├── .flake8 ├── .gitattributes ├── .github ├── dependabot.yml └── workflows │ ├── ci.yml │ └── testgen.yml ├── .gitignore ├── CONTRIBUTING.md ├── Cargo.lock ├── Cargo.toml ├── LICENSE ├── README.md ├── SECURITY.md ├── benches └── benchmark.rs ├── deny.toml ├── mypy.ini ├── requirements.txt ├── rustfmt.toml ├── src ├── alg_tests.rs ├── aws_lc_rs_algs.rs ├── cert.rs ├── crl │ ├── mod.rs │ └── types.rs ├── data │ ├── alg-rsa-pkcs1-sha256-absent-params.der │ ├── alg-rsa-pkcs1-sha384-absent-params.der │ └── alg-rsa-pkcs1-sha512-absent-params.der ├── der.rs ├── end_entity.rs ├── error.rs ├── lib.rs ├── ring_algs.rs ├── rpk_entity.rs ├── signed_data.rs ├── subject_name │ ├── dns_name.rs │ ├── ip_address.rs │ └── mod.rs ├── test_utils.rs ├── time.rs ├── trust_anchor.rs ├── verify_cert.rs └── x509.rs ├── tests ├── amazon.rs ├── amazon │ ├── AmazonRootCA1.cer │ ├── AmazonRootCA2.cer │ ├── AmazonRootCA3.cer │ ├── AmazonRootCA4.cer │ ├── SFSRootCAG2.cer │ ├── download_ca_certs.sh │ ├── download_demo_certs.sh │ ├── e2m01.cer │ ├── e2m01.crl │ ├── e2m02.cer │ ├── e2m02.crl │ ├── e2m03.cer │ ├── e2m03.crl │ ├── e2m04.cer │ ├── e2m04.crl │ ├── e3m01.cer │ ├── e3m01.crl │ ├── e3m02.cer │ ├── e3m02.crl │ ├── e3m03.cer │ ├── e3m03.crl │ ├── e3m04.cer │ ├── e3m04.crl │ ├── expired.rootca1.demo.amazontrust.com.cer │ ├── expired.rootca2.demo.amazontrust.com.cer │ ├── expired.rootca3.demo.amazontrust.com.cer │ ├── expired.rootca4.demo.amazontrust.com.cer │ ├── r2m01.cer │ ├── r2m01.crl │ ├── r2m02.cer │ ├── r2m02.crl │ ├── r2m03.cer │ ├── r2m03.crl │ ├── r2m04.cer │ ├── r2m04.crl │ ├── r4m01.cer │ ├── r4m01.crl │ ├── r4m02.cer │ ├── r4m02.crl │ ├── r4m03.cer │ ├── r4m03.crl │ ├── r4m04.cer │ ├── r4m04.crl │ ├── revoked.rootca1.demo.amazontrust.com.cer │ ├── revoked.rootca2.demo.amazontrust.com.cer │ ├── revoked.rootca3.demo.amazontrust.com.cer │ ├── revoked.rootca4.demo.amazontrust.com.cer │ ├── rootca1.cer │ ├── rootca1.crl │ ├── rootca2.cer │ ├── rootca2.crl │ ├── rootca3.cer │ ├── rootca3.crl │ ├── rootca4.cer │ ├── rootca4.crl │ ├── valid.rootca1.demo.amazontrust.com.cer │ ├── valid.rootca2.demo.amazontrust.com.cer │ ├── valid.rootca3.demo.amazontrust.com.cer │ └── valid.rootca4.demo.amazontrust.com.cer ├── better_tls.rs ├── cert_v1.der ├── cert_v1_unsupported.rs ├── cert_with_empty_extensions.der ├── cert_without_extensions.der ├── cert_without_extensions.rs ├── client_auth.rs ├── client_auth_revocation.rs ├── client_auth_revocation │ ├── dp_chain.ee.der │ ├── dp_chain.int.a.ca.der │ ├── dp_chain.int.b.ca.der │ ├── dp_chain.root.ca.der │ ├── dp_chain.topbit.ee.der │ ├── ee_crl_mismatched_idp_unknown_status.crl.der │ ├── ee_dp_idp_match.crl.der │ ├── ee_dp_invalid.crl.der │ ├── ee_indirect_dp_unknown_status.crl.der │ ├── ee_no_dp_crl_idp.crl.der │ ├── ee_nofullname_dp_unknown_status.crl.der │ ├── ee_not_revoked_chain_depth.crl.der │ ├── ee_not_revoked_crl_no_idp.crl.der │ ├── ee_not_revoked_ee_depth.crl.der │ ├── ee_not_revoked_wrong_ku_ee_depth.crl.der │ ├── ee_reasons_dp_unknown_status.crl.der │ ├── ee_revoked_badsig_ee_depth.crl.der │ ├── ee_revoked_chain_depth.crl.der │ ├── ee_revoked_crl_ku_ee_depth.crl.der │ ├── ee_revoked_crl_no_idp.crl.der │ ├── ee_revoked_no_ku_ee_depth.crl.der │ ├── ee_revoked_wrong_ku_ee_depth.crl.der │ ├── ee_with_top_bit_set_serial_revoked.crl.der │ ├── expired_crl_enforce_expiration.crl.der │ ├── expired_crl_ignore_expiration.crl.der │ ├── indirect_dp_chain.ee.der │ ├── indirect_dp_chain.int.a.ca.der │ ├── indirect_dp_chain.int.b.ca.der │ ├── indirect_dp_chain.root.ca.der │ ├── indirect_dp_chain.topbit.ee.der │ ├── int_not_revoked_chain_depth.crl.der │ ├── int_not_revoked_chain_depth_forbid_unknown.crl.der │ ├── int_not_revoked_chain_depth_forbid_unknown_b.crl.der │ ├── int_not_revoked_chain_depth_forbid_unknown_ee.crl.der │ ├── int_revoked_badsig_chain_depth.crl.der │ ├── int_revoked_crl_ku_chain_depth.crl.der │ ├── int_revoked_no_ku_chain_depth.crl.der │ ├── int_revoked_wrong_ku_chain_depth.crl.der │ ├── invalid_dp_chain.ee.der │ ├── invalid_dp_chain.int.a.ca.der │ ├── invalid_dp_chain.int.b.ca.der │ ├── invalid_dp_chain.root.ca.der │ ├── invalid_dp_chain.topbit.ee.der │ ├── ku_chain.ee.der │ ├── ku_chain.int.a.ca.der │ ├── ku_chain.int.b.ca.der │ ├── ku_chain.root.ca.der │ ├── ku_chain.topbit.ee.der │ ├── no_crl_ku_chain.ee.der │ ├── no_crl_ku_chain.int.a.ca.der │ ├── no_crl_ku_chain.int.b.ca.der │ ├── no_crl_ku_chain.root.ca.der │ ├── no_crl_ku_chain.topbit.ee.der │ ├── no_ku_chain.ee.der │ ├── no_ku_chain.int.a.ca.der │ ├── no_ku_chain.int.b.ca.der │ ├── no_ku_chain.root.ca.der │ ├── no_ku_chain.topbit.ee.der │ ├── no_relevant_crl_chain_depth_allow_unknown.crl.der │ ├── no_relevant_crl_chain_depth_forbid_unknown.crl.der │ ├── no_relevant_crl_ee_depth_allow_unknown.crl.der │ ├── no_relevant_crl_ee_depth_forbid_unknown.crl.der │ ├── nofullname_dp_chain.ee.der │ ├── nofullname_dp_chain.int.a.ca.der │ ├── nofullname_dp_chain.int.b.ca.der │ ├── nofullname_dp_chain.root.ca.der │ ├── nofullname_dp_chain.topbit.ee.der │ ├── reasons_dp_chain.ee.der │ ├── reasons_dp_chain.int.a.ca.der │ ├── reasons_dp_chain.int.b.ca.der │ ├── reasons_dp_chain.root.ca.der │ └── reasons_dp_chain.topbit.ee.der ├── cloudflare_dns │ ├── ca.der │ ├── ee.der │ └── inter.der ├── common │ └── mod.rs ├── critical_extensions │ ├── ca-cert.der │ ├── ee-cert-crit-unknown-ext.der │ ├── ee-cert-noncrit-unknown-ext.der │ └── root-cert.der ├── crl_distrib_point │ ├── dp_name_relative_to_issuer.der │ ├── make_testcerts.py │ ├── multiple_distribution_points.der │ ├── only_reasons.der │ ├── only_reasons.der.txt │ ├── unknown_dp_name_tag.der │ ├── unknown_dp_name_tag.der.txt │ ├── unknown_tag.der │ ├── unknown_tag.der.txt │ ├── with_crl_issuer.der │ └── with_reasons.der ├── crl_tests.rs ├── crls │ ├── crl.delta.der │ ├── crl.empty.der │ ├── crl.entry.empty.ext.seq.der │ ├── crl.entry.invalid.reason.der │ ├── crl.entry.invalidity.date.der │ ├── crl.entry.issuer.ext.der │ ├── crl.entry.unknown.crit.ext.der │ ├── crl.idp.explicit.false.bool.der │ ├── crl.idp.explicit.false.bool.der.txt │ ├── crl.idp.indirect_crl.der │ ├── crl.idp.invalid.bool.der │ ├── crl.idp.invalid.bool.der.txt │ ├── crl.idp.invalid.name.der │ ├── crl.idp.invalid.name.der.txt │ ├── crl.idp.name_relative_to_issuer.der │ ├── crl.idp.no_distribution_point_name.der │ ├── crl.idp.only_attribute_certs.der │ ├── crl.idp.only_ca_certs.der │ ├── crl.idp.only_some_reasons.der │ ├── crl.idp.only_user_certs.der │ ├── crl.idp.unknown.tag.der │ ├── crl.idp.unknown.tag.der.txt │ ├── crl.idp.valid.der │ ├── crl.invalid.this.update.time.der │ ├── crl.mismatched.sigalg.der │ ├── crl.missing.exts.der │ ├── crl.missing.next.update.der │ ├── crl.negative.crl.number.der │ ├── crl.negative.serial.der │ ├── crl.no.entry.exts.der │ ├── crl.too.long.crl.number.der │ ├── crl.topbit.serial.der │ ├── crl.topbit.serial.txt │ ├── crl.unknown.crit.ext.der │ ├── crl.valid.der │ ├── crl.wrong.version.der │ └── make_testcrls.py ├── custom_ekus.rs ├── custom_ekus │ ├── cert_with_both_ekus_accepted_for_client_auth.ca.der │ ├── cert_with_both_ekus_accepted_for_client_auth.ee.der │ ├── cert_with_no_eku_accepted_for_client_auth.ca.der │ └── cert_with_no_eku_accepted_for_client_auth.ee.der ├── ed25519 │ ├── ca.der │ ├── ee-pubkey.der │ └── ee.der ├── generate.py ├── integration.rs ├── misc │ ├── dns_names_and_wildcards.der │ ├── empty_sequence_common_name.der │ ├── empty_sequence_common_name.der.txt │ ├── invalid_subject_alternative_name.der │ ├── mdoc_eku.ca.der │ ├── mdoc_eku.ee.der │ ├── no_subject_alternative_name.der │ ├── serial_large_positive.der │ ├── serial_neg.der │ ├── serial_neg_ca.der │ ├── serial_neg_ee.der │ └── serial_zero.der ├── netflix │ ├── ca.der │ ├── ee.der │ └── inter.der ├── sanofi │ ├── ca.der │ ├── ee.der │ └── inter.der ├── signatures.rs ├── signatures │ ├── ecdsa_p256.ee.der │ ├── ecdsa_p256.spki.der │ ├── ecdsa_p256_key_and_ecdsa_p256_sha256_detects_bad_signature.sig.bin │ ├── ecdsa_p256_key_and_ecdsa_p256_sha256_good_signature.sig.bin │ ├── ecdsa_p256_key_and_ecdsa_p256_sha384_detects_bad_signature.sig.bin │ ├── ecdsa_p256_key_and_ecdsa_p256_sha384_good_signature.sig.bin │ ├── ecdsa_p384.ee.der │ ├── ecdsa_p384.spki.der │ ├── ecdsa_p384_key_and_ecdsa_p384_sha256_detects_bad_signature.sig.bin │ ├── ecdsa_p384_key_and_ecdsa_p384_sha256_good_signature.sig.bin │ ├── ecdsa_p384_key_and_ecdsa_p384_sha384_detects_bad_signature.sig.bin │ ├── ecdsa_p384_key_and_ecdsa_p384_sha384_good_signature.sig.bin │ ├── ecdsa_p521.ee.der │ ├── ecdsa_p521.spki.der │ ├── ecdsa_p521_key_and_ecdsa_p521_sha256_detects_bad_signature.sig.bin │ ├── ecdsa_p521_key_and_ecdsa_p521_sha256_good_signature.sig.bin │ ├── ecdsa_p521_key_and_ecdsa_p521_sha384_detects_bad_signature.sig.bin │ ├── ecdsa_p521_key_and_ecdsa_p521_sha384_good_signature.sig.bin │ ├── ecdsa_p521_key_and_ecdsa_p521_sha512_detects_bad_signature.sig.bin │ ├── ecdsa_p521_key_and_ecdsa_p521_sha512_good_signature.sig.bin │ ├── ed25519.ee.der │ ├── ed25519.spki.der │ ├── ed25519_key_and_ed25519_detects_bad_signature.sig.bin │ ├── ed25519_key_and_ed25519_good_signature.sig.bin │ ├── message.bin │ ├── rsa_1024_not_supported.ee.der │ ├── rsa_1024_not_supported.spki.der │ ├── rsa_2048.ee.der │ ├── rsa_2048.spki.der │ ├── rsa_2048_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_2048_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin │ ├── rsa_2048_key_rejected_by_rsa_pkcs1_3072_8192_sha384.sig.bin │ ├── rsa_3072.ee.der │ ├── rsa_3072.spki.der │ ├── rsa_3072_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_3072_8192_sha384_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pkcs1_3072_8192_sha384_good_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_3072_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin │ ├── rsa_4096.ee.der │ ├── rsa_4096.spki.der │ ├── rsa_4096_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_3072_8192_sha384_detects_bad_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pkcs1_3072_8192_sha384_good_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin │ ├── rsa_4096_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin │ └── rsa_4096_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin ├── tls_server_certs.rs ├── tls_server_certs │ ├── additional_dns_labels.ca.der │ ├── additional_dns_labels.ee.der │ ├── allow_dns_san.ca.der │ ├── allow_dns_san.ee.der │ ├── allow_dns_san_and_disallow_subject_common_name.ca.der │ ├── allow_dns_san_and_disallow_subject_common_name.ee.der │ ├── allow_dns_san_and_subject_common_name.ca.der │ ├── allow_dns_san_and_subject_common_name.ee.der │ ├── allow_subject_common_name.ca.der │ ├── allow_subject_common_name.ee.der │ ├── disallow_dns_san.ca.der │ ├── disallow_dns_san.ee.der │ ├── disallow_dns_san_and_allow_subject_common_name.ca.der │ ├── disallow_dns_san_and_allow_subject_common_name.ee.der │ ├── disallow_subject_common_name.ca.der │ ├── disallow_subject_common_name.ee.der │ ├── exclude_directory_name_not_implemented.ca.der │ ├── exclude_directory_name_not_implemented.ee.der │ ├── ignore_name_constraints_on_unimplemented_names.ca.der │ ├── ignore_name_constraints_on_unimplemented_names.ee.der │ ├── invalid_dns_name_matching.ca.der │ ├── invalid_dns_name_matching.ee.der │ ├── ip46_mixed_address_san_allowed.ca.der │ ├── ip46_mixed_address_san_allowed.ee.der │ ├── ip4_address_san_allowed.ca.der │ ├── ip4_address_san_allowed.ee.der │ ├── ip4_address_san_allowed_if_outside_excluded_subtree.ca.der │ ├── ip4_address_san_allowed_if_outside_excluded_subtree.ee.der │ ├── ip4_address_san_rejected_if_excluded_is_sparse_cidr_mask.ca.der │ ├── ip4_address_san_rejected_if_excluded_is_sparse_cidr_mask.ee.der │ ├── ip4_address_san_rejected_if_in_excluded_subtree.ca.der │ ├── ip4_address_san_rejected_if_in_excluded_subtree.ee.der │ ├── ip6_address_san_allowed.ca.der │ ├── ip6_address_san_allowed.ee.der │ ├── ip6_address_san_allowed_if_outside_excluded_subtree.ca.der │ ├── ip6_address_san_allowed_if_outside_excluded_subtree.ee.der │ ├── ip6_address_san_rejected_if_in_excluded_subtree.ca.der │ ├── ip6_address_san_rejected_if_in_excluded_subtree.ee.der │ ├── no_name_constraints.ca.der │ ├── no_name_constraints.ee.der │ ├── permit_directory_name_not_implemented.ca.der │ ├── permit_directory_name_not_implemented.ee.der │ ├── reject_constraints_on_unimplemented_names.ca.der │ ├── reject_constraints_on_unimplemented_names.ee.der │ ├── reject_unimplemented_name_constraints.ca.der │ ├── reject_unimplemented_name_constraints.ee.der │ ├── we_ignore_constraints_on_names_that_do_not_appear_in_cert.ca.der │ ├── we_ignore_constraints_on_names_that_do_not_appear_in_cert.ee.der │ ├── we_incorrectly_ignore_name_constraints_on_name_in_subject.ca.der │ ├── we_incorrectly_ignore_name_constraints_on_name_in_subject.ee.der │ ├── wildcard_san_accepted_if_in_subtree.ca.der │ ├── wildcard_san_accepted_if_in_subtree.ee.der │ ├── wildcard_san_rejected_if_in_excluded_subtree.ca.der │ └── wildcard_san_rejected_if_in_excluded_subtree.ee.der └── wpt │ ├── ca.der │ └── ee.der └── third-party ├── bettertls ├── LICENSE ├── README.md └── bettertls.tests.json.bz2 └── chromium ├── LICENSE └── data └── verify_signed_data ├── README ├── ecdsa-prime256v1-sha512-spki-params-null.pem ├── ecdsa-prime256v1-sha512-unused-bits-signature.pem ├── ecdsa-prime256v1-sha512-using-ecdh-key.pem ├── ecdsa-prime256v1-sha512-using-ecmqv-key.pem ├── ecdsa-prime256v1-sha512-using-rsa-algorithm.pem ├── ecdsa-prime256v1-sha512-wrong-signature-format.pem ├── ecdsa-prime256v1-sha512.pem ├── ecdsa-secp384r1-sha256-corrupted-data.pem ├── ecdsa-secp384r1-sha256.pem ├── ecdsa-using-rsa-key.pem ├── ours ├── ecdsa-prime256v1-sha256-compressed.pem ├── ecdsa-prime256v1-sha256-spki-inside-spki.pem ├── ecdsa-prime256v1-sha256.pem ├── make-pss.py ├── priv.pem ├── pub.pem ├── rsa-pss-sha256-salt32-corrupted-data.pem ├── rsa-pss-sha256-salt32.pem ├── rsa-pss-sha384-salt48-corrupted-data.pem ├── rsa-pss-sha384-salt48.pem ├── rsa-pss-sha512-salt64-corrupted-data.pem └── rsa-pss-sha512-salt64.pem ├── rsa-pkcs1-sha1-bad-key-der-length.pem ├── rsa-pkcs1-sha1-bad-key-der-null.pem ├── rsa-pkcs1-sha1-key-params-absent.pem ├── rsa-pkcs1-sha1-using-pss-key-no-params.pem ├── rsa-pkcs1-sha1-wrong-algorithm.pem ├── rsa-pkcs1-sha1.pem ├── rsa-pkcs1-sha256-key-encoded-ber.pem ├── rsa-pkcs1-sha256-spki-non-null-params.pem ├── rsa-pkcs1-sha256-using-ecdsa-algorithm.pem ├── rsa-pkcs1-sha256-using-id-ea-rsa.pem ├── rsa-pkcs1-sha256.pem ├── rsa-pss-sha1-salt20-using-pss-key-no-params.pem ├── rsa-pss-sha1-salt20-using-pss-key-with-null-params.pem ├── rsa-pss-sha1-salt20.pem ├── rsa-pss-sha1-wrong-salt.pem ├── rsa-pss-sha256-mgf1-sha512-salt33.pem ├── rsa-pss-sha256-salt10-using-pss-key-with-params.pem ├── rsa-pss-sha256-salt10-using-pss-key-with-wrong-params.pem ├── rsa-pss-sha256-salt10.pem ├── rsa-using-ec-key.pem └── rsa2048-pkcs1-sha512.pem /.flake8: -------------------------------------------------------------------------------- 1 | [flake8] 2 | exclude = 3 | .git, 4 | __pycache__, 5 | src, 6 | third-party, 7 | target, 8 | .cargo, 9 | tests/venv 10 | max-line-length = 120 11 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto !eol 2 | *.der binary 3 | *.sln eol=crlf 4 | *.vcxproj eol=crlf 5 | *.vcxproj.filters eol=crlf 6 | *.props eol=crlf 7 | *.bat eol=crlf 8 | *.rc eol=crlf 9 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: cargo 4 | directory: "/" 5 | schedule: 6 | interval: weekly 7 | open-pull-requests-limit: 10 8 | groups: 9 | crates-io: 10 | patterns: 11 | - "*" 12 | - package-ecosystem: github-actions 13 | directory: "/" 14 | schedule: 15 | interval: weekly 16 | -------------------------------------------------------------------------------- /.github/workflows/testgen.yml: -------------------------------------------------------------------------------- 1 | name: Python Testgen 2 | 3 | permissions: 4 | contents: read 5 | 6 | on: 7 | pull_request: 8 | push: 9 | merge_group: 10 | schedule: 11 | - cron: '0 18 * * *' 12 | 13 | env: 14 | PYTHON_VERSION: "3.11" 15 | 16 | jobs: 17 | linting: 18 | runs-on: ubuntu-latest 19 | name: Lint 20 | steps: 21 | - name: Check out source repository 22 | uses: actions/checkout@v4 23 | with: 24 | persist-credentials: false 25 | 26 | - name: Set up Python environment 27 | uses: actions/setup-python@v5 28 | with: 29 | python-version: ${{ env.PYTHON_VERSION }} 30 | cache: 'pip' # caching pip dependencies 31 | 32 | - name: Install Python requirements. 33 | run: pip install -r requirements.txt 34 | 35 | - name: flake8 Lint 36 | uses: py-actions/flake8@v2 37 | 38 | - name: mypy Typecheck 39 | run: mypy ./tests 40 | 41 | - name: Black Format 42 | uses: psf/black@stable 43 | with: 44 | src: "./tests" 45 | 46 | testgen: 47 | runs-on: ubuntu-latest 48 | name: Generate Tests 49 | steps: 50 | - name: Check out source repository 51 | uses: actions/checkout@v4 52 | with: 53 | persist-credentials: false 54 | 55 | - name: Set up Rust toolchain 56 | uses: dtolnay/rust-toolchain@stable 57 | with: 58 | components: rustfmt 59 | 60 | - name: Set up Python environment 61 | uses: actions/setup-python@v5 62 | with: 63 | python-version: ${{ env.PYTHON_VERSION }} 64 | cache: 'pip' # caching pip dependencies 65 | 66 | - name: Install Python requirements. 67 | run: pip install -r requirements.txt 68 | 69 | - name: Generate integration test files 70 | working-directory: ./tests 71 | # Generate but don't run the test suite - we already do that in the 72 | # other CI tasks that run `cargo test`. 73 | run: python3 generate.py --no-test 74 | 75 | - name: Generate CRL distribution point test files 76 | working-directory: ./tests/crl_distrib_point/ 77 | run: python3 make_testcerts.py 78 | 79 | - name: Generate CRL test files 80 | working-directory: ./tests/crls/ 81 | run: python3 make_testcrls.py 82 | 83 | - name: Enforce no diff 84 | run: git diff --exit-code 85 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | 3 | # Cargo Junk 4 | target/ 5 | 6 | # IntelliJ junk 7 | *.iml 8 | .idea 9 | 10 | # Benchmark data 11 | benches/*.der 12 | 13 | # Python virtualenv 14 | .venv 15 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Thanks for considering helping this project. There are many ways you can help: 4 | using the library and reporting bugs, reporting usability issues, making 5 | additions and improvements to the library, documentation and finding security 6 | bugs. 7 | 8 | Please see the [Rustls CONTRIBUTING.md](https://github.com/rustls/rustls/blob/main/CONTRIBUTING.md) 9 | for more information on reporting bugs, making code changes, and our style 10 | guide. 11 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Except as otherwise noted, this project is licensed under the following 2 | (ISC-style) terms: 3 | 4 | Copyright 2015 Brian Smith. 5 | 6 | Permission to use, copy, modify, and/or distribute this software for any 7 | purpose with or without fee is hereby granted, provided that the above 8 | copyright notice and this permission notice appear in all copies. 9 | 10 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES 11 | WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 | MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR 13 | ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 | WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 | ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 | 18 | The files under third-party/chromium are licensed as described in 19 | third-party/chromium/LICENSE. 20 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | ## Supported Versions 4 | 5 | Security fixes will be backported only to the webpki versions for which the 6 | original semver-compatible release was published less than 2 years ago. 7 | 8 | For example, as of 2023-06-13 the latest release is 0.100.1 9 | 10 | * 0.100.0 was released in March of 2023 11 | * 0.17.0 was released in August of 2017 12 | 13 | Therefore 0.100.x will be updated, while 0.17.x will not be. 14 | 15 | ## Reporting a Vulnerability 16 | 17 | Please report security bugs [via github](https://github.com/rustls/webpki/security/advisories/new). 18 | We'll then: 19 | 20 | - Prepare a fix and regression tests. 21 | - Backport the fix and make a patch release for most recent release. 22 | - Submit an advisory to [rustsec/advisory-db](https://github.com/RustSec/advisory-db). 23 | - Refer to the advisory on the main README.md and release notes. 