP5eFnHCvmP68N567Xu +NvBeXS+PRuhjwjGC/PtdjMoBsbtyK+cvgjymJKY/WH5pW0oAtCWzs8OzsMI/o9fu +BBIdqwu7ArBsCzZkVqldN+UKKEReFeT1q3OYCrMokB0w8ozn2xNqD7TLjQYVhs41 +EuOpAgMBAAGjggEAMIH9MB0GA1UdDgQWBBQTkuAwXjZPv9XjDV1AC2SV7I53TjCB +0AYDVR0jBIHIMIHFgBScezoQswiZBQCvPuCkXdmvgrxNwKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +EKDg6kvfTFuS2msTWkvpRhoXSEJeCMgo5M5pRiVVcFe9TrILpHUitlvX4FQ/MRSZ +CcE7b7dZWlJnRgxP7PoxSm5ZBFCZYB507TqsTc2YMU2xVAc+druS4h1TZQg4402w +2HQUXwCU59LJnYAj9Z49jCJysyBaAaMC8pzMuB1z2+vMyydPdRcdI2gHTxW+AMyp +KhSCLA7jkkDcYqzZYSSZGUPVPoXK5W3hdppOAe80mHobyovD3pkidSgRDBd6WHtE +MyJYYSSMlqWnYxkxbWGDHF9QZkgptC2OXvNjheic2G6TSk3/sdVgltCfTj9vybTh +BLjvVcJ3weFQ0Ke4naOBcQ== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/refreshkeys.sh b/certs/test-pathlen/refreshkeys.sh index 4be87ee88..b70b7ecca 100755 --- a/certs/test-pathlen/refreshkeys.sh +++ b/certs/test-pathlen/refreshkeys.sh @@ -12,6 +12,10 @@ keyList=( chainG-ICA1-key.pem chainG-entity-key.pem chainH-ICA4-key.pem chainH-ICA3-key.pem chainH-ICA2-key.pem chainH-ICA1-key.pem chainH-entity-key.pem + chainI-ICA3-key.pem chainI-ICA2-key.pem chainI-ICA1-key.pem + chainI-entity-key.pem + chainJ-ICA4-key.pem chainJ-ICA3-key.pem chainJ-ICA2-key.pem + chainJ-ICA1-key.pem chainJ-entity-key.pem ) for TARGET_KEY in "${keyList[@]}" diff --git a/tests/api.c b/tests/api.c index 01560b717..1808b3c21 100644 --- a/tests/api.c +++ b/tests/api.c @@ -27951,11 +27951,13 @@ static void test_SetTmpEC_DHE_Sz(void) #endif } +#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ + !defined(NO_CERTS) static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; - if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != SSL_SUCCESS) { + if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != WOLFSSL_SUCCESS) { printf("loading cert %s failed\n", certA); printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; @@ -27968,7 +27970,7 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; if ((ret = wolfSSL_CertManagerVerify(cm, certA, WOLFSSL_FILETYPE_PEM)) - != SSL_SUCCESS) { + != WOLFSSL_SUCCESS) { printf("could not verify the cert: %s\n", certA); printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; @@ -27996,38 +27998,6 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) b--; \ } while(0) -static int test_chainH(WOLFSSL_CERT_MANAGER* cm) -{ - int ret; - int i = -1; - /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: - * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) - * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) - * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) - * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) - * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 - */ - char chainHArr[6][50] = {"certs/ca-cert.pem", - "certs/test-pathlen/chainH-ICA4-pathlen2.pem", - "certs/test-pathlen/chainH-ICA3-pathlen2.pem", - "certs/test-pathlen/chainH-ICA2-pathlen2.pem", - "certs/test-pathlen/chainH-ICA1-pathlen0.pem", - "certs/test-pathlen/chainH-entity.pem"}; - - LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ - - return ret; -} - static int test_chainG(WOLFSSL_CERT_MANAGER* cm) { int ret; @@ -28067,11 +28037,103 @@ static int test_chainG(WOLFSSL_CERT_MANAGER* cm) return ret; } +static int test_chainH(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) + * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) + * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) + * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainHArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainH-ICA4-pathlen2.pem", + "certs/test-pathlen/chainH-ICA3-pathlen2.pem", + "certs/test-pathlen/chainH-ICA2-pathlen2.pem", + "certs/test-pathlen/chainH-ICA1-pathlen0.pem", + "certs/test-pathlen/chainH-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ + + return ret; +} + +static int test_chainI(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain I is a valid chain per RFC5280 section 4.2.1.9: + * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 2) + * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 1) + * ICA1-no_pathlen signing entity (reduce maxPathLen to 0) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainIArr[5][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainI-ICA3-pathlen2.pem", + "certs/test-pathlen/chainI-ICA2-no_pathlen.pem", + "certs/test-pathlen/chainI-ICA1-no_pathlen.pem", + "certs/test-pathlen/chainI-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainIArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[3]); /* if failure, i = -4 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[1]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[2]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[3]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[4]); /* if failure, i = -8 here */ + + return ret; +} + +static int test_chainJ(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain J is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3 without a pathlen (reduce maxPathLen to 2) + * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 1) + * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 0) + * ICA1-no_pathlen signing entity (ERROR, pathlen zero and non-leaf