From 9c5fd165d0f4cdf70fe23a368e5728e2cc9f02d5 Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Thu, 10 Oct 2019 16:45:29 -0600 Subject: [PATCH 1/3] addressing non RFC compliance in handling of pathLen constraint --- certs/renewcerts/wolfssl.cnf | 42 ++ certs/test-pathlen/assemble-chains.sh | 333 +++----- certs/test-pathlen/chainA-ICA1-key.pem | 27 + certs/test-pathlen/chainA-ICA1-pathlen0.pem | 89 +++ certs/test-pathlen/chainA-assembled.pem | 175 +++++ certs/test-pathlen/chainA-entity-key.pem | 27 + certs/test-pathlen/chainA-entity.pem | 86 +++ certs/test-pathlen/chainB-ICA1-key.pem | 27 + certs/test-pathlen/chainB-ICA1-pathlen0.pem | 89 +++ certs/test-pathlen/chainB-ICA2-key.pem | 27 + certs/test-pathlen/chainB-ICA2-pathlen1.pem | 89 +++ certs/test-pathlen/chainB-assembled.pem | 265 +++++++ certs/test-pathlen/chainB-entity-key.pem | 27 + certs/test-pathlen/chainB-entity.pem | 87 +++ certs/test-pathlen/chainC-ICA1-key.pem | 27 + certs/test-pathlen/chainC-ICA1-pathlen1.pem | 89 +++ certs/test-pathlen/chainC-assembled.pem | 175 +++++ certs/test-pathlen/chainC-entity-key.pem | 27 + certs/test-pathlen/chainC-entity.pem | 86 +++ certs/test-pathlen/chainD-ICA1-key.pem | 27 + certs/test-pathlen/chainD-ICA1-pathlen127.pem | 89 +++ certs/test-pathlen/chainD-assembled.pem | 175 +++++ certs/test-pathlen/chainD-entity-key.pem | 27 + certs/test-pathlen/chainD-entity.pem | 86 +++ certs/test-pathlen/chainE-ICA1-key.pem | 27 + certs/test-pathlen/chainE-ICA1-pathlen128.pem | 89 +++ certs/test-pathlen/chainE-assembled.pem | 175 +++++ certs/test-pathlen/chainE-entity-key.pem | 27 + certs/test-pathlen/chainE-entity.pem | 86 +++ certs/test-pathlen/chainF-ICA1-key.pem | 27 + certs/test-pathlen/chainF-ICA1-pathlen1.pem | 89 +++ certs/test-pathlen/chainF-ICA2-key.pem | 27 + certs/test-pathlen/chainF-ICA2-pathlen0.pem | 89 +++ certs/test-pathlen/chainF-assembled.pem | 265 +++++++ certs/test-pathlen/chainF-entity-key.pem | 27 + certs/test-pathlen/chainF-entity.pem | 87 +++ certs/test-pathlen/chainG-ICA1-key.pem | 27 + certs/test-pathlen/chainG-ICA1-pathlen0.pem | 89 +++ certs/test-pathlen/chainG-ICA2-key.pem | 27 + certs/test-pathlen/chainG-ICA2-pathlen1.pem | 89 +++ certs/test-pathlen/chainG-ICA3-key.pem | 27 + certs/test-pathlen/chainG-ICA3-pathlen99.pem | 89 +++ certs/test-pathlen/chainG-ICA4-key.pem | 27 + certs/test-pathlen/chainG-ICA4-pathlen5.pem | 89 +++ certs/test-pathlen/chainG-ICA5-key.pem | 27 + certs/test-pathlen/chainG-ICA5-pathlen20.pem | 89 +++ certs/test-pathlen/chainG-ICA6-key.pem | 27 + certs/test-pathlen/chainG-ICA6-pathlen10.pem | 89 +++ certs/test-pathlen/chainG-ICA7-key.pem | 27 + certs/test-pathlen/chainG-ICA7-pathlen100.pem | 89 +++ certs/test-pathlen/chainG-assembled.pem | 710 ++++++++++++++++++ certs/test-pathlen/chainG-entity-key.pem | 27 + certs/test-pathlen/chainG-entity.pem | 87 +++ certs/test-pathlen/chainH-ICA1-key.pem | 27 + certs/test-pathlen/chainH-ICA1-pathlen0.pem | 89 +++ certs/test-pathlen/chainH-ICA2-key.pem | 27 + certs/test-pathlen/chainH-ICA2-pathlen2.pem | 89 +++ certs/test-pathlen/chainH-ICA3-key.pem | 27 + certs/test-pathlen/chainH-ICA3-pathlen2.pem | 89 +++ certs/test-pathlen/chainH-ICA4-key.pem | 27 + certs/test-pathlen/chainH-ICA4-pathlen2.pem | 89 +++ certs/test-pathlen/chainH-assembled.pem | 443 +++++++++++ certs/test-pathlen/chainH-entity-key.pem | 27 + certs/test-pathlen/chainH-entity.pem | 87 +++ certs/test-pathlen/include.am | 80 +- certs/test-pathlen/refreshkeys.sh | 25 + certs/test-pathlen/server-0-1-ca.pem | 89 --- certs/test-pathlen/server-0-1-cert.pem | 86 --- certs/test-pathlen/server-0-1-chain.pem | 264 ------- certs/test-pathlen/server-0-ca.pem | 89 --- certs/test-pathlen/server-0-cert.pem | 86 --- certs/test-pathlen/server-0-chain.pem | 175 ----- certs/test-pathlen/server-1-0-ca.pem | 89 --- certs/test-pathlen/server-1-0-cert.pem | 86 --- certs/test-pathlen/server-1-0-chain.pem | 264 ------- certs/test-pathlen/server-1-ca.pem | 89 --- certs/test-pathlen/server-1-cert.pem | 86 --- certs/test-pathlen/server-1-chain.pem | 175 ----- certs/test-pathlen/server-127-ca.pem | 89 --- certs/test-pathlen/server-127-cert.pem | 86 --- certs/test-pathlen/server-127-chain.pem | 175 ----- certs/test-pathlen/server-128-ca.pem | 89 --- certs/test-pathlen/server-128-cert.pem | 86 --- certs/test-pathlen/server-128-chain.pem | 175 ----- src/ssl.c | 1 + tests/api.c | 161 +++- tests/test-chains.conf | 110 +++ wolfcrypt/src/asn.c | 172 +++-- wolfssl/wolfcrypt/asn.h | 18 + 89 files changed, 6158 insertions(+), 2557 deletions(-) create mode 100644 certs/test-pathlen/chainA-ICA1-key.pem create mode 100644 certs/test-pathlen/chainA-ICA1-pathlen0.pem create mode 100644 certs/test-pathlen/chainA-assembled.pem create mode 100644 certs/test-pathlen/chainA-entity-key.pem create mode 100644 certs/test-pathlen/chainA-entity.pem create mode 100644 certs/test-pathlen/chainB-ICA1-key.pem create mode 100644 certs/test-pathlen/chainB-ICA1-pathlen0.pem create mode 100644 certs/test-pathlen/chainB-ICA2-key.pem create mode 100644 certs/test-pathlen/chainB-ICA2-pathlen1.pem create mode 100644 certs/test-pathlen/chainB-assembled.pem create mode 100644 certs/test-pathlen/chainB-entity-key.pem create mode 100644 certs/test-pathlen/chainB-entity.pem create mode 100644 certs/test-pathlen/chainC-ICA1-key.pem create mode 100644 certs/test-pathlen/chainC-ICA1-pathlen1.pem create mode 100644 certs/test-pathlen/chainC-assembled.pem create mode 100644 certs/test-pathlen/chainC-entity-key.pem create mode 100644 certs/test-pathlen/chainC-entity.pem create mode 100644 certs/test-pathlen/chainD-ICA1-key.pem create mode 100644 certs/test-pathlen/chainD-ICA1-pathlen127.pem create mode 100644 certs/test-pathlen/chainD-assembled.pem create mode 100644 certs/test-pathlen/chainD-entity-key.pem create mode 100644 certs/test-pathlen/chainD-entity.pem create mode 100644 certs/test-pathlen/chainE-ICA1-key.pem create mode 100644 certs/test-pathlen/chainE-ICA1-pathlen128.pem create mode 100644 certs/test-pathlen/chainE-assembled.pem create mode 100644 certs/test-pathlen/chainE-entity-key.pem create mode 100644 certs/test-pathlen/chainE-entity.pem create mode 100644 certs/test-pathlen/chainF-ICA1-key.pem create mode 100644 certs/test-pathlen/chainF-ICA1-pathlen1.pem create mode 100644 certs/test-pathlen/chainF-ICA2-key.pem create mode 100644 certs/test-pathlen/chainF-ICA2-pathlen0.pem create mode 100644 certs/test-pathlen/chainF-assembled.pem create mode 100644 certs/test-pathlen/chainF-entity-key.pem create mode 100644 certs/test-pathlen/chainF-entity.pem create mode 100644 certs/test-pathlen/chainG-ICA1-key.pem create mode 100644 certs/test-pathlen/chainG-ICA1-pathlen0.pem create mode 100644 certs/test-pathlen/chainG-ICA2-key.pem create mode 100644 certs/test-pathlen/chainG-ICA2-pathlen1.pem create mode 100644 certs/test-pathlen/chainG-ICA3-key.pem create mode 100644 certs/test-pathlen/chainG-ICA3-pathlen99.pem create mode 100644 certs/test-pathlen/chainG-ICA4-key.pem create mode 100644 certs/test-pathlen/chainG-ICA4-pathlen5.pem create mode 100644 certs/test-pathlen/chainG-ICA5-key.pem create mode 100644 certs/test-pathlen/chainG-ICA5-pathlen20.pem create mode 100644 certs/test-pathlen/chainG-ICA6-key.pem create mode 100644 certs/test-pathlen/chainG-ICA6-pathlen10.pem create mode 100644 certs/test-pathlen/chainG-ICA7-key.pem create mode 100644 certs/test-pathlen/chainG-ICA7-pathlen100.pem create mode 100644 certs/test-pathlen/chainG-assembled.pem create mode 100644 certs/test-pathlen/chainG-entity-key.pem create mode 100644 certs/test-pathlen/chainG-entity.pem create mode 100644 certs/test-pathlen/chainH-ICA1-key.pem create mode 100644 certs/test-pathlen/chainH-ICA1-pathlen0.pem create mode 100644 certs/test-pathlen/chainH-ICA2-key.pem create mode 100644 certs/test-pathlen/chainH-ICA2-pathlen2.pem create mode 100644 certs/test-pathlen/chainH-ICA3-key.pem create mode 100644 certs/test-pathlen/chainH-ICA3-pathlen2.pem create mode 100644 certs/test-pathlen/chainH-ICA4-key.pem create mode 100644 certs/test-pathlen/chainH-ICA4-pathlen2.pem create mode 100644 certs/test-pathlen/chainH-assembled.pem create mode 100644 certs/test-pathlen/chainH-entity-key.pem create mode 100644 certs/test-pathlen/chainH-entity.pem create mode 100755 certs/test-pathlen/refreshkeys.sh delete mode 100644 certs/test-pathlen/server-0-1-ca.pem delete mode 100644 certs/test-pathlen/server-0-1-cert.pem delete mode 100644 certs/test-pathlen/server-0-1-chain.pem delete mode 100644 certs/test-pathlen/server-0-ca.pem delete mode 100644 certs/test-pathlen/server-0-cert.pem delete mode 100644 certs/test-pathlen/server-0-chain.pem delete mode 100644 certs/test-pathlen/server-1-0-ca.pem delete mode 100644 certs/test-pathlen/server-1-0-cert.pem delete mode 100644 certs/test-pathlen/server-1-0-chain.pem delete mode 100644 certs/test-pathlen/server-1-ca.pem delete mode 100644 certs/test-pathlen/server-1-cert.pem delete mode 100644 certs/test-pathlen/server-1-chain.pem delete mode 100644 certs/test-pathlen/server-127-ca.pem delete mode 100644 certs/test-pathlen/server-127-cert.pem delete mode 100644 certs/test-pathlen/server-127-chain.pem delete mode 100644 certs/test-pathlen/server-128-ca.pem delete mode 100644 certs/test-pathlen/server-128-cert.pem delete mode 100644 certs/test-pathlen/server-128-chain.pem diff --git a/certs/renewcerts/wolfssl.cnf b/certs/renewcerts/wolfssl.cnf index 421194bc2..1ad47d9c9 100644 --- a/certs/renewcerts/wolfssl.cnf +++ b/certs/renewcerts/wolfssl.cnf @@ -146,6 +146,13 @@ authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:true,pathlen:127 keyUsage=keyCertSign, cRLSign +# CA with pathlen 100 +[ pathlen_100 ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true,pathlen:100 +keyUsage=keyCertSign, cRLSign + # CA with pathlen 128 [ pathlen_128 ] subjectKeyIdentifier=hash @@ -153,6 +160,41 @@ authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:true,pathlen:128 keyUsage=keyCertSign, cRLSign +# CA with pathlen 5 +[ pathlen_5 ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true,pathlen:5 +keyUsage=keyCertSign, cRLSign + +# CA with pathlen 10 +[ pathlen_10 ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true,pathlen:10 +keyUsage=keyCertSign, cRLSign + +# CA with pathlen 20 +[ pathlen_20 ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true,pathlen:20 +keyUsage=keyCertSign, cRLSign + +# CA with pathlen 99 +[ pathlen_99 ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true,pathlen:99 +keyUsage=keyCertSign, cRLSign + +# CA with pathlen 2 +[ pathlen_2 ] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true,pathlen:2 +keyUsage=keyCertSign, cRLSign + # test pathlen server cert [ test_pathlen ] subjectKeyIdentifier=hash diff --git a/certs/test-pathlen/assemble-chains.sh b/certs/test-pathlen/assemble-chains.sh index 137d04b74..41bf2b287 100755 --- a/certs/test-pathlen/assemble-chains.sh +++ b/certs/test-pathlen/assemble-chains.sh @@ -12,249 +12,148 @@ check_result(){ fi } -########################################################### -########## update server-0-ca.pem ################ -########################################################### -echo "Updating server-0-ca.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 0 CA\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-0-ca-req.pem -check_result $? "Step 1" +create_an_intermediate(){ + # $1 - chain ID + # $2 - ICA Number (Example entity signed by ICA1 signed by ICA2 and so on) + # $2 - pathLength to use + # $3 - Signer of this Intermediate + # $4 - The signers Key + # example: create_an_intermediate "chainA" "ICA1" "0" "../ca-cert.pem" "../ca-key.pem" + chainID="$1" + icaNum="$2" + pathLen="$3" + signer="$4" + signerKey="$5" +echo "pathLen = $3, $pathLen" + echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + echo "" + #pipe the following arguments to openssl req... + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem + check_result $? "Step 1" -openssl x509 -req -in server-0-ca-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions pathlen_0 -days 1000 -CA ../ca-cert.pem -CAkey ../ca-key.pem -set_serial 100 -sha1 > server-0-ca.pem -check_result $? "Step 2" + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha1 > "$chainID-$icaNum-pathlen$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + echo "End of Section" + echo "-------------------------------------------------------------------------" +} -rm server-0-ca-req.pem -openssl x509 -in server-0-ca.pem -text > ca_tmp.pem -check_result $? "Step 3" -mv ca_tmp.pem server-0-ca.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" ########################################################### -########## update server-0-cert.pem ################ +########## update chainA-entity.pem ################ ########################################################### -echo "Updating server-0-cert.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 0\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-0-cert-req.pem -check_result $? "Step 1" +create_an_entity(){ + # $1 - chain ID + # $2 - ICA Number (Example entity signed by ICA1 signed by ICA2 and so on) + # $2 - pathLength to use + # $3 - Signer of this Intermediate + # $4 - The signers Key + # example: create_an_intermediate "chainA" "ICA1" "0" "../ca-cert.pem" "../ca-key.pem" + chainID="$1" + signer="$2" + signerKey="$3" + echo "Updating $chainID-entity.pem" + echo "" + #pipe the following arguments to openssl req... + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem + check_result $? "Step 1" -openssl x509 -req -in server-0-cert-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA server-0-ca.pem -CAkey ../server-key.pem -set_serial 101 -sha1 > server-0-cert.pem -check_result $? "Step 2" + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha1 > "$chainID"-entity.pem + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID"-entity.pem -text > cert_tmp.pem + check_result $? "Step 3" + mv cert_tmp.pem "$chainID"-entity.pem + echo "End of Section" + echo "-------------------------------------------------------------------------" +} -rm server-0-cert-req.pem -openssl x509 -in server-0-cert.pem -text > cert_tmp.pem -check_result $? "Step 3" -mv cert_tmp.pem server-0-cert.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" ########################################################### -########## update server-1-ca.pem ################ +########## Create the certs ################ ########################################################### -echo "Updating server-1-ca.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 1 CA\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-1-ca-req.pem -check_result $? "Step 1" +create_an_intermediate "chainA" "ICA1" "0" "../ca-cert.pem" "../ca-key.pem" +create_an_entity "chainA" "chainA-ICA1-pathlen0.pem" "chainA-ICA1-key.pem" -openssl x509 -req -in server-1-ca-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions pathlen_1 -days 1000 -CA ../ca-cert.pem -CAkey ../ca-key.pem -set_serial 102 -sha1 > server-1-ca.pem -check_result $? "Step 2" +create_an_intermediate "chainB" "ICA2" "1" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainB" "ICA1" "0" "chainB-ICA2-pathlen1.pem" "chainB-ICA2-key.pem" +create_an_entity "chainB" "chainB-ICA1-pathlen0.pem" "chainB-ICA1-key.pem" -rm server-1-ca-req.pem -openssl x509 -in server-1-ca.pem -text > ca_tmp.pem -check_result $? "Step 3" -mv ca_tmp.pem server-1-ca.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-1-cert.pem ################ -########################################################### -echo "Updating server-1-cert.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 1\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-1-cert-req.pem -check_result $? "Step 1" +create_an_intermediate "chainC" "ICA1" "1" "../ca-cert.pem" "../ca-key.pem" +create_an_entity "chainC" "chainC-ICA1-pathlen1.pem" "chainC-ICA1-key.pem" -openssl x509 -req -in server-1-cert-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA server-1-ca.pem -CAkey ../server-key.pem -set_serial 105 -sha1 > server-1-cert.pem -check_result $? "Step 2" +create_an_intermediate "chainD" "ICA1" "127" "../ca-cert.pem" "../ca-key.pem" +create_an_entity "chainD" "chainD-ICA1-pathlen127.pem" "chainD-ICA1-key.pem" -rm server-1-cert-req.pem -openssl x509 -in server-1-cert.pem -text > cert_tmp.pem -check_result $? "Step 3" -mv cert_tmp.pem server-1-cert.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-0-1-ca.pem ################ -########################################################### -echo "Updating server-0-1-ca.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 0-1 CA\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-0-1-ca-req.pem -check_result $? "Step 1" +create_an_intermediate "chainE" "ICA1" "128" "../ca-cert.pem" "../ca-key.pem" +create_an_entity "chainE" "chainE-ICA1-pathlen128.pem" "chainE-ICA1-key.pem" -openssl x509 -req -in server-0-1-ca-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions pathlen_1 -days 1000 -CA server-0-ca.pem -CAkey ../server-key.pem -set_serial 110 -sha1 > server-0-1-ca.pem -check_result $? "Step 2" +create_an_intermediate "chainF" "ICA2" "0" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainF" "ICA1" "1" "chainF-ICA2-pathlen0.pem" "chainF-ICA2-key.pem" +create_an_entity "chainF" "chainF-ICA1-pathlen1.pem" "chainF-ICA1-key.pem" -rm server-0-1-ca-req.pem -openssl x509 -in server-0-1-ca.pem -text > ca_tmp.pem -check_result $? "Step 3" -mv ca_tmp.pem server-0-1-ca.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-0-1-cert.pem ################ -########################################################### -echo "Updating server-0-1-cert.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 0-1\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-0-1-cert-req.pem -check_result $? "Step 1" +create_an_intermediate "chainG" "ICA7" "100" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainG" "ICA6" "10" "chainG-ICA7-pathlen100.pem" "chainG-ICA7-key.pem" +create_an_intermediate "chainG" "ICA5" "20" "chainG-ICA6-pathlen10.pem" "chainG-ICA6-key.pem" +create_an_intermediate "chainG" "ICA4" "5" "chainG-ICA5-pathlen20.pem" "chainG-ICA5-key.pem" +create_an_intermediate "chainG" "ICA3" "99" "chainG-ICA4-pathlen5.pem" "chainG-ICA4-key.pem" +create_an_intermediate "chainG" "ICA2" "1" "chainG-ICA3-pathlen99.pem" "chainG-ICA3-key.pem" +create_an_intermediate "chainG" "ICA1" "0" "chainG-ICA2-pathlen1.pem" "chainG-ICA2-key.pem" +create_an_entity "chainG" "chainG-ICA1-pathlen0.pem" "chainG-ICA1-key.pem" -openssl x509 -req -in server-0-1-cert-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA server-0-1-ca.pem -CAkey ../server-key.pem -set_serial 111 -sha1 > server-0-1-cert.pem -check_result $? "Step 2" +# Fail: PathLen of 2, signing PathLen of 2, signing Pathlen of 2, signing PathLen 0 +# max_path_len = 2, max_path_len -= 1 (1), max_path_len -= 1 (0), max-path_len 0, non-entity cert. +create_an_intermediate "chainH" "ICA4" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainH" "ICA3" "2" "chainH-ICA4-pathlen2.pem" "chainH-ICA4-key.pem" +create_an_intermediate "chainH" "ICA2" "2" "chainH-ICA3-pathlen2.pem" "chainH-ICA3-key.pem" +create_an_intermediate "chainH" "ICA1" "0" "chainH-ICA2-pathlen2.pem" "chainH-ICA2-key.pem" +create_an_entity "chainH" "chainH-ICA1-pathlen0.pem" "chainH-ICA1-key.pem" -rm server-0-1-cert-req.pem -openssl x509 -in server-0-1-cert.pem -text > cert_tmp.pem -check_result $? "Step 3" -mv cert_tmp.pem server-0-1-cert.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-1-0-ca.pem ################ -########################################################### -echo "Updating server-1-0-ca.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 1-0 CA\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-1-0-ca-req.pem -check_result $? "Step 1" -openssl x509 -req -in server-1-0-ca-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions pathlen_0 -days 1000 -CA server-1-ca.pem -CAkey ../server-key.pem -set_serial 103 -sha1 > server-1-0-ca.pem -check_result $? "Step 2" - -rm server-1-0-ca-req.pem -openssl x509 -in server-1-0-ca.pem -text > ca_tmp.pem -check_result $? "Step 3" -mv ca_tmp.pem server-1-0-ca.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-1-0-cert.pem ################ -########################################################### -echo "Updating server-1-0-cert.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 1-0\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-1-0-cert-req.pem -check_result $? "Step 1" - -openssl x509 -req -in server-1-0-cert-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA server-1-0-ca.pem -CAkey ../server-key.pem -set_serial 104 -sha1 > server-1-0-cert.pem -check_result $? "Step 2" - -rm server-1-0-cert-req.pem -openssl x509 -in server-1-0-cert.pem -text > cert_tmp.pem -check_result $? "Step 3" -mv cert_tmp.pem server-1-0-cert.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-127-ca.pem ################ -########################################################### -echo "Updating server-127-ca.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 127 CA\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-127-ca-req.pem -check_result $? "Step 1" - -openssl x509 -req -in server-127-ca-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions pathlen_127 -days 1000 -CA ../ca-cert.pem -CAkey ../ca-key.pem -set_serial 106 -sha1 > server-127-ca.pem -check_result $? "Step 2" - -rm server-127-ca-req.pem -openssl x509 -in server-127-ca.pem -text > ca_tmp.pem -check_result $? "Step 3" -mv ca_tmp.pem server-127-ca.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-127-cert.pem ################ -########################################################### -echo "Updating server-127-cert.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 127\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-127-cert-req.pem -check_result $? "Step 1" - -openssl x509 -req -in server-127-cert-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA server-127-ca.pem -CAkey ../server-key.pem -set_serial 107 -sha1 > server-127-cert.pem -check_result $? "Step 2" - -rm server-127-cert-req.pem -openssl x509 -in server-127-cert.pem -text > cert_tmp.pem -check_result $? "Step 3" -mv cert_tmp.pem server-127-cert.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-128-ca.pem ################ -########################################################### -echo "Updating server-128-ca.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 128 CA\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-128-ca-req.pem -check_result $? "Step 1" - -openssl x509 -req -in server-128-ca-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions pathlen_128 -days 1000 -CA ../ca-cert.pem -CAkey ../ca-key.pem -set_serial 106 -sha1 > server-128-ca.pem -check_result $? "Step 2" - -rm server-128-ca-req.pem -openssl x509 -in server-128-ca.pem -text > ca_tmp.pem -check_result $? "Step 3" -mv ca_tmp.pem server-128-ca.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" -########################################################### -########## update server-128-cert.pem ################ -########################################################### -echo "Updating server-128-cert.pem" -echo "" -#pipe the following arguments to openssl req... -echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\nServer 128\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ../server-key.pem -config ../renewcerts/wolfssl.cnf -nodes -sha1 > server-128-cert-req.pem -check_result $? "Step 1" - -openssl x509 -req -in server-128-cert-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA server-128-ca.pem -CAkey ../server-key.pem -set_serial 107 -sha1 > server-128-cert.pem -check_result $? "Step 2" - -rm server-128-cert-req.pem -openssl x509 -in server-128-cert.pem -text > cert_tmp.pem -check_result $? "Step 3" -mv cert_tmp.pem server-128-cert.pem -echo "End of Section" -echo "-------------------------------------------------------------------------" ########################################################### ########## Assemble Chains ################ ########################################################### # Success: PathLen of 0 -## server-0-ca.pem: signed by ca-cert.pem -## server-0-cert.pem: signed by server-0-ca.pem -cat server-0-cert.pem server-0-ca.pem > server-0-chain.pem +## chainA-ICA1-pathlen0.pem: signed by ca-cert.pem +## chainA-entity.pem: signed by chainA-ICA1-pathlen0.pem +cat chainA-entity.pem chainA-ICA1-pathlen0.pem > chainA-assembled.pem # Success: PathLen of 1 -## server-1-ca.pem: signed by ca-cert.pem -## server-1-0-ca.pem: signed by server-1-ca.pem -## server-1-0-cert.pem: signed by server-1-0-ca.pem -cat server-1-0-cert.pem server-1-0-ca.pem server-1-ca.pem > server-1-0-chain.pem -## server-1-cert.pem: signed by server-1-ca.pem -cat server-1-cert.pem server-1-ca.pem > server-1-chain.pem +## chainB-ICA2-pathlen1.pem: signed by ca-cert.pem +## chainB-ICA1-pathlen0.pem: signed by chainB-ICA2-pathlen1.pem +## chainB-entity.pem: signed by chainB-ICA1-pathlen0.pem +cat chainB-entity.pem chainB-ICA1-pathlen0.pem chainB-ICA2-pathlen1.pem > chainB-assembled.pem +## chainC-entity.pem: signed by chainC-ICA1-pathlen1.pem +cat chainC-entity.pem chainC-ICA1-pathlen1.pem > chainC-assembled.pem # Success: PathLen of 127 -## server-127-ca.pem: signed by ca-cert.pem -## server-127-cert.pem: signed by server-127-cert.pem -cat server-127-cert.pem server-127-ca.pem > server-127-chain.pem +## chainD-ICA1-pathlen127.pem: signed by ca-cert.pem +## chainD-entity.pem: signed by chainD-entity.pem +cat chainD-entity.pem chainD-ICA1-pathlen127.pem > chainD-assembled.pem # Failure: PathLen of 128 -## server-128-ca.pem: signed by ca-cert.pem -## server-128-cert.pem: signed by server-128-ca.pem -cat server-128-cert.pem server-128-ca.pem > server-128-chain.pem +## chainE-ICA1-pathlen128.pem: signed by ca-cert.pem +## chainE-entity.pem: signed by chainE-ICA1-pathlen128.pem +cat chainE-entity.pem chainE-ICA1-pathlen128.pem > chainE-assembled.pem # Failure: PathLen of 0, signing PathLen of 1 -## server-0-1-ca.pem: signed by server-0-ca.pem -## server-0-1-cert.pem: signed by server-0-1-ca.pem -cat server-0-1-cert.pem server-0-1-ca.pem server-0-ca.pem > server-0-1-chain.pem +## chainF-ICA1-pathlen1.pem: signed by chainA-ICA1-pathlen0.pem +## chainF-entity.pem: signed by chainF-ICA1-pathlen1.pem +cat chainF-entity.pem chainF-ICA1-pathlen1.pem chainF-ICA2-pathlen0.pem > chainF-assembled.pem + +# Success: PathLen of 127, signing PathLen of 10, signing PathLen of 20, signing +# PathLen of 5, signing PathLen of 99, signing PathLen of 1, signing +# PathLen of 0 +cat chainG-entity.pem chainG-ICA1-pathlen0.pem > chainG-assembled.pem +cat chainG-ICA2-pathlen1.pem chainG-ICA3-pathlen99.pem >> chainG-assembled.pem +cat chainG-ICA4-pathlen5.pem chainG-ICA5-pathlen20.pem >> chainG-assembled.pem +cat chainG-ICA6-pathlen10.pem chainG-ICA7-pathlen100.pem >> chainG-assembled.pem + +# Fail: PathLen of 2, signing PathLen of 2, signing Pathlen of 2, signing PathLen 0 +# max_path_len = 2, max_path_len -= 1 (1), max_path_len -= 1 (0), max-path_len 0, non-entity cert. +cat chainH-entity.pem chainH-ICA1-pathlen0.pem > chainH-assembled.pem +cat chainH-ICA2-pathlen2.pem chainH-ICA3-pathlen2.pem >> chainH-assembled.pem +cat chainH-ICA4-pathlen2.pem >> chainH-assembled.pem diff --git a/certs/test-pathlen/chainA-ICA1-key.pem b/certs/test-pathlen/chainA-ICA1-key.pem new file mode 100644 index 000000000..8cd09c8d1 --- /dev/null +++ b/certs/test-pathlen/chainA-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAsiuhP77AWL06vA0ZrMp/uTvwjDD/BLE0fiaGljZrUy5EHaH0 +vFF5VQXKu6CnnTMBk5YUZ+z0wy5mJ9FBaDSsjWRj2FWGnWIkme23/8tNnUBU1eOq +Raam2/5zQpRCwdAyXMQhrpyTALdKH56VpihtS9jAZefto23KGLP638lnGnUjYIOl +A19hveXWjZ0FRyN+oI3Rf0JOOKzOcLy/ewVbD4ICsJqNwBTK0EVelxDRoeEj2txp +nM5TzGiJxkBNabyrT8cRXmKi3+KlNHw5NidnNBEELCqzFtuO/dd7HZNfM8LKliIq +Q4KKSEYHE/9sHLC6C/DNP0zcNBePInBpnSLXxwIDAQABAoIBAH+tbFw14bi1wgVI +jgGZC3Y+Ud7krZs7MZbFHOVAEiEFoqJpkOvyprQa9nEGa5bnGlYc0nq2/59u/J3E +As8eEBkyu6onf9QApKH6DEUt92yc0S6Fe1t2VVSJPyeS/1PMUorPsiNi6KU2s9N8 +3Vi417nmldlxHoZjAtQ5BaqgtVXrMMIS05Q3bySULdOXYNu8hBGvGkR99tSyKQ1S +qVfJWi7dHrjiRPbYSW7aOaYID3QjB3GIqkcoUMWXTzdogE/EPKZL52CL+hBBw8C2 +4Q/8o0Wy60Futj/1Hdax6o/sVPDmoypDzYbbQ5IVcGM+SWykDn2+tNJDvfFp1T6k ++az1H0ECgYEA41cCvONXUQQ9PWSeNutdxS49c+tr0UN5/F09Yy6vVEWkjKuUwYzj +9RMxH6Hf0t6k3Qvm4x0m9jWFWTiUQVGDg9EU9AWSGeQ73TZN9gUaI5meWUQnZoiL +kJqkKvdiXfCSBwCRQuW3vrKyi8miLYTVTeBewjoUbZnkVkIN3+f0Vb8CgYEAyKHD +P0JE4UegsTB3r0VZtXHF+en2TcJ0kl4tc09O+R3FOmslmXpaG7ZMx+KVVCrmTlPl +pzScv1kNEhQYSJPIfbc1YxLOQNUf96oiTeG4RsCMm+zSIgYQKe5VKvEPrw4OfOQW +bqUyHGHfm4NSxmTZgi6ukgZqpTcD5KUyajZaz/kCgYBeWLfcKAUOrFG17tHyPM+X +i08ZknQWToiLgS5+wNsmgBiAAJ0ljhD0nlheplE7NAb7bXsOegS3XRLQKjjsuqV3 +yQeHFeDCOgPWFDlahleIurIKncw0MyqogmTrJ+t8zN/tZADk4GzXCVYrySwy89OK +FDl/JZdgvOMUISmc6KhwBQKBgGWOrJya2O8IKOlIVW0dN7nG66YDri/SXNuyXGNg +I+OqFCnsDs5Pxsj8UIVlxp0iUg4YHcmzshyR4THjhh9G31fzo0yROmJK/7GIJ3Ew +7uyxjvtmtz+NviTbhbUE7SF5hg/mDQzZBjKjwGKh6QaQCiIBq1Aze0xCOvBERu7I +sNNRAoGBAN5bKB0JoskQcd5uJTgwTrATrY4FNBPs2s/I8XIBYCLuvhGyiR95B7Uy +nZobhWFx2xwWWHksrJ8CKXodQuojtQPEC+JnoKeUvzEs95KvHwdxNGH74VMT8bqg +Q3qKoHsd8dkclcJbIPI3KCkpuaimqNits4ma+oVTuB0JyYFXEg+X +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/certs/test-pathlen/chainA-ICA1-pathlen0.pem new file mode 100644 index 000000000..183b27324 --- /dev/null +++ b/certs/test-pathlen/chainA-ICA1-pathlen0.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:41 2019 GMT + Not After : Jul 6 21:32:41 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b2:2b:a1:3f:be:c0:58:bd:3a:bc:0d:19:ac:ca: + 7f:b9:3b:f0:8c:30:ff:04:b1:34:7e:26:86:96:36: + 6b:53:2e:44:1d:a1:f4:bc:51:79:55:05:ca:bb:a0: + a7:9d:33:01:93:96:14:67:ec:f4:c3:2e:66:27:d1: + 41:68:34:ac:8d:64:63:d8:55:86:9d:62:24:99:ed: + b7:ff:cb:4d:9d:40:54:d5:e3:aa:45:a6:a6:db:fe: + 73:42:94:42:c1:d0:32:5c:c4:21:ae:9c:93:00:b7: + 4a:1f:9e:95:a6:28:6d:4b:d8:c0:65:e7:ed:a3:6d: + ca:18:b3:fa:df:c9:67:1a:75:23:60:83:a5:03:5f: + 61:bd:e5:d6:8d:9d:05:47:23:7e:a0:8d:d1:7f:42: + 4e:38:ac:ce:70:bc:bf:7b:05:5b:0f:82:02:b0:9a: + 8d:c0:14:ca:d0:45:5e:97:10:d1:a1:e1:23:da:dc: + 69:9c:ce:53:cc:68:89:c6:40:4d:69:bc:ab:4f:c7: + 11:5e:62:a2:df:e2:a5:34:7c:39:36:27:67:34:11: + 04:2c:2a:b3:16:db:8e:fd:d7:7b:1d:93:5f:33:c2: + ca:96:22:2a:43:82:8a:48:46:07:13:ff:6c:1c:b0: + ba:0b:f0:cd:3f:4c:dc:34:17:8f:22:70:69:9d:22: + d7:c7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A8:10:EA:C8:EF:4F:00:CD:E3:79:C3:EB:DF:F6:C8:86:9D:44:6C:26 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: + be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: + de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: + df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: + c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: + 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: + 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: + 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: + fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: + f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: + e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: + 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: + e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: + 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: + fd:7f:af:c2 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex +LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiuhP77AWL06vA0ZrMp/uTvwjDD/ +BLE0fiaGljZrUy5EHaH0vFF5VQXKu6CnnTMBk5YUZ+z0wy5mJ9FBaDSsjWRj2FWG +nWIkme23/8tNnUBU1eOqRaam2/5zQpRCwdAyXMQhrpyTALdKH56VpihtS9jAZeft +o23KGLP638lnGnUjYIOlA19hveXWjZ0FRyN+oI3Rf0JOOKzOcLy/ewVbD4ICsJqN +wBTK0EVelxDRoeEj2txpnM5TzGiJxkBNabyrT8cRXmKi3+KlNHw5NidnNBEELCqz +FtuO/dd7HZNfM8LKliIqQ4KKSEYHE/9sHLC6C/DNP0zcNBePInBpnSLXxwIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 +RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG +1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p +AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX +Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 +fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-assembled.pem b/certs/test-pathlen/chainA-assembled.pem new file mode 100644 index 000000000..d02e53a49 --- /dev/null +++ b/certs/test-pathlen/chainA-assembled.pem @@ -0,0 +1,175 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d0:7a:d8:c8:6c:4f:a5:cd:72:25:87:ff:12:a3: + 65:0e:1d:1f:78:b2:d7:1a:65:a1:e7:4e:bd:05:b5: + 05:3e:39:3e:85:ad:90:c7:5b:a5:81:42:b5:01:00: + 57:87:29:a3:45:ce:f4:02:fa:80:8f:3b:8e:99:40: + 2c:fc:c8:b0:8b:2b:19:c3:20:c6:af:db:a0:d9:d5: + 70:32:6d:66:c3:ca:c4:ea:63:fb:08:0e:35:bc:50: + 7f:85:c7:62:f4:e2:85:e4:89:59:52:71:f2:e3:d1: + 63:3e:1d:08:6d:ff:86:cb:e5:eb:bc:1f:de:13:f0: + b2:f8:92:ee:23:9d:64:e7:b0:49:6f:26:a2:64:bc: + 9c:18:8a:f3:c6:db:83:a4:6c:b0:56:23:16:40:57: + b0:95:5e:1b:3d:c5:3f:10:7a:84:e0:3e:bb:78:e8: + 7d:c1:63:f3:fe:ee:af:16:db:ce:28:02:21:df:8b: + ca:f3:c3:1e:d1:47:c0:59:5f:1c:48:ec:50:6a:e3: + cc:fb:b6:16:45:40:c8:50:cf:dc:3e:2d:2d:cb:cd: + 19:2a:17:74:41:7f:bc:26:4d:cd:97:b2:2b:67:57: + 8e:6e:75:b5:d8:ec:6b:69:ab:09:3d:95:85:2c:0f: + d7:8d:29:75:1f:9b:88:56:bc:e8:11:a3:c8:65:e5: + 2b:23 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D6:56:A1:9C:F1:66:E4:05:17:36:32:74:BA:72:97:50:13:58:B3:3D + X509v3 Authority Key Identifier: + keyid:A8:10:EA:C8:EF:4F:00:CD:E3:79:C3:EB:DF:F6:C8:86:9D:44:6C:26 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: + de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: + b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: + 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: + b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: + 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: + 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: + a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: + ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: + fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: + 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: + 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: + 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: + 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: + 5b:44:0b:a0 +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HrYyGxPpc1yJYf/EqNl +Dh0feLLXGmWh5069BbUFPjk+ha2Qx1ulgUK1AQBXhymjRc70AvqAjzuOmUAs/Miw +iysZwyDGr9ug2dVwMm1mw8rE6mP7CA41vFB/hcdi9OKF5IlZUnHy49FjPh0Ibf+G +y+XrvB/eE/Cy+JLuI51k57BJbyaiZLycGIrzxtuDpGywViMWQFewlV4bPcU/EHqE +4D67eOh9wWPz/u6vFtvOKAIh34vK88Me0UfAWV8cSOxQauPM+7YWRUDIUM/cPi0t +y80ZKhd0QX+8Jk3Nl7IrZ1eObnW12OxraasJPZWFLA/XjSl1H5uIVrzoEaPIZeUr +IwIDAQABo4HxMIHuMB0GA1UdDgQWBBTWVqGc8WbkBRc2MnS6cpdQE1izPTCBwQYD +VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE +BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV +BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu +d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw +CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B +3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH +6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko +eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 +/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 +WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:41 2019 GMT + Not After : Jul 6 21:32:41 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b2:2b:a1:3f:be:c0:58:bd:3a:bc:0d:19:ac:ca: + 7f:b9:3b:f0:8c:30:ff:04:b1:34:7e:26:86:96:36: + 6b:53:2e:44:1d:a1:f4:bc:51:79:55:05:ca:bb:a0: + a7:9d:33:01:93:96:14:67:ec:f4:c3:2e:66:27:d1: + 41:68:34:ac:8d:64:63:d8:55:86:9d:62:24:99:ed: + b7:ff:cb:4d:9d:40:54:d5:e3:aa:45:a6:a6:db:fe: + 73:42:94:42:c1:d0:32:5c:c4:21:ae:9c:93:00:b7: + 4a:1f:9e:95:a6:28:6d:4b:d8:c0:65:e7:ed:a3:6d: + ca:18:b3:fa:df:c9:67:1a:75:23:60:83:a5:03:5f: + 61:bd:e5:d6:8d:9d:05:47:23:7e:a0:8d:d1:7f:42: + 4e:38:ac:ce:70:bc:bf:7b:05:5b:0f:82:02:b0:9a: + 8d:c0:14:ca:d0:45:5e:97:10:d1:a1:e1:23:da:dc: + 69:9c:ce:53:cc:68:89:c6:40:4d:69:bc:ab:4f:c7: + 11:5e:62:a2:df:e2:a5:34:7c:39:36:27:67:34:11: + 04:2c:2a:b3:16:db:8e:fd:d7:7b:1d:93:5f:33:c2: + ca:96:22:2a:43:82:8a:48:46:07:13:ff:6c:1c:b0: + ba:0b:f0:cd:3f:4c:dc:34:17:8f:22:70:69:9d:22: + d7:c7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A8:10:EA:C8:EF:4F:00:CD:E3:79:C3:EB:DF:F6:C8:86:9D:44:6C:26 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: + be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: + de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: + df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: + c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: + 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: + 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: + 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: + fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: + f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: + e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: + 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: + e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: + 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: + fd:7f:af:c2 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex +LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiuhP77AWL06vA0ZrMp/uTvwjDD/ +BLE0fiaGljZrUy5EHaH0vFF5VQXKu6CnnTMBk5YUZ+z0wy5mJ9FBaDSsjWRj2FWG +nWIkme23/8tNnUBU1eOqRaam2/5zQpRCwdAyXMQhrpyTALdKH56VpihtS9jAZeft +o23KGLP638lnGnUjYIOlA19hveXWjZ0FRyN+oI3Rf0JOOKzOcLy/ewVbD4ICsJqN +wBTK0EVelxDRoeEj2txpnM5TzGiJxkBNabyrT8cRXmKi3+KlNHw5NidnNBEELCqz +FtuO/dd7HZNfM8LKliIqQ4KKSEYHE/9sHLC6C/DNP0zcNBePInBpnSLXxwIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 +RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG +1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p +AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX +Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 +fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-entity-key.pem b/certs/test-pathlen/chainA-entity-key.pem new file mode 100644 index 000000000..59730e1a2 --- /dev/null +++ b/certs/test-pathlen/chainA-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA0HrYyGxPpc1yJYf/EqNlDh0feLLXGmWh5069BbUFPjk+ha2Q +x1ulgUK1AQBXhymjRc70AvqAjzuOmUAs/MiwiysZwyDGr9ug2dVwMm1mw8rE6mP7 +CA41vFB/hcdi9OKF5IlZUnHy49FjPh0Ibf+Gy+XrvB/eE/Cy+JLuI51k57BJbyai +ZLycGIrzxtuDpGywViMWQFewlV4bPcU/EHqE4D67eOh9wWPz/u6vFtvOKAIh34vK +88Me0UfAWV8cSOxQauPM+7YWRUDIUM/cPi0ty80ZKhd0QX+8Jk3Nl7IrZ1eObnW1 +2OxraasJPZWFLA/XjSl1H5uIVrzoEaPIZeUrIwIDAQABAoIBAQCpeFMkiTctlpYF +gEmOwxfwoyfkG6zTnm4/8zegnggHDs2OKQsZo5wkOS+eAsMj8mrw4kxk53D9/fHr +DcoEKreoSX8FqW0ZozVcHi64L0psOjZcOq3jXHm9/MnM28nLOyCQKD5d0JcbLii4 +Yy1pDWBr+xjnshf6qZ0yh23hsZ5G3wUadf4CwFfEeTdUFw4vOAZRPdKQqGooR6NW +u7C6NWcrcoilX3tpcz6W+5TFfth0Uuyd10K9oBiGoQIx/qQcGg4wHVi+Si8PkRbX +9cRxOeJ6ozmoNikfTB6RUcAnCWJC3CtFZQHUX+CpBXc1pbQMKRGyo5WhqX32BI/s +8CE9pVYRAoGBAOfDlJMe6rPeP8e0s0Zc/tV2NCOZzhO8WLlPSnt731PXVooRjfPy +65gq6v7Wg6vdoniFC+NxVmeTTrTAPSuts8tqCKXq59CSoGkj1rxEsCgnEZJXtjZU +HUrukCyTPksnEjsOSR1obh7NUABut4ZVFMs6s2DSadyV4a9dw7y2zbrvAoGBAOZH +8Nt1OlCxJ2lmbADHRQCNW48oiWNB05xQkii0ZdOMKWHBbKkJa0JW67ru6issvzTe +RbzVcBQsipECTGFTmeJShTWs9yZPeOObIMHo8mEuzRf0n6W3O2AdB/XqGjO1idR/ +VyBiuP8Ttc5ofVyGg7tpPfYPcJ9s2MVi56MhXCMNAoGAWaafJ1XTRiaXl2G/41z/ +uoTR4F+ThrDZxTz1u9SL6/ulXx0xQwdZuPAJHPDP2ECQo3wbwCxMVx51WJfwUaAM +p4fptnyqlVTStjkFzKfpWG7cbjZ9poBdIGot3QBMHXgMpkl9YOHPjxyucKxjU5Q/ +yel4D+D00D4uIc7sc2hnJoMCgYEAhJsKxKVF1m+dPWGgcfZN8tpzzgVO0Bx46buv +3sa7GE3PCp7inphw7nu1NSkdKY2T8bLJP8s8xjE7/fLv3t/QbnaMhPM8QxBikdaj +z2YAJRxZOCFCyZ+xDlDJY7/SJNK2Muq9VkXjN+e2usyK2/wN4Z7h8k7D0NpSHaAt +uU+digUCgYEAiU2KYqosro3lzNh5vLc5ad/ZsE4m9RHf5AixXb3cf8CnAavczkPr +/X2k81+7Vbq7nv6WD9kMtaAfaYUU5tkqzlLO4i51IYXfzgyUNW4//wSMYqPDvhEt +M7+tIdaUTubZ8IhrCwgqHbs7VHejoWnFfIA2kgvWtR5m0UrXg0hGAmM= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainA-entity.pem b/certs/test-pathlen/chainA-entity.pem new file mode 100644 index 000000000..855d8c4bd --- /dev/null +++ b/certs/test-pathlen/chainA-entity.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d0:7a:d8:c8:6c:4f:a5:cd:72:25:87:ff:12:a3: + 65:0e:1d:1f:78:b2:d7:1a:65:a1:e7:4e:bd:05:b5: + 05:3e:39:3e:85:ad:90:c7:5b:a5:81:42:b5:01:00: + 57:87:29:a3:45:ce:f4:02:fa:80:8f:3b:8e:99:40: + 2c:fc:c8:b0:8b:2b:19:c3:20:c6:af:db:a0:d9:d5: + 70:32:6d:66:c3:ca:c4:ea:63:fb:08:0e:35:bc:50: + 7f:85:c7:62:f4:e2:85:e4:89:59:52:71:f2:e3:d1: + 63:3e:1d:08:6d:ff:86:cb:e5:eb:bc:1f:de:13:f0: + b2:f8:92:ee:23:9d:64:e7:b0:49:6f:26:a2:64:bc: + 9c:18:8a:f3:c6:db:83:a4:6c:b0:56:23:16:40:57: + b0:95:5e:1b:3d:c5:3f:10:7a:84:e0:3e:bb:78:e8: + 7d:c1:63:f3:fe:ee:af:16:db:ce:28:02:21:df:8b: + ca:f3:c3:1e:d1:47:c0:59:5f:1c:48:ec:50:6a:e3: + cc:fb:b6:16:45:40:c8:50:cf:dc:3e:2d:2d:cb:cd: + 19:2a:17:74:41:7f:bc:26:4d:cd:97:b2:2b:67:57: + 8e:6e:75:b5:d8:ec:6b:69:ab:09:3d:95:85:2c:0f: + d7:8d:29:75:1f:9b:88:56:bc:e8:11:a3:c8:65:e5: + 2b:23 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D6:56:A1:9C:F1:66:E4:05:17:36:32:74:BA:72:97:50:13:58:B3:3D + X509v3 Authority Key Identifier: + keyid:A8:10:EA:C8:EF:4F:00:CD:E3:79:C3:EB:DF:F6:C8:86:9D:44:6C:26 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: + de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: + b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: + 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: + b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: + 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: + 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: + a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: + ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: + fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: + 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: + 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: + 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: + 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: + 5b:44:0b:a0 +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HrYyGxPpc1yJYf/EqNl +Dh0feLLXGmWh5069BbUFPjk+ha2Qx1ulgUK1AQBXhymjRc70AvqAjzuOmUAs/Miw +iysZwyDGr9ug2dVwMm1mw8rE6mP7CA41vFB/hcdi9OKF5IlZUnHy49FjPh0Ibf+G +y+XrvB/eE/Cy+JLuI51k57BJbyaiZLycGIrzxtuDpGywViMWQFewlV4bPcU/EHqE +4D67eOh9wWPz/u6vFtvOKAIh34vK88Me0UfAWV8cSOxQauPM+7YWRUDIUM/cPi0t +y80ZKhd0QX+8Jk3Nl7IrZ1eObnW12OxraasJPZWFLA/XjSl1H5uIVrzoEaPIZeUr +IwIDAQABo4HxMIHuMB0GA1UdDgQWBBTWVqGc8WbkBRc2MnS6cpdQE1izPTCBwQYD +VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE +BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV +BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu +d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw +CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B +3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH +6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko +eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 +/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 +WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA1-key.pem b/certs/test-pathlen/chainB-ICA1-key.pem new file mode 100644 index 000000000..ee660fb61 --- /dev/null +++ b/certs/test-pathlen/chainB-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAsveqrpHRJEFSoSLg05eb4AyUnErks4WuqUOf7HoF3Yhc5RlS +UzmGirLihierA5q+xFRnr7msZeJhl3hmYCmQYghikaCWKw8wbNo9cDVSqKfVhUkl +alZZvGtFkcM3/AYNoqlG4imCG3emSTX7V18zApLla2fCYeI3nBJctSybKqWFlyJz +PTZQVRpqWdnarC0/5mqxHWBSAwVAX88GaPAyhlpvtQJj5i4enwmCjAMYGeR51TVu +2RefPMHZO5X5b/MZ0dO4XXyTN8N8O6BYx/vlLfVY05ty80N6Kexr9IaByOZgiyvF +rVnlpKAFlwkCAKdV3Fvv5IuDGu7IHLW25mFr0QIDAQABAoIBAAqE3BdeorhKzpyB +/EzzgEnu810sWbzjgpyYSPIRSf73YN5mWpxhqTLFyOKxui+ADO5lN6Lwet2SLMJG +ZV4Jk17vtztwAOOPBP2g5jOOLsmS883dusFBSgz1ESW8H7JEeNCyumPYpLkQk0mC +Tr+X7Nud3rYtZxNxxGr7+U78zDH5Z3G7CErHyZ27+wks/IjxZhvnjVByEjAo+wkK +wVm40vDj8QmdTG8z+1OSqCM5lY/k0VibuZyvQ9gbsXIpzPqxsd2HnrJSf4gShtBR +L6OV2QQFW923PxWCwG26rPdT4vVSDlBuPQ6BjFKsvjnsonxZYnNTSMAKFM+E0OSV +C6EmRwECgYEA2sY94Dt6FoYWPBYGioiNlDJ20lUal1s64yjrNjA209V1s1FYJIhN +utMQNqq+DwkQoLcy7TV/cleRs5lPp1nM++w+6HoMLqUUzPhygmLcvh9f7r/VLpUm ++8encqEOcUsr6V0fVt2s/Wj7611rzR1tXVklxEbWwke4libinDT//HkCgYEA0Wtx +3VIDLXqj5Z1pIX1ZBXgHdgsJvbJ6qrQ+1gnK3vnOixsz0HrTMh10IcC5J0XWKIHk +ldC6bt0+ZhvP0Jdu6yx19cYeIFkgATd7duicllFqn05RPwAmM2LcUj95gew/rHKY +9hJ+Mqb3x+eL5maO2ij6Wi6qEDQiOuffUZM25BkCgYEAwE5SRbECeJoVIWwbA9tU +2Fgjqm+0mCdRdCyb1V48U6jndWCjojlOWlL9hZBA0Oae/ycKVQkZpmDjaoPxSKHf +VfMsuR3PZ5Ek36fkwEg20ciygyONOQ1S3y95OYHpOB1j1BZPXgQt8/M8vn+4Ku0b +HVsnn4jFbrGsyBAWUkkkW8ECgYAljymq0gyz2W0Pv32dfge7TV25NB2ZIiuR9iXW +6YazGwaKOGTAnWbHdDTh4NjUTFguh61hmT/2pkOMuKw68w33q8+0NsYscw+kaDkC +iJGc/BktXTSBIhu316FANxYp0R9SZHM+nu53Uy7ZcZPLzNUOF49fIUNrCI6jFfcd +gFO18QKBgQCJL8qVYFIh5A8IicIM1fD17QiKPHI06f0KOXqQU33VLdGLRGwYruTh +NTlcvzevFMxEDyS7rhZk30PmNP9XpAVtoFYIdhJbA0Xnf2H8R1sN+zYZV/YgU1Og +E+pE9ay8jKsrmr1mvVVomPAtz0/yvZLsEt6ymL2tQm1A5CraeVhMTA== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/certs/test-pathlen/chainB-ICA1-pathlen0.pem new file mode 100644 index 000000000..7f180ba4e --- /dev/null +++ b/certs/test-pathlen/chainB-ICA1-pathlen0.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b2:f7:aa:ae:91:d1:24:41:52:a1:22:e0:d3:97: + 9b:e0:0c:94:9c:4a:e4:b3:85:ae:a9:43:9f:ec:7a: + 05:dd:88:5c:e5:19:52:53:39:86:8a:b2:e2:86:27: + ab:03:9a:be:c4:54:67:af:b9:ac:65:e2:61:97:78: + 66:60:29:90:62:08:62:91:a0:96:2b:0f:30:6c:da: + 3d:70:35:52:a8:a7:d5:85:49:25:6a:56:59:bc:6b: + 45:91:c3:37:fc:06:0d:a2:a9:46:e2:29:82:1b:77: + a6:49:35:fb:57:5f:33:02:92:e5:6b:67:c2:61:e2: + 37:9c:12:5c:b5:2c:9b:2a:a5:85:97:22:73:3d:36: + 50:55:1a:6a:59:d9:da:ac:2d:3f:e6:6a:b1:1d:60: + 52:03:05:40:5f:cf:06:68:f0:32:86:5a:6f:b5:02: + 63:e6:2e:1e:9f:09:82:8c:03:18:19:e4:79:d5:35: + 6e:d9:17:9f:3c:c1:d9:3b:95:f9:6f:f3:19:d1:d3: + b8:5d:7c:93:37:c3:7c:3b:a0:58:c7:fb:e5:2d:f5: + 58:d3:9b:72:f3:43:7a:29:ec:6b:f4:86:81:c8:e6: + 60:8b:2b:c5:ad:59:e5:a4:a0:05:97:09:02:00:a7: + 55:dc:5b:ef:e4:8b:83:1a:ee:c8:1c:b5:b6:e6:61: + 6b:d1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D7:90:E4:86:59:24:F9:2B:B8:06:8E:B1:8F:33:E5:2C:63:F1:03:16 + X509v3 Authority Key Identifier: + keyid:EE:59:9D:56:0B:7C:0A:45:44:E3:15:57:E2:B2:F3:1D:64:6F:AF:7A + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: + 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: + b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: + 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: + 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: + 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: + cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: + 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: + c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: + bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: + 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: + dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: + af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: + f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: + d8:0d:95:d4 +-----BEGIN CERTIFICATE----- +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALL3qq6R0SRB +UqEi4NOXm+AMlJxK5LOFrqlDn+x6Bd2IXOUZUlM5hoqy4oYnqwOavsRUZ6+5rGXi +YZd4ZmApkGIIYpGglisPMGzaPXA1Uqin1YVJJWpWWbxrRZHDN/wGDaKpRuIpght3 +pkk1+1dfMwKS5WtnwmHiN5wSXLUsmyqlhZcicz02UFUaalnZ2qwtP+ZqsR1gUgMF +QF/PBmjwMoZab7UCY+YuHp8JgowDGBnkedU1btkXnzzB2TuV+W/zGdHTuF18kzfD +fDugWMf75S31WNObcvNDeinsa/SGgcjmYIsrxa1Z5aSgBZcJAgCnVdxb7+SLgxru +yBy1tuZha9ECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBTXkOSGWST5K7gGjrGPM+Us +Y/EDFjCBwQYDVR0jBIG5MIG2gBTuWZ1WC3wKRUTjFVfisvMdZG+veqGBmqSBlzCB +lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN +AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr +S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 +8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ +K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I +S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 +NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA2-key.pem b/certs/test-pathlen/chainB-ICA2-key.pem new file mode 100644 index 000000000..14062373a --- /dev/null +++ b/certs/test-pathlen/chainB-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA0H+CBZ1bxEngPh+HbhcF6+IK0dGl9cy+HUbYzahuIs49XDlx +pA0D+nh+u2zoUeWY76ZeYtIw+juPIV+3X5i3n6hWejnKwt+hVv6Vl1ZeW/502fIu +yn7bUHda0ZDcItb+S8BXocY7SrqtBRTJJGh2teIm1ctQ/dB3DowMuV73pJpFNWxi +yuk41BCaXDClTyZHAwNzVoWMvvXQwAkGPg7o5X3QGVTtV+xRz7yVFZHP0JqE3YpQ +fDPCGmFwMZoZFyizjNpfuNIGa4I/tmooKYa0IMulr3Nm5Dc2gfA/rb8FuNsuxCLi +60aH9GDRpn/unEGn86rpN93a1vDNSKxR0XeNoQIDAQABAoIBAQCGBNAA5+squwnn +JMEa5LWrr/qgcBArdVXm37lQSKmyubr7YvlHKA6cm4Nq2lBjBCBQOzKEdvOAhXQ1 +UZ8/VZ0ChWRA4JESvkio8LAbPSseGuvlhCTLiMtUZ8P63RCDXIrNCm/JzvAh0uiQ +UZIRUwyrURkBZ9VBsRQ2R5OOPBsWs+FpVbx9w7Zvkq2shFDbqTm8bCPbM9huCNZb +Z01Zp9+j5MfxzK4tgkKct3fbNOKzKGmOivloMQFY1fABWHg6dsvT/EprqBYcuRfy +gf1a4wJM22Zkv6+7rN3qmly0bEriVLlkw+dbGawEScCnI9+ormrQG9B22ynUFj0c +nK+odMk5AoGBAPhxZ5jZI9APgXcdWhgThSCtzmm9sHyUEBEkVYWqtc4qnBGREB9e +cuDDOTCppc8fJvDo+MnrEHxIIhBdMCMAg1JIEOXgDNzgBPb7y/43qQLV9bYfHJ7P +jvYeZ/S7PASK0lYjFq+1BlTa7m47ajwA/fwgW1Z6aga4dEm+LOpwaAw3AoGBANbX +Dpw/lHOgLOa/Zz/AUHmdQcXwiZbGJSdRI2yKOaE6TUvOman/WrDy4UQyej3gT4M8 +3pUYl34Cn/gl8K3QpRMHT7C11iF1IX4vS/eSvxf7fwCwG+3MaP4LEuOiJ84a2ILo +8WM20/L8unGb1+0WlzV0TJFTe97RtYViHHG3G7jnAoGAGWkH7oMu/YXIeRVgdJvy +ftAoD3qeRW+jYQ11TdGS/L4w7j8HBh5T45c0Dz0av19xTSyW3ZgUPJHoIgJV/Q59 +X/oM+GX9Cs5C07wXNi4dNDQMCI+QDtItzhB4E3je/5vvPW4jUN9UAXPO9SlQiUiU +safhj6u/kmZlRnGUCHpsuesCgYBIUbpkVG63gWq7/iBWcHlmhs42QGNActDc7E49 +YkZGBKcyZoiJliDEQe4ck9VccN6zMdFHZTDRxTZuRO9Aw2ReBG8J8Bv1xUUSAf/T +hf13qDw3UhEEunN5WObx44r8sULCxoFDQZiVSgfE6I4GDD24S77eiLjA59zv2nfy +u43EbwKBgQDpH5SnH3GEqWAyDpehK2gK2f5Ho7ZPANo5Z0lllv7Ic+7aHWBAEiiq +vtRTvtl4GXzjvOuhcb3hPYft+YPTj8L8V1a2Bac4Ohxq73diwbTFgS1D4owJ/1jc +0mnPyANCeoe85znU1D1FGveQfBYqUSRiX9iEQsN42C1GPR/xBhm6oQ== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/certs/test-pathlen/chainB-ICA2-pathlen1.pem new file mode 100644 index 000000000..2f1eea71c --- /dev/null +++ b/certs/test-pathlen/chainB-ICA2-pathlen1.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d0:7f:82:05:9d:5b:c4:49:e0:3e:1f:87:6e:17: + 05:eb:e2:0a:d1:d1:a5:f5:cc:be:1d:46:d8:cd:a8: + 6e:22:ce:3d:5c:39:71:a4:0d:03:fa:78:7e:bb:6c: + e8:51:e5:98:ef:a6:5e:62:d2:30:fa:3b:8f:21:5f: + b7:5f:98:b7:9f:a8:56:7a:39:ca:c2:df:a1:56:fe: + 95:97:56:5e:5b:fe:74:d9:f2:2e:ca:7e:db:50:77: + 5a:d1:90:dc:22:d6:fe:4b:c0:57:a1:c6:3b:4a:ba: + ad:05:14:c9:24:68:76:b5:e2:26:d5:cb:50:fd:d0: + 77:0e:8c:0c:b9:5e:f7:a4:9a:45:35:6c:62:ca:e9: + 38:d4:10:9a:5c:30:a5:4f:26:47:03:03:73:56:85: + 8c:be:f5:d0:c0:09:06:3e:0e:e8:e5:7d:d0:19:54: + ed:57:ec:51:cf:bc:95:15:91:cf:d0:9a:84:dd:8a: + 50:7c:33:c2:1a:61:70:31:9a:19:17:28:b3:8c:da: + 5f:b8:d2:06:6b:82:3f:b6:6a:28:29:86:b4:20:cb: + a5:af:73:66:e4:37:36:81:f0:3f:ad:bf:05:b8:db: + 2e:c4:22:e2:eb:46:87:f4:60:d1:a6:7f:ee:9c:41: + a7:f3:aa:e9:37:dd:da:d6:f0:cd:48:ac:51:d1:77: + 8d:a1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:59:9D:56:0B:7C:0A:45:44:E3:15:57:E2:B2:F3:1D:64:6F:AF:7A + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: + 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: + 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: + 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: + 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: + e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: + 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: + aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: + d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: + 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: + 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: + 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: + 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: + eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: + 2c:b1:c1:34 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey +LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H+CBZ1bxEngPh+HbhcF6+IK0dGl +9cy+HUbYzahuIs49XDlxpA0D+nh+u2zoUeWY76ZeYtIw+juPIV+3X5i3n6hWejnK +wt+hVv6Vl1ZeW/502fIuyn7bUHda0ZDcItb+S8BXocY7SrqtBRTJJGh2teIm1ctQ +/dB3DowMuV73pJpFNWxiyuk41BCaXDClTyZHAwNzVoWMvvXQwAkGPg7o5X3QGVTt +V+xRz7yVFZHP0JqE3YpQfDPCGmFwMZoZFyizjNpfuNIGa4I/tmooKYa0IMulr3Nm +5Dc2gfA/rb8FuNsuxCLi60aH9GDRpn/unEGn86rpN93a1vDNSKxR0XeNoQIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ +CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg +YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW +6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R +kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr +sJQyRfcOsjskBVJ/iUhPJeIsscE0 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-assembled.pem b/certs/test-pathlen/chainB-assembled.pem new file mode 100644 index 000000000..310d83f88 --- /dev/null +++ b/certs/test-pathlen/chainB-assembled.pem @@ -0,0 +1,265 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:5f:d9:3d:d7:5b:11:aa:3e:53:31:d0:32:78: + 87:fb:c0:8e:80:6d:fc:68:73:1f:9c:77:66:16:35: + fc:2f:d7:e4:ca:ba:2a:73:5f:14:94:12:f0:48:31: + a2:40:ad:b4:e3:07:0c:02:47:b4:0a:07:69:d5:d2: + 85:bf:c8:bc:14:8c:c7:87:ba:5f:87:c5:07:f4:df: + a4:46:1e:b7:13:0f:9d:7e:f6:1a:7b:29:09:55:4c: + 17:ee:c8:b0:9d:39:0c:89:6e:18:9c:06:7f:5d:95: + d2:4c:71:b3:1f:ea:5d:d2:f6:2c:69:a8:16:15:59: + e5:7d:03:d7:bd:1a:34:e3:f1:27:e3:b9:7d:68:e0: + 39:3f:35:62:2f:20:20:fa:19:62:37:1a:30:47:6c: + a3:f9:8e:9c:f3:67:2e:bb:38:4c:2e:0a:21:9b:70: + b6:97:a2:1b:b3:98:0d:5b:74:97:33:f0:b8:6c:4e: + ad:b4:1f:48:62:c9:9a:af:2d:a6:a1:06:ae:98:30: + 54:5e:cb:dd:23:77:d5:ee:5c:fb:81:f0:2b:ad:6f: + fa:e3:b1:0e:98:bd:3e:0b:f4:7c:c5:e3:50:bf:08: + 9b:bf:be:f8:6a:d9:db:78:36:84:f2:7e:7b:7d:5e: + a7:8f:42:81:5f:41:f4:77:5c:30:51:f5:3f:2d:25: + 95:4d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 7F:17:7E:8E:A8:2C:AD:9C:C7:22:7E:A6:C6:90:9E:63:C4:5F:33:9E + X509v3 Authority Key Identifier: + keyid:D7:90:E4:86:59:24:F9:2B:B8:06:8E:B1:8F:33:E5:2C:63:F1:03:16 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainB-ICA2-pathlen1/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: + 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: + 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: + b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: + 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: + 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: + 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: + ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: + ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: + fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: + d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: + d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: + 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: + 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: + a5:75:99:ad +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11/ZPddbEao+UzHQMniH ++8COgG38aHMfnHdmFjX8L9fkyroqc18UlBLwSDGiQK204wcMAke0Cgdp1dKFv8i8 +FIzHh7pfh8UH9N+kRh63Ew+dfvYaeykJVUwX7siwnTkMiW4YnAZ/XZXSTHGzH+pd +0vYsaagWFVnlfQPXvRo04/En47l9aOA5PzViLyAg+hliNxowR2yj+Y6c82cuuzhM +Lgohm3C2l6Ibs5gNW3SXM/C4bE6ttB9IYsmary2moQaumDBUXsvdI3fV7lz7gfAr +rW/647EOmL0+C/R8xeNQvwibv774atnbeDaE8n57fV6nj0KBX0H0d1wwUfU/LSWV +TQIDAQABo4H+MIH7MB0GA1UdDgQWBBR/F36OqCytnMcifqbGkJ5jxF8znjCBzgYD +VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 +7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 +RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO +oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa +EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU +zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu +xBu8E79NhaV1ma0= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b2:f7:aa:ae:91:d1:24:41:52:a1:22:e0:d3:97: + 9b:e0:0c:94:9c:4a:e4:b3:85:ae:a9:43:9f:ec:7a: + 05:dd:88:5c:e5:19:52:53:39:86:8a:b2:e2:86:27: + ab:03:9a:be:c4:54:67:af:b9:ac:65:e2:61:97:78: + 66:60:29:90:62:08:62:91:a0:96:2b:0f:30:6c:da: + 3d:70:35:52:a8:a7:d5:85:49:25:6a:56:59:bc:6b: + 45:91:c3:37:fc:06:0d:a2:a9:46:e2:29:82:1b:77: + a6:49:35:fb:57:5f:33:02:92:e5:6b:67:c2:61:e2: + 37:9c:12:5c:b5:2c:9b:2a:a5:85:97:22:73:3d:36: + 50:55:1a:6a:59:d9:da:ac:2d:3f:e6:6a:b1:1d:60: + 52:03:05:40:5f:cf:06:68:f0:32:86:5a:6f:b5:02: + 63:e6:2e:1e:9f:09:82:8c:03:18:19:e4:79:d5:35: + 6e:d9:17:9f:3c:c1:d9:3b:95:f9:6f:f3:19:d1:d3: + b8:5d:7c:93:37:c3:7c:3b:a0:58:c7:fb:e5:2d:f5: + 58:d3:9b:72:f3:43:7a:29:ec:6b:f4:86:81:c8:e6: + 60:8b:2b:c5:ad:59:e5:a4:a0:05:97:09:02:00:a7: + 55:dc:5b:ef:e4:8b:83:1a:ee:c8:1c:b5:b6:e6:61: + 6b:d1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D7:90:E4:86:59:24:F9:2B:B8:06:8E:B1:8F:33:E5:2C:63:F1:03:16 + X509v3 Authority Key Identifier: + keyid:EE:59:9D:56:0B:7C:0A:45:44:E3:15:57:E2:B2:F3:1D:64:6F:AF:7A + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: + 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: + b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: + 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: + 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: + 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: + cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: + 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: + c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: + bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: + 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: + dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: + af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: + f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: + d8:0d:95:d4 +-----BEGIN CERTIFICATE----- +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALL3qq6R0SRB +UqEi4NOXm+AMlJxK5LOFrqlDn+x6Bd2IXOUZUlM5hoqy4oYnqwOavsRUZ6+5rGXi +YZd4ZmApkGIIYpGglisPMGzaPXA1Uqin1YVJJWpWWbxrRZHDN/wGDaKpRuIpght3 +pkk1+1dfMwKS5WtnwmHiN5wSXLUsmyqlhZcicz02UFUaalnZ2qwtP+ZqsR1gUgMF +QF/PBmjwMoZab7UCY+YuHp8JgowDGBnkedU1btkXnzzB2TuV+W/zGdHTuF18kzfD +fDugWMf75S31WNObcvNDeinsa/SGgcjmYIsrxa1Z5aSgBZcJAgCnVdxb7+SLgxru +yBy1tuZha9ECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBTXkOSGWST5K7gGjrGPM+Us +Y/EDFjCBwQYDVR0jBIG5MIG2gBTuWZ1WC3wKRUTjFVfisvMdZG+veqGBmqSBlzCB +lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN +AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr +S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 +8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ +K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I +S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 +NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d0:7f:82:05:9d:5b:c4:49:e0:3e:1f:87:6e:17: + 05:eb:e2:0a:d1:d1:a5:f5:cc:be:1d:46:d8:cd:a8: + 6e:22:ce:3d:5c:39:71:a4:0d:03:fa:78:7e:bb:6c: + e8:51:e5:98:ef:a6:5e:62:d2:30:fa:3b:8f:21:5f: + b7:5f:98:b7:9f:a8:56:7a:39:ca:c2:df:a1:56:fe: + 95:97:56:5e:5b:fe:74:d9:f2:2e:ca:7e:db:50:77: + 5a:d1:90:dc:22:d6:fe:4b:c0:57:a1:c6:3b:4a:ba: + ad:05:14:c9:24:68:76:b5:e2:26:d5:cb:50:fd:d0: + 77:0e:8c:0c:b9:5e:f7:a4:9a:45:35:6c:62:ca:e9: + 38:d4:10:9a:5c:30:a5:4f:26:47:03:03:73:56:85: + 8c:be:f5:d0:c0:09:06:3e:0e:e8:e5:7d:d0:19:54: + ed:57:ec:51:cf:bc:95:15:91:cf:d0:9a:84:dd:8a: + 50:7c:33:c2:1a:61:70:31:9a:19:17:28:b3:8c:da: + 5f:b8:d2:06:6b:82:3f:b6:6a:28:29:86:b4:20:cb: + a5:af:73:66:e4:37:36:81:f0:3f:ad:bf:05:b8:db: + 2e:c4:22:e2:eb:46:87:f4:60:d1:a6:7f:ee:9c:41: + a7:f3:aa:e9:37:dd:da:d6:f0:cd:48:ac:51:d1:77: + 8d:a1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:59:9D:56:0B:7C:0A:45:44:E3:15:57:E2:B2:F3:1D:64:6F:AF:7A + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: + 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: + 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: + 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: + 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: + e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: + 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: + aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: + d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: + 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: + 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: + 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: + 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: + eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: + 2c:b1:c1:34 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey +LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H+CBZ1bxEngPh+HbhcF6+IK0dGl +9cy+HUbYzahuIs49XDlxpA0D+nh+u2zoUeWY76ZeYtIw+juPIV+3X5i3n6hWejnK +wt+hVv6Vl1ZeW/502fIuyn7bUHda0ZDcItb+S8BXocY7SrqtBRTJJGh2teIm1ctQ +/dB3DowMuV73pJpFNWxiyuk41BCaXDClTyZHAwNzVoWMvvXQwAkGPg7o5X3QGVTt +V+xRz7yVFZHP0JqE3YpQfDPCGmFwMZoZFyizjNpfuNIGa4I/tmooKYa0IMulr3Nm +5Dc2gfA/rb8FuNsuxCLi60aH9GDRpn/unEGn86rpN93a1vDNSKxR0XeNoQIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ +CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg +YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW +6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R +kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr +sJQyRfcOsjskBVJ/iUhPJeIsscE0 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-entity-key.pem b/certs/test-pathlen/chainB-entity-key.pem new file mode 100644 index 000000000..1c4206298 --- /dev/null +++ b/certs/test-pathlen/chainB-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA11/ZPddbEao+UzHQMniH+8COgG38aHMfnHdmFjX8L9fkyroq +c18UlBLwSDGiQK204wcMAke0Cgdp1dKFv8i8FIzHh7pfh8UH9N+kRh63Ew+dfvYa +eykJVUwX7siwnTkMiW4YnAZ/XZXSTHGzH+pd0vYsaagWFVnlfQPXvRo04/En47l9 +aOA5PzViLyAg+hliNxowR2yj+Y6c82cuuzhMLgohm3C2l6Ibs5gNW3SXM/C4bE6t +tB9IYsmary2moQaumDBUXsvdI3fV7lz7gfArrW/647EOmL0+C/R8xeNQvwibv774 +atnbeDaE8n57fV6nj0KBX0H0d1wwUfU/LSWVTQIDAQABAoIBAH2lLB5YuYc3sz5j +rBsVl/c1oayo/XyN1N46BbNlcScUIyRlsQg3atDrr4PeeNKUxBdB8C6QWCcVpheY +xnBZEehHLMww3TRerMKdib9igdk73dzIhDBfg1NgngGu0OIX+wld0juLytf05Ie2 +ORKgbnX5KXXGGoQAOtJQ4JYwaLSk1Ccz/Oa9LrYKPNqoDT90EagCSlie+/McEbu5 +oX/Wn4cmK2TF0XXGpcFzvZ5r1Humzvb7cbPl+HAYHdceTzS6nUREokCC37j3x+ks +6gRgYGR78uk+oayKBk7PFK6KW5T4U/TFpMkiJ9iEYprMap74P8L/rdqgLot+VIFM +/5y70CECgYEA9dJA/cCuIEDKMDaS1SwhigPZOqMw1iGflDjZbZw2nd5Vo7EcLghS +G4+YDMOj/ATd/2Ukb0/uoeZqz6qg/8RePrgRs+yafYI1r5MJqV4TXAX2OZm0H9Fa +Bcih7FWZFM7Y0BhYQAD9x816jq0fvq6mt/g95q9PAiZNp9mug1BSjQkCgYEA4Era +Rsqhrg3OVW64RTL6iRbG5JnyWPRbclYHBubGR7adV0SFYmPNdLhlONfe1dsXtrS5 +R/2nKCSBJJKE6Mgd0iTD+BDvi7PgQhxu4SIjm3RstYDNg4LfIg3eEVChzQHG8lrZ +23zPJAUt6rFW6EfYnPZWFF4nLeJvv8yxgxqtWyUCgYEAiePI5Q5iHmF5iRXzw3Qf +1CVYgxXrXRI7S4+gF2YbFO8Upt/AaOnt9NvVdMOBhurMBGkdyPrTZymzHI4gBZiH +LTNfasf72Q9jQft+3eyRe3s0pRbc/UQX9UqX2dQiLJPi9sfRKQXlVWCjsMjYF8Qs +bOHpBy+raA9IXDE1PR+fTtECgYEAz6m+KukVhNdXgJYAmmE2wZKLF8DJNz8XI+cu +nl8wmdkkGFZiwNPyt+y6G0UTFiHB9PGi0lqxV2NlBn15/SS7J4POxXC4uToTmmJE +7sDzAs1qkSnuHaMgAKGiR5nGFM9eaalgJ+2Iw6rf9nm3I1zR25Hf5P+/eqY6HPTi +LaaXdtkCgYBgvU/odZK0iBhqBsAxDfbk7BhnV9jKQOvkm7T6NupjmxhPmLQaFnWG +d7KyYH052MpHR4+sTGo+LqFT7PGSo2FQDpRRUJ7NjocFr9jVi2LU3B3bDpQU7vKi +Odovr+9RuHqcTiwnULPMlPeeXFIlWFT3tz2v6jodGjf8ejzv3IbH5g== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainB-entity.pem b/certs/test-pathlen/chainB-entity.pem new file mode 100644 index 000000000..054e7f6bd --- /dev/null +++ b/certs/test-pathlen/chainB-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:5f:d9:3d:d7:5b:11:aa:3e:53:31:d0:32:78: + 87:fb:c0:8e:80:6d:fc:68:73:1f:9c:77:66:16:35: + fc:2f:d7:e4:ca:ba:2a:73:5f:14:94:12:f0:48:31: + a2:40:ad:b4:e3:07:0c:02:47:b4:0a:07:69:d5:d2: + 85:bf:c8:bc:14:8c:c7:87:ba:5f:87:c5:07:f4:df: + a4:46:1e:b7:13:0f:9d:7e:f6:1a:7b:29:09:55:4c: + 17:ee:c8:b0:9d:39:0c:89:6e:18:9c:06:7f:5d:95: + d2:4c:71:b3:1f:ea:5d:d2:f6:2c:69:a8:16:15:59: + e5:7d:03:d7:bd:1a:34:e3:f1:27:e3:b9:7d:68:e0: + 39:3f:35:62:2f:20:20:fa:19:62:37:1a:30:47:6c: + a3:f9:8e:9c:f3:67:2e:bb:38:4c:2e:0a:21:9b:70: + b6:97:a2:1b:b3:98:0d:5b:74:97:33:f0:b8:6c:4e: + ad:b4:1f:48:62:c9:9a:af:2d:a6:a1:06:ae:98:30: + 54:5e:cb:dd:23:77:d5:ee:5c:fb:81:f0:2b:ad:6f: + fa:e3:b1:0e:98:bd:3e:0b:f4:7c:c5:e3:50:bf:08: + 9b:bf:be:f8:6a:d9:db:78:36:84:f2:7e:7b:7d:5e: + a7:8f:42:81:5f:41:f4:77:5c:30:51:f5:3f:2d:25: + 95:4d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 7F:17:7E:8E:A8:2C:AD:9C:C7:22:7E:A6:C6:90:9E:63:C4:5F:33:9E + X509v3 Authority Key Identifier: + keyid:D7:90:E4:86:59:24:F9:2B:B8:06:8E:B1:8F:33:E5:2C:63:F1:03:16 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainB-ICA2-pathlen1/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: + 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: + 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: + b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: + 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: + 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: + 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: + ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: + ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: + fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: + d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: + d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: + 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: + 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: + a5:75:99:ad +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11/ZPddbEao+UzHQMniH ++8COgG38aHMfnHdmFjX8L9fkyroqc18UlBLwSDGiQK204wcMAke0Cgdp1dKFv8i8 +FIzHh7pfh8UH9N+kRh63Ew+dfvYaeykJVUwX7siwnTkMiW4YnAZ/XZXSTHGzH+pd +0vYsaagWFVnlfQPXvRo04/En47l9aOA5PzViLyAg+hliNxowR2yj+Y6c82cuuzhM +Lgohm3C2l6Ibs5gNW3SXM/C4bE6ttB9IYsmary2moQaumDBUXsvdI3fV7lz7gfAr +rW/647EOmL0+C/R8xeNQvwibv774atnbeDaE8n57fV6nj0KBX0H0d1wwUfU/LSWV +TQIDAQABo4H+MIH7MB0GA1UdDgQWBBR/F36OqCytnMcifqbGkJ5jxF8znjCBzgYD +VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 +7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 +RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO +oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa +EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU +zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu +xBu8E79NhaV1ma0= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-ICA1-key.pem b/certs/test-pathlen/chainC-ICA1-key.pem new file mode 100644 index 000000000..63826260e --- /dev/null +++ b/certs/test-pathlen/chainC-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuxpswb27mynKNT1joynNpmXEnqPFUJmtUZAKmpuDzr4Gu2ZP +7x4xJTRvX5iuAUnDYxeEuXptwNj9DP+aAkxBN0nwGGMbT/w3Jk5UedcXOVB5bqMp +mQetnVzY4QLnM37k2qQFvGID059qkZJm3SnQlfsvP/BZuHBbJVR7oAqfMwlk7fvU +HC2WVEXjUJj/sX+axs8Jo9rpV60dBY8edXXn0gcz3tp9QtgOlP6ux5vDtZ7zayGf +dMSzMnwoTg+8FTO6nAk8wUAGeLuxID9hFfYeSXNRiZUtlb801sKp0TQdjSFtT6Nu +7/wjonb80CVTDkN2O+2C7NgjyzPvPJ2h3uZ6rQIDAQABAoIBAQCBojJeHbYBMHgg +YRNKtij9NB+BhpisWn2COFmQe1Vchb6mUqHpW7LTQzwzMNbGn7PXUTEtTU0Dw5O4 +UNQE6Y553ymRzADdbzNKwBS5gjReCorIBBZLJ827bNv7Moa74Bxx/BjZR9O86QPu +LlBExbb2Y11+YGnZZ0dPWvR4k0NwGM+zsEVfJQcRR7JXaQ720123sg+7TuTk30X/ +mgayttEyJhLt7UqulYagTethwKLY18fdvHTOGdES5Xiw+bWC7PKa/FePX8YXnFVN +Cz3t4l4Us/xs22nYo4IG2lu1LSxy2IxPV92w4KX4XcrwTW3+eH8+tfPByp3gFTdP +ZetlWehBAoGBAOLoOMIwLLSN5S0tJ4vwQaxn0YqEwJsEaSx85SUujhbsbjgyeVF6 +iN/v6TTb2EYliZvtQirkC7GMnS313AxzpUFO7+V/xf3jYDK7t+UJ1ap3zUU3vUOb +F4FKorNbfoxYd/vtZ7wt/KvuCKvDTszv8NhUNzFhXeIEzFhf+S4SDqFdAoGBANMX +uAZoLngBmAyw2zYcWTW5U9armeycTDpfxDpM4PjbxOs17/hK0G4IXqzCfQ2Hi0bl +fW6KeO5FqD9d5klIYo0278w4n5FpvA3yxqVlHoqXCtSYedSWsXN/sl7Ak1d2VngW +ecytOdrBxvQy9wqnmk3lhJby5DNWiuiUafudlxmRAoGAbFPhhRPqw+haWU8Nakmx +kNWfvDnUmi1o6MxXuYCYZWlK1ZmDQdr2LbMj6xBqGFMjd0W2KTPmQUWYZLDT9T3g +z2UYMsDljWhYLOBh0v72+wNnBHyv5u7MMfWn52ju6aHy5ltZAwYRcyOZECeWH1EN +8rmCABkz8QvJYweutsf4JCECgYEAz6B7zCl602TV9l2aL/3wLSyNbw+4RYdyXtRF +QQbPHVekt6mE0BZeLmwjGw/tSnpwnpopJqoiylJPa4xjbt84uCc59AgZw0BZzOpn +QtVUFgL8jyEua9CQ18bZXeNSyWtHH7UTtiMITcfddeIPJTa3Sjkfkg10MZ7E4IDi +Qa++qFECgYBRM+cS7jwo5oulYJ7Sqs8n1pj8MNGSLEcPQaTOxMUWqtkaN9iVQLx7 +lI/FYusedOReZ/+UDUrwZDdMXYrnL4/f8STXidDsY2+LOilaT2XggdBABe0bCjbf +r/Pknwx2VkwWFbDN6h/U9tKU47allf64kCQqzgoZtzMXTefZiAxLrw== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/certs/test-pathlen/chainC-ICA1-pathlen1.pem new file mode 100644 index 000000000..9ae15cd0c --- /dev/null +++ b/certs/test-pathlen/chainC-ICA1-pathlen1.