24 | -------------------------------------------------------------------------------- /deny.toml: -------------------------------------------------------------------------------- 1 | [advisories] 2 | yanked = "deny" 3 | 4 | [licenses] 5 | allow = [ 6 | "Apache-2.0", 7 | "ISC", 8 | "LicenseRef-webpki", 9 | "MIT", 10 | ] 11 | confidence-threshold = 1.0 12 | 13 | # XXX: Figure out how to deal with the Google-source test data 14 | # https://github.com/briansmith/webpki/issues/148. 15 | [[licenses.clarify]] 16 | name = "rustls-webpki" 17 | expression = "LicenseRef-webpki" 18 | license-files = [ 19 | { path = "LICENSE", hash = 0x001c7e6c }, 20 | ] 21 | 22 | [bans] 23 | multiple-versions = "deny" 24 | wildcards = "deny" 25 | 26 | [sources] 27 | unknown-registry = "deny" 28 | unknown-git = "deny" 29 | -------------------------------------------------------------------------------- /mypy.ini: -------------------------------------------------------------------------------- 1 | [mypy] 2 | strict = True 3 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | cffi==1.15.1 2 | cryptography==44.0.1 3 | mypy==1.3.0 4 | mypy-extensions==1.0.0 5 | pycparser==2.21 6 | tomli==2.0.1 7 | typing_extensions==4.5.0 8 | -------------------------------------------------------------------------------- /rustfmt.toml: -------------------------------------------------------------------------------- 1 | edition = "2018" 2 | style_edition = "2024" 3 | max_width = 100 4 | newline_style = "Unix" 5 | reorder_imports = true 6 | use_field_init_shorthand = true 7 | -------------------------------------------------------------------------------- /src/data/alg-rsa-pkcs1-sha256-absent-params.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/src/data/alg-rsa-pkcs1-sha256-absent-params.der -------------------------------------------------------------------------------- /src/data/alg-rsa-pkcs1-sha384-absent-params.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/src/data/alg-rsa-pkcs1-sha384-absent-params.der -------------------------------------------------------------------------------- /src/data/alg-rsa-pkcs1-sha512-absent-params.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/src/data/alg-rsa-pkcs1-sha512-absent-params.der -------------------------------------------------------------------------------- /src/test_utils.rs: -------------------------------------------------------------------------------- 1 | #![cfg(feature = "alloc")] 2 | use std::prelude::v1::*; 3 | 4 | #[cfg_attr(not(feature = "ring"), allow(dead_code))] 5 | pub(crate) fn make_end_entity( 6 | issuer: &rcgen::Certificate, 7 | issuer_key: &rcgen::KeyPair, 8 | ) -> rcgen::CertifiedKey { 9 | let key_pair = rcgen::KeyPair::generate_for(RCGEN_SIGNATURE_ALG).unwrap(); 10 | rcgen::CertifiedKey { 11 | cert: end_entity_params(vec!["example.com".into()]) 12 | .signed_by(&key_pair, issuer, issuer_key) 13 | .unwrap(), 14 | key_pair, 15 | } 16 | } 17 | 18 | pub(crate) fn make_issuer(org_name: impl Into) -> rcgen::CertifiedKey { 19 | let key_pair = rcgen::KeyPair::generate_for(RCGEN_SIGNATURE_ALG).unwrap(); 20 | rcgen::CertifiedKey { 21 | cert: issuer_params(org_name).self_signed(&key_pair).unwrap(), 22 | key_pair, 23 | } 24 | } 25 | 26 | /// Populate a [CertificateParams] that describes an unconstrained issuer certificate capable 27 | /// of signing other certificates and CRLs, with the given `org_name` as an organization distinguished 28 | /// subject name. 29 | pub(crate) fn issuer_params(org_name: impl Into) -> rcgen::CertificateParams { 30 | let mut ca_params = rcgen::CertificateParams::new(Vec::new()).unwrap(); 31 | ca_params 32 | .distinguished_name 33 | .push(rcgen::DnType::OrganizationName, org_name); 34 | ca_params.is_ca = rcgen::IsCa::Ca(rcgen::BasicConstraints::Unconstrained); 35 | ca_params.key_usages = vec![ 36 | rcgen::KeyUsagePurpose::KeyCertSign, 37 | rcgen::KeyUsagePurpose::DigitalSignature, 38 | rcgen::KeyUsagePurpose::CrlSign, 39 | ]; 40 | ca_params 41 | } 42 | 43 | pub(crate) fn end_entity_params(subject_alt_names: Vec) -> rcgen::CertificateParams { 44 | let mut ee_params = rcgen::CertificateParams::new(subject_alt_names).unwrap(); 45 | ee_params.is_ca = rcgen::IsCa::ExplicitNoCa; 46 | ee_params 47 | } 48 | 49 | /// Signature algorithm used by certificates and parameters generated using the test utils helpers. 50 | pub(crate) static RCGEN_SIGNATURE_ALG: &rcgen::SignatureAlgorithm = &rcgen::PKCS_ECDSA_P256_SHA256; 51 | -------------------------------------------------------------------------------- /tests/amazon/AmazonRootCA1.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/AmazonRootCA1.cer -------------------------------------------------------------------------------- /tests/amazon/AmazonRootCA2.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/AmazonRootCA2.cer -------------------------------------------------------------------------------- /tests/amazon/AmazonRootCA3.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/AmazonRootCA3.cer -------------------------------------------------------------------------------- /tests/amazon/AmazonRootCA4.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/AmazonRootCA4.cer -------------------------------------------------------------------------------- /tests/amazon/SFSRootCAG2.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/SFSRootCAG2.cer -------------------------------------------------------------------------------- /tests/amazon/download_demo_certs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | DOMAINS="valid.rootca1.demo.amazontrust.com 4 | valid.rootca2.demo.amazontrust.com 5 | valid.rootca3.demo.amazontrust.com 6 | valid.rootca4.demo.amazontrust.com 7 | revoked.rootca1.demo.amazontrust.com 8 | revoked.rootca2.demo.amazontrust.com 9 | revoked.rootca3.demo.amazontrust.com 10 | revoked.rootca4.demo.amazontrust.com 11 | expired.rootca1.demo.amazontrust.com 12 | expired.rootca2.demo.amazontrust.com 13 | expired.rootca3.demo.amazontrust.com 14 | expired.rootca4.demo.amazontrust.com" 15 | 16 | 17 | for domain in $DOMAINS; do 18 | openssl s_client -showcerts -connect "${domain}:443" -servername "$domain" -verify_quiet <<<"Q" | openssl x509 -outform DER > "${domain}.cer" 19 | done 20 | -------------------------------------------------------------------------------- /tests/amazon/e2m01.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m01.cer -------------------------------------------------------------------------------- /tests/amazon/e2m01.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m01.crl -------------------------------------------------------------------------------- /tests/amazon/e2m02.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m02.cer -------------------------------------------------------------------------------- /tests/amazon/e2m02.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m02.crl -------------------------------------------------------------------------------- /tests/amazon/e2m03.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m03.cer -------------------------------------------------------------------------------- /tests/amazon/e2m03.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m03.crl -------------------------------------------------------------------------------- /tests/amazon/e2m04.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m04.cer -------------------------------------------------------------------------------- /tests/amazon/e2m04.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e2m04.crl -------------------------------------------------------------------------------- /tests/amazon/e3m01.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m01.cer -------------------------------------------------------------------------------- /tests/amazon/e3m01.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m01.crl -------------------------------------------------------------------------------- /tests/amazon/e3m02.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m02.cer -------------------------------------------------------------------------------- /tests/amazon/e3m02.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m02.crl -------------------------------------------------------------------------------- /tests/amazon/e3m03.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m03.cer -------------------------------------------------------------------------------- /tests/amazon/e3m03.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m03.crl -------------------------------------------------------------------------------- /tests/amazon/e3m04.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m04.cer -------------------------------------------------------------------------------- /tests/amazon/e3m04.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/e3m04.crl -------------------------------------------------------------------------------- /tests/amazon/expired.rootca1.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/expired.rootca1.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/expired.rootca2.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/expired.rootca2.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/expired.rootca3.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/expired.rootca3.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/expired.rootca4.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/expired.rootca4.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/r2m01.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m01.cer -------------------------------------------------------------------------------- /tests/amazon/r2m01.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m01.crl -------------------------------------------------------------------------------- /tests/amazon/r2m02.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m02.cer -------------------------------------------------------------------------------- /tests/amazon/r2m02.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m02.crl -------------------------------------------------------------------------------- /tests/amazon/r2m03.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m03.cer -------------------------------------------------------------------------------- /tests/amazon/r2m03.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m03.crl -------------------------------------------------------------------------------- /tests/amazon/r2m04.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m04.cer -------------------------------------------------------------------------------- /tests/amazon/r2m04.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r2m04.crl -------------------------------------------------------------------------------- /tests/amazon/r4m01.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m01.cer -------------------------------------------------------------------------------- /tests/amazon/r4m01.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m01.crl -------------------------------------------------------------------------------- /tests/amazon/r4m02.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m02.cer -------------------------------------------------------------------------------- /tests/amazon/r4m02.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m02.crl -------------------------------------------------------------------------------- /tests/amazon/r4m03.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m03.cer -------------------------------------------------------------------------------- /tests/amazon/r4m03.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m03.crl -------------------------------------------------------------------------------- /tests/amazon/r4m04.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m04.cer -------------------------------------------------------------------------------- /tests/amazon/r4m04.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/r4m04.crl -------------------------------------------------------------------------------- /tests/amazon/revoked.rootca1.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/revoked.rootca1.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/revoked.rootca2.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/revoked.rootca2.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/revoked.rootca3.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/revoked.rootca3.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/revoked.rootca4.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/revoked.rootca4.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/rootca1.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca1.cer -------------------------------------------------------------------------------- /tests/amazon/rootca1.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca1.crl -------------------------------------------------------------------------------- /tests/amazon/rootca2.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca2.cer -------------------------------------------------------------------------------- /tests/amazon/rootca2.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca2.crl -------------------------------------------------------------------------------- /tests/amazon/rootca3.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca3.cer -------------------------------------------------------------------------------- /tests/amazon/rootca3.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca3.crl -------------------------------------------------------------------------------- /tests/amazon/rootca4.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca4.cer -------------------------------------------------------------------------------- /tests/amazon/rootca4.crl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/rootca4.crl -------------------------------------------------------------------------------- /tests/amazon/valid.rootca1.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/valid.rootca1.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/valid.rootca2.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/valid.rootca2.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/valid.rootca3.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/valid.rootca3.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/amazon/valid.rootca4.demo.amazontrust.com.cer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/amazon/valid.rootca4.demo.amazontrust.com.cer -------------------------------------------------------------------------------- /tests/cert_v1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/cert_v1.der -------------------------------------------------------------------------------- /tests/cert_v1_unsupported.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2021 Brian Smith. 2 | // 3 | // Permission to use, copy, modify, and/or distribute this software for any 4 | // purpose with or without fee is hereby granted, provided that the above 5 | // copyright notice and this permission notice appear in all copies. 6 | // 7 | // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES 8 | // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 | // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR 10 | // ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 | // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 12 | // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 13 | // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 | 15 | use pki_types::CertificateDer; 16 | 17 | #[test] 18 | fn test_cert_v1_unsupported() { 19 | // Check with `openssl x509 -text -noout -in cert_v1.der -inform DER` 20 | // to verify this is a correct version 1 certificate. 21 | let ca = CertificateDer::from(&include_bytes!("cert_v1.der")[..]); 22 | 23 | assert_eq!( 24 | Some(webpki::Error::UnsupportedCertVersion), 25 | webpki::EndEntityCert::try_from(&ca).err() 26 | ); 27 | } 28 | -------------------------------------------------------------------------------- /tests/cert_with_empty_extensions.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/cert_with_empty_extensions.der -------------------------------------------------------------------------------- /tests/cert_without_extensions.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/cert_without_extensions.der -------------------------------------------------------------------------------- /tests/cert_without_extensions.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2021 Brian Smith. 2 | // 3 | // Permission to use, copy, modify, and/or distribute this software for any 4 | // purpose with or without fee is hereby granted, provided that the above 5 | // copyright notice and this permission notice appear in all copies. 6 | // 7 | // THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES 8 | // WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 | // MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR 10 | // ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 | // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 12 | // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 13 | // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 | 15 | use pki_types::CertificateDer; 16 | 17 | #[test] 18 | fn cert_without_extensions_test() { 19 | // Check the certificate is valid with 20 | // `openssl x509 -in cert_without_extensions.der -inform DER -text -noout` 21 | let ca = CertificateDer::from(&include_bytes!("cert_without_extensions.der")[..]); 22 | assert!(webpki::EndEntityCert::try_from(&ca).is_ok()); 23 | } 24 | 25 | #[test] 26 | fn cert_with_empty_extensions_test() { 27 | // Check the certificate is valid with 28 | // `openssl x509 -in cert_with_empty_extensions.der -inform DER -text -noout` 29 | let ca = CertificateDer::from(&include_bytes!("cert_with_empty_extensions.der")[..]); 30 | assert!(webpki::EndEntityCert::try_from(&ca).is_ok()); 31 | } 32 | -------------------------------------------------------------------------------- /tests/client_auth_revocation/dp_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/dp_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/dp_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/dp_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/dp_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/dp_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/dp_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/dp_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/dp_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/dp_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_crl_mismatched_idp_unknown_status.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_crl_mismatched_idp_unknown_status.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_dp_idp_match.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_dp_idp_match.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_dp_invalid.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_dp_invalid.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_indirect_dp_unknown_status.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_indirect_dp_unknown_status.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_no_dp_crl_idp.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_no_dp_crl_idp.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_nofullname_dp_unknown_status.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_nofullname_dp_unknown_status.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_not_revoked_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_not_revoked_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_not_revoked_crl_no_idp.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_not_revoked_crl_no_idp.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_not_revoked_ee_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_not_revoked_ee_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_not_revoked_wrong_ku_ee_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_not_revoked_wrong_ku_ee_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_reasons_dp_unknown_status.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_reasons_dp_unknown_status.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_revoked_badsig_ee_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_revoked_badsig_ee_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_revoked_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_revoked_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_revoked_crl_ku_ee_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_revoked_crl_ku_ee_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_revoked_crl_no_idp.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_revoked_crl_no_idp.