From 306b280ccdfcdba28b1df36cf5e0754ec04e860a Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Thu, 10 Oct 2019 16:59:50 -0600 Subject: [PATCH] Add test cases and implement peer suggestions Fix failing jenkins test cases Add detection for file size with static memory Account for cert without pathLen constraint set including test cases Resolve OCSP case and test where cert->pathLen expected to be NULL --- certs/renewcerts/wolfssl.cnf | 7 + certs/test-pathlen/assemble-chains.sh | 64 ++- certs/test-pathlen/chainA-ICA1-pathlen0.pem | 58 +-- certs/test-pathlen/chainA-assembled.pem | 112 ++--- certs/test-pathlen/chainA-entity.pem | 54 +-- certs/test-pathlen/chainB-ICA1-pathlen0.pem | 54 +-- certs/test-pathlen/chainB-ICA2-pathlen1.pem | 58 +-- certs/test-pathlen/chainB-assembled.pem | 168 +++---- certs/test-pathlen/chainB-entity.pem | 56 +-- certs/test-pathlen/chainC-ICA1-pathlen1.pem | 58 +-- certs/test-pathlen/chainC-assembled.pem | 112 ++--- certs/test-pathlen/chainC-entity.pem | 54 +-- certs/test-pathlen/chainD-ICA1-pathlen127.pem | 58 +-- certs/test-pathlen/chainD-assembled.pem | 112 ++--- certs/test-pathlen/chainD-entity.pem | 54 +-- certs/test-pathlen/chainE-ICA1-pathlen128.pem | 56 +-- certs/test-pathlen/chainE-assembled.pem | 110 ++--- certs/test-pathlen/chainE-entity.pem | 54 +-- certs/test-pathlen/chainF-ICA1-pathlen1.pem | 54 +-- certs/test-pathlen/chainF-ICA2-pathlen0.pem | 58 +-- certs/test-pathlen/chainF-assembled.pem | 168 +++---- certs/test-pathlen/chainF-entity.pem | 56 +-- certs/test-pathlen/chainG-ICA1-pathlen0.pem | 54 +-- certs/test-pathlen/chainG-ICA2-pathlen1.pem | 54 +-- certs/test-pathlen/chainG-ICA3-pathlen99.pem | 54 +-- certs/test-pathlen/chainG-ICA4-pathlen5.pem | 54 +-- certs/test-pathlen/chainG-ICA5-pathlen20.pem | 54 +-- certs/test-pathlen/chainG-ICA6-pathlen10.pem | 54 +-- certs/test-pathlen/chainG-ICA7-pathlen100.pem | 58 +-- certs/test-pathlen/chainG-assembled.pem | 438 ++++++++--------- certs/test-pathlen/chainG-entity.pem | 56 +-- certs/test-pathlen/chainH-ICA1-pathlen0.pem | 54 +-- certs/test-pathlen/chainH-ICA2-pathlen2.pem | 54 +-- certs/test-pathlen/chainH-ICA3-pathlen2.pem | 54 +-- certs/test-pathlen/chainH-ICA4-pathlen2.pem | 58 +-- certs/test-pathlen/chainH-assembled.pem | 276 +++++------ certs/test-pathlen/chainH-entity.pem | 56 +-- certs/test-pathlen/chainI-ICA1-key.pem | 27 ++ certs/test-pathlen/chainI-ICA1-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainI-ICA2-key.pem | 27 ++ certs/test-pathlen/chainI-ICA2-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainI-ICA3-key.pem | 27 ++ certs/test-pathlen/chainI-ICA3-pathlen2.pem | 89 ++++ certs/test-pathlen/chainI-assembled.pem | 354 ++++++++++++++ certs/test-pathlen/chainI-entity-key.pem | 27 ++ certs/test-pathlen/chainI-entity.pem | 87 ++++ certs/test-pathlen/chainJ-ICA1-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA1-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainJ-ICA2-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA2-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainJ-ICA3-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA3-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainJ-ICA4-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA4-pathlen2.pem | 89 ++++ certs/test-pathlen/chainJ-assembled.pem | 443 ++++++++++++++++++ certs/test-pathlen/chainJ-entity-key.pem | 27 ++ certs/test-pathlen/chainJ-entity.pem | 87 ++++ certs/test-pathlen/refreshkeys.sh | 4 + tests/api.c | 178 +++++-- tests/suites.c | 22 + tests/test-chains.conf | 34 +- tests/test.conf | 16 +- wolfcrypt/src/asn.c | 56 ++- wolfssl/wolfcrypt/memory.h | 24 +- 64 files changed, 3647 insertions(+), 1587 deletions(-) create mode 100644 certs/test-pathlen/chainI-ICA1-key.pem create mode 100644 certs/test-pathlen/chainI-ICA1-no_pathlen.pem create mode 100644 certs/test-pathlen/chainI-ICA2-key.pem create mode 100644 certs/test-pathlen/chainI-ICA2-no_pathlen.pem create mode 100644 certs/test-pathlen/chainI-ICA3-key.pem create mode 100644 certs/test-pathlen/chainI-ICA3-pathlen2.pem create mode 100644 certs/test-pathlen/chainI-assembled.pem create mode 100644 certs/test-pathlen/chainI-entity-key.pem create mode 100644 certs/test-pathlen/chainI-entity.pem create mode 100644 certs/test-pathlen/chainJ-ICA1-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA1-no_pathlen.pem create mode 100644 certs/test-pathlen/chainJ-ICA2-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA2-no_pathlen.pem create mode 100644 certs/test-pathlen/chainJ-ICA3-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA3-no_pathlen.pem create mode 100644 certs/test-pathlen/chainJ-ICA4-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA4-pathlen2.pem create mode 100644 certs/test-pathlen/chainJ-assembled.pem create mode 100644 certs/test-pathlen/chainJ-entity-key.pem create mode 100644 certs/test-pathlen/chainJ-entity.pem diff --git a/certs/renewcerts/wolfssl.cnf b/certs/renewcerts/wolfssl.cnf index 1ad47d9c9..da9752c5b 100644 --- a/certs/renewcerts/wolfssl.cnf +++ b/certs/renewcerts/wolfssl.cnf @@ -125,6 +125,13 @@ subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:true +#wolfssl extensions for intermediate CAs +[wolfssl_opts_ICA] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true +keyUsage=keyCertSign, cRLSign + # CA with pathlen 0 [ pathlen_0 ] subjectKeyIdentifier=hash diff --git a/certs/test-pathlen/assemble-chains.sh b/certs/test-pathlen/assemble-chains.sh index 41bf2b287..8f8a067da 100755 --- a/certs/test-pathlen/assemble-chains.sh +++ b/certs/test-pathlen/assemble-chains.sh @@ -24,20 +24,37 @@ create_an_intermediate(){ pathLen="$3" signer="$4" signerKey="$5" -echo "pathLen = $3, $pathLen" - echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + echo "pathLen = $3, $pathLen" echo "" #pipe the following arguments to openssl req... - echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem - check_result $? "Step 1" - openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha1 > "$chainID-$icaNum-pathlen$pathLen.pem" - check_result $? "Step 2" + if [ "$pathLen" = "no_pathlen" ]; then + echo "Updating $chainID-$icaNum-$pathLen.pem" - rm temp-req.pem - openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem - check_result $? "Step 3" - mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem + check_result $? "Step 1" + + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions wolfssl_opts_ICA -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha256 > "$chainID-$icaNum-$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-$pathLen.pem" + else + echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem + check_result $? "Step 1" + + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha256 > "$chainID-$icaNum-pathlen$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + fi echo "End of Section" echo "-------------------------------------------------------------------------" } @@ -58,10 +75,10 @@ create_an_entity(){ echo "Updating $chainID-entity.pem" echo "" #pipe the following arguments to openssl req... - echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem check_result $? "Step 1" - openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha1 > "$chainID"-entity.pem + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha256 > "$chainID"-entity.pem check_result $? "Step 2" rm temp-req.pem @@ -112,6 +129,18 @@ create_an_intermediate "chainH" "ICA2" "2" "chainH-ICA3-pathlen2.pem" "chainH-IC create_an_intermediate "chainH" "ICA1" "0" "chainH-ICA2-pathlen2.pem" "chainH-ICA2-key.pem" create_an_entity "chainH" "chainH-ICA1-pathlen0.pem" "chainH-ICA1-key.pem" +# Success, PathLen of 2 followed by 2 Intermediates with no pathLen set +create_an_intermediate "chainI" "ICA3" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainI" "ICA2" "no_pathlen" "chainI-ICA3-pathlen2.pem" "chainI-ICA3-key.pem" +create_an_intermediate "chainI" "ICA1" "no_pathlen" "chainI-ICA2-no_pathlen.pem" "chainI-ICA2-key.pem" +create_an_entity "chainI" "chainI-ICA1-no_pathlen.pem" "chainI-ICA1-key.pem" + +# Fail: PathLen of 2 followed by 3 Intermediates with no pathLen set +create_an_intermediate "chainJ" "ICA4" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainJ" "ICA3" "no_pathlen" "chainJ-ICA4-pathlen2.pem" "chainJ-ICA4-key.pem" +create_an_intermediate "chainJ" "ICA2" "no_pathlen" "chainJ-ICA3-no_pathlen.pem" "chainJ-ICA3-key.pem" +create_an_intermediate "chainJ" "ICA1" "no_pathlen" "chainJ-ICA2-no_pathlen.pem" "chainJ-ICA2-key.pem" +create_an_entity "chainJ" "chainJ-ICA1-no_pathlen.pem" "chainJ-ICA1-key.pem" ########################################################### ########## Assemble Chains ################ @@ -157,3 +186,14 @@ cat chainG-ICA6-pathlen10.pem chainG-ICA7-pathlen100.pem >> chainG-assembled.pem cat chainH-entity.pem chainH-ICA1-pathlen0.pem > chainH-assembled.pem cat chainH-ICA2-pathlen2.pem chainH-ICA3-pathlen2.pem >> chainH-assembled.pem cat chainH-ICA4-pathlen2.pem >> chainH-assembled.pem + +# Fail: +cat chainI-entity.pem chainI-ICA1-no_pathlen.pem > chainI-assembled.pem +cat chainI-ICA2-no_pathlen.pem chainI-ICA3-pathlen2.pem >> chainI-assembled.pem + +# Fail: PathLen of 2, signing PathLen of 2, signing Pathlen of 2, signing PathLen 0 +# max_path_len = 2, max_path_len -= 1 (1), max_path_len -= 1 (0), max-path_len 0, non-entity cert. +cat chainJ-entity.pem chainJ-ICA1-no_pathlen.pem > chainJ-assembled.pem +cat chainJ-ICA2-no_pathlen.pem chainJ-ICA3-no_pathlen.pem >> chainJ-assembled.pem +cat chainJ-ICA4-pathlen2.pem >> chainJ-assembled.pem + diff --git a/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/certs/test-pathlen/chainA-ICA1-pathlen0.pem index 183b27324..f4e62b953 100644 --- a/certs/test-pathlen/chainA-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainA-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:41 2019 GMT - Not After : Jul 6 21:32:41 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: - be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: - de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: - df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: - c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: - 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: - 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: - 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: - fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: - f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: - e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: - 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: - e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: - 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: - fd:7f:af:c2 + Signature Algorithm: sha256WithRSAEncryption + 2a:15:34:be:88:ed:0b:5d:97:b4:c0:9e:f7:45:a2:ba:bb:a0: + 7f:a0:b3:93:15:79:38:27:36:25:91:5d:73:10:bb:d0:f9:f3: + e9:5f:98:c6:9b:6b:da:08:60:48:3e:26:17:2b:ae:22:08:ac: + 10:ed:a1:28:65:96:7f:94:75:c8:da:6c:c9:f6:4c:4c:b1:a3: + 45:4b:74:c7:de:49:f6:c1:1c:2c:eb:41:3c:2d:56:52:75:5b: + 7c:13:c0:dc:41:34:02:c0:e5:5e:79:71:65:ac:d1:f3:36:f7: + 55:d5:13:8f:0a:42:49:d9:fc:7f:5c:a4:cb:ad:7b:72:2f:98: + e2:56:92:9e:11:1a:b2:9d:5b:b9:2c:14:1e:51:f5:c5:b7:2c: + c2:39:52:90:0f:4e:04:5e:59:23:6f:d8:f9:75:2b:54:b0:6e: + 98:0a:54:3a:45:fd:9a:63:31:ce:a3:a8:ae:7b:be:03:81:a5: + 18:d3:00:51:a4:29:d4:f7:8d:53:31:72:85:80:c0:62:71:06: + 2b:07:b6:0a:b2:12:cf:2b:bd:99:34:6b:5e:ea:94:0c:1a:e8: + 2b:ee:e5:d6:3d:cb:7a:f6:f8:6e:e4:e2:f4:25:07:13:11:b1: + 18:b3:75:29:40:dc:bc:31:57:37:71:7c:09:bb:74:1c:9e:b4: + 3e:1d:47:20 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 -RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG -1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p -AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX -Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 -fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAqFTS+iO0LXZe0wJ73RaK6u6B/oLOTFXk4JzYlkV1zELvQ+fPpX5jGm2va +CGBIPiYXK64iCKwQ7aEoZZZ/lHXI2mzJ9kxMsaNFS3TH3kn2wRws60E8LVZSdVt8 +E8DcQTQCwOVeeXFlrNHzNvdV1ROPCkJJ2fx/XKTLrXtyL5jiVpKeERqynVu5LBQe +UfXFtyzCOVKQD04EXlkjb9j5dStUsG6YClQ6Rf2aYzHOo6iue74DgaUY0wBRpCnU +941TMXKFgMBicQYrB7YKshLPK72ZNGte6pQMGugr7uXWPct69vhu5OL0JQcTEbEY +s3UpQNy8MVc3cXwJu3QcnrQ+HUcg -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-assembled.pem b/certs/test-pathlen/chainA-assembled.pem index d02e53a49..0661644ff 100644 --- a/certs/test-pathlen/chainA-assembled.pem +++ b/certs/test-pathlen/chainA-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: - de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: - b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: - 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: - b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: - 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: - 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: - a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: - ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: - fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: - 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: - 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: - 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: - 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: - 5b:44:0b:a0 + Signature Algorithm: sha256WithRSAEncryption + 72:8d:c5:a7:a8:d5:4a:bc:d9:72:ef:46:79:53:5c:e8:32:10: + f5:29:ee:b0:6c:ef:68:80:a3:f6:0f:fe:ba:73:ce:a9:c4:93: + 01:ba:78:eb:a9:4a:f3:32:e2:4c:74:6c:f7:23:c9:70:44:a1: + d1:f7:59:d7:fd:34:12:ab:81:91:16:20:60:59:dd:ff:d5:6f: + 1f:d6:25:d9:95:85:7f:9d:dc:18:49:39:44:43:03:03:98:db: + 2e:03:a8:88:27:13:d2:a5:52:0e:15:a0:e5:5d:15:81:2b:3d: + 1c:cb:41:58:46:d3:4f:37:be:ae:45:eb:7d:9c:52:91:50:98: + a5:c1:e6:7b:1a:60:e0:d6:61:7e:88:19:b7:ec:8a:33:07:24: + 04:9f:78:89:50:97:9c:a4:1e:15:fc:ef:bf:29:4d:c3:8c:19: + d7:59:68:30:d2:08:d8:80:d8:7e:32:31:2b:ee:cf:7f:b4:47: + a4:bb:7d:cf:b6:64:9d:55:5c:e9:44:0a:43:ed:3b:c2:ae:1d: + 34:1c:bf:7e:5b:91:8c:26:76:fb:68:d9:3e:6b:68:22:ae:60: + 56:d3:4e:f3:b7:d1:de:da:47:03:2e:22:74:85:ea:52:de:22: + fd:90:55:21:8d:b2:e4:35:c3:15:44:f6:1a:01:3c:0a:56:f8: + 89:98:59:4a -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,22 +77,22 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B -3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH -6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko -eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 -/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 -WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAco3Fp6jVSrzZcu9GeVNc6DIQ +9SnusGzvaICj9g/+unPOqcSTAbp466lK8zLiTHRs9yPJcESh0fdZ1/00EquBkRYg +YFnd/9VvH9Yl2ZWFf53cGEk5REMDA5jbLgOoiCcT0qVSDhWg5V0VgSs9HMtBWEbT +Tze+rkXrfZxSkVCYpcHmexpg4NZhfogZt+yKMwckBJ94iVCXnKQeFfzvvylNw4wZ +11loMNII2IDYfjIxK+7Pf7RHpLt9z7ZknVVc6UQKQ+07wq4dNBy/fluRjCZ2+2jZ +PmtoIq5gVtNO87fR3tpHAy4idIXqUt4i/ZBVIY2y5DXDFUT2GgE8Clb4iZhZSg== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:41 2019 GMT - Not After : Jul 6 21:32:41 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: - be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: - de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: - df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: - c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: - 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: - 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: - 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: - fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: - f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: - e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: - 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: - e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: - 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: - fd:7f:af:c2 + Signature Algorithm: sha256WithRSAEncryption + 2a:15:34:be:88:ed:0b:5d:97:b4:c0:9e:f7:45:a2:ba:bb:a0: + 7f:a0:b3:93:15:79:38:27:36:25:91:5d:73:10:bb:d0:f9:f3: + e9:5f:98:c6:9b:6b:da:08:60:48:3e:26:17:2b:ae:22:08:ac: + 10:ed:a1:28:65:96:7f:94:75:c8:da:6c:c9:f6:4c:4c:b1:a3: + 45:4b:74:c7:de:49:f6:c1:1c:2c:eb:41:3c:2d:56:52:75:5b: + 7c:13:c0:dc:41:34:02:c0:e5:5e:79:71:65:ac:d1:f3:36:f7: + 55:d5:13:8f:0a:42:49:d9:fc:7f:5c:a4:cb:ad:7b:72:2f:98: + e2:56:92:9e:11:1a:b2:9d:5b:b9:2c:14:1e:51:f5:c5:b7:2c: + c2:39:52:90:0f:4e:04:5e:59:23:6f:d8:f9:75:2b:54:b0:6e: + 98:0a:54:3a:45:fd:9a:63:31:ce:a3:a8:ae:7b:be:03:81:a5: + 18:d3:00:51:a4:29:d4:f7:8d:53:31:72:85:80:c0:62:71:06: + 2b:07:b6:0a:b2:12:cf:2b:bd:99:34:6b:5e:ea:94:0c:1a:e8: + 2b:ee:e5:d6:3d:cb:7a:f6:f8:6e:e4:e2:f4:25:07:13:11:b1: + 18:b3:75:29:40:dc:bc:31:57:37:71:7c:09:bb:74:1c:9e:b4: + 3e:1d:47:20 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -165,11 +165,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 -RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG -1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p -AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX -Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 -fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAqFTS+iO0LXZe0wJ73RaK6u6B/oLOTFXk4JzYlkV1zELvQ+fPpX5jGm2va +CGBIPiYXK64iCKwQ7aEoZZZ/lHXI2mzJ9kxMsaNFS3TH3kn2wRws60E8LVZSdVt8 +E8DcQTQCwOVeeXFlrNHzNvdV1ROPCkJJ2fx/XKTLrXtyL5jiVpKeERqynVu5LBQe +UfXFtyzCOVKQD04EXlkjb9j5dStUsG6YClQ6Rf2aYzHOo6iue74DgaUY0wBRpCnU +941TMXKFgMBicQYrB7YKshLPK72ZNGte6pQMGugr7uXWPct69vhu5OL0JQcTEbEY +s3UpQNy8MVc3cXwJu3QcnrQ+HUcg -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-entity.pem b/certs/test-pathlen/chainA-entity.pem index 855d8c4bd..277c4a644 100644 --- a/certs/test-pathlen/chainA-entity.pem +++ b/certs/test-pathlen/chainA-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: - de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: - b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: - 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: - b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: - 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: - 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: - a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: - ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: - fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: - 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: - 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: - 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: - 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: - 5b:44:0b:a0 + Signature Algorithm: sha256WithRSAEncryption + 72:8d:c5:a7:a8:d5:4a:bc:d9:72:ef:46:79:53:5c:e8:32:10: + f5:29:ee:b0:6c:ef:68:80:a3:f6:0f:fe:ba:73:ce:a9:c4:93: + 01:ba:78:eb:a9:4a:f3:32:e2:4c:74:6c:f7:23:c9:70:44:a1: + d1:f7:59:d7:fd:34:12:ab:81:91:16:20:60:59:dd:ff:d5:6f: + 1f:d6:25:d9:95:85:7f:9d:dc:18:49:39:44:43:03:03:98:db: + 2e:03:a8:88:27:13:d2:a5:52:0e:15:a0:e5:5d:15:81:2b:3d: + 1c:cb:41:58:46:d3:4f:37:be:ae:45:eb:7d:9c:52:91:50:98: + a5:c1:e6:7b:1a:60:e0:d6:61:7e:88:19:b7:ec:8a:33:07:24: + 04:9f:78:89:50:97:9c:a4:1e:15:fc:ef:bf:29:4d:c3:8c:19: + d7:59:68:30:d2:08:d8:80:d8:7e:32:31:2b:ee:cf:7f:b4:47: + a4:bb:7d:cf:b6:64:9d:55:5c:e9:44:0a:43:ed:3b:c2:ae:1d: + 34:1c:bf:7e:5b:91:8c:26:76:fb:68:d9:3e:6b:68:22:ae:60: + 56:d3:4e:f3:b7:d1:de:da:47:03:2e:22:74:85:ea:52:de:22: + fd:90:55:21:8d:b2:e4:35:c3:15:44:f6:1a:01:3c:0a:56:f8: + 89:98:59:4a -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B -3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH -6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko -eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 -/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 -WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAco3Fp6jVSrzZcu9GeVNc6DIQ +9SnusGzvaICj9g/+unPOqcSTAbp466lK8zLiTHRs9yPJcESh0fdZ1/00EquBkRYg +YFnd/9VvH9Yl2ZWFf53cGEk5REMDA5jbLgOoiCcT0qVSDhWg5V0VgSs9HMtBWEbT +Tze+rkXrfZxSkVCYpcHmexpg4NZhfogZt+yKMwckBJ94iVCXnKQeFfzvvylNw4wZ +11loMNII2IDYfjIxK+7Pf7RHpLt9z7ZknVVc6UQKQ+07wq4dNBy/fluRjCZ2+2jZ +PmtoIq5gVtNO87fR3tpHAy4idIXqUt4i/ZBVIY2y5DXDFUT2GgE8Clb4iZhZSg== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/certs/test-pathlen/chainB-ICA1-pathlen0.pem index 7f180ba4e..138560784 100644 --- a/certs/test-pathlen/chainB-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainB-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: - 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: - b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: - 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: - 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: - 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: - cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: - 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: - c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: - bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: - 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: - dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: - af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: - f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: - d8:0d:95:d4 + Signature Algorithm: sha256WithRSAEncryption + cd:0b:7e:66:b9:1d:a8:14:81:a8:e0:b3:74:d9:79:8a:c1:e5: + 15:cf:6a:a7:a3:ca:d2:ad:f8:f6:9f:c2:be:67:ee:cf:9a:3c: + 1c:a3:c4:db:2b:c8:a9:b1:55:94:a1:9e:e3:c2:6c:3a:95:90: + 7e:8f:29:56:c6:99:d2:e5:3b:8f:f3:9a:11:4a:97:22:07:d9: + e2:e5:f8:3e:0f:08:50:43:ea:66:13:6c:20:2e:71:95:10:07: + 88:89:2d:30:9c:96:b1:7e:42:5f:63:c3:8b:71:c6:1d:00:ee: + 83:d7:80:1b:fa:f4:fe:f5:b1:29:f8:c1:ca:1d:89:9b:7c:2a: + 84:00:e4:f5:04:2d:35:be:12:c1:fa:78:cb:bc:c9:04:8a:bf: + 87:57:99:3a:9f:0a:88:a5:e8:94:db:2b:8f:ba:5f:b4:75:7f: + ac:56:75:b4:db:7f:57:24:17:cb:89:f8:cb:8b:c4:b2:44:4a: + d9:57:82:fb:ce:0c:84:e2:2b:a5:f2:90:63:aa:b3:c5:e1:00: + 22:60:8f:23:1f:a8:97:4b:49:f7:f7:cb:92:f7:94:80:52:5b: + 8d:4a:c1:f1:d1:3e:9f:28:96:61:af:8e:72:8d:b6:9e:14:ed: + 14:db:ea:f0:fc:50:39:ca:c8:ab:1e:49:c3:9e:97:0a:d7:1c: + 6f:b2:17:9a -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr -S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 -8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ -K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I -S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 -NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +AQELBQADggEBAM0Lfma5HagUgajgs3TZeYrB5RXPaqejytKt+Pafwr5n7s+aPByj +xNsryKmxVZShnuPCbDqVkH6PKVbGmdLlO4/zmhFKlyIH2eLl+D4PCFBD6mYTbCAu +cZUQB4iJLTCclrF+Ql9jw4txxh0A7oPXgBv69P71sSn4wcodiZt8KoQA5PUELTW+ +EsH6eMu8yQSKv4dXmTqfCoil6JTbK4+6X7R1f6xWdbTbf1ckF8uJ+MuLxLJEStlX +gvvODITiK6XykGOqs8XhACJgjyMfqJdLSff3y5L3lIBSW41KwfHRPp8olmGvjnKN +tp4U7RTb6vD8UDnKyKseScOelwrXHG+yF5o= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/certs/test-pathlen/chainB-ICA2-pathlen1.pem index 2f1eea71c..5197a077d 100644 --- a/certs/test-pathlen/chainB-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainB-ICA2-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: - 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: - 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: - 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: - 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: - e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: - 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: - aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: - d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: - 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: - 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: - 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: - 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: - eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: - 2c:b1:c1:34 + Signature Algorithm: sha256WithRSAEncryption + ab:c7:2b:9d:15:73:97:47:e0:88:32:9d:10:71:81:53:62:97: + dc:c4:72:73:49:3e:50:50:10:03:1e:22:58:82:e0:b3:da:ca: + 89:92:70:c8:54:0d:8e:a6:44:a0:26:5d:5d:52:d2:fb:63:e4: + 13:7e:30:9a:13:25:4e:c8:34:a1:c9:e6:69:24:64:98:e3:88: + 9c:86:18:62:53:70:ae:f0:d9:ed:f3:0c:e8:ec:5b:e5:27:85: + 16:d0:b0:f6:bd:5d:9a:62:41:26:25:31:88:70:fe:25:97:48: + f1:e6:21:1c:78:f7:68:03:59:21:db:f1:c5:92:96:24:b8:23: + fc:ab:52:95:70:6a:52:16:4d:fc:36:6b:5f:58:4f:3f:c9:f4: + e7:6e:52:41:42:99:41:07:c2:75:74:db:c2:49:84:7c:3f:c1: + ac:bd:d4:d5:8f:d0:73:95:18:8a:5d:f0:8d:dd:2d:f0:b7:61: + 8d:8a:ef:14:9f:fd:30:ba:10:e8:57:d3:1b:8e:2d:9b:74:b3: + 63:0d:0e:8c:f9:a2:f7:42:c8:e6:5e:83:6f:0f:9a:85:3b:6e: + 66:48:b9:a7:a8:fc:da:19:47:0c:90:26:0d:ce:15:fe:6a:1e: + 47:5a:49:f8:76:0f:3a:a8:68:cd:a6:38:4c:a6:ca:b2:b0:9b: + c7:46:43:cd -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ -CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg -YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW -6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R -kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr -sJQyRfcOsjskBVJ/iUhPJeIsscE0 +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQCrxyudFXOXR+CIMp0QcYFTYpfcxHJzST5QUBADHiJYguCz2sqJknDIVA2O +pkSgJl1dUtL7Y+QTfjCaEyVOyDShyeZpJGSY44ichhhiU3Cu8Nnt8wzo7FvlJ4UW +0LD2vV2aYkEmJTGIcP4ll0jx5iEcePdoA1kh2/HFkpYkuCP8q1KVcGpSFk38Nmtf +WE8/yfTnblJBQplBB8J1dNvCSYR8P8GsvdTVj9BzlRiKXfCN3S3wt2GNiu8Un/0w +uhDoV9Mbji2bdLNjDQ6M+aL3QsjmXoNvD5qFO25mSLmnqPzaGUcMkCYNzhX+ah5H +Wkn4dg86qGjNpjhMpsqysJvHRkPN -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-assembled.pem b/certs/test-pathlen/chainB-assembled.pem index 310d83f88..7f83c5f55 100644 --- a/certs/test-pathlen/chainB-assembled.pem +++ b/certs/test-pathlen/chainB-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: - 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: - 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: - b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: - 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: - 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: - 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: - ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: - ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: - fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: - d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: - d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: - 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: - 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: - a5:75:99:ad + Signature Algorithm: sha256WithRSAEncryption + 1f:ee:5c:85:ed:4e:3b:39:6b:29:a2:ef:65:b9:f3:c7:47:85: + 8e:79:a0:35:1b:aa:0e:98:67:a8:df:03:9c:2b:81:24:ed:cb: + cc:c0:42:49:76:bf:78:7b:b9:39:ca:f6:06:35:76:dd:e3:59: + c5:70:3b:b3:cf:62:0a:09:1d:07:90:96:c4:0e:0a:38:97:f7: + 31:1d:ad:44:f9:03:f9:30:22:b6:68:01:00:38:23:3d:f6:e7: + 71:5a:e4:d4:59:52:4f:80:86:ec:8f:ca:92:1d:9b:07:93:fe: + 34:22:ac:9a:a2:aa:9e:fe:f5:7b:99:fd:72:32:40:98:88:d8: + 42:1d:33:59:4c:38:2e:97:f2:9d:a2:fc:b7:33:cd:84:c1:c6: + ef:f5:c5:d9:be:32:ba:44:66:06:62:5c:55:31:38:b4:25:1a: + 6a:64:de:14:39:b4:38:74:1b:d7:c4:ec:81:fc:3a:13:4b:e1: + d1:b1:5f:3c:8e:25:bc:63:7f:30:78:04:4e:79:3a:83:97:52: + f6:00:6a:9e:d8:b5:c6:06:21:97:4a:98:ee:cf:e8:83:94:23: + 11:6c:00:d7:e9:35:1f:89:77:85:9a:d7:8f:29:90:c6:61:14: + e5:7d:55:5b:66:65:60:44:79:8a:1b:58:88:b9:0f:5f:a6:5f: + 7a:ca:6b:0c -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 -7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 -RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO -oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa -EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU -zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu -xBu8E79NhaV1ma0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAB/uXIXt +Tjs5aymi72W588dHhY55oDUbqg6YZ6jfA5wrgSTty8zAQkl2v3h7uTnK9gY1dt3j +WcVwO7PPYgoJHQeQlsQOCjiX9zEdrUT5A/kwIrZoAQA4Iz3253Fa5NRZUk+AhuyP +ypIdmweT/jQirJqiqp7+9XuZ/XIyQJiI2EIdM1lMOC6X8p2i/LczzYTBxu/1xdm+ +MrpEZgZiXFUxOLQlGmpk3hQ5tDh0G9fE7IH8OhNL4dGxXzyOJbxjfzB4BE55OoOX +UvYAap7YtcYGIZdKmO7P6IOUIxFsANfpNR+Jd4Wa148pkMZhFOV9VVtmZWBEeYob +WIi5D1+mX3rKaww= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: - 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: - b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: - 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: - 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: - 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: - cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: - 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: - c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: - bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: - 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: - dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: - af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: - f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: - d8:0d:95:d4 + Signature Algorithm: sha256WithRSAEncryption + cd:0b:7e:66:b9:1d:a8:14:81:a8:e0:b3:74:d9:79:8a:c1:e5: + 15:cf:6a:a7:a3:ca:d2:ad:f8:f6:9f:c2:be:67:ee:cf:9a:3c: + 