diff options
Diffstat (limited to 'security/manager/ssl/tests/unit/bad_certs')
101 files changed, 1258 insertions, 0 deletions
diff --git a/security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem b/security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem new file mode 100644 index 000000000..62406aaac --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC5DCCAc6gAwIBAgIUaauScBIwFX7ueYmCXknl2gMYElAwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowJjEkMCIGA1UEAwwbRUUgd2l0aCBiYWQgc3ViamVjdEFsdE5hbWVz +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB/W62iAY2 +ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVramRxCHqlWqdF +h/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMCOosqQe6n +cOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdmWqp+ApAv +OnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGzey8ib2nj +tIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUDrNoYCjXt +jQIDAQABox4wHDAaBgNVHREEEzARgg8qLiouZXhhbXBsZS5jb20wCwYJKoZIhvcN +AQELA4IBAQBQsZKhZe/1VkfifLqD4bni/7VY8xfXQO4DDu9HSkFmeJOhaIzfdQls +q4LN+HVuJcJQZD1ni24UbJib+Jh8cbuzRA8l6w+PUBB6XPeF8BfYDkSbDoIYxj6h +OclX4HInco4O4Ul+1K0u7qF9xtMYK+xaAZqiEzU638nW2n5EWV8v7y5dJsmx7rz3 +s7boQNkjgZo7R0Lw5Z8zzKYE0jVp+dRztP/f0X9uG6YW3thFIfHbewXBKP1kiIv6 +jymQMdcdnc+LhtM5/+KJcCstGA1YUaZ7pNkU7/KyB0Ch1m+b40EOSnZKelUFkmvp +yaMC1hUND9LZjKwnGKNwuF5HR4OX/w0g +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem.certspec new file mode 100644 index 000000000..1b368c26f --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/badSubjectAltNames.pem.certspec @@ -0,0 +1,3 @@ +issuer:Test CA +subject:EE with bad subjectAltNames +extension:subjectAlternativeName:*.*.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem b/security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem new file mode 100644 index 000000000..ffb961c45 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDJzCCAhGgAwIBAgIUdXLIuQ4fxP+03n9N/HH0ZlV0c7owCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMTk0NjAyMTQwMDAwMDBaGA8yMDMxMDEw +MTAwMDAwMFowLDEqMCgGA1UEAwwhQmVmb3JlIFVOSVggRXBvY2ggVGVzdCBFbmQt +ZW50aXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB +/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVramRx +CHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMC +OosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdm +Wqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGz +ey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUD +rNoYCjXtjQIDAQABo1swWTAjBgNVHREEHDAaghhiZWZvcmUtZXBvY2guZXhhbXBs +ZS5jb20wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxo +b3N0Ojg4ODgvMAsGCSqGSIb3DQEBCwOCAQEAgkj+Gwj2oJbjTvT8ivsSVfs1XHg6 +VOkPc8+DvFUY9l+lffyGUf8JQV0HuHHWOdPkSNAthqCYvsvzn1p21OFVo8EB7f5/ +mCz+u/YiWDDDjRfIYPUxvKIL4qqz+1dW3YcYOCG7luyNgajR9M9ivHGh7pX23Loa +726oYYXWaY0KU2/CkLWLSvrdbcEiw/mUMrpKa7H2Zh0OVg6pcL1LNlUTGOWoyl9X +u50M4iKLlb1wHiBTqXskKu6lM3yob6fVQ53S6Q6vKPsmD0hiKzGP5k8NLp5m0tHm +a18x76ggEprPxGI3XXOCejGBbBIdswEX+WA904jMRwrrbLXxXLKSG72UKg== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem.certspec new file mode 100644 index 000000000..ac97b2231 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/beforeEpoch.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Before UNIX Epoch Test End-entity +validity:19460214-20310101 +extension:subjectAlternativeName:before-epoch.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem b/security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem new file mode 100644 index 000000000..62ddea52a --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC6zCCAdWgAwIBAgIUewecPPOfV1pIxDqNQZDAK7WnmikwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMTk0NjAyMTQwMDAwMDBaGA8yMDMxMDEw +MTAwMDAwMFowLjEsMCoGA1UEAwwjQmVmb3JlIFVOSVggRXBvY2ggVGVzdCBJbnRl +cm1lZGlhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W +1kH9braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtq +ZHEIeqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx +0wI6iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthV +t2Zaqn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo +4bN7LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx +1QOs2hgKNe2NAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAsG +CSqGSIb3DQEBCwOCAQEAZOcbi3DKkzazT2A2ZlqHdeY7tgVL8fiQnPvzfYpNgB+R +pM3gkZRagkliv8o0ZKlkaoLDula6Q5Rhe2hY2+PSQNi/BkDdg/ituWOnH2ruX8Dm +cWFFWJfGehf12dpJWhW+lovgQvbUmAVeMKMDfNIHgGZmwdVarYTN4LV7uu1abtIP +mxFLc8x2CkGk9XQJXbts3cLwtZJiqAdMCuX5P4fmnLkaFAw+Vs+6aLBLOOD5WMF9 +vqwTRPDedtG+xmOhZ+J0YijRRfm4go5gCZj3XF3RgA35V7A/i3MCX2jPRfXDRywV +8bsqZlIgILgdm4YCHlXpF9aqHJxz9AMKZs3Wk8mu7Q== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem.certspec new file mode 100644 index 000000000..835e63f2b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/beforeEpochINT.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Before UNIX Epoch Test Intermediate +validity:19460214-20310101 +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem b/security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem new file mode 100644 index 000000000..c234f9365 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDVjCCAkCgAwIBAgIUHY/2g5fyvV2MONrnjGi3fWc83j0wCwYJKoZIhvcNAQEL +MC4xLDAqBgNVBAMMI0JlZm9yZSBVTklYIEVwb2NoIFRlc3QgSW50ZXJtZWRpYXRl +MCIYDzIwMTUxMTI4MDAwMDAwWhgPMjAxODAyMDUwMDAwMDBaMDgxNjA0BgNVBAMM +LVRlc3QgRW5kLWVudGl0eSB3aXRoIEJlZm9yZSBVTklYIEVwb2NoIGlzc3VlcjCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9 +PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3 +HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3Dg +Dw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7 +EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SK +lWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0C +AwEAAaNiMGAwKgYDVR0RBCMwIYIfYmVmb3JlLWVwb2NoLWlzc3Vlci5leGFtcGxl +LmNvbTAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhv +c3Q6ODg4OC8wCwYJKoZIhvcNAQELA4IBAQAAYmpIy15lrWSrorG+HfjZNckhAsCG +1BOVYRr+s1Zks4wj1aMXFSzblgNgdRuZA20TkRfJKw40cyuNLfm5DhKZUbo+0LAN +jthu2cHFBaQn+XV6xMb2tEKTU8rBqzAYIAnmEIlLukYQBVICL9tirC1JJhqe1/S8 +U139izFYNnSqNmss2cJOuI4VM7B951v1h4mQYfcX1Sv27qWaKBK7k9fKBWWE0DCX +YR1nB4RlI+92ncTOwbjtXR92gqR/z1wGDOPj/0VNNUn4SKo5Xif9TqXh4LhnY9fD +HgoZSMDxftXou1MjN0cWnIP6QMyLfg2kSN0vnQpVle6KgsxpfrgLiMoU +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem.certspec new file mode 100644 index 000000000..9aabe2162 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/beforeEpochIssuer.pem.certspec @@ -0,0 +1,4 @@ +issuer:Before UNIX Epoch Test Intermediate +subject:Test End-entity with Before UNIX Epoch issuer +extension:subjectAlternativeName:before-epoch-issuer.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem b/security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem new file mode 100644 index 000000000..ae40112c3 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQTCCAiugAwIBAgIUBUmy5jtGrDso26TeIelwmtF+KFAwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowLzEtMCsGA1UEAwwkVGVzdCBJbnRlcm1lZGlhdGUgdXNlZCBhcyBF +bmQtRW50aXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESO +FtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVr +amRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWka +sdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbY +VbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6n +aOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHE +MdUDrNoYCjXtjQIDAQABo3IwcDAMBgNVHRMEBTADAQH/MDIGCCsGAQUFBwEBBCYw +JDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDo4ODg4LzAsBgNVHREEJTAj +giFjYS11c2VkLWFzLWVuZC1lbnRpdHkuZXhhbXBsZS5jb20wCwYJKoZIhvcNAQEL +A4IBAQApr3pPS4uWz6oPEhrTO73K+JTP2VRTKgtbooPhOZ6tCRz75P729RzVOEZF +Vf87VSFTTXUdG5Q6+SDNuCdDuyyPR4q38s+8jgv3OVfsEbhPuSx73pLAzYg727Ip +U2ROGoVysc3JrUfwPZSvQ/i4iqdb2sVwtqR5LM1nApy5+p6Ef8cwjfm9qsdrHlnx +3VdiioEOp+8SKH5rzfZe+1jepRODlqvFEO9gFbaqjHLzL005xAcfpsZPH5JzDhqD +g4QiIFlm+wwQ9pTBpk1ZmbgDyk4frrxughFsbR4zDDTfJCREa5RlwH34xOkx/cTu +ee/qZzerx61VI88GvLK87eX2ZiH1 +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem.certspec new file mode 100644 index 000000000..8e16705b5 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ca-used-as-end-entity.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Test Intermediate used as End-Entity +extension:basicConstraints:cA, +extension:authorityInformationAccess:http://localhost:8888/ +extension:subjectAlternativeName:ca-used-as-end-entity.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/default-ee.key b/security/manager/ssl/tests/unit/bad_certs/default-ee.key new file mode 100644 index 000000000..8af23e068 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/default-ee.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6iFGoRI4W1kH9 +braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEI +eqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6 +iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Za +qn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7 +LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs +2hgKNe2NAgMBAAECggEBAJ7LzjhhpFTsseD+j4XdQ8kvWCXOLpl4hNDhqUnaosWs +VZskBFDlrJ/gw+McDu+mUlpl8MIhlABO4atGPd6e6CKHzJPnRqkZKcXmrD2IdT9s +JbpZeec+XY+yOREaPNq4pLDN9fnKsF8SM6ODNcZLVWBSXn47kq18dQTPHcfLAFeI +r8vh6Pld90AqFRUw1YCDRoZOs3CqeZVqWHhiy1M3kTB/cNkcltItABppAJuSPGgz +iMnzbLm16+ZDAgQceNkIIGuHAJy4yrrK09vbJ5L7kRss9NtmA1hb6a4Mo7jmQXqg +SwbkcOoaO1gcoDpngckxW2KzDmAR8iRyWUbuxXxtlEECgYEA3W4dT//r9o2InE0R +TNqqnKpjpZN0KGyKXCmnF7umA3VkTVyqZ0xLi8cyY1hkYiDkVQ12CKwn1Vttt0+N +gSfvj6CQmLaRR94GVXNEfhg9Iv59iFrOtRPZWB3V4HwakPXOCHneExNx7O/JznLp +xD3BJ9I4GQ3oEXc8pdGTAfSMdCsCgYEA16dz2evDgKdn0v7Ak0rU6LVmckB3Gs3r +ta15b0eP7E1FmF77yVMpaCicjYkQL63yHzTi3UlA66jAnW0fFtzClyl3TEMnXpJR +3b5JCeH9O/Hkvt9Go5uLODMo70rjuVuS8gcK8myefFybWH/t3gXo59hspXiG+xZY +EKd7mEW8MScCgYEAlkcrQaYQwK3hryJmwWAONnE1W6QtS1oOtOnX6zWBQAul3RMs +2xpekyjHu8C7sBVeoZKXLt+X0SdR2Pz2rlcqMLHqMJqHEt1OMyQdse5FX8CT9byb +WS11bmYhR08ywHryL7J100B5KzK6JZC7smGu+5WiWO6lN2VTFb6cJNGRmS0CgYAo +tFCnp1qFZBOyvab3pj49lk+57PUOOCPvbMjo+ibuQT+LnRIFVA8Su+egx2got7pl +rYPMpND+KiIBFOGzXQPVqFv+Jwa9UPzmz83VcbRspiG47UfWBbvnZbCqSgZlrCU2 +TaIBVAMuEgS4VZ0+NPtbF3yaVv+TUQpaSmKHwVHeLQKBgCgGe5NVgB0u9S36ltit +tYlnPPjuipxv9yruq+nva+WKT0q/BfeIlH3IUf2qNFQhR6caJGv7BU7naqNGq80m +ks/J5ExR5vBpxzXgc7oBn2pyFJYckbJoccrqv48GRBigJpDjmo1f8wZ7fNt/ULH1 +NBinA5ZsT8d0v3QCr2xDJH9D +-----END PRIVATE KEY-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/default-ee.key.keyspec b/security/manager/ssl/tests/unit/bad_certs/default-ee.key.keyspec new file mode 100644 index 000000000..4ad96d515 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/default-ee.key.keyspec @@ -0,0 +1 @@ +default diff --git a/security/manager/ssl/tests/unit/bad_certs/default-ee.pem b/security/manager/ssl/tests/unit/bad_certs/default-ee.pem new file mode 100644 index 000000000..0a9eaebb5 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/default-ee.