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_revoked_no_ku_ee_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_revoked_no_ku_ee_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_revoked_wrong_ku_ee_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_revoked_wrong_ku_ee_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ee_with_top_bit_set_serial_revoked.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ee_with_top_bit_set_serial_revoked.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/expired_crl_enforce_expiration.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/expired_crl_enforce_expiration.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/expired_crl_ignore_expiration.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/expired_crl_ignore_expiration.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/indirect_dp_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/indirect_dp_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/indirect_dp_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/indirect_dp_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/indirect_dp_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/indirect_dp_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/indirect_dp_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/indirect_dp_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/indirect_dp_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/indirect_dp_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_not_revoked_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_not_revoked_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_not_revoked_chain_depth_forbid_unknown.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_not_revoked_chain_depth_forbid_unknown.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_not_revoked_chain_depth_forbid_unknown_b.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_not_revoked_chain_depth_forbid_unknown_b.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_not_revoked_chain_depth_forbid_unknown_ee.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_not_revoked_chain_depth_forbid_unknown_ee.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_revoked_badsig_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_revoked_badsig_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_revoked_crl_ku_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_revoked_crl_ku_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_revoked_no_ku_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_revoked_no_ku_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/int_revoked_wrong_ku_chain_depth.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/int_revoked_wrong_ku_chain_depth.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/invalid_dp_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/invalid_dp_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/invalid_dp_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/invalid_dp_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/invalid_dp_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/invalid_dp_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/invalid_dp_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/invalid_dp_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/invalid_dp_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/invalid_dp_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ku_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ku_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ku_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ku_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ku_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ku_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ku_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ku_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/ku_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/ku_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_crl_ku_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_crl_ku_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_crl_ku_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_crl_ku_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_crl_ku_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_crl_ku_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_crl_ku_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_crl_ku_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_crl_ku_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_crl_ku_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_ku_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_ku_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_ku_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_ku_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_ku_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_ku_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_ku_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_ku_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_ku_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_ku_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_relevant_crl_chain_depth_allow_unknown.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_relevant_crl_chain_depth_allow_unknown.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_relevant_crl_chain_depth_forbid_unknown.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_relevant_crl_chain_depth_forbid_unknown.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_relevant_crl_ee_depth_allow_unknown.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_relevant_crl_ee_depth_allow_unknown.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/no_relevant_crl_ee_depth_forbid_unknown.crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/no_relevant_crl_ee_depth_forbid_unknown.crl.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/nofullname_dp_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/nofullname_dp_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/nofullname_dp_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/nofullname_dp_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/nofullname_dp_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/nofullname_dp_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/nofullname_dp_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/nofullname_dp_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/nofullname_dp_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/nofullname_dp_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/reasons_dp_chain.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/reasons_dp_chain.ee.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/reasons_dp_chain.int.a.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/reasons_dp_chain.int.a.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/reasons_dp_chain.int.b.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/reasons_dp_chain.int.b.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/reasons_dp_chain.root.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/reasons_dp_chain.root.ca.der -------------------------------------------------------------------------------- /tests/client_auth_revocation/reasons_dp_chain.topbit.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/client_auth_revocation/reasons_dp_chain.topbit.ee.der -------------------------------------------------------------------------------- /tests/cloudflare_dns/ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/cloudflare_dns/ca.der -------------------------------------------------------------------------------- /tests/cloudflare_dns/ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/cloudflare_dns/ee.der -------------------------------------------------------------------------------- /tests/cloudflare_dns/inter.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/cloudflare_dns/inter.der -------------------------------------------------------------------------------- /tests/common/mod.rs: -------------------------------------------------------------------------------- 1 | use std::error::Error as StdError; 2 | 3 | use rcgen::{ 4 | Certificate, CertificateParams, CertifiedKey, DnType, DnValue, ExtendedKeyUsagePurpose, IsCa, 5 | KeyPair, KeyUsagePurpose, SignatureAlgorithm, 6 | }; 7 | 8 | #[cfg_attr(not(feature = "ring"), allow(dead_code))] 9 | pub fn make_end_entity( 10 | ekus: Vec, 11 | org_name: impl Into, 12 | issuer: &Certificate, 13 | issuer_key: &KeyPair, 14 | ) -> Result> { 15 | let key_pair = KeyPair::generate_for(RCGEN_SIGNATURE_ALG)?; 16 | Ok(CertifiedKey { 17 | cert: end_entity_params(vec!["example.com".into()], org_name, ekus)? 18 | .signed_by(&key_pair, issuer, issuer_key)?, 19 | key_pair, 20 | }) 21 | } 22 | 23 | pub fn make_issuer(org_name: impl Into) -> Result> { 24 | let key_pair = KeyPair::generate_for(RCGEN_SIGNATURE_ALG)?; 25 | Ok(CertifiedKey { 26 | cert: issuer_params(org_name)?.self_signed(&key_pair)?, 27 | key_pair, 28 | }) 29 | } 30 | 31 | /// Populate a [CertificateParams] that describes an unconstrained issuer certificate. 32 | /// 33 | /// The given `org_name` is used as the organization distinguished subject name. 34 | pub fn issuer_params(org_name: impl Into) -> Result> { 35 | let mut ca_params = CertificateParams::new(Vec::new())?; 36 | ca_params 37 | .distinguished_name 38 | .push(DnType::OrganizationName, org_name); 39 | ca_params.is_ca = IsCa::Ca(rcgen::BasicConstraints::Unconstrained); 40 | ca_params.key_usages = vec![KeyUsagePurpose::KeyCertSign]; 41 | Ok(ca_params) 42 | } 43 | 44 | pub fn end_entity_params( 45 | subject_alt_names: Vec, 46 | org_name: impl Into, 47 | ekus: Vec, 48 | ) -> Result> { 49 | let mut ee_params = CertificateParams::new(subject_alt_names)?; 50 | ee_params.is_ca = IsCa::ExplicitNoCa; 51 | ee_params.extended_key_usages = ekus; 52 | ee_params 53 | .distinguished_name 54 | .push(DnType::OrganizationName, org_name); 55 | Ok(ee_params) 56 | } 57 | 58 | /// Signature algorithm used by certificates and parameters generated using the test utils helpers. 59 | static RCGEN_SIGNATURE_ALG: &SignatureAlgorithm = &rcgen::PKCS_ECDSA_P256_SHA256; 60 | -------------------------------------------------------------------------------- /tests/critical_extensions/ca-cert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/critical_extensions/ca-cert.der -------------------------------------------------------------------------------- /tests/critical_extensions/ee-cert-crit-unknown-ext.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/critical_extensions/ee-cert-crit-unknown-ext.der -------------------------------------------------------------------------------- /tests/critical_extensions/ee-cert-noncrit-unknown-ext.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/critical_extensions/ee-cert-noncrit-unknown-ext.der -------------------------------------------------------------------------------- /tests/critical_extensions/root-cert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/critical_extensions/root-cert.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/dp_name_relative_to_issuer.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/dp_name_relative_to_issuer.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/multiple_distribution_points.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/multiple_distribution_points.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/only_reasons.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/only_reasons.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/only_reasons.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | [0] { 4 | INTEGER { 2 } 5 | } 6 | INTEGER { `792eb0fdb77dc8e8f484882ae3fd6f859f150310` } 7 | SEQUENCE { 8 | # ecdsa-with-SHA256 9 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 10 | } 11 | SEQUENCE { 12 | SET { 13 | SEQUENCE { 14 | # commonName 15 | OBJECT_IDENTIFIER { 2.5.4.3 } 16 | UTF8String { "crl-distrib-point-test.example.com" } 17 | } 18 | } 19 | SET { 20 | SEQUENCE { 21 | # organizationName 22 | OBJECT_IDENTIFIER { 2.5.4.10 } 23 | UTF8String { "with_reasons" } 24 | } 25 | } 26 | } 27 | SEQUENCE { 28 | UTCTime { "861223015911Z" } 29 | UTCTime { "861223020011Z" } 30 | } 31 | SEQUENCE { 32 | SET { 33 | SEQUENCE { 34 | # commonName 35 | OBJECT_IDENTIFIER { 2.5.4.3 } 36 | UTF8String { "crl-distrib-point-test.example.com" } 37 | } 38 | } 39 | SET { 40 | SEQUENCE { 41 | # organizationName 42 | OBJECT_IDENTIFIER { 2.5.4.10 } 43 | UTF8String { "with_reasons" } 44 | } 45 | } 46 | } 47 | SEQUENCE { 48 | SEQUENCE { 49 | # ecPublicKey 50 | OBJECT_IDENTIFIER { 1.2.840.10045.2.1 } 51 | # secp256r1 52 | OBJECT_IDENTIFIER { 1.2.840.10045.3.1.7 } 53 | } 54 | BIT_STRING { `00` `04e1b92eea68ad8c894483e1bcfda458c4eb16b64ccf45fb61abb547bbdf7b92266cf4586f6b5d2cc24b8a61c5279fc2f3c59db8bec313cf52a85bb438c3f84cf7` } 55 | } 56 | [3] { 57 | SEQUENCE { 58 | SEQUENCE { 59 | # cRLDistributionPoints 60 | OBJECT_IDENTIFIER { 2.5.29.31 } 61 | OCTET_STRING { 62 | SEQUENCE { 63 | SEQUENCE { 64 | # Misencoded: only reason codes, no cRLIssuer or distribution points. 65 | [1 PRIMITIVE] { `0450` } 66 | } 67 | } 68 | } 69 | } 70 | } 71 | } 72 | } 73 | SEQUENCE { 74 | # ecdsa-with-SHA256 75 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 76 | } 77 | BIT_STRING { 78 | `00` 79 | SEQUENCE { 80 | INTEGER { `0296eba32e155ebe20d1b1c092c0e666971954e713eeab3e723f15ad331492b9` } 81 | INTEGER { `7017abb3fcdc1abdbe1c3897e76d49013e53415fd213f48df84018c9e0ee985e` } 82 | } 83 | } 84 | } 85 | -------------------------------------------------------------------------------- /tests/crl_distrib_point/unknown_dp_name_tag.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/unknown_dp_name_tag.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/unknown_dp_name_tag.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | [0] { 4 | INTEGER { 2 } 5 | } 6 | INTEGER { `4a318383d85fcb0156f06e2c6b9f75dbcca89370` } 7 | SEQUENCE { 8 | # ecdsa-with-SHA256 9 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 10 | } 11 | SEQUENCE { 12 | SET { 13 | SEQUENCE { 14 | # commonName 15 | OBJECT_IDENTIFIER { 2.5.4.3 } 16 | UTF8String { "crl-distrib-point-test.example.com" } 17 | } 18 | } 19 | SET { 20 | SEQUENCE { 21 | # organizationName 22 | OBJECT_IDENTIFIER { 2.5.4.10 } 23 | UTF8String { "with_reasons" } 24 | } 25 | } 26 | } 27 | SEQUENCE { 28 | UTCTime { "861223015911Z" } 29 | UTCTime { "861223020011Z" } 30 | } 31 | SEQUENCE { 32 | SET { 33 | SEQUENCE { 34 | # commonName 35 | OBJECT_IDENTIFIER { 2.5.4.3 } 36 | UTF8String { "crl-distrib-point-test.example.com" } 37 | } 38 | } 39 | SET { 40 | SEQUENCE { 41 | # organizationName 42 | OBJECT_IDENTIFIER { 2.5.4.10 } 43 | UTF8String { "with_reasons" } 44 | } 45 | } 46 | } 47 | SEQUENCE { 48 | SEQUENCE { 49 | # ecPublicKey 50 | OBJECT_IDENTIFIER { 1.2.840.10045.2.1 } 51 | # secp256r1 52 | OBJECT_IDENTIFIER { 1.2.840.10045.3.1.7 } 53 | } 54 | BIT_STRING { `00` `0498333a0b61bbb126bcb13f9f382ea115a07e87ce0da5b79e58dea9817fb81e54931c9f1f13b9fa15ae2c5e2f1b63a59260ca90fed283c159a6c23bce274a1e26` } 55 | } 56 | [3] { 57 | SEQUENCE { 58 | SEQUENCE { 59 | # cRLDistributionPoints 60 | OBJECT_IDENTIFIER { 2.5.29.31 } 61 | OCTET_STRING { 62 | SEQUENCE { 63 | SEQUENCE { 64 | [0] { 65 | # Misencoded - invalid DistributionPointName tag 66 | [4] { 67 | SEQUENCE { 68 | # commonName 69 | OBJECT_IDENTIFIER { 2.5.4.3 } 70 | UTF8String { "cryptography.io" } 71 | } 72 | } 73 | } 74 | } 75 | } 76 | } 77 | } 78 | } 79 | } 80 | } 81 | SEQUENCE { 82 | # ecdsa-with-SHA256 83 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 84 | } 85 | BIT_STRING { 86 | `00` 87 | SEQUENCE { 88 | INTEGER { `16f9b57ffe9a4474ee61a2dc481e3048c70cdbce22b1e112a4b641657b0e2a7f` } 89 | INTEGER { `00c8c92955dc85fc741a9e80ce314365b33485e5add15258fa78ad8a9b0dc03122` } 90 | } 91 | } 92 | } 93 | -------------------------------------------------------------------------------- /tests/crl_distrib_point/unknown_tag.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/unknown_tag.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/unknown_tag.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | [0] { 4 | INTEGER { 2 } 5 | } 6 | INTEGER { `792eb0fdb77dc8e8f484882ae3fd6f859f150310` } 7 | SEQUENCE { 8 | # ecdsa-with-SHA256 9 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 10 | } 11 | SEQUENCE { 12 | SET { 13 | SEQUENCE { 14 | # commonName 15 | OBJECT_IDENTIFIER { 2.5.4.3 } 16 | UTF8String { "crl-distrib-point-test.example.com" } 17 | } 18 | } 19 | SET { 20 | SEQUENCE { 21 | # organizationName 22 | OBJECT_IDENTIFIER { 2.5.4.10 } 23 | UTF8String { "with_reasons" } 24 | } 25 | } 26 | } 27 | SEQUENCE { 28 | UTCTime { "861223015911Z" } 29 | UTCTime { "861223020011Z" } 30 | } 31 | SEQUENCE { 32 | SET { 33 | SEQUENCE { 34 | # commonName 35 | OBJECT_IDENTIFIER { 2.5.4.3 } 36 | UTF8String { "crl-distrib-point-test.example.com" } 37 | } 38 | } 39 | SET { 40 | SEQUENCE { 41 | # organizationName 42 | OBJECT_IDENTIFIER { 2.5.4.10 } 43 | UTF8String { "with_reasons" } 44 | } 45 | } 46 | } 47 | SEQUENCE { 48 | SEQUENCE { 49 | # ecPublicKey 50 | OBJECT_IDENTIFIER { 1.2.840.10045.2.1 } 51 | # secp256r1 52 | OBJECT_IDENTIFIER { 1.2.840.10045.3.1.7 } 53 | } 54 | BIT_STRING { `00` `04e1b92eea68ad8c894483e1bcfda458c4eb16b64ccf45fb61abb547bbdf7b92266cf4586f6b5d2cc24b8a61c5279fc2f3c59db8bec313cf52a85bb438c3f84cf7` } 55 | } 56 | [3] { 57 | SEQUENCE { 58 | SEQUENCE { 59 | # cRLDistributionPoints 60 | OBJECT_IDENTIFIER { 2.5.29.31 } 61 | OCTET_STRING { 62 | SEQUENCE { 63 | SEQUENCE { 64 | [0] { 65 | [0] { 66 | [6 PRIMITIVE] { "http://example.com/crl.der" } 67 | } 68 | } 69 | # Misencoded: 4 tag will be unknown 70 | [4 PRIMITIVE] { `0450` } 71 | } 72 | } 73 | } 74 | } 75 | } 76 | } 77 | } 78 | SEQUENCE { 79 | # ecdsa-with-SHA256 80 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 81 | } 82 | BIT_STRING { 83 | `00` 84 | SEQUENCE { 85 | INTEGER { `0296eba32e155ebe20d1b1c092c0e666971954e713eeab3e723f15ad331492b9` } 86 | INTEGER { `7017abb3fcdc1abdbe1c3897e76d49013e53415fd213f48df84018c9e0ee985e` } 87 | } 88 | } 89 | } 90 | -------------------------------------------------------------------------------- /tests/crl_distrib_point/with_crl_issuer.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/with_crl_issuer.der -------------------------------------------------------------------------------- /tests/crl_distrib_point/with_reasons.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crl_distrib_point/with_reasons.der -------------------------------------------------------------------------------- /tests/crls/crl.delta.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.delta.der -------------------------------------------------------------------------------- /tests/crls/crl.empty.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.empty.der -------------------------------------------------------------------------------- /tests/crls/crl.entry.empty.ext.seq.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.entry.empty.ext.seq.der -------------------------------------------------------------------------------- /tests/crls/crl.entry.invalid.reason.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.entry.invalid.reason.der -------------------------------------------------------------------------------- /tests/crls/crl.entry.invalidity.date.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.entry.invalidity.date.der -------------------------------------------------------------------------------- /tests/crls/crl.entry.issuer.ext.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.entry.issuer.ext.der -------------------------------------------------------------------------------- /tests/crls/crl.entry.unknown.crit.ext.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.entry.unknown.crit.ext.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.explicit.false.bool.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.explicit.false.bool.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.explicit.false.bool.