1c:a3:c4:db:2b:c8:a9:b1:55:94:a1:9e:e3:c2:6c:3a:95:90: + 7e:8f:29:56:c6:99:d2:e5:3b:8f:f3:9a:11:4a:97:22:07:d9: + e2:e5:f8:3e:0f:08:50:43:ea:66:13:6c:20:2e:71:95:10:07: + 88:89:2d:30:9c:96:b1:7e:42:5f:63:c3:8b:71:c6:1d:00:ee: + 83:d7:80:1b:fa:f4:fe:f5:b1:29:f8:c1:ca:1d:89:9b:7c:2a: + 84:00:e4:f5:04:2d:35:be:12:c1:fa:78:cb:bc:c9:04:8a:bf: + 87:57:99:3a:9f:0a:88:a5:e8:94:db:2b:8f:ba:5f:b4:75:7f: + ac:56:75:b4:db:7f:57:24:17:cb:89:f8:cb:8b:c4:b2:44:4a: + d9:57:82:fb:ce:0c:84:e2:2b:a5:f2:90:63:aa:b3:c5:e1:00: + 22:60:8f:23:1f:a8:97:4b:49:f7:f7:cb:92:f7:94:80:52:5b: + 8d:4a:c1:f1:d1:3e:9f:28:96:61:af:8e:72:8d:b6:9e:14:ed: + 14:db:ea:f0:fc:50:39:ca:c8:ab:1e:49:c3:9e:97:0a:d7:1c: + 6f:b2:17:9a -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr -S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 -8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ -K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I -S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 -NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +AQELBQADggEBAM0Lfma5HagUgajgs3TZeYrB5RXPaqejytKt+Pafwr5n7s+aPByj +xNsryKmxVZShnuPCbDqVkH6PKVbGmdLlO4/zmhFKlyIH2eLl+D4PCFBD6mYTbCAu +cZUQB4iJLTCclrF+Ql9jw4txxh0A7oPXgBv69P71sSn4wcodiZt8KoQA5PUELTW+ +EsH6eMu8yQSKv4dXmTqfCoil6JTbK4+6X7R1f6xWdbTbf1ckF8uJ+MuLxLJEStlX +gvvODITiK6XykGOqs8XhACJgjyMfqJdLSff3y5L3lIBSW41KwfHRPp8olmGvjnKN +tp4U7RTb6vD8UDnKyKseScOelwrXHG+yF5o= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: - 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: - 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: - 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: - 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: - e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: - 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: - aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: - d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: - 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: - 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: - 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: - 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: - eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: - 2c:b1:c1:34 + Signature Algorithm: sha256WithRSAEncryption + ab:c7:2b:9d:15:73:97:47:e0:88:32:9d:10:71:81:53:62:97: + dc:c4:72:73:49:3e:50:50:10:03:1e:22:58:82:e0:b3:da:ca: + 89:92:70:c8:54:0d:8e:a6:44:a0:26:5d:5d:52:d2:fb:63:e4: + 13:7e:30:9a:13:25:4e:c8:34:a1:c9:e6:69:24:64:98:e3:88: + 9c:86:18:62:53:70:ae:f0:d9:ed:f3:0c:e8:ec:5b:e5:27:85: + 16:d0:b0:f6:bd:5d:9a:62:41:26:25:31:88:70:fe:25:97:48: + f1:e6:21:1c:78:f7:68:03:59:21:db:f1:c5:92:96:24:b8:23: + fc:ab:52:95:70:6a:52:16:4d:fc:36:6b:5f:58:4f:3f:c9:f4: + e7:6e:52:41:42:99:41:07:c2:75:74:db:c2:49:84:7c:3f:c1: + ac:bd:d4:d5:8f:d0:73:95:18:8a:5d:f0:8d:dd:2d:f0:b7:61: + 8d:8a:ef:14:9f:fd:30:ba:10:e8:57:d3:1b:8e:2d:9b:74:b3: + 63:0d:0e:8c:f9:a2:f7:42:c8:e6:5e:83:6f:0f:9a:85:3b:6e: + 66:48:b9:a7:a8:fc:da:19:47:0c:90:26:0d:ce:15:fe:6a:1e: + 47:5a:49:f8:76:0f:3a:a8:68:cd:a6:38:4c:a6:ca:b2:b0:9b: + c7:46:43:cd -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -255,11 +255,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ -CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg -YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW -6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R -kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr -sJQyRfcOsjskBVJ/iUhPJeIsscE0 +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQCrxyudFXOXR+CIMp0QcYFTYpfcxHJzST5QUBADHiJYguCz2sqJknDIVA2O +pkSgJl1dUtL7Y+QTfjCaEyVOyDShyeZpJGSY44ichhhiU3Cu8Nnt8wzo7FvlJ4UW +0LD2vV2aYkEmJTGIcP4ll0jx5iEcePdoA1kh2/HFkpYkuCP8q1KVcGpSFk38Nmtf +WE8/yfTnblJBQplBB8J1dNvCSYR8P8GsvdTVj9BzlRiKXfCN3S3wt2GNiu8Un/0w +uhDoV9Mbji2bdLNjDQ6M+aL3QsjmXoNvD5qFO25mSLmnqPzaGUcMkCYNzhX+ah5H +Wkn4dg86qGjNpjhMpsqysJvHRkPN -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-entity.pem b/certs/test-pathlen/chainB-entity.pem index 054e7f6bd..cca6f6697 100644 --- a/certs/test-pathlen/chainB-entity.pem +++ b/certs/test-pathlen/chainB-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: - 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: - 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: - b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: - 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: - 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: - 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: - ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: - ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: - fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: - d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: - d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: - 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: - 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: - a5:75:99:ad + Signature Algorithm: sha256WithRSAEncryption + 1f:ee:5c:85:ed:4e:3b:39:6b:29:a2:ef:65:b9:f3:c7:47:85: + 8e:79:a0:35:1b:aa:0e:98:67:a8:df:03:9c:2b:81:24:ed:cb: + cc:c0:42:49:76:bf:78:7b:b9:39:ca:f6:06:35:76:dd:e3:59: + c5:70:3b:b3:cf:62:0a:09:1d:07:90:96:c4:0e:0a:38:97:f7: + 31:1d:ad:44:f9:03:f9:30:22:b6:68:01:00:38:23:3d:f6:e7: + 71:5a:e4:d4:59:52:4f:80:86:ec:8f:ca:92:1d:9b:07:93:fe: + 34:22:ac:9a:a2:aa:9e:fe:f5:7b:99:fd:72:32:40:98:88:d8: + 42:1d:33:59:4c:38:2e:97:f2:9d:a2:fc:b7:33:cd:84:c1:c6: + ef:f5:c5:d9:be:32:ba:44:66:06:62:5c:55:31:38:b4:25:1a: + 6a:64:de:14:39:b4:38:74:1b:d7:c4:ec:81:fc:3a:13:4b:e1: + d1:b1:5f:3c:8e:25:bc:63:7f:30:78:04:4e:79:3a:83:97:52: + f6:00:6a:9e:d8:b5:c6:06:21:97:4a:98:ee:cf:e8:83:94:23: + 11:6c:00:d7:e9:35:1f:89:77:85:9a:d7:8f:29:90:c6:61:14: + e5:7d:55:5b:66:65:60:44:79:8a:1b:58:88:b9:0f:5f:a6:5f: + 7a:ca:6b:0c -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 -7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 -RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO -oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa -EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU -zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu -xBu8E79NhaV1ma0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAB/uXIXt +Tjs5aymi72W588dHhY55oDUbqg6YZ6jfA5wrgSTty8zAQkl2v3h7uTnK9gY1dt3j +WcVwO7PPYgoJHQeQlsQOCjiX9zEdrUT5A/kwIrZoAQA4Iz3253Fa5NRZUk+AhuyP +ypIdmweT/jQirJqiqp7+9XuZ/XIyQJiI2EIdM1lMOC6X8p2i/LczzYTBxu/1xdm+ +MrpEZgZiXFUxOLQlGmpk3hQ5tDh0G9fE7IH8OhNL4dGxXzyOJbxjfzB4BE55OoOX +UvYAap7YtcYGIZdKmO7P6IOUIxFsANfpNR+Jd4Wa148pkMZhFOV9VVtmZWBEeYob +WIi5D1+mX3rKaww= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/certs/test-pathlen/chainC-ICA1-pathlen1.pem index 9ae15cd0c..64cbc0c6b 100644 --- a/certs/test-pathlen/chainC-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainC-ICA1-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: - 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: - a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: - 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: - f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: - 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: - 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: - 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: - 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: - cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: - e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: - 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: - 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: - 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: - 14:e2:60:25 + Signature Algorithm: sha256WithRSAEncryption + 65:d2:6a:a3:a2:98:ac:5a:53:e4:b4:02:66:8e:9c:64:fa:53: + 88:a7:31:09:fa:31:4d:27:7a:17:7a:1c:8f:13:2a:e5:60:e4: + f2:0f:6a:e6:a6:48:ed:e4:17:0e:cb:57:77:66:98:c0:37:2f: + 00:26:1e:1a:a8:e4:ad:9e:c9:47:4d:6c:c5:57:75:79:97:be: + 0f:82:92:aa:b0:df:0d:f4:25:49:fd:c6:6f:e7:70:f1:f0:0d: + e7:13:81:ed:a1:1e:69:f3:10:3d:3e:3c:5b:c0:71:fb:44:47: + e2:bc:51:62:6c:21:7a:ea:ad:74:f5:46:35:63:93:ab:f9:89: + 31:e6:01:5f:eb:ca:df:d3:93:86:3d:8b:0a:88:79:f1:b1:47: + df:1f:2e:a0:7e:34:f6:80:30:7d:bd:e5:70:43:0d:76:2a:fc: + fe:38:4f:3a:bc:58:52:81:37:5e:e9:3b:26:f4:8d:20:5f:f2: + 44:56:e8:b8:cc:42:7a:5e:67:28:34:c3:8f:a9:08:87:92:4b: + bc:1d:3b:d1:1a:d8:79:20:eb:4a:6f:87:b3:3b:ef:2f:a6:98: + 34:48:a6:43:ba:d4:fa:65:6f:54:9b:28:a1:e1:77:fe:0e:91: + 0b:4f:f5:95:3e:b3:c9:4e:2d:17:67:37:5b:d5:dd:83:ef:a4: + b4:41:53:36 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS -pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme -ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ -3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl -EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ -1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBl0mqjopisWlPktAJmjpxk+lOIpzEJ+jFNJ3oXehyPEyrlYOTyD2rmpkjt +5BcOy1d3ZpjANy8AJh4aqOStnslHTWzFV3V5l74PgpKqsN8N9CVJ/cZv53Dx8A3n +E4HtoR5p8xA9PjxbwHH7REfivFFibCF66q109UY1Y5Or+Ykx5gFf68rf05OGPYsK +iHnxsUffHy6gfjT2gDB9veVwQw12Kvz+OE86vFhSgTde6Tsm9I0gX/JEVui4zEJ6 +XmcoNMOPqQiHkku8HTvRGth5IOtKb4ezO+8vppg0SKZDutT6ZW9Umyih4Xf+DpEL +T/WVPrPJTi0XZzdb1d2D76S0QVM2 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-assembled.pem b/certs/test-pathlen/chainC-assembled.pem index 3c15b3aa5..0fae68780 100644 --- a/certs/test-pathlen/chainC-assembled.pem +++ b/certs/test-pathlen/chainC-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: - 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: - 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: - 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: - 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: - ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: - cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: - e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: - 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: - d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: - 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: - 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: - 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: - 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: - c6:bd:25:6b + Signature Algorithm: sha256WithRSAEncryption + b7:d0:5e:86:77:76:45:77:c3:f8:5c:cd:9b:84:52:b7:8b:d6: + 84:ed:d3:1b:fa:7f:27:d1:24:05:11:9d:bf:74:eb:14:93:ee: + 08:2c:16:0a:d8:00:46:31:e3:43:f1:95:64:b1:72:93:49:fa: + fe:73:e8:be:2a:02:95:e8:3a:56:f3:aa:8b:fa:cb:3a:f5:06: + a2:00:ae:19:36:86:be:93:79:3f:58:f7:95:de:a8:e2:12:89: + 52:2f:a0:be:09:3e:18:69:19:d5:96:7c:94:9a:ee:ab:f1:2b: + 74:54:c9:1c:0a:5f:aa:d1:62:34:24:33:f8:5e:b2:43:9c:c9: + e6:8c:fa:b5:89:a7:3e:6b:51:00:a6:e3:d5:c4:f9:ac:78:a5: + 4d:85:7c:e3:7d:f9:b5:e8:ad:3e:32:56:fb:99:bf:f9:3b:a4: + 98:04:72:cd:ea:95:08:af:7e:62:2d:74:e4:25:48:43:25:ba: + 07:7c:00:c9:31:41:6f:59:ff:da:bb:ac:08:06:18:1a:0a:3d: + 1d:2e:ad:98:2c:06:72:51:f2:75:7c:87:ef:e0:37:f6:80:70: + aa:8d:d9:a8:13:e5:31:91:3c:e3:0f:21:33:0a:15:91:1c:4d: + 3a:1b:35:f6:4c:f5:5f:70:34:b2:dc:ed:10:5d:37:58:16:e4: + e0:83:12:90 -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,22 +77,22 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K -mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE -9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL -xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy -1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR -EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAt9Behnd2RXfD+FzNm4RSt4vW +hO3TG/p/J9EkBRGdv3TrFJPuCCwWCtgARjHjQ/GVZLFyk0n6/nPovioCleg6VvOq +i/rLOvUGogCuGTaGvpN5P1j3ld6o4hKJUi+gvgk+GGkZ1ZZ8lJruq/ErdFTJHApf +qtFiNCQz+F6yQ5zJ5oz6tYmnPmtRAKbj1cT5rHilTYV84335teitPjJW+5m/+Tuk +mARyzeqVCK9+Yi105CVIQyW6B3wAyTFBb1n/2rusCAYYGgo9HS6tmCwGclHydXyH +7+A39oBwqo3ZqBPlMZE84w8hMwoVkRxNOhs19kz1X3A0stztEF03WBbk4IMSkA== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: - 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: - a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: - 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: - f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: - 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: - 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: - 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: - 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: - cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: - e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: - 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: - 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: - 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: - 14:e2:60:25 + Signature Algorithm: sha256WithRSAEncryption + 65:d2:6a:a3:a2:98:ac:5a:53:e4:b4:02:66:8e:9c:64:fa:53: + 88:a7:31:09:fa:31:4d:27:7a:17:7a:1c:8f:13:2a:e5:60:e4: + f2:0f:6a:e6:a6:48:ed:e4:17:0e:cb:57:77:66:98:c0:37:2f: + 00:26:1e:1a:a8:e4:ad:9e:c9:47:4d:6c:c5:57:75:79:97:be: + 0f:82:92:aa:b0:df:0d:f4:25:49:fd:c6:6f:e7:70:f1:f0:0d: + e7:13:81:ed:a1:1e:69:f3:10:3d:3e:3c:5b:c0:71:fb:44:47: + e2:bc:51:62:6c:21:7a:ea:ad:74:f5:46:35:63:93:ab:f9:89: + 31:e6:01:5f:eb:ca:df:d3:93:86:3d:8b:0a:88:79:f1:b1:47: + df:1f:2e:a0:7e:34:f6:80:30:7d:bd:e5:70:43:0d:76:2a:fc: + fe:38:4f:3a:bc:58:52:81:37:5e:e9:3b:26:f4:8d:20:5f:f2: + 44:56:e8:b8:cc:42:7a:5e:67:28:34:c3:8f:a9:08:87:92:4b: + bc:1d:3b:d1:1a:d8:79:20:eb:4a:6f:87:b3:3b:ef:2f:a6:98: + 34:48:a6:43:ba:d4:fa:65:6f:54:9b:28:a1:e1:77:fe:0e:91: + 0b:4f:f5:95:3e:b3:c9:4e:2d:17:67:37:5b:d5:dd:83:ef:a4: + b4:41:53:36 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -165,11 +165,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS -pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme -ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ -3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl -EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ -1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBl0mqjopisWlPktAJmjpxk+lOIpzEJ+jFNJ3oXehyPEyrlYOTyD2rmpkjt +5BcOy1d3ZpjANy8AJh4aqOStnslHTWzFV3V5l74PgpKqsN8N9CVJ/cZv53Dx8A3n +E4HtoR5p8xA9PjxbwHH7REfivFFibCF66q109UY1Y5Or+Ykx5gFf68rf05OGPYsK +iHnxsUffHy6gfjT2gDB9veVwQw12Kvz+OE86vFhSgTde6Tsm9I0gX/JEVui4zEJ6 +XmcoNMOPqQiHkku8HTvRGth5IOtKb4ezO+8vppg0SKZDutT6ZW9Umyih4Xf+DpEL +T/WVPrPJTi0XZzdb1d2D76S0QVM2 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-entity.pem b/certs/test-pathlen/chainC-entity.pem index 5747494a0..34f198f2e 100644 --- a/certs/test-pathlen/chainC-entity.pem +++ b/certs/test-pathlen/chainC-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: - 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: - 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: - 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: - 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: - ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: - cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: - e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: - 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: - d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: - 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: - 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: - 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: - 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: - c6:bd:25:6b + Signature Algorithm: sha256WithRSAEncryption + b7:d0:5e:86:77:76:45:77:c3:f8:5c:cd:9b:84:52:b7:8b:d6: + 84:ed:d3:1b:fa:7f:27:d1:24:05:11:9d:bf:74:eb:14:93:ee: + 08:2c:16:0a:d8:00:46:31:e3:43:f1:95:64:b1:72:93:49:fa: + fe:73:e8:be:2a:02:95:e8:3a:56:f3:aa:8b:fa:cb:3a:f5:06: + a2:00:ae:19:36:86:be:93:79:3f:58:f7:95:de:a8:e2:12:89: + 52:2f:a0:be:09:3e:18:69:19:d5:96:7c:94:9a:ee:ab:f1:2b: + 74:54:c9:1c:0a:5f:aa:d1:62:34:24:33:f8:5e:b2:43:9c:c9: + e6:8c:fa:b5:89:a7:3e:6b:51:00:a6:e3:d5:c4:f9:ac:78:a5: + 4d:85:7c:e3:7d:f9:b5:e8:ad:3e:32:56:fb:99:bf:f9:3b:a4: + 98:04:72:cd:ea:95:08:af:7e:62:2d:74:e4:25:48:43:25:ba: + 07:7c:00:c9:31:41:6f:59:ff:da:bb:ac:08:06:18:1a:0a:3d: + 1d:2e:ad:98:2c:06:72:51:f2:75:7c:87:ef:e0:37:f6:80:70: + aa:8d:d9:a8:13:e5:31:91:3c:e3:0f:21:33:0a:15:91:1c:4d: + 3a:1b:35:f6:4c:f5:5f:70:34:b2:dc:ed:10:5d:37:58:16:e4: + e0:83:12:90 -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K -mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE -9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL -xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy -1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR -EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAt9Behnd2RXfD+FzNm4RSt4vW +hO3TG/p/J9EkBRGdv3TrFJPuCCwWCtgARjHjQ/GVZLFyk0n6/nPovioCleg6VvOq +i/rLOvUGogCuGTaGvpN5P1j3ld6o4hKJUi+gvgk+GGkZ1ZZ8lJruq/ErdFTJHApf +qtFiNCQz+F6yQ5zJ5oz6tYmnPmtRAKbj1cT5rHilTYV84335teitPjJW+5m/+Tuk +mARyzeqVCK9+Yi105CVIQyW6B3wAyTFBb1n/2rusCAYYGgo9HS6tmCwGclHydXyH +7+A39oBwqo3ZqBPlMZE84w8hMwoVkRxNOhs19kz1X3A0stztEF03WBbk4IMSkA== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/certs/test-pathlen/chainD-ICA1-pathlen127.pem index 525d7b7cb..97ad8d4f5 100644 --- a/certs/test-pathlen/chainD-ICA1-pathlen127.pem +++ b/certs/test-pathlen/chainD-ICA1-pathlen127.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: - 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: - 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: - 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: - ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: - 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: - 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: - 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: - fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: - e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: - 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: - ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: - af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: - ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: - df:41:9e:ea + Signature Algorithm: sha256WithRSAEncryption + 12:87:4f:82:bb:5a:21:b0:95:f6:b5:2b:95:53:a5:10:fc:f6: + fe:7e:03:9c:fa:cf:d7:d5:a1:72:1d:33:69:1b:0e:07:07:62: + 74:9b:0c:2b:46:d2:b8:80:b1:72:f3:c1:83:13:62:fd:dd:17: + 15:14:0b:64:57:26:db:70:e5:3d:44:88:05:f9:91:b0:9a:4a: + c0:f9:87:3c:70:16:d6:1c:58:51:d9:b9:b8:ac:11:d2:4d:94: + 58:cf:fd:9e:74:51:28:b0:4f:ed:7d:88:25:ce:6b:eb:5e:ca: + e8:f9:ce:31:e1:b9:2d:e6:d9:0c:13:ff:3f:24:1f:fa:25:e8: + cd:cd:25:88:e7:98:dc:b5:f8:cd:21:d2:a8:71:d1:b9:18:dd: + 18:5d:0b:97:a7:82:04:d5:e8:36:29:4b:dc:7f:d9:42:85:55: + 81:dc:da:f9:ca:58:38:f3:2c:df:b4:2c:23:65:d3:17:01:ed: + f4:8b:f6:9b:0b:b5:32:ea:28:cb:c2:fb:16:2a:fe:3d:3d:0b: + e6:f3:bf:8f:43:75:a7:d1:b8:c9:04:31:4f:60:3a:3a:4a:b0: + 1b:16:7d:24:b8:78:be:be:7a:80:a5:81:8c:77:7c:aa:79:75: + 4d:3f:a2:14:36:5a:81:1f:6c:44:7d:d1:9a:db:a6:f6:e3:48: + d3:bb:ea:9c -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -79,11 +79,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL -6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE -cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc -otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX -jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA -zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBABKHT4K7WiGwlfa1K5VTpRD89v5+A5z6z9fVoXIdM2kbDgcHYnSbDCtG +0riAsXLzwYMTYv3dFxUUC2RXJttw5T1EiAX5kbCaSsD5hzxwFtYcWFHZubisEdJN +lFjP/Z50USiwT+19iCXOa+teyuj5zjHhuS3m2QwT/z8kH/ol6M3NJYjnmNy1+M0h +0qhx0bkY3RhdC5enggTV6DYpS9x/2UKFVYHc2vnKWDjzLN+0LCNl0xcB7fSL9psL +tTLqKMvC+xYq/j09C+bzv49DdafRuMkEMU9gOjpKsBsWfSS4eL6+eoClgYx3fKp5 +dU0/ohQ2WoEfbER90ZrbpvbjSNO76pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-assembled.pem b/certs/test-pathlen/chainD-assembled.pem index c406fd750..28cc30acd 100644 --- a/certs/test-pathlen/chainD-assembled.pem +++ b/certs/test-pathlen/chainD-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: - e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: - 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: - 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: - 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: - 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: - 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: - e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: - 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: - 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: - 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: - 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: - 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: - 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: - a5:75:09:4d + Signature Algorithm: sha256WithRSAEncryption + 58:fd:0d:2f:47:32:d2:11:b4:b5:a5:b5:ea:26:23:66:85:cc: + 46:b5:42:fc:63:98:57:14:84:ca:2a:02:30:9e:a0:64:d4:24: + cb:42:2e:53:a3:0f:d7:24:46:cb:37:0c:ba:d9:73:50:11:15: + d0:4a:4a:f5:10:15:db:c9:e5:e6:a2:c3:91:89:70:c8:df:59: + c3:2f:c3:94:a4:50:5b:f5:d8:71:e8:ba:fa:85:ee:aa:f4:b1: + 64:29:54:62:08:cc:89:a3:41:be:df:03:d3:75:f8:92:41:95: + 4b:06:cc:95:30:ef:a8:6f:01:9a:2e:bc:a0:7e:4c:08:4e:d4: + f0:91:fe:b4:a3:67:0f:9c:5d:4d:7d:ad:04:d7:cf:e4:79:d8: + b2:18:78:33:fd:a3:cb:14:d3:50:1b:50:62:ef:9d:1b:88:8d: + 7b:42:76:ce:c7:88:70:58:40:f4:bf:7c:1e:c5:26:8c:23:b7: + 7e:d2:85:67:c7:fe:ae:59:98:06:60:54:43:1e:31:74:25:c9: + 1e:4c:05:d2:6d:01:3e:33:ac:5d:42:c5:47:c4:20:9f:04:30: + ca:c7:22:63:bd:8e:16:0a:42:4c:5b:2c:3b:b4:77:3c:b4:43: + bb:6d:4d:40:d6:ed:30:df:29:a4:3e:e2:78:c3:4f:11:a4:53: + 65:33:e0:c9 -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,22 +77,22 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz -D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x -qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG -gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 -wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq -8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY/Q0vRzLSEbS1pbXqJiNm +hcxGtUL8Y5hXFITKKgIwnqBk1CTLQi5Tow/XJEbLNwy62XNQERXQSkr1EBXbyeXm +osORiXDI31nDL8OUpFBb9dhx6Lr6he6q9LFkKVRiCMyJo0G+3wPTdfiSQZVLBsyV +MO+obwGaLrygfkwITtTwkf60o2cPnF1Nfa0E18/kediyGHgz/aPLFNNQG1Bi750b +iI17QnbOx4hwWED0v3wexSaMI7d+0oVnx/6uWZgGYFRDHjF0JckeTAXSbQE+M6xd +QsVHxCCfBDDKxyJjvY4WCkJMWyw7tHc8tEO7bU1A1u0w3ymkPuJ4w08RpFNlM+DJ -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: - 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: - 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: - 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: - ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: - 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: - 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: - 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: - fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: - e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: - 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: - ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: - af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: - ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: - df:41:9e:ea + Signature Algorithm: sha256WithRSAEncryption + 12:87:4f:82:bb:5a:21:b0:95:f6:b5:2b:95:53:a5:10:fc:f6: + fe:7e:03:9c:fa:cf:d7:d5:a1:72:1d:33:69:1b:0e:07:07:62: + 74:9b:0c:2b:46:d2:b8:80:b1:72:f3:c1:83:13:62:fd:dd:17: + 15:14:0b:64:57:26:db:70:e5:3d:44:88:05:f9:91:b0:9a:4a: + c0:f9:87:3c:70:16:d6:1c:58:51:d9:b9:b8:ac:11:d2:4d:94: + 58:cf:fd:9e:74:51:28:b0:4f:ed:7d:88:25:ce:6b:eb:5e:ca: + e8:f9:ce:31:e1:b9:2d:e6:d9:0c:13:ff:3f:24:1f:fa:25:e8: + cd:cd:25:88:e7:98:dc:b5:f8:cd:21:d2:a8:71:d1:b9:18:dd: + 18:5d:0b:97:a7:82:04:d5:e8:36:29:4b:dc:7f:d9:42:85:55: + 81:dc:da:f9:ca:58:38:f3:2c:df:b4:2c:23:65:d3:17:01:ed: + f4:8b:f6:9b:0b:b5:32:ea:28:cb:c2:fb:16:2a:fe:3d:3d:0b: + e6:f3:bf:8f:43:75:a7:d1:b8:c9:04:31:4f:60:3a:3a:4a:b0: + 1b:16:7d:24:b8:78:be:be:7a:80:a5:81:8c:77:7c:aa:79:75: + 4d:3f:a2:14:36:5a:81:1f:6c:44:7d:d1:9a:db:a6:f6:e3:48: + d3:bb:ea:9c -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -165,11 +165,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL -6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE -cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc -otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX -jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA -zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBABKHT4K7WiGwlfa1K5VTpRD89v5+A5z6z9fVoXIdM2kbDgcHYnSbDCtG +0riAsXLzwYMTYv3dFxUUC2RXJttw5T1EiAX5kbCaSsD5hzxwFtYcWFHZubisEdJN +lFjP/Z50USiwT+19iCXOa+teyuj5zjHhuS3m2QwT/z8kH/ol6M3NJYjnmNy1+M0h +0qhx0bkY3RhdC5enggTV6DYpS9x/2UKFVYHc2vnKWDjzLN+0LCNl0xcB7fSL9psL +tTLqKMvC+xYq/j09C+bzv49DdafRuMkEMU9gOjpKsBsWfSS4eL6+eoClgYx3fKp5 +dU0/ohQ2WoEfbER90ZrbpvbjSNO76pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-entity.pem b/certs/test-pathlen/chainD-entity.pem index 011d61687..640b8394e 100644 --- a/certs/test-pathlen/chainD-entity.pem +++ b/certs/test-pathlen/chainD-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: - e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: - 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: - 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: - 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: - 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: - 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: - e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: - 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: - 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: - 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: - 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: - 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: - 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: - a5:75:09:4d + Signature Algorithm: sha256WithRSAEncryption + 58:fd:0d:2f:47:32:d2:11:b4:b5:a5:b5:ea:26:23:66:85:cc: + 46:b5:42:fc:63:98:57:14:84:ca:2a:02:30:9e:a0:64:d4:24: + cb:42:2e:53:a3:0f:d7:24:46:cb:37:0c:ba:d9:73:50:11:15: + d0:4a:4a:f5:10:15:db:c9:e5:e6:a2:c3:91:89:70:c8:df:59: + c3:2f:c3:94:a4:50:5b:f5:d8:71:e8:ba:fa:85:ee:aa:f4:b1: + 64:29:54:62:08:cc:89:a3:41:be:df:03:d3:75:f8:92:41:95: + 4b:06:cc:95:30:ef:a8:6f:01:9a:2e:bc:a0:7e:4c:08:4e:d4: + f0:91:fe:b4:a3:67:0f:9c:5d:4d:7d:ad:04:d7:cf:e4:79:d8: + b2:18:78:33:fd:a3:cb:14:d3:50:1b:50:62:ef:9d:1b:88:8d: + 7b:42:76:ce:c7:88:70:58:40:f4:bf:7c:1e:c5:26:8c:23:b7: + 7e:d2:85:67:c7:fe:ae:59:98:06:60:54:43:1e:31:74:25:c9: + 1e:4c:05:d2:6d:01:3e:33:ac:5d:42:c5:47:c4:20:9f:04:30: + ca:c7:22:63:bd:8e:16:0a:42:4c:5b:2c:3b:b4:77:3c:b4:43: + bb:6d:4d:40:d6:ed:30:df:29:a4:3e:e2:78:c3:4f:11:a4:53: + 65:33:e0:c9 -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz -D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x -qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG -gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 -wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq -8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY/Q0vRzLSEbS1pbXqJiNm +hcxGtUL8Y5hXFITKKgIwnqBk1CTLQi5Tow/XJEbLNwy62XNQERXQSkr1EBXbyeXm +osORiXDI31nDL8OUpFBb9dhx6Lr6he6q9LFkKVRiCMyJo0G+3wPTdfiSQZVLBsyV +MO+obwGaLrygfkwITtTwkf60o2cPnF1Nfa0E18/kediyGHgz/aPLFNNQG1Bi750b +iI17QnbOx4hwWED0v3wexSaMI7d+0oVnx/6uWZgGYFRDHjF0JckeTAXSbQE+M6xd +QsVHxCCfBDDKxyJjvY4WCkJMWyw7tHc8tEO7bU1A1u0w3ymkPuJ4w08RpFNlM+DJ -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/certs/test-pathlen/chainE-ICA1-pathlen128.pem index 92c5bb9a6..da10c86f7 100644 --- a/certs/test-pathlen/chainE-ICA1-pathlen128.pem +++ b/certs/test-pathlen/chainE-ICA1-pathlen128.