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDhTCCAm+gAwIBAgIUNRvpOhsDHEYbRf6bsiAPbvKe2VAwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowGjEYMBYGA1UEAwwPVGVzdCBFbmQtZW50aXR5MIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB/W62iAY2ED08E9nq5DVKtOz1 +aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVramRxCHqlWqdFh/cc1SScAn7NQ/we +adA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMCOosqQe6ncOAPDY39ZgsrsCSS +pH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdmWqp+ApAvOnsQgAYkzBxsl62W +YVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGzey8ib2njtIqVYR3uJtYlnauR +CE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUDrNoYCjXtjQIDAQABo4HKMIHH +MIGQBgNVHREEgYgwgYWCCWxvY2FsaG9zdIINKi5leGFtcGxlLmNvbYIVKi5waW5u +aW5nLmV4YW1wbGUuY29tgigqLmluY2x1ZGUtc3ViZG9tYWlucy5waW5uaW5nLmV4 +YW1wbGUuY29tgigqLmV4Y2x1ZGUtc3ViZG9tYWlucy5waW5uaW5nLmV4YW1wbGUu +Y29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9z +dDo4ODg4LzALBgkqhkiG9w0BAQsDggEBAH6+Qe/y1TTCx2w6f31VWp5lcizPkS8s +ODfbgT9pKYqqvYDeiDu3q8SLGHTTsHWWewBCu5Jd0mXPXfZ4FEHcwbVJZUZBvQVr +1aNBCriuzhNUyfjkvfCgM4OuxgNwjbihGDE8VzfxTiz8mDN0AgACCZaUTQnybQc0 +SW+ldxspBgQJom0tkZ+TGi80L3/5P5J2+7AchxhAZzQmebDnxNYDZXCJH8w15was +OzM5BrQzz3vuxupO7lsRzZIzAU+uQD4bjcMpz3oMdj3/0lb0HZGMdU22Ub36PvLC +6mYbTtf0IS5TVyLnbCNeliE6zoPnQPBzAUfoOeD1Tn6HQUQUT8oTf2E= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/default-ee.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/default-ee.pem.certspec new file mode 100644 index 000000000..554339ff5 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/default-ee.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test CA +subject:Test End-entity +extension:subjectAlternativeName:localhost,*.example.com,*.pinning.example.com,*.include-subdomains.pinning.example.com,*.exclude-subdomains.pinning.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem new file mode 100644 index 000000000..08c574fd1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDITCCAgugAwIBAgIURex/TuOH9TNqma6czhjn0gJqzqwwCwYJKoZIhvcNAQEL +MBoxGDAWBgNVBAMMD1Rlc3QgRW5kLWVudGl0eTAiGA8yMDE1MTEyODAwMDAwMFoY +DzIwMTgwMjA1MDAwMDAwWjAeMRwwGgYDVQQDDBNFRSBJc3N1ZWQgYnkgbm9uLUNB +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB/W62iAY2 +ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVramRxCHqlWqdF +h/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMCOosqQe6n +cOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdmWqp+ApAv +OnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGzey8ib2nj +tIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUDrNoYCjXt +jQIDAQABo1swWTAjBgNVHREEHDAagglsb2NhbGhvc3SCDSouZXhhbXBsZS5jb20w +MgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0Ojg4 +ODgvMAsGCSqGSIb3DQEBCwOCAQEAnLI+egtdtaCj/pGgINrEi98m6gvK+wANDhDS +RhX2IztG/xuLCXIEcecjl2ifppklo6BnGqMebuLxndygkEGXiuvTvAbtd8Ac3s7O +Cln/JW3OOBs6a3UJJeo1rpADn5F7tSXJshnVFNshZlXACnb25JIvKKIZwEhNKCmz +whfX5xVW7RumZ5I4BYrE16YkQKQ9Fc7orioPbcTfH/zmoBBseMFi9UHCsI/u6P2/ +2DpdD2hlld/Cy0cEzb8IJFnx1CYIpfKCP2OZR+YEn8i1P6WwEyYy47YlFmZGkVmQ +t1zEXNWT6xdW9+jREoyvl2pb/4BzQDzUhUg6P1jbFqHKtBgFqg== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem.certspec new file mode 100644 index 000000000..63c36d34b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByNonCA.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test End-entity +subject:EE Issued by non-CA +extension:subjectAlternativeName:localhost,*.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem new file mode 100644 index 000000000..e24448493 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC5jCCAdCgAwIBAgIUWdJEDrMcdJcIJoGstXeNPWoUzCcwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1YxIENlcnQwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowHzEdMBsGA1UEAwwURUUgSXNzdWVkIGJ5IFYxIENlcnQwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erk +NUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwC +fs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1m +CyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTM +HGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m +1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAGj +JzAlMCMGA1UdEQQcMBqCCWxvY2FsaG9zdIINKi5leGFtcGxlLmNvbTALBgkqhkiG +9w0BAQsDggEBAFlYTwajTjFg0lvULVveYmWQWzPlRjdDi+TM/guuC13D9sDXN9vi +y5ofPdtqlGo2owjEe8XII/3enZHJqJAk/zDcjVg7ErXoui54K5q6eZGN+6hdhiGB +iT4TxrHAQXPfkXgLr6AQx0JkIO5G8l/PZDETLkxNMoFssQwb1x2D28LxYhqcGQJY +A7h8M8kMNZiltGqLUBXdYdmM1IljJb/BlqULV7QbCh8jXsvdP3leIQCRK+vUONcK +MjnLEzAYhNhRYWkjCBF/Q+qsPlL/aSbkupr6z4lXuCUIPF8TWs8q0V0uwGeOT0MZ +aWkw8tsi1UYRR9Z5WdTe8l0dYF0G/kpD44Q= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem.certspec new file mode 100644 index 000000000..9ed9b33db --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/eeIssuedByV1Cert.pem.certspec @@ -0,0 +1,3 @@ +issuer:V1 Cert +subject:EE Issued by V1 Cert +extension:subjectAlternativeName:localhost,*.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/emptyIssuerName.pem b/security/manager/ssl/tests/unit/bad_certs/emptyIssuerName.pem new file mode 100644 index 000000000..719f4e760 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/emptyIssuerName.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC5TCCAc+gAwIBAgIUWcXPQzwjDQvgxBhAb1cUwuJNgfswCwYJKoZIhvcNAQEL +MAAwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIwNTAwMDAwMFowLTErMCkGA1UE +AwwiRW5kIGVudGl0eSBzaWduZWQgYnkgZW1wdHkgbmFtZSBDQTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9PBPZ6uQ1SrTs +9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3HNUknAJ+zUP8 +HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3DgDw2N/WYLK7Ak +kqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7EIAGJMwcbJet +lmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SKlWEd7ibWJZ2r +kQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0CAwEAAaMqMCgw +JgYDVR0RBB8wHYIbZW1wdHlpc3N1ZXJuYW1lLmV4YW1wbGUuY29tMAsGCSqGSIb3 +DQEBCwOCAQEAqbRuhfV+zSaD8FqWMaaX3Q0V08aazNE+xt/4z0E79Ap0LWUs8h2j +IVC61EsJKrgYMseNd6DqyzhucQYgH1yuyZjb9VC+BuEA/GvcbzxMKr9jf9hMFXvf +PtyrAPDKbkscfjF1Xpq0nfTld0zxDaa01lZEyY175Ga8OM0oUaOr9tsa/m6d4/qT +2J1qOus/doyoD8CJB5vOAFjK1C0u4EMmZoayjiOQori61wsmcn6I077Pdwbhi49d +iuZGc3UU9VBPyQ6CWN5tP2e2OSfT3p1ep/7gb7RJXQXEHksokq53Rg8HM97wQxLi +134jJOJFJmeq+8pZ9NSTwrA6mo1nLfiPwA== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/emptyIssuerName.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/emptyIssuerName.pem.certspec new file mode 100644 index 000000000..a99d84b79 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/emptyIssuerName.pem.certspec @@ -0,0 +1,3 @@ +issuer: +subject:End entity signed by empty name CA +extension:subjectAlternativeName:emptyissuername.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/emptyNameCA.pem b/security/manager/ssl/tests/unit/bad_certs/emptyNameCA.pem new file mode 100644 index 000000000..1946feeb1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/emptyNameCA.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICvTCCAaegAwIBAgIUQYl3Nyjq38ZPBpJZBi8APD7LGXcwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahE +jhbWQf1utogGNhA9PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1 +a2pkcQh6pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1p +GrHTAjqLKkHup3DgDw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW +2FW3ZlqqfgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcO +p2jhs3svIm9p47SKlWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJR +xDHVA6zaGAo17Y0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYw +CwYJKoZIhvcNAQELA4IBAQAbXSUfUwpYXLieOce+6P1Sqtcg0nuDf46vmR+1vykN +sRZNnvsO32PNCh+WgsvJ/Yy6SPS3LKG/NwBK2yH0fiq/b+JPK15cvV/hRkb23ght +4D1+CZ6hMgirvMDFMk9wb24zUMn1MshHSfed5RM01GCnSTsBUldM93bFaMNlghyH +AIFz3aj2VTMZvL8XeoytDChfE/RYoI4eFD8O2MPyRCkJ1grN8PmpoU5xdiDIpKIp +4UK5/SnRnyci6oBpjJTECnboTv0qyfpODr/QBU5iO+8Yg02Uco27fiy5MmcejRg1 +7+pRFfrvBU7DP3uJhGOTKZzsrgsrYK6qSo7zbPyhD8oJ +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/emptyNameCA.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/emptyNameCA.pem.certspec new file mode 100644 index 000000000..0a7cfdfd8 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/emptyNameCA.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test CA +subject: +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/ev-test-intermediate.pem b/security/manager/ssl/tests/unit/bad_certs/ev-test-intermediate.pem new file mode 100644 index 000000000..dc231eafb --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ev-test-intermediate.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNzCCAiGgAwIBAgIUeWc23T2mQmvsb7b3an7jH8J3eAwwCwYJKoZIhvcNAQEL +MBExDzANBgNVBAMMBmV2cm9vdDAiGA8yMDE1MTEyODAwMDAwMFoYDzIwMTgwMjA1 +MDAwMDAwWjAfMR0wGwYDVQQDDBRldi10ZXN0LWludGVybWVkaWF0ZTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9PBPZ6uQ1 +SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3HNUknAJ+ +zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3DgDw2N/WYL +K7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7EIAGJMwc +bJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SKlWEd7ibW +JZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0CAwEAAaN5 +MHcwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwRwYIKwYBBQUHAQEEOzA5MDcG +CCsGAQUFBzABhitodHRwOi8vbG9jYWxob3N0Ojg4ODgvZXYtdGVzdC1pbnRlcm1l +ZGlhdGUvMBEGA1UdIAQKMAgwBgYEVR0gADALBgkqhkiG9w0BAQsDggEBAHZl5S4d +aiBNutInbA5t4qjcyhimG10JI70r14ijN5RXNf0TjCJjE1GDCEz3/VGAH+TFMO+c +6jAKGro2hojGPwnth49D359dMMgppcpRGq+G4paB8PuXcmTlF3slFfDa8KIay4bB ++g2db724ctqtXEHE5/FcmpTNkZftO1lHCEw+O1Sle1Firulo75WivLWyNsOh2znO ++pBQ98oYqb3q+LmKnlFw61cFLcpJ6qOs9d0X0IvGHbh7KL9Hc97orLZ5qH3UsV7k +Ews3BJjSqjZj75nciNzQUfEAYCK+t/I/tDSgebn/Ka5bVAv0iuglYHQksc4oXVgB +WIn/SxQDsNphGGQ= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/ev-test-intermediate.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/ev-test-intermediate.pem.certspec new file mode 100644 index 000000000..d5b585967 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ev-test-intermediate.pem.certspec @@ -0,0 +1,7 @@ +issuer:evroot +subject:ev-test-intermediate +issuerKey:ev +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign +extension:authorityInformationAccess:http://localhost:8888/ev-test-intermediate/ +extension:certificatePolicies:any diff --git a/security/manager/ssl/tests/unit/bad_certs/ev-test.pem b/security/manager/ssl/tests/unit/bad_certs/ev-test.pem new file mode 100644 index 000000000..7bdcf4d4d --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ev-test.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPjCCAiigAwIBAgIUJ/RiEbbZUXgHnSnds1C7ViloXtQwCwYJKoZIhvcNAQEL +MB8xHTAbBgNVBAMMFGV2LXRlc3QtaW50ZXJtZWRpYXRlMCIYDzIwMTUxMTI4MDAw +MDAwWhgPMjAxODAyMDUwMDAwMDBaMBIxEDAOBgNVBAMMB2V2LXRlc3QwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erk +NUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwC +fs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1m +CyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTM +HGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m +1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAGj +fzB9MDoGCCsGAQUFBwEBBC4wLDAqBggrBgEFBQcwAYYeaHR0cDovL2xvY2FsaG9z +dDo4ODg4L2V2LXRlc3QvMB8GA1UdIAQYMBYwFAYSKwYBBAHrSYUahRqFGgGDdAkB +MB4GA1UdEQQXMBWCE2V2LXRlc3QuZXhhbXBsZS5jb20wCwYJKoZIhvcNAQELA4IB +AQBvoPaWE/YaF3sD+tYoAGdjNDbmQcP8QRhVG8wlIWSAfk9RRbvUbs8RNjdXntYV +8J4ikq9/ajwHN85rJsRq3054qbqjit2Cn73tVhTzhe/h8xnXjLA357w/jXXXx1lD +VZKxUvWqTvC9tHPjF3w17A2a1/3OltdLHPfzWF0Zf6Zo4uaaI8x+ayMMF6MCS3ZC +FM2fNvIW/euVhjtLC3b+++5lMq/ZZCuJGB1kANDsX5LpXSZ23AXNhPrPxvgkmfoB +TPoBoy2kD814qljp8G8RguNYpaz5wSYXZNROnVBCqafEbE8VlIAwAxWp5H5qN6Et +F3OoQMb5dBIffK3lNw6UjFaZ +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/ev-test.