cert) + */ + char chainJArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainJ-ICA4-pathlen2.pem", + "certs/test-pathlen/chainJ-ICA3-no_pathlen.pem", + "certs/test-pathlen/chainJ-ICA2-no_pathlen.pem", + "certs/test-pathlen/chainJ-ICA1-no_pathlen.pem", + "certs/test-pathlen/chainJ-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainJArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[5]); /* if failure, i = -10 here */ + + return ret; +} + static int test_various_pathlen_chains(void) { int ret; WOLFSSL_CERT_MANAGER* cm; + /* Test chain G (large chain with varying pathLens) */ wolfSSL_Init(); if ((cm = wolfSSL_CertManagerNew()) == NULL) { @@ -28083,11 +28145,13 @@ static int test_various_pathlen_chains(void) wolfSSL_CertManagerUnloadCAs(cm); wolfSSL_CertManagerFree(cm); + /* end test chain G */ + + /* Test chain H (5 chain with same pathLens) */ if ((cm = wolfSSL_CertManagerNew()) == NULL) { printf("cert manager new failed\n"); return -1; } -printf("KH: -----------------------------------------------\n"); AssertIntLT(test_chainH(cm), 0); wolfSSL_CertManagerUnloadCAs(cm); @@ -28096,15 +28160,50 @@ printf("KH: -----------------------------------------------\n"); printf("cert manager new failed\n"); return -1; } -printf("KH: -----------------------------------------------\n"); -// test_chainG_and_chainH(cm); + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + /* end test chain H */ + + /* Test chain I (only first ICA has pathLen set and it's set to 2, + * followed by 2 ICA's, should pass) */ + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + AssertIntEQ(test_chainI(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + + /* Test chain J (Again only first ICA has pathLen set and it's set to 2, + * this time followed by 3 ICA's, should fail */ + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + AssertIntLT(test_chainJ(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } ret = wolfSSL_CertManagerUnloadCAs(cm); wolfSSL_CertManagerFree(cm); return ret; - } +#endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */ /*----------------------------------------------------------------------------* | Main @@ -28591,7 +28690,10 @@ void ApiTest(void) AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS); +#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ + !defined(NO_CERTS) AssertIntEQ(test_various_pathlen_chains(), WOLFSSL_SUCCESS); +#endif /* If at some point a stub get implemented this test should fail indicating * a need to implement a new test case diff --git a/tests/suites.c b/tests/suites.c index c51e37728..1bffb53a2 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -171,6 +171,10 @@ static int IsValidCert(const char* line) size_t i; const char* begin; char cert[80]; +#ifdef WOLFSSL_STATIC_MEMORY + FILE* fStream = NULL; + long chkSz = 0; +#endif begin = XSTRSTR(line, "-c "); if (begin == NULL) @@ -180,6 +184,24 @@ static int IsValidCert(const char* line) for (i = 0; i < sizeof(cert) - 1 && *begin != ' ' && *begin != '\0'; i++) cert[i] = *(begin++); cert[i] = '\0'; +#ifdef WOLFSSL_STATIC_MEMORY + fStream = XFOPEN(cert, "rb"); + if (fStream == NULL) { + printf("Failed to open file %s\n", cert); + printf("Invalid cert, skipping test\n"); + return 0; + } else { + printf("Successfully opened file\n"); + } + + XFSEEK(fStream, 0L, SEEK_END); + chkSz = XFTELL(fStream); + XFCLOSE(fStream); + if (chkSz > LARGEST_MEM_BUCKET) { + printf("File is larger than largest bucket, skipping this test\n"); + return 0; + } +#endif ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex(NULL)); if (ctx == NULL) diff --git a/tests/test-chains.conf b/tests/test-chains.conf index e37f823c5..879d9288d 100644 --- a/tests/test-chains.conf +++ b/tests/test-chains.conf @@ -60,7 +60,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -73,7 +72,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -86,7 +84,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -99,7 +96,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -113,7 +109,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -H exitWithRet -C @@ -128,7 +123,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -H exitWithRet -C @@ -142,7 +136,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -156,7 +149,32 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem +-H exitWithRet +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainI-entity-key.pem +-c ./certs/test-pathlen/chainI-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainJ-entity-key.pem +-c ./certs/test-pathlen/chainJ-assembled.pem +-H exitWithRet +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 -H exitWithRet -C diff --git a/tests/test.conf b/tests/test.conf index 7e3abdd5e..e41c9c645 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -1954,16 +1954,16 @@ -j # server TLSv1.2 verify callback override --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --c ./certs/test/server-ecc.pem --k ./certs/ecc-key.pem +#-v 3 +#-l ECDHE-ECDSA-AES128-GCM-SHA256 +#-c ./certs/test/server-ecc.pem #This cert no longer exists +#-k ./certs/ecc-key.pem # client TLSv1.2 verify callback override --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --A ./certs/ca-ecc-cert.pem --j +#-v 3 +#-l ECDHE-ECDSA-AES128-GCM-SHA256 +#-A ./certs/ca-ecc-cert.pem +#-j # server TLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305 -v 3 diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 54555f9d6..0c155fc12 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -8488,7 +8488,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) int badDate = 0; int criticalExt = 0; int checkPathLen = 0; - int reduceMaxPathByOne = 0; + int decrementMaxPathLen = 0; word32 confirmOID; #if defined(WOLFSSL_RENESAS_TSIP) int idx = 0; @@ -8551,12 +8551,9 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) } #endif /* !NO_SKID */ - if (!cert->ca && type == CA_TYPE && !cert->pathLengthSet) { - cert->pathLength = cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; - cert->pathLengthSet = 1; - } else if (cert->pathLengthSet) { - cert->maxPathLen = cert->pathLength; - + if (cert->selfSigned) { + cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; + } else { cert->ca = NULL; #ifndef NO_SKID if (cert->extAuthKeyIdSet) @@ -8606,7 +8603,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) * No - ERROR */ - if (cert->ca) { + if (cert->ca && cert->pathLengthSet) { + cert->maxPathLen = cert->pathLength; if (cert->isCA) { WOLFSSL_MSG("\tCA boolean set"); if (cert->extKeyUsageSet) { @@ -8614,7 +8612,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { checkPathLen = 1; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } else { checkPathLen = 1; @@ -8626,19 +8624,26 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) WOLFSSL_MSG("\tmaxPathLen status: set to pathLength"); cert->maxPathLen = cert->pathLength; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } - if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { WOLFSSL_MSG("\tmaxPathLen status: reduce by 1"); cert->maxPathLen = cert->ca->maxPathLen - 1; - } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + } else if (decrementMaxPathLen && cert->ca->maxPathLen <= 0) { /* Will be handled as ERROR in "verify check" below */ cert->maxPathLen = 0; } + } else if (cert->ca && cert->isCA) { + /* case where cert->pathLength extension is not set */ + if (cert->ca->maxPathLen > 0) { + cert->maxPathLen = cert->ca->maxPathLen - 1; + } else { + cert->maxPathLen = 0; + } } - } + } if (verify != NO_VERIFY && type != CA_TYPE && type != TRUSTED_PEER_TYPE) { @@ -8675,14 +8680,13 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) * verify check */ - if (cert->ca) { - + if (cert->ca && cert->pathLengthSet) { if (cert->isCA) { if (cert->extKeyUsageSet) { if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { checkPathLen = 1; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } else { checkPathLen = 1; @@ -8693,24 +8697,34 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if (cert->pathLength < cert->ca->maxPathLen) { WOLFSSL_MSG("\tmaxPathLen status: OK"); } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } - if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { WOLFSSL_MSG("\tmaxPathLen status: OK"); - } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + } else if (decrementMaxPathLen && cert->ca->maxPathLen <= 0) { WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); WOLFSSL_MSG("\tmaxPathLen status: ERROR"); return ASN_PATHLEN_INV_E; } - #ifdef HAVE_OCSP + } else if (cert->ca && cert->isCA) { + /* case where pathLength constraint is not set in cert */ + if (cert->ca->maxPathLen <= 0) { + WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); + WOLFSSL_MSG("\tmaxPathLen status: ERROR"); + return ASN_PATHLEN_INV_E; + } + } + #ifdef HAVE_OCSP + if (cert->ca) { /* Need the CA's public key hash for OCSP */ XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash, KEYID_SIZE); - #endif /* HAVE_OCSP */ + } + #endif /* HAVE_OCSP */ } } #if defined(WOLFSSL_RENESAS_TSIP) diff --git a/wolfssl/wolfcrypt/memory.h b/wolfssl/wolfcrypt/memory.h index 85c67ed65..cb806cfd3 100644 --- a/wolfssl/wolfcrypt/memory.h +++ b/wolfssl/wolfcrypt/memory.h @@ -102,16 +102,32 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*, #ifndef WOLFMEM_BUCKETS #ifndef SESSION_CERTS /* default size of chunks of memory to separate into */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,16128 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 16128 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #elif defined (OPENSSL_EXTRA) /* extra storage in structs for multiple attributes and order */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,25536 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 25536 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\ + LARGEST_MEM_BUCKET #elif defined (WOLFSSL_CERT_EXT) /* certificate extensions requires 24k for the SSL struct */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,24576 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 24576 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #else /* increase 23k for object member of WOLFSSL_X509_NAME_ENTRY */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,23440 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 23440 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #endif #endif #ifndef WOLFMEM_DIST