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: - af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: - 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: - 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: - 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: - 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: - 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: - 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: - a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: - 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: - c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: - 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: - 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: - 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: - 4f:a6:b7:df + Signature Algorithm: sha256WithRSAEncryption + 81:17:73:e0:8e:30:5f:5e:a7:25:a8:c0:89:f0:2a:c5:cc:72: + 30:0a:55:f2:c8:13:34:de:3c:7c:5e:e1:56:5e:72:04:10:8b: + 4b:05:3b:14:3c:37:0e:48:68:23:a1:2c:f5:72:f0:36:57:79: + fa:6f:ee:b0:17:83:f0:8a:1f:f0:6b:88:3b:57:c8:b2:57:c9: + 4e:35:14:a8:d7:31:db:68:74:8c:30:24:b3:9d:c9:8d:8c:36: + 34:30:0e:f3:4e:74:bd:14:77:c8:13:7f:bc:d3:21:34:e8:87: + e7:a3:80:62:ea:20:4b:40:ef:f5:97:db:c7:63:6b:e4:06:12: + 1a:b7:55:da:5a:34:32:95:59:c4:68:85:2c:87:dd:77:5f:ff: + 28:cf:95:c3:68:f8:c4:32:af:8e:c6:2c:39:6b:bd:3a:dd:18: + 16:a8:a7:0e:9d:93:6d:8e:77:b1:0e:86:55:0d:a4:aa:e6:3f: + f5:69:1d:d5:c0:5e:1a:b1:bc:ab:5f:eb:1f:76:6a:c5:22:57: + a9:f1:ee:55:56:37:61:9e:49:e6:bc:8b:e9:9d:6b:11:6f:90: + cb:d6:18:3c:81:f2:c8:4c:92:e4:4d:73:d1:a1:be:8d:fe:d7: + 54:20:d4:df:43:7d:e7:57:f1:dd:9f:a0:6d:cd:e3:ab:30:fa: + cc:29:0b:01 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -80,10 +80,10 @@ AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE -4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu -k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti -wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ -aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ -gelbLrLvK7YaG0svwuSBn7/e4XNPprff +CwUAA4IBAQCBF3PgjjBfXqclqMCJ8CrFzHIwClXyyBM03jx8XuFWXnIEEItLBTsU +PDcOSGgjoSz1cvA2V3n6b+6wF4Pwih/wa4g7V8iyV8lONRSo1zHbaHSMMCSzncmN +jDY0MA7zTnS9FHfIE3+80yE06Ifno4Bi6iBLQO/1l9vHY2vkBhIat1XaWjQylVnE +aIUsh913X/8oz5XDaPjEMq+Oxiw5a7063RgWqKcOnZNtjnexDoZVDaSq5j/1aR3V +wF4asbyrX+sfdmrFIlep8e5VVjdhnknmvIvpnWsRb5DL1hg8gfLITJLkTXPRob6N +/tdUINTfQ33nV/Hdn6BtzeOrMPrMKQsB -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-assembled.pem b/certs/test-pathlen/chainE-assembled.pem index 5af7bd598..be49ab5be 100644 --- a/certs/test-pathlen/chainE-assembled.pem +++ b/certs/test-pathlen/chainE-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: - 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: - b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: - c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: - 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: - 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: - e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: - 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: - f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: - ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: - 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: - da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: - fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: - ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: - 8a:9b:b5:8c + Signature Algorithm: sha256WithRSAEncryption + 1a:af:fd:cb:5e:63:ed:ac:39:c5:e1:0f:32:2c:6e:f2:0b:23: + 1d:d8:61:e4:39:d6:a6:e6:69:a3:df:f7:3b:80:84:22:72:58: + 0e:bc:ef:92:10:65:93:16:20:e4:69:d7:d1:58:0b:33:f2:68: + a2:6b:76:36:d0:f0:36:3c:61:31:dc:44:a0:00:e2:80:9e:62: + d5:fe:cc:08:66:ca:23:88:b3:e0:48:32:be:d8:dd:d2:a6:f9: + 20:13:1a:1f:a0:65:80:8d:d8:c5:c6:c5:3f:1a:ec:ae:2a:a5: + ac:de:97:eb:56:96:c7:55:16:ee:5f:e2:74:e2:03:1f:91:69: + 70:b8:fb:5a:42:26:7a:fa:5e:8d:19:eb:5a:2e:32:09:c9:95: + be:9e:34:d4:90:88:42:7e:ad:70:8b:cf:7d:5d:d0:a8:91:aa: + 93:1a:d1:15:7c:2d:a7:af:c2:d2:d7:65:20:5e:8b:3d:b1:df: + 98:5f:56:ad:ed:57:ca:53:ac:0e:f7:86:a4:80:d2:ea:f2:01: + e6:b0:5f:6f:4f:12:17:31:7c:8e:24:43:ac:94:06:aa:6d:a4: + eb:eb:43:b6:64:ed:76:24:bf:73:d8:7c:56:7e:d5:8b:66:f6: + cb:09:0d:f7:44:34:a3:93:d8:e7:36:1a:5f:0f:51:22:09:79: + 24:dd:31:9e -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,22 +77,22 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ -uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz -0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS -samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV -15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv -f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAar/3LXmPtrDnF4Q8yLG7y +CyMd2GHkOdam5mmj3/c7gIQiclgOvO+SEGWTFiDkadfRWAsz8miia3Y20PA2PGEx +3ESgAOKAnmLV/swIZsojiLPgSDK+2N3SpvkgExofoGWAjdjFxsU/GuyuKqWs3pfr +VpbHVRbuX+J04gMfkWlwuPtaQiZ6+l6NGetaLjIJyZW+njTUkIhCfq1wi899XdCo +kaqTGtEVfC2nr8LS12UgXos9sd+YX1at7VfKU6wO94akgNLq8gHmsF9vTxIXMXyO +JEOslAaqbaTr60O2ZO12JL9z2HxWftWLZvbLCQ33RDSjk9jnNhpfD1EiCXkk3TGe -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: - af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: - 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: - 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: - 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: - 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: - 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: - 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: - a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: - 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: - c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: - 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: - 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: - 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: - 4f:a6:b7:df + Signature Algorithm: sha256WithRSAEncryption + 81:17:73:e0:8e:30:5f:5e:a7:25:a8:c0:89:f0:2a:c5:cc:72: + 30:0a:55:f2:c8:13:34:de:3c:7c:5e:e1:56:5e:72:04:10:8b: + 4b:05:3b:14:3c:37:0e:48:68:23:a1:2c:f5:72:f0:36:57:79: + fa:6f:ee:b0:17:83:f0:8a:1f:f0:6b:88:3b:57:c8:b2:57:c9: + 4e:35:14:a8:d7:31:db:68:74:8c:30:24:b3:9d:c9:8d:8c:36: + 34:30:0e:f3:4e:74:bd:14:77:c8:13:7f:bc:d3:21:34:e8:87: + e7:a3:80:62:ea:20:4b:40:ef:f5:97:db:c7:63:6b:e4:06:12: + 1a:b7:55:da:5a:34:32:95:59:c4:68:85:2c:87:dd:77:5f:ff: + 28:cf:95:c3:68:f8:c4:32:af:8e:c6:2c:39:6b:bd:3a:dd:18: + 16:a8:a7:0e:9d:93:6d:8e:77:b1:0e:86:55:0d:a4:aa:e6:3f: + f5:69:1d:d5:c0:5e:1a:b1:bc:ab:5f:eb:1f:76:6a:c5:22:57: + a9:f1:ee:55:56:37:61:9e:49:e6:bc:8b:e9:9d:6b:11:6f:90: + cb:d6:18:3c:81:f2:c8:4c:92:e4:4d:73:d1:a1:be:8d:fe:d7: + 54:20:d4:df:43:7d:e7:57:f1:dd:9f:a0:6d:cd:e3:ab:30:fa: + cc:29:0b:01 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -166,10 +166,10 @@ AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE -4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu -k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti -wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ -aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ -gelbLrLvK7YaG0svwuSBn7/e4XNPprff +CwUAA4IBAQCBF3PgjjBfXqclqMCJ8CrFzHIwClXyyBM03jx8XuFWXnIEEItLBTsU +PDcOSGgjoSz1cvA2V3n6b+6wF4Pwih/wa4g7V8iyV8lONRSo1zHbaHSMMCSzncmN +jDY0MA7zTnS9FHfIE3+80yE06Ifno4Bi6iBLQO/1l9vHY2vkBhIat1XaWjQylVnE +aIUsh913X/8oz5XDaPjEMq+Oxiw5a7063RgWqKcOnZNtjnexDoZVDaSq5j/1aR3V +wF4asbyrX+sfdmrFIlep8e5VVjdhnknmvIvpnWsRb5DL1hg8gfLITJLkTXPRob6N +/tdUINTfQ33nV/Hdn6BtzeOrMPrMKQsB -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-entity.pem b/certs/test-pathlen/chainE-entity.pem index 2c01733ca..a4b979416 100644 --- a/certs/test-pathlen/chainE-entity.pem +++ b/certs/test-pathlen/chainE-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: - 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: - b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: - c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: - 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: - 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: - e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: - 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: - f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: - ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: - 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: - da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: - fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: - ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: - 8a:9b:b5:8c + Signature Algorithm: sha256WithRSAEncryption + 1a:af:fd:cb:5e:63:ed:ac:39:c5:e1:0f:32:2c:6e:f2:0b:23: + 1d:d8:61:e4:39:d6:a6:e6:69:a3:df:f7:3b:80:84:22:72:58: + 0e:bc:ef:92:10:65:93:16:20:e4:69:d7:d1:58:0b:33:f2:68: + a2:6b:76:36:d0:f0:36:3c:61:31:dc:44:a0:00:e2:80:9e:62: + d5:fe:cc:08:66:ca:23:88:b3:e0:48:32:be:d8:dd:d2:a6:f9: + 20:13:1a:1f:a0:65:80:8d:d8:c5:c6:c5:3f:1a:ec:ae:2a:a5: + ac:de:97:eb:56:96:c7:55:16:ee:5f:e2:74:e2:03:1f:91:69: + 70:b8:fb:5a:42:26:7a:fa:5e:8d:19:eb:5a:2e:32:09:c9:95: + be:9e:34:d4:90:88:42:7e:ad:70:8b:cf:7d:5d:d0:a8:91:aa: + 93:1a:d1:15:7c:2d:a7:af:c2:d2:d7:65:20:5e:8b:3d:b1:df: + 98:5f:56:ad:ed:57:ca:53:ac:0e:f7:86:a4:80:d2:ea:f2:01: + e6:b0:5f:6f:4f:12:17:31:7c:8e:24:43:ac:94:06:aa:6d:a4: + eb:eb:43:b6:64:ed:76:24:bf:73:d8:7c:56:7e:d5:8b:66:f6: + cb:09:0d:f7:44:34:a3:93:d8:e7:36:1a:5f:0f:51:22:09:79: + 24:dd:31:9e -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ -uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz -0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS -samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV -15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv -f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAar/3LXmPtrDnF4Q8yLG7y +CyMd2GHkOdam5mmj3/c7gIQiclgOvO+SEGWTFiDkadfRWAsz8miia3Y20PA2PGEx +3ESgAOKAnmLV/swIZsojiLPgSDK+2N3SpvkgExofoGWAjdjFxsU/GuyuKqWs3pfr +VpbHVRbuX+J04gMfkWlwuPtaQiZ6+l6NGetaLjIJyZW+njTUkIhCfq1wi899XdCo +kaqTGtEVfC2nr8LS12UgXos9sd+YX1at7VfKU6wO94akgNLq8gHmsF9vTxIXMXyO +JEOslAaqbaTr60O2ZO12JL9z2HxWftWLZvbLCQ33RDSjk9jnNhpfD1EiCXkk3TGe -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/certs/test-pathlen/chainF-ICA1-pathlen1.pem index 5f7f14c97..580610852 100644 --- a/certs/test-pathlen/chainF-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainF-ICA1-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: - 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: - 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: - 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: - cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: - da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: - 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: - d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: - 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: - af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: - 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: - 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: - d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: - a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: - 25:b2:22:37 + Signature Algorithm: sha256WithRSAEncryption + 6a:e9:07:00:56:3b:70:9a:2b:3d:42:e9:93:ad:76:a9:43:82: + a9:44:2a:35:a2:c7:56:d4:1e:cd:26:7c:d4:3f:49:19:3a:1e: + 88:ed:f7:3d:b5:88:65:41:b4:69:81:59:fd:bd:93:b3:5c:ba: + ae:60:b9:0b:e7:4b:60:a7:e4:b1:fa:ec:85:09:2b:e8:ff:84: + 77:71:75:63:c2:8a:10:51:76:7a:c9:6f:9a:a3:8b:10:b4:ed: + 9d:75:18:52:f5:a9:8a:ed:e0:0c:a4:23:96:f8:39:f6:fd:ce: + 58:21:54:2c:b1:a2:a1:73:eb:9f:93:99:0c:12:1e:9a:bb:3d: + 1e:91:da:df:b3:66:6a:cb:44:33:a8:d2:5d:31:76:d5:96:30: + 51:dd:d0:12:e9:7b:9b:9f:98:ac:35:03:0f:6f:2d:b5:b6:e1: + 30:14:50:31:2e:4c:fd:65:f5:d2:20:7b:8d:1d:a3:7f:6c:4f: + 47:d6:c8:97:26:cf:28:65:d8:a0:19:d1:ca:2e:e8:f7:11:cb: + ab:a6:32:2b:82:4d:c1:df:0a:c5:e5:9e:00:39:65:20:7e:55: + ad:81:ac:14:b1:f9:f3:88:96:94:26:e1:66:44:96:68:1b:1a: + 8d:db:f3:b9:e7:b8:9b:50:0b:03:19:53:70:c8:58:75:70:1f: + 0e:a4:bb:9f -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL -D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP -xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh -Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc -8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR -23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +AQELBQADggEBAGrpBwBWO3CaKz1C6ZOtdqlDgqlEKjWix1bUHs0mfNQ/SRk6Hojt +9z21iGVBtGmBWf29k7Ncuq5guQvnS2Cn5LH67IUJK+j/hHdxdWPCihBRdnrJb5qj +ixC07Z11GFL1qYrt4AykI5b4Ofb9zlghVCyxoqFz65+TmQwSHpq7PR6R2t+zZmrL +RDOo0l0xdtWWMFHd0BLpe5ufmKw1Aw9vLbW24TAUUDEuTP1l9dIge40do39sT0fW +yJcmzyhl2KAZ0cou6PcRy6umMiuCTcHfCsXlngA5ZSB+Va2BrBSx+fOIlpQm4WZE +lmgbGo3b87nnuJtQCwMZU3DIWHVwHw6ku58= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/certs/test-pathlen/chainF-ICA2-pathlen0.pem index b3e68dd43..128b32370 100644 --- a/certs/test-pathlen/chainF-ICA2-pathlen0.pem +++ b/certs/test-pathlen/chainF-ICA2-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: - 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: - 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: - 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: - 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: - 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: - 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: - 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: - 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: - b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: - 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: - e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: - 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: - e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: - 24:0e:d6:0d + Signature Algorithm: sha256WithRSAEncryption + 1a:93:21:25:ab:3a:1a:d6:18:60:81:26:16:9c:d6:4b:2f:62: + 3e:57:e2:e7:a8:59:77:fc:22:33:8b:0d:bd:14:79:80:cf:95: + 8a:d5:4f:3c:92:a0:eb:65:42:76:81:80:10:aa:03:21:ea:68: + 5d:72:98:ce:e3:01:65:f8:b2:1a:e8:8d:a9:d6:0a:2b:22:cf: + 11:22:fb:d0:7c:9f:d2:bb:04:4a:34:07:b4:4d:71:31:48:5b: + a0:08:83:ec:96:6d:5e:9a:fb:e3:da:63:32:b6:83:87:37:cb: + 67:dc:8e:7f:9d:a7:83:5c:13:bc:af:82:a0:9a:d2:b2:b7:1e: + 38:38:5c:e5:64:75:37:10:4a:82:a0:4d:f6:f8:5e:bf:36:f3: + 68:01:1a:0a:6b:e3:03:50:79:d6:14:da:26:48:d9:b6:8e:23: + 28:8a:a7:6e:c9:b0:54:c3:0b:48:25:7b:bf:e6:9f:be:f3:f0: + b9:1d:c2:30:11:e4:fc:5f:90:96:69:d9:c0:cd:89:89:58:51: + 43:8b:4c:d9:2a:d0:90:04:fc:db:21:32:c0:32:50:e4:4b:88: + 4c:42:9c:d5:2a:ba:30:6e:5e:49:87:a1:c7:03:9e:6c:45:cc: + bb:cf:d2:4a:af:1d:18:1c:9e:cb:66:50:e9:f9:b8:0b:08:bf: + 39:95:bb:62 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH -dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 -EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI -k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY -R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m -VcjCowsmYI95sNGPgx82kaokDtYN +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAakyElqzoa1hhggSYWnNZLL2I+V+LnqFl3/CIziw29FHmAz5WK1U88kqDr +ZUJ2gYAQqgMh6mhdcpjO4wFl+LIa6I2p1gorIs8RIvvQfJ/SuwRKNAe0TXExSFug +CIPslm1emvvj2mMytoOHN8tn3I5/naeDXBO8r4KgmtKytx44OFzlZHU3EEqCoE32 ++F6/NvNoARoKa+MDUHnWFNomSNm2jiMoiqduybBUwwtIJXu/5p++8/C5HcIwEeT8 +X5CWadnAzYmJWFFDi0zZKtCQBPzbITLAMlDkS4hMQpzVKrowbl5Jh6HHA55sRcy7 +z9JKrx0YHJ7LZlDp+bgLCL85lbti -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-assembled.pem b/certs/test-pathlen/chainF-assembled.pem index 8103382d3..14b0e0b25 100644 --- a/certs/test-pathlen/chainF-assembled.pem +++ b/certs/test-pathlen/chainF-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: - c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: - 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: - 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: - 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: - af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: - 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: - aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: - a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: - 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: - a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: - f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: - 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: - fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: - 9a:28:91:3b + Signature Algorithm: sha256WithRSAEncryption + 24:20:aa:3a:98:e1:d4:42:a1:0f:7b:58:10:83:72:da:d4:ed: + e2:e6:08:0d:d2:fb:c0:ff:5b:97:72:03:b1:20:fa:b1:88:60: + 29:af:44:64:82:51:44:75:a7:cb:90:0d:af:63:a3:93:6f:a8: + 12:18:16:60:2f:58:37:ec:be:23:64:1b:06:ad:a7:d6:fa:cf: + 34:06:3d:99:21:19:d4:27:24:19:a0:00:8a:28:80:7b:8a:48: + ea:61:63:20:4f:14:f2:60:a0:a3:3a:5a:45:4a:b1:24:1d:46: + 69:84:76:0e:ff:29:5b:4b:74:a2:75:2c:f1:4b:ba:dc:c5:4b: + dd:b3:52:b9:fd:45:8d:fd:71:68:78:71:f8:3e:7c:62:50:a2: + 8d:07:df:45:a7:39:9c:df:df:9d:78:de:a4:9e:ef:e6:0a:7a: + 53:42:0c:9e:7e:4a:bf:9c:70:66:a7:08:ab:bf:b5:f8:b3:3b: + 99:28:2c:73:f4:6f:da:4d:21:59:35:82:58:f4:5e:59:25:1e: + d6:7a:0a:c8:7f:4a:74:33:16:86:b4:bb:65:2e:9b:32:e5:78: + 53:95:33:38:a4:8a:04:36:eb:fa:51:d5:46:94:72:7d:d7:16: + c9:e7:e3:45:94:ab:ec:08:b6:87:e4:3a:34:7c:ca:dd:f9:27: + 65:21:c5:5f -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ -dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb -tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a -cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd -6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 -jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU -Jz+ZNb5M+JookTs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACQgqjqY +4dRCoQ97WBCDctrU7eLmCA3S+8D/W5dyA7Eg+rGIYCmvRGSCUUR1p8uQDa9jo5Nv +qBIYFmAvWDfsviNkGwatp9b6zzQGPZkhGdQnJBmgAIoogHuKSOphYyBPFPJgoKM6 +WkVKsSQdRmmEdg7/KVtLdKJ1LPFLutzFS92zUrn9RY39cWh4cfg+fGJQoo0H30Wn +OZzf35143qSe7+YKelNCDJ5+Sr+ccGanCKu/tfizO5koLHP0b9pNIVk1glj0Xlkl +HtZ6Csh/SnQzFoa0u2UumzLleFOVMzikigQ26/pR1UaUcn3XFsnn40WUq+wItofk +OjR8yt35J2UhxV8= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: - 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: - 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: - 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: - cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: - da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: - 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: - d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: - 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: - af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: - 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: - 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: - d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: - a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: - 25:b2:22:37 + Signature Algorithm: sha256WithRSAEncryption + 6a:e9:07:00:56:3b:70:9a:2b:3d:42:e9:93:ad:76:a9:43:82: + a9:44:2a:35:a2:c7:56:d4:1e:cd:26:7c:d4:3f:49:19:3a:1e: + 88:ed:f7:3d:b5:88:65:41:b4:69:81:59:fd:bd:93:b3:5c:ba: + ae:60:b9:0b:e7:4b:60:a7:e4:b1:fa:ec:85:09:2b:e8:ff:84: + 77:71:75:63:c2:8a:10:51:76:7a:c9:6f:9a:a3:8b:10:b4:ed: + 9d:75:18:52:f5:a9:8a:ed:e0:0c:a4:23:96:f8:39:f6:fd:ce: + 58:21:54:2c:b1:a2:a1:73:eb:9f:93:99:0c:12:1e:9a:bb:3d: + 1e:91:da:df:b3:66:6a:cb:44:33:a8:d2:5d:31:76:d5:96:30: + 51:dd:d0:12:e9:7b:9b:9f:98:ac:35:03:0f:6f:2d:b5:b6:e1: + 30:14:50:31:2e:4c:fd:65:f5:d2:20:7b:8d:1d:a3:7f:6c:4f: + 47:d6:c8:97:26:cf:28:65:d8:a0:19:d1:ca:2e:e8:f7:11:cb: + ab:a6:32:2b:82:4d:c1:df:0a:c5:e5:9e:00:39:65:20:7e:55: + ad:81:ac:14:b1:f9:f3:88:96:94:26:e1:66:44:96:68:1b:1a: + 8d:db:f3:b9:e7:b8:9b:50:0b:03:19:53:70:c8:58:75:70:1f: + 0e:a4:bb:9f -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL -D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP -xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh -Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc -8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR -23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +AQELBQADggEBAGrpBwBWO3CaKz1C6ZOtdqlDgqlEKjWix1bUHs0mfNQ/SRk6Hojt +9z21iGVBtGmBWf29k7Ncuq5guQvnS2Cn5LH67IUJK+j/hHdxdWPCihBRdnrJb5qj +ixC07Z11GFL1qYrt4AykI5b4Ofb9zlghVCyxoqFz65+TmQwSHpq7PR6R2t+zZmrL +RDOo0l0xdtWWMFHd0BLpe5ufmKw1Aw9vLbW24TAUUDEuTP1l9dIge40do39sT0fW +yJcmzyhl2KAZ0cou6PcRy6umMiuCTcHfCsXlngA5ZSB+Va2BrBSx+fOIlpQm4WZE +lmgbGo3b87nnuJtQCwMZU3DIWHVwHw6ku58= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: - 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: - 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: - 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: - 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: - 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: - 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: - 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: - 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: - b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: - 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: - e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: - 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: - e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: - 24:0e:d6:0d + Signature Algorithm: sha256WithRSAEncryption + 1a:93:21:25:ab:3a:1a:d6:18:60:81:26:16:9c:d6:4b:2f:62: + 3e:57:e2:e7:a8:59:77:fc:22:33:8b:0d:bd:14:79:80:cf:95: + 8a:d5:4f:3c:92:a0:eb:65:42:76:81:80:10:aa:03:21:ea:68: + 5d:72:98:ce:e3:01:65:f8:b2:1a:e8:8d:a9:d6:0a:2b:22:cf: + 11:22:fb:d0:7c:9f:d2:bb:04:4a:34:07:b4:4d:71:31:48:5b: + a0:08:83:ec:96:6d:5e:9a:fb:e3:da:63:32:b6:83:87:37:cb: + 67:dc:8e:7f:9d:a7:83:5c:13:bc:af:82:a0:9a:d2:b2:b7:1e: + 38:38:5c:e5:64:75:37:10:4a:82:a0:4d:f6:f8:5e:bf:36:f3: + 68:01:1a:0a:6b:e3:03:50:79:d6:14:da:26:48:d9:b6:8e:23: + 28:8a:a7:6e:c9:b0:54:c3:0b:48:25:7b:bf:e6:9f:be:f3:f0: + b9:1d:c2:30:11:e4:fc:5f:90:96:69:d9:c0:cd:89:89:58:51: + 43:8b:4c:d9:2a:d0:90:04:fc:db:21:32:c0:32:50:e4:4b:88: + 4c:42:9c:d5:2a:ba:30:6e:5e:49:87:a1:c7:03:9e:6c:45:cc: + bb:cf:d2:4a:af:1d:18:1c:9e:cb:66:50:e9:f9:b8:0b:08:bf: + 39:95:bb:62 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -255,11 +255,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH -dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 -EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI -k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY -R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m -VcjCowsmYI95sNGPgx82kaokDtYN +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAakyElqzoa1hhggSYWnNZLL2I+V+LnqFl3/CIziw29FHmAz5WK1U88kqDr +ZUJ2gYAQqgMh6mhdcpjO4wFl+LIa6I2p1gorIs8RIvvQfJ/SuwRKNAe0TXExSFug +CIPslm1emvvj2mMytoOHN8tn3I5/naeDXBO8r4KgmtKytx44OFzlZHU3EEqCoE32 ++F6/NvNoARoKa+MDUHnWFNomSNm2jiMoiqduybBUwwtIJXu/5p++8/C5HcIwEeT8 +X5CWadnAzYmJWFFDi0zZKtCQBPzbITLAMlDkS4hMQpzVKrowbl5Jh6HHA55sRcy7 +z9JKrx0YHJ7LZlDp+bgLCL85lbti -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-entity.pem b/certs/test-pathlen/chainF-entity.pem index 6a7870de6..27bd2dcd7 100644 --- a/certs/test-pathlen/chainF-entity.pem +++ b/certs/test-pathlen/chainF-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: - c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: - 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: - 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: - 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: - af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: - 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: - aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: - a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: - 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: - a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: - f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: - 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: - fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: - 9a:28:91:3b + Signature Algorithm: sha256WithRSAEncryption + 24:20:aa:3a:98:e1:d4:42:a1:0f:7b:58:10:83:72:da:d4:ed: + e2:e6:08:0d:d2:fb:c0:ff:5b:97:72:03:b1:20:fa:b1:88:60: + 29:af:44:64:82:51:44:75:a7:cb:90:0d:af:63:a3:93:6f:a8: + 12:18:16:60:2f:58:37:ec:be:23:64:1b:06:ad:a7:d6:fa:cf: + 34:06:3d:99:21:19:d4:27:24:19:a0:00:8a:28:80:7b:8a:48: + ea:61:63:20:4f:14:f2:60:a0:a3:3a:5a:45:4a:b1:24:1d:46: + 69:84:76:0e:ff:29:5b:4b:74:a2:75:2c:f1:4b:ba:dc:c5:4b: + dd:b3:52:b9:fd:45:8d:fd:71:68:78:71:f8:3e:7c:62:50:a2: + 8d:07:df:45:a7:39:9c:df:df:9d:78:de:a4:9e:ef:e6:0a:7a: + 53:42:0c:9e:7e:4a:bf:9c:70:66:a7:08:ab:bf:b5:f8:b3:3b: + 99:28:2c:73:f4:6f:da:4d:21:59:35:82:58:f4:5e:59:25:1e: + d6:7a:0a:c8:7f:4a:74:33:16:86:b4:bb:65:2e:9b:32:e5:78: + 53:95:33:38:a4:8a:04:36:eb:fa:51:d5:46:94:72:7d:d7:16: + c9:e7:e3:45:94:ab:ec:08:b6:87:e4:3a:34:7c:ca:dd:f9:27: + 65:21:c5:5f -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ -dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb -tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a -cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd -6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 -jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU -Jz+ZNb5M+JookTs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACQgqjqY +4dRCoQ97WBCDctrU7eLmCA3S+8D/W5dyA7Eg+rGIYCmvRGSCUUR1p8uQDa9jo5Nv +qBIYFmAvWDfsviNkGwatp9b6zzQGPZkhGdQnJBmgAIoogHuKSOphYyBPFPJgoKM6 +WkVKsSQdRmmEdg7/KVtLdKJ1LPFLutzFS92zUrn9RY39cWh4cfg+fGJQoo0H30Wn +OZzf35143qSe7+YKelNCDJ5+Sr+ccGanCKu/tfizO5koLHP0b9pNIVk1glj0Xlkl +HtZ6Csh/SnQzFoa0u2UumzLleFOVMzikigQ26/pR1UaUcn3XFsnn40WUq+wItofk +OjR8yt35J2UhxV8= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/certs/test-pathlen/chainG-ICA1-pathlen0.pem index 6cbd907d5..ad1f9456c 100644 --- a/certs/test-pathlen/chainG-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainG-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: - 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: - 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: - d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: - 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: - ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: - 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: - f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: - 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: - 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: - 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: - 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: - c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: - 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: - 13:a4:f1:d3 + Signature Algorithm: sha256WithRSAEncryption + 56:81:8e:f1:e8:5f:b2:9f:ab:8f:2e:ec:79:c7:3d:0d:af:f2: + 18:f7:d2:2e:07:2c:d0:1d:2a:90:c7:c1:fc:ac:aa:0d:86:f0: + 78:6d:33:43:81:02:70:3b:e6:d9:75:db:2e:ca:4a:61:4d:20: + cb:a9:3e:0c:a9:b3:ca:ff:bb:52:cb:06:14:2d:53:b5:68:9f: + a7:02:83:90:3d:f8:b6:a2:46:e4:2b:c5:48:ed:50:7f:ea:27: + cf:7b:9d:88:1f:1c:5d:16:b7:21:0a:42:95:0b:67:6c:29:34: + 64:61:c0:f5:00:6f:36:dc:e9:68:e3:81:bd:07:a6:bc:6c:9d: + f0:61:b0:50:14:d5:89:46:1f:34:b0:90:42:a0:c3:09:64:6e: + a4:46:13:c6:6a:86:98:63:c7:8e:79:d3:a2:d6:73:23:68:a9: + 8d:ac:b0:93:b0:89:f5:ee:08:cc:47:14:95:3b:1f:d3:eb:42: + 3f:68:b8:6b:80:11:8d:85:8c:90:39:29:e8:5d:7d:e5:c1:c2: + 5c:e7:92:8c:ab:79:17:74:60:a5:ee:fe:52:ff:4a:78:62:5c: + 1b:4b:f8:44:41:8c:05:c7:11:e7:5a:c9:a1:a1:d3:6b:82:36: + c3:1f:23:19:ce:68:9d:c3:80:d5:08:8d:68:d2:49:52:95:44: + 3f:1b:50:9d -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 -t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 -lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc -RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 -r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL -yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVoGO8ehfsp+rjy7secc9Da/yGPfSLgcs +0B0qkMfB/KyqDYbweG0zQ4ECcDvm2XXbLspKYU0gy6k+DKmzyv+7UssGFC1TtWif +pwKDkD34tqJG5CvFSO1Qf+onz3udiB8cXRa3IQpClQtnbCk0ZGHA9QBvNtzpaOOB +vQemvGyd8GGwUBTViUYfNLCQQqDDCWRupEYTxmqGmGPHjnnTotZzI2ipjaywk7CJ +9e4IzEcUlTsf0+tCP2i4a4ARjYWMkDkp6F195cHCXOeSjKt5F3Rgpe7+Uv9KeGJc +G0v4REGMBccR51rJoaHTa4I2wx8jGc5oncOA1QiNaNJJUpVEPxtQnQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/certs/test-pathlen/chainG-ICA2-pathlen1.pem index e5306aede..1592a0143 100644 --- a/certs/test-pathlen/chainG-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainG-ICA2-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: - ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: - 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: - da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: - aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: - 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: - 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: - 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: - 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: - 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: - b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: - 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: - 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: - 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: - 65:12:f6:ae + Signature Algorithm: sha256WithRSAEncryption + 3b:e4:43:62:32:48:75:cf:da:f6:fa:38:4f:1b:b2:25:84:5b: + 79:8f:ce:9c:19:10:ef:ab:b4:b5:f0:2b:d1:16:77:f6:cc:f6: + 43:c7:1f:ca:92:f9:d7:69:3c:82:02:02:19:55:a4:a1:d0:1c: + 7c:e8:b8:8f:4c:7b:42:6c:68:0d:0c:b0:05:ad:39:29:7c:45: + 8e:e2:b3:54:e7:98:84:95:21:3d:73:26:33:5e:5b:59:59:f2: + 03:13:28:86:e1:2c:da:a8:37:7e:2e:93:5e:e1:41:9c:6d:03: + 16:0f:8a:b2:4d:67:b6:1b:65:8a:cb:30:b5:ed:ad:e7:9f:81: + 21:a7:6d:39:f7:af:93:82:1c:89:55:ae:0d:e8:88:be:a5:27: + 60:56:7b:f3:5c:1d:57:49:36:c2:9f:cc:50:62:a7:82:54:61: + 36:10:01:2f:cf:85:b2:dd:d7:56:cc:18:7e:85:5d:f1:b7:b7: + b6:c3:04:6b:01:5e:b8:68:28:9a:6b:fc:83:33:b7:28:64:55: + 38:ee:a4:5a:d5:87:ef:89:07:c4:60:9d:8a:25:d5:71:94:5b: + 96:3f:a4:3f:1d:80:3e:ef:97:9e:c4:25:f1:82:01:27:40:27: + cc:61:e6:67:e0:58:33:e9:9f:35:65:89:40:17:6a:a7:6c:d9: + 70:2c:59:a1 -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 -aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ -qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN -Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 -Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ -I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAO+RDYjJIdc/a9vo4TxuyJYRbeY/OnBkQ +76u0tfAr0RZ39sz2Q8cfypL512k8ggICGVWkodAcfOi4j0x7QmxoDQywBa05KXxF +juKzVOeYhJUhPXMmM15bWVnyAxMohuEs2qg3fi6TXuFBnG0DFg+Ksk1nthtlissw +te2t55+BIadtOfevk4IciVWuDeiIvqUnYFZ781wdV0k2wp/MUGKnglRhNhABL8+F +st3XVswYfoVd8be3tsMEawFeuGgommv8gzO3KGRVOO6kWtWH74kHxGCdiiXVcZRb +lj+kPx2APu+XnsQl8YIBJ0AnzGHmZ+BYM+mfNWWJQBdqp2zZcCxZoQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/certs/test-pathlen/chainG-ICA3-pathlen99.pem index f2b79d6e6..9c6429cff 100644 --- a/certs/test-pathlen/chainG-ICA3-pathlen99.pem +++ b/certs/test-pathlen/chainG-ICA3-pathlen99.