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/ev-test.pem.certspec new file mode 100644 index 000000000..10f802258 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ev-test.pem.certspec @@ -0,0 +1,5 @@ +issuer:ev-test-intermediate +subject:ev-test +extension:authorityInformationAccess:http://localhost:8888/ev-test/ +extension:certificatePolicies:1.3.6.1.4.1.13769.666.666.666.1.500.9.1 +extension:subjectAlternativeName:ev-test.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/evroot.key b/security/manager/ssl/tests/unit/bad_certs/evroot.key new file mode 100644 index 000000000..a756a0705 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/evroot.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQC1SYlcnQAQjRGh ++Z+HqePRpdtd+uzxiNpXv2QTaI8s5HIs/xCQOMF0Ask6Kkc9vShq7T/c02PPWikU +dwG92BjXYVv5NWvV08gzaqqMCXE2igbDzURhuT5RQk4XRLsuqtRqqzjOGWghlh+H +cUoWY2k/CXYc301roSXqzse+Jw04j3ifbN94rjFE7SjEXnkpOGOnoipImAo2pA5y +1XnJuSXf+MeTNi/9aJenwXVMXpfJZ8Pq3RquiqLMzjSKAWm4Diii1wwalgxvM18t +oJubZD9av7pJ6Kqpgelg4n2HSAvdVd2UF/oYUJ+7VUzPgaQ5fouoEoo0vfJ4ZcGJ +5XNPsikFAgMBAAECggEBAJg9VPlNb0x26yPW+T14UjUwz3Ow0WJUxueBdo1F9VaB +0dAvsr0qrGq8HDiYYJNcUqDY9BSCAQOUd4MUHYZL/zCANjilwBUlcK6dGPPYyhY+ ++0dbDd3zLn4W7HVl5rteAlxBxcZuV6A87eVUIh+DBFNHosTEUcPc5Ha3h84MBXJE +vp4E7xMRjbuz1eCmzIcCnq/Upp7ZsUdZsV452KmITlb1TS+asBPw0V8xipq2svc9 +HsPJ/idK6JQxoQZAvniZsAEcXlCToYNHCGid4QBjTaveYPvWqu+joz3zSh829gwE +MDa3SNHJ7pjEAxoK/sYO/aCpkL5ST1YU6sT9s0pS+VECgYEA6twssz5f8co3a72V +vWoXd9LPT6xHVF6S0RpiCbnV5N7UeDRYHBabPIhHQqCeoYdQXBylVBTY0ltJdjLV +7CqqBSM0MPrUmJJ3en1o4Dj1YaO4lp5gsKJj3vv9pIqbD/OdlbyIsVJnyK3pe1EH +lI5B5DMknYf32xCdXXRYTYa8wdcCgYEAxZrldqIWRwJI2USlW56b+TKZ2jQexW5V +jrqCGrzhv1e3nPQR0pBMd0+duh8VGF9gewV0oIIF1uwotmo21jQjLqry/qN1Yauv +nWRLaNs4yZZMuMluwKxh66ZNBbRGVC9COXb1rN5OzJVTbS31eJVPk/DP2cWPt4ui +p23VrChNyIMCgYEAwdLvOQYzHFKspkgR+f5CW+somDIvs9tRAyzo1+n8MiQL6SAZ +zySA/NXjKYNxJxGLKlmhv+BsiD46REfz8DHNmuvQuNNo/Hl0DSzOjq2zJN9/CR6v +4VZDYdVJILAbBHEjDl5H2T+O0zljxRe8T8ePbYsfnrqFvM7bcDMCZQjbYoUCgYEA +hSG421aU376ASjFfnvybZSdcVJCs8qNFbWXm5hC/n2R/xnUB1PV3LyMqxwzN75/C +pt+kFcfEG2r8evnQfDygP37ZPAnwuZ8sMEQ0Mi8QcXCbvBuqTJFXX6apWeB9SZaV +bZXiK1eTi25HyNUf/t/Jv4iM4NGj5CtlqJvtS5HT5fUCgYEA3El7BrkgyL4LAHe3 +mOl37vdEqQ7Cxdfmy7IkSPrHLagaMxgODYoC6DFGDH/H/TphL3uZMLYbeZ+OkI5j +LpugQJtqpwsDo7p4dCYmO1vVhD34R27bXRT2qGE+uvW5zVykL1+9KALgjk5J5XCf +UVFRDKpassHG6z7+kpXRbowlyRY= +-----END PRIVATE KEY-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/evroot.key.keyspec b/security/manager/ssl/tests/unit/bad_certs/evroot.key.keyspec new file mode 100644 index 000000000..1a3d76a55 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/evroot.key.keyspec @@ -0,0 +1 @@ +ev diff --git a/security/manager/ssl/tests/unit/bad_certs/evroot.pem b/security/manager/ssl/tests/unit/bad_certs/evroot.pem new file mode 100644 index 000000000..cd2fd7ed8 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/evroot.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIICzTCCAbegAwIBAgIUW9j5PS8YoKgynZdYa9i2Kwexnp8wCwYJKoZIhvcNAQEL +MBExDzANBgNVBAMMBmV2cm9vdDAiGA8yMDE1MDEwMTAwMDAwMFoYDzIwMzUwMTAx +MDAwMDAwWjARMQ8wDQYDVQQDDAZldnJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQC1SYlcnQAQjRGh+Z+HqePRpdtd+uzxiNpXv2QTaI8s5HIs/xCQ +OMF0Ask6Kkc9vShq7T/c02PPWikUdwG92BjXYVv5NWvV08gzaqqMCXE2igbDzURh +uT5RQk4XRLsuqtRqqzjOGWghlh+HcUoWY2k/CXYc301roSXqzse+Jw04j3ifbN94 +rjFE7SjEXnkpOGOnoipImAo2pA5y1XnJuSXf+MeTNi/9aJenwXVMXpfJZ8Pq3Rqu +iqLMzjSKAWm4Diii1wwalgxvM18toJubZD9av7pJ6Kqpgelg4n2HSAvdVd2UF/oY +UJ+7VUzPgaQ5fouoEoo0vfJ4ZcGJ5XNPsikFAgMBAAGjHTAbMAwGA1UdEwQFMAMB +Af8wCwYDVR0PBAQDAgEGMAsGCSqGSIb3DQEBCwOCAQEAO1EZ134zXCiYSMixYSVP +gAXWdR8zvaeS8UF0Xihle6nBdtkcmhiMgxXecMv7P7xO/U/wz5NAyJ1cvqaxrPbn +8bekVCCsAAae6mVJIsVeuLtg3f89Qmx6KF6By2NI5R/AX5gxs0V9Tvjp9NfpIWh9 +I0BO0/REmq+CxKWjO6Loq0JA/QRW1jnD3XLitJ9QiCfnLqgUAG8JnkhG/JtpcJC3 +91SluwhVw+8i7caDOgHZGvjBEycyje0iyDLybaVjv2PpyuQx8H6hDzTGd2bNDl22 +fZ0FsOYCH6TJPx7nsCJCQ8/jGsRAGPxbItwSpTQJegKVaJ9s2dOAreJdkQFSIEo+ +3g== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/evroot.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/evroot.pem.certspec new file mode 100644 index 000000000..3121f3486 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/evroot.pem.certspec @@ -0,0 +1,7 @@ +issuer:evroot +subject:evroot +subjectKey:ev +issuerKey:ev +validity:20150101-20350101 +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,cRLSign diff --git a/security/manager/ssl/tests/unit/bad_certs/expired-ee.pem b/security/manager/ssl/tests/unit/bad_certs/expired-ee.pem new file mode 100644 index 000000000..3c97dc9f3 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/expired-ee.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDGDCCAgKgAwIBAgIUW6mdE/nOX+M5zMEeIHpOn0cOWLgwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxMzAxMDEwMDAwMDBaGA8yMDE0MDEw +MTAwMDAwMFowIjEgMB4GA1UEAwwXRXhwaXJlZCBUZXN0IEVuZC1lbnRpdHkwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT +2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzV +JJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8N +jf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCA +BiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVh +He4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMB +AAGjVjBUMB4GA1UdEQQXMBWCE2V4cGlyZWQuZXhhbXBsZS5jb20wMgYIKwYBBQUH +AQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0Ojg4ODgvMAsGCSqG +SIb3DQEBCwOCAQEAsojdWfBBJsaUmPKLdSCOn3/7PMoWE7m1mmKXf2dz+qW4SKWb +b2cVxoDMzU/AooTDRnrYveB1ir4Ej/e1a7Wjs8iZgHL9udIlQ7Yw7N7EB/Vt6dM8 +yEkwuiCd1XmiEEkUQtRk0DmJxCCyxrFNDGUDt7HOWX+jvbpnULKL9J26ax3exBpk +J6F7WlmxFynroxHdxFPzxRCC+oUYt1jfvGjASIBl7tMJ/z8wO2ISMLaHpRX8iOIz +e2bg02Z97zf63lTOtDa3034MUjBxcAuouHjgzKhyWQI0jZlWCeJSnM5MuhDbpiD+ +N3uDz6VBj13PpCGpA1esoM1ojrkQbmvHvWT+3A== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/expired-ee.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/expired-ee.pem.certspec new file mode 100644 index 000000000..0a03bc36f --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/expired-ee.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Expired Test End-entity +validity:20130101-20140101 +extension:subjectAlternativeName:expired.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/expiredINT.pem b/security/manager/ssl/tests/unit/bad_certs/expiredINT.pem new file mode 100644 index 000000000..c6e51c000 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/expiredINT.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC4TCCAcugAwIBAgIUP/xjJPJw5E0F3vjDGmPIDtk82ggwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxMTAxMDEwMDAwMDBaGA8yMDEzMDEw +MTAwMDAwMFowJDEiMCAGA1UEAwwZRXhwaXJlZCBUZXN0IEludGVybWVkaWF0ZTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9 +PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3 +HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3Dg +Dw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7 +EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SK +lWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0C +AwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwCwYJKoZIhvcNAQEL +A4IBAQAUWUmrK2X6alxQ6fWuj/3HNONQMipMDk7CQB/MhoWll+7tCHUMxck/QKaC +1cnI0EY/c/ibX0J/NBm4AO1u3+qHfo5heFana/ybSj1trGEYWXXnDnRFr8SSRSjx +VATBHBd1m9lckd+zDhLSk/lnYXyzJX8D39yYp2udP0cVGrbCT58aUXHwsEhfQpYY +LN6xNYLcDCLtkrtZs4uwzFteL4NE8WflIlOTe+2Y/s1RTEzhs0+8avkaLyMzM+MI +XDiVO3tFcX3ygsb+ndQaIL8vFUhLFEdr8xrjRuFuzbUu9EiR2oKiiNq1gZTyInqz +S57UfV5LyaUa8mv2qNF2b3/FySXR +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/expiredINT.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/expiredINT.pem.certspec new file mode 100644 index 000000000..38a0abd8a --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/expiredINT.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Expired Test Intermediate +validity:20110101-20130101 +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem b/security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem new file mode 100644 index 000000000..ff00cc00b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPDCCAiagAwIBAgIUS9fUW0vPRYOaV8nstqC62Y6Qk08wCwYJKoZIhvcNAQEL +MCQxIjAgBgNVBAMMGUV4cGlyZWQgVGVzdCBJbnRlcm1lZGlhdGUwIhgPMjAxNTEx +MjgwMDAwMDBaGA8yMDE4MDIwNTAwMDAwMFowLjEsMCoGA1UEAwwjVGVzdCBFbmQt +ZW50aXR5IHdpdGggZXhwaXJlZCBpc3N1ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg +2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ +5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQ +PdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTMHGyXrZZhW7filhLAdTGj +DJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8W +iy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAGjXDBaMCQGA1UdEQQdMBuC +GWV4cGlyZWRpc3N1ZXIuZXhhbXBsZS5jb20wMgYIKwYBBQUHAQEEJjAkMCIGCCsG +AQUFBzABhhZodHRwOi8vbG9jYWxob3N0Ojg4ODgvMAsGCSqGSIb3DQEBCwOCAQEA +alq65e2NhGZhr/ph19pR7V6Tijqwd5ZubfMOQX/kVex5EerZGYWvc31+wBk6nf5r +0z6MscHAtu/M6kN/obrFoYYro7cWFCBd6GeaSG6aDBqrjT2nnBuZ2TGICRc4h8jM +274y1x9qzC3/kzXKS0XqeFQmbwJ9eEaqn3m9Kb8jQPbyC+hZyUFatGhcKYbFPaAo +fdgZL2FQpJ9uG1QsblYQ1ERBvbabN4Y0jg5XFza5nQftFkY6xevmYt7asc+npNkv +qh2aNL3pmG9E0hXZD5N3LMbndP8rzG6vnBq/6SO2eGtos2AjEVXGypJzFhBGNOfs +mwNzXXuiatkIHp2r5pyQuw== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem.certspec new file mode 100644 index 000000000..855f45422 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/expiredissuer.pem.certspec @@ -0,0 +1,4 @@ +issuer:Expired Test Intermediate +subject:Test End-entity with expired issuer +extension:subjectAlternativeName:expiredissuer.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/idn-certificate.pem b/security/manager/ssl/tests/unit/bad_certs/idn-certificate.pem new file mode 100644 index 000000000..f8baeea9f --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/idn-certificate.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+TCCAeOgAwIBAgIUPxkDf9AiLxVWjs21J/3by0oWUJcwCwYJKoZIhvcNAQEL +MBkxFzAVBgNVBAMMDlVua25vd24gSXNzdWVyMCIYDzIwMTUxMTI4MDAwMDAwWhgP +MjAxODAyMDUwMDAwMDBaMBoxGDAWBgNVBAMMD0lETiBDZXJ0aWZpY2F0ZTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9PBPZ +6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3HNUk +nAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3DgDw2N +/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7EIAG +JMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SKlWEd +7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0CAwEA +AaM4MDYwNAYDVR0RBC0wK4IpYnVnNDEzOTA5LnhuLS1oeGFqYmhlZzJhejNhbC54 +bi0tanhhbHBkbHAwCwYJKoZIhvcNAQELA4IBAQBOBtdU6gEu6bu2pVN4QobNL1eS +TFEGDazNKDq2s/90ddUz7DL029rhnzaIJib7dc4/dxgl5TgcL/8PwPUHRZXteRTX +3hAA+XCunBacQYfZDiG8Bpp1ClslU0FVOngivFHw/mseM7hxOCAJg++1oa1uCqBz +bcVvau/ISa/fApWBICmfRjaD7ztrdVyE5b2M90T7ywedBJHShk8gpJKp3s2/neQB +CcBp3LNoIb0JDMZCk4pVCNTRB9DOpa5zMTu/Emd3EpV9wISEGvDmNUGmuunrgr2h +xZ01TDSLknEJyZR7IbMjkhS4SFpIc6bK19h9yblzDUcCJj+ZH1Po23Fk6muT +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/idn-certificate.