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:1a:6c:c1:bd:bb:9b:29:ca:35:3d:63:a3:29: + cd:a6:65:c4:9e:a3:c5:50:99:ad:51:90:0a:9a:9b: + 83:ce:be:06:bb:66:4f:ef:1e:31:25:34:6f:5f:98: + ae:01:49:c3:63:17:84:b9:7a:6d:c0:d8:fd:0c:ff: + 9a:02:4c:41:37:49:f0:18:63:1b:4f:fc:37:26:4e: + 54:79:d7:17:39:50:79:6e:a3:29:99:07:ad:9d:5c: + d8:e1:02:e7:33:7e:e4:da:a4:05:bc:62:03:d3:9f: + 6a:91:92:66:dd:29:d0:95:fb:2f:3f:f0:59:b8:70: + 5b:25:54:7b:a0:0a:9f:33:09:64:ed:fb:d4:1c:2d: + 96:54:45:e3:50:98:ff:b1:7f:9a:c6:cf:09:a3:da: + e9:57:ad:1d:05:8f:1e:75:75:e7:d2:07:33:de:da: + 7d:42:d8:0e:94:fe:ae:c7:9b:c3:b5:9e:f3:6b:21: + 9f:74:c4:b3:32:7c:28:4e:0f:bc:15:33:ba:9c:09: + 3c:c1:40:06:78:bb:b1:20:3f:61:15:f6:1e:49:73: + 51:89:95:2d:95:bf:34:d6:c2:a9:d1:34:1d:8d:21: + 6d:4f:a3:6e:ef:fc:23:a2:76:fc:d0:25:53:0e:43: + 76:3b:ed:82:ec:d8:23:cb:33:ef:3c:9d:a1:de:e6: + 7a:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 94:1D:2E:07:37:C6:2F:52:C1:EC:79:6B:13:CE:09:90:5F:F4:C4:51 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: + 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: + a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: + 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: + f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: + 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: + 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: + 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: + 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: + cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: + e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: + 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: + 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: + 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: + 14:e2:60:25 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex +LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxpswb27mynKNT1joynNpmXEnqPF +UJmtUZAKmpuDzr4Gu2ZP7x4xJTRvX5iuAUnDYxeEuXptwNj9DP+aAkxBN0nwGGMb +T/w3Jk5UedcXOVB5bqMpmQetnVzY4QLnM37k2qQFvGID059qkZJm3SnQlfsvP/BZ +uHBbJVR7oAqfMwlk7fvUHC2WVEXjUJj/sX+axs8Jo9rpV60dBY8edXXn0gcz3tp9 +QtgOlP6ux5vDtZ7zayGfdMSzMnwoTg+8FTO6nAk8wUAGeLuxID9hFfYeSXNRiZUt +lb801sKp0TQdjSFtT6Nu7/wjonb80CVTDkN2O+2C7NgjyzPvPJ2h3uZ6rQIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS +pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme +ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ +3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl +EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ +1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-assembled.pem b/certs/test-pathlen/chainC-assembled.pem new file mode 100644 index 000000000..3c15b3aa5 --- /dev/null +++ b/certs/test-pathlen/chainC-assembled.pem @@ -0,0 +1,175 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bf:34:e1:1c:2c:2d:a4:93:b5:c4:fc:65:40:fa: + 94:68:74:24:ff:52:a4:df:3e:f1:7c:92:14:f0:f0: + 91:ed:9c:7e:a0:7e:b1:07:20:38:b2:c4:a2:b8:09: + d1:06:ee:fa:c6:7e:4d:79:be:dd:83:18:cf:e8:a7: + 78:88:cd:44:ce:3a:40:05:7a:6e:c5:c9:e4:84:64: + e0:01:7d:4f:f9:87:d2:94:91:e9:c8:21:bc:71:2e: + ef:f6:61:23:46:6b:da:5f:32:23:a1:86:9c:c6:9a: + b4:98:35:6d:36:b8:34:14:fd:9d:63:2f:75:7e:58: + f2:08:f9:e3:32:2a:a6:d2:b1:49:05:d3:8c:d4:48: + 5c:c2:57:07:62:4e:7a:05:23:c2:4f:ca:d5:a8:38: + 32:92:c2:21:3b:74:3e:2d:b1:6b:57:96:81:a3:2d: + ce:6e:9c:d9:ce:1f:e9:42:f8:2c:bb:fe:07:57:c6: + c8:93:6e:89:d3:fc:d2:83:4b:c1:2c:ea:5e:41:c9: + 7c:be:6c:23:01:89:75:1b:1f:57:ac:83:dc:da:e1: + 63:55:d8:94:fc:2d:a6:99:15:d1:71:88:a5:1b:f5: + 6f:39:0a:bd:ec:09:02:09:77:a7:5d:da:78:f8:8f: + b1:5d:a7:83:12:10:5f:89:ae:72:c2:88:bf:3e:80: + 98:c3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 91:79:7C:91:A7:A0:BC:E1:7B:77:9E:51:6E:5C:A7:7A:D9:3F:18:A0 + X509v3 Authority Key Identifier: + keyid:94:1D:2E:07:37:C6:2F:52:C1:EC:79:6B:13:CE:09:90:5F:F4:C4:51 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: + 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: + 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: + 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: + 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: + ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: + cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: + e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: + 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: + d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: + 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: + 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: + 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: + 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: + c6:bd:25:6b +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzThHCwtpJO1xPxlQPqU +aHQk/1Kk3z7xfJIU8PCR7Zx+oH6xByA4ssSiuAnRBu76xn5Neb7dgxjP6Kd4iM1E +zjpABXpuxcnkhGTgAX1P+YfSlJHpyCG8cS7v9mEjRmvaXzIjoYacxpq0mDVtNrg0 +FP2dYy91fljyCPnjMiqm0rFJBdOM1EhcwlcHYk56BSPCT8rVqDgyksIhO3Q+LbFr +V5aBoy3ObpzZzh/pQvgsu/4HV8bIk26J0/zSg0vBLOpeQcl8vmwjAYl1Gx9XrIPc +2uFjVdiU/C2mmRXRcYilG/VvOQq97AkCCXenXdp4+I+xXaeDEhBfia5ywoi/PoCY +wwIDAQABo4HxMIHuMB0GA1UdDgQWBBSReXyRp6C84Xt3nlFuXKd62T8YoDCBwQYD +VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE +BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV +BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu +d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw +CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K +mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE +9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL +xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy +1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR +EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:1a:6c:c1:bd:bb:9b:29:ca:35:3d:63:a3:29: + cd:a6:65:c4:9e:a3:c5:50:99:ad:51:90:0a:9a:9b: + 83:ce:be:06:bb:66:4f:ef:1e:31:25:34:6f:5f:98: + ae:01:49:c3:63:17:84:b9:7a:6d:c0:d8:fd:0c:ff: + 9a:02:4c:41:37:49:f0:18:63:1b:4f:fc:37:26:4e: + 54:79:d7:17:39:50:79:6e:a3:29:99:07:ad:9d:5c: + d8:e1:02:e7:33:7e:e4:da:a4:05:bc:62:03:d3:9f: + 6a:91:92:66:dd:29:d0:95:fb:2f:3f:f0:59:b8:70: + 5b:25:54:7b:a0:0a:9f:33:09:64:ed:fb:d4:1c:2d: + 96:54:45:e3:50:98:ff:b1:7f:9a:c6:cf:09:a3:da: + e9:57:ad:1d:05:8f:1e:75:75:e7:d2:07:33:de:da: + 7d:42:d8:0e:94:fe:ae:c7:9b:c3:b5:9e:f3:6b:21: + 9f:74:c4:b3:32:7c:28:4e:0f:bc:15:33:ba:9c:09: + 3c:c1:40:06:78:bb:b1:20:3f:61:15:f6:1e:49:73: + 51:89:95:2d:95:bf:34:d6:c2:a9:d1:34:1d:8d:21: + 6d:4f:a3:6e:ef:fc:23:a2:76:fc:d0:25:53:0e:43: + 76:3b:ed:82:ec:d8:23:cb:33:ef:3c:9d:a1:de:e6: + 7a:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 94:1D:2E:07:37:C6:2F:52:C1:EC:79:6B:13:CE:09:90:5F:F4:C4:51 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: + 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: + a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: + 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: + f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: + 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: + 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: + 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: + 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: + cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: + e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: + 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: + 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: + 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: + 14:e2:60:25 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex +LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxpswb27mynKNT1joynNpmXEnqPF +UJmtUZAKmpuDzr4Gu2ZP7x4xJTRvX5iuAUnDYxeEuXptwNj9DP+aAkxBN0nwGGMb +T/w3Jk5UedcXOVB5bqMpmQetnVzY4QLnM37k2qQFvGID059qkZJm3SnQlfsvP/BZ +uHBbJVR7oAqfMwlk7fvUHC2WVEXjUJj/sX+axs8Jo9rpV60dBY8edXXn0gcz3tp9 +QtgOlP6ux5vDtZ7zayGfdMSzMnwoTg+8FTO6nAk8wUAGeLuxID9hFfYeSXNRiZUt +lb801sKp0TQdjSFtT6Nu7/wjonb80CVTDkN2O+2C7NgjyzPvPJ2h3uZ6rQIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS +pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme +ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ +3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl +EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ +1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-entity-key.pem b/certs/test-pathlen/chainC-entity-key.pem new file mode 100644 index 000000000..1043ec961 --- /dev/null +++ b/certs/test-pathlen/chainC-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEAvzThHCwtpJO1xPxlQPqUaHQk/1Kk3z7xfJIU8PCR7Zx+oH6x +ByA4ssSiuAnRBu76xn5Neb7dgxjP6Kd4iM1EzjpABXpuxcnkhGTgAX1P+YfSlJHp +yCG8cS7v9mEjRmvaXzIjoYacxpq0mDVtNrg0FP2dYy91fljyCPnjMiqm0rFJBdOM +1EhcwlcHYk56BSPCT8rVqDgyksIhO3Q+LbFrV5aBoy3ObpzZzh/pQvgsu/4HV8bI +k26J0/zSg0vBLOpeQcl8vmwjAYl1Gx9XrIPc2uFjVdiU/C2mmRXRcYilG/VvOQq9 +7AkCCXenXdp4+I+xXaeDEhBfia5ywoi/PoCYwwIDAQABAoIBAQCSlHYyQ8flz/rb +/WWeD7sv7EHknjWYk0dLaS22m6YzUvJcFWOfA9uTaF0Z2ySsPQ5wlqjMOT7VXnMc +dy5XKY2iz1L/ICHFbQXLXQ3A9pEVyULs9IMVEo/E8OeyqDsDpHDu46AfFvQe6MCj +oumLtmDu6pH6VIqtBoDd0ruSXNIw17a99b7kdCsGq4cobwbPmQtqc4+bpEd1+5si +EErSmHA+x1u/M2B1xJo9KPFAHKifGTBpU7t/uSPAmGmA/oq1fkhAkqYmBlxbLi72 +E6T7BoXpZ42dzaZnKXRU1M2uo3hocaZaZdZ4eRWrJcjpAnL12HyfpotOKFUJbNZY +ILZlVIMpAoGBAOMr6kz51tfSTLj/vcp/U/zelSE6J9VGlhGoeW8fkyI1rZ2scOo1 +kHQgOcaOwptAatNmclJuAChc3cwflN232egbRLEMWDdUXTwydSH/Aldjj0SZkgqz +n4wlOmXW05faInU8DeIHq8m1IoTcjciH5QLc/Gq24dBElSsXLFOS7mdNAoGBANd4 +k1dPyoYkGPjEO89E6rSnwv2pGvj+Eu9EANpCtkx6o341yxWCou6GDTxiepZe18Ed +RGV/QWQCYPRQXJf+XwTrmxMJ3VN8+jHN8kd/iZPbIgti4Tn68Svkjq97yEBMcAjH +sYyMo2Iuo6e8kWGJJJe+5JuLflu8YjZQglANfZhPAoGBAIls4ZqbcUqyX9Nycn/z +sv1AMXseUUaGIvafsoZ01W9Whabi0JP+v1pgvFLPvg5pU7Z7PSF8hf/k3hBD8qyG +Mf5lsJJiY2NlV9m4tH9SYzo2ck8Pj/eFXjlLtB4zbWFphnrhT4yzE0s8lptFSUhM +XU/0G4b7B3QUaSDeLeSI+EvpAoGBANXlak7IdMGI4AlDtCPjxCKmTxlEX/RBNEa0 ++SuyAgoVzGsjt4CY+GlURZtmH09aw09/YEBpfV5sRhcCF4kDCQx3XrAdoMqaTDxY +t2RmpQpUBI3NEMxf4j2yXDqz5Gx/9M+ifQyLKD31Ep0WwjNS0zKYW5RVe5BRiCVm +8pXJbp5dAoGBAJiN8lryCqG+0VZ+SKU8UI9paR6G64IFO3A2SjBJf7YrQ8fivhOk +gEdB/Aph2ztx0AZP56b38y7EievsKW95kg1LhGi0bhlKygVuZRWJa4Kj9DaTlAss +2ufqrz1VGK7o0elCrNnNp0F/ocWMAvVFBPOA90WMKd2z97HpcgvzXGj6 +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainC-entity.pem b/certs/test-pathlen/chainC-entity.pem new file mode 100644 index 000000000..5747494a0 --- /dev/null +++ b/certs/test-pathlen/chainC-entity.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bf:34:e1:1c:2c:2d:a4:93:b5:c4:fc:65:40:fa: + 94:68:74:24:ff:52:a4:df:3e:f1:7c:92:14:f0:f0: + 91:ed:9c:7e:a0:7e:b1:07:20:38:b2:c4:a2:b8:09: + d1:06:ee:fa:c6:7e:4d:79:be:dd:83:18:cf:e8:a7: + 78:88:cd:44:ce:3a:40:05:7a:6e:c5:c9:e4:84:64: + e0:01:7d:4f:f9:87:d2:94:91:e9:c8:21:bc:71:2e: + ef:f6:61:23:46:6b:da:5f:32:23:a1:86:9c:c6:9a: + b4:98:35:6d:36:b8:34:14:fd:9d:63:2f:75:7e:58: + f2:08:f9:e3:32:2a:a6:d2:b1:49:05:d3:8c:d4:48: + 5c:c2:57:07:62:4e:7a:05:23:c2:4f:ca:d5:a8:38: + 32:92:c2:21:3b:74:3e:2d:b1:6b:57:96:81:a3:2d: + ce:6e:9c:d9:ce:1f:e9:42:f8:2c:bb:fe:07:57:c6: + c8:93:6e:89:d3:fc:d2:83:4b:c1:2c:ea:5e:41:c9: + 7c:be:6c:23:01:89:75:1b:1f:57:ac:83:dc:da:e1: + 63:55:d8:94:fc:2d:a6:99:15:d1:71:88:a5:1b:f5: + 6f:39:0a:bd:ec:09:02:09:77:a7:5d:da:78:f8:8f: + b1:5d:a7:83:12:10:5f:89:ae:72:c2:88:bf:3e:80: + 98:c3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 91:79:7C:91:A7:A0:BC:E1:7B:77:9E:51:6E:5C:A7:7A:D9:3F:18:A0 + X509v3 Authority Key Identifier: + keyid:94:1D:2E:07:37:C6:2F:52:C1:EC:79:6B:13:CE:09:90:5F:F4:C4:51 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: + 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: + 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: + 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: + 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: + ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: + cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: + e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: + 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: + d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: + 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: + 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: + 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: + 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: + c6:bd:25:6b +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzThHCwtpJO1xPxlQPqU +aHQk/1Kk3z7xfJIU8PCR7Zx+oH6xByA4ssSiuAnRBu76xn5Neb7dgxjP6Kd4iM1E +zjpABXpuxcnkhGTgAX1P+YfSlJHpyCG8cS7v9mEjRmvaXzIjoYacxpq0mDVtNrg0 +FP2dYy91fljyCPnjMiqm0rFJBdOM1EhcwlcHYk56BSPCT8rVqDgyksIhO3Q+LbFr +V5aBoy3ObpzZzh/pQvgsu/4HV8bIk26J0/zSg0vBLOpeQcl8vmwjAYl1Gx9XrIPc +2uFjVdiU/C2mmRXRcYilG/VvOQq97AkCCXenXdp4+I+xXaeDEhBfia5ywoi/PoCY +wwIDAQABo4HxMIHuMB0GA1UdDgQWBBSReXyRp6C84Xt3nlFuXKd62T8YoDCBwQYD +VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE +BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV +BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu +d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw +CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K +mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE +9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL +xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy +1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR +EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-ICA1-key.pem b/certs/test-pathlen/chainD-ICA1-key.pem new file mode 100644 index 000000000..5898278a3 --- /dev/null +++ b/certs/test-pathlen/chainD-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA14F4qRmZEtHPPVFUHdMUlO0+3v/gI+T3I/xcSSTYNpPmKu6n +q8aNya1ARclEBkdMDWUJ3dvi8L3NeRzs0Y3e8v9m9bK9Q8xYfx3bS5elg1yHXptz +h8gdK0eSVeTbvlHV63bCqllye/YnL77A29w88uIZybAwuy6ilUgGvY6dvYxrXsaa +c0tssCCWR0TTCWtqK/qGXx0Lp2IictVWHKqXjM5Xow/mvM1jVFVgh1Dr+ozpFXCz +XE0OJ2D9B26M7D+gJcUBWaP8LYBLhEwQtcina7HlxcGasNZLMCG6QmXgP1nPf0lL +O89iBvSJrluBXRVj+3wpprXP87W1ZgZPo9pnOQIDAQABAoIBAFEIoxlawb9c20Ng +SHPqggu55fEuX9a/atrCMuViEFb9aAfus2eZAom6NrfHBWgi+Qr0WjBtVTlW9WM8 +KCRn51SSCuIKcraCqSgrTuFuxVLOwSwm4dtFuQokIHdh1esLlJe0kWBCwBSyq2t9 +m8FQYC6oLDA1qy1HTOU7LyWp8dBqwnbplTSUax9ske3hQ51uLVI3ESWIHwoC2t9D +fCAPQII7CIIOAO9hmi5324Z06Pi8LkuRY/ayiZ+CxMn2gSG3HuE2yg8fbbbVwN5u +w6Luwc0qPh8CmBDWXFftLjgY7u+PJOlYDz8GKYSaykVAvyjl9YeAMXKVo+dgER/H +4nBrWvECgYEA/Q+k2BIwr5gyE8dWoY7nVUQY/UlOX3WIQG13GCJBiUh23rZui3YQ ++tCTi1CRdoLkbyN2gPorMBxEjaQ+tKGhd/fSXeeftWMAIrQuKdxlYwBIG3xNCG69 +heL9Bcv9HKYtTWjEw9cR8OaXj9G3ExCqrdeJ2oA3Ow9xNTexSidT7o0CgYEA2gIs +rRzYtqIxgCML1iMUU5BwMeO7kqtQD9pl8jsoMgTFD83C3pS8iZcm3A53vmBi+l5a +ELljofTq4Sx9PLFLKITRjyMXZI0HJg7gaZRKcR8W8K38gIVTYT+KIp4fTsa51jKD +u7VWxKwCsTSRr50cvhUtW2kydgxrOShOiWz3Nl0CgYEAkdrLaxII55wz+LxizRk9 +ciKeuJXgyxpF3sR46PsNhN+0S6cgTddN8BH5iEl2nbTRjtEEw0/tRnx0cqLg1WF3 +XFsE78TJg1U9RcNN/CigcxA9f0IEcEDLkXiD1yx8hV+uKrig+DNkjtGJN4ZrG1z2 +0t2xAbP2oV7EJCUmVRQXxx0CgYEAw2erj8cJYDnk0IuZMmji8TvHtJABMqem7W6+ +be4kSyEHWPD/N+5tR45Z4Gh/X/6Y+PzVEaR571LNrOLpphrr2Pejtf6oGxJlU/GF +qFyolNhfAX+RkcjvQX1oXTsJqNxq+djxRrB1g3cCOr95zcSvXJkyvHqAJltfSC4e +pwMqWmkCgYBsEbkdUr9thcGrDeb+g4ZefnhkVwt9c80zwPFpfFsdp7en2c4isjZw +UyCA0qQPXBG+ChbtL3mRd/sAt10vFzBfTwjhU55rDBNjLUljEBkGpOQM1Hgi6IdY +A/J9/DoRY6Tg66bgQxu7iqwkCWTEnSjyRyeTDrem7zED/B/CNpbTtA== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/certs/test-pathlen/chainD-ICA1-pathlen127.pem new file mode 100644 index 000000000..525d7b7cb --- /dev/null +++ b/certs/test-pathlen/chainD-ICA1-pathlen127.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:81:78:a9:19:99:12:d1:cf:3d:51:54:1d:d3: + 14:94:ed:3e:de:ff:e0:23:e4:f7:23:fc:5c:49:24: + d8:36:93:e6:2a:ee:a7:ab:c6:8d:c9:ad:40:45:c9: + 44:06:47:4c:0d:65:09:dd:db:e2:f0:bd:cd:79:1c: + ec:d1:8d:de:f2:ff:66:f5:b2:bd:43:cc:58:7f:1d: + db:4b:97:a5:83:5c:87:5e:9b:73:87:c8:1d:2b:47: + 92:55:e4:db:be:51:d5:eb:76:c2:aa:59:72:7b:f6: + 27:2f:be:c0:db:dc:3c:f2:e2:19:c9:b0:30:bb:2e: + a2:95:48:06:bd:8e:9d:bd:8c:6b:5e:c6:9a:73:4b: + 6c:b0:20:96:47:44:d3:09:6b:6a:2b:fa:86:5f:1d: + 0b:a7:62:22:72:d5:56:1c:aa:97:8c:ce:57:a3:0f: + e6:bc:cd:63:54:55:60:87:50:eb:fa:8c:e9:15:70: + b3:5c:4d:0e:27:60:fd:07:6e:8c:ec:3f:a0:25:c5: + 01:59:a3:fc:2d:80:4b:84:4c:10:b5:c8:a7:6b:b1: + e5:c5:c1:9a:b0:d6:4b:30:21:ba:42:65:e0:3f:59: + cf:7f:49:4b:3b:cf:62:06:f4:89:ae:5b:81:5d:15: + 63:fb:7c:29:a6:b5:cf:f3:b5:b5:66:06:4f:a3:da: + 67:39 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 67:78:F9:AD:1C:53:41:1F:46:BD:49:9B:73:2E:7C:DC:5C:2D:0B:FB + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:127 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: + 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: + 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: + 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: + ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: + 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: + 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: + 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: + fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: + e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: + 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: + ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: + af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: + ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: + df:41:9e:ea +-----BEGIN CERTIFICATE----- +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex +LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXgXipGZkS0c89UVQd0xSU7T7e +/+Aj5Pcj/FxJJNg2k+Yq7qerxo3JrUBFyUQGR0wNZQnd2+Lwvc15HOzRjd7y/2b1 +sr1DzFh/HdtLl6WDXIdem3OHyB0rR5JV5Nu+UdXrdsKqWXJ79icvvsDb3Dzy4hnJ +sDC7LqKVSAa9jp29jGtexppzS2ywIJZHRNMJa2or+oZfHQunYiJy1VYcqpeMzlej +D+a8zWNUVWCHUOv6jOkVcLNcTQ4nYP0HbozsP6AlxQFZo/wtgEuETBC1yKdrseXF +wZqw1kswIbpCZeA/Wc9/SUs7z2IG9ImuW4FdFWP7fCmmtc/ztbVmBk+j2mc5AgMB +AAGjggENMIIBCTAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgckGA1Ud +IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK +DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF +BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL +6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE +cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc +otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX +jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA +zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-assembled.pem b/certs/test-pathlen/chainD-assembled.pem new file mode 100644 index 000000000..c406fd750 --- /dev/null +++ b/certs/test-pathlen/chainD-assembled.pem @@ -0,0 +1,175 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:e2:5d:f4:bd:06:b6:a1:21:3a:2d:7f:cc:f2:5a: + 15:36:28:0a:f2:bb:16:b5:ec:f9:e7:5b:92:ec:17: + 75:76:89:f4:1b:7c:a9:79:cb:62:4b:55:8a:ca:cc: + f9:f0:a9:a2:05:61:ee:d8:8b:d0:5d:c5:49:bc:7d: + 28:26:7d:3a:22:cc:20:71:55:4c:3a:f7:24:d7:95: + ac:ce:18:7d:0d:7b:20:4f:11:a9:7b:02:08:09:e6: + 85:91:e4:4e:80:b9:a4:76:0f:28:cc:07:f6:f2:be: + c1:54:63:d2:b7:81:59:09:0b:c1:bd:0d:27:70:55: + c7:5f:bc:54:ee:73:16:7e:d2:b4:4c:df:a8:a9:81: + cc:e3:a6:8c:eb:e3:98:49:84:0b:a0:da:f3:e1:5f: + 32:69:6a:b0:50:69:4f:96:72:04:3f:e7:1c:80:b1: + 2c:6f:7d:ff:41:f2:bb:0b:17:b7:b5:ce:21:ea:e6: + c2:bd:cd:28:08:40:43:04:e5:40:e2:7d:41:35:b5: + 51:bf:e8:20:01:99:85:a2:38:f1:6e:69:40:da:6e: + 9f:d3:40:63:89:19:de:4d:49:d2:79:10:b6:2a:bb: + 6f:66:fa:25:5f:96:c1:e8:38:96:e3:e5:28:28:b4: + ca:3c:21:1c:95:cd:b5:5e:50:f1:c9:3e:c2:4c:f2: + cb:33 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 58:92:0B:B2:E4:12:D8:A3:31:37:D9:89:F2:9E:6E:62:22:40:42:82 + X509v3 Authority Key Identifier: + keyid:67:78:F9:AD:1C:53:41:1F:46:BD:49:9B:73:2E:7C:DC:5C:2D:0B:FB + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: + e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: + 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: + 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: + 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: + 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: + 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: + e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: + 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: + 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: + 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: + 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: + 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: + 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: + a5:75:09:4d +-----BEGIN CERTIFICATE----- +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiXfS9BrahITotf8zy +WhU2KAryuxa17PnnW5LsF3V2ifQbfKl5y2JLVYrKzPnwqaIFYe7Yi9BdxUm8fSgm +fToizCBxVUw69yTXlazOGH0NeyBPEal7AggJ5oWR5E6AuaR2DyjMB/byvsFUY9K3 +gVkJC8G9DSdwVcdfvFTucxZ+0rRM36ipgczjpozr45hJhAug2vPhXzJparBQaU+W +cgQ/5xyAsSxvff9B8rsLF7e1ziHq5sK9zSgIQEME5UDifUE1tVG/6CABmYWiOPFu +aUDabp/TQGOJGd5NSdJ5ELYqu29m+iVflsHoOJbj5SgotMo8IRyVzbVeUPHJPsJM +8sszAgMBAAGjgfEwge4wHQYDVR0OBBYEFFiSC7LkEtijMTfZifKebmIiQEKCMIHB +BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz +D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x +qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG +gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 +wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq +8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:81:78:a9:19:99:12:d1:cf:3d:51:54:1d:d3: + 14:94:ed:3e:de:ff:e0:23:e4:f7:23:fc:5c:49:24: + d8:36:93:e6:2a:ee:a7:ab:c6:8d:c9:ad:40:45:c9: + 44:06:47:4c:0d:65:09:dd:db:e2:f0:bd:cd:79:1c: + ec:d1:8d:de:f2:ff:66:f5:b2:bd:43:cc:58:7f:1d: + db:4b:97:a5:83:5c:87:5e:9b:73:87:c8:1d:2b:47: + 92:55:e4:db:be:51:d5:eb:76:c2:aa:59:72:7b:f6: + 27:2f:be:c0:db:dc:3c:f2:e2:19:c9:b0:30:bb:2e: + a2:95:48:06:bd:8e:9d:bd:8c:6b:5e:c6:9a:73:4b: + 6c:b0:20:96:47:44:d3:09:6b:6a:2b:fa:86:5f:1d: + 0b:a7:62:22:72:d5:56:1c:aa:97:8c:ce:57:a3:0f: + e6:bc:cd:63:54:55:60:87:50:eb:fa:8c:e9:15:70: + b3:5c:4d:0e:27:60:fd:07:6e:8c:ec:3f:a0:25:c5: + 01:59:a3:fc:2d:80:4b:84:4c:10:b5:c8:a7:6b:b1: + e5:c5:c1:9a:b0:d6:4b:30:21:ba:42:65:e0:3f:59: + cf:7f:49:4b:3b:cf:62:06:f4:89:ae:5b:81:5d:15: + 63:fb:7c:29:a6:b5:cf:f3:b5:b5:66:06:4f:a3:da: + 67:39 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 67:78:F9:AD:1C:53:41:1F:46:BD:49:9B:73:2E:7C:DC:5C:2D:0B:FB + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:127 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: + 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: + 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: + 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: + ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: + 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: + 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: + 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: + fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: + e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: + 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: + ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: + af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: + ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: + df:41:9e:ea +-----BEGIN CERTIFICATE----- +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex +LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXgXipGZkS0c89UVQd0xSU7T7e +/+Aj5Pcj/FxJJNg2k+Yq7qerxo3JrUBFyUQGR0wNZQnd2+Lwvc15HOzRjd7y/2b1 +sr1DzFh/HdtLl6WDXIdem3OHyB0rR5JV5Nu+UdXrdsKqWXJ79icvvsDb3Dzy4hnJ +sDC7LqKVSAa9jp29jGtexppzS2ywIJZHRNMJa2or+oZfHQunYiJy1VYcqpeMzlej +D+a8zWNUVWCHUOv6jOkVcLNcTQ4nYP0HbozsP6AlxQFZo/wtgEuETBC1yKdrseXF +wZqw1kswIbpCZeA/Wc9/SUs7z2IG9ImuW4FdFWP7fCmmtc/ztbVmBk+j2mc5AgMB +AAGjggENMIIBCTAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgckGA1Ud +IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK +DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF +BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL +6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE +cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc +otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX +jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA +zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-entity-key.pem b/certs/test-pathlen/chainD-entity-key.pem new file mode 100644 index 000000000..28c6fd2a8 --- /dev/null +++ b/certs/test-pathlen/chainD-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA4l30vQa2oSE6LX/M8loVNigK8rsWtez551uS7Bd1don0G3yp +ectiS1WKysz58KmiBWHu2IvQXcVJvH0oJn06IswgcVVMOvck15Wszhh9DXsgTxGp +ewIICeaFkeROgLmkdg8ozAf28r7BVGPSt4FZCQvBvQ0ncFXHX7xU7nMWftK0TN+o +qYHM46aM6+OYSYQLoNrz4V8yaWqwUGlPlnIEP+ccgLEsb33/QfK7Cxe3tc4h6ubC +vc0oCEBDBOVA4n1BNbVRv+ggAZmFojjxbmlA2m6f00BjiRneTUnSeRC2KrtvZvol +X5bB6DiW4+UoKLTKPCEclc21XlDxyT7CTPLLMwIDAQABAoIBAA0VeSvj03KExSQU +Gvh3FHrI3bkh7zIcvGUO+fMDeBqd5qogDnunscrA6wDF0DyE0YSWIIQLsMN6v8RR +R5zR6CZSvh1O3NUbq9l6IT7YU4IP99IaJz2g5G4OEPJZy9/M2yCnx6fjXfax5+LE +0k0hANBxCYWv2PO5QYjbDd2qcUZrM4Sepm7jX7ZhQGQI4q5fumfGqLZprvvxaOWF +lpLyxUO2C/FD/eNFglpe6XWhYRDTgsT5dfglzYMnbzVlXDyfS1p3tNPIGxcNJUis +qbzP4h67PyZXZParZwPIFzFN0L9LQG2RXWqI7NZaOjkEoMJydx/KSFCpTFl5MM4s +pLOEuuECgYEA8T76XF7sx5u8u3nVauc2ViB4QBde334Clh7HG+XVvde1rWM/ctcC +Ku9shZpW7xBqsg6F2YUFB6CNRX67jEJNKXtGtI9oj8svXVMzToXXcqrLlm7fEyOt +bOS9eIxBHXIk3igZa5B73qEgnY4NnMxPw9I44GcMQeNdryoQeYgVPs0CgYEA8DYH +JycMDyocuQd1zKgnz3yHbw2xBgli6MvSlYMaxhqn3F+ty3yuRVPKV7xAvJpEGzcx +Z6BVIBHxAYXaqN4f3+v3LU77cxL8YcPxMuSs6QrHrJAAUEG3NbigJ4zGzrYnwH9d +albr5K2cZT82TyPy1zlsawVJW4EQTTUdVGHUMf8CgYAjd5HRMLd45SGLIm9I5zMq +2F01dvogu2Lf9ShqppCU93ijRBsY5BlSfJ6kybsMLIqzIMV25EKIC4eZdvdVuI2l +kpUjiI3jzghpnQjG+5BgMFH8DNLI+o7NmpdseJo+HQDklFqgYL6FTYUBBNhle/gi +Hu7zttKrgSTN0s5XP7V35QKBgQCA3gtSVuFiVU5ZeYYaCHBrILyruGWq/mggyhAs +g8xeUTiSwoXDcB0yNjSMgwMb64r0KtUHaf2hGd742S2ogJoLEFVn6kJ9xsa9UFha +3FFjKJRcoFh6tfarDGRnM2AIz7Jd1DZycTVWVklcC+B/7qI+EqF2fLyRKZlsQj18 +4orrUwKBgCe+cDVeBCwxCfRehb6niIQE3lkGxIHRFzBM4eSURUKoVIHof8nuESf2 +HDe5PYLU4Zq0RIeuIqIVIp0kh554j6GQZsJt3mWd7MxjF8Y4N4MtPsoOBrZygdrm +9lXqawKwYMawlGb6n/D+KjjneKDtOVUKMuJk5FiMjWwi+BSeheHG +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainD-entity.pem b/certs/test-pathlen/chainD-entity.pem new file mode 100644 index 000000000..011d61687 --- /dev/null +++ b/certs/test-pathlen/chainD-entity.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:e2:5d:f4:bd:06:b6:a1:21:3a:2d:7f:cc:f2:5a: + 15:36:28:0a:f2:bb:16:b5:ec:f9:e7:5b:92:ec:17: + 75:76:89:f4:1b:7c:a9:79:cb:62:4b:55:8a:ca:cc: + f9:f0:a9:a2:05:61:ee:d8:8b:d0:5d:c5:49:bc:7d: + 28:26:7d:3a:22:cc:20:71:55:4c:3a:f7:24:d7:95: + ac:ce:18:7d:0d:7b:20:4f:11:a9:7b:02:08:09:e6: + 85:91:e4:4e:80:b9:a4:76:0f:28:cc:07:f6:f2:be: + c1:54:63:d2:b7:81:59:09:0b:c1:bd:0d:27:70:55: + c7:5f:bc:54:ee:73:16:7e:d2:b4:4c:df:a8:a9:81: + cc:e3:a6:8c:eb:e3:98:49:84:0b:a0:da:f3:e1:5f: + 32:69:6a:b0:50:69:4f:96:72:04:3f:e7:1c:80:b1: + 2c:6f:7d:ff:41:f2:bb:0b:17:b7:b5:ce:21:ea:e6: + c2:bd:cd:28:08:40:43:04:e5:40:e2:7d:41:35:b5: + 51:bf:e8:20:01:99:85:a2:38:f1:6e:69:40:da:6e: + 9f:d3:40:63:89:19:de:4d:49:d2:79:10:b6:2a:bb: + 6f:66:fa:25:5f:96:c1:e8:38:96:e3:e5:28:28:b4: + ca:3c:21:1c:95:cd:b5:5e:50:f1:c9:3e:c2:4c:f2: + cb:33 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 58:92:0B:B2:E4:12:D8:A3:31:37:D9:89:F2:9E:6E:62:22:40:42:82 + X509v3 Authority Key Identifier: + keyid:67:78:F9:AD:1C:53:41:1F:46:BD:49:9B:73:2E:7C:DC:5C:2D:0B:FB + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: + e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: + 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: + 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: + 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: + 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: + 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: + e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: + 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: + 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: + 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: + 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: + 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: + 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: + a5:75:09:4d +-----BEGIN CERTIFICATE----- +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiXfS9BrahITotf8zy +WhU2KAryuxa17PnnW5LsF3V2ifQbfKl5y2JLVYrKzPnwqaIFYe7Yi9BdxUm8fSgm +fToizCBxVUw69yTXlazOGH0NeyBPEal7AggJ5oWR5E6AuaR2DyjMB/byvsFUY9K3 +gVkJC8G9DSdwVcdfvFTucxZ+0rRM36ipgczjpozr45hJhAug2vPhXzJparBQaU+W +cgQ/5xyAsSxvff9B8rsLF7e1ziHq5sK9zSgIQEME5UDifUE1tVG/6CABmYWiOPFu +aUDabp/TQGOJGd5NSdJ5ELYqu29m+iVflsHoOJbj5SgotMo8IRyVzbVeUPHJPsJM +8sszAgMBAAGjgfEwge4wHQYDVR0OBBYEFFiSC7LkEtijMTfZifKebmIiQEKCMIHB +BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz +D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x +qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG +gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 +wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq +8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-ICA1-key.pem b/certs/test-pathlen/chainE-ICA1-key.pem new file mode 100644 index 000000000..c7d2f61f8 --- /dev/null +++ b/certs/test-pathlen/chainE-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA1vNvuNsQ34nfO9kuesE0GlaXbHME/BVQBJNmyxe6+/koudbO +fvV4u7FPqkv4gDXZrv6ZdffNeQvPytrLWJpum5Eh9Bf9Vrg6z8/t95Bqc2wGme8O +j2Xc0Ojbe8HoTW1hnsxaIN6GOliB+rHUXzx0Q0VhNiz+pDWu4jnH/d2zg9YX3PWZ +P2cOwWDRaY08+WLpg65mEKpAkWMLKuXBqB+OipsRn7+mRfsWcO1sGxSYgGkEw70T +IufZM0idimwPnDkIKZKDe3Oj2obWSgAPp8J7v6wPKmKWWzvvn+EIu0S6xJlPoLle +Tctzc/7ugmlPr8dZWjaBRMbjUDu/jRTvfpbvwQIDAQABAoIBABqvTgdc6tNVgmkj +pSmIIrfCWDoWbV/+JVjsE67S21u8qtmnWStZvgtPD9zMYaVJCiU3ZkXG5bNJTBqa +3vO4+FJHyjdLYyAI7wQthBVf0FdT6d3iV6RluOwWfGj4waYbFitooyfBeFh19Gzy +9rJ8BtLzIgZfv50TLQrYsYNKqqaLC0NGAWaAnW/hj98Em1heFJapt+qalMrnR3iF +CpIgFAXK8dh2msQDLynoHTfG7ErZy4gtZcDC2hN07aU9ljVNqm8Z97MxrG5Xzj3W +ZfHRpNx0TbTk/wgpAj71jPvkxGoQmwTrOmMynrF8zl/0IktbJ815gZwNyv3hl9yN +HsjD3YECgYEA+L6eujveySdena54FnA5twGFdw4udkwOm2l1JLCIeaYjFlov+vM6 +v0JJmpXx6rWWfVByAssn735QTv5+JKhVbi3a3IGhUvVfkVrtgOPNYdz9eIYIh/2j +sSe2VKQFcXzatFHupKS00i5XwhozlNlbdd9na4gUDh3QOtqd/vreJeUCgYEA3Th6 +d+sNTuZPvWde1JHtIb7gvAavKP85LQ5TEIh/emck7NEAFjjje0UQ11Ak0Po0wEb2 +DB8X7QhSIu5AHzg8NyijDII2AluUn6CkL1tBKY1P35pzGsoVxucum2BxXnYnqn0p +5cLbqvW/V84T7bODMwDvVX/NCrKnP0fUeYRkxK0CgYEAzA91H8rl5ZeKo0jx81Z1 +wpBY8WaM7zdN9Gj7VPINw95rgnbSTckkNKsovsyr/aSipINORMRtKqgxMdzNlz0R +eKXdmnAt7GSn1hMGLGq1nscwmaM7dHS7ySWPCrjUTlnjAXMFl8QXIyYpkG72SfJW +ecigizLDYSFMJjwayYb8n5ECgYBgRB6PJpsw9WpHyr7qk+H0KGMVj3cTyRSxdaVR +8YQ/2Lip0T1PbkwXrXNprveGdQsVjQuvNKytukw75R/ENi2F90oUvGkSV5XybO5l +qTlPAq56aHSkeMJHPvz6IlrTN2mFeFgOIuCCodQ1OnlTnCWAwWxk8Wtht2KuV+yv +QJy1NQKBgQCWk7epAmek0e7fSE/otqqtW6XZHwj1pjTUHRxmw+5Xv73a2bdCBrh/ +GIcaxPaC2KwGTPqJikgxqRThnDlh3n1ArW8vmoDOYpanQzjrY/vEhIcFQPCyNHfX +i+yiFo5fa/EkqBQvmt/fKabXV6ICwDNdiR7/5vBB3qhknrI1w97YKQ== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/certs/test-pathlen/chainE-ICA1-pathlen128.pem new file mode 100644 index 000000000..92c5bb9a6 --- /dev/null +++ b/certs/test-pathlen/chainE-ICA1-pathlen128.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d6:f3:6f:b8:db:10:df:89:df:3b:d9:2e:7a:c1: + 34:1a:56:97:6c:73:04:fc:15:50:04:93:66:cb:17: + ba:fb:f9:28:b9:d6:ce:7e:f5:78:bb:b1:4f:aa:4b: + f8:80:35:d9:ae:fe:99:75:f7:cd:79:0b:cf:ca:da: + cb:58:9a:6e:9b:91:21:f4:17:fd:56:b8:3a:cf:cf: + ed:f7:90:6a:73:6c:06:99:ef:0e:8f:65:dc:d0:e8: + db:7b:c1:e8:4d:6d:61:9e:cc:5a:20:de:86:3a:58: + 81:fa:b1:d4:5f:3c:74:43:45:61:36:2c:fe:a4:35: + ae:e2:39:c7:fd:dd:b3:83:d6:17:dc:f5:99:3f:67: + 0e:c1:60:d1:69:8d:3c:f9:62:e9:83:ae:66:10:aa: + 40:91:63:0b:2a:e5:c1:a8:1f:8e:8a:9b:11:9f:bf: + a6:45:fb:16:70:ed:6c:1b:14:98:80:69:04:c3:bd: + 13:22:e7:d9:33:48:9d:8a:6c:0f:9c:39:08:29:92: + 83:7b:73:a3:da:86:d6:4a:00:0f:a7:c2:7b:bf:ac: + 0f:2a:62:96:5b:3b:ef:9f:e1:08:bb:44:ba:c4:99: + 4f:a0:b9:5e:4d:cb:73:73:fe:ee:82:69:4f:af:c7: + 59:5a:36:81:44:c6:e3:50:3b:bf:8d:14:ef:7e:96: + ef:c1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 44:7B:00:7C:9C:1C:97:9F:97:AA:6B:F2:5E:E6:81:7C:0E:AE:E6:2B + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:128 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: + af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: + 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: + 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: + 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: + 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: + 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: + 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: + a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: + 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: + c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: + 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: + 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: + 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: + 4f:a6:b7:df +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex +LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW82+42xDfid872S56wTQaVpds +cwT8FVAEk2bLF7r7+Si51s5+9Xi7sU+qS/iANdmu/pl19815C8/K2stYmm6bkSH0 +F/1WuDrPz+33kGpzbAaZ7w6PZdzQ6Nt7wehNbWGezFog3oY6WIH6sdRfPHRDRWE2 +LP6kNa7iOcf93bOD1hfc9Zk/Zw7BYNFpjTz5YumDrmYQqkCRYwsq5cGoH46KmxGf +v6ZF+xZw7WwbFJiAaQTDvRMi59kzSJ2KbA+cOQgpkoN7c6PahtZKAA+nwnu/rA8q +YpZbO++f4Qi7RLrEmU+guV5Ny3Nz/u6CaU+vx1laNoFExuNQO7+NFO9+lu/BAgMB +AAGjggEOMIIBCjAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgckGA1Ud +IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK +DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 +jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE +4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu +k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti +wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ +aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ +gelbLrLvK7YaG0svwuSBn7/e4XNPprff +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-assembled.pem b/certs/test-pathlen/chainE-assembled.pem new file mode 100644 index 000000000..5af7bd598 --- /dev/null +++ b/certs/test-pathlen/chainE-assembled.pem @@ -0,0 +1,175 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:6f:49:bb:56:ea:34:4c:25:a6:8c:44:f6:c9: + 75:8f:6b:83:b8:8b:ec:c6:f6:d3:c7:40:e2:d1:b2: + d8:77:92:e9:97:c4:b6:57:ad:10:c8:cb:e7:0a:40: + ef:3c:a8:38:dc:94:22:08:e7:53:2a:c8:7a:26:90: + 41:43:6f:7b:8f:4e:58:74:69:20:92:9f:12:aa:6a: + c5:cf:7f:24:d1:d0:89:2f:6c:5e:62:31:0a:20:23: + 6b:07:c2:a0:7d:4d:ed:05:6d:2c:b1:9a:85:e6:41: + 61:12:6c:85:d3:d4:be:7e:cf:23:d9:79:b1:46:23: + d7:1a:f7:d6:f4:97:43:a5:08:03:7a:51:0d:b0:e7: + 56:62:86:37:07:81:e8:21:f1:10:63:41:b6:82:6d: + f2:cd:d9:7f:80:6f:a7:4b:77:10:15:54:02:9c:7a: + d0:6e:b8:29:98:72:34:08:7b:ce:d7:24:91:48:a6: + c3:f2:9d:77:fc:aa:73:13:70:60:f9:8f:37:4c:d7: + 34:5c:fa:51:b1:c0:d5:25:e1:75:b2:e2:cd:23:97: + c9:a6:bf:d3:5e:21:4b:12:f5:b2:d0:df:92:7f:4c: + a8:b2:21:43:2c:f9:3e:fb:14:99:1f:ed:76:2c:87: + 5a:df:72:d3:85:a3:a8:92:1a:ad:66:19:50:44:8a: + 05:e1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 26:FC:70:E0:8F:A1:3D:52:82:76:6B:CB:C7:0F:89:9D:2B:86:69:F5 + X509v3 Authority Key Identifier: + keyid:44:7B:00:7C:9C:1C:97:9F:97:AA:6B:F2:5E:E6:81:7C:0E:AE:E6:2B + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: + 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: + b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: + c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: + 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: + 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: + e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: + 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: + f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: + ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: + 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: + da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: + fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: + ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: + 8a:9b:b5:8c +-----BEGIN CERTIFICATE----- +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYb0m7Vuo0TCWmjET2 +yXWPa4O4i+zG9tPHQOLRsth3kumXxLZXrRDIy+cKQO88qDjclCII51MqyHomkEFD +b3uPTlh0aSCSnxKqasXPfyTR0IkvbF5iMQogI2sHwqB9Te0FbSyxmoXmQWESbIXT +1L5+zyPZebFGI9ca99b0l0OlCAN6UQ2w51ZihjcHgegh8RBjQbaCbfLN2X+Ab6dL +dxAVVAKcetBuuCmYcjQIe87XJJFIpsPynXf8qnMTcGD5jzdM1zRc+lGxwNUl4XWy +4s0jl8mmv9NeIUsS9bLQ35J/TKiyIUMs+T77FJkf7XYsh1rfctOFo6iSGq1mGVBE +igXhAgMBAAGjgfEwge4wHQYDVR0OBBYEFCb8cOCPoT1SgnZry8cPiZ0rhmn1MIHB +BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ +uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz +0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS +samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV +15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv +f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d6:f3:6f:b8:db:10:df:89:df:3b:d9:2e:7a:c1: + 34:1a:56:97:6c:73:04:fc:15:50:04:93:66:cb:17: + ba:fb:f9:28:b9:d6:ce:7e:f5:78:bb:b1:4f:aa:4b: + f8:80:35:d9:ae:fe:99:75:f7:cd:79:0b:cf:ca:da: + cb:58:9a:6e:9b:91:21:f4:17:fd:56:b8:3a:cf:cf: + ed:f7:90:6a:73:6c:06:99:ef:0e:8f:65:dc:d0:e8: + db:7b:c1:e8:4d:6d:61:9e:cc:5a:20:de:86:3a:58: + 81:fa:b1:d4:5f:3c:74:43:45:61:36:2c:fe:a4:35: + ae:e2:39:c7:fd:dd:b3:83:d6:17:dc:f5:99:3f:67: + 0e:c1:60:d1:69:8d:3c:f9:62:e9:83:ae:66:10:aa: + 40:91:63:0b:2a:e5:c1:a8:1f:8e:8a:9b:11:9f:bf: + a6:45:fb:16:70:ed:6c:1b:14:98:80:69:04:c3:bd: + 13:22:e7:d9:33:48:9d:8a:6c:0f:9c:39:08:29:92: + 83:7b:73:a3:da:86:d6:4a:00:0f:a7:c2:7b:bf:ac: + 0f:2a:62:96:5b:3b:ef:9f:e1:08:bb:44:ba:c4:99: + 4f:a0:b9:5e:4d:cb:73:73:fe:ee:82:69:4f:af:c7: + 59:5a:36:81:44:c6:e3:50:3b:bf:8d:14:ef:7e:96: + ef:c1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 44:7B:00:7C:9C:1C:97:9F:97:AA:6B:F2:5E:E6:81:7C:0E:AE:E6:2B + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:128 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: + af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: + 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: + 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: + 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: + 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: + 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: + 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: + a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: + 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: + c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: + 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: + 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: + 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: + 4f:a6:b7:df +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex +LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW82+42xDfid872S56wTQaVpds +cwT8FVAEk2bLF7r7+Si51s5+9Xi7sU+qS/iANdmu/pl19815C8/K2stYmm6bkSH0 +F/1WuDrPz+33kGpzbAaZ7w6PZdzQ6Nt7wehNbWGezFog3oY6WIH6sdRfPHRDRWE2 +LP6kNa7iOcf93bOD1hfc9Zk/Zw7BYNFpjTz5YumDrmYQqkCRYwsq5cGoH46KmxGf +v6ZF+xZw7WwbFJiAaQTDvRMi59kzSJ2KbA+cOQgpkoN7c6PahtZKAA+nwnu/rA8q +YpZbO++f4Qi7RLrEmU+guV5Ny3Nz/u6CaU+vx1laNoFExuNQO7+NFO9+lu/BAgMB +AAGjggEOMIIBCjAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgckGA1Ud +IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK +DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 +jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE +4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu +k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti +wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ +aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ +gelbLrLvK7YaG0svwuSBn7/e4XNPprff +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-entity-key.pem b/certs/test-pathlen/chainE-entity-key.pem new file mode 100644 index 000000000..a896306eb --- /dev/null +++ b/certs/test-pathlen/chainE-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA2G9Ju1bqNEwlpoxE9sl1j2uDuIvsxvbTx0Di0bLYd5Lpl8S2 +V60QyMvnCkDvPKg43JQiCOdTKsh6JpBBQ297j05YdGkgkp8SqmrFz38k0dCJL2xe +YjEKICNrB8KgfU3tBW0ssZqF5kFhEmyF09S+fs8j2XmxRiPXGvfW9JdDpQgDelEN +sOdWYoY3B4HoIfEQY0G2gm3yzdl/gG+nS3cQFVQCnHrQbrgpmHI0CHvO1ySRSKbD +8p13/KpzE3Bg+Y83TNc0XPpRscDVJeF1suLNI5fJpr/TXiFLEvWy0N+Sf0yosiFD +LPk++xSZH+12LIda33LThaOokhqtZhlQRIoF4QIDAQABAoIBAQCWY23WMKR4Rlj7 +Cwh4eq+nQku6le+mqKerEhkJIL5tB7YscNFKxsSc4aHebBRQD4vDKWMk0KfnWHoY +BbBzjSlMAGJSMSIi/0lXBO4CKhSJfd91BlXm4LBqeHHMaJ5fsx/4301o8zgLMG6l +AKdU88SSFJiSao6VcB3tbTz9o4WrS0jQjRClC+f2LWbn8ua/JhP0q1Tfji10fdLR +dVc5dzB8R59f4CuA0dIuACwV021E2sL0wRWCb4FV6IQBDD3hFgQjhJOTTkVOHsxq +nAwWQTJO2N2aODC33+ZTAQsMBnFhXjBUk0UWJHLAWVbN+q4O8o6J5fk4VSQG9/u4 +PMjvK0GJAoGBAPTF4AbmG8vAVCMRE6K2pq1Hqw79XWd22le4jvwahle7F+CgUeiO +Nj2HOgzZwUg9diXxjjYpRuW0x2HgyvC07NRXPNDeb08W3z35pv/SJFj6uiy/Itwi +W7527KfRoVz1kWzIs4Erod+a+W0dJCZsFYqlc4Yl2JdKDGQhcZFmc/2HAoGBAOJc +qlDioL5gAnHtUD9b0KkMafnQ8KzI+YPeLvxxP/9P8lVTMno0JpByNrxkpKx9JUBc +DdOCXUj0dkynuNEfRfKydCez6oThLJHHfxvFniX+3Xm32j9+gj7SqLtpGiHuP9nj +UInKsKDokPZLQLF7KNjNfBjjc29MPP+cmRPg+XtXAoGATjVbW1jy0KtnNr0iFP9f +SkZ39ZYm3gQvx4+EwDCJdEanXnJbOX8W/ZnThn+dLkPVGFKSKeQObx7QBgoZTcfB +VCd7mxE3Z4HbWqYGIf829edGzT1VGhkwTy8YdpaYhGdCTAvkrwUN97BAughxoIUw +bNhojRhSmCRkySmWa+rcbMkCgYEAlfiG7qf3j6nUdN6huBiAmj+bRuPjUNamWXOu +9ZmiqOiyyU0huE0s7658DT0wzQbs00Mp9eP9IgS1C/xjOknZ8f3BbzyIOBlnif3+ +fMvlB49f9PCWLFMIv86Z8/CiW7CZpSYxidk8RJ9Qy5z3856BZYJeoa6wICEGmOOL +l9wJ7mkCgYEAkJAteZKula8p1kNvI3hfzpCSjm8JJId8S58T3U0Lql9FT3M50xSx +81Aoxn0sAcTihtcjjTTQVFPAxs6g/W4WcpR8EbTb1XJ+jdCywZZkCZCMm1D2RF8b +kJ0w2xuBUDwgUsaLMzxPpEY6SIwStAmTbWOAYXdx8Zg4sUwroE9F/YU= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainE-entity.pem b/certs/test-pathlen/chainE-entity.pem new file mode 100644 index 000000000..2c01733ca --- /dev/null +++ b/certs/test-pathlen/chainE-entity.pem @@ -0,0 +1,86 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:6f:49:bb:56:ea:34:4c:25:a6:8c:44:f6:c9: + 75:8f:6b:83:b8:8b:ec:c6:f6:d3:c7:40:e2:d1:b2: + d8:77:92:e9:97:c4:b6:57:ad:10:c8:cb:e7:0a:40: + ef:3c:a8:38:dc:94:22:08:e7:53:2a:c8:7a:26:90: + 41:43:6f:7b:8f:4e:58:74:69:20:92:9f:12:aa:6a: + c5:cf:7f:24:d1:d0:89:2f:6c:5e:62:31:0a:20:23: + 6b:07:c2:a0:7d:4d:ed:05:6d:2c:b1:9a:85:e6:41: + 61:12:6c:85:d3:d4:be:7e:cf:23:d9:79:b1:46:23: + d7:1a:f7:d6:f4:97:43:a5:08:03:7a:51:0d:b0:e7: + 56:62:86:37:07:81:e8:21:f1:10:63:41:b6:82:6d: + f2:cd:d9:7f:80:6f:a7:4b:77:10:15:54:02:9c:7a: + d0:6e:b8:29:98:72:34:08:7b:ce:d7:24:91:48:a6: + c3:f2:9d:77:fc:aa:73:13:70:60:f9:8f:37:4c:d7: + 34:5c:fa:51:b1:c0:d5:25:e1:75:b2:e2:cd:23:97: + c9:a6:bf:d3:5e:21:4b:12:f5:b2:d0:df:92:7f:4c: + a8:b2:21:43:2c:f9:3e:fb:14:99:1f:ed:76:2c:87: + 5a:df:72:d3:85:a3:a8:92:1a:ad:66:19:50:44:8a: + 05:e1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 26:FC:70:E0:8F:A1:3D:52:82:76:6B:CB:C7:0F:89:9D:2B:86:69:F5 + X509v3 Authority Key Identifier: + keyid:44:7B:00:7C:9C:1C:97:9F:97:AA:6B:F2:5E:E6:81:7C:0E:AE:E6:2B + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: + 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: + b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: + c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: + 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: + 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: + e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: + 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: + f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: + ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: + 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: + da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: + fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: + ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: + 8a:9b:b5:8c +-----BEGIN CERTIFICATE----- +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYb0m7Vuo0TCWmjET2 +yXWPa4O4i+zG9tPHQOLRsth3kumXxLZXrRDIy+cKQO88qDjclCII51MqyHomkEFD +b3uPTlh0aSCSnxKqasXPfyTR0IkvbF5iMQogI2sHwqB9Te0FbSyxmoXmQWESbIXT +1L5+zyPZebFGI9ca99b0l0OlCAN6UQ2w51ZihjcHgegh8RBjQbaCbfLN2X+Ab6dL +dxAVVAKcetBuuCmYcjQIe87XJJFIpsPynXf8qnMTcGD5jzdM1zRc+lGxwNUl4XWy +4s0jl8mmv9NeIUsS9bLQ35J/TKiyIUMs+T77FJkf7XYsh1rfctOFo6iSGq1mGVBE +igXhAgMBAAGjgfEwge4wHQYDVR0OBBYEFCb8cOCPoT1SgnZry8cPiZ0rhmn1MIHB +BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ +uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz +0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS +samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV +15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv +f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA1-key.pem b/certs/test-pathlen/chainF-ICA1-key.pem new file mode 100644 index 000000000..efe224d61 --- /dev/null +++ b/certs/test-pathlen/chainF-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA4BPJsI6dP4jUMEq06BEhk1wgRQj4epG5LK3/YKoWnxy7iLg9 +CjnBial2yo5scnJ+bnSmNixp3zPW6WZwZX+6KkQXYp8zRhLmA6Wm4lwJB8+8jXb+ +oP3XckqUyMovlZGcCnd/giO+cicpRc1Bz+zhhM9n0BiYuTG+yf6YXT+q0oN2RYWr +CIZjWFuz5UpDPaGZ4oDRK7IG4/AQhfmmNrhSK51zOzQjUT3+Vi/pObJoBz5vUnv0 +QNRy+mkZyv8iyEWVBV6RCD8nLUHRdKUGnPNAvbv8ZWOG7YAiUMH2T9yPQ0xe+7/Z +bR+0hA8e6MZdxVPVLMl/a5iTp101mhdikS4gwQIDAQABAoIBAQC8aacToDc0rxbM +LGUFJTJ4N+SiZ7KXTWTI3t13KE2xKHW/tjsNGBdWa3oJQ8yIRyFsOwVvU9UJ6wrw +YkRr9ARTecG4GWkBqO5jbqxudTjaqqA+yym7sPWxkmiclPWB7FeqrWQ3x1phnfAk +UzzdWq8d/0+pOKViQyPLsRnofppiOril9LTJnklrBMDkf7wE9X6gpbpRfM7fd8nH +5mekM3pxKUi2v03yCyAJT15L5f7f7BIgXaz+QCXZpT6O+6c4D7neI3ne6b8JHgvT +XGXRXyvwC38wENCbsvBIsPAF1UDMS//F7oLK5qysCeoStPYX0uIbtTLwlfOHL//g +rYtnskmpAoGBAPyHWs11M7Xr1AWX0cgStgF8lkzu9YjxDr/HvWr+1Jr03YYKTOMj +XY/PKDRbjn/FXZ2Dw0WjmsKhsgnHsWfARHMLrZ7eQzhuhd2w6NsaAiREA7zh0FUF +D0+K8m5L4cob3OU7/sLS7+ubvGrIWuvVs1GAo4+/Q5MPJ9h+WOrZC4rTAoGBAOMo +UBxFWKpaDu7cekWcLDxqK3d77gDG0Xo4bDtRVTa7fn+jdqqMNuLG2D+8t/Cqjr2z +CNvTTdTohzsHsCay5u6RX3GSe9z3jdXu8CFNMnDVceYY/uxQio9biq4pXIKtfobn +2orzAOmqN9LeR76fME4WYwXTCPQVVcQzQN55WMGbAoGAGrLw3cIjent5ijHYAzA/ +P/79IRsuqJDb/1jN5Q8WSV/UQAS8xlMJ5FeBp696bHXghPPWZHl8tlFEMpaDYjXI +xuUYMTDMqJ2+14aJyAiC63SpdIHndeW4Da/iG9k4ARdbDn1+XPjSVvW7QQr32fFZ +KSfRozQUn+q9Sr1pB0N1XfMCgYEA3UL7JU522xf1y7x+bSd9/yr7Q9s3LRJ8IKys +3+qNMk7XHMTAZcdF/wboxMyx7n5zo1usmVLtUSFd96W5czh3sJFxglLIy6dmRKgE +xqtHIpkF5LccOFsLXDAymQo4ziDoSce1G/svPGtNDNzuzUKJ7sXnlljFM9tEO2Qh +H5LbXVkCgYBYzArfIhOCL1pGBSh5ocpyXG16Dn7dd6HmWPsD0kVwftlW+gJAmnXY +3cFzrQSacqe1Z76OqtmFfUGKE4pw50ayshkO9PG0DFi+b9SZgQX0yrDY1lHHS74v +MbuiJNOxHZugawEd2LUYQzry4PKNqYg31VuxpIQKjHrUvGivCyTALA== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/certs/test-pathlen/chainF-ICA1-pathlen1.pem new file mode 100644 index 000000000..5f7f14c97 --- /dev/null +++ b/certs/test-pathlen/chainF-ICA1-pathlen1.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:e0:13:c9:b0:8e:9d:3f:88:d4:30:4a:b4:e8:11: + 21:93:5c:20:45:08:f8:7a:91:b9:2c:ad:ff:60:aa: + 16:9f:1c:bb:88:b8:3d:0a:39:c1:89:a9:76:ca:8e: + 6c:72:72:7e:6e:74:a6:36:2c:69:df:33:d6:e9:66: + 70:65:7f:ba:2a:44:17:62:9f:33:46:12:e6:03:a5: + a6:e2:5c:09:07:cf:bc:8d:76:fe:a0:fd:d7:72:4a: + 94:c8:ca:2f:95:91:9c:0a:77:7f:82:23:be:72:27: + 29:45:cd:41:cf:ec:e1:84:cf:67:d0:18:98:b9:31: + be:c9:fe:98:5d:3f:aa:d2:83:76:45:85:ab:08:86: + 63:58:5b:b3:e5:4a:43:3d:a1:99:e2:80:d1:2b:b2: + 06:e3:f0:10:85:f9:a6:36:b8:52:2b:9d:73:3b:34: + 23:51:3d:fe:56:2f:e9:39:b2:68:07:3e:6f:52:7b: + f4:40:d4:72:fa:69:19:ca:ff:22:c8:45:95:05:5e: + 91:08:3f:27:2d:41:d1:74:a5:06:9c:f3:40:bd:bb: + fc:65:63:86:ed:80:22:50:c1:f6:4f:dc:8f:43:4c: + 5e:fb:bf:d9:6d:1f:b4:84:0f:1e:e8:c6:5d:c5:53: + d5:2c:c9:7f:6b:98:93:a7:5d:35:9a:17:62:91:2e: + 20:c1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 75:32:21:05:2B:60:FE:44:17:AF:18:65:86:85:19:82:3F:F9:64:83 + X509v3 Authority Key Identifier: + keyid:4A:53:4A:B7:30:78:35:91:B4:CB:DD:C8:22:74:89:AF:80:0F:7F:68 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: + 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: + 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: + 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: + cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: + da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: + 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: + d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: + 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: + af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: + 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: + 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: + d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: + a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: + 25:b2:22:37 +-----BEGIN CERTIFICATE----- +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOATybCOnT+I +1DBKtOgRIZNcIEUI+HqRuSyt/2CqFp8cu4i4PQo5wYmpdsqObHJyfm50pjYsad8z +1ulmcGV/uipEF2KfM0YS5gOlpuJcCQfPvI12/qD913JKlMjKL5WRnAp3f4IjvnIn +KUXNQc/s4YTPZ9AYmLkxvsn+mF0/qtKDdkWFqwiGY1hbs+VKQz2hmeKA0SuyBuPw +EIX5pja4Uiudczs0I1E9/lYv6TmyaAc+b1J79EDUcvppGcr/IshFlQVekQg/Jy1B +0XSlBpzzQL27/GVjhu2AIlDB9k/cj0NMXvu/2W0ftIQPHujGXcVT1SzJf2uYk6dd +NZoXYpEuIMECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBR1MiEFK2D+RBevGGWGhRmC +P/lkgzCBwQYDVR0jBIG5MIG2gBRKU0q3MHg1kbTL3cgidImvgA9/aKGBmqSBlzCB +lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN +AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL +D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP +xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh +Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc +8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR +23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA2-key.pem b/certs/test-pathlen/chainF-ICA2-key.pem new file mode 100644 index 000000000..07b4753b3 --- /dev/null +++ b/certs/test-pathlen/chainF-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA2joiZfhtHLcch90n9Nd1qnwcNzG01qU0SzZA6lUIcqD/WOJd +JhH1uG7e18O7JlHI0DYUAHZCTQNz74i5N/TonWFFluGObHhY4fbPRorWpXlNR4jK +bGlOKNSNhKjhbB3TNn4j42TVCqP8NomQCv9+i/ouZvvHM0SS3w9DsuskfiuusEOp +rVOC+N4XGSZfyoysDB8kvRXtT12C6hDrBXBPA2DZI20hB00SnPNk7nb7nfnD2Bo7 +bqmCey0usHS3E9ZligbyJXTCJulxZlRh/io0JwfJje+gooaTQUdzCAEHzE3s/oCI +k/uutJEW+oOWhGZTzfNS2tQl4QkVIOIQ6t057wIDAQABAoIBAFHY4/XiyumuM+Ex +LT9DYDpk+iApYG3w4EAlRQuegOCdSagInm8c5VAbJTE/k/23Rt3wqmfR8uP3m5AH +c5BtJqGATh1c05ITQSLe8ra+c+r0J+vgfitTA6GEtt8+h+2I8iLKBKPQuaaYAoxh +48h8MvZFCwpM/FVaLsvCad29G57GCh4oMK8Q4loQhA4xIKDZkW1djjqckJcGwZnk +ST4+QcFt3gVNW8Ceezws4K7BBe7+bcpiWuFFILyv3lYrazzCeLPa/hOCPWSZ31Wq +cH4OTRaiTCnMxAdNXFPFNKjXV5oADUe226whk7G1Bp8oEWisi3r/ctSnl5bhqO0W +eRxMwWECgYEA7NXGKuQPA4GKLLQzE2DppSfDYJKsE1LmMMe2Y+ys9QURKedezgS3 +ri91KugHfOW7ZZ3TGI68WPFY7h6OvV2F334rOa3dCJ1SH3kgvZNQ2kQx5cPnqNb7 +NmlbD59Ph3lV8SykuCaJe/ZAxCqjeW+TYJ5PWivI6UMr0LPxmEE6JPsCgYEA6+Lh +qF7aFXPhvtTg0FQzZXiYTWQ//dwPv3FniNychkf4Sa0rRFNBaFDpyJbPmOHGVnhu +0y7p2ahRXfXnyzfGko/MXp9VOedVX4MzVAI2QvahXoSoYZGfZ6nKOQUAUTFaTvmv +HpeNHMEjnnbnUJtdd6tXAa5kzZE6dmOHzH6/5J0CgYAoh0CdMF+9WtqZYdDnvQre +n1pY2WCnAeWwbUyx9tt2JoLUZ+qaWMZSAX8Mc55saifScNqh9jMXCV4NiZ8lmq6B +G2csPKt5gOp/xkurBV2trEPZrNek1f0xR4A0wS9r4ICrf9dESBv44aAdsao96rEO +tKihpqKAAGWsFk7+nhLkJwKBgQDT5o+iifrNVLlRjbibTViSagAfXdRif2KiLwS8 +HLp7ooF35hk9GrFiPXWWXWwGQaPDoBKmobkvbxYRG0tr8iHvHUCRK/8KsjauQ5VD +fW0zQIz79J2ycHfLTuq7yDNdvMEMux3GlIwOba5KtzPa5IbVbtUNTJV/WVw0Z/rh +CGfnvQKBgQCRJpXicdarhdf5iHmZJ5SEgxfKk7nIXUq3mIadSHnD1ar8vZ83Lv6y +wXVfGVytjd4k8ezcpKHNoeBUBnFLfUJkkBOXWghWi+TkX5f8Ci33ffgIie8RPZtO +8EP3Q7yOI//JCEcgIiuqUZOug45m8UCCcky6dOCFLSH1a1Fj1doCWA== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/certs/test-pathlen/chainF-ICA2-pathlen0.pem new file mode 100644 index 000000000..b3e68dd43 --- /dev/null +++ b/certs/test-pathlen/chainF-ICA2-pathlen0.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:da:3a:22:65:f8:6d:1c:b7:1c:87:dd:27:f4:d7: + 75:aa:7c:1c:37:31:b4:d6:a5:34:4b:36:40:ea:55: + 08:72:a0:ff:58:e2:5d:26:11:f5:b8:6e:de:d7:c3: + bb:26:51:c8:d0:36:14:00:76:42:4d:03:73:ef:88: + b9:37:f4:e8:9d:61:45:96:e1:8e:6c:78:58:e1:f6: + cf:46:8a:d6:a5:79:4d:47:88:ca:6c:69:4e:28:d4: + 8d:84:a8:e1:6c:1d:d3:36:7e:23:e3:64:d5:0a:a3: + fc:36:89:90:0a:ff:7e:8b:fa:2e:66:fb:c7:33:44: + 92:df:0f:43:b2:eb:24:7e:2b:ae:b0:43:a9:ad:53: + 82:f8:de:17:19:26:5f:ca:8c:ac:0c:1f:24:bd:15: + ed:4f:5d:82:ea:10:eb:05:70:4f:03:60:d9:23:6d: + 21:07:4d:12:9c:f3:64:ee:76:fb:9d:f9:c3:d8:1a: + 3b:6e:a9:82:7b:2d:2e:b0:74:b7:13:d6:65:8a:06: + f2:25:74:c2:26:e9:71:66:54:61:fe:2a:34:27:07: + c9:8d:ef:a0:a2:86:93:41:47:73:08:01:07:cc:4d: + ec:fe:80:88:93:fb:ae:b4:91:16:fa:83:96:84:66: + 53:cd:f3:52:da:d4:25:e1:09:15:20:e2:10:ea:dd: + 39:ef + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 4A:53:4A:B7:30:78:35:91:B4:CB:DD:C8:22:74:89:AF:80:0F:7F:68 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: + 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: + 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: + 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: + 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: + 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: + 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: + 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: + 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: + b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: + 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: + e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: + 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: + e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: + 24:0e:d6:0d +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey +LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2joiZfhtHLcch90n9Nd1qnwcNzG0 +1qU0SzZA6lUIcqD/WOJdJhH1uG7e18O7JlHI0DYUAHZCTQNz74i5N/TonWFFluGO +bHhY4fbPRorWpXlNR4jKbGlOKNSNhKjhbB3TNn4j42TVCqP8NomQCv9+i/ouZvvH +M0SS3w9DsuskfiuusEOprVOC+N4XGSZfyoysDB8kvRXtT12C6hDrBXBPA2DZI20h +B00SnPNk7nb7nfnD2Bo7bqmCey0usHS3E9ZligbyJXTCJulxZlRh/io0JwfJje+g +ooaTQUdzCAEHzE3s/oCIk/uutJEW+oOWhGZTzfNS2tQl4QkVIOIQ6t057wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH +dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 +EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI +k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY +R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m +VcjCowsmYI95sNGPgx82kaokDtYN +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-assembled.pem b/certs/test-pathlen/chainF-assembled.pem new file mode 100644 index 000000000..8103382d3 --- /dev/null +++ b/certs/test-pathlen/chainF-assembled.pem @@ -0,0 +1,265 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c9:f8:2c:ad:25:a9:65:3b:72:13:5d:aa:7f:5b: + 71:f5:e0:43:c4:3a:b3:36:0d:34:61:35:86:77:a0: + 2a:81:de:2c:7c:7d:01:fb:f4:c3:00:b0:17:b9:49: + 93:1d:c2:1b:6f:40:ee:86:e0:a7:f3:5e:ad:23:43: + 99:5f:34:38:c8:58:02:9b:cc:9e:59:da:81:5b:b1: + 40:74:ca:c1:b8:67:14:ba:3f:71:16:d9:ba:a9:cd: + f1:96:1b:52:e2:d2:07:6d:6a:d6:cf:e7:a8:c8:e0: + 4f:eb:35:64:bc:aa:1a:17:af:98:de:d0:9b:08:73: + 72:d8:fe:e2:e5:4e:7e:97:37:37:58:9e:5c:65:91: + b9:5d:38:da:ba:db:00:c0:f6:4a:6f:9c:86:23:ad: + b0:c4:ff:b7:dd:d6:9a:b0:de:8d:15:87:e2:4b:04: + 85:6d:5d:cc:5f:65:6f:e1:ae:22:44:80:18:ba:c2: + 95:a4:a3:28:c5:3f:7b:4c:85:6c:0f:11:14:56:d2: + d5:a7:f7:03:e9:f7:ce:ef:d9:18:02:f0:f2:6e:81: + ef:ac:50:87:0e:b0:46:9f:ae:c0:77:8f:03:28:8a: + 9d:6e:87:50:8f:37:46:b3:29:57:a4:c2:ef:25:cd: + 23:1a:ef:1a:03:c9:59:69:cd:45:5f:39:3f:76:d4: + 79:53 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + E9:27:36:DA:64:81:70:89:C9:C1:F9:E3:92:7A:67:11:07:01:4A:49 + X509v3 Authority Key Identifier: + keyid:75:32:21:05:2B:60:FE:44:17:AF:18:65:86:85:19:82:3F:F9:64:83 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainF-ICA2-pathlen0/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: + c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: + 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: + 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: + 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: + af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: + 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: + aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: + a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: + 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: + a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: + f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: + 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: + fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: + 9a:28:91:3b +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfgsrSWpZTtyE12qf1tx +9eBDxDqzNg00YTWGd6Aqgd4sfH0B+/TDALAXuUmTHcIbb0DuhuCn816tI0OZXzQ4 +yFgCm8yeWdqBW7FAdMrBuGcUuj9xFtm6qc3xlhtS4tIHbWrWz+eoyOBP6zVkvKoa +F6+Y3tCbCHNy2P7i5U5+lzc3WJ5cZZG5XTjautsAwPZKb5yGI62wxP+33daasN6N +FYfiSwSFbV3MX2Vv4a4iRIAYusKVpKMoxT97TIVsDxEUVtLVp/cD6ffO79kYAvDy +boHvrFCHDrBGn67Ad48DKIqdbodQjzdGsylXpMLvJc0jGu8aA8lZac1FXzk/dtR5 +UwIDAQABo4H+MIH7MB0GA1UdDgQWBBTpJzbaZIFwicnB+eOSemcRBwFKSTCBzgYD +VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ +dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb +tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a +cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd +6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 +jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU +Jz+ZNb5M+JookTs= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:e0:13:c9:b0:8e:9d:3f:88:d4:30:4a:b4:e8:11: + 21:93:5c:20:45:08:f8:7a:91:b9:2c:ad:ff:60:aa: + 16:9f:1c:bb:88:b8:3d:0a:39:c1:89:a9:76:ca:8e: + 6c:72:72:7e:6e:74:a6:36:2c:69:df:33:d6:e9:66: + 70:65:7f:ba:2a:44:17:62:9f:33:46:12:e6:03:a5: + a6:e2:5c:09:07:cf:bc:8d:76:fe:a0:fd:d7:72:4a: + 94:c8:ca:2f:95:91:9c:0a:77:7f:82:23:be:72:27: + 29:45:cd:41:cf:ec:e1:84:cf:67:d0:18:98:b9:31: + be:c9:fe:98:5d:3f:aa:d2:83:76:45:85:ab:08:86: + 63:58:5b:b3:e5:4a:43:3d:a1:99:e2:80:d1:2b:b2: + 06:e3:f0:10:85:f9:a6:36:b8:52:2b:9d:73:3b:34: + 23:51:3d:fe:56:2f:e9:39:b2:68:07:3e:6f:52:7b: + f4:40:d4:72:fa:69:19:ca:ff:22:c8:45:95:05:5e: + 91:08:3f:27:2d:41:d1:74:a5:06:9c:f3:40:bd:bb: + fc:65:63:86:ed:80:22:50:c1:f6:4f:dc:8f:43:4c: + 5e:fb:bf:d9:6d:1f:b4:84:0f:1e:e8:c6:5d:c5:53: + d5:2c:c9:7f:6b:98:93:a7:5d:35:9a:17:62:91:2e: + 20:c1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 75:32:21:05:2B:60:FE:44:17:AF:18:65:86:85:19:82:3F:F9:64:83 + X509v3 Authority Key Identifier: + keyid:4A:53:4A:B7:30:78:35:91:B4:CB:DD:C8:22:74:89:AF:80:0F:7F:68 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: + 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: + 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: + 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: + cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: + da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: + 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: + d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: + 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: + af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: + 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: + 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: + d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: + a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: + 25:b2:22:37 +-----BEGIN CERTIFICATE----- +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOATybCOnT+I +1DBKtOgRIZNcIEUI+HqRuSyt/2CqFp8cu4i4PQo5wYmpdsqObHJyfm50pjYsad8z +1ulmcGV/uipEF2KfM0YS5gOlpuJcCQfPvI12/qD913JKlMjKL5WRnAp3f4IjvnIn +KUXNQc/s4YTPZ9AYmLkxvsn+mF0/qtKDdkWFqwiGY1hbs+VKQz2hmeKA0SuyBuPw +EIX5pja4Uiudczs0I1E9/lYv6TmyaAc+b1J79EDUcvppGcr/IshFlQVekQg/Jy1B +0XSlBpzzQL27/GVjhu2AIlDB9k/cj0NMXvu/2W0ftIQPHujGXcVT1SzJf2uYk6dd +NZoXYpEuIMECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBR1MiEFK2D+RBevGGWGhRmC +P/lkgzCBwQYDVR0jBIG5MIG2gBRKU0q3MHg1kbTL3cgidImvgA9/aKGBmqSBlzCB +lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN +AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL +D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP +xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh +Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc +8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR +23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:da:3a:22:65:f8:6d:1c:b7:1c:87:dd:27:f4:d7: + 75:aa:7c:1c:37:31:b4:d6:a5:34:4b:36:40:ea:55: + 08:72:a0:ff:58:e2:5d:26:11:f5:b8:6e:de:d7:c3: + bb:26:51:c8:d0:36:14:00:76:42:4d:03:73:ef:88: + b9:37:f4:e8:9d:61:45:96:e1:8e:6c:78:58:e1:f6: + cf:46:8a:d6:a5:79:4d:47:88:ca:6c:69:4e:28:d4: + 8d:84:a8:e1:6c:1d:d3:36:7e:23:e3:64:d5:0a:a3: + fc:36:89:90:0a:ff:7e:8b:fa:2e:66:fb:c7:33:44: + 92:df:0f:43:b2:eb:24:7e:2b:ae:b0:43:a9:ad:53: + 82:f8:de:17:19:26:5f:ca:8c:ac:0c:1f:24:bd:15: + ed:4f:5d:82:ea:10:eb:05:70:4f:03:60:d9:23:6d: + 21:07:4d:12:9c:f3:64:ee:76:fb:9d:f9:c3:d8:1a: + 3b:6e:a9:82:7b:2d:2e:b0:74:b7:13:d6:65:8a:06: + f2:25:74:c2:26:e9:71:66:54:61:fe:2a:34:27:07: + c9:8d:ef:a0:a2:86:93:41:47:73:08:01:07:cc:4d: + ec:fe:80:88:93:fb:ae:b4:91:16:fa:83:96:84:66: + 53:cd:f3:52:da:d4:25:e1:09:15:20:e2:10:ea:dd: + 39:ef + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 4A:53:4A:B7:30:78:35:91:B4:CB:DD:C8:22:74:89:AF:80:0F:7F:68 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: + 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: + 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: + 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: + 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: + 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: + 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: + 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: + 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: + b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: + 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: + e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: + 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: + e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: + 24:0e:d6:0d +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey +LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2joiZfhtHLcch90n9Nd1qnwcNzG0 +1qU0SzZA6lUIcqD/WOJdJhH1uG7e18O7JlHI0DYUAHZCTQNz74i5N/TonWFFluGO +bHhY4fbPRorWpXlNR4jKbGlOKNSNhKjhbB3TNn4j42TVCqP8NomQCv9+i/ouZvvH +M0SS3w9DsuskfiuusEOprVOC+N4XGSZfyoysDB8kvRXtT12C6hDrBXBPA2DZI20h +B00SnPNk7nb7nfnD2Bo7bqmCey0usHS3E9ZligbyJXTCJulxZlRh/io0JwfJje+g +ooaTQUdzCAEHzE3s/oCIk/uutJEW+oOWhGZTzfNS2tQl4QkVIOIQ6t057wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH +dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 +EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI +k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY +R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m +VcjCowsmYI95sNGPgx82kaokDtYN +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-entity-key.pem b/certs/test-pathlen/chainF-entity-key.pem new file mode 100644 index 000000000..6c7d78071 --- /dev/null +++ b/certs/test-pathlen/chainF-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyfgsrSWpZTtyE12qf1tx9eBDxDqzNg00YTWGd6Aqgd4sfH0B ++/TDALAXuUmTHcIbb0DuhuCn816tI0OZXzQ4yFgCm8yeWdqBW7FAdMrBuGcUuj9x +Ftm6qc3xlhtS4tIHbWrWz+eoyOBP6zVkvKoaF6+Y3tCbCHNy2P7i5U5+lzc3WJ5c +ZZG5XTjautsAwPZKb5yGI62wxP+33daasN6NFYfiSwSFbV3MX2Vv4a4iRIAYusKV +pKMoxT97TIVsDxEUVtLVp/cD6ffO79kYAvDyboHvrFCHDrBGn67Ad48DKIqdbodQ +jzdGsylXpMLvJc0jGu8aA8lZac1FXzk/dtR5UwIDAQABAoIBAEnbhYr0ANRSPs8y +K41TRYNitaVmye50Oblqt3e7jI/dTWtg037t7Pmta5+IdlIlj57JofCU6xYmgy4o +JEgacsFg3eNXmnjFXRTI5wdOtjTXDU9mr9ZpXMeH1lbMOy1THQA4V8HDt4dt8AvV +hLcxhUUwI7knk+otPcx4uUSdxdFJ6uAGsBOqHRQNvZ+UQKWPu4wcbhOyIhPAVHmg +jc4mRSixY48rWCjfHu4eL4vIVotaqHMKl1p5Z/i9umEMnJu9i4Nw7ZfWFlPUcg3B +oC/2AsQZ7O2PNy1fMW15da1RZ7aXedMersHb7sX9ZTd9vqIUXVdXSHc9N13zd9pS +GjHGgtECgYEA+XhITJiF82ldFOBamngzBCYy7BHq5ZJKaUcOSTrVDIG2CVi4tXEw +FE1Y1d4aelLkDzR3Qo17YAVpMFkp8AnMAb6+89JON1TOq+hyrMeQpjo8KV9P+O29 +5Tg2KZSxp5io33ENX0QncI7TtIIMSNfxDFw7b4hgjkcIp2Ii3QtxjaUCgYEAz0GW +g7zJSCP7X4H+VeZ8drg/QdYci23RJC7GBFozFUzt8BlA8g7FyYheyn0COwObL0xz +rRrzNB8JVv3LJ9ggfBksVRq7NnufeJaEq5rZFGa52nk5KS3ukbi1FCzmO+E+OIEH +KEGGvVF5WCPQaa0WhkQcXvo/mRb83p2ipv94qZcCgYEAg0Lhr8O0/11aB6kAozRJ +i45ZztKiqMZvdrNXdfqJrPn3ATX4giebJ6OG8Yjan7BLpSBy+8abuus97J2NrmpJ +OEXYDUyDsSNjVxqIdBbRKlWL4CzxVEYrW5dXEEvXqhpuCJtgcNbYdaYBCIJA2ncc +suc4sresLlB74i6Fr47c4a0CgYEAm6eipyXt9aQwcjZrEZCdAXy25Xcs0PqVDBuk +1Df6DZFNUfllcWXu3cDxkBn6xt+aeRdt+SA4b3ivxwmsvivvmcQ+K1x8JhsKVcKV +uVv+lPfhtVc9utOoTQDv3ksqTuaHmGAvQ+iSjTTXcX7UU8mPFR+qPxqrEQrWt0qk +kc9ki9kCgYBxdSt1rwvIEHnQUeRPQqFcIcMhjSDhHArzqnOo2EZkZBcB5U6qcjZH +EBgZKOcNVIBMlmjVHJIAQz8rog8zv0xZjW0W9ijzV93zUq2K0p9uDhDkpFhpNa+0 +UStzpcOI+NZMbwlxYcgAAjOBapsvriqzSeGq93BmW9B6mu5fTet6/w== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainF-entity.pem b/certs/test-pathlen/chainF-entity.pem new file mode 100644 index 000000000..6a7870de6 --- /dev/null +++ b/certs/test-pathlen/chainF-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c9:f8:2c:ad:25:a9:65:3b:72:13:5d:aa:7f:5b: + 71:f5:e0:43:c4:3a:b3:36:0d:34:61:35:86:77:a0: + 2a:81:de:2c:7c:7d:01:fb:f4:c3:00:b0:17:b9:49: + 93:1d:c2:1b:6f:40:ee:86:e0:a7:f3:5e:ad:23:43: + 99:5f:34:38:c8:58:02:9b:cc:9e:59:da:81:5b:b1: + 40:74:ca:c1:b8:67:14:ba:3f:71:16:d9:ba:a9:cd: + f1:96:1b:52:e2:d2:07:6d:6a:d6:cf:e7:a8:c8:e0: + 4f:eb:35:64:bc:aa:1a:17:af:98:de:d0:9b:08:73: + 72:d8:fe:e2:e5:4e:7e:97:37:37:58:9e:5c:65:91: + b9:5d:38:da:ba:db:00:c0:f6:4a:6f:9c:86:23:ad: + b0:c4:ff:b7:dd:d6:9a:b0:de:8d:15:87:e2:4b:04: + 85:6d:5d:cc:5f:65:6f:e1:ae:22:44:80:18:ba:c2: + 95:a4:a3:28:c5:3f:7b:4c:85:6c:0f:11:14:56:d2: + d5:a7:f7:03:e9:f7:ce:ef:d9:18:02:f0:f2:6e:81: + ef:ac:50:87:0e:b0:46:9f:ae:c0:77:8f:03:28:8a: + 9d:6e:87:50:8f:37:46:b3:29:57:a4:c2:ef:25:cd: + 23:1a:ef:1a:03:c9:59:69:cd:45:5f:39:3f:76:d4: + 79:53 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + E9:27:36:DA:64:81:70:89:C9:C1:F9:E3:92:7A:67:11:07:01:4A:49 + X509v3 Authority Key Identifier: + keyid:75:32:21:05:2B:60:FE:44:17:AF:18:65:86:85:19:82:3F:F9:64:83 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainF-ICA2-pathlen0/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: + c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: + 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: + 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: + 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: + af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: + 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: + aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: + a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: + 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: + a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: + f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: + 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: + fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: + 9a:28:91:3b +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfgsrSWpZTtyE12qf1tx +9eBDxDqzNg00YTWGd6Aqgd4sfH0B+/TDALAXuUmTHcIbb0DuhuCn816tI0OZXzQ4 +yFgCm8yeWdqBW7FAdMrBuGcUuj9xFtm6qc3xlhtS4tIHbWrWz+eoyOBP6zVkvKoa +F6+Y3tCbCHNy2P7i5U5+lzc3WJ5cZZG5XTjautsAwPZKb5yGI62wxP+33daasN6N +FYfiSwSFbV3MX2Vv4a4iRIAYusKVpKMoxT97TIVsDxEUVtLVp/cD6ffO79kYAvDy +boHvrFCHDrBGn67Ad48DKIqdbodQjzdGsylXpMLvJc0jGu8aA8lZac1FXzk/dtR5 +UwIDAQABo4H+MIH7MB0GA1UdDgQWBBTpJzbaZIFwicnB+eOSemcRBwFKSTCBzgYD +VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ +dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb +tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a +cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd +6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 +jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU +Jz+ZNb5M+JookTs= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA1-key.pem b/certs/test-pathlen/chainG-ICA1-key.pem new file mode 100644 index 000000000..dd86a5a55 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA0ia+UZhC4B+u/MLLutUPRDsLYNhJ7ANDawbO8igZ+0icC1x/ +AKMin7zpKlvk4RbYnLnDCzDjHIN9wLmkP9o47Is4vkXEpx3BaBgoGbDykwY6vSNn +qgWJMTvCtF6zEss785zW30zty0IbJYAtq8Rnj6X/2mzxGP2hmIzYH2dsKMfLTruw +J+olsV1z0CrpRFC59WVk5s89ktjAbe2WjuLThHDQ2/5wY0T6+Ns10ZWtGJUhZM7i +I35ebC/vp2P+gkrLzCPPnSalZu2cBn5wdgNymdv6vqXDOItAJMFr15y7J4YiqWLg +sr3nteSB6mTbGBYkYoFsqPKDP687tf2w2ISyIQIDAQABAoIBAFOyFHhAsNm8JKAM +IMGPG15sOZLfcUlq303fz0nISNi4SVWJCBfD4QVHYoF5ScWPqMN6hECPvtPbVpkM +FmtLyQIETJwTA0gfZKjFfisFOwbtIzWyxRWE0Ofnyhq14JHqmTzjyPv0EnyyHkeo +LghL14bxcN2YJ8lxMgukhGq1cPEoL7Te9MorQ3pgI2CV5iR8iriXp50RS2xyCO8L +3TL4/tkZ2/RF7+9KNDP5ViYJOmfU9bOxLT7gxIAjjL8uCDk/r1RgT03+jLpoEZSi +o1Sa06fogqV02Y7bkJLXtu5jxAeIcWG0iF6FdC291TcQaM7hv4HwLuxZnxJcgc4I +AxnOuAECgYEA/prt+B7DQ2qWyrATnMP3ScKAMQ3yuE8K7z/u533eZ1TTCmueKjbg +4pmMVCt+E3pSB5WbzTdAx4Gm5ACHkobJnmRb7Y2gjaD27W4Vn+jd/+U3GbHNQDIa +srSxkTBjQakSckqI/KucYAcF+MtXPAeXJp/IklXDxFoGpcwaisMlSuECgYEA0014 +PDe4Ujglay4utpxkyL6d/nlzFseZn+7BJ9ClJiBKCJBF3mlqVArxmwv5fCn+be05 +Ikfljvt7sCUzYseccCYKe5zPa6v7622ERIn8jkTUo43Tm47WzBZsXasNeLdYAu7p +pEjn0AP7w5kRruHI3xqOZScXDhtrrQuogU9Zj0ECgYBWshLOJkt/LVBjfElxXBlc +eGqGSaWYtPGYPkDveqC8ttmV9sdIwJ8bCgYKszSfFUvRYVRIMMRSKwfVI4kGj/cf +hDT5UvyUvXbXqmCarwTJGhgFG9I0RdtpdrXwJnXl6dhqKo8y2ozI9htGeJcfzcXe +VRJLIgEjXzRcSH/ROFn+gQKBgEr/WyacbEqabQWOvbvI5Kivp2oz9xplu+wdFOep +0YQnv78sXfAkID42KCzs4h8k1I51vWqidCL8tZj+iy+LQ8Y2alAXhzNjNqYIGAMv +qrlgSszGQQ4cc7a6WrogRUbMZGueGsVZrxWQ5GI3SSR2NRKi3Vmftzoll2EzGxrS +bCpBAoGBAI/msQiuFLzbbxbtOLmjbh4iptOM8kJY2PpxZAKIxUqwEuOuoF6yY6G7 +jN0QBoN8RtP2syWpoY8G4YqX/zNWOOuL7p/uWRiatGrAc/qUWjNB8yO5Z/LVkOEU +QOcdeEvBUkgVc0qSkDgAAQ0Vktoba4X+Xc6MsD8F3xTJQOe5oToP +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/certs/test-pathlen/chainG-ICA1-pathlen0.pem new file mode 100644 index 000000000..6cbd907d5 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA1-pathlen0.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d2:26:be:51:98:42:e0:1f:ae:fc:c2:cb:ba:d5: + 0f:44:3b:0b:60:d8:49:ec:03:43:6b:06:ce:f2:28: + 19:fb:48:9c:0b:5c:7f:00:a3:22:9f:bc:e9:2a:5b: + e4:e1:16:d8:9c:b9:c3:0b:30:e3:1c:83:7d:c0:b9: + a4:3f:da:38:ec:8b:38:be:45:c4:a7:1d:c1:68:18: + 28:19:b0:f2:93:06:3a:bd:23:67:aa:05:89:31:3b: + c2:b4:5e:b3:12:cb:3b:f3:9c:d6:df:4c:ed:cb:42: + 1b:25:80:2d:ab:c4:67:8f:a5:ff:da:6c:f1:18:fd: + a1:98:8c:d8:1f:67:6c:28:c7:cb:4e:bb:b0:27:ea: + 25:b1:5d:73:d0:2a:e9:44:50:b9:f5:65:64:e6:cf: + 3d:92:d8:c0:6d:ed:96:8e:e2:d3:84:70:d0:db:fe: + 70:63:44:fa:f8:db:35:d1:95:ad:18:95:21:64:ce: + e2:23:7e:5e:6c:2f:ef:a7:63:fe:82:4a:cb:cc:23: + cf:9d:26:a5:66:ed:9c:06:7e:70:76:03:72:99:db: + fa:be:a5:c3:38:8b:40:24:c1:6b:d7:9c:bb:27:86: + 22:a9:62:e0:b2:bd:e7:b5:e4:81:ea:64:db:18:16: + 24:62:81:6c:a8:f2:83:3f:af:3b:b5:fd:b0:d8:84: + b2:21 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 47:C0:19:4B:ED:C4:DA:97:B1:60:EA:5A:0A:42:6D:A5:D3:D8:25:31 + X509v3 Authority Key Identifier: + keyid:E1:E6:9B:28:CF:FD:AB:45:C1:B7:A7:C4:C9:58:FC:41:E3:1A:5C:74 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA3-pathlen99/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: + 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: + 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: + d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: + 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: + ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: + 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: + f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: + 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: + 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: + 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: + 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: + c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: + 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: + 13:a4:f1:d3 +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANImvlGYQuAf +rvzCy7rVD0Q7C2DYSewDQ2sGzvIoGftInAtcfwCjIp+86Spb5OEW2Jy5wwsw4xyD +fcC5pD/aOOyLOL5FxKcdwWgYKBmw8pMGOr0jZ6oFiTE7wrResxLLO/Oc1t9M7ctC +GyWALavEZ4+l/9ps8Rj9oZiM2B9nbCjHy067sCfqJbFdc9Aq6URQufVlZObPPZLY +wG3tlo7i04Rw0Nv+cGNE+vjbNdGVrRiVIWTO4iN+Xmwv76dj/oJKy8wjz50mpWbt +nAZ+cHYDcpnb+r6lwziLQCTBa9ecuyeGIqli4LK957Xkgepk2xgWJGKBbKjygz+v +O7X9sNiEsiECAwEAAaOCARMwggEPMB0GA1UdDgQWBBRHwBlL7cTal7Fg6loKQm2l +09glMTCBzwYDVR0jBIHHMIHEgBTh5psoz/2rRcG3p8TJWPxB4xpcdKGBqKSBpTCB +ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl +YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp +bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 +t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 +lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc +RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 +r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL +yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA2-key.pem b/certs/test-pathlen/chainG-ICA2-key.pem new file mode 100644 index 000000000..c0558a0d3 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA1z7eufmp1456S/LxjPk7HM5ZMUxXDC6KD5Dw3CdVCxDDoui5 +OXUX0Z2ZQ5Sy8VZ2a7lGprg1laHS0OyOvpXceBcKQaEj38uyh8suHQJ9xP569nrY +pY21ERrka9JmAQEDpzuVSZJdwcdJ8BrvAHE3mVqHCkDeVQ5oidznoRS/nXKTfkgp +5OqmTwp6paE5bCGEOo/KejULCs0SZzxWBvWdJMmOSoIjyDh/rJi2slfcgmKEABN7 +6nOAJkqbwbQK8fz/RliWoCGhyY/ZmXRBC9BtMaerh5J2UULviJXMLPKbzNUpoPeq +a+GrMhbNVcQVgGmAkdh4LAcV/cICpPQTdVC4KwIDAQABAoIBAQCeaP6yEDQXGByZ +WKq8/Y+rm5G43l4R8Q5admlNHQVRp3zToELxLmPhOQNa4UzwoJl2nlyIxnlpLjdg +2zgSu2gOWaaKtnUYd2lk1vuRDgxRtpf4XmCjNq9Tb188mxPHGV/+67Lq+nVV771S +n//Va31nt2A7A5KdNoVpMNKnkgWTcS3dJ07znTsHbabcttA58mu2DPXaNVUKystz ++0YF1I/Lp+3tWGfSM2MKqQTaFy219N+xhUtIj2/TOo55Kkz8lAGyctrIfFZZPUY6 +I1YIzxFlC8XNd1DzW2i7qVANM0vzuB85nv8D5RREbBjJ/IHwJgjWp3G2K8o8+kDZ +ZOukmpzBAoGBAO4t4l3rVSaBbmP5F0U/JdZSqoUmGNggkGcyR3vpNT+ZEzhyzJ7d +A1fqzdrrbxXXGVHAqDdEb/tKAuUZmv52OdKlL76ylje1DdDsvw+zzZXYTSz4nMo1 +9jIBXskDeypu4w5zE3WY4FxaDMVbpcJW3fQ1u3aLSCswmOlyKrH3t90PAoGBAOdZ +tjJrOyYD1FELv/BD5fOVInq/3EGFZFZKXSBtLtzYDzLebUPPwrGjwCkq7VIK8BUK +8+IxGlx3KrQL9omUrpb2DuoKjOgeVvsXEL0a1uykkVbkk8O+VBtfdcsJLZimJqhl +kVxXKnPHAp1+cVDt+MvbdCKiE0kwaVqnkUM1H+slAoGASiHB6RWMJTX30+n9kjH7 +Zt/H7zVSWkKYb2Y41ZpaVncggltI0NFdbwnIFLFem9+dI9LhCIKmkAITMJdtpHHL +wYJkf+g51RDnQfXN6ec+v7rZGnwu4Mk23Y2LoOkSdryYszCiB+ITQutMOkkyKHC9 +GHt444aqabbwgQhlvYqqkYUCgYA3/1/5bjkf53dhsp1f0596SRPScFQoy9fQhylp +auQX8ngjUPFTo5s1kjQ2Arz0yc742PDVRBtkXDfK4sZm4MUtpxtPDQS0PnvBRQD5 +NODm4KKJTMRzccM76OxDG9Kci0L6KbN4jWSqJ3Z7lpppA2DgPxsqMt7GLWCi38Jq +aRZzvQKBgFbcHMmGAjgszC+ZSMZP3EhNwMQLAdeCVoEqfZAItO6q2NwB54YhYK9l +nvYieUYGRvFc+jdbyfqPG98BZXcgt2PuB17gA8jdajCZJFeQtCo1GKwWkSYB/2MF +jOJmAGkTZ40jffKgngJKQ8Zs360vjhvPYr51Gr0pZ1/8NT4/yueZ +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/certs/test-pathlen/chainG-ICA2-pathlen1.pem new file mode 100644 index 000000000..e5306aede --- /dev/null +++ b/certs/test-pathlen/chainG-ICA2-pathlen1.