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:99 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: - ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: - c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: - a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: - 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: - 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: - 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: - 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: - bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: - 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: - 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: - 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: - ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: - a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: - c8:5e:14:b5 + Signature Algorithm: sha256WithRSAEncryption + 77:4b:04:d7:e6:fd:c1:bb:55:0c:2d:23:bf:90:a3:20:af:cd: + 54:11:34:97:fb:06:55:c1:11:ee:c5:bc:fe:5c:34:73:08:f9: + e9:c3:81:b8:0d:fa:6b:44:cd:ed:4a:d0:3b:40:6d:96:e5:cf: + 96:7d:aa:0d:65:fa:d7:6d:f7:3d:c9:9d:e5:e1:5e:be:34:7d: + b8:62:0c:22:e1:88:c8:02:b8:90:89:9f:1c:1d:18:5c:2d:01: + c9:95:f4:19:01:a6:5b:7a:26:6a:38:71:16:87:88:19:3f:60: + 35:99:71:4c:79:90:db:f9:9b:73:0d:74:45:87:b1:4f:e5:63: + a2:21:b4:38:32:d2:78:f0:15:a6:3a:ac:50:2a:a1:b2:41:f9: + 2b:0a:5c:5b:9a:94:17:42:88:44:41:fa:aa:d3:17:49:c1:31: + eb:a2:89:1f:c7:e7:b2:b0:71:98:64:4e:d6:de:b9:c2:5d:de: + 0e:86:68:1d:9c:ea:7c:b0:72:ee:2a:fa:26:26:1a:21:99:60: + 03:a2:01:67:0e:7d:4a:00:d9:23:2e:c2:c8:c8:3d:04:7a:78: + 08:81:f7:e4:0d:dc:e2:db:b6:1f:8a:33:ab:6f:a1:0d:5f:86: + cd:b7:c9:e1:35:a3:c8:81:da:15:3c:de:39:30:b7:d3:ec:4f: + d3:44:fe:dc -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV -6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM -YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ -ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm -grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp -Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHdLBNfm/cG7VQwtI7+QoyCvzVQRNJf7 +BlXBEe7FvP5cNHMI+enDgbgN+mtEze1K0DtAbZblz5Z9qg1l+tdt9z3JneXhXr40 +fbhiDCLhiMgCuJCJnxwdGFwtAcmV9BkBplt6Jmo4cRaHiBk/YDWZcUx5kNv5m3MN +dEWHsU/lY6IhtDgy0njwFaY6rFAqobJB+SsKXFualBdCiERB+qrTF0nBMeuiiR/H +57KwcZhkTtbeucJd3g6GaB2c6nywcu4q+iYmGiGZYAOiAWcOfUoA2SMuwsjIPQR6 +eAiB9+QN3OLbth+KM6tvoQ1fhs23yeE1o8iB2hU83jkwt9PsT9NE/tw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/certs/test-pathlen/chainG-ICA4-pathlen5.pem index 438c971d6..8467d9f36 100644 --- a/certs/test-pathlen/chainG-ICA4-pathlen5.pem +++ b/certs/test-pathlen/chainG-ICA4-pathlen5.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:5 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: - 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: - 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: - df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: - 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: - 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: - 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: - b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: - f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: - fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: - 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: - d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: - a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: - 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: - 13:29:2a:18 + Signature Algorithm: sha256WithRSAEncryption + ab:ff:d4:87:51:61:f9:a5:68:8d:4e:fd:01:0c:e3:75:9a:c5: + 16:f2:c4:1e:d8:bd:d4:ce:9e:b9:bd:72:db:f2:89:2b:7a:46: + b4:6c:16:e5:dc:5a:eb:d0:3f:63:a8:98:82:0e:df:c6:1a:40: + a2:1a:a0:d5:49:10:a6:f4:ae:10:61:0a:2e:91:0d:bc:cf:e9: + bf:9e:98:23:38:30:f2:00:e3:ca:47:df:ad:46:e8:7b:b2:ae: + 1e:af:fd:c7:2e:b7:7d:b7:46:df:cd:bf:06:77:19:29:2b:fc: + 7c:f9:f7:2f:59:ce:90:a6:9e:70:33:58:b6:72:a4:ed:63:9b: + 50:62:6c:38:01:73:63:48:4e:6b:34:3f:c4:d5:de:45:09:a9: + 27:d1:78:36:59:1e:21:ad:a9:a3:1f:14:25:d1:ce:ab:90:3f: + c0:82:7a:54:fe:6b:48:fc:52:e1:f4:69:2d:84:2e:1c:7b:6f: + 42:4a:7b:05:91:70:0d:f3:ae:b3:d6:bc:7a:fa:9c:c8:0a:e8: + f1:a0:fa:ee:f3:fe:1d:34:0e:31:79:d8:80:57:53:23:af:65: + 92:94:ef:16:de:e0:9f:0a:5a:17:ba:e8:81:90:e1:e4:24:97: + b4:73:82:4c:38:4c:45:2f:82:75:55:4b:af:b8:58:b3:b1:d1: + 60:ab:53:5f -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 -8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy -xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq -J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp -0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA -Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKv/1IdRYfmlaI1O/QEM43WaxRbyxB7Y +vdTOnrm9ctvyiSt6RrRsFuXcWuvQP2OomIIO38YaQKIaoNVJEKb0rhBhCi6RDbzP +6b+emCM4MPIA48pH361G6Huyrh6v/ccut323Rt/NvwZ3GSkr/Hz59y9ZzpCmnnAz +WLZypO1jm1BibDgBc2NITms0P8TV3kUJqSfReDZZHiGtqaMfFCXRzquQP8CCelT+ +a0j8UuH0aS2ELhx7b0JKewWRcA3zrrPWvHr6nMgK6PGg+u7z/h00DjF52IBXUyOv +ZZKU7xbe4J8KWhe66IGQ4eQkl7Rzgkw4TEUvgnVVS6+4WLOx0WCrU18= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/certs/test-pathlen/chainG-ICA5-pathlen20.pem index aca0a3128..f9c3486bb 100644 --- a/certs/test-pathlen/chainG-ICA5-pathlen20.pem +++ b/certs/test-pathlen/chainG-ICA5-pathlen20.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:20 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: - 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: - f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: - de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: - 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: - 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: - 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: - 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: - 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: - cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: - 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: - 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: - 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: - 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: - 5c:9c:5d:21 + Signature Algorithm: sha256WithRSAEncryption + a4:e7:16:a9:20:7b:9c:89:49:48:94:e7:58:31:71:34:10:35: + d5:b6:91:5f:5e:2d:63:66:48:ff:45:7f:d4:dc:53:39:6f:7b: + 13:0a:de:37:7c:c1:43:e9:f9:b2:71:b8:93:22:12:7f:50:9b: + b9:0c:e4:3a:47:7a:95:bc:a4:08:41:73:f0:a3:9a:88:98:7e: + d0:7c:bb:76:ab:5c:ad:3c:41:73:78:5b:b1:0d:06:ae:46:d2: + 81:af:9a:53:f7:d2:45:66:99:45:5e:2e:05:48:47:78:49:b4: + 27:c9:76:5f:93:be:d4:f7:3d:a7:16:39:ef:dc:a1:57:7f:78: + ca:d3:33:94:87:cb:dd:aa:88:07:0b:62:fa:eb:f0:c9:5f:d8: + 3f:a3:6d:d5:dc:ea:a0:b9:c6:dc:7f:08:46:9e:ed:41:52:46: + d2:7a:96:20:37:f6:69:ef:85:23:43:fa:a8:27:1c:2b:70:37: + 7d:50:ce:48:4b:f7:ce:2d:6a:08:3d:45:f3:a3:e4:1f:ef:1f: + 0e:72:e2:f2:f1:e7:5f:72:1f:84:53:1b:d6:b4:2b:e4:4a:3d: + 39:db:a7:02:6a:02:5e:de:3a:43:05:32:de:16:e9:5e:cf:12: + b2:0e:60:36:e1:47:12:ab:98:ce:ef:c4:76:d5:30:b6:72:ae: + af:13:14:17 -----BEGIN CERTIFICATE----- -MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -80,10 +80,10 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk -+Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB -lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld -LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 -X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 -g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEApOcWqSB7nIlJSJTnWDFxNBA11baR +X14tY2ZI/0V/1NxTOW97EwreN3zBQ+n5snG4kyISf1CbuQzkOkd6lbykCEFz8KOa +iJh+0Hy7dqtcrTxBc3hbsQ0GrkbSga+aU/fSRWaZRV4uBUhHeEm0J8l2X5O+1Pc9 +pxY579yhV394ytMzlIfL3aqIBwti+uvwyV/YP6Nt1dzqoLnG3H8IRp7tQVJG0nqW +IDf2ae+FI0P6qCccK3A3fVDOSEv3zi1qCD1F86PkH+8fDnLi8vHnX3IfhFMb1rQr +5Eo9OdunAmoCXt46QwUy3hbpXs8Ssg5gNuFHEquYzu/EdtUwtnKurxMUFw== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/certs/test-pathlen/chainG-ICA6-pathlen10.pem index 2833da61f..8de172a62 100644 --- a/certs/test-pathlen/chainG-ICA6-pathlen10.pem +++ b/certs/test-pathlen/chainG-ICA6-pathlen10.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:10 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: - 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: - 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: - 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: - 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: - 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: - e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: - da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: - 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: - 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: - fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: - 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: - 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: - 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: - 66:ec:5d:71 + Signature Algorithm: sha256WithRSAEncryption + 70:24:57:3f:1a:0c:94:f9:64:14:2e:20:81:bf:02:ba:bb:a5: + 21:02:2b:c0:09:0b:9e:8a:e3:c8:b2:39:4d:05:c1:34:62:44: + 62:5c:d5:ae:0f:17:cf:c0:ab:71:f8:5c:d5:74:8d:3d:eb:90: + d5:d6:a5:97:b8:c1:ab:d7:9c:e7:ca:4f:ee:8f:f2:5d:c7:81: + 22:fc:2e:b0:2d:f2:ff:e3:1a:c5:85:31:21:49:3f:38:f9:5b: + 55:e6:f3:f8:5c:63:fc:9a:c8:76:f0:3d:87:d2:fb:06:6d:5e: + f4:f4:e9:8c:3a:99:7b:1c:8f:29:fb:f6:c3:0c:23:9a:2c:1e: + f4:97:4f:b8:48:37:33:b4:aa:15:a6:5a:75:09:e9:c4:d5:44: + c6:e8:4e:a2:f0:70:a8:9f:10:91:56:55:59:f4:4a:b6:36:4a: + fc:b9:3a:60:01:e6:6e:61:58:f3:b0:ac:cd:02:38:97:bd:eb: + d3:6b:9e:b5:a6:58:ee:ce:86:c2:1b:cf:12:b3:1b:78:00:df: + 5f:da:77:5d:9c:8e:a5:ca:f1:77:87:c1:ed:ad:fd:cf:ea:05: + 53:f9:7e:34:e7:95:23:de:36:36:65:59:08:76:11:6f:d9:6e: + 55:17:af:33:1f:9e:0b:fe:fb:53:5c:67:1a:4d:8a:83:7f:5b: + ca:ff:e4:94 -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -80,10 +80,10 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF -FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 -31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO -+/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 -K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP -s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +hvcNAQELBQADggEBAHAkVz8aDJT5ZBQuIIG/Arq7pSECK8AJC56K48iyOU0FwTRi +RGJc1a4PF8/Aq3H4XNV0jT3rkNXWpZe4wavXnOfKT+6P8l3HgSL8LrAt8v/jGsWF +MSFJPzj5W1Xm8/hcY/yayHbwPYfS+wZtXvT06Yw6mXscjyn79sMMI5osHvSXT7hI +NzO0qhWmWnUJ6cTVRMboTqLwcKifEJFWVVn0SrY2Svy5OmAB5m5hWPOwrM0COJe9 +69NrnrWmWO7OhsIbzxKzG3gA31/ad12cjqXK8XeHwe2t/c/qBVP5fjTnlSPeNjZl +WQh2EW/ZblUXrzMfngv++1NcZxpNioN/W8r/5JQ= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/certs/test-pathlen/chainG-ICA7-pathlen100.pem index 203523a28..5382cbae0 100644 --- a/certs/test-pathlen/chainG-ICA7-pathlen100.pem +++ b/certs/test-pathlen/chainG-ICA7-pathlen100.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: - f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: - c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: - 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: - 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: - 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: - 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: - df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: - e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: - 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: - 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: - 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: - f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: - 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: - ca:8c:2f:a8 + Signature Algorithm: sha256WithRSAEncryption + ae:bd:d0:c5:e1:4f:80:0f:85:0d:d2:e0:b5:c3:dc:73:99:94: + 90:19:01:f2:23:66:83:da:92:f2:e8:14:dc:70:e0:20:14:26: + c5:63:88:6a:1b:b3:f3:2f:5c:28:39:1e:6b:a7:40:9b:02:12: + ac:88:06:1e:c6:dd:9d:d4:6a:b8:22:cb:b7:aa:7a:9c:77:9a: + 37:0a:62:54:23:f3:e7:b9:4f:e0:8a:41:bd:74:21:69:be:7c: + 19:50:7d:d1:93:98:7c:4a:06:60:64:72:f0:09:71:6e:86:43: + 2f:89:dc:38:4a:c1:e4:cc:bc:72:6f:c2:b1:c1:9c:38:ff:98: + 87:92:3b:a6:f2:b5:2d:0a:41:38:0d:e7:b5:41:cf:c1:6d:96: + 34:98:9e:97:c8:87:a9:9e:4b:bb:73:bb:34:d6:bd:61:ef:36: + c8:45:f3:c9:31:36:2c:f1:11:68:4b:a0:f8:b6:9d:c4:a6:8a: + dc:e3:fc:60:f7:50:d2:d4:98:d4:e5:f9:76:ca:4a:3c:74:9a: + bb:95:ce:3c:29:ce:be:b5:9e:07:55:e2:c4:a1:1f:b4:0d:eb: + 87:03:1d:79:1b:e2:fc:f3:aa:4b:df:3e:24:72:56:00:b9:b4: + a0:fc:48:80:6a:76:84:1b:79:ea:03:95:32:42:bc:9d:7a:83: + 87:be:51:d2 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -79,11 +79,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW -BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX -H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x -lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F -/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS -JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBAK690MXhT4APhQ3S4LXD3HOZlJAZAfIjZoPakvLoFNxw4CAUJsVjiGob +s/MvXCg5HmunQJsCEqyIBh7G3Z3Uargiy7eqepx3mjcKYlQj8+e5T+CKQb10IWm+ +fBlQfdGTmHxKBmBkcvAJcW6GQy+J3DhKweTMvHJvwrHBnDj/mIeSO6bytS0KQTgN +57VBz8FtljSYnpfIh6meS7tzuzTWvWHvNshF88kxNizxEWhLoPi2ncSmitzj/GD3 +UNLUmNTl+XbKSjx0mruVzjwpzr61ngdV4sShH7QN64cDHXkb4vzzqkvfPiRyVgC5 +tKD8SIBqdoQbeeoDlTJCvJ16g4e+UdI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-assembled.pem b/certs/test-pathlen/chainG-assembled.pem index aa0c41fb4..39ee469f7 100644 --- a/certs/test-pathlen/chainG-assembled.pem +++ b/certs/test-pathlen/chainG-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: - 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: - 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: - 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: - cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: - ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: - 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: - 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: - e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: - 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: - ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: - ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: - 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: - 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: - 49:95:7e:49 + Signature Algorithm: sha256WithRSAEncryption + 06:c8:08:8c:cc:5d:4e:b5:81:35:06:f3:e5:9d:4e:c8:38:3f: + ec:87:8b:55:3c:fc:6e:4c:f8:3c:78:7d:46:03:33:a7:49:55: + 6c:13:37:e9:11:d5:dd:8c:51:70:2c:28:18:6a:01:63:9b:35: + 04:ba:79:49:95:10:ed:31:4b:70:5f:be:a4:67:d4:8d:2f:95: + 45:f7:1f:3d:a0:fc:29:db:55:65:8d:98:ae:79:ad:ce:c7:b9: + 97:54:9d:69:ca:fa:87:01:fb:0d:9b:57:67:b8:44:f6:91:14: + e5:31:b5:c1:d8:96:b7:1d:7a:05:ed:53:d5:04:8a:8b:8e:74: + f1:13:3d:93:d6:16:10:17:d7:de:b1:4e:13:e8:72:ae:83:91: + 1f:46:3e:86:bd:49:79:9c:99:a9:aa:67:ff:cf:7c:34:b1:2c: + d8:bf:e5:3a:22:c2:70:97:47:db:d0:05:77:e9:46:09:f0:c1: + 06:1c:61:df:8b:8f:6d:a6:5b:d5:ae:9a:52:71:ed:5e:9e:38: + e3:8c:9a:52:cf:8a:8f:20:e9:f1:e4:a3:11:bd:b9:ff:a9:1e: + b7:f9:83:26:18:a8:0b:7b:2b:74:f5:c5:3a:58:e1:0b:71:0a: + 3d:ef:15:ee:2c:28:b3:ba:0e:59:3c:a4:46:24:d3:b7:14:b5: + 4a:8f:c1:25 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg -DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx -txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH -BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI -yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER -P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u -ObIaOLEvt0mVfkk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbICIzM +XU61gTUG8+WdTsg4P+yHi1U8/G5M+Dx4fUYDM6dJVWwTN+kR1d2MUXAsKBhqAWOb +NQS6eUmVEO0xS3BfvqRn1I0vlUX3Hz2g/CnbVWWNmK55rc7HuZdUnWnK+ocB+w2b +V2e4RPaRFOUxtcHYlrcdegXtU9UEiouOdPETPZPWFhAX196xThPocq6DkR9GPoa9 +SXmcmamqZ//PfDSxLNi/5ToiwnCXR9vQBXfpRgnwwQYcYd+Lj22mW9WumlJx7V6e +OOOMmlLPio8g6fHkoxG9uf+pHrf5gyYYqAt7K3T1xTpY4QtxCj3vFe4sKLO6Dlk8 +pEYk07cUtUqPwSU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: - 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: - 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: - d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: - 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: - ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: - 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: - f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: - 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: - 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: - 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: - 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: - c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: - 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: - 13:a4:f1:d3 + Signature Algorithm: sha256WithRSAEncryption + 56:81:8e:f1:e8:5f:b2:9f:ab:8f:2e:ec:79:c7:3d:0d:af:f2: + 18:f7:d2:2e:07:2c:d0:1d:2a:90:c7:c1:fc:ac:aa:0d:86:f0: + 78:6d:33:43:81:02:70:3b:e6:d9:75:db:2e:ca:4a:61:4d:20: + cb:a9:3e:0c:a9:b3:ca:ff:bb:52:cb:06:14:2d:53:b5:68:9f: + a7:02:83:90:3d:f8:b6:a2:46:e4:2b:c5:48:ed:50:7f:ea:27: + cf:7b:9d:88:1f:1c:5d:16:b7:21:0a:42:95:0b:67:6c:29:34: + 64:61:c0:f5:00:6f:36:dc:e9:68:e3:81:bd:07:a6:bc:6c:9d: + f0:61:b0:50:14:d5:89:46:1f:34:b0:90:42:a0:c3:09:64:6e: + a4:46:13:c6:6a:86:98:63:c7:8e:79:d3:a2:d6:73:23:68:a9: + 8d:ac:b0:93:b0:89:f5:ee:08:cc:47:14:95:3b:1f:d3:eb:42: + 3f:68:b8:6b:80:11:8d:85:8c:90:39:29:e8:5d:7d:e5:c1:c2: + 5c:e7:92:8c:ab:79:17:74:60:a5:ee:fe:52:ff:4a:78:62:5c: + 1b:4b:f8:44:41:8c:05:c7:11:e7:5a:c9:a1:a1:d3:6b:82:36: + c3:1f:23:19:ce:68:9d:c3:80:d5:08:8d:68:d2:49:52:95:44: + 3f:1b:50:9d -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 -t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 -lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc -RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 -r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL -yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVoGO8ehfsp+rjy7secc9Da/yGPfSLgcs +0B0qkMfB/KyqDYbweG0zQ4ECcDvm2XXbLspKYU0gy6k+DKmzyv+7UssGFC1TtWif +pwKDkD34tqJG5CvFSO1Qf+onz3udiB8cXRa3IQpClQtnbCk0ZGHA9QBvNtzpaOOB +vQemvGyd8GGwUBTViUYfNLCQQqDDCWRupEYTxmqGmGPHjnnTotZzI2ipjaywk7CJ +9e4IzEcUlTsf0+tCP2i4a4ARjYWMkDkp6F195cHCXOeSjKt5F3Rgpe7+Uv9KeGJc +G0v4REGMBccR51rJoaHTa4I2wx8jGc5oncOA1QiNaNJJUpVEPxtQnQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: - ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: - 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: - da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: - aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: - 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: - 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: - 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: - 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: - 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: - b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: - 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: - 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: - 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: - 65:12:f6:ae + Signature Algorithm: sha256WithRSAEncryption + 3b:e4:43:62:32:48:75:cf:da:f6:fa:38:4f:1b:b2:25:84:5b: + 79:8f:ce:9c:19:10:ef:ab:b4:b5:f0:2b:d1:16:77:f6:cc:f6: + 43:c7:1f:ca:92:f9:d7:69:3c:82:02:02:19:55:a4:a1:d0:1c: + 7c:e8:b8:8f:4c:7b:42:6c:68:0d:0c:b0:05:ad:39:29:7c:45: + 8e:e2:b3:54:e7:98:84:95:21:3d:73:26:33:5e:5b:59:59:f2: + 03:13:28:86:e1:2c:da:a8:37:7e:2e:93:5e:e1:41:9c:6d:03: + 16:0f:8a:b2:4d:67:b6:1b:65:8a:cb:30:b5:ed:ad:e7:9f:81: + 21:a7:6d:39:f7:af:93:82:1c:89:55:ae:0d:e8:88:be:a5:27: + 60:56:7b:f3:5c:1d:57:49:36:c2:9f:cc:50:62:a7:82:54:61: + 36:10:01:2f:cf:85:b2:dd:d7:56:cc:18:7e:85:5d:f1:b7:b7: + b6:c3:04:6b:01:5e:b8:68:28:9a:6b:fc:83:33:b7:28:64:55: + 38:ee:a4:5a:d5:87:ef:89:07:c4:60:9d:8a:25:d5:71:94:5b: + 96:3f:a4:3f:1d:80:3e:ef:97:9e:c4:25:f1:82:01:27:40:27: + cc:61:e6:67:e0:58:33:e9:9f:35:65:89:40:17:6a:a7:6c:d9: + 70:2c:59:a1 -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -256,22 +256,22 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 -aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ -qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN -Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 -Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ -I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAO+RDYjJIdc/a9vo4TxuyJYRbeY/OnBkQ +76u0tfAr0RZ39sz2Q8cfypL512k8ggICGVWkodAcfOi4j0x7QmxoDQywBa05KXxF +juKzVOeYhJUhPXMmM15bWVnyAxMohuEs2qg3fi6TXuFBnG0DFg+Ksk1nthtlissw +te2t55+BIadtOfevk4IciVWuDeiIvqUnYFZ781wdV0k2wp/MUGKnglRhNhABL8+F +st3XVswYfoVd8be3tsMEawFeuGgommv8gzO3KGRVOO6kWtWH74kHxGCdiiXVcZRb +lj+kPx2APu+XnsQl8YIBJ0AnzGHmZ+BYM+mfNWWJQBdqp2zZcCxZoQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -308,28 +308,28 @@ Certificate: CA:TRUE, pathlen:99 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: - ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: - c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: - a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: - 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: - 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: - 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: - 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: - bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: - 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: - 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: - 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: - ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: - a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: - c8:5e:14:b5 + Signature Algorithm: sha256WithRSAEncryption + 77:4b:04:d7:e6:fd:c1:bb:55:0c:2d:23:bf:90:a3:20:af:cd: + 54:11:34:97:fb:06:55:c1:11:ee:c5:bc:fe:5c:34:73:08:f9: + e9:c3:81:b8:0d:fa:6b:44:cd:ed:4a:d0:3b:40:6d:96:e5:cf: + 96:7d:aa:0d:65:fa:d7:6d:f7:3d:c9:9d:e5:e1:5e:be:34:7d: + b8:62:0c:22:e1:88:c8:02:b8:90:89:9f:1c:1d:18:5c:2d:01: + c9:95:f4:19:01:a6:5b:7a:26:6a:38:71:16:87:88:19:3f:60: + 35:99:71:4c:79:90:db:f9:9b:73:0d:74:45:87:b1:4f:e5:63: + a2:21:b4:38:32:d2:78:f0:15:a6:3a:ac:50:2a:a1:b2:41:f9: + 2b:0a:5c:5b:9a:94:17:42:88:44:41:fa:aa:d3:17:49:c1:31: + eb:a2:89:1f:c7:e7:b2:b0:71:98:64:4e:d6:de:b9:c2:5d:de: + 0e:86:68:1d:9c:ea:7c:b0:72:ee:2a:fa:26:26:1a:21:99:60: + 03:a2:01:67:0e:7d:4a:00:d9:23:2e:c2:c8:c8:3d:04:7a:78: + 08:81:f7:e4:0d:dc:e2:db:b6:1f:8a:33:ab:6f:a1:0d:5f:86: + cd:b7:c9:e1:35:a3:c8:81:da:15:3c:de:39:30:b7:d3:ec:4f: + d3:44:fe:dc -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -345,22 +345,22 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV -6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM -YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ -ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm -grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp -Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHdLBNfm/cG7VQwtI7+QoyCvzVQRNJf7 +BlXBEe7FvP5cNHMI+enDgbgN+mtEze1K0DtAbZblz5Z9qg1l+tdt9z3JneXhXr40 +fbhiDCLhiMgCuJCJnxwdGFwtAcmV9BkBplt6Jmo4cRaHiBk/YDWZcUx5kNv5m3MN +dEWHsU/lY6IhtDgy0njwFaY6rFAqobJB+SsKXFualBdCiERB+qrTF0nBMeuiiR/H +57KwcZhkTtbeucJd3g6GaB2c6nywcu4q+iYmGiGZYAOiAWcOfUoA2SMuwsjIPQR6 +eAiB9+QN3OLbth+KM6tvoQ1fhs23yeE1o8iB2hU83jkwt9PsT9NE/tw= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -397,28 +397,28 @@ Certificate: CA:TRUE, pathlen:5 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: - 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: - 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: - df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: - 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: - 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: - 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: - b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: - f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: - fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: - 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: - d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: - a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: - 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: - 13:29:2a:18 + Signature Algorithm: sha256WithRSAEncryption + ab:ff:d4:87:51:61:f9:a5:68:8d:4e:fd:01:0c:e3:75:9a:c5: + 16:f2:c4:1e:d8:bd:d4:ce:9e:b9:bd:72:db:f2:89:2b:7a:46: + b4:6c:16:e5:dc:5a:eb:d0:3f:63:a8:98:82:0e:df:c6:1a:40: + a2:1a:a0:d5:49:10:a6:f4:ae:10:61:0a:2e:91:0d:bc:cf:e9: + bf:9e:98:23:38:30:f2:00:e3:ca:47:df:ad:46:e8:7b:b2:ae: + 1e:af:fd:c7:2e:b7:7d:b7:46:df:cd:bf:06:77:19:29:2b:fc: + 7c:f9:f7:2f:59:ce:90:a6:9e:70:33:58:b6:72:a4:ed:63:9b: + 50:62:6c:38:01:73:63:48:4e:6b:34:3f:c4:d5:de:45:09:a9: + 27:d1:78:36:59:1e:21:ad:a9:a3:1f:14:25:d1:ce:ab:90:3f: + c0:82:7a:54:fe:6b:48:fc:52:e1:f4:69:2d:84:2e:1c:7b:6f: + 42:4a:7b:05:91:70:0d:f3:ae:b3:d6:bc:7a:fa:9c:c8:0a:e8: + f1:a0:fa:ee:f3:fe:1d:34:0e:31:79:d8:80:57:53:23:af:65: + 92:94:ef:16:de:e0:9f:0a:5a:17:ba:e8:81:90:e1:e4:24:97: + b4:73:82:4c:38:4c:45:2f:82:75:55:4b:af:b8:58:b3:b1:d1: + 60:ab:53:5f -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -434,22 +434,22 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 -8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy -xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq -J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp -0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA -Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKv/1IdRYfmlaI1O/QEM43WaxRbyxB7Y +vdTOnrm9ctvyiSt6RrRsFuXcWuvQP2OomIIO38YaQKIaoNVJEKb0rhBhCi6RDbzP +6b+emCM4MPIA48pH361G6Huyrh6v/ccut323Rt/NvwZ3GSkr/Hz59y9ZzpCmnnAz +WLZypO1jm1BibDgBc2NITms0P8TV3kUJqSfReDZZHiGtqaMfFCXRzquQP8CCelT+ +a0j8UuH0aS2ELhx7b0JKewWRcA3zrrPWvHr6nMgK6PGg+u7z/h00DjF52IBXUyOv +ZZKU7xbe4J8KWhe66IGQ4eQkl7Rzgkw4TEUvgnVVS6+4WLOx0WCrU18= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -486,28 +486,28 @@ Certificate: CA:TRUE, pathlen:20 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: - 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: - f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: - de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: - 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: - 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: - 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: - 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: - 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: - cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: - 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: - 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: - 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: - 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: - 5c:9c:5d:21 + Signature Algorithm: sha256WithRSAEncryption + a4:e7:16:a9:20:7b:9c:89:49:48:94:e7:58:31:71:34:10:35: + d5:b6:91:5f:5e:2d:63:66:48:ff:45:7f:d4:dc:53:39:6f:7b: + 13:0a:de:37:7c:c1:43:e9:f9:b2:71:b8:93:22:12:7f:50:9b: + b9:0c:e4:3a:47:7a:95:bc:a4:08:41:73:f0:a3:9a:88:98:7e: + d0:7c:bb:76:ab:5c:ad:3c:41:73:78:5b:b1:0d:06:ae:46:d2: + 81:af:9a:53:f7:d2:45:66:99:45:5e:2e:05:48:47:78:49:b4: + 27:c9:76:5f:93:be:d4:f7:3d:a7:16:39:ef:dc:a1:57:7f:78: + ca:d3:33:94:87:cb:dd:aa:88:07:0b:62:fa:eb:f0:c9:5f:d8: + 3f:a3:6d:d5:dc:ea:a0:b9:c6:dc:7f:08:46:9e:ed:41:52:46: + d2:7a:96:20:37:f6:69:ef:85:23:43:fa:a8:27:1c:2b:70:37: + 7d:50:ce:48:4b:f7:ce:2d:6a:08:3d:45:f3:a3:e4:1f:ef:1f: + 0e:72:e2:f2:f1:e7:5f:72:1f:84:53:1b:d6:b4:2b:e4:4a:3d: + 39:db:a7:02:6a:02:5e:de:3a:43:05:32:de:16:e9:5e:cf:12: + b2:0e:60:36:e1:47:12:ab:98:ce:ef:c4:76:d5:30:b6:72:ae: + af:13:14:17 -----BEGIN CERTIFICATE----- -MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -523,22 +523,22 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk -+Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB -lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld -LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 -X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 -g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEApOcWqSB7nIlJSJTnWDFxNBA11baR +X14tY2ZI/0V/1NxTOW97EwreN3zBQ+n5snG4kyISf1CbuQzkOkd6lbykCEFz8KOa +iJh+0Hy7dqtcrTxBc3hbsQ0GrkbSga+aU/fSRWaZRV4uBUhHeEm0J8l2X5O+1Pc9 +pxY579yhV394ytMzlIfL3aqIBwti+uvwyV/YP6Nt1dzqoLnG3H8IRp7tQVJG0nqW +IDf2ae+FI0P6qCccK3A3fVDOSEv3zi1qCD1F86PkH+8fDnLi8vHnX3IfhFMb1rQr +5Eo9OdunAmoCXt46QwUy3hbpXs8Ssg5gNuFHEquYzu/EdtUwtnKurxMUFw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -575,28 +575,28 @@ Certificate: CA:TRUE, pathlen:10 