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/idn-certificate.pem.certspec new file mode 100644 index 000000000..b3d840fbd --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/idn-certificate.pem.certspec @@ -0,0 +1,3 @@ +issuer:Unknown Issuer +subject:IDN Certificate +extension:subjectAlternativeName:bug413909.xn--hxajbheg2az3al.xn--jxalpdlp diff --git a/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key new file mode 100644 index 000000000..d10324fb3 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICcAIBADANBgkqhkiG9w0BAQEFAASCAlowggJWAgEAAoGAANKbsS+4T93NKbOl +GctmxDuNj4vlRbp5OEzmY+0D33WZFgDrkgeQ0lMM7OVE25mnHwWJaj7SBxZVNKqZ +BX5HxH47yBrab6HhLjcmi1BGpVJo+drXzLSF2BouGdUNTwtoVKyvbXvmnZoIMTbh +WvqPU8HIyE/GB3J53Q5V1zaaW90CAwEAAQJ/PEllBwvzkMJR1aLFJ3xbX9C97oXK +1/4rJ5grsoURSlBwBANq4c+K5Usl5Ns5IVq9fpA/YYwtiy8IzGzRLbzNciBeSUW2 +s984nl5D3goUi7LITiQx/b5ZILBEuycvRez/ByG337YDl/xhOp6jXCIwBTDK6PkV +nFNN878JEJUZAQJAD58XWXyFuAUbnGmvtV71dsmW29CQR9DM3ludYOpcZ/5PrGe+ +gD9LasWj8FD3a5ZvsU9c8QV2HlrebdlgsYO6VQJADXtjcRLOYaVRaMD5yThvsnmr +QMug1Ukza7plJ3JjqseCYRosgdm2Nc94xAAYhZ4BjF6QBtEuPS7m80bnn6QzaQJA +Cf1smj6m6RrjIHD5/BwhD/k1L5e+XR7rlRuzloHp3FtnKlMiIbPYkAyanZm50KTh +AtxFDKG4ewsTid5lFsCuDQJAAUG4MkkbfdSoMwiSACTHnK5kvUR9+IO7TFZyqWur +SLcSOzTyYyRFLNzrF/IeVw40fL4v1MLY+ZEOrCy22JW4yQJABFjdau4YyIsvm4Hx +vDB1riDcH5lz0gck8gsGBD1hR8h4nUoHroi8gshDjIk+AXsTlH9i4LGJWKMetmSx +nmTT4A== +-----END PRIVATE KEY-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key.keyspec b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key.keyspec new file mode 100644 index 000000000..21ed73d60 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.key.keyspec @@ -0,0 +1 @@ +rsa1016 diff --git a/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem new file mode 100644 index 000000000..2ad219824 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICszCCAZ2gAwIBAgIULXNWBRUzJ/V70VPd4+9U6rf/lYswCwYJKoZIhvcNAQEL +MBwxGjAYBgNVBAMMEVRlc3QgSW50ZXJtZWRpYXRlMCIYDzIwMTUxMTI4MDAwMDAw +WhgPMjAxODAyMDUwMDAwMDBaMCkxJzAlBgNVBAMMHkluYWRlcXVhdGUgS2V5IFNp +emUgRW5kLUVudGl0eTCBnjANBgkqhkiG9w0BAQEFAAOBjAAwgYgCgYAA0puxL7hP +3c0ps6UZy2bEO42Pi+VFunk4TOZj7QPfdZkWAOuSB5DSUwzs5UTbmacfBYlqPtIH +FlU0qpkFfkfEfjvIGtpvoeEuNyaLUEalUmj52tfMtIXYGi4Z1Q1PC2hUrK9te+ad +mggxNuFa+o9TwcjIT8YHcnndDlXXNppb3QIDAQABo2UwYzAtBgNVHREEJjAkgiJp +bmFkZXF1YXRlLWtleS1zaXplLWVlLmV4YW1wbGUuY29tMDIGCCsGAQUFBwEBBCYw +JDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDo4ODg4LzALBgkqhkiG9w0B +AQsDggEBALhNoeoHzQoeaGR/5bxF8VGE2XrCPoDatHwanND8rp1esVsmkkOSLof1 +DXgjZpg9ZJWw1PnprkYkV3XU1PIZWfUh/B/ir7QnsjRrORfJ+BP3Az+Sf1vX8fTB +rfInVWtmRzTkzX/taouPBwJj+CN14hncbaT1FxX74XXmkZXHf2MfRjHjzuB1dNPP +dAu+YVJSxZMv7QD/6qYZoy81dfqcN31IjxoFO0039ZmKrLpUjOZzOnmqzy0+wJpc +Gz7lBvoHNv8SjVeUslb9IpP0uAqkpVYNZhWpPFpJ7xOdVKSWAUG1jDeMAD1tXC7R +N0iiOloMHZ70o84Z6b7IB10IpoymVt4= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem.certspec new file mode 100644 index 000000000..02b595dc9 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/inadequateKeySizeEE.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test Intermediate +subject:Inadequate Key Size End-Entity +subjectKey:rsa1016 +extension:subjectAlternativeName:inadequate-key-size-ee.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem b/security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem new file mode 100644 index 000000000..7e73075c1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPTCCAiegAwIBAgIUOTTgOhTYLxvzfXf1OSZs5pCrnTUwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowLzEtMCsGA1UEAwwkSW5hZGVxdWF0ZSBLZXkgVXNhZ2UgVGVzdCBF +bmQtZW50aXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESO +FtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVr +amRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWka +sdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbY +VbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6n +aOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHE +MdUDrNoYCjXtjQIDAQABo24wbDALBgNVHQ8EBAMCAQIwKQYDVR0RBCIwIIIeaW5h +ZGVxdWF0ZWtleXVzYWdlLmV4YW1wbGUuY29tMDIGCCsGAQUFBwEBBCYwJDAiBggr +BgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDo4ODg4LzALBgkqhkiG9w0BAQsDggEB +ABOkyemfFGxIC9qMI5B7cYQJ7Mrc8qG1wlnc5aKFZ65wnBURgQUw2TtVwBOweLGz +82qR+MnDho8inUTyilydw7WwyLAi2A2jlqcgCaBcyRh8g7/BBJ9dEP2u1BNp2r9R +8VvTlUKj/4Ta8/GG2mEKqyhd8bpevZaaTyjQUGcFYr76/XZ0D6TxtOM0SBLrybNg +A/hbKste6MIXE0rJwUzN2+xWBvfeFqMwzRYZ3F/393qT3vWMgHZt4ZBo/RqQzEM4 +I8k6n3s7zssdPOXHy0lezYwkCtnya2OPdGEAyABviARZjIl9Hn+0nsymZmFUkV9A +vUw83907j7buWerBFwnAxuo= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem.certspec new file mode 100644 index 000000000..4d553890b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/inadequatekeyusage-ee.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Inadequate Key Usage Test End-entity +extension:keyUsage:cRLSign +extension:subjectAlternativeName:inadequatekeyusage.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem b/security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem new file mode 100644 index 000000000..6b7c848a1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICzDCCAbagAwIBAgIUaWHoyJhhB4GixK3MP8mpJLbOZYMwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowFDESMBAGA1UEAwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvB +xyWo4NgfvbGcBptuGobya+KvWnVramRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmT +qyDDSeTbuUzCa2wO7RWCD/F+rWkasdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5 +kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYS +wHUxowyR3bTK9/ytHSXTCe+5Fw6naOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwk +BCy/Fosv5fGPmRcxuLP+SSP6clHEMdUDrNoYCjXtjQIDAQABoxgwFjAUBgNVHREE +DTALggkxMjcuMC4wLjEwCwYJKoZIhvcNAQELA4IBAQCFFyBe938Z1/1WFILrNZ// +3YlpJW0ww46JXCD+RheG2IdI2zdnbNOr7hUnLt4KprntLwmzWFYJInj+sq886c6x +yKImpnVvjB0yDxJki85lNX6ARRHQrTNNf3wczSHdUmGlpzFUUuDkjYZS5Y6P//ms +wPBxppkYguZVvU1s6nvHnuG2wDPKogeD5wmBSfJf8oVo03M6TqNYRK5socyeQ740 +LxXjlLYqQaUI+FEQLrCfv4LLrWpoH6mKg3hyKWoG6bEcCyvMBBJ+vDxCCpGE7b2L +tMLn8BML+23CQ5SO53FR7dnWOuxSjnR+GRoFxw5E0qOZEGt+Fb9An5+R4xxRENfB +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem.certspec new file mode 100644 index 000000000..766233847 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/ipAddressAsDNSNameInSAN.pem.certspec @@ -0,0 +1,3 @@ +issuer:Test CA +subject:127.0.0.1 +extension:subjectAlternativeName:127.0.0.1 diff --git a/security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem b/security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem new file mode 100644 index 000000000..b81dbafa4 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDMjCCAhygAwIBAgIUO/qAw3/gzbpGANaN0lKQaxLhTPwwCwYJKoZIhvcNAQEE +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxMTAxMDEwMDAwMDBaGA8yMDEzMDEw +MTAwMDAwMFowLzEtMCsGA1UEAwwkVGVzdCBNRDVTaWduYXR1cmUtRXhwaXJlZCBF +bmQtZW50aXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESO +FtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVr +amRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWka +sdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbY +VbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6n +aOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHE +MdUDrNoYCjXtjQIDAQABo2MwYTArBgNVHREEJDAigiBtZDVzaWduYXR1cmUtZXhw +aXJlZC5leGFtcGxlLmNvbTAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0 +dHA6Ly9sb2NhbGhvc3Q6ODg4OC8wCwYJKoZIhvcNAQEEA4IBAQCJtN322gHdXy56 +sBTdOg+d3AS8AlXpOkm1yDyhICQznqsjdCz5qIUZQI+qm8cHVlLUjioTHWLds1i3 +wCQy4+l4VFFdP3Y7I2V49l3U9FPCHuZY1j8fyGyczAgKv/OYA2aQbcOPt1iR1S3J +hji6e/bbxftBAXedt3QmvOmtqXRxuaiAaWgnL+nA2GfS3HQBaI0B13hxboPT9G8a +u70eMAkBvloAwyrS2O/1cAZUPzCrqHeTVMidziHOXHHh4vFxBFICXYxG9ocFcWOb +pA7E/QrHsTKI0OAr7336EWx1P5XITFZfe/SbBySCj088fMqW0yUuPN8+fvYMVoQr +ifC5kUCZ +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem.certspec new file mode 100644 index 000000000..e4c2b7008 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/md5signature-expired.pem.certspec @@ -0,0 +1,6 @@ +issuer:Test CA +subject:Test MD5Signature-Expired End-entity +validity:20110101-20130101 +signature:md5WithRSAEncryption +extension:subjectAlternativeName:md5signature-expired.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/md5signature.pem b/security/manager/ssl/tests/unit/bad_certs/md5signature.pem new file mode 100644 index 000000000..de1317577 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/md5signature.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDKDCCAhKgAwIBAgIUCcBjO7AcpbQJxZbg9Jic6+Wjd88wCwYJKoZIhvcNAQEE +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowLTErMCkGA1UEAwwiVGVzdCBFbmQtZW50aXR5IHdpdGggTUQ1IHNp +Z25hdHVyZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbW +Qf1utogGNhA9PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pk +cQh6pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHT +AjqLKkHup3DgDw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3 +ZlqqfgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jh +s3svIm9p47SKlWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHV +A6zaGAo17Y0CAwEAAaNbMFkwIwYDVR0RBBwwGoIYbWQ1c2lnbmF0dXJlLmV4YW1w +bGUuY29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2Fs +aG9zdDo4ODg4LzALBgkqhkiG9w0BAQQDggEBAGEUSKisSADWzD5jGCfvXOoUsYdh +AuGaJqbQFQ+D3hJlmuPXcqOFV8oZNAaaMt0tcyH6Ak4KjpLcitRLQE2W6ChF2nQK +qxz0OWYuFhtDg6c7JBXIT0c0/nM1NCoyDxZLK7oTpjAR5Ji6LIwuvj6uW0CLFZz2 +CqwlS+7RirFyzHr279ylFJxoGmApJjIG4Fds0BJoAdU8V4ZbDNE8LwcrYfI+h817 +y0IGGkrfpZ2eT94Ih+UfuYhKWyJ5pkxNtoG85It63MN+8i2flxSazuEk9sqRJznF +OTYfaktXXlgBTlvr9m7P8kg+JQbwf915GMN3cgHuN00NiRqsvOQxJQl1BHs= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/md5signature.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/md5signature.pem.certspec new file mode 100644 index 000000000..02742d910 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/md5signature.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Test End-entity with MD5 signature +signature:md5WithRSAEncryption +extension:subjectAlternativeName:md5signature.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem b/security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem new file mode 100644 index 000000000..9924dfb7e --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDJTCCAg+gAwIBAgIUE8pDZuVKk0GpcycnYoniDg5yXqwwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxMzAxMDEwMDAwMDBaGA8yMDE0MDEw +MTAwMDAwMFowKzEpMCcGA1UEAwwgTWlzbWF0Y2gtRXhwaXJlZCBUZXN0IEVuZC1l +bnRpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9 +braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEI +eqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6 +iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Za +qn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7 +LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs +2hgKNe2NAgMBAAGjWjBYMCIGA1UdEQQbMBmCF2RvZXNudG1hdGNoLmV4YW1wbGUu +Y29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9z +dDo4ODg4LzALBgkqhkiG9w0BAQsDggEBACTILZlbbJ0JN8lnC7ckWE6+/l/y2WOl +uF23jWbhElQrqJS/YHLqeu1we1LJYQAdN+w/Ro2F6bpxmGea2kZV8jLWRVL1e8ek +b8+AwSMDmMLcWV6eS+3XLxCF9YPHNIIM3mrUAcI3Oc1Pmf9xWiNxrHukuAk8CJbp +6Q/Xrdtt4sgpYRDEsciB1Vn14NEDP1SoPi86dcFNpNfuheG/Bjdosi5CAxKfLakr +WWQbTmCR1m+1OyNsiGEsUisIOXyCTTehTuhcZp+EyR5SHy0cNg6tVStMU49k4XsC +jG+UmcQRsNHgNqJK+k2KM7yvGjuonokDfKUrQ6EtgWSvkqcFasmCPbQ= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem.certspec new file mode 100644 index 000000000..262f08d6b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-expired.