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | INTEGER { 1 } 4 | SEQUENCE { 5 | # ecdsa-with-SHA256 6 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 7 | } 8 | SEQUENCE { 9 | SET { 10 | SEQUENCE { 11 | # commonName 12 | OBJECT_IDENTIFIER { 2.5.4.3 } 13 | UTF8String { "crl-distrib-point-test.example.com" } 14 | } 15 | } 16 | SET { 17 | SEQUENCE { 18 | # organizationName 19 | OBJECT_IDENTIFIER { 2.5.4.10 } 20 | UTF8String { "only_user_certs" } 21 | } 22 | } 23 | } 24 | UTCTime { "861223015911Z" } 25 | UTCTime { "861223020011Z" } 26 | [0] { 27 | SEQUENCE { 28 | SEQUENCE { 29 | # cRLNumber 30 | OBJECT_IDENTIFIER { 2.5.29.20 } 31 | OCTET_STRING { 32 | INTEGER { `611f7403187a4d50ad64b1b102e42a2506b29e7a` } 33 | } 34 | } 35 | SEQUENCE { 36 | # issuingDistributionPoint 37 | OBJECT_IDENTIFIER { 2.5.29.28 } 38 | BOOLEAN { TRUE } 39 | OCTET_STRING { 40 | SEQUENCE { 41 | [0] { 42 | [0] { 43 | [6 PRIMITIVE] { "http://example.com/crl.1.der" } 44 | } 45 | } 46 | # Non-standard explicit false bool value 47 | [1 PRIMITIVE] { `00` } 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } 54 | SEQUENCE { 55 | # ecdsa-with-SHA256 56 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 57 | } 58 | BIT_STRING { 59 | `00` 60 | SEQUENCE { 61 | INTEGER { `00a0e67b667ed4673f3e902ac3fabd8b27e977dbb2eaf71362d1f6879a3145d7c8` } 62 | INTEGER { `10cdea16c558ab3346923184c4a6af9698dec9e952d723bcdb02bdb91b69ce11` } 63 | } 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /tests/crls/crl.idp.indirect_crl.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.indirect_crl.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.invalid.bool.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.invalid.bool.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.invalid.bool.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | INTEGER { 1 } 4 | SEQUENCE { 5 | # ecdsa-with-SHA256 6 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 7 | } 8 | SEQUENCE { 9 | SET { 10 | SEQUENCE { 11 | # commonName 12 | OBJECT_IDENTIFIER { 2.5.4.3 } 13 | UTF8String { "crl-distrib-point-test.example.com" } 14 | } 15 | } 16 | SET { 17 | SEQUENCE { 18 | # organizationName 19 | OBJECT_IDENTIFIER { 2.5.4.10 } 20 | UTF8String { "only_ca_certs" } 21 | } 22 | } 23 | } 24 | UTCTime { "861223015911Z" } 25 | UTCTime { "861223020011Z" } 26 | [0] { 27 | SEQUENCE { 28 | SEQUENCE { 29 | # cRLNumber 30 | OBJECT_IDENTIFIER { 2.5.29.20 } 31 | OCTET_STRING { 32 | INTEGER { `1a7d5c57c1aa399208f8e24197de6ef9361aaf07` } 33 | } 34 | } 35 | SEQUENCE { 36 | # issuingDistributionPoint 37 | OBJECT_IDENTIFIER { 2.5.29.28 } 38 | BOOLEAN { TRUE } 39 | OCTET_STRING { 40 | SEQUENCE { 41 | [0] { 42 | [0] { 43 | [6 PRIMITIVE] { "http://example.com/crl.1.der" } 44 | } 45 | } 46 | # Mis-encoded bool value. 47 | [2 PRIMITIVE] { `AB` } 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } 54 | SEQUENCE { 55 | # ecdsa-with-SHA256 56 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 57 | } 58 | BIT_STRING { 59 | `00` 60 | SEQUENCE { 61 | INTEGER { `6aa680a8805f3902540464b93e4be1f4daa81820ef92ca860061443a6cb37e91` } 62 | INTEGER { `329f8fcf98fee441707abf7aa3f68699ff5cd48ab7c130ab8d3cdd2e5af0e6a3` } 63 | } 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /tests/crls/crl.idp.invalid.name.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.invalid.name.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.invalid.name.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | INTEGER { 1 } 4 | SEQUENCE { 5 | # ecdsa-with-SHA256 6 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 7 | } 8 | SEQUENCE { 9 | SET { 10 | SEQUENCE { 11 | # commonName 12 | OBJECT_IDENTIFIER { 2.5.4.3 } 13 | UTF8String { "crl-distrib-point-test.example.com" } 14 | } 15 | } 16 | SET { 17 | SEQUENCE { 18 | # organizationName 19 | OBJECT_IDENTIFIER { 2.5.4.10 } 20 | UTF8String { "only_user_certs" } 21 | } 22 | } 23 | } 24 | UTCTime { "861223015911Z" } 25 | UTCTime { "861223020011Z" } 26 | [0] { 27 | SEQUENCE { 28 | SEQUENCE { 29 | # cRLNumber 30 | OBJECT_IDENTIFIER { 2.5.29.20 } 31 | OCTET_STRING { 32 | INTEGER { `611f7403187a4d50ad64b1b102e42a2506b29e7a` } 33 | } 34 | } 35 | SEQUENCE { 36 | # issuingDistributionPoint 37 | OBJECT_IDENTIFIER { 2.5.29.28 } 38 | BOOLEAN { TRUE } 39 | OCTET_STRING { 40 | SEQUENCE { 41 | [0] { 42 | # Misencoded unknown name tag. 43 | [8] { 44 | [6 PRIMITIVE] { "http://example.com/crl.1.der" } 45 | } 46 | } 47 | [1 PRIMITIVE] { `ff` } 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } 54 | SEQUENCE { 55 | # ecdsa-with-SHA256 56 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 57 | } 58 | BIT_STRING { 59 | `00` 60 | SEQUENCE { 61 | INTEGER { `00a0e67b667ed4673f3e902ac3fabd8b27e977dbb2eaf71362d1f6879a3145d7c8` } 62 | INTEGER { `10cdea16c558ab3346923184c4a6af9698dec9e952d723bcdb02bdb91b69ce11` } 63 | } 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /tests/crls/crl.idp.name_relative_to_issuer.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.name_relative_to_issuer.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.no_distribution_point_name.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.no_distribution_point_name.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.only_attribute_certs.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.only_attribute_certs.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.only_ca_certs.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.only_ca_certs.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.only_some_reasons.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.only_some_reasons.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.only_user_certs.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.only_user_certs.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.unknown.tag.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.unknown.tag.der -------------------------------------------------------------------------------- /tests/crls/crl.idp.unknown.tag.der.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | INTEGER { 1 } 4 | SEQUENCE { 5 | # ecdsa-with-SHA256 6 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 7 | } 8 | SEQUENCE { 9 | SET { 10 | SEQUENCE { 11 | # commonName 12 | OBJECT_IDENTIFIER { 2.5.4.3 } 13 | UTF8String { "crl-distrib-point-test.example.com" } 14 | } 15 | } 16 | SET { 17 | SEQUENCE { 18 | # organizationName 19 | OBJECT_IDENTIFIER { 2.5.4.10 } 20 | UTF8String { "only_user_certs" } 21 | } 22 | } 23 | } 24 | UTCTime { "861223015911Z" } 25 | UTCTime { "861223020011Z" } 26 | [0] { 27 | SEQUENCE { 28 | SEQUENCE { 29 | # cRLNumber 30 | OBJECT_IDENTIFIER { 2.5.29.20 } 31 | OCTET_STRING { 32 | INTEGER { `611f7403187a4d50ad64b1b102e42a2506b29e7a` } 33 | } 34 | } 35 | SEQUENCE { 36 | # issuingDistributionPoint 37 | OBJECT_IDENTIFIER { 2.5.29.28 } 38 | BOOLEAN { TRUE } 39 | OCTET_STRING { 40 | SEQUENCE { 41 | [0] { 42 | [0] { 43 | [6 PRIMITIVE] { "http://example.com/crl.1.der" } 44 | } 45 | } 46 | # Misencoded unknown contextual tag value. 47 | [9 PRIMITIVE] { `ff` } 48 | } 49 | } 50 | } 51 | } 52 | } 53 | } 54 | SEQUENCE { 55 | # ecdsa-with-SHA256 56 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.2 } 57 | } 58 | BIT_STRING { 59 | `00` 60 | SEQUENCE { 61 | INTEGER { `00a0e67b667ed4673f3e902ac3fabd8b27e977dbb2eaf71362d1f6879a3145d7c8` } 62 | INTEGER { `10cdea16c558ab3346923184c4a6af9698dec9e952d723bcdb02bdb91b69ce11` } 63 | } 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /tests/crls/crl.idp.valid.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.idp.valid.der -------------------------------------------------------------------------------- /tests/crls/crl.invalid.this.update.time.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.invalid.this.update.time.der -------------------------------------------------------------------------------- /tests/crls/crl.mismatched.sigalg.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.mismatched.sigalg.der -------------------------------------------------------------------------------- /tests/crls/crl.missing.exts.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.missing.exts.der -------------------------------------------------------------------------------- /tests/crls/crl.missing.next.update.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.missing.next.update.der -------------------------------------------------------------------------------- /tests/crls/crl.negative.crl.number.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.negative.crl.number.der -------------------------------------------------------------------------------- /tests/crls/crl.negative.serial.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.negative.serial.der -------------------------------------------------------------------------------- /tests/crls/crl.no.entry.exts.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.no.entry.exts.der -------------------------------------------------------------------------------- /tests/crls/crl.too.long.crl.number.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.too.long.crl.number.der -------------------------------------------------------------------------------- /tests/crls/crl.topbit.serial.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.topbit.serial.der -------------------------------------------------------------------------------- /tests/crls/crl.topbit.serial.txt: -------------------------------------------------------------------------------- 1 | SEQUENCE { 2 | SEQUENCE { 3 | INTEGER { 1 } 4 | SEQUENCE { 5 | # ecdsa-with-SHA384 6 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.3 } 7 | } 8 | SEQUENCE { 9 | SET { 10 | SEQUENCE { 11 | # countryName 12 | OBJECT_IDENTIFIER { 2.5.4.6 } 13 | PrintableString { "XX" } 14 | } 15 | } 16 | SET { 17 | SEQUENCE { 18 | # organizationName 19 | OBJECT_IDENTIFIER { 2.5.4.10 } 20 | PrintableString { "Boulder Test" } 21 | } 22 | } 23 | SET { 24 | SEQUENCE { 25 | # commonName 26 | OBJECT_IDENTIFIER { 2.5.4.3 } 27 | PrintableString { "(TEST) Elegant Elephant E1" } 28 | } 29 | } 30 | } 31 | UTCTime { "221010201207Z" } 32 | UTCTime { "221019201206Z" } 33 | SEQUENCE { 34 | SEQUENCE { 35 | INTEGER { `0080feedf00d` } 36 | UTCTime { "221010191207Z" } 37 | SEQUENCE { 38 | SEQUENCE { 39 | # reasonCode 40 | OBJECT_IDENTIFIER { 2.5.29.21 } 41 | OCTET_STRING { 42 | ENUMERATED { `01` } 43 | } 44 | } 45 | } 46 | } 47 | } 48 | [0] { 49 | SEQUENCE { 50 | SEQUENCE { 51 | # authorityKeyIdentifier 52 | OBJECT_IDENTIFIER { 2.5.29.35 } 53 | OCTET_STRING { 54 | SEQUENCE { 55 | [0 PRIMITIVE] { `01dabb7acb25208e5e79d6f996422f02412907be` } 56 | } 57 | } 58 | } 59 | SEQUENCE { 60 | # cRLNumber 61 | OBJECT_IDENTIFIER { 2.5.29.20 } 62 | OCTET_STRING { 63 | INTEGER { `171cce3de482ba61` } 64 | } 65 | } 66 | SEQUENCE { 67 | # issuingDistributionPoint 68 | OBJECT_IDENTIFIER { 2.5.29.28 } 69 | BOOLEAN { TRUE } 70 | OCTET_STRING { 71 | SEQUENCE { 72 | [0] { 73 | [0] { 74 | [6 PRIMITIVE] { "http://c.boulder.test/66283756913588288/0.crl" } 75 | } 76 | } 77 | [1 PRIMITIVE] { `ff` } 78 | } 79 | } 80 | } 81 | } 82 | } 83 | } 84 | SEQUENCE { 85 | # ecdsa-with-SHA384 86 | OBJECT_IDENTIFIER { 1.2.840.10045.4.3.3 } 87 | } 88 | BIT_STRING { 89 | `00` 90 | SEQUENCE { 91 | INTEGER { `2f0e42149d361abc9ea1f3ad3a303c85876bb0fdc17e3959cce2c13c9d4746cb45d88348467db478318fa44714506b22` } 92 | INTEGER { `57903e972922bd33817a4fea5517534adc2d2bdab6e69e41256bdb89c68d9ecfcb4bdcf78c349fb89d67cc237b9fbf33` } 93 | } 94 | } 95 | } 96 | -------------------------------------------------------------------------------- /tests/crls/crl.unknown.crit.ext.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.unknown.crit.ext.der -------------------------------------------------------------------------------- /tests/crls/crl.valid.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.valid.der -------------------------------------------------------------------------------- /tests/crls/crl.wrong.version.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/crls/crl.wrong.version.der -------------------------------------------------------------------------------- /tests/custom_ekus/cert_with_both_ekus_accepted_for_client_auth.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/custom_ekus/cert_with_both_ekus_accepted_for_client_auth.ca.der -------------------------------------------------------------------------------- /tests/custom_ekus/cert_with_both_ekus_accepted_for_client_auth.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/custom_ekus/cert_with_both_ekus_accepted_for_client_auth.ee.der -------------------------------------------------------------------------------- /tests/custom_ekus/cert_with_no_eku_accepted_for_client_auth.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/custom_ekus/cert_with_no_eku_accepted_for_client_auth.ca.der -------------------------------------------------------------------------------- /tests/custom_ekus/cert_with_no_eku_accepted_for_client_auth.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/custom_ekus/cert_with_no_eku_accepted_for_client_auth.ee.der -------------------------------------------------------------------------------- /tests/ed25519/ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/ed25519/ca.der -------------------------------------------------------------------------------- /tests/ed25519/ee-pubkey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/ed25519/ee-pubkey.der -------------------------------------------------------------------------------- /tests/ed25519/ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/ed25519/ee.der -------------------------------------------------------------------------------- /tests/misc/dns_names_and_wildcards.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/dns_names_and_wildcards.der -------------------------------------------------------------------------------- /tests/misc/empty_sequence_common_name.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/empty_sequence_common_name.der -------------------------------------------------------------------------------- /tests/misc/invalid_subject_alternative_name.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/invalid_subject_alternative_name.der -------------------------------------------------------------------------------- /tests/misc/mdoc_eku.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/mdoc_eku.ca.der -------------------------------------------------------------------------------- /tests/misc/mdoc_eku.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/mdoc_eku.ee.der -------------------------------------------------------------------------------- /tests/misc/no_subject_alternative_name.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/no_subject_alternative_name.der -------------------------------------------------------------------------------- /tests/misc/serial_large_positive.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/serial_large_positive.der -------------------------------------------------------------------------------- /tests/misc/serial_neg.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/serial_neg.der -------------------------------------------------------------------------------- /tests/misc/serial_neg_ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/serial_neg_ca.der -------------------------------------------------------------------------------- /tests/misc/serial_neg_ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/serial_neg_ee.der -------------------------------------------------------------------------------- /tests/misc/serial_zero.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/misc/serial_zero.der -------------------------------------------------------------------------------- /tests/netflix/ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/netflix/ca.der -------------------------------------------------------------------------------- /tests/netflix/ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/netflix/ee.der -------------------------------------------------------------------------------- /tests/netflix/inter.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/netflix/inter.der -------------------------------------------------------------------------------- /tests/sanofi/ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/sanofi/ca.der -------------------------------------------------------------------------------- /tests/sanofi/ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/sanofi/ee.der -------------------------------------------------------------------------------- /tests/sanofi/inter.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/sanofi/inter.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p256.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p256.ee.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p256.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p256.spki.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha256_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha256_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha256_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha256_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p256_key_and_ecdsa_p256_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p384.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p384.ee.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p384.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p384.spki.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha256_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha256_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha256_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha256_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p384_key_and_ecdsa_p384_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521.ee.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521.spki.der -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha256_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha256_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha256_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha256_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha512_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha512_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha512_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ecdsa_p521_key_and_ecdsa_p521_sha512_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ed25519.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ed25519.ee.der -------------------------------------------------------------------------------- /tests/signatures/ed25519.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ed25519.spki.der -------------------------------------------------------------------------------- /tests/signatures/ed25519_key_and_ed25519_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ed25519_key_and_ed25519_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/ed25519_key_and_ed25519_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/ed25519_key_and_ed25519_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/message.bin: -------------------------------------------------------------------------------- 1 | hello world! -------------------------------------------------------------------------------- /tests/signatures/rsa_1024_not_supported.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_1024_not_supported.ee.der -------------------------------------------------------------------------------- /tests/signatures/rsa_1024_not_supported.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_1024_not_supported.spki.der -------------------------------------------------------------------------------- /tests/signatures/rsa_2048.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048.ee.der -------------------------------------------------------------------------------- /tests/signatures/rsa_2048.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048.spki.der -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_2048_key_rejected_by_rsa_pkcs1_3072_8192_sha384.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_2048_key_rejected_by_rsa_pkcs1_3072_8192_sha384.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072.ee.der -------------------------------------------------------------------------------- /tests/signatures/rsa_3072.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072.spki.der -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_3072_8192_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_3072_8192_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pkcs1_3072_8192_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pkcs1_3072_8192_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_3072_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096.ee.der -------------------------------------------------------------------------------- /tests/signatures/rsa_4096.spki.