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: - 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: - 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: - 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: - 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: - 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: - e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: - da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: - 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: - 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: - fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: - 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: - 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: - 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: - 66:ec:5d:71 + Signature Algorithm: sha256WithRSAEncryption + 70:24:57:3f:1a:0c:94:f9:64:14:2e:20:81:bf:02:ba:bb:a5: + 21:02:2b:c0:09:0b:9e:8a:e3:c8:b2:39:4d:05:c1:34:62:44: + 62:5c:d5:ae:0f:17:cf:c0:ab:71:f8:5c:d5:74:8d:3d:eb:90: + d5:d6:a5:97:b8:c1:ab:d7:9c:e7:ca:4f:ee:8f:f2:5d:c7:81: + 22:fc:2e:b0:2d:f2:ff:e3:1a:c5:85:31:21:49:3f:38:f9:5b: + 55:e6:f3:f8:5c:63:fc:9a:c8:76:f0:3d:87:d2:fb:06:6d:5e: + f4:f4:e9:8c:3a:99:7b:1c:8f:29:fb:f6:c3:0c:23:9a:2c:1e: + f4:97:4f:b8:48:37:33:b4:aa:15:a6:5a:75:09:e9:c4:d5:44: + c6:e8:4e:a2:f0:70:a8:9f:10:91:56:55:59:f4:4a:b6:36:4a: + fc:b9:3a:60:01:e6:6e:61:58:f3:b0:ac:cd:02:38:97:bd:eb: + d3:6b:9e:b5:a6:58:ee:ce:86:c2:1b:cf:12:b3:1b:78:00:df: + 5f:da:77:5d:9c:8e:a5:ca:f1:77:87:c1:ed:ad:fd:cf:ea:05: + 53:f9:7e:34:e7:95:23:de:36:36:65:59:08:76:11:6f:d9:6e: + 55:17:af:33:1f:9e:0b:fe:fb:53:5c:67:1a:4d:8a:83:7f:5b: + ca:ff:e4:94 -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -612,22 +612,22 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF -FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 -31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO -+/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 -K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP -s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +hvcNAQELBQADggEBAHAkVz8aDJT5ZBQuIIG/Arq7pSECK8AJC56K48iyOU0FwTRi +RGJc1a4PF8/Aq3H4XNV0jT3rkNXWpZe4wavXnOfKT+6P8l3HgSL8LrAt8v/jGsWF +MSFJPzj5W1Xm8/hcY/yayHbwPYfS+wZtXvT06Yw6mXscjyn79sMMI5osHvSXT7hI +NzO0qhWmWnUJ6cTVRMboTqLwcKifEJFWVVn0SrY2Svy5OmAB5m5hWPOwrM0COJe9 +69NrnrWmWO7OhsIbzxKzG3gA31/ad12cjqXK8XeHwe2t/c/qBVP5fjTnlSPeNjZl +WQh2EW/ZblUXrzMfngv++1NcZxpNioN/W8r/5JQ= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -664,28 +664,28 @@ Certificate: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: - f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: - c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: - 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: - 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: - 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: - 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: - df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: - e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: - 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: - 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: - 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: - f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: - 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: - ca:8c:2f:a8 + Signature Algorithm: sha256WithRSAEncryption + ae:bd:d0:c5:e1:4f:80:0f:85:0d:d2:e0:b5:c3:dc:73:99:94: + 90:19:01:f2:23:66:83:da:92:f2:e8:14:dc:70:e0:20:14:26: + c5:63:88:6a:1b:b3:f3:2f:5c:28:39:1e:6b:a7:40:9b:02:12: + ac:88:06:1e:c6:dd:9d:d4:6a:b8:22:cb:b7:aa:7a:9c:77:9a: + 37:0a:62:54:23:f3:e7:b9:4f:e0:8a:41:bd:74:21:69:be:7c: + 19:50:7d:d1:93:98:7c:4a:06:60:64:72:f0:09:71:6e:86:43: + 2f:89:dc:38:4a:c1:e4:cc:bc:72:6f:c2:b1:c1:9c:38:ff:98: + 87:92:3b:a6:f2:b5:2d:0a:41:38:0d:e7:b5:41:cf:c1:6d:96: + 34:98:9e:97:c8:87:a9:9e:4b:bb:73:bb:34:d6:bd:61:ef:36: + c8:45:f3:c9:31:36:2c:f1:11:68:4b:a0:f8:b6:9d:c4:a6:8a: + dc:e3:fc:60:f7:50:d2:d4:98:d4:e5:f9:76:ca:4a:3c:74:9a: + bb:95:ce:3c:29:ce:be:b5:9e:07:55:e2:c4:a1:1f:b4:0d:eb: + 87:03:1d:79:1b:e2:fc:f3:aa:4b:df:3e:24:72:56:00:b9:b4: + a0:fc:48:80:6a:76:84:1b:79:ea:03:95:32:42:bc:9d:7a:83: + 87:be:51:d2 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -700,11 +700,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW -BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX -H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x -lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F -/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS -JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBAK690MXhT4APhQ3S4LXD3HOZlJAZAfIjZoPakvLoFNxw4CAUJsVjiGob +s/MvXCg5HmunQJsCEqyIBh7G3Z3Uargiy7eqepx3mjcKYlQj8+e5T+CKQb10IWm+ +fBlQfdGTmHxKBmBkcvAJcW6GQy+J3DhKweTMvHJvwrHBnDj/mIeSO6bytS0KQTgN +57VBz8FtljSYnpfIh6meS7tzuzTWvWHvNshF88kxNizxEWhLoPi2ncSmitzj/GD3 +UNLUmNTl+XbKSjx0mruVzjwpzr61ngdV4sShH7QN64cDHXkb4vzzqkvfPiRyVgC5 +tKD8SIBqdoQbeeoDlTJCvJ16g4e+UdI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-entity.pem b/certs/test-pathlen/chainG-entity.pem index fc8a96ca2..d563eef64 100644 --- a/certs/test-pathlen/chainG-entity.pem +++ b/certs/test-pathlen/chainG-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: - 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: - 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: - 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: - cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: - ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: - 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: - 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: - e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: - 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: - ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: - ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: - 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: - 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: - 49:95:7e:49 + Signature Algorithm: sha256WithRSAEncryption + 06:c8:08:8c:cc:5d:4e:b5:81:35:06:f3:e5:9d:4e:c8:38:3f: + ec:87:8b:55:3c:fc:6e:4c:f8:3c:78:7d:46:03:33:a7:49:55: + 6c:13:37:e9:11:d5:dd:8c:51:70:2c:28:18:6a:01:63:9b:35: + 04:ba:79:49:95:10:ed:31:4b:70:5f:be:a4:67:d4:8d:2f:95: + 45:f7:1f:3d:a0:fc:29:db:55:65:8d:98:ae:79:ad:ce:c7:b9: + 97:54:9d:69:ca:fa:87:01:fb:0d:9b:57:67:b8:44:f6:91:14: + e5:31:b5:c1:d8:96:b7:1d:7a:05:ed:53:d5:04:8a:8b:8e:74: + f1:13:3d:93:d6:16:10:17:d7:de:b1:4e:13:e8:72:ae:83:91: + 1f:46:3e:86:bd:49:79:9c:99:a9:aa:67:ff:cf:7c:34:b1:2c: + d8:bf:e5:3a:22:c2:70:97:47:db:d0:05:77:e9:46:09:f0:c1: + 06:1c:61:df:8b:8f:6d:a6:5b:d5:ae:9a:52:71:ed:5e:9e:38: + e3:8c:9a:52:cf:8a:8f:20:e9:f1:e4:a3:11:bd:b9:ff:a9:1e: + b7:f9:83:26:18:a8:0b:7b:2b:74:f5:c5:3a:58:e1:0b:71:0a: + 3d:ef:15:ee:2c:28:b3:ba:0e:59:3c:a4:46:24:d3:b7:14:b5: + 4a:8f:c1:25 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg -DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx -txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH -BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI -yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER -P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u -ObIaOLEvt0mVfkk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbICIzM +XU61gTUG8+WdTsg4P+yHi1U8/G5M+Dx4fUYDM6dJVWwTN+kR1d2MUXAsKBhqAWOb +NQS6eUmVEO0xS3BfvqRn1I0vlUX3Hz2g/CnbVWWNmK55rc7HuZdUnWnK+ocB+w2b +V2e4RPaRFOUxtcHYlrcdegXtU9UEiouOdPETPZPWFhAX196xThPocq6DkR9GPoa9 +SXmcmamqZ//PfDSxLNi/5ToiwnCXR9vQBXfpRgnwwQYcYd+Lj22mW9WumlJx7V6e +OOOMmlLPio8g6fHkoxG9uf+pHrf5gyYYqAt7K3T1xTpY4QtxCj3vFe4sKLO6Dlk8 +pEYk07cUtUqPwSU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/certs/test-pathlen/chainH-ICA1-pathlen0.pem index 767778cf9..974ddd46a 100644 --- a/certs/test-pathlen/chainH-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainH-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: - d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: - 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: - 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: - 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: - ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: - ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: - d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: - 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: - c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: - d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: - 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: - e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: - 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: - cf:03:8c:6f + Signature Algorithm: sha256WithRSAEncryption + 5f:77:d6:d2:55:4e:25:be:4b:f4:9f:9d:a8:ff:92:ac:4d:19: + 1f:0b:50:5b:51:01:7f:b8:a2:56:0d:cd:0c:c8:66:7a:08:bf: + 1e:07:6a:a5:6d:ad:68:c4:bb:da:99:d7:f3:62:bb:b5:28:de: + 47:dc:e2:b0:e1:27:cd:14:4b:7d:1c:7d:1a:60:eb:37:6f:fc: + ff:4e:1f:9f:ce:52:da:b4:a7:f4:6c:92:b5:65:b5:8f:53:1b: + d8:bd:7d:f6:a8:7e:23:9f:7d:b6:09:18:f2:a3:17:55:aa:fe: + 57:87:3d:a9:18:52:76:6e:fe:7c:ed:2a:85:45:63:d3:4d:7b: + f2:5e:ff:0f:a7:ae:24:ef:5f:71:66:25:29:31:9e:4a:12:a0: + 56:5b:39:2c:79:64:d0:1a:fb:97:99:df:42:9c:23:b4:f1:1d: + be:fc:da:41:16:b1:a0:fc:3a:b8:6e:a7:cf:3c:21:ea:22:7c: + f6:d2:a1:25:96:1e:b9:2f:eb:bf:61:c2:ee:58:c6:a1:7e:d0: + 73:e3:fd:58:62:ca:44:95:2b:b1:a8:d0:f8:1a:0d:40:9a:fb: + b1:27:4b:fc:57:4c:32:b5:09:5e:6e:ac:1d:dc:bc:77:f5:1b: + 27:88:40:df:70:da:f7:28:32:ef:8f:2e:53:41:78:69:e9:3e: + 7b:64:da:e4 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG -2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX -HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj -J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ -xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m -fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBfd9bSVU4lvkv0n52o/5KsTRkfC1BbUQF/ +uKJWDc0MyGZ6CL8eB2qlba1oxLvamdfzYru1KN5H3OKw4SfNFEt9HH0aYOs3b/z/ +Th+fzlLatKf0bJK1ZbWPUxvYvX32qH4jn322CRjyoxdVqv5Xhz2pGFJ2bv587SqF +RWPTTXvyXv8Pp64k719xZiUpMZ5KEqBWWzkseWTQGvuXmd9CnCO08R2+/NpBFrGg +/Dq4bqfPPCHqInz20qEllh65L+u/YcLuWMahftBz4/1YYspElSuxqND4Gg1Amvux +J0v8V0wytQlebqwd3Lx39RsniEDfcNr3KDLvjy5TQXhp6T57ZNrk -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/certs/test-pathlen/chainH-ICA2-pathlen2.pem index 38a3d79af..31230193c 100644 --- a/certs/test-pathlen/chainH-ICA2-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA2-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: - cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: - 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: - 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: - cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: - d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: - c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: - f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: - 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: - 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: - 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: - e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: - 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: - 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: - ec:b2:af:6c + Signature Algorithm: sha256WithRSAEncryption + 16:6f:a3:cd:f6:de:87:1c:86:f8:b4:b8:e6:e0:dc:11:2f:f3: + bb:f1:57:34:ec:1a:59:8a:81:63:40:01:df:53:24:a7:50:b0: + 6d:3d:29:2a:41:e7:08:71:0f:37:4b:10:b5:95:ae:a0:81:ba: + ba:b5:3e:72:48:be:6b:9e:be:34:3b:0d:15:f8:8f:9d:24:68: + 01:0c:d4:4a:0d:86:d5:b3:71:b6:d6:8e:71:44:16:7e:e3:db: + ba:7d:0e:5f:b3:2f:e2:60:f9:ff:bc:91:a6:ae:3c:ba:30:e4: + f5:55:bf:1e:72:0b:cc:5e:b4:7e:1f:09:aa:b4:52:bd:8c:2c: + 37:d0:0d:82:b4:ec:ff:c1:cf:91:a2:43:24:b8:b4:c0:ac:f2: + 29:eb:84:1d:49:ef:a4:8f:65:b3:06:01:2f:23:cf:a6:27:42: + cd:99:17:b9:69:40:1d:df:99:f6:f8:c4:61:cc:4a:a1:f0:38: + ce:4e:c4:27:f6:8f:d2:ae:74:5f:39:93:66:77:55:b2:25:8d: + 7e:7f:7d:b4:2b:f1:ee:83:9e:7b:f5:31:3f:d7:27:53:e6:21: + bd:69:a5:ca:0e:d8:6e:54:67:56:bf:f3:ec:e8:e1:aa:a4:76: + fa:0d:42:d4:7d:26:bd:f5:e5:25:ee:81:c4:ed:59:eb:0a:54: + d3:c9:18:30 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l -HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN -bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np -uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch -gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY -MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAWb6PN9t6HHIb4tLjm4NwRL/O78Vc07BpZ +ioFjQAHfUySnULBtPSkqQecIcQ83SxC1la6ggbq6tT5ySL5rnr40Ow0V+I+dJGgB +DNRKDYbVs3G21o5xRBZ+49u6fQ5fsy/iYPn/vJGmrjy6MOT1Vb8ecgvMXrR+Hwmq +tFK9jCw30A2CtOz/wc+RokMkuLTArPIp64QdSe+kj2WzBgEvI8+mJ0LNmRe5aUAd +35n2+MRhzEqh8DjOTsQn9o/SrnRfOZNmd1WyJY1+f320K/Hug5579TE/1ydT5iG9 +aaXKDthuVGdWv/Ps6OGqpHb6DULUfSa99eUl7oHE7VnrClTTyRgw -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/certs/test-pathlen/chainH-ICA3-pathlen2.pem index 563e9156a..7f4dd677b 100644 --- a/certs/test-pathlen/chainH-ICA3-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA3-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: - 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: - eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: - 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: - 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: - 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: - 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: - 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: - 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: - fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: - df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: - e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: - 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: - 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: - 7e:4b:ec:a0 + Signature Algorithm: sha256WithRSAEncryption + 2a:35:ca:d5:dd:97:31:4d:29:21:90:67:ba:68:ef:2a:56:b0: + 08:0a:c5:a2:cc:30:11:71:59:1b:59:2b:ca:c4:cc:22:52:d7: + f3:a7:d2:14:c5:fc:e4:c5:6f:9d:45:ce:7f:d0:dd:ec:5f:6b: + c3:d1:78:7a:29:bb:73:98:b6:15:9b:41:37:7a:50:b3:04:1d: + 72:90:9b:e9:f2:4b:68:f3:60:e9:bb:34:6e:2a:6c:6c:50:a6: + 38:ac:61:bc:ca:25:23:f5:f5:70:3a:8a:33:94:cf:97:1c:5c: + a3:76:b0:7b:88:35:8a:6e:18:44:01:e6:80:23:e9:14:ea:66: + 56:34:9a:0b:ca:1a:37:c8:e7:00:03:39:7d:73:e5:13:cb:be: + 9e:df:c6:87:c3:24:a7:7f:39:1d:cc:ca:1f:e7:14:38:fe:3d: + 06:7a:2f:95:f3:9a:79:49:e9:9c:f3:72:e5:b4:b5:fb:87:13: + 83:4f:9f:76:2f:41:8f:a4:55:1d:e4:74:2f:0a:0f:cd:ee:a8: + 50:06:1e:a7:9e:25:9f:f3:9d:b2:c1:44:de:c5:44:3e:42:64: + e1:75:16:33:56:a7:93:68:bb:fa:96:46:33:de:58:c1:81:42: + ca:1c:28:4f:09:71:db:60:e1:88:ac:d6:0d:37:3a:63:8d:50: + b7:35:2d:e5 -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts -wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX -CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg -GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z -UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 -CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +AQELBQADggEBACo1ytXdlzFNKSGQZ7po7ypWsAgKxaLMMBFxWRtZK8rEzCJS1/On +0hTF/OTFb51Fzn/Q3exfa8PReHopu3OYthWbQTd6ULMEHXKQm+nyS2jzYOm7NG4q +bGxQpjisYbzKJSP19XA6ijOUz5ccXKN2sHuINYpuGEQB5oAj6RTqZlY0mgvKGjfI +5wADOX1z5RPLvp7fxofDJKd/OR3Myh/nFDj+PQZ6L5XzmnlJ6ZzzcuW0tfuHE4NP +n3YvQY+kVR3kdC8KD83uqFAGHqeeJZ/znbLBRN7FRD5CZOF1FjNWp5Nou/qWRjPe +WMGBQsocKE8Jcdtg4Yis1g03OmONULc1LeU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/certs/test-pathlen/chainH-ICA4-pathlen2.pem index 91aa44ad3..df74193db 100644 --- a/certs/test-pathlen/chainH-ICA4-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA4-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: - 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: - fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: - be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: - 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: - 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: - 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: - 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: - 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: - c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: - 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: - 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: - b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: - e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: - 0f:90:4c:f8 + Signature Algorithm: sha256WithRSAEncryption + 61:c0:d8:c4:02:cd:b4:54:d3:44:e9:06:78:0b:a2:16:b5:4a: + b6:b5:09:f1:d1:fc:9f:be:e5:12:0b:6c:61:8d:66:3f:ce:8f: + 95:98:24:ea:d2:99:3a:4f:89:e3:2d:a9:f7:69:cb:05:9e:90: + af:5a:f1:93:ac:ee:fe:78:f8:e3:22:fa:69:7f:e4:71:1d:c9: + 1e:ac:61:81:8d:93:33:bc:b2:e4:67:75:97:9d:af:0a:db:ab: + 24:3f:8d:1d:16:c6:05:c6:89:a7:5f:cf:2d:73:39:de:8f:40: + 94:4b:7a:a4:ea:35:1e:70:ce:3a:f5:75:76:e5:ab:e4:8a:9a: + a4:a1:ec:49:59:3d:b7:23:fa:3c:af:dd:09:d7:aa:47:60:11: + 07:07:f4:8b:a1:40:b2:d9:bb:0f:88:b8:d1:a5:e2:88:22:76: + 8b:45:d6:96:2c:45:11:98:04:85:22:99:1f:49:a7:30:b0:b0: + 74:c3:ea:1a:a6:53:ed:c9:48:40:1a:d8:02:a8:fb:35:3a:f7: + 69:42:b2:75:dd:98:41:30:a9:e3:b1:ec:c6:66:f1:61:16:5b: + f6:e3:bc:31:8e:46:66:fa:39:34:66:cc:95:1d:69:15:12:41: + 16:ce:e6:a6:d4:4c:eb:f4:99:b4:6d:66:99:76:ae:5a:e8:24: + 92:a7:ef:45 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt -Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP -sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM -MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl -zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni -nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBhwNjEAs20VNNE6QZ4C6IWtUq2tQnx0fyfvuUSC2xhjWY/zo+VmCTq0pk6 +T4njLan3acsFnpCvWvGTrO7+ePjjIvppf+RxHckerGGBjZMzvLLkZ3WXna8K26sk +P40dFsYFxomnX88tcznej0CUS3qk6jUecM469XV25avkipqkoexJWT23I/o8r90J +16pHYBEHB/SLoUCy2bsPiLjRpeKIInaLRdaWLEURmASFIpkfSacwsLB0w+oaplPt +yUhAGtgCqPs1OvdpQrJ13ZhBMKnjsezGZvFhFlv247wxjkZm+jk0ZsyVHWkVEkEW +zuam1Ezr9Jm0bWaZdq5a6CSSp+9F -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-assembled.pem b/certs/test-pathlen/chainH-assembled.pem index 402c392b8..bbf203142 100644 --- a/certs/test-pathlen/chainH-assembled.pem +++ b/certs/test-pathlen/chainH-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: - d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: - 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: - fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: - 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: - 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: - d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: - 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: - e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: - 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: - d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: - cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: - c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: - 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: - 86:2f:da:d9 + Signature Algorithm: sha256WithRSAEncryption + bc:fc:a7:c3:c9:a4:57:9e:37:9d:f7:71:eb:5b:7c:a2:1a:0d: + 24:97:12:92:18:fd:0f:5e:5b:f9:27:c9:98:2c:9a:06:bd:77: + 85:63:3c:a4:ed:90:92:3a:79:41:82:c3:54:66:f6:c6:a0:d3: + ba:a3:19:93:d9:5f:54:90:fc:2b:37:d1:96:88:ba:be:e1:71: + 8c:a2:24:d7:ce:d8:7c:5e:87:9f:4f:f2:52:51:1c:82:5b:2c: + 8b:b4:5d:7e:d6:03:95:a0:e9:29:68:5e:76:18:2b:93:6f:a1: + 58:a6:f6:35:8b:37:b9:6b:82:5d:3a:8c:bc:a6:bd:18:ca:2f: + ea:0c:4d:36:7a:58:80:52:9c:b3:fa:a4:2b:0e:97:e6:0f:fc: + 41:62:6d:45:19:15:6d:3e:16:e5:bc:81:ce:c0:34:d3:b5:d4: + 0c:54:a5:62:a6:55:57:ad:e8:6f:94:58:cb:31:ff:0f:1c:13: + 63:82:91:1f:a3:68:f5:9f:9c:d9:dd:54:e0:d0:36:ea:ad:2a: + 9d:4e:66:be:c7:2f:1a:16:70:be:b4:1b:c5:2d:b2:1b:0c:87: + 64:10:4d:db:8b:79:5b:2e:10:a4:95:25:7b:be:b2:21:26:47: + e9:d2:74:c8:34:b1:e3:7b:73:8c:93:7a:82:ce:50:d4:46:34: + ab:11:71:c0 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg -6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN -svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb -i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS -si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC -8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva -Cy5boaUAb4Yv2tk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBALz8p8PJ +pFeeN533cetbfKIaDSSXEpIY/Q9eW/knyZgsmga9d4VjPKTtkJI6eUGCw1Rm9sag +07qjGZPZX1SQ/Cs30ZaIur7hcYyiJNfO2Hxeh59P8lJRHIJbLIu0XX7WA5Wg6Slo +XnYYK5NvoVim9jWLN7lrgl06jLymvRjKL+oMTTZ6WIBSnLP6pCsOl+YP/EFibUUZ +FW0+FuW8gc7ANNO11AxUpWKmVVet6G+UWMsx/w8cE2OCkR+jaPWfnNndVODQNuqt +Kp1OZr7HLxoWcL60G8UtshsMh2QQTduLeVsuEKSVJXu+siEmR+nSdMg0seN7c4yT +eoLOUNRGNKsRccA= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: - d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: - 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: - 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: - 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: - ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: - ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: - d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: - 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: - c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: - d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: - 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: - e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: - 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: - cf:03:8c:6f + Signature Algorithm: sha256WithRSAEncryption + 5f:77:d6:d2:55:4e:25:be:4b:f4:9f:9d:a8:ff:92:ac:4d:19: + 1f:0b:50:5b:51:01:7f:b8:a2:56:0d:cd:0c:c8:66:7a:08:bf: + 1e:07:6a:a5:6d:ad:68:c4:bb:da:99:d7:f3:62:bb:b5:28:de: + 47:dc:e2:b0:e1:27:cd:14:4b:7d:1c:7d:1a:60:eb:37:6f:fc: + ff:4e:1f:9f:ce:52:da:b4:a7:f4:6c:92:b5:65:b5:8f:53:1b: + d8:bd:7d:f6:a8:7e:23:9f:7d:b6:09:18:f2:a3:17:55:aa:fe: + 57:87:3d:a9:18:52:76:6e:fe:7c:ed:2a:85:45:63:d3:4d:7b: + f2:5e:ff:0f:a7:ae:24:ef:5f:71:66:25:29:31:9e:4a:12:a0: + 56:5b:39:2c:79:64:d0:1a:fb:97:99:df:42:9c:23:b4:f1:1d: + be:fc:da:41:16:b1:a0:fc:3a:b8:6e:a7:cf:3c:21:ea:22:7c: + f6:d2:a1:25:96:1e:b9:2f:eb:bf:61:c2:ee:58:c6:a1:7e:d0: + 73:e3:fd:58:62:ca:44:95:2b:b1:a8:d0:f8:1a:0d:40:9a:fb: + b1:27:4b:fc:57:4c:32:b5:09:5e:6e:ac:1d:dc:bc:77:f5:1b: + 27:88:40:df:70:da:f7:28:32:ef:8f:2e:53:41:78:69:e9:3e: + 7b:64:da:e4 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG -2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX -HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj -J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ -xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m -fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBfd9bSVU4lvkv0n52o/5KsTRkfC1BbUQF/ +uKJWDc0MyGZ6CL8eB2qlba1oxLvamdfzYru1KN5H3OKw4SfNFEt9HH0aYOs3b/z/ +Th+fzlLatKf0bJK1ZbWPUxvYvX32qH4jn322CRjyoxdVqv5Xhz2pGFJ2bv587SqF +RWPTTXvyXv8Pp64k719xZiUpMZ5KEqBWWzkseWTQGvuXmd9CnCO08R2+/NpBFrGg +/Dq4bqfPPCHqInz20qEllh65L+u/YcLuWMahftBz4/1YYspElSuxqND4Gg1Amvux +J0v8V0wytQlebqwd3Lx39RsniEDfcNr3KDLvjy5TQXhp6T57ZNrk -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: - cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: - 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: - 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: - cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: - d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: - c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: - f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: - 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: - 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: - 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: - e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: - 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: - 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: - ec:b2:af:6c + Signature Algorithm: sha256WithRSAEncryption + 16:6f:a3:cd:f6:de:87:1c:86:f8:b4:b8:e6:e0:dc:11:2f:f3: + bb:f1:57:34:ec:1a:59:8a:81:63:40:01:df:53:24:a7:50:b0: + 6d:3d:29:2a:41:e7:08:71:0f:37:4b:10:b5:95:ae:a0:81:ba: + ba:b5:3e:72:48:be:6b:9e:be:34:3b:0d:15:f8:8f:9d:24:68: + 01:0c:d4:4a:0d:86:d5:b3:71:b6:d6:8e:71:44:16:7e:e3:db: + ba:7d:0e:5f:b3:2f:e2:60:f9:ff:bc:91:a6:ae:3c:ba:30:e4: + f5:55:bf:1e:72:0b:cc:5e:b4:7e:1f:09:aa:b4:52:bd:8c:2c: + 37:d0:0d:82:b4:ec:ff:c1:cf:91:a2:43:24:b8:b4:c0:ac:f2: + 29:eb:84:1d:49:ef:a4:8f:65:b3:06:01:2f:23:cf:a6:27:42: + cd:99:17:b9:69:40:1d:df:99:f6:f8:c4:61:cc:4a:a1:f0:38: + ce:4e:c4:27:f6:8f:d2:ae:74:5f:39:93:66:77:55:b2:25:8d: + 7e:7f:7d:b4:2b:f1:ee:83:9e:7b:f5:31:3f:d7:27:53:e6:21: + bd:69:a5:ca:0e:d8:6e:54:67:56:bf:f3:ec:e8:e1:aa:a4:76: + fa:0d:42:d4:7d:26:bd:f5:e5:25:ee:81:c4:ed:59:eb:0a:54: + d3:c9:18:30 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -256,22 +256,22 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l -HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN -bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np -uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch -gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY -MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAWb6PN9t6HHIb4tLjm4NwRL/O78Vc07BpZ +ioFjQAHfUySnULBtPSkqQecIcQ83SxC1la6ggbq6tT5ySL5rnr40Ow0V+I+dJGgB +DNRKDYbVs3G21o5xRBZ+49u6fQ5fsy/iYPn/vJGmrjy6MOT1Vb8ecgvMXrR+Hwmq +tFK9jCw30A2CtOz/wc+RokMkuLTArPIp64QdSe+kj2WzBgEvI8+mJ0LNmRe5aUAd +35n2+MRhzEqh8DjOTsQn9o/SrnRfOZNmd1WyJY1+f320K/Hug5579TE/1ydT5iG9 +aaXKDthuVGdWv/Ps6OGqpHb6DULUfSa99eUl7oHE7VnrClTTyRgw -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -308,28 +308,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: - 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: - eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: - 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: - 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: - 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: - 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: - 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: - 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: - fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: - df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: - e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: - 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: - 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: - 7e:4b:ec:a0 + Signature Algorithm: sha256WithRSAEncryption + 2a:35:ca:d5:dd:97:31:4d:29:21:90:67:ba:68:ef:2a:56:b0: + 08:0a:c5:a2:cc:30:11:71:59:1b:59:2b:ca:c4:cc:22:52:d7: + f3:a7:d2:14:c5:fc:e4:c5:6f:9d:45:ce:7f:d0:dd:ec:5f:6b: + c3:d1:78:7a:29:bb:73:98:b6:15:9b:41:37:7a:50:b3:04:1d: + 72:90:9b:e9:f2:4b:68:f3:60:e9:bb:34:6e:2a:6c:6c:50:a6: + 38:ac:61:bc:ca:25:23:f5:f5:70:3a:8a:33:94:cf:97:1c:5c: + a3:76:b0:7b:88:35:8a:6e:18:44:01:e6:80:23:e9:14:ea:66: + 56:34:9a:0b:ca:1a:37:c8:e7:00:03:39:7d:73:e5:13:cb:be: + 9e:df:c6:87:c3:24:a7:7f:39:1d:cc:ca:1f:e7:14:38:fe:3d: + 06:7a:2f:95:f3:9a:79:49:e9:9c:f3:72:e5:b4:b5:fb:87:13: + 83:4f:9f:76:2f:41:8f:a4:55:1d:e4:74:2f:0a:0f:cd:ee:a8: + 50:06:1e:a7:9e:25:9f:f3:9d:b2:c1:44:de:c5:44:3e:42:64: + e1:75:16:33:56:a7:93:68:bb:fa:96:46:33:de:58:c1:81:42: + ca:1c:28:4f:09:71:db:60:e1:88:ac:d6:0d:37:3a:63:8d:50: + b7:35:2d:e5 -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -345,22 +345,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts -wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX -CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg -GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z -UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 -CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +AQELBQADggEBACo1ytXdlzFNKSGQZ7po7ypWsAgKxaLMMBFxWRtZK8rEzCJS1/On +0hTF/OTFb51Fzn/Q3exfa8PReHopu3OYthWbQTd6ULMEHXKQm+nyS2jzYOm7NG4q +bGxQpjisYbzKJSP19XA6ijOUz5ccXKN2sHuINYpuGEQB5oAj6RTqZlY0mgvKGjfI +5wADOX1z5RPLvp7fxofDJKd/OR3Myh/nFDj+PQZ6L5XzmnlJ6ZzzcuW0tfuHE4NP +n3YvQY+kVR3kdC8KD83uqFAGHqeeJZ/znbLBRN7FRD5CZOF1FjNWp5Nou/qWRjPe +WMGBQsocKE8Jcdtg4Yis1g03OmONULc1LeU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -397,28 +397,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: - 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: - fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: - be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: - 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: - 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: - 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: - 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: - 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: - c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: - 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: - 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: - b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: - e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: - 0f:90:4c:f8 + Signature