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Mismatch-Expired Test End-entity +validity:20130101-20140101 +extension:subjectAlternativeName:doesntmatch.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem b/security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem new file mode 100644 index 000000000..bfbb973c1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDKzCCAhWgAwIBAgIUT/IgcHtYb6NXOgazofG+tsSh5RcwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAzMzAxMDEwMDAwMDBaGA8yMDM0MDEw +MTAwMDAwMFowMTEvMC0GA1UEAwwmTWlzbWF0Y2gtTm90IFlldCBWYWxpZCBUZXN0 +IEVuZC1lbnRpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGo +RI4W1kH9braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9a +dWtqZHEIeqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6t +aRqx0wI6iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8n +FthVt2Zaqn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kX +Dqdo4bN7LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/py +UcQx1QOs2hgKNe2NAgMBAAGjWjBYMCIGA1UdEQQbMBmCF2RvZXNudG1hdGNoLmV4 +YW1wbGUuY29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xv +Y2FsaG9zdDo4ODg4LzALBgkqhkiG9w0BAQsDggEBAE12bvoPuLY/rJGy1ijqXgTe +1JkVgsL9YxL3yqUsNwvLwdtOA9OtvUprqNaq90niYJ2P58c9ZrloGy5YSjl0cNDv +GbWiNJoxmY0jsR7Ql45t7uWOEArw81rMeqBjs0dNB99IoJ7xxSNWvmpOGprHw3An +nVTSmQF4L5qQVAgf1ki2Y43I1ahu04BTAWgzaTppwfX8tAJhZ62HQ+44FetYHnIa +FZMh/LLiuI0FadRLVaH6uxo7BcvrO8s5zDZ+9W08Fqv60Trl6k+y/N229g+txVhQ +LULSLizQNoJeSDBVcbq0uYTGvvr/VhPdFDLbR6KOtYGy6VtJgnziQFlL5JS7EGM= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem.certspec new file mode 100644 index 000000000..947eb7d67 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-notYetValid.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Mismatch-Not Yet Valid Test End-entity +validity:20330101-20340101 +extension:subjectAlternativeName:doesntmatch.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem new file mode 100644 index 000000000..47c8d4c3a --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh+gAwIBAgIUBRVeuOJA+GTXgxh+UUrNUeli1lowCwYJKoZIhvcNAQEL +MBgxFjAUBgNVBAMMDU90aGVyIHRlc3QgQ0EwIhgPMjAxMTAxMDEwMDAwMDBaGA8y +MDEzMDEwMTAwMDAwMFowNTEzMDEGA1UEAwwqTWlzbWF0Y2gtVW50cnVzdGVkLUV4 +cGlyZWQgVGVzdCBFbmQtZW50aXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAuohRqESOFtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGc +BptuGobya+KvWnVramRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzC +a2wO7RWCD/F+rWkasdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8Xg +uEgfqDfTiEPvJxbYVbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK +9/ytHSXTCe+5Fw6naOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGP +mRcxuLP+SSP6clHEMdUDrNoYCjXtjQIDAQABo1owWDAiBgNVHREEGzAZghdkb2Vz +bnRtYXRjaC5leGFtcGxlLmNvbTAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGG +Fmh0dHA6Ly9sb2NhbGhvc3Q6ODg4OC8wCwYJKoZIhvcNAQELA4IBAQAP9DQC50r0 +B5xvOnkJxB+IFlr8dv2bLNg5Dm3ITmobaHvjEywXzP8RwYVwqgZsVG1Z6FyNBgey +qJXDXHbrPI81G6286p+rQgEeu7DcoFoHL2umpAXSEVzLw/MyIqbsD9tXKe7fYKvu +R7Vz/OhQsZMy+ShHGn0Ze6mRdFbdmUYzcrYuCyAKLfqsvpnQ9y7+bd0lgMSHxPG3 +kruIQs5MZ/VUraVtvdoLUxoUy3v7oaCyUJgCS6Wls3nlAECpDTEg986HOVaysKtH +hRG82KctN5RK40H6EuUGa83Yxp0zF6OnqiOVtm7vHmkk4WNIP2i+gG+/zex78/P6 +EhZHLdk5fS/M +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem.certspec new file mode 100644 index 000000000..adc8ebaf8 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted-expired.pem.certspec @@ -0,0 +1,5 @@ +issuer:Other test CA +subject:Mismatch-Untrusted-Expired Test End-entity +validity:20110101-20130101 +extension:subjectAlternativeName:doesntmatch.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem new file mode 100644 index 000000000..723ed4dae --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDLTCCAhegAwIBAgIUBUkHM4qYlHhlajaquYXsh/XJw+swCwYJKoZIhvcNAQEL +MBgxFjAUBgNVBAMMDU90aGVyIHRlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8y +MDE4MDIwNTAwMDAwMFowLTErMCkGA1UEAwwiTWlzbWF0Y2gtVW50cnVzdGVkIFRl +c3QgRW5kLWVudGl0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqI +UahEjhbWQf1utogGNhA9PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvi +r1p1a2pkcQh6pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/x +fq1pGrHTAjqLKkHup3DgDw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD +7ycW2FW3ZlqqfgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnv +uRcOp2jhs3svIm9p47SKlWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj ++nJRxDHVA6zaGAo17Y0CAwEAAaNaMFgwIgYDVR0RBBswGYIXZG9lc250bWF0Y2gu +ZXhhbXBsZS5jb20wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8v +bG9jYWxob3N0Ojg4ODgvMAsGCSqGSIb3DQEBCwOCAQEAstqHR4upkLa4tJcDD4vH +cUAJrMT+FzazHXIe4ukUiWG1HtyCjUiFI+NhS7YhCY2+rigO58UKgNkaG6BkrlJM +I81gnyfljMUmukNDmOmsOtXHhP8MXdEa6ye266M/CflTI1oAnLir/6ZJm8AwcLVW +vh4rhEjARMMPpmUC7vpf2aK4qTAcxuymei9Q7uy2tjJT4PExwa4aMBc195yXAyat +oMnVQWZqcQE1Gq/AUzQpHsZAvZOPzEQVLk1gAnZrDLZCQucEbd0P2cJ929cK5Zz0 +8t13hDTRa4NpHeaqCTz1l8tVf70FyeQn/tpRQT3uw6aUTbVpELONOFsgt/n/7RBb +Tg== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem.certspec new file mode 100644 index 000000000..91c5f548b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch-untrusted.pem.certspec @@ -0,0 +1,4 @@ +issuer:Other test CA +subject:Mismatch-Untrusted Test End-entity +extension:subjectAlternativeName:doesntmatch.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch.pem b/security/manager/ssl/tests/unit/bad_certs/mismatch.pem new file mode 100644 index 000000000..205fa23b9 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPDCCAiagAwIBAgIUexDM8FvRSX/MKvVCro1JmGq023EwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowIzEhMB8GA1UEAwwYTWlzbWF0Y2ggVGVzdCBFbmQtZW50aXR5MIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB/W62iAY2ED08 +E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVramRxCHqlWqdFh/cc +1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMCOosqQe6ncOAP +DY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdmWqp+ApAvOnsQ +gAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGzey8ib2njtIqV +YR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUDrNoYCjXtjQID +AQABo3kwdzBBBgNVHREEOjA4ghdkb2VzbnRtYXRjaC5leGFtcGxlLmNvbYIdKi5h +bHNvZG9lc250bWF0Y2guZXhhbXBsZS5jb20wMgYIKwYBBQUHAQEEJjAkMCIGCCsG +AQUFBzABhhZodHRwOi8vbG9jYWxob3N0Ojg4ODgvMAsGCSqGSIb3DQEBCwOCAQEA +CGnfn+l13zgSEIzCmZL2JLUHCKH7OilQ0tE7QjGTXo12KXUML8uNhoxXgH/z7ZnG +0N2ya+Y1pGOyAFsj37nAipH5xsM2mP1aAlPEjgrmoskyhiMszKxr8OD8TFHOfvkS +BlRjnGVjWpwkc2sAbHneN/aitkWDoQ2nacipdQl0OuW4jEjNXa1GE60kCmlfI72b +aP0yN0NPnIcx8Q4M++tfQ7imJbnonxIdQGJdjHHjIRE2CNFyt2Qeb66IyK/pnEDm +oVjx5VZPLUr0g1Ubg6W65LbIuNzalpzPBP30CAEqLXNNZ6wqKTgEHB5UB8sQnFTS +2AZeBlTZ42e5UpU/+h8Mog== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatch.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/mismatch.pem.certspec new file mode 100644 index 000000000..b93599fc8 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatch.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test CA +subject:Mismatch Test End-entity +extension:subjectAlternativeName:doesntmatch.example.com,*.alsodoesntmatch.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem b/security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem new file mode 100644 index 000000000..004ce48e6 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICwDCCAaqgAwIBAgIUJzlO5E47g+NUJjL7EcrQMDmXq04wCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowIjEgMB4GA1UEAwwXZG9lc250bWF0Y2guZXhhbXBsZS5jb20wggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT +2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzV +JJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8N +jf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCA +BiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVh +He4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMB +AAEwCwYJKoZIhvcNAQELA4IBAQBy/KCwjrh0emnzBnuw+yEZElSD23wKKhAjUISO +27ndrI6Gmv/wKHdgUP2yBPZbTcUT7RrzamdkOrsVASL2vAFAI1r/wHp/PXEnuNY5 +mUWVZLH3kCzJjvZXvGbdQUJhNraNbvDgV+GI/AAo+67QnSmYM0bqhaMsgbGHILGl +qZNOE6GZdWDFBSdNIdKz3AXeKiTXduR7rb03CiuGkG+RmByPEARiUdt2xdZMxx+Q +nhOTnBEu3KsyvJ0Y79Z6T8s3qo2dUsjHF9Kn77CKNYQFTbyoDMsBnulZZuL3uL0A +Fn7CB+VWzVooOhq+BvbeynWGDj3rHsMQUPyP8DMKuwJZwSxa +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem.certspec new file mode 100644 index 000000000..86ef45b7c --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/mismatchCN.pem.certspec @@ -0,0 +1,2 @@ +issuer:Test CA +subject:doesntmatch.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/moz.build b/security/manager/ssl/tests/unit/bad_certs/moz.build new file mode 100644 index 000000000..5402f3c21 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/moz.build @@ -0,0 +1,68 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# Temporarily disabled. See bug 1256495. +#test_certificates = ( +# 'badSubjectAltNames.pem', +# 'beforeEpoch.pem', +# 'beforeEpochINT.pem', +# 'beforeEpochIssuer.pem', +# 'ca-used-as-end-entity.pem', +# 'default-ee.pem', +# 'eeIssuedByNonCA.pem', +# 'eeIssuedByV1Cert.pem', +# 'emptyIssuerName.pem', +# 'emptyNameCA.pem', +# 'ev-test-intermediate.pem', +# 'ev-test.pem', +# 'evroot.pem', +# 'expired-ee.pem', +# 'expiredINT.pem', +# 'expiredissuer.pem', +# 'idn-certificate.pem', +# 'inadequateKeySizeEE.pem', +# 'inadequatekeyusage-ee.pem', +# 'ipAddressAsDNSNameInSAN.pem', +# 'md5signature-expired.pem', +# 'md5signature.pem', +# 'mismatchCN.pem', +# 'mismatch-expired.pem', +# 'mismatch-notYetValid.pem', +# 'mismatch.pem', +# 'mismatch-untrusted-expired.pem', +# 'mismatch-untrusted.pem', +# 'notYetValidINT.pem', +# 'notYetValidIssuer.pem', +# 'notYetValid.pem', +# 'noValidNames.pem', +# 'nsCertTypeCritical.pem', +# 'nsCertTypeCriticalWithExtKeyUsage.pem', +# 'nsCertTypeNotCritical.pem', +# 'other-issuer-ee.pem', +# 'other-test-ca.pem', +# 'self-signed-EE-with-cA-true.pem', +# 'selfsigned-inadequateEKU.pem', +# 'selfsigned.pem', +# 'test-ca.pem', +# 'test-int.pem', +# 'unknownissuer.pem', +# 'untrusted-expired.pem', +# 'untrustedissuer.pem', +# 'v1Cert.pem', +#) +# +#for test_certificate in test_certificates: +# GeneratedTestCertificate(test_certificate) +# +#test_keys = ( +# 'default-ee.key', +# 'evroot.key', +# 'inadequateKeySizeEE.key', +# 'other-test-ca.key', +#) +# +#for test_key in test_keys: +# GeneratedTestKey(test_key) diff --git a/security/manager/ssl/tests/unit/bad_certs/noValidNames.pem b/security/manager/ssl/tests/unit/bad_certs/noValidNames.pem new file mode 100644 index 000000000..36d258cb0 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/noValidNames.