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096.spki.der -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha256_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha256_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha512_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_2048_8192_sha512_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_3072_8192_sha384_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_3072_8192_sha384_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pkcs1_3072_8192_sha384_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pkcs1_3072_8192_sha384_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha256_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha256_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha384_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha384_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha512_legacy_key_detects_bad_signature.sig.bin -------------------------------------------------------------------------------- /tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/signatures/rsa_4096_key_and_rsa_pss_2048_8192_sha512_legacy_key_good_signature.sig.bin -------------------------------------------------------------------------------- /tests/tls_server_certs/additional_dns_labels.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/additional_dns_labels.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/additional_dns_labels.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/additional_dns_labels.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_dns_san.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_dns_san.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_dns_san.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_dns_san.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_dns_san_and_disallow_subject_common_name.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_dns_san_and_disallow_subject_common_name.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_dns_san_and_disallow_subject_common_name.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_dns_san_and_disallow_subject_common_name.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_dns_san_and_subject_common_name.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_dns_san_and_subject_common_name.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_dns_san_and_subject_common_name.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_dns_san_and_subject_common_name.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_subject_common_name.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_subject_common_name.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/allow_subject_common_name.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/allow_subject_common_name.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/disallow_dns_san.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/disallow_dns_san.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/disallow_dns_san.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/disallow_dns_san.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/disallow_dns_san_and_allow_subject_common_name.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/disallow_dns_san_and_allow_subject_common_name.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/disallow_dns_san_and_allow_subject_common_name.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/disallow_dns_san_and_allow_subject_common_name.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/disallow_subject_common_name.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/disallow_subject_common_name.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/disallow_subject_common_name.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/disallow_subject_common_name.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/exclude_directory_name_not_implemented.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/exclude_directory_name_not_implemented.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/exclude_directory_name_not_implemented.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/exclude_directory_name_not_implemented.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ignore_name_constraints_on_unimplemented_names.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ignore_name_constraints_on_unimplemented_names.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ignore_name_constraints_on_unimplemented_names.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ignore_name_constraints_on_unimplemented_names.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/invalid_dns_name_matching.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/invalid_dns_name_matching.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/invalid_dns_name_matching.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/invalid_dns_name_matching.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip46_mixed_address_san_allowed.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip46_mixed_address_san_allowed.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip46_mixed_address_san_allowed.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip46_mixed_address_san_allowed.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_allowed.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_allowed.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_allowed.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_allowed.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_allowed_if_outside_excluded_subtree.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_allowed_if_outside_excluded_subtree.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_allowed_if_outside_excluded_subtree.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_allowed_if_outside_excluded_subtree.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_rejected_if_excluded_is_sparse_cidr_mask.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_rejected_if_excluded_is_sparse_cidr_mask.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_rejected_if_excluded_is_sparse_cidr_mask.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_rejected_if_excluded_is_sparse_cidr_mask.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_rejected_if_in_excluded_subtree.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_rejected_if_in_excluded_subtree.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip4_address_san_rejected_if_in_excluded_subtree.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip4_address_san_rejected_if_in_excluded_subtree.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip6_address_san_allowed.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip6_address_san_allowed.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip6_address_san_allowed.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip6_address_san_allowed.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip6_address_san_allowed_if_outside_excluded_subtree.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip6_address_san_allowed_if_outside_excluded_subtree.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip6_address_san_allowed_if_outside_excluded_subtree.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip6_address_san_allowed_if_outside_excluded_subtree.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip6_address_san_rejected_if_in_excluded_subtree.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip6_address_san_rejected_if_in_excluded_subtree.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/ip6_address_san_rejected_if_in_excluded_subtree.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/ip6_address_san_rejected_if_in_excluded_subtree.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/no_name_constraints.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/no_name_constraints.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/no_name_constraints.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/no_name_constraints.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/permit_directory_name_not_implemented.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/permit_directory_name_not_implemented.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/permit_directory_name_not_implemented.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/permit_directory_name_not_implemented.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/reject_constraints_on_unimplemented_names.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/reject_constraints_on_unimplemented_names.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/reject_constraints_on_unimplemented_names.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/reject_constraints_on_unimplemented_names.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/reject_unimplemented_name_constraints.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/reject_unimplemented_name_constraints.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/reject_unimplemented_name_constraints.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/reject_unimplemented_name_constraints.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/we_ignore_constraints_on_names_that_do_not_appear_in_cert.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/we_ignore_constraints_on_names_that_do_not_appear_in_cert.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/we_ignore_constraints_on_names_that_do_not_appear_in_cert.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/we_ignore_constraints_on_names_that_do_not_appear_in_cert.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/we_incorrectly_ignore_name_constraints_on_name_in_subject.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/we_incorrectly_ignore_name_constraints_on_name_in_subject.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/we_incorrectly_ignore_name_constraints_on_name_in_subject.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/we_incorrectly_ignore_name_constraints_on_name_in_subject.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/wildcard_san_accepted_if_in_subtree.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/wildcard_san_accepted_if_in_subtree.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/wildcard_san_accepted_if_in_subtree.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/wildcard_san_accepted_if_in_subtree.ee.der -------------------------------------------------------------------------------- /tests/tls_server_certs/wildcard_san_rejected_if_in_excluded_subtree.ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/wildcard_san_rejected_if_in_excluded_subtree.ca.der -------------------------------------------------------------------------------- /tests/tls_server_certs/wildcard_san_rejected_if_in_excluded_subtree.ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/tls_server_certs/wildcard_san_rejected_if_in_excluded_subtree.ee.der -------------------------------------------------------------------------------- /tests/wpt/ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/wpt/ca.der -------------------------------------------------------------------------------- /tests/wpt/ee.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/tests/wpt/ee.der -------------------------------------------------------------------------------- /third-party/bettertls/README.md: -------------------------------------------------------------------------------- 1 | # BetterTLS Test Suite 2 | 3 | Generated using the Netflix [bettertls] project. 4 | 5 | [bettertls]: https://github.com/Netflix/bettertls 6 | 7 | ## Test Data 8 | 9 | To regenerate vendored test data: 10 | 11 | 1. Install Go 12 | 2. Generate the JSON testdata export: 13 | 14 | ```bash 15 | GOBIN=$PWD go install github.com/Netflix/bettertls/test-suites/cmd/bettertls@latest 16 | ./bettertls export-tests --out ./bettertls.tests.json 17 | ``` 18 | 19 | 3. Bzip2 compress it: 20 | 21 | ```bash 22 | bzip2 ./bettertls.tests.json 23 | ``` 24 | -------------------------------------------------------------------------------- /third-party/bettertls/bettertls.tests.json.bz2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rustls/webpki/2aed5e12361865340b5f00a978e65082233af6fd/third-party/bettertls/bettertls.tests.json.bz2 -------------------------------------------------------------------------------- /third-party/chromium/LICENSE: -------------------------------------------------------------------------------- 1 | // Copyright 2015 The Chromium Authors. All rights reserved. 2 | // 3 | // Redistribution and use in source and binary forms, with or without 4 | // modification, are permitted provided that the following conditions are 5 | // met: 6 | // 7 | // * Redistributions of source code must retain the above copyright 8 | // notice, this list of conditions and the following disclaimer. 9 | // * Redistributions in binary form must reproduce the above 10 | // copyright notice, this list of conditions and the following disclaimer 11 | // in the documentation and/or other materials provided with the 12 | // distribution. 13 | // * Neither the name of Google Inc. nor the names of its 14 | // contributors may be used to endorse or promote products derived from 15 | // this software without specific prior written permission. 16 | // 17 | // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/README: -------------------------------------------------------------------------------- 1 | This directory contains test data for testing net::VerifySignedData(). 2 | 3 | When adding or changing test data, run the script 4 | $ python annotate_test_data.py 5 | 6 | This script will apply a uniform formatting. For instance it will add a 7 | comment showing what the parsed ASN.1 looks like, and reformat the base64 to 8 | have consistent line breaks. 9 | 10 | The general format for the test files is as follows: 11 | 12 | 13 | 14 | 15 | -----BEGIN PUBLIC KEY----- 16 | 17 | -----END PUBLIC KEY----- 18 | 19 | -----BEGIN ALGORITHM----- 20 | 21 | -----END ALGORITHM----- 22 | 23 | -----BEGIN DATA----- 24 | 25 | -----END DATA----- 26 | 27 | -----BEGIN SIGNATURE----- 28 | 29 | -----END SIGNATURE----- 30 | 31 | 32 | Comments for a PEM block should be placed immediately below that block. 33 | The script will also insert a comment after the block describing its parsed 34 | ASN.1 structure (your extra comments need to be above the script-generated 35 | comments or they will be stripped). 36 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-spki-params-null.pem: -------------------------------------------------------------------------------- 1 | This is the same test as ecdsa-prime256v1-sha512.pem except the public key's 2 | algorithm has been tampered with. The parameters for ecPublicKey should be a 3 | namedCurve, but here they have been replaced by NULL. 4 | 5 | 6 | 7 | -----BEGIN PUBLIC KEY----- 8 | MFEwCwYHKoZIzj0CAQUAA0IABJywz2kwPa/HYdTkaHtOzwOebTSrlkr4CBDY1VikqNb3LVEjOhe 9 | IkgqG7gihlix576MX+3h54pfa0hRtuZX6HHg= 10 | -----END PUBLIC KEY----- 11 | 12 | $ openssl asn1parse -i < [PUBLIC KEY] 13 | 0:d=0 hl=2 l= 81 cons: SEQUENCE 14 | 2:d=1 hl=2 l= 11 cons: SEQUENCE 15 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 16 | 13:d=2 hl=2 l= 0 prim: NULL 17 | 15:d=1 hl=2 l= 66 prim: BIT STRING 18 | 19 | 20 | 21 | -----BEGIN ALGORITHM----- 22 | MAoGCCqGSM49BAME 23 | -----END ALGORITHM----- 24 | 25 | $ openssl asn1parse -i < [ALGORITHM] 26 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 27 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 28 | 29 | 30 | 31 | -----BEGIN DATA----- 32 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 33 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 34 | APuEMjWr/5jiQb37VTjD4= 35 | -----END DATA----- 36 | 37 | 38 | 39 | -----BEGIN SIGNATURE----- 40 | A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 41 | X/LDDO7/sWpyBCEa2OSiahA== 42 | -----END SIGNATURE----- 43 | 44 | $ openssl asn1parse -i < [SIGNATURE] 45 | 0:d=0 hl=2 l= 71 prim: BIT STRING 46 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-unused-bits-signature.pem: -------------------------------------------------------------------------------- 1 | This is the same test as ecdsa-prime256v1-sha512.pem, however the SIGNATURE has 2 | been changed to a (valid) BIT STRING containing two unused bits. 3 | 4 | Note that the last two bits of the original signature were 0, so the 5 | DER-encoded bytes portion of the mutated BIT STRING remains the same. All that 6 | changes is the octet at the start which indicates the number of unused bits. 7 | 8 | In other words SIGNATURE changes from: 9 | 03 47 00 30 ... 84 10 | To: 11 | 03 47 02 30 ... 84 12 | 13 | 14 | 15 | -----BEGIN PUBLIC KEY----- 16 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 17 | o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 18 | -----END PUBLIC KEY----- 19 | 20 | $ openssl asn1parse -i < [PUBLIC KEY] 21 | 0:d=0 hl=2 l= 89 cons: SEQUENCE 22 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 23 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 24 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 25 | 23:d=1 hl=2 l= 66 prim: BIT STRING 26 | 27 | 28 | 29 | -----BEGIN ALGORITHM----- 30 | MAoGCCqGSM49BAME 31 | -----END ALGORITHM----- 32 | 33 | $ openssl asn1parse -i < [ALGORITHM] 34 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 35 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 36 | 37 | 38 | 39 | -----BEGIN DATA----- 40 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 41 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 42 | APuEMjWr/5jiQb37VTjD4= 43 | -----END DATA----- 44 | 45 | 46 | 47 | -----BEGIN SIGNATURE----- 48 | A0cCMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 49 | X/LDDO7/sWpyBCEa2OSiahA== 50 | -----END SIGNATURE----- 51 | 52 | $ openssl asn1parse -i < [SIGNATURE] 53 | 0:d=0 hl=2 l= 71 prim: BIT STRING 54 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-using-ecdh-key.pem: -------------------------------------------------------------------------------- 1 | This uses the same test data as ecdsa-prime256v1-sha512.pem, HOWEVER the 2 | algorithm OID for the public key has been changed from id-ecPublicKey 3 | (1.2.840.10045.2.1) to id-ecDH (1.3.132.1.12) 4 | 5 | This test should fail because the public key's algorithm does not match that of 6 | the signature algorithm. 7 | 8 | 9 | 10 | -----BEGIN PUBLIC KEY----- 11 | MFcwEQYFK4EEAQwGCCqGSM49AwEHA0IABJywz2kwPa/HYdTkaHtOzwOebTSrlkr4CBDY1VikqNb 12 | 3LVEjOheIkgqG7gihlix576MX+3h54pfa0hRtuZX6HHg= 13 | -----END PUBLIC KEY----- 14 | 15 | $ openssl asn1parse -i < [PUBLIC KEY] 16 | 0:d=0 hl=2 l= 87 cons: SEQUENCE 17 | 2:d=1 hl=2 l= 17 cons: SEQUENCE 18 | 4:d=2 hl=2 l= 5 prim: OBJECT :1.3.132.1.12 19 | 11:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 20 | 21:d=1 hl=2 l= 66 prim: BIT STRING 21 | 22 | 23 | 24 | -----BEGIN ALGORITHM----- 25 | MAoGCCqGSM49BAME 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 31 | 32 | 33 | 34 | -----BEGIN DATA----- 35 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 36 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 37 | APuEMjWr/5jiQb37VTjD4= 38 | -----END DATA----- 39 | 40 | 41 | 42 | -----BEGIN SIGNATURE----- 43 | A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 44 | X/LDDO7/sWpyBCEa2OSiahA== 45 | -----END SIGNATURE----- 46 | 47 | $ openssl asn1parse -i < [SIGNATURE] 48 | 0:d=0 hl=2 l= 71 prim: BIT STRING 49 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-using-ecmqv-key.pem: -------------------------------------------------------------------------------- 1 | This uses the same test data as ecdsa-prime256v1-sha512.pem, HOWEVER the 2 | algorithm OID for the public key has been changed from id-ecPublicKey 3 | (1.2.840.10045.2.1) to id-ecMQV (1.3.132.1.13) 4 | 5 | This test should fail because the public key's algorithm does not match that of 6 | the signature algorithm. 7 | 8 | 9 | 10 | -----BEGIN PUBLIC KEY----- 11 | MFcwEQYFK4EEAQ0GCCqGSM49AwEHA0IABJywz2kwPa/HYdTkaHtOzwOebTSrlkr4CBDY1VikqNb 12 | 3LVEjOheIkgqG7gihlix576MX+3h54pfa0hRtuZX6HHg= 13 | -----END PUBLIC KEY----- 14 | 15 | $ openssl asn1parse -i < [PUBLIC KEY] 16 | 0:d=0 hl=2 l= 87 cons: SEQUENCE 17 | 2:d=1 hl=2 l= 17 cons: SEQUENCE 18 | 4:d=2 hl=2 l= 5 prim: OBJECT :1.3.132.1.13 19 | 11:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 20 | 21:d=1 hl=2 l= 66 prim: BIT STRING 21 | 22 | 23 | 24 | -----BEGIN ALGORITHM----- 25 | MAoGCCqGSM49BAME 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 31 | 32 | 33 | 34 | -----BEGIN DATA----- 35 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 36 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 37 | APuEMjWr/5jiQb37VTjD4= 38 | -----END DATA----- 39 | 40 | 41 | 42 | -----BEGIN SIGNATURE----- 43 | A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 44 | X/LDDO7/sWpyBCEa2OSiahA== 45 | -----END SIGNATURE----- 46 | 47 | $ openssl asn1parse -i < [SIGNATURE] 48 | 0:d=0 hl=2 l= 71 prim: BIT STRING 49 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-using-rsa-algorithm.pem: -------------------------------------------------------------------------------- 1 | This test specified a valid ECDSA signature and EC key (the same as ecdsa-prime256v1-sha512.pem) 2 | 3 | The problem however is the signature algorithm is indicated as being RSA PKCS#1 v1.5. 