Algorithm: sha256WithRSAEncryption + 61:c0:d8:c4:02:cd:b4:54:d3:44:e9:06:78:0b:a2:16:b5:4a: + b6:b5:09:f1:d1:fc:9f:be:e5:12:0b:6c:61:8d:66:3f:ce:8f: + 95:98:24:ea:d2:99:3a:4f:89:e3:2d:a9:f7:69:cb:05:9e:90: + af:5a:f1:93:ac:ee:fe:78:f8:e3:22:fa:69:7f:e4:71:1d:c9: + 1e:ac:61:81:8d:93:33:bc:b2:e4:67:75:97:9d:af:0a:db:ab: + 24:3f:8d:1d:16:c6:05:c6:89:a7:5f:cf:2d:73:39:de:8f:40: + 94:4b:7a:a4:ea:35:1e:70:ce:3a:f5:75:76:e5:ab:e4:8a:9a: + a4:a1:ec:49:59:3d:b7:23:fa:3c:af:dd:09:d7:aa:47:60:11: + 07:07:f4:8b:a1:40:b2:d9:bb:0f:88:b8:d1:a5:e2:88:22:76: + 8b:45:d6:96:2c:45:11:98:04:85:22:99:1f:49:a7:30:b0:b0: + 74:c3:ea:1a:a6:53:ed:c9:48:40:1a:d8:02:a8:fb:35:3a:f7: + 69:42:b2:75:dd:98:41:30:a9:e3:b1:ec:c6:66:f1:61:16:5b: + f6:e3:bc:31:8e:46:66:fa:39:34:66:cc:95:1d:69:15:12:41: + 16:ce:e6:a6:d4:4c:eb:f4:99:b4:6d:66:99:76:ae:5a:e8:24: + 92:a7:ef:45 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -433,11 +433,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt -Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP -sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM -MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl -zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni -nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBhwNjEAs20VNNE6QZ4C6IWtUq2tQnx0fyfvuUSC2xhjWY/zo+VmCTq0pk6 +T4njLan3acsFnpCvWvGTrO7+ePjjIvppf+RxHckerGGBjZMzvLLkZ3WXna8K26sk +P40dFsYFxomnX88tcznej0CUS3qk6jUecM469XV25avkipqkoexJWT23I/o8r90J +16pHYBEHB/SLoUCy2bsPiLjRpeKIInaLRdaWLEURmASFIpkfSacwsLB0w+oaplPt +yUhAGtgCqPs1OvdpQrJ13ZhBMKnjsezGZvFhFlv247wxjkZm+jk0ZsyVHWkVEkEW +zuam1Ezr9Jm0bWaZdq5a6CSSp+9F -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-entity.pem b/certs/test-pathlen/chainH-entity.pem index 54339c4ab..b125341e5 100644 --- a/certs/test-pathlen/chainH-entity.pem +++ b/certs/test-pathlen/chainH-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: - d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: - 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: - fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: - 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: - 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: - d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: - 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: - e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: - 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: - d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: - cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: - c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: - 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: - 86:2f:da:d9 + Signature Algorithm: sha256WithRSAEncryption + bc:fc:a7:c3:c9:a4:57:9e:37:9d:f7:71:eb:5b:7c:a2:1a:0d: + 24:97:12:92:18:fd:0f:5e:5b:f9:27:c9:98:2c:9a:06:bd:77: + 85:63:3c:a4:ed:90:92:3a:79:41:82:c3:54:66:f6:c6:a0:d3: + ba:a3:19:93:d9:5f:54:90:fc:2b:37:d1:96:88:ba:be:e1:71: + 8c:a2:24:d7:ce:d8:7c:5e:87:9f:4f:f2:52:51:1c:82:5b:2c: + 8b:b4:5d:7e:d6:03:95:a0:e9:29:68:5e:76:18:2b:93:6f:a1: + 58:a6:f6:35:8b:37:b9:6b:82:5d:3a:8c:bc:a6:bd:18:ca:2f: + ea:0c:4d:36:7a:58:80:52:9c:b3:fa:a4:2b:0e:97:e6:0f:fc: + 41:62:6d:45:19:15:6d:3e:16:e5:bc:81:ce:c0:34:d3:b5:d4: + 0c:54:a5:62:a6:55:57:ad:e8:6f:94:58:cb:31:ff:0f:1c:13: + 63:82:91:1f:a3:68:f5:9f:9c:d9:dd:54:e0:d0:36:ea:ad:2a: + 9d:4e:66:be:c7:2f:1a:16:70:be:b4:1b:c5:2d:b2:1b:0c:87: + 64:10:4d:db:8b:79:5b:2e:10:a4:95:25:7b:be:b2:21:26:47: + e9:d2:74:c8:34:b1:e3:7b:73:8c:93:7a:82:ce:50:d4:46:34: + ab:11:71:c0 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg -6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN -svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb -i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS -si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC -8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva -Cy5boaUAb4Yv2tk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBALz8p8PJ +pFeeN533cetbfKIaDSSXEpIY/Q9eW/knyZgsmga9d4VjPKTtkJI6eUGCw1Rm9sag +07qjGZPZX1SQ/Cs30ZaIur7hcYyiJNfO2Hxeh59P8lJRHIJbLIu0XX7WA5Wg6Slo +XnYYK5NvoVim9jWLN7lrgl06jLymvRjKL+oMTTZ6WIBSnLP6pCsOl+YP/EFibUUZ +FW0+FuW8gc7ANNO11AxUpWKmVVet6G+UWMsx/w8cE2OCkR+jaPWfnNndVODQNuqt +Kp1OZr7HLxoWcL60G8UtshsMh2QQTduLeVsuEKSVJXu+siEmR+nSdMg0seN7c4yT +eoLOUNRGNKsRccA= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA1-key.pem b/certs/test-pathlen/chainI-ICA1-key.pem new file mode 100644 index 000000000..6b05b9f49 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEAu7oGrRPP2vvRy2X+JlhJagEUpniyLB26utC9JzhmfKAbKAg8 +av34h75Jou048kywi5P/0sU/zQPFFHnodmN6qqdUHg4nvRu+6D8rVUDwWSPYP+gF +Ggtx8P0k2fkLmSXar5Y07uGRy/yPoEGPnOFPV1+21lVpb8NkwxGpaUCF3/OaWbXu +kMAi7nIoLtPaZSc7ukLAnnO6ovJFE3rFHTClt9t1XW/MCHeAZ40YKsoCjY7TnCr6 +t48bfe9id6T6tthaPmacPhNFqM9h+/9BRRQh4mOsgU1liePVcSABGXbspBam7zy8 +8qJWKwcxZw3ll4jo28tNmMuZ5uC9YkgrsQQSBwIDAQABAoIBAQCiKVvC/q46l/Tu +IricHv+r1iskcnZWrYe0AMSksI+3cAaFWjf2pFSfzbyGRS1AAQcwSzRduY4XZv5D +ZdttCRnZeJmtLMUfEmyi6o5gIqx8E/6llaNykBho+ANxVzSxooV5z+MBx1DOSOk4 +oemQtwB2lXO3Sii+JqdP6l3RUa9Td/khmGLGCo0/8Htlw5a+lWYRzkGK4DbTxFxM +V6Nk58ZjWv/rM4rsRlStfvhNlKKP74tTromI37/Znx3QH1FugZ5u3fd1LDCLsxLU +d684plIKNZE6QiG7zQ+viyviFEvJ6PPo3Tc/x8bAQ/SS23e9obRzqqU4nRbXfSrU +rnHNrWlBAoGBAPlzL3Od/5/3GKvx7EJGU1v46kIxJwog8zGHvTSloz5b18+UVHBo +3YuyfDlq7OL61H+2+wE05o9uo/FrZi7VS2XK/Qofv39hAVxlz/BiigEcggSzLXs9 +k9QFqXBvJ/TylmVU25GPisF2mP2tKKbL6P98J6jGKo2cEF24tM1gLq6fAoGBAMCn +7xBKSsed/J/TM+fFM2TeZMKvo3fbLJFFy1k95DYgsoIIncyaJrZy9KmomSp6SAhh +lqeqKCeqOTF9asLrUotbbQPcJQucyLqKnX3Zq2E338JALDJxSjg97DG3KxKLS7PI +3Fk3uK35PkPUctOjC/Ep0DVwosAxePrZcuzilyuZAoGBAJ5rdaZSoGZiEgwZHzdT +3FrbsUKKXsXC+U/qadIGo67VuzA8fofJQXIXz2bTrk/UhqH5fl1c0FQlKv8GeyWh +Fjo2eQ817HMkEy4wBqgenJBqH3SGqorLJ5gOZHZgUZrxeWwvQSanZ7LH9A+fKeMM +OxQOME2yVJIMnCQ5SrHntJ33AoGBAKWQbImCXwt3gT/U4JmAxm8cFFmfWYtKRt29 +rkjOQI4nwWCwiPPpUfWfixU2eBKiLb9OJouGVqXnyuj2EEbctv5eHqyfhxKYtYRi +VYBvDLIqs1gbkB/1bkQxKwd6k0CHhxJFPuBJW6PfO5xNOjUYvM2PEoiqeKNUoNRr +BTIAdMuZAoGBAMlyqDi5jbcZ53PE9PrwSepUOaOVIKlCAUwQlol+aAtlGGQksYM0 +HPoYXZsx+XzHBtXed5E+OvOY6zxfgtkal03RrleUQo7rJArL3cxOunPODzjemEJq +qysAp0Dnk+PenIabUfv9McAFQ9Sr8WG4K6xZTgedeTU194ZQw2BJeq8E +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA1-no_pathlen.pem b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem new file mode 100644 index 000000000..0013267db --- /dev/null +++ b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: + 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: + 66:7c:a0:1b:28:08:3c:6a:fd:f8:87:be:49:a2:ed: + 38:f2:4c:b0:8b:93:ff:d2:c5:3f:cd:03:c5:14:79: + e8:76:63:7a:aa:a7:54:1e:0e:27:bd:1b:be:e8:3f: + 2b:55:40:f0:59:23:d8:3f:e8:05:1a:0b:71:f0:fd: + 24:d9:f9:0b:99:25:da:af:96:34:ee:e1:91:cb:fc: + 8f:a0:41:8f:9c:e1:4f:57:5f:b6:d6:55:69:6f:c3: + 64:c3:11:a9:69:40:85:df:f3:9a:59:b5:ee:90:c0: + 22:ee:72:28:2e:d3:da:65:27:3b:ba:42:c0:9e:73: + ba:a2:f2:45:13:7a:c5:1d:30:a5:b7:db:75:5d:6f: + cc:08:77:80:67:8d:18:2a:ca:02:8d:8e:d3:9c:2a: + fa:b7:8f:1b:7d:ef:62:77:a4:fa:b6:d8:5a:3e:66: + 9c:3e:13:45:a8:cf:61:fb:ff:41:45:14:21:e2:63: + ac:81:4d:65:89:e3:d5:71:20:01:19:76:ec:a4:16: + a6:ef:3c:bc:f2:a2:56:2b:07:31:67:0d:e5:97:88: + e8:db:cb:4d:98:cb:99:e6:e0:bd:62:48:2b:b1:04: + 12:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + X509v3 Authority Key Identifier: + keyid:D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + b3:b8:b9:c2:44:3a:36:0a:cf:fd:da:80:8c:81:54:c1:cd:a6: + 52:a8:60:b1:f8:fd:62:01:fc:d9:85:89:15:9a:df:45:f0:68: + 3e:bb:fe:f3:94:dc:1c:69:3c:7c:47:df:04:0c:7b:2f:4f:3f: + 56:58:9a:fa:1a:4c:16:21:cf:f2:21:a5:f9:d9:49:1b:69:b4: + 4d:df:d0:c2:d7:2c:fa:0f:23:d6:45:61:12:cd:2a:5a:06:db: + 22:6f:99:7a:a0:fc:17:ba:05:bc:02:79:db:f8:cd:ec:a0:98: + 7c:7f:6b:d6:ca:5c:cd:07:89:b6:0d:3e:0b:d3:d7:7f:7c:6b: + 73:7b:b9:28:69:d2:5f:27:1c:13:60:a0:50:23:16:00:d1:cb: + 7a:1d:62:7c:a1:c2:63:1d:c9:0b:0f:d7:5c:91:af:7a:5b:93: + 7e:e5:12:36:f0:3b:fa:59:7b:a8:88:f7:bf:11:19:4b:6a:81: + 61:77:54:61:a3:73:b6:54:64:92:49:22:c9:6a:19:73:33:6d: + 01:4c:5a:9c:0a:fa:ce:a1:34:50:b1:54:de:0b:7b:ce:fe:e0: + 00:fa:8e:7f:48:36:58:ed:98:42:ce:8d:a4:a0:67:c9:88:1c: + 7f:58:df:fb:62:0f:ee:4b:7d:5a:c7:52:2f:9f:2d:13:13:0b: + 72:bd:a0:2e +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ugat +E8/a+9HLZf4mWElqARSmeLIsHbq60L0nOGZ8oBsoCDxq/fiHvkmi7TjyTLCLk//S +xT/NA8UUeeh2Y3qqp1QeDie9G77oPytVQPBZI9g/6AUaC3Hw/STZ+QuZJdqvljTu +4ZHL/I+gQY+c4U9XX7bWVWlvw2TDEalpQIXf85pZte6QwCLucigu09plJzu6QsCe +c7qi8kUTesUdMKW323Vdb8wId4BnjRgqygKNjtOcKvq3jxt972J3pPq22Fo+Zpw+ +E0Woz2H7/0FFFCHiY6yBTWWJ49VxIAEZduykFqbvPLzyolYrBzFnDeWXiOjby02Y +y5nm4L1iSCuxBBIHAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUnlS2leqJB6bJ5ILo +0DRkXQjNVqAwgc4GA1UdIwSBxjCBw4AU0br7/x0pQYpqX7Lzp0EFRwkfSEKhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAs7i5wkQ6NgrP/dqAjIFUwc2mUqhgsfj9 +YgH82YWJFZrfRfBoPrv+85TcHGk8fEffBAx7L08/Vlia+hpMFiHP8iGl+dlJG2m0 +Td/Qwtcs+g8j1kVhEs0qWgbbIm+ZeqD8F7oFvAJ52/jN7KCYfH9r1spczQeJtg0+ +C9PXf3xrc3u5KGnSXyccE2CgUCMWANHLeh1ifKHCYx3JCw/XXJGveluTfuUSNvA7 ++ll7qIj3vxEZS2qBYXdUYaNztlRkkkkiyWoZczNtAUxanAr6zqE0ULFU3gt7zv7g +APqOf0g2WO2YQs6NpKBnyYgcf1jf+2IP7kt9WsdSL58tExMLcr2gLg== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA2-key.pem b/certs/test-pathlen/chainI-ICA2-key.pem new file mode 100644 index 000000000..1e7788141 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEoQIBAAKCAQEA3h4IZhL+IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1z +KxbpBelMG4KtR50zMFO1m9It6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIH +ItV7Zxg4xPzqjQmAoLBEM/3BqoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dC +UqCssjg4jROW2db6j8SJFAacHwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqa +YLwU7c9NQvxcKOpC0a7McX5SXYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdb +VDgJLPBdhgw0t5IzXD4ZsU2gYpu0aDY2OOwpswIDAQABAoH/VQcqL+kVXy1U/T6z +tKWqcOcsvdUKLKupl9lop+5IDVGndXIQpG4gxiKI//8GVmPXNKjW3M+Yw8ikSZ7h +j2jUJ2MKRHWNGBgRysmTiCtde4iAKo0cLjmLA+xBzycCovsAQoM3mK+Lc73+NIjq +y+fHcPoXup+OkPeH9fktQ/w5kyonK0Qz7nyb6P9FjFG/f3+WbTaA1FgchELqX00g +bA6nMHEnhm9MoKKsVZbZKG9gIUCtejrd+YaOBHHWVG47QQI+iFCDrSk2dn8CJq8j +8w1VD2QkBSWeW1K5QTbQyOwShYKfmpPthy2LAAfC5TNSpeEBRf2uwzi9Vzqa89cX +UPMBAoGBAPQWwv283d72JaGOEQ+AL32Q5KEydtrzMLzBSHRrb2NhEvq4tev6/Ihl +jklZ+KuPkxtV/dI0bz/x7JikbQvT3a76zqwv2LbpYJdz8CLqh52dOAhfdkYOCapP +2FnlHcwWt35kXC11Srb1jnJ40VNxDq3DNYNgGQohrEjVCMNfrb7BAoGBAOj0y3Wz +TnPhrDzBYmh6+D5/ZVBCnPhkWMV4yYimidAWE0TB7DvEKqQ7gbHmpiOzaWefoRs6 +8qHu02l0EHW6TJUJqSWBMFiEkwnZStEKAw2LCqjLW/xFH/7Yw6Hkpb7Fp9kumh3r +tkdNZSdT3ETvyFjKrUX7QFYXOLQ+bAdWhrlzAoGAPnZwscQaNwtgd+ZGIWRZQtXI +XCPw3HjtWPBRXVF88L6Pv89y5o+U/kaW0diPVT/pkk5AJQG8Em4TcMBrE2LFURjn +uJKJ78zrJfbKVfUUfVYVV7cuKiE/gfDq2Z5TML4DePmvyQZB924BZPPcBXFiIz9Y +O2VlIv2Y/A5gLrcWXEECgYBTReZRDaaWr+4EzdAirwp8NMf/l8BK3nwJIvNPwNB0 +rN94baXHe4kOqiLjeCKdkm20WBCcDkdbcWbrREz5+H2VrR1kxbiFe+af16fx75VF +yxUlX4RjOkaEr/HGtlg1SKyGay02UuMWu+jT1RthHSHN861a3cSSwbxIWiP9v4Vr +VwKBgQDkjIEnH1yzKsAIdxa4Nb3OG3vBIplB3d/PaRzCXNfcrwIj58KcEDKGOSlj +LKcH42K2wJrpyRH+n87NH5Nt73fRLEQ7IBkb4gA918BPMp6Q5OU99CBld5WO3/F0 +LWDySahHuH4ymEeM45Y+1lZQjc4cQb9/Sbzi1fZsvTQRen3yWw== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA2-no_pathlen.pem b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem new file mode 100644 index 000000000..4e39c84b6 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: + 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: + 97:77:1e:94:51:3d:73:2b:16:e9:05:e9:4c:1b:82: + ad:47:9d:33:30:53:b5:9b:d2:2d:e9:7b:d6:63:f3: + 61:20:1b:23:6e:47:09:8b:c0:d5:09:85:a6:e2:e4: + 3a:4d:b3:f9:dd:c6:7c:9a:42:07:22:d5:7b:67:18: + 38:c4:fc:ea:8d:09:80:a0:b0:44:33:fd:c1:aa:8b: + 9c:98:e3:95:c3:74:71:3b:71:b8:b3:80:bf:30:63: + 85:09:27:8b:12:b5:86:b0:0b:99:ff:97:42:52:a0: + ac:b2:38:38:8d:13:96:d9:d6:fa:8f:c4:89:14:06: + 9c:1f:0a:a3:3a:a2:f7:1f:83:d8:ae:41:44:9e:21: + b2:5b:b7:a2:19:e9:46:58:de:e5:a2:ab:07:7a:9a: + 9a:60:bc:14:ed:cf:4d:42:fc:5c:28:ea:42:d1:ae: + cc:71:7e:52:5d:84:88:de:b6:7d:72:6e:ab:73:4b: + 0d:ab:92:9f:11:b4:51:da:14:54:9a:0e:ec:ac:42: + fc:71:87:5b:54:38:09:2c:f0:5d:86:0c:34:b7:92: + 33:5c:3e:19:b1:4d:a0:62:9b:b4:68:36:36:38:ec: + 29:b3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + X509v3 Authority Key Identifier: + keyid:EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 8f:9b:f7:bd:1a:90:58:f0:ab:0f:1d:45:b2:29:10:66:2d:cc: + 96:d6:3c:f4:3c:a8:49:e2:cf:db:17:16:8c:e8:76:de:79:c9: + 42:10:a7:ad:b7:c3:c2:82:93:6b:19:3e:56:af:be:c8:d7:dd: + ee:87:1d:5f:1d:ad:6a:02:8d:14:22:9f:54:58:d7:d8:16:79: + 64:4d:eb:55:88:74:74:f6:59:2c:40:9f:d0:f4:a8:36:ea:c9: + 4f:9c:2b:3a:72:5f:20:2d:25:b3:b2:fb:c1:03:11:ab:57:57: + d0:55:13:b9:f5:10:09:9e:56:a2:0d:95:3c:16:3e:59:f3:71: + 60:50:06:53:45:ff:0f:e2:f8:61:5b:d2:fc:0a:65:59:dc:ee: + 6f:c6:26:c4:7d:27:69:4d:76:55:2f:07:01:3f:30:ea:17:3d: + bb:8a:f0:df:ae:c8:47:70:0e:b4:28:c9:e9:7b:8c:8a:22:a0: + ea:32:9b:f8:1e:35:a4:f0:a5:09:81:dc:9a:a4:d1:63:34:9e: + 3c:32:2f:f3:b1:f0:43:3b:f1:31:9b:8b:99:bf:c2:b4:eb:78: + 39:a3:e7:d8:2c:e6:6c:f2:8b:2f:21:83:c3:28:1b:77:f3:75: + 9b:79:f7:f0:73:a0:a2:47:af:93:32:0b:d2:88:04:14:3a:cd: + 48:7f:58:32 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h4IZhL+ +IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1zKxbpBelMG4KtR50zMFO1m9It +6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIHItV7Zxg4xPzqjQmAoLBEM/3B +qoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dCUqCssjg4jROW2db6j8SJFAac +HwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqaYLwU7c9NQvxcKOpC0a7McX5S +XYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdbVDgJLPBdhgw0t5IzXD4ZsU2g +Ypu0aDY2OOwpswIDAQABo4IBATCB/jAdBgNVHQ4EFgQU0br7/x0pQYpqX7Lzp0EF +RwkfSEIwgcEGA1UdIwSBuTCBtoAU7jem8kDQ7/0ix6O0bFdHQLmZ+Y2hgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCPm/e9GpBY8KsPHUWyKRBmLcyW1jz0PKhJ4s/bFxaM6HbeeclCEKet +t8PCgpNrGT5Wr77I193uhx1fHa1qAo0UIp9UWNfYFnlkTetViHR09lksQJ/Q9Kg2 +6slPnCs6cl8gLSWzsvvBAxGrV1fQVRO59RAJnlaiDZU8Fj5Z83FgUAZTRf8P4vhh +W9L8CmVZ3O5vxibEfSdpTXZVLwcBPzDqFz27ivDfrshHcA60KMnpe4yKIqDqMpv4 +HjWk8KUJgdyapNFjNJ48Mi/zsfBDO/Exm4uZv8K063g5o+fYLOZs8osvIYPDKBt3 +83Wbeffwc6CiR6+TMgvSiAQUOs1If1gy +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA3-key.pem b/certs/test-pathlen/chainI-ICA3-key.pem new file mode 100644 index 000000000..47df99a7f --- /dev/null +++ b/certs/test-pathlen/chainI-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO03F/Ikp3yB8BeBNPldBn8 +z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sHdTmJcCqcAOAubHx0Jxg0 +/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk5kkGYqQjCGBol4mpssCU +jk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbtRsZw+zShKByCscKrpsHw +Ext9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6Ei6dDcmw70DRpAJeUuj7 +1JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQABAoIBAFDLI9VC/UFYgX0c +b18rWGP97fDpOsINIKNtsuHDdXkYluK9IyzBmMa0h9hq3rkDaGytPsEse8M6pKfV +aFFWxgiUEXiiubqoaadQiOu5Z6MdUrRy4YrH24iBIpXgh3JCdJ/ynFBPpWV2cafd +4vt4Oxq6R3XBRZfbH3nUE6lw327Wqox7I/t4rYdAVTnyCcSo3MX35K37/xnplLos +ehyeDMJok+C/y2+jeICs/A89FcTAA6JrNqznE5ZWNBORSKOMJQcscNHWBGZ5vmpH +jW8WPpMPhtA4q26fz/XI2BwrHRKwsEKsVyULd3bfAEBLQbktuwMMylWsnrw/wzRN +aD+dbwECgYEA8ZJb0syBWlJD1/+p+1wgtteJ9RSZyXFHLRDglAYUKjVoZqhczSP2 +M/wkkTk71gI54lQBejNAKU+eH+IAsXCQDx3ePxlAlu3JSMaXd8KzgZwBd2rr3iNJ +grAUoYj9sr237oi2Lyc+vKMS+IUrbkYZKbAtn/D6bp5GkxWscmWt7UcCgYEAwzak +4J7ZsFWeuomlRfR/FNMidGUBc+J/7wo3NXwTH3PPZisrPv38smD7bc1zi/c7MS7+ +ptJpHApnjqqXf85vBHmH2hkyuIAJ+UYuNs29iAcvu1E9XmE4wz/GdrzxvhdCW/PW +qFPQAsNCYB/NQi0YQSwABkEIDPTq1F11aXV1TdECgYBcHD9w8FN+OhHuYWjSFD3R +Gfxbe8Br5AqMr3vCVVMJCRZG1nmUKtss1T6oNReQsYaauwdZLgOP/PDBHW7AObhk +WzIsAxfytLZkTnzgyFej2vVgMF/BctkLwNINCewaZGamyHAXKLKuQMvyAO0ffhEI +KUosSzliRm2IleIMOKMJ7wKBgQCJWML8fwcud68sE3hDFdjrr/lH52D0ReI5LvjV +Gqzhrju36JuOwGiwoGeGQ80OJy5wVl44xUXKws9Fo2TgOUAG5/LbUmtLQFrEFcqi +KHM3Z8b/hhMlekXTqeVa2WlEk1zPEWpwGDf8GaFzvCxQaSXthKWnwM2HQDKQpAjd +4BReYQKBgQCmJllIBUfS61JNstfV++kK3aEP7heGeUdYmFu255DK6UlsDmDx1TJ3 +NacApBE5y/xUEg7hZB3gBpn2PFZO6uVEJX+vrIoOzsOXMQSgWbeCOTe3BLZn+mF3 +tpfeW+xALGvvEajlv1/xUd2o/9DmgEIIIQWKPOKVjb6H5B1WnHa19Q== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA3-pathlen2.pem b/certs/test-pathlen/chainI-ICA3-pathlen2.pem new file mode 100644 index 000000000..44e10332d --- /dev/null +++ b/certs/test-pathlen/chainI-ICA3-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: + be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: + 5e:04:d3:e5:74:19:fc:cf:85:7f:f7:91:8c:d5:58: + 7c:02:4c:88:f1:4d:43:e3:07:bd:2a:4e:df:51:87: + 29:74:c5:24:67:1d:f1:6f:8b:07:75:39:89:70:2a: + 9c:00:e0:2e:6c:7c:74:27:18:34:fd:29:98:43:83: + d6:e1:51:b3:13:41:1c:bc:29:dc:8b:2f:93:08:95: + 8b:90:22:4b:e4:98:f5:d6:70:2a:9b:8b:64:e6:49: + 06:62:a4:23:08:60:68:97:89:a9:b2:c0:94:8e:4f: + 39:1c:25:3b:0f:e4:c5:1d:7d:89:89:5e:c6:02:69: + 68:fc:13:55:b5:80:6b:77:f7:59:57:0b:1c:7e:c6: + ed:46:c6:70:fb:34:a1:28:1c:82:b1:c2:ab:a6:c1: + f0:13:1b:7d:0b:bc:1a:39:23:3c:e7:1d:ee:c8:ee: + 2f:69:5f:a1:31:3f:1a:2f:98:5d:53:d7:42:93:db: + 49:ac:d6:7a:12:2e:9d:0d:c9:b0:ef:40:d1:a4:02: + 5e:52:e8:fb:d4:92:07:98:b1:76:d9:16:0f:e4:8b: + de:dc:88:65:e0:fd:52:1d:8b:e2:e3:ed:08:37:d0: + 11:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5a:8e:b7:fa:c9:b8:f9:a7:1e:fd:16:5b:75:4d:5e:b6:f2:6e: + c0:48:f3:7f:3e:61:59:25:64:8e:6a:e5:19:fb:03:20:93:de: + 0c:d9:88:68:e6:c3:9c:ad:b8:b1:08:a4:74:ef:e7:5c:1e:ea: + 3b:9f:0a:64:40:74:ff:d8:9d:14:38:d8:c7:68:f4:8c:b2:76: + cb:77:40:c4:55:23:b6:42:4c:82:16:47:a4:97:31:12:f0:ac: + e8:b9:aa:72:d8:e7:e5:5f:6c:92:0e:07:d7:9f:df:4b:53:85: + e5:d3:8b:74:ad:b3:58:09:d0:cf:2f:66:a3:28:8c:86:3a:5a: + c8:39:f5:03:35:42:72:8b:b8:fc:28:51:37:b0:31:f6:29:c4: + ab:f3:4f:ff:42:de:48:6d:bd:94:cd:3c:5a:bf:f3:a5:d2:13: + 2c:7b:81:d8:0d:2f:f0:49:bf:c2:07:25:a5:2a:ae:3c:9f:4a: + 3e:74:03:70:36:a9:67:68:1a:e8:72:18:2d:79:7e:65:2c:95: + 3a:5c:9d:46:50:d0:9a:fd:c1:7a:6d:cd:d6:6c:83:f2:cb:aa: + 19:c2:03:7c:2e:95:30:40:88:25:47:3c:d2:7a:ad:ac:a1:12: + 25:42:17:d0:17:00:53:4b:32:ae:70:a4:08:7b:9b:fc:bc:93: + 08:e6:b1:7a +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO0 +3F/Ikp3yB8BeBNPldBn8z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sH +dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk +5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt +RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 +Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBajrf6ybj5px79Flt1TV628m7ASPN/PmFZJWSOauUZ+wMgk94M2Yho5sOc +rbixCKR07+dcHuo7nwpkQHT/2J0UONjHaPSMsnbLd0DEVSO2QkyCFkeklzES8Kzo +uapy2OflX2ySDgfXn99LU4Xl04t0rbNYCdDPL2ajKIyGOlrIOfUDNUJyi7j8KFE3 +sDH2KcSr80//Qt5Ibb2UzTxav/Ol0hMse4HYDS/wSb/CByWlKq48n0o+dANwNqln +aBrochgteX5lLJU6XJ1GUNCa/cF6bc3WbIPyy6oZwgN8LpUwQIglRzzSeq2soRIl +QhfQFwBTSzKucKQIe5v8vJMI5rF6 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-assembled.pem b/certs/test-pathlen/chainI-assembled.pem new file mode 100644 index 000000000..baf1cdcf0 --- /dev/null +++ b/certs/test-pathlen/chainI-assembled.pem @@ -0,0 +1,354 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: + e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: + cf:c8:f1:8a:f6:55:1e:59:fa:97:fe:e7:9b:07:2a: + b6:80:2a:92:d9:39:95:9e:0c:1f:d7:ad:1f:74:4d: + 8e:61:6f:64:24:4c:d4:95:03:8f:d3:f2:3d:6e:d8: + d8:d5:aa:64:7d:82:ee:74:07:16:68:fa:95:17:9b: + 35:8f:c3:6c:47:88:3e:40:de:93:36:ed:62:f4:cc: + 67:45:ee:ea:45:9f:fc:f1:63:6d:b7:fa:f8:c3:e0: + 6f:c7:4a:3e:04:49:04:37:8b:3a:99:e8:64:0a:86: + 43:ab:5b:34:1e:6c:33:a2:a4:26:7c:c7:6c:48:99: + 7d:85:f5:1f:c1:9c:a9:c7:8f:51:6b:8a:86:8d:1c: + b0:d2:82:ba:a4:a7:09:29:8b:0a:20:d1:7c:b1:67: + 0c:61:cd:88:33:5e:38:ab:08:78:0b:80:0b:ce:63: + 03:b9:40:7b:67:3e:a8:ac:4e:44:92:09:4c:3f:e0: + 3d:55:cb:aa:5a:bc:17:9c:4e:9e:40:5c:82:fc:3b: + 3a:54:40:90:f9:22:3c:f4:00:5f:95:13:72:49:29: + ae:5f:31:22:30:04:05:6a:7b:b5:0a:0a:a6:5e:72: + 4d:5f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EB:B5:A2:7B:24:95:03:11:6B:56:CB:13:3E:A8:B2:8F:B1:CF:5D:C4 + X509v3 Authority Key Identifier: + keyid:9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 78:f3:ac:4b:db:c6:63:c3:f5:67:97:b8:99:f4:72:6f:b2:07: + 3b:99:ce:85:e7:5c:59:c1:80:bf:06:92:a8:34:be:1b:74:d1: + 61:b6:75:07:18:0e:2e:77:7f:77:c7:e9:5d:cc:1e:7b:b5:04: + 95:5b:99:a1:15:2e:b6:2b:67:13:09:0f:b7:6e:62:04:dd:01: + 27:fd:18:f3:d9:b2:d7:8f:6e:bb:b3:1d:57:76:91:42:dd:78: + 77:22:b3:ed:79:10:63:94:40:c5:88:09:bb:bf:fd:fe:6e:60: + 23:53:30:8e:11:e2:b7:3d:39:24:96:f2:86:cc:59:eb:83:07: + ad:7a:2e:85:63:be:70:15:92:f8:f2:2b:f1:6f:5f:c2:4d:3a: + 7d:c6:b9:9d:c4:82:6a:fe:b2:7e:ec:5d:eb:b3:ba:82:09:04: + f9:7e:47:37:a9:8a:e2:2a:4f:30:7d:b7:dd:1f:c2:f4:db:61: + f3:b1:81:5d:10:8c:41:22:76:93:5b:a3:b9:b2:69:85:88:3a: + eb:ae:42:0f:16:e7:2f:f3:cd:03:4c:08:65:90:a9:4f:dd:89: + 23:d7:56:bd:e9:d7:cf:9f:bf:0f:a2:11:5b:e1:89:2c:d4:76: + 16:1f:83:5c:e9:8c:f6:93:7c:b5:f2:f1:ef:d3:07:35:2f:93: + 33:16:9c:63 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzrDKPUq+pz54jpJaO +6egKOrdqe7pwhWjiUvM4Oc/I8Yr2VR5Z+pf+55sHKraAKpLZOZWeDB/XrR90TY5h +b2QkTNSVA4/T8j1u2NjVqmR9gu50BxZo+pUXmzWPw2xHiD5A3pM27WL0zGdF7upF +n/zxY223+vjD4G/HSj4ESQQ3izqZ6GQKhkOrWzQebDOipCZ8x2xImX2F9R/BnKnH +j1FrioaNHLDSgrqkpwkpiwog0XyxZwxhzYgzXjirCHgLgAvOYwO5QHtnPqisTkSS +CUw/4D1Vy6pavBecTp5AXIL8OzpUQJD5Ijz0AF+VE3JJKa5fMSIwBAVqe7UKCqZe +ck1fAgMBAAGjggEAMIH9MB0GA1UdDgQWBBTrtaJ7JJUDEWtWyxM+qLKPsc9dxDCB +0AYDVR0jBIHIMIHFgBSeVLaV6okHpsnkgujQNGRdCM1WoKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +ePOsS9vGY8P1Z5e4mfRyb7IHO5nOhedcWcGAvwaSqDS+G3TRYbZ1BxgOLnd/d8fp +Xcwee7UElVuZoRUutitnEwkPt25iBN0BJ/0Y89my149uu7MdV3aRQt14dyKz7XkQ +Y5RAxYgJu7/9/m5gI1MwjhHitz05JJbyhsxZ64MHrXouhWO+cBWS+PIr8W9fwk06 +fca5ncSCav6yfuxd67O6ggkE+X5HN6mK4ipPMH233R/C9Nth87GBXRCMQSJ2k1uj +ubJphYg6665CDxbnL/PNA0wIZZCpT92JI9dWvenXz5+/D6IRW+GJLNR2Fh+DXOmM +9pN8tfLx79MHNS+TMxacYw== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: + 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: + 66:7c:a0:1b:28:08:3c:6a:fd:f8:87:be:49:a2:ed: + 38:f2:4c:b0:8b:93:ff:d2:c5:3f:cd:03:c5:14:79: + e8:76:63:7a:aa:a7:54:1e:0e:27:bd:1b:be:e8:3f: + 2b:55:40:f0:59:23:d8:3f:e8:05:1a:0b:71:f0:fd: + 24:d9:f9:0b:99:25:da:af:96:34:ee:e1:91:cb:fc: + 8f:a0:41:8f:9c:e1:4f:57:5f:b6:d6:55:69:6f:c3: + 64:c3:11:a9:69:40:85:df:f3:9a:59:b5:ee:90:c0: + 22:ee:72:28:2e:d3:da:65:27:3b:ba:42:c0:9e:73: + ba:a2:f2:45:13:7a:c5:1d:30:a5:b7:db:75:5d:6f: + cc:08:77:80:67:8d:18:2a:ca:02:8d:8e:d3:9c:2a: + fa:b7:8f:1b:7d:ef:62:77:a4:fa:b6:d8:5a:3e:66: + 9c:3e:13:45:a8:cf:61:fb:ff:41:45:14:21:e2:63: + ac:81:4d:65:89:e3:d5:71:20:01:19:76:ec:a4:16: + a6:ef:3c:bc:f2:a2:56:2b:07:31:67:0d:e5:97:88: + e8:db:cb:4d:98:cb:99:e6:e0:bd:62:48:2b:b1:04: + 12:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + X509v3 Authority Key Identifier: + keyid:D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + b3:b8:b9:c2:44:3a:36:0a:cf:fd:da:80:8c:81:54:c1:cd:a6: + 52:a8:60:b1:f8:fd:62:01:fc:d9:85:89:15:9a:df:45:f0:68: + 3e:bb:fe:f3:94:dc:1c:69:3c:7c:47:df:04:0c:7b:2f:4f:3f: + 56:58:9a:fa:1a:4c:16:21:cf:f2:21:a5:f9:d9:49:1b:69:b4: + 4d:df:d0:c2:d7:2c:fa:0f:23:d6:45:61:12:cd:2a:5a:06:db: + 22:6f:99:7a:a0:fc:17:ba:05:bc:02:79:db:f8:cd:ec:a0:98: + 7c:7f:6b:d6:ca:5c:cd:07:89:b6:0d:3e:0b:d3:d7:7f:7c:6b: + 73:7b:b9:28:69:d2:5f:27:1c:13:60:a0:50:23:16:00:d1:cb: + 7a:1d:62:7c:a1:c2:63:1d:c9:0b:0f:d7:5c:91:af:7a:5b:93: + 7e:e5:12:36:f0:3b:fa:59:7b:a8:88:f7:bf:11:19:4b:6a:81: + 61:77:54:61:a3:73:b6:54:64:92:49:22:c9:6a:19:73:33:6d: + 01:4c:5a:9c:0a:fa:ce:a1:34:50:b1:54:de:0b:7b:ce:fe:e0: + 00:fa:8e:7f:48:36:58:ed:98:42:ce:8d:a4:a0:67:c9:88:1c: + 7f:58:df:fb:62:0f:ee:4b:7d:5a:c7:52:2f:9f:2d:13:13:0b: + 72:bd:a0:2e +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ugat +E8/a+9HLZf4mWElqARSmeLIsHbq60L0nOGZ8oBsoCDxq/fiHvkmi7TjyTLCLk//S +xT/NA8UUeeh2Y3qqp1QeDie9G77oPytVQPBZI9g/6AUaC3Hw/STZ+QuZJdqvljTu +4ZHL/I+gQY+c4U9XX7bWVWlvw2TDEalpQIXf85pZte6QwCLucigu09plJzu6QsCe +c7qi8kUTesUdMKW323Vdb8wId4BnjRgqygKNjtOcKvq3jxt972J3pPq22Fo+Zpw+ +E0Woz2H7/0FFFCHiY6yBTWWJ49VxIAEZduykFqbvPLzyolYrBzFnDeWXiOjby02Y +y5nm4L1iSCuxBBIHAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUnlS2leqJB6bJ5ILo +0DRkXQjNVqAwgc4GA1UdIwSBxjCBw4AU0br7/x0pQYpqX7Lzp0EFRwkfSEKhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAs7i5wkQ6NgrP/dqAjIFUwc2mUqhgsfj9 +YgH82YWJFZrfRfBoPrv+85TcHGk8fEffBAx7L08/Vlia+hpMFiHP8iGl+dlJG2m0 +Td/Qwtcs+g8j1kVhEs0qWgbbIm+ZeqD8F7oFvAJ52/jN7KCYfH9r1spczQeJtg0+ +C9PXf3xrc3u5KGnSXyccE2CgUCMWANHLeh1ifKHCYx3JCw/XXJGveluTfuUSNvA7 ++ll7qIj3vxEZS2qBYXdUYaNztlRkkkkiyWoZczNtAUxanAr6zqE0ULFU3gt7zv7g +APqOf0g2WO2YQs6NpKBnyYgcf1jf+2IP7kt9WsdSL58tExMLcr2gLg== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: + 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: + 97:77:1e:94:51:3d:73:2b:16:e9:05:e9:4c:1b:82: + ad:47:9d:33:30:53:b5:9b:d2:2d:e9:7b:d6:63:f3: + 61:20:1b:23:6e:47:09:8b:c0:d5:09:85:a6:e2:e4: + 3a:4d:b3:f9:dd:c6:7c:9a:42:07:22:d5:7b:67:18: + 38:c4:fc:ea:8d:09:80:a0:b0:44:33:fd:c1:aa:8b: + 9c:98:e3:95:c3:74:71:3b:71:b8:b3:80:bf:30:63: + 85:09:27:8b:12:b5:86:b0:0b:99:ff:97:42:52:a0: + ac:b2:38:38:8d:13:96:d9:d6:fa:8f:c4:89:14:06: + 9c:1f:0a:a3:3a:a2:f7:1f:83:d8:ae:41:44:9e:21: + b2:5b:b7:a2:19:e9:46:58:de:e5:a2:ab:07:7a:9a: + 9a:60:bc:14:ed:cf:4d:42:fc:5c:28:ea:42:d1:ae: + cc:71:7e:52:5d:84:88:de:b6:7d:72:6e:ab:73:4b: + 0d:ab:92:9f:11:b4:51:da:14:54:9a:0e:ec:ac:42: + fc:71:87:5b:54:38:09:2c:f0:5d:86:0c:34:b7:92: + 33:5c:3e:19:b1:4d:a0:62:9b:b4:68:36:36:38:ec: + 29:b3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + X509v3 Authority Key Identifier: + keyid:EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 8f:9b:f7:bd:1a:90:58:f0:ab:0f:1d:45:b2:29:10:66:2d:cc: + 96:d6:3c:f4:3c:a8:49:e2:cf:db:17:16:8c:e8:76:de:79:c9: + 42:10:a7:ad:b7:c3:c2:82:93:6b:19:3e:56:af:be:c8:d7:dd: + ee:87:1d:5f:1d:ad:6a:02:8d:14:22:9f:54:58:d7:d8:16:79: + 64:4d:eb:55:88:74:74:f6:59:2c:40:9f:d0:f4:a8:36:ea:c9: + 4f:9c:2b:3a:72:5f:20:2d:25:b3:b2:fb:c1:03:11:ab:57:57: + d0:55:13:b9:f5:10:09:9e:56:a2:0d:95:3c:16:3e:59:f3:71: + 60:50:06:53:45:ff:0f:e2:f8:61:5b:d2:fc:0a:65:59:dc:ee: + 6f:c6:26:c4:7d:27:69:4d:76:55:2f:07:01:3f:30:ea:17:3d: + bb:8a:f0:df:ae:c8:47:70:0e:b4:28:c9:e9:7b:8c:8a:22:a0: + ea:32:9b:f8:1e:35:a4:f0:a5:09:81:dc:9a:a4:d1:63:34:9e: + 3c:32:2f:f3:b1:f0:43:3b:f1:31:9b:8b:99:bf:c2:b4:eb:78: + 39:a3:e7:d8:2c:e6:6c:f2:8b:2f:21:83:c3:28:1b:77:f3:75: + 9b:79:f7:f0:73:a0:a2:47:af:93:32:0b:d2:88:04:14:3a:cd: + 48:7f:58:32 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h4IZhL+ +IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1zKxbpBelMG4KtR50zMFO1m9It +6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIHItV7Zxg4xPzqjQmAoLBEM/3B +qoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dCUqCssjg4jROW2db6j8SJFAac +HwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqaYLwU7c9NQvxcKOpC0a7McX5S +XYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdbVDgJLPBdhgw0t5IzXD4ZsU2g +Ypu0aDY2OOwpswIDAQABo4IBATCB/jAdBgNVHQ4EFgQU0br7/x0pQYpqX7Lzp0EF +RwkfSEIwgcEGA1UdIwSBuTCBtoAU7jem8kDQ7/0ix6O0bFdHQLmZ+Y2hgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCPm/e9GpBY8KsPHUWyKRBmLcyW1jz0PKhJ4s/bFxaM6HbeeclCEKet +t8PCgpNrGT5Wr77I193uhx1fHa1qAo0UIp9UWNfYFnlkTetViHR09lksQJ/Q9Kg2 +6slPnCs6cl8gLSWzsvvBAxGrV1fQVRO59RAJnlaiDZU8Fj5Z83FgUAZTRf8P4vhh +W9L8CmVZ3O5vxibEfSdpTXZVLwcBPzDqFz27ivDfrshHcA60KMnpe4yKIqDqMpv4 +HjWk8KUJgdyapNFjNJ48Mi/zsfBDO/Exm4uZv8K063g5o+fYLOZs8osvIYPDKBt3 +83Wbeffwc6CiR6+TMgvSiAQUOs1If1gy +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: + be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: + 5e:04:d3:e5:74:19:fc:cf:85:7f:f7:91:8c:d5:58: + 7c:02:4c:88:f1:4d:43:e3:07:bd:2a:4e:df:51:87: + 29:74:c5:24:67:1d:f1:6f:8b:07:75:39:89:70:2a: + 9c:00:e0:2e:6c:7c:74:27:18:34:fd:29:98:43:83: + d6:e1:51:b3:13:41:1c:bc:29:dc:8b:2f:93:08:95: + 8b:90:22:4b:e4:98:f5:d6:70:2a:9b:8b:64:e6:49: + 06:62:a4:23:08:60:68:97:89:a9:b2:c0:94:8e:4f: + 39:1c:25:3b:0f:e4:c5:1d:7d:89:89:5e:c6:02:69: + 68:fc:13:55:b5:80:6b:77:f7:59:57:0b:1c:7e:c6: + ed:46:c6:70:fb:34:a1:28:1c:82:b1:c2:ab:a6:c1: + f0:13:1b:7d:0b:bc:1a:39:23:3c:e7:1d:ee:c8:ee: + 2f:69:5f:a1:31:3f:1a:2f:98:5d:53:d7:42:93:db: + 49:ac:d6:7a:12:2e:9d:0d:c9:b0:ef:40:d1:a4:02: + 5e:52:e8:fb:d4:92:07:98:b1:76:d9:16:0f:e4:8b: + de:dc:88:65:e0:fd:52:1d:8b:e2:e3:ed:08:37:d0: + 11:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5a:8e:b7:fa:c9:b8:f9:a7:1e:fd:16:5b:75:4d:5e:b6:f2:6e: + c0:48:f3:7f:3e:61:59:25:64:8e:6a:e5:19:fb:03:20:93:de: + 0c:d9:88:68:e6:c3:9c:ad:b8:b1:08:a4:74:ef:e7:5c:1e:ea: + 3b:9f:0a:64:40:74:ff:d8:9d:14:38:d8:c7:68:f4:8c:b2:76: + cb:77:40:c4:55:23:b6:42:4c:82:16:47:a4:97:31:12:f0:ac: + e8:b9:aa:72:d8:e7:e5:5f:6c:92:0e:07:d7:9f:df:4b:53:85: + e5:d3:8b:74:ad:b3:58:09:d0:cf:2f:66:a3:28:8c:86:3a:5a: + c8:39:f5:03:35:42:72:8b:b8:fc:28:51:37:b0:31:f6:29:c4: + ab:f3:4f:ff:42:de:48:6d:bd:94:cd:3c:5a:bf:f3:a5:d2:13: + 2c:7b:81:d8:0d:2f:f0:49:bf:c2:07:25:a5:2a:ae:3c:9f:4a: + 3e:74:03:70:36:a9:67:68:1a:e8:72:18:2d:79:7e:65:2c:95: + 3a:5c:9d:46:50:d0:9a:fd:c1:7a:6d:cd:d6:6c:83:f2:cb:aa: + 19:c2:03:7c:2e:95:30:40:88:25:47:3c:d2:7a:ad:ac:a1:12: + 25:42:17:d0:17:00:53:4b:32:ae:70:a4:08:7b:9b:fc:bc:93: + 08:e6:b1:7a +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO0 +3F/Ikp3yB8BeBNPldBn8z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sH +dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk +5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt +RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 +Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBajrf6ybj5px79Flt1TV628m7ASPN/PmFZJWSOauUZ+wMgk94M2Yho5sOc +rbixCKR07+dcHuo7nwpkQHT/2J0UONjHaPSMsnbLd0DEVSO2QkyCFkeklzES8Kzo +uapy2OflX2ySDgfXn99LU4Xl04t0rbNYCdDPL2ajKIyGOlrIOfUDNUJyi7j8KFE3 +sDH2KcSr80//Qt5Ibb2UzTxav/Ol0hMse4HYDS/wSb/CByWlKq48n0o+dANwNqln +aBrochgteX5lLJU6XJ1GUNCa/cF6bc3WbIPyy6oZwgN8LpUwQIglRzzSeq2soRIl +QhfQFwBTSzKucKQIe5v8vJMI5rF6 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-entity-key.pem b/certs/test-pathlen/chainI-entity-key.pem new file mode 100644 index 000000000..e0a823b0c --- /dev/null +++ b/certs/test-pathlen/chainI-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA86wyj1Kvqc+eI6SWjunoCjq3anu6cIVo4lLzODnPyPGK9lUe +WfqX/uebByq2gCqS2TmVngwf160fdE2OYW9kJEzUlQOP0/I9btjY1apkfYLudAcW +aPqVF5s1j8NsR4g+QN6TNu1i9MxnRe7qRZ/88WNtt/r4w+Bvx0o+BEkEN4s6mehk +CoZDq1s0HmwzoqQmfMdsSJl9hfUfwZypx49Ra4qGjRyw0oK6pKcJKYsKINF8sWcM +Yc2IM144qwh4C4ALzmMDuUB7Zz6orE5EkglMP+A9VcuqWrwXnE6eQFyC/Ds6VECQ ++SI89ABflRNySSmuXzEiMAQFanu1CgqmXnJNXwIDAQABAoIBACx9nmWo1UYOEHO1 +k3/YmXN0sRSSLsJouXPJbXswow2vfI3pkLchGCuEoju2wse3/kQHTZgj4pSAmaOk +nYCQ1BoEpTPoCJTMQAdDNKQejmaUR3GL8b2NMzeyMR9ksRqGd8dkXEDFKzJDN//+ +1WuNAKQaYWgcPNuW2RHsLlKd+lUhjYR/Qe6pj+Jzxhh9Kbt5GHAyj1BTXQzkv5O5 +FpshP331WryxI0r/Q4lwKHrthBXm2PgKUEeh5M7dokAMCaBZmN0ZTbI644tvNsi5 +FR9rTqRHhxtwmk5sMKEavncISY85T+R63XKfUHTQZkWXEiPB3DJoJAbsDVpBb+BI +j3Ton2ECgYEA/WDYGonfKB7x8wwZgBVnnvoMGOqSm8mj42kw3cAaXqtIrJOF+iL8 +kKMq5YJ2W+GlbdNF1oawG+I9gWK9THOcp0JnRXedGNWlfKrW7HHeugT6OR9D8ZiX +4O0M7QJqIdWWN9QpVHhPfySdzF+PopT73o38MtnEF28cIck3ptFqQpcCgYEA9jGl +DSxfFXjoPKinHf6QWkyKeOqHIWYEuIxv2tQ+KpsvTzZ6hEdS2ZeiWcGRCxvlGNxu +/e7sCVUOCVs+FYyb3kN0TW9Hx+0l8H02Lnt3ar7lQmfp4fDw2HsRm6ONTUPZnXCV +2Odpi7PlnHOSR4j2kta4HQL7l2pZJ3n6wPasTHkCgYEA+2UbBTnGMAiEBqH6qxqR +tSpi1lXnIKrv8LJtyZbQkx1e/dthEs2jyd4asZy/0moPuOfmYvM/yGqwm69cIn6S +72DzFfmX5QwVJZxboj1YvzgxDHv47bx49LI+IOpEY02HvdzDJQw50+yApEYsPSOU +wzwc/lcSOC4Fu3/pt5oP1AECgYEA52eCW/944BXlNB7R9b9wr2+COGU43oulpFFc +UbNtO17h+PKb9fmURjHgx7zJOEff7p5DNSt9cMghiWnZ0Sd42lFM3/vY3HJrVsBa +TRaACDWmB+TkURrHRrNmuYPhLN65jOJl9pqM+mL9TzDSLarvGNX5+Er1cDzlz9U3 +fGhfSwECgYEAzUUcI9nvFvh4XQWCbJVDr3iQrupozRCfYmFjuJpx8KHm+Z01lY50 +uTJ+NOBJHCgS6Ikyz4VIkqpbw4AbxlWN0Se7FjlaoiUkj9KAl1ifM5cl70KN13az +1i3a0a8yrIdCAxDenm9UCQH2NIfL4NdFlI2BZglB6PI/HwQ/NwZAkEc= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-entity.pem b/certs/test-pathlen/chainI-entity.pem new file mode 100644 index 000000000..1e7564198 --- /dev/null +++ b/certs/test-pathlen/chainI-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: + e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: + cf:c8:f1:8a:f6:55:1e:59:fa:97:fe:e7:9b:07:2a: + b6:80:2a:92:d9:39:95:9e:0c:1f:d7:ad:1f:74:4d: + 8e:61:6f:64:24:4c:d4:95:03:8f:d3:f2:3d:6e:d8: + d8:d5:aa:64:7d:82:ee:74:07:16:68:fa:95:17:9b: + 35:8f:c3:6c:47:88:3e:40:de:93:36:ed:62:f4:cc: + 67:45:ee:ea:45:9f:fc:f1:63:6d:b7:fa:f8:c3:e0: + 6f:c7:4a:3e:04:49:04:37:8b:3a:99:e8:64:0a:86: + 43:ab:5b:34:1e:6c:33:a2:a4:26:7c:c7:6c:48:99: + 7d:85:f5:1f:c1:9c:a9:c7:8f:51:6b:8a:86:8d:1c: + b0:d2:82:ba:a4:a7:09:29:8b:0a:20:d1:7c:b1:67: + 0c:61:cd:88:33:5e:38:ab:08:78:0b:80:0b:ce:63: + 03:b9:40:7b:67:3e:a8:ac:4e:44:92:09:4c:3f:e0: + 3d:55:cb:aa:5a:bc:17:9c:4e:9e:40:5c:82:fc:3b: + 3a:54:40:90:f9:22:3c:f4:00:5f:95:13:72:49:29: + ae:5f:31:22:30:04:05:6a:7b:b5:0a:0a:a6:5e:72: + 4d:5f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EB:B5:A2:7B:24:95:03:11:6B:56:CB:13:3E:A8:B2:8F:B1:CF:5D:C4 + X509v3 Authority Key Identifier: + keyid:9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 78:f3:ac:4b:db:c6:63:c3:f5:67:97:b8:99:f4:72:6f:b2:07: + 3b:99:ce:85:e7:5c:59:c1:80:bf:06:92:a8:34:be:1b:74:d1: + 61:b6:75:07:18:0e:2e:77:7f:77:c7:e9:5d:cc:1e:7b:b5:04: + 95:5b:99:a1:15:2e:b6:2b:67:13:09:0f:b7:6e:62:04:dd:01: + 27:fd:18:f3:d9:b2:d7:8f:6e:bb:b3:1d:57:76:91:42:dd:78: + 77:22:b3:ed:79:10:63:94:40:c5:88:09:bb:bf:fd:fe:6e:60: + 23:53:30:8e:11:e2:b7:3d:39:24:96:f2:86:cc:59:eb:83:07: + ad:7a:2e:85:63:be:70:15:92:f8:f2:2b:f1:6f:5f:c2:4d:3a: + 7d:c6:b9:9d:c4:82:6a:fe:b2:7e:ec:5d:eb:b3:ba:82:09:04: + f9:7e:47:37:a9:8a:e2:2a:4f:30:7d:b7:dd:1f:c2:f4:db:61: + f3:b1:81:5d:10:8c:41:22:76:93:5b:a3:b9:b2:69:85:88:3a: + eb:ae:42:0f:16:e7:2f:f3:cd:03:4c:08:65:90:a9:4f:dd:89: + 23:d7:56:bd:e9:d7:cf:9f:bf:0f:a2:11:5b:e1:89:2c:d4:76: + 16:1f:83:5c:e9:8c:f6:93:7c:b5:f2:f1:ef:d3:07:35:2f:93: + 33:16:9c:63 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzrDKPUq+pz54jpJaO +6egKOrdqe7pwhWjiUvM4Oc/I8Yr2VR5Z+pf+55sHKraAKpLZOZWeDB/XrR90TY5h +b2QkTNSVA4/T8j1u2NjVqmR9gu50BxZo+pUXmzWPw2xHiD5A3pM27WL0zGdF7upF +n/zxY223+vjD4G/HSj4ESQQ3izqZ6GQKhkOrWzQebDOipCZ8x2xImX2F9R/BnKnH +j1FrioaNHLDSgrqkpwkpiwog0XyxZwxhzYgzXjirCHgLgAvOYwO5QHtnPqisTkSS +CUw/4D1Vy6pavBecTp5AXIL8OzpUQJD5Ijz0AF+VE3JJKa5fMSIwBAVqe7UKCqZe +ck1fAgMBAAGjggEAMIH9MB0GA1UdDgQWBBTrtaJ7JJUDEWtWyxM+qLKPsc9dxDCB +0AYDVR0jBIHIMIHFgBSeVLaV6okHpsnkgujQNGRdCM1WoKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +ePOsS9vGY8P1Z5e4mfRyb7IHO5nOhedcWcGAvwaSqDS+G3TRYbZ1BxgOLnd/d8fp +Xcwee7UElVuZoRUutitnEwkPt25iBN0BJ/0Y89my149uu7MdV3aRQt14dyKz7XkQ +Y5RAxYgJu7/9/m5gI1MwjhHitz05JJbyhsxZ64MHrXouhWO+cBWS+PIr8W9fwk06 +fca5ncSCav6yfuxd67O6ggkE+X5HN6mK4ipPMH233R/C9Nth87GBXRCMQSJ2k1uj +ubJphYg6665CDxbnL/PNA0wIZZCpT92JI9dWvenXz5+/D6IRW+GJLNR2Fh+DXOmM +9pN8tfLx79MHNS+TMxacYw== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA1-key.pem b/certs/test-pathlen/chainJ-ICA1-key.pem new file mode 100644 index 000000000..e67a06832 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAp29EwhHMLPQqpagIU0sOzZYjuxVKKt35pxkrkSjoc6NXtEk6 +N4KPFThaqq+tciYuhMIN3vzwvjuiEakSINQ93mKFhZEIYNvASruJtvSRHlGjsvcI +md9ISlmE0aoJNg3NaKWuQcjXGtjqSYcgIif5RVQ+x8gARH40cqqNLU1qPnWJ4tQX +V/nNK9C3FGpUG2Gvm2gisRZz6wVsQertEE68gwRoyDrhAxKtKFwkTBmhftjvG4Dk +DkkMaYb2HucB+ypvVhttCq3pKT8xu0goQHkrtfOq7OkJTIL8lygZozrA0l6jipjI +irfSxJC8/8xHE5CtAKuK7PeUNQlgEDWfMsUAGwIDAQABAoIBAD9XZ8Knav+Cq3OZ ++vRPy9zYtNG8vx8ydJTTf9jdifrdS3unzD9dw/V6KUqzRUGO0kBlDUxTklvVQX2+ +4V3MDU/JI8wgzvOdjsR26CVvpkq7BdvZesaDYtzFuup6khuB4zh4nVDDwySj9RY1 +6WEikDm7IjkAH6HJwNu0S85coBnaTs7Sxi+LcAwFlHybEZfb5hz0MdLcLlJ3E7Oz +6Ni/W/SsFBPsO7u7BlNB37tvBlxwpws1sKgpN1EHaDhctQxGODkfAK66PPbG75lO +vqROQWdFc7e3IKQ//A3ORXjNGfCYs8kV/VLA2RjjDPrVb3d7OHxufaAXUxNN5+N1 +7chonQECgYEA00PYedTkZiY2ljJBQB5vxoCZt9wGMe91u/SjWUfLMs2upBgGWDCx +5loZybzUMkBXRK+TSy0kdJndNSPWFxnSmOEFE6Im99MBFJu2iuy7HyHjSTlUEQp1 +Y1CbSzQRCXMNsdJjWnTEz9y8r6gQMhbhMB1Gn5MK3cSmrfv1LwTOvIECgYEAyuN8 +jLWMVfBTN9B/hWTLMLQF7fHhxT53ZBzA9+xnMo+TCDTqZABeyyO1/9jVIvcF4PEO +tmGFaQYaGlxP9fMJyuEEcmYXU8pSqFmK/HHvaHL+MDBjRPudz9En9visBtcoVyYq +z6oRFKsNCjcctxZ9/N20gfaYCrgzFTCTkPWh3psCgYAQKBwiFRnyhfGewvEiijFa +KPOYkAcZQorqeOcVKNxtYjV87yltDSxNxY47U2mW/jyuUA8frLAhCrNUIQ16bssg +TfUpbzkzsrtebBolvb0BwIG1U+EN/JLFqaB2u+ChrF7bvo9Cl7OFgggcFupGKmHG +YDbKdWBbXXKx05cIpYF6AQKBgH4pobyZ9E9IZ2cwxut7NwLtHzbMj7ko0/M0EibZ +IX8GWsbiqNJQjKHDbhxPiJH6i/RJ0f1FfUFGoxq7RpnJbNB0xmAg7eaTzHyVWeEL +NHV99GSg4kn2MTcWd8SS8945EwPGXx7NQVvZ1f0BMmEDooqIjwO2BOu9iT5m+4xL +wkF7AoGADQdu9lCbE0oFa4Ys9p7F7nAh7CCMvKGGIWZzQZBUf3Xr0RuZYRBaeUs2 +U7R/dXpUEOdxcDxSvfsnOz4yJ5++ixj0GaETgxHfHJd4JbBVW3ziCjPNSLj7Slgf +EmHy80ElH+97Z1nK5dHZNAi6m4u+eNjpnv/zbaWsLXsglPuzmsg= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem new file mode 100644 index 000000000..302d2c78d --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: + 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: + e8:73:a3:57:b4:49:3a:37:82:8f:15:38:5a:aa:af: + ad:72:26:2e:84:c2:0d:de:fc:f0:be:3b:a2:11:a9: + 12:20:d4:3d:de:62:85:85:91:08:60:db:c0:4a:bb: + 89:b6:f4:91:1e:51:a3:b2:f7:08:99:df:48:4a:59: + 84:d1:aa:09:36:0d:cd:68:a5:ae:41:c8:d7:1a:d8: + ea:49:87:20:22:27:f9:45:54:3e:c7:c8:00:44:7e: + 34:72:aa:8d:2d:4d:6a:3e:75:89:e2:d4:17:57:f9: + cd:2b:d0:b7:14:6a:54:1b:61:af:9b:68:22:b1:16: + 73:eb:05:6c:41:ea:ed:10:4e:bc:83:04:68:c8:3a: + e1:03:12:ad:28:5c:24:4c:19:a1:7e:d8:ef:1b:80: + e4:0e:49:0c:69:86:f6:1e:e7:01:fb:2a:6f:56:1b: + 6d:0a:ad:e9:29:3f:31:bb:48:28:40:79:2b:b5:f3: + aa:ec:e9:09:4c:82:fc:97:28:19:a3:3a:c0:d2:5e: + a3:8a:98:c8:8a:b7:d2:c4:90:bc:ff:cc:47:13:90: + ad:00:ab:8a:ec:f7:94:35:09:60:10:35:9f:32:c5: + 00:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + X509v3 Authority Key Identifier: + keyid:A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 1c:0b:c0:44:10:dc:db:df:b9:3e:a0:95:09:d7:13:63:81:f7: + 32:57:19:84:72:2d:8e:60:66:0e:78:f3:35:7d:71:f8:95:88: + bc:90:52:e1:e2:4e:fe:4a:f7:bd:66:fe:b7:73:84:7f:96:ee: + ba:93:97:31:01:af:74:4f:60:40:74:d2:b5:a1:2f:e0:79:1a: + e2:67:08:ee:d4:60:43:1d:bc:79:9d:61:ae:fe:5e:9b:c8:b3: + 69:4e:d0:2b:2b:61:7a:51:1a:c9:bf:8c:b5:ff:ee:ee:42:eb: + ad:e4:90:53:1c:ed:a6:6f:27:51:1f:bf:b1:e3:0e:28:70:46: + 36:91:2e:72:82:b8:05:ee:42:c0:bd:17:0a:38:96:da:13:a4: + d5:a3:9d:bd:82:c3:aa:9f:ff:a8:cd:28:38:ae:18:44:a6:e3: + 60:eb:e0:4c:bd:1f:9e:99:e9:47:38:86:08:29:61:64:d6:6a: + 55:a0:eb:5a:62:24:d5:48:36:5b:51:5c:7f:5f:94:21:ea:d4: + 5e:7d:ee:ec:e7:3f:5b:35:59:8f:84:b9:00:53:80:3e:6a:a0: + db:de:a9:36:9e:f2:1e:48:77:cb:df:94:af:4c:a8:cc:93:c4: + 03:74:ca:ec:d8:86:a3:b9:49:76:b7:af:44:b3:b4:51:ca:a8: + 8b:78:73:f5 +-----BEGIN CERTIFICATE----- +MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnb0TC +Ecws9CqlqAhTSw7NliO7FUoq3fmnGSuRKOhzo1e0STo3go8VOFqqr61yJi6Ewg3e +/PC+O6IRqRIg1D3eYoWFkQhg28BKu4m29JEeUaOy9wiZ30hKWYTRqgk2Dc1opa5B +yNca2OpJhyAiJ/lFVD7HyABEfjRyqo0tTWo+dYni1BdX+c0r0LcUalQbYa+baCKx +FnPrBWxB6u0QTryDBGjIOuEDEq0oXCRMGaF+2O8bgOQOSQxphvYe5wH7Km9WG20K +rekpPzG7SChAeSu186rs6QlMgvyXKBmjOsDSXqOKmMiKt9LEkLz/zEcTkK0Aq4rs +95Q1CWAQNZ8yxQAbAgMBAAGjggERMIIBDTAdBgNVHQ4EFgQUnHs6ELMImQUArz7g +pF3Zr4K8TcAwgdAGA1UdIwSByDCBxYAUo/VximCAPJNkF9kutcDOqcEUF8Shgamk +gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAcC8BEENzb37k+oJUJ1xNjgfcyVxmE +ci2OYGYOePM1fXH4lYi8kFLh4k7+Sve9Zv63c4R/lu66k5cxAa90T2BAdNK1oS/g +eRriZwju1GBDHbx5nWGu/l6byLNpTtArK2F6URrJv4y1/+7uQuut5JBTHO2mbydR +H7+x4w4ocEY2kS5ygrgF7kLAvRcKOJbaE6TVo529gsOqn/+ozSg4rhhEpuNg6+BM +vR+emelHOIYIKWFk1mpVoOtaYiTVSDZbUVx/X5Qh6tRefe7s5z9bNVmPhLkAU4A+ +aqDb3qk2nvIeSHfL35SvTKjMk8QDdMrs2IajuUl2t69Es7RRyqiLeHP1 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA2-key.pem b/certs/test-pathlen/chainJ-ICA2-key.pem new file mode 100644 index 000000000..fa3f5aef5 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuyn9iaqC4B0EeGnsYVhRUoR+a1VpLPQj1h/Y7asZljh7xojX +fYWTADVAC8Cp/2YPnqEdiG6pivGtR7RxyRVQxg81npVKZtO9Gzh73GeFlxuzY8ly +1kNa8V419gWWx0C8I6uUNIJZArIz0OZ/GVdlaDwEYVDvIpVP7xi/FbFNjs2noJgi +9RwFAWtLNb+Iw0fDJCm0RcuVoawWHd24aKxROSQnar4x8ewGEFW+RAJP6BJ71v4y +yUg3ayBoy1P1STquSsdDwa/mUxHZ+HEaotY3xytFUElRT1VsPx5pe1gSOn5ZoFed +KJyKbYLnExU7BI/igg8vz9kl2WWjPAPAzbZR1QIDAQABAoIBAFvaUK5WOyKHuyDp +QvPHJynrEivU3+gK7Odx+8EwHj+F+uDFWZQlkK4idAsQg51u1i2QfnDtdlFVKCgv +m0QHLPv2jOcF91ydf4ozXz4cpAgztQc83xneNmyMQsk5lvS0hWCwHOzkJ5DWKe3U +oP2r0X2lLrUfxixfwLnjmCuqNxjkZlx1sB+rb5wafmW6GOx2kUS+jr02RG20wNIT +lPgCLYyRyn636F7eBSTDd2ogwwpugk0cqBWFnqzvJfltIFQd47bhSyQ4ot12rTrH +GzQ764Ll6pxuNmBYo9ys3HHhFs8A66vIpC7ITZRUWa7aHFzQn+rzJGeJ4+USJvCf +fCbyS4ECgYEA+B0tCuWCK6qiszfFdPAwTnQFTcdKBH9wnwI1f6gdgqOofYfSKJ/3 +6rgtuYv3/MPZ0wXTNP6QxYKjD3Zfa2oclxO/5JRejiahKYBNPrON1CbN3bMESZj4 +5Br5SxjLcDN8OFEKExn9U13lD7wfF2AVVUMkflkfao9ajziBkZUE1TUCgYEAwRzi +XJ7wOQgAAuz2rG9Kw70oQ8ry3VyU5L4xqEJsVIMBpxCQ+LfvWNMuR/awFECVnrxG +UpUgvzrY+JJ3EVDRD3bbCZW7TtglLi9vi7VomFv5S2tPPl+abktY9zPe76nF/bWg +joLTfWrla6OAUldaCBJPvmBlmsqEOJTMDM0kPiECgYBJI5ieiK9JngBeIkejxBYJ +Wmwh1Gh+UO7rAKSyn+UrGIFXl80cyqMzXt2jv533teglK6dqDMyyXGMi8LsKF/qb +kmfTwuTotHx3lmmu3REnA9VV0CqoY16jJ0xrlcCKr7Kji0gT/2pMw/X9IHBt3JYN +T0CXuj/nkqCYbYjMWIhXLQKBgQCYdtOIyLtka5qGtMu0LFHc5FUL4QmKF3Q+fKL7 +8yVQO/ZsDjpHBAFmIaUij/NIqgz2vDLRNIgcMrvm1MxI0YOdL/uTP7IYd7IzGqR4 +qwsfb04Na3WvCxAEEFz3Hu7eTS3SNznCCiwrkt/68aV4XRrp0HtBFR5i7Y0ilufb +G4OHwQKBgQCd0TSu7ntTRmQBddjtAylB5tP7BTxgdV39IrBs9AyZnEti8hVLn3bs +AuENwmUX2KGRkH9xmA3hf8QHYFWz2n7NiygZ60yjIvpQhd4z2eCEpmqrRVV44QtT +z/NoqKUN6ywGoDu60LV1PmoYpiWXM1qTxdKJhcUhdkuVSH22tKoVeQ== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem new file mode 100644 index 000000000..92fa68dc2 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: + 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: + 19:96:38:7b:c6:88:d7:7d:85:93:00:35:40:0b:c0: + a9:ff:66:0f:9e:a1:1d:88:6e:a9:8a:f1:ad:47:b4: + 71:c9:15:50:c6:0f:35:9e:95:4a:66:d3:bd:1b:38: + 7b:dc:67:85:97:1b:b3:63:c9:72:d6:43:5a:f1:5e: + 35:f6:05:96:c7:40:bc:23:ab:94:34:82:59:02:b2: + 33:d0:e6:7f:19:57:65:68:3c:04:61:50:ef:22:95: + 4f:ef:18:bf:15:b1:4d:8e:cd:a7:a0:98:22:f5:1c: + 05:01:6b:4b:35:bf:88:c3:47:c3:24:29:b4:45:cb: + 95:a1:ac:16:1d:dd:b8:68:ac:51:39:24:27:6a:be: + 31:f1:ec:06:10:55:be:44:02:4f:e8:12:7b:d6:fe: + 32:c9:48:37:6b:20:68:cb:53:f5:49:3a:ae:4a:c7: + 43:c1:af:e6:53:11:d9:f8:71:1a:a2:d6:37:c7:2b: + 45:50:49:51:4f:55:6c:3f:1e:69:7b:58:12:3a:7e: + 59:a0:57:9d:28:9c:8a:6d:82:e7:13:15:3b:04:8f: + e2:82:0f:2f:cf:d9:25:d9:65:a3:3c:03:c0:cd:b6: + 51:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + X509v3 Authority Key Identifier: + keyid:CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5b:56:cd:5e:fc:3a:fb:2b:be:7c:63:ad:a7:7b:e4:9a:00:78: + cb:d8:e6:00:41:3d:3d:e3:f6:43:78:75:d7:c9:07:61:0c:2b: + 43:46:8f:12:a3:5a:f0:3d:22:f4:72:ea:27:1a:70:57:48:c5: + ec:7d:00:dd:5d:83:a6:71:f7:90:ec:69:bd:2e:86:97:06:dc: + 9c:be:4e:a8:4c:9f:db:93:5e:fd:d8:ba:ae:89:55:65:16:cf: + ab:a5:a4:4e:ae:21:ce:5e:e0:91:e1:77:de:e3:b4:3d:ba:d2: + 12:f3:54:c0:50:94:16:e5:b2:62:71:58:03:2c:d1:f4:1f:ce: + 9d:a5:ce:2a:57:9f:f7:19:41:b0:4d:e8:27:5d:f2:e6:c8:44: + 1b:c3:57:51:76:d4:15:1a:05:31:61:c3:02:db:56:81:1e:24: + f2:23:04:a9:5a:31:ee:08:1d:08:1f:49:d7:2c:ba:1e:00:5a: + e5:57:8b:fd:aa:a4:2f:6a:d7:93:19:09:92:30:7d:95:68:3b: + b7:ce:a3:f2:b9:e4:e4:e4:48:a4:22:6b:00:33:91:56:28:fc: + 50:f7:1d:f6:70:5b:83:a8:99:98:2d:7a:6c:aa:9b:5a:a5:56: + 5b:89:95:a8:50:27:68:ce:63:5e:d3:84:cb:80:1b:ae:3e:a2: + 5c:13:9b:ff +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Kf2J +qoLgHQR4aexhWFFShH5rVWks9CPWH9jtqxmWOHvGiNd9hZMANUALwKn/Zg+eoR2I +bqmK8a1HtHHJFVDGDzWelUpm070bOHvcZ4WXG7NjyXLWQ1rxXjX2BZbHQLwjq5Q0 +glkCsjPQ5n8ZV2VoPARhUO8ilU/vGL8VsU2OzaegmCL1HAUBa0s1v4jDR8MkKbRF +y5WhrBYd3bhorFE5JCdqvjHx7AYQVb5EAk/oEnvW/jLJSDdrIGjLU/VJOq5Kx0PB +r+ZTEdn4cRqi1jfHK0VQSVFPVWw/Hml7WBI6flmgV50onIptgucTFTsEj+KCDy/P +2SXZZaM8A8DNtlHVAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUo/VximCAPJNkF9ku +tcDOqcEUF8Qwgc4GA1UdIwSBxjCBw4AUzZdJePcxYe0vcRpo6UUsQHhRk1uhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAW1bNXvw6+yu+fGOtp3vkmgB4y9jmAEE9 +PeP2Q3h118kHYQwrQ0aPEqNa8D0i9HLqJxpwV0jF7H0A3V2DpnH3kOxpvS6Glwbc +nL5OqEyf25Ne/di6rolVZRbPq6WkTq4hzl7gkeF33uO0PbrSEvNUwFCUFuWyYnFY +AyzR9B/OnaXOKlef9xlBsE3oJ13y5shEG8NXUXbUFRoFMWHDAttWgR4k8iMEqVox +7ggdCB9J1yy6HgBa5VeL/aqkL2rXkxkJkjB9lWg7t86j8rnk5ORIpCJrADORVij8 +UPcd9nBbg6iZmC16bKqbWqVWW4mVqFAnaM5jXtOEy4Abrj6iXBOb/w== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA3-key.pem b/certs/test-pathlen/chainJ-ICA3-key.pem new file mode 100644 index 000000000..af221fe25 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA2Kr2BZVwWlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClI +JeG19SXfZHvq7aofiw3n6/UvripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQ +qnzeIPh1OSOF7oQTiFQqlvUWJ5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6c +nq48u7bYEKy3WUlbcwC+r5IhFFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7 +p3BTFMa3Ufoj8PVL0bs/m/w1ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba ++e8b4J+11TJltU7kvjZrZWUalqJHtT6fsA1jQQIDAQABAoIBAFxbg8Odj+bxD25S +bGJpSzPQZXzj/poQBhoPC1B/6IyDLLtV3YtIS2fUXQVYTSxB+HAt3U6XlVuIci7w +4E5j92fF+ZTZMvlPluFGk2r9fIs28V8xZyFFWOp0/oL8wXqKkkjql70BfBAn0kPa +kTT0QAD9thcuUaWUvhQk9gacDgTDa824zjrJmU/st0XkAL238VGZitW0n3FuIO/G +FLg3wPE6VJRvbdg5KT7UplvP1gj37tIWZmRtOxwGcr5NGhHiceGD99ubFAvkZPLe +RfRrQB/0vJ0TQLrVBhWtnRsrHuywUllrhLDUcJTnylrK/CMimmtvx03geDjo9jso +J+RaYAECgYEA9WJzlwjAR/a5K+6b/Wds1Oqsq3KVfRPLas5DENDCAfoabVQadJWh +DG/PtAoOWaK6Kvjg6qZyjlaB3gVVmUt7aflGYW2Ik7hpDlHY5D7tD7gOrhYzU/X9 +gnH0I9jRD9KhyRKIxMcgtQwMUX8EksfJsNm2uSbgvdLtWAad8uNg2zECgYEA4gp7 +PgBzfXq+2kt0qTbXG/+UCNXFUUChr/SrSb3g+gM/AMqmNVuRPJ3hNSEnHWt7g9Pi +3lIKFsQel5HZZR7o/H6GOtmIBD53ropX6foSMuJ8WlDEf1+44WvfpntESED9C1Hq +cEHTFKMWek5b8izfQBR/OzWmB33nh0AXHeBM5RECgYAw5kGqo2/N53jXLGGhie7C +L1HhiKAJoNw0mI38190Rj8mcZ9otyXOiitWVRzu82RTIY3hOyoShoNOYbu+z8LrT +T32bBLzm0yT8WYsjUPbk3wTt5DauUKMIT7UbP6XJxWvAKhVfQV9fNNtvkiRTK8Uh +nQEwvHKk4Vey5v6q3Gz8wQKBgF2X+W+ywB80s9GvbJ6kFm2BZcpCuXDrUgeJR2NB +O+ZJccziG+/7+icfOCDHmWqVFo9/LHDhh0vl6MTZnyo/ojjqKqozaB5ZvzSGE+DN +qrtnDBZZWwNinyq3f+NvJtbEEgKd6HSSzNO+s4/w4iFkcwwVcJkTnat8dmGKKAg2 +16ABAoGBAMiKDbjbCoiCHfUDjozrEuXL7IF0sUgctVBRl/llmvFjXwOY+yE+Fchj +bcPJw25UVJAcSvRn0U/0/eqsZCFEcrDCSlU+wU+3JDSMrf6nNFpgCYSU5a8juHXA +tI5ofONIJ72Dt7QARgP+jpV7QZSKrsh2vZe+6uaXNgCENkSr3XrV +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem new file mode 100644 index 000000000..7c1bfed06 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: + 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: + 39:e1:e7:4e:48:29:48:25:e1:b5:f5:25:df:64:7b: + ea:ed:aa:1f:8b:0d:e7:eb:f5:2f:ae:2a:5a:3d:50: + c7:fb:ef:0b:8b:44:0b:63:94:be:c6:d7:63:45:2e: + 85:96:00:5c:be:7e:10:09:b3:d0:aa:7c:de:20:f8: + 75:39:23:85:ee:84:13:88:54:2a:96:f5:16:27:9f: + 8b:b0:a6:2a:f4:9d:13:8c:71:1c:0c:a6:59:53:ec: + f9:0b:2b:c9:45:13:d6:12:ef:39:d1:8e:9c:9e:ae: + 3c:bb:b6:d8:10:ac:b7:59:49:5b:73:00:be:af:92: + 21:14:54:a3:fa:b6:17:ae:b6:dc:b1:f1:61:f0:75: + 07:43:5e:48:fa:e7:80:56:cf:df:ad:46:52:85:42: + fb:a7:70:53:14:c6:b7:51:fa:23:f0:f5:4b:d1:bb: + 3f:9b:fc:35:ca:d2:85:f1:a0:77:02:06:7c:79:99: + 13:b5:68:b4:16:47:42:88:f7:bc:eb:78:b2:e8:11: + 2f:62:f6:da:f9:ef:1b:e0:9f:b5:d5:32:65:b5:4e: + e4:be:36:6b:65:65:1a:96:a2:47:b5:3e:9f:b0:0d: + 63:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + X509v3 Authority Key Identifier: + keyid:FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 38:56:e6:30:a8:f8:db:32:4c:53:e0:8f:c5:08:98:3f:ce:bf: + b1:04:b0:52:24:63:6a:14:86:41:08:13:78:aa:98:7e:07:9b: + 1d:22:9e:61:b6:69:fb:f9:24:a3:8e:4b:f2:1f:39:6a:0b:a1: + ff:1f:9b:65:7c:7f:85:8c:d8:ce:3d:83:93:4c:00:4e:7f:d0: + 44:53:b1:a8:7d:bf:43:f1:d7:f2:2c:86:20:b8:cf:11:39:bb: + 7e:21:28:ca:20:4b:0a:46:97:d3:c6:82:2c:4e:25:8a:e4:92: + 84:da:c2:9b:15:3a:5c:8b:fc:a1:b7:76:f9:e8:80:79:1f:fc: + 4f:d4:18:f1:17:fa:19:87:4d:3c:81:e1:82:ce:e2:5c:d2:c0: + cd:e8:44:5a:dd:f1:41:5f:a2:df:27:a9:d4:4e:f7:2c:7a:8c: + 5f:dd:f2:3e:e3:c5:1f:7b:5f:0e:6f:9c:9a:c8:eb:63:0f:98: + eb:7e:e6:89:56:d9:c7:f4:6d:20:d9:0f:a5:81:82:90:90:95: + 53:62:80:9d:e3:93:44:4c:33:00:1e:b9:c8:b2:13:53:d2:a3: + 18:96:86:40:92:74:bf:a9:8e:77:ff:a8:3b:7f:c6:92:c8:b4: + 4e:6c:17:7f:36:9d:f6:64:11:f9:26:5e:55:09:36:fe:8c:84: + 81:08:0e:a3 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kr2BZVw +WlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClIJeG19SXfZHvq7aofiw3n6/Uv +ripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQqnzeIPh1OSOF7oQTiFQqlvUW +J5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6cnq48u7bYEKy3WUlbcwC+r5Ih +FFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7p3BTFMa3Ufoj8PVL0bs/m/w1 +ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba+e8b4J+11TJltU7kvjZrZWUa +lqJHtT6fsA1jQQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUzZdJePcxYe0vcRpo6UUs +QHhRk1swgcEGA1UdIwSBuTCBtoAU/BgTUrszStscW9GAmD5AhpVYcvmhgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQA4VuYwqPjbMkxT4I/FCJg/zr+xBLBSJGNqFIZBCBN4qph+B5sdIp5h +tmn7+SSjjkvyHzlqC6H/H5tlfH+FjNjOPYOTTABOf9BEU7Gofb9D8dfyLIYguM8R +Obt+ISjKIEsKRpfTxoIsTiWK5JKE2sKbFTpci/yht3b56IB5H/xP1BjxF/oZh008 +geGCzuJc0sDN6ERa3fFBX6LfJ6nUTvcseoxf3fI+48Ufe18Ob5yayOtjD5jrfuaJ +VtnH9G0g2Q+lgYKQkJVTYoCd45NETDMAHrnIshNT0qMYloZAknS/qY53/6g7f8aS +yLRObBd/Np32ZBH5Jl5VCTb+jISBCA6j +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA4-key.pem b/certs/test-pathlen/chainJ-ICA4-key.pem new file mode 100644 index 000000000..f795822c3 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA4-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAnUrua/+27IghI4QDtoi7PloblQMvJFMtVz8ROF0SHUBrENvC +0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muRJo/8HgYX8N5Yh+8eppES +OWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr42YqG4fFhQNFsM7hD8EP +knDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RVptq7H57RhQDgjUrE0oYI +df3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnACg79u2DGJs/IWmL4n9hRa +6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQABAoIBAFOs+QkbEATkpjxu +jksckf+pj+LFvt5kIUq4kkCZwnktO8fMIOj4Z51f7ueIplpMLf6qd9L+mteYN2q8 +y9ILmddqwta/QohxMH4IX9QTdKVb38JcioVf1epElfzguvOm2J5DXqVVhcFwY6HQ +9+6hDkZyfVb99aMTRnM+1yTbiMd1cTV/hee0cCaS/A4WjJicldbLMUQ9GFlfoaNa +z7Vik0XnQZoAJKLFIqo+r3At1x4HQ6CTeIKLrUUCiIJp2AKTw1ZddSS+n1ELb7ms +MavRWChI5aYk9IhVTIzjFgsY5SWj5z2ta5dCngX0miTtr3CegUH8r7BAHTosezAW +CALcj8ECgYEA0S2AMpTdv2LdzTB9KLCGhHHbZSGgf/RBqvtkY2vCOKUSnZ3eT6Vy +wdVsRumbwMzmgzDP91SPsb7h0kq8VvplAyREsIm7lo+C1rZOjefBXRTMbZezjkPA ++OIA7DauyRpeICjhraMC3a5VDJgHPYb21juJZLf6wmA79uiye4ElbqcCgYEAwIBD +85yw4N7zH+0h9h9aJH7JU9CAQQ0EETJyDgCRqk5eSepoQEG3WpJw2tuP1cQpvJS8 +WCo1/k5eeyawOVHtkXoSXmsJF4QcGkyK/bbrlqpqzqB9hWw2s0XY8yY22PWOV64H +ugxTAr59G4Fp1LthyzL0Si4c/u5O3iSV9eJWCu8CgYBYPTd9HutEFvK14iSKC51T +Nax1RvAryeABvrakcgqmVow5zSTAuGxmdB+O8nDvrf/3i5nPHe7X7kvYqAo3Lr15 +y8zmI9PsOXHaHWGZ3w/ksidie8IU22QGGWCGRLMKxoK6UkSRONi2pxndjCxRuiNa +UBcvU6UGZg4lpBfWna4qtQKBgCaOyo2WOhugrKQddGr/FqguuRbPsZDWEZV8PDov +xP2O2vYFPMJ6J0a+BFriFapks1Nxm1QxiEUa33PdaPjiPyqff+RnnheWv6ZI5KIz +LHcuRVyD6wB5j29TM0RoyB2m+c74LdYHN+1ZyGdlAZS5v7nax/G/0NEDXMrEG0F4 +B3IDAoGBAKi0u0aMsVKOY1X9AR/4PWwe2zD6JWIT9oGWXGmp3CjXH+RxoSCTtYYr +1eLmgVkKA0dYrJO4QqZ26pLst3FZ0trAH0zhbn5y7NWy2AdDFMFClk5D8a+VEm1S +ejTDoNtohKlDFgaGC15mrHpv6JfpKGlBpRuTH8DRuCpaoqLQ9bOO +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA4-pathlen2.pem b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem new file mode 100644 index 000000000..0d3e8258a --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: + bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: + 12:1d:40:6b:10:db:c2:d3:e4:dd:80:77:74:7b:88: + 44:65:e0:cf:52:c5:8a:42:e5:6e:b7:6a:ab:50:a0: + 2e:29:c2:fe:ba:d5:c7:da:6b:91:26:8f:fc:1e:06: + 17:f0:de:58:87:ef:1e:a6:91:12:39:68:a5:05:f3: + 8c:67:c9:e5:99:18:a4:fc:90:3f:bd:a6:ca:f2:a6: + dd:b5:e6:93:cb:14:89:83:3c:88:5a:31:ab:e3:66: + 2a:1b:87:c5:85:03:45:b0:ce:e1:0f:c1:0f:92:70: + d7:ac:65:ea:a8:09:c1:fe:1d:db:b7:e7:dd:98:d3: + c6:b1:16:b4:54:58:c1:aa:ba:a1:cf:19:14:a7:e4: + 55:a6:da:bb:1f:9e:d1:85:00:e0:8d:4a:c4:d2:86: + 08:75:fd:d8:1e:85:21:6c:27:8f:18:d5:44:73:58: + ab:94:75:4a:36:3d:8d:4d:c6:7a:86:9d:00:db:c5: + ba:be:70:02:83:bf:6e:d8:31:89:b3:f2:16:98:be: + 27:f6:14:5a:e9:d4:72:67:8d:a9:df:76:27:bf:19: + ac:20:59:28:5b:1b:42:d9:d5:5b:6d:fb:6e:a2:5e: + d3:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 0d:bc:87:df:e4:68:a5:56:54:d2:89:42:d8:b4:1b:45:6f:88: + b2:39:d1:ad:38:f4:0b:68:5e:e1:3e:88:60:4f:69:be:a8:ee: + 1d:14:08:69:86:ee:6a:08:42:35:6e:44:4f:5f:be:13:00:81: + ca:41:a7:70:d3:48:9f:60:03:14:a4:4b:7f:35:7e:6d:94:0b: + cf:63:00:fe:8e:54:2c:4c:ac:fb:ef:4c:68:91:9a:0f:45:3e: + 07:12:f2:74:e6:83:36:8e:61:49:f9:03:17:e2:16:72:eb:6b: + c3:c1:7b:95:37:31:1f:10:b9:fc:7b:e4:54:d4:4f:81:a0:f8: + 0e:be:99:43:50:dd:19:7e:f9:41:8b:0d:2e:b2:e5:2c:ec:9b: + 20:42:f4:3a:da:03:99:bc:c1:c2:6c:69:4e:8e:6e:ad:22:57: + dc:2c:1a:e3:4f:15:c4:b3:b4:5d:2d:be:d8:62:0a:a4:c9:62: + fb:9a:53:26:ee:8f:8e:43:a6:e2:77:9b:1f:1f:4f:86:b5:65: + 22:3c:0d:f7:75:ab:24:2d:5b:6f:96:3f:26:22:b0:de:b2:4e: + 37:fd:f9:9a:22:81:15:91:c5:b0:54:f2:ee:f0:e9:7f:23:ab: + 43:1c:43:e1:e4:bf:61:20:13:f3:4f:b6:71:77:a3:23:89:fb: + 02:c2:24:5e +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrua/+27IghI4QDtoi7PloblQMv +JFMtVz8ROF0SHUBrENvC0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muR +Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr +42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV +ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC +g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQANvIff5GilVlTSiULYtBtFb4iyOdGtOPQLaF7hPohgT2m+qO4dFAhphu5q +CEI1bkRPX74TAIHKQadw00ifYAMUpEt/NX5tlAvPYwD+jlQsTKz770xokZoPRT4H +EvJ05oM2jmFJ+QMX4hZy62vDwXuVNzEfELn8e+RU1E+BoPgOvplDUN0ZfvlBiw0u +suUs7JsgQvQ62gOZvMHCbGlOjm6tIlfcLBrjTxXEs7RdLb7YYgqkyWL7mlMm7o+O +Q6bid5sfH0+GtWUiPA33daskLVtvlj8mIrDesk43/fmaIoEVkcWwVPLu8Ol/I6tD +HEPh5L9hIBPzT7Zxd6MjifsCwiRe +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-assembled.pem b/certs/test-pathlen/chainJ-assembled.pem new file mode 100644 index 000000000..4e93b51f6 --- /dev/null +++ b/certs/test-pathlen/chainJ-assembled.pem @@ -0,0 +1,443 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: + 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: + 0e:de:cf:05:74:df:37:a4:37:33:a6:6f:59:06:c8: + 9f:19:35:c3:94:f7:05:ba:52:eb:3e:92:29:61:48: + 88:fa:6d:42:b4:30:de:ce:df:94:ed:92:88:60:c8: + 55:36:50:ee:36:b5:ed:35:6f:95:01:f4:88:4b:7b: + 3e:fe:b5:9c:64:c0:72:be:8c:74:6a:8c:f5:e4:65: + 66:87:52:9d:7b:b0:20:f6:d8:c3:de:76:b9:70:7c: + 01:82:6e:fc:fa:1b:e7:c4:c1:5f:38:ce:50:dc:3a: + 22:87:bc:19:9a:45:d5:8a:7a:93:f9:78:59:c7:0a: + f9:8f:eb:c3:79:eb:b5:ee:36:f0:5e:5d:2f:8f:46: + e8:63:c2:31:82:fc:fb:5d:8c:ca:01:b1:bb:72:2b: + e7:2f:82:3c:a6:24:a6:3f:58:7e:69:5b:4a:00:b4: + 25:b3:b3:c3:b3:b0:c2:3f:a3:d7:ee:04:12:1d:ab: + 0b:bb:02:b0:6c:0b:36:64:56:a9:5d:37:e5:0a:28: + 44:5e:15:e4:f5:ab:73:98:0a:b3:28:90:1d:30:f2: + 8c:e7:db:13:6a:0f:b4:cb:8d:06:15:86:ce:35:12: + e3:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 13:92:E0:30:5E:36:4F:BF:D5:E3:0D:5D:40:0B:64:95:EC:8E:77:4E + X509v3 Authority Key Identifier: + keyid:9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 10:a0:e0:ea:4b:df:4c:5b:92:da:6b:13:5a:4b:e9:46:1a:17: + 48:42:5e:08:c8:28:e4:ce:69:46:25:55:70:57:bd:4e:b2:0b: + a4:75:22:b6:5b:d7:e0:54:3f:31:14:99:09:c1:3b:6f:b7:59: + 5a:52:67:46:0c:4f:ec:fa:31:4a:6e:59:04:50:99:60:1e:74: + ed:3a:ac:4d:cd:98:31:4d:b1:54:07:3e:76:bb:92:e2:1d:53: + 65:08:38:e3:4d:b0:d8:74:14:5f:00:94:e7:d2:c9:9d:80:23: + f5:9e:3d:8c:22:72:b3:20:5a:01:a3:02:f2:9c:cc:b8:1d:73: + db:eb:cc:cb:27:4f:75:17:1d:23:68:07:4f:15:be:00:cc:a9: + 2a:14:82:2c:0e:e3:92:40:dc:62:ac:d9:61:24:99:19:43:d5: + 3e:85:ca:e5:6d:e1:76:9a:4e:01:ef:34:98:7a:1b:ca:8b:c3: + de:99:22:75:28:11:0c:17:7a:58:7b:44:33:22:58:61:24:8c: + 96:a5:a7:63:19:31:6d:61:83:1c:5f:50:66:48:29:b4:2d:8e: + 5e:f3:63:85:e8:9c:d8:6e:93:4a:4d:ff:b1:d5:60:96:d0:9f: + 4e:3f:6f:c9:b4:e1:04:b8:ef:55:c2:77:c1:e1:50:d0:a7:b8: + 9d:a3:81:71 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+1GgrGmLNQa/eu60 +oYp+rjF1redFe+bZu3zpcw7ezwV03zekNzOmb1kGyJ8ZNcOU9wW6Uus+kilhSIj6 +bUK0MN7O35TtkohgyFU2UO42te01b5UB9IhLez7+tZxkwHK+jHRqjPXkZWaHUp17 +sCD22MPedrlwfAGCbvz6G+fEwV84zlDcOiKHvBmaRdWKepP5eFnHCvmP68N567Xu +NvBeXS+PRuhjwjGC/PtdjMoBsbtyK+cvgjymJKY/WH5pW0oAtCWzs8OzsMI/o9fu +BBIdqwu7ArBsCzZkVqldN+UKKEReFeT1q3OYCrMokB0w8ozn2xNqD7TLjQYVhs41 +EuOpAgMBAAGjggEAMIH9MB0GA1UdDgQWBBQTkuAwXjZPv9XjDV1AC2SV7I53TjCB +0AYDVR0jBIHIMIHFgBScezoQswiZBQCvPuCkXdmvgrxNwKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +EKDg6kvfTFuS2msTWkvpRhoXSEJeCMgo5M5pRiVVcFe9TrILpHUitlvX4FQ/MRSZ +CcE7b7dZWlJnRgxP7PoxSm5ZBFCZYB507TqsTc2YMU2xVAc+druS4h1TZQg4402w +2HQUXwCU59LJnYAj9Z49jCJysyBaAaMC8pzMuB1z2+vMyydPdRcdI2gHTxW+AMyp +KhSCLA7jkkDcYqzZYSSZGUPVPoXK5W3hdppOAe80mHobyovD3pkidSgRDBd6WHtE +MyJYYSSMlqWnYxkxbWGDHF9QZkgptC2OXvNjheic2G6TSk3/sdVgltCfTj9vybTh +BLjvVcJ3weFQ0Ke4naOBcQ== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: + 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: + e8:73:a3:57:b4:49:3a:37:82:8f:15:38:5a:aa:af: + ad:72:26:2e:84:c2:0d:de:fc:f0:be:3b:a2:11:a9: + 12:20:d4:3d:de:62:85:85:91:08:60:db:c0:4a:bb: + 89:b6:f4:91:1e:51:a3:b2:f7:08:99:df:48:4a:59: + 84:d1:aa:09:36:0d:cd:68:a5:ae:41:c8:d7:1a:d8: + ea:49:87:20:22:27:f9:45:54:3e:c7:c8:00:44:7e: + 34:72:aa:8d:2d:4d:6a:3e:75:89:e2:d4:17:57:f9: + cd:2b:d0:b7:14:6a:54:1b:61:af:9b:68:22:b1:16: + 73:eb:05:6c:41:ea:ed:10:4e:bc:83:04:68:c8:3a: + e1:03:12:ad:28:5c:24:4c:19:a1:7e:d8:ef:1b:80: + e4:0e:49:0c:69:86:f6:1e:e7:01:fb:2a:6f:56:1b: + 6d:0a:ad:e9:29:3f:31:bb:48:28:40:79:2b:b5:f3: + aa:ec:e9:09:4c:82:fc:97:28:19:a3:3a:c0:d2:5e: + a3:8a:98:c8:8a:b7:d2:c4:90:bc:ff:cc:47:13:90: + ad:00:ab:8a:ec:f7:94:35:09:60:10:35:9f:32:c5: + 00:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + X509v3 Authority Key Identifier: + keyid:A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 1c:0b:c0:44:10:dc:db:df:b9:3e:a0:95:09:d7:13:63:81:f7: + 32:57:19:84:72:2d:8e:60:66:0e:78:f3:35:7d:71:f8:95:88: + bc:90:52:e1:e2:4e:fe:4a:f7:bd:66:fe:b7:73:84:7f:96:ee: + ba:93:97:31:01:af:74:4f:60:40:74:d2:b5:a1:2f:e0:79:1a: + e2:67:08:ee:d4:60:43:1d:bc:79:9d:61:ae:fe:5e:9b:c8:b3: + 69:4e:d0:2b:2b:61:7a:51:1a:c9:bf:8c:b5:ff:ee:ee:42:eb: + ad:e4:90:53:1c:ed:a6:6f:27:51:1f:bf:b1:e3:0e:28:70:46: + 36:91:2e:72:82:b8:05:ee:42:c0:bd:17:0a:38:96:da:13:a4: + d5:a3:9d:bd:82:c3:aa:9f:ff:a8:cd:28:38:ae:18:44:a6:e3: + 60:eb:e0:4c:bd:1f:9e:99:e9:47:38:86:08:29:61:64:d6:6a: + 55:a0:eb:5a:62:24:d5:48:36:5b:51:5c:7f:5f:94:21:ea:d4: + 5e:7d:ee:ec:e7:3f:5b:35:59:8f:84:b9:00:53:80:3e:6a:a0: + db:de:a9:36:9e:f2:1e:48:77:cb:df:94:af:4c:a8:cc:93:c4: + 03:74:ca:ec:d8:86:a3:b9:49:76:b7:af:44:b3:b4:51:ca:a8: + 8b:78:73:f5 +-----BEGIN CERTIFICATE----- +MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnb0TC +Ecws9CqlqAhTSw7NliO7FUoq3fmnGSuRKOhzo1e0STo3go8VOFqqr61yJi6Ewg3e +/PC+O6IRqRIg1D3eYoWFkQhg28BKu4m29JEeUaOy9wiZ30hKWYTRqgk2Dc1opa5B +yNca2OpJhyAiJ/lFVD7HyABEfjRyqo0tTWo+dYni1BdX+c0r0LcUalQbYa+baCKx +FnPrBWxB6u0QTryDBGjIOuEDEq0oXCRMGaF+2O8bgOQOSQxphvYe5wH7Km9WG20K +rekpPzG7SChAeSu186rs6QlMgvyXKBmjOsDSXqOKmMiKt9LEkLz/zEcTkK0Aq4rs +95Q1CWAQNZ8yxQAbAgMBAAGjggERMIIBDTAdBgNVHQ4EFgQUnHs6ELMImQUArz7g +pF3Zr4K8TcAwgdAGA1UdIwSByDCBxYAUo/VximCAPJNkF9kutcDOqcEUF8Shgamk +gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAcC8BEENzb37k+oJUJ1xNjgfcyVxmE +ci2OYGYOePM1fXH4lYi8kFLh4k7+Sve9Zv63c4R/lu66k5cxAa90T2BAdNK1oS/g +eRriZwju1GBDHbx5nWGu/l6byLNpTtArK2F6URrJv4y1/+7uQuut5JBTHO2mbydR +H7+x4w4ocEY2kS5ygrgF7kLAvRcKOJbaE6TVo529gsOqn/+ozSg4rhhEpuNg6+BM +vR+emelHOIYIKWFk1mpVoOtaYiTVSDZbUVx/X5Qh6tRefe7s5z9bNVmPhLkAU4A+ +aqDb3qk2nvIeSHfL35SvTKjMk8QDdMrs2IajuUl2t69Es7RRyqiLeHP1 +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: + 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: + 19:96:38:7b:c6:88:d7:7d:85:93:00:35:40:0b:c0: + a9:ff:66:0f:9e:a1:1d:88:6e:a9:8a:f1:ad:47:b4: + 71:c9:15:50:c6:0f:35:9e:95:4a:66:d3:bd:1b:38: + 7b:dc:67:85:97:1b:b3:63:c9:72:d6:43:5a:f1:5e: + 35:f6:05:96:c7:40:bc:23:ab:94:34:82:59:02:b2: + 33:d0:e6:7f:19:57:65:68:3c:04:61:50:ef:22:95: + 4f:ef:18:bf:15:b1:4d:8e:cd:a7:a0:98:22:f5:1c: + 05:01:6b:4b:35:bf:88:c3:47:c3:24:29:b4:45:cb: + 95:a1:ac:16:1d:dd:b8:68:ac:51:39:24:27:6a:be: + 31:f1:ec:06:10:55:be:44:02:4f:e8:12:7b:d6:fe: + 32:c9:48:37:6b:20:68:cb:53:f5:49:3a:ae:4a:c7: + 43:c1:af:e6:53:11:d9:f8:71:1a:a2:d6:37:c7:2b: + 45:50:49:51:4f:55:6c:3f:1e:69:7b:58:12:3a:7e: + 59:a0:57:9d:28:9c:8a:6d:82:e7:13:15:3b:04:8f: + e2:82:0f:2f:cf:d9:25:d9:65:a3:3c:03:c0:cd:b6: + 51:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + X509v3 Authority Key Identifier: + keyid:CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5b:56:cd:5e:fc:3a:fb:2b:be:7c:63:ad:a7:7b:e4:9a:00:78: + cb:d8:e6:00:41:3d:3d:e3:f6:43:78:75:d7:c9:07:61:0c:2b: + 43:46:8f:12:a3:5a:f0:3d:22:f4:72:ea:27:1a:70:57:48:c5: + ec:7d:00:dd:5d:83:a6:71:f7:90:ec:69:bd:2e:86:97:06:dc: + 9c:be:4e:a8:4c:9f:db:93:5e:fd:d8:ba:ae:89:55:65:16:cf: + ab:a5:a4:4e:ae:21:ce:5e:e0:91:e1:77:de:e3:b4:3d:ba:d2: + 12:f3:54:c0:50:94:16:e5:b2:62:71:58:03:2c:d1:f4:1f:ce: + 9d:a5:ce:2a:57:9f:f7:19:41:b0:4d:e8:27:5d:f2:e6:c8:44: + 1b:c3:57:51:76:d4:15:1a:05:31:61:c3:02:db:56:81:1e:24: + f2:23:04:a9:5a:31:ee:08:1d:08:1f:49:d7:2c:ba:1e:00:5a: + e5:57:8b:fd:aa:a4:2f:6a:d7:93:19:09:92:30:7d:95:68:3b: + b7:ce:a3:f2:b9:e4:e4:e4:48:a4:22:6b:00:33:91:56:28:fc: + 50:f7:1d:f6:70:5b:83:a8:99:98:2d:7a:6c:aa:9b:5a:a5:56: + 5b:89:95:a8:50:27:68:ce:63:5e:d3:84:cb:80:1b:ae:3e:a2: + 5c:13:9b:ff +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Kf2J +qoLgHQR4aexhWFFShH5rVWks9CPWH9jtqxmWOHvGiNd9hZMANUALwKn/Zg+eoR2I +bqmK8a1HtHHJFVDGDzWelUpm070bOHvcZ4WXG7NjyXLWQ1rxXjX2BZbHQLwjq5Q0 +glkCsjPQ5n8ZV2VoPARhUO8ilU/vGL8VsU2OzaegmCL1HAUBa0s1v4jDR8MkKbRF +y5WhrBYd3bhorFE5JCdqvjHx7AYQVb5EAk/oEnvW/jLJSDdrIGjLU/VJOq5Kx0PB +r+ZTEdn4cRqi1jfHK0VQSVFPVWw/Hml7WBI6flmgV50onIptgucTFTsEj+KCDy/P +2SXZZaM8A8DNtlHVAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUo/VximCAPJNkF9ku +tcDOqcEUF8Qwgc4GA1UdIwSBxjCBw4AUzZdJePcxYe0vcRpo6UUsQHhRk1uhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAW1bNXvw6+yu+fGOtp3vkmgB4y9jmAEE9 +PeP2Q3h118kHYQwrQ0aPEqNa8D0i9HLqJxpwV0jF7H0A3V2DpnH3kOxpvS6Glwbc +nL5OqEyf25Ne/di6rolVZRbPq6WkTq4hzl7gkeF33uO0PbrSEvNUwFCUFuWyYnFY +AyzR9B/OnaXOKlef9xlBsE3oJ13y5shEG8NXUXbUFRoFMWHDAttWgR4k8iMEqVox +7ggdCB9J1yy6HgBa5VeL/aqkL2rXkxkJkjB9lWg7t86j8rnk5ORIpCJrADORVij8 +UPcd9nBbg6iZmC16bKqbWqVWW4mVqFAnaM5jXtOEy4Abrj6iXBOb/w== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: + 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: + 39:e1:e7:4e:48:29:48:25:e1:b5:f5:25:df:64:7b: + ea:ed:aa:1f:8b:0d:e7:eb:f5:2f:ae:2a:5a:3d:50: + c7:fb:ef:0b:8b:44:0b:63:94:be:c6:d7:63:45:2e: + 85:96:00:5c:be:7e:10:09:b3:d0:aa:7c:de:20:f8: + 75:39:23:85:ee:84:13:88:54:2a:96:f5:16:27:9f: + 8b:b0:a6:2a:f4:9d:13:8c:71:1c:0c:a6:59:53:ec: + f9:0b:2b:c9:45:13:d6:12:ef:39:d1:8e:9c:9e:ae: + 3c:bb:b6:d8:10:ac:b7:59:49:5b:73:00:be:af:92: + 21:14:54:a3:fa:b6:17:ae:b6:dc:b1:f1:61:f0:75: + 07:43:5e:48:fa:e7:80:56:cf:df:ad:46:52:85:42: + fb:a7:70:53:14:c6:b7:51:fa:23:f0:f5:4b:d1:bb: + 3f:9b:fc:35:ca:d2:85:f1:a0:77:02:06:7c:79:99: + 13:b5:68:b4:16:47:42:88:f7:bc:eb:78:b2:e8:11: + 2f:62:f6:da:f9:ef:1b:e0:9f:b5:d5:32:65:b5:4e: + e4:be:36:6b:65:65:1a:96:a2:47:b5:3e:9f:b0:0d: + 63:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + X509v3 Authority Key Identifier: + keyid:FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 38:56:e6:30:a8:f8:db:32:4c:53:e0:8f:c5:08:98:3f:ce:bf: + b1:04:b0:52:24:63:6a:14:86:41:08:13:78:aa:98:7e:07:9b: + 1d:22:9e:61:b6:69:fb:f9:24:a3:8e:4b:f2:1f:39:6a:0b:a1: + ff:1f:9b:65:7c:7f:85:8c:d8:ce:3d:83:93:4c:00:4e:7f:d0: + 44:53:b1:a8:7d:bf:43:f1:d7:f2:2c:86:20:b8:cf:11:39:bb: + 7e:21:28:ca:20:4b:0a:46:97:d3:c6:82:2c:4e:25:8a:e4:92: + 84:da:c2:9b:15:3a:5c:8b:fc:a1:b7:76:f9:e8:80:79:1f:fc: + 4f:d4:18:f1:17:fa:19:87:4d:3c:81:e1:82:ce:e2:5c:d2:c0: + cd:e8:44:5a:dd:f1:41:5f:a2:df:27:a9:d4:4e:f7:2c:7a:8c: + 5f:dd:f2:3e:e3:c5:1f:7b:5f:0e:6f:9c:9a:c8:eb:63:0f:98: + eb:7e:e6:89:56:d9:c7:f4:6d:20:d9:0f:a5:81:82:90:90:95: + 53:62:80:9d:e3:93:44:4c:33:00:1e:b9:c8:b2:13:53:d2:a3: + 18:96:86:40:92:74:bf:a9:8e:77:ff:a8:3b:7f:c6:92:c8:b4: + 4e:6c:17:7f:36:9d:f6:64:11:f9:26:5e:55:09:36:fe:8c:84: + 81:08:0e:a3 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kr2BZVw +WlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClIJeG19SXfZHvq7aofiw3n6/Uv +ripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQqnzeIPh1OSOF7oQTiFQqlvUW +J5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6cnq48u7bYEKy3WUlbcwC+r5Ih +FFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7p3BTFMa3Ufoj8PVL0bs/m/w1 +ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba+e8b4J+11TJltU7kvjZrZWUa +lqJHtT6fsA1jQQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUzZdJePcxYe0vcRpo6UUs +QHhRk1swgcEGA1UdIwSBuTCBtoAU/BgTUrszStscW9GAmD5AhpVYcvmhgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQA4VuYwqPjbMkxT4I/FCJg/zr+xBLBSJGNqFIZBCBN4qph+B5sdIp5h +tmn7+SSjjkvyHzlqC6H/H5tlfH+FjNjOPYOTTABOf9BEU7Gofb9D8dfyLIYguM8R +Obt+ISjKIEsKRpfTxoIsTiWK5JKE2sKbFTpci/yht3b56IB5H/xP1BjxF/oZh008 +geGCzuJc0sDN6ERa3fFBX6LfJ6nUTvcseoxf3fI+48Ufe18Ob5yayOtjD5jrfuaJ +VtnH9G0g2Q+lgYKQkJVTYoCd45NETDMAHrnIshNT0qMYloZAknS/qY53/6g7f8aS +yLRObBd/Np32ZBH5Jl5VCTb+jISBCA6j +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: + bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: + 12:1d:40:6b:10:db:c2:d3:e4:dd:80:77:74:7b:88: + 44:65:e0:cf:52:c5:8a:42:e5:6e:b7:6a:ab:50:a0: + 2e:29:c2:fe:ba:d5:c7:da:6b:91:26:8f:fc:1e:06: + 17:f0:de:58:87:ef:1e:a6:91:12:39:68:a5:05:f3: + 8c:67:c9:e5:99:18:a4:fc:90:3f:bd:a6:ca:f2:a6: + dd:b5:e6:93:cb:14:89:83:3c:88:5a:31:ab:e3:66: + 2a:1b:87:c5:85:03:45:b0:ce:e1:0f:c1:0f:92:70: + d7:ac:65:ea:a8:09:c1:fe:1d:db:b7:e7:dd:98:d3: + c6:b1:16:b4:54:58:c1:aa:ba:a1:cf:19:14:a7:e4: + 55:a6:da:bb:1f:9e:d1:85:00:e0:8d:4a:c4:d2:86: + 08:75:fd:d8:1e:85:21:6c:27:8f:18:d5:44:73:58: + ab:94:75:4a:36:3d:8d:4d:c6:7a:86:9d:00:db:c5: + ba:be:70:02:83:bf:6e:d8:31:89:b3:f2:16:98:be: + 27:f6:14:5a:e9:d4:72:67:8d:a9:df:76:27:bf:19: + ac:20:59:28:5b:1b:42:d9:d5:5b:6d:fb:6e:a2:5e: + d3:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 0d:bc:87:df:e4:68:a5:56:54:d2:89:42:d8:b4:1b:45:6f:88: + b2:39:d1:ad:38:f4:0b:68:5e:e1:3e:88:60:4f:69:be:a8:ee: + 1d:14:08:69:86:ee:6a:08:42:35:6e:44:4f:5f:be:13:00:81: + ca:41:a7:70:d3:48:9f:60:03:14:a4:4b:7f:35:7e:6d:94:0b: + cf:63:00:fe:8e:54:2c:4c:ac:fb:ef:4c:68:91:9a:0f:45:3e: + 07:12:f2:74:e6:83:36:8e:61:49:f9:03:17:e2:16:72:eb:6b: + c3:c1:7b:95:37:31:1f:10:b9:fc:7b:e4:54:d4:4f:81:a0:f8: + 0e:be:99:43:50:dd:19:7e:f9:41:8b:0d:2e:b2:e5:2c:ec:9b: + 20:42:f4:3a:da:03:99:bc:c1:c2:6c:69:4e:8e:6e:ad:22:57: + dc:2c:1a:e3:4f:15:c4:b3:b4:5d:2d:be:d8:62:0a:a4:c9:62: + fb:9a:53:26:ee:8f:8e:43:a6:e2:77:9b:1f:1f:4f:86:b5:65: + 22:3c:0d:f7:75:ab:24:2d:5b:6f:96:3f:26:22:b0:de:b2:4e: + 37:fd:f9:9a:22:81:15:91:c5:b0:54:f2:ee:f0:e9:7f:23:ab: + 43:1c:43:e1:e4:bf:61:20:13:f3:4f:b6:71:77:a3:23:89:fb: + 02:c2:24:5e +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrua/+27IghI4QDtoi7PloblQMv +JFMtVz8ROF0SHUBrENvC0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muR +Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr +42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV +ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC +g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQANvIff5GilVlTSiULYtBtFb4iyOdGtOPQLaF7hPohgT2m+qO4dFAhphu5q +CEI1bkRPX74TAIHKQadw00ifYAMUpEt/NX5tlAvPYwD+jlQsTKz770xokZoPRT4H +EvJ05oM2jmFJ+QMX4hZy62vDwXuVNzEfELn8e+RU1E+BoPgOvplDUN0ZfvlBiw0u +suUs7JsgQvQ62gOZvMHCbGlOjm6tIlfcLBrjTxXEs7RdLb7YYgqkyWL7mlMm7o+O +Q6bid5sfH0+GtWUiPA33daskLVtvlj8mIrDesk43/fmaIoEVkcWwVPLu8Ol/I6tD +HEPh5L9hIBPzT7Zxd6MjifsCwiRe +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-entity-key.pem b/certs/test-pathlen/chainJ-entity-key.pem new file mode 100644 index 000000000..f935b9046 --- /dev/null +++ b/certs/test-pathlen/chainJ-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAs/tRoKxpizUGv3rutKGKfq4xda3nRXvm2bt86XMO3s8FdN83 +pDczpm9ZBsifGTXDlPcFulLrPpIpYUiI+m1CtDDezt+U7ZKIYMhVNlDuNrXtNW+V +AfSIS3s+/rWcZMByvox0aoz15GVmh1Kde7Ag9tjD3na5cHwBgm78+hvnxMFfOM5Q +3Doih7wZmkXVinqT+XhZxwr5j+vDeeu17jbwXl0vj0boY8Ixgvz7XYzKAbG7civn +L4I8piSmP1h+aVtKALQls7PDs7DCP6PX7gQSHasLuwKwbAs2ZFapXTflCihEXhXk +9atzmAqzKJAdMPKM59sTag+0y40GFYbONRLjqQIDAQABAoIBABmsC2SjsxpMIf5G +Bq51LFANgLiMaaSbm74K5DJYWxKk7N5SyJj/1royv7wb+bWa2Z7x7Ts6gJuYNZbO +xdsSoqUZI27WrWOFtzY23RC2UoQzRvaMR/DTdG1v0vh55yjn2nYbiq94E8rUO9+p +hRUTdmA/YxDkVmcZCQ4VzrfOKy0BOr6SnC3U0QghQ+UGPFeFRvd8vnBk76U8+XMV +xUybnbU17hoEB2p9nle6h0G0GtXI9dnJ0BD2RJMIhvs1cfrOkW/s8dkAXsokH4UU +XRIyRESkb+lVMWv8n8qcHZ3rjH+mxjkTxKdlnNy9qTfPoGJiaDb3LMfyd2xWReAq +VdirDVECgYEA5B0Cy5WrjuQ8aWPOoQbV24mDZGqhAb66oJ9yMkbzQ5DHZdZrt7s9 +k/dBMWOD4tc7w5WPwjYSxY7QOBSq1TETYIafOK1NqR9lnLJnOKiMYp49O9nAfK/y +6AgXQo9fqIIYhmmqEQYl9MSgQjEa5d9CdDg4mh6YzhaVoXn06UF+H4cCgYEAyfv9 +nZT2PBasmZWZdFRG4l78WsQO0+/00HnhPXs0Dn31N9A9aQDj5O4wJoiRDJPYkO0o +9wANtibayIvUoB72L9gc+8KIEU8Xuda+JtB+oPVi88Limxw3iBwrBUF9QA8Jjmrk +KtNOm5IrSpYpTEvOQkZFlskhQajey4Kys69Pz08CgYEAouqtUmVEr7sGAmcL7imJ +l0+xDYiyESL8+zalQo81si22m172c7RAmGrgnrtqOBpsTpWEpLol0f7baxInqDdy +lV/QW5Q6gO0xjyZDXk3SZaSKKzKrrOGk5F7S7fCj6x9vEKBqm9n+RcAgjOWxRjeb +qJF2q2vqylWK7FbDucvSngUCgYAOFa5XwL1y7znV8+KhhAb1Xh5GzgkiqkbuCrG0 +MdUtdYcV/0Vo/xDlM97TsQ48TEr7wC3tG2nZW9hBx85p4/7S00UiISyP2G4VHW5h +EoTiAHqH+P0IR+1vZldxpGFxiBrofXevrNB8dLLkHph+o4KciH3tx9Sz2Wy/0DtZ +4E22bQKBgCOb2dGVVS7fmM81Mg1Al9k9USVxp4wnS1iIHK1c/rBB61TPEyblhiqF +aveFoCse8SparMJ9utkqSqA7zQ3qwoPJZJ9p4T2pI0xp8yu15yBLeYgO0R7kriEC +XIapznOZvvC0/vSUT3kTOX27HlIcPqNOPnpYjsfdZ10okplrXnKB +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-entity.pem b/certs/test-pathlen/chainJ-entity.pem new file mode 100644 index 000000000..35c5f6367 --- /dev/null +++ b/certs/test-pathlen/chainJ-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: + 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: + 0e:de:cf:05:74:df:37:a4:37:33:a6:6f:59:06:c8: + 9f:19:35:c3:94:f7:05:ba:52:eb:3e:92:29:61:48: + 88:fa:6d:42:b4:30:de:ce:df:94:ed:92:88:60:c8: + 55:36:50:ee:36:b5:ed:35:6f:95:01:f4:88:4b:7b: + 3e:fe:b5:9c:64:c0:72:be:8c:74:6a:8c:f5:e4:65: + 66:87:52:9d:7b:b0:20:f6:d8:c3:de:76:b9:70:7c: + 01:82:6e:fc:fa:1b:e7:c4:c1:5f:38:ce:50:dc:3a: + 22:87:bc:19:9a:45:d5:8a:7a:93:f9:78:59:c7:0a: + f9:8f:eb:c3:79:eb:b5:ee:36:f0:5e:5d:2f:8f:46: + e8:63:c2:31:82:fc:fb:5d:8c:ca:01:b1:bb:72:2b: + e7:2f:82:3c:a6:24:a6:3f:58:7e:69:5b:4a:00:b4: + 25:b3:b3:c3:b3:b0:c2:3f:a3:d7:ee:04:12:1d:ab: + 0b:bb:02:b0:6c:0b:36:64:56:a9:5d:37:e5:0a:28: + 44:5e:15:e4:f5:ab:73:98:0a:b3:28:90:1d:30:f2: + 8c:e7:db:13:6a:0f:b4:cb:8d:06:15:86:ce:35:12: + e3:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 13:92:E0:30:5E:36:4F:BF:D5:E3:0D:5D:40:0B:64:95:EC:8E:77:4E + X509v3 Authority Key Identifier: + keyid:9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 10:a0:e0:ea:4b:df:4c:5b:92:da:6b:13:5a:4b:e9:46:1a:17: + 48:42:5e:08:c8:28:e4:ce:69:46:25:55:70:57:bd:4e:b2:0b: + a4:75:22:b6:5b:d7:e0:54:3f:31:14:99:09:c1:3b:6f:b7:59: + 5a:52:67:46:0c:4f:ec:fa:31:4a:6e:59:04:50:99:60:1e:74: + ed:3a:ac:4d:cd:98:31:4d:b1:54:07:3e:76:bb:92:e2:1d:53: + 65:08:38:e3:4d:b0:d8:74:14:5f:00:94:e7:d2:c9:9d:80:23: + f5:9e:3d:8c:22:72:b3:20:5a:01:a3:02:f2:9c:cc:b8:1d:73: + db:eb:cc:cb:27:4f:75:17:1d:23:68:07:4f:15:be:00:cc:a9: + 2a:14:82:2c:0e:e3:92:40:dc:62:ac:d9:61:24:99:19:43:d5: + 3e:85:ca:e5:6d:e1:76:9a:4e:01:ef:34:98:7a:1b:ca:8b:c3: + de:99:22:75:28:11:0c:17:7a:58:7b:44:33:22:58:61:24:8c: + 96:a5:a7:63:19:31:6d:61:83:1c:5f:50:66:48:29:b4:2d:8e: + 5e:f3:63:85:e8:9c:d8:6e:93:4a:4d:ff:b1:d5:60:96:d0:9f: + 4e:3f:6f:c9:b4:e1:04:b8:ef:55:c2:77:c1:e1:50:d0:a7:b8: + 9d:a3:81:71 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+1GgrGmLNQa/eu60 +oYp+rjF1redFe+bZu3zpcw7ezwV03zekNzOmb1kGyJ8ZNcOU9wW6Uus+kilhSIj6 +bUK0MN7O35TtkohgyFU2UO42te01b5UB9IhLez7+tZxkwHK+jHRqjPXkZWaHUp17 +sCD22MPedrlwfAGCbvz6G+fEwV84zlDcOiKHvBmaRdWKepP5eFnHCvmP68N567Xu +NvBeXS+PRuhjwjGC/PtdjMoBsbtyK+cvgjymJKY/WH5pW0oAtCWzs8OzsMI/o9fu +BBIdqwu7ArBsCzZkVqldN+UKKEReFeT1q3OYCrMokB0w8ozn2xNqD7TLjQYVhs41 +EuOpAgMBAAGjggEAMIH9MB0GA1UdDgQWBBQTkuAwXjZPv9XjDV1AC2SV7I53TjCB +0AYDVR0jBIHIMIHFgBScezoQswiZBQCvPuCkXdmvgrxNwKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +EKDg6kvfTFuS2msTWkvpRhoXSEJeCMgo5M5pRiVVcFe9TrILpHUitlvX4FQ/MRSZ +CcE7b7dZWlJnRgxP7PoxSm5ZBFCZYB507TqsTc2YMU2xVAc+druS4h1TZQg4402w +2HQUXwCU59LJnYAj9Z49jCJysyBaAaMC8pzMuB1z2+vMyydPdRcdI2gHTxW+AMyp +KhSCLA7jkkDcYqzZYSSZGUPVPoXK5W3hdppOAe80mHobyovD3pkidSgRDBd6WHtE +MyJYYSSMlqWnYxkxbWGDHF9QZkgptC2OXvNjheic2G6TSk3/sdVgltCfTj9vybTh +BLjvVcJ3weFQ0Ke4naOBcQ== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/refreshkeys.sh b/certs/test-pathlen/refreshkeys.sh index 4be87ee88..b70b7ecca 100755 --- a/certs/test-pathlen/refreshkeys.sh +++ b/certs/test-pathlen/refreshkeys.sh @@ -12,6 +12,10 @@ keyList=( chainG-ICA1-key.pem chainG-entity-key.pem chainH-ICA4-key.pem chainH-ICA3-key.pem chainH-ICA2-key.pem chainH-ICA1-key.pem chainH-entity-key.pem + chainI-ICA3-key.pem chainI-ICA2-key.pem chainI-ICA1-key.pem + chainI-entity-key.pem + chainJ-ICA4-key.pem chainJ-ICA3-key.pem chainJ-ICA2-key.pem + chainJ-ICA1-key.pem chainJ-entity-key.pem ) for TARGET_KEY in "${keyList[@]}" diff --git a/tests/api.c b/tests/api.c index 01560b717..1808b3c21 100644 --- a/tests/api.c +++ b/tests/api.c @@ -27951,11 +27951,13 @@ static void test_SetTmpEC_DHE_Sz(void) #endif } +#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ + !defined(NO_CERTS) static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; - if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != SSL_SUCCESS) { + if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != WOLFSSL_SUCCESS) { printf("loading cert %s failed\n", certA); printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; @@ -27968,7 +27970,7 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; if ((ret = wolfSSL_CertManagerVerify(cm, certA, WOLFSSL_FILETYPE_PEM)) - != SSL_SUCCESS) { + != WOLFSSL_SUCCESS) { printf("could not verify the cert: %s\n", certA); printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; @@ -27996,38 +27998,6 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) b--; \ } while(0) -static int test_chainH(WOLFSSL_CERT_MANAGER* cm) -{ - int ret; - int i = -1; - /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: - * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) - * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) - * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) - * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) - * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 - */ - char chainHArr[6][50] = {"certs/ca-cert.pem", - "certs/test-pathlen/chainH-ICA4-pathlen2.pem", - "certs/test-pathlen/chainH-ICA3-pathlen2.pem", - "certs/test-pathlen/chainH-ICA2-pathlen2.pem", - "certs/test-pathlen/chainH-ICA1-pathlen0.pem", - "certs/test-pathlen/chainH-entity.pem"}; - - LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ - - return ret; -} - static int test_chainG(WOLFSSL_CERT_MANAGER* cm) { int ret; @@ -28067,11 +28037,103 @@ static int test_chainG(WOLFSSL_CERT_MANAGER* cm) return ret; } +static int test_chainH(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) + * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) + * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) + * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainHArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainH-ICA4-pathlen2.pem", + "certs/test-pathlen/chainH-ICA3-pathlen2.pem", + "certs/test-pathlen/chainH-ICA2-pathlen2.pem", + "certs/test-pathlen/chainH-ICA1-pathlen0.pem", + "certs/test-pathlen/chainH-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ + + return ret; +} + +static int test_chainI(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain I is a valid chain per RFC5280 section 4.2.1.9: + * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 2) + * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 1) + * ICA1-no_pathlen signing entity (reduce maxPathLen to 0) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainIArr[5][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainI-ICA3-pathlen2.pem", + "certs/test-pathlen/chainI-ICA2-no_pathlen.pem", + "certs/test-pathlen/chainI-ICA1-no_pathlen.pem", + "certs/test-pathlen/chainI-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainIArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[3]); /* if failure, i = -4 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[1]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[2]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[3]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[4]); /* if failure, i = -8 here */ + + return ret; +} + +static int test_chainJ(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain J is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3 without a pathlen (reduce maxPathLen to 2) + * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 1) + * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 0) + * ICA1-no_pathlen signing entity (ERROR, pathlen zero and non-leaf cert) + */ + char chainJArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainJ-ICA4-pathlen2.pem", + "certs/test-pathlen/chainJ-ICA3-no_pathlen.pem", + "certs/test-pathlen/chainJ-ICA2-no_pathlen.pem", + "certs/test-pathlen/chainJ-ICA1-no_pathlen.pem", + "certs/test-pathlen/chainJ-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainJArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[5]); /* if failure, i = -10 here */ + + return ret; +} + static int test_various_pathlen_chains(void) { int ret; WOLFSSL_CERT_MANAGER* cm; + /* Test chain G (large chain with varying pathLens) */ wolfSSL_Init(); if ((cm = wolfSSL_CertManagerNew()) == NULL) { @@ -28083,11 +28145,13 @@ static int test_various_pathlen_chains(void) wolfSSL_CertManagerUnloadCAs(cm); wolfSSL_CertManagerFree(cm); + /* end test chain G */ + + /* Test chain H (5 chain with same pathLens) */ if ((cm = wolfSSL_CertManagerNew()) == NULL) { printf("cert manager new failed\n"); return -1; } -printf("KH: -----------------------------------------------\n"); AssertIntLT(test_chainH(cm), 0); wolfSSL_CertManagerUnloadCAs(cm); @@ -28096,15 +28160,50 @@ printf("KH: -----------------------------------------------\n"); printf("cert manager new failed\n"); return -1; } -printf("KH: -----------------------------------------------\n"); -// test_chainG_and_chainH(cm); + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + /* end test chain H */ + + /* Test chain I (only first ICA has pathLen set and it's set to 2, + * followed by 2 ICA's, should pass) */ + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + AssertIntEQ(test_chainI(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + + /* Test chain J (Again only first ICA has pathLen set and it's set to 2, + * this time followed by 3 ICA's, should fail */ + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + AssertIntLT(test_chainJ(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } ret = wolfSSL_CertManagerUnloadCAs(cm); wolfSSL_CertManagerFree(cm); return ret; - } +#endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */ /*----------------------------------------------------------------------------* | Main @@ -28591,7 +28690,10 @@ void ApiTest(void) AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS); +#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ + !defined(NO_CERTS) AssertIntEQ(test_various_pathlen_chains(), WOLFSSL_SUCCESS); +#endif /* If at some point a stub get implemented this test should fail indicating * a need to implement a new test case diff --git a/tests/suites.c b/tests/suites.c index c51e37728..1bffb53a2 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -171,6 +171,10 @@ static int IsValidCert(const char* line) size_t i; const char* begin; char cert[80]; +#ifdef WOLFSSL_STATIC_MEMORY + FILE* fStream = NULL; + long chkSz = 0; +#endif begin = XSTRSTR(line, "-c "); if (begin == NULL) @@ -180,6 +184,24 @@ static int IsValidCert(const char* line) for (i = 0; i < sizeof(cert) - 1 && *begin != ' ' && *begin != '\0'; i++) cert[i] = *(begin++); cert[i] = '\0'; +#ifdef WOLFSSL_STATIC_MEMORY + fStream = XFOPEN(cert, "rb"); + if (fStream == NULL) { + printf("Failed to open file %s\n", cert); + printf("Invalid cert, skipping test\n"); + return 0; + } else { + printf("Successfully opened file\n"); + } + + XFSEEK(fStream, 0L, SEEK_END); + chkSz = XFTELL(fStream); + XFCLOSE(fStream); + if (chkSz > LARGEST_MEM_BUCKET) { + printf("File is larger than largest bucket, skipping this test\n"); + return 0; + } +#endif ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex(NULL)); if (ctx == NULL) diff --git a/tests/test-chains.conf b/tests/test-chains.conf index e37f823c5..879d9288d 100644 --- a/tests/test-chains.conf +++ b/tests/test-chains.conf @@ -60,7 +60,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -73,7 +72,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -86,7 +84,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -99,7 +96,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -113,7 +109,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -H exitWithRet -C @@ -128,7 +123,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -H exitWithRet -C @@ -142,7 +136,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -156,7 +149,32 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem +-H exitWithRet +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainI-entity-key.pem +-c ./certs/test-pathlen/chainI-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainJ-entity-key.pem +-c ./certs/test-pathlen/chainJ-assembled.pem +-H exitWithRet +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 -H exitWithRet -C diff --git a/tests/test.conf b/tests/test.conf index 7e3abdd5e..e41c9c645 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -1954,16 +1954,16 @@ -j # server TLSv1.2 verify callback override --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --c ./certs/test/server-ecc.pem --k ./certs/ecc-key.pem +#-v 3 +#-l ECDHE-ECDSA-AES128-GCM-SHA256 +#-c ./certs/test/server-ecc.pem #This cert no longer exists +#-k ./certs/ecc-key.pem # client TLSv1.2 verify callback override --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --A ./certs/ca-ecc-cert.pem --j +#-v 3 +#-l ECDHE-ECDSA-AES128-GCM-SHA256 +#-A ./certs/ca-ecc-cert.pem +#-j # server TLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305 -v 3 diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 54555f9d6..0c155fc12 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -8488,7 +8488,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) int badDate = 0; int criticalExt = 0; int checkPathLen = 0; - int reduceMaxPathByOne = 0; + int decrementMaxPathLen = 0; word32 confirmOID; #if defined(WOLFSSL_RENESAS_TSIP) int idx = 0; @@ -8551,12 +8551,9 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) } #endif /* !NO_SKID */ - if (!cert->ca && type == CA_TYPE && !cert->pathLengthSet) { - cert->pathLength = cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; - cert->pathLengthSet = 1; - } else if (cert->pathLengthSet) { - cert->maxPathLen = cert->pathLength; - + if (cert->selfSigned) { + cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; + } else { cert->ca = NULL; #ifndef NO_SKID if (cert->extAuthKeyIdSet) @@ -8606,7 +8603,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) * No - ERROR */ - if (cert->ca) { + if (cert->ca && cert->pathLengthSet) { + cert->maxPathLen = cert->pathLength; if (cert->isCA) { WOLFSSL_MSG("\tCA boolean set"); if (cert->extKeyUsageSet) { @@ -8614,7 +8612,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { checkPathLen = 1; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } else { checkPathLen = 1; @@ -8626,19 +8624,26 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) WOLFSSL_MSG("\tmaxPathLen status: set to pathLength"); cert->maxPathLen = cert->pathLength; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } - if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { WOLFSSL_MSG("\tmaxPathLen status: reduce by 1"); cert->maxPathLen = cert->ca->maxPathLen - 1; - } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + } else if (decrementMaxPathLen && cert->ca->maxPathLen <= 0) { /* Will be handled as ERROR in "verify check" below */ cert->maxPathLen = 0; } + } else if (cert->ca && cert->isCA) { + /* case where cert->pathLength extension is not set */ + if (cert->ca->maxPathLen > 0) { + cert->maxPathLen = cert->ca->maxPathLen - 1; + } else { + cert->maxPathLen = 0; + } } - } + } if (verify != NO_VERIFY && type != CA_TYPE && type != TRUSTED_PEER_TYPE) { @@ -8675,14 +8680,13 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) * verify check */ - if (cert->ca) { - + if (cert->ca && cert->pathLengthSet) { if (cert->isCA) { if (cert->extKeyUsageSet) { if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { checkPathLen = 1; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } else { checkPathLen = 1; @@ -8693,24 +8697,34 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if (cert->pathLength < cert->ca->maxPathLen) { WOLFSSL_MSG("\tmaxPathLen status: OK"); } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } - if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { WOLFSSL_MSG("\tmaxPathLen status: OK"); - } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + } else if (decrementMaxPathLen && cert->ca->maxPathLen <= 0) { WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); WOLFSSL_MSG("\tmaxPathLen status: ERROR"); return ASN_PATHLEN_INV_E; } - #ifdef HAVE_OCSP + } else if (cert->ca && cert->isCA) { + /* case where pathLength constraint is not set in cert */ + if (cert->ca->maxPathLen <= 0) { + WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); + WOLFSSL_MSG("\tmaxPathLen status: ERROR"); + return ASN_PATHLEN_INV_E; + } + } + #ifdef HAVE_OCSP + if (cert->ca) { /* Need the CA's public key hash for OCSP */ XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash, KEYID_SIZE); - #endif /* HAVE_OCSP */ + } + #endif /* HAVE_OCSP */ } } #if defined(WOLFSSL_RENESAS_TSIP) diff --git a/wolfssl/wolfcrypt/memory.h b/wolfssl/wolfcrypt/memory.h index 85c67ed65..cb806cfd3 100644 --- a/wolfssl/wolfcrypt/memory.h +++ b/wolfssl/wolfcrypt/memory.h @@ -102,16 +102,32 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*, #ifndef WOLFMEM_BUCKETS #ifndef SESSION_CERTS /* default size of chunks of memory to separate into */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,16128 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 16128 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #elif defined (OPENSSL_EXTRA) /* extra storage in structs for multiple attributes and order */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,25536 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 25536 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\ + LARGEST_MEM_BUCKET #elif defined (WOLFSSL_CERT_EXT) /* certificate extensions requires 24k for the SSL struct */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,24576 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 24576 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #else /* increase 23k for object member of WOLFSSL_X509_NAME_ENTRY */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,23440 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 23440 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #endif #endif #ifndef WOLFMEM_DIST