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIC/zCCAemgAwIBAgIUD8+FcBmecy2K1vllEQ2SgGucJCQwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowKTEnMCUGA1UEAwweRW5kLWVudGl0eSB3aXRoIG5vIHZhbGlkIG5h +bWVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB/W62 +iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVramRxCHql +WqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMCOosq +Qe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdmWqp+ +ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGzey8i +b2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUDrNoY +CjXtjQIDAQABozYwNDAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6 +Ly9sb2NhbGhvc3Q6ODg4OC8wCwYJKoZIhvcNAQELA4IBAQBiwTfHRmir5VnSNxOs +S806Ao1xXqaz7ff/qi32Nnio855qHulmKjsRfmEv09N7/PNFkAa6yILe0/8YdroC +aOd1iOdawsNMoeud7mD0FjuOYcjSnCx0WTeW5LZ/yXkgKwA8+shZzhr9TYiXQtnt +TIgQma15CyjpFp9ztHj6MtInVFhjDxe9DzJsgLv8EAxbLacPN6ZFB6DevvI+NL6M +wsy27OMdFvW7M4AWlWIyCFJg1moxaw8Ht8vUooe3EWbRknuM5IasgwZDt5YUeXkO +0nQF4IKtLoASla3UOL7exkMLJA7kE4zTlOKADXi56lNZd/2ck/+wd9hrwo8aXLsO +T34M +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/noValidNames.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/noValidNames.pem.certspec new file mode 100644 index 000000000..87088e87e --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/noValidNames.pem.certspec @@ -0,0 +1,3 @@ +issuer:Test CA +subject:End-entity with no valid names +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/notYetValid.pem b/security/manager/ssl/tests/unit/bad_certs/notYetValid.pem new file mode 100644 index 000000000..a380ffc9a --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/notYetValid.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDIjCCAgygAwIBAgIUM4uC0JcSpF7UST7x6F6ZPc9KOrswCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAzMTAxMDEwMDAwMDBaGA8yMDMyMDEw +MTAwMDAwMFowKDEmMCQGA1UEAwwdTm90IFlldCBWYWxpZCBUZXN0IEVuZC1lbnRp +dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braI +BjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVa +p0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB +7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4C +kC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJv +aeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgK +Ne2NAgMBAAGjWjBYMCIGA1UdEQQbMBmCF25vdHlldHZhbGlkLmV4YW1wbGUuY29t +MDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDo4 +ODg4LzALBgkqhkiG9w0BAQsDggEBALSZFFaWXBJQZrEnbKcmqL4FKsB4/ZNK7fXd +KI0LpaFtOwjXV6HxmuoBQ3PH87XXF5wpbsibZd7Ua4ZnKV0w7aW7BJSphIfkFVzK +dJFAiMPKVTCGOQzRZeXPjSrGzExyVHq2IAvcWIogN5vXxR3icS6fb9WbJEtdmEdZ +LtS9FfFxTBQBVnJKldMqbotpKS7gUm4KHUF57Q6f9Az41PlUaSqpXbnqsQ5BTCzv +d3PjsYAwkdlN8TSUC6iDfQnEP6zo9L49jsUxAOoOEaIVP5SJEASYq4uvcl8Z7IoY +PXpypjIP56Q5FKA1hrU0KwjZYcR4KRIhvTHEybgxK/XUA1znaf0= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/notYetValid.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/notYetValid.pem.certspec new file mode 100644 index 000000000..5b60c29eb --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/notYetValid.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Not Yet Valid Test End-entity +validity:20310101-20320101 +extension:subjectAlternativeName:notyetvalid.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem b/security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem new file mode 100644 index 000000000..aa4a031d3 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC5zCCAdGgAwIBAgIULzhHWvpIqD6LDAt8W+Os9YEJmkwwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAzMTAxMDEwMDAwMDBaGA8yMDMzMDEw +MTAwMDAwMFowKjEoMCYGA1UEAwwfTm90IFlldCBWYWxpZCBUZXN0IEludGVybWVk +aWF0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1u +togGNhA9PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6 +pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqL +KkHup3DgDw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3Zlqq +fgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3sv +Im9p47SKlWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6za +GAo17Y0CAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwCwYJKoZI +hvcNAQELA4IBAQCkGkkzHDXywFs2/YUNbwEttgV//Rj74yqYZJeiAfUapIIMyocs +hgKqSWGhtSyDzBzZhoNE8hzFtJ7c7OxZynpDpS/fhjLqX/dCiA2BlPkeliewdiaT +lpH45OjdaU5u0s/p9qn5CZMe5OFKR7tIj+fDrz79sO3Z749WXdyyCd97wDc37BMo +uTHIs07D5cJmG5vLYQRPE+RU0YZgk4QW4gmKp2tlcpkardFv1nTuc9fYokU98+87 +woE1nAZRS6JPnYekwxz2ToOCXyh/CKhhrrnxvGCXvVcaoDg5okI2Ri75nqXL9770 +dTyzwv3wPEOcmcqX2vwN5RaNzUCMOY4x/qzU +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem.certspec new file mode 100644 index 000000000..8a00f2ee2 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/notYetValidINT.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Not Yet Valid Test Intermediate +validity:20310101-20330101 +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem b/security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem new file mode 100644 index 000000000..10e11c82c --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDTDCCAjagAwIBAgIUd2Xdl3VR8l0IU2OPSgy6zPCjvaQwCwYJKoZIhvcNAQEL +MCoxKDAmBgNVBAMMH05vdCBZZXQgVmFsaWQgVGVzdCBJbnRlcm1lZGlhdGUwIhgP +MjAxNTExMjgwMDAwMDBaGA8yMDE4MDIwNTAwMDAwMFowNDEyMDAGA1UEAwwpVGVz +dCBFbmQtZW50aXR5IHdpdGggbm90IHlldCB2YWxpZCBpc3N1ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erkNUq0 +7PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwCfs1D +/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1mCyuw +JJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTMHGyX +rZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m1iWd +q5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAGjYDBe +MCgGA1UdEQQhMB+CHW5vdHlldHZhbGlkaXNzdWVyLmV4YW1wbGUuY29tMDIGCCsG +AQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL2xvY2FsaG9zdDo4ODg4LzAL +BgkqhkiG9w0BAQsDggEBAEI5yQNpc3afAa4iN9uVBBDv9gT3X2FbhrWKCNYbLsRD +dtntFIuZMHJvH0IuKqgUoDnFMJciOkhY8GrJUi6bZIOd15YL/jsodJHxYO9g0vT0 +0E33/Ka+0DEy4g/skJTy7xQsF0OTw042Aoe23RFxwbAmzqQn0BDRzJ6Qhx4WLQ2f +QVhmDrvwF+VRshrp6bJKjcTZRmgIX3nVYAR0THuJu+zcB8de7G3lOH7YCl0rpboI +fFkQxnTSt/MtU3FEJaajmz3PvzLkCI4FHFv8SouQ3ZIp/XRHk6luW0QWO3z6cy5l +3V9BkhP0jkPpr9wfCZcmqu8EkCWZCfiu0Rf+k2uR2wo= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem.certspec new file mode 100644 index 000000000..d8420898e --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/notYetValidIssuer.pem.certspec @@ -0,0 +1,4 @@ +issuer:Not Yet Valid Test Intermediate +subject:Test End-entity with not yet valid issuer +extension:subjectAlternativeName:notyetvalidissuer.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem new file mode 100644 index 000000000..0602dbb8f --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC+zCCAeWgAwIBAgIUQaNz+iusE21wkn6JJ/qLaB6Q8gEwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowHjEcMBoGA1UEAwwTbnNDZXJ0VHlwZSBDcml0aWNhbDCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9PBPZ6uQ1 +SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3HNUknAJ+ +zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3DgDw2N/WYL +K7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7EIAGJMwc +bJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SKlWEd7ibW +JZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0CAwEAAaM9 +MDswIwYDVR0RBBwwGoIJbG9jYWxob3N0gg0qLmV4YW1wbGUuY29tMBQGCWCGSAGG ++EIBAQEB/wQEAwIGQDALBgkqhkiG9w0BAQsDggEBAKWjJlobJfQhQxSNmvhokt1f +rSWbHFyePtawqHSBKIOG9RrNB9E+nbDsI/gVvgVwi1GVu7cmg5SJDAuK19dpWXTh +Pf4FPTm+FrLXwfPUOay5S3aGSwg29/PjnVayuBrJbMeYvtMJd7NGtadyv5wg3K3P +SSFqYjUKOeWewt2NrX07LII68uctBja3BVpAPVvcoYsnR30ozuuiZTy6rBu0n4g0 +KU2stuuOnVLf7A7C2clj/ls0uX0hbSAaFH2RNQPsu+TL2ziSEEV9DYUm4pPMnpuO +dhSDgTDkCTMqzS84FFTemzbkOUxBechMogtPkEhr157kbBXYzjytYgGLL7FGGRc= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem.certspec new file mode 100644 index 000000000..b236bdea4 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCritical.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test CA +subject:nsCertType Critical +extension:subjectAlternativeName:localhost,*.example.com +extension:nsCertType[critical]:sslServer diff --git a/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem new file mode 100644 index 000000000..24d6ba742 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDLzCCAhmgAwIBAgIUL0RNPgFGtsQZxanRCa2IGPqVWZIwCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowLzEtMCsGA1UEAwwkbnNDZXJ0VHlwZSBDcml0aWNhbCBXaXRoIGV4 +dEtleVVzYWdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESO +FtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+KvWnVr +amRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWka +sdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbY +VbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6n +aOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHE +MdUDrNoYCjXtjQIDAQABo2AwXjAjBgNVHREEHDAagglsb2NhbGhvc3SCDSouZXhh +bXBsZS5jb20wFAYJYIZIAYb4QgEBAQH/BAQDAgZAMAwGA1UdEwQFMAMBAQAwEwYD +VR0lBAwwCgYIKwYBBQUHAwEwCwYJKoZIhvcNAQELA4IBAQAO+rOEK3vhTmoLNg5w +upxSODlCFghBLZ1qui7RWJME62JG/1sxZw4rHa0Pl2NP1U/Wy0ErAT/QQLyIahBL +mjggdD3Vh9wfx4Qf4FwHGzJEopfsx6YQlHcXR1v5qb7lLeuywhA6m7agn9DWBGlg +lLFNqtHmofQFaileQOA50Uu9qOAdbea5+rjZn9rBBvUUVeSc9hNWjDRCMk/5PSm4 +6ONpFjal4npPA8V/U7LleJR+VNbiCWNHaQD/9H+xBoay81m8GL0CdM9udBjbyf9W +NlYtu87XanZn2//LghGGUW4HQn1YXWD6UeZngo91UdQeIOs+dCiTI8CldgpGafld +8UdC +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem.certspec new file mode 100644 index 000000000..0ae63e20f --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeCriticalWithExtKeyUsage.pem.certspec @@ -0,0 +1,6 @@ +issuer:Test CA +subject:nsCertType Critical With extKeyUsage +extension:subjectAlternativeName:localhost,*.example.com +extension:nsCertType[critical]:sslServer +extension:basicConstraints:, +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem new file mode 100644 index 000000000..b894c0bce --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC/DCCAeagAwIBAgIUSeaDecTuqo807NV7Z4OGuTUEoKowCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowIjEgMB4GA1UEAwwXbnNDZXJ0VHlwZSBOb3QgQ3JpdGljYWwwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT +2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzV +JJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8N +jf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCA +BiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVh +He4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMB +AAGjOjA4MCMGA1UdEQQcMBqCCWxvY2FsaG9zdIINKi5leGFtcGxlLmNvbTARBglg +hkgBhvhCAQEEBAMCBkAwCwYJKoZIhvcNAQELA4IBAQBUkcVO1xXJv8/BR5tUyQDt +Y6gQMH9hfg2MZwR7mKj/ZdTEUMUqpOo4zfxRj8j3WNAF01g88D/oQw3IcDay9kpE +EZDSLLQpVYW6l9xEWuCl+p9jNbFDmNxyPe2KOD+Pmp0ggkyeKyfC2l1cZS9kuQjW +rIYgGdDVcXvBH/cfi8Dxl4IjWa/Fmkpw/W4uvcKcpLdtwZkGAa2CH1ymmeE3gtE8 ++uYJuWWP9RE1cwXtwoGTPoU2fxBP8V2gRgPrlHQlhlJzyWthJ30Cv+RBNU6IkzNT +ZO10f39iPQScLbrcaDULX44vhUGhXlaXsOBWZnyX7exBWdUxNNpIjReO1nrZxufi +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem.certspec new file mode 100644 index 000000000..a44a1feee --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/nsCertTypeNotCritical.