4 | 5 | Signature verification consequently should fail. 6 | 7 | 8 | 9 | -----BEGIN PUBLIC KEY----- 10 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 11 | o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=2 l= 89 cons: SEQUENCE 16 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 17 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 18 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 19 | 23:d=1 hl=2 l= 66 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MA0GCSqGSIb3DQEBDQUA 25 | -----END ALGORITHM----- 26 | 27 | $ openssl asn1parse -i < [ALGORITHM] 28 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 29 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha512WithRSAEncryption 30 | 13:d=1 hl=2 l= 0 prim: NULL 31 | 32 | 33 | 34 | -----BEGIN DATA----- 35 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 36 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 37 | APuEMjWr/5jiQb37VTjD4= 38 | -----END DATA----- 39 | 40 | 41 | 42 | -----BEGIN SIGNATURE----- 43 | A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 44 | X/LDDO7/sWpyBCEa2OSiahA== 45 | -----END SIGNATURE----- 46 | 47 | $ openssl asn1parse -i < [SIGNATURE] 48 | 0:d=0 hl=2 l= 71 prim: BIT STRING 49 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-wrong-signature-format.pem: -------------------------------------------------------------------------------- 1 | This is the same as ecdsa-prime256v1-sha512.pem, except the signature is wrong. 2 | 3 | Rather than encoding the signature into a DER-encoded Ecdsa-Sig-Value, it is a 4 | concatenation of the r and s values. This is the format that WebCrypto uses for 5 | ECDSA signature, but not what is used for digital signatures. 6 | 7 | 8 | 9 | -----BEGIN PUBLIC KEY----- 10 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 11 | o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=2 l= 89 cons: SEQUENCE 16 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 17 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 18 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 19 | 23:d=1 hl=2 l= 66 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MAoGCCqGSM49BAME 25 | -----END ALGORITHM----- 26 | 27 | $ openssl asn1parse -i < [ALGORITHM] 28 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 29 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 30 | 31 | 32 | 33 | -----BEGIN DATA----- 34 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 35 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 36 | APuEMjWr/5jiQb37VTjD4= 37 | -----END DATA----- 38 | 39 | 40 | 41 | -----BEGIN SIGNATURE----- 42 | A0EAS5+R5ChShyYaHRySPPYZzVLBdc/n8b5gpSWMYQNIuj0oxF+QHXHEGymGOOwNaoXX/LDDO7/ 43 | sWpyBCEa2OSiahA== 44 | -----END SIGNATURE----- 45 | 46 | $ openssl asn1parse -i < [SIGNATURE] 47 | 0:d=0 hl=2 l= 65 prim: BIT STRING 48 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512.pem: -------------------------------------------------------------------------------- 1 | The key, message, and signature come from: 2 | http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-3ecdsatestvectors.zip (SigVer.rsp) 3 | 4 | The algorithm DER was synthesized to match, and the signature (provided as an r 5 | and s tuple) was encoded into a Ecdsa-Sig-Value and then a BIT STRING. 6 | 7 | It uses ECDSA verification, using curve prime256v1 and SHA-512 8 | 9 | 10 | 11 | -----BEGIN PUBLIC KEY----- 12 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 13 | o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 14 | -----END PUBLIC KEY----- 15 | 16 | $ openssl asn1parse -i < [PUBLIC KEY] 17 | 0:d=0 hl=2 l= 89 cons: SEQUENCE 18 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 19 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 20 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 21 | 23:d=1 hl=2 l= 66 prim: BIT STRING 22 | 23 | 24 | 25 | -----BEGIN ALGORITHM----- 26 | MAoGCCqGSM49BAME 27 | -----END ALGORITHM----- 28 | 29 | $ openssl asn1parse -i < [ALGORITHM] 30 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 31 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 32 | 33 | 34 | 35 | -----BEGIN DATA----- 36 | bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 37 | SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 38 | APuEMjWr/5jiQb37VTjD4= 39 | -----END DATA----- 40 | 41 | 42 | 43 | -----BEGIN SIGNATURE----- 44 | A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 45 | X/LDDO7/sWpyBCEa2OSiahA== 46 | -----END SIGNATURE----- 47 | 48 | $ openssl asn1parse -i < [SIGNATURE] 49 | 0:d=0 hl=2 l= 71 prim: BIT STRING 50 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-secp384r1-sha256-corrupted-data.pem: -------------------------------------------------------------------------------- 1 | This is the same test as ecdsa-secp384r1-sha256.pem, except the DATA section 2 | has been corrupted. The third byte has been set to 0. 3 | 4 | This signature should NOT verify successfully. 5 | 6 | 7 | 8 | -----BEGIN PUBLIC KEY----- 9 | MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXFhBi+WKXuxeK9yCbC9jqEchwjCNsQ4RXAsJ07oHZ+Q 10 | qz55cNIY5BAhcQ0QYY5jv9BimGL9SuhUuOSuS3Pn9rrsIFGcFsihy4kDr8rq5+7RbN8bV057gW5 11 | emYjLtvDsQ 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=2 l= 118 cons: SEQUENCE 16 | 2:d=1 hl=2 l= 16 cons: SEQUENCE 17 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 18 | 13:d=2 hl=2 l= 5 prim: OBJECT :secp384r1 19 | 20:d=1 hl=2 l= 98 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MAoGCCqGSM49BAMC 25 | -----END ALGORITHM----- 26 | 27 | $ openssl asn1parse -i < [ALGORITHM] 28 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 29 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 30 | 31 | 32 | 33 | -----BEGIN DATA----- 34 | MIIA6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg 35 | MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw 36 | wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M 37 | DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ 38 | bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V 39 | wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh 40 | FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t 41 | Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV 42 | HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/ 43 | -----END DATA----- 44 | 45 | 46 | 47 | -----BEGIN SIGNATURE----- 48 | A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM 49 | CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU= 50 | -----END SIGNATURE----- 51 | 52 | $ openssl asn1parse -i < [SIGNATURE] 53 | 0:d=0 hl=2 l= 105 prim: BIT STRING 54 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ecdsa-using-rsa-key.pem: -------------------------------------------------------------------------------- 1 | This test specifies an ECDSA signature algorithm (and a valid ecdsa signature), 2 | HOWEVER it provides an RSA key. Verification should fail. 3 | 4 | 5 | 6 | -----BEGIN PUBLIC KEY----- 7 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 8 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 9 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 10 | -----END PUBLIC KEY----- 11 | 12 | $ openssl asn1parse -i < [PUBLIC KEY] 13 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 14 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 15 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 16 | 16:d=2 hl=2 l= 0 prim: NULL 17 | 18:d=1 hl=3 l= 141 prim: BIT STRING 18 | 19 | 20 | 21 | -----BEGIN ALGORITHM----- 22 | MAoGCCqGSM49BAMC 23 | -----END ALGORITHM----- 24 | 25 | $ openssl asn1parse -i < [ALGORITHM] 26 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 27 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 28 | 29 | 30 | 31 | -----BEGIN DATA----- 32 | MIIB6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg 33 | MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw 34 | wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M 35 | DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ 36 | bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V 37 | wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh 38 | FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t 39 | Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV 40 | HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/ 41 | -----END DATA----- 42 | 43 | 44 | 45 | -----BEGIN SIGNATURE----- 46 | A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM 47 | CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU= 48 | -----END SIGNATURE----- 49 | 50 | $ openssl asn1parse -i < [SIGNATURE] 51 | 0:d=0 hl=2 l= 105 prim: BIT STRING 52 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/ecdsa-prime256v1-sha256-compressed.pem: -------------------------------------------------------------------------------- 1 | Copy of the uncompressed version, but with the public key compressed manually 2 | using `openssl ec`. 3 | 4 | 5 | $ openssl asn1parse -i < [PUBLIC KEY] 6 | 0:d=0 hl=2 l= 57 cons: SEQUENCE 7 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 8 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 9 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 10 | 23:d=1 hl=2 l= 34 prim: BIT STRING 11 | 12 | -----BEGIN PUBLIC KEY----- 13 | MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADBKrsc2NXJvIT+4qeZNo7hjLkFJWpRNAEW1IuunJ 14 | A+tU= 15 | -----END PUBLIC KEY----- 16 | 17 | 18 | $ openssl asn1parse -i < [ALGORITHM] 19 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 20 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 21 | 22 | -----BEGIN ALGORITHM----- 23 | MAoGCCqGSM49BAMC 24 | -----END ALGORITHM----- 25 | 26 | -----BEGIN DATA----- 27 | MTIzNDAw 28 | -----END DATA----- 29 | 30 | 31 | $ openssl asn1parse -i < [SIGNATURE] 32 | 0:d=0 hl=2 l= 73 prim: BIT STRING 33 | 34 | -----BEGIN SIGNATURE----- 35 | A0kAMEYCIQCo6hUMuAEl1zgcTB8dqOneJxH5kXBgQGpz15BFGeUTiAIhAPOrn6aL1HlzpzstQEg 36 | MK6UMIsnXbsIXJXKIKTKFRJuG 37 | -----END SIGNATURE----- 38 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/ecdsa-prime256v1-sha256-spki-inside-spki.pem: -------------------------------------------------------------------------------- 1 | This is a copy of ecdsa-prime256v1-sha256.pem, but 2 | with the SPKI BIT STRING being the SPKI again. 3 | 4 | 5 | $ openssl asn1parse -i < [PUBLIC KEY] 6 | 0:d=0 hl=2 l= 115 cons: SEQUENCE 7 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 8 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 9 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 10 | 23:d=1 hl=2 l= 92 prim: BIT STRING 11 | 12 | -----BEGIN PUBLIC KEY----- 13 | MHMwEwYHKoZIzj0CAQYIKoZIzj0DAQcDXAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQEqux 14 | zY1cm8hP7ip5k2juGMuQUlalE0ARbUi66ckD61YfZMVeYqqOlugF3V4fO0F6q97Tgn8gdbRqlRu 15 | g2XVJd 16 | -----END PUBLIC KEY----- 17 | 18 | $ openssl asn1parse -i < [ALGORITHM] 19 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 20 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 21 | 22 | -----BEGIN ALGORITHM----- 23 | MAoGCCqGSM49BAMC 24 | -----END ALGORITHM----- 25 | 26 | -----BEGIN DATA----- 27 | MTIzNDAw 28 | -----END DATA----- 29 | 30 | $ openssl asn1parse -i < [SIGNATURE] 31 | 0:d=0 hl=2 l= 73 prim: BIT STRING 32 | 33 | -----BEGIN SIGNATURE----- 34 | A0kAMEYCIQCo6hUMuAEl1zgcTB8dqOneJxH5kXBgQGpz15BFGeUTiAIhAPOrn6aL1HlzpzstQEg 35 | MK6UMIsnXbsIXJXKIKTKFRJuG 36 | -----END SIGNATURE----- 37 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/ecdsa-prime256v1-sha256.pem: -------------------------------------------------------------------------------- 1 | The key, message, and signature come from wycheproof ecdsa_secp256r1_sha256_test.json 2 | 3 | The signature was wrapped in an additional BITSTRING. 4 | 5 | 6 | $ openssl asn1parse -i < [PUBLIC KEY] 7 | 0:d=0 hl=2 l= 89 cons: SEQUENCE 8 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 9 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 10 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 11 | 23:d=1 hl=2 l= 66 prim: BIT STRING 12 | 13 | -----BEGIN PUBLIC KEY----- 14 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBKrsc2NXJvIT+4qeZNo7hjLkFJWpRNAEW1IuunJ 15 | A+tWH2TFXmKqjpboBd1eHztBeqve04J/IHW0apUboNl1SXQ== 16 | -----END PUBLIC KEY----- 17 | 18 | 19 | $ openssl asn1parse -i < [ALGORITHM] 20 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 21 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 22 | 23 | -----BEGIN ALGORITHM----- 24 | MAoGCCqGSM49BAMC 25 | -----END ALGORITHM----- 26 | 27 | -----BEGIN DATA----- 28 | MTIzNDAw 29 | -----END DATA----- 30 | 31 | 32 | $ openssl asn1parse -i < [SIGNATURE] 33 | 0:d=0 hl=2 l= 73 prim: BIT STRING 34 | 35 | -----BEGIN SIGNATURE----- 36 | A0kAMEYCIQCo6hUMuAEl1zgcTB8dqOneJxH5kXBgQGpz15BFGeUTiAIhAPOrn6aL1HlzpzstQEg 37 | MK6UMIsnXbsIXJXKIKTKFRJuG 38 | -----END SIGNATURE----- 39 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/make-pss.py: -------------------------------------------------------------------------------- 1 | # Copyright 2016 Joseph Birr-Pixton. 2 | # 3 | # Permission to use, copy, modify, and/or distribute this software for any 4 | # purpose with or without fee is hereby granted, provided that the above 5 | # copyright notice and this permission notice appear in all copies. 6 | # 7 | # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES 8 | # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 | # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR 10 | # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 | # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 12 | # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 13 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 | 15 | import subprocess 16 | import glob 17 | import hashlib 18 | import os 19 | 20 | TOP = '../../../../../' 21 | 22 | def dump(bin, type): 23 | return '-----BEGIN %s-----\n%s-----END %s-----\n' % \ 24 | (type, bin.encode('base64'), type) 25 | 26 | def gen(outfile, paramfile, hashfn): 27 | param = open(paramfile).read() 28 | 29 | rand = os.urandom(64) 30 | hash = getattr(hashlib, hashfn)(rand).digest() 31 | 32 | proc = subprocess.Popen(['openssl', 'pkeyutl', 33 | '-inkey', 'priv.pem', 34 | '-sign', 35 | '-pkeyopt', 'rsa_padding_mode:pss', 36 | '-pkeyopt', 'rsa_pss_saltlen:-1', 37 | '-pkeyopt', 'digest:%s' % hashfn 38 | ], 39 | stdout = subprocess.PIPE, 40 | stdin = subprocess.PIPE) 41 | 42 | sig, _ = proc.communicate(hash) 43 | 44 | with open(outfile, 'w') as f: 45 | print >>f, dump(open('pub.der').read(), 'PUBLIC KEY') 46 | print >>f, dump(param, 'ALGORITHM') 47 | print >>f, dump(rand, 'DATA') 48 | 49 | assert len(sig) == 256 # only works with 2048-bit keys 50 | # turn it into a DER bitstring 51 | print >>f, dump('\x03\x82\x01\x01\x00' + sig, 'SIGNATURE') 52 | 53 | if __name__ == '__main__': 54 | subprocess.check_call('openssl genrsa -out priv.pem 2048', shell = True) 55 | subprocess.check_call('openssl rsa -pubout -out pub.pem -in priv.pem', shell = True) 56 | subprocess.check_call('openssl asn1parse -inform pem -in pub.pem -out pub.der', shell = True) 57 | gen('rsa-pss-sha256-salt32.pem', TOP + 'src/data/alg-pss-sha256.der', 'sha256') 58 | gen('rsa-pss-sha384-salt48.pem', TOP + 'src/data/alg-pss-sha384.der', 'sha384') 59 | gen('rsa-pss-sha512-salt64.pem', TOP + 'src/data/alg-pss-sha512.der', 'sha512') 60 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAtVDcg1BMqPneiNBL5+mjEB5mxjJzgkmClZR5z1jNht+As6+M 3 | lgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDOFwtrxJE6Eg1GQ2ux9nDVNvrQkoOL 4 | znXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbcWc/4wTZOfO6lns4nb5s08oaUv3uF 5 | 5Wc0sktNr6he6R3zSQ6YK5KZFzQdnEtGc4gwHWXZ9xt4JeANht3m4RNpMY89qZsZ 6 | xmqoewYHuXQUAfl7W0DC3hoxOoLwSqL2bt2zMMeR8WAo51YY0cJnzAEETcnWIM6e 7 | alb5Osj3iSEknxRTley47SsODQ0maUUWj8wEjwIDAQABAoIBAFBAVQmt7fBQgAWQ 8 | JDimeWz198k7pVKCVND94Zg7luReYmmlhpUVM7V6A1/BC9EMuERlmq6YEgwIyZjW 9 | KUFxhQZAINfk64334CSRMzh/om9uPgjLPoMIQG1dzL9NtR0Ic7wKV8afxPf/mKL9 10 | Iwvv1+HMoi5qafzz58xNNLk6OgopdZ6H2aX0QtHy/jkMfpE3od7W6Xc+lSVUO7HG 11 | zmN3pHaM5K5n59cX9jpg/K+a0loceY5vmqUfXyh6IP6h1XyAb2NTpU04klDEFEnU 12 | tyaYtxL4ZMZzefoeVXVbCl7qeOE7KGIz7gcvsqL7T8dkK+uYf6mLENeyUvkCKiTG 13 | QAqon0kCgYEA6pLLAYpRo9JbLYlYNt9iTFwIU+R8RcxzZrltm7OUqztmaVq4pOek 14 | cPw/2sCMvqeEWuGhv+bbeIsDUWADU9NFkWySlVRKEFKGb3ECv3A07yfP2K22exOZ 15 | /SglNZKB/ycvpOMcNKnJD5folRrh0actdVG8vOf/sN+887vE77u0f6sCgYEAxeC0 16 | /6831k/EWYzQf+OfeLqx4ABgkgqxvMXO3YCp44+DD4l8TVWfP4Ahfj5p0zCbXIv3 17 | 5OcxdVwjNljZw4Y5vDNwcDK7vKwp9ne+H9xJB7Yedfr7oyJbqIvJ1nd6jmXoL7GA 18 | dX9xSxJ1CucD7RAY99MS77y8xm0sTbFoI6SvOq0CgYEApeQihXhYvE6sBMw5ArWA 19 | QxhjG1FfQc2RX3iLt62M2nwrtR5frt/TP8RlNEMwRjUaOVuQlLKjS+Cj/Ay2zbWA 20 | YZQzJkByEJEMWgvGMbUc+nVhXI+dmfUG1i5qAjUWkmgYHbgv3l6kvs5jwe88/JQK 21 | ZgnkPISmI2RXsNd+MzzALfkCgYB/56HXa/ERzHnE0KqtH/si1LrJajUB8Xu14761 22 | msc12rwCvQHmEyRerXn42msZIeAq0CaqhW6Ix8fTB1erdQW4yx8wxvpnGHn/YKM6 23 | gO+L1oKWDGe/qSPKLKGIya4kgWa1/Wxlhr06o3GYXH9DKxaYio1A/aSgNk1e4v/H 24 | mlnR+QKBgQDd2cdhBTXIo5FZSONip5GG2Ku9m60qGSyPTCqxLNWBfYE/fu0aFCUU 25 | GemqA2ygxFnyCG1Af0SDWwQFH8W7BJ6H1geJVcwVKLrZokKOul8kdwXCxz1J2XGe 26 | gskT4Dsd9K8TSU3J09XVKhC5SrF0vDjdXOE6rtFSqa/bs7B2JcfNwQ== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVDcg1BMqPneiNBL5+mj 3 | EB5mxjJzgkmClZR5z1jNht+As6+Mlgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDO 4 | FwtrxJE6Eg1GQ2ux9nDVNvrQkoOLznXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbc 5 | Wc/4wTZOfO6lns4nb5s08oaUv3uF5Wc0sktNr6he6R3zSQ6YK5KZFzQdnEtGc4gw 6 | HWXZ9xt4JeANht3m4RNpMY89qZsZxmqoewYHuXQUAfl7W0DC3hoxOoLwSqL2bt2z 7 | MMeR8WAo51YY0cJnzAEETcnWIM6ealb5Osj3iSEknxRTley47SsODQ0maUUWj8wE 8 | jwIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/rsa-pss-sha256-salt32-corrupted-data.pem: -------------------------------------------------------------------------------- 1 | This has had DATA corrupted, so the signature is not valid. 