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:3e:de:b9:f9:a9:d7:8e:7a:4b:f2:f1:8c:f9: + 3b:1c:ce:59:31:4c:57:0c:2e:8a:0f:90:f0:dc:27: + 55:0b:10:c3:a2:e8:b9:39:75:17:d1:9d:99:43:94: + b2:f1:56:76:6b:b9:46:a6:b8:35:95:a1:d2:d0:ec: + 8e:be:95:dc:78:17:0a:41:a1:23:df:cb:b2:87:cb: + 2e:1d:02:7d:c4:fe:7a:f6:7a:d8:a5:8d:b5:11:1a: + e4:6b:d2:66:01:01:03:a7:3b:95:49:92:5d:c1:c7: + 49:f0:1a:ef:00:71:37:99:5a:87:0a:40:de:55:0e: + 68:89:dc:e7:a1:14:bf:9d:72:93:7e:48:29:e4:ea: + a6:4f:0a:7a:a5:a1:39:6c:21:84:3a:8f:ca:7a:35: + 0b:0a:cd:12:67:3c:56:06:f5:9d:24:c9:8e:4a:82: + 23:c8:38:7f:ac:98:b6:b2:57:dc:82:62:84:00:13: + 7b:ea:73:80:26:4a:9b:c1:b4:0a:f1:fc:ff:46:58: + 96:a0:21:a1:c9:8f:d9:99:74:41:0b:d0:6d:31:a7: + ab:87:92:76:51:42:ef:88:95:cc:2c:f2:9b:cc:d5: + 29:a0:f7:aa:6b:e1:ab:32:16:cd:55:c4:15:80:69: + 80:91:d8:78:2c:07:15:fd:c2:02:a4:f4:13:75:50: + b8:2b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + E1:E6:9B:28:CF:FD:AB:45:C1:B7:A7:C4:C9:58:FC:41:E3:1A:5C:74 + X509v3 Authority Key Identifier: + keyid:C1:CD:1F:81:13:82:24:3B:CF:64:51:7A:4C:E3:65:2E:75:1E:01:23 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA4-pathlen5/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: + ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: + 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: + da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: + aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: + 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: + 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: + 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: + 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: + 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: + b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: + 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: + 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: + 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: + 65:12:f6:ae +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo +YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns +LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG +A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE +AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXPt65+anX +jnpL8vGM+TsczlkxTFcMLooPkPDcJ1ULEMOi6Lk5dRfRnZlDlLLxVnZruUamuDWV +odLQ7I6+ldx4FwpBoSPfy7KHyy4dAn3E/nr2etiljbURGuRr0mYBAQOnO5VJkl3B +x0nwGu8AcTeZWocKQN5VDmiJ3OehFL+dcpN+SCnk6qZPCnqloTlsIYQ6j8p6NQsK +zRJnPFYG9Z0kyY5KgiPIOH+smLayV9yCYoQAE3vqc4AmSpvBtArx/P9GWJagIaHJ +j9mZdEEL0G0xp6uHknZRQu+Ilcws8pvM1Smg96pr4asyFs1VxBWAaYCR2HgsBxX9 +wgKk9BN1ULgrAgMBAAGjggESMIIBDjAdBgNVHQ4EFgQU4eabKM/9q0XBt6fEyVj8 +QeMaXHQwgc4GA1UdIwSBxjCBw4AUwc0fgROCJDvPZFF6TONlLnUeASOhgaekgaQw +gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy +aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 +aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ +qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN +Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 +Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ +I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA3-key.pem b/certs/test-pathlen/chainG-ICA3-key.pem new file mode 100644 index 000000000..357c8f061 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEArPE5Zfecnfbw0rcYFiSBMrelKdb3TjE4p1TW6weXJ6GS4ME6 +tZMGF++ndPibQpcM1tPUNslh75JMPsR0CNYZKs2b8W/oyGefKFSZzmMah1aZNjFl +BcXWl89R5C09dBQx08MF/A58k1fN98SX11xldec1hYEn65qf16K8KEGozpI6ELk1 +KIPcsCfMbiADYBMjIrQ8JViuobIk0SGLufAohK7mAMzLm3iM+kvtc3qRBfn7bjQ7 +fq/5RZ6g1WK72M2VnqKQcifgPrmwXgqy5FWVAwymZkRl2wqfkFrTgcfiPvKwmuAF +HN5kBMJ+yn7fofYY5ZTTdPulHy13zW5eVaOAywIDAQABAoIBAQCTPWlF9DPGlbjh +XftG1tucx5f58EhrrSJz7JpyTesWVczMSBdpAfzdIjArOYJOhnXq7TyvTHNyWddK +VU4JO+b/d0B+pW3GOdrapnSwr9WlRkh5SEKfUJnsdBlfsFiy3IKzrUYKHHdZpxb4 +DMvOEp9ba3c47AaF5AaUu7uAdq5298erL6/viPCwbT5am1U+d3tDGdj9PYPRlzIa +o7QenU8tZcfW+m/6Ogut3kpFQtXRpmzS2ArtG0uAkS6oVzDrDvGu908VvbTyAZ/f +PsYNK972RxO5QEBGsrSl5AQaeoOKOonUa0TWjKq0Q/wWkRZXdNQjKCQll96Izie4 +Ij4pYCh5AoGBANo9u4jDu5HT70U489e585NmAsNWejeQjB8GvLkSXoWqnVO0Dl/p +VsMVwK2hQaD6D4UKHY+3f/Ino3/5nShCgaRZDIOD7ZMW0kqCJOJUNTkDZfigJhfd ++zuQ2fytT4gcvJAwF1vjRril156yQY74k6xMJR2Xm1Px47s2fWYXM9z/AoGBAMrd +IP8Pce4qfSTDK3ukhffdcmiaR0GR2R+gcQYMbkuWmMj9lbKAFKrPHP40bepn1Pqf +SfZE5kIXuWv1QlfROfCqpub3/yYiv7dgKfgOqS8ThZSdtiFcVfsd6huPuXFcDYDw +4O0VTZzEbNb4mXUgBGTPFCUlEIoQ1ZU7Xk1EWUA1AoGAKOBVJsmacTbj4vBG48oF +cD80F0g0PgIJ7KnDYVqqb5jEPPBFnPtEb+e8HglNFIyhqYZ6gPeatE1uV0L2h5rl +U1YGfP+R2PH2U1RK+kVRbqtPRyEf4WqHauG3opcHhXP0cYFAbsqD7YPKfgPfOZsf +da8RaJiD1FZDFEaheCSyZxsCgYBYFtF/MAu+6cBRuFYnaHer/AL0HRoYBOcNbrPl +dnxmYkyR6luYmTlgOnNShx27jb7T3VtWjvCVfovLr0JRs86/DLtQzBuFSc2KKT3Q +Mz2P7aAxupIdxmSnmIPR2AUkjl5mwTJKgNek3T6N0oGAdJiz1Z/fyUp3SXwVQyRd +1PIUiQKBgG+HlGVGmDTssZYpPMsf/qeFD/mzTfnjZJwoxYK+qCKsiwjg9KQPNg+N +ET+Ou3rnIhjJGB8d82TuXzIvlpRVIw7WaPQDTIsTNC2x8W7CURkSTyAzefOpz4tK +wziwYJTC9N3eQwHpSNReyuIyAxgzeYuaZuIFofoQSLfCDYeC6d0j +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/certs/test-pathlen/chainG-ICA3-pathlen99.pem new file mode 100644 index 000000000..f2b79d6e6 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA3-pathlen99.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:ac:f1:39:65:f7:9c:9d:f6:f0:d2:b7:18:16:24: + 81:32:b7:a5:29:d6:f7:4e:31:38:a7:54:d6:eb:07: + 97:27:a1:92:e0:c1:3a:b5:93:06:17:ef:a7:74:f8: + 9b:42:97:0c:d6:d3:d4:36:c9:61:ef:92:4c:3e:c4: + 74:08:d6:19:2a:cd:9b:f1:6f:e8:c8:67:9f:28:54: + 99:ce:63:1a:87:56:99:36:31:65:05:c5:d6:97:cf: + 51:e4:2d:3d:74:14:31:d3:c3:05:fc:0e:7c:93:57: + cd:f7:c4:97:d7:5c:65:75:e7:35:85:81:27:eb:9a: + 9f:d7:a2:bc:28:41:a8:ce:92:3a:10:b9:35:28:83: + dc:b0:27:cc:6e:20:03:60:13:23:22:b4:3c:25:58: + ae:a1:b2:24:d1:21:8b:b9:f0:28:84:ae:e6:00:cc: + cb:9b:78:8c:fa:4b:ed:73:7a:91:05:f9:fb:6e:34: + 3b:7e:af:f9:45:9e:a0:d5:62:bb:d8:cd:95:9e:a2: + 90:72:27:e0:3e:b9:b0:5e:0a:b2:e4:55:95:03:0c: + a6:66:44:65:db:0a:9f:90:5a:d3:81:c7:e2:3e:f2: + b0:9a:e0:05:1c:de:64:04:c2:7e:ca:7e:df:a1:f6: + 18:e5:94:d3:74:fb:a5:1f:2d:77:cd:6e:5e:55:a3: + 80:cb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + C1:CD:1F:81:13:82:24:3B:CF:64:51:7A:4C:E3:65:2E:75:1E:01:23 + X509v3 Authority Key Identifier: + keyid:D4:92:AE:BD:3B:1C:66:4B:17:88:18:15:F8:27:AB:38:CC:07:5A:65 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA5-pathlen20/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:99 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: + ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: + c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: + a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: + 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: + 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: + 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: + 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: + bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: + 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: + 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: + 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: + ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: + a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: + c8:5e:14:b5 +-----BEGIN CERTIFICATE----- +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD +DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs8Tll95yd +9vDStxgWJIEyt6Up1vdOMTinVNbrB5cnoZLgwTq1kwYX76d0+JtClwzW09Q2yWHv +kkw+xHQI1hkqzZvxb+jIZ58oVJnOYxqHVpk2MWUFxdaXz1HkLT10FDHTwwX8DnyT +V833xJfXXGV15zWFgSfrmp/XorwoQajOkjoQuTUog9ywJ8xuIANgEyMitDwlWK6h +siTRIYu58CiEruYAzMubeIz6S+1zepEF+ftuNDt+r/lFnqDVYrvYzZWeopByJ+A+ +ubBeCrLkVZUDDKZmRGXbCp+QWtOBx+I+8rCa4AUc3mQEwn7Kft+h9hjllNN0+6Uf +LXfNbl5Vo4DLAgMBAAGjggETMIIBDzAdBgNVHQ4EFgQUwc0fgROCJDvPZFF6TONl +LnUeASMwgc8GA1UdIwSBxzCBxIAU1JKuvTscZksXiBgV+CerOMwHWmWhgaikgaUw +gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy +aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E +BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV +6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM +YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ +ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm +grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp +Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA4-key.pem b/certs/test-pathlen/chainG-ICA4-key.pem new file mode 100644 index 000000000..fba2bbcdb --- /dev/null +++ b/certs/test-pathlen/chainG-ICA4-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAyUugd7hCQ5bh9I0dpizYEqJASRHrX/tsHRU+r907x/3JYUOZ +jse8Y7xbkyTz5WbIPjqcfQ4bwWyEjJCwEaojLXiZFz7pa6CMZP0Qe2bttD6wlu82 +Hy1txJY8WtyDwunNZNNfx+rbhC4kDHfR/YzP13ivW5jpxP1m+nYdesPDZDKtuYta +TILtOv4HRCATiN8CLNmXIaQ5pvN+i+LAzIZrWiUw1/m6Ke8bLvY/wX2xDJWOwM5z +QUcc7DNEYEadsHUHUMgZvx6CyMM92OIZHgs2nTSVh+qgH+iAYKWxlEIeV8ig5q34 +c8iC5DiE05f8hcTe0sDFbcce6x3B8d6XJ8q+SwIDAQABAoIBAQChoV8dIk/a07ll +UzY+a32oIK37vi7AKDLce2WVctAAuvBLcCtJ8Wl8sA7b7O0GA2zAQvHKnFx/CHK6 +J6eo13NdnJtYhgSJjiWNJYJpg/FULI5A850Clciw9G1MDAqkpHVvAybCcPuIfEAn +3sI3lCyDeH1d0D/NFCfu7o6nN6+ZsIW0FNrNEhmSMLVEXxJvjZboXD6bMC//a9db +/XMZPwah/HxaZebBwZGMOVtNVIAKAMwG1DfT0conX4b+xVJtz/o+dVqBv1KZ0NnQ +KZzVeRpwP/4L4fWhicnOxUFP1h50MOmpB0BmBn7zcjlBG+D8Xhunwa1igZOTh9ft ++UuyCPFBAoGBAPhg3Brlvw3P4xZb64nQykxpFXpP4HRC6pRby/Hyn6RjwDEd7SdC +MQRXv9BkrOSq3WBxu6F/u+zBjFnkj6lENz65cmAijOrXCkDuMRSX9mM5uHzZFpo2 +QKt595HvGGScysG8/6G+cv/0hu5hVMNlSjwvitXlhX0nOgb0PUpjr4fhAoGBAM94 +5/78sFUlG/cdOFfaFe8HR2ddiT3ofoMzdNqP7UR1oLPwT02vjrWjZLEXoSaaCjr4 +CUu3WVV5UndaA8OW4RgplkutMAxBggSBeoC4tGau31J4755ae5HwekE59Jh/XfO9 +vc1DEf49WDzL21mBd8yMY2k739vf52Qxqa27/lurAoGALWYu9S+nU1P7UxvsGp2y +THMsvNWa1kVg8UsyJQBPE9Iz0AaDUZi0svGDGwk73PQqULWZMTTS2byq9cdkRvE0 +E9/7uvy1uzshIasoB3abT5m+UfuwOPHPskgx61fDoqhSG0V7iEnyZTyB6VKbFrgN +8KBUBTLVyoGABsNf7Jf5/qECgYBugL1ASKI6l2tPsRaDZDrudvgHDAC/IofPpaaF +iscbAXO4ozP58pmWERLeZ/GDN+RfCCEbXOqN5fKQczcyA7icP/o3EGVZAcMYV0ZC +LR6Y2mdD6/nkY9kRH/5do1qtppkJ63OeUizRNyc6KnIIODbwkY2ZTTSsTZNXAESZ +rlmJxQKBgDJRGNWNx9WFaKx0WSX9qIvtrpJ3p7Flx8IbqvLCqWY799EXROKxbCNx +0SZMdqs0ebc1h+sEDsGfJs8NPqTdt22C1LQjt9eJIx5eU8lBeR1gTcZ3gdQitSNv +YJr6+6t/C1gvHsvxFWlBG0DPWgJUwqAxvYcGh4aTj9GHuNtvvLDl +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/certs/test-pathlen/chainG-ICA4-pathlen5.pem new file mode 100644 index 000000000..438c971d6 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA4-pathlen5.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c9:4b:a0:77:b8:42:43:96:e1:f4:8d:1d:a6:2c: + d8:12:a2:40:49:11:eb:5f:fb:6c:1d:15:3e:af:dd: + 3b:c7:fd:c9:61:43:99:8e:c7:bc:63:bc:5b:93:24: + f3:e5:66:c8:3e:3a:9c:7d:0e:1b:c1:6c:84:8c:90: + b0:11:aa:23:2d:78:99:17:3e:e9:6b:a0:8c:64:fd: + 10:7b:66:ed:b4:3e:b0:96:ef:36:1f:2d:6d:c4:96: + 3c:5a:dc:83:c2:e9:cd:64:d3:5f:c7:ea:db:84:2e: + 24:0c:77:d1:fd:8c:cf:d7:78:af:5b:98:e9:c4:fd: + 66:fa:76:1d:7a:c3:c3:64:32:ad:b9:8b:5a:4c:82: + ed:3a:fe:07:44:20:13:88:df:02:2c:d9:97:21:a4: + 39:a6:f3:7e:8b:e2:c0:cc:86:6b:5a:25:30:d7:f9: + ba:29:ef:1b:2e:f6:3f:c1:7d:b1:0c:95:8e:c0:ce: + 73:41:47:1c:ec:33:44:60:46:9d:b0:75:07:50:c8: + 19:bf:1e:82:c8:c3:3d:d8:e2:19:1e:0b:36:9d:34: + 95:87:ea:a0:1f:e8:80:60:a5:b1:94:42:1e:57:c8: + a0:e6:ad:f8:73:c8:82:e4:38:84:d3:97:fc:85:c4: + de:d2:c0:c5:6d:c7:1e:eb:1d:c1:f1:de:97:27:ca: + be:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D4:92:AE:BD:3B:1C:66:4B:17:88:18:15:F8:27:AB:38:CC:07:5A:65 + X509v3 Authority Key Identifier: + keyid:1D:51:80:B6:9A:A7:AC:DD:80:7B:4B:A2:0B:62:BE:E4:87:30:C7:CA + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA6-pathlen10/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:5 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: + 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: + 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: + df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: + 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: + 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: + 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: + b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: + f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: + fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: + 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: + d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: + a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: + 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: + 13:29:2a:18 +-----BEGIN CERTIFICATE----- +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo +YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns +LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG +A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE +AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJS6B3uEJD +luH0jR2mLNgSokBJEetf+2wdFT6v3TvH/clhQ5mOx7xjvFuTJPPlZsg+Opx9DhvB +bISMkLARqiMteJkXPulroIxk/RB7Zu20PrCW7zYfLW3Eljxa3IPC6c1k01/H6tuE +LiQMd9H9jM/XeK9bmOnE/Wb6dh16w8NkMq25i1pMgu06/gdEIBOI3wIs2ZchpDmm +836L4sDMhmtaJTDX+bop7xsu9j/BfbEMlY7AznNBRxzsM0RgRp2wdQdQyBm/HoLI +wz3Y4hkeCzadNJWH6qAf6IBgpbGUQh5XyKDmrfhzyILkOITTl/yFxN7SwMVtxx7r +HcHx3pcnyr5LAgMBAAGjggETMIIBDzAdBgNVHQ4EFgQU1JKuvTscZksXiBgV+Cer +OMwHWmUwgc8GA1UdIwSBxzCBxIAUHVGAtpqnrN2Ae0uiC2K+5Icwx8qhgaikgaUw +gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy +aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E +BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 +8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy +xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq +J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp +0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA +Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA5-key.pem b/certs/test-pathlen/chainG-ICA5-key.pem new file mode 100644 index 000000000..e3e23ae9d --- /dev/null +++ b/certs/test-pathlen/chainG-ICA5-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAvp2YokHKZB+iNNxRfUkr9/h6/BoijToXjgCcdAYYDybR6B1V +Sz67bphtZctvvsWYQGUd4R2vrbx8sPq2Ksuv39VSmOYBATEBP8cWBkSSVUNv3Um+ +qlLSgMo60HLzCn5Zyyx0fFsZPXWdPto1RUmLDTaEgEG3znD8qNBNC9TzTnOH2y4Y +IEVw81rRz0/4eK18S5c88Q+K9myPejrJeYItv66A+IsdeRebdjSXsXldefowc3j8 +nO7rYiCV8aivHkqRzB40kMeJIUFBkAkQUt0hdRURqs/Y5Gx9lsjWzZDr+t+G5z02 +cxjzhsWZDg735AmPjCnxrRXpgslsh/wAe0su8QIDAQABAoIBAFM+piLuUoIpYoBt +W1U4uHAB30vr6fz9Sr4kPC9bXfR4AqG49b/3tIlXHiefkbyhtJ0iy8q9WTSppVbx +Fs9XxwYctoa5o+SuTxpYSqEQH0wHOHpOs2rU4sOGDets2AFULsjRMEoCyuIRVEvX +pf4NYSGzFmigyrHonB7pYUxygpNWlb+gPdnclhTj4psk1RP4cekFcLDHVxa2aq9K +STmHna7EE8XhbS2VeJ0+C9eRxXjcpjIMod1D9MycKjomuZMB0ElDp8lFgPvyNwf+ +I6Luv31YkRX7gi7l7HaPSnwnXgYfl7gcMCjgn8q3GHxiz7L40RBqCfdTE7of2ZJi +Yxlq2+UCgYEA62KTMYRCX3fP9+6m0LSPLX+mYVjxzgowcEZ0wbpgTRExONDvzfB/ +JgdwrSVSXhvbmoXs9LtdOWWpISpadh+c2vkx9w8ZP5DWk0h3g3FonP8pz85/OlnR +JaPzXvo+DuUfEG8VK4WneineOp74ZhXHoMbpKyg4zpNwloDYdWaA9dMCgYEAz09F +0Q+tmGfkQ76ECKQcQGsvbVDUED/Fk74VE7T/6d+EJ8RiPo6OQp8j3ObRKnlxm5n2 +XRG8nDyygAlscIZKlHDNaH6Qxvh+MFt378d3ziKuXkpKe147duRkBloQjnxEl5EM +u5bhaIR1EMhXrPjWbbxBA3jubiJ8hK9HDrgJOasCgYBJ4xuJQ5cCGL3zebprcQIw +qg00KZNdtd0WoUctOK/aATeOOifMYV3INjWsZDbCy8PXcYq8F8RfrAW3H3Bd+/Zk +1ixU/SxTw8dXXDwHyqWoAoDBdnSBgIgiZKCUg8DPNCTYJ8ZhbwbvVg0oIZaflN6h +HU87+Ng8IBQLak6IK7D3eQKBgA6OqH5ntW7wTK0dIbRhocI8RJZOiLWjZMJdJKm/ +mgDYOzV3qtZtuDuhZSlL5AAxivK8OvqKFk56TKaFAuJb67zEtwfRa2Utad8HbUKf +JSCKeugQG27STSaqHwP7KxJ2U3K5MsWxcJ6gPoAxMUbqKlSGVaJiyYteTJQcosa7 +0ZoFAoGBAOrSClY4sWV488+X/KFMkpXYdZCVbfGXqPLpaAFEOtOyNZw7PWF3ZfC6 +l3aqPxLBP1P55+KEcxz3dEEXZerr9OWfD5GOdz5/ep/Amrs0x/3ismZFQgXLa8Pm +NKt26anSXny8DfJMMe0W+6PQ2JUjrgp4bWF3OoQzsGLMHQBVFw+u +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/certs/test-pathlen/chainG-ICA5-pathlen20.pem new file mode 100644 index 000000000..aca0a3128 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA5-pathlen20.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:be:9d:98:a2:41:ca:64:1f:a2:34:dc:51:7d:49: + 2b:f7:f8:7a:fc:1a:22:8d:3a:17:8e:00:9c:74:06: + 18:0f:26:d1:e8:1d:55:4b:3e:bb:6e:98:6d:65:cb: + 6f:be:c5:98:40:65:1d:e1:1d:af:ad:bc:7c:b0:fa: + b6:2a:cb:af:df:d5:52:98:e6:01:01:31:01:3f:c7: + 16:06:44:92:55:43:6f:dd:49:be:aa:52:d2:80:ca: + 3a:d0:72:f3:0a:7e:59:cb:2c:74:7c:5b:19:3d:75: + 9d:3e:da:35:45:49:8b:0d:36:84:80:41:b7:ce:70: + fc:a8:d0:4d:0b:d4:f3:4e:73:87:db:2e:18:20:45: + 70:f3:5a:d1:cf:4f:f8:78:ad:7c:4b:97:3c:f1:0f: + 8a:f6:6c:8f:7a:3a:c9:79:82:2d:bf:ae:80:f8:8b: + 1d:79:17:9b:76:34:97:b1:79:5d:79:fa:30:73:78: + fc:9c:ee:eb:62:20:95:f1:a8:af:1e:4a:91:cc:1e: + 34:90:c7:89:21:41:41:90:09:10:52:dd:21:75:15: + 11:aa:cf:d8:e4:6c:7d:96:c8:d6:cd:90:eb:fa:df: + 86:e7:3d:36:73:18:f3:86:c5:99:0e:0e:f7:e4:09: + 8f:8c:29:f1:ad:15:e9:82:c9:6c:87:fc:00:7b:4b: + 2e:f1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 1D:51:80:B6:9A:A7:AC:DD:80:7B:4B:A2:0B:62:BE:E4:87:30:C7:CA + X509v3 Authority Key Identifier: + keyid:14:07:E8:A7:3A:A2:9C:DD:4C:30:B0:4D:F0:00:C4:88:C4:39:DF:73 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA7-pathlen100/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:20 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: + 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: + f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: + de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: + 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: + 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: + 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: + 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: + 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: + cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: + 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: + 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: + 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: + 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: + 5c:9c:5d:21 +-----BEGIN CERTIFICATE----- +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo +YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns +LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG +A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE +AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp2YokHK +ZB+iNNxRfUkr9/h6/BoijToXjgCcdAYYDybR6B1VSz67bphtZctvvsWYQGUd4R2v +rbx8sPq2Ksuv39VSmOYBATEBP8cWBkSSVUNv3Um+qlLSgMo60HLzCn5Zyyx0fFsZ +PXWdPto1RUmLDTaEgEG3znD8qNBNC9TzTnOH2y4YIEVw81rRz0/4eK18S5c88Q+K +9myPejrJeYItv66A+IsdeRebdjSXsXldefowc3j8nO7rYiCV8aivHkqRzB40kMeJ +IUFBkAkQUt0hdRURqs/Y5Gx9lsjWzZDr+t+G5z02cxjzhsWZDg735AmPjCnxrRXp +gslsh/wAe0su8QIDAQABo4IBFDCCARAwHQYDVR0OBBYEFB1RgLaap6zdgHtLogti +vuSHMMfKMIHQBgNVHSMEgcgwgcWAFBQH6Kc6opzdTDCwTfAAxIjEOd9zoYGppIGm +MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH +U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl +cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud +DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk ++Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB +lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld +LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 +X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 +g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA6-key.pem b/certs/test-pathlen/chainG-ICA6-key.pem new file mode 100644 index 000000000..c86bf08cc --- /dev/null +++ b/certs/test-pathlen/chainG-ICA6-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEA4U/J5zDqBv9lyyts8ais9s8Qa4B6r15CCg1hvm8UPJ9kbpZG +d+JkoA7XVkH8W+b+SYYfjyDMS+w68UZ0Gn4z2arV4ngJ3Qw5IH4yEpbNltsQAei3 +quPhJ10Kj5lu7y3YyMh2qtkAnUjZzxIIlzFZwE+j4O5coTXvlHzGBKo+NKZD4Mjt +PZFTU54ZA46/MP3ZtUvzUQtg7Sfisd0VPLBfJQ8pm1+qMWRePYMuuCBmudqntSJA +GT0kXcPn3bZrFsNnI10xZTvLctGnyLDguaLLkIYw1s5/nLOxwzRiY8a5ZjNrW6YA +u0XuAweWpdcvHvHS8l7C0qE2JfB6cMs9HaRvYQIDAQABAoIBAE1NR7NHR/PQqkcT +hhQ/T+B52GNZuD30s+mo/7ELgUDvWtDKRDEbfnSfwue4SfHqBbKKDsfXc+BUk0B2 +cJ0qUXXLtAg4MQIjEHKCeYGBNdYdIJfXFTTPbE9KD7aG6NWswCTbCkPBogFUnk36 +HPJqnyVo7Yvdm/A/hgxG5tVw51i+Udw/LFi3AznJyr/if3FW64LxJaiL5HGDgHQS +Qvs+VuP13vR//BsM2oQPeiPIXpjscTtudFMrawKQiXMSWyD45snNR4AUuBcvXhpE +j+0sBqDWU1N6IeoZAhdTwJU/iDTbrE64VFr2f6U6bE6lI6h392/InKnoVXn6wyvR +s9MxXRUCgYEA8ZcFayiF74z/o37yhHcTEITAngmk1D9d9NKyzTPuXhbBwSTwjPwY +hP6f0KV/mlc+UQp00ULluE2oeM9mA69mD1/eSFqqA6nm5MvNOZsuEzqsmNN+gxk6 +XLuCOFfC7cG5uyodiJq0ooi4X2TXy186XJIZ3eNZ2gm7A0evHXat4T8CgYEA7sA0 +jt6G+oU4ojKn083qxrWNUZfyH3RT1EJv+2S/eZyzrww1kMfZZX3ZbP77iRJSFNaD +w+m709/5mKmZ8JIpcI2P/w5189680YUM+r9dqr4m4DW10vRQshQv/xExoLcXf7ue +dBrXpkSO7wNRaAjE+ljBFK3TBQ3ZY+mmNZ2i518CgYEA20A4zbCAJRAsbN/oDqnW +JnakLIkKCwnbJjYVyT9pBADZJIV2viyHwCMpPP0Fmje1OW0o6UUyIBpyW/m1VoDX +OfrCS53kj+CgyGHhRXd80Dy+qQ+/0BCUM9aEbsfPA2F+QssM9I2ag6ta0FA/u7UX +zS1WxlXvlH6iN27WEQJE+ZcCgYEA2hSZLZNYKgd8ZrPslsy10lJNxqULVe31EKKr +FS++ssAPZSq61welrU4aR7RVYKxqa3xSmaarmeoxXGA3LAbmcVftmyXDWkIvqRZm +d7hLP8Y3Tn/hGNNvzmogOVWkRlBX16YyI43NQ6PGB865ElVIUAC4RUJNyYUP+HKZ +Dspx3fMCgYBUBcxQgh8XOt8lb0zs9mZCXPkbkV401brucO0JqhyYvzGLWC4uYQEw +BuhSW3DKSBcaXMddiuGapuMSwS9A8T6EwGZHZ4PBcndJ2ak1xS2wSr4n/+ttlFWh +dHn8IrPC6E+gZa34CPza2LQzI1Xu3WAVUxijMNpURtC8lNWSzKXoXw== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/certs/test-pathlen/chainG-ICA6-pathlen10.pem new file mode 100644 index 000000000..2833da61f --- /dev/null +++ b/certs/test-pathlen/chainG-ICA6-pathlen10.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:e1:4f:c9:e7:30:ea:06:ff:65:cb:2b:6c:f1:a8: + ac:f6:cf:10:6b:80:7a:af:5e:42:0a:0d:61:be:6f: + 14:3c:9f:64:6e:96:46:77:e2:64:a0:0e:d7:56:41: + fc:5b:e6:fe:49:86:1f:8f:20:cc:4b:ec:3a:f1:46: + 74:1a:7e:33:d9:aa:d5:e2:78:09:dd:0c:39:20:7e: + 32:12:96:cd:96:db:10:01:e8:b7:aa:e3:e1:27:5d: + 0a:8f:99:6e:ef:2d:d8:c8:c8:76:aa:d9:00:9d:48: + d9:cf:12:08:97:31:59:c0:4f:a3:e0:ee:5c:a1:35: + ef:94:7c:c6:04:aa:3e:34:a6:43:e0:c8:ed:3d:91: + 53:53:9e:19:03:8e:bf:30:fd:d9:b5:4b:f3:51:0b: + 60:ed:27:e2:b1:dd:15:3c:b0:5f:25:0f:29:9b:5f: + aa:31:64:5e:3d:83:2e:b8:20:66:b9:da:a7:b5:22: + 40:19:3d:24:5d:c3:e7:dd:b6:6b:16:c3:67:23:5d: + 31:65:3b:cb:72:d1:a7:c8:b0:e0:b9:a2:cb:90:86: + 30:d6:ce:7f:9c:b3:b1:c3:34:62:63:c6:b9:66:33: + 6b:5b:a6:00:bb:45:ee:03:07:96:a5:d7:2f:1e:f1: + d2:f2:5e:c2:d2:a1:36:25:f0:7a:70:cb:3d:1d:a4: + 6f:61 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 14:07:E8:A7:3A:A2:9C:DD:4C:30:B0:4D:F0:00:C4:88:C4:39:DF:73 + X509v3 Authority Key Identifier: + keyid:12:E4:A4:19:85:AE:85:B7:D6:EB:63:04:D5:B9:B0:7E:57:5F:0C:16 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:10 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: + 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: + 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: + 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: + 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: + 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: + e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: + da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: + 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: + 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: + fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: + 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: + 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: + 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: + 66:ec:5d:71 +-----BEGIN CERTIFICATE----- +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV +BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 +b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOFPyecw +6gb/ZcsrbPGorPbPEGuAeq9eQgoNYb5vFDyfZG6WRnfiZKAO11ZB/Fvm/kmGH48g +zEvsOvFGdBp+M9mq1eJ4Cd0MOSB+MhKWzZbbEAHot6rj4SddCo+Zbu8t2MjIdqrZ +AJ1I2c8SCJcxWcBPo+DuXKE175R8xgSqPjSmQ+DI7T2RU1OeGQOOvzD92bVL81EL +YO0n4rHdFTywXyUPKZtfqjFkXj2DLrggZrnap7UiQBk9JF3D5922axbDZyNdMWU7 +y3LRp8iw4Lmiy5CGMNbOf5yzscM0YmPGuWYza1umALtF7gMHlqXXLx7x0vJewtKh +NiXwenDLPR2kb2ECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBQUB+inOqKc3UwwsE3w +AMSIxDnfczCBwQYDVR0jBIG5MIG2gBQS5KQZha6Ft9brYwTVubB+V18MFqGBmqSB +lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv +emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw +FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI +hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF +FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 +31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO ++/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 +K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP +s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA7-key.pem b/certs/test-pathlen/chainG-ICA7-key.pem new file mode 100644 index 000000000..cebaccc16 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA7-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA1ozWxCkgYJ0VPQwq+yQvOIntN8T8V2cqUNjr4mocWQbybT65 +T/5JxSHAFvgpb1EM6njXDhVB2lrLC+BU1oP9D+hOMP/kRMOyAvN9OsZcToaGLHTU +IYXB/k6LBzxUG1Se7Fqlle1aNeAIxoR85q5xEtL9wf0WCjq4xyNLr+DNEl6fT2IT +8Mjk4qgB0zewCCHTD2zk2MEEUelMxbFtzGMjlzDu8B6rbeqTyq1Wbx7tGq6MG5EE +6qudGztWp8HMLzkvs7qMFv1eEBCeJOpAl3S2tOUcwNNfeSwEQzqO9LFWvcclY1w0 +UE29LfEIvYw+0m/65AShUevQ0JCRl3tGxhCSrwIDAQABAoIBAFn8IguN8D11RLYh +B1nj+EYvWyX74ZZK962G/ZAtzwvr5Pu6xgBt98TNfgJkPQSqKs+gtRn8Am2xjN3D +TfHW0+m7Fiho+vV4Wo3wT8K59Xcd5uJ4cYxJzG57xMXZILGB0VHyRubV8PMNrsCM +StJ5sYUipzmYi4jozhz/ibwPfhNIhbD7N7SQZe3J+Uq86fME4pSbStQpaeE8ORyN +LeCdYt6KSY6qGDs4IM8+EJmsjsoxjWci79LVPDEqhGQ9g/cpajh9tsVKluufMt+J +eTQ926YwjnlbY5pogpRoZlEPTlXJx2Ac9YeUs0pTLWZaQyR2XLvs5oNywO3pyR7X +LhVEPLkCgYEA8zpW+VN8LNRPkiHehk6E/2RLdDzMYoD5XRdgB3j8Vn/0NiyvZjLd +p+81/OLg7Yga6IFvU+3iisTefZvnZTqEKrtxyMbGL+LqAQFKGVm6eCZdX15dck4M +V1CwGtdVUl3V5yHuWvwosWV45n4UcDGxQ23VYdY4ypaPICNJevqKWaUCgYEA4dD9 +kwo6th35cn1P19UGFRT2Bo/ArliYvXb0stHGHse1Mz7hAf5epZ7rnJH1jbxtqZMu +OkoDK0Grulnt1AUYZm+6+y9YSbIeVFtOyKDEQeP6yH8VEQSaIScUFOYID8OpLuOq +wzRAz41vnU+957r3kt3DaYopInC02UP8LdMfAsMCgYAb3kJa3OLsbAMV9kV90/9P +F9nBXrn4S1jG/sek84rOCmkbz/Dk380f0bu41vH4pVCX9UShNC9xwO7RK4zOv26n +SsTVwVix4ej35oLr9qjz3UlzhOdmEmU9l+QlnyiKgG/ixLN/v0aWVM8OccG7vSXX +WP1K8XWeWLPbdc+UhKJXdQKBgGpqNlUoqOpRzc+qRgoMFUWyDw6gh8ihb7k5aa8r +NBYlPrrbkuWBndCmx5mNHw6gEX2sIkjNwBiOZgL3hiA4FnuPg6oDcbOpAKn4LXRW +bqYubWw2lxLh/FBLPidrD7l+FyhFmZ9L7I7itAqKHZAqh6jqYMBHn4LfYhpQ83IU +37RJAoGBAKqp3j4JNrhiwq0mBJL4GxFVy7eEjoqg6golGeIVE/5ApdOkQgLQaoeC +RrzNgjjQ3P08+XXXOQJVJRreX5ZVVjnxl/l1ixm0Hc/+SUXog7d4f+0kWWIqDAsC +YNW8MFqvNAN1f+TCKbSfR7oNfyUaoVCV5T5T875Q0et0DjkPTRc8 +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/certs/test-pathlen/chainG-ICA7-pathlen100.pem new file mode 100644 index 000000000..203523a28 --- /dev/null +++ b/certs/test-pathlen/chainG-ICA7-pathlen100.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d6:8c:d6:c4:29:20:60:9d:15:3d:0c:2a:fb:24: + 2f:38:89:ed:37:c4:fc:57:67:2a:50:d8:eb:e2:6a: + 1c:59:06:f2:6d:3e:b9:4f:fe:49:c5:21:c0:16:f8: + 29:6f:51:0c:ea:78:d7:0e:15:41:da:5a:cb:0b:e0: + 54:d6:83:fd:0f:e8:4e:30:ff:e4:44:c3:b2:02:f3: + 7d:3a:c6:5c:4e:86:86:2c:74:d4:21:85:c1:fe:4e: + 8b:07:3c:54:1b:54:9e:ec:5a:a5:95:ed:5a:35:e0: + 08:c6:84:7c:e6:ae:71:12:d2:fd:c1:fd:16:0a:3a: + b8:c7:23:4b:af:e0:cd:12:5e:9f:4f:62:13:f0:c8: + e4:e2:a8:01:d3:37:b0:08:21:d3:0f:6c:e4:d8:c1: + 04:51:e9:4c:c5:b1:6d:cc:63:23:97:30:ee:f0:1e: + ab:6d:ea:93:ca:ad:56:6f:1e:ed:1a:ae:8c:1b:91: + 04:ea:ab:9d:1b:3b:56:a7:c1:cc:2f:39:2f:b3:ba: + 8c:16:fd:5e:10:10:9e:24:ea:40:97:74:b6:b4:e5: + 1c:c0:d3:5f:79:2c:04:43:3a:8e:f4:b1:56:bd:c7: + 25:63:5c:34:50:4d:bd:2d:f1:08:bd:8c:3e:d2:6f: + fa:e4:04:a1:51:eb:d0:d0:90:91:97:7b:46:c6:10: + 92:af + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 12:E4:A4:19:85:AE:85:B7:D6:EB:63:04:D5:B9:B0:7E:57:5F:0C:16 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:100 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: + f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: + c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: + 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: + 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: + 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: + 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: + df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: + e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: + 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: + 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: + 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: + f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: + 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: + ca:8c:2f:a8 +-----BEGIN CERTIFICATE----- +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 +LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWjNbEKSBgnRU9DCr7JC84ie03 +xPxXZypQ2OviahxZBvJtPrlP/knFIcAW+ClvUQzqeNcOFUHaWssL4FTWg/0P6E4w +/+REw7IC8306xlxOhoYsdNQhhcH+TosHPFQbVJ7sWqWV7Vo14AjGhHzmrnES0v3B +/RYKOrjHI0uv4M0SXp9PYhPwyOTiqAHTN7AIIdMPbOTYwQRR6UzFsW3MYyOXMO7w +Hqtt6pPKrVZvHu0arowbkQTqq50bO1anwcwvOS+zuowW/V4QEJ4k6kCXdLa05RzA +0195LARDOo70sVa9xyVjXDRQTb0t8Qi9jD7Sb/rkBKFR69DQkJGXe0bGEJKvAgMB +AAGjggENMIIBCTAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgckGA1Ud +IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK +DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF +BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW +BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX +H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x +lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F +/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS +JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-assembled.pem b/certs/test-pathlen/chainG-assembled.pem new file mode 100644 index 000000000..aa0c41fb4 --- /dev/null +++ b/certs/test-pathlen/chainG-assembled.pem @@ -0,0 +1,710 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:7b:82:23:a2:34:e7:cb:89:4e:64:cc:f2:98: + c8:65:8f:e2:69:55:54:4b:3c:8b:c0:1f:67:37:7f: + 09:cb:9e:df:5e:75:f6:99:83:12:ac:15:23:cf:64: + a4:10:16:a5:10:af:28:86:00:20:4e:f3:4d:fd:08: + fb:a1:a7:18:4c:13:1e:4d:90:2e:e6:9a:e3:28:03: + b4:f4:83:ce:fd:a2:a9:86:56:02:62:33:9f:6e:98: + 7e:0f:cc:06:71:31:8a:93:d2:d9:a3:1d:08:7a:92: + f8:7e:bf:90:5f:a1:e6:2b:64:58:bb:a6:9a:c9:19: + 97:fd:c9:a9:f7:08:27:8a:f3:be:e2:db:88:25:84: + 91:13:06:e2:63:bc:e1:37:82:7e:6f:5a:da:f0:e2: + eb:a1:2a:8f:5d:52:11:af:e2:f5:89:42:79:83:b8: + c0:a5:95:dc:42:c6:1c:90:51:1e:33:f3:f1:c2:e4: + d2:7b:87:c3:64:90:b7:5f:9b:38:ef:d2:d0:4f:d5: + 51:aa:e0:3a:d1:c3:01:03:e7:32:b1:27:c6:48:5a: + c0:ac:26:8d:94:61:76:f8:98:ff:30:6d:aa:55:c3: + 63:fd:a4:a4:1b:3c:6b:e8:05:75:41:17:5d:ad:c9: + 17:9b:c3:4d:6e:9f:7d:7d:36:fe:c0:a3:99:d6:e5: + 92:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 21:3A:72:3B:95:38:DF:99:DE:62:25:21:D0:14:81:6E:CA:AA:FB:A1 + X509v3 Authority Key Identifier: + keyid:47:C0:19:4B:ED:C4:DA:97:B1:60:EA:5A:0A:42:6D:A5:D3:D8:25:31 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA2-pathlen1/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: + 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: + 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: + 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: + cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: + ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: + 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: + 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: + e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: + 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: + ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: + ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: + 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: + 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: + 49:95:7e:49 +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3uCI6I058uJTmTM8pjI +ZY/iaVVUSzyLwB9nN38Jy57fXnX2mYMSrBUjz2SkEBalEK8ohgAgTvNN/Qj7oacY +TBMeTZAu5prjKAO09IPO/aKphlYCYjOfbph+D8wGcTGKk9LZox0IepL4fr+QX6Hm +K2RYu6aayRmX/cmp9wgnivO+4tuIJYSREwbiY7zhN4J+b1ra8OLroSqPXVIRr+L1 +iUJ5g7jApZXcQsYckFEeM/PxwuTSe4fDZJC3X5s479LQT9VRquA60cMBA+cysSfG +SFrArCaNlGF2+Jj/MG2qVcNj/aSkGzxr6AV1QRddrckXm8NNbp99fTb+wKOZ1uWS +rQIDAQABo4H+MIH7MB0GA1UdDgQWBBQhOnI7lTjfmd5iJSHQFIFuyqr7oTCBzgYD +VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg +DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx +txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH +BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI +yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER +P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u +ObIaOLEvt0mVfkk= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d2:26:be:51:98:42:e0:1f:ae:fc:c2:cb:ba:d5: + 0f:44:3b:0b:60:d8:49:ec:03:43:6b:06:ce:f2:28: + 19:fb:48:9c:0b:5c:7f:00:a3:22:9f:bc:e9:2a:5b: + e4:e1:16:d8:9c:b9:c3:0b:30:e3:1c:83:7d:c0:b9: + a4:3f:da:38:ec:8b:38:be:45:c4:a7:1d:c1:68:18: + 28:19:b0:f2:93:06:3a:bd:23:67:aa:05:89:31:3b: + c2:b4:5e:b3:12:cb:3b:f3:9c:d6:df:4c:ed:cb:42: + 1b:25:80:2d:ab:c4:67:8f:a5:ff:da:6c:f1:18:fd: + a1:98:8c:d8:1f:67:6c:28:c7:cb:4e:bb:b0:27:ea: + 25:b1:5d:73:d0:2a:e9:44:50:b9:f5:65:64:e6:cf: + 3d:92:d8:c0:6d:ed:96:8e:e2:d3:84:70:d0:db:fe: + 70:63:44:fa:f8:db:35:d1:95:ad:18:95:21:64:ce: + e2:23:7e:5e:6c:2f:ef:a7:63:fe:82:4a:cb:cc:23: + cf:9d:26:a5:66:ed:9c:06:7e:70:76:03:72:99:db: + fa:be:a5:c3:38:8b:40:24:c1:6b:d7:9c:bb:27:86: + 22:a9:62:e0:b2:bd:e7:b5:e4:81:ea:64:db:18:16: + 24:62:81:6c:a8:f2:83:3f:af:3b:b5:fd:b0:d8:84: + b2:21 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 47:C0:19:4B:ED:C4:DA:97:B1:60:EA:5A:0A:42:6D:A5:D3:D8:25:31 + X509v3 Authority Key Identifier: + keyid:E1:E6:9B:28:CF:FD:AB:45:C1:B7:A7:C4:C9:58:FC:41:E3:1A:5C:74 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA3-pathlen99/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: + 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: + 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: + d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: + 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: + ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: + 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: + f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: + 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: + 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: + 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: + 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: + c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: + 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: + 13:a4:f1:d3 +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANImvlGYQuAf +rvzCy7rVD0Q7C2DYSewDQ2sGzvIoGftInAtcfwCjIp+86Spb5OEW2Jy5wwsw4xyD +fcC5pD/aOOyLOL5FxKcdwWgYKBmw8pMGOr0jZ6oFiTE7wrResxLLO/Oc1t9M7ctC +GyWALavEZ4+l/9ps8Rj9oZiM2B9nbCjHy067sCfqJbFdc9Aq6URQufVlZObPPZLY +wG3tlo7i04Rw0Nv+cGNE+vjbNdGVrRiVIWTO4iN+Xmwv76dj/oJKy8wjz50mpWbt +nAZ+cHYDcpnb+r6lwziLQCTBa9ecuyeGIqli4LK957Xkgepk2xgWJGKBbKjygz+v +O7X9sNiEsiECAwEAAaOCARMwggEPMB0GA1UdDgQWBBRHwBlL7cTal7Fg6loKQm2l +09glMTCBzwYDVR0jBIHHMIHEgBTh5psoz/2rRcG3p8TJWPxB4xpcdKGBqKSBpTCB +ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl +YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp +bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 +t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 +lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc +RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 +r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL +yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d7:3e:de:b9:f9:a9:d7:8e:7a:4b:f2:f1:8c:f9: + 3b:1c:ce:59:31:4c:57:0c:2e:8a:0f:90:f0:dc:27: + 55:0b:10:c3:a2:e8:b9:39:75:17:d1:9d:99:43:94: + b2:f1:56:76:6b:b9:46:a6:b8:35:95:a1:d2:d0:ec: + 8e:be:95:dc:78:17:0a:41:a1:23:df:cb:b2:87:cb: + 2e:1d:02:7d:c4:fe:7a:f6:7a:d8:a5:8d:b5:11:1a: + e4:6b:d2:66:01:01:03:a7:3b:95:49:92:5d:c1:c7: + 49:f0:1a:ef:00:71:37:99:5a:87:0a:40:de:55:0e: + 68:89:dc:e7:a1:14:bf:9d:72:93:7e:48:29:e4:ea: + a6:4f:0a:7a:a5:a1:39:6c:21:84:3a:8f:ca:7a:35: + 0b:0a:cd:12:67:3c:56:06:f5:9d:24:c9:8e:4a:82: + 23:c8:38:7f:ac:98:b6:b2:57:dc:82:62:84:00:13: + 7b:ea:73:80:26:4a:9b:c1:b4:0a:f1:fc:ff:46:58: + 96:a0:21:a1:c9:8f:d9:99:74:41:0b:d0:6d:31:a7: + ab:87:92:76:51:42:ef:88:95:cc:2c:f2:9b:cc:d5: + 29:a0:f7:aa:6b:e1:ab:32:16:cd:55:c4:15:80:69: + 80:91:d8:78:2c:07:15:fd:c2:02:a4:f4:13:75:50: + b8:2b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + E1:E6:9B:28:CF:FD:AB:45:C1:B7:A7:C4:C9:58:FC:41:E3:1A:5C:74 + X509v3 Authority Key Identifier: + keyid:C1:CD:1F:81:13:82:24:3B:CF:64:51:7A:4C:E3:65:2E:75:1E:01:23 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA4-pathlen5/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:1 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: + ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: + 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: + da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: + aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: + 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: + 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: + 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: + 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: + 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: + b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: + 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: + 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: + 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: + 65:12:f6:ae +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo +YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns +LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG +A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE +AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXPt65+anX +jnpL8vGM+TsczlkxTFcMLooPkPDcJ1ULEMOi6Lk5dRfRnZlDlLLxVnZruUamuDWV +odLQ7I6+ldx4FwpBoSPfy7KHyy4dAn3E/nr2etiljbURGuRr0mYBAQOnO5VJkl3B +x0nwGu8AcTeZWocKQN5VDmiJ3OehFL+dcpN+SCnk6qZPCnqloTlsIYQ6j8p6NQsK +zRJnPFYG9Z0kyY5KgiPIOH+smLayV9yCYoQAE3vqc4AmSpvBtArx/P9GWJagIaHJ +j9mZdEEL0G0xp6uHknZRQu+Ilcws8pvM1Smg96pr4asyFs1VxBWAaYCR2HgsBxX9 +wgKk9BN1ULgrAgMBAAGjggESMIIBDjAdBgNVHQ4EFgQU4eabKM/9q0XBt6fEyVj8 +QeMaXHQwgc4GA1UdIwSBxjCBw4AUwc0fgROCJDvPZFF6TONlLnUeASOhgaekgaQw +gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy +aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ +ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 +aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ +qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN +Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 +Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ +I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:ac:f1:39:65:f7:9c:9d:f6:f0:d2:b7:18:16:24: + 81:32:b7:a5:29:d6:f7:4e:31:38:a7:54:d6:eb:07: + 97:27:a1:92:e0:c1:3a:b5:93:06:17:ef:a7:74:f8: + 9b:42:97:0c:d6:d3:d4:36:c9:61:ef:92:4c:3e:c4: + 74:08:d6:19:2a:cd:9b:f1:6f:e8:c8:67:9f:28:54: + 99:ce:63:1a:87:56:99:36:31:65:05:c5:d6:97:cf: + 51:e4:2d:3d:74:14:31:d3:c3:05:fc:0e:7c:93:57: + cd:f7:c4:97:d7:5c:65:75:e7:35:85:81:27:eb:9a: + 9f:d7:a2:bc:28:41:a8:ce:92:3a:10:b9:35:28:83: + dc:b0:27:cc:6e:20:03:60:13:23:22:b4:3c:25:58: + ae:a1:b2:24:d1:21:8b:b9:f0:28:84:ae:e6:00:cc: + cb:9b:78:8c:fa:4b:ed:73:7a:91:05:f9:fb:6e:34: + 3b:7e:af:f9:45:9e:a0:d5:62:bb:d8:cd:95:9e:a2: + 90:72:27:e0:3e:b9:b0:5e:0a:b2:e4:55:95:03:0c: + a6:66:44:65:db:0a:9f:90:5a:d3:81:c7:e2:3e:f2: + b0:9a:e0:05:1c:de:64:04:c2:7e:ca:7e:df:a1:f6: + 18:e5:94:d3:74:fb:a5:1f:2d:77:cd:6e:5e:55:a3: + 80:cb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + C1:CD:1F:81:13:82:24:3B:CF:64:51:7A:4C:E3:65:2E:75:1E:01:23 + X509v3 Authority Key Identifier: + keyid:D4:92:AE:BD:3B:1C:66:4B:17:88:18:15:F8:27:AB:38:CC:07:5A:65 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA5-pathlen20/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:99 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: + ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: + c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: + a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: + 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: + 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: + 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: + 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: + bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: + 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: + 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: + 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: + ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: + a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: + c8:5e:14:b5 +-----BEGIN CERTIFICATE----- +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD +DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs8Tll95yd +9vDStxgWJIEyt6Up1vdOMTinVNbrB5cnoZLgwTq1kwYX76d0+JtClwzW09Q2yWHv +kkw+xHQI1hkqzZvxb+jIZ58oVJnOYxqHVpk2MWUFxdaXz1HkLT10FDHTwwX8DnyT +V833xJfXXGV15zWFgSfrmp/XorwoQajOkjoQuTUog9ywJ8xuIANgEyMitDwlWK6h +siTRIYu58CiEruYAzMubeIz6S+1zepEF+ftuNDt+r/lFnqDVYrvYzZWeopByJ+A+ +ubBeCrLkVZUDDKZmRGXbCp+QWtOBx+I+8rCa4AUc3mQEwn7Kft+h9hjllNN0+6Uf +LXfNbl5Vo4DLAgMBAAGjggETMIIBDzAdBgNVHQ4EFgQUwc0fgROCJDvPZFF6TONl +LnUeASMwgc8GA1UdIwSBxzCBxIAU1JKuvTscZksXiBgV+CerOMwHWmWhgaikgaUw +gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy +aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E +BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV +6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM +YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ +ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm +grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp +Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c9:4b:a0:77:b8:42:43:96:e1:f4:8d:1d:a6:2c: + d8:12:a2:40:49:11:eb:5f:fb:6c:1d:15:3e:af:dd: + 3b:c7:fd:c9:61:43:99:8e:c7:bc:63:bc:5b:93:24: + f3:e5:66:c8:3e:3a:9c:7d:0e:1b:c1:6c:84:8c:90: + b0:11:aa:23:2d:78:99:17:3e:e9:6b:a0:8c:64:fd: + 10:7b:66:ed:b4:3e:b0:96:ef:36:1f:2d:6d:c4:96: + 3c:5a:dc:83:c2:e9:cd:64:d3:5f:c7:ea:db:84:2e: + 24:0c:77:d1:fd:8c:cf:d7:78:af:5b:98:e9:c4:fd: + 66:fa:76:1d:7a:c3:c3:64:32:ad:b9:8b:5a:4c:82: + ed:3a:fe:07:44:20:13:88:df:02:2c:d9:97:21:a4: + 39:a6:f3:7e:8b:e2:c0:cc:86:6b:5a:25:30:d7:f9: + ba:29:ef:1b:2e:f6:3f:c1:7d:b1:0c:95:8e:c0:ce: + 73:41:47:1c:ec:33:44:60:46:9d:b0:75:07:50:c8: + 19:bf:1e:82:c8:c3:3d:d8:e2:19:1e:0b:36:9d:34: + 95:87:ea:a0:1f:e8:80:60:a5:b1:94:42:1e:57:c8: + a0:e6:ad:f8:73:c8:82:e4:38:84:d3:97:fc:85:c4: + de:d2:c0:c5:6d:c7:1e:eb:1d:c1:f1:de:97:27:ca: + be:4b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D4:92:AE:BD:3B:1C:66:4B:17:88:18:15:F8:27:AB:38:CC:07:5A:65 + X509v3 Authority Key Identifier: + keyid:1D:51:80:B6:9A:A7:AC:DD:80:7B:4B:A2:0B:62:BE:E4:87:30:C7:CA + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA6-pathlen10/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:5 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: + 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: + 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: + df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: + 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: + 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: + 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: + b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: + f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: + fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: + 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: + d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: + a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: + 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: + 13:29:2a:18 +-----BEGIN CERTIFICATE----- +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo +YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns +LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG +A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE +AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJS6B3uEJD +luH0jR2mLNgSokBJEetf+2wdFT6v3TvH/clhQ5mOx7xjvFuTJPPlZsg+Opx9DhvB +bISMkLARqiMteJkXPulroIxk/RB7Zu20PrCW7zYfLW3Eljxa3IPC6c1k01/H6tuE +LiQMd9H9jM/XeK9bmOnE/Wb6dh16w8NkMq25i1pMgu06/gdEIBOI3wIs2ZchpDmm +836L4sDMhmtaJTDX+bop7xsu9j/BfbEMlY7AznNBRxzsM0RgRp2wdQdQyBm/HoLI +wz3Y4hkeCzadNJWH6qAf6IBgpbGUQh5XyKDmrfhzyILkOITTl/yFxN7SwMVtxx7r +HcHx3pcnyr5LAgMBAAGjggETMIIBDzAdBgNVHQ4EFgQU1JKuvTscZksXiBgV+Cer +OMwHWmUwgc8GA1UdIwSBxzCBxIAUHVGAtpqnrN2Ae0uiC2K+5Icwx8qhgaikgaUw +gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT +ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy +aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B +CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E +BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 +8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy +xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq +J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp +0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA +Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:be:9d:98:a2:41:ca:64:1f:a2:34:dc:51:7d:49: + 2b:f7:f8:7a:fc:1a:22:8d:3a:17:8e:00:9c:74:06: + 18:0f:26:d1:e8:1d:55:4b:3e:bb:6e:98:6d:65:cb: + 6f:be:c5:98:40:65:1d:e1:1d:af:ad:bc:7c:b0:fa: + b6:2a:cb:af:df:d5:52:98:e6:01:01:31:01:3f:c7: + 16:06:44:92:55:43:6f:dd:49:be:aa:52:d2:80:ca: + 3a:d0:72:f3:0a:7e:59:cb:2c:74:7c:5b:19:3d:75: + 9d:3e:da:35:45:49:8b:0d:36:84:80:41:b7:ce:70: + fc:a8:d0:4d:0b:d4:f3:4e:73:87:db:2e:18:20:45: + 70:f3:5a:d1:cf:4f:f8:78:ad:7c:4b:97:3c:f1:0f: + 8a:f6:6c:8f:7a:3a:c9:79:82:2d:bf:ae:80:f8:8b: + 1d:79:17:9b:76:34:97:b1:79:5d:79:fa:30:73:78: + fc:9c:ee:eb:62:20:95:f1:a8:af:1e:4a:91:cc:1e: + 34:90:c7:89:21:41:41:90:09:10:52:dd:21:75:15: + 11:aa:cf:d8:e4:6c:7d:96:c8:d6:cd:90:eb:fa:df: + 86:e7:3d:36:73:18:f3:86:c5:99:0e:0e:f7:e4:09: + 8f:8c:29:f1:ad:15:e9:82:c9:6c:87:fc:00:7b:4b: + 2e:f1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 1D:51:80:B6:9A:A7:AC:DD:80:7B:4B:A2:0B:62:BE:E4:87:30:C7:CA + X509v3 Authority Key Identifier: + keyid:14:07:E8:A7:3A:A2:9C:DD:4C:30:B0:4D:F0:00:C4:88:C4:39:DF:73 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA7-pathlen100/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:20 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: + 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: + f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: + de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: + 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: + 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: + 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: + 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: + 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: + cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: + 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: + 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: + 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: + 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: + 5c:9c:5d:21 +-----BEGIN CERTIFICATE----- +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo +YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns +LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG +A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE +AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp2YokHK +ZB+iNNxRfUkr9/h6/BoijToXjgCcdAYYDybR6B1VSz67bphtZctvvsWYQGUd4R2v +rbx8sPq2Ksuv39VSmOYBATEBP8cWBkSSVUNv3Um+qlLSgMo60HLzCn5Zyyx0fFsZ +PXWdPto1RUmLDTaEgEG3znD8qNBNC9TzTnOH2y4YIEVw81rRz0/4eK18S5c88Q+K +9myPejrJeYItv66A+IsdeRebdjSXsXldefowc3j8nO7rYiCV8aivHkqRzB40kMeJ +IUFBkAkQUt0hdRURqs/Y5Gx9lsjWzZDr+t+G5z02cxjzhsWZDg735AmPjCnxrRXp +gslsh/wAe0su8QIDAQABo4IBFDCCARAwHQYDVR0OBBYEFB1RgLaap6zdgHtLogti +vuSHMMfKMIHQBgNVHSMEgcgwgcWAFBQH6Kc6opzdTDCwTfAAxIjEOd9zoYGppIGm +MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH +U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl +cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud +DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk ++Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB +lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld +LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 +X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 +g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:e1:4f:c9:e7:30:ea:06:ff:65:cb:2b:6c:f1:a8: + ac:f6:cf:10:6b:80:7a:af:5e:42:0a:0d:61:be:6f: + 14:3c:9f:64:6e:96:46:77:e2:64:a0:0e:d7:56:41: + fc:5b:e6:fe:49:86:1f:8f:20:cc:4b:ec:3a:f1:46: + 74:1a:7e:33:d9:aa:d5:e2:78:09:dd:0c:39:20:7e: + 32:12:96:cd:96:db:10:01:e8:b7:aa:e3:e1:27:5d: + 0a:8f:99:6e:ef:2d:d8:c8:c8:76:aa:d9:00:9d:48: + d9:cf:12:08:97:31:59:c0:4f:a3:e0:ee:5c:a1:35: + ef:94:7c:c6:04:aa:3e:34:a6:43:e0:c8:ed:3d:91: + 53:53:9e:19:03:8e:bf:30:fd:d9:b5:4b:f3:51:0b: + 60:ed:27:e2:b1:dd:15:3c:b0:5f:25:0f:29:9b:5f: + aa:31:64:5e:3d:83:2e:b8:20:66:b9:da:a7:b5:22: + 40:19:3d:24:5d:c3:e7:dd:b6:6b:16:c3:67:23:5d: + 31:65:3b:cb:72:d1:a7:c8:b0:e0:b9:a2:cb:90:86: + 30:d6:ce:7f:9c:b3:b1:c3:34:62:63:c6:b9:66:33: + 6b:5b:a6:00:bb:45:ee:03:07:96:a5:d7:2f:1e:f1: + d2:f2:5e:c2:d2:a1:36:25:f0:7a:70:cb:3d:1d:a4: + 6f:61 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 14:07:E8:A7:3A:A2:9C:DD:4C:30:B0:4D:F0:00:C4:88:C4:39:DF:73 + X509v3 Authority Key Identifier: + keyid:12:E4:A4:19:85:AE:85:B7:D6:EB:63:04:D5:B9:B0:7E:57:5F:0C:16 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:10 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: + 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: + 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: + 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: + 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: + 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: + e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: + da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: + 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: + 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: + fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: + 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: + 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: + 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: + 66:ec:5d:71 +-----BEGIN CERTIFICATE----- +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV +BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 +b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOFPyecw +6gb/ZcsrbPGorPbPEGuAeq9eQgoNYb5vFDyfZG6WRnfiZKAO11ZB/Fvm/kmGH48g +zEvsOvFGdBp+M9mq1eJ4Cd0MOSB+MhKWzZbbEAHot6rj4SddCo+Zbu8t2MjIdqrZ +AJ1I2c8SCJcxWcBPo+DuXKE175R8xgSqPjSmQ+DI7T2RU1OeGQOOvzD92bVL81EL +YO0n4rHdFTywXyUPKZtfqjFkXj2DLrggZrnap7UiQBk9JF3D5922axbDZyNdMWU7 +y3LRp8iw4Lmiy5CGMNbOf5yzscM0YmPGuWYza1umALtF7gMHlqXXLx7x0vJewtKh +NiXwenDLPR2kb2ECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBQUB+inOqKc3UwwsE3w +AMSIxDnfczCBwQYDVR0jBIG5MIG2gBQS5KQZha6Ft9brYwTVubB+V18MFqGBmqSB +lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv +emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw +FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s +ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI +hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF +FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 +31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO ++/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 +K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP +s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:42 2019 GMT + Not After : Jul 6 21:32:42 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d6:8c:d6:c4:29:20:60:9d:15:3d:0c:2a:fb:24: + 2f:38:89:ed:37:c4:fc:57:67:2a:50:d8:eb:e2:6a: + 1c:59:06:f2:6d:3e:b9:4f:fe:49:c5:21:c0:16:f8: + 29:6f:51:0c:ea:78:d7:0e:15:41:da:5a:cb:0b:e0: + 54:d6:83:fd:0f:e8:4e:30:ff:e4:44:c3:b2:02:f3: + 7d:3a:c6:5c:4e:86:86:2c:74:d4:21:85:c1:fe:4e: + 8b:07:3c:54:1b:54:9e:ec:5a:a5:95:ed:5a:35:e0: + 08:c6:84:7c:e6:ae:71:12:d2:fd:c1:fd:16:0a:3a: + b8:c7:23:4b:af:e0:cd:12:5e:9f:4f:62:13:f0:c8: + e4:e2:a8:01:d3:37:b0:08:21:d3:0f:6c:e4:d8:c1: + 04:51:e9:4c:c5:b1:6d:cc:63:23:97:30:ee:f0:1e: + ab:6d:ea:93:ca:ad:56:6f:1e:ed:1a:ae:8c:1b:91: + 04:ea:ab:9d:1b:3b:56:a7:c1:cc:2f:39:2f:b3:ba: + 8c:16:fd:5e:10:10:9e:24:ea:40:97:74:b6:b4:e5: + 1c:c0:d3:5f:79:2c:04:43:3a:8e:f4:b1:56:bd:c7: + 25:63:5c:34:50:4d:bd:2d:f1:08:bd:8c:3e:d2:6f: + fa:e4:04:a1:51:eb:d0:d0:90:91:97:7b:46:c6:10: + 92:af + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 12:E4:A4:19:85:AE:85:B7:D6:EB:63:04:D5:B9:B0:7E:57:5F:0C:16 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:100 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: + f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: + c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: + 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: + 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: + 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: + 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: + df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: + e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: + 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: + 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: + 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: + f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: + 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: + ca:8c:2f:a8 +-----BEGIN CERTIFICATE----- +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 +LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWjNbEKSBgnRU9DCr7JC84ie03 +xPxXZypQ2OviahxZBvJtPrlP/knFIcAW+ClvUQzqeNcOFUHaWssL4FTWg/0P6E4w +/+REw7IC8306xlxOhoYsdNQhhcH+TosHPFQbVJ7sWqWV7Vo14AjGhHzmrnES0v3B +/RYKOrjHI0uv4M0SXp9PYhPwyOTiqAHTN7AIIdMPbOTYwQRR6UzFsW3MYyOXMO7w +Hqtt6pPKrVZvHu0arowbkQTqq50bO1anwcwvOS+zuowW/V4QEJ4k6kCXdLa05RzA +0195LARDOo70sVa9xyVjXDRQTb0t8Qi9jD7Sb/rkBKFR69DQkJGXe0bGEJKvAgMB +AAGjggENMIIBCTAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgckGA1Ud +IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT +AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK +DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv +bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF +BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW +BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX +H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x +lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F +/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS +JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-entity-key.pem b/certs/test-pathlen/chainG-entity-key.pem new file mode 100644 index 000000000..1a169591c --- /dev/null +++ b/certs/test-pathlen/chainG-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAu3uCI6I058uJTmTM8pjIZY/iaVVUSzyLwB9nN38Jy57fXnX2 +mYMSrBUjz2SkEBalEK8ohgAgTvNN/Qj7oacYTBMeTZAu5prjKAO09IPO/aKphlYC +YjOfbph+D8wGcTGKk9LZox0IepL4fr+QX6HmK2RYu6aayRmX/cmp9wgnivO+4tuI +JYSREwbiY7zhN4J+b1ra8OLroSqPXVIRr+L1iUJ5g7jApZXcQsYckFEeM/PxwuTS +e4fDZJC3X5s479LQT9VRquA60cMBA+cysSfGSFrArCaNlGF2+Jj/MG2qVcNj/aSk +Gzxr6AV1QRddrckXm8NNbp99fTb+wKOZ1uWSrQIDAQABAoIBAFw5+p/q2Fm6b1YI +EiW48MO9TyR/3FKSezDMgerz7G6lPb5rCx8jMllCoPYRzP85FIQrliStBTexSokS +FS7FUxeBRCPlrJy2Ts5NXIP4Hyf4D6rMvqluOZyfGUxOElE2jLQBQhySWKxrhiBb +vfq9Wsu3tkrBP11z4Kfwv1KNSV55h2g/xDPl443d3VqwiLFAY6YESHsy3eXdWKYT +AiCddq7FQo+nHHUpVoUtHr23LLyanVcgu9j9fNusQn7GGVSFKvPLuSpZwMuggAtX +K7t93ItX7nhSx5jvWn2xxrDBV/3Xj6N4+uaZCI/5kuzEdM9NDEEJPxHKg8LNltnE +8su+8CECgYEA58PPdmPLtPrllVBtuasoIMoKPg4DDCe6BnrS2eEXoiu9vYVsbRYk +OPbSnlZ50uoex+tKogynFeDVYW0dM4xWSFyd5DmuLnA0Ivbt/mKhTbizg/Lnphlb ++ICseYkOikrNzbhDZUCthzPgw7R5QW20D3CDOI3KxEC1zcrTHG6vJvUCgYEAzxZJ +hM/lQKg5/KfXOynZGZ1XzZtDN9s+QAqbrQPxzcsFZxeXhBVv0GVPAp1OiTAYFopY +whFPTwjxpAsu4BYVpc6vGBRCHoG1JOYYF9F2bCoCNQ8PDeJOcyD2mIRD+FJt2lin +qyb63Jieq9xtLuOZGNwPzyqmo6zCaznmRk8dOdkCgYAeGhCYD94lY3DuM8QMmW5c +0+EArlE3AvHmZY19Pv8S0RuTwgCTKo0J2QUCC7lG66GT1bub0IjjDpCoVsO0LkYG +oADh45v77BbZc7j1kVnh/ltSh/oOWLzZSd0c6/A3hf+0+HnIbN4c8WAACzC0jssU +NkjUz5XGZ6E1WWKSDs4xAQKBgG+uhVerBugn0Z4ApoKxvvOhd4jbAxVMl/XRwsM8 +LVve8br3bi89oF+zQzkVvRUfat49HkELNMpa+HaP0WfogSQ6oxNJWZ86NIcB0FyI +CmWrAiW7SVMjiUttq4/1RPLXAYeP6FzVWNU/OdNVvUxcUmSlyaDgT55VvUQ2pYml +gQ2BAoGAYNysHrNKaBB57C2QX+WYpvrPmsLm70Zy8SeHaFBGdmFx3lZsUufJNfyt +kLzfSbZZ2X5Ab94U43mZoDcxZLGB3JKIWTUe6ubECVcV3IblgdzqdV26a3wde119 +IlmOeskz7C48fZ4sO6KTcoNEUU+28L8noIn6nYHVJ2Q/FGlOx38= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainG-entity.pem b/certs/test-pathlen/chainG-entity.pem new file mode 100644 index 000000000..fc8a96ca2 --- /dev/null +++ b/certs/test-pathlen/chainG-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:7b:82:23:a2:34:e7:cb:89:4e:64:cc:f2:98: + c8:65:8f:e2:69:55:54:4b:3c:8b:c0:1f:67:37:7f: + 09:cb:9e:df:5e:75:f6:99:83:12:ac:15:23:cf:64: + a4:10:16:a5:10:af:28:86:00:20:4e:f3:4d:fd:08: + fb:a1:a7:18:4c:13:1e:4d:90:2e:e6:9a:e3:28:03: + b4:f4:83:ce:fd:a2:a9:86:56:02:62:33:9f:6e:98: + 7e:0f:cc:06:71:31:8a:93:d2:d9:a3:1d:08:7a:92: + f8:7e:bf:90:5f:a1:e6:2b:64:58:bb:a6:9a:c9:19: + 97:fd:c9:a9:f7:08:27:8a:f3:be:e2:db:88:25:84: + 91:13:06:e2:63:bc:e1:37:82:7e:6f:5a:da:f0:e2: + eb:a1:2a:8f:5d:52:11:af:e2:f5:89:42:79:83:b8: + c0:a5:95:dc:42:c6:1c:90:51:1e:33:f3:f1:c2:e4: + d2:7b:87:c3:64:90:b7:5f:9b:38:ef:d2:d0:4f:d5: + 51:aa:e0:3a:d1:c3:01:03:e7:32:b1:27:c6:48:5a: + c0:ac:26:8d:94:61:76:f8:98:ff:30:6d:aa:55:c3: + 63:fd:a4:a4:1b:3c:6b:e8:05:75:41:17:5d:ad:c9: + 17:9b:c3:4d:6e:9f:7d:7d:36:fe:c0:a3:99:d6:e5: + 92:ad + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 21:3A:72:3B:95:38:DF:99:DE:62:25:21:D0:14:81:6E:CA:AA:FB:A1 + X509v3 Authority Key Identifier: + keyid:47:C0:19:4B:ED:C4:DA:97:B1:60:EA:5A:0A:42:6D:A5:D3:D8:25:31 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainG-ICA2-pathlen1/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: + 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: + 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: + 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: + cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: + ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: + 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: + 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: + e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: + 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: + ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: + ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: + 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: + 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: + 49:95:7e:49 +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3uCI6I058uJTmTM8pjI +ZY/iaVVUSzyLwB9nN38Jy57fXnX2mYMSrBUjz2SkEBalEK8ohgAgTvNN/Qj7oacY +TBMeTZAu5prjKAO09IPO/aKphlYCYjOfbph+D8wGcTGKk9LZox0IepL4fr+QX6Hm +K2RYu6aayRmX/cmp9wgnivO+4tuIJYSREwbiY7zhN4J+b1ra8OLroSqPXVIRr+L1 +iUJ5g7jApZXcQsYckFEeM/PxwuTSe4fDZJC3X5s479LQT9VRquA60cMBA+cysSfG +SFrArCaNlGF2+Jj/MG2qVcNj/aSkGzxr6AV1QRddrckXm8NNbp99fTb+wKOZ1uWS +rQIDAQABo4H+MIH7MB0GA1UdDgQWBBQhOnI7lTjfmd5iJSHQFIFuyqr7oTCBzgYD +VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg +DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx +txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH +BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI +yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER +P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u +ObIaOLEvt0mVfkk= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA1-key.pem b/certs/test-pathlen/chainH-ICA1-key.pem new file mode 100644 index 000000000..adc22e260 --- /dev/null +++ b/certs/test-pathlen/chainH-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAx/SmfvLLT24EGNNT1c+/fpfRdJT+261hPxIgZ/MQg3tRQ6MM +ILc1Y/EK7ll0gnL70dQScewOj2nJ+6+nL8Q7LGY0q6yAwm1KDlT+9j46ACWEp8tC +1ehHBJTkaMP1Mq0hidhe+Yjufc6Roxb8h3YfLx1MsS89TfQKbAT9Sc9RiEnEA2Vj +HsjxNB1ENFiv9eyQKoypOHvc+l/tAO0IU033NhDtcUGq47/oXe5ONjlXfvT9w/eK +Ug/xN3IrrpB3ANZ87OzujfhL+zkKRUmBMUE/qbt7HIrPMQnHlKdwStS76mE9mqGO +G4sCOx8fxIXpf2MM6uWRg6hbJTR8qGjrl290mQIDAQABAoIBAASHGa4OOWRXDWiy +gFd7GM75CRkmto6q4mTXODyiWGFhzXlGm+Oxwle9AY5cIDND/0fFEZXazomYz6YP +WC3Qt7ZNqiupAFFmwCKK8isJRa7zKonSJHVLiTAlXvawWUEIgpXofF4SJ7RZlRqo +TpeSqSob87yfYTf+qq2/fyzIsQPw/WBIoB6z3tDRQ61j60KG1P8ILoOiu4znzxUn +DTquyJ+zVmqDJCTcLZWWz+tam70iFEE+Khx3MKlEXpIFRXlQdPIe7F0CW9MZb5vY +JyJunI9T+wqdklWJBVFUBm/KINdgp86snE0X5eeGeensBhWkW+EeZCEULHfdd6Lk +nor0CAECgYEA+N3WRBxpW5GJF4BKCmDxtpRoth5u+RtQAkmAAR/ts1gEr6y8Q4e3 +KUE+T6CEYgDGwZyIII1zJjIWZuicnC0U0u/tg94yj9JIk2roGR4KLGRhIilN9EC5 +x6cQDe27Le4+LcYmyHzjvRq9pdWG1WYjGXOJuD1kqKk4OS6aZsoLPEECgYEAza/o +wUgRWXvsaahlemDd83xn/t0c5rGhg7yT8uQFTRlllGRWtrZfRKwlCfELXmvtIgzL +/Prmbnp8OlsGkp5KlumzFdMvKlANqxMA+prZZ89D25t/n8AfNKeqvtv3om0LDS99 +tXSHAvu+YbbFHXi99qlWzaKtASQEoUHe1OtPAlkCgYBaSxKMj8piIMGetzsl3NqW +Je5/9TbKRvCWg9hfkBgMM+kvW/rKfZkk7LkQ5uphLGrwoDx7oxaeSxn5qHf56hle +FxMT/zBVIjSW1/jx9AY46Qqc/GN+NWWyXJjklNaO6ZvBu90ibL2sROF+I6TSFEaz +20migRPeZdcyWAhJNxEwgQKBgG7y31M645joPqrzmeF8VNzdE1+nt8o8sMnVs9yF +4NIoy+FSim++Sf9J+CS3sBE7mEsQqgwI7rlTOqVjqlT2K3fiEabJJpzlV6oa8yE6 +2+CiLZFM/HeYc3y8oF6ZWqdzuE1he6agd59FWfltVEBEe/uMdnUvtbBy1EiDtoYV +c6XpAoGBALacGB7IEzI0DkP+WdzXnZ0Dhgqg+RwEQgzJl2Aq/qLxOr3Ci6Qzc5/1 +MWFEdKcoDPLC9VvIMu9YeNGE7GGZs4XKftiqyL3ZCg4TWDFkDrUt9rcmmmnqTtPl +r4zF4TPZyCygAFmlhaW6SyMp8Wgl/ysAqwlnlZBnxVLT+J5B0Rfz +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/certs/test-pathlen/chainH-ICA1-pathlen0.pem new file mode 100644 index 000000000..767778cf9 --- /dev/null +++ b/certs/test-pathlen/chainH-ICA1-pathlen0.