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test CA +subject:nsCertType Not Critical +extension:subjectAlternativeName:localhost,*.example.com +extension:nsCertType:sslServer diff --git a/security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem b/security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem new file mode 100644 index 000000000..13ba23a19 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDezCCAmWgAwIBAgIUNVbKGlj3T9hCc0QZzD1Zs4cFzeUwCwYJKoZIhvcNAQEL +MBgxFjAUBgNVBAMMDU90aGVyIHRlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8y +MDE4MDIwNTAwMDAwMFowJzElMCMGA1UEAwwcV3JvbmcgQ0EgUGluIFRlc3QgRW5k +LUVudGl0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMF1xlJmCZ93 +CCpnkfG4dsN/XOU4sGxKzSKxy9RvplraKt1ByMJJisSjs8H2FIf0G2mJQb2ApRw8 +EgJExYSkxEgzBeUTjAEGzwi+moYnYLrmoujzbyPF2YMTud+vN4NF2s5R1Nbc0qbL +PMcG680wcOyYzOQKpZHXKVp/ccW+ZmkdKy3+yElEWQvFo+pJ/ZOx11NAXxdzdpmV +hmYlR5ftQmkIiAgRQiBpmIpD/uSM5oeB3SK2ppzSg3UTH5MrEozihvp9JRwGKtJ+ +8Bbxh83VToMrNbiTD3S6kKqLx2FnJCqx/W1iFA0YxMC4xo/DdIRXMkrX3obmVS8d +HhkdcSFo07sCAwEAAaOBrTCBqjB0BgNVHREEbTBrgigqLmluY2x1ZGUtc3ViZG9t +YWlucy5waW5uaW5nLmV4YW1wbGUuY29tgigqLmV4Y2x1ZGUtc3ViZG9tYWlucy5w +aW5uaW5nLmV4YW1wbGUuY29tghUqLnBpbm5pbmcuZXhhbXBsZS5jb20wMgYIKwYB +BQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0Ojg4ODgvMAsG +CSqGSIb3DQEBCwOCAQEArJqM6iooFNCAk11WMdPCxa4iGkG4V5zYuFjdd2K3LTLM +ai5SZS875tXNol+YZgUh6cdTbVARdsB4saYGH1v5pAmK+VJniYQHWYsSLofgBfFw +yAk1Ymj5pz8y6+ExYzWPBV5ihevtyCRPGG8xgZqRbERTdB2uBZGmQ441LLnZZZFX +BByEFQ4M7qYmOTZaIxncSGZbwVncBYkLbYmOIPdcahVtnK1mIm1q7ET0KeUEPTLB +5UEdNa7bd5ULWeCIVZxRWdawzktWdF7CfBVO2KeWiEE6wkL1Y3N29mUOynWKRs7w +wo5ETwxEw/6UqOaGCmbCTN5Xa+N+ZE5/4g0gEEcFUg== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem.certspec new file mode 100644 index 000000000..a905a66ac --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/other-issuer-ee.pem.certspec @@ -0,0 +1,6 @@ +issuer:Other test CA +subject:Wrong CA Pin Test End-Entity +issuerKey:alternate +subjectKey:alternate +extension:subjectAlternativeName:*.include-subdomains.pinning.example.com,*.exclude-subdomains.pinning.example.com,*.pinning.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/other-test-ca.key b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.key new file mode 100644 index 000000000..6db74b5c5 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBdcZSZgmfdwgq +Z5HxuHbDf1zlOLBsSs0iscvUb6Za2irdQcjCSYrEo7PB9hSH9BtpiUG9gKUcPBIC +RMWEpMRIMwXlE4wBBs8IvpqGJ2C65qLo828jxdmDE7nfrzeDRdrOUdTW3NKmyzzH +BuvNMHDsmMzkCqWR1ylaf3HFvmZpHSst/shJRFkLxaPqSf2TsddTQF8Xc3aZlYZm +JUeX7UJpCIgIEUIgaZiKQ/7kjOaHgd0itqac0oN1Ex+TKxKM4ob6fSUcBirSfvAW +8YfN1U6DKzW4kw90upCqi8dhZyQqsf1tYhQNGMTAuMaPw3SEVzJK196G5lUvHR4Z +HXEhaNO7AgMBAAECggEAfj9tfLg572auXX3ZL/VBC7NB3BRyjTkDRXDho3B5DzDw +aBNV//QeKtTpqdn86/vRJ736uMAK/7Hzzqcyfq1HqhYh8qwe4UygLwSzsnhgF5gL +GBpEnQOwPmnRErg1ceVUNPASBWV10oMu1nMdznmeN8g/bVHFWrcetYAVrwXhrxXH +R2A+9/J9A6b/BJ2Wu/hUweTlDvWwWND7CBgOCsf3vo8v8Wc9l/yeVduoOAd7v4p8 +/ylihXeFJpzZ1brStXRp5K/NM8TKLS9pnxHnyPvc1ITwjY77ijy4qXLrJL7Zcu+q +5LtxIJPkj+lKRutimodQeMQCGposk8mnA5Dp0KVEAQKBgQDmP8clprp2klp/+MtZ +xPVt1+yD/oW/H1PhHKyagSWLz8CugZB3sPLRR3qvho3mqOy+r3uyKxlvKprYLTKG +8NDMKd5xnl8r6OUJtyhNWWPt02L5J4h6TEqJeZ00DVGzAax2AasnF5Ak/KrdOL9l +Iq9j6xZGHsAqfyewb+Cd3afAoQKBgQDXGLH+n4+Z8A6DKuH73G/iqyfzTgScSYAQ ++g63CEhSGCNGCDtclsPu5VksAUpBDGuTCxZcE7XCaqMurG58klqFUcJRNPL0pyxk +IfGacxSKDt+rpdOmiIs1y6GMAP047lqvC1RXMdcgdhu8ze50SlLKQV6Y5N4Bzf52 +TBlns+jK2wKBgAHlrKJmyUqI0i4TwrkuokcRbGV6B2gXvf0w20s6nTCVuaS2dJZH +4vhOenhPx4OLCMhZcc96A2+jDjuRw8TQ3yePgMG26FnYRWrbE33vqp8fCsW6yakY +T9TqJ51yLqYm8WDXiq17yDhFzLKd8RXIP2G3YiuZvUOcYJtXkKY8WVGBAoGBAIDM +RdENJITuDRKX/Ae/gLO+/0Yeon4fOPNxeJw69mtKDt0hksIneR208cd64ka/NC8x +hWsPVlgbWKlbETHAxTltsqjDxvOeouM2vCBa5qKgs2hp/KmMu6czzwExmm+bsmt8 +oj0wF/xVHNjaiv3Rf2+i4w00hoeYHNYjTVcekLffAoGAb3fAwfKuesFpVhzKSZxS +vfvgTN3M29wSrsWoVpHoWUt+4pkI8w57lqpiVLgO1K7sm5k3gr38ebadjVjGiHD6 +S+G8DDUnKIxcgrtK668V7f8RBAP8eOas5qgoJ79C8M+nUeUHZRxWONuTk90j3R9r +KVFR3kS3f+Vaew3yceGaZcA= +-----END PRIVATE KEY-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/other-test-ca.key.keyspec b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.key.keyspec new file mode 100644 index 000000000..cbd5f309c --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.key.keyspec @@ -0,0 +1 @@ +alternate diff --git a/security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem new file mode 100644 index 000000000..09bd4bb04 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC2zCCAcWgAwIBAgIUexJUIJpq50jgqOwQluhVrAzTF74wCwYJKoZIhvcNAQEL +MBgxFjAUBgNVBAMMDU90aGVyIHRlc3QgQ0EwIhgPMjAxNTAxMDEwMDAwMDBaGA8y +MDI1MDEwMTAwMDAwMFowGDEWMBQGA1UEAwwNT3RoZXIgdGVzdCBDQTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMF1xlJmCZ93CCpnkfG4dsN/XOU4sGxK +zSKxy9RvplraKt1ByMJJisSjs8H2FIf0G2mJQb2ApRw8EgJExYSkxEgzBeUTjAEG +zwi+moYnYLrmoujzbyPF2YMTud+vN4NF2s5R1Nbc0qbLPMcG680wcOyYzOQKpZHX +KVp/ccW+ZmkdKy3+yElEWQvFo+pJ/ZOx11NAXxdzdpmVhmYlR5ftQmkIiAgRQiBp +mIpD/uSM5oeB3SK2ppzSg3UTH5MrEozihvp9JRwGKtJ+8Bbxh83VToMrNbiTD3S6 +kKqLx2FnJCqx/W1iFA0YxMC4xo/DdIRXMkrX3obmVS8dHhkdcSFo07sCAwEAAaMd +MBswDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwCwYJKoZIhvcNAQELA4IBAQCL +jKgNGmCVYhntJo024WL8bF6hekERMYQbu/CK9moz6wlOpRMOQX1x7U/ianPW9Whi +yoMAgAgNhLr2+t4ewqU2xRxMY0DvMSOuF9l08mptCW5sd/ocrRZuv/RcBmLcRnJm +Y+HuaVOvf1ac32pNN5HYagGQbvvpAaHB5/DyYcywqUM7SttK1QF+AOsGePZdYUK2 +Od5wJwB7yE1Fpgf6O4vZaE0JkTVh8GQipwoPms2GYk2E1sJXu9eUrLBfioVVN0TF +QF4xJxSwyxY8ys5E4+ftIVixVdetrcotUdYR64x9Hd5OPr5Q7VaAvd85ZvuB7xeK +eHxNGBjaJMf1tkamLr3p +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem.certspec new file mode 100644 index 000000000..3bc975aa2 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/other-test-ca.pem.certspec @@ -0,0 +1,7 @@ +issuer:Other test CA +subject:Other test CA +issuerKey:alternate +subjectKey:alternate +validity:20150101-20250101 +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem b/security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem new file mode 100644 index 000000000..badc58376 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdTCCAl+gAwIBAgIUOZxBsWqmNkNX1bk4vwjN7oalyxcwCwYJKoZIhvcNAQEL +MDMxMTAvBgNVBAMMKFRlc3QgU2VsZi1zaWduZWQgRW5kLWVudGl0eSB3aXRoIENB +IHRydWUwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIwNTAwMDAwMFowMzExMC8G +A1UEAwwoVGVzdCBTZWxmLXNpZ25lZCBFbmQtZW50aXR5IHdpdGggQ0EgdHJ1ZTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9 +PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3 +HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3Dg +Dw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7 +EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SK +lWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0C +AwEAAaOBgDB+MAwGA1UdEwQFMAMBAf8wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUF +BzABhhZodHRwOi8vbG9jYWxob3N0Ojg4ODgvMDoGA1UdEQQzMDGCL3NlbGYtc2ln +bmVkLWVuZC1lbnRpdHktd2l0aC1jQS10cnVlLmV4YW1wbGUuY29tMAsGCSqGSIb3 +DQEBCwOCAQEAOOiI4FYCOj5N75+ix87qQQjtyG//CTUi8SMRAIG9sQId7fRtXAcl +qEtWKxdcNy4RYVoEQTNPrY6gr9amiPEpZ9IobtX1WW8gJiVj3EFLfXBKTE3B6Kxp +Qim7bJvrqoumLgXtH7eljHdfN86I6Xnyk7L4tl30UhlOSd24jiQ8T5FxF7lcmEnT +w+AthUUhOyKyDRXvV3jUpM3SKv6mz0rzm19A/qBOYM6Q+bAS5n47d/TPbmCff8T/ +zKU/Su7WYXsw7gU208DhWrqLjpUzPuGSRRTZgHCG35KpOlNcN81iZsvEYIyL+b68 +G2rlSZK2C3LaGi/0t7s3O8gUep20KSF7WA== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem.certspec new file mode 100644 index 000000000..0ca92d7fd --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/self-signed-EE-with-cA-true.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test Self-signed End-entity with CA true +subject:Test Self-signed End-entity with CA true +extension:basicConstraints:cA, +extension:authorityInformationAccess:http://localhost:8888/ +extension:subjectAlternativeName:self-signed-end-entity-with-cA-true.example.com diff --git a/security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem b/security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem new file mode 100644 index 000000000..87b0ca2e7 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDgzCCAm2gAwIBAgIUV9yIaHMDuAdDCVBEzuEE5tSGIncwCwYJKoZIhvcNAQEL +MDUxMzAxBgNVBAMMKlNlbGYtc2lnbmVkIEluYWRlcXVhdGUgRUtVIFRlc3QgRW5k +LWVudGl0eTAiGA8yMDE1MTEyODAwMDAwMFoYDzIwMTgwMjA1MDAwMDAwWjA1MTMw +MQYDVQQDDCpTZWxmLXNpZ25lZCBJbmFkZXF1YXRlIEVLVSBUZXN0IEVuZC1lbnRp +dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braI +BjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVa +p0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB +7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4C +kC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJv +aeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgK +Ne2NAgMBAAGjgYowgYcwCwYDVR0PBAQDAgQwMBMGA1UdJQQMMAoGCCsGAQUFBwMB +MC8GA1UdEQQoMCaCJHNlbGZzaWduZWQtaW5hZGVxdWF0ZUVLVS5leGFtcGxlLmNv +bTAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9sb2NhbGhvc3Q6 +ODg4OC8wCwYJKoZIhvcNAQELA4IBAQAhtt1BOrCjch5fzJ+OIvqSF2qERDB7CJDA +avhypMbCVCEabM1JBD8vtA5U7izjWpAJVlOwFBUPtGpeCtXkCZEyy6/JPOdc5hhJ +1h0+c9CeKkmjwyydqqz3v4quXAI0WX7ChuO5WfsVY1swFcp6TYtGYBsjMVpVQaTw +CGNFZ73EEksRWP0NH/SKABo+6dlvOghivAa3Wx1HEOVTFUo8u6odwZ596Xl/IhY4 +I0G/GuGCwMhBE/5GGpSI8qH8DxRXT7nrvdHZmuiRB2SJYeuF4Cs08KHO+ymiST/d +OLnAKR1WWgslQbxZu3zdBDqKuKf2vOKS9xo6sQXP3TsLsSPxY1v2 +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem.certspec new file mode 100644 index 000000000..477b90ce1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/selfsigned-inadequateEKU.pem.certspec @@ -0,0 +1,6 @@ +issuer:Self-signed Inadequate EKU Test End-entity +subject:Self-signed Inadequate EKU Test End-entity +extension:keyUsage:keyEncipherment,dataEncipherment +extension:extKeyUsage:serverAuth +extension:subjectAlternativeName:selfsigned-inadequateEKU.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/selfsigned.pem b/security/manager/ssl/tests/unit/bad_certs/selfsigned.pem new file mode 100644 index 000000000..436f9ef8e --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/selfsigned.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDMzCCAh2gAwIBAgIUFdYBQ3rk5hXCs0Bz6ERmayqrMTYwCwYJKoZIhvcNAQEL +MCYxJDAiBgNVBAMMG1NlbGYtc2lnbmVkIFRlc3QgRW5kLWVudGl0eTAiGA8yMDE1 +MTEyODAwMDAwMFoYDzIwMTgwMjA1MDAwMDAwWjAmMSQwIgYDVQQDDBtTZWxmLXNp +Z25lZCBUZXN0IEVuZC1lbnRpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9sZwG +m24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5TMJr +bA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7xeC4 +SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHdtMr3 +/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l8Y+Z +FzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAGjWTBXMCEGA1UdEQQaMBiCFnNlbGZz +aWduZWQuZXhhbXBsZS5jb20wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZo +dHRwOi8vbG9jYWxob3N0Ojg4ODgvMAsGCSqGSIb3DQEBCwOCAQEAiPY8Ka4thJkS +6HzgnIpJyd09rmAls/LwAPRwhk8s652FEEGpZzkreDjOJ9LGYx01JWGQPDxOgddt +ynYtbZVzwnSuJnISglU/mAsmgG47hSeBamOm9zg2KAC1+64nVgpkmYMEDGQC4h79 +cADh5g5ay0E47x/9u7F02z4ovXyJCDC/bOTFKv4WCkHEaIKhnbrv4EGT+lkfCFol +obLR6h4mwclIDycIR9D2hg4ZSrnace1JzF0OALMVshwtclmJMS4yH+yACSeovT6t +fN1CTvLAY8nYtyuxWc3D/gv0T5MWVvkSSfbrvt+nCUvrEsLFnDgKqMzh7S/iph3M +UyeHQjtRIQ== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/selfsigned.