2 | 3 | 4 | 5 | -----BEGIN PUBLIC KEY----- 6 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVDcg1BMqPneiNBL5+mjEB5mxjJzgkm 7 | ClZR5z1jNht+As6+Mlgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDOFwtrxJE6Eg1GQ2ux9nDVNv 8 | rQkoOLznXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbcWc/4wTZOfO6lns4nb5s08oaUv3uF5Wc0s 9 | ktNr6he6R3zSQ6YK5KZFzQdnEtGc4gwHWXZ9xt4JeANht3m4RNpMY89qZsZxmqoewYHuXQUAfl7 10 | W0DC3hoxOoLwSqL2bt2zMMeR8WAo51YY0cJnzAEETcnWIM6ealb5Osj3iSEknxRTley47SsODQ0 11 | maUUWj8wEjwIDAQAB 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=4 l= 290 cons: SEQUENCE 16 | 4:d=1 hl=2 l= 13 cons: SEQUENCE 17 | 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 18 | 17:d=2 hl=2 l= 0 prim: NULL 19 | 19:d=1 hl=4 l= 271 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU 25 | DBAIBBQCiAwIBIA== 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 65 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 31 | 13:d=1 hl=2 l= 52 cons: SEQUENCE 32 | 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 33 | 17:d=3 hl=2 l= 13 cons: SEQUENCE 34 | 19:d=4 hl=2 l= 9 prim: OBJECT :sha256 35 | 30:d=4 hl=2 l= 0 prim: NULL 36 | 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 37 | 34:d=3 hl=2 l= 26 cons: SEQUENCE 38 | 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 39 | 47:d=4 hl=2 l= 13 cons: SEQUENCE 40 | 49:d=5 hl=2 l= 9 prim: OBJECT :sha256 41 | 60:d=5 hl=2 l= 0 prim: NULL 42 | 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 43 | 64:d=3 hl=2 l= 1 prim: INTEGER :20 44 | 45 | 46 | 47 | -----BEGIN DATA----- 48 | K6BCjy4hCNAZBmRT+wS4h5wDg7pO67oHFabDt5cXNp8X6sLNH2vjICLtO2niPwZ/Yk2ySxC8MgO 49 | /+U9sdSXxqA== 50 | -----END DATA----- 51 | 52 | 53 | 54 | -----BEGIN SIGNATURE----- 55 | A4IBAQCZqlXJhviFKOKHe1ssbm0ThtAnAbcuP3ACBZyfpBjfYlxAgltNzBnmEtxjsbZQPMXHDHy 56 | Y+fdEXwK2vboCz7BzIRXcrcJGzjsBc2zPeNZlmhaadIoa5d8jy3kxnT+f3YVjKGZBqwDaqE5Kie 57 | jhV0laTK+cNGFXo9a3ylICok+s4jVN2Y7qE+ImgyANbZyn1d6W6VnFf4GVvin2hFwTCcZnKA6Db 58 | NYnArbbNmHmMB2S+1Kw9dAklnzZmwWgNSRirtTpUHTBIWYq3B0hPL8IzwKk89/iKDaY2fpV/Wnt 59 | oL2mgM7oa/7+oQWa27BGYftYZmDpIQtNbUeO4VBnaeqGgA5f 60 | -----END SIGNATURE----- 61 | 62 | $ openssl asn1parse -i < [SIGNATURE] 63 | 0:d=0 hl=4 l= 257 prim: BIT STRING 64 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/rsa-pss-sha256-salt32.pem: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -----BEGIN PUBLIC KEY----- 6 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVDcg1BMqPneiNBL5+mjEB5mxjJzgkm 7 | ClZR5z1jNht+As6+Mlgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDOFwtrxJE6Eg1GQ2ux9nDVNv 8 | rQkoOLznXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbcWc/4wTZOfO6lns4nb5s08oaUv3uF5Wc0s 9 | ktNr6he6R3zSQ6YK5KZFzQdnEtGc4gwHWXZ9xt4JeANht3m4RNpMY89qZsZxmqoewYHuXQUAfl7 10 | W0DC3hoxOoLwSqL2bt2zMMeR8WAo51YY0cJnzAEETcnWIM6ealb5Osj3iSEknxRTley47SsODQ0 11 | maUUWj8wEjwIDAQAB 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=4 l= 290 cons: SEQUENCE 16 | 4:d=1 hl=2 l= 13 cons: SEQUENCE 17 | 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 18 | 17:d=2 hl=2 l= 0 prim: NULL 19 | 19:d=1 hl=4 l= 271 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU 25 | DBAIBBQCiAwIBIA== 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 65 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 31 | 13:d=1 hl=2 l= 52 cons: SEQUENCE 32 | 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 33 | 17:d=3 hl=2 l= 13 cons: SEQUENCE 34 | 19:d=4 hl=2 l= 9 prim: OBJECT :sha256 35 | 30:d=4 hl=2 l= 0 prim: NULL 36 | 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 37 | 34:d=3 hl=2 l= 26 cons: SEQUENCE 38 | 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 39 | 47:d=4 hl=2 l= 13 cons: SEQUENCE 40 | 49:d=5 hl=2 l= 9 prim: OBJECT :sha256 41 | 60:d=5 hl=2 l= 0 prim: NULL 42 | 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 43 | 64:d=3 hl=2 l= 1 prim: INTEGER :20 44 | 45 | 46 | 47 | -----BEGIN DATA----- 48 | K5BCjy4hCNAZBmRT+wS4h5wDg7pO67oHFabDt5cXNp8X6sLNH2vjICLtO2niPwZ/Yk2ySxC8MgO 49 | /+U9sdSXxqA== 50 | -----END DATA----- 51 | 52 | 53 | 54 | -----BEGIN SIGNATURE----- 55 | A4IBAQCZqlXJhviFKOKHe1ssbm0ThtAnAbcuP3ACBZyfpBjfYlxAgltNzBnmEtxjsbZQPMXHDHy 56 | Y+fdEXwK2vboCz7BzIRXcrcJGzjsBc2zPeNZlmhaadIoa5d8jy3kxnT+f3YVjKGZBqwDaqE5Kie 57 | jhV0laTK+cNGFXo9a3ylICok+s4jVN2Y7qE+ImgyANbZyn1d6W6VnFf4GVvin2hFwTCcZnKA6Db 58 | NYnArbbNmHmMB2S+1Kw9dAklnzZmwWgNSRirtTpUHTBIWYq3B0hPL8IzwKk89/iKDaY2fpV/Wnt 59 | oL2mgM7oa/7+oQWa27BGYftYZmDpIQtNbUeO4VBnaeqGgA5f 60 | -----END SIGNATURE----- 61 | 62 | $ openssl asn1parse -i < [SIGNATURE] 63 | 0:d=0 hl=4 l= 257 prim: BIT STRING 64 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/rsa-pss-sha384-salt48-corrupted-data.pem: -------------------------------------------------------------------------------- 1 | This has had DATA corrupted, so the signature is not valid. 2 | 3 | 4 | 5 | -----BEGIN PUBLIC KEY----- 6 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVDcg1BMqPneiNBL5+mjEB5mxjJzgkm 7 | ClZR5z1jNht+As6+Mlgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDOFwtrxJE6Eg1GQ2ux9nDVNv 8 | rQkoOLznXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbcWc/4wTZOfO6lns4nb5s08oaUv3uF5Wc0s 9 | ktNr6he6R3zSQ6YK5KZFzQdnEtGc4gwHWXZ9xt4JeANht3m4RNpMY89qZsZxmqoewYHuXQUAfl7 10 | W0DC3hoxOoLwSqL2bt2zMMeR8WAo51YY0cJnzAEETcnWIM6ealb5Osj3iSEknxRTley47SsODQ0 11 | maUUWj8wEjwIDAQAB 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=4 l= 290 cons: SEQUENCE 16 | 4:d=1 hl=2 l= 13 cons: SEQUENCE 17 | 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 18 | 17:d=2 hl=2 l= 0 prim: NULL 19 | 19:d=1 hl=4 l= 271 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU 25 | DBAICBQCiAwIBMA== 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 65 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 31 | 13:d=1 hl=2 l= 52 cons: SEQUENCE 32 | 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 33 | 17:d=3 hl=2 l= 13 cons: SEQUENCE 34 | 19:d=4 hl=2 l= 9 prim: OBJECT :sha384 35 | 30:d=4 hl=2 l= 0 prim: NULL 36 | 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 37 | 34:d=3 hl=2 l= 26 cons: SEQUENCE 38 | 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 39 | 47:d=4 hl=2 l= 13 cons: SEQUENCE 40 | 49:d=5 hl=2 l= 9 prim: OBJECT :sha384 41 | 60:d=5 hl=2 l= 0 prim: NULL 42 | 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 43 | 64:d=3 hl=2 l= 1 prim: INTEGER :30 44 | 45 | 46 | 47 | -----BEGIN DATA----- 48 | TDrlz5dKOqfOQhirwHj00bsVlf+0WEe2qMe9l6SVr9SHB4Eow26r+aU7+pGZFp774O041xIeU2g 49 | ZHYzNWBjGZQ== 50 | -----END DATA----- 51 | 52 | 53 | 54 | -----BEGIN SIGNATURE----- 55 | A4IBAQBvlL4AuwL3hEobMolBzR/0gzuJ9u4ATWEPO5uTiBtdJ5Nx9O6gFCrtZMwfEU9q4bzazKV 56 | yWRSpn23GZjlmNYhFCNlfY3l6IlhxGEVz/YeOglrBR8hFbA17835jTmcCR09G6SZ7Wwm8NV7riw 57 | woW15A1N2axuaAAcCxf9T48uehAmXrfApJygl2PWeKzzATUAuGzLLmQ0hNGVvUraxCJfiehtnMl 58 | kWUiSZgjvmXKv6N2JtN8dHMHVEzPTBou4a25ozQIRAIGFvZYcDm5DW4CNJqFM1mTv2BEeOCW5hw 59 | Bt60xm8kXOX4OGwgEyB/aHttWHPdAiFUoODo5j4MtcvajuWt 60 | -----END SIGNATURE----- 61 | 62 | $ openssl asn1parse -i < [SIGNATURE] 63 | 0:d=0 hl=4 l= 257 prim: BIT STRING 64 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/rsa-pss-sha384-salt48.pem: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -----BEGIN PUBLIC KEY----- 6 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVDcg1BMqPneiNBL5+mjEB5mxjJzgkm 7 | ClZR5z1jNht+As6+Mlgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDOFwtrxJE6Eg1GQ2ux9nDVNv 8 | rQkoOLznXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbcWc/4wTZOfO6lns4nb5s08oaUv3uF5Wc0s 9 | ktNr6he6R3zSQ6YK5KZFzQdnEtGc4gwHWXZ9xt4JeANht3m4RNpMY89qZsZxmqoewYHuXQUAfl7 10 | W0DC3hoxOoLwSqL2bt2zMMeR8WAo51YY0cJnzAEETcnWIM6ealb5Osj3iSEknxRTley47SsODQ0 11 | maUUWj8wEjwIDAQAB 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=4 l= 290 cons: SEQUENCE 16 | 4:d=1 hl=2 l= 13 cons: SEQUENCE 17 | 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 18 | 17:d=2 hl=2 l= 0 prim: NULL 19 | 19:d=1 hl=4 l= 271 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU 25 | DBAICBQCiAwIBMA== 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 65 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 31 | 13:d=1 hl=2 l= 52 cons: SEQUENCE 32 | 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 33 | 17:d=3 hl=2 l= 13 cons: SEQUENCE 34 | 19:d=4 hl=2 l= 9 prim: OBJECT :sha384 35 | 30:d=4 hl=2 l= 0 prim: NULL 36 | 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 37 | 34:d=3 hl=2 l= 26 cons: SEQUENCE 38 | 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 39 | 47:d=4 hl=2 l= 13 cons: SEQUENCE 40 | 49:d=5 hl=2 l= 9 prim: OBJECT :sha384 41 | 60:d=5 hl=2 l= 0 prim: NULL 42 | 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 43 | 64:d=3 hl=2 l= 1 prim: INTEGER :30 44 | 45 | 46 | 47 | -----BEGIN DATA----- 48 | TDRlz5dKOqfOQhirwHj00bsVlf+0WEe2qMe9l6SVr9SHB4Eow26r+aU7+pGZFp774O041xIeU2g 49 | ZHYzNWBjGZQ== 50 | -----END DATA----- 51 | 52 | 53 | 54 | -----BEGIN SIGNATURE----- 55 | A4IBAQBvlL4AuwL3hEobMolBzR/0gzuJ9u4ATWEPO5uTiBtdJ5Nx9O6gFCrtZMwfEU9q4bzazKV 56 | yWRSpn23GZjlmNYhFCNlfY3l6IlhxGEVz/YeOglrBR8hFbA17835jTmcCR09G6SZ7Wwm8NV7riw 57 | woW15A1N2axuaAAcCxf9T48uehAmXrfApJygl2PWeKzzATUAuGzLLmQ0hNGVvUraxCJfiehtnMl 58 | kWUiSZgjvmXKv6N2JtN8dHMHVEzPTBou4a25ozQIRAIGFvZYcDm5DW4CNJqFM1mTv2BEeOCW5hw 59 | Bt60xm8kXOX4OGwgEyB/aHttWHPdAiFUoODo5j4MtcvajuWt 60 | -----END SIGNATURE----- 61 | 62 | $ openssl asn1parse -i < [SIGNATURE] 63 | 0:d=0 hl=4 l= 257 prim: BIT STRING 64 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/ours/rsa-pss-sha512-salt64.pem: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -----BEGIN PUBLIC KEY----- 6 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVDcg1BMqPneiNBL5+mjEB5mxjJzgkm 7 | ClZR5z1jNht+As6+Mlgflni0bB8LjhWbIt+dZ6Bt4cSHOnAOnkMDOFwtrxJE6Eg1GQ2ux9nDVNv 8 | rQkoOLznXrxMh/af0pcSo8kItDmkqbV/fi3Q7agpbcWc/4wTZOfO6lns4nb5s08oaUv3uF5Wc0s 9 | ktNr6he6R3zSQ6YK5KZFzQdnEtGc4gwHWXZ9xt4JeANht3m4RNpMY89qZsZxmqoewYHuXQUAfl7 10 | W0DC3hoxOoLwSqL2bt2zMMeR8WAo51YY0cJnzAEETcnWIM6ealb5Osj3iSEknxRTley47SsODQ0 11 | maUUWj8wEjwIDAQAB 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=4 l= 290 cons: SEQUENCE 16 | 4:d=1 hl=2 l= 13 cons: SEQUENCE 17 | 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 18 | 17:d=2 hl=2 l= 0 prim: NULL 19 | 19:d=1 hl=4 l= 271 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU 25 | DBAIDBQCiAwIBQA== 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 65 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 31 | 13:d=1 hl=2 l= 52 cons: SEQUENCE 32 | 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 33 | 17:d=3 hl=2 l= 13 cons: SEQUENCE 34 | 19:d=4 hl=2 l= 9 prim: OBJECT :sha512 35 | 30:d=4 hl=2 l= 0 prim: NULL 36 | 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 37 | 34:d=3 hl=2 l= 26 cons: SEQUENCE 38 | 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 39 | 47:d=4 hl=2 l= 13 cons: SEQUENCE 40 | 49:d=5 hl=2 l= 9 prim: OBJECT :sha512 41 | 60:d=5 hl=2 l= 0 prim: NULL 42 | 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 43 | 64:d=3 hl=2 l= 1 prim: INTEGER :40 44 | 45 | 46 | 47 | -----BEGIN DATA----- 48 | BEnGYY+GrDsvawb08kP/OZ0iWbG5yBlJpCIJ1YLPfTCjEouvBzwAkWpUEsI3zk0N8+xcMyJ3qOi 49 | pIsX4YnFfPw== 50 | -----END DATA----- 51 | 52 | 53 | 54 | -----BEGIN SIGNATURE----- 55 | A4IBAQBPA1K787NaEycdAHDfil1/F2imI9PcVD5ZuloBz9Qj1q4ZfdZ9PMagunDBVRQoBr1VDhI 56 | 6VkDfyQvhKebIbSsfk/qJoNZGCZtsKhXcGm5ZI2+fUbbMW7EwlKle8SqXCHRAIICND/qwundcqp 57 | kLNHOqOK8GRUYHnJcMmQbMCBUx9aw3IRu2LRp6FtBwA16stpSat/NlX+aH79f1B/uoFpDVzG7Kw 58 | oqmAuv81vOVQSCNTn4MrCyxmJTLqbk6frXN7nRF+SQOPksUwXXYgpzGyFhrwgUHwkc3skNx/jOT 59 | fpWnvjOUVbi80Sa9i7EIOcmt4IP4a3BRPWT/MTYDDPADIgVf 60 | -----END SIGNATURE----- 61 | 62 | $ openssl asn1parse -i < [SIGNATURE] 63 | 0:d=0 hl=4 l= 257 prim: BIT STRING 64 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-bad-key-der-length.pem: -------------------------------------------------------------------------------- 1 | Same test as rsa-pkcs1-sha1.pem except the length of the first SEQUENCE has 2 | been increased by 2 (which makes it invalid). 3 | 4 | 5 | 6 | -----BEGIN PUBLIC KEY----- 7 | MIOfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 8 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 9 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 10 | -----END PUBLIC KEY----- 11 | 12 | $ openssl asn1parse -i < [PUBLIC KEY] 13 | Error in encoding 14 | 15 | 16 | 17 | -----BEGIN ALGORITHM----- 18 | MA0GCSqGSIb3DQEBBQUA 19 | -----END ALGORITHM----- 20 | 21 | $ openssl asn1parse -i < [ALGORITHM] 22 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 23 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 24 | 13:d=1 hl=2 l= 0 prim: NULL 25 | 26 | 27 | 28 | -----BEGIN DATA----- 29 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 30 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 31 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 32 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 33 | -----END DATA----- 34 | 35 | 36 | 37 | -----BEGIN SIGNATURE----- 38 | A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 39 | Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 40 | wJfKsY6aRY/LY0zc6O41iUxITX 41 | -----END SIGNATURE----- 42 | 43 | $ openssl asn1parse -i < [SIGNATURE] 44 | 0:d=0 hl=3 l= 129 prim: BIT STRING 45 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-bad-key-der-null.pem: -------------------------------------------------------------------------------- 1 | Same test as rsa-pkcs1-sha1.pem except an extra NULL (0x05, 0x00) has been 2 | appended to the SPKI. 3 | 4 | The DER can still be parsed, however it should fail due to the unconsumed data 5 | at the end. 6 | 7 | 8 | 9 | -----BEGIN PUBLIC KEY----- 10 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 11 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 12 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQABBQA= 13 | -----END PUBLIC KEY----- 14 | 15 | $ openssl asn1parse -i < [PUBLIC KEY] 16 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 17 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 18 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 19 | 16:d=2 hl=2 l= 0 prim: NULL 20 | 18:d=1 hl=3 l= 141 prim: BIT STRING 21 | 162:d=0 hl=2 l= 0 prim: NULL 22 | 23 | 24 | 25 | -----BEGIN ALGORITHM----- 26 | MA0GCSqGSIb3DQEBBQUA 27 | -----END ALGORITHM----- 28 | 29 | $ openssl asn1parse -i < [ALGORITHM] 30 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 31 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 32 | 13:d=1 hl=2 l= 0 prim: NULL 33 | 34 | 35 | 36 | -----BEGIN DATA----- 37 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 38 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 39 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 40 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 41 | -----END DATA----- 42 | 43 | 44 | 45 | -----BEGIN SIGNATURE----- 46 | A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 47 | Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 48 | wJfKsY6aRY/LY0zc6O41iUxITX 49 | -----END SIGNATURE----- 50 | 51 | $ openssl asn1parse -i < [SIGNATURE] 52 | 0:d=0 hl=3 l= 129 prim: BIT STRING 53 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-key-params-absent.pem: -------------------------------------------------------------------------------- 1 | Same test as rsa-pkcs1-sha1.pem, except the SPKI has been modified so the 2 | algorithm parameters are absent rather than NULL. 3 | 4 | This should fail because RFC 3279 says the parameters MUST be NULL. 5 | 6 | 7 | 8 | -----BEGIN PUBLIC KEY----- 9 | MIGdMAsGCSqGSIb3DQEBAQOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9 10 | 62ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC 11 | cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ== 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=3 l= 157 cons: SEQUENCE 16 | 3:d=1 hl=2 l= 11 cons: SEQUENCE 17 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 18 | 16:d=1 hl=3 l= 141 prim: BIT STRING 19 | 20 | 21 | 22 | -----BEGIN ALGORITHM----- 23 | MA0GCSqGSIb3DQEBBQUA 24 | -----END ALGORITHM----- 25 | 26 | $ openssl asn1parse -i < [ALGORITHM] 27 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 28 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 29 | 13:d=1 hl=2 l= 0 prim: NULL 30 | 31 | 32 | 33 | -----BEGIN DATA----- 34 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 35 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 36 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 37 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 38 | -----END DATA----- 39 | 40 | 41 | 42 | -----BEGIN SIGNATURE----- 43 | A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 44 | Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 45 | wJfKsY6aRY/LY0zc6O41iUxITX 46 | -----END SIGNATURE----- 47 | 48 | $ openssl asn1parse -i < [SIGNATURE] 49 | 0:d=0 hl=3 l= 129 prim: BIT STRING 50 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-using-pss-key-no-params.pem: -------------------------------------------------------------------------------- 1 | This is the same test as rsa-pkcs1-sha1.pem, except the SPKI has been modified 2 | so that the key algorithm is rsaPss (1.2.840.113549.1.1.10) with absent 3 | parameters. 4 | 5 | Subsequently this should fail, as a PSS key should not be used with a signature 6 | algorithm for PKCS#1 v1.5. 7 | 8 | 9 | 10 | -----BEGIN PUBLIC KEY----- 11 | MIGdMAsGCSqGSIb3DQEBCgOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9 12 | 62ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC 13 | cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ== 14 | -----END PUBLIC KEY----- 15 | 16 | $ openssl asn1parse -i < [PUBLIC KEY] 17 | 0:d=0 hl=3 l= 157 cons: SEQUENCE 18 | 3:d=1 hl=2 l= 11 cons: SEQUENCE 19 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss 20 | 16:d=1 hl=3 l= 141 prim: BIT STRING 21 | 22 | 23 | 24 | -----BEGIN ALGORITHM----- 25 | MA0GCSqGSIb3DQEBBQUA 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 31 | 13:d=1 hl=2 l= 0 prim: NULL 32 | 33 | 34 | 35 | -----BEGIN DATA----- 36 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 37 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 38 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 39 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 40 | -----END DATA----- 41 | 42 | 43 | 44 | -----BEGIN SIGNATURE----- 45 | A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 46 | Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 47 | wJfKsY6aRY/LY0zc6O41iUxITX 48 | -----END SIGNATURE----- 49 | 50 | $ openssl asn1parse -i < [SIGNATURE] 51 | 0:d=0 hl=3 l= 129 prim: BIT STRING 52 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-wrong-algorithm.pem: -------------------------------------------------------------------------------- 1 | This is the same as rsa-pkcs1-sha1.pem, however the ALGORITHM has been change 2 | to have SHA256 instead of SHA1. Using this algorithm verification should fail. 3 | 4 | 5 | 6 | -----BEGIN PUBLIC KEY----- 7 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 8 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 9 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 10 | -----END PUBLIC KEY----- 11 | 12 | $ openssl asn1parse -i < [PUBLIC KEY] 13 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 14 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 15 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 16 | 16:d=2 hl=2 l= 0 prim: NULL 17 | 18:d=1 hl=3 l= 141 prim: BIT STRING 18 | 19 | 20 | 21 | -----BEGIN ALGORITHM----- 22 | MA0GCSqGSIb3DQEBCwUA 23 | -----END ALGORITHM----- 24 | 25 | $ openssl asn1parse -i < [ALGORITHM] 26 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 27 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 28 | 13:d=1 hl=2 l= 0 prim: NULL 29 | 30 | 31 | 32 | -----BEGIN DATA----- 33 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 34 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 35 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 36 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 37 | -----END DATA----- 38 | 39 | 40 | 41 | -----BEGIN SIGNATURE----- 42 | A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 43 | Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 44 | wJfKsY6aRY/LY0zc6O41iUxITX 45 | -----END SIGNATURE----- 46 | 47 | $ openssl asn1parse -i < [SIGNATURE] 48 | 0:d=0 hl=3 l= 129 prim: BIT STRING 49 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1.pem: -------------------------------------------------------------------------------- 1 | The key, message, and signature come from Example 1 of: 2 | ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15sign-vectors.txt 3 | 4 | (The algorithm DER was synthesized to match, and the signature enclosed in a BIT STRING). 5 | 6 | It uses an RSA key with modulus length of 1024 bits, PKCS#1 v1.5 padding, and 7 | SHA-1 as the digest. 8 | 9 | 10 | 11 | -----BEGIN PUBLIC KEY----- 12 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 13 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 14 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 15 | -----END PUBLIC KEY----- 16 | 17 | $ openssl asn1parse -i < [PUBLIC KEY] 18 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 19 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 20 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 21 | 16:d=2 hl=2 l= 0 prim: NULL 22 | 18:d=1 hl=3 l= 141 prim: BIT STRING 23 | 24 | 25 | 26 | -----BEGIN ALGORITHM----- 27 | MA0GCSqGSIb3DQEBBQUA 28 | -----END ALGORITHM----- 29 | 30 | $ openssl asn1parse -i < [ALGORITHM] 31 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 32 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 33 | 13:d=1 hl=2 l= 0 prim: NULL 34 | 35 | 36 | 37 | -----BEGIN DATA----- 38 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 39 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 40 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 41 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 42 | -----END DATA----- 43 | 44 | 45 | 46 | -----BEGIN SIGNATURE----- 47 | A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 48 | Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 49 | wJfKsY6aRY/LY0zc6O41iUxITX 50 | -----END SIGNATURE----- 51 | 52 | $ openssl asn1parse -i < [SIGNATURE] 53 | 0:d=0 hl=3 l= 129 prim: BIT STRING 54 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-key-encoded-ber.pem: -------------------------------------------------------------------------------- 1 | This is the same test as rsa-pkcs1-sha256.pem except the SPKI has been encoded 2 | using a non-minimal length for the outtermost SEQUENCE. 