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c7:f4:a6:7e:f2:cb:4f:6e:04:18:d3:53:d5:cf: + bf:7e:97:d1:74:94:fe:db:ad:61:3f:12:20:67:f3: + 10:83:7b:51:43:a3:0c:20:b7:35:63:f1:0a:ee:59: + 74:82:72:fb:d1:d4:12:71:ec:0e:8f:69:c9:fb:af: + a7:2f:c4:3b:2c:66:34:ab:ac:80:c2:6d:4a:0e:54: + fe:f6:3e:3a:00:25:84:a7:cb:42:d5:e8:47:04:94: + e4:68:c3:f5:32:ad:21:89:d8:5e:f9:88:ee:7d:ce: + 91:a3:16:fc:87:76:1f:2f:1d:4c:b1:2f:3d:4d:f4: + 0a:6c:04:fd:49:cf:51:88:49:c4:03:65:63:1e:c8: + f1:34:1d:44:34:58:af:f5:ec:90:2a:8c:a9:38:7b: + dc:fa:5f:ed:00:ed:08:53:4d:f7:36:10:ed:71:41: + aa:e3:bf:e8:5d:ee:4e:36:39:57:7e:f4:fd:c3:f7: + 8a:52:0f:f1:37:72:2b:ae:90:77:00:d6:7c:ec:ec: + ee:8d:f8:4b:fb:39:0a:45:49:81:31:41:3f:a9:bb: + 7b:1c:8a:cf:31:09:c7:94:a7:70:4a:d4:bb:ea:61: + 3d:9a:a1:8e:1b:8b:02:3b:1f:1f:c4:85:e9:7f:63: + 0c:ea:e5:91:83:a8:5b:25:34:7c:a8:68:eb:97:6f: + 74:99 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 48:80:87:28:EF:E6:28:0F:03:9B:DF:33:48:10:A0:E5:20:B3:69:50 + X509v3 Authority Key Identifier: + keyid:80:49:61:8C:1D:13:08:56:B5:42:68:D5:B2:EA:89:2C:B4:8B:05:87 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainH-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: + d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: + 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: + 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: + 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: + ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: + ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: + d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: + 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: + c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: + d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: + 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: + e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: + 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: + cf:03:8c:6f +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMf0pn7yy09u +BBjTU9XPv36X0XSU/tutYT8SIGfzEIN7UUOjDCC3NWPxCu5ZdIJy+9HUEnHsDo9p +yfuvpy/EOyxmNKusgMJtSg5U/vY+OgAlhKfLQtXoRwSU5GjD9TKtIYnYXvmI7n3O +kaMW/Id2Hy8dTLEvPU30CmwE/UnPUYhJxANlYx7I8TQdRDRYr/XskCqMqTh73Ppf +7QDtCFNN9zYQ7XFBquO/6F3uTjY5V370/cP3ilIP8TdyK66QdwDWfOzs7o34S/s5 +CkVJgTFBP6m7exyKzzEJx5SncErUu+phPZqhjhuLAjsfH8SF6X9jDOrlkYOoWyU0 +fKho65dvdJkCAwEAAaOCARIwggEOMB0GA1UdDgQWBBRIgIco7+YoDwOb3zNIEKDl +ILNpUDCBzgYDVR0jBIHGMIHDgBSASWGMHRMIVrVCaNWy6okstIsFh6GBp6SBpDCB +oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl +YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp +bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB +FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG +2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX +HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj +J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ +xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m +fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA2-key.pem b/certs/test-pathlen/chainH-ICA2-key.pem new file mode 100644 index 000000000..74120de90 --- /dev/null +++ b/certs/test-pathlen/chainH-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA2bWvS7qDAyPfUCiowgws8ATLLQSbHvX0aLzUjrTNRgSi9RSe +PjPWdi1U+dVBtXpHkxpUgKQ9i52A6hw6OrvR1Lbx8qO9nl24hQHXyKAn9mdBlMWV +kRHLlvyVqby1vlh3XCub6SR+i24Qp9U6+gUhJxTY0l+iWBK02b2IGvHnTJ1gMQsf +P4uvOtnKz9RzG7iwPdWWXU6jYo9W6z1M8CFP9IzHVd2m3NkVoRLbc02/GIlCkg6D +vk+q7o+o76EnAXMWKcDojCPI/5VozVNnSeVzsexiYFEg6KZJKPUrFjDoi6Yv9Lc3 +mYwyMJddFr9rXro0H9YbLvx58ABhqqB6L3vSgwIDAQABAoIBAHOkqqTTQdxdJbXy +oxHQXd5w7WvQUoWzqEwqYc4cBB35QIZmmVf5OSY1FjpPKUQ42+QrzE847uhGlb/F +lri0I9WWCBcXGxYQOn+MZw7O4+tjFdbszXHtvfNJ4EX1U6T0YRK4p2zEUePGZ1p/ +TYCZUO7th+7Xleiqpx4yKyYE8RQkWbHCknAOpgYDAQKFdMn1y6oVTihP0QH5FnLK +xnqea9I/U3qEnpSzvDHTMZqAmEPke6//ie44el6vw2Ai93kP3Ct0J6E2uD4xK2tH +tzmNiLUF/3fCSA/WD2FMAaONi6OQGWmVBfoexa8sxY/E3pO1OOY39Eu4ET9h70TB +LS0oPIECgYEA7IISCRoeTsKvIX7YTPBMb5274fl+v9VGQZr4MrPbD4n58/fRlx0T +el5t53LQSk0theSu388Df4u9ft7EJGAqPruYfwJHOwobm0zuYcYl568STmkRkC2Z +P/IyJz+HRA6VGZrihqe5TKF5065yRjsT49O6wYjV6xgJgtLjwTgphfECgYEA66b/ +4USR5SgAuPvAS1rKqcGJzdJ1Expf4HwecQ8G/botXDFscmXVMJ50GUmwLU/eOca8 +MhXQTEc+R3tUNAwYiGWYfZ522wydeLHCdH0YRpodMyII0zkFN6K/0Qq0POjgC4sN +ygrDKTqd9TW/jX/8OxfUcPK+tyV6sI2Mhry+27MCgYBnHQp5924xToYGZ4QsfzQE +EdQhYKKXRof8AHGnwWyHqNNWP7ycUqv0VQk7uH4Bdwaa8qofn+TZjfZPQxZm+ZpR +gX6qGTcvEWgZ3H+uFzLdgSHNF9f1cTv4ekLNg9AYpvbwk+uhY6zRMTGpTcw6vHUe +hmhNCrihZ/h1ljaAPlk0MQKBgQChX0AUtE8wXN95zbRWJftomkdS8g8IIOSNJpH2 +HDNOZ0MOwi2gfUmrvKaGdqa1sN7eM9DGf5ef1J26d6Mm7S2Tofb19yEvSglAEIK4 +IL4SAxGB5Ymjk4WWHtY6QZlBqLtcTEIKHKqevixTMhZVwNIqaVwqaKDfbEQDSTt1 +PSV57wKBgDDcqeUafap/pJlUyISHxb06etZnvAmpt5N7POaCcZ9uYBE/eya9alGA +18tMB0TcBXnmuXmP+GPVlZrc/uu7psC+Fs7a2/d1dnpGmzAP9KD+riC8/ILBXaoh +Izs5E2WMKU8uV9cTG89P/qK8NXCa+m35RuBMDAYO7aAVQkBn17JC +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/certs/test-pathlen/chainH-ICA2-pathlen2.pem new file mode 100644 index 000000000..38a3d79af --- /dev/null +++ b/certs/test-pathlen/chainH-ICA2-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d9:b5:af:4b:ba:83:03:23:df:50:28:a8:c2:0c: + 2c:f0:04:cb:2d:04:9b:1e:f5:f4:68:bc:d4:8e:b4: + cd:46:04:a2:f5:14:9e:3e:33:d6:76:2d:54:f9:d5: + 41:b5:7a:47:93:1a:54:80:a4:3d:8b:9d:80:ea:1c: + 3a:3a:bb:d1:d4:b6:f1:f2:a3:bd:9e:5d:b8:85:01: + d7:c8:a0:27:f6:67:41:94:c5:95:91:11:cb:96:fc: + 95:a9:bc:b5:be:58:77:5c:2b:9b:e9:24:7e:8b:6e: + 10:a7:d5:3a:fa:05:21:27:14:d8:d2:5f:a2:58:12: + b4:d9:bd:88:1a:f1:e7:4c:9d:60:31:0b:1f:3f:8b: + af:3a:d9:ca:cf:d4:73:1b:b8:b0:3d:d5:96:5d:4e: + a3:62:8f:56:eb:3d:4c:f0:21:4f:f4:8c:c7:55:dd: + a6:dc:d9:15:a1:12:db:73:4d:bf:18:89:42:92:0e: + 83:be:4f:aa:ee:8f:a8:ef:a1:27:01:73:16:29:c0: + e8:8c:23:c8:ff:95:68:cd:53:67:49:e5:73:b1:ec: + 62:60:51:20:e8:a6:49:28:f5:2b:16:30:e8:8b:a6: + 2f:f4:b7:37:99:8c:32:30:97:5d:16:bf:6b:5e:ba: + 34:1f:d6:1b:2e:fc:79:f0:00:61:aa:a0:7a:2f:7b: + d2:83 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 80:49:61:8C:1D:13:08:56:B5:42:68:D5:B2:EA:89:2C:B4:8B:05:87 + X509v3 Authority Key Identifier: + keyid:56:54:36:BE:23:2F:20:89:6D:A6:BA:9A:45:A4:88:0E:40:35:FD:F5 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainH-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: + cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: + 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: + 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: + cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: + d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: + c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: + f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: + 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: + 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: + 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: + e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: + 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: + 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: + ec:b2:af:6c +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANm1r0u6gwMj +31AoqMIMLPAEyy0Emx719Gi81I60zUYEovUUnj4z1nYtVPnVQbV6R5MaVICkPYud +gOocOjq70dS28fKjvZ5duIUB18igJ/ZnQZTFlZERy5b8lam8tb5Yd1wrm+kkfotu +EKfVOvoFIScU2NJfolgStNm9iBrx50ydYDELHz+LrzrZys/Ucxu4sD3Vll1Oo2KP +Vus9TPAhT/SMx1XdptzZFaES23NNvxiJQpIOg75Pqu6PqO+hJwFzFinA6IwjyP+V +aM1TZ0nlc7HsYmBRIOimSSj1KxYw6IumL/S3N5mMMjCXXRa/a166NB/WGy78efAA +Yaqgei970oMCAwEAAaOCARIwggEOMB0GA1UdDgQWBBSASWGMHRMIVrVCaNWy6oks +tIsFhzCBzgYDVR0jBIHGMIHDgBRWVDa+Iy8giW2muppFpIgOQDX99aGBp6SBpDCB +oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl +YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp +bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB +FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l +HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN +bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np +uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch +gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY +MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA3-key.pem b/certs/test-pathlen/chainH-ICA3-key.pem new file mode 100644 index 000000000..8128e7d32 --- /dev/null +++ b/certs/test-pathlen/chainH-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAt7MaG0qAG6LllRS8VeR33PN7ip80fJPbycnQi7iHRWXToX1G +83CSqddm7zu0qBaw8L5ncKpFewm8ynfbV6QkVAsa2l+tZKPxSYO8n13EtNpDBKrM +w7BNwvFzyTgNTMmr298Js1wVC2Z5rWxj0TjMpi1Gg84ZHcELbvw4t9iMom8ph5sh +zbBr4PgfA9uCHY2YYxa2dEdDIPKhSxaLZ/28c3ib+d26SdlgqbeFZn+kKgXILZOg +m6q/pjHh8sjTG3t50bZsrjtrAC5urhDcbIjcG5PoVpmNRn5JOoegswDMLjuD4Ws5 +FnFHRzBta2ycn+bO7CAvj8Fd79OEMmylzHj+oQIDAQABAoIBABWgBOu/inM2avZw +2Xb3DVE6bIm2EjS0J0SK+HzqPSpjQVWabNbNosZRsDFrguniufOtRnoR4VoJnGrt +TynzDb/DCuc4Ki5VylrQIk1UeYqcwxTykmZbA9x2Fh5S9eXbO9sHV5oAtg2Ag8Rx +pRKFMDpDzDBJ+9Tv28u172tdF7krT7mDQ+Qtiw8XaGIfudutgz16j+QEy/7G+elo +9ZyAtvUENTy+8/ds5hjwuSUUf7krIgJYj3UibYVHgZepJ7skkc8gMGEFCRYgI9p1 +SheBWQvVZUYHw7WJ/QOsCWPRVS++OtcS0LWQ5MSilbGjlDlWLL2Qxhd4Zh15l+yf +2gz26U0CgYEA58tbPKbyOJ9J4IvwZpQaJlZLCJzKyk6JAAI9gSnGUhfBCQ7VOprK +QWMDFQKTSd9THZcdQZ4MeO5jGvBm9b5PUdq+fuAVr6eYBFOAUZEDY9qJELHmQb9X +9hAH/1Oe/MZ2hTC0DlYkJLS7KwmD6arGmQ092WtmTLk2supqFTyLd48CgYEAyuIC +3BxxLTrDZgD9dTb7Kb8W9P+Do4qbg1drRdsftUra54i1Uhy6/PiiHqLZLhIxjIJE +zbJD90osUm9cV+3FKRHhFTf8DTNzAsXFcxsd7FouAwgL3eJYHOQvGGbS9gbdKlCQ +rtYl+BTaHzw0fdX0X9JKgas5iKxRto/9TK1+js8CgYEAys2F2h9HNntHrAtEHrvd +1UUTCUoFs9Pa0gMjxOrD9feKkV5E+a2M4IC8pZlHPQ8ELZOVqV+bEgOg+mTz8Ha9 +96Qnn+J3luRPgRl939+805TU76J3D3dWgpesJ50GMauC7y2ZnCGKJgNq71C39a3R +bP/E6YGqU96JGSk3/7SlYckCgYAKGeyohuX/qYBXEM+NyXoB3xjGg/5K4zjQ9kZK +CRnwDdUOWBknCHUq6ToxKkyD5bX/1/CTCUAnDNNeG1tOqXD6lYBObSYohhpA1hX5 +oC0COo816W2l04ItlhLeNShlxXu3gqFhgxoK2wbtLTMz3LY5GyBIinzn2CSNYWfs +LGszswKBgQCtvS5okoPtkuhxb4T93fCtBbP1EJVSNaHPtBN42iY++hr9vfQo8VpN +p/pWrC7NQGjqvEzI2sKZbQZVsqvKGjLWB0i4CiFURXgm7hsp3syrpQ1InNKgV1dk +PAib3V9HdSDF/kxRuqppICK3r3qXYBBmtggHV96wzggHhHklSrSCHg== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/certs/test-pathlen/chainH-ICA3-pathlen2.pem new file mode 100644 index 000000000..563e9156a --- /dev/null +++ b/certs/test-pathlen/chainH-ICA3-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b7:b3:1a:1b:4a:80:1b:a2:e5:95:14:bc:55:e4: + 77:dc:f3:7b:8a:9f:34:7c:93:db:c9:c9:d0:8b:b8: + 87:45:65:d3:a1:7d:46:f3:70:92:a9:d7:66:ef:3b: + b4:a8:16:b0:f0:be:67:70:aa:45:7b:09:bc:ca:77: + db:57:a4:24:54:0b:1a:da:5f:ad:64:a3:f1:49:83: + bc:9f:5d:c4:b4:da:43:04:aa:cc:c3:b0:4d:c2:f1: + 73:c9:38:0d:4c:c9:ab:db:df:09:b3:5c:15:0b:66: + 79:ad:6c:63:d1:38:cc:a6:2d:46:83:ce:19:1d:c1: + 0b:6e:fc:38:b7:d8:8c:a2:6f:29:87:9b:21:cd:b0: + 6b:e0:f8:1f:03:db:82:1d:8d:98:63:16:b6:74:47: + 43:20:f2:a1:4b:16:8b:67:fd:bc:73:78:9b:f9:dd: + ba:49:d9:60:a9:b7:85:66:7f:a4:2a:05:c8:2d:93: + a0:9b:aa:bf:a6:31:e1:f2:c8:d3:1b:7b:79:d1:b6: + 6c:ae:3b:6b:00:2e:6e:ae:10:dc:6c:88:dc:1b:93: + e8:56:99:8d:46:7e:49:3a:87:a0:b3:00:cc:2e:3b: + 83:e1:6b:39:16:71:47:47:30:6d:6b:6c:9c:9f:e6: + ce:ec:20:2f:8f:c1:5d:ef:d3:84:32:6c:a5:cc:78: + fe:a1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 56:54:36:BE:23:2F:20:89:6D:A6:BA:9A:45:A4:88:0E:40:35:FD:F5 + X509v3 Authority Key Identifier: + keyid:18:6D:44:83:EE:1F:EC:B4:22:F0:9C:EB:54:1E:4A:15:58:01:AA:13 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: + 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: + eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: + 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: + 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: + 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: + 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: + 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: + 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: + fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: + df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: + e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: + 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: + 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: + 7e:4b:ec:a0 +-----BEGIN CERTIFICATE----- +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALezGhtKgBui +5ZUUvFXkd9zze4qfNHyT28nJ0Iu4h0Vl06F9RvNwkqnXZu87tKgWsPC+Z3CqRXsJ +vMp321ekJFQLGtpfrWSj8UmDvJ9dxLTaQwSqzMOwTcLxc8k4DUzJq9vfCbNcFQtm +ea1sY9E4zKYtRoPOGR3BC278OLfYjKJvKYebIc2wa+D4HwPbgh2NmGMWtnRHQyDy +oUsWi2f9vHN4m/nduknZYKm3hWZ/pCoFyC2ToJuqv6Yx4fLI0xt7edG2bK47awAu +bq4Q3GyI3BuT6FaZjUZ+STqHoLMAzC47g+FrORZxR0cwbWtsnJ/mzuwgL4/BXe/T +hDJspcx4/qECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBRWVDa+Iy8giW2muppFpIgO +QDX99TCBwQYDVR0jBIG5MIG2gBQYbUSD7h/stCLwnOtUHkoVWAGqE6GBmqSBlzCB +lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN +AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts +wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX +CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg +GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z +UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 +CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA4-key.pem b/certs/test-pathlen/chainH-ICA4-key.pem new file mode 100644 index 000000000..91ef6cf8f --- /dev/null +++ b/certs/test-pathlen/chainH-ICA4-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAu/Mvis2eh/EB86TALWY21xEuZAjo8Zn6ppz0vTtHctIOWJ0+ +Uufao0N4w8OT5gTTq1GKGiQOemJZqsZCnmbBYV4xsU3cN6kYdo3+ywlUP0+7X6u6 +cOm0oV6gaX5FP8DMeOnydGR5wmoW0JgwgkRKs5ksZjCsmYIEKr8PYIkENvop0whW +YWqoM0CaU30gqFFvm6DZPtyaix03nq3J/VOnBNwfNj7TZVKEJGHQTuJBYL/7/bIE +sz/rFJlevOh96WXRP/4ESeW7oy3j25bf2YGgMtcBubgCjrmiHwrUJBc6GQ9tOhBf +XH24VoLHf0DwLYdjwbHYZMc8JxNKY4IhsfI56QIDAQABAoIBAFR1/Vhn/KTkdlcS +I1aDh4NwciN8KYphAtWa1RSwrfP4V4AU8av6CzOxH3UBz9XfN2vWkbQbnfH7foYS +4F8kmCR0WuptrdfJgnfMacK+J4DoCLD+kCMrswONbZLarq3uqzRvFYiemmT2ndgR +fEMeA1/gJqapmvbFCbBX+cYM7LrzPIt7vsgg1u9hyNPVznWqKlukfCtQD1cmjeyr +qG54AWvhD9sQPCtLsoC7D0mPn5Yh37gbT6A724BevSsSfSZSzqOxvl+NLZpk7vRW +dH4ZmdY6We7fVRZUY48bsjVK8k44aMhu8Xlj4vhDOxEiLStthdOnyNEulddJ/tH0 +QfDyiZ0CgYEA8UXWpgMnO3TWIQz2d3FUfHx1q21aefyHjNW0KFeUMWpI0rgTYkqi +HdFXYFsAD5t8MJaBbUHk3Czze9xSfgRnvku7fFaKmtrwFSzSccxXu9Mlm87ilpyo +EuNHJOoWSbq6oEG7F9JKg8so0V0vmWr1fI1VZarMiypcnEK2MezoPe8CgYEAx2wd +8jkUn9O/3/HdfKLUTcbJIVrxIdd0N9WyHASc7Oh2vOSrc+y3UhN35FRywaqwKf52 +pV86Uy6GFbHZkE/OHBOphtpRKkufWblZ4T89YYmHIl3gFmyIH/djQcNiwhAGG7l/ +hEMXz/aWfhRA3chYKEQAjEYUdtGVU5RsHMkuXacCgYBiDHibhIKIBgYS7lqm1ZZ4 +9Hc5UDpJgpdvY1VQY67kmgW4JHg0JJJXPcCddr3CmfRRJoi4ZuPjmhzkw/d+ILos +OkiZ0e2H2ttgL5PiDSHGQZtyAxRQEp+29UfvN3YRRmIbSDsJBjuj7YbL9mumlDHp +COKga1WuZGu4UOALz/PdXwKBgFgyAKx3gh+NTnaESSgt+ybKm3kc9ze4SbXH1JV/ +lMdRp/GyUAFc11Z9NbDNiFMOYgqwd1h73Reco8BEf6vLH6RbLcZuFydVeov75Tww +87yHTjRswAYqyakZh9Q1zR92Zr0sNLER2x4mODhaTLXJPPPR30wqUjKaTihAo++3 +KcJRAoGBAJGLpOLNckpY2tzOmFRPjCrIRa1b3f4PzNPJ15p+g6jVcnzjnIraJ+4M +R3ELPL7a/jhJJ5JsqQrg2BcSfPQitxgflaU/qsiUR0WFckPO4BQ4qx1X0bSgNxhO +bh9fipjlH39U+UV4N9CR7Bkw+p1wLUF4ZR4ElAHAzgrh6WdZZGEX +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/certs/test-pathlen/chainH-ICA4-pathlen2.pem new file mode 100644 index 000000000..91aa44ad3 --- /dev/null +++ b/certs/test-pathlen/chainH-ICA4-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:f3:2f:8a:cd:9e:87:f1:01:f3:a4:c0:2d:66: + 36:d7:11:2e:64:08:e8:f1:99:fa:a6:9c:f4:bd:3b: + 47:72:d2:0e:58:9d:3e:52:e7:da:a3:43:78:c3:c3: + 93:e6:04:d3:ab:51:8a:1a:24:0e:7a:62:59:aa:c6: + 42:9e:66:c1:61:5e:31:b1:4d:dc:37:a9:18:76:8d: + fe:cb:09:54:3f:4f:bb:5f:ab:ba:70:e9:b4:a1:5e: + a0:69:7e:45:3f:c0:cc:78:e9:f2:74:64:79:c2:6a: + 16:d0:98:30:82:44:4a:b3:99:2c:66:30:ac:99:82: + 04:2a:bf:0f:60:89:04:36:fa:29:d3:08:56:61:6a: + a8:33:40:9a:53:7d:20:a8:51:6f:9b:a0:d9:3e:dc: + 9a:8b:1d:37:9e:ad:c9:fd:53:a7:04:dc:1f:36:3e: + d3:65:52:84:24:61:d0:4e:e2:41:60:bf:fb:fd:b2: + 04:b3:3f:eb:14:99:5e:bc:e8:7d:e9:65:d1:3f:fe: + 04:49:e5:bb:a3:2d:e3:db:96:df:d9:81:a0:32:d7: + 01:b9:b8:02:8e:b9:a2:1f:0a:d4:24:17:3a:19:0f: + 6d:3a:10:5f:5c:7d:b8:56:82:c7:7f:40:f0:2d:87: + 63:c1:b1:d8:64:c7:3c:27:13:4a:63:82:21:b1:f2: + 39:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 18:6D:44:83:EE:1F:EC:B4:22:F0:9C:EB:54:1E:4A:15:58:01:AA:13 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: + 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: + fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: + be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: + 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: + 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: + 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: + 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: + 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: + c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: + 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: + 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: + b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: + e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: + 0f:90:4c:f8 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/Mvis2eh/EB86TALWY21xEuZAjo +8Zn6ppz0vTtHctIOWJ0+Uufao0N4w8OT5gTTq1GKGiQOemJZqsZCnmbBYV4xsU3c +N6kYdo3+ywlUP0+7X6u6cOm0oV6gaX5FP8DMeOnydGR5wmoW0JgwgkRKs5ksZjCs +mYIEKr8PYIkENvop0whWYWqoM0CaU30gqFFvm6DZPtyaix03nq3J/VOnBNwfNj7T +ZVKEJGHQTuJBYL/7/bIEsz/rFJlevOh96WXRP/4ESeW7oy3j25bf2YGgMtcBubgC +jrmiHwrUJBc6GQ9tOhBfXH24VoLHf0DwLYdjwbHYZMc8JxNKY4IhsfI56QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt +Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP +sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM +MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl +zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni +nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-assembled.pem b/certs/test-pathlen/chainH-assembled.pem new file mode 100644 index 000000000..402c392b8 --- /dev/null +++ b/certs/test-pathlen/chainH-assembled.pem @@ -0,0 +1,443 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:ba:ed:ab:c0:0d:92:6c:10:e4:50:9f:7c:98:cc: + 87:fd:28:34:77:c0:58:28:52:2c:28:97:80:ec:78: + 02:4f:f4:ca:60:f8:1d:e7:6a:04:52:2e:75:85:42: + 74:76:00:e4:70:84:b8:51:8e:29:2e:7f:b6:ad:df: + 6d:09:b4:4f:11:54:1e:88:16:e2:0e:af:30:f0:3d: + a7:da:9f:4e:0d:94:5b:05:51:9c:cc:05:65:8d:6b: + 1e:3c:79:5b:26:7e:cb:ae:e9:9a:71:69:92:41:9b: + 1a:cd:b4:53:0b:fb:2e:40:c4:e3:b1:5e:b8:8b:f8: + cf:0a:ec:5f:07:10:18:54:f8:8a:7d:35:97:7a:7a: + 98:ea:93:2d:1b:e6:44:16:3f:cc:a7:4c:b9:cf:b5: + 0b:09:47:b3:b8:8e:02:1a:56:69:37:b7:49:a4:59: + 90:a3:20:88:f3:87:77:e8:39:0d:39:36:a5:56:b3: + ec:4b:f3:5e:8b:c2:cd:47:0c:d9:56:ce:32:f7:71: + 33:db:7f:7d:c6:1e:7e:71:c1:01:06:98:9e:52:98: + 9d:d7:9d:4a:32:94:3c:5a:42:66:00:ca:e2:a3:35: + db:b7:f3:27:0b:9c:fa:1b:99:4b:51:fa:6c:25:90: + f5:76:8c:d9:0d:80:8c:ac:61:eb:4d:92:12:6d:5f: + 12:e5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + ED:62:FB:8F:91:CB:DE:B0:C8:89:CE:BA:B5:80:A8:47:F1:72:16:05 + X509v3 Authority Key Identifier: + keyid:48:80:87:28:EF:E6:28:0F:03:9B:DF:33:48:10:A0:E5:20:B3:69:50 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainH-ICA2-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: + d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: + 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: + fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: + 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: + 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: + d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: + 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: + e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: + 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: + d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: + cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: + c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: + 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: + 86:2f:da:d9 +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu2rwA2SbBDkUJ98mMyH +/Sg0d8BYKFIsKJeA7HgCT/TKYPgd52oEUi51hUJ0dgDkcIS4UY4pLn+2rd9tCbRP +EVQeiBbiDq8w8D2n2p9ODZRbBVGczAVljWsePHlbJn7LrumacWmSQZsazbRTC/su +QMTjsV64i/jPCuxfBxAYVPiKfTWXenqY6pMtG+ZEFj/Mp0y5z7ULCUezuI4CGlZp +N7dJpFmQoyCI84d36DkNOTalVrPsS/Nei8LNRwzZVs4y93Ez2399xh5+ccEBBpie +Upid151KMpQ8WkJmAMriozXbt/MnC5z6G5lLUfpsJZD1dozZDYCMrGHrTZISbV8S +5QIDAQABo4H+MIH7MB0GA1UdDgQWBBTtYvuPkcvesMiJzrq1gKhH8XIWBTCBzgYD +VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg +6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN +svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb +i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS +si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC +8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva +Cy5boaUAb4Yv2tk= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:c7:f4:a6:7e:f2:cb:4f:6e:04:18:d3:53:d5:cf: + bf:7e:97:d1:74:94:fe:db:ad:61:3f:12:20:67:f3: + 10:83:7b:51:43:a3:0c:20:b7:35:63:f1:0a:ee:59: + 74:82:72:fb:d1:d4:12:71:ec:0e:8f:69:c9:fb:af: + a7:2f:c4:3b:2c:66:34:ab:ac:80:c2:6d:4a:0e:54: + fe:f6:3e:3a:00:25:84:a7:cb:42:d5:e8:47:04:94: + e4:68:c3:f5:32:ad:21:89:d8:5e:f9:88:ee:7d:ce: + 91:a3:16:fc:87:76:1f:2f:1d:4c:b1:2f:3d:4d:f4: + 0a:6c:04:fd:49:cf:51:88:49:c4:03:65:63:1e:c8: + f1:34:1d:44:34:58:af:f5:ec:90:2a:8c:a9:38:7b: + dc:fa:5f:ed:00:ed:08:53:4d:f7:36:10:ed:71:41: + aa:e3:bf:e8:5d:ee:4e:36:39:57:7e:f4:fd:c3:f7: + 8a:52:0f:f1:37:72:2b:ae:90:77:00:d6:7c:ec:ec: + ee:8d:f8:4b:fb:39:0a:45:49:81:31:41:3f:a9:bb: + 7b:1c:8a:cf:31:09:c7:94:a7:70:4a:d4:bb:ea:61: + 3d:9a:a1:8e:1b:8b:02:3b:1f:1f:c4:85:e9:7f:63: + 0c:ea:e5:91:83:a8:5b:25:34:7c:a8:68:eb:97:6f: + 74:99 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 48:80:87:28:EF:E6:28:0F:03:9B:DF:33:48:10:A0:E5:20:B3:69:50 + X509v3 Authority Key Identifier: + keyid:80:49:61:8C:1D:13:08:56:B5:42:68:D5:B2:EA:89:2C:B4:8B:05:87 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainH-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:0 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: + d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: + 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: + 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: + 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: + ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: + ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: + d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: + 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: + c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: + d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: + 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: + e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: + 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: + cf:03:8c:6f +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMf0pn7yy09u +BBjTU9XPv36X0XSU/tutYT8SIGfzEIN7UUOjDCC3NWPxCu5ZdIJy+9HUEnHsDo9p +yfuvpy/EOyxmNKusgMJtSg5U/vY+OgAlhKfLQtXoRwSU5GjD9TKtIYnYXvmI7n3O +kaMW/Id2Hy8dTLEvPU30CmwE/UnPUYhJxANlYx7I8TQdRDRYr/XskCqMqTh73Ppf +7QDtCFNN9zYQ7XFBquO/6F3uTjY5V370/cP3ilIP8TdyK66QdwDWfOzs7o34S/s5 +CkVJgTFBP6m7exyKzzEJx5SncErUu+phPZqhjhuLAjsfH8SF6X9jDOrlkYOoWyU0 +fKho65dvdJkCAwEAAaOCARIwggEOMB0GA1UdDgQWBBRIgIco7+YoDwOb3zNIEKDl +ILNpUDCBzgYDVR0jBIHGMIHDgBSASWGMHRMIVrVCaNWy6okstIsFh6GBp6SBpDCB +oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl +YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp +bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB +FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG +2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX +HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj +J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ +xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m +fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d9:b5:af:4b:ba:83:03:23:df:50:28:a8:c2:0c: + 2c:f0:04:cb:2d:04:9b:1e:f5:f4:68:bc:d4:8e:b4: + cd:46:04:a2:f5:14:9e:3e:33:d6:76:2d:54:f9:d5: + 41:b5:7a:47:93:1a:54:80:a4:3d:8b:9d:80:ea:1c: + 3a:3a:bb:d1:d4:b6:f1:f2:a3:bd:9e:5d:b8:85:01: + d7:c8:a0:27:f6:67:41:94:c5:95:91:11:cb:96:fc: + 95:a9:bc:b5:be:58:77:5c:2b:9b:e9:24:7e:8b:6e: + 10:a7:d5:3a:fa:05:21:27:14:d8:d2:5f:a2:58:12: + b4:d9:bd:88:1a:f1:e7:4c:9d:60:31:0b:1f:3f:8b: + af:3a:d9:ca:cf:d4:73:1b:b8:b0:3d:d5:96:5d:4e: + a3:62:8f:56:eb:3d:4c:f0:21:4f:f4:8c:c7:55:dd: + a6:dc:d9:15:a1:12:db:73:4d:bf:18:89:42:92:0e: + 83:be:4f:aa:ee:8f:a8:ef:a1:27:01:73:16:29:c0: + e8:8c:23:c8:ff:95:68:cd:53:67:49:e5:73:b1:ec: + 62:60:51:20:e8:a6:49:28:f5:2b:16:30:e8:8b:a6: + 2f:f4:b7:37:99:8c:32:30:97:5d:16:bf:6b:5e:ba: + 34:1f:d6:1b:2e:fc:79:f0:00:61:aa:a0:7a:2f:7b: + d2:83 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 80:49:61:8C:1D:13:08:56:B5:42:68:D5:B2:EA:89:2C:B4:8B:05:87 + X509v3 Authority Key Identifier: + keyid:56:54:36:BE:23:2F:20:89:6D:A6:BA:9A:45:A4:88:0E:40:35:FD:F5 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainH-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: + cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: + 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: + 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: + cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: + d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: + c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: + f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: + 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: + 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: + 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: + e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: + 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: + 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: + ec:b2:af:6c +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANm1r0u6gwMj +31AoqMIMLPAEyy0Emx719Gi81I60zUYEovUUnj4z1nYtVPnVQbV6R5MaVICkPYud +gOocOjq70dS28fKjvZ5duIUB18igJ/ZnQZTFlZERy5b8lam8tb5Yd1wrm+kkfotu +EKfVOvoFIScU2NJfolgStNm9iBrx50ydYDELHz+LrzrZys/Ucxu4sD3Vll1Oo2KP +Vus9TPAhT/SMx1XdptzZFaES23NNvxiJQpIOg75Pqu6PqO+hJwFzFinA6IwjyP+V +aM1TZ0nlc7HsYmBRIOimSSj1KxYw6IumL/S3N5mMMjCXXRa/a166NB/WGy78efAA +Yaqgei970oMCAwEAAaOCARIwggEOMB0GA1UdDgQWBBSASWGMHRMIVrVCaNWy6oks +tIsFhzCBzgYDVR0jBIHGMIHDgBRWVDa+Iy8giW2muppFpIgOQDX99aGBp6SBpDCB +oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl +YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp +bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB +FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD +AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l +HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN +bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np +uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch +gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY +MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b7:b3:1a:1b:4a:80:1b:a2:e5:95:14:bc:55:e4: + 77:dc:f3:7b:8a:9f:34:7c:93:db:c9:c9:d0:8b:b8: + 87:45:65:d3:a1:7d:46:f3:70:92:a9:d7:66:ef:3b: + b4:a8:16:b0:f0:be:67:70:aa:45:7b:09:bc:ca:77: + db:57:a4:24:54:0b:1a:da:5f:ad:64:a3:f1:49:83: + bc:9f:5d:c4:b4:da:43:04:aa:cc:c3:b0:4d:c2:f1: + 73:c9:38:0d:4c:c9:ab:db:df:09:b3:5c:15:0b:66: + 79:ad:6c:63:d1:38:cc:a6:2d:46:83:ce:19:1d:c1: + 0b:6e:fc:38:b7:d8:8c:a2:6f:29:87:9b:21:cd:b0: + 6b:e0:f8:1f:03:db:82:1d:8d:98:63:16:b6:74:47: + 43:20:f2:a1:4b:16:8b:67:fd:bc:73:78:9b:f9:dd: + ba:49:d9:60:a9:b7:85:66:7f:a4:2a:05:c8:2d:93: + a0:9b:aa:bf:a6:31:e1:f2:c8:d3:1b:7b:79:d1:b6: + 6c:ae:3b:6b:00:2e:6e:ae:10:dc:6c:88:dc:1b:93: + e8:56:99:8d:46:7e:49:3a:87:a0:b3:00:cc:2e:3b: + 83:e1:6b:39:16:71:47:47:30:6d:6b:6c:9c:9f:e6: + ce:ec:20:2f:8f:c1:5d:ef:d3:84:32:6c:a5:cc:78: + fe:a1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 56:54:36:BE:23:2F:20:89:6D:A6:BA:9A:45:A4:88:0E:40:35:FD:F5 + X509v3 Authority Key Identifier: + keyid:18:6D:44:83:EE:1F:EC:B4:22:F0:9C:EB:54:1E:4A:15:58:01:AA:13 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: + 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: + eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: + 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: + 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: + 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: + 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: + 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: + 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: + fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: + df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: + e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: + 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: + 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: + 7e:4b:ec:a0 +-----BEGIN CERTIFICATE----- +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD +DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm +c3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALezGhtKgBui +5ZUUvFXkd9zze4qfNHyT28nJ0Iu4h0Vl06F9RvNwkqnXZu87tKgWsPC+Z3CqRXsJ +vMp321ekJFQLGtpfrWSj8UmDvJ9dxLTaQwSqzMOwTcLxc8k4DUzJq9vfCbNcFQtm +ea1sY9E4zKYtRoPOGR3BC278OLfYjKJvKYebIc2wa+D4HwPbgh2NmGMWtnRHQyDy +oUsWi2f9vHN4m/nduknZYKm3hWZ/pCoFyC2ToJuqv6Yx4fLI0xt7edG2bK47awAu +bq4Q3GyI3BuT6FaZjUZ+STqHoLMAzC47g+FrORZxR0cwbWtsnJ/mzuwgL4/BXe/T +hDJspcx4/qECAwEAAaOCAQUwggEBMB0GA1UdDgQWBBRWVDa+Iy8giW2muppFpIgO +QDX99TCBwQYDVR0jBIG5MIG2gBQYbUSD7h/stCLwnOtUHkoVWAGqE6GBmqSBlzCB +lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt +YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD +VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN +AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts +wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX +CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg +GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z +UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 +CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:f3:2f:8a:cd:9e:87:f1:01:f3:a4:c0:2d:66: + 36:d7:11:2e:64:08:e8:f1:99:fa:a6:9c:f4:bd:3b: + 47:72:d2:0e:58:9d:3e:52:e7:da:a3:43:78:c3:c3: + 93:e6:04:d3:ab:51:8a:1a:24:0e:7a:62:59:aa:c6: + 42:9e:66:c1:61:5e:31:b1:4d:dc:37:a9:18:76:8d: + fe:cb:09:54:3f:4f:bb:5f:ab:ba:70:e9:b4:a1:5e: + a0:69:7e:45:3f:c0:cc:78:e9:f2:74:64:79:c2:6a: + 16:d0:98:30:82:44:4a:b3:99:2c:66:30:ac:99:82: + 04:2a:bf:0f:60:89:04:36:fa:29:d3:08:56:61:6a: + a8:33:40:9a:53:7d:20:a8:51:6f:9b:a0:d9:3e:dc: + 9a:8b:1d:37:9e:ad:c9:fd:53:a7:04:dc:1f:36:3e: + d3:65:52:84:24:61:d0:4e:e2:41:60:bf:fb:fd:b2: + 04:b3:3f:eb:14:99:5e:bc:e8:7d:e9:65:d1:3f:fe: + 04:49:e5:bb:a3:2d:e3:db:96:df:d9:81:a0:32:d7: + 01:b9:b8:02:8e:b9:a2:1f:0a:d4:24:17:3a:19:0f: + 6d:3a:10:5f:5c:7d:b8:56:82:c7:7f:40:f0:2d:87: + 63:c1:b1:d8:64:c7:3c:27:13:4a:63:82:21:b1:f2: + 39:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 18:6D:44:83:EE:1F:EC:B4:22:F0:9C:EB:54:1E:4A:15:58:01:AA:13 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: + 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: + fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: + be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: + 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: + 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: + 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: + 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: + 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: + c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: + 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: + 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: + b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: + e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: + 0f:90:4c:f8 +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw +MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/Mvis2eh/EB86TALWY21xEuZAjo +8Zn6ppz0vTtHctIOWJ0+Uufao0N4w8OT5gTTq1GKGiQOemJZqsZCnmbBYV4xsU3c +N6kYdo3+ywlUP0+7X6u6cOm0oV6gaX5FP8DMeOnydGR5wmoW0JgwgkRKs5ksZjCs +mYIEKr8PYIkENvop0whWYWqoM0CaU30gqFFvm6DZPtyaix03nq3J/VOnBNwfNj7T +ZVKEJGHQTuJBYL/7/bIEsz/rFJlevOh96WXRP/4ESeW7oy3j25bf2YGgMtcBubgC +jrmiHwrUJBc6GQ9tOhBfXH24VoLHf0DwLYdjwbHYZMc8JxNKY4IhsfI56QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA +A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt +Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP +sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM +MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl +zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni +nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-entity-key.pem b/certs/test-pathlen/chainH-entity-key.pem new file mode 100644 index 000000000..4b374bc49 --- /dev/null +++ b/certs/test-pathlen/chainH-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAuu2rwA2SbBDkUJ98mMyH/Sg0d8BYKFIsKJeA7HgCT/TKYPgd +52oEUi51hUJ0dgDkcIS4UY4pLn+2rd9tCbRPEVQeiBbiDq8w8D2n2p9ODZRbBVGc +zAVljWsePHlbJn7LrumacWmSQZsazbRTC/suQMTjsV64i/jPCuxfBxAYVPiKfTWX +enqY6pMtG+ZEFj/Mp0y5z7ULCUezuI4CGlZpN7dJpFmQoyCI84d36DkNOTalVrPs +S/Nei8LNRwzZVs4y93Ez2399xh5+ccEBBpieUpid151KMpQ8WkJmAMriozXbt/Mn +C5z6G5lLUfpsJZD1dozZDYCMrGHrTZISbV8S5QIDAQABAoIBAE9VKz05BVmD2cI1 +zcVzmItiktH3+fIy3bbkhbzWOfUBKRr6coaSQf825H2H9LFYM5tlWGyUbvnjDf7B +Ah/KPHxYPRT40Tv2MkjjgeeREKlGu1KIjokwCSd5vL1hq8OssHktf3R+n6nkT/3Z +eB1vnvOyHAhc8OnG0OgL5VC0Df+ROj1gT8wgU2HUcMQj4A+TaSsEC6DHfHpASLZ+ +prpLyrAiNStQqGmt3hZhgnCaezeQkEAHUSIvqQ9KLBXjgwzXRgEWk5JZSv00z8RA +dK3pJAlyVDhC7Lz5eSs8GWIPMmfM9DTFDICdBOnaCCGeBiWVKu7LQxWTCYZbYGjJ +Txurx4kCgYEA4gG6oTgI1CRwcVfOpVCX/Il5F3Lsro20/MmXjCl1DXZA18eEjLHd +v5AZuGybGUhXq4AtM5CdeUw0Jw0+lASm94sjhK7+S+Slb1SpVAzrkbPuzBuvMtqT +63x/RVX9WX3GkGcdsB05/f6mBPGwSYin8ruvST5o/dcBQgQEAbXLcZMCgYEA07xO +5pvVHwIvJ0NqGsX94cQO4jZRbx0wNFu9ztx6vkHxNtBtO86+Sb68b0KBxZuIlsK9 +3HwUDpov1eIv+Mb3qHf8uEb8XmxrFBLyl+nF60JTUrteBWDj7e9nYGA1VYoYdrAC +kiQt4dGGJwfRv8P/JpbNa0egX9yj9DAeIJNllKcCgYBcvdLkx0awLwfJKvwMUGcd +5RfArJM9Cb9kICFFDdoPnR/8q83TokVZj3tOd5qppEr9gEqMJ2LHXKLmB4RPXx1Y +5Uq87sZBRGEyry4Q5IBiONDcBtw85P7gGiVrwV6GM5ugs/+1vjiG5tEfpEHv2tj4 +PVYvmyGgUHMesOEoBn6mawKBgFtnu5gKReLxCnIkxDVyq7s+7D3zvQv+ycSQpkwb +GlHwHbXQHJfpFHS5hpdxWpx4HGsY/uWkGvSC04u97X+0RU3RHqRe4KvSmhc8ZsX2 +AZ8iLt5UTK59uWgKJdKRNfULfKwgJ7v3KmeGECfhVEc40XlTOLLLZQx9L7pG23qs +pvmZAoGAdIcADYC134Bqz9MSVKT3sZHeK12Bw8t3v3nIWB4+wAjz8960/j3ODRkI +KaJxVhbLFq8tZQ3jHy60rF6SE3491YUvV/ilVWzsd8oyhJL3K+Zw18vE/PwhanQn +xtW8pUplONwot++5iZFrUv51f2AnQWgMEk1wEQN8UrgFE1SvuxY= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainH-entity.pem b/certs/test-pathlen/chainH-entity.pem new file mode 100644 index 000000000..54339c4ab --- /dev/null +++ b/certs/test-pathlen/chainH-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 10 21:32:43 2019 GMT + Not After : Jul 6 21:32:43 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:ba:ed:ab:c0:0d:92:6c:10:e4:50:9f:7c:98:cc: + 87:fd:28:34:77:c0:58:28:52:2c:28:97:80:ec:78: + 02:4f:f4:ca:60:f8:1d:e7:6a:04:52:2e:75:85:42: + 74:76:00:e4:70:84:b8:51:8e:29:2e:7f:b6:ad:df: + 6d:09:b4:4f:11:54:1e:88:16:e2:0e:af:30:f0:3d: + a7:da:9f:4e:0d:94:5b:05:51:9c:cc:05:65:8d:6b: + 1e:3c:79:5b:26:7e:cb:ae:e9:9a:71:69:92:41:9b: + 1a:cd:b4:53:0b:fb:2e:40:c4:e3:b1:5e:b8:8b:f8: + cf:0a:ec:5f:07:10:18:54:f8:8a:7d:35:97:7a:7a: + 98:ea:93:2d:1b:e6:44:16:3f:cc:a7:4c:b9:cf:b5: + 0b:09:47:b3:b8:8e:02:1a:56:69:37:b7:49:a4:59: + 90:a3:20:88:f3:87:77:e8:39:0d:39:36:a5:56:b3: + ec:4b:f3:5e:8b:c2:cd:47:0c:d9:56:ce:32:f7:71: + 33:db:7f:7d:c6:1e:7e:71:c1:01:06:98:9e:52:98: + 9d:d7:9d:4a:32:94:3c:5a:42:66:00:ca:e2:a3:35: + db:b7:f3:27:0b:9c:fa:1b:99:4b:51:fa:6c:25:90: + f5:76:8c:d9:0d:80:8c:ac:61:eb:4d:92:12:6d:5f: + 12:e5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + ED:62:FB:8F:91:CB:DE:B0:C8:89:CE:BA:B5:80:A8:47:F1:72:16:05 + X509v3 Authority Key Identifier: + keyid:48:80:87:28:EF:E6:28:0F:03:9B:DF:33:48:10:A0:E5:20:B3:69:50 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainH-ICA2-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha1WithRSAEncryption + 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: + d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: + 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: + fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: + 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: + 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: + d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: + 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: + e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: + 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: + d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: + cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: + c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: + 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: + 86:2f:da:d9 +-----BEGIN CERTIFICATE----- +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD +DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu2rwA2SbBDkUJ98mMyH +/Sg0d8BYKFIsKJeA7HgCT/TKYPgd52oEUi51hUJ0dgDkcIS4UY4pLn+2rd9tCbRP +EVQeiBbiDq8w8D2n2p9ODZRbBVGczAVljWsePHlbJn7LrumacWmSQZsazbRTC/su +QMTjsV64i/jPCuxfBxAYVPiKfTWXenqY6pMtG+ZEFj/Mp0y5z7ULCUezuI4CGlZp +N7dJpFmQoyCI84d36DkNOTalVrPsS/Nei8LNRwzZVs4y93Ez2399xh5+ccEBBpie +Upid151KMpQ8WkJmAMriozXbt/MnC5z6G5lLUfpsJZD1dozZDYCMrGHrTZISbV8S +5QIDAQABo4H+MIH7MB0GA1UdDgQWBBTtYvuPkcvesMiJzrq1gKhH8XIWBTCBzgYD +VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV +BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg +6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN +svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb +i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS +si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC +8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva +Cy5boaUAb4Yv2tk= +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/include.am b/certs/test-pathlen/include.am index 7b0edcc9f..3f94b14cc 100644 --- a/certs/test-pathlen/include.am +++ b/certs/test-pathlen/include.am @@ -3,21 +3,65 @@ # EXTRA_DIST += \ - certs/test-pathlen/server-0-1-ca.pem \ - certs/test-pathlen/server-0-1-cert.pem \ - certs/test-pathlen/server-0-1-chain.pem \ - certs/test-pathlen/server-0-ca.pem \ - certs/test-pathlen/server-0-cert.pem \ - certs/test-pathlen/server-0-chain.pem \ - certs/test-pathlen/server-1-0-ca.pem \ - certs/test-pathlen/server-1-0-cert.pem \ - certs/test-pathlen/server-1-0-chain.pem \ - certs/test-pathlen/server-1-ca.pem \ - certs/test-pathlen/server-1-cert.pem \ - certs/test-pathlen/server-1-chain.pem \ - certs/test-pathlen/server-127-ca.pem \ - certs/test-pathlen/server-127-cert.pem \ - certs/test-pathlen/server-127-chain.pem \ - certs/test-pathlen/server-128-ca.pem \ - certs/test-pathlen/server-128-cert.pem \ - certs/test-pathlen/server-128-chain.pem + certs/test-pathlen/chainA-ICA1-key.pem \ + certs/test-pathlen/chainA-ICA1-pathlen0.pem \ + certs/test-pathlen/chainA-assembled.pem \ + certs/test-pathlen/chainA-entity-key.pem \ + certs/test-pathlen/chainA-entity.pem \ + certs/test-pathlen/chainB-ICA1-key.pem \ + certs/test-pathlen/chainB-ICA1-pathlen0.pem \ + certs/test-pathlen/chainB-ICA2-key.pem \ + certs/test-pathlen/chainB-ICA2-pathlen1.pem \ + certs/test-pathlen/chainB-assembled.pem \ + certs/test-pathlen/chainB-entity-key.pem \ + certs/test-pathlen/chainB-entity.pem \ + certs/test-pathlen/chainC-ICA1-key.pem \ + certs/test-pathlen/chainC-ICA1-pathlen1.pem \ + certs/test-pathlen/chainC-assembled.pem \ + certs/test-pathlen/chainC-entity-key.pem \ + certs/test-pathlen/chainC-entity.pem \ + certs/test-pathlen/chainD-ICA1-key.pem \ + certs/test-pathlen/chainD-ICA1-pathlen127.pem \ + certs/test-pathlen/chainD-assembled.pem \ + certs/test-pathlen/chainD-entity-key.pem \ + certs/test-pathlen/chainD-entity.pem \ + certs/test-pathlen/chainE-ICA1-key.pem \ + certs/test-pathlen/chainE-ICA1-pathlen128.pem \ + certs/test-pathlen/chainE-assembled.pem \ + certs/test-pathlen/chainE-entity-key.pem \ + certs/test-pathlen/chainE-entity.pem \ + certs/test-pathlen/chainF-ICA1-key.pem \ + certs/test-pathlen/chainF-ICA1-pathlen1.pem \ + certs/test-pathlen/chainF-ICA2-key.pem \ + certs/test-pathlen/chainF-ICA2-pathlen0.pem \ + certs/test-pathlen/chainF-assembled.pem \ + certs/test-pathlen/chainF-entity-key.pem \ + certs/test-pathlen/chainF-entity.pem \ + certs/test-pathlen/chainG-ICA1-key.pem \ + certs/test-pathlen/chainG-ICA1-pathlen0.pem \ + certs/test-pathlen/chainG-ICA2-key.pem \ + certs/test-pathlen/chainG-ICA2-pathlen1.pem \ + certs/test-pathlen/chainG-ICA3-key.pem \ + certs/test-pathlen/chainG-ICA3-pathlen99.pem \ + certs/test-pathlen/chainG-ICA4-key.pem \ + certs/test-pathlen/chainG-ICA4-pathlen5.pem \ + certs/test-pathlen/chainG-ICA5-key.pem \ + certs/test-pathlen/chainG-ICA5-pathlen20.pem \ + certs/test-pathlen/chainG-ICA6-key.pem \ + certs/test-pathlen/chainG-ICA6-pathlen10.pem \ + certs/test-pathlen/chainG-ICA7-key.pem \ + certs/test-pathlen/chainG-ICA7-pathlen100.pem \ + certs/test-pathlen/chainG-assembled.pem \ + certs/test-pathlen/chainG-entity-key.pem \ + certs/test-pathlen/chainG-entity.pem \ + certs/test-pathlen/chainH-ICA1-key.pem \ + certs/test-pathlen/chainH-ICA1-pathlen0.pem \ + certs/test-pathlen/chainH-ICA2-key.pem \ + certs/test-pathlen/chainH-ICA2-pathlen2.pem \ + certs/test-pathlen/chainH-ICA3-key.pem \ + certs/test-pathlen/chainH-ICA3-pathlen2.pem \ + certs/test-pathlen/chainH-ICA4-key.pem \ + certs/test-pathlen/chainH-ICA4-pathlen2.pem \ + certs/test-pathlen/chainH-assembled.pem \ + certs/test-pathlen/chainH-entity-key.pem \ + certs/test-pathlen/chainH-entity.pem diff --git a/certs/test-pathlen/refreshkeys.sh b/certs/test-pathlen/refreshkeys.sh new file mode 100755 index 000000000..4be87ee88 --- /dev/null +++ b/certs/test-pathlen/refreshkeys.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +keyList=( + chainA-ICA1-key.pem chainA-entity-key.pem + chainB-ICA2-key.pem chainB-ICA1-key.pem chainB-entity-key.pem + chainC-ICA1-key.pem chainC-entity-key.pem + chainD-ICA1-key.pem chainD-entity-key.pem + chainE-ICA1-key.pem chainE-entity-key.pem + chainF-ICA2-key.pem chainF-ICA1-key.pem chainF-entity-key.pem + chainG-ICA7-key.pem chainG-ICA6-key.pem chainG-ICA5-key.pem + chainG-ICA4-key.pem chainG-ICA3-key.pem chainG-ICA2-key.pem + chainG-ICA1-key.pem chainG-entity-key.pem + chainH-ICA4-key.pem chainH-ICA3-key.pem chainH-ICA2-key.pem + chainH-ICA1-key.pem chainH-entity-key.pem + ) + +for TARGET_KEY in "${keyList[@]}" +do + if [ -f "$TARGET_KEY" ]; then + printf '%s\n' "Removing $TARGET_KEY" + rm "$TARGET_KEY" + fi + printf '%s\n' "Creating new $TARGET_KEY" + openssl genrsa -out "$TARGET_KEY" 2048 +done diff --git a/certs/test-pathlen/server-0-1-ca.pem b/certs/test-pathlen/server-0-1-ca.pem deleted file mode 100644 index 70d78ea46..000000000 --- a/certs/test-pathlen/server-0-1-ca.pem +++ /dev/null @@ -1,89 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 110 (0x6e) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0-1 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:64 - - X509v3 Basic Constraints: - CA:TRUE, pathlen:1 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 15:ef:23:ef:d6:6d:8a:77:cd:20:47:64:1f:c3:65:0c:93:79: - a9:9e:a0:c7:bc:10:57:e6:ab:58:20:af:b1:fd:25:09:c9:72: - a9:18:16:24:e7:8e:9a:e2:6d:17:2d:66:8a:5f:75:83:ee:ac: - 58:be:81:51:11:0d:4b:ee:f1:08:de:dc:ac:24:44:ab:08:a6: - ad:ee:72:91:45:0e:f9:c9:ea:14:81:21:d2:09:02:20:f3:ea: - ab:75:f1:33:a9:32:2e:a2:f9:06:e9:bf:a4:0e:88:a0:4a:9c: - 25:6f:40:34:9c:62:49:26:6f:bb:68:a9:c5:e5:a3:49:35:0b: - 76:f3:44:1c:53:1d:e2:d6:5b:b7:a4:a3:9a:a9:b2:f9:06:43: - 23:17:e7:3e:f5:01:ac:e8:11:39:d6:5f:23:3c:43:c5:01:6a: - 45:b7:15:4e:82:89:45:f9:8b:ab:ba:4e:f2:ff:f3:5d:5d:fe: - e1:e9:ee:e4:bf:b3:a6:58:2e:79:11:47:ce:5d:5c:52:82:d1: - 45:bd:1f:50:41:57:a7:39:34:ec:e5:50:de:e5:9c:5f:ef:e3: - 9c:39:de:e4:7e:d1:03:ad:96:06:f9:69:bc:80:25:da:75:88: - 61:99:8d:6e:f1:51:ce:a0:ba:56:d4:de:78:65:ed:2a:b2:82: - ce:7a:c4:ef ------BEGIN CERTIFICATE----- -MIIEtjCCA56gAwIBAgIBbjANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAwIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZoxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQDDA1TZXJ2ZXIg -MC0xIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4 -lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIu -by6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aM -GKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8c -vCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+Jd -JclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IB -BTCCAQEwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkw -gbaAFLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRME -CDAGAQH/AgEBMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAFe8j79Zt -infNIEdkH8NlDJN5qZ6gx7wQV+arWCCvsf0lCclyqRgWJOeOmuJtFy1mil91g+6s -WL6BURENS+7xCN7crCREqwimre5ykUUO+cnqFIEh0gkCIPPqq3XxM6kyLqL5Bum/ -pA6IoEqcJW9ANJxiSSZvu2ipxeWjSTULdvNEHFMd4tZbt6Sjmqmy+QZDIxfnPvUB -rOgROdZfIzxDxQFqRbcVToKJRfmLq7pO8v/zXV3+4enu5L+zplgueRFHzl1cUoLR -Rb0fUEFXpzk07OVQ3uWcX+/jnDne5H7RA62WBvlpvIAl2nWIYZmNbvFRzqC6VtTe -eGXtKrKCznrE7w== ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-0-1-cert.pem b/certs/test-pathlen/server-0-1-cert.pem deleted file mode 100644 index 529db411f..000000000 --- a/certs/test-pathlen/server-0-1-cert.pem +++ /dev/null @@ -1,86 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 111 (0x6f) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0-1 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0-1/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=Server 0 CA/emailAddress=info@wolfssl.com - serial:6E - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 84:51:4f:e0:a5:4a:bc:2f:6d:e2:aa:13:6a:30:c0:f9:61:3d: - 59:9a:7a:42:9d:c6:c5:c1:79:3a:f8:83:8a:6e:0d:47:b9:b0: - 9b:49:e8:77:d9:e4:b0:6a:24:93:c8:32:52:e9:a5:8b:6f:17: - d4:5a:d3:b8:aa:1e:0a:50:15:a9:69:3c:3c:63:14:1f:ce:ed: - cd:58:3e:68:2e:1e:6f:f0:a8:ab:6d:68:60:9d:8c:3f:95:be: - ee:65:b9:e7:25:1a:f3:d2:6b:8f:70:d1:9f:5d:a7:2f:0d:b2: - a4:0b:a0:d2:4a:3d:4e:9b:e3:e5:db:5c:d3:ba:08:41:07:aa: - c4:b7:d7:f9:fe:a4:2d:69:94:4a:b7:e9:fa:18:52:90:01:53: - 57:08:a2:25:85:92:f7:f2:35:fd:05:c2:ce:e3:e5:18:b8:34: - b6:80:6e:a5:e6:06:4f:92:a5:ea:56:7e:00:ff:5b:5d:17:90: - 83:bb:10:ac:11:f4:49:d0:81:f5:f3:ce:f8:f3:46:c1:fc:53: - 38:eb:0b:46:4c:1b:ec:df:ee:74:c0:3a:66:f1:a4:02:f6:51: - 5d:72:bf:6b:68:7b:2c:11:7d:08:4c:70:dd:93:cc:b4:b9:6a: - aa:29:de:79:b9:93:6d:c4:52:8a:b7:c5:e9:a3:43:11:59:48: - 51:b0:9c:ce ------BEGIN CERTIFICATE----- -MIIEpDCCA4ygAwIBAgIBbzANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAwLTEgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAwLTExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfUw -gfIwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHFBgNVHSMEgb0wgbqA -FLMRMsmSmITiyfjQO24DQsofDo48oYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEG -A1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMGA1UECgwMd29s -ZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEUMBIGA1UEAwwLU2VydmVy -IDAgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAW4wCQYDVR0T -BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAhFFP4KVKvC9t4qoTajDA+WE9WZp6Qp3G -xcF5OviDim4NR7mwm0nod9nksGokk8gyUumli28X1FrTuKoeClAVqWk8PGMUH87t -zVg+aC4eb/Coq21oYJ2MP5W+7mW55yUa89Jrj3DRn12nLw2ypAug0ko9Tpvj5dtc -07oIQQeqxLfX+f6kLWmUSrfp+hhSkAFTVwiiJYWS9/I1/QXCzuPlGLg0toBupeYG -T5Kl6lZ+AP9bXReQg7sQrBH0SdCB9fPO+PNGwfxTOOsLRkwb7N/udMA6ZvGkAvZR -XXK/a2h7LBF9CExw3ZPMtLlqqineebmTbcRSirfF6aNDEVlIUbCczg== ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-0-1-chain.pem b/certs/test-pathlen/server-0-1-chain.pem deleted file mode 100644 index 63fdcae6f..000000000 --- a/certs/test-pathlen/server-0-1-chain.pem +++ /dev/null @@ -1,264 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 111 (0x6f) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0-1 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0-1/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=Server 0 CA/emailAddress=info@wolfssl.com - serial:6E - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 84:51:4f:e0:a5:4a:bc:2f:6d:e2:aa:13:6a:30:c0:f9:61:3d: - 59:9a:7a:42:9d:c6:c5:c1:79:3a:f8:83:8a:6e:0d:47:b9:b0: - 9b:49:e8:77:d9:e4:b0:6a:24:93:c8:32:52:e9:a5:8b:6f:17: - d4:5a:d3:b8:aa:1e:0a:50:15:a9:69:3c:3c:63:14:1f:ce:ed: - cd:58:3e:68:2e:1e:6f:f0:a8:ab:6d:68:60:9d:8c:3f:95:be: - ee:65:b9:e7:25:1a:f3:d2:6b:8f:70:d1:9f:5d:a7:2f:0d:b2: - a4:0b:a0:d2:4a:3d:4e:9b:e3:e5:db:5c:d3:ba:08:41:07:aa: - c4:b7:d7:f9:fe:a4:2d:69:94:4a:b7:e9:fa:18:52:90:01:53: - 57:08:a2:25:85:92:f7:f2:35:fd:05:c2:ce:e3:e5:18:b8:34: - b6:80:6e:a5:e6:06:4f:92:a5:ea:56:7e:00:ff:5b:5d:17:90: - 83:bb:10:ac:11:f4:49:d0:81:f5:f3:ce:f8:f3:46:c1:fc:53: - 38:eb:0b:46:4c:1b:ec:df:ee:74:c0:3a:66:f1:a4:02:f6:51: - 5d:72:bf:6b:68:7b:2c:11:7d:08:4c:70:dd:93:cc:b4:b9:6a: - aa:29:de:79:b9:93:6d:c4:52:8a:b7:c5:e9:a3:43:11:59:48: - 51:b0:9c:ce ------BEGIN CERTIFICATE----- -MIIEpDCCA4ygAwIBAgIBbzANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAwLTEgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAwLTExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfUw -gfIwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHFBgNVHSMEgb0wgbqA -FLMRMsmSmITiyfjQO24DQsofDo48oYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEG -A1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMGA1UECgwMd29s -ZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEUMBIGA1UEAwwLU2VydmVy -IDAgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAW4wCQYDVR0T -BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAhFFP4KVKvC9t4qoTajDA+WE9WZp6Qp3G -xcF5OviDim4NR7mwm0nod9nksGokk8gyUumli28X1FrTuKoeClAVqWk8PGMUH87t -zVg+aC4eb/Coq21oYJ2MP5W+7mW55yUa89Jrj3DRn12nLw2ypAug0ko9Tpvj5dtc -07oIQQeqxLfX+f6kLWmUSrfp+hhSkAFTVwiiJYWS9/I1/QXCzuPlGLg0toBupeYG -T5Kl6lZ+AP9bXReQg7sQrBH0SdCB9fPO+PNGwfxTOOsLRkwb7N/udMA6ZvGkAvZR -XXK/a2h7LBF9CExw3ZPMtLlqqineebmTbcRSirfF6aNDEVlIUbCczg== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 110 (0x6e) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0-1 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:64 - - X509v3 Basic Constraints: - CA:TRUE, pathlen:1 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 15:ef:23:ef:d6:6d:8a:77:cd:20:47:64:1f:c3:65:0c:93:79: - a9:9e:a0:c7:bc:10:57:e6:ab:58:20:af:b1:fd:25:09:c9:72: - a9:18:16:24:e7:8e:9a:e2:6d:17:2d:66:8a:5f:75:83:ee:ac: - 58:be:81:51:11:0d:4b:ee:f1:08:de:dc:ac:24:44:ab:08:a6: - ad:ee:72:91:45:0e:f9:c9:ea:14:81:21:d2:09:02:20:f3:ea: - ab:75:f1:33:a9:32:2e:a2:f9:06:e9:bf:a4:0e:88:a0:4a:9c: - 25:6f:40:34:9c:62:49:26:6f:bb:68:a9:c5:e5:a3:49:35:0b: - 76:f3:44:1c:53:1d:e2:d6:5b:b7:a4:a3:9a:a9:b2:f9:06:43: - 23:17:e7:3e:f5:01:ac:e8:11:39:d6:5f:23:3c:43:c5:01:6a: - 45:b7:15:4e:82:89:45:f9:8b:ab:ba:4e:f2:ff:f3:5d:5d:fe: - e1:e9:ee:e4:bf:b3:a6:58:2e:79:11:47:ce:5d:5c:52:82:d1: - 45:bd:1f:50:41:57:a7:39:34:ec:e5:50:de:e5:9c:5f:ef:e3: - 9c:39:de:e4:7e:d1:03:ad:96:06:f9:69:bc:80:25:da:75:88: - 61:99:8d:6e:f1:51:ce:a0:ba:56:d4:de:78:65:ed:2a:b2:82: - ce:7a:c4:ef ------BEGIN CERTIFICATE----- -MIIEtjCCA56gAwIBAgIBbjANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAwIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZoxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQDDA1TZXJ2ZXIg -MC0xIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4 -lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIu -by6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aM -GKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8c -vCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+Jd -JclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IB -BTCCAQEwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkw -gbaAFLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRME -CDAGAQH/AgEBMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAFe8j79Zt -infNIEdkH8NlDJN5qZ6gx7wQV+arWCCvsf0lCclyqRgWJOeOmuJtFy1mil91g+6s -WL6BURENS+7xCN7crCREqwimre5ykUUO+cnqFIEh0gkCIPPqq3XxM6kyLqL5Bum/ -pA6IoEqcJW9ANJxiSSZvu2ipxeWjSTULdvNEHFMd4tZbt6Sjmqmy+QZDIxfnPvUB -rOgROdZfIzxDxQFqRbcVToKJRfmLq7pO8v/zXV3+4enu5L+zplgueRFHzl1cUoLR -Rb0fUEFXpzk07OVQ3uWcX+/jnDne5H7RA62WBvlpvIAl2nWIYZmNbvFRzqC6VtTe -eGXtKrKCznrE7w== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:0 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8c:bd:c3:71:57:ce:dd:02:36:8c:d3:71:ec:d1:25:65:7b:48: - 4d:e2:77:d7:62:00:bd:0f:c9:50:4b:50:cb:d0:5a:8b:09:3f: - 21:d1:f5:1f:2f:14:44:87:0d:99:fa:0c:5c:1d:12:d8:e6:c5: - a0:2c:c1:12:ee:fa:3c:fd:e9:2e:23:58:be:60:a2:9f:e7:50: - be:d1:d8:2f:27:67:90:8a:1f:34:13:ca:81:07:bb:ca:de:86: - 59:bb:80:65:4f:b7:fa:5d:42:6d:e5:c8:08:25:5d:c9:78:3d: - 70:09:42:27:85:82:7f:5c:22:32:30:94:21:47:3f:09:bf:c4: - d2:1a:98:1b:f0:5d:3d:51:12:da:9f:1c:a7:44:d5:54:bc:5e: - 04:69:72:cc:cf:4f:f3:b1:d7:49:db:4c:0e:d1:42:8f:ad:ba: - 90:92:5b:7b:9d:13:8f:58:46:3d:a4:2d:9d:a2:9d:6d:4b:e5: - e4:d6:4c:61:a9:e1:78:33:5c:3d:78:0e:4f:0b:3d:fc:4a:6d: - 44:71:27:e1:1d:95:95:b6:9e:ba:0e:ca:72:01:fe:8e:f6:12: - ad:71:15:82:54:68:23:ea:49:0c:30:05:ea:1e:68:cc:c0:7c: - 63:04:8e:1b:fa:79:96:95:1b:a0:0d:af:f7:85:7d:09:49:24: - 2e:8f:9e:ff ------BEGIN CERTIFICATE----- -MIIEuDCCA6CgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1NlcnZlciAwIENB -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2 -HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz -2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/D -GQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkD -iRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5 -YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IBDTCCAQkw -HQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSMEgcEwgb6AFCeO -ZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UE -CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgx -EzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q3rj7MA8GA1Ud -EwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCMvcNx -V87dAjaM03Hs0SVle0hN4nfXYgC9D8lQS1DL0FqLCT8h0fUfLxREhw2Z+gxcHRLY -5sWgLMES7vo8/ekuI1i+YKKf51C+0dgvJ2eQih80E8qBB7vK3oZZu4BlT7f6XUJt -5cgIJV3JeD1wCUInhYJ/XCIyMJQhRz8Jv8TSGpgb8F09URLanxynRNVUvF4EaXLM -z0/zsddJ20wO0UKPrbqQklt7nROPWEY9pC2dop1tS+Xk1kxhqeF4M1w9eA5PCz38 -Sm1EcSfhHZWVtp66DspyAf6O9hKtcRWCVGgj6kkMMAXqHmjMwHxjBI4b+nmWlRug -Da/3hX0JSSQuj57/ ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-0-ca.pem b/certs/test-pathlen/server-0-ca.pem deleted file mode 100644 index cbbdca9ea..000000000 --- a/certs/test-pathlen/server-0-ca.pem +++ /dev/null @@ -1,89 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:0 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8c:bd:c3:71:57:ce:dd:02:36:8c:d3:71:ec:d1:25:65:7b:48: - 4d:e2:77:d7:62:00:bd:0f:c9:50:4b:50:cb:d0:5a:8b:09:3f: - 21:d1:f5:1f:2f:14:44:87:0d:99:fa:0c:5c:1d:12:d8:e6:c5: - a0:2c:c1:12:ee:fa:3c:fd:e9:2e:23:58:be:60:a2:9f:e7:50: - be:d1:d8:2f:27:67:90:8a:1f:34:13:ca:81:07:bb:ca:de:86: - 59:bb:80:65:4f:b7:fa:5d:42:6d:e5:c8:08:25:5d:c9:78:3d: - 70:09:42:27:85:82:7f:5c:22:32:30:94:21:47:3f:09:bf:c4: - d2:1a:98:1b:f0:5d:3d:51:12:da:9f:1c:a7:44:d5:54:bc:5e: - 04:69:72:cc:cf:4f:f3:b1:d7:49:db:4c:0e:d1:42:8f:ad:ba: - 90:92:5b:7b:9d:13:8f:58:46:3d:a4:2d:9d:a2:9d:6d:4b:e5: - e4:d6:4c:61:a9:e1:78:33:5c:3d:78:0e:4f:0b:3d:fc:4a:6d: - 44:71:27:e1:1d:95:95:b6:9e:ba:0e:ca:72:01:fe:8e:f6:12: - ad:71:15:82:54:68:23:ea:49:0c:30:05:ea:1e:68:cc:c0:7c: - 63:04:8e:1b:fa:79:96:95:1b:a0:0d:af:f7:85:7d:09:49:24: - 2e:8f:9e:ff ------BEGIN CERTIFICATE----- -MIIEuDCCA6CgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1NlcnZlciAwIENB -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2 -HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz -2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/D -GQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkD -iRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5 -YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IBDTCCAQkw -HQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSMEgcEwgb6AFCeO -ZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UE -CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgx -EzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q3rj7MA8GA1Ud -EwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCMvcNx -V87dAjaM03Hs0SVle0hN4nfXYgC9D8lQS1DL0FqLCT8h0fUfLxREhw2Z+gxcHRLY -5sWgLMES7vo8/ekuI1i+YKKf51C+0dgvJ2eQih80E8qBB7vK3oZZu4BlT7f6XUJt -5cgIJV3JeD1wCUInhYJ/XCIyMJQhRz8Jv8TSGpgb8F09URLanxynRNVUvF4EaXLM -z0/zsddJ20wO0UKPrbqQklt7nROPWEY9pC2dop1tS+Xk1kxhqeF4M1w9eA5PCz38 -Sm1EcSfhHZWVtp66DspyAf6O9hKtcRWCVGgj6kkMMAXqHmjMwHxjBI4b+nmWlRug -Da/3hX0JSSQuj57/ ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-0-cert.pem b/certs/test-pathlen/server-0-cert.pem deleted file mode 100644 index c72ae8043..000000000 --- a/certs/test-pathlen/server-0-cert.pem +++ /dev/null @@ -1,86 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:64 - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3d:b1:b9:4a:c7:79:a6:1c:ea:27:76:16:32:3c:96:56:f3:62: - ce:2e:f5:78:d6:bd:e8:dd:07:2f:fc:38:3d:54:89:bd:ab:dd: - 39:58:4d:78:e3:37:d3:90:98:ea:9f:b9:72:96:eb:5d:28:22: - 2d:6c:8b:3a:c0:67:1d:3e:d5:bd:13:3e:f1:d7:c2:d7:ea:5f: - cc:da:57:58:c7:e6:66:e3:21:85:65:34:38:59:86:93:ae:1e: - 1c:ba:e5:19:80:96:20:5b:e9:9f:ea:c7:99:b1:db:89:17:7f: - f9:b4:e8:20:3f:34:e6:79:54:99:86:ee:8c:aa:c2:a3:ce:20: - c5:00:60:65:73:06:90:8a:88:12:7e:7a:ca:33:99:11:2e:84: - 82:cf:d7:df:83:73:c2:e6:9f:86:f1:f9:ba:ac:cb:95:ad:0f: - 3e:4b:1d:23:57:75:ce:57:bb:cc:78:a2:72:35:b3:c1:a2:e5: - 14:a6:b1:c2:0d:99:2b:83:95:8a:62:69:17:50:1f:9c:a5:0e: - 17:67:47:8a:a9:77:be:c2:03:3a:3b:2b:ab:fb:8a:22:81:e9: - 79:41:76:41:1b:ce:fc:68:24:40:83:88:10:ec:d6:3e:62:63: - de:f2:2d:bd:08:1d:a5:9b:4c:bc:82:56:59:66:2f:1a:c2:c7: - 60:9d:7a:f7 ------BEGIN CERTIFICATE----- -MIIEnDCCA4SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAwIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZUxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMREwDwYDVQQDDAhTZXJ2ZXIg -MDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W -9hyIvHyf+6hnf/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiV -c9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2v -wxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJ -A4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3D -OWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB8TCB7jAd -BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgcEGA1UdIwSBuTCBtoAUsxEy -yZKYhOLJ+NA7bgNCyh8OjjyhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDET -MBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w -HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJ -KoZIhvcNAQEFBQADggEBAD2xuUrHeaYc6id2FjI8llbzYs4u9XjWvejdBy/8OD1U -ib2r3TlYTXjjN9OQmOqfuXKW610oIi1sizrAZx0+1b0TPvHXwtfqX8zaV1jH5mbj -IYVlNDhZhpOuHhy65RmAliBb6Z/qx5mx24kXf/m06CA/NOZ5VJmG7oyqwqPOIMUA -YGVzBpCKiBJ+esozmREuhILP19+Dc8Lmn4bx+bqsy5WtDz5LHSNXdc5Xu8x4onI1 -s8Gi5RSmscINmSuDlYpiaRdQH5ylDhdnR4qpd77CAzo7K6v7iiKB6XlBdkEbzvxo -JECDiBDs1j5iY97yLb0IHaWbTLyCVllmLxrCx2Cdevc= ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-0-chain.pem b/certs/test-pathlen/server-0-chain.pem deleted file mode 100644 index a79c6458b..000000000 --- a/certs/test-pathlen/server-0-chain.pem +++ /dev/null @@ -1,175 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:64 - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3d:b1:b9:4a:c7:79:a6:1c:ea:27:76:16:32:3c:96:56:f3:62: - ce:2e:f5:78:d6:bd:e8:dd:07:2f:fc:38:3d:54:89:bd:ab:dd: - 39:58:4d:78:e3:37:d3:90:98:ea:9f:b9:72:96:eb:5d:28:22: - 2d:6c:8b:3a:c0:67:1d:3e:d5:bd:13:3e:f1:d7:c2:d7:ea:5f: - cc:da:57:58:c7:e6:66:e3:21:85:65:34:38:59:86:93:ae:1e: - 1c:ba:e5:19:80:96:20:5b:e9:9f:ea:c7:99:b1:db:89:17:7f: - f9:b4:e8:20:3f:34:e6:79:54:99:86:ee:8c:aa:c2:a3:ce:20: - c5:00:60:65:73:06:90:8a:88:12:7e:7a:ca:33:99:11:2e:84: - 82:cf:d7:df:83:73:c2:e6:9f:86:f1:f9:ba:ac:cb:95:ad:0f: - 3e:4b:1d:23:57:75:ce:57:bb:cc:78:a2:72:35:b3:c1:a2:e5: - 14:a6:b1:c2:0d:99:2b:83:95:8a:62:69:17:50:1f:9c:a5:0e: - 17:67:47:8a:a9:77:be:c2:03:3a:3b:2b:ab:fb:8a:22:81:e9: - 79:41:76:41:1b:ce:fc:68:24:40:83:88:10:ec:d6:3e:62:63: - de:f2:2d:bd:08:1d:a5:9b:4c:bc:82:56:59:66:2f:1a:c2:c7: - 60:9d:7a:f7 ------BEGIN CERTIFICATE----- -MIIEnDCCA4SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAwIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZUxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMREwDwYDVQQDDAhTZXJ2ZXIg -MDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W -9hyIvHyf+6hnf/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiV -c9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2v -wxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJ -A4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3D -OWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB8TCB7jAd -BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgcEGA1UdIwSBuTCBtoAUsxEy -yZKYhOLJ+NA7bgNCyh8OjjyhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDET -MBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w -HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJ -KoZIhvcNAQEFBQADggEBAD2xuUrHeaYc6id2FjI8llbzYs4u9XjWvejdBy/8OD1U -ib2r3TlYTXjjN9OQmOqfuXKW610oIi1sizrAZx0+1b0TPvHXwtfqX8zaV1jH5mbj -IYVlNDhZhpOuHhy65RmAliBb6Z/qx5mx24kXf/m06CA/NOZ5VJmG7oyqwqPOIMUA -YGVzBpCKiBJ+esozmREuhILP19+Dc8Lmn4bx+bqsy5WtDz5LHSNXdc5Xu8x4onI1 -s8Gi5RSmscINmSuDlYpiaRdQH5ylDhdnR4qpd77CAzo7K6v7iiKB6XlBdkEbzvxo -JECDiBDs1j5iY97yLb0IHaWbTLyCVllmLxrCx2Cdevc= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 0 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:0 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8c:bd:c3:71:57:ce:dd:02:36:8c:d3:71:ec:d1:25:65:7b:48: - 4d:e2:77:d7:62:00:bd:0f:c9:50:4b:50:cb:d0:5a:8b:09:3f: - 21:d1:f5:1f:2f:14:44:87:0d:99:fa:0c:5c:1d:12:d8:e6:c5: - a0:2c:c1:12:ee:fa:3c:fd:e9:2e:23:58:be:60:a2:9f:e7:50: - be:d1:d8:2f:27:67:90:8a:1f:34:13:ca:81:07:bb:ca:de:86: - 59:bb:80:65:4f:b7:fa:5d:42:6d:e5:c8:08:25:5d:c9:78:3d: - 70:09:42:27:85:82:7f:5c:22:32:30:94:21:47:3f:09:bf:c4: - d2:1a:98:1b:f0:5d:3d:51:12:da:9f:1c:a7:44:d5:54:bc:5e: - 04:69:72:cc:cf:4f:f3:b1:d7:49:db:4c:0e:d1:42:8f:ad:ba: - 90:92:5b:7b:9d:13:8f:58:46:3d:a4:2d:9d:a2:9d:6d:4b:e5: - e4:d6:4c:61:a9:e1:78:33:5c:3d:78:0e:4f:0b:3d:fc:4a:6d: - 44:71:27:e1:1d:95:95:b6:9e:ba:0e:ca:72:01:fe:8e:f6:12: - ad:71:15:82:54:68:23:ea:49:0c:30:05:ea:1e:68:cc:c0:7c: - 63:04:8e:1b:fa:79:96:95:1b:a0:0d:af:f7:85:7d:09:49:24: - 2e:8f:9e:ff ------BEGIN CERTIFICATE----- -MIIEuDCCA6CgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1NlcnZlciAwIENB -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2 -HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz -2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/D -GQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkD -iRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5 -YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IBDTCCAQkw -HQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSMEgcEwgb6AFCeO -ZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UE -CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgx -EzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q3rj7MA8GA1Ud -EwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCMvcNx -V87dAjaM03Hs0SVle0hN4nfXYgC9D8lQS1DL0FqLCT8h0fUfLxREhw2Z+gxcHRLY -5sWgLMES7vo8/ekuI1i+YKKf51C+0dgvJ2eQih80E8qBB7vK3oZZu4BlT7f6XUJt -5cgIJV3JeD1wCUInhYJ/XCIyMJQhRz8Jv8TSGpgb8F09URLanxynRNVUvF4EaXLM -z0/zsddJ20wO0UKPrbqQklt7nROPWEY9pC2dop1tS+Xk1kxhqeF4M1w9eA5PCz38 -Sm1EcSfhHZWVtp66DspyAf6O9hKtcRWCVGgj6kkMMAXqHmjMwHxjBI4b+nmWlRug -Da/3hX0JSSQuj57/ ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-1-0-ca.pem b/certs/test-pathlen/server-1-0-ca.pem deleted file mode 100644 index bba882ee5..000000000 --- a/certs/test-pathlen/server-1-0-ca.pem +++ /dev/null @@ -1,89 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 103 (0x67) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1-0 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:66 - - X509v3 Basic Constraints: - CA:TRUE, pathlen:0 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2b:e5:fc:8a:56:f9:f4:37:84:c8:9a:b4:9d:46:33:24:9d:03: - 59:a2:c7:dd:31:75:31:ac:bf:f2:78:15:7d:31:82:dd:f4:d1: - e8:f8:01:ac:02:cb:b6:32:5f:18:a5:20:37:1e:5d:3f:29:f6: - 8a:4b:16:c3:64:5e:98:6d:09:3b:6f:24:fe:58:c0:12:1f:86: - 18:0e:4d:e8:d9:bd:4d:44:e6:58:0d:69:fb:52:4d:b5:da:38: - 6d:c0:59:70:f5:5a:6b:51:98:f8:94:bd:d6:14:72:1f:38:fd: - 63:53:c6:f6:eb:f5:f2:c0:ce:b3:fc:35:6e:7a:78:32:28:dd: - 90:65:a1:03:02:69:2c:c9:04:22:70:c4:a8:44:8e:88:99:1c: - 3d:fb:21:a3:b0:d5:f1:29:d0:b8:44:6b:e5:34:bb:74:49:f2: - 29:10:e2:74:98:d5:11:68:a0:c1:b1:15:ae:cc:5f:d9:bb:83: - 78:7f:d2:3f:aa:c0:fc:a3:36:24:bf:b2:ab:94:7f:86:79:94: - 23:dc:8d:4d:83:fa:9d:00:ed:14:15:c7:2c:1d:e2:05:6f:2e: - ba:f9:af:9c:6a:ef:05:0c:64:2d:f8:0a:61:7b:2d:67:3e:f1: - fb:2b:e3:09:47:98:2e:a5:68:64:7a:f8:67:5a:56:b8:68:42: - 90:8d:3b:cb ------BEGIN CERTIFICATE----- -MIIEtjCCA56gAwIBAgIBZzANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAxIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZoxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQDDA1TZXJ2ZXIg -MS0wIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4 -lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIu -by6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aM -GKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8c -vCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+Jd -JclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IB -BTCCAQEwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkw -gbaAFLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZjAPBgNVHRME -CDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAK+X8ilb5 -9DeEyJq0nUYzJJ0DWaLH3TF1May/8ngVfTGC3fTR6PgBrALLtjJfGKUgNx5dPyn2 -iksWw2RemG0JO28k/ljAEh+GGA5N6Nm9TUTmWA1p+1JNtdo4bcBZcPVaa1GY+JS9 -1hRyHzj9Y1PG9uv18sDOs/w1bnp4MijdkGWhAwJpLMkEInDEqESOiJkcPfsho7DV -8SnQuERr5TS7dEnyKRDidJjVEWigwbEVrsxf2buDeH/SP6rA/KM2JL+yq5R/hnmU -I9yNTYP6nQDtFBXHLB3iBW8uuvmvnGrvBQxkLfgKYXstZz7x+yvjCUeYLqVoZHr4 -Z1pWuGhCkI07yw== ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-1-0-cert.pem b/certs/test-pathlen/server-1-0-cert.pem deleted file mode 100644 index fd21f61fb..000000000 --- a/certs/test-pathlen/server-1-0-cert.pem +++ /dev/null @@ -1,86 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 104 (0x68) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1-0 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1-0/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=Server 1 CA/emailAddress=info@wolfssl.com - serial:67 - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 88:e6:c7:a7:fc:33:31:f6:e3:1d:fe:92:c5:69:59:07:cb:70: - 7a:18:8a:cc:4c:10:7a:6b:f4:1a:32:78:1f:55:90:72:8d:e2: - 78:93:86:b6:9d:2f:3b:12:cc:f6:81:87:59:0b:54:61:b4:ea: - da:7a:4c:27:82:49:89:78:41:f4:57:58:b2:17:fc:f1:35:c7: - 20:a9:51:84:21:e9:4a:68:5c:1b:1d:2c:1a:b3:47:93:27:59: - a4:e4:73:e8:b8:30:5b:b7:5f:1f:10:07:59:0c:bd:d4:a6:e1: - 7c:d6:91:23:4e:b9:fd:85:22:4c:06:f3:08:58:18:48:85:db: - 46:40:b1:d7:9f:13:b5:aa:34:a5:b9:38:ff:b7:08:1a:5e:e3: - 76:80:16:6c:b9:8e:57:51:dc:5e:a1:03:e6:e9:ee:ac:a2:d0: - 26:3d:ff:97:96:0b:66:06:9a:c9:26:4a:c1:a3:02:f5:47:d5: - 87:d9:ea:a8:af:21:70:77:f8:9b:15:ec:c0:ee:fd:d4:16:b7: - 8a:4d:c0:8f:25:2d:6b:dd:dd:6f:4c:7f:b5:6c:59:b7:a4:7c: - e9:52:a9:bc:79:8a:62:7c:ab:a1:ec:0b:fa:5b:6e:f8:db:11: - 72:a1:e9:c6:4a:83:82:64:ea:4e:13:44:d4:04:17:c3:ee:8d: - ea:4b:9b:69 ------BEGIN CERTIFICATE----- -MIIEpDCCA4ygAwIBAgIBaDANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAxLTAgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAxLTAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfUw -gfIwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHFBgNVHSMEgb0wgbqA -FLMRMsmSmITiyfjQO24DQsofDo48oYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEG -A1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMGA1UECgwMd29s -ZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEUMBIGA1UEAwwLU2VydmVy -IDEgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWcwCQYDVR0T -BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAiObHp/wzMfbjHf6SxWlZB8twehiKzEwQ -emv0GjJ4H1WQco3ieJOGtp0vOxLM9oGHWQtUYbTq2npMJ4JJiXhB9FdYshf88TXH -IKlRhCHpSmhcGx0sGrNHkydZpORz6LgwW7dfHxAHWQy91KbhfNaRI065/YUiTAbz -CFgYSIXbRkCx158Ttao0pbk4/7cIGl7jdoAWbLmOV1HcXqED5unurKLQJj3/l5YL -ZgaaySZKwaMC9UfVh9nqqK8hcHf4mxXswO791Ba3ik3AjyUta93db0x/tWxZt6R8 -6VKpvHmKYnyroewL+ltu+NsRcqHpxkqDgmTqThNE1AQXw+6N6kubaQ== ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-1-0-chain.pem b/certs/test-pathlen/server-1-0-chain.pem deleted file mode 100644 index 15b3b5d5f..000000000 --- a/certs/test-pathlen/server-1-0-chain.pem +++ /dev/null @@ -1,264 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 104 (0x68) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1-0 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1-0/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=Server 1 CA/emailAddress=info@wolfssl.com - serial:67 - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 88:e6:c7:a7:fc:33:31:f6:e3:1d:fe:92:c5:69:59:07:cb:70: - 7a:18:8a:cc:4c:10:7a:6b:f4:1a:32:78:1f:55:90:72:8d:e2: - 78:93:86:b6:9d:2f:3b:12:cc:f6:81:87:59:0b:54:61:b4:ea: - da:7a:4c:27:82:49:89:78:41:f4:57:58:b2:17:fc:f1:35:c7: - 20:a9:51:84:21:e9:4a:68:5c:1b:1d:2c:1a:b3:47:93:27:59: - a4:e4:73:e8:b8:30:5b:b7:5f:1f:10:07:59:0c:bd:d4:a6:e1: - 7c:d6:91:23:4e:b9:fd:85:22:4c:06:f3:08:58:18:48:85:db: - 46:40:b1:d7:9f:13:b5:aa:34:a5:b9:38:ff:b7:08:1a:5e:e3: - 76:80:16:6c:b9:8e:57:51:dc:5e:a1:03:e6:e9:ee:ac:a2:d0: - 26:3d:ff:97:96:0b:66:06:9a:c9:26:4a:c1:a3:02:f5:47:d5: - 87:d9:ea:a8:af:21:70:77:f8:9b:15:ec:c0:ee:fd:d4:16:b7: - 8a:4d:c0:8f:25:2d:6b:dd:dd:6f:4c:7f:b5:6c:59:b7:a4:7c: - e9:52:a9:bc:79:8a:62:7c:ab:a1:ec:0b:fa:5b:6e:f8:db:11: - 72:a1:e9:c6:4a:83:82:64:ea:4e:13:44:d4:04:17:c3:ee:8d: - ea:4b:9b:69 ------BEGIN CERTIFICATE----- -MIIEpDCCA4ygAwIBAgIBaDANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAxLTAgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAxLTAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfUw -gfIwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHFBgNVHSMEgb0wgbqA -FLMRMsmSmITiyfjQO24DQsofDo48oYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEG -A1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMGA1UECgwMd29s -ZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEUMBIGA1UEAwwLU2VydmVy -IDEgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWcwCQYDVR0T -BAIwADANBgkqhkiG9w0BAQUFAAOCAQEAiObHp/wzMfbjHf6SxWlZB8twehiKzEwQ -emv0GjJ4H1WQco3ieJOGtp0vOxLM9oGHWQtUYbTq2npMJ4JJiXhB9FdYshf88TXH -IKlRhCHpSmhcGx0sGrNHkydZpORz6LgwW7dfHxAHWQy91KbhfNaRI065/YUiTAbz -CFgYSIXbRkCx158Ttao0pbk4/7cIGl7jdoAWbLmOV1HcXqED5unurKLQJj3/l5YL -ZgaaySZKwaMC9UfVh9nqqK8hcHf4mxXswO791Ba3ik3AjyUta93db0x/tWxZt6R8 -6VKpvHmKYnyroewL+ltu+NsRcqHpxkqDgmTqThNE1AQXw+6N6kubaQ== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 103 (0x67) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1-0 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:66 - - X509v3 Basic Constraints: - CA:TRUE, pathlen:0 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2b:e5:fc:8a:56:f9:f4:37:84:c8:9a:b4:9d:46:33:24:9d:03: - 59:a2:c7:dd:31:75:31:ac:bf:f2:78:15:7d:31:82:dd:f4:d1: - e8:f8:01:ac:02:cb:b6:32:5f:18:a5:20:37:1e:5d:3f:29:f6: - 8a:4b:16:c3:64:5e:98:6d:09:3b:6f:24:fe:58:c0:12:1f:86: - 18:0e:4d:e8:d9:bd:4d:44:e6:58:0d:69:fb:52:4d:b5:da:38: - 6d:c0:59:70:f5:5a:6b:51:98:f8:94:bd:d6:14:72:1f:38:fd: - 63:53:c6:f6:eb:f5:f2:c0:ce:b3:fc:35:6e:7a:78:32:28:dd: - 90:65:a1:03:02:69:2c:c9:04:22:70:c4:a8:44:8e:88:99:1c: - 3d:fb:21:a3:b0:d5:f1:29:d0:b8:44:6b:e5:34:bb:74:49:f2: - 29:10:e2:74:98:d5:11:68:a0:c1:b1:15:ae:cc:5f:d9:bb:83: - 78:7f:d2:3f:aa:c0:fc:a3:36:24:bf:b2:ab:94:7f:86:79:94: - 23:dc:8d:4d:83:fa:9d:00:ed:14:15:c7:2c:1d:e2:05:6f:2e: - ba:f9:af:9c:6a:ef:05:0c:64:2d:f8:0a:61:7b:2d:67:3e:f1: - fb:2b:e3:09:47:98:2e:a5:68:64:7a:f8:67:5a:56:b8:68:42: - 90:8d:3b:cb ------BEGIN CERTIFICATE----- -MIIEtjCCA56gAwIBAgIBZzANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAxIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZoxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQDDA1TZXJ2ZXIg -MS0wIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4 -lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIu -by6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aM -GKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8c -vCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+Jd -JclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IB -BTCCAQEwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkw -gbaAFLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZjAPBgNVHRME -CDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAK+X8ilb5 -9DeEyJq0nUYzJJ0DWaLH3TF1May/8ngVfTGC3fTR6PgBrALLtjJfGKUgNx5dPyn2 -iksWw2RemG0JO28k/ljAEh+GGA5N6Nm9TUTmWA1p+1JNtdo4bcBZcPVaa1GY+JS9 -1hRyHzj9Y1PG9uv18sDOs/w1bnp4MijdkGWhAwJpLMkEInDEqESOiJkcPfsho7DV -8SnQuERr5TS7dEnyKRDidJjVEWigwbEVrsxf2buDeH/SP6rA/KM2JL+yq5R/hnmU -I9yNTYP6nQDtFBXHLB3iBW8uuvmvnGrvBQxkLfgKYXstZz7x+yvjCUeYLqVoZHr4 -Z1pWuGhCkI07yw== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 102 (0x66) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:1 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 38:60:36:73:96:77:51:dc:fe:99:5a:1d:b4:b8:0e:c2:1b:96: - 13:b0:e9:6c:42:24:db:d2:20:6c:0c:1b:2e:d4:de:cb:7b:fd: - 0f:91:7d:18:23:50:87:29:51:fc:97:1c:8a:2f:3a:5c:89:59: - 18:54:24:d3:5b:6c:f9:5d:99:11:2c:2d:4d:1f:6b:e6:59:4e: - e8:ba:37:b5:f8:b0:44:3d:e5:47:4d:ac:b0:a0:55:6b:89:a3: - e4:65:87:91:5f:71:51:55:e6:ea:30:d0:13:a1:11:b2:04:b1: - c7:62:cc:55:2e:ac:d4:87:a1:87:48:7a:45:bc:2b:c5:c5:90: - 1a:a2:98:93:63:6c:97:18:a3:18:58:7a:ba:b3:84:8f:ed:b3: - 9a:bf:5a:31:2f:4e:24:43:74:7a:23:dd:c3:7b:76:8b:6c:aa: - ad:76:d9:39:4b:7f:e5:c2:24:65:75:b5:1c:29:ca:c4:a3:9d: - 6d:d6:9f:cd:05:3b:c5:54:db:76:01:51:dc:2e:60:08:74:81: - 83:1b:d1:e8:77:3e:ac:67:49:f6:1b:4c:5e:56:6a:93:40:15: - 86:dc:c0:c1:70:7d:62:66:ed:ff:32:2d:b6:f8:0f:a4:4f:75: - 92:22:37:04:3a:32:16:e8:bc:b6:15:a4:0f:17:6e:72:6e:43: - 1a:13:d9:87 ------BEGIN CERTIFICATE----- -MIIEuDCCA6CgAwIBAgIBZjANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1NlcnZlciAxIENB -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2 -HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz -2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/D -GQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkD -iRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5 -YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IBDTCCAQkw -HQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSMEgcEwgb6AFCeO -ZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UE -CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgx -EzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q3rj7MA8GA1Ud -EwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQA4YDZz -lndR3P6ZWh20uA7CG5YTsOlsQiTb0iBsDBsu1N7Le/0PkX0YI1CHKVH8lxyKLzpc -iVkYVCTTW2z5XZkRLC1NH2vmWU7ouje1+LBEPeVHTaywoFVriaPkZYeRX3FRVebq -MNAToRGyBLHHYsxVLqzUh6GHSHpFvCvFxZAaopiTY2yXGKMYWHq6s4SP7bOav1ox -L04kQ3R6I93De3aLbKqtdtk5S3/lwiRldbUcKcrEo51t1p/NBTvFVNt2AVHcLmAI -dIGDG9Hodz6sZ0n2G0xeVmqTQBWG3MDBcH1iZu3/Mi22+A+kT3WSIjcEOjIW6Ly2 -FaQPF25ybkMaE9mH ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-1-ca.pem b/certs/test-pathlen/server-1-ca.pem deleted file mode 100644 index d1625ee40..000000000 --- a/certs/test-pathlen/server-1-ca.pem +++ /dev/null @@ -1,89 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 102 (0x66) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:1 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 38:60:36:73:96:77:51:dc:fe:99:5a:1d:b4:b8:0e:c2:1b:96: - 13:b0:e9:6c:42:24:db:d2:20:6c:0c:1b:2e:d4:de:cb:7b:fd: - 0f:91:7d:18:23:50:87:29:51:fc:97:1c:8a:2f:3a:5c:89:59: - 18:54:24:d3:5b:6c:f9:5d:99:11:2c:2d:4d:1f:6b:e6:59:4e: - e8:ba:37:b5:f8:b0:44:3d:e5:47:4d:ac:b0:a0:55:6b:89:a3: - e4:65:87:91:5f:71:51:55:e6:ea:30:d0:13:a1:11:b2:04:b1: - c7:62:cc:55:2e:ac:d4:87:a1:87:48:7a:45:bc:2b:c5:c5:90: - 1a:a2:98:93:63:6c:97:18:a3:18:58:7a:ba:b3:84:8f:ed:b3: - 9a:bf:5a:31:2f:4e:24:43:74:7a:23:dd:c3:7b:76:8b:6c:aa: - ad:76:d9:39:4b:7f:e5:c2:24:65:75:b5:1c:29:ca:c4:a3:9d: - 6d:d6:9f:cd:05:3b:c5:54:db:76:01:51:dc:2e:60:08:74:81: - 83:1b:d1:e8:77:3e:ac:67:49:f6:1b:4c:5e:56:6a:93:40:15: - 86:dc:c0:c1:70:7d:62:66:ed:ff:32:2d:b6:f8:0f:a4:4f:75: - 92:22:37:04:3a:32:16:e8:bc:b6:15:a4:0f:17:6e:72:6e:43: - 1a:13:d9:87 ------BEGIN CERTIFICATE----- -MIIEuDCCA6CgAwIBAgIBZjANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1NlcnZlciAxIENB -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2 -HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz -2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/D -GQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkD -iRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5 -YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IBDTCCAQkw -HQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSMEgcEwgb6AFCeO -ZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UE -CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgx -EzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q3rj7MA8GA1Ud -EwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQA4YDZz -lndR3P6ZWh20uA7CG5YTsOlsQiTb0iBsDBsu1N7Le/0PkX0YI1CHKVH8lxyKLzpc -iVkYVCTTW2z5XZkRLC1NH2vmWU7ouje1+LBEPeVHTaywoFVriaPkZYeRX3FRVebq -MNAToRGyBLHHYsxVLqzUh6GHSHpFvCvFxZAaopiTY2yXGKMYWHq6s4SP7bOav1ox -L04kQ3R6I93De3aLbKqtdtk5S3/lwiRldbUcKcrEo51t1p/NBTvFVNt2AVHcLmAI -dIGDG9Hodz6sZ0n2G0xeVmqTQBWG3MDBcH1iZu3/Mi22+A+kT3WSIjcEOjIW6Ly2 -FaQPF25ybkMaE9mH ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-1-cert.pem b/certs/test-pathlen/server-1-cert.pem deleted file mode 100644 index c091d8e59..000000000 --- a/certs/test-pathlen/server-1-cert.pem +++ /dev/null @@ -1,86 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 105 (0x69) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:66 - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 0a:13:4d:88:d8:79:0d:79:f7:44:0d:81:c8:5d:c4:ae:86:b5: - a3:ed:58:20:83:f4:6c:15:bc:1f:fc:fb:de:c5:88:1f:41:19: - 0b:a9:5f:21:39:87:33:0f:fe:e2:3c:e4:b3:94:9e:eb:0b:6f: - 40:c0:e2:c3:bd:2d:04:c4:ca:67:32:3d:44:89:60:de:b8:df: - 1d:07:4a:f6:50:94:2d:9e:57:f7:21:89:66:af:1c:fc:67:d0: - 14:59:46:12:bd:6e:cb:ea:cd:30:2d:f4:4c:9f:57:64:33:96: - 71:4b:71:cc:3a:da:40:46:03:88:4c:3e:b1:86:fd:48:af:61: - 42:f0:05:78:2a:f8:10:ec:11:f5:32:95:f6:83:d4:fc:d2:d3: - 0c:33:a6:22:62:2f:f1:4b:b6:ec:85:69:8c:19:16:9e:65:06: - 4d:71:2b:e1:36:25:a6:86:29:52:92:28:f9:5e:d3:b3:e4:fa: - 69:8f:d6:ee:39:6f:66:57:89:fa:9d:e5:05:d6:fe:53:0a:1d: - 18:aa:05:27:da:11:3d:a2:55:cb:31:f9:8d:78:07:56:db:a4: - 46:a2:07:e6:92:7b:8c:b9:65:7b:5c:05:29:aa:18:3e:a3:a2: - ff:4e:84:52:d7:06:72:eb:6c:ee:cc:93:88:77:85:2f:f0:99: - 65:32:58:b4 ------BEGIN CERTIFICATE----- -MIIEnDCCA4SgAwIBAgIBaTANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAxIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZUxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMREwDwYDVQQDDAhTZXJ2ZXIg -MTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W -9hyIvHyf+6hnf/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiV -c9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2v -wxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJ -A4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3D -OWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB8TCB7jAd -BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgcEGA1UdIwSBuTCBtoAUsxEy -yZKYhOLJ+NA7bgNCyh8OjjyhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDET -MBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w -HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFmMAkGA1UdEwQCMAAwDQYJ -KoZIhvcNAQEFBQADggEBAAoTTYjYeQ1590QNgchdxK6GtaPtWCCD9GwVvB/8+97F -iB9BGQupXyE5hzMP/uI85LOUnusLb0DA4sO9LQTEymcyPUSJYN643x0HSvZQlC2e -V/chiWavHPxn0BRZRhK9bsvqzTAt9EyfV2QzlnFLccw62kBGA4hMPrGG/UivYULw -BXgq+BDsEfUylfaD1PzS0wwzpiJiL/FLtuyFaYwZFp5lBk1xK+E2JaaGKVKSKPle -07Pk+mmP1u45b2ZXifqd5QXW/lMKHRiqBSfaET2iVcsx+Y14B1bbpEaiB+aSe4y5 -ZXtcBSmqGD6jov9OhFLXBnLrbO7Mk4h3hS/wmWUyWLQ= ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-1-chain.pem b/certs/test-pathlen/server-1-chain.pem deleted file mode 100644 index 80ab114c9..000000000 --- a/certs/test-pathlen/server-1-chain.pem +++ /dev/null @@ -1,175 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 105 (0x69) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:66 - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 0a:13:4d:88:d8:79:0d:79:f7:44:0d:81:c8:5d:c4:ae:86:b5: - a3:ed:58:20:83:f4:6c:15:bc:1f:fc:fb:de:c5:88:1f:41:19: - 0b:a9:5f:21:39:87:33:0f:fe:e2:3c:e4:b3:94:9e:eb:0b:6f: - 40:c0:e2:c3:bd:2d:04:c4:ca:67:32:3d:44:89:60:de:b8:df: - 1d:07:4a:f6:50:94:2d:9e:57:f7:21:89:66:af:1c:fc:67:d0: - 14:59:46:12:bd:6e:cb:ea:cd:30:2d:f4:4c:9f:57:64:33:96: - 71:4b:71:cc:3a:da:40:46:03:88:4c:3e:b1:86:fd:48:af:61: - 42:f0:05:78:2a:f8:10:ec:11:f5:32:95:f6:83:d4:fc:d2:d3: - 0c:33:a6:22:62:2f:f1:4b:b6:ec:85:69:8c:19:16:9e:65:06: - 4d:71:2b:e1:36:25:a6:86:29:52:92:28:f9:5e:d3:b3:e4:fa: - 69:8f:d6:ee:39:6f:66:57:89:fa:9d:e5:05:d6:fe:53:0a:1d: - 18:aa:05:27:da:11:3d:a2:55:cb:31:f9:8d:78:07:56:db:a4: - 46:a2:07:e6:92:7b:8c:b9:65:7b:5c:05:29:aa:18:3e:a3:a2: - ff:4e:84:52:d7:06:72:eb:6c:ee:cc:93:88:77:85:2f:f0:99: - 65:32:58:b4 ------BEGIN CERTIFICATE----- -MIIEnDCCA4SgAwIBAgIBaTANBgkqhkiG9w0BAQUFADCBmDELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1Nl -cnZlciAxIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTE4 -MDQxMzE1MjMxMFoXDTIxMDEwNzE1MjMxMFowgZUxCzAJBgNVBAYTAlVTMRMwEQYD -VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xm -U1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMREwDwYDVQQDDAhTZXJ2ZXIg -MTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W -9hyIvHyf+6hnf/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiV -c9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2v -wxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJ -A4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3D -OWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB8TCB7jAd -BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgcEGA1UdIwSBuTCBtoAUsxEy -yZKYhOLJ+NA7bgNCyh8OjjyhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDET -MBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w -HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFmMAkGA1UdEwQCMAAwDQYJ -KoZIhvcNAQEFBQADggEBAAoTTYjYeQ1590QNgchdxK6GtaPtWCCD9GwVvB/8+97F -iB9BGQupXyE5hzMP/uI85LOUnusLb0DA4sO9LQTEymcyPUSJYN643x0HSvZQlC2e -V/chiWavHPxn0BRZRhK9bsvqzTAt9EyfV2QzlnFLccw62kBGA4hMPrGG/UivYULw -BXgq+BDsEfUylfaD1PzS0wwzpiJiL/FLtuyFaYwZFp5lBk1xK+E2JaaGKVKSKPle -07Pk+mmP1u45b2ZXifqd5QXW/lMKHRiqBSfaET2iVcsx+Y14B1bbpEaiB+aSe4y5 -ZXtcBSmqGD6jov9OhFLXBnLrbO7Mk4h3hS/wmWUyWLQ= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 102 (0x66) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 1 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:1 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 38:60:36:73:96:77:51:dc:fe:99:5a:1d:b4:b8:0e:c2:1b:96: - 13:b0:e9:6c:42:24:db:d2:20:6c:0c:1b:2e:d4:de:cb:7b:fd: - 0f:91:7d:18:23:50:87:29:51:fc:97:1c:8a:2f:3a:5c:89:59: - 18:54:24:d3:5b:6c:f9:5d:99:11:2c:2d:4d:1f:6b:e6:59:4e: - e8:ba:37:b5:f8:b0:44:3d:e5:47:4d:ac:b0:a0:55:6b:89:a3: - e4:65:87:91:5f:71:51:55:e6:ea:30:d0:13:a1:11:b2:04:b1: - c7:62:cc:55:2e:ac:d4:87:a1:87:48:7a:45:bc:2b:c5:c5:90: - 1a:a2:98:93:63:6c:97:18:a3:18:58:7a:ba:b3:84:8f:ed:b3: - 9a:bf:5a:31:2f:4e:24:43:74:7a:23:dd:c3:7b:76:8b:6c:aa: - ad:76:d9:39:4b:7f:e5:c2:24:65:75:b5:1c:29:ca:c4:a3:9d: - 6d:d6:9f:cd:05:3b:c5:54:db:76:01:51:dc:2e:60:08:74:81: - 83:1b:d1:e8:77:3e:ac:67:49:f6:1b:4c:5e:56:6a:93:40:15: - 86:dc:c0:c1:70:7d:62:66:ed:ff:32:2d:b6:f8:0f:a4:4f:75: - 92:22:37:04:3a:32:16:e8:bc:b6:15:a4:0f:17:6e:72:6e:43: - 1a:13:d9:87 ------BEGIN CERTIFICATE----- -MIIEuDCCA6CgAwIBAgIBZjANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFDASBgNVBAMMC1NlcnZlciAxIENB -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2 -HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz -2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/D -GQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkD -iRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5 -YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABo4IBDTCCAQkw -HQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHJBgNVHSMEgcEwgb6AFCeO -ZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UE -CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgx -EzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf -MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q3rj7MA8GA1Ud -EwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQA4YDZz -lndR3P6ZWh20uA7CG5YTsOlsQiTb0iBsDBsu1N7Le/0PkX0YI1CHKVH8lxyKLzpc -iVkYVCTTW2z5XZkRLC1NH2vmWU7ouje1+LBEPeVHTaywoFVriaPkZYeRX3FRVebq -MNAToRGyBLHHYsxVLqzUh6GHSHpFvCvFxZAaopiTY2yXGKMYWHq6s4SP7bOav1ox -L04kQ3R6I93De3aLbKqtdtk5S3/lwiRldbUcKcrEo51t1p/NBTvFVNt2AVHcLmAI -dIGDG9Hodz6sZ0n2G0xeVmqTQBWG3MDBcH1iZu3/Mi22+A+kT3WSIjcEOjIW6Ly2 -FaQPF25ybkMaE9mH ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-127-ca.pem b/certs/test-pathlen/server-127-ca.pem deleted file mode 100644 index a2189c6f3..000000000 --- a/certs/test-pathlen/server-127-ca.pem +++ /dev/null @@ -1,89 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 106 (0x6a) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 127 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:127 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 44:50:b4:96:71:e5:9a:61:36:7b:c7:fa:05:88:39:e9:46:5b: - b0:b3:63:0d:5a:1b:c1:70:fd:d7:6a:9c:9d:0c:95:b7:ad:4f: - 9b:c2:34:24:90:d9:4b:bf:07:f7:18:d7:b8:13:3a:d5:01:8d: - e6:b6:15:ff:a4:94:36:4d:7b:b6:03:2f:12:ae:40:e1:ed:be: - 95:2d:2c:6c:22:9e:3e:87:12:7c:5c:bc:95:90:2a:cb:e3:e1: - 85:3e:60:4f:09:d6:44:83:15:7e:4f:c8:bb:b7:83:c9:13:17: - 9b:60:56:47:7c:cf:6d:83:5b:9e:9a:84:f5:fd:2b:aa:55:7c: - b7:fc:66:b5:49:66:77:e4:48:b6:3a:b2:d5:6f:a8:d8:25:a3: - a2:fa:4d:6f:ac:7a:b3:17:a9:5d:60:52:57:80:f3:5e:3b:2b: - c2:b5:85:af:f0:a2:c8:0b:ff:66:11:90:d9:25:12:e1:43:04: - c5:21:1f:b7:24:8a:c3:6d:a9:1d:32:de:72:5b:7e:fe:a2:aa: - 6f:54:e3:ca:25:fd:f2:86:41:4b:3c:eb:b6:0b:36:fe:93:14: - 5e:36:4e:79:22:15:45:64:a1:aa:78:d9:51:79:78:2f:72:f6: - 91:bd:f7:4b:d2:4a:24:ff:db:2d:4c:8f:ea:5d:b0:db:7a:cf: - b9:ad:43:f5 ------BEGIN CERTIFICATE----- -MIIEujCCA6KgAwIBAgIBajANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNlcnZlciAxMjcg -Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiVzi9O -1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5vLobY -lXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowYqQJt -r8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8I3PR -CQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0lyWoN -wzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjggENMIIB -CTAdBgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1jhDeuPswDwYD -VR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAERQ -tJZx5ZphNnvH+gWIOelGW7CzYw1aG8Fw/ddqnJ0MlbetT5vCNCSQ2Uu/B/cY17gT -OtUBjea2Ff+klDZNe7YDLxKuQOHtvpUtLGwinj6HEnxcvJWQKsvj4YU+YE8J1kSD -FX5PyLu3g8kTF5tgVkd8z22DW56ahPX9K6pVfLf8ZrVJZnfkSLY6stVvqNglo6L6 -TW+serMXqV1gUleA8147K8K1ha/wosgL/2YRkNklEuFDBMUhH7ckisNtqR0y3nJb -fv6iqm9U48ol/fKGQUs867YLNv6TFF42TnkiFUVkoap42VF5eC9y9pG990vSSiT/ -2y1Mj+pdsNt6z7mtQ/U= ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-127-cert.pem b/certs/test-pathlen/server-127-cert.pem deleted file mode 100644 index 1b9d50a26..000000000 --- a/certs/test-pathlen/server-127-cert.pem +++ /dev/null @@ -1,86 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 107 (0x6b) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 127 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 127/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:6A - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 19:04:0b:64:d4:fa:c8:d2:aa:93:57:28:ad:c4:e4:70:f9:25: - 6c:06:f3:21:34:a9:af:03:aa:1d:02:b2:e4:34:df:a1:74:88: - 7f:8b:88:64:8c:6d:19:a6:4a:ee:62:80:8a:4c:17:1b:85:57: - e4:f0:b7:8d:66:9c:de:b7:bd:ed:2a:82:5c:d1:1e:ba:29:9d: - 92:b5:df:cf:8e:48:12:0a:d3:16:5f:f3:e2:db:c0:d1:42:e4: - 6b:3c:99:d3:fb:fc:87:9d:b0:44:5c:b5:8d:d8:e1:6c:58:df: - 37:b4:62:53:f8:85:7a:89:a0:40:f7:9f:f6:57:7c:9b:12:8e: - b4:46:2e:04:10:fd:8b:4b:ae:e6:1d:b7:63:3f:49:a9:ff:8a: - f4:77:d6:90:c9:07:9b:d0:1e:b8:8b:ea:5a:49:a4:ae:50:3a: - 7f:9e:01:46:22:7f:23:46:d2:8e:75:46:99:6b:3b:8c:f8:25: - 3a:17:a2:6d:b6:a1:b8:ba:c4:a7:75:a3:6a:3c:5f:fa:0a:e0: - ab:08:ab:26:d0:78:55:57:67:d2:e8:6f:c9:89:c1:9c:6f:54: - 47:af:13:9c:3e:e1:ac:00:c9:63:95:22:b9:ec:54:31:ac:26: - 1e:ab:e3:a4:04:5c:6e:9d:7a:6b:c1:e7:22:a0:b5:aa:42:35: - 81:94:d0:45 ------BEGIN CERTIFICATE----- -MIIEoDCCA4igAwIBAgIBazANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAxMjcgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAxMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfEw -ge4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkwgbaA -FLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4G -A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9v -dGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv -bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBajAJBgNVHRMEAjAA -MA0GCSqGSIb3DQEBBQUAA4IBAQAZBAtk1PrI0qqTVyitxORw+SVsBvMhNKmvA6od -ArLkNN+hdIh/i4hkjG0ZpkruYoCKTBcbhVfk8LeNZpzet73tKoJc0R66KZ2Std/P -jkgSCtMWX/Pi28DRQuRrPJnT+/yHnbBEXLWN2OFsWN83tGJT+IV6iaBA95/2V3yb -Eo60Ri4EEP2LS67mHbdjP0mp/4r0d9aQyQeb0B64i+paSaSuUDp/ngFGIn8jRtKO -dUaZazuM+CU6F6JttqG4usSndaNqPF/6CuCrCKsm0HhVV2fS6G/JicGcb1RHrxOc -PuGsAMljlSK57FQxrCYeq+OkBFxunXprwecioLWqQjWBlNBF ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-127-chain.pem b/certs/test-pathlen/server-127-chain.pem deleted file mode 100644 index 922b92d27..000000000 --- a/certs/test-pathlen/server-127-chain.pem +++ /dev/null @@ -1,175 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 107 (0x6b) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 127 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 127/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:6A - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 19:04:0b:64:d4:fa:c8:d2:aa:93:57:28:ad:c4:e4:70:f9:25: - 6c:06:f3:21:34:a9:af:03:aa:1d:02:b2:e4:34:df:a1:74:88: - 7f:8b:88:64:8c:6d:19:a6:4a:ee:62:80:8a:4c:17:1b:85:57: - e4:f0:b7:8d:66:9c:de:b7:bd:ed:2a:82:5c:d1:1e:ba:29:9d: - 92:b5:df:cf:8e:48:12:0a:d3:16:5f:f3:e2:db:c0:d1:42:e4: - 6b:3c:99:d3:fb:fc:87:9d:b0:44:5c:b5:8d:d8:e1:6c:58:df: - 37:b4:62:53:f8:85:7a:89:a0:40:f7:9f:f6:57:7c:9b:12:8e: - b4:46:2e:04:10:fd:8b:4b:ae:e6:1d:b7:63:3f:49:a9:ff:8a: - f4:77:d6:90:c9:07:9b:d0:1e:b8:8b:ea:5a:49:a4:ae:50:3a: - 7f:9e:01:46:22:7f:23:46:d2:8e:75:46:99:6b:3b:8c:f8:25: - 3a:17:a2:6d:b6:a1:b8:ba:c4:a7:75:a3:6a:3c:5f:fa:0a:e0: - ab:08:ab:26:d0:78:55:57:67:d2:e8:6f:c9:89:c1:9c:6f:54: - 47:af:13:9c:3e:e1:ac:00:c9:63:95:22:b9:ec:54:31:ac:26: - 1e:ab:e3:a4:04:5c:6e:9d:7a:6b:c1:e7:22:a0:b5:aa:42:35: - 81:94:d0:45 ------BEGIN CERTIFICATE----- -MIIEoDCCA4igAwIBAgIBazANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAxMjcgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAxMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfEw -ge4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkwgbaA -FLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4G -A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9v -dGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv -bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBajAJBgNVHRMEAjAA -MA0GCSqGSIb3DQEBBQUAA4IBAQAZBAtk1PrI0qqTVyitxORw+SVsBvMhNKmvA6od -ArLkNN+hdIh/i4hkjG0ZpkruYoCKTBcbhVfk8LeNZpzet73tKoJc0R66KZ2Std/P -jkgSCtMWX/Pi28DRQuRrPJnT+/yHnbBEXLWN2OFsWN83tGJT+IV6iaBA95/2V3yb -Eo60Ri4EEP2LS67mHbdjP0mp/4r0d9aQyQeb0B64i+paSaSuUDp/ngFGIn8jRtKO -dUaZazuM+CU6F6JttqG4usSndaNqPF/6CuCrCKsm0HhVV2fS6G/JicGcb1RHrxOc -PuGsAMljlSK57FQxrCYeq+OkBFxunXprwecioLWqQjWBlNBF ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 106 (0x6a) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 127 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:127 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 44:50:b4:96:71:e5:9a:61:36:7b:c7:fa:05:88:39:e9:46:5b: - b0:b3:63:0d:5a:1b:c1:70:fd:d7:6a:9c:9d:0c:95:b7:ad:4f: - 9b:c2:34:24:90:d9:4b:bf:07:f7:18:d7:b8:13:3a:d5:01:8d: - e6:b6:15:ff:a4:94:36:4d:7b:b6:03:2f:12:ae:40:e1:ed:be: - 95:2d:2c:6c:22:9e:3e:87:12:7c:5c:bc:95:90:2a:cb:e3:e1: - 85:3e:60:4f:09:d6:44:83:15:7e:4f:c8:bb:b7:83:c9:13:17: - 9b:60:56:47:7c:cf:6d:83:5b:9e:9a:84:f5:fd:2b:aa:55:7c: - b7:fc:66:b5:49:66:77:e4:48:b6:3a:b2:d5:6f:a8:d8:25:a3: - a2:fa:4d:6f:ac:7a:b3:17:a9:5d:60:52:57:80:f3:5e:3b:2b: - c2:b5:85:af:f0:a2:c8:0b:ff:66:11:90:d9:25:12:e1:43:04: - c5:21:1f:b7:24:8a:c3:6d:a9:1d:32:de:72:5b:7e:fe:a2:aa: - 6f:54:e3:ca:25:fd:f2:86:41:4b:3c:eb:b6:0b:36:fe:93:14: - 5e:36:4e:79:22:15:45:64:a1:aa:78:d9:51:79:78:2f:72:f6: - 91:bd:f7:4b:d2:4a:24:ff:db:2d:4c:8f:ea:5d:b0:db:7a:cf: - b9:ad:43:f5 ------BEGIN CERTIFICATE----- -MIIEujCCA6KgAwIBAgIBajANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNlcnZlciAxMjcg -Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiVzi9O -1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5vLobY -lXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowYqQJt -r8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8I3PR -CQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0lyWoN -wzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjggENMIIB -CTAdBgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1jhDeuPswDwYD -VR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAERQ -tJZx5ZphNnvH+gWIOelGW7CzYw1aG8Fw/ddqnJ0MlbetT5vCNCSQ2Uu/B/cY17gT -OtUBjea2Ff+klDZNe7YDLxKuQOHtvpUtLGwinj6HEnxcvJWQKsvj4YU+YE8J1kSD -FX5PyLu3g8kTF5tgVkd8z22DW56ahPX9K6pVfLf8ZrVJZnfkSLY6stVvqNglo6L6 -TW+serMXqV1gUleA8147K8K1ha/wosgL/2YRkNklEuFDBMUhH7ckisNtqR0y3nJb -fv6iqm9U48ol/fKGQUs867YLNv6TFF42TnkiFUVkoap42VF5eC9y9pG990vSSiT/ -2y1Mj+pdsNt6z7mtQ/U= ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-128-ca.pem b/certs/test-pathlen/server-128-ca.pem deleted file mode 100644 index c46b3cbf2..000000000 --- a/certs/test-pathlen/server-128-ca.pem +++ /dev/null @@ -1,89 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 106 (0x6a) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 128 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:128 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 23:cf:7d:44:56:10:44:29:12:31:cc:c4:9b:b8:a8:dd:4e:c3: - 9f:2c:f5:7f:1b:d7:05:43:82:dd:c8:19:be:b9:54:d8:32:4d: - 88:2e:38:fb:be:ff:9d:fc:0a:99:8d:d3:67:08:22:a4:bb:62: - 5a:ec:49:3f:3a:38:cb:8e:f0:bd:42:d7:f7:16:43:31:00:df: - 10:53:c9:35:3f:bf:b9:4b:14:d0:f6:7f:d2:04:ef:69:c4:e6: - 53:d5:74:17:e1:f6:63:90:30:a2:90:9f:f1:13:1a:0e:bf:ec: - c0:e2:ae:41:40:20:41:55:84:69:e9:39:04:84:ab:f8:88:29: - 31:4c:15:19:12:ab:6f:f0:62:fe:83:a9:dc:52:52:7b:3a:14: - 86:8f:45:da:25:7d:c1:f3:21:84:84:bb:82:d6:ef:f9:4b:ec: - f4:21:87:ed:c1:53:77:8e:98:05:50:2c:d9:1f:42:30:dd:8b: - 85:57:3c:5a:fa:bd:06:55:11:95:3f:7f:fb:02:50:7d:88:57: - 0b:c8:a2:b3:fc:d0:fd:40:19:03:9a:8e:bb:d5:38:b0:d0:d6: - e3:e2:fa:45:91:2c:18:c7:9a:24:f0:78:ee:c2:0d:a0:53:4e: - c7:68:ad:80:6e:82:35:4b:1d:c7:15:b9:db:40:63:08:56:72: - 56:a2:55:7e ------BEGIN CERTIFICATE----- -MIIEuzCCA6OgAwIBAgIBajANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNlcnZlciAxMjgg -Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiVzi9O -1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5vLobY -lXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowYqQJt -r8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8I3PR -CQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0lyWoN -wzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjggEOMIIB -CjAdBgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1jhDeuPswEAYD -VR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAj -z31EVhBEKRIxzMSbuKjdTsOfLPV/G9cFQ4LdyBm+uVTYMk2ILjj7vv+d/AqZjdNn -CCKku2Ja7Ek/OjjLjvC9Qtf3FkMxAN8QU8k1P7+5SxTQ9n/SBO9pxOZT1XQX4fZj -kDCikJ/xExoOv+zA4q5BQCBBVYRp6TkEhKv4iCkxTBUZEqtv8GL+g6ncUlJ7OhSG -j0XaJX3B8yGEhLuC1u/5S+z0IYftwVN3jpgFUCzZH0Iw3YuFVzxa+r0GVRGVP3/7 -AlB9iFcLyKKz/ND9QBkDmo671Tiw0Nbj4vpFkSwYx5ok8Hjuwg2gU07HaK2AboI1 -Sx3HFbnbQGMIVnJWolV+ ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-128-cert.pem b/certs/test-pathlen/server-128-cert.pem deleted file mode 100644 index 6a4d6b140..000000000 --- a/certs/test-pathlen/server-128-cert.pem +++ /dev/null @@ -1,86 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 107 (0x6b) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 128 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 128/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:6A - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - a5:a7:5d:17:a3:a7:15:08:10:89:5a:47:84:ee:63:dc:c7:f5: - b0:ae:a4:99:c2:b1:02:bf:97:8a:cd:d1:ab:f5:87:b6:0b:98: - 30:e0:33:f1:40:db:2c:33:79:98:ab:87:43:b4:10:8a:4f:92: - cf:97:49:fc:e8:a6:7a:52:4b:6a:dc:b4:ed:e4:55:2f:3c:dc: - 56:b3:2c:a8:4c:fa:6a:55:ae:7e:f1:e5:d6:64:96:e6:67:3e: - 46:d0:b8:b2:eb:cb:98:a5:d1:7c:d8:cc:de:ba:39:4d:a5:b3: - 45:45:62:0e:05:be:60:54:6d:4d:e8:90:e3:ad:5e:86:52:43: - 12:60:5b:fa:07:33:10:fb:6d:a6:c0:8c:3d:8a:9a:8a:1c:3e: - 7a:34:bf:41:f0:d2:d5:5d:16:00:ce:52:51:2b:13:a2:ef:be: - 07:dd:09:91:54:a1:74:2d:53:d2:db:94:f9:a1:98:62:1f:06: - 0c:69:3b:34:2a:9a:00:3c:9b:2f:c1:46:80:c2:dd:c7:7e:95: - ea:f7:05:19:29:b0:82:02:b8:b6:f3:a1:bf:00:5e:23:77:6f: - d2:63:c2:29:df:67:47:5a:2c:69:ce:6c:88:28:43:34:da:6c: - d4:2d:ee:cd:ef:fb:1a:69:e5:d7:8e:f4:2b:de:b2:b0:7d:8c: - 5c:50:91:d9 ------BEGIN CERTIFICATE----- -MIIEoDCCA4igAwIBAgIBazANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAxMjggQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAxMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfEw -ge4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkwgbaA -FLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4G -A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9v -dGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv -bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBajAJBgNVHRMEAjAA -MA0GCSqGSIb3DQEBBQUAA4IBAQClp10Xo6cVCBCJWkeE7mPcx/WwrqSZwrECv5eK -zdGr9Ye2C5gw4DPxQNssM3mYq4dDtBCKT5LPl0n86KZ6Uktq3LTt5FUvPNxWsyyo -TPpqVa5+8eXWZJbmZz5G0Liy68uYpdF82MzeujlNpbNFRWIOBb5gVG1N6JDjrV6G -UkMSYFv6BzMQ+22mwIw9ipqKHD56NL9B8NLVXRYAzlJRKxOi774H3QmRVKF0LVPS -25T5oZhiHwYMaTs0KpoAPJsvwUaAwt3HfpXq9wUZKbCCAri286G/AF4jd2/SY8Ip -32dHWixpzmyIKEM02mzULe7N7/saaeXXjvQr3rKwfYxcUJHZ ------END CERTIFICATE----- diff --git a/certs/test-pathlen/server-128-chain.pem b/certs/test-pathlen/server-128-chain.pem deleted file mode 100644 index 341138e7a..000000000 --- a/certs/test-pathlen/server-128-chain.pem +++ /dev/null @@ -1,175 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 107 (0x6b) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 128 CA/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 128/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:6A - - X509v3 Basic Constraints: - CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - a5:a7:5d:17:a3:a7:15:08:10:89:5a:47:84:ee:63:dc:c7:f5: - b0:ae:a4:99:c2:b1:02:bf:97:8a:cd:d1:ab:f5:87:b6:0b:98: - 30:e0:33:f1:40:db:2c:33:79:98:ab:87:43:b4:10:8a:4f:92: - cf:97:49:fc:e8:a6:7a:52:4b:6a:dc:b4:ed:e4:55:2f:3c:dc: - 56:b3:2c:a8:4c:fa:6a:55:ae:7e:f1:e5:d6:64:96:e6:67:3e: - 46:d0:b8:b2:eb:cb:98:a5:d1:7c:d8:cc:de:ba:39:4d:a5:b3: - 45:45:62:0e:05:be:60:54:6d:4d:e8:90:e3:ad:5e:86:52:43: - 12:60:5b:fa:07:33:10:fb:6d:a6:c0:8c:3d:8a:9a:8a:1c:3e: - 7a:34:bf:41:f0:d2:d5:5d:16:00:ce:52:51:2b:13:a2:ef:be: - 07:dd:09:91:54:a1:74:2d:53:d2:db:94:f9:a1:98:62:1f:06: - 0c:69:3b:34:2a:9a:00:3c:9b:2f:c1:46:80:c2:dd:c7:7e:95: - ea:f7:05:19:29:b0:82:02:b8:b6:f3:a1:bf:00:5e:23:77:6f: - d2:63:c2:29:df:67:47:5a:2c:69:ce:6c:88:28:43:34:da:6c: - d4:2d:ee:cd:ef:fb:1a:69:e5:d7:8e:f4:2b:de:b2:b0:7d:8c: - 5c:50:91:d9 ------BEGIN CERTIFICATE----- -MIIEoDCCA4igAwIBAgIBazANBgkqhkiG9w0BAQUFADCBmjELMAkGA1UEBhMCVVMx -EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM -DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNl -cnZlciAxMjggQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcN -MTgwNDEzMTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBlzELMAkGA1UEBhMCVVMxEzAR -BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdv -bGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEzARBgNVBAMMClNlcnZl -ciAxMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiV -zi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5v -LobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowY -qQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8 -I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0l -yWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgfEw -ge4wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHBBgNVHSMEgbkwgbaA -FLMRMsmSmITiyfjQO24DQsofDo48oYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4G -A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9v -dGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv -bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBajAJBgNVHRMEAjAA -MA0GCSqGSIb3DQEBBQUAA4IBAQClp10Xo6cVCBCJWkeE7mPcx/WwrqSZwrECv5eK -zdGr9Ye2C5gw4DPxQNssM3mYq4dDtBCKT5LPl0n86KZ6Uktq3LTt5FUvPNxWsyyo -TPpqVa5+8eXWZJbmZz5G0Liy68uYpdF82MzeujlNpbNFRWIOBb5gVG1N6JDjrV6G -UkMSYFv6BzMQ+22mwIw9ipqKHD56NL9B8NLVXRYAzlJRKxOi774H3QmRVKF0LVPS -25T5oZhiHwYMaTs0KpoAPJsvwUaAwt3HfpXq9wUZKbCCAri286G/AF4jd2/SY8Ip -32dHWixpzmyIKEM02mzULe7N7/saaeXXjvQr3rKwfYxcUJHZ ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 106 (0x6a) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Apr 13 15:23:10 2018 GMT - Not After : Jan 7 15:23:10 2021 GMT - Subject: C=US, ST=Washington, L=Seattle, O=wolfSSL Inc., OU=Engineering, CN=Server 128 CA/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:86:FF:F5:8E:10:DE:B8:FB - - X509v3 Basic Constraints: - CA:TRUE, pathlen:128 - X509v3 Key Usage: - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 23:cf:7d:44:56:10:44:29:12:31:cc:c4:9b:b8:a8:dd:4e:c3: - 9f:2c:f5:7f:1b:d7:05:43:82:dd:c8:19:be:b9:54:d8:32:4d: - 88:2e:38:fb:be:ff:9d:fc:0a:99:8d:d3:67:08:22:a4:bb:62: - 5a:ec:49:3f:3a:38:cb:8e:f0:bd:42:d7:f7:16:43:31:00:df: - 10:53:c9:35:3f:bf:b9:4b:14:d0:f6:7f:d2:04:ef:69:c4:e6: - 53:d5:74:17:e1:f6:63:90:30:a2:90:9f:f1:13:1a:0e:bf:ec: - c0:e2:ae:41:40:20:41:55:84:69:e9:39:04:84:ab:f8:88:29: - 31:4c:15:19:12:ab:6f:f0:62:fe:83:a9:dc:52:52:7b:3a:14: - 86:8f:45:da:25:7d:c1:f3:21:84:84:bb:82:d6:ef:f9:4b:ec: - f4:21:87:ed:c1:53:77:8e:98:05:50:2c:d9:1f:42:30:dd:8b: - 85:57:3c:5a:fa:bd:06:55:11:95:3f:7f:fb:02:50:7d:88:57: - 0b:c8:a2:b3:fc:d0:fd:40:19:03:9a:8e:bb:d5:38:b0:d0:d6: - e3:e2:fa:45:91:2c:18:c7:9a:24:f0:78:ee:c2:0d:a0:53:4e: - c7:68:ad:80:6e:82:35:4b:1d:c7:15:b9:db:40:63:08:56:72: - 56:a2:55:7e ------BEGIN CERTIFICATE----- -MIIEuzCCA6OgAwIBAgIBajANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTgwNDEz -MTUyMzEwWhcNMjEwMTA3MTUyMzEwWjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgM -Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg -SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNVBAMMDVNlcnZlciAxMjgg -Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu8rwkMLiVzi9O -1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2SoF/zKXXu64CHlci5vLobY -lXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCgY8X2fwtZaHhzpowYqQJt -r8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1/WZRDL1Us+FtXxy8I3PR -CQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAyI5Whd7oT0pdz4l0lyWoN -wzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjggEOMIIB -CjAdBgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1jhDeuPswEAYD -VR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAj -z31EVhBEKRIxzMSbuKjdTsOfLPV/G9cFQ4LdyBm+uVTYMk2ILjj7vv+d/AqZjdNn -CCKku2Ja7Ek/OjjLjvC9Qtf3FkMxAN8QU8k1P7+5SxTQ9n/SBO9pxOZT1XQX4fZj -kDCikJ/xExoOv+zA4q5BQCBBVYRp6TkEhKv4iCkxTBUZEqtv8GL+g6ncUlJ7OhSG -j0XaJX3B8yGEhLuC1u/5S+z0IYftwVN3jpgFUCzZH0Iw3YuFVzxa+r0GVRGVP3/7 -AlB9iFcLyKKz/ND9QBkDmo671Tiw0Nbj4vpFkSwYx5ok8Hjuwg2gU07HaK2AboI1 -Sx3HFbnbQGMIVnJWolV+ ------END CERTIFICATE----- diff --git a/src/ssl.c b/src/ssl.c index ef15e72dc..c488c4dc3 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4526,6 +4526,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) signer->name = cert->subjectCN; } signer->pathLength = cert->pathLength; + signer->maxPathLen = cert->maxPathLen; signer->pathLengthSet = cert->pathLengthSet; signer->selfSigned = cert->selfSigned; #ifndef IGNORE_NAME_CONSTRAINTS diff --git a/tests/api.c b/tests/api.c index 0782296dd..01560b717 100644 --- a/tests/api.c +++ b/tests/api.c @@ -2436,7 +2436,7 @@ done: return 0; #endif } -#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */ +#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */ typedef int (*cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl); @@ -25895,7 +25895,7 @@ static void test_EVP_PKEY_cmp(void) AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); - /* Test success case ECC */ + /* Test success case ECC */ AssertIntEQ(EVP_PKEY_cmp(a, b), 0); EVP_PKEY_free(b); @@ -27951,6 +27951,161 @@ static void test_SetTmpEC_DHE_Sz(void) #endif } +static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) +{ + int ret; + + if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != SSL_SUCCESS) { + printf("loading cert %s failed\n", certA); + printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); + return -1; + } + + return 0; +} + +static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) +{ + int ret; + if ((ret = wolfSSL_CertManagerVerify(cm, certA, WOLFSSL_FILETYPE_PEM)) + != SSL_SUCCESS) { + printf("could not verify the cert: %s\n", certA); + printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); + return -1; + } else { + printf("successfully verified: %s\n", certA); + } + + return 0; +} +#define LOAD_ONE_CA(a, b, c, d) \ + do { \ + a = load_ca_into_cm(c, d); \ + if (a != 0) \ + return b; \ + else \ + b--; \ + } while(0) + +#define VERIFY_ONE_CERT(a, b, c, d) \ + do { \ + a = verify_cert_with_cm(c, d); \ + if (a != 0) \ + return b; \ + else \ + b--; \ + } while(0) + +static int test_chainH(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) + * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) + * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) + * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainHArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainH-ICA4-pathlen2.pem", + "certs/test-pathlen/chainH-ICA3-pathlen2.pem", + "certs/test-pathlen/chainH-ICA2-pathlen2.pem", + "certs/test-pathlen/chainH-ICA1-pathlen0.pem", + "certs/test-pathlen/chainH-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ + + return ret; +} + +static int test_chainG(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain G is a valid chain per RFC 5280 section 4.2.1.9 */ + char chainGArr[9][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainG-ICA7-pathlen100.pem", + "certs/test-pathlen/chainG-ICA6-pathlen10.pem", + "certs/test-pathlen/chainG-ICA5-pathlen20.pem", + "certs/test-pathlen/chainG-ICA4-pathlen5.pem", + "certs/test-pathlen/chainG-ICA3-pathlen99.pem", + "certs/test-pathlen/chainG-ICA2-pathlen1.pem", + "certs/test-pathlen/chainG-ICA1-pathlen0.pem", + "certs/test-pathlen/chainG-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainGArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[4]); /* if failure, i = -5 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[5]); /* if failure, i = -6 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[6]); /* if failure, i = -7 here */ + LOAD_ONE_CA(ret, i, cm, chainGArr[7]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[1]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[2]); /* if failure, i = -10 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[3]); /* if failure, i = -11 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[4]); /* if failure, i = -12 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[5]); /* if failure, i = -13 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[6]); /* if failure, i = -14 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[7]); /* if failure, i = -15 here */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -16 here */ + +/* test validating the entity twice, should have no effect on pathLen since + * entity/leaf cert */ + VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -17 here */ + + return ret; +} + +static int test_various_pathlen_chains(void) +{ + int ret; + WOLFSSL_CERT_MANAGER* cm; + + wolfSSL_Init(); + + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + + AssertIntEQ(test_chainG(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } +printf("KH: -----------------------------------------------\n"); + AssertIntLT(test_chainH(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } +printf("KH: -----------------------------------------------\n"); +// test_chainG_and_chainH(cm); + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + + return ret; + +} + /*----------------------------------------------------------------------------* | Main *----------------------------------------------------------------------------*/ @@ -28436,6 +28591,8 @@ void ApiTest(void) AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS); + AssertIntEQ(test_various_pathlen_chains(), WOLFSSL_SUCCESS); + /* If at some point a stub get implemented this test should fail indicating * a need to implement a new test case */ diff --git a/tests/test-chains.conf b/tests/test-chains.conf index 14859f4f2..e37f823c5 100644 --- a/tests/test-chains.conf +++ b/tests/test-chains.conf @@ -50,6 +50,116 @@ -c ./certs/intermediate/client-chain-ecc.pem -C +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainA-entity-key.pem +-c ./certs/test-pathlen/chainA-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainB-entity-key.pem +-c ./certs/test-pathlen/chainB-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainC-entity-key.pem +-c ./certs/test-pathlen/chainC-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainD-entity-key.pem +-c ./certs/test-pathlen/chainD-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainE-entity-key.pem +-c ./certs/test-pathlen/chainE-assembled.pem +-H exitWithRet +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-H exitWithRet +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainF-entity-key.pem +-c ./certs/test-pathlen/chainF-assembled.pem +-H exitWithRet +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-H exitWithRet +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainG-entity-key.pem +-c ./certs/test-pathlen/chainG-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainH-entity-key.pem +-c ./certs/test-pathlen/chainH-assembled.pem +-H exitWithRet +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-A ./certs/ca-cert.pem +-H exitWithRet +-C + # server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Chain -v 4 -l TLS13-AES128-GCM-SHA256 diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 169f9e064..54555f9d6 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -7230,7 +7230,6 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert) ret = GetInteger7Bit(input, &idx, sz); if (ret < 0) return ret; - cert->pathLength = (byte)ret; cert->pathLengthSet = 1; @@ -8488,6 +8487,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) int ret = 0; int badDate = 0; int criticalExt = 0; + int checkPathLen = 0; + int reduceMaxPathByOne = 0; word32 confirmOID; #if defined(WOLFSSL_RENESAS_TSIP) int idx = 0; @@ -8550,7 +8551,98 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) } #endif /* !NO_SKID */ - if (verify != NO_VERIFY && type != CA_TYPE && type != TRUSTED_PEER_TYPE) { + if (!cert->ca && type == CA_TYPE && !cert->pathLengthSet) { + cert->pathLength = cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; + cert->pathLengthSet = 1; + } else if (cert->pathLengthSet) { + cert->maxPathLen = cert->pathLength; + + cert->ca = NULL; + #ifndef NO_SKID + if (cert->extAuthKeyIdSet) + cert->ca = GetCA(cm, cert->extAuthKeyId); + if (cert->ca == NULL && cert->extSubjKeyIdSet \ + && verify != VERIFY_OCSP) { + cert->ca = GetCA(cm, cert->extSubjKeyId); + } + if (cert->ca == NULL) + cert->ca = GetCAByName(cm, cert->issuerHash); + + /* OCSP Only: alt lookup using subject and pub key w/o sig check */ + #ifdef WOLFSSL_NO_TRUSTED_CERTS_VERIFY + if (cert->ca == NULL && verify == VERIFY_OCSP) { + cert->ca = GetCABySubjectAndPubKey(cert, cm); + if (cert->ca) { + ret = 0; /* success */ + goto exit_pcr; + } + } + #endif /* WOLFSSL_NO_TRUSTED_CERTS_VERIFY */ + #else + cert->ca = GetCA(cm, cert->issuerHash); + #endif /* !NO_SKID */ + + /* RFC 5280 Section 4.2.1.9: + * + * load/receive check + * + * 1) Is CA boolean set? + * No - SKIP CHECK + * Yes - Check key usage + * 2) Is Key usage extension present? + * No - goto 3 + * Yes - check keyCertSign assertion + * 2.a) Is keyCertSign asserted? + * No - goto 4 + * Yes - goto 3 + * 3) Is pathLen set? + * No - goto 4 + * Yes - check pathLen against maxPathLen. + * 3.a) Is pathLen less than maxPathLen? + * No - goto 4 + * Yes - set maxPathLen to pathLen and EXIT + * 4) Is maxPathLen > 0? + * Yes - Reduce by 1 + * No - ERROR + */ + + if (cert->ca) { + if (cert->isCA) { + WOLFSSL_MSG("\tCA boolean set"); + if (cert->extKeyUsageSet) { + WOLFSSL_MSG("\tExtension Key Usage Set"); + if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { + checkPathLen = 1; + } else { + reduceMaxPathByOne = 1; + } + } else { + checkPathLen = 1; + } /* !cert->ca check */ + } /* cert is not a CA (assuming entity cert) */ + + if (checkPathLen && cert->pathLengthSet) { + if (cert->pathLength < cert->ca->maxPathLen) { + WOLFSSL_MSG("\tmaxPathLen status: set to pathLength"); + cert->maxPathLen = cert->pathLength; + } else { + reduceMaxPathByOne = 1; + } + } + + if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + WOLFSSL_MSG("\tmaxPathLen status: reduce by 1"); + cert->maxPathLen = cert->ca->maxPathLen - 1; + } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + /* Will be handled as ERROR in "verify check" below */ + cert->maxPathLen = 0; + } + } + } + + if (verify != NO_VERIFY && type != CA_TYPE && + type != TRUSTED_PEER_TYPE) { + cert->ca = NULL; #ifndef NO_SKID if (cert->extAuthKeyIdSet) @@ -8577,51 +8669,47 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) #endif /* !NO_SKID */ WOLFSSL_MSG("About to verify certificate signature"); + /* RFC 5280 Section 4.2.1.9: + * See notes above from "load/receive check" + * + * verify check + */ if (cert->ca) { - /* Check if cert is CA type and signer has path length set */ - if (cert->isCA && cert->ca->pathLengthSet) { - #if defined(WOLFSSL_WPAS) && !defined(WOLFSSL_NO_ASN_STRICT) - /* WPA Supplicant - has test case that expects self-signed - root CA to have path length == 0 */ - if (cert->selfSigned) { - if (cert->ca->pathLength != 0) { - WOLFSSL_MSG("Root CA with path length > 0"); - return ASN_PATHLEN_INV_E; - } - } - #endif - /* Check if signer is root CA (self-signed) */ - if (cert->ca->selfSigned) { - /* Root CA as signer: - * Must have path length > 0 to sign another CA - * If path length == 0 can only sign an end entity - * certificate, not intermediate CA - */ - if (cert->ca->pathLength == 0) { - WOLFSSL_MSG("Root CA with path length == 0"); - return ASN_PATHLEN_INV_E; - } - } - else { - /* Intermediate CA signing Intermediate CA */ - /* Check path lengths are valid between two CA's */ - if (cert->ca->pathLength == 0) { - WOLFSSL_MSG("CA with path length 0 signing a CA"); - return ASN_PATHLEN_INV_E; - } - else if (cert->pathLength >= cert->ca->pathLength) { - WOLFSSL_MSG("CA signing CA with longer path length"); - return ASN_PATHLEN_INV_E; - } + + if (cert->isCA) { + if (cert->extKeyUsageSet) { + if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { + checkPathLen = 1; + } else { + reduceMaxPathByOne = 1; + } + } else { + checkPathLen = 1; + } /* !cert->ca check */ + } /* cert is not a CA (assuming entity cert) */ + + if (checkPathLen && cert->pathLengthSet) { + if (cert->pathLength < cert->ca->maxPathLen) { + WOLFSSL_MSG("\tmaxPathLen status: OK"); + } else { + reduceMaxPathByOne = 1; } } - #ifdef HAVE_OCSP - /* Need the CA's public key hash for OCSP */ - XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash, - KEYID_SIZE); - #endif /* HAVE_OCSP */ + if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + WOLFSSL_MSG("\tmaxPathLen status: OK"); + } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); + WOLFSSL_MSG("\tmaxPathLen status: ERROR"); + return ASN_PATHLEN_INV_E; + } + + #ifdef HAVE_OCSP + /* Need the CA's public key hash for OCSP */ + XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash, + KEYID_SIZE); + #endif /* HAVE_OCSP */ } } } diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index bff6e694e..7287a6f72 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -721,6 +721,20 @@ struct CertSignCtx { int state; /* enum CertSignState */ }; +#ifndef WOLFSSL_MAX_PATH_LEN + /* RFC 5280 Section 6.1.2. "Initialization" - item (k) defines + * (k) max_path_length: this integer is initialized to "n", is + * decremented for each non-self-issued certificate in the path, + * and may be reduced to the value in the path length constraint + * field within the basic constraints extension of a CA + * certificate. + * + * wolfSSL has arbitrarily selected the value 127 for "n" in the above + * description. Users can modify the maximum path length by setting + * WOLFSSL_MAX_PATH_LEN to a preferred value at build time + */ + #define WOLFSSL_MAX_PATH_LEN 127 +#endif typedef struct DecodedCert DecodedCert; typedef struct DecodedName DecodedName; @@ -777,6 +791,9 @@ struct DecodedCert { byte extSubjKeyId[KEYID_SIZE]; /* Subject Key ID */ byte extAuthKeyId[KEYID_SIZE]; /* Authority Key ID */ byte pathLength; /* CA basic constraint path length */ + byte maxPathLen; /* max_path_len see RFC 5280 section + * 6.1.2 "Initialization" - (k) for + * description of max_path_len */ word16 extKeyUsage; /* Key usage bitfield */ byte extExtKeyUsage; /* Extended Key usage bitfield */ @@ -918,6 +935,7 @@ struct Signer { word32 pubKeySize; word32 keyOID; /* key type */ word16 keyUsage; + byte maxPathLen; byte pathLength; byte pathLengthSet : 1; byte selfSigned : 1; From 306b280ccdfcdba28b1df36cf5e0754ec04e860a Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Thu, 10 Oct 2019 16:59:50 -0600 Subject: [PATCH 2/3] Add test cases and implement peer suggestions Fix failing jenkins test cases Add detection for file size with static memory Account for cert without pathLen constraint set including test cases Resolve OCSP case and test where cert->pathLen expected to be NULL --- certs/renewcerts/wolfssl.cnf | 7 + certs/test-pathlen/assemble-chains.sh | 64 ++- certs/test-pathlen/chainA-ICA1-pathlen0.pem | 58 +-- certs/test-pathlen/chainA-assembled.pem | 112 ++--- certs/test-pathlen/chainA-entity.pem | 54 +-- certs/test-pathlen/chainB-ICA1-pathlen0.pem | 54 +-- certs/test-pathlen/chainB-ICA2-pathlen1.pem | 58 +-- certs/test-pathlen/chainB-assembled.pem | 168 +++---- certs/test-pathlen/chainB-entity.pem | 56 +-- certs/test-pathlen/chainC-ICA1-pathlen1.pem | 58 +-- certs/test-pathlen/chainC-assembled.pem | 112 ++--- certs/test-pathlen/chainC-entity.pem | 54 +-- certs/test-pathlen/chainD-ICA1-pathlen127.pem | 58 +-- certs/test-pathlen/chainD-assembled.pem | 112 ++--- certs/test-pathlen/chainD-entity.pem | 54 +-- certs/test-pathlen/chainE-ICA1-pathlen128.pem | 56 +-- certs/test-pathlen/chainE-assembled.pem | 110 ++--- certs/test-pathlen/chainE-entity.pem | 54 +-- certs/test-pathlen/chainF-ICA1-pathlen1.pem | 54 +-- certs/test-pathlen/chainF-ICA2-pathlen0.pem | 58 +-- certs/test-pathlen/chainF-assembled.pem | 168 +++---- certs/test-pathlen/chainF-entity.pem | 56 +-- certs/test-pathlen/chainG-ICA1-pathlen0.pem | 54 +-- certs/test-pathlen/chainG-ICA2-pathlen1.pem | 54 +-- certs/test-pathlen/chainG-ICA3-pathlen99.pem | 54 +-- certs/test-pathlen/chainG-ICA4-pathlen5.pem | 54 +-- certs/test-pathlen/chainG-ICA5-pathlen20.pem | 54 +-- certs/test-pathlen/chainG-ICA6-pathlen10.pem | 54 +-- certs/test-pathlen/chainG-ICA7-pathlen100.pem | 58 +-- certs/test-pathlen/chainG-assembled.pem | 438 ++++++++--------- certs/test-pathlen/chainG-entity.pem | 56 +-- certs/test-pathlen/chainH-ICA1-pathlen0.pem | 54 +-- certs/test-pathlen/chainH-ICA2-pathlen2.pem | 54 +-- certs/test-pathlen/chainH-ICA3-pathlen2.pem | 54 +-- certs/test-pathlen/chainH-ICA4-pathlen2.pem | 58 +-- certs/test-pathlen/chainH-assembled.pem | 276 +++++------ certs/test-pathlen/chainH-entity.pem | 56 +-- certs/test-pathlen/chainI-ICA1-key.pem | 27 ++ certs/test-pathlen/chainI-ICA1-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainI-ICA2-key.pem | 27 ++ certs/test-pathlen/chainI-ICA2-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainI-ICA3-key.pem | 27 ++ certs/test-pathlen/chainI-ICA3-pathlen2.pem | 89 ++++ certs/test-pathlen/chainI-assembled.pem | 354 ++++++++++++++ certs/test-pathlen/chainI-entity-key.pem | 27 ++ certs/test-pathlen/chainI-entity.pem | 87 ++++ certs/test-pathlen/chainJ-ICA1-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA1-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainJ-ICA2-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA2-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainJ-ICA3-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA3-no_pathlen.pem | 89 ++++ certs/test-pathlen/chainJ-ICA4-key.pem | 27 ++ certs/test-pathlen/chainJ-ICA4-pathlen2.pem | 89 ++++ certs/test-pathlen/chainJ-assembled.pem | 443 ++++++++++++++++++ certs/test-pathlen/chainJ-entity-key.pem | 27 ++ certs/test-pathlen/chainJ-entity.pem | 87 ++++ certs/test-pathlen/refreshkeys.sh | 4 + tests/api.c | 178 +++++-- tests/suites.c | 22 + tests/test-chains.conf | 34 +- tests/test.conf | 16 +- wolfcrypt/src/asn.c | 56 ++- wolfssl/wolfcrypt/memory.h | 24 +- 64 files changed, 3647 insertions(+), 1587 deletions(-) create mode 100644 certs/test-pathlen/chainI-ICA1-key.pem create mode 100644 certs/test-pathlen/chainI-ICA1-no_pathlen.pem create mode 100644 certs/test-pathlen/chainI-ICA2-key.pem create mode 100644 certs/test-pathlen/chainI-ICA2-no_pathlen.pem create mode 100644 certs/test-pathlen/chainI-ICA3-key.pem create mode 100644 certs/test-pathlen/chainI-ICA3-pathlen2.pem create mode 100644 certs/test-pathlen/chainI-assembled.pem create mode 100644 certs/test-pathlen/chainI-entity-key.pem create mode 100644 certs/test-pathlen/chainI-entity.pem create mode 100644 certs/test-pathlen/chainJ-ICA1-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA1-no_pathlen.pem create mode 100644 certs/test-pathlen/chainJ-ICA2-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA2-no_pathlen.pem create mode 100644 certs/test-pathlen/chainJ-ICA3-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA3-no_pathlen.pem create mode 100644 certs/test-pathlen/chainJ-ICA4-key.pem create mode 100644 certs/test-pathlen/chainJ-ICA4-pathlen2.pem create mode 100644 certs/test-pathlen/chainJ-assembled.pem create mode 100644 certs/test-pathlen/chainJ-entity-key.pem create mode 100644 certs/test-pathlen/chainJ-entity.pem diff --git a/certs/renewcerts/wolfssl.cnf b/certs/renewcerts/wolfssl.cnf index 1ad47d9c9..da9752c5b 100644 --- a/certs/renewcerts/wolfssl.cnf +++ b/certs/renewcerts/wolfssl.cnf @@ -125,6 +125,13 @@ subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints=CA:true +#wolfssl extensions for intermediate CAs +[wolfssl_opts_ICA] +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid:always,issuer:always +basicConstraints=CA:true +keyUsage=keyCertSign, cRLSign + # CA with pathlen 0 [ pathlen_0 ] subjectKeyIdentifier=hash diff --git a/certs/test-pathlen/assemble-chains.sh b/certs/test-pathlen/assemble-chains.sh index 41bf2b287..8f8a067da 100755 --- a/certs/test-pathlen/assemble-chains.sh +++ b/certs/test-pathlen/assemble-chains.sh @@ -24,20 +24,37 @@ create_an_intermediate(){ pathLen="$3" signer="$4" signerKey="$5" -echo "pathLen = $3, $pathLen" - echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + echo "pathLen = $3, $pathLen" echo "" #pipe the following arguments to openssl req... - echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem - check_result $? "Step 1" - openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha1 > "$chainID-$icaNum-pathlen$pathLen.pem" - check_result $? "Step 2" + if [ "$pathLen" = "no_pathlen" ]; then + echo "Updating $chainID-$icaNum-$pathLen.pem" - rm temp-req.pem - openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem - check_result $? "Step 3" - mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem + check_result $? "Step 1" + + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions wolfssl_opts_ICA -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha256 > "$chainID-$icaNum-$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-$pathLen.pem" + else + echo "Updating $chainID-$icaNum-pathlen$pathLen.pem" + + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-$icaNum-pathlen$pathLen\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-$icaNum-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem + check_result $? "Step 1" + + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions "pathlen_$pathLen" -days 1000 -CA $signer -CAkey $signerKey -set_serial 100 -sha256 > "$chainID-$icaNum-pathlen$pathLen.pem" + check_result $? "Step 2" + + rm temp-req.pem + openssl x509 -in "$chainID-$icaNum-pathlen$pathLen.pem" -text > ca_tmp.pem + check_result $? "Step 3" + mv ca_tmp.pem "$chainID-$icaNum-pathlen$pathLen.pem" + fi echo "End of Section" echo "-------------------------------------------------------------------------" } @@ -58,10 +75,10 @@ create_an_entity(){ echo "Updating $chainID-entity.pem" echo "" #pipe the following arguments to openssl req... - echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha1 > temp-req.pem + echo -e "US\\nWashington\\nSeattle\\nwolfSSL Inc.\\nEngineering\\n$chainID-entity\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key "$chainID-entity-key.pem" -config ../renewcerts/wolfssl.cnf -nodes -sha256 > temp-req.pem check_result $? "Step 1" - openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha1 > "$chainID"-entity.pem + openssl x509 -req -in temp-req.pem -extfile ../renewcerts/wolfssl.cnf -extensions test_pathlen -days 1000 -CA "$signer" -CAkey "$signerKey" -set_serial 101 -sha256 > "$chainID"-entity.pem check_result $? "Step 2" rm temp-req.pem @@ -112,6 +129,18 @@ create_an_intermediate "chainH" "ICA2" "2" "chainH-ICA3-pathlen2.pem" "chainH-IC create_an_intermediate "chainH" "ICA1" "0" "chainH-ICA2-pathlen2.pem" "chainH-ICA2-key.pem" create_an_entity "chainH" "chainH-ICA1-pathlen0.pem" "chainH-ICA1-key.pem" +# Success, PathLen of 2 followed by 2 Intermediates with no pathLen set +create_an_intermediate "chainI" "ICA3" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainI" "ICA2" "no_pathlen" "chainI-ICA3-pathlen2.pem" "chainI-ICA3-key.pem" +create_an_intermediate "chainI" "ICA1" "no_pathlen" "chainI-ICA2-no_pathlen.pem" "chainI-ICA2-key.pem" +create_an_entity "chainI" "chainI-ICA1-no_pathlen.pem" "chainI-ICA1-key.pem" + +# Fail: PathLen of 2 followed by 3 Intermediates with no pathLen set +create_an_intermediate "chainJ" "ICA4" "2" "../ca-cert.pem" "../ca-key.pem" +create_an_intermediate "chainJ" "ICA3" "no_pathlen" "chainJ-ICA4-pathlen2.pem" "chainJ-ICA4-key.pem" +create_an_intermediate "chainJ" "ICA2" "no_pathlen" "chainJ-ICA3-no_pathlen.pem" "chainJ-ICA3-key.pem" +create_an_intermediate "chainJ" "ICA1" "no_pathlen" "chainJ-ICA2-no_pathlen.pem" "chainJ-ICA2-key.pem" +create_an_entity "chainJ" "chainJ-ICA1-no_pathlen.pem" "chainJ-ICA1-key.pem" ########################################################### ########## Assemble Chains ################ @@ -157,3 +186,14 @@ cat chainG-ICA6-pathlen10.pem chainG-ICA7-pathlen100.pem >> chainG-assembled.pem cat chainH-entity.pem chainH-ICA1-pathlen0.pem > chainH-assembled.pem cat chainH-ICA2-pathlen2.pem chainH-ICA3-pathlen2.pem >> chainH-assembled.pem cat chainH-ICA4-pathlen2.pem >> chainH-assembled.pem + +# Fail: +cat chainI-entity.pem chainI-ICA1-no_pathlen.pem > chainI-assembled.pem +cat chainI-ICA2-no_pathlen.pem chainI-ICA3-pathlen2.pem >> chainI-assembled.pem + +# Fail: PathLen of 2, signing PathLen of 2, signing Pathlen of 2, signing PathLen 0 +# max_path_len = 2, max_path_len -= 1 (1), max_path_len -= 1 (0), max-path_len 0, non-entity cert. +cat chainJ-entity.pem chainJ-ICA1-no_pathlen.pem > chainJ-assembled.pem +cat chainJ-ICA2-no_pathlen.pem chainJ-ICA3-no_pathlen.pem >> chainJ-assembled.pem +cat chainJ-ICA4-pathlen2.pem >> chainJ-assembled.pem + diff --git a/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/certs/test-pathlen/chainA-ICA1-pathlen0.pem index 183b27324..f4e62b953 100644 --- a/certs/test-pathlen/chainA-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainA-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:41 2019 GMT - Not After : Jul 6 21:32:41 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: - be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: - de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: - df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: - c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: - 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: - 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: - 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: - fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: - f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: - e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: - 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: - e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: - 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: - fd:7f:af:c2 + Signature Algorithm: sha256WithRSAEncryption + 2a:15:34:be:88:ed:0b:5d:97:b4:c0:9e:f7:45:a2:ba:bb:a0: + 7f:a0:b3:93:15:79:38:27:36:25:91:5d:73:10:bb:d0:f9:f3: + e9:5f:98:c6:9b:6b:da:08:60:48:3e:26:17:2b:ae:22:08:ac: + 10:ed:a1:28:65:96:7f:94:75:c8:da:6c:c9:f6:4c:4c:b1:a3: + 45:4b:74:c7:de:49:f6:c1:1c:2c:eb:41:3c:2d:56:52:75:5b: + 7c:13:c0:dc:41:34:02:c0:e5:5e:79:71:65:ac:d1:f3:36:f7: + 55:d5:13:8f:0a:42:49:d9:fc:7f:5c:a4:cb:ad:7b:72:2f:98: + e2:56:92:9e:11:1a:b2:9d:5b:b9:2c:14:1e:51:f5:c5:b7:2c: + c2:39:52:90:0f:4e:04:5e:59:23:6f:d8:f9:75:2b:54:b0:6e: + 98:0a:54:3a:45:fd:9a:63:31:ce:a3:a8:ae:7b:be:03:81:a5: + 18:d3:00:51:a4:29:d4:f7:8d:53:31:72:85:80:c0:62:71:06: + 2b:07:b6:0a:b2:12:cf:2b:bd:99:34:6b:5e:ea:94:0c:1a:e8: + 2b:ee:e5:d6:3d:cb:7a:f6:f8:6e:e4:e2:f4:25:07:13:11:b1: + 18:b3:75:29:40:dc:bc:31:57:37:71:7c:09:bb:74:1c:9e:b4: + 3e:1d:47:20 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 -RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG -1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p -AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX -Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 -fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAqFTS+iO0LXZe0wJ73RaK6u6B/oLOTFXk4JzYlkV1zELvQ+fPpX5jGm2va +CGBIPiYXK64iCKwQ7aEoZZZ/lHXI2mzJ9kxMsaNFS3TH3kn2wRws60E8LVZSdVt8 +E8DcQTQCwOVeeXFlrNHzNvdV1ROPCkJJ2fx/XKTLrXtyL5jiVpKeERqynVu5LBQe +UfXFtyzCOVKQD04EXlkjb9j5dStUsG6YClQ6Rf2aYzHOo6iue74DgaUY0wBRpCnU +941TMXKFgMBicQYrB7YKshLPK72ZNGte6pQMGugr7uXWPct69vhu5OL0JQcTEbEY +s3UpQNy8MVc3cXwJu3QcnrQ+HUcg -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-assembled.pem b/certs/test-pathlen/chainA-assembled.pem index d02e53a49..0661644ff 100644 --- a/certs/test-pathlen/chainA-assembled.pem +++ b/certs/test-pathlen/chainA-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: - de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: - b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: - 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: - b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: - 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: - 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: - a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: - ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: - fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: - 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: - 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: - 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: - 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: - 5b:44:0b:a0 + Signature Algorithm: sha256WithRSAEncryption + 72:8d:c5:a7:a8:d5:4a:bc:d9:72:ef:46:79:53:5c:e8:32:10: + f5:29:ee:b0:6c:ef:68:80:a3:f6:0f:fe:ba:73:ce:a9:c4:93: + 01:ba:78:eb:a9:4a:f3:32:e2:4c:74:6c:f7:23:c9:70:44:a1: + d1:f7:59:d7:fd:34:12:ab:81:91:16:20:60:59:dd:ff:d5:6f: + 1f:d6:25:d9:95:85:7f:9d:dc:18:49:39:44:43:03:03:98:db: + 2e:03:a8:88:27:13:d2:a5:52:0e:15:a0:e5:5d:15:81:2b:3d: + 1c:cb:41:58:46:d3:4f:37:be:ae:45:eb:7d:9c:52:91:50:98: + a5:c1:e6:7b:1a:60:e0:d6:61:7e:88:19:b7:ec:8a:33:07:24: + 04:9f:78:89:50:97:9c:a4:1e:15:fc:ef:bf:29:4d:c3:8c:19: + d7:59:68:30:d2:08:d8:80:d8:7e:32:31:2b:ee:cf:7f:b4:47: + a4:bb:7d:cf:b6:64:9d:55:5c:e9:44:0a:43:ed:3b:c2:ae:1d: + 34:1c:bf:7e:5b:91:8c:26:76:fb:68:d9:3e:6b:68:22:ae:60: + 56:d3:4e:f3:b7:d1:de:da:47:03:2e:22:74:85:ea:52:de:22: + fd:90:55:21:8d:b2:e4:35:c3:15:44:f6:1a:01:3c:0a:56:f8: + 89:98:59:4a -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,22 +77,22 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B -3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH -6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko -eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 -/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 -WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAco3Fp6jVSrzZcu9GeVNc6DIQ +9SnusGzvaICj9g/+unPOqcSTAbp466lK8zLiTHRs9yPJcESh0fdZ1/00EquBkRYg +YFnd/9VvH9Yl2ZWFf53cGEk5REMDA5jbLgOoiCcT0qVSDhWg5V0VgSs9HMtBWEbT +Tze+rkXrfZxSkVCYpcHmexpg4NZhfogZt+yKMwckBJ94iVCXnKQeFfzvvylNw4wZ +11loMNII2IDYfjIxK+7Pf7RHpLt9z7ZknVVc6UQKQ+07wq4dNBy/fluRjCZ2+2jZ +PmtoIq5gVtNO87fR3tpHAy4idIXqUt4i/ZBVIY2y5DXDFUT2GgE8Clb4iZhZSg== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:41 2019 GMT - Not After : Jul 6 21:32:41 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 21:c9:8b:0d:d9:f7:16:c7:bc:a4:9b:a3:60:79:eb:24:9b:f7: - be:b6:c8:33:2a:b5:1c:67:a2:d9:31:83:9d:c4:18:d2:1f:d6: - de:1d:fb:d0:8b:10:fb:44:12:6e:f1:e5:96:6d:31:a2:df:08: - df:67:6f:0e:ac:cc:25:00:5c:fe:6b:4b:82:5b:ad:64:bf:ea: - c1:0e:de:fa:45:df:3e:b1:a2:20:c0:95:ac:8a:20:f1:73:e7: - 46:d5:21:8f:0c:5a:2d:6b:19:95:01:27:23:00:33:b6:1b:1d: - 81:4a:d9:00:d9:d9:d9:13:59:0a:ac:0e:63:45:6b:38:4d:11: - 28:2d:5c:a8:a0:2d:34:20:0f:69:4d:cf:e9:01:ea:01:fd:14: - fc:c9:0c:5c:8c:f7:5f:60:ab:7e:10:40:dd:0e:bf:f1:10:fe: - f2:d6:3c:74:23:d6:c2:7c:df:6c:16:ef:b8:5d:5e:67:84:c8: - e1:b0:52:1c:cf:51:97:43:f5:d3:65:b1:59:7e:e4:7e:79:7b: - 9a:ab:49:7d:25:2a:f3:fa:d7:9b:39:11:1c:ed:15:ab:cd:71: - e3:10:a8:af:50:09:73:1f:b3:73:50:d5:03:eb:02:e8:20:af: - 7a:7f:15:8f:56:5f:41:36:75:6b:08:02:fc:47:a4:e3:cb:72: - fd:7f:af:c2 + Signature Algorithm: sha256WithRSAEncryption + 2a:15:34:be:88:ed:0b:5d:97:b4:c0:9e:f7:45:a2:ba:bb:a0: + 7f:a0:b3:93:15:79:38:27:36:25:91:5d:73:10:bb:d0:f9:f3: + e9:5f:98:c6:9b:6b:da:08:60:48:3e:26:17:2b:ae:22:08:ac: + 10:ed:a1:28:65:96:7f:94:75:c8:da:6c:c9:f6:4c:4c:b1:a3: + 45:4b:74:c7:de:49:f6:c1:1c:2c:eb:41:3c:2d:56:52:75:5b: + 7c:13:c0:dc:41:34:02:c0:e5:5e:79:71:65:ac:d1:f3:36:f7: + 55:d5:13:8f:0a:42:49:d9:fc:7f:5c:a4:cb:ad:7b:72:2f:98: + e2:56:92:9e:11:1a:b2:9d:5b:b9:2c:14:1e:51:f5:c5:b7:2c: + c2:39:52:90:0f:4e:04:5e:59:23:6f:d8:f9:75:2b:54:b0:6e: + 98:0a:54:3a:45:fd:9a:63:31:ce:a3:a8:ae:7b:be:03:81:a5: + 18:d3:00:51:a4:29:d4:f7:8d:53:31:72:85:80:c0:62:71:06: + 2b:07:b6:0a:b2:12:cf:2b:bd:99:34:6b:5e:ea:94:0c:1a:e8: + 2b:ee:e5:d6:3d:cb:7a:f6:f8:6e:e4:e2:f4:25:07:13:11:b1: + 18:b3:75:29:40:dc:bc:31:57:37:71:7c:09:bb:74:1c:9e:b4: + 3e:1d:47:20 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQxWhcNMjIwNzA2MjEzMjQxWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -165,11 +165,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAhyYsN2fcWx7ykm6Ngeeskm/e+tsgzKrUcZ6LZMYOdxBjSH9beHfvQixD7 -RBJu8eWWbTGi3wjfZ28OrMwlAFz+a0uCW61kv+rBDt76Rd8+saIgwJWsiiDxc+dG -1SGPDFotaxmVAScjADO2Gx2BStkA2dnZE1kKrA5jRWs4TREoLVyooC00IA9pTc/p -AeoB/RT8yQxcjPdfYKt+EEDdDr/xEP7y1jx0I9bCfN9sFu+4XV5nhMjhsFIcz1GX -Q/XTZbFZfuR+eXuaq0l9JSrz+tebOREc7RWrzXHjEKivUAlzH7NzUNUD6wLoIK96 -fxWPVl9BNnVrCAL8R6Tjy3L9f6/C +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAqFTS+iO0LXZe0wJ73RaK6u6B/oLOTFXk4JzYlkV1zELvQ+fPpX5jGm2va +CGBIPiYXK64iCKwQ7aEoZZZ/lHXI2mzJ9kxMsaNFS3TH3kn2wRws60E8LVZSdVt8 +E8DcQTQCwOVeeXFlrNHzNvdV1ROPCkJJ2fx/XKTLrXtyL5jiVpKeERqynVu5LBQe +UfXFtyzCOVKQD04EXlkjb9j5dStUsG6YClQ6Rf2aYzHOo6iue74DgaUY0wBRpCnU +941TMXKFgMBicQYrB7YKshLPK72ZNGte6pQMGugr7uXWPct69vhu5OL0JQcTEbEY +s3UpQNy8MVc3cXwJu3QcnrQ+HUcg -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainA-entity.pem b/certs/test-pathlen/chainA-entity.pem index 855d8c4bd..277c4a644 100644 --- a/certs/test-pathlen/chainA-entity.pem +++ b/certs/test-pathlen/chainA-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 7d:12:c0:66:8a:85:2c:a9:5f:b2:bc:9a:51:8b:2f:9a:fd:c1: - de:d4:92:2f:90:80:8f:1e:ec:67:48:0c:2a:2d:49:f7:22:f3: - b3:bc:fc:ce:2b:a7:6f:28:5e:fc:16:5f:45:9d:52:86:df:2c: - 58:2c:ba:47:dc:5a:37:d8:4d:5b:71:07:e9:90:d0:d0:b3:6c: - b4:62:5f:64:f8:4e:27:0c:d9:88:12:59:7e:01:8b:69:2c:85: - 07:5d:b2:21:28:73:98:d0:6e:ce:1e:3d:7b:9b:ed:e6:b5:a5: - 90:19:52:74:69:28:79:9d:04:a9:4b:50:ea:fb:a5:43:92:a4: - a3:45:4a:67:0f:0d:c8:68:3f:34:a5:7e:dd:3c:58:80:10:35: - ea:71:5a:b1:58:bb:22:86:3c:c2:3f:bf:38:5f:03:e8:ae:37: - fc:99:06:1d:6f:00:14:34:bd:c9:9e:99:e7:21:04:44:f9:3f: - 56:b7:33:f2:0e:f3:0f:da:69:d4:fd:5b:f7:7b:25:c5:25:29: - 55:18:a0:ae:98:a3:a1:cc:3c:83:de:7b:59:54:6a:e3:04:17: - 5b:e2:83:40:67:19:5d:7b:5e:ea:d4:46:b5:19:b8:06:0b:2e: - 98:c6:61:5b:06:12:00:dd:fa:bc:59:75:4a:25:55:c3:2e:c0: - 5b:44:0b:a0 + Signature Algorithm: sha256WithRSAEncryption + 72:8d:c5:a7:a8:d5:4a:bc:d9:72:ef:46:79:53:5c:e8:32:10: + f5:29:ee:b0:6c:ef:68:80:a3:f6:0f:fe:ba:73:ce:a9:c4:93: + 01:ba:78:eb:a9:4a:f3:32:e2:4c:74:6c:f7:23:c9:70:44:a1: + d1:f7:59:d7:fd:34:12:ab:81:91:16:20:60:59:dd:ff:d5:6f: + 1f:d6:25:d9:95:85:7f:9d:dc:18:49:39:44:43:03:03:98:db: + 2e:03:a8:88:27:13:d2:a5:52:0e:15:a0:e5:5d:15:81:2b:3d: + 1c:cb:41:58:46:d3:4f:37:be:ae:45:eb:7d:9c:52:91:50:98: + a5:c1:e6:7b:1a:60:e0:d6:61:7e:88:19:b7:ec:8a:33:07:24: + 04:9f:78:89:50:97:9c:a4:1e:15:fc:ef:bf:29:4d:c3:8c:19: + d7:59:68:30:d2:08:d8:80:d8:7e:32:31:2b:ee:cf:7f:b4:47: + a4:bb:7d:cf:b6:64:9d:55:5c:e9:44:0a:43:ed:3b:c2:ae:1d: + 34:1c:bf:7e:5b:91:8c:26:76:fb:68:d9:3e:6b:68:22:ae:60: + 56:d3:4e:f3:b7:d1:de:da:47:03:2e:22:74:85:ea:52:de:22: + fd:90:55:21:8d:b2:e4:35:c3:15:44:f6:1a:01:3c:0a:56:f8: + 89:98:59:4a -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAfRLAZoqFLKlfsryaUYsvmv3B -3tSSL5CAjx7sZ0gMKi1J9yLzs7z8ziunbyhe/BZfRZ1Sht8sWCy6R9xaN9hNW3EH -6ZDQ0LNstGJfZPhOJwzZiBJZfgGLaSyFB12yIShzmNBuzh49e5vt5rWlkBlSdGko -eZ0EqUtQ6vulQ5Kko0VKZw8NyGg/NKV+3TxYgBA16nFasVi7IoY8wj+/OF8D6K43 -/JkGHW8AFDS9yZ6Z5yEERPk/Vrcz8g7zD9pp1P1b93slxSUpVRigrpijocw8g957 -WVRq4wQXW+KDQGcZXXte6tRGtRm4BgsumMZhWwYSAN36vFl1SiVVwy7AW0QLoA== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAco3Fp6jVSrzZcu9GeVNc6DIQ +9SnusGzvaICj9g/+unPOqcSTAbp466lK8zLiTHRs9yPJcESh0fdZ1/00EquBkRYg +YFnd/9VvH9Yl2ZWFf53cGEk5REMDA5jbLgOoiCcT0qVSDhWg5V0VgSs9HMtBWEbT +Tze+rkXrfZxSkVCYpcHmexpg4NZhfogZt+yKMwckBJ94iVCXnKQeFfzvvylNw4wZ +11loMNII2IDYfjIxK+7Pf7RHpLt9z7ZknVVc6UQKQ+07wq4dNBy/fluRjCZ2+2jZ +PmtoIq5gVtNO87fR3tpHAy4idIXqUt4i/ZBVIY2y5DXDFUT2GgE8Clb4iZhZSg== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/certs/test-pathlen/chainB-ICA1-pathlen0.pem index 7f180ba4e..138560784 100644 --- a/certs/test-pathlen/chainB-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainB-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: - 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: - b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: - 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: - 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: - 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: - cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: - 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: - c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: - bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: - 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: - dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: - af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: - f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: - d8:0d:95:d4 + Signature Algorithm: sha256WithRSAEncryption + cd:0b:7e:66:b9:1d:a8:14:81:a8:e0:b3:74:d9:79:8a:c1:e5: + 15:cf:6a:a7:a3:ca:d2:ad:f8:f6:9f:c2:be:67:ee:cf:9a:3c: + 1c:a3:c4:db:2b:c8:a9:b1:55:94:a1:9e:e3:c2:6c:3a:95:90: + 7e:8f:29:56:c6:99:d2:e5:3b:8f:f3:9a:11:4a:97:22:07:d9: + e2:e5:f8:3e:0f:08:50:43:ea:66:13:6c:20:2e:71:95:10:07: + 88:89:2d:30:9c:96:b1:7e:42:5f:63:c3:8b:71:c6:1d:00:ee: + 83:d7:80:1b:fa:f4:fe:f5:b1:29:f8:c1:ca:1d:89:9b:7c:2a: + 84:00:e4:f5:04:2d:35:be:12:c1:fa:78:cb:bc:c9:04:8a:bf: + 87:57:99:3a:9f:0a:88:a5:e8:94:db:2b:8f:ba:5f:b4:75:7f: + ac:56:75:b4:db:7f:57:24:17:cb:89:f8:cb:8b:c4:b2:44:4a: + d9:57:82:fb:ce:0c:84:e2:2b:a5:f2:90:63:aa:b3:c5:e1:00: + 22:60:8f:23:1f:a8:97:4b:49:f7:f7:cb:92:f7:94:80:52:5b: + 8d:4a:c1:f1:d1:3e:9f:28:96:61:af:8e:72:8d:b6:9e:14:ed: + 14:db:ea:f0:fc:50:39:ca:c8:ab:1e:49:c3:9e:97:0a:d7:1c: + 6f:b2:17:9a -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr -S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 -8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ -K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I -S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 -NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +AQELBQADggEBAM0Lfma5HagUgajgs3TZeYrB5RXPaqejytKt+Pafwr5n7s+aPByj +xNsryKmxVZShnuPCbDqVkH6PKVbGmdLlO4/zmhFKlyIH2eLl+D4PCFBD6mYTbCAu +cZUQB4iJLTCclrF+Ql9jw4txxh0A7oPXgBv69P71sSn4wcodiZt8KoQA5PUELTW+ +EsH6eMu8yQSKv4dXmTqfCoil6JTbK4+6X7R1f6xWdbTbf1ckF8uJ+MuLxLJEStlX +gvvODITiK6XykGOqs8XhACJgjyMfqJdLSff3y5L3lIBSW41KwfHRPp8olmGvjnKN +tp4U7RTb6vD8UDnKyKseScOelwrXHG+yF5o= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/certs/test-pathlen/chainB-ICA2-pathlen1.pem index 2f1eea71c..5197a077d 100644 --- a/certs/test-pathlen/chainB-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainB-ICA2-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: - 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: - 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: - 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: - 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: - e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: - 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: - aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: - d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: - 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: - 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: - 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: - 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: - eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: - 2c:b1:c1:34 + Signature Algorithm: sha256WithRSAEncryption + ab:c7:2b:9d:15:73:97:47:e0:88:32:9d:10:71:81:53:62:97: + dc:c4:72:73:49:3e:50:50:10:03:1e:22:58:82:e0:b3:da:ca: + 89:92:70:c8:54:0d:8e:a6:44:a0:26:5d:5d:52:d2:fb:63:e4: + 13:7e:30:9a:13:25:4e:c8:34:a1:c9:e6:69:24:64:98:e3:88: + 9c:86:18:62:53:70:ae:f0:d9:ed:f3:0c:e8:ec:5b:e5:27:85: + 16:d0:b0:f6:bd:5d:9a:62:41:26:25:31:88:70:fe:25:97:48: + f1:e6:21:1c:78:f7:68:03:59:21:db:f1:c5:92:96:24:b8:23: + fc:ab:52:95:70:6a:52:16:4d:fc:36:6b:5f:58:4f:3f:c9:f4: + e7:6e:52:41:42:99:41:07:c2:75:74:db:c2:49:84:7c:3f:c1: + ac:bd:d4:d5:8f:d0:73:95:18:8a:5d:f0:8d:dd:2d:f0:b7:61: + 8d:8a:ef:14:9f:fd:30:ba:10:e8:57:d3:1b:8e:2d:9b:74:b3: + 63:0d:0e:8c:f9:a2:f7:42:c8:e6:5e:83:6f:0f:9a:85:3b:6e: + 66:48:b9:a7:a8:fc:da:19:47:0c:90:26:0d:ce:15:fe:6a:1e: + 47:5a:49:f8:76:0f:3a:a8:68:cd:a6:38:4c:a6:ca:b2:b0:9b: + c7:46:43:cd -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ -CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg -YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW -6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R -kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr -sJQyRfcOsjskBVJ/iUhPJeIsscE0 +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQCrxyudFXOXR+CIMp0QcYFTYpfcxHJzST5QUBADHiJYguCz2sqJknDIVA2O +pkSgJl1dUtL7Y+QTfjCaEyVOyDShyeZpJGSY44ichhhiU3Cu8Nnt8wzo7FvlJ4UW +0LD2vV2aYkEmJTGIcP4ll0jx5iEcePdoA1kh2/HFkpYkuCP8q1KVcGpSFk38Nmtf +WE8/yfTnblJBQplBB8J1dNvCSYR8P8GsvdTVj9BzlRiKXfCN3S3wt2GNiu8Un/0w +uhDoV9Mbji2bdLNjDQ6M+aL3QsjmXoNvD5qFO25mSLmnqPzaGUcMkCYNzhX+ah5H +Wkn4dg86qGjNpjhMpsqysJvHRkPN -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-assembled.pem b/certs/test-pathlen/chainB-assembled.pem index 310d83f88..7f83c5f55 100644 --- a/certs/test-pathlen/chainB-assembled.pem +++ b/certs/test-pathlen/chainB-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: - 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: - 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: - b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: - 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: - 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: - 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: - ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: - ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: - fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: - d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: - d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: - 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: - 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: - a5:75:99:ad + Signature Algorithm: sha256WithRSAEncryption + 1f:ee:5c:85:ed:4e:3b:39:6b:29:a2:ef:65:b9:f3:c7:47:85: + 8e:79:a0:35:1b:aa:0e:98:67:a8:df:03:9c:2b:81:24:ed:cb: + cc:c0:42:49:76:bf:78:7b:b9:39:ca:f6:06:35:76:dd:e3:59: + c5:70:3b:b3:cf:62:0a:09:1d:07:90:96:c4:0e:0a:38:97:f7: + 31:1d:ad:44:f9:03:f9:30:22:b6:68:01:00:38:23:3d:f6:e7: + 71:5a:e4:d4:59:52:4f:80:86:ec:8f:ca:92:1d:9b:07:93:fe: + 34:22:ac:9a:a2:aa:9e:fe:f5:7b:99:fd:72:32:40:98:88:d8: + 42:1d:33:59:4c:38:2e:97:f2:9d:a2:fc:b7:33:cd:84:c1:c6: + ef:f5:c5:d9:be:32:ba:44:66:06:62:5c:55:31:38:b4:25:1a: + 6a:64:de:14:39:b4:38:74:1b:d7:c4:ec:81:fc:3a:13:4b:e1: + d1:b1:5f:3c:8e:25:bc:63:7f:30:78:04:4e:79:3a:83:97:52: + f6:00:6a:9e:d8:b5:c6:06:21:97:4a:98:ee:cf:e8:83:94:23: + 11:6c:00:d7:e9:35:1f:89:77:85:9a:d7:8f:29:90:c6:61:14: + e5:7d:55:5b:66:65:60:44:79:8a:1b:58:88:b9:0f:5f:a6:5f: + 7a:ca:6b:0c -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 -7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 -RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO -oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa -EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU -zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu -xBu8E79NhaV1ma0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAB/uXIXt +Tjs5aymi72W588dHhY55oDUbqg6YZ6jfA5wrgSTty8zAQkl2v3h7uTnK9gY1dt3j +WcVwO7PPYgoJHQeQlsQOCjiX9zEdrUT5A/kwIrZoAQA4Iz3253Fa5NRZUk+AhuyP +ypIdmweT/jQirJqiqp7+9XuZ/XIyQJiI2EIdM1lMOC6X8p2i/LczzYTBxu/1xdm+ +MrpEZgZiXFUxOLQlGmpk3hQ5tDh0G9fE7IH8OhNL4dGxXzyOJbxjfzB4BE55OoOX +UvYAap7YtcYGIZdKmO7P6IOUIxFsANfpNR+Jd4Wa148pkMZhFOV9VVtmZWBEeYob +WIi5D1+mX3rKaww= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 84:7e:45:77:d4:71:f2:2b:ce:85:60:98:04:83:ad:b3:36:d9: - 94:f0:73:3f:17:23:4f:d4:ae:cf:7f:c7:32:8b:f7:30:d7:de: - b4:6b:4b:9e:f0:5e:a8:be:ba:5b:12:e1:7a:7c:ad:9b:04:a3: - 09:c9:c3:de:ef:22:1d:3b:fb:6a:3e:33:3d:d6:64:72:3e:b8: - 74:17:67:1b:44:d8:c9:8b:60:09:d5:45:18:f4:f1:68:00:56: - 6d:23:63:32:5d:ae:a1:3e:b7:97:6c:ee:88:ae:3e:ec:23:2b: - cb:b9:c4:b0:66:ae:26:e5:25:48:b9:bb:16:45:86:9d:f2:72: - 2a:4f:42:36:96:15:77:3e:2b:cd:6b:4d:2f:cf:95:86:ec:6a: - c2:58:91:32:dd:2c:4b:dd:cf:6e:fb:2b:74:2e:02:1c:ac:50: - bf:11:93:73:48:dc:c2:61:34:f0:3a:ee:1c:bd:63:33:ea:5c: - 6e:88:4b:c6:22:7e:50:95:90:33:eb:fd:8e:9f:8e:76:63:86: - dc:f0:7b:37:c9:04:b5:6a:77:07:d9:8a:e7:e7:fd:c0:0b:d9: - af:61:80:93:82:0a:fa:f6:0f:58:3b:fc:b2:39:34:65:a3:1b: - f2:34:90:d2:1d:86:c0:f3:37:43:2b:b9:48:2c:be:45:05:b0: - d8:0d:95:d4 + Signature Algorithm: sha256WithRSAEncryption + cd:0b:7e:66:b9:1d:a8:14:81:a8:e0:b3:74:d9:79:8a:c1:e5: + 15:cf:6a:a7:a3:ca:d2:ad:f8:f6:9f:c2:be:67:ee:cf:9a:3c: + 1c:a3:c4:db:2b:c8:a9:b1:55:94:a1:9e:e3:c2:6c:3a:95:90: + 7e:8f:29:56:c6:99:d2:e5:3b:8f:f3:9a:11:4a:97:22:07:d9: + e2:e5:f8:3e:0f:08:50:43:ea:66:13:6c:20:2e:71:95:10:07: + 88:89:2d:30:9c:96:b1:7e:42:5f:63:c3:8b:71:c6:1d:00:ee: + 83:d7:80:1b:fa:f4:fe:f5:b1:29:f8:c1:ca:1d:89:9b:7c:2a: + 84:00:e4:f5:04:2d:35:be:12:c1:fa:78:cb:bc:c9:04:8a:bf: + 87:57:99:3a:9f:0a:88:a5:e8:94:db:2b:8f:ba:5f:b4:75:7f: + ac:56:75:b4:db:7f:57:24:17:cb:89:f8:cb:8b:c4:b2:44:4a: + d9:57:82:fb:ce:0c:84:e2:2b:a5:f2:90:63:aa:b3:c5:e1:00: + 22:60:8f:23:1f:a8:97:4b:49:f7:f7:cb:92:f7:94:80:52:5b: + 8d:4a:c1:f1:d1:3e:9f:28:96:61:af:8e:72:8d:b6:9e:14:ed: + 14:db:ea:f0:fc:50:39:ca:c8:ab:1e:49:c3:9e:97:0a:d7:1c: + 6f:b2:17:9a -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAIR+RXfUcfIrzoVgmASDrbM22ZTwcz8XI0/Urs9/xzKL9zDX3rRr -S57wXqi+ulsS4Xp8rZsEownJw97vIh07+2o+Mz3WZHI+uHQXZxtE2MmLYAnVRRj0 -8WgAVm0jYzJdrqE+t5ds7oiuPuwjK8u5xLBmriblJUi5uxZFhp3ycipPQjaWFXc+ -K81rTS/PlYbsasJYkTLdLEvdz277K3QuAhysUL8Rk3NI3MJhNPA67hy9YzPqXG6I -S8YiflCVkDPr/Y6fjnZjhtzwezfJBLVqdwfZiufn/cAL2a9hgJOCCvr2D1g7/LI5 -NGWjG/I0kNIdhsDzN0MruUgsvkUFsNgNldQ= +AQELBQADggEBAM0Lfma5HagUgajgs3TZeYrB5RXPaqejytKt+Pafwr5n7s+aPByj +xNsryKmxVZShnuPCbDqVkH6PKVbGmdLlO4/zmhFKlyIH2eLl+D4PCFBD6mYTbCAu +cZUQB4iJLTCclrF+Ql9jw4txxh0A7oPXgBv69P71sSn4wcodiZt8KoQA5PUELTW+ +EsH6eMu8yQSKv4dXmTqfCoil6JTbK4+6X7R1f6xWdbTbf1ckF8uJ+MuLxLJEStlX +gvvODITiK6XykGOqs8XhACJgjyMfqJdLSff3y5L3lIBSW41KwfHRPp8olmGvjnKN +tp4U7RTb6vD8UDnKyKseScOelwrXHG+yF5o= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 40:6f:40:e6:47:44:ea:5e:ab:d7:15:ca:24:30:a9:4b:c7:d0: - 7f:66:75:96:6a:3b:bc:e6:43:c8:30:8f:44:cf:30:17:65:49: - 17:c1:75:8f:ec:cd:7e:09:33:dd:03:16:93:cc:ca:86:34:f8: - 66:a7:e4:0b:34:6d:c2:9d:51:90:cb:8e:7f:db:5c:af:5e:c1: - 60:8e:61:a1:fa:f1:24:3e:42:98:9d:2c:8f:fa:ab:70:13:75: - e0:61:1b:d0:26:b3:80:22:c5:2f:06:5b:09:20:ed:5a:cb:a0: - 41:58:71:6e:46:3b:31:30:cd:a0:77:1d:ee:1d:c9:64:9a:4e: - aa:31:b0:4e:fd:43:a2:66:d2:d7:39:17:16:e9:91:e8:b6:35: - d4:4c:d6:1a:ee:c2:ed:b0:92:47:60:de:20:85:e6:15:3d:fa: - 37:87:0e:18:9d:3b:13:a8:61:ab:00:3a:d8:fb:7d:10:7e:00: - 65:e0:00:7e:3d:8e:51:91:7a:99:43:a0:d8:08:c2:4e:8e:2b: - 0d:6f:03:05:3f:87:60:48:fa:95:a0:c4:3d:98:57:a6:db:25: - 2c:d2:06:eb:0e:b0:79:74:dd:e0:7c:6e:00:dc:b0:c8:0f:20: - eb:b0:94:32:45:f7:0e:b2:3b:24:05:52:7f:89:48:4f:25:e2: - 2c:b1:c1:34 + Signature Algorithm: sha256WithRSAEncryption + ab:c7:2b:9d:15:73:97:47:e0:88:32:9d:10:71:81:53:62:97: + dc:c4:72:73:49:3e:50:50:10:03:1e:22:58:82:e0:b3:da:ca: + 89:92:70:c8:54:0d:8e:a6:44:a0:26:5d:5d:52:d2:fb:63:e4: + 13:7e:30:9a:13:25:4e:c8:34:a1:c9:e6:69:24:64:98:e3:88: + 9c:86:18:62:53:70:ae:f0:d9:ed:f3:0c:e8:ec:5b:e5:27:85: + 16:d0:b0:f6:bd:5d:9a:62:41:26:25:31:88:70:fe:25:97:48: + f1:e6:21:1c:78:f7:68:03:59:21:db:f1:c5:92:96:24:b8:23: + fc:ab:52:95:70:6a:52:16:4d:fc:36:6b:5f:58:4f:3f:c9:f4: + e7:6e:52:41:42:99:41:07:c2:75:74:db:c2:49:84:7c:3f:c1: + ac:bd:d4:d5:8f:d0:73:95:18:8a:5d:f0:8d:dd:2d:f0:b7:61: + 8d:8a:ef:14:9f:fd:30:ba:10:e8:57:d3:1b:8e:2d:9b:74:b3: + 63:0d:0e:8c:f9:a2:f7:42:c8:e6:5e:83:6f:0f:9a:85:3b:6e: + 66:48:b9:a7:a8:fc:da:19:47:0c:90:26:0d:ce:15:fe:6a:1e: + 47:5a:49:f8:76:0f:3a:a8:68:cd:a6:38:4c:a6:ca:b2:b0:9b: + c7:46:43:cd -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -255,11 +255,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQBAb0DmR0TqXqvXFcokMKlLx9B/ZnWWaju85kPIMI9EzzAXZUkXwXWP7M1+ -CTPdAxaTzMqGNPhmp+QLNG3CnVGQy45/21yvXsFgjmGh+vEkPkKYnSyP+qtwE3Xg -YRvQJrOAIsUvBlsJIO1ay6BBWHFuRjsxMM2gdx3uHclkmk6qMbBO/UOiZtLXORcW -6ZHotjXUTNYa7sLtsJJHYN4gheYVPfo3hw4YnTsTqGGrADrY+30QfgBl4AB+PY5R -kXqZQ6DYCMJOjisNbwMFP4dgSPqVoMQ9mFem2yUs0gbrDrB5dN3gfG4A3LDIDyDr -sJQyRfcOsjskBVJ/iUhPJeIsscE0 +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQCrxyudFXOXR+CIMp0QcYFTYpfcxHJzST5QUBADHiJYguCz2sqJknDIVA2O +pkSgJl1dUtL7Y+QTfjCaEyVOyDShyeZpJGSY44ichhhiU3Cu8Nnt8wzo7FvlJ4UW +0LD2vV2aYkEmJTGIcP4ll0jx5iEcePdoA1kh2/HFkpYkuCP8q1KVcGpSFk38Nmtf +WE8/yfTnblJBQplBB8J1dNvCSYR8P8GsvdTVj9BzlRiKXfCN3S3wt2GNiu8Un/0w +uhDoV9Mbji2bdLNjDQ6M+aL3QsjmXoNvD5qFO25mSLmnqPzaGUcMkCYNzhX+ah5H +Wkn4dg86qGjNpjhMpsqysJvHRkPN -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainB-entity.pem b/certs/test-pathlen/chainB-entity.pem index 054e7f6bd..cca6f6697 100644 --- a/certs/test-pathlen/chainB-entity.pem +++ b/certs/test-pathlen/chainB-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 5e:83:71:85:f4:ed:b9:18:36:f1:37:39:ae:bf:29:8d:50:30: - 7a:dd:3b:8f:2c:e4:3e:3b:50:33:e7:ca:14:ff:50:42:e2:cb: - 60:b7:21:80:0a:75:c2:c8:ce:06:91:55:24:89:ef:79:37:45: - b5:76:0c:3d:69:4d:7d:19:a0:42:db:60:21:f0:36:99:ea:0a: - 03:7c:6a:73:35:e2:36:db:fa:1f:35:51:43:35:c6:c2:a2:a9: - 4e:42:9f:0b:6f:b2:9a:54:9e:01:4e:a0:73:7d:1c:f6:37:95: - 7c:87:37:b8:bb:6a:d6:28:c4:f3:49:9c:ad:b8:38:b5:46:d8: - ad:4a:b6:ed:fe:57:92:91:91:19:49:12:41:46:9b:dd:ce:b8: - ea:1c:c2:15:da:12:01:73:1d:16:6c:e5:51:eb:1f:c6:46:d7: - fe:47:77:3b:a5:e3:1b:89:6c:7c:37:18:ba:69:69:ea:c9:fc: - d6:62:92:7b:b6:b1:29:e6:c7:6a:07:6b:38:56:aa:4a:d4:cc: - d7:d3:33:fd:c9:8e:b7:ec:ab:6f:07:4a:99:b3:d8:bc:8c:b6: - 27:70:e4:25:f3:17:c2:fd:79:e2:a7:37:8b:02:c3:c1:0a:90: - 61:0c:bd:7f:63:84:d5:ea:1d:72:ae:c4:1b:bc:13:bf:4d:85: - a5:75:99:ad + Signature Algorithm: sha256WithRSAEncryption + 1f:ee:5c:85:ed:4e:3b:39:6b:29:a2:ef:65:b9:f3:c7:47:85: + 8e:79:a0:35:1b:aa:0e:98:67:a8:df:03:9c:2b:81:24:ed:cb: + cc:c0:42:49:76:bf:78:7b:b9:39:ca:f6:06:35:76:dd:e3:59: + c5:70:3b:b3:cf:62:0a:09:1d:07:90:96:c4:0e:0a:38:97:f7: + 31:1d:ad:44:f9:03:f9:30:22:b6:68:01:00:38:23:3d:f6:e7: + 71:5a:e4:d4:59:52:4f:80:86:ec:8f:ca:92:1d:9b:07:93:fe: + 34:22:ac:9a:a2:aa:9e:fe:f5:7b:99:fd:72:32:40:98:88:d8: + 42:1d:33:59:4c:38:2e:97:f2:9d:a2:fc:b7:33:cd:84:c1:c6: + ef:f5:c5:d9:be:32:ba:44:66:06:62:5c:55:31:38:b4:25:1a: + 6a:64:de:14:39:b4:38:74:1b:d7:c4:ec:81:fc:3a:13:4b:e1: + d1:b1:5f:3c:8e:25:bc:63:7f:30:78:04:4e:79:3a:83:97:52: + f6:00:6a:9e:d8:b5:c6:06:21:97:4a:98:ee:cf:e8:83:94:23: + 11:6c:00:d7:e9:35:1f:89:77:85:9a:d7:8f:29:90:c6:61:14: + e5:7d:55:5b:66:65:60:44:79:8a:1b:58:88:b9:0f:5f:a6:5f: + 7a:ca:6b:0c -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAF6DcYX0 -7bkYNvE3Oa6/KY1QMHrdO48s5D47UDPnyhT/UELiy2C3IYAKdcLIzgaRVSSJ73k3 -RbV2DD1pTX0ZoELbYCHwNpnqCgN8anM14jbb+h81UUM1xsKiqU5CnwtvsppUngFO -oHN9HPY3lXyHN7i7atYoxPNJnK24OLVG2K1Ktu3+V5KRkRlJEkFGm93OuOocwhXa -EgFzHRZs5VHrH8ZG1/5Hdzul4xuJbHw3GLppaerJ/NZiknu2sSnmx2oHazhWqkrU -zNfTM/3Jjrfsq28HSpmz2LyMtidw5CXzF8L9eeKnN4sCw8EKkGEMvX9jhNXqHXKu -xBu8E79NhaV1ma0= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAB/uXIXt +Tjs5aymi72W588dHhY55oDUbqg6YZ6jfA5wrgSTty8zAQkl2v3h7uTnK9gY1dt3j +WcVwO7PPYgoJHQeQlsQOCjiX9zEdrUT5A/kwIrZoAQA4Iz3253Fa5NRZUk+AhuyP +ypIdmweT/jQirJqiqp7+9XuZ/XIyQJiI2EIdM1lMOC6X8p2i/LczzYTBxu/1xdm+ +MrpEZgZiXFUxOLQlGmpk3hQ5tDh0G9fE7IH8OhNL4dGxXzyOJbxjfzB4BE55OoOX +UvYAap7YtcYGIZdKmO7P6IOUIxFsANfpNR+Jd4Wa148pkMZhFOV9VVtmZWBEeYob +WIi5D1+mX3rKaww= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/certs/test-pathlen/chainC-ICA1-pathlen1.pem index 9ae15cd0c..64cbc0c6b 100644 --- a/certs/test-pathlen/chainC-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainC-ICA1-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: - 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: - a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: - 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: - f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: - 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: - 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: - 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: - 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: - cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: - e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: - 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: - 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: - 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: - 14:e2:60:25 + Signature Algorithm: sha256WithRSAEncryption + 65:d2:6a:a3:a2:98:ac:5a:53:e4:b4:02:66:8e:9c:64:fa:53: + 88:a7:31:09:fa:31:4d:27:7a:17:7a:1c:8f:13:2a:e5:60:e4: + f2:0f:6a:e6:a6:48:ed:e4:17:0e:cb:57:77:66:98:c0:37:2f: + 00:26:1e:1a:a8:e4:ad:9e:c9:47:4d:6c:c5:57:75:79:97:be: + 0f:82:92:aa:b0:df:0d:f4:25:49:fd:c6:6f:e7:70:f1:f0:0d: + e7:13:81:ed:a1:1e:69:f3:10:3d:3e:3c:5b:c0:71:fb:44:47: + e2:bc:51:62:6c:21:7a:ea:ad:74:f5:46:35:63:93:ab:f9:89: + 31:e6:01:5f:eb:ca:df:d3:93:86:3d:8b:0a:88:79:f1:b1:47: + df:1f:2e:a0:7e:34:f6:80:30:7d:bd:e5:70:43:0d:76:2a:fc: + fe:38:4f:3a:bc:58:52:81:37:5e:e9:3b:26:f4:8d:20:5f:f2: + 44:56:e8:b8:cc:42:7a:5e:67:28:34:c3:8f:a9:08:87:92:4b: + bc:1d:3b:d1:1a:d8:79:20:eb:4a:6f:87:b3:3b:ef:2f:a6:98: + 34:48:a6:43:ba:d4:fa:65:6f:54:9b:28:a1:e1:77:fe:0e:91: + 0b:4f:f5:95:3e:b3:c9:4e:2d:17:67:37:5b:d5:dd:83:ef:a4: + b4:41:53:36 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS -pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme -ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ -3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl -EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ -1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBl0mqjopisWlPktAJmjpxk+lOIpzEJ+jFNJ3oXehyPEyrlYOTyD2rmpkjt +5BcOy1d3ZpjANy8AJh4aqOStnslHTWzFV3V5l74PgpKqsN8N9CVJ/cZv53Dx8A3n +E4HtoR5p8xA9PjxbwHH7REfivFFibCF66q109UY1Y5Or+Ykx5gFf68rf05OGPYsK +iHnxsUffHy6gfjT2gDB9veVwQw12Kvz+OE86vFhSgTde6Tsm9I0gX/JEVui4zEJ6 +XmcoNMOPqQiHkku8HTvRGth5IOtKb4ezO+8vppg0SKZDutT6ZW9Umyih4Xf+DpEL +T/WVPrPJTi0XZzdb1d2D76S0QVM2 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-assembled.pem b/certs/test-pathlen/chainC-assembled.pem index 3c15b3aa5..0fae68780 100644 --- a/certs/test-pathlen/chainC-assembled.pem +++ b/certs/test-pathlen/chainC-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: - 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: - 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: - 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: - 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: - ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: - cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: - e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: - 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: - d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: - 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: - 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: - 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: - 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: - c6:bd:25:6b + Signature Algorithm: sha256WithRSAEncryption + b7:d0:5e:86:77:76:45:77:c3:f8:5c:cd:9b:84:52:b7:8b:d6: + 84:ed:d3:1b:fa:7f:27:d1:24:05:11:9d:bf:74:eb:14:93:ee: + 08:2c:16:0a:d8:00:46:31:e3:43:f1:95:64:b1:72:93:49:fa: + fe:73:e8:be:2a:02:95:e8:3a:56:f3:aa:8b:fa:cb:3a:f5:06: + a2:00:ae:19:36:86:be:93:79:3f:58:f7:95:de:a8:e2:12:89: + 52:2f:a0:be:09:3e:18:69:19:d5:96:7c:94:9a:ee:ab:f1:2b: + 74:54:c9:1c:0a:5f:aa:d1:62:34:24:33:f8:5e:b2:43:9c:c9: + e6:8c:fa:b5:89:a7:3e:6b:51:00:a6:e3:d5:c4:f9:ac:78:a5: + 4d:85:7c:e3:7d:f9:b5:e8:ad:3e:32:56:fb:99:bf:f9:3b:a4: + 98:04:72:cd:ea:95:08:af:7e:62:2d:74:e4:25:48:43:25:ba: + 07:7c:00:c9:31:41:6f:59:ff:da:bb:ac:08:06:18:1a:0a:3d: + 1d:2e:ad:98:2c:06:72:51:f2:75:7c:87:ef:e0:37:f6:80:70: + aa:8d:d9:a8:13:e5:31:91:3c:e3:0f:21:33:0a:15:91:1c:4d: + 3a:1b:35:f6:4c:f5:5f:70:34:b2:dc:ed:10:5d:37:58:16:e4: + e0:83:12:90 -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,22 +77,22 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K -mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE -9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL -xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy -1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR -EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAt9Behnd2RXfD+FzNm4RSt4vW +hO3TG/p/J9EkBRGdv3TrFJPuCCwWCtgARjHjQ/GVZLFyk0n6/nPovioCleg6VvOq +i/rLOvUGogCuGTaGvpN5P1j3ld6o4hKJUi+gvgk+GGkZ1ZZ8lJruq/ErdFTJHApf +qtFiNCQz+F6yQ5zJ5oz6tYmnPmtRAKbj1cT5rHilTYV84335teitPjJW+5m/+Tuk +mARyzeqVCK9+Yi105CVIQyW6B3wAyTFBb1n/2rusCAYYGgo9HS6tmCwGclHydXyH +7+A39oBwqo3ZqBPlMZE84w8hMwoVkRxNOhs19kz1X3A0stztEF03WBbk4IMSkA== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 1c:0d:71:2e:6b:aa:dc:27:0f:43:48:46:69:0e:e0:e8:71:cc: - 03:37:9f:25:ee:9b:33:eb:7b:5a:25:a5:68:be:76:3e:5a:e8: - a7:11:cd:2d:6b:11:92:a6:33:6d:d9:c9:ab:52:7a:39:d3:37: - 90:05:88:b4:ba:69:7b:83:a1:47:75:c6:f4:ed:a0:a4:eb:0a: - f7:e5:a9:46:04:59:65:1e:ec:41:4f:42:aa:9d:31:ab:8c:e9: - 9e:7d:fe:fc:9a:5e:d7:49:d5:36:08:0e:12:ae:27:2d:33:46: - 08:55:d1:ec:6f:4b:8e:26:92:02:ba:a6:40:ca:fd:cd:0b:ee: - 04:54:28:10:82:ab:bf:ac:51:40:73:af:be:dd:fd:6e:45:48: - 04:d0:c7:a4:28:3e:2c:8d:41:e6:62:44:e8:eb:df:d3:a6:a0: - cc:20:25:ca:5d:4c:e9:f7:df:aa:fa:86:70:a6:70:cb:2a:b9: - e6:50:82:63:e8:08:e5:10:1c:22:96:68:c5:f1:2d:2b:33:e0: - 30:1c:d8:b2:13:9f:72:7b:07:e0:f5:14:fa:52:a5:69:5d:17: - 00:67:fd:5f:01:96:38:c6:51:5b:88:0a:61:e8:13:85:30:f1: - 90:d6:ee:94:ba:f7:1f:de:21:6d:51:2c:c8:49:48:6b:27:a1: - 14:e2:60:25 + Signature Algorithm: sha256WithRSAEncryption + 65:d2:6a:a3:a2:98:ac:5a:53:e4:b4:02:66:8e:9c:64:fa:53: + 88:a7:31:09:fa:31:4d:27:7a:17:7a:1c:8f:13:2a:e5:60:e4: + f2:0f:6a:e6:a6:48:ed:e4:17:0e:cb:57:77:66:98:c0:37:2f: + 00:26:1e:1a:a8:e4:ad:9e:c9:47:4d:6c:c5:57:75:79:97:be: + 0f:82:92:aa:b0:df:0d:f4:25:49:fd:c6:6f:e7:70:f1:f0:0d: + e7:13:81:ed:a1:1e:69:f3:10:3d:3e:3c:5b:c0:71:fb:44:47: + e2:bc:51:62:6c:21:7a:ea:ad:74:f5:46:35:63:93:ab:f9:89: + 31:e6:01:5f:eb:ca:df:d3:93:86:3d:8b:0a:88:79:f1:b1:47: + df:1f:2e:a0:7e:34:f6:80:30:7d:bd:e5:70:43:0d:76:2a:fc: + fe:38:4f:3a:bc:58:52:81:37:5e:e9:3b:26:f4:8d:20:5f:f2: + 44:56:e8:b8:cc:42:7a:5e:67:28:34:c3:8f:a9:08:87:92:4b: + bc:1d:3b:d1:1a:d8:79:20:eb:4a:6f:87:b3:3b:ef:2f:a6:98: + 34:48:a6:43:ba:d4:fa:65:6f:54:9b:28:a1:e1:77:fe:0e:91: + 0b:4f:f5:95:3e:b3:c9:4e:2d:17:67:37:5b:d5:dd:83:ef:a4: + b4:41:53:36 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA4WhcNMjIwNzA3MDAyODA4WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -165,11 +165,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAcDXEua6rcJw9DSEZpDuDoccwDN58l7psz63taJaVovnY+WuinEc0taxGS -pjNt2cmrUno50zeQBYi0uml7g6FHdcb07aCk6wr35alGBFllHuxBT0KqnTGrjOme -ff78ml7XSdU2CA4SrictM0YIVdHsb0uOJpICuqZAyv3NC+4EVCgQgqu/rFFAc6++ -3f1uRUgE0MekKD4sjUHmYkTo69/TpqDMICXKXUzp99+q+oZwpnDLKrnmUIJj6Ajl -EBwilmjF8S0rM+AwHNiyE59yewfg9RT6UqVpXRcAZ/1fAZY4xlFbiAph6BOFMPGQ -1u6Uuvcf3iFtUSzISUhrJ6EU4mAl +3rj7MA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBl0mqjopisWlPktAJmjpxk+lOIpzEJ+jFNJ3oXehyPEyrlYOTyD2rmpkjt +5BcOy1d3ZpjANy8AJh4aqOStnslHTWzFV3V5l74PgpKqsN8N9CVJ/cZv53Dx8A3n +E4HtoR5p8xA9PjxbwHH7REfivFFibCF66q109UY1Y5Or+Ykx5gFf68rf05OGPYsK +iHnxsUffHy6gfjT2gDB9veVwQw12Kvz+OE86vFhSgTde6Tsm9I0gX/JEVui4zEJ6 +XmcoNMOPqQiHkku8HTvRGth5IOtKb4ezO+8vppg0SKZDutT6ZW9Umyih4Xf+DpEL +T/WVPrPJTi0XZzdb1d2D76S0QVM2 -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainC-entity.pem b/certs/test-pathlen/chainC-entity.pem index 5747494a0..34f198f2e 100644 --- a/certs/test-pathlen/chainC-entity.pem +++ b/certs/test-pathlen/chainC-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:08 2019 GMT + Not After : Jul 7 00:28:08 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 3c:4d:80:1a:b9:8d:37:b5:eb:95:80:0f:39:4f:cc:dd:bf:4a: - 99:70:7d:dc:64:98:8a:c5:e7:d0:6e:94:04:54:04:c3:cb:0a: - 6e:cb:7a:50:bf:f8:e1:98:fd:f7:ab:5a:c1:2b:5c:04:bc:12: - 54:8d:d0:42:82:0e:c8:84:f8:b8:cb:c4:f7:32:f1:bb:5d:7e: - 9f:f1:64:01:70:bb:b6:d6:3e:82:5c:58:eb:da:3d:0a:ff:44: - ef:bd:dd:fe:a5:8d:f8:cd:7e:a7:6a:40:4f:d5:12:b1:24:86: - cd:1d:ff:60:b8:cb:c6:b3:91:c9:f1:81:22:11:7a:4d:c8:d0: - e5:a4:4a:35:15:19:26:b4:c1:09:46:72:18:02:fb:68:bc:c8: - 61:e3:07:48:ff:b3:c6:49:12:45:2b:8e:91:dc:74:64:82:32: - d5:c8:26:7e:19:ac:99:a1:7f:c3:49:da:c4:4a:e9:93:2a:7d: - 1a:23:9e:b6:7f:6f:48:52:94:ba:fe:52:48:9f:06:8b:a9:b8: - 93:b1:03:01:4d:e6:7f:13:8e:e0:a9:51:11:aa:aa:cc:69:1f: - 44:31:64:03:e7:ca:84:cd:ee:64:e2:f6:9e:b1:37:50:89:81: - 3c:fb:a1:5b:d8:97:a5:34:6b:02:e6:09:32:bb:59:4b:f0:cd: - c6:bd:25:6b + Signature Algorithm: sha256WithRSAEncryption + b7:d0:5e:86:77:76:45:77:c3:f8:5c:cd:9b:84:52:b7:8b:d6: + 84:ed:d3:1b:fa:7f:27:d1:24:05:11:9d:bf:74:eb:14:93:ee: + 08:2c:16:0a:d8:00:46:31:e3:43:f1:95:64:b1:72:93:49:fa: + fe:73:e8:be:2a:02:95:e8:3a:56:f3:aa:8b:fa:cb:3a:f5:06: + a2:00:ae:19:36:86:be:93:79:3f:58:f7:95:de:a8:e2:12:89: + 52:2f:a0:be:09:3e:18:69:19:d5:96:7c:94:9a:ee:ab:f1:2b: + 74:54:c9:1c:0a:5f:aa:d1:62:34:24:33:f8:5e:b2:43:9c:c9: + e6:8c:fa:b5:89:a7:3e:6b:51:00:a6:e3:d5:c4:f9:ac:78:a5: + 4d:85:7c:e3:7d:f9:b5:e8:ad:3e:32:56:fb:99:bf:f9:3b:a4: + 98:04:72:cd:ea:95:08:af:7e:62:2d:74:e4:25:48:43:25:ba: + 07:7c:00:c9:31:41:6f:59:ff:da:bb:ac:08:06:18:1a:0a:3d: + 1d:2e:ad:98:2c:06:72:51:f2:75:7c:87:ef:e0:37:f6:80:70: + aa:8d:d9:a8:13:e5:31:91:3c:e3:0f:21:33:0a:15:91:1c:4d: + 3a:1b:35:f6:4c:f5:5f:70:34:b2:dc:ed:10:5d:37:58:16:e4: + e0:83:12:90 -----BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOFoXDTIyMDcwNzAwMjgwOFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw -CQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOCAQEAPE2AGrmNN7XrlYAPOU/M3b9K -mXB93GSYisXn0G6UBFQEw8sKbst6UL/44Zj996tawStcBLwSVI3QQoIOyIT4uMvE -9zLxu11+n/FkAXC7ttY+glxY69o9Cv9E773d/qWN+M1+p2pAT9USsSSGzR3/YLjL -xrORyfGBIhF6TcjQ5aRKNRUZJrTBCUZyGAL7aLzIYeMHSP+zxkkSRSuOkdx0ZIIy -1cgmfhmsmaF/w0naxErpkyp9GiOetn9vSFKUuv5SSJ8Gi6m4k7EDAU3mfxOO4KlR -EaqqzGkfRDFkA+fKhM3uZOL2nrE3UImBPPuhW9iXpTRrAuYJMrtZS/DNxr0law== +CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAt9Behnd2RXfD+FzNm4RSt4vW +hO3TG/p/J9EkBRGdv3TrFJPuCCwWCtgARjHjQ/GVZLFyk0n6/nPovioCleg6VvOq +i/rLOvUGogCuGTaGvpN5P1j3ld6o4hKJUi+gvgk+GGkZ1ZZ8lJruq/ErdFTJHApf +qtFiNCQz+F6yQ5zJ5oz6tYmnPmtRAKbj1cT5rHilTYV84335teitPjJW+5m/+Tuk +mARyzeqVCK9+Yi105CVIQyW6B3wAyTFBb1n/2rusCAYYGgo9HS6tmCwGclHydXyH +7+A39oBwqo3ZqBPlMZE84w8hMwoVkRxNOhs19kz1X3A0stztEF03WBbk4IMSkA== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/certs/test-pathlen/chainD-ICA1-pathlen127.pem index 525d7b7cb..97ad8d4f5 100644 --- a/certs/test-pathlen/chainD-ICA1-pathlen127.pem +++ b/certs/test-pathlen/chainD-ICA1-pathlen127.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: - 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: - 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: - 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: - ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: - 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: - 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: - 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: - fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: - e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: - 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: - ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: - af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: - ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: - df:41:9e:ea + Signature Algorithm: sha256WithRSAEncryption + 12:87:4f:82:bb:5a:21:b0:95:f6:b5:2b:95:53:a5:10:fc:f6: + fe:7e:03:9c:fa:cf:d7:d5:a1:72:1d:33:69:1b:0e:07:07:62: + 74:9b:0c:2b:46:d2:b8:80:b1:72:f3:c1:83:13:62:fd:dd:17: + 15:14:0b:64:57:26:db:70:e5:3d:44:88:05:f9:91:b0:9a:4a: + c0:f9:87:3c:70:16:d6:1c:58:51:d9:b9:b8:ac:11:d2:4d:94: + 58:cf:fd:9e:74:51:28:b0:4f:ed:7d:88:25:ce:6b:eb:5e:ca: + e8:f9:ce:31:e1:b9:2d:e6:d9:0c:13:ff:3f:24:1f:fa:25:e8: + cd:cd:25:88:e7:98:dc:b5:f8:cd:21:d2:a8:71:d1:b9:18:dd: + 18:5d:0b:97:a7:82:04:d5:e8:36:29:4b:dc:7f:d9:42:85:55: + 81:dc:da:f9:ca:58:38:f3:2c:df:b4:2c:23:65:d3:17:01:ed: + f4:8b:f6:9b:0b:b5:32:ea:28:cb:c2:fb:16:2a:fe:3d:3d:0b: + e6:f3:bf:8f:43:75:a7:d1:b8:c9:04:31:4f:60:3a:3a:4a:b0: + 1b:16:7d:24:b8:78:be:be:7a:80:a5:81:8c:77:7c:aa:79:75: + 4d:3f:a2:14:36:5a:81:1f:6c:44:7d:d1:9a:db:a6:f6:e3:48: + d3:bb:ea:9c -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -79,11 +79,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL -6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE -cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc -otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX -jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA -zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBABKHT4K7WiGwlfa1K5VTpRD89v5+A5z6z9fVoXIdM2kbDgcHYnSbDCtG +0riAsXLzwYMTYv3dFxUUC2RXJttw5T1EiAX5kbCaSsD5hzxwFtYcWFHZubisEdJN +lFjP/Z50USiwT+19iCXOa+teyuj5zjHhuS3m2QwT/z8kH/ol6M3NJYjnmNy1+M0h +0qhx0bkY3RhdC5enggTV6DYpS9x/2UKFVYHc2vnKWDjzLN+0LCNl0xcB7fSL9psL +tTLqKMvC+xYq/j09C+bzv49DdafRuMkEMU9gOjpKsBsWfSS4eL6+eoClgYx3fKp5 +dU0/ohQ2WoEfbER90ZrbpvbjSNO76pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-assembled.pem b/certs/test-pathlen/chainD-assembled.pem index c406fd750..28cc30acd 100644 --- a/certs/test-pathlen/chainD-assembled.pem +++ b/certs/test-pathlen/chainD-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: - e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: - 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: - 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: - 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: - 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: - 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: - e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: - 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: - 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: - 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: - 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: - 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: - 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: - a5:75:09:4d + Signature Algorithm: sha256WithRSAEncryption + 58:fd:0d:2f:47:32:d2:11:b4:b5:a5:b5:ea:26:23:66:85:cc: + 46:b5:42:fc:63:98:57:14:84:ca:2a:02:30:9e:a0:64:d4:24: + cb:42:2e:53:a3:0f:d7:24:46:cb:37:0c:ba:d9:73:50:11:15: + d0:4a:4a:f5:10:15:db:c9:e5:e6:a2:c3:91:89:70:c8:df:59: + c3:2f:c3:94:a4:50:5b:f5:d8:71:e8:ba:fa:85:ee:aa:f4:b1: + 64:29:54:62:08:cc:89:a3:41:be:df:03:d3:75:f8:92:41:95: + 4b:06:cc:95:30:ef:a8:6f:01:9a:2e:bc:a0:7e:4c:08:4e:d4: + f0:91:fe:b4:a3:67:0f:9c:5d:4d:7d:ad:04:d7:cf:e4:79:d8: + b2:18:78:33:fd:a3:cb:14:d3:50:1b:50:62:ef:9d:1b:88:8d: + 7b:42:76:ce:c7:88:70:58:40:f4:bf:7c:1e:c5:26:8c:23:b7: + 7e:d2:85:67:c7:fe:ae:59:98:06:60:54:43:1e:31:74:25:c9: + 1e:4c:05:d2:6d:01:3e:33:ac:5d:42:c5:47:c4:20:9f:04:30: + ca:c7:22:63:bd:8e:16:0a:42:4c:5b:2c:3b:b4:77:3c:b4:43: + bb:6d:4d:40:d6:ed:30:df:29:a4:3e:e2:78:c3:4f:11:a4:53: + 65:33:e0:c9 -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,22 +77,22 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz -D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x -qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG -gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 -wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq -8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY/Q0vRzLSEbS1pbXqJiNm +hcxGtUL8Y5hXFITKKgIwnqBk1CTLQi5Tow/XJEbLNwy62XNQERXQSkr1EBXbyeXm +osORiXDI31nDL8OUpFBb9dhx6Lr6he6q9LFkKVRiCMyJo0G+3wPTdfiSQZVLBsyV +MO+obwGaLrygfkwITtTwkf60o2cPnF1Nfa0E18/kediyGHgz/aPLFNNQG1Bi750b +iI17QnbOx4hwWED0v3wexSaMI7d+0oVnx/6uWZgGYFRDHjF0JckeTAXSbQE+M6xd +QsVHxCCfBDDKxyJjvY4WCkJMWyw7tHc8tEO7bU1A1u0w3ymkPuJ4w08RpFNlM+DJ -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:127 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 31:31:fe:0e:2e:de:26:4a:f8:3b:6d:9a:89:4b:29:4a:2f:ce: - 20:ba:ff:4e:04:a7:0b:54:21:f5:0e:57:9f:f7:a1:1e:d5:b2: - 76:fe:72:06:8b:e8:43:63:21:5c:b5:2b:42:c7:21:19:36:cd: - 87:ab:b7:6b:0d:a0:e7:d2:7b:f8:4e:2f:18:76:ec:8b:4d:b6: - ab:3c:ed:c5:b6:33:d6:b7:fe:8c:0c:d0:7a:63:8a:54:84:70: - 66:d3:67:1f:b7:ab:8e:9a:bc:2a:6f:3d:b1:f9:00:90:29:6b: - 29:6f:a2:3e:ff:19:9f:e2:c7:b0:47:68:61:47:f8:70:c7:d6: - 94:d9:f6:76:d2:eb:c6:72:30:e0:1c:a2:d0:c0:1b:44:62:88: - fb:03:35:4c:e0:a7:8d:da:e9:eb:67:dc:07:86:7c:4a:e6:ba: - e2:44:ad:11:0e:de:34:79:e4:62:df:35:42:51:a0:33:a0:30: - 65:1b:a7:48:d7:8c:69:d3:29:45:e3:61:8c:49:bd:83:c8:7f: - ab:e6:83:b1:f9:13:c7:3d:74:bc:b2:da:52:9e:42:9a:67:50: - af:46:06:7f:14:71:2b:b7:4a:b1:b2:d7:f8:33:8a:74:00:cc: - ee:24:46:61:67:c5:28:87:15:e5:72:0e:2d:4d:6e:2c:63:28: - df:41:9e:ea + Signature Algorithm: sha256WithRSAEncryption + 12:87:4f:82:bb:5a:21:b0:95:f6:b5:2b:95:53:a5:10:fc:f6: + fe:7e:03:9c:fa:cf:d7:d5:a1:72:1d:33:69:1b:0e:07:07:62: + 74:9b:0c:2b:46:d2:b8:80:b1:72:f3:c1:83:13:62:fd:dd:17: + 15:14:0b:64:57:26:db:70:e5:3d:44:88:05:f9:91:b0:9a:4a: + c0:f9:87:3c:70:16:d6:1c:58:51:d9:b9:b8:ac:11:d2:4d:94: + 58:cf:fd:9e:74:51:28:b0:4f:ed:7d:88:25:ce:6b:eb:5e:ca: + e8:f9:ce:31:e1:b9:2d:e6:d9:0c:13:ff:3f:24:1f:fa:25:e8: + cd:cd:25:88:e7:98:dc:b5:f8:cd:21:d2:a8:71:d1:b9:18:dd: + 18:5d:0b:97:a7:82:04:d5:e8:36:29:4b:dc:7f:d9:42:85:55: + 81:dc:da:f9:ca:58:38:f3:2c:df:b4:2c:23:65:d3:17:01:ed: + f4:8b:f6:9b:0b:b5:32:ea:28:cb:c2:fb:16:2a:fe:3d:3d:0b: + e6:f3:bf:8f:43:75:a7:d1:b8:c9:04:31:4f:60:3a:3a:4a:b0: + 1b:16:7d:24:b8:78:be:be:7a:80:a5:81:8c:77:7c:aa:79:75: + 4d:3f:a2:14:36:5a:81:1f:6c:44:7d:d1:9a:db:a6:f6:e3:48: + d3:bb:ea:9c -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -165,11 +165,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBADEx/g4u3iZK+DttmolLKUovziC6/04EpwtUIfUOV5/3oR7Vsnb+cgaL -6ENjIVy1K0LHIRk2zYert2sNoOfSe/hOLxh27ItNtqs87cW2M9a3/owM0HpjilSE -cGbTZx+3q46avCpvPbH5AJApaylvoj7/GZ/ix7BHaGFH+HDH1pTZ9nbS68ZyMOAc -otDAG0RiiPsDNUzgp43a6etn3AeGfErmuuJErREO3jR55GLfNUJRoDOgMGUbp0jX -jGnTKUXjYYxJvYPIf6vmg7H5E8c9dLyy2lKeQppnUK9GBn8UcSu3SrGy1/gzinQA -zO4kRmFnxSiHFeVyDi1NbixjKN9Bnuo= +jhDeuPswDwYDVR0TBAgwBgEB/wIBfzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBABKHT4K7WiGwlfa1K5VTpRD89v5+A5z6z9fVoXIdM2kbDgcHYnSbDCtG +0riAsXLzwYMTYv3dFxUUC2RXJttw5T1EiAX5kbCaSsD5hzxwFtYcWFHZubisEdJN +lFjP/Z50USiwT+19iCXOa+teyuj5zjHhuS3m2QwT/z8kH/ol6M3NJYjnmNy1+M0h +0qhx0bkY3RhdC5enggTV6DYpS9x/2UKFVYHc2vnKWDjzLN+0LCNl0xcB7fSL9psL +tTLqKMvC+xYq/j09C+bzv49DdafRuMkEMU9gOjpKsBsWfSS4eL6+eoClgYx3fKp5 +dU0/ohQ2WoEfbER90ZrbpvbjSNO76pw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainD-entity.pem b/certs/test-pathlen/chainD-entity.pem index 011d61687..640b8394e 100644 --- a/certs/test-pathlen/chainD-entity.pem +++ b/certs/test-pathlen/chainD-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - af:98:d3:6b:bf:42:41:94:d7:95:75:e5:5b:7d:35:b3:0f:a7: - e1:4c:35:70:ab:30:57:b3:61:24:c7:5e:6d:e1:b8:da:d4:fd: - 81:cf:77:eb:44:3e:a7:09:c8:39:cf:63:7f:2b:4a:04:dc:ff: - 79:1a:53:45:f0:57:81:dc:9d:f1:a9:0f:14:06:5a:96:b2:3f: - 72:9d:d8:aa:10:b7:b3:6c:13:d9:c3:7e:c8:87:5d:4c:89:34: - 3e:24:b5:db:e2:97:bc:dd:c6:49:8c:89:7f:d4:30:40:8e:75: - 89:a8:2a:c6:83:2d:cd:8c:2e:b3:9c:88:ef:91:be:c8:e9:c1: - e0:cd:2d:52:40:f1:0c:ed:5d:90:69:a1:ec:c6:8f:b0:72:0c: - 5e:e9:a7:e3:e9:20:1f:c1:ed:f8:93:73:0f:5e:b8:f7:c0:8c: - 6d:b9:a6:44:97:4e:7e:17:55:9f:f2:32:f7:97:88:4e:75:57: - 45:cb:dd:fe:24:34:af:23:ee:ee:b8:66:0d:06:38:a4:e8:fb: - 48:19:3c:47:24:de:7b:6b:b5:ea:f1:cc:97:e0:6a:b6:1f:a7: - 06:f8:50:41:cb:d0:ba:7f:10:b5:6c:5a:98:62:f6:96:c0:58: - 3b:dc:70:c3:70:47:89:7c:3f:b3:6c:06:d1:fc:00:af:3e:71: - a5:75:09:4d + Signature Algorithm: sha256WithRSAEncryption + 58:fd:0d:2f:47:32:d2:11:b4:b5:a5:b5:ea:26:23:66:85:cc: + 46:b5:42:fc:63:98:57:14:84:ca:2a:02:30:9e:a0:64:d4:24: + cb:42:2e:53:a3:0f:d7:24:46:cb:37:0c:ba:d9:73:50:11:15: + d0:4a:4a:f5:10:15:db:c9:e5:e6:a2:c3:91:89:70:c8:df:59: + c3:2f:c3:94:a4:50:5b:f5:d8:71:e8:ba:fa:85:ee:aa:f4:b1: + 64:29:54:62:08:cc:89:a3:41:be:df:03:d3:75:f8:92:41:95: + 4b:06:cc:95:30:ef:a8:6f:01:9a:2e:bc:a0:7e:4c:08:4e:d4: + f0:91:fe:b4:a3:67:0f:9c:5d:4d:7d:ad:04:d7:cf:e4:79:d8: + b2:18:78:33:fd:a3:cb:14:d3:50:1b:50:62:ef:9d:1b:88:8d: + 7b:42:76:ce:c7:88:70:58:40:f4:bf:7c:1e:c5:26:8c:23:b7: + 7e:d2:85:67:c7:fe:ae:59:98:06:60:54:43:1e:31:74:25:c9: + 1e:4c:05:d2:6d:01:3e:33:ac:5d:42:c5:47:c4:20:9f:04:30: + ca:c7:22:63:bd:8e:16:0a:42:4c:5b:2c:3b:b4:77:3c:b4:43: + bb:6d:4d:40:d6:ed:30:df:29:a4:3e:e2:78:c3:4f:11:a4:53: + 65:33:e0:c9 -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQCvmNNrv0JBlNeVdeVbfTWz -D6fhTDVwqzBXs2Ekx15t4bja1P2Bz3frRD6nCcg5z2N/K0oE3P95GlNF8FeB3J3x -qQ8UBlqWsj9yndiqELezbBPZw37Ih11MiTQ+JLXb4pe83cZJjIl/1DBAjnWJqCrG -gy3NjC6znIjvkb7I6cHgzS1SQPEM7V2QaaHsxo+wcgxe6afj6SAfwe34k3MPXrj3 -wIxtuaZEl05+F1Wf8jL3l4hOdVdFy93+JDSvI+7uuGYNBjik6PtIGTxHJN57a7Xq -8cyX4Gq2H6cG+FBBy9C6fxC1bFqYYvaWwFg73HDDcEeJfD+zbAbR/ACvPnGldQlN +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBY/Q0vRzLSEbS1pbXqJiNm +hcxGtUL8Y5hXFITKKgIwnqBk1CTLQi5Tow/XJEbLNwy62XNQERXQSkr1EBXbyeXm +osORiXDI31nDL8OUpFBb9dhx6Lr6he6q9LFkKVRiCMyJo0G+3wPTdfiSQZVLBsyV +MO+obwGaLrygfkwITtTwkf60o2cPnF1Nfa0E18/kediyGHgz/aPLFNNQG1Bi750b +iI17QnbOx4hwWED0v3wexSaMI7d+0oVnx/6uWZgGYFRDHjF0JckeTAXSbQE+M6xd +QsVHxCCfBDDKxyJjvY4WCkJMWyw7tHc8tEO7bU1A1u0w3ymkPuJ4w08RpFNlM+DJ -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/certs/test-pathlen/chainE-ICA1-pathlen128.pem index 92c5bb9a6..da10c86f7 100644 --- a/certs/test-pathlen/chainE-ICA1-pathlen128.pem +++ b/certs/test-pathlen/chainE-ICA1-pathlen128.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: - af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: - 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: - 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: - 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: - 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: - 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: - 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: - a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: - 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: - c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: - 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: - 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: - 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: - 4f:a6:b7:df + Signature Algorithm: sha256WithRSAEncryption + 81:17:73:e0:8e:30:5f:5e:a7:25:a8:c0:89:f0:2a:c5:cc:72: + 30:0a:55:f2:c8:13:34:de:3c:7c:5e:e1:56:5e:72:04:10:8b: + 4b:05:3b:14:3c:37:0e:48:68:23:a1:2c:f5:72:f0:36:57:79: + fa:6f:ee:b0:17:83:f0:8a:1f:f0:6b:88:3b:57:c8:b2:57:c9: + 4e:35:14:a8:d7:31:db:68:74:8c:30:24:b3:9d:c9:8d:8c:36: + 34:30:0e:f3:4e:74:bd:14:77:c8:13:7f:bc:d3:21:34:e8:87: + e7:a3:80:62:ea:20:4b:40:ef:f5:97:db:c7:63:6b:e4:06:12: + 1a:b7:55:da:5a:34:32:95:59:c4:68:85:2c:87:dd:77:5f:ff: + 28:cf:95:c3:68:f8:c4:32:af:8e:c6:2c:39:6b:bd:3a:dd:18: + 16:a8:a7:0e:9d:93:6d:8e:77:b1:0e:86:55:0d:a4:aa:e6:3f: + f5:69:1d:d5:c0:5e:1a:b1:bc:ab:5f:eb:1f:76:6a:c5:22:57: + a9:f1:ee:55:56:37:61:9e:49:e6:bc:8b:e9:9d:6b:11:6f:90: + cb:d6:18:3c:81:f2:c8:4c:92:e4:4d:73:d1:a1:be:8d:fe:d7: + 54:20:d4:df:43:7d:e7:57:f1:dd:9f:a0:6d:cd:e3:ab:30:fa: + cc:29:0b:01 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -80,10 +80,10 @@ AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE -4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu -k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti -wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ -aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ -gelbLrLvK7YaG0svwuSBn7/e4XNPprff +CwUAA4IBAQCBF3PgjjBfXqclqMCJ8CrFzHIwClXyyBM03jx8XuFWXnIEEItLBTsU +PDcOSGgjoSz1cvA2V3n6b+6wF4Pwih/wa4g7V8iyV8lONRSo1zHbaHSMMCSzncmN +jDY0MA7zTnS9FHfIE3+80yE06Ifno4Bi6iBLQO/1l9vHY2vkBhIat1XaWjQylVnE +aIUsh913X/8oz5XDaPjEMq+Oxiw5a7063RgWqKcOnZNtjnexDoZVDaSq5j/1aR3V +wF4asbyrX+sfdmrFIlep8e5VVjdhnknmvIvpnWsRb5DL1hg8gfLITJLkTXPRob6N +/tdUINTfQ33nV/Hdn6BtzeOrMPrMKQsB -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-assembled.pem b/certs/test-pathlen/chainE-assembled.pem index 5af7bd598..be49ab5be 100644 --- a/certs/test-pathlen/chainE-assembled.pem +++ b/certs/test-pathlen/chainE-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: - 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: - b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: - c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: - 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: - 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: - e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: - 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: - f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: - ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: - 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: - da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: - fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: - ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: - 8a:9b:b5:8c + Signature Algorithm: sha256WithRSAEncryption + 1a:af:fd:cb:5e:63:ed:ac:39:c5:e1:0f:32:2c:6e:f2:0b:23: + 1d:d8:61:e4:39:d6:a6:e6:69:a3:df:f7:3b:80:84:22:72:58: + 0e:bc:ef:92:10:65:93:16:20:e4:69:d7:d1:58:0b:33:f2:68: + a2:6b:76:36:d0:f0:36:3c:61:31:dc:44:a0:00:e2:80:9e:62: + d5:fe:cc:08:66:ca:23:88:b3:e0:48:32:be:d8:dd:d2:a6:f9: + 20:13:1a:1f:a0:65:80:8d:d8:c5:c6:c5:3f:1a:ec:ae:2a:a5: + ac:de:97:eb:56:96:c7:55:16:ee:5f:e2:74:e2:03:1f:91:69: + 70:b8:fb:5a:42:26:7a:fa:5e:8d:19:eb:5a:2e:32:09:c9:95: + be:9e:34:d4:90:88:42:7e:ad:70:8b:cf:7d:5d:d0:a8:91:aa: + 93:1a:d1:15:7c:2d:a7:af:c2:d2:d7:65:20:5e:8b:3d:b1:df: + 98:5f:56:ad:ed:57:ca:53:ac:0e:f7:86:a4:80:d2:ea:f2:01: + e6:b0:5f:6f:4f:12:17:31:7c:8e:24:43:ac:94:06:aa:6d:a4: + eb:eb:43:b6:64:ed:76:24:bf:73:d8:7c:56:7e:d5:8b:66:f6: + cb:09:0d:f7:44:34:a3:93:d8:e7:36:1a:5f:0f:51:22:09:79: + 24:dd:31:9e -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,22 +77,22 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ -uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz -0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS -samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV -15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv -f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAar/3LXmPtrDnF4Q8yLG7y +CyMd2GHkOdam5mmj3/c7gIQiclgOvO+SEGWTFiDkadfRWAsz8miia3Y20PA2PGEx +3ESgAOKAnmLV/swIZsojiLPgSDK+2N3SpvkgExofoGWAjdjFxsU/GuyuKqWs3pfr +VpbHVRbuX+J04gMfkWlwuPtaQiZ6+l6NGetaLjIJyZW+njTUkIhCfq1wi899XdCo +kaqTGtEVfC2nr8LS12UgXos9sd+YX1at7VfKU6wO94akgNLq8gHmsF9vTxIXMXyO +JEOslAaqbaTr60O2ZO12JL9z2HxWftWLZvbLCQ33RDSjk9jnNhpfD1EiCXkk3TGe -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -129,28 +129,28 @@ Certificate: CA:TRUE, pathlen:128 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - af:fc:98:56:ed:ef:b5:d4:1b:37:22:6c:cf:fb:27:b8:1e:6f: - af:85:6e:e3:84:26:a9:f7:17:96:68:c0:58:95:aa:07:4c:2d: - 92:c6:7b:44:e2:96:27:aa:db:81:70:f0:ad:e4:a0:14:4e:e4: - 43:b5:66:b9:64:50:16:1f:65:fa:ff:ff:60:74:52:15:63:55: - 4e:b4:51:c0:2e:42:d7:78:87:db:57:db:de:5e:5b:ee:93:94: - 67:14:ae:f0:39:88:44:76:44:6b:0e:5d:d4:b6:c5:9a:b0:d5: - 03:40:6a:d5:9f:0c:62:83:51:5a:d7:a4:fd:b4:f4:b3:47:93: - 71:0f:4d:75:39:1b:0f:dc:5b:62:c3:22:1c:53:03:19:2b:52: - a5:d4:f5:e0:79:cf:6a:2d:e6:85:65:e1:d0:8c:c1:c9:1a:67: - 72:1d:77:2a:14:4b:e9:42:1e:06:82:4f:f5:98:ff:d0:36:cc: - c9:05:37:3f:69:e8:53:62:2e:1c:84:d4:f8:a0:cf:5f:32:69: - 7f:4e:53:e6:43:d0:14:04:d4:27:cc:55:9e:b0:84:bb:1a:ba: - 7c:8d:3e:b7:1d:76:04:31:78:91:ff:07:a9:3a:46:09:81:e9: - 5b:2e:b2:ef:2b:b6:1a:1b:4b:2f:c2:e4:81:9f:bf:de:e1:73: - 4f:a6:b7:df + Signature Algorithm: sha256WithRSAEncryption + 81:17:73:e0:8e:30:5f:5e:a7:25:a8:c0:89:f0:2a:c5:cc:72: + 30:0a:55:f2:c8:13:34:de:3c:7c:5e:e1:56:5e:72:04:10:8b: + 4b:05:3b:14:3c:37:0e:48:68:23:a1:2c:f5:72:f0:36:57:79: + fa:6f:ee:b0:17:83:f0:8a:1f:f0:6b:88:3b:57:c8:b2:57:c9: + 4e:35:14:a8:d7:31:db:68:74:8c:30:24:b3:9d:c9:8d:8c:36: + 34:30:0e:f3:4e:74:bd:14:77:c8:13:7f:bc:d3:21:34:e8:87: + e7:a3:80:62:ea:20:4b:40:ef:f5:97:db:c7:63:6b:e4:06:12: + 1a:b7:55:da:5a:34:32:95:59:c4:68:85:2c:87:dd:77:5f:ff: + 28:cf:95:c3:68:f8:c4:32:af:8e:c6:2c:39:6b:bd:3a:dd:18: + 16:a8:a7:0e:9d:93:6d:8e:77:b1:0e:86:55:0d:a4:aa:e6:3f: + f5:69:1d:d5:c0:5e:1a:b1:bc:ab:5f:eb:1f:76:6a:c5:22:57: + a9:f1:ee:55:56:37:61:9e:49:e6:bc:8b:e9:9d:6b:11:6f:90: + cb:d6:18:3c:81:f2:c8:4c:92:e4:4d:73:d1:a1:be:8d:fe:d7: + 54:20:d4:df:43:7d:e7:57:f1:dd:9f:a0:6d:cd:e3:ab:30:fa: + cc:29:0b:01 -----BEGIN CERTIFICATE----- -MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -166,10 +166,10 @@ AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 jhDeuPswEAYDVR0TBAkwBwEB/wICAIAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB -BQUAA4IBAQCv/JhW7e+11Bs3ImzP+ye4Hm+vhW7jhCap9xeWaMBYlaoHTC2SxntE -4pYnqtuBcPCt5KAUTuRDtWa5ZFAWH2X6//9gdFIVY1VOtFHALkLXeIfbV9veXlvu -k5RnFK7wOYhEdkRrDl3UtsWasNUDQGrVnwxig1Fa16T9tPSzR5NxD011ORsP3Fti -wyIcUwMZK1Kl1PXgec9qLeaFZeHQjMHJGmdyHXcqFEvpQh4Ggk/1mP/QNszJBTc/ -aehTYi4chNT4oM9fMml/TlPmQ9AUBNQnzFWesIS7Grp8jT63HXYEMXiR/wepOkYJ -gelbLrLvK7YaG0svwuSBn7/e4XNPprff +CwUAA4IBAQCBF3PgjjBfXqclqMCJ8CrFzHIwClXyyBM03jx8XuFWXnIEEItLBTsU +PDcOSGgjoSz1cvA2V3n6b+6wF4Pwih/wa4g7V8iyV8lONRSo1zHbaHSMMCSzncmN +jDY0MA7zTnS9FHfIE3+80yE06Ifno4Bi6iBLQO/1l9vHY2vkBhIat1XaWjQylVnE +aIUsh913X/8oz5XDaPjEMq+Oxiw5a7063RgWqKcOnZNtjnexDoZVDaSq5j/1aR3V +wF4asbyrX+sfdmrFIlep8e5VVjdhnknmvIvpnWsRb5DL1hg8gfLITJLkTXPRob6N +/tdUINTfQ33nV/Hdn6BtzeOrMPrMKQsB -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainE-entity.pem b/certs/test-pathlen/chainE-entity.pem index 2c01733ca..a4b979416 100644 --- a/certs/test-pathlen/chainE-entity.pem +++ b/certs/test-pathlen/chainE-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 44:ed:dc:cb:7d:ed:b5:1b:98:c9:1d:8f:7e:e5:01:10:ba:ec: - 89:f1:bb:d9:11:9f:57:9d:b3:e0:3f:21:ef:c1:ab:0b:47:bb: - b7:7e:ab:51:86:98:47:f2:c4:2a:53:ad:40:b0:ee:48:a3:44: - c7:ee:af:39:d3:4d:2d:5c:13:33:d1:db:e3:ad:53:2a:b4:ec: - 8c:7d:75:fe:e0:ce:ed:b0:94:21:88:0e:0c:15:be:4f:9f:11: - 05:2c:57:da:06:be:1b:6e:f5:b0:23:4f:b1:ed:41:43:a2:29: - e4:21:43:12:b1:a9:93:c1:39:a5:b5:e6:6b:ad:ce:3c:2f:ba: - 37:2e:2b:9e:d5:5d:44:76:ee:6a:e3:2f:05:43:21:c5:d7:ef: - f7:2f:29:3f:81:a1:8f:c1:c1:fe:c2:54:59:02:b6:95:d7:9a: - ad:2c:d4:5e:a0:8e:67:47:a9:0c:fc:fa:05:26:06:71:b2:2a: - 8e:c7:3e:18:cc:21:fb:a9:23:15:5b:3b:cb:ae:ab:d9:5a:3f: - da:62:b2:29:49:5c:cb:2e:33:ef:7f:92:32:84:58:a2:8f:47: - fd:d7:65:d9:f2:61:51:28:33:81:25:4f:c6:07:6f:b4:cf:ed: - ff:d9:ce:f2:05:08:40:34:17:f8:98:4f:7b:d7:c7:42:5b:0b: - 8a:9b:b5:8c + Signature Algorithm: sha256WithRSAEncryption + 1a:af:fd:cb:5e:63:ed:ac:39:c5:e1:0f:32:2c:6e:f2:0b:23: + 1d:d8:61:e4:39:d6:a6:e6:69:a3:df:f7:3b:80:84:22:72:58: + 0e:bc:ef:92:10:65:93:16:20:e4:69:d7:d1:58:0b:33:f2:68: + a2:6b:76:36:d0:f0:36:3c:61:31:dc:44:a0:00:e2:80:9e:62: + d5:fe:cc:08:66:ca:23:88:b3:e0:48:32:be:d8:dd:d2:a6:f9: + 20:13:1a:1f:a0:65:80:8d:d8:c5:c6:c5:3f:1a:ec:ae:2a:a5: + ac:de:97:eb:56:96:c7:55:16:ee:5f:e2:74:e2:03:1f:91:69: + 70:b8:fb:5a:42:26:7a:fa:5e:8d:19:eb:5a:2e:32:09:c9:95: + be:9e:34:d4:90:88:42:7e:ad:70:8b:cf:7d:5d:d0:a8:91:aa: + 93:1a:d1:15:7c:2d:a7:af:c2:d2:d7:65:20:5e:8b:3d:b1:df: + 98:5f:56:ad:ed:57:ca:53:ac:0e:f7:86:a4:80:d2:ea:f2:01: + e6:b0:5f:6f:4f:12:17:31:7c:8e:24:43:ac:94:06:aa:6d:a4: + eb:eb:43:b6:64:ed:76:24:bf:73:d8:7c:56:7e:d5:8b:66:f6: + cb:09:0d:f7:44:34:a3:93:d8:e7:36:1a:5f:0f:51:22:09:79: + 24:dd:31:9e -----BEGIN CERTIFICATE----- -MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBmjELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBmjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j @@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB -ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBE7dzLfe21G5jJHY9+5QEQ -uuyJ8bvZEZ9XnbPgPyHvwasLR7u3fqtRhphH8sQqU61AsO5Io0TH7q85000tXBMz -0dvjrVMqtOyMfXX+4M7tsJQhiA4MFb5PnxEFLFfaBr4bbvWwI0+x7UFDoinkIUMS -samTwTmlteZrrc48L7o3Liue1V1Edu5q4y8FQyHF1+/3Lyk/gaGPwcH+wlRZAraV -15qtLNReoI5nR6kM/PoFJgZxsiqOxz4YzCH7qSMVWzvLrqvZWj/aYrIpSVzLLjPv -f5IyhFiij0f912XZ8mFRKDOBJU/GB2+0z+3/2c7yBQhANBf4mE9718dCWwuKm7WM +ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAar/3LXmPtrDnF4Q8yLG7y +CyMd2GHkOdam5mmj3/c7gIQiclgOvO+SEGWTFiDkadfRWAsz8miia3Y20PA2PGEx +3ESgAOKAnmLV/swIZsojiLPgSDK+2N3SpvkgExofoGWAjdjFxsU/GuyuKqWs3pfr +VpbHVRbuX+J04gMfkWlwuPtaQiZ6+l6NGetaLjIJyZW+njTUkIhCfq1wi899XdCo +kaqTGtEVfC2nr8LS12UgXos9sd+YX1at7VfKU6wO94akgNLq8gHmsF9vTxIXMXyO +JEOslAaqbaTr60O2ZO12JL9z2HxWftWLZvbLCQ33RDSjk9jnNhpfD1EiCXkk3TGe -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/certs/test-pathlen/chainF-ICA1-pathlen1.pem index 5f7f14c97..580610852 100644 --- a/certs/test-pathlen/chainF-ICA1-pathlen1.pem +++ b/certs/test-pathlen/chainF-ICA1-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: - 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: - 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: - 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: - cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: - da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: - 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: - d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: - 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: - af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: - 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: - 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: - d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: - a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: - 25:b2:22:37 + Signature Algorithm: sha256WithRSAEncryption + 6a:e9:07:00:56:3b:70:9a:2b:3d:42:e9:93:ad:76:a9:43:82: + a9:44:2a:35:a2:c7:56:d4:1e:cd:26:7c:d4:3f:49:19:3a:1e: + 88:ed:f7:3d:b5:88:65:41:b4:69:81:59:fd:bd:93:b3:5c:ba: + ae:60:b9:0b:e7:4b:60:a7:e4:b1:fa:ec:85:09:2b:e8:ff:84: + 77:71:75:63:c2:8a:10:51:76:7a:c9:6f:9a:a3:8b:10:b4:ed: + 9d:75:18:52:f5:a9:8a:ed:e0:0c:a4:23:96:f8:39:f6:fd:ce: + 58:21:54:2c:b1:a2:a1:73:eb:9f:93:99:0c:12:1e:9a:bb:3d: + 1e:91:da:df:b3:66:6a:cb:44:33:a8:d2:5d:31:76:d5:96:30: + 51:dd:d0:12:e9:7b:9b:9f:98:ac:35:03:0f:6f:2d:b5:b6:e1: + 30:14:50:31:2e:4c:fd:65:f5:d2:20:7b:8d:1d:a3:7f:6c:4f: + 47:d6:c8:97:26:cf:28:65:d8:a0:19:d1:ca:2e:e8:f7:11:cb: + ab:a6:32:2b:82:4d:c1:df:0a:c5:e5:9e:00:39:65:20:7e:55: + ad:81:ac:14:b1:f9:f3:88:96:94:26:e1:66:44:96:68:1b:1a: + 8d:db:f3:b9:e7:b8:9b:50:0b:03:19:53:70:c8:58:75:70:1f: + 0e:a4:bb:9f -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL -D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP -xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh -Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc -8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR -23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +AQELBQADggEBAGrpBwBWO3CaKz1C6ZOtdqlDgqlEKjWix1bUHs0mfNQ/SRk6Hojt +9z21iGVBtGmBWf29k7Ncuq5guQvnS2Cn5LH67IUJK+j/hHdxdWPCihBRdnrJb5qj +ixC07Z11GFL1qYrt4AykI5b4Ofb9zlghVCyxoqFz65+TmQwSHpq7PR6R2t+zZmrL +RDOo0l0xdtWWMFHd0BLpe5ufmKw1Aw9vLbW24TAUUDEuTP1l9dIge40do39sT0fW +yJcmzyhl2KAZ0cou6PcRy6umMiuCTcHfCsXlngA5ZSB+Va2BrBSx+fOIlpQm4WZE +lmgbGo3b87nnuJtQCwMZU3DIWHVwHw6ku58= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/certs/test-pathlen/chainF-ICA2-pathlen0.pem index b3e68dd43..128b32370 100644 --- a/certs/test-pathlen/chainF-ICA2-pathlen0.pem +++ b/certs/test-pathlen/chainF-ICA2-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: - 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: - 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: - 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: - 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: - 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: - 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: - 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: - 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: - b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: - 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: - e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: - 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: - e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: - 24:0e:d6:0d + Signature Algorithm: sha256WithRSAEncryption + 1a:93:21:25:ab:3a:1a:d6:18:60:81:26:16:9c:d6:4b:2f:62: + 3e:57:e2:e7:a8:59:77:fc:22:33:8b:0d:bd:14:79:80:cf:95: + 8a:d5:4f:3c:92:a0:eb:65:42:76:81:80:10:aa:03:21:ea:68: + 5d:72:98:ce:e3:01:65:f8:b2:1a:e8:8d:a9:d6:0a:2b:22:cf: + 11:22:fb:d0:7c:9f:d2:bb:04:4a:34:07:b4:4d:71:31:48:5b: + a0:08:83:ec:96:6d:5e:9a:fb:e3:da:63:32:b6:83:87:37:cb: + 67:dc:8e:7f:9d:a7:83:5c:13:bc:af:82:a0:9a:d2:b2:b7:1e: + 38:38:5c:e5:64:75:37:10:4a:82:a0:4d:f6:f8:5e:bf:36:f3: + 68:01:1a:0a:6b:e3:03:50:79:d6:14:da:26:48:d9:b6:8e:23: + 28:8a:a7:6e:c9:b0:54:c3:0b:48:25:7b:bf:e6:9f:be:f3:f0: + b9:1d:c2:30:11:e4:fc:5f:90:96:69:d9:c0:cd:89:89:58:51: + 43:8b:4c:d9:2a:d0:90:04:fc:db:21:32:c0:32:50:e4:4b:88: + 4c:42:9c:d5:2a:ba:30:6e:5e:49:87:a1:c7:03:9e:6c:45:cc: + bb:cf:d2:4a:af:1d:18:1c:9e:cb:66:50:e9:f9:b8:0b:08:bf: + 39:95:bb:62 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH -dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 -EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI -k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY -R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m -VcjCowsmYI95sNGPgx82kaokDtYN +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAakyElqzoa1hhggSYWnNZLL2I+V+LnqFl3/CIziw29FHmAz5WK1U88kqDr +ZUJ2gYAQqgMh6mhdcpjO4wFl+LIa6I2p1gorIs8RIvvQfJ/SuwRKNAe0TXExSFug +CIPslm1emvvj2mMytoOHN8tn3I5/naeDXBO8r4KgmtKytx44OFzlZHU3EEqCoE32 ++F6/NvNoARoKa+MDUHnWFNomSNm2jiMoiqduybBUwwtIJXu/5p++8/C5HcIwEeT8 +X5CWadnAzYmJWFFDi0zZKtCQBPzbITLAMlDkS4hMQpzVKrowbl5Jh6HHA55sRcy7 +z9JKrx0YHJ7LZlDp+bgLCL85lbti -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-assembled.pem b/certs/test-pathlen/chainF-assembled.pem index 8103382d3..14b0e0b25 100644 --- a/certs/test-pathlen/chainF-assembled.pem +++ b/certs/test-pathlen/chainF-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: - c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: - 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: - 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: - 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: - af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: - 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: - aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: - a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: - 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: - a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: - f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: - 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: - fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: - 9a:28:91:3b + Signature Algorithm: sha256WithRSAEncryption + 24:20:aa:3a:98:e1:d4:42:a1:0f:7b:58:10:83:72:da:d4:ed: + e2:e6:08:0d:d2:fb:c0:ff:5b:97:72:03:b1:20:fa:b1:88:60: + 29:af:44:64:82:51:44:75:a7:cb:90:0d:af:63:a3:93:6f:a8: + 12:18:16:60:2f:58:37:ec:be:23:64:1b:06:ad:a7:d6:fa:cf: + 34:06:3d:99:21:19:d4:27:24:19:a0:00:8a:28:80:7b:8a:48: + ea:61:63:20:4f:14:f2:60:a0:a3:3a:5a:45:4a:b1:24:1d:46: + 69:84:76:0e:ff:29:5b:4b:74:a2:75:2c:f1:4b:ba:dc:c5:4b: + dd:b3:52:b9:fd:45:8d:fd:71:68:78:71:f8:3e:7c:62:50:a2: + 8d:07:df:45:a7:39:9c:df:df:9d:78:de:a4:9e:ef:e6:0a:7a: + 53:42:0c:9e:7e:4a:bf:9c:70:66:a7:08:ab:bf:b5:f8:b3:3b: + 99:28:2c:73:f4:6f:da:4d:21:59:35:82:58:f4:5e:59:25:1e: + d6:7a:0a:c8:7f:4a:74:33:16:86:b4:bb:65:2e:9b:32:e5:78: + 53:95:33:38:a4:8a:04:36:eb:fa:51:d5:46:94:72:7d:d7:16: + c9:e7:e3:45:94:ab:ec:08:b6:87:e4:3a:34:7c:ca:dd:f9:27: + 65:21:c5:5f -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ -dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb -tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a -cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd -6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 -jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU -Jz+ZNb5M+JookTs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACQgqjqY +4dRCoQ97WBCDctrU7eLmCA3S+8D/W5dyA7Eg+rGIYCmvRGSCUUR1p8uQDa9jo5Nv +qBIYFmAvWDfsviNkGwatp9b6zzQGPZkhGdQnJBmgAIoogHuKSOphYyBPFPJgoKM6 +WkVKsSQdRmmEdg7/KVtLdKJ1LPFLutzFS92zUrn9RY39cWh4cfg+fGJQoo0H30Wn +OZzf35143qSe7+YKelNCDJ5+Sr+ccGanCKu/tfizO5koLHP0b9pNIVk1glj0Xlkl +HtZ6Csh/SnQzFoa0u2UumzLleFOVMzikigQ26/pR1UaUcn3XFsnn40WUq+wItofk +OjR8yt35J2UhxV8= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9a:92:6f:b8:58:97:33:cb:d3:2f:98:31:95:9c:9a:b6:f4:a9: - 29:0e:66:97:0b:c4:97:f1:7c:f6:ed:1f:e6:d5:35:ce:b0:94: - 78:4b:0f:bc:c5:98:80:29:3b:a8:08:e3:2b:7b:1f:10:4e:2b: - 67:09:89:cd:ef:36:f4:d8:3a:dc:f4:82:e2:53:47:07:e9:3b: - cb:01:3c:73:3a:2c:82:24:d5:4d:8c:13:ba:cf:c5:65:7a:8f: - da:7d:b0:98:4a:d1:16:55:e9:ab:5b:3c:3e:b0:50:0c:05:77: - 3a:bc:ef:6f:c5:f1:f4:f3:a8:00:5a:dc:2a:af:7a:95:e5:05: - d9:9b:88:5f:59:3c:f3:a1:66:78:e1:d0:c0:c5:b9:68:f1:07: - 92:bf:eb:21:4c:a8:87:79:b1:da:af:38:89:6e:42:f8:26:ed: - af:3c:52:56:af:86:c3:bf:42:08:69:39:fd:82:a5:6f:c9:b0: - 89:9c:f2:6b:0a:2c:25:a2:22:03:84:ca:cf:26:5e:6e:61:3d: - 38:8d:2b:0d:b2:0c:82:1e:be:5b:bf:da:ef:9f:3c:17:31:ed: - d3:c2:8b:fd:c8:1e:bc:2b:1c:5f:63:5c:54:51:db:71:45:b3: - a8:09:b9:96:74:4f:f9:19:d7:6c:bb:46:6d:42:1f:bc:6e:72: - 25:b2:22:37 + Signature Algorithm: sha256WithRSAEncryption + 6a:e9:07:00:56:3b:70:9a:2b:3d:42:e9:93:ad:76:a9:43:82: + a9:44:2a:35:a2:c7:56:d4:1e:cd:26:7c:d4:3f:49:19:3a:1e: + 88:ed:f7:3d:b5:88:65:41:b4:69:81:59:fd:bd:93:b3:5c:ba: + ae:60:b9:0b:e7:4b:60:a7:e4:b1:fa:ec:85:09:2b:e8:ff:84: + 77:71:75:63:c2:8a:10:51:76:7a:c9:6f:9a:a3:8b:10:b4:ed: + 9d:75:18:52:f5:a9:8a:ed:e0:0c:a4:23:96:f8:39:f6:fd:ce: + 58:21:54:2c:b1:a2:a1:73:eb:9f:93:99:0c:12:1e:9a:bb:3d: + 1e:91:da:df:b3:66:6a:cb:44:33:a8:d2:5d:31:76:d5:96:30: + 51:dd:d0:12:e9:7b:9b:9f:98:ac:35:03:0f:6f:2d:b5:b6:e1: + 30:14:50:31:2e:4c:fd:65:f5:d2:20:7b:8d:1d:a3:7f:6c:4f: + 47:d6:c8:97:26:cf:28:65:d8:a0:19:d1:ca:2e:e8:f7:11:cb: + ab:a6:32:2b:82:4d:c1:df:0a:c5:e5:9e:00:39:65:20:7e:55: + ad:81:ac:14:b1:f9:f3:88:96:94:26:e1:66:44:96:68:1b:1a: + 8d:db:f3:b9:e7:b8:9b:50:0b:03:19:53:70:c8:58:75:70:1f: + 0e:a4:bb:9f -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAJqSb7hYlzPL0y+YMZWcmrb0qSkOZpcLxJfxfPbtH+bVNc6wlHhL -D7zFmIApO6gI4yt7HxBOK2cJic3vNvTYOtz0guJTRwfpO8sBPHM6LIIk1U2ME7rP -xWV6j9p9sJhK0RZV6atbPD6wUAwFdzq872/F8fTzqABa3CqvepXlBdmbiF9ZPPOh -Znjh0MDFuWjxB5K/6yFMqId5sdqvOIluQvgm7a88UlavhsO/QghpOf2CpW/JsImc -8msKLCWiIgOEys8mXm5hPTiNKw2yDIIevlu/2u+fPBcx7dPCi/3IHrwrHF9jXFRR -23FFs6gJuZZ0T/kZ12y7Rm1CH7xuciWyIjc= +AQELBQADggEBAGrpBwBWO3CaKz1C6ZOtdqlDgqlEKjWix1bUHs0mfNQ/SRk6Hojt +9z21iGVBtGmBWf29k7Ncuq5guQvnS2Cn5LH67IUJK+j/hHdxdWPCihBRdnrJb5qj +ixC07Z11GFL1qYrt4AykI5b4Ofb9zlghVCyxoqFz65+TmQwSHpq7PR6R2t+zZmrL +RDOo0l0xdtWWMFHd0BLpe5ufmKw1Aw9vLbW24TAUUDEuTP1l9dIge40do39sT0fW +yJcmzyhl2KAZ0cou6PcRy6umMiuCTcHfCsXlngA5ZSB+Va2BrBSx+fOIlpQm4WZE +lmgbGo3b87nnuJtQCwMZU3DIWHVwHw6ku58= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 2d:ca:3d:06:3c:0b:90:2e:87:05:58:6f:99:83:96:90:55:05: - 51:b1:dd:73:d3:a5:4c:bb:6d:c3:10:ef:da:53:db:65:15:25: - 00:a5:6b:d4:ac:33:47:75:5d:39:9a:96:11:c1:c3:03:2d:3c: - 70:b6:94:35:af:7d:d1:51:9d:d3:bf:f7:09:21:77:64:ce:fa: - 92:0b:95:94:7a:84:76:ed:55:79:3f:e7:db:42:8d:40:00:dc: - 77:11:a6:4c:98:33:92:34:2c:8a:cf:b8:85:bd:0e:1f:63:97: - 0a:e3:7a:b5:26:f7:36:68:a1:a5:0a:1c:4f:69:f0:c7:12:70: - 38:8b:16:58:88:89:8f:1f:79:c5:3e:49:08:93:9e:21:cf:ec: - 72:10:ab:a5:67:16:f1:e0:01:54:fc:2b:05:d6:5f:6a:8b:8e: - b5:90:97:dc:24:b1:06:2e:b0:4a:96:08:54:39:ab:97:ca:67: - 3e:7c:a8:10:01:10:98:47:6b:62:05:f7:83:85:63:d3:28:b7: - e6:61:09:0a:7d:50:2f:d4:e1:1d:af:8c:23:03:0b:e3:aa:d0: - 15:fe:4d:51:7c:49:de:0b:fb:fe:f5:fb:cd:25:4b:b5:2f:7d: - e6:55:c8:c2:a3:0b:26:60:8f:79:b0:d1:8f:83:1f:36:91:aa: - 24:0e:d6:0d + Signature Algorithm: sha256WithRSAEncryption + 1a:93:21:25:ab:3a:1a:d6:18:60:81:26:16:9c:d6:4b:2f:62: + 3e:57:e2:e7:a8:59:77:fc:22:33:8b:0d:bd:14:79:80:cf:95: + 8a:d5:4f:3c:92:a0:eb:65:42:76:81:80:10:aa:03:21:ea:68: + 5d:72:98:ce:e3:01:65:f8:b2:1a:e8:8d:a9:d6:0a:2b:22:cf: + 11:22:fb:d0:7c:9f:d2:bb:04:4a:34:07:b4:4d:71:31:48:5b: + a0:08:83:ec:96:6d:5e:9a:fb:e3:da:63:32:b6:83:87:37:cb: + 67:dc:8e:7f:9d:a7:83:5c:13:bc:af:82:a0:9a:d2:b2:b7:1e: + 38:38:5c:e5:64:75:37:10:4a:82:a0:4d:f6:f8:5e:bf:36:f3: + 68:01:1a:0a:6b:e3:03:50:79:d6:14:da:26:48:d9:b6:8e:23: + 28:8a:a7:6e:c9:b0:54:c3:0b:48:25:7b:bf:e6:9f:be:f3:f0: + b9:1d:c2:30:11:e4:fc:5f:90:96:69:d9:c0:cd:89:89:58:51: + 43:8b:4c:d9:2a:d0:90:04:fc:db:21:32:c0:32:50:e4:4b:88: + 4c:42:9c:d5:2a:ba:30:6e:5e:49:87:a1:c7:03:9e:6c:45:cc: + bb:cf:d2:4a:af:1d:18:1c:9e:cb:66:50:e9:f9:b8:0b:08:bf: + 39:95:bb:62 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -255,11 +255,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQAtyj0GPAuQLocFWG+Zg5aQVQVRsd1z06VMu23DEO/aU9tlFSUApWvUrDNH -dV05mpYRwcMDLTxwtpQ1r33RUZ3Tv/cJIXdkzvqSC5WUeoR27VV5P+fbQo1AANx3 -EaZMmDOSNCyKz7iFvQ4fY5cK43q1Jvc2aKGlChxPafDHEnA4ixZYiImPH3nFPkkI -k54hz+xyEKulZxbx4AFU/CsF1l9qi461kJfcJLEGLrBKlghUOauXymc+fKgQARCY -R2tiBfeDhWPTKLfmYQkKfVAv1OEdr4wjAwvjqtAV/k1RfEneC/v+9fvNJUu1L33m -VcjCowsmYI95sNGPgx82kaokDtYN +3rj7MA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQAakyElqzoa1hhggSYWnNZLL2I+V+LnqFl3/CIziw29FHmAz5WK1U88kqDr +ZUJ2gYAQqgMh6mhdcpjO4wFl+LIa6I2p1gorIs8RIvvQfJ/SuwRKNAe0TXExSFug +CIPslm1emvvj2mMytoOHN8tn3I5/naeDXBO8r4KgmtKytx44OFzlZHU3EEqCoE32 ++F6/NvNoARoKa+MDUHnWFNomSNm2jiMoiqduybBUwwtIJXu/5p++8/C5HcIwEeT8 +X5CWadnAzYmJWFFDi0zZKtCQBPzbITLAMlDkS4hMQpzVKrowbl5Jh6HHA55sRcy7 +z9JKrx0YHJ7LZlDp+bgLCL85lbti -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainF-entity.pem b/certs/test-pathlen/chainF-entity.pem index 6a7870de6..27bd2dcd7 100644 --- a/certs/test-pathlen/chainF-entity.pem +++ b/certs/test-pathlen/chainF-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 6c:54:2c:45:c9:74:21:a3:cf:25:27:a0:dd:fa:a5:50:47:53: - c8:1e:48:19:8c:eb:2a:9e:9c:b6:28:65:4d:ec:02:1d:55:91: - 57:ba:ee:37:e5:f6:2e:d7:d6:e8:a9:78:f2:0f:37:d8:1b:b5: - 24:37:61:b8:dd:aa:67:16:14:f6:3e:8a:15:4a:ca:b4:54:68: - 82:26:3f:20:21:bc:66:3a:3a:06:eb:7b:8c:9b:69:46:37:4e: - af:88:67:34:df:fe:c3:b0:8e:5e:5a:71:2a:e7:f7:5a:98:c2: - 72:7d:92:2c:97:87:c8:bd:be:ff:c1:05:8d:58:cc:93:b6:10: - aa:8a:1f:06:12:7d:12:6d:ce:4a:80:5d:18:05:e8:49:57:c7: - a0:65:a8:4b:dd:ea:2b:6a:3f:fc:74:19:b6:a6:69:b7:84:60: - 5d:23:8c:5c:93:bf:67:3f:f3:a2:89:54:6d:df:1c:d9:d8:3c: - a1:15:38:1b:08:b5:a0:7a:35:35:f2:01:7e:d7:28:7f:bc:8c: - f7:f6:92:7b:88:e2:01:66:df:e8:a1:34:71:01:26:f7:92:8d: - 0c:ef:19:22:7b:5e:c0:a4:49:0a:c6:14:25:91:43:bc:91:79: - fd:02:cd:22:42:a7:24:e7:2c:33:d4:27:3f:99:35:be:4c:f8: - 9a:28:91:3b + Signature Algorithm: sha256WithRSAEncryption + 24:20:aa:3a:98:e1:d4:42:a1:0f:7b:58:10:83:72:da:d4:ed: + e2:e6:08:0d:d2:fb:c0:ff:5b:97:72:03:b1:20:fa:b1:88:60: + 29:af:44:64:82:51:44:75:a7:cb:90:0d:af:63:a3:93:6f:a8: + 12:18:16:60:2f:58:37:ec:be:23:64:1b:06:ad:a7:d6:fa:cf: + 34:06:3d:99:21:19:d4:27:24:19:a0:00:8a:28:80:7b:8a:48: + ea:61:63:20:4f:14:f2:60:a0:a3:3a:5a:45:4a:b1:24:1d:46: + 69:84:76:0e:ff:29:5b:4b:74:a2:75:2c:f1:4b:ba:dc:c5:4b: + dd:b3:52:b9:fd:45:8d:fd:71:68:78:71:f8:3e:7c:62:50:a2: + 8d:07:df:45:a7:39:9c:df:df:9d:78:de:a4:9e:ef:e6:0a:7a: + 53:42:0c:9e:7e:4a:bf:9c:70:66:a7:08:ab:bf:b5:f8:b3:3b: + 99:28:2c:73:f4:6f:da:4d:21:59:35:82:58:f4:5e:59:25:1e: + d6:7a:0a:c8:7f:4a:74:33:16:86:b4:bb:65:2e:9b:32:e5:78: + 53:95:33:38:a4:8a:04:36:eb:fa:51:d5:46:94:72:7d:d7:16: + c9:e7:e3:45:94:ab:ec:08:b6:87:e4:3a:34:7c:ca:dd:f9:27: + 65:21:c5:5f -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAGxULEXJ -dCGjzyUnoN36pVBHU8geSBmM6yqenLYoZU3sAh1VkVe67jfl9i7X1uipePIPN9gb -tSQ3YbjdqmcWFPY+ihVKyrRUaIImPyAhvGY6Ogbre4ybaUY3Tq+IZzTf/sOwjl5a -cSrn91qYwnJ9kiyXh8i9vv/BBY1YzJO2EKqKHwYSfRJtzkqAXRgF6ElXx6BlqEvd -6itqP/x0GbamabeEYF0jjFyTv2c/86KJVG3fHNnYPKEVOBsItaB6NTXyAX7XKH+8 -jPf2knuI4gFm3+ihNHEBJveSjQzvGSJ7XsCkSQrGFCWRQ7yRef0CzSJCpyTnLDPU -Jz+ZNb5M+JookTs= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACQgqjqY +4dRCoQ97WBCDctrU7eLmCA3S+8D/W5dyA7Eg+rGIYCmvRGSCUUR1p8uQDa9jo5Nv +qBIYFmAvWDfsviNkGwatp9b6zzQGPZkhGdQnJBmgAIoogHuKSOphYyBPFPJgoKM6 +WkVKsSQdRmmEdg7/KVtLdKJ1LPFLutzFS92zUrn9RY39cWh4cfg+fGJQoo0H30Wn +OZzf35143qSe7+YKelNCDJ5+Sr+ccGanCKu/tfizO5koLHP0b9pNIVk1glj0Xlkl +HtZ6Csh/SnQzFoa0u2UumzLleFOVMzikigQ26/pR1UaUcn3XFsnn40WUq+wItofk +OjR8yt35J2UhxV8= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/certs/test-pathlen/chainG-ICA1-pathlen0.pem index 6cbd907d5..ad1f9456c 100644 --- a/certs/test-pathlen/chainG-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainG-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: - 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: - 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: - d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: - 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: - ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: - 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: - f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: - 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: - 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: - 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: - 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: - c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: - 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: - 13:a4:f1:d3 + Signature Algorithm: sha256WithRSAEncryption + 56:81:8e:f1:e8:5f:b2:9f:ab:8f:2e:ec:79:c7:3d:0d:af:f2: + 18:f7:d2:2e:07:2c:d0:1d:2a:90:c7:c1:fc:ac:aa:0d:86:f0: + 78:6d:33:43:81:02:70:3b:e6:d9:75:db:2e:ca:4a:61:4d:20: + cb:a9:3e:0c:a9:b3:ca:ff:bb:52:cb:06:14:2d:53:b5:68:9f: + a7:02:83:90:3d:f8:b6:a2:46:e4:2b:c5:48:ed:50:7f:ea:27: + cf:7b:9d:88:1f:1c:5d:16:b7:21:0a:42:95:0b:67:6c:29:34: + 64:61:c0:f5:00:6f:36:dc:e9:68:e3:81:bd:07:a6:bc:6c:9d: + f0:61:b0:50:14:d5:89:46:1f:34:b0:90:42:a0:c3:09:64:6e: + a4:46:13:c6:6a:86:98:63:c7:8e:79:d3:a2:d6:73:23:68:a9: + 8d:ac:b0:93:b0:89:f5:ee:08:cc:47:14:95:3b:1f:d3:eb:42: + 3f:68:b8:6b:80:11:8d:85:8c:90:39:29:e8:5d:7d:e5:c1:c2: + 5c:e7:92:8c:ab:79:17:74:60:a5:ee:fe:52:ff:4a:78:62:5c: + 1b:4b:f8:44:41:8c:05:c7:11:e7:5a:c9:a1:a1:d3:6b:82:36: + c3:1f:23:19:ce:68:9d:c3:80:d5:08:8d:68:d2:49:52:95:44: + 3f:1b:50:9d -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 -t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 -lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc -RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 -r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL -yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVoGO8ehfsp+rjy7secc9Da/yGPfSLgcs +0B0qkMfB/KyqDYbweG0zQ4ECcDvm2XXbLspKYU0gy6k+DKmzyv+7UssGFC1TtWif +pwKDkD34tqJG5CvFSO1Qf+onz3udiB8cXRa3IQpClQtnbCk0ZGHA9QBvNtzpaOOB +vQemvGyd8GGwUBTViUYfNLCQQqDDCWRupEYTxmqGmGPHjnnTotZzI2ipjaywk7CJ +9e4IzEcUlTsf0+tCP2i4a4ARjYWMkDkp6F195cHCXOeSjKt5F3Rgpe7+Uv9KeGJc +G0v4REGMBccR51rJoaHTa4I2wx8jGc5oncOA1QiNaNJJUpVEPxtQnQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/certs/test-pathlen/chainG-ICA2-pathlen1.pem index e5306aede..1592a0143 100644 --- a/certs/test-pathlen/chainG-ICA2-pathlen1.pem +++ b/certs/test-pathlen/chainG-ICA2-pathlen1.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: - ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: - 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: - da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: - aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: - 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: - 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: - 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: - 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: - 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: - b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: - 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: - 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: - 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: - 65:12:f6:ae + Signature Algorithm: sha256WithRSAEncryption + 3b:e4:43:62:32:48:75:cf:da:f6:fa:38:4f:1b:b2:25:84:5b: + 79:8f:ce:9c:19:10:ef:ab:b4:b5:f0:2b:d1:16:77:f6:cc:f6: + 43:c7:1f:ca:92:f9:d7:69:3c:82:02:02:19:55:a4:a1:d0:1c: + 7c:e8:b8:8f:4c:7b:42:6c:68:0d:0c:b0:05:ad:39:29:7c:45: + 8e:e2:b3:54:e7:98:84:95:21:3d:73:26:33:5e:5b:59:59:f2: + 03:13:28:86:e1:2c:da:a8:37:7e:2e:93:5e:e1:41:9c:6d:03: + 16:0f:8a:b2:4d:67:b6:1b:65:8a:cb:30:b5:ed:ad:e7:9f:81: + 21:a7:6d:39:f7:af:93:82:1c:89:55:ae:0d:e8:88:be:a5:27: + 60:56:7b:f3:5c:1d:57:49:36:c2:9f:cc:50:62:a7:82:54:61: + 36:10:01:2f:cf:85:b2:dd:d7:56:cc:18:7e:85:5d:f1:b7:b7: + b6:c3:04:6b:01:5e:b8:68:28:9a:6b:fc:83:33:b7:28:64:55: + 38:ee:a4:5a:d5:87:ef:89:07:c4:60:9d:8a:25:d5:71:94:5b: + 96:3f:a4:3f:1d:80:3e:ef:97:9e:c4:25:f1:82:01:27:40:27: + cc:61:e6:67:e0:58:33:e9:9f:35:65:89:40:17:6a:a7:6c:d9: + 70:2c:59:a1 -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 -aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ -qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN -Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 -Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ -I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAO+RDYjJIdc/a9vo4TxuyJYRbeY/OnBkQ +76u0tfAr0RZ39sz2Q8cfypL512k8ggICGVWkodAcfOi4j0x7QmxoDQywBa05KXxF +juKzVOeYhJUhPXMmM15bWVnyAxMohuEs2qg3fi6TXuFBnG0DFg+Ksk1nthtlissw +te2t55+BIadtOfevk4IciVWuDeiIvqUnYFZ781wdV0k2wp/MUGKnglRhNhABL8+F +st3XVswYfoVd8be3tsMEawFeuGgommv8gzO3KGRVOO6kWtWH74kHxGCdiiXVcZRb +lj+kPx2APu+XnsQl8YIBJ0AnzGHmZ+BYM+mfNWWJQBdqp2zZcCxZoQ== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/certs/test-pathlen/chainG-ICA3-pathlen99.pem index f2b79d6e6..9c6429cff 100644 --- a/certs/test-pathlen/chainG-ICA3-pathlen99.pem +++ b/certs/test-pathlen/chainG-ICA3-pathlen99.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:99 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: - ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: - c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: - a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: - 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: - 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: - 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: - 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: - bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: - 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: - 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: - 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: - ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: - a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: - c8:5e:14:b5 + Signature Algorithm: sha256WithRSAEncryption + 77:4b:04:d7:e6:fd:c1:bb:55:0c:2d:23:bf:90:a3:20:af:cd: + 54:11:34:97:fb:06:55:c1:11:ee:c5:bc:fe:5c:34:73:08:f9: + e9:c3:81:b8:0d:fa:6b:44:cd:ed:4a:d0:3b:40:6d:96:e5:cf: + 96:7d:aa:0d:65:fa:d7:6d:f7:3d:c9:9d:e5:e1:5e:be:34:7d: + b8:62:0c:22:e1:88:c8:02:b8:90:89:9f:1c:1d:18:5c:2d:01: + c9:95:f4:19:01:a6:5b:7a:26:6a:38:71:16:87:88:19:3f:60: + 35:99:71:4c:79:90:db:f9:9b:73:0d:74:45:87:b1:4f:e5:63: + a2:21:b4:38:32:d2:78:f0:15:a6:3a:ac:50:2a:a1:b2:41:f9: + 2b:0a:5c:5b:9a:94:17:42:88:44:41:fa:aa:d3:17:49:c1:31: + eb:a2:89:1f:c7:e7:b2:b0:71:98:64:4e:d6:de:b9:c2:5d:de: + 0e:86:68:1d:9c:ea:7c:b0:72:ee:2a:fa:26:26:1a:21:99:60: + 03:a2:01:67:0e:7d:4a:00:d9:23:2e:c2:c8:c8:3d:04:7a:78: + 08:81:f7:e4:0d:dc:e2:db:b6:1f:8a:33:ab:6f:a1:0d:5f:86: + cd:b7:c9:e1:35:a3:c8:81:da:15:3c:de:39:30:b7:d3:ec:4f: + d3:44:fe:dc -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV -6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM -YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ -ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm -grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp -Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHdLBNfm/cG7VQwtI7+QoyCvzVQRNJf7 +BlXBEe7FvP5cNHMI+enDgbgN+mtEze1K0DtAbZblz5Z9qg1l+tdt9z3JneXhXr40 +fbhiDCLhiMgCuJCJnxwdGFwtAcmV9BkBplt6Jmo4cRaHiBk/YDWZcUx5kNv5m3MN +dEWHsU/lY6IhtDgy0njwFaY6rFAqobJB+SsKXFualBdCiERB+qrTF0nBMeuiiR/H +57KwcZhkTtbeucJd3g6GaB2c6nywcu4q+iYmGiGZYAOiAWcOfUoA2SMuwsjIPQR6 +eAiB9+QN3OLbth+KM6tvoQ1fhs23yeE1o8iB2hU83jkwt9PsT9NE/tw= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/certs/test-pathlen/chainG-ICA4-pathlen5.pem index 438c971d6..8467d9f36 100644 --- a/certs/test-pathlen/chainG-ICA4-pathlen5.pem +++ b/certs/test-pathlen/chainG-ICA4-pathlen5.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:5 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: - 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: - 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: - df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: - 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: - 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: - 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: - b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: - f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: - fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: - 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: - d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: - a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: - 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: - 13:29:2a:18 + Signature Algorithm: sha256WithRSAEncryption + ab:ff:d4:87:51:61:f9:a5:68:8d:4e:fd:01:0c:e3:75:9a:c5: + 16:f2:c4:1e:d8:bd:d4:ce:9e:b9:bd:72:db:f2:89:2b:7a:46: + b4:6c:16:e5:dc:5a:eb:d0:3f:63:a8:98:82:0e:df:c6:1a:40: + a2:1a:a0:d5:49:10:a6:f4:ae:10:61:0a:2e:91:0d:bc:cf:e9: + bf:9e:98:23:38:30:f2:00:e3:ca:47:df:ad:46:e8:7b:b2:ae: + 1e:af:fd:c7:2e:b7:7d:b7:46:df:cd:bf:06:77:19:29:2b:fc: + 7c:f9:f7:2f:59:ce:90:a6:9e:70:33:58:b6:72:a4:ed:63:9b: + 50:62:6c:38:01:73:63:48:4e:6b:34:3f:c4:d5:de:45:09:a9: + 27:d1:78:36:59:1e:21:ad:a9:a3:1f:14:25:d1:ce:ab:90:3f: + c0:82:7a:54:fe:6b:48:fc:52:e1:f4:69:2d:84:2e:1c:7b:6f: + 42:4a:7b:05:91:70:0d:f3:ae:b3:d6:bc:7a:fa:9c:c8:0a:e8: + f1:a0:fa:ee:f3:fe:1d:34:0e:31:79:d8:80:57:53:23:af:65: + 92:94:ef:16:de:e0:9f:0a:5a:17:ba:e8:81:90:e1:e4:24:97: + b4:73:82:4c:38:4c:45:2f:82:75:55:4b:af:b8:58:b3:b1:d1: + 60:ab:53:5f -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 -8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy -xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq -J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp -0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA -Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKv/1IdRYfmlaI1O/QEM43WaxRbyxB7Y +vdTOnrm9ctvyiSt6RrRsFuXcWuvQP2OomIIO38YaQKIaoNVJEKb0rhBhCi6RDbzP +6b+emCM4MPIA48pH361G6Huyrh6v/ccut323Rt/NvwZ3GSkr/Hz59y9ZzpCmnnAz +WLZypO1jm1BibDgBc2NITms0P8TV3kUJqSfReDZZHiGtqaMfFCXRzquQP8CCelT+ +a0j8UuH0aS2ELhx7b0JKewWRcA3zrrPWvHr6nMgK6PGg+u7z/h00DjF52IBXUyOv +ZZKU7xbe4J8KWhe66IGQ4eQkl7Rzgkw4TEUvgnVVS6+4WLOx0WCrU18= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/certs/test-pathlen/chainG-ICA5-pathlen20.pem index aca0a3128..f9c3486bb 100644 --- a/certs/test-pathlen/chainG-ICA5-pathlen20.pem +++ b/certs/test-pathlen/chainG-ICA5-pathlen20.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:20 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: - 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: - f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: - de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: - 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: - 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: - 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: - 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: - 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: - cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: - 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: - 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: - 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: - 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: - 5c:9c:5d:21 + Signature Algorithm: sha256WithRSAEncryption + a4:e7:16:a9:20:7b:9c:89:49:48:94:e7:58:31:71:34:10:35: + d5:b6:91:5f:5e:2d:63:66:48:ff:45:7f:d4:dc:53:39:6f:7b: + 13:0a:de:37:7c:c1:43:e9:f9:b2:71:b8:93:22:12:7f:50:9b: + b9:0c:e4:3a:47:7a:95:bc:a4:08:41:73:f0:a3:9a:88:98:7e: + d0:7c:bb:76:ab:5c:ad:3c:41:73:78:5b:b1:0d:06:ae:46:d2: + 81:af:9a:53:f7:d2:45:66:99:45:5e:2e:05:48:47:78:49:b4: + 27:c9:76:5f:93:be:d4:f7:3d:a7:16:39:ef:dc:a1:57:7f:78: + ca:d3:33:94:87:cb:dd:aa:88:07:0b:62:fa:eb:f0:c9:5f:d8: + 3f:a3:6d:d5:dc:ea:a0:b9:c6:dc:7f:08:46:9e:ed:41:52:46: + d2:7a:96:20:37:f6:69:ef:85:23:43:fa:a8:27:1c:2b:70:37: + 7d:50:ce:48:4b:f7:ce:2d:6a:08:3d:45:f3:a3:e4:1f:ef:1f: + 0e:72:e2:f2:f1:e7:5f:72:1f:84:53:1b:d6:b4:2b:e4:4a:3d: + 39:db:a7:02:6a:02:5e:de:3a:43:05:32:de:16:e9:5e:cf:12: + b2:0e:60:36:e1:47:12:ab:98:ce:ef:c4:76:d5:30:b6:72:ae: + af:13:14:17 -----BEGIN CERTIFICATE----- -MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -80,10 +80,10 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk -+Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB -lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld -LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 -X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 -g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEApOcWqSB7nIlJSJTnWDFxNBA11baR +X14tY2ZI/0V/1NxTOW97EwreN3zBQ+n5snG4kyISf1CbuQzkOkd6lbykCEFz8KOa +iJh+0Hy7dqtcrTxBc3hbsQ0GrkbSga+aU/fSRWaZRV4uBUhHeEm0J8l2X5O+1Pc9 +pxY579yhV394ytMzlIfL3aqIBwti+uvwyV/YP6Nt1dzqoLnG3H8IRp7tQVJG0nqW +IDf2ae+FI0P6qCccK3A3fVDOSEv3zi1qCD1F86PkH+8fDnLi8vHnX3IfhFMb1rQr +5Eo9OdunAmoCXt46QwUy3hbpXs8Ssg5gNuFHEquYzu/EdtUwtnKurxMUFw== -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/certs/test-pathlen/chainG-ICA6-pathlen10.pem index 2833da61f..8de172a62 100644 --- a/certs/test-pathlen/chainG-ICA6-pathlen10.pem +++ b/certs/test-pathlen/chainG-ICA6-pathlen10.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:10 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: - 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: - 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: - 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: - 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: - 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: - e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: - da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: - 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: - 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: - fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: - 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: - 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: - 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: - 66:ec:5d:71 + Signature Algorithm: sha256WithRSAEncryption + 70:24:57:3f:1a:0c:94:f9:64:14:2e:20:81:bf:02:ba:bb:a5: + 21:02:2b:c0:09:0b:9e:8a:e3:c8:b2:39:4d:05:c1:34:62:44: + 62:5c:d5:ae:0f:17:cf:c0:ab:71:f8:5c:d5:74:8d:3d:eb:90: + d5:d6:a5:97:b8:c1:ab:d7:9c:e7:ca:4f:ee:8f:f2:5d:c7:81: + 22:fc:2e:b0:2d:f2:ff:e3:1a:c5:85:31:21:49:3f:38:f9:5b: + 55:e6:f3:f8:5c:63:fc:9a:c8:76:f0:3d:87:d2:fb:06:6d:5e: + f4:f4:e9:8c:3a:99:7b:1c:8f:29:fb:f6:c3:0c:23:9a:2c:1e: + f4:97:4f:b8:48:37:33:b4:aa:15:a6:5a:75:09:e9:c4:d5:44: + c6:e8:4e:a2:f0:70:a8:9f:10:91:56:55:59:f4:4a:b6:36:4a: + fc:b9:3a:60:01:e6:6e:61:58:f3:b0:ac:cd:02:38:97:bd:eb: + d3:6b:9e:b5:a6:58:ee:ce:86:c2:1b:cf:12:b3:1b:78:00:df: + 5f:da:77:5d:9c:8e:a5:ca:f1:77:87:c1:ed:ad:fd:cf:ea:05: + 53:f9:7e:34:e7:95:23:de:36:36:65:59:08:76:11:6f:d9:6e: + 55:17:af:33:1f:9e:0b:fe:fb:53:5c:67:1a:4d:8a:83:7f:5b: + ca:ff:e4:94 -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -80,10 +80,10 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF -FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 -31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO -+/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 -K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP -s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +hvcNAQELBQADggEBAHAkVz8aDJT5ZBQuIIG/Arq7pSECK8AJC56K48iyOU0FwTRi +RGJc1a4PF8/Aq3H4XNV0jT3rkNXWpZe4wavXnOfKT+6P8l3HgSL8LrAt8v/jGsWF +MSFJPzj5W1Xm8/hcY/yayHbwPYfS+wZtXvT06Yw6mXscjyn79sMMI5osHvSXT7hI +NzO0qhWmWnUJ6cTVRMboTqLwcKifEJFWVVn0SrY2Svy5OmAB5m5hWPOwrM0COJe9 +69NrnrWmWO7OhsIbzxKzG3gA31/ad12cjqXK8XeHwe2t/c/qBVP5fjTnlSPeNjZl +WQh2EW/ZblUXrzMfngv++1NcZxpNioN/W8r/5JQ= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/certs/test-pathlen/chainG-ICA7-pathlen100.pem index 203523a28..5382cbae0 100644 --- a/certs/test-pathlen/chainG-ICA7-pathlen100.pem +++ b/certs/test-pathlen/chainG-ICA7-pathlen100.