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/selfsigned.pem.certspec new file mode 100644 index 000000000..99a814be1 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/selfsigned.pem.certspec @@ -0,0 +1,4 @@ +issuer:Self-signed Test End-entity +subject:Self-signed Test End-entity +extension:subjectAlternativeName:selfsigned.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/test-ca.pem b/security/manager/ssl/tests/unit/bad_certs/test-ca.pem new file mode 100644 index 000000000..1d50176e4 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/test-ca.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIICzzCCAbmgAwIBAgIUH9DaznYx1NE1Cu9I8cBqxV9VgF4wCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8yMDE4MDIw +NTAwMDAwMFowEjEQMA4GA1UEAwwHVGVzdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9PBPZ6uQ1SrTs9WhXbCR7wccl +qODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sg +w0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3DgDw2N/WYLK7AkkqR9uYhheZCx +V5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1 +MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SKlWEd7ibWJZ2rkQhONsscJAQs +vxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0CAwEAAaMdMBswDAYDVR0TBAUw +AwEB/zALBgNVHQ8EBAMCAQYwCwYJKoZIhvcNAQELA4IBAQA1o3GayNFRlVTrsoj2 +Ag06YatbGe94M/FT0MXngjlmrMkGZqHaDlrii7Jz+JP16CBjaIZ0ZP7I56Nn/l8y +/kfe++zvr1uwRaKjtRGBiFpCjx10rI508wzSnOox3+bOtv9qjYaY7UjkBV3F40IS +P8qKMtNspsR4tjS/D1jbculhngkPqhskefZFQQvcgG54L5j921GFKNeeX6i9QAzV +jjM6i/iQYpAWCuh5+CetwUnfFuZCM80npp/qHMESkT3PyPpwqT9A5K+xQdVfpXq5 +SmVy5+QGWALuSV1sfIRXRwOh+2jCWwWPbyi9TlHrvlO5mL38qikdYBDPat3ve4cq +5viq +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/test-ca.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/test-ca.pem.certspec new file mode 100644 index 000000000..5d2435d7b --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/test-ca.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test CA +subject:Test CA +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/test-int.pem b/security/manager/ssl/tests/unit/bad_certs/test-int.pem new file mode 100644 index 000000000..df9ad3ddb --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/test-int.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC2TCCAcOgAwIBAgIUBVio/iQ21GCi2iUven8oJ/gae74wCwYJKoZIhvcNAQEL +MBIxEDAOBgNVBAMMB1Rlc3QgQ0EwIhgPMjAxNTAxMDEwMDAwMDBaGA8yMDI1MDEw +MTAwMDAwMFowHDEaMBgGA1UEAwwRVGVzdCBJbnRlcm1lZGlhdGUwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erkNUq0 +7PVoV2wke8HHJajg2B+9sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwCfs1D +/B5p0DggKZOrIMNJ5Nu5TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1mCyuw +JJKkfbmIYXmQsVeQPdI7xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTMHGyX +rZZhW7filhLAdTGjDJHdtMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m1iWd +q5EITjbLHCQELL8Wiy/l8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAGjHTAb +MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMAsGCSqGSIb3DQEBCwOCAQEAry6Z +DoUhexYUJTzWwN1ZIwWeXW/QxJR5u4DvK6pBPInDdyfv20EuxXKODYWXXPGbOY8X +5SEsUtS+1WUlMAXenmejPvDcjeEGLS8tfJQbgHtPrDhQR43fnYGZrA2pWVmxQ+TJ +Lrg18uGIuMcfAr3RwMzeK+uj81bybeYZN5haISWa6bF2a81vMx/WDgyFSYYBOYph +nCPWVSqPTK/6NwbyWZORs474Flx45uzo7g9mMCmbwz9IzdJYpVrViVAFTU1gSbNQ +ED3LzwGkS7eO8Lqzk9a94uIGqhxtGDvxFe+6Be/Il3M/5d2WC2Jmqzv8cU/u4GLb +dKrXnD3epofIjHnOUA== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/test-int.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/test-int.pem.certspec new file mode 100644 index 000000000..33b42c2f4 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/test-int.pem.certspec @@ -0,0 +1,5 @@ +issuer:Test CA +subject:Test Intermediate +validity:20150101-20250101 +extension:basicConstraints:cA, +extension:keyUsage:cRLSign,keyCertSign diff --git a/security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem b/security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem new file mode 100644 index 000000000..d9ba29653 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpTCCAo+gAwIBAgIUHccbzbbSEhGlmiWbLlfHcRQFD7MwCwYJKoZIhvcNAQEL +MCYxJDAiBgNVBAMMG1Rlc3QgSW50ZXJtZWRpYXRlIHRvIGRlbGV0ZTAiGA8yMDE1 +MTEyODAwMDAwMFoYDzIwMTgwMjA1MDAwMDAwWjAuMSwwKgYDVQQDDCNUZXN0IEVu +ZC1lbnRpdHkgZnJvbSB1bmtub3duIGlzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBALqIUahEjhbWQf1utogGNhA9PBPZ6uQ1SrTs9WhXbCR7wccl +qODYH72xnAabbhqG8mvir1p1a2pkcQh6pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sg +w0nk27lMwmtsDu0Vgg/xfq1pGrHTAjqLKkHup3DgDw2N/WYLK7AkkqR9uYhheZCx +V5A90jvF4LhIH6g304hD7ycW2FW3ZlqqfgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1 +MaMMkd20yvf8rR0l0wnvuRcOp2jhs3svIm9p47SKlWEd7ibWJZ2rkQhONsscJAQs +vxaLL+Xxj5kXMbiz/kkj+nJRxDHVA6zaGAo17Y0CAwEAAaOBwjCBvzCBiAYDVR0R +BIGAMH6CGXVua25vd25pc3N1ZXIuZXhhbXBsZS5jb22CNHVua25vd25pc3N1ZXIu +aW5jbHVkZS1zdWJkb21haW5zLnBpbm5pbmcuZXhhbXBsZS5jb22CK3Vua25vd25p +c3N1ZXIudGVzdC1tb2RlLnBpbm5pbmcuZXhhbXBsZS5jb20wMgYIKwYBBQUHAQEE +JjAkMCIGCCsGAQUFBzABhhZodHRwOi8vbG9jYWxob3N0Ojg4ODgvMAsGCSqGSIb3 +DQEBCwOCAQEAjvk1a9yDZSYDNilWlvRcUk6stPfmjG7p0Owu0a+Lh8JIxOZXflZ1 +/hpVp0L5ds6mc74Q5VBJgqpkrpYBIVDPa3LJzW4HX8y7FtDo71Ca/ob+Xyc4hFdg +3G2DqLePZXqkV+h6bsg/Rqv2FUt/GbUmv4sIkTwL5KgMEjLJGxwRTyrQZJlTMC5N +uSxtWiCv+wLnP9NbkMgBHE1NnBQjF5nR/mJC7HUGykGYe+oJHuozq+/VCn3bXFUm +kq9YXS0R84LcQH7gHtOlp5xwxiYXPH3C2cxobaJNdo5qsyOZYc5Diq/ukCN5rg0N +5IOg9SPThtEzlCjTFRVHKE7ncgo7JxJ3gw== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem.certspec new file mode 100644 index 000000000..a735c730c --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/unknownissuer.pem.certspec @@ -0,0 +1,4 @@ +issuer:Test Intermediate to delete +subject:Test End-entity from unknown issuer +extension:subjectAlternativeName:unknownissuer.example.com,unknownissuer.include-subdomains.pinning.example.com,unknownissuer.test-mode.pinning.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem b/security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem new file mode 100644 index 000000000..497b3472c --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDMjCCAhygAwIBAgIUEb4CKRVPjI1eurD3IgLllUvomHgwCwYJKoZIhvcNAQEL +MBgxFjAUBgNVBAMMDU90aGVyIHRlc3QgQ0EwIhgPMjAxMTAxMDEwMDAwMDBaGA8y +MDEzMDEwMTAwMDAwMFowLDEqMCgGA1UEAwwhVW50cnVzdGVkLUV4cGlyZWQgVGVz +dCBFbmQtZW50aXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohR +qESOFtZB/W62iAY2ED08E9nq5DVKtOz1aFdsJHvBxyWo4NgfvbGcBptuGobya+Kv +WnVramRxCHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+ +rWkasdMCOosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPv +JxbYVbdmWqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5 +Fw6naOGzey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6 +clHEMdUDrNoYCjXtjQIDAQABo2AwXjAoBgNVHREEITAfgh11bnRydXN0ZWQtZXhw +aXJlZC5leGFtcGxlLmNvbTAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0 +dHA6Ly9sb2NhbGhvc3Q6ODg4OC8wCwYJKoZIhvcNAQELA4IBAQB+nHMbzEEVQFPF +ahU0cR3xT8hyv0R0rNFTFQzGmAJpLz+xJN+GsOLuqGHqZ7Yc8lSOEQq4m/EDNncL +SWnNbQHZPb4BAgz6n84gKazPfvkQmzx2QFqJs8s/Nfj8kxygUbCF5h+R+KBQbQd3 +qjAEeJK7pUoJjBB236JwBlM0Rqbv7QgTibm5VnNcfkZcwlBpwfCXdc6jtG9hkyhD +h/8H0mZ+gvMpgnXx3TascLWJuPrYpDSgayRClfvs+FQtY8Lv5qkCR2TLLU779O8f +TNTZLWogZ/tlOy268M5iFaOS71g0dQM9sU++XpUjtQlf6T1a2HtyZ8CmiG+Ffsym +mAJNGYT8 +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem.certspec new file mode 100644 index 000000000..3efd1ce67 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/untrusted-expired.pem.certspec @@ -0,0 +1,5 @@ +issuer:Other test CA +subject:Untrusted-Expired Test End-entity +validity:20110101-20130101 +extension:subjectAlternativeName:untrusted-expired.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem b/security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem new file mode 100644 index 000000000..842e7e7bd --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNDCCAh6gAwIBAgIUC7+ekJBbfCa4+95t1Lc9QFnFM00wCwYJKoZIhvcNAQEL +MBgxFjAUBgNVBAMMDU90aGVyIHRlc3QgQ0EwIhgPMjAxNTExMjgwMDAwMDBaGA8y +MDE4MDIwNTAwMDAwMFowMDEuMCwGA1UEAwwlVGVzdCBFbmQtZW50aXR5IHdpdGgg +dW50cnVzdGVkIGlzc3VlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALqIUahEjhbWQf1utogGNhA9PBPZ6uQ1SrTs9WhXbCR7wcclqODYH72xnAabbhqG +8mvir1p1a2pkcQh6pVqnRYf3HNUknAJ+zUP8HmnQOCApk6sgw0nk27lMwmtsDu0V +gg/xfq1pGrHTAjqLKkHup3DgDw2N/WYLK7AkkqR9uYhheZCxV5A90jvF4LhIH6g3 +04hD7ycW2FW3ZlqqfgKQLzp7EIAGJMwcbJetlmFbt+KWEsB1MaMMkd20yvf8rR0l +0wnvuRcOp2jhs3svIm9p47SKlWEd7ibWJZ2rkQhONsscJAQsvxaLL+Xxj5kXMbiz +/kkj+nJRxDHVA6zaGAo17Y0CAwEAAaNeMFwwJgYDVR0RBB8wHYIbdW50cnVzdGVk +aXNzdWVyLmV4YW1wbGUuY29tMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW +aHR0cDovL2xvY2FsaG9zdDo4ODg4LzALBgkqhkiG9w0BAQsDggEBADoMA0m+eXNs +tdp2WpRyK3F9+FXIYbZGdlQFi+G9Dku/8J/cysb3jnN7zdSiCwkSJ38XR/8z4M0O +x4i3/alFWP1HTvQmVOwP7U31u1h56QlS8ltFasZtd+lOELWvaj9WzG2glcFGTynT +iIIl3LCm47O6u501xZsp5XPRaeY9956vuP7TwVIx8v2JR5H3hFhk9fR/mhR8QCOB +HVu/iW9ux7g/9Up1Fi5mYAq6cmArpJ2LzEr57gdV1lfgKObTE++ZWtRa5N+zMZGX +TU6WARBPH+vVHC1VKxY2SYENxswFtkgCSVoRFzn7sj/8jQ6iaJ86sf9poK0NrHdg +P0ybC9Y8juA= +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem.certspec new file mode 100644 index 000000000..5ba0bc253 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/untrustedissuer.pem.certspec @@ -0,0 +1,4 @@ +issuer:Other test CA +subject:Test End-entity with untrusted issuer +extension:subjectAlternativeName:untrustedissuer.example.com +extension:authorityInformationAccess:http://localhost:8888/ diff --git a/security/manager/ssl/tests/unit/bad_certs/v1Cert.pem b/security/manager/ssl/tests/unit/bad_certs/v1Cert.pem new file mode 100644 index 000000000..c6e59a7a8 --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/v1Cert.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE----- +MIICqzCCAZUCFDt6FYWPwMbZVlZa329PtAVVBtsnMAsGCSqGSIb3DQEBCzASMRAw +DgYDVQQDDAdUZXN0IENBMCIYDzIwMTUxMTI4MDAwMDAwWhgPMjAxODAyMDUwMDAw +MDBaMBIxEDAOBgNVBAMMB1YxIENlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC6iFGoRI4W1kH9braIBjYQPTwT2erkNUq07PVoV2wke8HHJajg2B+9 +sZwGm24ahvJr4q9adWtqZHEIeqVap0WH9xzVJJwCfs1D/B5p0DggKZOrIMNJ5Nu5 +TMJrbA7tFYIP8X6taRqx0wI6iypB7qdw4A8Njf1mCyuwJJKkfbmIYXmQsVeQPdI7 +xeC4SB+oN9OIQ+8nFthVt2Zaqn4CkC86exCABiTMHGyXrZZhW7filhLAdTGjDJHd +tMr3/K0dJdMJ77kXDqdo4bN7LyJvaeO0ipVhHe4m1iWdq5EITjbLHCQELL8Wiy/l +8Y+ZFzG4s/5JI/pyUcQx1QOs2hgKNe2NAgMBAAEwCwYJKoZIhvcNAQELA4IBAQCW +fJUaT3AtmftAlBtS3e1hs6V1XoQNaeSiff8PR6ootvISg5MpU1b2whEvNalJCUMD +zBXkM7y3ERSgAvROu+CbBFOrOTPPStg88iZFm4WDrgotADxepbYd+x3IOL0vGq7F +vcqdiQCRuhVRoopipqmowWF4KZtm0SnXoce7GnDhIjLtGxwz+zq3ls/2MrdaxdpL +ggRkBUNfbTmDMvsjc3GxFHsXuX5cJUKVM2V8x5gNvtDBINiavy8HyQjhwSyTprRM +KBConOKsh/WntsiakcsefVpc9kAR6DJjVvhFmLqHBUMrpBtDf5pb2JVgp/qn0oCw +YqD30umtSUWyZaW1I1Nh +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/security/manager/ssl/tests/unit/bad_certs/v1Cert.pem.certspec b/security/manager/ssl/tests/unit/bad_certs/v1Cert.pem.certspec new file mode 100644 index 000000000..7824630bb --- /dev/null +++ b/security/manager/ssl/tests/unit/bad_certs/v1Cert.pem.certspec @@ -0,0 +1,3 @@ +issuer:Test CA +subject:V1 Cert +version:1 |