3 | 4 | Under DER, the tag-length-value encodings should be minimal and hence this should fail. 5 | 6 | Specifically the SPKI start was changed from: 7 | 30 81 9f 8 | To: 9 | 30 82 00 9f 10 | 11 | (the length of 0x9F is being expressed using 2 bytes instead of 1) 12 | 13 | 14 | 15 | -----BEGIN PUBLIC KEY----- 16 | MIIAnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqkfgdjI9YqzadSZ2Ns0CEEUD8+8m7OplIx0 17 | 94X+QD8mooNrunwT04asbLIINGL4qiI/+9IVSvyV3Kj9c4EeQIbANGoJ8AI3wf6MOBB/txxGFed 18 | qqcTffKVMQvtZdoYFbZ/MQkvyRsoyvunb/pWcN4sSaF9kY1bXSeP3J99fBIYUCAwEAAQ== 19 | -----END PUBLIC KEY----- 20 | 21 | $ openssl asn1parse -i < [PUBLIC KEY] 22 | 0:d=0 hl=4 l= 159 cons: SEQUENCE 23 | 4:d=1 hl=2 l= 13 cons: SEQUENCE 24 | 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 25 | 17:d=2 hl=2 l= 0 prim: NULL 26 | 19:d=1 hl=3 l= 141 prim: BIT STRING 27 | 28 | 29 | 30 | -----BEGIN ALGORITHM----- 31 | MA0GCSqGSIb3DQEBCwUA 32 | -----END ALGORITHM----- 33 | 34 | $ openssl asn1parse -i < [ALGORITHM] 35 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 36 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 37 | 13:d=1 hl=2 l= 0 prim: NULL 38 | 39 | 40 | 41 | -----BEGIN DATA----- 42 | MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN 43 | VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1 44 | UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ 45 | VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0 46 | ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp 47 | 1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA 48 | 0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/ 49 | cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw 50 | FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w== 51 | -----END DATA----- 52 | 53 | 54 | 55 | -----BEGIN SIGNATURE----- 56 | A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK 57 | oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6 58 | +Gqf3saGdr8/LnvFAdNQvkalQt 59 | -----END SIGNATURE----- 60 | 61 | $ openssl asn1parse -i < [SIGNATURE] 62 | 0:d=0 hl=3 l= 129 prim: BIT STRING 63 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-spki-non-null-params.pem: -------------------------------------------------------------------------------- 1 | This is the same test as rsa-pkcs1-sha256.pem except the SPKI has been tampered 2 | with. The parameters have been changed from NULL to an INTEGER. 3 | 4 | This was done by changing: 5 | 6 | 05 00 (NULL) 7 | To: 8 | 02 00 (INTEGER) 9 | 10 | 11 | 12 | -----BEGIN PUBLIC KEY----- 13 | MIGfMA0GCSqGSIb3DQEBAQIAA4GNADCBiQKBgQCqR+B2Mj1irNp1JnY2zQIQRQPz7ybs6mUjHT3 14 | hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA0agnwAjfB/ow4EH+3HEYV52q 15 | pxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/cn318EhhQIDAQAB 16 | -----END PUBLIC KEY----- 17 | 18 | $ openssl asn1parse -i < [PUBLIC KEY] 19 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 20 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 21 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 22 | 16:d=2 hl=2 l= 0 prim: INTEGER :00 23 | 18:d=1 hl=3 l= 141 prim: BIT STRING 24 | 25 | 26 | 27 | -----BEGIN ALGORITHM----- 28 | MA0GCSqGSIb3DQEBCwUA 29 | -----END ALGORITHM----- 30 | 31 | $ openssl asn1parse -i < [ALGORITHM] 32 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 33 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 34 | 13:d=1 hl=2 l= 0 prim: NULL 35 | 36 | 37 | 38 | -----BEGIN DATA----- 39 | MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN 40 | VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1 41 | UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ 42 | VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0 43 | ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp 44 | 1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA 45 | 0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/ 46 | cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw 47 | FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w== 48 | -----END DATA----- 49 | 50 | 51 | 52 | -----BEGIN SIGNATURE----- 53 | A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK 54 | oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6 55 | +Gqf3saGdr8/LnvFAdNQvkalQt 56 | -----END SIGNATURE----- 57 | 58 | $ openssl asn1parse -i < [SIGNATURE] 59 | 0:d=0 hl=3 l= 129 prim: BIT STRING 60 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-using-ecdsa-algorithm.pem: -------------------------------------------------------------------------------- 1 | This test specified a valid RSA PKCS#1 v.1.5 signature and RSA key (the same as rsa-pkcs1-sha256.pem). 2 | 3 | The problem however is the signature algorithm is indicated as being ECDSA. 4 | 5 | Signature verification consequently should fail. 6 | 7 | 8 | 9 | -----BEGIN PUBLIC KEY----- 10 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp1JnY2zQIQRQPz7ybs6mUjHT3 11 | hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA0agnwAjfB/ow4EH+3HEYV52q 12 | pxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/cn318EhhQIDAQAB 13 | -----END PUBLIC KEY----- 14 | 15 | $ openssl asn1parse -i < [PUBLIC KEY] 16 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 17 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 18 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 19 | 16:d=2 hl=2 l= 0 prim: NULL 20 | 18:d=1 hl=3 l= 141 prim: BIT STRING 21 | 22 | 23 | 24 | -----BEGIN ALGORITHM----- 25 | MAoGCCqGSM49BAMC 26 | -----END ALGORITHM----- 27 | 28 | $ openssl asn1parse -i < [ALGORITHM] 29 | 0:d=0 hl=2 l= 10 cons: SEQUENCE 30 | 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 31 | 32 | 33 | 34 | -----BEGIN DATA----- 35 | MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN 36 | VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1 37 | UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ 38 | VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0 39 | ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp 40 | 1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA 41 | 0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/ 42 | cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw 43 | FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w== 44 | -----END DATA----- 45 | 46 | 47 | 48 | -----BEGIN SIGNATURE----- 49 | A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK 50 | oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6 51 | +Gqf3saGdr8/LnvFAdNQvkalQt 52 | -----END SIGNATURE----- 53 | 54 | $ openssl asn1parse -i < [SIGNATURE] 55 | 0:d=0 hl=3 l= 129 prim: BIT STRING 56 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-using-id-ea-rsa.pem: -------------------------------------------------------------------------------- 1 | This is the same test as rsa-pkcs1-sha256.pem except the SPKI has been tampered 2 | with. Rather than using an rsaEncryption OID for the key's algorithm, it uses 3 | id-ea-rsa (2.5.8.1.1). 4 | 5 | 6 | 7 | -----BEGIN PUBLIC KEY----- 8 | MIGaMAgGBFUIAQEFAAOBjQAwgYkCgYEAqkfgdjI9YqzadSZ2Ns0CEEUD8+8m7OplIx094X+QD8m 9 | ooNrunwT04asbLIINGL4qiI/+9IVSvyV3Kj9c4EeQIbANGoJ8AI3wf6MOBB/txxGFedqqcTffKV 10 | MQvtZdoYFbZ/MQkvyRsoyvunb/pWcN4sSaF9kY1bXSeP3J99fBIYUCAwEAAQ== 11 | -----END PUBLIC KEY----- 12 | 13 | $ openssl asn1parse -i < [PUBLIC KEY] 14 | 0:d=0 hl=3 l= 154 cons: SEQUENCE 15 | 3:d=1 hl=2 l= 8 cons: SEQUENCE 16 | 5:d=2 hl=2 l= 4 prim: OBJECT :rsa 17 | 11:d=2 hl=2 l= 0 prim: NULL 18 | 13:d=1 hl=3 l= 141 prim: BIT STRING 19 | 20 | 21 | 22 | -----BEGIN ALGORITHM----- 23 | MA0GCSqGSIb3DQEBCwUA 24 | -----END ALGORITHM----- 25 | 26 | $ openssl asn1parse -i < [ALGORITHM] 27 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 28 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 29 | 13:d=1 hl=2 l= 0 prim: NULL 30 | 31 | 32 | 33 | -----BEGIN DATA----- 34 | MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN 35 | VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1 36 | UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ 37 | VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0 38 | ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp 39 | 1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA 40 | 0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/ 41 | cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw 42 | FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w== 43 | -----END DATA----- 44 | 45 | 46 | 47 | -----BEGIN SIGNATURE----- 48 | A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK 49 | oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6 50 | +Gqf3saGdr8/LnvFAdNQvkalQt 51 | -----END SIGNATURE----- 52 | 53 | $ openssl asn1parse -i < [SIGNATURE] 54 | 0:d=0 hl=3 l= 129 prim: BIT STRING 55 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pss-sha1-salt20-using-pss-key-no-params.pem: -------------------------------------------------------------------------------- 1 | This is the same test as rsa-pss-sha1-salt20.pem, except the public key's 2 | algorithm identifier has been changed from rsaEncryption (1.2.840.113549.1.1.1) 3 | to rsaPss (1.2.840.113549.1.1.10). 4 | 5 | 6 | 7 | -----BEGIN PUBLIC KEY----- 8 | MIGdMAsGCSqGSIb3DQEBCgOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9 9 | 62ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC 10 | cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ== 11 | -----END PUBLIC KEY----- 12 | 13 | $ openssl asn1parse -i < [PUBLIC KEY] 14 | 0:d=0 hl=3 l= 157 cons: SEQUENCE 15 | 3:d=1 hl=2 l= 11 cons: SEQUENCE 16 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss 17 | 16:d=1 hl=3 l= 141 prim: BIT STRING 18 | 19 | 20 | 21 | -----BEGIN ALGORITHM----- 22 | MA0GCSqGSIb3DQEBCjAA 23 | -----END ALGORITHM----- 24 | 25 | $ openssl asn1parse -i < [ALGORITHM] 26 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 27 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 28 | 13:d=1 hl=2 l= 0 cons: SEQUENCE 29 | 30 | 31 | 32 | -----BEGIN DATA----- 33 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 34 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 35 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 36 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 37 | -----END DATA----- 38 | 39 | 40 | 41 | -----BEGIN SIGNATURE----- 42 | A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ 43 | /nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS 44 | yCwtTD9mzVAPH/K5lNik4wy7M8 45 | -----END SIGNATURE----- 46 | 47 | $ openssl asn1parse -i < [SIGNATURE] 48 | 0:d=0 hl=3 l= 129 prim: BIT STRING 49 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pss-sha1-salt20-using-pss-key-with-null-params.pem: -------------------------------------------------------------------------------- 1 | This is the same test as rsa-pss-sha1-salt20.pem, except the public key's 2 | algorithm identifier has been changed from rsaEncryption (1.2.840.113549.1.1.1) 3 | to rsaPss (1.2.840.113549.1.1.10). Note that the PSS parameters have been 4 | encoded as NULL which is incorrect. 5 | 6 | 7 | 8 | -----BEGIN PUBLIC KEY----- 9 | MIGfMA0GCSqGSIb3DQEBCgUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 10 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 11 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 12 | -----END PUBLIC KEY----- 13 | 14 | $ openssl asn1parse -i < [PUBLIC KEY] 15 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 16 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 17 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss 18 | 16:d=2 hl=2 l= 0 prim: NULL 19 | 18:d=1 hl=3 l= 141 prim: BIT STRING 20 | 21 | 22 | 23 | -----BEGIN ALGORITHM----- 24 | MA0GCSqGSIb3DQEBCjAA 25 | -----END ALGORITHM----- 26 | 27 | $ openssl asn1parse -i < [ALGORITHM] 28 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 29 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 30 | 13:d=1 hl=2 l= 0 cons: SEQUENCE 31 | 32 | 33 | 34 | -----BEGIN DATA----- 35 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 36 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 37 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 38 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 39 | -----END DATA----- 40 | 41 | 42 | 43 | -----BEGIN SIGNATURE----- 44 | A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ 45 | /nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS 46 | yCwtTD9mzVAPH/K5lNik4wy7M8 47 | -----END SIGNATURE----- 48 | 49 | $ openssl asn1parse -i < [SIGNATURE] 50 | 0:d=0 hl=3 l= 129 prim: BIT STRING 51 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pss-sha1-salt20.pem: -------------------------------------------------------------------------------- 1 | The key, message, and signature come from Example 1.1 of: 2 | ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip (pss-vect.txt) 3 | 4 | (The algorithm DER was synthesized to match, and the signature enclosed in a BIT STRING). 5 | 6 | It uses an RSA key with modulus length of 1024 bits, PSS padding, 7 | SHA-1 as the digest, MGF1 with SHA-1, and salt length of 20. 8 | 9 | 10 | 11 | -----BEGIN PUBLIC KEY----- 12 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 13 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 14 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 15 | -----END PUBLIC KEY----- 16 | 17 | $ openssl asn1parse -i < [PUBLIC KEY] 18 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 19 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 20 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 21 | 16:d=2 hl=2 l= 0 prim: NULL 22 | 18:d=1 hl=3 l= 141 prim: BIT STRING 23 | 24 | 25 | 26 | -----BEGIN ALGORITHM----- 27 | MA0GCSqGSIb3DQEBCjAA 28 | -----END ALGORITHM----- 29 | 30 | $ openssl asn1parse -i < [ALGORITHM] 31 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 32 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 33 | 13:d=1 hl=2 l= 0 cons: SEQUENCE 34 | 35 | 36 | 37 | -----BEGIN DATA----- 38 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 39 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 40 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 41 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 42 | -----END DATA----- 43 | 44 | 45 | 46 | -----BEGIN SIGNATURE----- 47 | A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ 48 | /nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS 49 | yCwtTD9mzVAPH/K5lNik4wy7M8 50 | -----END SIGNATURE----- 51 | 52 | $ openssl asn1parse -i < [SIGNATURE] 53 | 0:d=0 hl=3 l= 129 prim: BIT STRING 54 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pss-sha1-wrong-salt.pem: -------------------------------------------------------------------------------- 1 | Same as rsa-pss-sha1-wrong-salt.pem except the ALGORITHM has been changed to 2 | have a salt of 23. When verified using this algorithm it will fail, however if 3 | the default salt of 20 were used it would succeed. 4 | 5 | 6 | 7 | -----BEGIN PUBLIC KEY----- 8 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 9 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 10 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 11 | -----END PUBLIC KEY----- 12 | 13 | $ openssl asn1parse -i < [PUBLIC KEY] 14 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 15 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 16 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 17 | 16:d=2 hl=2 l= 0 prim: NULL 18 | 18:d=1 hl=3 l= 141 prim: BIT STRING 19 | 20 | 21 | 22 | -----BEGIN ALGORITHM----- 23 | MBIGCSqGSIb3DQEBCjAFogMCARc= 24 | -----END ALGORITHM----- 25 | 26 | $ openssl asn1parse -i < [ALGORITHM] 27 | 0:d=0 hl=2 l= 18 cons: SEQUENCE 28 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 29 | 13:d=1 hl=2 l= 5 cons: SEQUENCE 30 | 15:d=2 hl=2 l= 3 cons: cont [ 2 ] 31 | 17:d=3 hl=2 l= 1 prim: INTEGER :17 32 | 33 | 34 | 35 | -----BEGIN DATA----- 36 | zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 37 | jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 38 | vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 39 | pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 40 | -----END DATA----- 41 | 42 | 43 | 44 | -----BEGIN SIGNATURE----- 45 | A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ 46 | /nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS 47 | yCwtTD9mzVAPH/K5lNik4wy7M8 48 | -----END SIGNATURE----- 49 | 50 | $ openssl asn1parse -i < [SIGNATURE] 51 | 0:d=0 hl=3 l= 129 prim: BIT STRING 52 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-pss-sha256-mgf1-sha512-salt33.pem: -------------------------------------------------------------------------------- 1 | This test exercises using a different hash function parameter to the mask gen 2 | function (SHA-256 for the hash, but SHA-512 for the MGF1 hash). 3 | 4 | This test data was constructed manually by calling signing functions from 5 | OpenSSL code. 6 | 7 | It constructs an RSASSA-PSS signature using: 8 | * Key with modulus 1024 bit 9 | * Salt length 33 bytes 10 | * Digest function of SHA-256 11 | * Mask gen function of MGF1 with SHA-512 12 | 13 | 14 | 15 | -----BEGIN PUBLIC KEY----- 16 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH 17 | mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL 18 | I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB 19 | -----END PUBLIC KEY----- 20 | 21 | $ openssl asn1parse -i < [PUBLIC KEY] 22 | 0:d=0 hl=3 l= 159 cons: SEQUENCE 23 | 3:d=1 hl=2 l= 13 cons: SEQUENCE 24 | 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 25 | 16:d=2 hl=2 l= 0 prim: NULL 26 | 18:d=1 hl=3 l= 141 prim: BIT STRING 27 | 28 | 29 | 30 | -----BEGIN ALGORITHM----- 31 | MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU 32 | DBAIDBQCiAwIBIQ== 33 | -----END ALGORITHM----- 34 | 35 | $ openssl asn1parse -i < [ALGORITHM] 36 | 0:d=0 hl=2 l= 65 cons: SEQUENCE 37 | 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 38 | 13:d=1 hl=2 l= 52 cons: SEQUENCE 39 | 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 40 | 17:d=3 hl=2 l= 13 cons: SEQUENCE 41 | 19:d=4 hl=2 l= 9 prim: OBJECT :sha256 42 | 30:d=4 hl=2 l= 0 prim: NULL 43 | 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 44 | 34:d=3 hl=2 l= 26 cons: SEQUENCE 45 | 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 46 | 47:d=4 hl=2 l= 13 cons: SEQUENCE 47 | 49:d=5 hl=2 l= 9 prim: OBJECT :sha512 48 | 60:d=5 hl=2 l= 0 prim: NULL 49 | 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 50 | 64:d=3 hl=2 l= 1 prim: INTEGER :21 51 | 52 | 53 | 54 | -----BEGIN DATA----- 55 | VGVzdCBtZXNzYWdlIHRvIGJlIHNpZ25lZC4uLg== 56 | -----END DATA----- 57 | 58 | 59 | 60 | -----BEGIN SIGNATURE----- 61 | A4GBAFob0HSC5uuTqKu4J/lj+5bDa+Hhij4H3klWnvt6Yc+wwPza7/UC4lgGGyvZqD32RUEdt7v 62 | Z14qqYNk53b5aj4C2gBMvLzV7Pay4mmQM4DSWa5JHMxTILqE3DDqihrbMcBw2q3XAsLcjeqLWQ9 63 | yp8tfnV21h98qsCLtErrxZWHRr 64 | -----END SIGNATURE----- 65 | 66 | $ openssl asn1parse -i < [SIGNATURE] 67 | 0:d=0 hl=3 l= 129 prim: BIT STRING 68 | -------------------------------------------------------------------------------- /third-party/chromium/data/verify_signed_data/rsa-using-ec-key.pem: -------------------------------------------------------------------------------- 1 | This test specifies an RSA PKCS#1 v1.5 signature algorithm (and a valid RSA 2 | signature), HOWEVER it provides an EC key. Verification should fail. 3 | 4 | 5 | 6 | -----BEGIN PUBLIC KEY----- 7 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 8 | o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 9 | -----END PUBLIC KEY----- 10 | 11 | $ openssl asn1parse -i < [PUBLIC KEY] 12 | 0:d=0 hl=2 l= 89 cons: SEQUENCE 13 | 2:d=1 hl=2 l= 19 cons: SEQUENCE 14 | 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 15 | 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 16 | 23:d=1 hl=2 l= 66 prim: BIT STRING 17 | 18 | 19 | 20 | -----BEGIN ALGORITHM----- 21 | MA0GCSqGSIb3DQEBCwUA 22 | -----END ALGORITHM----- 23 | 24 | $ openssl asn1parse -i < [ALGORITHM] 25 | 0:d=0 hl=2 l= 13 cons: SEQUENCE 26 | 2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption 27 | 13:d=1 hl=2 l= 0 prim: NULL 28 | 29 | 30 | 31 | -----BEGIN DATA----- 32 | MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN 33 | VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1 34 | UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ 35 | VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0 36 | ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp 37 | 1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA 38 | 0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/ 39 | cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw 40 | FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w== 41 | -----END DATA----- 42 | 43 | 44 | 45 | -----BEGIN SIGNATURE----- 46 | A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK 47 | oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6 48 | +Gqf3saGdr8/LnvFAdNQvkalQt 49 | -----END SIGNATURE----- 50 | 51 | $ openssl asn1parse -i < [SIGNATURE] 52 | 0:d=0 hl=3 l= 129 prim: BIT STRING 53 | --------------------------------------------------------------------------------