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: - f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: - c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: - 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: - 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: - 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: - 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: - df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: - e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: - 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: - 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: - 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: - f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: - 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: - ca:8c:2f:a8 + Signature Algorithm: sha256WithRSAEncryption + ae:bd:d0:c5:e1:4f:80:0f:85:0d:d2:e0:b5:c3:dc:73:99:94: + 90:19:01:f2:23:66:83:da:92:f2:e8:14:dc:70:e0:20:14:26: + c5:63:88:6a:1b:b3:f3:2f:5c:28:39:1e:6b:a7:40:9b:02:12: + ac:88:06:1e:c6:dd:9d:d4:6a:b8:22:cb:b7:aa:7a:9c:77:9a: + 37:0a:62:54:23:f3:e7:b9:4f:e0:8a:41:bd:74:21:69:be:7c: + 19:50:7d:d1:93:98:7c:4a:06:60:64:72:f0:09:71:6e:86:43: + 2f:89:dc:38:4a:c1:e4:cc:bc:72:6f:c2:b1:c1:9c:38:ff:98: + 87:92:3b:a6:f2:b5:2d:0a:41:38:0d:e7:b5:41:cf:c1:6d:96: + 34:98:9e:97:c8:87:a9:9e:4b:bb:73:bb:34:d6:bd:61:ef:36: + c8:45:f3:c9:31:36:2c:f1:11:68:4b:a0:f8:b6:9d:c4:a6:8a: + dc:e3:fc:60:f7:50:d2:d4:98:d4:e5:f9:76:ca:4a:3c:74:9a: + bb:95:ce:3c:29:ce:be:b5:9e:07:55:e2:c4:a1:1f:b4:0d:eb: + 87:03:1d:79:1b:e2:fc:f3:aa:4b:df:3e:24:72:56:00:b9:b4: + a0:fc:48:80:6a:76:84:1b:79:ea:03:95:32:42:bc:9d:7a:83: + 87:be:51:d2 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -79,11 +79,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW -BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX -H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x -lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F -/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS -JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBAK690MXhT4APhQ3S4LXD3HOZlJAZAfIjZoPakvLoFNxw4CAUJsVjiGob +s/MvXCg5HmunQJsCEqyIBh7G3Z3Uargiy7eqepx3mjcKYlQj8+e5T+CKQb10IWm+ +fBlQfdGTmHxKBmBkcvAJcW6GQy+J3DhKweTMvHJvwrHBnDj/mIeSO6bytS0KQTgN +57VBz8FtljSYnpfIh6meS7tzuzTWvWHvNshF88kxNizxEWhLoPi2ncSmitzj/GD3 +UNLUmNTl+XbKSjx0mruVzjwpzr61ngdV4sShH7QN64cDHXkb4vzzqkvfPiRyVgC5 +tKD8SIBqdoQbeeoDlTJCvJ16g4e+UdI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-assembled.pem b/certs/test-pathlen/chainG-assembled.pem index aa0c41fb4..39ee469f7 100644 --- a/certs/test-pathlen/chainG-assembled.pem +++ b/certs/test-pathlen/chainG-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: - 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: - 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: - 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: - cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: - ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: - 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: - 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: - e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: - 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: - ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: - ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: - 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: - 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: - 49:95:7e:49 + Signature Algorithm: sha256WithRSAEncryption + 06:c8:08:8c:cc:5d:4e:b5:81:35:06:f3:e5:9d:4e:c8:38:3f: + ec:87:8b:55:3c:fc:6e:4c:f8:3c:78:7d:46:03:33:a7:49:55: + 6c:13:37:e9:11:d5:dd:8c:51:70:2c:28:18:6a:01:63:9b:35: + 04:ba:79:49:95:10:ed:31:4b:70:5f:be:a4:67:d4:8d:2f:95: + 45:f7:1f:3d:a0:fc:29:db:55:65:8d:98:ae:79:ad:ce:c7:b9: + 97:54:9d:69:ca:fa:87:01:fb:0d:9b:57:67:b8:44:f6:91:14: + e5:31:b5:c1:d8:96:b7:1d:7a:05:ed:53:d5:04:8a:8b:8e:74: + f1:13:3d:93:d6:16:10:17:d7:de:b1:4e:13:e8:72:ae:83:91: + 1f:46:3e:86:bd:49:79:9c:99:a9:aa:67:ff:cf:7c:34:b1:2c: + d8:bf:e5:3a:22:c2:70:97:47:db:d0:05:77:e9:46:09:f0:c1: + 06:1c:61:df:8b:8f:6d:a6:5b:d5:ae:9a:52:71:ed:5e:9e:38: + e3:8c:9a:52:cf:8a:8f:20:e9:f1:e4:a3:11:bd:b9:ff:a9:1e: + b7:f9:83:26:18:a8:0b:7b:2b:74:f5:c5:3a:58:e1:0b:71:0a: + 3d:ef:15:ee:2c:28:b3:ba:0e:59:3c:a4:46:24:d3:b7:14:b5: + 4a:8f:c1:25 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg -DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx -txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH -BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI -yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER -P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u -ObIaOLEvt0mVfkk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbICIzM +XU61gTUG8+WdTsg4P+yHi1U8/G5M+Dx4fUYDM6dJVWwTN+kR1d2MUXAsKBhqAWOb +NQS6eUmVEO0xS3BfvqRn1I0vlUX3Hz2g/CnbVWWNmK55rc7HuZdUnWnK+ocB+w2b +V2e4RPaRFOUxtcHYlrcdegXtU9UEiouOdPETPZPWFhAX196xThPocq6DkR9GPoa9 +SXmcmamqZ//PfDSxLNi/5ToiwnCXR9vQBXfpRgnwwQYcYd+Lj22mW9WumlJx7V6e +OOOMmlLPio8g6fHkoxG9uf+pHrf5gyYYqAt7K3T1xTpY4QtxCj3vFe4sKLO6Dlk8 +pEYk07cUtUqPwSU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 49:e1:c4:56:e2:37:3b:d2:05:6f:6b:af:e5:72:93:99:08:fc: - 84:58:9f:93:86:3a:b7:e0:79:42:d7:f2:2d:c4:d8:66:2e:45: - 0e:5b:1a:ef:17:7c:fd:f2:bd:41:84:90:cb:d4:6d:9d:8a:5a: - d6:b5:b7:63:f7:d9:89:62:34:56:14:7c:b8:54:a0:1e:fc:b5: - 94:cb:5a:a0:02:1d:76:35:a2:c2:28:2c:74:a9:e8:64:e9:42: - ae:84:bf:5f:45:ae:0f:04:12:34:0e:18:01:26:00:a8:45:84: - 2b:83:2d:c6:37:25:e7:1c:bc:6c:d4:5c:45:04:f7:ec:16:01: - f6:03:95:43:6b:71:81:67:e6:1d:fc:09:57:ed:97:58:7d:0b: - 62:5f:a7:35:e3:00:bc:44:14:38:9d:e3:70:d1:d7:67:d6:a8: - 70:99:f6:79:ad:b8:af:47:64:0c:d3:83:cf:c9:ba:38:6b:9a: - 24:37:a1:f5:47:4e:9d:e3:54:c5:fd:c5:19:a7:82:c4:ff:c6: - 6d:bb:73:35:e8:fe:50:f6:d1:ac:46:4e:05:64:c7:64:9b:4b: - c8:5b:a7:cb:9d:21:58:a4:80:d8:32:5e:f8:7a:27:55:38:08: - 0e:a4:5f:d5:66:99:8e:c7:9b:91:9d:74:e7:76:20:b1:aa:6f: - 13:a4:f1:d3 + Signature Algorithm: sha256WithRSAEncryption + 56:81:8e:f1:e8:5f:b2:9f:ab:8f:2e:ec:79:c7:3d:0d:af:f2: + 18:f7:d2:2e:07:2c:d0:1d:2a:90:c7:c1:fc:ac:aa:0d:86:f0: + 78:6d:33:43:81:02:70:3b:e6:d9:75:db:2e:ca:4a:61:4d:20: + cb:a9:3e:0c:a9:b3:ca:ff:bb:52:cb:06:14:2d:53:b5:68:9f: + a7:02:83:90:3d:f8:b6:a2:46:e4:2b:c5:48:ed:50:7f:ea:27: + cf:7b:9d:88:1f:1c:5d:16:b7:21:0a:42:95:0b:67:6c:29:34: + 64:61:c0:f5:00:6f:36:dc:e9:68:e3:81:bd:07:a6:bc:6c:9d: + f0:61:b0:50:14:d5:89:46:1f:34:b0:90:42:a0:c3:09:64:6e: + a4:46:13:c6:6a:86:98:63:c7:8e:79:d3:a2:d6:73:23:68:a9: + 8d:ac:b0:93:b0:89:f5:ee:08:cc:47:14:95:3b:1f:d3:eb:42: + 3f:68:b8:6b:80:11:8d:85:8c:90:39:29:e8:5d:7d:e5:c1:c2: + 5c:e7:92:8c:ab:79:17:74:60:a5:ee:fe:52:ff:4a:78:62:5c: + 1b:4b:f8:44:41:8c:05:c7:11:e7:5a:c9:a1:a1:d3:6b:82:36: + c3:1f:23:19:ce:68:9d:c3:80:d5:08:8d:68:d2:49:52:95:44: + 3f:1b:50:9d -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEASeHEVuI3O9IFb2uv5XKTmQj8hFifk4Y6 -t+B5QtfyLcTYZi5FDlsa7xd8/fK9QYSQy9RtnYpa1rW3Y/fZiWI0VhR8uFSgHvy1 -lMtaoAIddjWiwigsdKnoZOlCroS/X0WuDwQSNA4YASYAqEWEK4Mtxjcl5xy8bNRc -RQT37BYB9gOVQ2txgWfmHfwJV+2XWH0LYl+nNeMAvEQUOJ3jcNHXZ9aocJn2ea24 -r0dkDNODz8m6OGuaJDeh9UdOneNUxf3FGaeCxP/GbbtzNej+UPbRrEZOBWTHZJtL -yFuny50hWKSA2DJe+HonVTgIDqRf1WaZjsebkZ1053YgsapvE6Tx0w== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVoGO8ehfsp+rjy7secc9Da/yGPfSLgcs +0B0qkMfB/KyqDYbweG0zQ4ECcDvm2XXbLspKYU0gy6k+DKmzyv+7UssGFC1TtWif +pwKDkD34tqJG5CvFSO1Qf+onz3udiB8cXRa3IQpClQtnbCk0ZGHA9QBvNtzpaOOB +vQemvGyd8GGwUBTViUYfNLCQQqDDCWRupEYTxmqGmGPHjnnTotZzI2ipjaywk7CJ +9e4IzEcUlTsf0+tCP2i4a4ARjYWMkDkp6F195cHCXOeSjKt5F3Rgpe7+Uv9KeGJc +G0v4REGMBccR51rJoaHTa4I2wx8jGc5oncOA1QiNaNJJUpVEPxtQnQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:1 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 8e:c1:66:a1:98:57:96:32:bc:20:cd:3b:3c:73:ba:e9:b2:d2: - ab:9e:07:de:cd:36:69:74:28:3b:ce:59:b9:d9:ce:e5:da:76: - 46:d4:1d:a4:ea:71:7b:b1:ee:a0:42:4b:40:01:50:3d:e3:51: - da:94:44:33:8d:47:6c:27:2c:f5:87:e0:30:6e:0c:75:80:d0: - aa:ea:e3:5a:24:39:ed:b7:4b:a0:d1:0a:9f:67:8c:c6:90:ae: - 1f:20:c7:2c:f2:d4:85:b8:29:08:a8:9b:90:88:71:2a:f5:d2: - 2f:23:53:90:42:d4:01:3e:28:6d:0c:cd:4b:2e:04:d3:93:f4: - 3b:5b:07:c7:4c:aa:a8:50:cc:2b:f6:84:5f:60:38:0d:d7:c6: - 7f:d5:dd:62:21:0b:ed:c1:06:d2:42:f8:d0:55:fc:22:4c:3f: - 04:7f:2f:66:4b:7c:26:ee:90:3c:e2:f6:19:10:24:29:31:4d: - b0:b5:c8:12:ec:3f:3f:10:28:5d:66:a5:f5:72:f6:72:a2:18: - 69:10:42:a3:e0:a4:05:a2:0a:24:17:6f:d6:bf:3f:02:31:bf: - 23:58:8e:bb:97:4f:9d:6f:3b:dd:ed:15:7d:3d:86:05:cc:32: - 8f:82:d1:af:97:f8:1d:09:a8:05:d2:63:0f:07:2a:9e:9f:5c: - 65:12:f6:ae + Signature Algorithm: sha256WithRSAEncryption + 3b:e4:43:62:32:48:75:cf:da:f6:fa:38:4f:1b:b2:25:84:5b: + 79:8f:ce:9c:19:10:ef:ab:b4:b5:f0:2b:d1:16:77:f6:cc:f6: + 43:c7:1f:ca:92:f9:d7:69:3c:82:02:02:19:55:a4:a1:d0:1c: + 7c:e8:b8:8f:4c:7b:42:6c:68:0d:0c:b0:05:ad:39:29:7c:45: + 8e:e2:b3:54:e7:98:84:95:21:3d:73:26:33:5e:5b:59:59:f2: + 03:13:28:86:e1:2c:da:a8:37:7e:2e:93:5e:e1:41:9c:6d:03: + 16:0f:8a:b2:4d:67:b6:1b:65:8a:cb:30:b5:ed:ad:e7:9f:81: + 21:a7:6d:39:f7:af:93:82:1c:89:55:ae:0d:e8:88:be:a5:27: + 60:56:7b:f3:5c:1d:57:49:36:c2:9f:cc:50:62:a7:82:54:61: + 36:10:01:2f:cf:85:b2:dd:d7:56:cc:18:7e:85:5d:f1:b7:b7: + b6:c3:04:6b:01:5e:b8:68:28:9a:6b:fc:83:33:b7:28:64:55: + 38:ee:a4:5a:d5:87:ef:89:07:c4:60:9d:8a:25:d5:71:94:5b: + 96:3f:a4:3f:1d:80:3e:ef:97:9e:c4:25:f1:82:01:27:40:27: + cc:61:e6:67:e0:58:33:e9:9f:35:65:89:40:17:6a:a7:6c:d9: + 70:2c:59:a1 -----BEGIN CERTIFICATE----- -MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -256,22 +256,22 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE -AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAjsFmoZhXljK8IM07PHO66bLSq54H3s02 -aXQoO85ZudnO5dp2RtQdpOpxe7HuoEJLQAFQPeNR2pREM41HbCcs9YfgMG4MdYDQ -qurjWiQ57bdLoNEKn2eMxpCuHyDHLPLUhbgpCKibkIhxKvXSLyNTkELUAT4obQzN -Sy4E05P0O1sHx0yqqFDMK/aEX2A4DdfGf9XdYiEL7cEG0kL40FX8Ikw/BH8vZkt8 -Ju6QPOL2GRAkKTFNsLXIEuw/PxAoXWal9XL2cqIYaRBCo+CkBaIKJBdv1r8/AjG/ -I1iOu5dPnW873e0VfT2GBcwyj4LRr5f4HQmoBdJjDwcqnp9cZRL2rg== +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAO+RDYjJIdc/a9vo4TxuyJYRbeY/OnBkQ +76u0tfAr0RZ39sz2Q8cfypL512k8ggICGVWkodAcfOi4j0x7QmxoDQywBa05KXxF +juKzVOeYhJUhPXMmM15bWVnyAxMohuEs2qg3fi6TXuFBnG0DFg+Ksk1nthtlissw +te2t55+BIadtOfevk4IciVWuDeiIvqUnYFZ781wdV0k2wp/MUGKnglRhNhABL8+F +st3XVswYfoVd8be3tsMEawFeuGgommv8gzO3KGRVOO6kWtWH74kHxGCdiiXVcZRb +lj+kPx2APu+XnsQl8YIBJ0AnzGHmZ+BYM+mfNWWJQBdqp2zZcCxZoQ== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -308,28 +308,28 @@ Certificate: CA:TRUE, pathlen:99 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - c5:d2:07:3a:4e:7d:af:34:ee:03:6d:3b:6a:15:68:3c:60:3c: - ec:ac:a3:6c:95:eb:37:7e:be:03:e1:67:2e:d9:21:db:70:01: - c9:78:df:38:be:cd:a9:14:4c:30:79:43:d3:20:5f:dd:2d:a1: - a8:fb:46:e9:12:64:e6:8f:42:7f:08:2e:65:0a:4a:98:4c:62: - 76:62:5c:5d:b3:c8:3d:d7:7f:bd:c7:47:c7:54:93:49:0e:e7: - 5c:bd:62:ae:5b:8a:dc:92:aa:bc:bd:ed:02:3d:f3:0b:69:04: - 5c:35:6b:04:fa:82:5e:ca:8f:b9:7e:a2:3a:72:0b:c4:61:8e: - 45:db:0e:25:f3:11:b9:bb:20:9b:a6:14:9a:a4:8f:5b:1a:e9: - bf:53:df:f1:61:11:7f:fa:0c:f8:8d:36:ff:93:75:35:49:43: - 2c:2a:30:3b:e6:82:b5:2e:d7:05:68:e3:53:97:dd:d7:c1:52: - 6b:74:37:e1:03:b3:c7:2e:ad:86:58:27:fa:94:a9:2e:5a:b6: - 0d:9a:e8:68:0e:ad:e0:10:05:f3:8d:49:a2:33:ca:99:a9:3a: - ef:04:b5:f5:99:26:7a:dd:9f:62:97:cc:ea:6f:5a:1c:bd:2d: - a9:6b:f6:b6:f1:a4:28:4b:e9:4e:c8:7a:a4:a0:31:23:b3:d7: - c8:5e:14:b5 + Signature Algorithm: sha256WithRSAEncryption + 77:4b:04:d7:e6:fd:c1:bb:55:0c:2d:23:bf:90:a3:20:af:cd: + 54:11:34:97:fb:06:55:c1:11:ee:c5:bc:fe:5c:34:73:08:f9: + e9:c3:81:b8:0d:fa:6b:44:cd:ed:4a:d0:3b:40:6d:96:e5:cf: + 96:7d:aa:0d:65:fa:d7:6d:f7:3d:c9:9d:e5:e1:5e:be:34:7d: + b8:62:0c:22:e1:88:c8:02:b8:90:89:9f:1c:1d:18:5c:2d:01: + c9:95:f4:19:01:a6:5b:7a:26:6a:38:71:16:87:88:19:3f:60: + 35:99:71:4c:79:90:db:f9:9b:73:0d:74:45:87:b1:4f:e5:63: + a2:21:b4:38:32:d2:78:f0:15:a6:3a:ac:50:2a:a1:b2:41:f9: + 2b:0a:5c:5b:9a:94:17:42:88:44:41:fa:aa:d3:17:49:c1:31: + eb:a2:89:1f:c7:e7:b2:b0:71:98:64:4e:d6:de:b9:c2:5d:de: + 0e:86:68:1d:9c:ea:7c:b0:72:ee:2a:fa:26:26:1a:21:99:60: + 03:a2:01:67:0e:7d:4a:00:d9:23:2e:c2:c8:c8:3d:04:7a:78: + 08:81:f7:e4:0d:dc:e2:db:b6:1f:8a:33:ab:6f:a1:0d:5f:86: + cd:b7:c9:e1:35:a3:c8:81:da:15:3c:de:39:30:b7:d3:ec:4f: + d3:44:fe:dc -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0MloXDTIyMDcwNjIxMzI0MlowgaIxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaIxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -345,22 +345,22 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAMXSBzpOfa807gNtO2oVaDxgPOyso2yV -6zd+vgPhZy7ZIdtwAcl43zi+zakUTDB5Q9MgX90toaj7RukSZOaPQn8ILmUKSphM -YnZiXF2zyD3Xf73HR8dUk0kO51y9Yq5bitySqry97QI98wtpBFw1awT6gl7Kj7l+ -ojpyC8RhjkXbDiXzEbm7IJumFJqkj1sa6b9T3/FhEX/6DPiNNv+TdTVJQywqMDvm -grUu1wVo41OX3dfBUmt0N+EDs8curYZYJ/qUqS5atg2a6GgOreAQBfONSaIzypmp -Ou8EtfWZJnrdn2KXzOpvWhy9Lalr9rbxpChL6U7IeqSgMSOz18heFLU= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHdLBNfm/cG7VQwtI7+QoyCvzVQRNJf7 +BlXBEe7FvP5cNHMI+enDgbgN+mtEze1K0DtAbZblz5Z9qg1l+tdt9z3JneXhXr40 +fbhiDCLhiMgCuJCJnxwdGFwtAcmV9BkBplt6Jmo4cRaHiBk/YDWZcUx5kNv5m3MN +dEWHsU/lY6IhtDgy0njwFaY6rFAqobJB+SsKXFualBdCiERB+qrTF0nBMeuiiR/H +57KwcZhkTtbeucJd3g6GaB2c6nywcu4q+iYmGiGZYAOiAWcOfUoA2SMuwsjIPQR6 +eAiB9+QN3OLbth+KM6tvoQ1fhs23yeE1o8iB2hU83jkwt9PsT9NE/tw= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -397,28 +397,28 @@ Certificate: CA:TRUE, pathlen:5 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 9b:92:9f:c7:93:84:c5:fe:06:0b:19:07:99:ee:06:f1:3a:d6: - 2b:15:92:94:35:f0:6d:2b:75:c6:b1:44:cc:74:33:32:74:f0: - 24:c9:14:74:08:89:01:5d:83:eb:6e:4e:7d:f2:c6:ad:30:93: - df:e7:b6:43:58:f7:22:87:74:6d:cc:28:74:ba:6a:b4:f2:c4: - 4e:db:7b:ae:42:85:28:fd:e4:06:38:9b:be:ce:43:86:de:47: - 97:3e:58:16:51:18:3e:06:12:5a:fb:bd:1d:8f:af:96:21:96: - 24:bb:ab:2f:c5:4a:eb:13:d1:9a:aa:27:c3:8a:70:ad:87:38: - b4:b5:1a:be:b4:79:59:ee:db:2d:dc:19:65:71:69:df:bf:15: - f4:b7:90:21:06:58:85:da:63:a6:d4:d5:28:1a:78:c7:90:5a: - fc:c9:43:24:e9:d1:a2:b0:e1:8a:ea:8f:c1:88:05:4c:76:17: - 43:be:b9:4e:cc:b1:dc:c6:62:2f:21:29:a9:d1:8e:a2:75:57: - d9:82:c2:58:a7:5d:44:96:f9:f6:d9:71:8e:be:4b:a9:40:0e: - a7:35:91:f9:03:4e:71:ac:86:e7:dd:96:94:f1:7a:a1:09:20: - 88:e5:2a:f3:1e:38:33:53:e7:58:b4:99:0e:51:1b:8d:b6:38: - 13:29:2a:18 + Signature Algorithm: sha256WithRSAEncryption + ab:ff:d4:87:51:61:f9:a5:68:8d:4e:fd:01:0c:e3:75:9a:c5: + 16:f2:c4:1e:d8:bd:d4:ce:9e:b9:bd:72:db:f2:89:2b:7a:46: + b4:6c:16:e5:dc:5a:eb:d0:3f:63:a8:98:82:0e:df:c6:1a:40: + a2:1a:a0:d5:49:10:a6:f4:ae:10:61:0a:2e:91:0d:bc:cf:e9: + bf:9e:98:23:38:30:f2:00:e3:ca:47:df:ad:46:e8:7b:b2:ae: + 1e:af:fd:c7:2e:b7:7d:b7:46:df:cd:bf:06:77:19:29:2b:fc: + 7c:f9:f7:2f:59:ce:90:a6:9e:70:33:58:b6:72:a4:ed:63:9b: + 50:62:6c:38:01:73:63:48:4e:6b:34:3f:c4:d5:de:45:09:a9: + 27:d1:78:36:59:1e:21:ad:a9:a3:1f:14:25:d1:ce:ab:90:3f: + c0:82:7a:54:fe:6b:48:fc:52:e1:f4:69:2d:84:2e:1c:7b:6f: + 42:4a:7b:05:91:70:0d:f3:ae:b3:d6:bc:7a:fa:9c:c8:0a:e8: + f1:a0:fa:ee:f3:fe:1d:34:0e:31:79:d8:80:57:53:23:af:65: + 92:94:ef:16:de:e0:9f:0a:5a:17:ba:e8:81:90:e1:e4:24:97: + b4:73:82:4c:38:4c:45:2f:82:75:55:4b:af:b8:58:b3:b1:d1: + 60:ab:53:5f -----BEGIN CERTIFICATE----- -MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGhMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGhMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s @@ -434,22 +434,22 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E -BAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAJuSn8eThMX+BgsZB5nuBvE61isVkpQ1 -8G0rdcaxRMx0MzJ08CTJFHQIiQFdg+tuTn3yxq0wk9/ntkNY9yKHdG3MKHS6arTy -xE7be65ChSj95AY4m77OQ4beR5c+WBZRGD4GElr7vR2Pr5YhliS7qy/FSusT0Zqq -J8OKcK2HOLS1Gr60eVnu2y3cGWVxad+/FfS3kCEGWIXaY6bU1SgaeMeQWvzJQyTp -0aKw4Yrqj8GIBUx2F0O+uU7MsdzGYi8hKanRjqJ1V9mCwlinXUSW+fbZcY6+S6lA -Dqc1kfkDTnGshufdlpTxeqEJIIjlKvMeODNT51i0mQ5RG422OBMpKhg= +BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKv/1IdRYfmlaI1O/QEM43WaxRbyxB7Y +vdTOnrm9ctvyiSt6RrRsFuXcWuvQP2OomIIO38YaQKIaoNVJEKb0rhBhCi6RDbzP +6b+emCM4MPIA48pH361G6Huyrh6v/ccut323Rt/NvwZ3GSkr/Hz59y9ZzpCmnnAz +WLZypO1jm1BibDgBc2NITms0P8TV3kUJqSfReDZZHiGtqaMfFCXRzquQP8CCelT+ +a0j8UuH0aS2ELhx7b0JKewWRcA3zrrPWvHr6nMgK6PGg+u7z/h00DjF52IBXUyOv +ZZKU7xbe4J8KWhe66IGQ4eQkl7Rzgkw4TEUvgnVVS6+4WLOx0WCrU18= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -486,28 +486,28 @@ Certificate: CA:TRUE, pathlen:20 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 5a:f8:26:05:f2:2f:da:8c:9f:8a:d3:c5:f9:2a:20:61:91:b9: - 74:b4:24:f8:17:7c:1a:88:b3:21:5c:e8:d1:3f:bc:a5:d6:73: - f0:b0:76:8f:76:86:20:4e:33:bf:0a:fd:a8:83:8e:11:21:38: - de:da:a2:ee:b8:74:98:db:a4:4b:d4:cf:ee:35:c1:95:0b:a5: - 7d:f0:03:17:0d:fa:23:d3:a2:cc:8e:f5:78:96:f3:37:fa:35: - 13:20:8a:4c:13:46:c2:ad:b3:34:11:5c:82:3b:bb:ae:0c:8b: - 0d:4b:16:b6:ac:a7:d9:59:5d:2e:74:61:9b:a1:c7:4f:04:1c: - 9f:5c:71:99:1b:80:03:f3:0e:3d:cd:a9:62:66:6c:18:8b:ca: - 6c:c1:29:cd:c7:84:b7:f2:d8:01:79:30:94:83:f5:90:bd:fc: - cb:ad:36:5f:f2:f7:3f:33:f3:4d:38:68:c7:8f:a2:1a:37:95: - 69:aa:6c:e0:52:07:eb:1d:48:21:cc:3e:d1:c1:38:a0:76:a0: - 1b:63:cb:73:01:9a:78:9e:02:66:72:9b:f4:4c:b8:83:4d:f8: - 71:d0:b1:98:8a:38:8d:bf:c9:ea:d3:c5:f3:7c:af:c1:f2:27: - 1a:ef:ba:fb:d5:f1:54:fe:dc:93:3d:b4:7d:3e:58:c4:08:f6: - 5c:9c:5d:21 + Signature Algorithm: sha256WithRSAEncryption + a4:e7:16:a9:20:7b:9c:89:49:48:94:e7:58:31:71:34:10:35: + d5:b6:91:5f:5e:2d:63:66:48:ff:45:7f:d4:dc:53:39:6f:7b: + 13:0a:de:37:7c:c1:43:e9:f9:b2:71:b8:93:22:12:7f:50:9b: + b9:0c:e4:3a:47:7a:95:bc:a4:08:41:73:f0:a3:9a:88:98:7e: + d0:7c:bb:76:ab:5c:ad:3c:41:73:78:5b:b1:0d:06:ae:46:d2: + 81:af:9a:53:f7:d2:45:66:99:45:5e:2e:05:48:47:78:49:b4: + 27:c9:76:5f:93:be:d4:f7:3d:a7:16:39:ef:dc:a1:57:7f:78: + ca:d3:33:94:87:cb:dd:aa:88:07:0b:62:fa:eb:f0:c9:5f:d8: + 3f:a3:6d:d5:dc:ea:a0:b9:c6:dc:7f:08:46:9e:ed:41:52:46: + d2:7a:96:20:37:f6:69:ef:85:23:43:fa:a8:27:1c:2b:70:37: + 7d:50:ce:48:4b:f7:ce:2d:6a:08:3d:45:f3:a3:e4:1f:ef:1f: + 0e:72:e2:f2:f1:e7:5f:72:1f:84:53:1b:d6:b4:2b:e4:4a:3d: + 39:db:a7:02:6a:02:5e:de:3a:43:05:32:de:16:e9:5e:cf:12: + b2:0e:60:36:e1:47:12:ab:98:ce:ef:c4:76:d5:30:b6:72:ae: + af:13:14:17 -----BEGIN CERTIFICATE----- -MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMCVVMx +MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns -LmNvbTAeFw0xOTEwMTAyMTMyNDJaFw0yMjA3MDYyMTMyNDJaMIGiMQswCQYDVQQG +LmNvbTAeFw0xOTEwMTEwMDI4MDlaFw0yMjA3MDcwMDI4MDlaMIGiMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv @@ -523,22 +523,22 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud -DwQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWvgmBfIv2oyfitPF+SogYZG5dLQk -+Bd8GoizIVzo0T+8pdZz8LB2j3aGIE4zvwr9qIOOESE43tqi7rh0mNukS9TP7jXB -lQulffADFw36I9OizI71eJbzN/o1EyCKTBNGwq2zNBFcgju7rgyLDUsWtqyn2Vld -LnRhm6HHTwQcn1xxmRuAA/MOPc2pYmZsGIvKbMEpzceEt/LYAXkwlIP1kL38y602 -X/L3PzPzTThox4+iGjeVaaps4FIH6x1IIcw+0cE4oHagG2PLcwGaeJ4CZnKb9Ey4 -g034cdCxmIo4jb/J6tPF83yvwfInGu+6+9XxVP7ckz20fT5YxAj2XJxdIQ== +DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEApOcWqSB7nIlJSJTnWDFxNBA11baR +X14tY2ZI/0V/1NxTOW97EwreN3zBQ+n5snG4kyISf1CbuQzkOkd6lbykCEFz8KOa +iJh+0Hy7dqtcrTxBc3hbsQ0GrkbSga+aU/fSRWaZRV4uBUhHeEm0J8l2X5O+1Pc9 +pxY579yhV394ytMzlIfL3aqIBwti+uvwyV/YP6Nt1dzqoLnG3H8IRp7tQVJG0nqW +IDf2ae+FI0P6qCccK3A3fVDOSEv3zi1qCD1F86PkH+8fDnLi8vHnX3IfhFMb1rQr +5Eo9OdunAmoCXt46QwUy3hbpXs8Ssg5gNuFHEquYzu/EdtUwtnKurxMUFw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -575,28 +575,28 @@ Certificate: CA:TRUE, pathlen:10 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 62:15:b5:4c:71:fc:6c:05:d9:97:75:9b:a0:8f:f5:ae:1a:b8: - 59:43:f9:0a:c0:2c:4c:88:47:02:21:da:7d:6a:33:cc:85:17: - 10:b5:b9:74:78:22:17:8b:94:ed:90:93:e4:61:6c:9f:4e:ce: - 3f:3e:e8:39:7a:12:33:99:c5:5a:f0:05:be:e4:3e:b2:ae:79: - 56:aa:e6:47:7d:d3:f9:d9:4c:49:39:df:5a:f5:1e:44:2e:81: - 3c:2a:28:3a:c6:dd:11:15:41:eb:73:5e:a7:e6:06:0c:d5:24: - e8:30:af:ac:52:2e:e5:76:a0:b2:8b:93:a0:47:90:2a:d0:f8: - da:b9:03:fa:ce:fb:f6:16:31:56:43:7c:ea:a9:dd:1d:42:c0: - 6b:25:2b:e6:c5:82:c4:f3:b7:27:81:1c:36:2d:3c:53:9e:ca: - 73:af:70:42:6b:97:38:89:be:6e:54:e2:08:5a:84:2f:78:2b: - fe:cf:2f:e0:eb:04:e0:93:67:e1:d1:49:c0:6d:9b:30:0f:24: - 0b:10:5e:f2:36:9e:90:b4:a6:46:81:cd:cf:96:a6:37:0f:82: - 80:ca:6f:25:b3:85:65:6e:e9:09:8f:b3:fc:d5:a6:4a:57:62: - 89:06:c3:d1:3d:ad:f1:33:5e:b8:dd:89:b0:50:98:96:11:0f: - 66:ec:5d:71 + Signature Algorithm: sha256WithRSAEncryption + 70:24:57:3f:1a:0c:94:f9:64:14:2e:20:81:bf:02:ba:bb:a5: + 21:02:2b:c0:09:0b:9e:8a:e3:c8:b2:39:4d:05:c1:34:62:44: + 62:5c:d5:ae:0f:17:cf:c0:ab:71:f8:5c:d5:74:8d:3d:eb:90: + d5:d6:a5:97:b8:c1:ab:d7:9c:e7:ca:4f:ee:8f:f2:5d:c7:81: + 22:fc:2e:b0:2d:f2:ff:e3:1a:c5:85:31:21:49:3f:38:f9:5b: + 55:e6:f3:f8:5c:63:fc:9a:c8:76:f0:3d:87:d2:fb:06:6d:5e: + f4:f4:e9:8c:3a:99:7b:1c:8f:29:fb:f6:c3:0c:23:9a:2c:1e: + f4:97:4f:b8:48:37:33:b4:aa:15:a6:5a:75:09:e9:c4:d5:44: + c6:e8:4e:a2:f0:70:a8:9f:10:91:56:55:59:f4:4a:b6:36:4a: + fc:b9:3a:60:01:e6:6e:61:58:f3:b0:ac:cd:02:38:97:bd:eb: + d3:6b:9e:b5:a6:58:ee:ce:86:c2:1b:cf:12:b3:1b:78:00:df: + 5f:da:77:5d:9c:8e:a5:ca:f1:77:87:c1:ed:ad:fd:cf:ea:05: + 53:f9:7e:34:e7:95:23:de:36:36:65:59:08:76:11:6f:d9:6e: + 55:17:af:33:1f:9e:0b:fe:fb:53:5c:67:1a:4d:8a:83:7f:5b: + ca:ff:e4:94 -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCVVMx +MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz -bC5jb20wHhcNMTkxMDEwMjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBojELMAkGA1UE +bC5jb20wHhcNMTkxMDExMDAyODA5WhcNMjIwNzA3MDAyODA5WjCBojELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3 @@ -612,22 +612,22 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI -hvcNAQEFBQADggEBAGIVtUxx/GwF2Zd1m6CP9a4auFlD+QrALEyIRwIh2n1qM8yF -FxC1uXR4IheLlO2Qk+RhbJ9Ozj8+6Dl6EjOZxVrwBb7kPrKueVaq5kd90/nZTEk5 -31r1HkQugTwqKDrG3REVQetzXqfmBgzVJOgwr6xSLuV2oLKLk6BHkCrQ+Nq5A/rO -+/YWMVZDfOqp3R1CwGslK+bFgsTztyeBHDYtPFOeynOvcEJrlziJvm5U4ghahC94 -K/7PL+DrBOCTZ+HRScBtmzAPJAsQXvI2npC0pkaBzc+WpjcPgoDKbyWzhWVu6QmP -s/zVpkpXYokGw9E9rfEzXrjdibBQmJYRD2bsXXE= +hvcNAQELBQADggEBAHAkVz8aDJT5ZBQuIIG/Arq7pSECK8AJC56K48iyOU0FwTRi +RGJc1a4PF8/Aq3H4XNV0jT3rkNXWpZe4wavXnOfKT+6P8l3HgSL8LrAt8v/jGsWF +MSFJPzj5W1Xm8/hcY/yayHbwPYfS+wZtXvT06Yw6mXscjyn79sMMI5osHvSXT7hI +NzO0qhWmWnUJ6cTVRMboTqLwcKifEJFWVVn0SrY2Svy5OmAB5m5hWPOwrM0COJe9 +69NrnrWmWO7OhsIbzxKzG3gA31/ad12cjqXK8XeHwe2t/c/qBVP5fjTnlSPeNjZl +WQh2EW/ZblUXrzMfngv++1NcZxpNioN/W8r/5JQ= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:42 2019 GMT - Not After : Jul 6 21:32:42 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -664,28 +664,28 @@ Certificate: CA:TRUE, pathlen:100 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 77:32:87:a1:22:9d:e2:af:39:a7:32:d1:d4:09:0b:7e:a0:d5: - f7:2d:2f:20:11:39:95:cf:dd:c6:cf:b2:18:93:47:be:0c:2b: - c2:19:11:10:d6:06:e9:91:7b:35:35:7b:a5:bc:89:0c:bc:58: - 2e:28:66:b5:8a:55:a8:3c:07:f1:9f:1d:66:ab:f0:d7:73:42: - 8a:73:cc:74:dc:9d:d3:85:dd:73:fd:ac:ed:f0:ec:c0:17:1f: - 50:ec:35:eb:76:03:10:e7:59:9c:0d:43:da:19:b2:a7:0c:06: - 16:d5:b0:2c:10:30:a2:47:ab:c3:e2:dd:6d:eb:c0:26:e3:0e: - df:12:62:b9:cc:eb:31:6f:11:0f:f1:96:09:4a:3b:c2:2c:a8: - e8:8a:fc:cb:93:4a:c8:f4:63:b4:a8:6f:df:61:b9:f7:fa:fc: - 3d:fd:08:15:b7:33:b0:c8:5c:72:2c:cb:37:88:f9:19:92:f7: - 15:27:32:3e:05:fc:47:2e:8c:02:3f:fd:9a:95:ff:52:b6:bc: - 65:91:3a:1b:37:dd:81:2e:d8:bd:ef:f8:b5:c8:84:66:ce:2f: - f9:98:af:ee:9a:61:67:da:60:6c:14:e5:eb:4d:6d:d1:d2:24: - 3c:13:8c:44:2f:ea:28:09:86:66:75:0c:95:85:77:87:45:a2: - ca:8c:2f:a8 + Signature Algorithm: sha256WithRSAEncryption + ae:bd:d0:c5:e1:4f:80:0f:85:0d:d2:e0:b5:c3:dc:73:99:94: + 90:19:01:f2:23:66:83:da:92:f2:e8:14:dc:70:e0:20:14:26: + c5:63:88:6a:1b:b3:f3:2f:5c:28:39:1e:6b:a7:40:9b:02:12: + ac:88:06:1e:c6:dd:9d:d4:6a:b8:22:cb:b7:aa:7a:9c:77:9a: + 37:0a:62:54:23:f3:e7:b9:4f:e0:8a:41:bd:74:21:69:be:7c: + 19:50:7d:d1:93:98:7c:4a:06:60:64:72:f0:09:71:6e:86:43: + 2f:89:dc:38:4a:c1:e4:cc:bc:72:6f:c2:b1:c1:9c:38:ff:98: + 87:92:3b:a6:f2:b5:2d:0a:41:38:0d:e7:b5:41:cf:c1:6d:96: + 34:98:9e:97:c8:87:a9:9e:4b:bb:73:bb:34:d6:bd:61:ef:36: + c8:45:f3:c9:31:36:2c:f1:11:68:4b:a0:f8:b6:9d:c4:a6:8a: + dc:e3:fc:60:f7:50:d2:d4:98:d4:e5:f9:76:ca:4a:3c:74:9a: + bb:95:ce:3c:29:ce:be:b5:9e:07:55:e2:c4:a1:1f:b4:0d:eb: + 87:03:1d:79:1b:e2:fc:f3:aa:4b:df:3e:24:72:56:00:b9:b4: + a0:fc:48:80:6a:76:84:1b:79:ea:03:95:32:42:bc:9d:7a:83: + 87:be:51:d2 -----BEGIN CERTIFICATE----- -MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwzCCA6ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQyWhcNMjIwNzA2MjEzMjQyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi @@ -700,11 +700,11 @@ IwSBwTCBvoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAhv/1 -jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEF -BQADggEBAHcyh6EineKvOacy0dQJC36g1fctLyAROZXP3cbPshiTR74MK8IZERDW -BumRezU1e6W8iQy8WC4oZrWKVag8B/GfHWar8NdzQopzzHTcndOF3XP9rO3w7MAX -H1DsNet2AxDnWZwNQ9oZsqcMBhbVsCwQMKJHq8Pi3W3rwCbjDt8SYrnM6zFvEQ/x -lglKO8IsqOiK/MuTSsj0Y7Sob99huff6/D39CBW3M7DIXHIsyzeI+RmS9xUnMj4F -/EcujAI//ZqV/1K2vGWROhs33YEu2L3v+LXIhGbOL/mYr+6aYWfaYGwU5etNbdHS -JDwTjEQv6igJhmZ1DJWFd4dFosqML6g= +jhDeuPswDwYDVR0TBAgwBgEB/wIBZDALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEL +BQADggEBAK690MXhT4APhQ3S4LXD3HOZlJAZAfIjZoPakvLoFNxw4CAUJsVjiGob +s/MvXCg5HmunQJsCEqyIBh7G3Z3Uargiy7eqepx3mjcKYlQj8+e5T+CKQb10IWm+ +fBlQfdGTmHxKBmBkcvAJcW6GQy+J3DhKweTMvHJvwrHBnDj/mIeSO6bytS0KQTgN +57VBz8FtljSYnpfIh6meS7tzuzTWvWHvNshF88kxNizxEWhLoPi2ncSmitzj/GD3 +UNLUmNTl+XbKSjx0mruVzjwpzr61ngdV4sShH7QN64cDHXkb4vzzqkvfPiRyVgC5 +tKD8SIBqdoQbeeoDlTJCvJ16g4e+UdI= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainG-entity.pem b/certs/test-pathlen/chainG-entity.pem index fc8a96ca2..d563eef64 100644 --- a/certs/test-pathlen/chainG-entity.pem +++ b/certs/test-pathlen/chainG-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - bc:c9:54:09:60:0c:7b:8b:2d:f2:9b:92:20:a6:09:11:37:b8: - 9b:42:dc:ae:c8:b5:aa:07:d9:65:bf:c5:41:58:68:95:fd:b1: - 43:08:df:60:39:84:2a:0d:fe:f3:19:2f:78:39:15:57:f1:b7: - 15:dc:bd:b1:72:68:6a:2e:93:95:74:9d:5a:ec:c7:48:f0:11: - cb:df:d3:d4:ec:31:90:48:b4:d6:19:f5:11:5c:34:18:31:cd: - ec:56:27:f3:0a:42:97:85:c4:9b:87:05:6d:09:19:e2:ef:82: - 9f:38:79:ec:0d:ed:14:68:fd:87:e0:2f:16:51:19:86:5b:1f: - 80:4b:c6:8b:0f:05:4d:05:55:71:89:d7:f3:6b:03:d7:da:ba: - e5:07:a5:82:48:ca:bc:f9:e9:51:db:ac:cd:8c:51:a9:70:79: - 15:ff:42:15:46:ea:a7:59:ab:13:c1:7e:26:18:f5:fe:06:c1: - ce:3a:d1:25:28:ff:bd:5b:a8:ca:d3:e6:4c:d8:23:81:11:3f: - ed:4d:b1:1a:e3:be:92:11:25:38:ca:b2:6c:22:b5:7b:75:07: - 2a:9c:4d:a9:9b:bc:4a:fb:b2:cf:a4:fb:e9:5a:9f:04:02:00: - 9f:ac:f5:db:bc:14:4b:9f:36:cd:2e:39:b2:1a:38:b1:2f:b7: - 49:95:7e:49 + Signature Algorithm: sha256WithRSAEncryption + 06:c8:08:8c:cc:5d:4e:b5:81:35:06:f3:e5:9d:4e:c8:38:3f: + ec:87:8b:55:3c:fc:6e:4c:f8:3c:78:7d:46:03:33:a7:49:55: + 6c:13:37:e9:11:d5:dd:8c:51:70:2c:28:18:6a:01:63:9b:35: + 04:ba:79:49:95:10:ed:31:4b:70:5f:be:a4:67:d4:8d:2f:95: + 45:f7:1f:3d:a0:fc:29:db:55:65:8d:98:ae:79:ad:ce:c7:b9: + 97:54:9d:69:ca:fa:87:01:fb:0d:9b:57:67:b8:44:f6:91:14: + e5:31:b5:c1:d8:96:b7:1d:7a:05:ed:53:d5:04:8a:8b:8e:74: + f1:13:3d:93:d6:16:10:17:d7:de:b1:4e:13:e8:72:ae:83:91: + 1f:46:3e:86:bd:49:79:9c:99:a9:aa:67:ff:cf:7c:34:b1:2c: + d8:bf:e5:3a:22:c2:70:97:47:db:d0:05:77:e9:46:09:f0:c1: + 06:1c:61:df:8b:8f:6d:a6:5b:d5:ae:9a:52:71:ed:5e:9e:38: + e3:8c:9a:52:cf:8a:8f:20:e9:f1:e4:a3:11:bd:b9:ff:a9:1e: + b7:f9:83:26:18:a8:0b:7b:2b:74:f5:c5:3a:58:e1:0b:71:0a: + 3d:ef:15:ee:2c:28:b3:ba:0e:59:3c:a4:46:24:d3:b7:14:b5: + 4a:8f:c1:25 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALzJVAlg -DHuLLfKbkiCmCRE3uJtC3K7ItaoH2WW/xUFYaJX9sUMI32A5hCoN/vMZL3g5FVfx -txXcvbFyaGouk5V0nVrsx0jwEcvf09TsMZBItNYZ9RFcNBgxzexWJ/MKQpeFxJuH -BW0JGeLvgp84eewN7RRo/YfgLxZRGYZbH4BLxosPBU0FVXGJ1/NrA9fauuUHpYJI -yrz56VHbrM2MUalweRX/QhVG6qdZqxPBfiYY9f4Gwc460SUo/71bqMrT5kzYI4ER -P+1NsRrjvpIRJTjKsmwitXt1ByqcTambvEr7ss+k++lanwQCAJ+s9du8FEufNs0u -ObIaOLEvt0mVfkk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAbICIzM +XU61gTUG8+WdTsg4P+yHi1U8/G5M+Dx4fUYDM6dJVWwTN+kR1d2MUXAsKBhqAWOb +NQS6eUmVEO0xS3BfvqRn1I0vlUX3Hz2g/CnbVWWNmK55rc7HuZdUnWnK+ocB+w2b +V2e4RPaRFOUxtcHYlrcdegXtU9UEiouOdPETPZPWFhAX196xThPocq6DkR9GPoa9 +SXmcmamqZ//PfDSxLNi/5ToiwnCXR9vQBXfpRgnwwQYcYd+Lj22mW9WumlJx7V6e +OOOMmlLPio8g6fHkoxG9uf+pHrf5gyYYqAt7K3T1xTpY4QtxCj3vFe4sKLO6Dlk8 +pEYk07cUtUqPwSU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/certs/test-pathlen/chainH-ICA1-pathlen0.pem index 767778cf9..974ddd46a 100644 --- a/certs/test-pathlen/chainH-ICA1-pathlen0.pem +++ b/certs/test-pathlen/chainH-ICA1-pathlen0.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: - d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: - 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: - 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: - 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: - ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: - ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: - d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: - 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: - c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: - d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: - 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: - e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: - 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: - cf:03:8c:6f + Signature Algorithm: sha256WithRSAEncryption + 5f:77:d6:d2:55:4e:25:be:4b:f4:9f:9d:a8:ff:92:ac:4d:19: + 1f:0b:50:5b:51:01:7f:b8:a2:56:0d:cd:0c:c8:66:7a:08:bf: + 1e:07:6a:a5:6d:ad:68:c4:bb:da:99:d7:f3:62:bb:b5:28:de: + 47:dc:e2:b0:e1:27:cd:14:4b:7d:1c:7d:1a:60:eb:37:6f:fc: + ff:4e:1f:9f:ce:52:da:b4:a7:f4:6c:92:b5:65:b5:8f:53:1b: + d8:bd:7d:f6:a8:7e:23:9f:7d:b6:09:18:f2:a3:17:55:aa:fe: + 57:87:3d:a9:18:52:76:6e:fe:7c:ed:2a:85:45:63:d3:4d:7b: + f2:5e:ff:0f:a7:ae:24:ef:5f:71:66:25:29:31:9e:4a:12:a0: + 56:5b:39:2c:79:64:d0:1a:fb:97:99:df:42:9c:23:b4:f1:1d: + be:fc:da:41:16:b1:a0:fc:3a:b8:6e:a7:cf:3c:21:ea:22:7c: + f6:d2:a1:25:96:1e:b9:2f:eb:bf:61:c2:ee:58:c6:a1:7e:d0: + 73:e3:fd:58:62:ca:44:95:2b:b1:a8:d0:f8:1a:0d:40:9a:fb: + b1:27:4b:fc:57:4c:32:b5:09:5e:6e:ac:1d:dc:bc:77:f5:1b: + 27:88:40:df:70:da:f7:28:32:ef:8f:2e:53:41:78:69:e9:3e: + 7b:64:da:e4 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG -2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX -HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj -J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ -xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m -fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBfd9bSVU4lvkv0n52o/5KsTRkfC1BbUQF/ +uKJWDc0MyGZ6CL8eB2qlba1oxLvamdfzYru1KN5H3OKw4SfNFEt9HH0aYOs3b/z/ +Th+fzlLatKf0bJK1ZbWPUxvYvX32qH4jn322CRjyoxdVqv5Xhz2pGFJ2bv587SqF +RWPTTXvyXv8Pp64k719xZiUpMZ5KEqBWWzkseWTQGvuXmd9CnCO08R2+/NpBFrGg +/Dq4bqfPPCHqInz20qEllh65L+u/YcLuWMahftBz4/1YYspElSuxqND4Gg1Amvux +J0v8V0wytQlebqwd3Lx39RsniEDfcNr3KDLvjy5TQXhp6T57ZNrk -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/certs/test-pathlen/chainH-ICA2-pathlen2.pem index 38a3d79af..31230193c 100644 --- a/certs/test-pathlen/chainH-ICA2-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA2-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: - cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: - 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: - 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: - cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: - d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: - c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: - f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: - 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: - 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: - 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: - e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: - 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: - 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: - ec:b2:af:6c + Signature Algorithm: sha256WithRSAEncryption + 16:6f:a3:cd:f6:de:87:1c:86:f8:b4:b8:e6:e0:dc:11:2f:f3: + bb:f1:57:34:ec:1a:59:8a:81:63:40:01:df:53:24:a7:50:b0: + 6d:3d:29:2a:41:e7:08:71:0f:37:4b:10:b5:95:ae:a0:81:ba: + ba:b5:3e:72:48:be:6b:9e:be:34:3b:0d:15:f8:8f:9d:24:68: + 01:0c:d4:4a:0d:86:d5:b3:71:b6:d6:8e:71:44:16:7e:e3:db: + ba:7d:0e:5f:b3:2f:e2:60:f9:ff:bc:91:a6:ae:3c:ba:30:e4: + f5:55:bf:1e:72:0b:cc:5e:b4:7e:1f:09:aa:b4:52:bd:8c:2c: + 37:d0:0d:82:b4:ec:ff:c1:cf:91:a2:43:24:b8:b4:c0:ac:f2: + 29:eb:84:1d:49:ef:a4:8f:65:b3:06:01:2f:23:cf:a6:27:42: + cd:99:17:b9:69:40:1d:df:99:f6:f8:c4:61:cc:4a:a1:f0:38: + ce:4e:c4:27:f6:8f:d2:ae:74:5f:39:93:66:77:55:b2:25:8d: + 7e:7f:7d:b4:2b:f1:ee:83:9e:7b:f5:31:3f:d7:27:53:e6:21: + bd:69:a5:ca:0e:d8:6e:54:67:56:bf:f3:ec:e8:e1:aa:a4:76: + fa:0d:42:d4:7d:26:bd:f5:e5:25:ee:81:c4:ed:59:eb:0a:54: + d3:c9:18:30 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l -HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN -bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np -uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch -gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY -MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAWb6PN9t6HHIb4tLjm4NwRL/O78Vc07BpZ +ioFjQAHfUySnULBtPSkqQecIcQ83SxC1la6ggbq6tT5ySL5rnr40Ow0V+I+dJGgB +DNRKDYbVs3G21o5xRBZ+49u6fQ5fsy/iYPn/vJGmrjy6MOT1Vb8ecgvMXrR+Hwmq +tFK9jCw30A2CtOz/wc+RokMkuLTArPIp64QdSe+kj2WzBgEvI8+mJ0LNmRe5aUAd +35n2+MRhzEqh8DjOTsQn9o/SrnRfOZNmd1WyJY1+f320K/Hug5579TE/1ydT5iG9 +aaXKDthuVGdWv/Ps6OGqpHb6DULUfSa99eUl7oHE7VnrClTTyRgw -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/certs/test-pathlen/chainH-ICA3-pathlen2.pem index 563e9156a..7f4dd677b 100644 --- a/certs/test-pathlen/chainH-ICA3-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA3-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: - 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: - eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: - 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: - 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: - 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: - 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: - 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: - 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: - fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: - df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: - e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: - 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: - 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: - 7e:4b:ec:a0 + Signature Algorithm: sha256WithRSAEncryption + 2a:35:ca:d5:dd:97:31:4d:29:21:90:67:ba:68:ef:2a:56:b0: + 08:0a:c5:a2:cc:30:11:71:59:1b:59:2b:ca:c4:cc:22:52:d7: + f3:a7:d2:14:c5:fc:e4:c5:6f:9d:45:ce:7f:d0:dd:ec:5f:6b: + c3:d1:78:7a:29:bb:73:98:b6:15:9b:41:37:7a:50:b3:04:1d: + 72:90:9b:e9:f2:4b:68:f3:60:e9:bb:34:6e:2a:6c:6c:50:a6: + 38:ac:61:bc:ca:25:23:f5:f5:70:3a:8a:33:94:cf:97:1c:5c: + a3:76:b0:7b:88:35:8a:6e:18:44:01:e6:80:23:e9:14:ea:66: + 56:34:9a:0b:ca:1a:37:c8:e7:00:03:39:7d:73:e5:13:cb:be: + 9e:df:c6:87:c3:24:a7:7f:39:1d:cc:ca:1f:e7:14:38:fe:3d: + 06:7a:2f:95:f3:9a:79:49:e9:9c:f3:72:e5:b4:b5:fb:87:13: + 83:4f:9f:76:2f:41:8f:a4:55:1d:e4:74:2f:0a:0f:cd:ee:a8: + 50:06:1e:a7:9e:25:9f:f3:9d:b2:c1:44:de:c5:44:3e:42:64: + e1:75:16:33:56:a7:93:68:bb:fa:96:46:33:de:58:c1:81:42: + ca:1c:28:4f:09:71:db:60:e1:88:ac:d6:0d:37:3a:63:8d:50: + b7:35:2d:e5 -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts -wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX -CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg -GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z -UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 -CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +AQELBQADggEBACo1ytXdlzFNKSGQZ7po7ypWsAgKxaLMMBFxWRtZK8rEzCJS1/On +0hTF/OTFb51Fzn/Q3exfa8PReHopu3OYthWbQTd6ULMEHXKQm+nyS2jzYOm7NG4q +bGxQpjisYbzKJSP19XA6ijOUz5ccXKN2sHuINYpuGEQB5oAj6RTqZlY0mgvKGjfI +5wADOX1z5RPLvp7fxofDJKd/OR3Myh/nFDj+PQZ6L5XzmnlJ6ZzzcuW0tfuHE4NP +n3YvQY+kVR3kdC8KD83uqFAGHqeeJZ/znbLBRN7FRD5CZOF1FjNWp5Nou/qWRjPe +WMGBQsocKE8Jcdtg4Yis1g03OmONULc1LeU= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/certs/test-pathlen/chainH-ICA4-pathlen2.pem index 91aa44ad3..df74193db 100644 --- a/certs/test-pathlen/chainH-ICA4-pathlen2.pem +++ b/certs/test-pathlen/chainH-ICA4-pathlen2.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -43,28 +43,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: - 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: - fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: - be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: - 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: - 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: - 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: - 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: - 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: - c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: - 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: - 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: - b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: - e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: - 0f:90:4c:f8 + Signature Algorithm: sha256WithRSAEncryption + 61:c0:d8:c4:02:cd:b4:54:d3:44:e9:06:78:0b:a2:16:b5:4a: + b6:b5:09:f1:d1:fc:9f:be:e5:12:0b:6c:61:8d:66:3f:ce:8f: + 95:98:24:ea:d2:99:3a:4f:89:e3:2d:a9:f7:69:cb:05:9e:90: + af:5a:f1:93:ac:ee:fe:78:f8:e3:22:fa:69:7f:e4:71:1d:c9: + 1e:ac:61:81:8d:93:33:bc:b2:e4:67:75:97:9d:af:0a:db:ab: + 24:3f:8d:1d:16:c6:05:c6:89:a7:5f:cf:2d:73:39:de:8f:40: + 94:4b:7a:a4:ea:35:1e:70:ce:3a:f5:75:76:e5:ab:e4:8a:9a: + a4:a1:ec:49:59:3d:b7:23:fa:3c:af:dd:09:d7:aa:47:60:11: + 07:07:f4:8b:a1:40:b2:d9:bb:0f:88:b8:d1:a5:e2:88:22:76: + 8b:45:d6:96:2c:45:11:98:04:85:22:99:1f:49:a7:30:b0:b0: + 74:c3:ea:1a:a6:53:ed:c9:48:40:1a:d8:02:a8:fb:35:3a:f7: + 69:42:b2:75:dd:98:41:30:a9:e3:b1:ec:c6:66:f1:61:16:5b: + f6:e3:bc:31:8e:46:66:fa:39:34:66:cc:95:1d:69:15:12:41: + 16:ce:e6:a6:d4:4c:eb:f4:99:b4:6d:66:99:76:ae:5a:e8:24: + 92:a7:ef:45 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -79,11 +79,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt -Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP -sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM -MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl -zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni -nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBhwNjEAs20VNNE6QZ4C6IWtUq2tQnx0fyfvuUSC2xhjWY/zo+VmCTq0pk6 +T4njLan3acsFnpCvWvGTrO7+ePjjIvppf+RxHckerGGBjZMzvLLkZ3WXna8K26sk +P40dFsYFxomnX88tcznej0CUS3qk6jUecM469XV25avkipqkoexJWT23I/o8r90J +16pHYBEHB/SLoUCy2bsPiLjRpeKIInaLRdaWLEURmASFIpkfSacwsLB0w+oaplPt +yUhAGtgCqPs1OvdpQrJ13ZhBMKnjsezGZvFhFlv247wxjkZm+jk0ZsyVHWkVEkEW +zuam1Ezr9Jm0bWaZdq5a6CSSp+9F -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-assembled.pem b/certs/test-pathlen/chainH-assembled.pem index 402c392b8..bbf203142 100644 --- a/certs/test-pathlen/chainH-assembled.pem +++ b/certs/test-pathlen/chainH-assembled.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: - d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: - 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: - fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: - 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: - 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: - d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: - 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: - e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: - 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: - d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: - cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: - c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: - 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: - 86:2f:da:d9 + Signature Algorithm: sha256WithRSAEncryption + bc:fc:a7:c3:c9:a4:57:9e:37:9d:f7:71:eb:5b:7c:a2:1a:0d: + 24:97:12:92:18:fd:0f:5e:5b:f9:27:c9:98:2c:9a:06:bd:77: + 85:63:3c:a4:ed:90:92:3a:79:41:82:c3:54:66:f6:c6:a0:d3: + ba:a3:19:93:d9:5f:54:90:fc:2b:37:d1:96:88:ba:be:e1:71: + 8c:a2:24:d7:ce:d8:7c:5e:87:9f:4f:f2:52:51:1c:82:5b:2c: + 8b:b4:5d:7e:d6:03:95:a0:e9:29:68:5e:76:18:2b:93:6f:a1: + 58:a6:f6:35:8b:37:b9:6b:82:5d:3a:8c:bc:a6:bd:18:ca:2f: + ea:0c:4d:36:7a:58:80:52:9c:b3:fa:a4:2b:0e:97:e6:0f:fc: + 41:62:6d:45:19:15:6d:3e:16:e5:bc:81:ce:c0:34:d3:b5:d4: + 0c:54:a5:62:a6:55:57:ad:e8:6f:94:58:cb:31:ff:0f:1c:13: + 63:82:91:1f:a3:68:f5:9f:9c:d9:dd:54:e0:d0:36:ea:ad:2a: + 9d:4e:66:be:c7:2f:1a:16:70:be:b4:1b:c5:2d:b2:1b:0c:87: + 64:10:4d:db:8b:79:5b:2e:10:a4:95:25:7b:be:b2:21:26:47: + e9:d2:74:c8:34:b1:e3:7b:73:8c:93:7a:82:ce:50:d4:46:34: + ab:11:71:c0 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,23 +77,23 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg -6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN -svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb -i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS -si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC -8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva -Cy5boaUAb4Yv2tk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBALz8p8PJ +pFeeN533cetbfKIaDSSXEpIY/Q9eW/knyZgsmga9d4VjPKTtkJI6eUGCw1Rm9sag +07qjGZPZX1SQ/Cs30ZaIur7hcYyiJNfO2Hxeh59P8lJRHIJbLIu0XX7WA5Wg6Slo +XnYYK5NvoVim9jWLN7lrgl06jLymvRjKL+oMTTZ6WIBSnLP6pCsOl+YP/EFibUUZ +FW0+FuW8gc7ANNO11AxUpWKmVVet6G+UWMsx/w8cE2OCkR+jaPWfnNndVODQNuqt +Kp1OZr7HLxoWcL60G8UtshsMh2QQTduLeVsuEKSVJXu+siEmR+nSdMg0seN7c4yT +eoLOUNRGNKsRccA= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -130,28 +130,28 @@ Certificate: CA:TRUE, pathlen:0 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - bf:22:d4:fb:ec:f5:70:8a:c3:02:6a:73:25:ac:1e:86:e1:cf: - d0:d5:83:72:77:5c:06:da:36:ab:fa:d9:db:44:30:3c:b8:57: - 19:a9:47:cf:f6:c7:0c:02:31:94:78:3d:f0:6d:8b:05:58:05: - 7b:77:24:dc:95:a5:0e:41:d6:d2:f5:4b:1c:b9:37:ab:ae:7a: - 57:1e:c2:6d:49:9f:61:42:b7:d9:e8:2f:c3:c9:40:07:ec:e3: - ef:5b:03:be:38:d4:9f:d8:0a:0b:ba:c2:52:94:ad:f9:f1:8e: - ce:be:00:89:81:57:ae:2b:77:cc:3d:66:e3:27:57:d4:76:78: - d7:da:a2:b1:c5:85:73:b7:b9:62:14:62:96:19:d1:85:7b:df: - 97:c0:97:c6:28:8e:e8:bc:05:92:43:be:27:b7:9a:81:9e:d3: - c4:ad:41:ea:81:59:49:c5:c5:ab:56:73:a8:9b:55:c3:43:93: - d5:02:e5:8f:05:52:97:f1:ce:ae:95:02:35:80:5d:e2:e9:0e: - 3e:ac:dc:3e:44:62:d4:e2:d9:30:e8:62:c5:86:85:eb:3d:3f: - e6:7c:f2:25:23:c8:d2:62:3f:60:19:7d:ec:64:84:e1:80:97: - 1a:cc:0c:9a:75:6c:2e:5c:5b:ea:0a:0c:aa:bf:42:a2:d9:9c: - cf:03:8c:6f + Signature Algorithm: sha256WithRSAEncryption + 5f:77:d6:d2:55:4e:25:be:4b:f4:9f:9d:a8:ff:92:ac:4d:19: + 1f:0b:50:5b:51:01:7f:b8:a2:56:0d:cd:0c:c8:66:7a:08:bf: + 1e:07:6a:a5:6d:ad:68:c4:bb:da:99:d7:f3:62:bb:b5:28:de: + 47:dc:e2:b0:e1:27:cd:14:4b:7d:1c:7d:1a:60:eb:37:6f:fc: + ff:4e:1f:9f:ce:52:da:b4:a7:f4:6c:92:b5:65:b5:8f:53:1b: + d8:bd:7d:f6:a8:7e:23:9f:7d:b6:09:18:f2:a3:17:55:aa:fe: + 57:87:3d:a9:18:52:76:6e:fe:7c:ed:2a:85:45:63:d3:4d:7b: + f2:5e:ff:0f:a7:ae:24:ef:5f:71:66:25:29:31:9e:4a:12:a0: + 56:5b:39:2c:79:64:d0:1a:fb:97:99:df:42:9c:23:b4:f1:1d: + be:fc:da:41:16:b1:a0:fc:3a:b8:6e:a7:cf:3c:21:ea:22:7c: + f6:d2:a1:25:96:1e:b9:2f:eb:bf:61:c2:ee:58:c6:a1:7e:d0: + 73:e3:fd:58:62:ca:44:95:2b:b1:a8:d0:f8:1a:0d:40:9a:fb: + b1:27:4b:fc:57:4c:32:b5:09:5e:6e:ac:1d:dc:bc:77:f5:1b: + 27:88:40:df:70:da:f7:28:32:ef:8f:2e:53:41:78:69:e9:3e: + 7b:64:da:e4 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -167,22 +167,22 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQC/ItT77PVwisMCanMlrB6G4c/Q1YNyd1wG -2jar+tnbRDA8uFcZqUfP9scMAjGUeD3wbYsFWAV7dyTclaUOQdbS9UscuTerrnpX -HsJtSZ9hQrfZ6C/DyUAH7OPvWwO+ONSf2AoLusJSlK358Y7OvgCJgVeuK3fMPWbj -J1fUdnjX2qKxxYVzt7liFGKWGdGFe9+XwJfGKI7ovAWSQ74nt5qBntPErUHqgVlJ -xcWrVnOom1XDQ5PVAuWPBVKX8c6ulQI1gF3i6Q4+rNw+RGLU4tkw6GLFhoXrPT/m -fPIlI8jSYj9gGX3sZIThgJcazAyadWwuXFvqCgyqv0Ki2ZzPA4xv +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBfd9bSVU4lvkv0n52o/5KsTRkfC1BbUQF/ +uKJWDc0MyGZ6CL8eB2qlba1oxLvamdfzYru1KN5H3OKw4SfNFEt9HH0aYOs3b/z/ +Th+fzlLatKf0bJK1ZbWPUxvYvX32qH4jn322CRjyoxdVqv5Xhz2pGFJ2bv587SqF +RWPTTXvyXv8Pp64k719xZiUpMZ5KEqBWWzkseWTQGvuXmd9CnCO08R2+/NpBFrGg +/Dq4bqfPPCHqInz20qEllh65L+u/YcLuWMahftBz4/1YYspElSuxqND4Gg1Amvux +J0v8V0wytQlebqwd3Lx39RsniEDfcNr3KDLvjy5TQXhp6T57ZNrk -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -219,28 +219,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 91:ae:28:e0:35:63:40:7b:39:7a:fd:da:cf:95:96:8d:b7:d1: - cf:79:31:b9:f2:4e:25:1d:aa:24:71:10:dc:fe:65:41:3e:38: - 4a:35:19:2f:06:ea:4b:73:54:b0:ee:e9:c8:38:b8:a6:a4:ad: - 3e:c7:ff:12:25:0f:8a:78:93:d6:61:9e:a7:df:f0:4c:a2:da: - cd:6e:a8:fc:03:01:30:90:de:2e:a4:cc:81:03:a8:b8:d5:3d: - d6:3b:44:00:7c:60:71:88:d0:86:c5:a1:5c:26:d0:79:75:37: - c8:c7:49:6b:01:90:8c:c2:6c:d1:1b:d3:69:b8:6c:07:66:eb: - f0:f6:64:f5:a8:63:a8:6a:3b:15:3b:84:31:6a:1f:a2:8f:94: - 55:54:33:d4:42:11:83:3f:9f:16:20:0c:68:be:96:2d:9b:d5: - 51:0c:7a:21:c0:77:21:80:55:fe:11:70:3f:b7:71:04:be:1c: - 05:70:03:54:fc:17:68:ca:64:da:ac:78:21:2a:c3:6b:15:0c: - e0:65:7f:93:78:99:2e:b5:37:01:58:ac:a2:7e:23:37:b3:81: - 98:32:29:d1:25:9f:e3:75:4e:46:8c:7d:fa:49:01:1e:c6:01: - 9e:0d:4b:f4:29:53:de:17:86:5a:ea:03:1a:f8:96:95:34:86: - ec:b2:af:6c + Signature Algorithm: sha256WithRSAEncryption + 16:6f:a3:cd:f6:de:87:1c:86:f8:b4:b8:e6:e0:dc:11:2f:f3: + bb:f1:57:34:ec:1a:59:8a:81:63:40:01:df:53:24:a7:50:b0: + 6d:3d:29:2a:41:e7:08:71:0f:37:4b:10:b5:95:ae:a0:81:ba: + ba:b5:3e:72:48:be:6b:9e:be:34:3b:0d:15:f8:8f:9d:24:68: + 01:0c:d4:4a:0d:86:d5:b3:71:b6:d6:8e:71:44:16:7e:e3:db: + ba:7d:0e:5f:b3:2f:e2:60:f9:ff:bc:91:a6:ae:3c:ba:30:e4: + f5:55:bf:1e:72:0b:cc:5e:b4:7e:1f:09:aa:b4:52:bd:8c:2c: + 37:d0:0d:82:b4:ec:ff:c1:cf:91:a2:43:24:b8:b4:c0:ac:f2: + 29:eb:84:1d:49:ef:a4:8f:65:b3:06:01:2f:23:cf:a6:27:42: + cd:99:17:b9:69:40:1d:df:99:f6:f8:c4:61:cc:4a:a1:f0:38: + ce:4e:c4:27:f6:8f:d2:ae:74:5f:39:93:66:77:55:b2:25:8d: + 7e:7f:7d:b4:2b:f1:ee:83:9e:7b:f5:31:3f:d7:27:53:e6:21: + bd:69:a5:ca:0e:d8:6e:54:67:56:bf:f3:ec:e8:e1:aa:a4:76: + fa:0d:42:d4:7d:26:bd:f5:e5:25:ee:81:c4:ed:59:eb:0a:54: + d3:c9:18:30 -----BEGIN CERTIFICATE----- -MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -256,22 +256,22 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD -AgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCRrijgNWNAezl6/drPlZaNt9HPeTG58k4l -HaokcRDc/mVBPjhKNRkvBupLc1Sw7unIOLimpK0+x/8SJQ+KeJPWYZ6n3/BMotrN -bqj8AwEwkN4upMyBA6i41T3WO0QAfGBxiNCGxaFcJtB5dTfIx0lrAZCMwmzRG9Np -uGwHZuvw9mT1qGOoajsVO4Qxah+ij5RVVDPUQhGDP58WIAxovpYtm9VRDHohwHch -gFX+EXA/t3EEvhwFcANU/BdoymTarHghKsNrFQzgZX+TeJkutTcBWKyifiM3s4GY -MinRJZ/jdU5GjH36SQEexgGeDUv0KVPeF4Za6gMa+JaVNIbssq9s +AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAWb6PN9t6HHIb4tLjm4NwRL/O78Vc07BpZ +ioFjQAHfUySnULBtPSkqQecIcQ83SxC1la6ggbq6tT5ySL5rnr40Ow0V+I+dJGgB +DNRKDYbVs3G21o5xRBZ+49u6fQ5fsy/iYPn/vJGmrjy6MOT1Vb8ecgvMXrR+Hwmq +tFK9jCw30A2CtOz/wc+RokMkuLTArPIp64QdSe+kj2WzBgEvI8+mJ0LNmRe5aUAd +35n2+MRhzEqh8DjOTsQn9o/SrnRfOZNmd1WyJY1+f320K/Hug5579TE/1ydT5iG9 +aaXKDthuVGdWv/Ps6OGqpHb6DULUfSa99eUl7oHE7VnrClTTyRgw -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -308,28 +308,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 6c:c3:93:16:3e:f6:9f:09:c0:5d:cc:47:8d:db:b8:9b:8e:3d: - 99:0d:37:d2:a1:bc:67:0d:21:a1:d4:6e:4b:35:14:ec:91:56: - eb:6c:c2:e7:67:1c:0a:78:d7:d8:c8:0c:a3:7b:be:13:de:22: - 62:46:e4:50:89:cd:22:d3:18:2b:d8:2a:46:99:47:91:2f:4b: - 41:2d:42:3b:68:fb:1a:9c:3d:04:53:2d:c1:57:09:5b:99:13: - 1b:e6:99:83:4d:07:f7:3a:d6:45:8c:28:e5:bb:35:21:92:77: - 5c:d9:36:99:4b:3c:86:c7:59:31:08:8c:a9:7a:01:0d:89:06: - 62:c1:f5:95:09:c6:2a:a0:1b:01:28:b4:80:71:fd:84:b3:3c: - 6e:15:08:b7:2e:00:30:d0:b6:e8:6c:a0:5d:ad:7d:9b:52:ac: - fd:f0:52:7d:f1:34:f9:f0:45:66:83:15:41:61:fd:3e:44:f1: - df:b3:50:92:be:2e:f9:cc:a7:46:b2:e6:5f:a0:31:db:34:df: - e7:a4:87:34:3f:9d:c3:58:86:22:06:56:98:56:98:cc:9b:1f: - 84:cf:a9:f9:50:c0:68:c1:c7:f8:a3:5a:5d:bd:0a:03:9f:46: - 8f:0e:94:2b:e3:0b:35:aa:b8:02:ba:9f:b9:d6:79:1c:1b:68: - 7e:4b:ec:a0 + Signature Algorithm: sha256WithRSAEncryption + 2a:35:ca:d5:dd:97:31:4d:29:21:90:67:ba:68:ef:2a:56:b0: + 08:0a:c5:a2:cc:30:11:71:59:1b:59:2b:ca:c4:cc:22:52:d7: + f3:a7:d2:14:c5:fc:e4:c5:6f:9d:45:ce:7f:d0:dd:ec:5f:6b: + c3:d1:78:7a:29:bb:73:98:b6:15:9b:41:37:7a:50:b3:04:1d: + 72:90:9b:e9:f2:4b:68:f3:60:e9:bb:34:6e:2a:6c:6c:50:a6: + 38:ac:61:bc:ca:25:23:f5:f5:70:3a:8a:33:94:cf:97:1c:5c: + a3:76:b0:7b:88:35:8a:6e:18:44:01:e6:80:23:e9:14:ea:66: + 56:34:9a:0b:ca:1a:37:c8:e7:00:03:39:7d:73:e5:13:cb:be: + 9e:df:c6:87:c3:24:a7:7f:39:1d:cc:ca:1f:e7:14:38:fe:3d: + 06:7a:2f:95:f3:9a:79:49:e9:9c:f3:72:e5:b4:b5:fb:87:13: + 83:4f:9f:76:2f:41:8f:a4:55:1d:e4:74:2f:0a:0f:cd:ee:a8: + 50:06:1e:a7:9e:25:9f:f3:9d:b2:c1:44:de:c5:44:3e:42:64: + e1:75:16:33:56:a7:93:68:bb:fa:96:46:33:de:58:c1:81:42: + ca:1c:28:4f:09:71:db:60:e1:88:ac:d6:0d:37:3a:63:8d:50: + b7:35:2d:e5 -----BEGIN CERTIFICATE----- -MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgaExCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgwOVoXDTIyMDcwNzAwMjgwOVowgaExCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm @@ -345,22 +345,22 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN -AQEFBQADggEBAGzDkxY+9p8JwF3MR43buJuOPZkNN9KhvGcNIaHUbks1FOyRVuts -wudnHAp419jIDKN7vhPeImJG5FCJzSLTGCvYKkaZR5EvS0EtQjto+xqcPQRTLcFX -CVuZExvmmYNNB/c61kWMKOW7NSGSd1zZNplLPIbHWTEIjKl6AQ2JBmLB9ZUJxiqg -GwEotIBx/YSzPG4VCLcuADDQtuhsoF2tfZtSrP3wUn3xNPnwRWaDFUFh/T5E8d+z -UJK+LvnMp0ay5l+gMds03+ekhzQ/ncNYhiIGVphWmMybH4TPqflQwGjBx/ijWl29 -CgOfRo8OlCvjCzWquAK6n7nWeRwbaH5L7KA= +AQELBQADggEBACo1ytXdlzFNKSGQZ7po7ypWsAgKxaLMMBFxWRtZK8rEzCJS1/On +0hTF/OTFb51Fzn/Q3exfa8PReHopu3OYthWbQTd6ULMEHXKQm+nyS2jzYOm7NG4q +bGxQpjisYbzKJSP19XA6ijOUz5ccXKN2sHuINYpuGEQB5oAj6RTqZlY0mgvKGjfI +5wADOX1z5RPLvp7fxofDJKd/OR3Myh/nFDj+PQZ6L5XzmnlJ6ZzzcuW0tfuHE4NP +n3YvQY+kVR3kdC8KD83uqFAGHqeeJZ/znbLBRN7FRD5CZOF1FjNWp5Nou/qWRjPe +WMGBQsocKE8Jcdtg4Yis1g03OmONULc1LeU= -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: 100 (0x64) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:09 2019 GMT + Not After : Jul 7 00:28:09 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -397,28 +397,28 @@ Certificate: CA:TRUE, pathlen:2 X509v3 Key Usage: Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - 3d:63:76:f3:81:94:77:9f:6b:19:c9:f3:7f:aa:cc:c3:24:a2: - 50:24:3e:d8:8c:97:34:03:f3:ed:4a:d9:66:71:fa:d4:33:cc: - fa:48:b4:24:1e:70:2d:5a:ec:7d:5d:51:e9:9e:5c:5a:c2:77: - be:64:6a:31:d0:b5:f3:a9:d3:4f:d6:fd:43:5f:3f:b2:5e:33: - 41:b1:df:d9:31:fb:22:45:33:8a:43:ec:40:b9:86:26:eb:91: - 0f:b1:fe:0b:65:26:1f:5a:7e:e7:40:1f:8e:aa:c4:23:46:fa: - 49:32:f9:bb:2a:e3:c0:c3:38:c8:f7:99:38:f9:dc:92:7f:8d: - 07:fe:ec:75:62:dc:33:62:28:f8:52:36:0c:31:54:15:0a:76: - 5d:57:f1:35:50:a8:6a:c9:95:dd:36:81:a6:5a:e8:ac:44:bc: - c1:dd:d7:35:89:ad:eb:6f:69:6e:e5:d7:91:ee:0d:fb:14:50: - 2a:fd:2a:d8:f1:9c:65:ce:04:65:09:2d:8a:93:f3:3e:ae:73: - 07:50:43:51:fb:9c:7a:95:51:43:8e:4b:e3:09:72:d5:13:4c: - b4:e3:31:c9:d7:bf:2e:e3:3d:12:e2:e3:e0:1c:6a:98:b5:f9: - e2:9f:15:b3:8c:53:71:ed:81:0e:fb:8c:4c:f9:56:08:38:01: - 0f:90:4c:f8 + Signature Algorithm: sha256WithRSAEncryption + 61:c0:d8:c4:02:cd:b4:54:d3:44:e9:06:78:0b:a2:16:b5:4a: + b6:b5:09:f1:d1:fc:9f:be:e5:12:0b:6c:61:8d:66:3f:ce:8f: + 95:98:24:ea:d2:99:3a:4f:89:e3:2d:a9:f7:69:cb:05:9e:90: + af:5a:f1:93:ac:ee:fe:78:f8:e3:22:fa:69:7f:e4:71:1d:c9: + 1e:ac:61:81:8d:93:33:bc:b2:e4:67:75:97:9d:af:0a:db:ab: + 24:3f:8d:1d:16:c6:05:c6:89:a7:5f:cf:2d:73:39:de:8f:40: + 94:4b:7a:a4:ea:35:1e:70:ce:3a:f5:75:76:e5:ab:e4:8a:9a: + a4:a1:ec:49:59:3d:b7:23:fa:3c:af:dd:09:d7:aa:47:60:11: + 07:07:f4:8b:a1:40:b2:d9:bb:0f:88:b8:d1:a5:e2:88:22:76: + 8b:45:d6:96:2c:45:11:98:04:85:22:99:1f:49:a7:30:b0:b0: + 74:c3:ea:1a:a6:53:ed:c9:48:40:1a:d8:02:a8:fb:35:3a:f7: + 69:42:b2:75:dd:98:41:30:a9:e3:b1:ec:c6:66:f1:61:16:5b: + f6:e3:bc:31:8e:46:66:fa:39:34:66:cc:95:1d:69:15:12:41: + 16:ce:e6:a6:d4:4c:eb:f4:99:b4:6d:66:99:76:ae:5a:e8:24: + 92:a7:ef:45 -----BEGIN CERTIFICATE----- -MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEw -MjEzMjQzWhcNMjIwNzA2MjEzMjQzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MDAyODA5WhcNMjIwNzA3MDAyODA5WjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN @@ -433,11 +433,11 @@ gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q -3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUA -A4IBAQA9Y3bzgZR3n2sZyfN/qszDJKJQJD7YjJc0A/PtStlmcfrUM8z6SLQkHnAt -Wux9XVHpnlxawne+ZGox0LXzqdNP1v1DXz+yXjNBsd/ZMfsiRTOKQ+xAuYYm65EP -sf4LZSYfWn7nQB+OqsQjRvpJMvm7KuPAwzjI95k4+dySf40H/ux1YtwzYij4UjYM -MVQVCnZdV/E1UKhqyZXdNoGmWuisRLzB3dc1ia3rb2lu5deR7g37FFAq/SrY8Zxl -zgRlCS2Kk/M+rnMHUENR+5x6lVFDjkvjCXLVE0y04zHJ178u4z0S4uPgHGqYtfni -nxWzjFNx7YEO+4xM+VYIOAEPkEz4 +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBhwNjEAs20VNNE6QZ4C6IWtUq2tQnx0fyfvuUSC2xhjWY/zo+VmCTq0pk6 +T4njLan3acsFnpCvWvGTrO7+ePjjIvppf+RxHckerGGBjZMzvLLkZ3WXna8K26sk +P40dFsYFxomnX88tcznej0CUS3qk6jUecM469XV25avkipqkoexJWT23I/o8r90J +16pHYBEHB/SLoUCy2bsPiLjRpeKIInaLRdaWLEURmASFIpkfSacwsLB0w+oaplPt +yUhAGtgCqPs1OvdpQrJ13ZhBMKnjsezGZvFhFlv247wxjkZm+jk0ZsyVHWkVEkEW +zuam1Ezr9Jm0bWaZdq5a6CSSp+9F -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainH-entity.pem b/certs/test-pathlen/chainH-entity.pem index 54339c4ab..b125341e5 100644 --- a/certs/test-pathlen/chainH-entity.pem +++ b/certs/test-pathlen/chainH-entity.pem @@ -2,11 +2,11 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) - Signature Algorithm: sha1WithRSAEncryption + Signature Algorithm: sha256WithRSAEncryption Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com Validity - Not Before: Oct 10 21:32:43 2019 GMT - Not After : Jul 6 21:32:43 2022 GMT + Not Before: Oct 11 00:28:10 2019 GMT + Not After : Jul 7 00:28:10 2022 GMT Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption @@ -41,28 +41,28 @@ Certificate: X509v3 Basic Constraints: CA:FALSE - Signature Algorithm: sha1WithRSAEncryption - 31:c8:96:b3:a0:e8:ea:ea:f5:92:e1:5c:3c:8c:52:49:fa:91: - d1:e0:c2:bf:6c:1c:3a:e0:b7:44:c4:a8:c9:c9:ab:59:f7:56: - 8c:ab:d1:84:4b:86:7b:9d:11:ca:6a:45:a3:2b:b4:1b:0d:b2: - fb:c2:b2:3f:22:67:58:2c:36:50:67:9f:5a:69:07:b5:3d:54: - 5e:1c:34:eb:ba:f1:b9:ad:da:ed:f3:7a:49:6e:3d:c7:df:cb: - 98:31:ea:f4:9e:aa:da:6e:c5:29:1b:8b:ab:91:4a:b3:be:16: - d1:99:da:e1:f9:92:46:59:2e:fa:c9:cf:68:eb:80:a1:de:d4: - 0f:81:cc:c9:a8:25:1f:09:95:81:94:06:9c:b8:dc:f6:95:0c: - e6:d6:32:87:92:b2:2d:9a:5b:f2:00:6d:91:4f:81:76:04:18: - 19:36:03:f6:5b:ec:ba:d1:49:14:48:8f:b7:b1:13:d8:50:41: - d3:f9:f8:01:f9:56:7e:eb:f1:44:eb:42:e9:ad:4f:05:82:f1: - cf:2e:b9:44:62:3e:ea:54:cd:56:94:f0:9c:c1:06:c2:ff:02: - c9:60:23:b3:c6:ea:98:33:61:d7:9a:f4:79:1b:9a:a4:b9:c1: - 50:f4:7f:bc:24:88:a0:f8:12:4b:da:0b:2e:5b:a1:a5:00:6f: - 86:2f:da:d9 + Signature Algorithm: sha256WithRSAEncryption + bc:fc:a7:c3:c9:a4:57:9e:37:9d:f7:71:eb:5b:7c:a2:1a:0d: + 24:97:12:92:18:fd:0f:5e:5b:f9:27:c9:98:2c:9a:06:bd:77: + 85:63:3c:a4:ed:90:92:3a:79:41:82:c3:54:66:f6:c6:a0:d3: + ba:a3:19:93:d9:5f:54:90:fc:2b:37:d1:96:88:ba:be:e1:71: + 8c:a2:24:d7:ce:d8:7c:5e:87:9f:4f:f2:52:51:1c:82:5b:2c: + 8b:b4:5d:7e:d6:03:95:a0:e9:29:68:5e:76:18:2b:93:6f:a1: + 58:a6:f6:35:8b:37:b9:6b:82:5d:3a:8c:bc:a6:bd:18:ca:2f: + ea:0c:4d:36:7a:58:80:52:9c:b3:fa:a4:2b:0e:97:e6:0f:fc: + 41:62:6d:45:19:15:6d:3e:16:e5:bc:81:ce:c0:34:d3:b5:d4: + 0c:54:a5:62:a6:55:57:ad:e8:6f:94:58:cb:31:ff:0f:1c:13: + 63:82:91:1f:a3:68:f5:9f:9c:d9:dd:54:e0:d0:36:ea:ad:2a: + 9d:4e:66:be:c7:2f:1a:16:70:be:b4:1b:c5:2d:b2:1b:0c:87: + 64:10:4d:db:8b:79:5b:2e:10:a4:95:25:7b:be:b2:21:26:47: + e9:d2:74:c8:34:b1:e3:7b:73:8c:93:7a:82:ce:50:d4:46:34: + ab:11:71:c0 -----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMCVVMx +MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu -Y29tMB4XDTE5MTAxMDIxMzI0M1oXDTIyMDcwNjIxMzI0M1owgZoxCzAJBgNVBAYT +Y29tMB4XDTE5MTAxMTAwMjgxMFoXDTIyMDcwNzAwMjgxMFowgZoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t @@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv -bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBADHIlrOg -6Orq9ZLhXDyMUkn6kdHgwr9sHDrgt0TEqMnJq1n3Voyr0YRLhnudEcpqRaMrtBsN -svvCsj8iZ1gsNlBnn1ppB7U9VF4cNOu68bmt2u3zekluPcffy5gx6vSeqtpuxSkb -i6uRSrO+FtGZ2uH5kkZZLvrJz2jrgKHe1A+BzMmoJR8JlYGUBpy43PaVDObWMoeS -si2aW/IAbZFPgXYEGBk2A/Zb7LrRSRRIj7exE9hQQdP5+AH5Vn7r8UTrQumtTwWC -8c8uuURiPupUzVaU8JzBBsL/AslgI7PG6pgzYdea9HkbmqS5wVD0f7wkiKD4Ekva -Cy5boaUAb4Yv2tk= +bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBALz8p8PJ +pFeeN533cetbfKIaDSSXEpIY/Q9eW/knyZgsmga9d4VjPKTtkJI6eUGCw1Rm9sag +07qjGZPZX1SQ/Cs30ZaIur7hcYyiJNfO2Hxeh59P8lJRHIJbLIu0XX7WA5Wg6Slo +XnYYK5NvoVim9jWLN7lrgl06jLymvRjKL+oMTTZ6WIBSnLP6pCsOl+YP/EFibUUZ +FW0+FuW8gc7ANNO11AxUpWKmVVet6G+UWMsx/w8cE2OCkR+jaPWfnNndVODQNuqt +Kp1OZr7HLxoWcL60G8UtshsMh2QQTduLeVsuEKSVJXu+siEmR+nSdMg0seN7c4yT +eoLOUNRGNKsRccA= -----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA1-key.pem b/certs/test-pathlen/chainI-ICA1-key.pem new file mode 100644 index 000000000..6b05b9f49 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEAu7oGrRPP2vvRy2X+JlhJagEUpniyLB26utC9JzhmfKAbKAg8 +av34h75Jou048kywi5P/0sU/zQPFFHnodmN6qqdUHg4nvRu+6D8rVUDwWSPYP+gF +Ggtx8P0k2fkLmSXar5Y07uGRy/yPoEGPnOFPV1+21lVpb8NkwxGpaUCF3/OaWbXu +kMAi7nIoLtPaZSc7ukLAnnO6ovJFE3rFHTClt9t1XW/MCHeAZ40YKsoCjY7TnCr6 +t48bfe9id6T6tthaPmacPhNFqM9h+/9BRRQh4mOsgU1liePVcSABGXbspBam7zy8 +8qJWKwcxZw3ll4jo28tNmMuZ5uC9YkgrsQQSBwIDAQABAoIBAQCiKVvC/q46l/Tu +IricHv+r1iskcnZWrYe0AMSksI+3cAaFWjf2pFSfzbyGRS1AAQcwSzRduY4XZv5D +ZdttCRnZeJmtLMUfEmyi6o5gIqx8E/6llaNykBho+ANxVzSxooV5z+MBx1DOSOk4 +oemQtwB2lXO3Sii+JqdP6l3RUa9Td/khmGLGCo0/8Htlw5a+lWYRzkGK4DbTxFxM +V6Nk58ZjWv/rM4rsRlStfvhNlKKP74tTromI37/Znx3QH1FugZ5u3fd1LDCLsxLU +d684plIKNZE6QiG7zQ+viyviFEvJ6PPo3Tc/x8bAQ/SS23e9obRzqqU4nRbXfSrU +rnHNrWlBAoGBAPlzL3Od/5/3GKvx7EJGU1v46kIxJwog8zGHvTSloz5b18+UVHBo +3YuyfDlq7OL61H+2+wE05o9uo/FrZi7VS2XK/Qofv39hAVxlz/BiigEcggSzLXs9 +k9QFqXBvJ/TylmVU25GPisF2mP2tKKbL6P98J6jGKo2cEF24tM1gLq6fAoGBAMCn +7xBKSsed/J/TM+fFM2TeZMKvo3fbLJFFy1k95DYgsoIIncyaJrZy9KmomSp6SAhh +lqeqKCeqOTF9asLrUotbbQPcJQucyLqKnX3Zq2E338JALDJxSjg97DG3KxKLS7PI +3Fk3uK35PkPUctOjC/Ep0DVwosAxePrZcuzilyuZAoGBAJ5rdaZSoGZiEgwZHzdT +3FrbsUKKXsXC+U/qadIGo67VuzA8fofJQXIXz2bTrk/UhqH5fl1c0FQlKv8GeyWh +Fjo2eQ817HMkEy4wBqgenJBqH3SGqorLJ5gOZHZgUZrxeWwvQSanZ7LH9A+fKeMM +OxQOME2yVJIMnCQ5SrHntJ33AoGBAKWQbImCXwt3gT/U4JmAxm8cFFmfWYtKRt29 +rkjOQI4nwWCwiPPpUfWfixU2eBKiLb9OJouGVqXnyuj2EEbctv5eHqyfhxKYtYRi +VYBvDLIqs1gbkB/1bkQxKwd6k0CHhxJFPuBJW6PfO5xNOjUYvM2PEoiqeKNUoNRr +BTIAdMuZAoGBAMlyqDi5jbcZ53PE9PrwSepUOaOVIKlCAUwQlol+aAtlGGQksYM0 +HPoYXZsx+XzHBtXed5E+OvOY6zxfgtkal03RrleUQo7rJArL3cxOunPODzjemEJq +qysAp0Dnk+PenIabUfv9McAFQ9Sr8WG4K6xZTgedeTU194ZQw2BJeq8E +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA1-no_pathlen.pem b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem new file mode 100644 index 000000000..0013267db --- /dev/null +++ b/certs/test-pathlen/chainI-ICA1-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: + 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: + 66:7c:a0:1b:28:08:3c:6a:fd:f8:87:be:49:a2:ed: + 38:f2:4c:b0:8b:93:ff:d2:c5:3f:cd:03:c5:14:79: + e8:76:63:7a:aa:a7:54:1e:0e:27:bd:1b:be:e8:3f: + 2b:55:40:f0:59:23:d8:3f:e8:05:1a:0b:71:f0:fd: + 24:d9:f9:0b:99:25:da:af:96:34:ee:e1:91:cb:fc: + 8f:a0:41:8f:9c:e1:4f:57:5f:b6:d6:55:69:6f:c3: + 64:c3:11:a9:69:40:85:df:f3:9a:59:b5:ee:90:c0: + 22:ee:72:28:2e:d3:da:65:27:3b:ba:42:c0:9e:73: + ba:a2:f2:45:13:7a:c5:1d:30:a5:b7:db:75:5d:6f: + cc:08:77:80:67:8d:18:2a:ca:02:8d:8e:d3:9c:2a: + fa:b7:8f:1b:7d:ef:62:77:a4:fa:b6:d8:5a:3e:66: + 9c:3e:13:45:a8:cf:61:fb:ff:41:45:14:21:e2:63: + ac:81:4d:65:89:e3:d5:71:20:01:19:76:ec:a4:16: + a6:ef:3c:bc:f2:a2:56:2b:07:31:67:0d:e5:97:88: + e8:db:cb:4d:98:cb:99:e6:e0:bd:62:48:2b:b1:04: + 12:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + X509v3 Authority Key Identifier: + keyid:D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + b3:b8:b9:c2:44:3a:36:0a:cf:fd:da:80:8c:81:54:c1:cd:a6: + 52:a8:60:b1:f8:fd:62:01:fc:d9:85:89:15:9a:df:45:f0:68: + 3e:bb:fe:f3:94:dc:1c:69:3c:7c:47:df:04:0c:7b:2f:4f:3f: + 56:58:9a:fa:1a:4c:16:21:cf:f2:21:a5:f9:d9:49:1b:69:b4: + 4d:df:d0:c2:d7:2c:fa:0f:23:d6:45:61:12:cd:2a:5a:06:db: + 22:6f:99:7a:a0:fc:17:ba:05:bc:02:79:db:f8:cd:ec:a0:98: + 7c:7f:6b:d6:ca:5c:cd:07:89:b6:0d:3e:0b:d3:d7:7f:7c:6b: + 73:7b:b9:28:69:d2:5f:27:1c:13:60:a0:50:23:16:00:d1:cb: + 7a:1d:62:7c:a1:c2:63:1d:c9:0b:0f:d7:5c:91:af:7a:5b:93: + 7e:e5:12:36:f0:3b:fa:59:7b:a8:88:f7:bf:11:19:4b:6a:81: + 61:77:54:61:a3:73:b6:54:64:92:49:22:c9:6a:19:73:33:6d: + 01:4c:5a:9c:0a:fa:ce:a1:34:50:b1:54:de:0b:7b:ce:fe:e0: + 00:fa:8e:7f:48:36:58:ed:98:42:ce:8d:a4:a0:67:c9:88:1c: + 7f:58:df:fb:62:0f:ee:4b:7d:5a:c7:52:2f:9f:2d:13:13:0b: + 72:bd:a0:2e +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ugat +E8/a+9HLZf4mWElqARSmeLIsHbq60L0nOGZ8oBsoCDxq/fiHvkmi7TjyTLCLk//S +xT/NA8UUeeh2Y3qqp1QeDie9G77oPytVQPBZI9g/6AUaC3Hw/STZ+QuZJdqvljTu +4ZHL/I+gQY+c4U9XX7bWVWlvw2TDEalpQIXf85pZte6QwCLucigu09plJzu6QsCe +c7qi8kUTesUdMKW323Vdb8wId4BnjRgqygKNjtOcKvq3jxt972J3pPq22Fo+Zpw+ +E0Woz2H7/0FFFCHiY6yBTWWJ49VxIAEZduykFqbvPLzyolYrBzFnDeWXiOjby02Y +y5nm4L1iSCuxBBIHAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUnlS2leqJB6bJ5ILo +0DRkXQjNVqAwgc4GA1UdIwSBxjCBw4AU0br7/x0pQYpqX7Lzp0EFRwkfSEKhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAs7i5wkQ6NgrP/dqAjIFUwc2mUqhgsfj9 +YgH82YWJFZrfRfBoPrv+85TcHGk8fEffBAx7L08/Vlia+hpMFiHP8iGl+dlJG2m0 +Td/Qwtcs+g8j1kVhEs0qWgbbIm+ZeqD8F7oFvAJ52/jN7KCYfH9r1spczQeJtg0+ +C9PXf3xrc3u5KGnSXyccE2CgUCMWANHLeh1ifKHCYx3JCw/XXJGveluTfuUSNvA7 ++ll7qIj3vxEZS2qBYXdUYaNztlRkkkkiyWoZczNtAUxanAr6zqE0ULFU3gt7zv7g +APqOf0g2WO2YQs6NpKBnyYgcf1jf+2IP7kt9WsdSL58tExMLcr2gLg== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA2-key.pem b/certs/test-pathlen/chainI-ICA2-key.pem new file mode 100644 index 000000000..1e7788141 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEoQIBAAKCAQEA3h4IZhL+IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1z +KxbpBelMG4KtR50zMFO1m9It6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIH +ItV7Zxg4xPzqjQmAoLBEM/3BqoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dC +UqCssjg4jROW2db6j8SJFAacHwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqa +YLwU7c9NQvxcKOpC0a7McX5SXYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdb +VDgJLPBdhgw0t5IzXD4ZsU2gYpu0aDY2OOwpswIDAQABAoH/VQcqL+kVXy1U/T6z +tKWqcOcsvdUKLKupl9lop+5IDVGndXIQpG4gxiKI//8GVmPXNKjW3M+Yw8ikSZ7h +j2jUJ2MKRHWNGBgRysmTiCtde4iAKo0cLjmLA+xBzycCovsAQoM3mK+Lc73+NIjq +y+fHcPoXup+OkPeH9fktQ/w5kyonK0Qz7nyb6P9FjFG/f3+WbTaA1FgchELqX00g +bA6nMHEnhm9MoKKsVZbZKG9gIUCtejrd+YaOBHHWVG47QQI+iFCDrSk2dn8CJq8j +8w1VD2QkBSWeW1K5QTbQyOwShYKfmpPthy2LAAfC5TNSpeEBRf2uwzi9Vzqa89cX +UPMBAoGBAPQWwv283d72JaGOEQ+AL32Q5KEydtrzMLzBSHRrb2NhEvq4tev6/Ihl +jklZ+KuPkxtV/dI0bz/x7JikbQvT3a76zqwv2LbpYJdz8CLqh52dOAhfdkYOCapP +2FnlHcwWt35kXC11Srb1jnJ40VNxDq3DNYNgGQohrEjVCMNfrb7BAoGBAOj0y3Wz +TnPhrDzBYmh6+D5/ZVBCnPhkWMV4yYimidAWE0TB7DvEKqQ7gbHmpiOzaWefoRs6 +8qHu02l0EHW6TJUJqSWBMFiEkwnZStEKAw2LCqjLW/xFH/7Yw6Hkpb7Fp9kumh3r +tkdNZSdT3ETvyFjKrUX7QFYXOLQ+bAdWhrlzAoGAPnZwscQaNwtgd+ZGIWRZQtXI +XCPw3HjtWPBRXVF88L6Pv89y5o+U/kaW0diPVT/pkk5AJQG8Em4TcMBrE2LFURjn +uJKJ78zrJfbKVfUUfVYVV7cuKiE/gfDq2Z5TML4DePmvyQZB924BZPPcBXFiIz9Y +O2VlIv2Y/A5gLrcWXEECgYBTReZRDaaWr+4EzdAirwp8NMf/l8BK3nwJIvNPwNB0 +rN94baXHe4kOqiLjeCKdkm20WBCcDkdbcWbrREz5+H2VrR1kxbiFe+af16fx75VF +yxUlX4RjOkaEr/HGtlg1SKyGay02UuMWu+jT1RthHSHN861a3cSSwbxIWiP9v4Vr +VwKBgQDkjIEnH1yzKsAIdxa4Nb3OG3vBIplB3d/PaRzCXNfcrwIj58KcEDKGOSlj +LKcH42K2wJrpyRH+n87NH5Nt73fRLEQ7IBkb4gA918BPMp6Q5OU99CBld5WO3/F0 +LWDySahHuH4ymEeM45Y+1lZQjc4cQb9/Sbzi1fZsvTQRen3yWw== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA2-no_pathlen.pem b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem new file mode 100644 index 000000000..4e39c84b6 --- /dev/null +++ b/certs/test-pathlen/chainI-ICA2-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: + 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: + 97:77:1e:94:51:3d:73:2b:16:e9:05:e9:4c:1b:82: + ad:47:9d:33:30:53:b5:9b:d2:2d:e9:7b:d6:63:f3: + 61:20:1b:23:6e:47:09:8b:c0:d5:09:85:a6:e2:e4: + 3a:4d:b3:f9:dd:c6:7c:9a:42:07:22:d5:7b:67:18: + 38:c4:fc:ea:8d:09:80:a0:b0:44:33:fd:c1:aa:8b: + 9c:98:e3:95:c3:74:71:3b:71:b8:b3:80:bf:30:63: + 85:09:27:8b:12:b5:86:b0:0b:99:ff:97:42:52:a0: + ac:b2:38:38:8d:13:96:d9:d6:fa:8f:c4:89:14:06: + 9c:1f:0a:a3:3a:a2:f7:1f:83:d8:ae:41:44:9e:21: + b2:5b:b7:a2:19:e9:46:58:de:e5:a2:ab:07:7a:9a: + 9a:60:bc:14:ed:cf:4d:42:fc:5c:28:ea:42:d1:ae: + cc:71:7e:52:5d:84:88:de:b6:7d:72:6e:ab:73:4b: + 0d:ab:92:9f:11:b4:51:da:14:54:9a:0e:ec:ac:42: + fc:71:87:5b:54:38:09:2c:f0:5d:86:0c:34:b7:92: + 33:5c:3e:19:b1:4d:a0:62:9b:b4:68:36:36:38:ec: + 29:b3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + X509v3 Authority Key Identifier: + keyid:EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 8f:9b:f7:bd:1a:90:58:f0:ab:0f:1d:45:b2:29:10:66:2d:cc: + 96:d6:3c:f4:3c:a8:49:e2:cf:db:17:16:8c:e8:76:de:79:c9: + 42:10:a7:ad:b7:c3:c2:82:93:6b:19:3e:56:af:be:c8:d7:dd: + ee:87:1d:5f:1d:ad:6a:02:8d:14:22:9f:54:58:d7:d8:16:79: + 64:4d:eb:55:88:74:74:f6:59:2c:40:9f:d0:f4:a8:36:ea:c9: + 4f:9c:2b:3a:72:5f:20:2d:25:b3:b2:fb:c1:03:11:ab:57:57: + d0:55:13:b9:f5:10:09:9e:56:a2:0d:95:3c:16:3e:59:f3:71: + 60:50:06:53:45:ff:0f:e2:f8:61:5b:d2:fc:0a:65:59:dc:ee: + 6f:c6:26:c4:7d:27:69:4d:76:55:2f:07:01:3f:30:ea:17:3d: + bb:8a:f0:df:ae:c8:47:70:0e:b4:28:c9:e9:7b:8c:8a:22:a0: + ea:32:9b:f8:1e:35:a4:f0:a5:09:81:dc:9a:a4:d1:63:34:9e: + 3c:32:2f:f3:b1:f0:43:3b:f1:31:9b:8b:99:bf:c2:b4:eb:78: + 39:a3:e7:d8:2c:e6:6c:f2:8b:2f:21:83:c3:28:1b:77:f3:75: + 9b:79:f7:f0:73:a0:a2:47:af:93:32:0b:d2:88:04:14:3a:cd: + 48:7f:58:32 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h4IZhL+ +IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1zKxbpBelMG4KtR50zMFO1m9It +6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIHItV7Zxg4xPzqjQmAoLBEM/3B +qoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dCUqCssjg4jROW2db6j8SJFAac +HwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqaYLwU7c9NQvxcKOpC0a7McX5S +XYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdbVDgJLPBdhgw0t5IzXD4ZsU2g +Ypu0aDY2OOwpswIDAQABo4IBATCB/jAdBgNVHQ4EFgQU0br7/x0pQYpqX7Lzp0EF +RwkfSEIwgcEGA1UdIwSBuTCBtoAU7jem8kDQ7/0ix6O0bFdHQLmZ+Y2hgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCPm/e9GpBY8KsPHUWyKRBmLcyW1jz0PKhJ4s/bFxaM6HbeeclCEKet +t8PCgpNrGT5Wr77I193uhx1fHa1qAo0UIp9UWNfYFnlkTetViHR09lksQJ/Q9Kg2 +6slPnCs6cl8gLSWzsvvBAxGrV1fQVRO59RAJnlaiDZU8Fj5Z83FgUAZTRf8P4vhh +W9L8CmVZ3O5vxibEfSdpTXZVLwcBPzDqFz27ivDfrshHcA60KMnpe4yKIqDqMpv4 +HjWk8KUJgdyapNFjNJ48Mi/zsfBDO/Exm4uZv8K063g5o+fYLOZs8osvIYPDKBt3 +83Wbeffwc6CiR6+TMgvSiAQUOs1If1gy +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-ICA3-key.pem b/certs/test-pathlen/chainI-ICA3-key.pem new file mode 100644 index 000000000..47df99a7f --- /dev/null +++ b/certs/test-pathlen/chainI-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO03F/Ikp3yB8BeBNPldBn8 +z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sHdTmJcCqcAOAubHx0Jxg0 +/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk5kkGYqQjCGBol4mpssCU +jk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbtRsZw+zShKByCscKrpsHw +Ext9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6Ei6dDcmw70DRpAJeUuj7 +1JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQABAoIBAFDLI9VC/UFYgX0c +b18rWGP97fDpOsINIKNtsuHDdXkYluK9IyzBmMa0h9hq3rkDaGytPsEse8M6pKfV +aFFWxgiUEXiiubqoaadQiOu5Z6MdUrRy4YrH24iBIpXgh3JCdJ/ynFBPpWV2cafd +4vt4Oxq6R3XBRZfbH3nUE6lw327Wqox7I/t4rYdAVTnyCcSo3MX35K37/xnplLos +ehyeDMJok+C/y2+jeICs/A89FcTAA6JrNqznE5ZWNBORSKOMJQcscNHWBGZ5vmpH +jW8WPpMPhtA4q26fz/XI2BwrHRKwsEKsVyULd3bfAEBLQbktuwMMylWsnrw/wzRN +aD+dbwECgYEA8ZJb0syBWlJD1/+p+1wgtteJ9RSZyXFHLRDglAYUKjVoZqhczSP2 +M/wkkTk71gI54lQBejNAKU+eH+IAsXCQDx3ePxlAlu3JSMaXd8KzgZwBd2rr3iNJ +grAUoYj9sr237oi2Lyc+vKMS+IUrbkYZKbAtn/D6bp5GkxWscmWt7UcCgYEAwzak +4J7ZsFWeuomlRfR/FNMidGUBc+J/7wo3NXwTH3PPZisrPv38smD7bc1zi/c7MS7+ +ptJpHApnjqqXf85vBHmH2hkyuIAJ+UYuNs29iAcvu1E9XmE4wz/GdrzxvhdCW/PW +qFPQAsNCYB/NQi0YQSwABkEIDPTq1F11aXV1TdECgYBcHD9w8FN+OhHuYWjSFD3R +Gfxbe8Br5AqMr3vCVVMJCRZG1nmUKtss1T6oNReQsYaauwdZLgOP/PDBHW7AObhk +WzIsAxfytLZkTnzgyFej2vVgMF/BctkLwNINCewaZGamyHAXKLKuQMvyAO0ffhEI +KUosSzliRm2IleIMOKMJ7wKBgQCJWML8fwcud68sE3hDFdjrr/lH52D0ReI5LvjV +Gqzhrju36JuOwGiwoGeGQ80OJy5wVl44xUXKws9Fo2TgOUAG5/LbUmtLQFrEFcqi +KHM3Z8b/hhMlekXTqeVa2WlEk1zPEWpwGDf8GaFzvCxQaSXthKWnwM2HQDKQpAjd +4BReYQKBgQCmJllIBUfS61JNstfV++kK3aEP7heGeUdYmFu255DK6UlsDmDx1TJ3 +NacApBE5y/xUEg7hZB3gBpn2PFZO6uVEJX+vrIoOzsOXMQSgWbeCOTe3BLZn+mF3 +tpfeW+xALGvvEajlv1/xUd2o/9DmgEIIIQWKPOKVjb6H5B1WnHa19Q== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-ICA3-pathlen2.pem b/certs/test-pathlen/chainI-ICA3-pathlen2.pem new file mode 100644 index 000000000..44e10332d --- /dev/null +++ b/certs/test-pathlen/chainI-ICA3-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: + be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: + 5e:04:d3:e5:74:19:fc:cf:85:7f:f7:91:8c:d5:58: + 7c:02:4c:88:f1:4d:43:e3:07:bd:2a:4e:df:51:87: + 29:74:c5:24:67:1d:f1:6f:8b:07:75:39:89:70:2a: + 9c:00:e0:2e:6c:7c:74:27:18:34:fd:29:98:43:83: + d6:e1:51:b3:13:41:1c:bc:29:dc:8b:2f:93:08:95: + 8b:90:22:4b:e4:98:f5:d6:70:2a:9b:8b:64:e6:49: + 06:62:a4:23:08:60:68:97:89:a9:b2:c0:94:8e:4f: + 39:1c:25:3b:0f:e4:c5:1d:7d:89:89:5e:c6:02:69: + 68:fc:13:55:b5:80:6b:77:f7:59:57:0b:1c:7e:c6: + ed:46:c6:70:fb:34:a1:28:1c:82:b1:c2:ab:a6:c1: + f0:13:1b:7d:0b:bc:1a:39:23:3c:e7:1d:ee:c8:ee: + 2f:69:5f:a1:31:3f:1a:2f:98:5d:53:d7:42:93:db: + 49:ac:d6:7a:12:2e:9d:0d:c9:b0:ef:40:d1:a4:02: + 5e:52:e8:fb:d4:92:07:98:b1:76:d9:16:0f:e4:8b: + de:dc:88:65:e0:fd:52:1d:8b:e2:e3:ed:08:37:d0: + 11:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5a:8e:b7:fa:c9:b8:f9:a7:1e:fd:16:5b:75:4d:5e:b6:f2:6e: + c0:48:f3:7f:3e:61:59:25:64:8e:6a:e5:19:fb:03:20:93:de: + 0c:d9:88:68:e6:c3:9c:ad:b8:b1:08:a4:74:ef:e7:5c:1e:ea: + 3b:9f:0a:64:40:74:ff:d8:9d:14:38:d8:c7:68:f4:8c:b2:76: + cb:77:40:c4:55:23:b6:42:4c:82:16:47:a4:97:31:12:f0:ac: + e8:b9:aa:72:d8:e7:e5:5f:6c:92:0e:07:d7:9f:df:4b:53:85: + e5:d3:8b:74:ad:b3:58:09:d0:cf:2f:66:a3:28:8c:86:3a:5a: + c8:39:f5:03:35:42:72:8b:b8:fc:28:51:37:b0:31:f6:29:c4: + ab:f3:4f:ff:42:de:48:6d:bd:94:cd:3c:5a:bf:f3:a5:d2:13: + 2c:7b:81:d8:0d:2f:f0:49:bf:c2:07:25:a5:2a:ae:3c:9f:4a: + 3e:74:03:70:36:a9:67:68:1a:e8:72:18:2d:79:7e:65:2c:95: + 3a:5c:9d:46:50:d0:9a:fd:c1:7a:6d:cd:d6:6c:83:f2:cb:aa: + 19:c2:03:7c:2e:95:30:40:88:25:47:3c:d2:7a:ad:ac:a1:12: + 25:42:17:d0:17:00:53:4b:32:ae:70:a4:08:7b:9b:fc:bc:93: + 08:e6:b1:7a +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO0 +3F/Ikp3yB8BeBNPldBn8z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sH +dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk +5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt +RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 +Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBajrf6ybj5px79Flt1TV628m7ASPN/PmFZJWSOauUZ+wMgk94M2Yho5sOc +rbixCKR07+dcHuo7nwpkQHT/2J0UONjHaPSMsnbLd0DEVSO2QkyCFkeklzES8Kzo +uapy2OflX2ySDgfXn99LU4Xl04t0rbNYCdDPL2ajKIyGOlrIOfUDNUJyi7j8KFE3 +sDH2KcSr80//Qt5Ibb2UzTxav/Ol0hMse4HYDS/wSb/CByWlKq48n0o+dANwNqln +aBrochgteX5lLJU6XJ1GUNCa/cF6bc3WbIPyy6oZwgN8LpUwQIglRzzSeq2soRIl +QhfQFwBTSzKucKQIe5v8vJMI5rF6 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-assembled.pem b/certs/test-pathlen/chainI-assembled.pem new file mode 100644 index 000000000..baf1cdcf0 --- /dev/null +++ b/certs/test-pathlen/chainI-assembled.pem @@ -0,0 +1,354 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: + e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: + cf:c8:f1:8a:f6:55:1e:59:fa:97:fe:e7:9b:07:2a: + b6:80:2a:92:d9:39:95:9e:0c:1f:d7:ad:1f:74:4d: + 8e:61:6f:64:24:4c:d4:95:03:8f:d3:f2:3d:6e:d8: + d8:d5:aa:64:7d:82:ee:74:07:16:68:fa:95:17:9b: + 35:8f:c3:6c:47:88:3e:40:de:93:36:ed:62:f4:cc: + 67:45:ee:ea:45:9f:fc:f1:63:6d:b7:fa:f8:c3:e0: + 6f:c7:4a:3e:04:49:04:37:8b:3a:99:e8:64:0a:86: + 43:ab:5b:34:1e:6c:33:a2:a4:26:7c:c7:6c:48:99: + 7d:85:f5:1f:c1:9c:a9:c7:8f:51:6b:8a:86:8d:1c: + b0:d2:82:ba:a4:a7:09:29:8b:0a:20:d1:7c:b1:67: + 0c:61:cd:88:33:5e:38:ab:08:78:0b:80:0b:ce:63: + 03:b9:40:7b:67:3e:a8:ac:4e:44:92:09:4c:3f:e0: + 3d:55:cb:aa:5a:bc:17:9c:4e:9e:40:5c:82:fc:3b: + 3a:54:40:90:f9:22:3c:f4:00:5f:95:13:72:49:29: + ae:5f:31:22:30:04:05:6a:7b:b5:0a:0a:a6:5e:72: + 4d:5f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EB:B5:A2:7B:24:95:03:11:6B:56:CB:13:3E:A8:B2:8F:B1:CF:5D:C4 + X509v3 Authority Key Identifier: + keyid:9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 78:f3:ac:4b:db:c6:63:c3:f5:67:97:b8:99:f4:72:6f:b2:07: + 3b:99:ce:85:e7:5c:59:c1:80:bf:06:92:a8:34:be:1b:74:d1: + 61:b6:75:07:18:0e:2e:77:7f:77:c7:e9:5d:cc:1e:7b:b5:04: + 95:5b:99:a1:15:2e:b6:2b:67:13:09:0f:b7:6e:62:04:dd:01: + 27:fd:18:f3:d9:b2:d7:8f:6e:bb:b3:1d:57:76:91:42:dd:78: + 77:22:b3:ed:79:10:63:94:40:c5:88:09:bb:bf:fd:fe:6e:60: + 23:53:30:8e:11:e2:b7:3d:39:24:96:f2:86:cc:59:eb:83:07: + ad:7a:2e:85:63:be:70:15:92:f8:f2:2b:f1:6f:5f:c2:4d:3a: + 7d:c6:b9:9d:c4:82:6a:fe:b2:7e:ec:5d:eb:b3:ba:82:09:04: + f9:7e:47:37:a9:8a:e2:2a:4f:30:7d:b7:dd:1f:c2:f4:db:61: + f3:b1:81:5d:10:8c:41:22:76:93:5b:a3:b9:b2:69:85:88:3a: + eb:ae:42:0f:16:e7:2f:f3:cd:03:4c:08:65:90:a9:4f:dd:89: + 23:d7:56:bd:e9:d7:cf:9f:bf:0f:a2:11:5b:e1:89:2c:d4:76: + 16:1f:83:5c:e9:8c:f6:93:7c:b5:f2:f1:ef:d3:07:35:2f:93: + 33:16:9c:63 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzrDKPUq+pz54jpJaO +6egKOrdqe7pwhWjiUvM4Oc/I8Yr2VR5Z+pf+55sHKraAKpLZOZWeDB/XrR90TY5h +b2QkTNSVA4/T8j1u2NjVqmR9gu50BxZo+pUXmzWPw2xHiD5A3pM27WL0zGdF7upF +n/zxY223+vjD4G/HSj4ESQQ3izqZ6GQKhkOrWzQebDOipCZ8x2xImX2F9R/BnKnH +j1FrioaNHLDSgrqkpwkpiwog0XyxZwxhzYgzXjirCHgLgAvOYwO5QHtnPqisTkSS +CUw/4D1Vy6pavBecTp5AXIL8OzpUQJD5Ijz0AF+VE3JJKa5fMSIwBAVqe7UKCqZe +ck1fAgMBAAGjggEAMIH9MB0GA1UdDgQWBBTrtaJ7JJUDEWtWyxM+qLKPsc9dxDCB +0AYDVR0jBIHIMIHFgBSeVLaV6okHpsnkgujQNGRdCM1WoKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +ePOsS9vGY8P1Z5e4mfRyb7IHO5nOhedcWcGAvwaSqDS+G3TRYbZ1BxgOLnd/d8fp +Xcwee7UElVuZoRUutitnEwkPt25iBN0BJ/0Y89my149uu7MdV3aRQt14dyKz7XkQ +Y5RAxYgJu7/9/m5gI1MwjhHitz05JJbyhsxZ64MHrXouhWO+cBWS+PIr8W9fwk06 +fca5ncSCav6yfuxd67O6ggkE+X5HN6mK4ipPMH233R/C9Nth87GBXRCMQSJ2k1uj +ubJphYg6665CDxbnL/PNA0wIZZCpT92JI9dWvenXz5+/D6IRW+GJLNR2Fh+DXOmM +9pN8tfLx79MHNS+TMxacYw== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:ba:06:ad:13:cf:da:fb:d1:cb:65:fe:26:58: + 49:6a:01:14:a6:78:b2:2c:1d:ba:ba:d0:bd:27:38: + 66:7c:a0:1b:28:08:3c:6a:fd:f8:87:be:49:a2:ed: + 38:f2:4c:b0:8b:93:ff:d2:c5:3f:cd:03:c5:14:79: + e8:76:63:7a:aa:a7:54:1e:0e:27:bd:1b:be:e8:3f: + 2b:55:40:f0:59:23:d8:3f:e8:05:1a:0b:71:f0:fd: + 24:d9:f9:0b:99:25:da:af:96:34:ee:e1:91:cb:fc: + 8f:a0:41:8f:9c:e1:4f:57:5f:b6:d6:55:69:6f:c3: + 64:c3:11:a9:69:40:85:df:f3:9a:59:b5:ee:90:c0: + 22:ee:72:28:2e:d3:da:65:27:3b:ba:42:c0:9e:73: + ba:a2:f2:45:13:7a:c5:1d:30:a5:b7:db:75:5d:6f: + cc:08:77:80:67:8d:18:2a:ca:02:8d:8e:d3:9c:2a: + fa:b7:8f:1b:7d:ef:62:77:a4:fa:b6:d8:5a:3e:66: + 9c:3e:13:45:a8:cf:61:fb:ff:41:45:14:21:e2:63: + ac:81:4d:65:89:e3:d5:71:20:01:19:76:ec:a4:16: + a6:ef:3c:bc:f2:a2:56:2b:07:31:67:0d:e5:97:88: + e8:db:cb:4d:98:cb:99:e6:e0:bd:62:48:2b:b1:04: + 12:07 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + X509v3 Authority Key Identifier: + keyid:D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA3-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + b3:b8:b9:c2:44:3a:36:0a:cf:fd:da:80:8c:81:54:c1:cd:a6: + 52:a8:60:b1:f8:fd:62:01:fc:d9:85:89:15:9a:df:45:f0:68: + 3e:bb:fe:f3:94:dc:1c:69:3c:7c:47:df:04:0c:7b:2f:4f:3f: + 56:58:9a:fa:1a:4c:16:21:cf:f2:21:a5:f9:d9:49:1b:69:b4: + 4d:df:d0:c2:d7:2c:fa:0f:23:d6:45:61:12:cd:2a:5a:06:db: + 22:6f:99:7a:a0:fc:17:ba:05:bc:02:79:db:f8:cd:ec:a0:98: + 7c:7f:6b:d6:ca:5c:cd:07:89:b6:0d:3e:0b:d3:d7:7f:7c:6b: + 73:7b:b9:28:69:d2:5f:27:1c:13:60:a0:50:23:16:00:d1:cb: + 7a:1d:62:7c:a1:c2:63:1d:c9:0b:0f:d7:5c:91:af:7a:5b:93: + 7e:e5:12:36:f0:3b:fa:59:7b:a8:88:f7:bf:11:19:4b:6a:81: + 61:77:54:61:a3:73:b6:54:64:92:49:22:c9:6a:19:73:33:6d: + 01:4c:5a:9c:0a:fa:ce:a1:34:50:b1:54:de:0b:7b:ce:fe:e0: + 00:fa:8e:7f:48:36:58:ed:98:42:ce:8d:a4:a0:67:c9:88:1c: + 7f:58:df:fb:62:0f:ee:4b:7d:5a:c7:52:2f:9f:2d:13:13:0b: + 72:bd:a0:2e +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ugat +E8/a+9HLZf4mWElqARSmeLIsHbq60L0nOGZ8oBsoCDxq/fiHvkmi7TjyTLCLk//S +xT/NA8UUeeh2Y3qqp1QeDie9G77oPytVQPBZI9g/6AUaC3Hw/STZ+QuZJdqvljTu +4ZHL/I+gQY+c4U9XX7bWVWlvw2TDEalpQIXf85pZte6QwCLucigu09plJzu6QsCe +c7qi8kUTesUdMKW323Vdb8wId4BnjRgqygKNjtOcKvq3jxt972J3pPq22Fo+Zpw+ +E0Woz2H7/0FFFCHiY6yBTWWJ49VxIAEZduykFqbvPLzyolYrBzFnDeWXiOjby02Y +y5nm4L1iSCuxBBIHAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUnlS2leqJB6bJ5ILo +0DRkXQjNVqAwgc4GA1UdIwSBxjCBw4AU0br7/x0pQYpqX7Lzp0EFRwkfSEKhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAs7i5wkQ6NgrP/dqAjIFUwc2mUqhgsfj9 +YgH82YWJFZrfRfBoPrv+85TcHGk8fEffBAx7L08/Vlia+hpMFiHP8iGl+dlJG2m0 +Td/Qwtcs+g8j1kVhEs0qWgbbIm+ZeqD8F7oFvAJ52/jN7KCYfH9r1spczQeJtg0+ +C9PXf3xrc3u5KGnSXyccE2CgUCMWANHLeh1ifKHCYx3JCw/XXJGveluTfuUSNvA7 ++ll7qIj3vxEZS2qBYXdUYaNztlRkkkkiyWoZczNtAUxanAr6zqE0ULFU3gt7zv7g +APqOf0g2WO2YQs6NpKBnyYgcf1jf+2IP7kt9WsdSL58tExMLcr2gLg== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:de:1e:08:66:12:fe:20:07:10:1b:a1:27:0d:f9: + 22:30:81:9b:ce:62:b1:a6:6d:49:d4:ed:b8:2d:4b: + 97:77:1e:94:51:3d:73:2b:16:e9:05:e9:4c:1b:82: + ad:47:9d:33:30:53:b5:9b:d2:2d:e9:7b:d6:63:f3: + 61:20:1b:23:6e:47:09:8b:c0:d5:09:85:a6:e2:e4: + 3a:4d:b3:f9:dd:c6:7c:9a:42:07:22:d5:7b:67:18: + 38:c4:fc:ea:8d:09:80:a0:b0:44:33:fd:c1:aa:8b: + 9c:98:e3:95:c3:74:71:3b:71:b8:b3:80:bf:30:63: + 85:09:27:8b:12:b5:86:b0:0b:99:ff:97:42:52:a0: + ac:b2:38:38:8d:13:96:d9:d6:fa:8f:c4:89:14:06: + 9c:1f:0a:a3:3a:a2:f7:1f:83:d8:ae:41:44:9e:21: + b2:5b:b7:a2:19:e9:46:58:de:e5:a2:ab:07:7a:9a: + 9a:60:bc:14:ed:cf:4d:42:fc:5c:28:ea:42:d1:ae: + cc:71:7e:52:5d:84:88:de:b6:7d:72:6e:ab:73:4b: + 0d:ab:92:9f:11:b4:51:da:14:54:9a:0e:ec:ac:42: + fc:71:87:5b:54:38:09:2c:f0:5d:86:0c:34:b7:92: + 33:5c:3e:19:b1:4d:a0:62:9b:b4:68:36:36:38:ec: + 29:b3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D1:BA:FB:FF:1D:29:41:8A:6A:5F:B2:F3:A7:41:05:47:09:1F:48:42 + X509v3 Authority Key Identifier: + keyid:EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 8f:9b:f7:bd:1a:90:58:f0:ab:0f:1d:45:b2:29:10:66:2d:cc: + 96:d6:3c:f4:3c:a8:49:e2:cf:db:17:16:8c:e8:76:de:79:c9: + 42:10:a7:ad:b7:c3:c2:82:93:6b:19:3e:56:af:be:c8:d7:dd: + ee:87:1d:5f:1d:ad:6a:02:8d:14:22:9f:54:58:d7:d8:16:79: + 64:4d:eb:55:88:74:74:f6:59:2c:40:9f:d0:f4:a8:36:ea:c9: + 4f:9c:2b:3a:72:5f:20:2d:25:b3:b2:fb:c1:03:11:ab:57:57: + d0:55:13:b9:f5:10:09:9e:56:a2:0d:95:3c:16:3e:59:f3:71: + 60:50:06:53:45:ff:0f:e2:f8:61:5b:d2:fc:0a:65:59:dc:ee: + 6f:c6:26:c4:7d:27:69:4d:76:55:2f:07:01:3f:30:ea:17:3d: + bb:8a:f0:df:ae:c8:47:70:0e:b4:28:c9:e9:7b:8c:8a:22:a0: + ea:32:9b:f8:1e:35:a4:f0:a5:09:81:dc:9a:a4:d1:63:34:9e: + 3c:32:2f:f3:b1:f0:43:3b:f1:31:9b:8b:99:bf:c2:b4:eb:78: + 39:a3:e7:d8:2c:e6:6c:f2:8b:2f:21:83:c3:28:1b:77:f3:75: + 9b:79:f7:f0:73:a0:a2:47:af:93:32:0b:d2:88:04:14:3a:cd: + 48:7f:58:32 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3h4IZhL+ +IAcQG6EnDfkiMIGbzmKxpm1J1O24LUuXdx6UUT1zKxbpBelMG4KtR50zMFO1m9It +6XvWY/NhIBsjbkcJi8DVCYWm4uQ6TbP53cZ8mkIHItV7Zxg4xPzqjQmAoLBEM/3B +qoucmOOVw3RxO3G4s4C/MGOFCSeLErWGsAuZ/5dCUqCssjg4jROW2db6j8SJFAac +HwqjOqL3H4PYrkFEniGyW7eiGelGWN7loqsHepqaYLwU7c9NQvxcKOpC0a7McX5S +XYSI3rZ9cm6rc0sNq5KfEbRR2hRUmg7srEL8cYdbVDgJLPBdhgw0t5IzXD4ZsU2g +Ypu0aDY2OOwpswIDAQABo4IBATCB/jAdBgNVHQ4EFgQU0br7/x0pQYpqX7Lzp0EF +RwkfSEIwgcEGA1UdIwSBuTCBtoAU7jem8kDQ7/0ix6O0bFdHQLmZ+Y2hgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQCPm/e9GpBY8KsPHUWyKRBmLcyW1jz0PKhJ4s/bFxaM6HbeeclCEKet +t8PCgpNrGT5Wr77I193uhx1fHa1qAo0UIp9UWNfYFnlkTetViHR09lksQJ/Q9Kg2 +6slPnCs6cl8gLSWzsvvBAxGrV1fQVRO59RAJnlaiDZU8Fj5Z83FgUAZTRf8P4vhh +W9L8CmVZ3O5vxibEfSdpTXZVLwcBPzDqFz27ivDfrshHcA60KMnpe4yKIqDqMpv4 +HjWk8KUJgdyapNFjNJ48Mi/zsfBDO/Exm4uZv8K063g5o+fYLOZs8osvIYPDKBt3 +83Wbeffwc6CiR6+TMgvSiAQUOs1If1gy +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b8:36:0c:66:a9:06:ce:ac:e0:7c:86:a1:69:9d: + be:28:cf:a3:81:f3:b4:dc:5f:c8:92:9d:f2:07:c0: + 5e:04:d3:e5:74:19:fc:cf:85:7f:f7:91:8c:d5:58: + 7c:02:4c:88:f1:4d:43:e3:07:bd:2a:4e:df:51:87: + 29:74:c5:24:67:1d:f1:6f:8b:07:75:39:89:70:2a: + 9c:00:e0:2e:6c:7c:74:27:18:34:fd:29:98:43:83: + d6:e1:51:b3:13:41:1c:bc:29:dc:8b:2f:93:08:95: + 8b:90:22:4b:e4:98:f5:d6:70:2a:9b:8b:64:e6:49: + 06:62:a4:23:08:60:68:97:89:a9:b2:c0:94:8e:4f: + 39:1c:25:3b:0f:e4:c5:1d:7d:89:89:5e:c6:02:69: + 68:fc:13:55:b5:80:6b:77:f7:59:57:0b:1c:7e:c6: + ed:46:c6:70:fb:34:a1:28:1c:82:b1:c2:ab:a6:c1: + f0:13:1b:7d:0b:bc:1a:39:23:3c:e7:1d:ee:c8:ee: + 2f:69:5f:a1:31:3f:1a:2f:98:5d:53:d7:42:93:db: + 49:ac:d6:7a:12:2e:9d:0d:c9:b0:ef:40:d1:a4:02: + 5e:52:e8:fb:d4:92:07:98:b1:76:d9:16:0f:e4:8b: + de:dc:88:65:e0:fd:52:1d:8b:e2:e3:ed:08:37:d0: + 11:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EE:37:A6:F2:40:D0:EF:FD:22:C7:A3:B4:6C:57:47:40:B9:99:F9:8D + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5a:8e:b7:fa:c9:b8:f9:a7:1e:fd:16:5b:75:4d:5e:b6:f2:6e: + c0:48:f3:7f:3e:61:59:25:64:8e:6a:e5:19:fb:03:20:93:de: + 0c:d9:88:68:e6:c3:9c:ad:b8:b1:08:a4:74:ef:e7:5c:1e:ea: + 3b:9f:0a:64:40:74:ff:d8:9d:14:38:d8:c7:68:f4:8c:b2:76: + cb:77:40:c4:55:23:b6:42:4c:82:16:47:a4:97:31:12:f0:ac: + e8:b9:aa:72:d8:e7:e5:5f:6c:92:0e:07:d7:9f:df:4b:53:85: + e5:d3:8b:74:ad:b3:58:09:d0:cf:2f:66:a3:28:8c:86:3a:5a: + c8:39:f5:03:35:42:72:8b:b8:fc:28:51:37:b0:31:f6:29:c4: + ab:f3:4f:ff:42:de:48:6d:bd:94:cd:3c:5a:bf:f3:a5:d2:13: + 2c:7b:81:d8:0d:2f:f0:49:bf:c2:07:25:a5:2a:ae:3c:9f:4a: + 3e:74:03:70:36:a9:67:68:1a:e8:72:18:2d:79:7e:65:2c:95: + 3a:5c:9d:46:50:d0:9a:fd:c1:7a:6d:cd:d6:6c:83:f2:cb:aa: + 19:c2:03:7c:2e:95:30:40:88:25:47:3c:d2:7a:ad:ac:a1:12: + 25:42:17:d0:17:00:53:4b:32:ae:70:a4:08:7b:9b:fc:bc:93: + 08:e6:b1:7a +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDYMZqkGzqzgfIahaZ2+KM+jgfO0 +3F/Ikp3yB8BeBNPldBn8z4V/95GM1Vh8AkyI8U1D4we9Kk7fUYcpdMUkZx3xb4sH +dTmJcCqcAOAubHx0Jxg0/SmYQ4PW4VGzE0EcvCnciy+TCJWLkCJL5Jj11nAqm4tk +5kkGYqQjCGBol4mpssCUjk85HCU7D+TFHX2JiV7GAmlo/BNVtYBrd/dZVwscfsbt +RsZw+zShKByCscKrpsHwExt9C7waOSM85x3uyO4vaV+hMT8aL5hdU9dCk9tJrNZ6 +Ei6dDcmw70DRpAJeUuj71JIHmLF22RYP5Ive3Ihl4P1SHYvi4+0IN9AR9wIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQBajrf6ybj5px79Flt1TV628m7ASPN/PmFZJWSOauUZ+wMgk94M2Yho5sOc +rbixCKR07+dcHuo7nwpkQHT/2J0UONjHaPSMsnbLd0DEVSO2QkyCFkeklzES8Kzo +uapy2OflX2ySDgfXn99LU4Xl04t0rbNYCdDPL2ajKIyGOlrIOfUDNUJyi7j8KFE3 +sDH2KcSr80//Qt5Ibb2UzTxav/Ol0hMse4HYDS/wSb/CByWlKq48n0o+dANwNqln +aBrochgteX5lLJU6XJ1GUNCa/cF6bc3WbIPyy6oZwgN8LpUwQIglRzzSeq2soRIl +QhfQFwBTSzKucKQIe5v8vJMI5rF6 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainI-entity-key.pem b/certs/test-pathlen/chainI-entity-key.pem new file mode 100644 index 000000000..e0a823b0c --- /dev/null +++ b/certs/test-pathlen/chainI-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA86wyj1Kvqc+eI6SWjunoCjq3anu6cIVo4lLzODnPyPGK9lUe +WfqX/uebByq2gCqS2TmVngwf160fdE2OYW9kJEzUlQOP0/I9btjY1apkfYLudAcW +aPqVF5s1j8NsR4g+QN6TNu1i9MxnRe7qRZ/88WNtt/r4w+Bvx0o+BEkEN4s6mehk +CoZDq1s0HmwzoqQmfMdsSJl9hfUfwZypx49Ra4qGjRyw0oK6pKcJKYsKINF8sWcM +Yc2IM144qwh4C4ALzmMDuUB7Zz6orE5EkglMP+A9VcuqWrwXnE6eQFyC/Ds6VECQ ++SI89ABflRNySSmuXzEiMAQFanu1CgqmXnJNXwIDAQABAoIBACx9nmWo1UYOEHO1 +k3/YmXN0sRSSLsJouXPJbXswow2vfI3pkLchGCuEoju2wse3/kQHTZgj4pSAmaOk +nYCQ1BoEpTPoCJTMQAdDNKQejmaUR3GL8b2NMzeyMR9ksRqGd8dkXEDFKzJDN//+ +1WuNAKQaYWgcPNuW2RHsLlKd+lUhjYR/Qe6pj+Jzxhh9Kbt5GHAyj1BTXQzkv5O5 +FpshP331WryxI0r/Q4lwKHrthBXm2PgKUEeh5M7dokAMCaBZmN0ZTbI644tvNsi5 +FR9rTqRHhxtwmk5sMKEavncISY85T+R63XKfUHTQZkWXEiPB3DJoJAbsDVpBb+BI +j3Ton2ECgYEA/WDYGonfKB7x8wwZgBVnnvoMGOqSm8mj42kw3cAaXqtIrJOF+iL8 +kKMq5YJ2W+GlbdNF1oawG+I9gWK9THOcp0JnRXedGNWlfKrW7HHeugT6OR9D8ZiX +4O0M7QJqIdWWN9QpVHhPfySdzF+PopT73o38MtnEF28cIck3ptFqQpcCgYEA9jGl +DSxfFXjoPKinHf6QWkyKeOqHIWYEuIxv2tQ+KpsvTzZ6hEdS2ZeiWcGRCxvlGNxu +/e7sCVUOCVs+FYyb3kN0TW9Hx+0l8H02Lnt3ar7lQmfp4fDw2HsRm6ONTUPZnXCV +2Odpi7PlnHOSR4j2kta4HQL7l2pZJ3n6wPasTHkCgYEA+2UbBTnGMAiEBqH6qxqR +tSpi1lXnIKrv8LJtyZbQkx1e/dthEs2jyd4asZy/0moPuOfmYvM/yGqwm69cIn6S +72DzFfmX5QwVJZxboj1YvzgxDHv47bx49LI+IOpEY02HvdzDJQw50+yApEYsPSOU +wzwc/lcSOC4Fu3/pt5oP1AECgYEA52eCW/944BXlNB7R9b9wr2+COGU43oulpFFc +UbNtO17h+PKb9fmURjHgx7zJOEff7p5DNSt9cMghiWnZ0Sd42lFM3/vY3HJrVsBa +TRaACDWmB+TkURrHRrNmuYPhLN65jOJl9pqM+mL9TzDSLarvGNX5+Er1cDzlz9U3 +fGhfSwECgYEAzUUcI9nvFvh4XQWCbJVDr3iQrupozRCfYmFjuJpx8KHm+Z01lY50 +uTJ+NOBJHCgS6Ikyz4VIkqpbw4AbxlWN0Se7FjlaoiUkj9KAl1ifM5cl70KN13az +1i3a0a8yrIdCAxDenm9UCQH2NIfL4NdFlI2BZglB6PI/HwQ/NwZAkEc= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainI-entity.pem b/certs/test-pathlen/chainI-entity.pem new file mode 100644 index 000000000..1e7564198 --- /dev/null +++ b/certs/test-pathlen/chainI-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:f3:ac:32:8f:52:af:a9:cf:9e:23:a4:96:8e:e9: + e8:0a:3a:b7:6a:7b:ba:70:85:68:e2:52:f3:38:39: + cf:c8:f1:8a:f6:55:1e:59:fa:97:fe:e7:9b:07:2a: + b6:80:2a:92:d9:39:95:9e:0c:1f:d7:ad:1f:74:4d: + 8e:61:6f:64:24:4c:d4:95:03:8f:d3:f2:3d:6e:d8: + d8:d5:aa:64:7d:82:ee:74:07:16:68:fa:95:17:9b: + 35:8f:c3:6c:47:88:3e:40:de:93:36:ed:62:f4:cc: + 67:45:ee:ea:45:9f:fc:f1:63:6d:b7:fa:f8:c3:e0: + 6f:c7:4a:3e:04:49:04:37:8b:3a:99:e8:64:0a:86: + 43:ab:5b:34:1e:6c:33:a2:a4:26:7c:c7:6c:48:99: + 7d:85:f5:1f:c1:9c:a9:c7:8f:51:6b:8a:86:8d:1c: + b0:d2:82:ba:a4:a7:09:29:8b:0a:20:d1:7c:b1:67: + 0c:61:cd:88:33:5e:38:ab:08:78:0b:80:0b:ce:63: + 03:b9:40:7b:67:3e:a8:ac:4e:44:92:09:4c:3f:e0: + 3d:55:cb:aa:5a:bc:17:9c:4e:9e:40:5c:82:fc:3b: + 3a:54:40:90:f9:22:3c:f4:00:5f:95:13:72:49:29: + ae:5f:31:22:30:04:05:6a:7b:b5:0a:0a:a6:5e:72: + 4d:5f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + EB:B5:A2:7B:24:95:03:11:6B:56:CB:13:3E:A8:B2:8F:B1:CF:5D:C4 + X509v3 Authority Key Identifier: + keyid:9E:54:B6:95:EA:89:07:A6:C9:E4:82:E8:D0:34:64:5D:08:CD:56:A0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainI-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 78:f3:ac:4b:db:c6:63:c3:f5:67:97:b8:99:f4:72:6f:b2:07: + 3b:99:ce:85:e7:5c:59:c1:80:bf:06:92:a8:34:be:1b:74:d1: + 61:b6:75:07:18:0e:2e:77:7f:77:c7:e9:5d:cc:1e:7b:b5:04: + 95:5b:99:a1:15:2e:b6:2b:67:13:09:0f:b7:6e:62:04:dd:01: + 27:fd:18:f3:d9:b2:d7:8f:6e:bb:b3:1d:57:76:91:42:dd:78: + 77:22:b3:ed:79:10:63:94:40:c5:88:09:bb:bf:fd:fe:6e:60: + 23:53:30:8e:11:e2:b7:3d:39:24:96:f2:86:cc:59:eb:83:07: + ad:7a:2e:85:63:be:70:15:92:f8:f2:2b:f1:6f:5f:c2:4d:3a: + 7d:c6:b9:9d:c4:82:6a:fe:b2:7e:ec:5d:eb:b3:ba:82:09:04: + f9:7e:47:37:a9:8a:e2:2a:4f:30:7d:b7:dd:1f:c2:f4:db:61: + f3:b1:81:5d:10:8c:41:22:76:93:5b:a3:b9:b2:69:85:88:3a: + eb:ae:42:0f:16:e7:2f:f3:cd:03:4c:08:65:90:a9:4f:dd:89: + 23:d7:56:bd:e9:d7:cf:9f:bf:0f:a2:11:5b:e1:89:2c:d4:76: + 16:1f:83:5c:e9:8c:f6:93:7c:b5:f2:f1:ef:d3:07:35:2f:93: + 33:16:9c:63 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzrDKPUq+pz54jpJaO +6egKOrdqe7pwhWjiUvM4Oc/I8Yr2VR5Z+pf+55sHKraAKpLZOZWeDB/XrR90TY5h +b2QkTNSVA4/T8j1u2NjVqmR9gu50BxZo+pUXmzWPw2xHiD5A3pM27WL0zGdF7upF +n/zxY223+vjD4G/HSj4ESQQ3izqZ6GQKhkOrWzQebDOipCZ8x2xImX2F9R/BnKnH +j1FrioaNHLDSgrqkpwkpiwog0XyxZwxhzYgzXjirCHgLgAvOYwO5QHtnPqisTkSS +CUw/4D1Vy6pavBecTp5AXIL8OzpUQJD5Ijz0AF+VE3JJKa5fMSIwBAVqe7UKCqZe +ck1fAgMBAAGjggEAMIH9MB0GA1UdDgQWBBTrtaJ7JJUDEWtWyxM+qLKPsc9dxDCB +0AYDVR0jBIHIMIHFgBSeVLaV6okHpsnkgujQNGRdCM1WoKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +ePOsS9vGY8P1Z5e4mfRyb7IHO5nOhedcWcGAvwaSqDS+G3TRYbZ1BxgOLnd/d8fp +Xcwee7UElVuZoRUutitnEwkPt25iBN0BJ/0Y89my149uu7MdV3aRQt14dyKz7XkQ +Y5RAxYgJu7/9/m5gI1MwjhHitz05JJbyhsxZ64MHrXouhWO+cBWS+PIr8W9fwk06 +fca5ncSCav6yfuxd67O6ggkE+X5HN6mK4ipPMH233R/C9Nth87GBXRCMQSJ2k1uj +ubJphYg6665CDxbnL/PNA0wIZZCpT92JI9dWvenXz5+/D6IRW+GJLNR2Fh+DXOmM +9pN8tfLx79MHNS+TMxacYw== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA1-key.pem b/certs/test-pathlen/chainJ-ICA1-key.pem new file mode 100644 index 000000000..e67a06832 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA1-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAp29EwhHMLPQqpagIU0sOzZYjuxVKKt35pxkrkSjoc6NXtEk6 +N4KPFThaqq+tciYuhMIN3vzwvjuiEakSINQ93mKFhZEIYNvASruJtvSRHlGjsvcI +md9ISlmE0aoJNg3NaKWuQcjXGtjqSYcgIif5RVQ+x8gARH40cqqNLU1qPnWJ4tQX +V/nNK9C3FGpUG2Gvm2gisRZz6wVsQertEE68gwRoyDrhAxKtKFwkTBmhftjvG4Dk +DkkMaYb2HucB+ypvVhttCq3pKT8xu0goQHkrtfOq7OkJTIL8lygZozrA0l6jipjI +irfSxJC8/8xHE5CtAKuK7PeUNQlgEDWfMsUAGwIDAQABAoIBAD9XZ8Knav+Cq3OZ ++vRPy9zYtNG8vx8ydJTTf9jdifrdS3unzD9dw/V6KUqzRUGO0kBlDUxTklvVQX2+ +4V3MDU/JI8wgzvOdjsR26CVvpkq7BdvZesaDYtzFuup6khuB4zh4nVDDwySj9RY1 +6WEikDm7IjkAH6HJwNu0S85coBnaTs7Sxi+LcAwFlHybEZfb5hz0MdLcLlJ3E7Oz +6Ni/W/SsFBPsO7u7BlNB37tvBlxwpws1sKgpN1EHaDhctQxGODkfAK66PPbG75lO +vqROQWdFc7e3IKQ//A3ORXjNGfCYs8kV/VLA2RjjDPrVb3d7OHxufaAXUxNN5+N1 +7chonQECgYEA00PYedTkZiY2ljJBQB5vxoCZt9wGMe91u/SjWUfLMs2upBgGWDCx +5loZybzUMkBXRK+TSy0kdJndNSPWFxnSmOEFE6Im99MBFJu2iuy7HyHjSTlUEQp1 +Y1CbSzQRCXMNsdJjWnTEz9y8r6gQMhbhMB1Gn5MK3cSmrfv1LwTOvIECgYEAyuN8 +jLWMVfBTN9B/hWTLMLQF7fHhxT53ZBzA9+xnMo+TCDTqZABeyyO1/9jVIvcF4PEO +tmGFaQYaGlxP9fMJyuEEcmYXU8pSqFmK/HHvaHL+MDBjRPudz9En9visBtcoVyYq +z6oRFKsNCjcctxZ9/N20gfaYCrgzFTCTkPWh3psCgYAQKBwiFRnyhfGewvEiijFa +KPOYkAcZQorqeOcVKNxtYjV87yltDSxNxY47U2mW/jyuUA8frLAhCrNUIQ16bssg +TfUpbzkzsrtebBolvb0BwIG1U+EN/JLFqaB2u+ChrF7bvo9Cl7OFgggcFupGKmHG +YDbKdWBbXXKx05cIpYF6AQKBgH4pobyZ9E9IZ2cwxut7NwLtHzbMj7ko0/M0EibZ +IX8GWsbiqNJQjKHDbhxPiJH6i/RJ0f1FfUFGoxq7RpnJbNB0xmAg7eaTzHyVWeEL +NHV99GSg4kn2MTcWd8SS8945EwPGXx7NQVvZ1f0BMmEDooqIjwO2BOu9iT5m+4xL +wkF7AoGADQdu9lCbE0oFa4Ys9p7F7nAh7CCMvKGGIWZzQZBUf3Xr0RuZYRBaeUs2 +U7R/dXpUEOdxcDxSvfsnOz4yJ5++ixj0GaETgxHfHJd4JbBVW3ziCjPNSLj7Slgf +EmHy80ElH+97Z1nK5dHZNAi6m4u+eNjpnv/zbaWsLXsglPuzmsg= +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem new file mode 100644 index 000000000..302d2c78d --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: + 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: + e8:73:a3:57:b4:49:3a:37:82:8f:15:38:5a:aa:af: + ad:72:26:2e:84:c2:0d:de:fc:f0:be:3b:a2:11:a9: + 12:20:d4:3d:de:62:85:85:91:08:60:db:c0:4a:bb: + 89:b6:f4:91:1e:51:a3:b2:f7:08:99:df:48:4a:59: + 84:d1:aa:09:36:0d:cd:68:a5:ae:41:c8:d7:1a:d8: + ea:49:87:20:22:27:f9:45:54:3e:c7:c8:00:44:7e: + 34:72:aa:8d:2d:4d:6a:3e:75:89:e2:d4:17:57:f9: + cd:2b:d0:b7:14:6a:54:1b:61:af:9b:68:22:b1:16: + 73:eb:05:6c:41:ea:ed:10:4e:bc:83:04:68:c8:3a: + e1:03:12:ad:28:5c:24:4c:19:a1:7e:d8:ef:1b:80: + e4:0e:49:0c:69:86:f6:1e:e7:01:fb:2a:6f:56:1b: + 6d:0a:ad:e9:29:3f:31:bb:48:28:40:79:2b:b5:f3: + aa:ec:e9:09:4c:82:fc:97:28:19:a3:3a:c0:d2:5e: + a3:8a:98:c8:8a:b7:d2:c4:90:bc:ff:cc:47:13:90: + ad:00:ab:8a:ec:f7:94:35:09:60:10:35:9f:32:c5: + 00:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + X509v3 Authority Key Identifier: + keyid:A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 1c:0b:c0:44:10:dc:db:df:b9:3e:a0:95:09:d7:13:63:81:f7: + 32:57:19:84:72:2d:8e:60:66:0e:78:f3:35:7d:71:f8:95:88: + bc:90:52:e1:e2:4e:fe:4a:f7:bd:66:fe:b7:73:84:7f:96:ee: + ba:93:97:31:01:af:74:4f:60:40:74:d2:b5:a1:2f:e0:79:1a: + e2:67:08:ee:d4:60:43:1d:bc:79:9d:61:ae:fe:5e:9b:c8:b3: + 69:4e:d0:2b:2b:61:7a:51:1a:c9:bf:8c:b5:ff:ee:ee:42:eb: + ad:e4:90:53:1c:ed:a6:6f:27:51:1f:bf:b1:e3:0e:28:70:46: + 36:91:2e:72:82:b8:05:ee:42:c0:bd:17:0a:38:96:da:13:a4: + d5:a3:9d:bd:82:c3:aa:9f:ff:a8:cd:28:38:ae:18:44:a6:e3: + 60:eb:e0:4c:bd:1f:9e:99:e9:47:38:86:08:29:61:64:d6:6a: + 55:a0:eb:5a:62:24:d5:48:36:5b:51:5c:7f:5f:94:21:ea:d4: + 5e:7d:ee:ec:e7:3f:5b:35:59:8f:84:b9:00:53:80:3e:6a:a0: + db:de:a9:36:9e:f2:1e:48:77:cb:df:94:af:4c:a8:cc:93:c4: + 03:74:ca:ec:d8:86:a3:b9:49:76:b7:af:44:b3:b4:51:ca:a8: + 8b:78:73:f5 +-----BEGIN CERTIFICATE----- +MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnb0TC +Ecws9CqlqAhTSw7NliO7FUoq3fmnGSuRKOhzo1e0STo3go8VOFqqr61yJi6Ewg3e +/PC+O6IRqRIg1D3eYoWFkQhg28BKu4m29JEeUaOy9wiZ30hKWYTRqgk2Dc1opa5B +yNca2OpJhyAiJ/lFVD7HyABEfjRyqo0tTWo+dYni1BdX+c0r0LcUalQbYa+baCKx +FnPrBWxB6u0QTryDBGjIOuEDEq0oXCRMGaF+2O8bgOQOSQxphvYe5wH7Km9WG20K +rekpPzG7SChAeSu186rs6QlMgvyXKBmjOsDSXqOKmMiKt9LEkLz/zEcTkK0Aq4rs +95Q1CWAQNZ8yxQAbAgMBAAGjggERMIIBDTAdBgNVHQ4EFgQUnHs6ELMImQUArz7g +pF3Zr4K8TcAwgdAGA1UdIwSByDCBxYAUo/VximCAPJNkF9kutcDOqcEUF8Shgamk +gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAcC8BEENzb37k+oJUJ1xNjgfcyVxmE +ci2OYGYOePM1fXH4lYi8kFLh4k7+Sve9Zv63c4R/lu66k5cxAa90T2BAdNK1oS/g +eRriZwju1GBDHbx5nWGu/l6byLNpTtArK2F6URrJv4y1/+7uQuut5JBTHO2mbydR +H7+x4w4ocEY2kS5ygrgF7kLAvRcKOJbaE6TVo529gsOqn/+ozSg4rhhEpuNg6+BM +vR+emelHOIYIKWFk1mpVoOtaYiTVSDZbUVx/X5Qh6tRefe7s5z9bNVmPhLkAU4A+ +aqDb3qk2nvIeSHfL35SvTKjMk8QDdMrs2IajuUl2t69Es7RRyqiLeHP1 +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA2-key.pem b/certs/test-pathlen/chainJ-ICA2-key.pem new file mode 100644 index 000000000..fa3f5aef5 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA2-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuyn9iaqC4B0EeGnsYVhRUoR+a1VpLPQj1h/Y7asZljh7xojX +fYWTADVAC8Cp/2YPnqEdiG6pivGtR7RxyRVQxg81npVKZtO9Gzh73GeFlxuzY8ly +1kNa8V419gWWx0C8I6uUNIJZArIz0OZ/GVdlaDwEYVDvIpVP7xi/FbFNjs2noJgi +9RwFAWtLNb+Iw0fDJCm0RcuVoawWHd24aKxROSQnar4x8ewGEFW+RAJP6BJ71v4y +yUg3ayBoy1P1STquSsdDwa/mUxHZ+HEaotY3xytFUElRT1VsPx5pe1gSOn5ZoFed +KJyKbYLnExU7BI/igg8vz9kl2WWjPAPAzbZR1QIDAQABAoIBAFvaUK5WOyKHuyDp +QvPHJynrEivU3+gK7Odx+8EwHj+F+uDFWZQlkK4idAsQg51u1i2QfnDtdlFVKCgv +m0QHLPv2jOcF91ydf4ozXz4cpAgztQc83xneNmyMQsk5lvS0hWCwHOzkJ5DWKe3U +oP2r0X2lLrUfxixfwLnjmCuqNxjkZlx1sB+rb5wafmW6GOx2kUS+jr02RG20wNIT +lPgCLYyRyn636F7eBSTDd2ogwwpugk0cqBWFnqzvJfltIFQd47bhSyQ4ot12rTrH +GzQ764Ll6pxuNmBYo9ys3HHhFs8A66vIpC7ITZRUWa7aHFzQn+rzJGeJ4+USJvCf +fCbyS4ECgYEA+B0tCuWCK6qiszfFdPAwTnQFTcdKBH9wnwI1f6gdgqOofYfSKJ/3 +6rgtuYv3/MPZ0wXTNP6QxYKjD3Zfa2oclxO/5JRejiahKYBNPrON1CbN3bMESZj4 +5Br5SxjLcDN8OFEKExn9U13lD7wfF2AVVUMkflkfao9ajziBkZUE1TUCgYEAwRzi +XJ7wOQgAAuz2rG9Kw70oQ8ry3VyU5L4xqEJsVIMBpxCQ+LfvWNMuR/awFECVnrxG +UpUgvzrY+JJ3EVDRD3bbCZW7TtglLi9vi7VomFv5S2tPPl+abktY9zPe76nF/bWg +joLTfWrla6OAUldaCBJPvmBlmsqEOJTMDM0kPiECgYBJI5ieiK9JngBeIkejxBYJ +Wmwh1Gh+UO7rAKSyn+UrGIFXl80cyqMzXt2jv533teglK6dqDMyyXGMi8LsKF/qb +kmfTwuTotHx3lmmu3REnA9VV0CqoY16jJ0xrlcCKr7Kji0gT/2pMw/X9IHBt3JYN +T0CXuj/nkqCYbYjMWIhXLQKBgQCYdtOIyLtka5qGtMu0LFHc5FUL4QmKF3Q+fKL7 +8yVQO/ZsDjpHBAFmIaUij/NIqgz2vDLRNIgcMrvm1MxI0YOdL/uTP7IYd7IzGqR4 +qwsfb04Na3WvCxAEEFz3Hu7eTS3SNznCCiwrkt/68aV4XRrp0HtBFR5i7Y0ilufb +G4OHwQKBgQCd0TSu7ntTRmQBddjtAylB5tP7BTxgdV39IrBs9AyZnEti8hVLn3bs +AuENwmUX2KGRkH9xmA3hf8QHYFWz2n7NiygZ60yjIvpQhd4z2eCEpmqrRVV44QtT +z/NoqKUN6ywGoDu60LV1PmoYpiWXM1qTxdKJhcUhdkuVSH22tKoVeQ== +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem new file mode 100644 index 000000000..92fa68dc2 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: + 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: + 19:96:38:7b:c6:88:d7:7d:85:93:00:35:40:0b:c0: + a9:ff:66:0f:9e:a1:1d:88:6e:a9:8a:f1:ad:47:b4: + 71:c9:15:50:c6:0f:35:9e:95:4a:66:d3:bd:1b:38: + 7b:dc:67:85:97:1b:b3:63:c9:72:d6:43:5a:f1:5e: + 35:f6:05:96:c7:40:bc:23:ab:94:34:82:59:02:b2: + 33:d0:e6:7f:19:57:65:68:3c:04:61:50:ef:22:95: + 4f:ef:18:bf:15:b1:4d:8e:cd:a7:a0:98:22:f5:1c: + 05:01:6b:4b:35:bf:88:c3:47:c3:24:29:b4:45:cb: + 95:a1:ac:16:1d:dd:b8:68:ac:51:39:24:27:6a:be: + 31:f1:ec:06:10:55:be:44:02:4f:e8:12:7b:d6:fe: + 32:c9:48:37:6b:20:68:cb:53:f5:49:3a:ae:4a:c7: + 43:c1:af:e6:53:11:d9:f8:71:1a:a2:d6:37:c7:2b: + 45:50:49:51:4f:55:6c:3f:1e:69:7b:58:12:3a:7e: + 59:a0:57:9d:28:9c:8a:6d:82:e7:13:15:3b:04:8f: + e2:82:0f:2f:cf:d9:25:d9:65:a3:3c:03:c0:cd:b6: + 51:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + X509v3 Authority Key Identifier: + keyid:CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5b:56:cd:5e:fc:3a:fb:2b:be:7c:63:ad:a7:7b:e4:9a:00:78: + cb:d8:e6:00:41:3d:3d:e3:f6:43:78:75:d7:c9:07:61:0c:2b: + 43:46:8f:12:a3:5a:f0:3d:22:f4:72:ea:27:1a:70:57:48:c5: + ec:7d:00:dd:5d:83:a6:71:f7:90:ec:69:bd:2e:86:97:06:dc: + 9c:be:4e:a8:4c:9f:db:93:5e:fd:d8:ba:ae:89:55:65:16:cf: + ab:a5:a4:4e:ae:21:ce:5e:e0:91:e1:77:de:e3:b4:3d:ba:d2: + 12:f3:54:c0:50:94:16:e5:b2:62:71:58:03:2c:d1:f4:1f:ce: + 9d:a5:ce:2a:57:9f:f7:19:41:b0:4d:e8:27:5d:f2:e6:c8:44: + 1b:c3:57:51:76:d4:15:1a:05:31:61:c3:02:db:56:81:1e:24: + f2:23:04:a9:5a:31:ee:08:1d:08:1f:49:d7:2c:ba:1e:00:5a: + e5:57:8b:fd:aa:a4:2f:6a:d7:93:19:09:92:30:7d:95:68:3b: + b7:ce:a3:f2:b9:e4:e4:e4:48:a4:22:6b:00:33:91:56:28:fc: + 50:f7:1d:f6:70:5b:83:a8:99:98:2d:7a:6c:aa:9b:5a:a5:56: + 5b:89:95:a8:50:27:68:ce:63:5e:d3:84:cb:80:1b:ae:3e:a2: + 5c:13:9b:ff +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Kf2J +qoLgHQR4aexhWFFShH5rVWks9CPWH9jtqxmWOHvGiNd9hZMANUALwKn/Zg+eoR2I +bqmK8a1HtHHJFVDGDzWelUpm070bOHvcZ4WXG7NjyXLWQ1rxXjX2BZbHQLwjq5Q0 +glkCsjPQ5n8ZV2VoPARhUO8ilU/vGL8VsU2OzaegmCL1HAUBa0s1v4jDR8MkKbRF +y5WhrBYd3bhorFE5JCdqvjHx7AYQVb5EAk/oEnvW/jLJSDdrIGjLU/VJOq5Kx0PB +r+ZTEdn4cRqi1jfHK0VQSVFPVWw/Hml7WBI6flmgV50onIptgucTFTsEj+KCDy/P +2SXZZaM8A8DNtlHVAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUo/VximCAPJNkF9ku +tcDOqcEUF8Qwgc4GA1UdIwSBxjCBw4AUzZdJePcxYe0vcRpo6UUsQHhRk1uhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAW1bNXvw6+yu+fGOtp3vkmgB4y9jmAEE9 +PeP2Q3h118kHYQwrQ0aPEqNa8D0i9HLqJxpwV0jF7H0A3V2DpnH3kOxpvS6Glwbc +nL5OqEyf25Ne/di6rolVZRbPq6WkTq4hzl7gkeF33uO0PbrSEvNUwFCUFuWyYnFY +AyzR9B/OnaXOKlef9xlBsE3oJ13y5shEG8NXUXbUFRoFMWHDAttWgR4k8iMEqVox +7ggdCB9J1yy6HgBa5VeL/aqkL2rXkxkJkjB9lWg7t86j8rnk5ORIpCJrADORVij8 +UPcd9nBbg6iZmC16bKqbWqVWW4mVqFAnaM5jXtOEy4Abrj6iXBOb/w== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA3-key.pem b/certs/test-pathlen/chainJ-ICA3-key.pem new file mode 100644 index 000000000..af221fe25 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA3-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA2Kr2BZVwWlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClI +JeG19SXfZHvq7aofiw3n6/UvripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQ +qnzeIPh1OSOF7oQTiFQqlvUWJ5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6c +nq48u7bYEKy3WUlbcwC+r5IhFFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7 +p3BTFMa3Ufoj8PVL0bs/m/w1ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba ++e8b4J+11TJltU7kvjZrZWUalqJHtT6fsA1jQQIDAQABAoIBAFxbg8Odj+bxD25S +bGJpSzPQZXzj/poQBhoPC1B/6IyDLLtV3YtIS2fUXQVYTSxB+HAt3U6XlVuIci7w +4E5j92fF+ZTZMvlPluFGk2r9fIs28V8xZyFFWOp0/oL8wXqKkkjql70BfBAn0kPa +kTT0QAD9thcuUaWUvhQk9gacDgTDa824zjrJmU/st0XkAL238VGZitW0n3FuIO/G +FLg3wPE6VJRvbdg5KT7UplvP1gj37tIWZmRtOxwGcr5NGhHiceGD99ubFAvkZPLe +RfRrQB/0vJ0TQLrVBhWtnRsrHuywUllrhLDUcJTnylrK/CMimmtvx03geDjo9jso +J+RaYAECgYEA9WJzlwjAR/a5K+6b/Wds1Oqsq3KVfRPLas5DENDCAfoabVQadJWh +DG/PtAoOWaK6Kvjg6qZyjlaB3gVVmUt7aflGYW2Ik7hpDlHY5D7tD7gOrhYzU/X9 +gnH0I9jRD9KhyRKIxMcgtQwMUX8EksfJsNm2uSbgvdLtWAad8uNg2zECgYEA4gp7 +PgBzfXq+2kt0qTbXG/+UCNXFUUChr/SrSb3g+gM/AMqmNVuRPJ3hNSEnHWt7g9Pi +3lIKFsQel5HZZR7o/H6GOtmIBD53ropX6foSMuJ8WlDEf1+44WvfpntESED9C1Hq +cEHTFKMWek5b8izfQBR/OzWmB33nh0AXHeBM5RECgYAw5kGqo2/N53jXLGGhie7C +L1HhiKAJoNw0mI38190Rj8mcZ9otyXOiitWVRzu82RTIY3hOyoShoNOYbu+z8LrT +T32bBLzm0yT8WYsjUPbk3wTt5DauUKMIT7UbP6XJxWvAKhVfQV9fNNtvkiRTK8Uh +nQEwvHKk4Vey5v6q3Gz8wQKBgF2X+W+ywB80s9GvbJ6kFm2BZcpCuXDrUgeJR2NB +O+ZJccziG+/7+icfOCDHmWqVFo9/LHDhh0vl6MTZnyo/ojjqKqozaB5ZvzSGE+DN +qrtnDBZZWwNinyq3f+NvJtbEEgKd6HSSzNO+s4/w4iFkcwwVcJkTnat8dmGKKAg2 +16ABAoGBAMiKDbjbCoiCHfUDjozrEuXL7IF0sUgctVBRl/llmvFjXwOY+yE+Fchj +bcPJw25UVJAcSvRn0U/0/eqsZCFEcrDCSlU+wU+3JDSMrf6nNFpgCYSU5a8juHXA +tI5ofONIJ72Dt7QARgP+jpV7QZSKrsh2vZe+6uaXNgCENkSr3XrV +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem new file mode 100644 index 000000000..7c1bfed06 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: + 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: + 39:e1:e7:4e:48:29:48:25:e1:b5:f5:25:df:64:7b: + ea:ed:aa:1f:8b:0d:e7:eb:f5:2f:ae:2a:5a:3d:50: + c7:fb:ef:0b:8b:44:0b:63:94:be:c6:d7:63:45:2e: + 85:96:00:5c:be:7e:10:09:b3:d0:aa:7c:de:20:f8: + 75:39:23:85:ee:84:13:88:54:2a:96:f5:16:27:9f: + 8b:b0:a6:2a:f4:9d:13:8c:71:1c:0c:a6:59:53:ec: + f9:0b:2b:c9:45:13:d6:12:ef:39:d1:8e:9c:9e:ae: + 3c:bb:b6:d8:10:ac:b7:59:49:5b:73:00:be:af:92: + 21:14:54:a3:fa:b6:17:ae:b6:dc:b1:f1:61:f0:75: + 07:43:5e:48:fa:e7:80:56:cf:df:ad:46:52:85:42: + fb:a7:70:53:14:c6:b7:51:fa:23:f0:f5:4b:d1:bb: + 3f:9b:fc:35:ca:d2:85:f1:a0:77:02:06:7c:79:99: + 13:b5:68:b4:16:47:42:88:f7:bc:eb:78:b2:e8:11: + 2f:62:f6:da:f9:ef:1b:e0:9f:b5:d5:32:65:b5:4e: + e4:be:36:6b:65:65:1a:96:a2:47:b5:3e:9f:b0:0d: + 63:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + X509v3 Authority Key Identifier: + keyid:FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 38:56:e6:30:a8:f8:db:32:4c:53:e0:8f:c5:08:98:3f:ce:bf: + b1:04:b0:52:24:63:6a:14:86:41:08:13:78:aa:98:7e:07:9b: + 1d:22:9e:61:b6:69:fb:f9:24:a3:8e:4b:f2:1f:39:6a:0b:a1: + ff:1f:9b:65:7c:7f:85:8c:d8:ce:3d:83:93:4c:00:4e:7f:d0: + 44:53:b1:a8:7d:bf:43:f1:d7:f2:2c:86:20:b8:cf:11:39:bb: + 7e:21:28:ca:20:4b:0a:46:97:d3:c6:82:2c:4e:25:8a:e4:92: + 84:da:c2:9b:15:3a:5c:8b:fc:a1:b7:76:f9:e8:80:79:1f:fc: + 4f:d4:18:f1:17:fa:19:87:4d:3c:81:e1:82:ce:e2:5c:d2:c0: + cd:e8:44:5a:dd:f1:41:5f:a2:df:27:a9:d4:4e:f7:2c:7a:8c: + 5f:dd:f2:3e:e3:c5:1f:7b:5f:0e:6f:9c:9a:c8:eb:63:0f:98: + eb:7e:e6:89:56:d9:c7:f4:6d:20:d9:0f:a5:81:82:90:90:95: + 53:62:80:9d:e3:93:44:4c:33:00:1e:b9:c8:b2:13:53:d2:a3: + 18:96:86:40:92:74:bf:a9:8e:77:ff:a8:3b:7f:c6:92:c8:b4: + 4e:6c:17:7f:36:9d:f6:64:11:f9:26:5e:55:09:36:fe:8c:84: + 81:08:0e:a3 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kr2BZVw +WlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClIJeG19SXfZHvq7aofiw3n6/Uv +ripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQqnzeIPh1OSOF7oQTiFQqlvUW +J5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6cnq48u7bYEKy3WUlbcwC+r5Ih +FFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7p3BTFMa3Ufoj8PVL0bs/m/w1 +ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba+e8b4J+11TJltU7kvjZrZWUa +lqJHtT6fsA1jQQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUzZdJePcxYe0vcRpo6UUs +QHhRk1swgcEGA1UdIwSBuTCBtoAU/BgTUrszStscW9GAmD5AhpVYcvmhgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQA4VuYwqPjbMkxT4I/FCJg/zr+xBLBSJGNqFIZBCBN4qph+B5sdIp5h +tmn7+SSjjkvyHzlqC6H/H5tlfH+FjNjOPYOTTABOf9BEU7Gofb9D8dfyLIYguM8R +Obt+ISjKIEsKRpfTxoIsTiWK5JKE2sKbFTpci/yht3b56IB5H/xP1BjxF/oZh008 +geGCzuJc0sDN6ERa3fFBX6LfJ6nUTvcseoxf3fI+48Ufe18Ob5yayOtjD5jrfuaJ +VtnH9G0g2Q+lgYKQkJVTYoCd45NETDMAHrnIshNT0qMYloZAknS/qY53/6g7f8aS +yLRObBd/Np32ZBH5Jl5VCTb+jISBCA6j +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-ICA4-key.pem b/certs/test-pathlen/chainJ-ICA4-key.pem new file mode 100644 index 000000000..f795822c3 --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA4-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAnUrua/+27IghI4QDtoi7PloblQMvJFMtVz8ROF0SHUBrENvC +0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muRJo/8HgYX8N5Yh+8eppES +OWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr42YqG4fFhQNFsM7hD8EP +knDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RVptq7H57RhQDgjUrE0oYI +df3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnACg79u2DGJs/IWmL4n9hRa +6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQABAoIBAFOs+QkbEATkpjxu +jksckf+pj+LFvt5kIUq4kkCZwnktO8fMIOj4Z51f7ueIplpMLf6qd9L+mteYN2q8 +y9ILmddqwta/QohxMH4IX9QTdKVb38JcioVf1epElfzguvOm2J5DXqVVhcFwY6HQ +9+6hDkZyfVb99aMTRnM+1yTbiMd1cTV/hee0cCaS/A4WjJicldbLMUQ9GFlfoaNa +z7Vik0XnQZoAJKLFIqo+r3At1x4HQ6CTeIKLrUUCiIJp2AKTw1ZddSS+n1ELb7ms +MavRWChI5aYk9IhVTIzjFgsY5SWj5z2ta5dCngX0miTtr3CegUH8r7BAHTosezAW +CALcj8ECgYEA0S2AMpTdv2LdzTB9KLCGhHHbZSGgf/RBqvtkY2vCOKUSnZ3eT6Vy +wdVsRumbwMzmgzDP91SPsb7h0kq8VvplAyREsIm7lo+C1rZOjefBXRTMbZezjkPA ++OIA7DauyRpeICjhraMC3a5VDJgHPYb21juJZLf6wmA79uiye4ElbqcCgYEAwIBD +85yw4N7zH+0h9h9aJH7JU9CAQQ0EETJyDgCRqk5eSepoQEG3WpJw2tuP1cQpvJS8 +WCo1/k5eeyawOVHtkXoSXmsJF4QcGkyK/bbrlqpqzqB9hWw2s0XY8yY22PWOV64H +ugxTAr59G4Fp1LthyzL0Si4c/u5O3iSV9eJWCu8CgYBYPTd9HutEFvK14iSKC51T +Nax1RvAryeABvrakcgqmVow5zSTAuGxmdB+O8nDvrf/3i5nPHe7X7kvYqAo3Lr15 +y8zmI9PsOXHaHWGZ3w/ksidie8IU22QGGWCGRLMKxoK6UkSRONi2pxndjCxRuiNa +UBcvU6UGZg4lpBfWna4qtQKBgCaOyo2WOhugrKQddGr/FqguuRbPsZDWEZV8PDov +xP2O2vYFPMJ6J0a+BFriFapks1Nxm1QxiEUa33PdaPjiPyqff+RnnheWv6ZI5KIz +LHcuRVyD6wB5j29TM0RoyB2m+c74LdYHN+1ZyGdlAZS5v7nax/G/0NEDXMrEG0F4 +B3IDAoGBAKi0u0aMsVKOY1X9AR/4PWwe2zD6JWIT9oGWXGmp3CjXH+RxoSCTtYYr +1eLmgVkKA0dYrJO4QqZ26pLst3FZ0trAH0zhbn5y7NWy2AdDFMFClk5D8a+VEm1S +ejTDoNtohKlDFgaGC15mrHpv6JfpKGlBpRuTH8DRuCpaoqLQ9bOO +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-ICA4-pathlen2.pem b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem new file mode 100644 index 000000000..0d3e8258a --- /dev/null +++ b/certs/test-pathlen/chainJ-ICA4-pathlen2.pem @@ -0,0 +1,89 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: + bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: + 12:1d:40:6b:10:db:c2:d3:e4:dd:80:77:74:7b:88: + 44:65:e0:cf:52:c5:8a:42:e5:6e:b7:6a:ab:50:a0: + 2e:29:c2:fe:ba:d5:c7:da:6b:91:26:8f:fc:1e:06: + 17:f0:de:58:87:ef:1e:a6:91:12:39:68:a5:05:f3: + 8c:67:c9:e5:99:18:a4:fc:90:3f:bd:a6:ca:f2:a6: + dd:b5:e6:93:cb:14:89:83:3c:88:5a:31:ab:e3:66: + 2a:1b:87:c5:85:03:45:b0:ce:e1:0f:c1:0f:92:70: + d7:ac:65:ea:a8:09:c1:fe:1d:db:b7:e7:dd:98:d3: + c6:b1:16:b4:54:58:c1:aa:ba:a1:cf:19:14:a7:e4: + 55:a6:da:bb:1f:9e:d1:85:00:e0:8d:4a:c4:d2:86: + 08:75:fd:d8:1e:85:21:6c:27:8f:18:d5:44:73:58: + ab:94:75:4a:36:3d:8d:4d:c6:7a:86:9d:00:db:c5: + ba:be:70:02:83:bf:6e:d8:31:89:b3:f2:16:98:be: + 27:f6:14:5a:e9:d4:72:67:8d:a9:df:76:27:bf:19: + ac:20:59:28:5b:1b:42:d9:d5:5b:6d:fb:6e:a2:5e: + d3:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 0d:bc:87:df:e4:68:a5:56:54:d2:89:42:d8:b4:1b:45:6f:88: + b2:39:d1:ad:38:f4:0b:68:5e:e1:3e:88:60:4f:69:be:a8:ee: + 1d:14:08:69:86:ee:6a:08:42:35:6e:44:4f:5f:be:13:00:81: + ca:41:a7:70:d3:48:9f:60:03:14:a4:4b:7f:35:7e:6d:94:0b: + cf:63:00:fe:8e:54:2c:4c:ac:fb:ef:4c:68:91:9a:0f:45:3e: + 07:12:f2:74:e6:83:36:8e:61:49:f9:03:17:e2:16:72:eb:6b: + c3:c1:7b:95:37:31:1f:10:b9:fc:7b:e4:54:d4:4f:81:a0:f8: + 0e:be:99:43:50:dd:19:7e:f9:41:8b:0d:2e:b2:e5:2c:ec:9b: + 20:42:f4:3a:da:03:99:bc:c1:c2:6c:69:4e:8e:6e:ad:22:57: + dc:2c:1a:e3:4f:15:c4:b3:b4:5d:2d:be:d8:62:0a:a4:c9:62: + fb:9a:53:26:ee:8f:8e:43:a6:e2:77:9b:1f:1f:4f:86:b5:65: + 22:3c:0d:f7:75:ab:24:2d:5b:6f:96:3f:26:22:b0:de:b2:4e: + 37:fd:f9:9a:22:81:15:91:c5:b0:54:f2:ee:f0:e9:7f:23:ab: + 43:1c:43:e1:e4:bf:61:20:13:f3:4f:b6:71:77:a3:23:89:fb: + 02:c2:24:5e +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrua/+27IghI4QDtoi7PloblQMv +JFMtVz8ROF0SHUBrENvC0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muR +Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr +42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV +ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC +g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQANvIff5GilVlTSiULYtBtFb4iyOdGtOPQLaF7hPohgT2m+qO4dFAhphu5q +CEI1bkRPX74TAIHKQadw00ifYAMUpEt/NX5tlAvPYwD+jlQsTKz770xokZoPRT4H +EvJ05oM2jmFJ+QMX4hZy62vDwXuVNzEfELn8e+RU1E+BoPgOvplDUN0ZfvlBiw0u +suUs7JsgQvQ62gOZvMHCbGlOjm6tIlfcLBrjTxXEs7RdLb7YYgqkyWL7mlMm7o+O +Q6bid5sfH0+GtWUiPA33daskLVtvlj8mIrDesk43/fmaIoEVkcWwVPLu8Ol/I6tD +HEPh5L9hIBPzT7Zxd6MjifsCwiRe +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-assembled.pem b/certs/test-pathlen/chainJ-assembled.pem new file mode 100644 index 000000000..4e93b51f6 --- /dev/null +++ b/certs/test-pathlen/chainJ-assembled.pem @@ -0,0 +1,443 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: + 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: + 0e:de:cf:05:74:df:37:a4:37:33:a6:6f:59:06:c8: + 9f:19:35:c3:94:f7:05:ba:52:eb:3e:92:29:61:48: + 88:fa:6d:42:b4:30:de:ce:df:94:ed:92:88:60:c8: + 55:36:50:ee:36:b5:ed:35:6f:95:01:f4:88:4b:7b: + 3e:fe:b5:9c:64:c0:72:be:8c:74:6a:8c:f5:e4:65: + 66:87:52:9d:7b:b0:20:f6:d8:c3:de:76:b9:70:7c: + 01:82:6e:fc:fa:1b:e7:c4:c1:5f:38:ce:50:dc:3a: + 22:87:bc:19:9a:45:d5:8a:7a:93:f9:78:59:c7:0a: + f9:8f:eb:c3:79:eb:b5:ee:36:f0:5e:5d:2f:8f:46: + e8:63:c2:31:82:fc:fb:5d:8c:ca:01:b1:bb:72:2b: + e7:2f:82:3c:a6:24:a6:3f:58:7e:69:5b:4a:00:b4: + 25:b3:b3:c3:b3:b0:c2:3f:a3:d7:ee:04:12:1d:ab: + 0b:bb:02:b0:6c:0b:36:64:56:a9:5d:37:e5:0a:28: + 44:5e:15:e4:f5:ab:73:98:0a:b3:28:90:1d:30:f2: + 8c:e7:db:13:6a:0f:b4:cb:8d:06:15:86:ce:35:12: + e3:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 13:92:E0:30:5E:36:4F:BF:D5:E3:0D:5D:40:0B:64:95:EC:8E:77:4E + X509v3 Authority Key Identifier: + keyid:9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 10:a0:e0:ea:4b:df:4c:5b:92:da:6b:13:5a:4b:e9:46:1a:17: + 48:42:5e:08:c8:28:e4:ce:69:46:25:55:70:57:bd:4e:b2:0b: + a4:75:22:b6:5b:d7:e0:54:3f:31:14:99:09:c1:3b:6f:b7:59: + 5a:52:67:46:0c:4f:ec:fa:31:4a:6e:59:04:50:99:60:1e:74: + ed:3a:ac:4d:cd:98:31:4d:b1:54:07:3e:76:bb:92:e2:1d:53: + 65:08:38:e3:4d:b0:d8:74:14:5f:00:94:e7:d2:c9:9d:80:23: + f5:9e:3d:8c:22:72:b3:20:5a:01:a3:02:f2:9c:cc:b8:1d:73: + db:eb:cc:cb:27:4f:75:17:1d:23:68:07:4f:15:be:00:cc:a9: + 2a:14:82:2c:0e:e3:92:40:dc:62:ac:d9:61:24:99:19:43:d5: + 3e:85:ca:e5:6d:e1:76:9a:4e:01:ef:34:98:7a:1b:ca:8b:c3: + de:99:22:75:28:11:0c:17:7a:58:7b:44:33:22:58:61:24:8c: + 96:a5:a7:63:19:31:6d:61:83:1c:5f:50:66:48:29:b4:2d:8e: + 5e:f3:63:85:e8:9c:d8:6e:93:4a:4d:ff:b1:d5:60:96:d0:9f: + 4e:3f:6f:c9:b4:e1:04:b8:ef:55:c2:77:c1:e1:50:d0:a7:b8: + 9d:a3:81:71 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+1GgrGmLNQa/eu60 +oYp+rjF1redFe+bZu3zpcw7ezwV03zekNzOmb1kGyJ8ZNcOU9wW6Uus+kilhSIj6 +bUK0MN7O35TtkohgyFU2UO42te01b5UB9IhLez7+tZxkwHK+jHRqjPXkZWaHUp17 +sCD22MPedrlwfAGCbvz6G+fEwV84zlDcOiKHvBmaRdWKepP5eFnHCvmP68N567Xu +NvBeXS+PRuhjwjGC/PtdjMoBsbtyK+cvgjymJKY/WH5pW0oAtCWzs8OzsMI/o9fu +BBIdqwu7ArBsCzZkVqldN+UKKEReFeT1q3OYCrMokB0w8ozn2xNqD7TLjQYVhs41 +EuOpAgMBAAGjggEAMIH9MB0GA1UdDgQWBBQTkuAwXjZPv9XjDV1AC2SV7I53TjCB +0AYDVR0jBIHIMIHFgBScezoQswiZBQCvPuCkXdmvgrxNwKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +EKDg6kvfTFuS2msTWkvpRhoXSEJeCMgo5M5pRiVVcFe9TrILpHUitlvX4FQ/MRSZ +CcE7b7dZWlJnRgxP7PoxSm5ZBFCZYB507TqsTc2YMU2xVAc+druS4h1TZQg4402w +2HQUXwCU59LJnYAj9Z49jCJysyBaAaMC8pzMuB1z2+vMyydPdRcdI2gHTxW+AMyp +KhSCLA7jkkDcYqzZYSSZGUPVPoXK5W3hdppOAe80mHobyovD3pkidSgRDBd6WHtE +MyJYYSSMlqWnYxkxbWGDHF9QZkgptC2OXvNjheic2G6TSk3/sdVgltCfTj9vybTh +BLjvVcJ3weFQ0Ke4naOBcQ== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a7:6f:44:c2:11:cc:2c:f4:2a:a5:a8:08:53:4b: + 0e:cd:96:23:bb:15:4a:2a:dd:f9:a7:19:2b:91:28: + e8:73:a3:57:b4:49:3a:37:82:8f:15:38:5a:aa:af: + ad:72:26:2e:84:c2:0d:de:fc:f0:be:3b:a2:11:a9: + 12:20:d4:3d:de:62:85:85:91:08:60:db:c0:4a:bb: + 89:b6:f4:91:1e:51:a3:b2:f7:08:99:df:48:4a:59: + 84:d1:aa:09:36:0d:cd:68:a5:ae:41:c8:d7:1a:d8: + ea:49:87:20:22:27:f9:45:54:3e:c7:c8:00:44:7e: + 34:72:aa:8d:2d:4d:6a:3e:75:89:e2:d4:17:57:f9: + cd:2b:d0:b7:14:6a:54:1b:61:af:9b:68:22:b1:16: + 73:eb:05:6c:41:ea:ed:10:4e:bc:83:04:68:c8:3a: + e1:03:12:ad:28:5c:24:4c:19:a1:7e:d8:ef:1b:80: + e4:0e:49:0c:69:86:f6:1e:e7:01:fb:2a:6f:56:1b: + 6d:0a:ad:e9:29:3f:31:bb:48:28:40:79:2b:b5:f3: + aa:ec:e9:09:4c:82:fc:97:28:19:a3:3a:c0:d2:5e: + a3:8a:98:c8:8a:b7:d2:c4:90:bc:ff:cc:47:13:90: + ad:00:ab:8a:ec:f7:94:35:09:60:10:35:9f:32:c5: + 00:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + X509v3 Authority Key Identifier: + keyid:A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA3-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 1c:0b:c0:44:10:dc:db:df:b9:3e:a0:95:09:d7:13:63:81:f7: + 32:57:19:84:72:2d:8e:60:66:0e:78:f3:35:7d:71:f8:95:88: + bc:90:52:e1:e2:4e:fe:4a:f7:bd:66:fe:b7:73:84:7f:96:ee: + ba:93:97:31:01:af:74:4f:60:40:74:d2:b5:a1:2f:e0:79:1a: + e2:67:08:ee:d4:60:43:1d:bc:79:9d:61:ae:fe:5e:9b:c8:b3: + 69:4e:d0:2b:2b:61:7a:51:1a:c9:bf:8c:b5:ff:ee:ee:42:eb: + ad:e4:90:53:1c:ed:a6:6f:27:51:1f:bf:b1:e3:0e:28:70:46: + 36:91:2e:72:82:b8:05:ee:42:c0:bd:17:0a:38:96:da:13:a4: + d5:a3:9d:bd:82:c3:aa:9f:ff:a8:cd:28:38:ae:18:44:a6:e3: + 60:eb:e0:4c:bd:1f:9e:99:e9:47:38:86:08:29:61:64:d6:6a: + 55:a0:eb:5a:62:24:d5:48:36:5b:51:5c:7f:5f:94:21:ea:d4: + 5e:7d:ee:ec:e7:3f:5b:35:59:8f:84:b9:00:53:80:3e:6a:a0: + db:de:a9:36:9e:f2:1e:48:77:cb:df:94:af:4c:a8:cc:93:c4: + 03:74:ca:ec:d8:86:a3:b9:49:76:b7:af:44:b3:b4:51:ca:a8: + 8b:78:73:f5 +-----BEGIN CERTIFICATE----- +MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnb0TC +Ecws9CqlqAhTSw7NliO7FUoq3fmnGSuRKOhzo1e0STo3go8VOFqqr61yJi6Ewg3e +/PC+O6IRqRIg1D3eYoWFkQhg28BKu4m29JEeUaOy9wiZ30hKWYTRqgk2Dc1opa5B +yNca2OpJhyAiJ/lFVD7HyABEfjRyqo0tTWo+dYni1BdX+c0r0LcUalQbYa+baCKx +FnPrBWxB6u0QTryDBGjIOuEDEq0oXCRMGaF+2O8bgOQOSQxphvYe5wH7Km9WG20K +rekpPzG7SChAeSu186rs6QlMgvyXKBmjOsDSXqOKmMiKt9LEkLz/zEcTkK0Aq4rs +95Q1CWAQNZ8yxQAbAgMBAAGjggERMIIBDTAdBgNVHQ4EFgQUnHs6ELMImQUArz7g +pF3Zr4K8TcAwgdAGA1UdIwSByDCBxYAUo/VximCAPJNkF9kutcDOqcEUF8Shgamk +gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI +hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P +BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAcC8BEENzb37k+oJUJ1xNjgfcyVxmE +ci2OYGYOePM1fXH4lYi8kFLh4k7+Sve9Zv63c4R/lu66k5cxAa90T2BAdNK1oS/g +eRriZwju1GBDHbx5nWGu/l6byLNpTtArK2F6URrJv4y1/+7uQuut5JBTHO2mbydR +H7+x4w4ocEY2kS5ygrgF7kLAvRcKOJbaE6TVo529gsOqn/+ozSg4rhhEpuNg6+BM +vR+emelHOIYIKWFk1mpVoOtaYiTVSDZbUVx/X5Qh6tRefe7s5z9bNVmPhLkAU4A+ +aqDb3qk2nvIeSHfL35SvTKjMk8QDdMrs2IajuUl2t69Es7RRyqiLeHP1 +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:bb:29:fd:89:aa:82:e0:1d:04:78:69:ec:61:58: + 51:52:84:7e:6b:55:69:2c:f4:23:d6:1f:d8:ed:ab: + 19:96:38:7b:c6:88:d7:7d:85:93:00:35:40:0b:c0: + a9:ff:66:0f:9e:a1:1d:88:6e:a9:8a:f1:ad:47:b4: + 71:c9:15:50:c6:0f:35:9e:95:4a:66:d3:bd:1b:38: + 7b:dc:67:85:97:1b:b3:63:c9:72:d6:43:5a:f1:5e: + 35:f6:05:96:c7:40:bc:23:ab:94:34:82:59:02:b2: + 33:d0:e6:7f:19:57:65:68:3c:04:61:50:ef:22:95: + 4f:ef:18:bf:15:b1:4d:8e:cd:a7:a0:98:22:f5:1c: + 05:01:6b:4b:35:bf:88:c3:47:c3:24:29:b4:45:cb: + 95:a1:ac:16:1d:dd:b8:68:ac:51:39:24:27:6a:be: + 31:f1:ec:06:10:55:be:44:02:4f:e8:12:7b:d6:fe: + 32:c9:48:37:6b:20:68:cb:53:f5:49:3a:ae:4a:c7: + 43:c1:af:e6:53:11:d9:f8:71:1a:a2:d6:37:c7:2b: + 45:50:49:51:4f:55:6c:3f:1e:69:7b:58:12:3a:7e: + 59:a0:57:9d:28:9c:8a:6d:82:e7:13:15:3b:04:8f: + e2:82:0f:2f:cf:d9:25:d9:65:a3:3c:03:c0:cd:b6: + 51:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + A3:F5:71:8A:60:80:3C:93:64:17:D9:2E:B5:C0:CE:A9:C1:14:17:C4 + X509v3 Authority Key Identifier: + keyid:CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA4-pathlen2/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 5b:56:cd:5e:fc:3a:fb:2b:be:7c:63:ad:a7:7b:e4:9a:00:78: + cb:d8:e6:00:41:3d:3d:e3:f6:43:78:75:d7:c9:07:61:0c:2b: + 43:46:8f:12:a3:5a:f0:3d:22:f4:72:ea:27:1a:70:57:48:c5: + ec:7d:00:dd:5d:83:a6:71:f7:90:ec:69:bd:2e:86:97:06:dc: + 9c:be:4e:a8:4c:9f:db:93:5e:fd:d8:ba:ae:89:55:65:16:cf: + ab:a5:a4:4e:ae:21:ce:5e:e0:91:e1:77:de:e3:b4:3d:ba:d2: + 12:f3:54:c0:50:94:16:e5:b2:62:71:58:03:2c:d1:f4:1f:ce: + 9d:a5:ce:2a:57:9f:f7:19:41:b0:4d:e8:27:5d:f2:e6:c8:44: + 1b:c3:57:51:76:d4:15:1a:05:31:61:c3:02:db:56:81:1e:24: + f2:23:04:a9:5a:31:ee:08:1d:08:1f:49:d7:2c:ba:1e:00:5a: + e5:57:8b:fd:aa:a4:2f:6a:d7:93:19:09:92:30:7d:95:68:3b: + b7:ce:a3:f2:b9:e4:e4:e4:48:a4:22:6b:00:33:91:56:28:fc: + 50:f7:1d:f6:70:5b:83:a8:99:98:2d:7a:6c:aa:9b:5a:a5:56: + 5b:89:95:a8:50:27:68:ce:63:5e:d3:84:cb:80:1b:ae:3e:a2: + 5c:13:9b:ff +-----BEGIN CERTIFICATE----- +MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBozELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV +BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A +d29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Kf2J +qoLgHQR4aexhWFFShH5rVWks9CPWH9jtqxmWOHvGiNd9hZMANUALwKn/Zg+eoR2I +bqmK8a1HtHHJFVDGDzWelUpm070bOHvcZ4WXG7NjyXLWQ1rxXjX2BZbHQLwjq5Q0 +glkCsjPQ5n8ZV2VoPARhUO8ilU/vGL8VsU2OzaegmCL1HAUBa0s1v4jDR8MkKbRF +y5WhrBYd3bhorFE5JCdqvjHx7AYQVb5EAk/oEnvW/jLJSDdrIGjLU/VJOq5Kx0PB +r+ZTEdn4cRqi1jfHK0VQSVFPVWw/Hml7WBI6flmgV50onIptgucTFTsEj+KCDy/P +2SXZZaM8A8DNtlHVAgMBAAGjggEPMIIBCzAdBgNVHQ4EFgQUo/VximCAPJNkF9ku +tcDOqcEUF8Qwgc4GA1UdIwSBxjCBw4AUzZdJePcxYe0vcRpo6UUsQHhRk1uhgaek +gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH +DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu +ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3 +DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE +AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAW1bNXvw6+yu+fGOtp3vkmgB4y9jmAEE9 +PeP2Q3h118kHYQwrQ0aPEqNa8D0i9HLqJxpwV0jF7H0A3V2DpnH3kOxpvS6Glwbc +nL5OqEyf25Ne/di6rolVZRbPq6WkTq4hzl7gkeF33uO0PbrSEvNUwFCUFuWyYnFY +AyzR9B/OnaXOKlef9xlBsE3oJ13y5shEG8NXUXbUFRoFMWHDAttWgR4k8iMEqVox +7ggdCB9J1yy6HgBa5VeL/aqkL2rXkxkJkjB9lWg7t86j8rnk5ORIpCJrADORVij8 +UPcd9nBbg6iZmC16bKqbWqVWW4mVqFAnaM5jXtOEy4Abrj6iXBOb/w== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:d8:aa:f6:05:95:70:5a:53:c7:66:10:aa:90:79: + 3b:cb:78:2a:ef:5f:43:22:71:7c:6d:47:99:a7:8b: + 39:e1:e7:4e:48:29:48:25:e1:b5:f5:25:df:64:7b: + ea:ed:aa:1f:8b:0d:e7:eb:f5:2f:ae:2a:5a:3d:50: + c7:fb:ef:0b:8b:44:0b:63:94:be:c6:d7:63:45:2e: + 85:96:00:5c:be:7e:10:09:b3:d0:aa:7c:de:20:f8: + 75:39:23:85:ee:84:13:88:54:2a:96:f5:16:27:9f: + 8b:b0:a6:2a:f4:9d:13:8c:71:1c:0c:a6:59:53:ec: + f9:0b:2b:c9:45:13:d6:12:ef:39:d1:8e:9c:9e:ae: + 3c:bb:b6:d8:10:ac:b7:59:49:5b:73:00:be:af:92: + 21:14:54:a3:fa:b6:17:ae:b6:dc:b1:f1:61:f0:75: + 07:43:5e:48:fa:e7:80:56:cf:df:ad:46:52:85:42: + fb:a7:70:53:14:c6:b7:51:fa:23:f0:f5:4b:d1:bb: + 3f:9b:fc:35:ca:d2:85:f1:a0:77:02:06:7c:79:99: + 13:b5:68:b4:16:47:42:88:f7:bc:eb:78:b2:e8:11: + 2f:62:f6:da:f9:ef:1b:e0:9f:b5:d5:32:65:b5:4e: + e4:be:36:6b:65:65:1a:96:a2:47:b5:3e:9f:b0:0d: + 63:41 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + CD:97:49:78:F7:31:61:ED:2F:71:1A:68:E9:45:2C:40:78:51:93:5B + X509v3 Authority Key Identifier: + keyid:FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:TRUE + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 38:56:e6:30:a8:f8:db:32:4c:53:e0:8f:c5:08:98:3f:ce:bf: + b1:04:b0:52:24:63:6a:14:86:41:08:13:78:aa:98:7e:07:9b: + 1d:22:9e:61:b6:69:fb:f9:24:a3:8e:4b:f2:1f:39:6a:0b:a1: + ff:1f:9b:65:7c:7f:85:8c:d8:ce:3d:83:93:4c:00:4e:7f:d0: + 44:53:b1:a8:7d:bf:43:f1:d7:f2:2c:86:20:b8:cf:11:39:bb: + 7e:21:28:ca:20:4b:0a:46:97:d3:c6:82:2c:4e:25:8a:e4:92: + 84:da:c2:9b:15:3a:5c:8b:fc:a1:b7:76:f9:e8:80:79:1f:fc: + 4f:d4:18:f1:17:fa:19:87:4d:3c:81:e1:82:ce:e2:5c:d2:c0: + cd:e8:44:5a:dd:f1:41:5f:a2:df:27:a9:d4:4e:f7:2c:7a:8c: + 5f:dd:f2:3e:e3:c5:1f:7b:5f:0e:6f:9c:9a:c8:eb:63:0f:98: + eb:7e:e6:89:56:d9:c7:f4:6d:20:d9:0f:a5:81:82:90:90:95: + 53:62:80:9d:e3:93:44:4c:33:00:1e:b9:c8:b2:13:53:d2:a3: + 18:96:86:40:92:74:bf:a9:8e:77:ff:a8:3b:7f:c6:92:c8:b4: + 4e:6c:17:7f:36:9d:f6:64:11:f9:26:5e:55:09:36:fe:8c:84: + 81:08:0e:a3 +-----BEGIN CERTIFICATE----- +MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo +YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu +Y29tMB4XDTE5MTAxMTE4MzAzMFoXDTIyMDcwNzE4MzAzMFowgaMxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD +VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD +DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv +bGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Kr2BZVw +WlPHZhCqkHk7y3gq719DInF8bUeZp4s54edOSClIJeG19SXfZHvq7aofiw3n6/Uv +ripaPVDH++8Li0QLY5S+xtdjRS6FlgBcvn4QCbPQqnzeIPh1OSOF7oQTiFQqlvUW +J5+LsKYq9J0TjHEcDKZZU+z5CyvJRRPWEu850Y6cnq48u7bYEKy3WUlbcwC+r5Ih +FFSj+rYXrrbcsfFh8HUHQ15I+ueAVs/frUZShUL7p3BTFMa3Ufoj8PVL0bs/m/w1 +ytKF8aB3AgZ8eZkTtWi0FkdCiPe863iy6BEvYvba+e8b4J+11TJltU7kvjZrZWUa +lqJHtT6fsA1jQQIDAQABo4IBATCB/jAdBgNVHQ4EFgQUzZdJePcxYe0vcRpo6UUs +QHhRk1swgcEGA1UdIwSBuTCBtoAU/BgTUrszStscW9GAmD5AhpVYcvmhgZqkgZcw +gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl +bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG +A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz +c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB +CwUAA4IBAQA4VuYwqPjbMkxT4I/FCJg/zr+xBLBSJGNqFIZBCBN4qph+B5sdIp5h +tmn7+SSjjkvyHzlqC6H/H5tlfH+FjNjOPYOTTABOf9BEU7Gofb9D8dfyLIYguM8R +Obt+ISjKIEsKRpfTxoIsTiWK5JKE2sKbFTpci/yht3b56IB5H/xP1BjxF/oZh008 +geGCzuJc0sDN6ERa3fFBX6LfJ6nUTvcseoxf3fI+48Ufe18Ob5yayOtjD5jrfuaJ +VtnH9G0g2Q+lgYKQkJVTYoCd45NETDMAHrnIshNT0qMYloZAknS/qY53/6g7f8aS +yLRObBd/Np32ZBH5Jl5VCTb+jISBCA6j +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 100 (0x64) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:9d:4a:ee:6b:ff:b6:ec:88:21:23:84:03:b6:88: + bb:3e:5a:1b:95:03:2f:24:53:2d:57:3f:11:38:5d: + 12:1d:40:6b:10:db:c2:d3:e4:dd:80:77:74:7b:88: + 44:65:e0:cf:52:c5:8a:42:e5:6e:b7:6a:ab:50:a0: + 2e:29:c2:fe:ba:d5:c7:da:6b:91:26:8f:fc:1e:06: + 17:f0:de:58:87:ef:1e:a6:91:12:39:68:a5:05:f3: + 8c:67:c9:e5:99:18:a4:fc:90:3f:bd:a6:ca:f2:a6: + dd:b5:e6:93:cb:14:89:83:3c:88:5a:31:ab:e3:66: + 2a:1b:87:c5:85:03:45:b0:ce:e1:0f:c1:0f:92:70: + d7:ac:65:ea:a8:09:c1:fe:1d:db:b7:e7:dd:98:d3: + c6:b1:16:b4:54:58:c1:aa:ba:a1:cf:19:14:a7:e4: + 55:a6:da:bb:1f:9e:d1:85:00:e0:8d:4a:c4:d2:86: + 08:75:fd:d8:1e:85:21:6c:27:8f:18:d5:44:73:58: + ab:94:75:4a:36:3d:8d:4d:c6:7a:86:9d:00:db:c5: + ba:be:70:02:83:bf:6e:d8:31:89:b3:f2:16:98:be: + 27:f6:14:5a:e9:d4:72:67:8d:a9:df:76:27:bf:19: + ac:20:59:28:5b:1b:42:d9:d5:5b:6d:fb:6e:a2:5e: + d3:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + FC:18:13:52:BB:33:4A:DB:1C:5B:D1:80:98:3E:40:86:95:58:72:F9 + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:86:FF:F5:8E:10:DE:B8:FB + + X509v3 Basic Constraints: + CA:TRUE, pathlen:2 + X509v3 Key Usage: + Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 0d:bc:87:df:e4:68:a5:56:54:d2:89:42:d8:b4:1b:45:6f:88: + b2:39:d1:ad:38:f4:0b:68:5e:e1:3e:88:60:4f:69:be:a8:ee: + 1d:14:08:69:86:ee:6a:08:42:35:6e:44:4f:5f:be:13:00:81: + ca:41:a7:70:d3:48:9f:60:03:14:a4:4b:7f:35:7e:6d:94:0b: + cf:63:00:fe:8e:54:2c:4c:ac:fb:ef:4c:68:91:9a:0f:45:3e: + 07:12:f2:74:e6:83:36:8e:61:49:f9:03:17:e2:16:72:eb:6b: + c3:c1:7b:95:37:31:1f:10:b9:fc:7b:e4:54:d4:4f:81:a0:f8: + 0e:be:99:43:50:dd:19:7e:f9:41:8b:0d:2e:b2:e5:2c:ec:9b: + 20:42:f4:3a:da:03:99:bc:c1:c2:6c:69:4e:8e:6e:ad:22:57: + dc:2c:1a:e3:4f:15:c4:b3:b4:5d:2d:be:d8:62:0a:a4:c9:62: + fb:9a:53:26:ee:8f:8e:43:a6:e2:77:9b:1f:1f:4f:86:b5:65: + 22:3c:0d:f7:75:ab:24:2d:5b:6f:96:3f:26:22:b0:de:b2:4e: + 37:fd:f9:9a:22:81:15:91:c5:b0:54:f2:ee:f0:e9:7f:23:ab: + 43:1c:43:e1:e4:bf:61:20:13:f3:4f:b6:71:77:a3:23:89:fb: + 02:c2:24:5e +-----BEGIN CERTIFICATE----- +MIIEwTCCA6mgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTkxMDEx +MTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM +Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg +SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0 +LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUrua/+27IghI4QDtoi7PloblQMv +JFMtVz8ROF0SHUBrENvC0+TdgHd0e4hEZeDPUsWKQuVut2qrUKAuKcL+utXH2muR +Jo/8HgYX8N5Yh+8eppESOWilBfOMZ8nlmRik/JA/vabK8qbdteaTyxSJgzyIWjGr +42YqG4fFhQNFsM7hD8EPknDXrGXqqAnB/h3bt+fdmNPGsRa0VFjBqrqhzxkUp+RV +ptq7H57RhQDgjUrE0oYIdf3YHoUhbCePGNVEc1irlHVKNj2NTcZ6hp0A28W6vnAC +g79u2DGJs/IWmL4n9hRa6dRyZ42p33YnvxmsIFkoWxtC2dVbbftuol7T6QIDAQAB +o4IBDTCCAQkwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHJBgNVHSME +gcEwgb6AFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV +UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI +U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm +c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIJAIb/9Y4Q +3rj7MA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUA +A4IBAQANvIff5GilVlTSiULYtBtFb4iyOdGtOPQLaF7hPohgT2m+qO4dFAhphu5q +CEI1bkRPX74TAIHKQadw00ifYAMUpEt/NX5tlAvPYwD+jlQsTKz770xokZoPRT4H +EvJ05oM2jmFJ+QMX4hZy62vDwXuVNzEfELn8e+RU1E+BoPgOvplDUN0ZfvlBiw0u +suUs7JsgQvQ62gOZvMHCbGlOjm6tIlfcLBrjTxXEs7RdLb7YYgqkyWL7mlMm7o+O +Q6bid5sfH0+GtWUiPA33daskLVtvlj8mIrDesk43/fmaIoEVkcWwVPLu8Ol/I6tD +HEPh5L9hIBPzT7Zxd6MjifsCwiRe +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/chainJ-entity-key.pem b/certs/test-pathlen/chainJ-entity-key.pem new file mode 100644 index 000000000..f935b9046 --- /dev/null +++ b/certs/test-pathlen/chainJ-entity-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAs/tRoKxpizUGv3rutKGKfq4xda3nRXvm2bt86XMO3s8FdN83 +pDczpm9ZBsifGTXDlPcFulLrPpIpYUiI+m1CtDDezt+U7ZKIYMhVNlDuNrXtNW+V +AfSIS3s+/rWcZMByvox0aoz15GVmh1Kde7Ag9tjD3na5cHwBgm78+hvnxMFfOM5Q +3Doih7wZmkXVinqT+XhZxwr5j+vDeeu17jbwXl0vj0boY8Ixgvz7XYzKAbG7civn +L4I8piSmP1h+aVtKALQls7PDs7DCP6PX7gQSHasLuwKwbAs2ZFapXTflCihEXhXk +9atzmAqzKJAdMPKM59sTag+0y40GFYbONRLjqQIDAQABAoIBABmsC2SjsxpMIf5G +Bq51LFANgLiMaaSbm74K5DJYWxKk7N5SyJj/1royv7wb+bWa2Z7x7Ts6gJuYNZbO +xdsSoqUZI27WrWOFtzY23RC2UoQzRvaMR/DTdG1v0vh55yjn2nYbiq94E8rUO9+p +hRUTdmA/YxDkVmcZCQ4VzrfOKy0BOr6SnC3U0QghQ+UGPFeFRvd8vnBk76U8+XMV +xUybnbU17hoEB2p9nle6h0G0GtXI9dnJ0BD2RJMIhvs1cfrOkW/s8dkAXsokH4UU +XRIyRESkb+lVMWv8n8qcHZ3rjH+mxjkTxKdlnNy9qTfPoGJiaDb3LMfyd2xWReAq +VdirDVECgYEA5B0Cy5WrjuQ8aWPOoQbV24mDZGqhAb66oJ9yMkbzQ5DHZdZrt7s9 +k/dBMWOD4tc7w5WPwjYSxY7QOBSq1TETYIafOK1NqR9lnLJnOKiMYp49O9nAfK/y +6AgXQo9fqIIYhmmqEQYl9MSgQjEa5d9CdDg4mh6YzhaVoXn06UF+H4cCgYEAyfv9 +nZT2PBasmZWZdFRG4l78WsQO0+/00HnhPXs0Dn31N9A9aQDj5O4wJoiRDJPYkO0o +9wANtibayIvUoB72L9gc+8KIEU8Xuda+JtB+oPVi88Limxw3iBwrBUF9QA8Jjmrk +KtNOm5IrSpYpTEvOQkZFlskhQajey4Kys69Pz08CgYEAouqtUmVEr7sGAmcL7imJ +l0+xDYiyESL8+zalQo81si22m172c7RAmGrgnrtqOBpsTpWEpLol0f7baxInqDdy +lV/QW5Q6gO0xjyZDXk3SZaSKKzKrrOGk5F7S7fCj6x9vEKBqm9n+RcAgjOWxRjeb +qJF2q2vqylWK7FbDucvSngUCgYAOFa5XwL1y7znV8+KhhAb1Xh5GzgkiqkbuCrG0 +MdUtdYcV/0Vo/xDlM97TsQ48TEr7wC3tG2nZW9hBx85p4/7S00UiISyP2G4VHW5h +EoTiAHqH+P0IR+1vZldxpGFxiBrofXevrNB8dLLkHph+o4KciH3tx9Sz2Wy/0DtZ +4E22bQKBgCOb2dGVVS7fmM81Mg1Al9k9USVxp4wnS1iIHK1c/rBB61TPEyblhiqF +aveFoCse8SparMJ9utkqSqA7zQ3qwoPJZJ9p4T2pI0xp8yu15yBLeYgO0R7kriEC +XIapznOZvvC0/vSUT3kTOX27HlIcPqNOPnpYjsfdZ10okplrXnKB +-----END RSA PRIVATE KEY----- diff --git a/certs/test-pathlen/chainJ-entity.pem b/certs/test-pathlen/chainJ-entity.pem new file mode 100644 index 000000000..35c5f6367 --- /dev/null +++ b/certs/test-pathlen/chainJ-entity.pem @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 101 (0x65) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com + Validity + Not Before: Oct 11 18:30:30 2019 GMT + Not After : Jul 7 18:30:30 2022 GMT + Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b3:fb:51:a0:ac:69:8b:35:06:bf:7a:ee:b4:a1: + 8a:7e:ae:31:75:ad:e7:45:7b:e6:d9:bb:7c:e9:73: + 0e:de:cf:05:74:df:37:a4:37:33:a6:6f:59:06:c8: + 9f:19:35:c3:94:f7:05:ba:52:eb:3e:92:29:61:48: + 88:fa:6d:42:b4:30:de:ce:df:94:ed:92:88:60:c8: + 55:36:50:ee:36:b5:ed:35:6f:95:01:f4:88:4b:7b: + 3e:fe:b5:9c:64:c0:72:be:8c:74:6a:8c:f5:e4:65: + 66:87:52:9d:7b:b0:20:f6:d8:c3:de:76:b9:70:7c: + 01:82:6e:fc:fa:1b:e7:c4:c1:5f:38:ce:50:dc:3a: + 22:87:bc:19:9a:45:d5:8a:7a:93:f9:78:59:c7:0a: + f9:8f:eb:c3:79:eb:b5:ee:36:f0:5e:5d:2f:8f:46: + e8:63:c2:31:82:fc:fb:5d:8c:ca:01:b1:bb:72:2b: + e7:2f:82:3c:a6:24:a6:3f:58:7e:69:5b:4a:00:b4: + 25:b3:b3:c3:b3:b0:c2:3f:a3:d7:ee:04:12:1d:ab: + 0b:bb:02:b0:6c:0b:36:64:56:a9:5d:37:e5:0a:28: + 44:5e:15:e4:f5:ab:73:98:0a:b3:28:90:1d:30:f2: + 8c:e7:db:13:6a:0f:b4:cb:8d:06:15:86:ce:35:12: + e3:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 13:92:E0:30:5E:36:4F:BF:D5:E3:0D:5D:40:0B:64:95:EC:8E:77:4E + X509v3 Authority Key Identifier: + keyid:9C:7B:3A:10:B3:08:99:05:00:AF:3E:E0:A4:5D:D9:AF:82:BC:4D:C0 + DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL Inc./OU=Engineering/CN=chainJ-ICA2-no_pathlen/emailAddress=info@wolfssl.com + serial:64 + + X509v3 Basic Constraints: + CA:FALSE + Signature Algorithm: sha256WithRSAEncryption + 10:a0:e0:ea:4b:df:4c:5b:92:da:6b:13:5a:4b:e9:46:1a:17: + 48:42:5e:08:c8:28:e4:ce:69:46:25:55:70:57:bd:4e:b2:0b: + a4:75:22:b6:5b:d7:e0:54:3f:31:14:99:09:c1:3b:6f:b7:59: + 5a:52:67:46:0c:4f:ec:fa:31:4a:6e:59:04:50:99:60:1e:74: + ed:3a:ac:4d:cd:98:31:4d:b1:54:07:3e:76:bb:92:e2:1d:53: + 65:08:38:e3:4d:b0:d8:74:14:5f:00:94:e7:d2:c9:9d:80:23: + f5:9e:3d:8c:22:72:b3:20:5a:01:a3:02:f2:9c:cc:b8:1d:73: + db:eb:cc:cb:27:4f:75:17:1d:23:68:07:4f:15:be:00:cc:a9: + 2a:14:82:2c:0e:e3:92:40:dc:62:ac:d9:61:24:99:19:43:d5: + 3e:85:ca:e5:6d:e1:76:9a:4e:01:ef:34:98:7a:1b:ca:8b:c3: + de:99:22:75:28:11:0c:17:7a:58:7b:44:33:22:58:61:24:8c: + 96:a5:a7:63:19:31:6d:61:83:1c:5f:50:66:48:29:b4:2d:8e: + 5e:f3:63:85:e8:9c:d8:6e:93:4a:4d:ff:b1:d5:60:96:d0:9f: + 4e:3f:6f:c9:b4:e1:04:b8:ef:55:c2:77:c1:e1:50:d0:a7:b8: + 9d:a3:81:71 +-----BEGIN CERTIFICATE----- +MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM +DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo +YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz +bC5jb20wHhcNMTkxMDExMTgzMDMwWhcNMjIwNzA3MTgzMDMwWjCBmjELMAkGA1UE +BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT +BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV +BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j +b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+1GgrGmLNQa/eu60 +oYp+rjF1redFe+bZu3zpcw7ezwV03zekNzOmb1kGyJ8ZNcOU9wW6Uus+kilhSIj6 +bUK0MN7O35TtkohgyFU2UO42te01b5UB9IhLez7+tZxkwHK+jHRqjPXkZWaHUp17 +sCD22MPedrlwfAGCbvz6G+fEwV84zlDcOiKHvBmaRdWKepP5eFnHCvmP68N567Xu +NvBeXS+PRuhjwjGC/PtdjMoBsbtyK+cvgjymJKY/WH5pW0oAtCWzs8OzsMI/o9fu +BBIdqwu7ArBsCzZkVqldN+UKKEReFeT1q3OYCrMokB0w8ozn2xNqD7TLjQYVhs41 +EuOpAgMBAAGjggEAMIH9MB0GA1UdDgQWBBQTkuAwXjZPv9XjDV1AC2SV7I53TjCB +0AYDVR0jBIHIMIHFgBScezoQswiZBQCvPuCkXdmvgrxNwKGBqaSBpjCBozELMAkG +A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx +FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd +BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu +Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA +EKDg6kvfTFuS2msTWkvpRhoXSEJeCMgo5M5pRiVVcFe9TrILpHUitlvX4FQ/MRSZ +CcE7b7dZWlJnRgxP7PoxSm5ZBFCZYB507TqsTc2YMU2xVAc+druS4h1TZQg4402w +2HQUXwCU59LJnYAj9Z49jCJysyBaAaMC8pzMuB1z2+vMyydPdRcdI2gHTxW+AMyp +KhSCLA7jkkDcYqzZYSSZGUPVPoXK5W3hdppOAe80mHobyovD3pkidSgRDBd6WHtE +MyJYYSSMlqWnYxkxbWGDHF9QZkgptC2OXvNjheic2G6TSk3/sdVgltCfTj9vybTh +BLjvVcJ3weFQ0Ke4naOBcQ== +-----END CERTIFICATE----- diff --git a/certs/test-pathlen/refreshkeys.sh b/certs/test-pathlen/refreshkeys.sh index 4be87ee88..b70b7ecca 100755 --- a/certs/test-pathlen/refreshkeys.sh +++ b/certs/test-pathlen/refreshkeys.sh @@ -12,6 +12,10 @@ keyList=( chainG-ICA1-key.pem chainG-entity-key.pem chainH-ICA4-key.pem chainH-ICA3-key.pem chainH-ICA2-key.pem chainH-ICA1-key.pem chainH-entity-key.pem + chainI-ICA3-key.pem chainI-ICA2-key.pem chainI-ICA1-key.pem + chainI-entity-key.pem + chainJ-ICA4-key.pem chainJ-ICA3-key.pem chainJ-ICA2-key.pem + chainJ-ICA1-key.pem chainJ-entity-key.pem ) for TARGET_KEY in "${keyList[@]}" diff --git a/tests/api.c b/tests/api.c index 01560b717..1808b3c21 100644 --- a/tests/api.c +++ b/tests/api.c @@ -27951,11 +27951,13 @@ static void test_SetTmpEC_DHE_Sz(void) #endif } +#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ + !defined(NO_CERTS) static int load_ca_into_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; - if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != SSL_SUCCESS) { + if ((ret = wolfSSL_CertManagerLoadCA(cm, certA, 0)) != WOLFSSL_SUCCESS) { printf("loading cert %s failed\n", certA); printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; @@ -27968,7 +27970,7 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) { int ret; if ((ret = wolfSSL_CertManagerVerify(cm, certA, WOLFSSL_FILETYPE_PEM)) - != SSL_SUCCESS) { + != WOLFSSL_SUCCESS) { printf("could not verify the cert: %s\n", certA); printf("Error: (%d): %s\n", ret, wolfSSL_ERR_reason_error_string(ret)); return -1; @@ -27996,38 +27998,6 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA) b--; \ } while(0) -static int test_chainH(WOLFSSL_CERT_MANAGER* cm) -{ - int ret; - int i = -1; - /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: - * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) - * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) - * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) - * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) - * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 - */ - char chainHArr[6][50] = {"certs/ca-cert.pem", - "certs/test-pathlen/chainH-ICA4-pathlen2.pem", - "certs/test-pathlen/chainH-ICA3-pathlen2.pem", - "certs/test-pathlen/chainH-ICA2-pathlen2.pem", - "certs/test-pathlen/chainH-ICA1-pathlen0.pem", - "certs/test-pathlen/chainH-entity.pem"}; - - LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ - LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ - VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ - - return ret; -} - static int test_chainG(WOLFSSL_CERT_MANAGER* cm) { int ret; @@ -28067,11 +28037,103 @@ static int test_chainG(WOLFSSL_CERT_MANAGER* cm) return ret; } +static int test_chainH(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain H is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3-pathlen of 2 (reduce max path len to 2) + * ICA3-pathlen of 2 signing ICA2-pathlen of 2 (reduce max path len to 1) + * ICA2-pathlen of 2 signing ICA1-pathlen of 0 (reduce max path len to 0) + * ICA1-pathlen of 0 signing entity (pathlen is already 0, ERROR) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainHArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainH-ICA4-pathlen2.pem", + "certs/test-pathlen/chainH-ICA3-pathlen2.pem", + "certs/test-pathlen/chainH-ICA2-pathlen2.pem", + "certs/test-pathlen/chainH-ICA1-pathlen0.pem", + "certs/test-pathlen/chainH-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainHArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainHArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainHArr[5]); /* if failure, i = -10 here */ + + return ret; +} + +static int test_chainI(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain I is a valid chain per RFC5280 section 4.2.1.9: + * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 2) + * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 1) + * ICA1-no_pathlen signing entity (reduce maxPathLen to 0) + * Test should successfully verify ICA4, ICA3, ICA2 and then fail on ICA1 + */ + char chainIArr[5][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainI-ICA3-pathlen2.pem", + "certs/test-pathlen/chainI-ICA2-no_pathlen.pem", + "certs/test-pathlen/chainI-ICA1-no_pathlen.pem", + "certs/test-pathlen/chainI-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainIArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainIArr[3]); /* if failure, i = -4 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[1]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[2]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[3]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainIArr[4]); /* if failure, i = -8 here */ + + return ret; +} + +static int test_chainJ(WOLFSSL_CERT_MANAGER* cm) +{ + int ret; + int i = -1; + /* Chain J is NOT a valid chain per RFC5280 section 4.2.1.9: + * ICA4-pathlen of 2 signing ICA3 without a pathlen (reduce maxPathLen to 2) + * ICA3-pathlen of 2 signing ICA2 without a pathlen (reduce maxPathLen to 1) + * ICA2-no_pathlen signing ICA1-no_pathlen (reduce maxPathLen to 0) + * ICA1-no_pathlen signing entity (ERROR, pathlen zero and non-leaf cert) + */ + char chainJArr[6][50] = {"certs/ca-cert.pem", + "certs/test-pathlen/chainJ-ICA4-pathlen2.pem", + "certs/test-pathlen/chainJ-ICA3-no_pathlen.pem", + "certs/test-pathlen/chainJ-ICA2-no_pathlen.pem", + "certs/test-pathlen/chainJ-ICA1-no_pathlen.pem", + "certs/test-pathlen/chainJ-entity.pem"}; + + LOAD_ONE_CA(ret, i, cm, chainJArr[0]); /* if failure, i = -1 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[1]); /* if failure, i = -2 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[2]); /* if failure, i = -3 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[3]); /* if failure, i = -4 here */ + LOAD_ONE_CA(ret, i, cm, chainJArr[4]); /* if failure, i = -5 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[1]); /* if failure, i = -6 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[2]); /* if failure, i = -7 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[3]); /* if failure, i = -8 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[4]); /* if failure, i = -9 here */ + VERIFY_ONE_CERT(ret, i, cm, chainJArr[5]); /* if failure, i = -10 here */ + + return ret; +} + static int test_various_pathlen_chains(void) { int ret; WOLFSSL_CERT_MANAGER* cm; + /* Test chain G (large chain with varying pathLens) */ wolfSSL_Init(); if ((cm = wolfSSL_CertManagerNew()) == NULL) { @@ -28083,11 +28145,13 @@ static int test_various_pathlen_chains(void) wolfSSL_CertManagerUnloadCAs(cm); wolfSSL_CertManagerFree(cm); + /* end test chain G */ + + /* Test chain H (5 chain with same pathLens) */ if ((cm = wolfSSL_CertManagerNew()) == NULL) { printf("cert manager new failed\n"); return -1; } -printf("KH: -----------------------------------------------\n"); AssertIntLT(test_chainH(cm), 0); wolfSSL_CertManagerUnloadCAs(cm); @@ -28096,15 +28160,50 @@ printf("KH: -----------------------------------------------\n"); printf("cert manager new failed\n"); return -1; } -printf("KH: -----------------------------------------------\n"); -// test_chainG_and_chainH(cm); + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + /* end test chain H */ + + /* Test chain I (only first ICA has pathLen set and it's set to 2, + * followed by 2 ICA's, should pass) */ + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + AssertIntEQ(test_chainI(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + + ret = wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + + /* Test chain J (Again only first ICA has pathLen set and it's set to 2, + * this time followed by 3 ICA's, should fail */ + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } + AssertIntLT(test_chainJ(cm), 0); + + wolfSSL_CertManagerUnloadCAs(cm); + wolfSSL_CertManagerFree(cm); + if ((cm = wolfSSL_CertManagerNew()) == NULL) { + printf("cert manager new failed\n"); + return -1; + } ret = wolfSSL_CertManagerUnloadCAs(cm); wolfSSL_CertManagerFree(cm); return ret; - } +#endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */ /*----------------------------------------------------------------------------* | Main @@ -28591,7 +28690,10 @@ void ApiTest(void) AssertIntEQ(test_wolfSSL_Cleanup(), WOLFSSL_SUCCESS); +#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \ + !defined(NO_CERTS) AssertIntEQ(test_various_pathlen_chains(), WOLFSSL_SUCCESS); +#endif /* If at some point a stub get implemented this test should fail indicating * a need to implement a new test case diff --git a/tests/suites.c b/tests/suites.c index c51e37728..1bffb53a2 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -171,6 +171,10 @@ static int IsValidCert(const char* line) size_t i; const char* begin; char cert[80]; +#ifdef WOLFSSL_STATIC_MEMORY + FILE* fStream = NULL; + long chkSz = 0; +#endif begin = XSTRSTR(line, "-c "); if (begin == NULL) @@ -180,6 +184,24 @@ static int IsValidCert(const char* line) for (i = 0; i < sizeof(cert) - 1 && *begin != ' ' && *begin != '\0'; i++) cert[i] = *(begin++); cert[i] = '\0'; +#ifdef WOLFSSL_STATIC_MEMORY + fStream = XFOPEN(cert, "rb"); + if (fStream == NULL) { + printf("Failed to open file %s\n", cert); + printf("Invalid cert, skipping test\n"); + return 0; + } else { + printf("Successfully opened file\n"); + } + + XFSEEK(fStream, 0L, SEEK_END); + chkSz = XFTELL(fStream); + XFCLOSE(fStream); + if (chkSz > LARGEST_MEM_BUCKET) { + printf("File is larger than largest bucket, skipping this test\n"); + return 0; + } +#endif ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex(NULL)); if (ctx == NULL) diff --git a/tests/test-chains.conf b/tests/test-chains.conf index e37f823c5..879d9288d 100644 --- a/tests/test-chains.conf +++ b/tests/test-chains.conf @@ -60,7 +60,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -73,7 +72,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -86,7 +84,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -99,7 +96,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -113,7 +109,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -H exitWithRet -C @@ -128,7 +123,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -H exitWithRet -C @@ -142,7 +136,6 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem -C # server TLSv1.2 pathLen constraint test @@ -156,7 +149,32 @@ # client TLSv1.2 pathLen constraint test -v 3 -l ECDHE-RSA-AES128-GCM-SHA256 --A ./certs/ca-cert.pem +-H exitWithRet +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainI-entity-key.pem +-c ./certs/test-pathlen/chainI-assembled.pem +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-C + +# server TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 +-k ./certs/test-pathlen/chainJ-entity-key.pem +-c ./certs/test-pathlen/chainJ-assembled.pem +-H exitWithRet +-V + +# client TLSv1.2 pathLen constraint test +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 -H exitWithRet -C diff --git a/tests/test.conf b/tests/test.conf index 7e3abdd5e..e41c9c645 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -1954,16 +1954,16 @@ -j # server TLSv1.2 verify callback override --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --c ./certs/test/server-ecc.pem --k ./certs/ecc-key.pem +#-v 3 +#-l ECDHE-ECDSA-AES128-GCM-SHA256 +#-c ./certs/test/server-ecc.pem #This cert no longer exists +#-k ./certs/ecc-key.pem # client TLSv1.2 verify callback override --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --A ./certs/ca-ecc-cert.pem --j +#-v 3 +#-l ECDHE-ECDSA-AES128-GCM-SHA256 +#-A ./certs/ca-ecc-cert.pem +#-j # server TLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305 -v 3 diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 54555f9d6..0c155fc12 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -8488,7 +8488,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) int badDate = 0; int criticalExt = 0; int checkPathLen = 0; - int reduceMaxPathByOne = 0; + int decrementMaxPathLen = 0; word32 confirmOID; #if defined(WOLFSSL_RENESAS_TSIP) int idx = 0; @@ -8551,12 +8551,9 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) } #endif /* !NO_SKID */ - if (!cert->ca && type == CA_TYPE && !cert->pathLengthSet) { - cert->pathLength = cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; - cert->pathLengthSet = 1; - } else if (cert->pathLengthSet) { - cert->maxPathLen = cert->pathLength; - + if (cert->selfSigned) { + cert->maxPathLen = WOLFSSL_MAX_PATH_LEN; + } else { cert->ca = NULL; #ifndef NO_SKID if (cert->extAuthKeyIdSet) @@ -8606,7 +8603,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) * No - ERROR */ - if (cert->ca) { + if (cert->ca && cert->pathLengthSet) { + cert->maxPathLen = cert->pathLength; if (cert->isCA) { WOLFSSL_MSG("\tCA boolean set"); if (cert->extKeyUsageSet) { @@ -8614,7 +8612,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { checkPathLen = 1; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } else { checkPathLen = 1; @@ -8626,19 +8624,26 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) WOLFSSL_MSG("\tmaxPathLen status: set to pathLength"); cert->maxPathLen = cert->pathLength; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } - if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { WOLFSSL_MSG("\tmaxPathLen status: reduce by 1"); cert->maxPathLen = cert->ca->maxPathLen - 1; - } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + } else if (decrementMaxPathLen && cert->ca->maxPathLen <= 0) { /* Will be handled as ERROR in "verify check" below */ cert->maxPathLen = 0; } + } else if (cert->ca && cert->isCA) { + /* case where cert->pathLength extension is not set */ + if (cert->ca->maxPathLen > 0) { + cert->maxPathLen = cert->ca->maxPathLen - 1; + } else { + cert->maxPathLen = 0; + } } - } + } if (verify != NO_VERIFY && type != CA_TYPE && type != TRUSTED_PEER_TYPE) { @@ -8675,14 +8680,13 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) * verify check */ - if (cert->ca) { - + if (cert->ca && cert->pathLengthSet) { if (cert->isCA) { if (cert->extKeyUsageSet) { if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) { checkPathLen = 1; } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } else { checkPathLen = 1; @@ -8693,24 +8697,34 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if (cert->pathLength < cert->ca->maxPathLen) { WOLFSSL_MSG("\tmaxPathLen status: OK"); } else { - reduceMaxPathByOne = 1; + decrementMaxPathLen = 1; } } - if (reduceMaxPathByOne && cert->ca->maxPathLen > 0) { + if (decrementMaxPathLen && cert->ca->maxPathLen > 0) { WOLFSSL_MSG("\tmaxPathLen status: OK"); - } else if (reduceMaxPathByOne && cert->ca->maxPathLen <= 0) { + } else if (decrementMaxPathLen && cert->ca->maxPathLen <= 0) { WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); WOLFSSL_MSG("\tmaxPathLen status: ERROR"); return ASN_PATHLEN_INV_E; } - #ifdef HAVE_OCSP + } else if (cert->ca && cert->isCA) { + /* case where pathLength constraint is not set in cert */ + if (cert->ca->maxPathLen <= 0) { + WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0"); + WOLFSSL_MSG("\tmaxPathLen status: ERROR"); + return ASN_PATHLEN_INV_E; + } + } + #ifdef HAVE_OCSP + if (cert->ca) { /* Need the CA's public key hash for OCSP */ XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash, KEYID_SIZE); - #endif /* HAVE_OCSP */ + } + #endif /* HAVE_OCSP */ } } #if defined(WOLFSSL_RENESAS_TSIP) diff --git a/wolfssl/wolfcrypt/memory.h b/wolfssl/wolfcrypt/memory.h index 85c67ed65..cb806cfd3 100644 --- a/wolfssl/wolfcrypt/memory.h +++ b/wolfssl/wolfcrypt/memory.h @@ -102,16 +102,32 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*, #ifndef WOLFMEM_BUCKETS #ifndef SESSION_CERTS /* default size of chunks of memory to separate into */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,16128 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 16128 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #elif defined (OPENSSL_EXTRA) /* extra storage in structs for multiple attributes and order */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,25536 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 25536 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3360,4480,\ + LARGEST_MEM_BUCKET #elif defined (WOLFSSL_CERT_EXT) /* certificate extensions requires 24k for the SSL struct */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,24576 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 24576 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #else /* increase 23k for object member of WOLFSSL_X509_NAME_ENTRY */ - #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,23440 + #ifndef LARGEST_MEM_BUCKET + #define LARGEST_MEM_BUCKET 23440 + #endif + #define WOLFMEM_BUCKETS 64,128,256,512,1024,2432,3456,4544,\ + LARGEST_MEM_BUCKET #endif #endif #ifndef WOLFMEM_DIST From 9357db4d0c75a4d52f6cb1e31c99bc8bca0629b3 Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Fri, 11 Oct 2019 15:27:15 -0600 Subject: [PATCH 3/3] check value of ret in test cases --- tests/api.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/api.c b/tests/api.c index 1808b3c21..4543f23ab 100644 --- a/tests/api.c +++ b/tests/api.c @@ -28143,7 +28143,9 @@ static int test_various_pathlen_chains(void) AssertIntEQ(test_chainG(cm), 0); - wolfSSL_CertManagerUnloadCAs(cm); + ret = wolfSSL_CertManagerUnloadCAs(cm); + if (ret != WOLFSSL_SUCCESS) + return -1; wolfSSL_CertManagerFree(cm); /* end test chain G */ @@ -28162,6 +28164,8 @@ static int test_various_pathlen_chains(void) } ret = wolfSSL_CertManagerUnloadCAs(cm); + if (ret != WOLFSSL_SUCCESS) + return -1; wolfSSL_CertManagerFree(cm); /* end test chain H */ @@ -28181,6 +28185,8 @@ static int test_various_pathlen_chains(void) } ret = wolfSSL_CertManagerUnloadCAs(cm); + if (ret != WOLFSSL_SUCCESS) + return -1; wolfSSL_CertManagerFree(cm); /* Test chain J (Again only first ICA has pathLen set and it's set to 2,