Google Git
Sign in
boringssl / boringssl / 23824fa0fed94f4660ffafb15aaea8b317f2c8a6 / . / pki / testdata / verify_certificate_chain_unittest / incorrect-trust-anchor / chain.pem
blob: 6cce2cb1c74e4a4ade01057792f300f922d0b6eb [file] [log] [blame]
[Created by: generate-chains.py]
Certificate chain where the supposed root certificate is wrong:
* The intermediate's "issuer" does not match the root's "subject"
* The intermediate's signature was not generated using the root's key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:d4:ce:21:aa:ed:06:7b:56:9b:0b:40:d4:28:fb:ff:a9:d9:2b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d8:e1:c8:d6:ce:ed:3b:b7:8a:5b:17:c2:9e:
0c:04:f4:4e:ba:ad:1b:cf:c0:63:b7:c9:01:e9:7a:
28:d4:d8:0b:71:36:af:02:f6:44:fc:ce:5e:84:50:
fb:5f:ef:a0:b8:b5:77:62:c0:6c:9f:8f:4f:64:52:
67:04:0b:d3:92:31:a5:79:f3:8d:11:03:03:a2:c0:
da:ef:8f:b5:68:f8:55:f0:ac:9b:05:3a:df:ea:7b:
3b:06:f2:de:e3:b2:c5:27:3e:b9:39:90:c0:27:0d:
de:6c:a2:8e:e4:2e:f9:95:13:37:df:20:12:28:ae:
82:5e:91:3a:cb:75:ae:55:fb:07:d6:40:48:cd:6f:
9c:3e:07:0f:48:d1:8f:ba:db:fa:b2:7c:ce:29:10:
e0:6b:48:36:80:db:4c:10:19:a1:28:fb:e0:b5:4f:
b2:89:40:b7:6b:9a:af:a1:9b:b0:52:03:23:16:fb:
0f:5d:c6:c9:f2:98:08:c5:07:85:76:30:57:46:be:
85:46:ed:14:74:60:00:61:ce:f7:88:62:6c:0b:a2:
41:9c:5a:27:3f:e5:29:9c:36:73:a3:04:8b:ab:74:
2d:1e:f5:96:f7:b4:c2:51:77:a9:9c:ef:ac:fd:bc:
aa:cf:ba:98:cf:6c:1b:fc:e9:20:8c:dc:17:45:49:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7E:08:D5:73:67:A9:9C:5B:C1:26:14:D1:96:8E:09:88:11:32:67
X509v3 Authority Key Identifier:
keyid:3F:EE:51:69:3A:24:09:D6:26:3C:A4:08:22:1F:0D:77:7D:D5:E7:3B
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
33:6d:f9:bc:77:a5:f0:77:f8:8c:5e:18:52:45:93:6e:ed:01:
9f:9e:7d:4a:d0:d8:6b:6b:35:92:cb:64:2f:89:7d:ed:42:0d:
90:ad:d8:18:01:66:13:6c:4d:7c:6d:14:62:26:60:b4:37:94:
c1:24:c5:cb:a1:a2:ab:b2:28:0e:47:3e:2c:6d:2b:7c:ed:55:
3f:55:69:28:7f:97:a4:f6:b9:45:73:5d:3b:cf:b9:48:be:7c:
fe:40:0e:ac:08:4b:6b:e5:4f:31:14:3f:1b:04:48:85:d1:65:
65:76:6a:5f:3b:f2:04:48:c2:e1:20:7c:91:a8:bf:84:44:1a:
4f:28:52:e6:f9:cd:f2:5b:ad:5f:71:2e:69:57:cf:1e:c4:68:
5d:d3:4d:f8:0e:a7:7b:4d:c7:dd:ce:d8:eb:80:f1:a3:31:d3:
ac:52:0a:ff:4c:58:a9:d6:4c:91:8b:79:66:30:6b:7d:1f:05:
89:1b:dd:ba:16:58:1d:16:53:75:64:ef:2b:55:af:41:84:2a:
0c:3d:0e:41:52:5c:8f:03:e1:b6:bd:c5:ad:11:a0:93:dc:de:
8e:4b:e9:17:02:d9:3f:83:9b:4c:d7:b1:75:10:8c:ff:93:ca:
4c:40:bb:38:80:4c:83:64:f2:10:f1:04:5e:7b:45:40:04:6e:
64:76:a0:18
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIUb9TOIartBntWmwtA1Cj7/6nZK5swDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAs9jhyNbO7Tu3ilsXwp4MBPROuq0bz8Bjt8kB6Xoo1NgL
cTavAvZE/M5ehFD7X++guLV3YsBsn49PZFJnBAvTkjGlefONEQMDosDa74+1aPhV
8KybBTrf6ns7BvLe47LFJz65OZDAJw3ebKKO5C75lRM33yASKK6CXpE6y3WuVfsH
1kBIzW+cPgcPSNGPutv6snzOKRDga0g2gNtMEBmhKPvgtU+yiUC3a5qvoZuwUgMj
FvsPXcbJ8pgIxQeFdjBXRr6FRu0UdGAAYc73iGJsC6JBnFonP+UpnDZzowSLq3Qt
HvWW97TCUXepnO+s/byqz7qYz2wb/OkgjNwXRUkSRQIDAQABo4HpMIHmMB0GA1Ud
DgQWBBQUfgjVc2epnFvBJhTRlo4JiBEyZzAfBgNVHSMEGDAWgBQ/7lFpOiQJ1iY8
pAgiHw13fdXnOzA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
ggEBADNt+bx3pfB3+IxeGFJFk27tAZ+efUrQ2GtrNZLLZC+Jfe1CDZCt2BgBZhNs
TXxtFGImYLQ3lMEkxcuhoquyKA5HPixtK3ztVT9VaSh/l6T2uUVzXTvPuUi+fP5A
DqwIS2vlTzEUPxsESIXRZWV2al878gRIwuEgfJGov4REGk8oUub5zfJbrV9xLmlX
zx7EaF3TTfgOp3tNx93O2OuA8aMx06xSCv9MWKnWTJGLeWYwa30fBYkb3boWWB0W
U3Vk7ytVr0GEKgw9DkFSXI8D4ba9xa0RoJPc3o5L6RcC2T+Dm0zXsXUQjP+TykxA
uziATINk8hDxBF57RUAEbmR2oBg=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:47:c8:ca:0d:d0:ba:cc:83:24:aa:c4:09:b2:53:44:d2:da:f7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:40:ac:b5:f3:c7:b0:dc:ca:07:85:b4:fa:5f:
0d:28:a4:0d:88:12:cb:05:a3:4f:bb:7d:01:88:de:
0c:b3:b9:0c:cc:3f:b4:6e:9f:d6:b6:a7:2a:6b:03:
c5:bc:3b:10:17:69:fd:29:5c:d3:fd:38:fe:b6:5e:
b2:04:8f:10:93:92:aa:db:76:07:a2:60:0f:3e:07:
bb:8d:f1:ca:c8:f3:38:69:61:38:41:4e:69:2d:70:
c2:ed:af:85:81:99:dc:8e:65:03:45:32:9b:01:95:
7c:d5:c0:90:bd:f4:08:a5:44:4b:e5:a2:e7:fe:17:
e4:f3:3d:59:35:8e:6d:3b:70:4d:b8:49:ac:63:ff:
3e:d4:71:36:e9:2b:50:c9:5c:bc:bb:b0:c6:1b:c4:
0a:01:ec:ae:3f:b7:bd:10:57:08:5e:ec:8a:07:ce:
e5:da:46:25:e8:ca:0a:e0:c2:cc:0d:44:84:db:0c:
88:d5:0f:65:bc:ea:69:10:ba:dc:93:ef:34:f9:2f:
c7:9b:c5:49:27:72:9c:a3:fd:40:9c:49:e3:59:7c:
24:cc:99:9a:01:b6:0d:fb:41:cb:36:80:41:88:c7:
75:9f:d5:01:6f:63:d5:f5:75:85:cd:26:3e:a6:fe:
8d:a9:ef:a8:b0:04:8b:7e:89:f3:5f:75:3a:56:69:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EE:51:69:3A:24:09:D6:26:3C:A4:08:22:1F:0D:77:7D:D5:E7:3B
X509v3 Authority Key Identifier:
keyid:64:6F:C2:6E:64:18:20:24:F6:02:A9:AF:63:23:01:ED:CC:69:9B:E0
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
52:46:11:42:85:ea:0e:46:d3:2a:4b:17:f8:73:c9:7b:c8:93:
dd:7b:ef:d1:34:aa:c3:77:d7:12:65:f5:e4:c0:e1:0e:57:55:
5a:d6:c0:b1:85:61:c0:3c:dc:77:93:24:f0:81:88:43:75:12:
80:0d:b0:b7:17:69:0e:24:53:25:50:76:5d:2e:32:46:7f:8d:
00:7f:f6:06:d1:47:cf:95:af:54:67:d2:19:ef:b0:c7:5e:39:
a2:4b:c7:b0:f3:f6:58:b3:50:fb:6a:e0:6d:df:52:46:77:cb:
c0:bd:9e:db:ca:b0:a7:9c:92:76:ad:19:54:74:3e:52:0f:bf:
8e:73:eb:7f:e8:1f:34:48:a0:4a:92:a6:c3:f7:6e:d1:64:07:
c2:fe:5e:ae:1b:d9:08:1b:75:2e:80:4a:51:49:dd:ec:ca:70:
72:d6:3c:94:04:39:84:61:c5:de:e9:c6:4c:f4:ad:b2:b3:0e:
01:63:fd:9c:e9:16:4c:fd:7c:82:11:a2:e5:a8:1e:c3:91:b0:
84:1a:36:18:55:06:18:9f:65:59:71:5f:96:6f:60:c9:4d:0e:
92:64:ce:1e:20:77:57:35:67:77:dd:7a:b2:e0:b7:c0:37:8d:
51:89:71:55:f7:a1:c0:4e:7f:91:80:44:32:86:ca:b3:24:7c:
31:e2:ac:70
-----BEGIN CERTIFICATE-----
MIIDgDCCAmigAwIBAgIUPkfIyg3QusyDJKrECbJTRNLa90swDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAORArLXzx7DcygeFtPpfDSikDYgSywWjT7t9AYjeDLO5DMw/
tG6f1ranKmsDxbw7EBdp/Slc0/04/rZesgSPEJOSqtt2B6JgDz4Hu43xysjzOGlh
OEFOaS1wwu2vhYGZ3I5lA0UymwGVfNXAkL30CKVES+Wi5/4X5PM9WTWObTtwTbhJ
rGP/PtRxNukrUMlcvLuwxhvECgHsrj+3vRBXCF7sigfO5dpGJejKCuDCzA1EhNsM
iNUPZbzqaRC63JPvNPkvx5vFSSdynKP9QJxJ41l8JMyZmgG2DftByzaAQYjHdZ/V
AW9j1fV1hc0mPqb+janvqLAEi36J8191OlZpxwcCAwEAAaOByzCByDAdBgNVHQ4E
FgQUP+5RaTokCdYmPKQIIh8Nd33V5zswHwYDVR0jBBgwFoAUZG/CbmQYICT2Aqmv
YyMB7cxpm+AwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQBSRhFCheoORtMqSxf4c8l7yJPde+/RNKrDd9cS
ZfXkwOEOV1Va1sCxhWHAPNx3kyTwgYhDdRKADbC3F2kOJFMlUHZdLjJGf40Af/YG
0UfPla9UZ9IZ77DHXjmiS8ew8/ZYs1D7auBt31JGd8vAvZ7byrCnnJJ2rRlUdD5S
D7+Oc+t/6B80SKBKkqbD927RZAfC/l6uG9kIG3UugEpRSd3synBy1jyUBDmEYcXe
6cZM9K2ysw4BY/2c6RZM/XyCEaLlqB7DkbCEGjYYVQYYn2VZcV+Wb2DJTQ6SZM4e
IHdXNWd33Xqy4LfAN41RiXFV96HATn+RgEQyhsqzJHwx4qxw
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:63:f9:27:23:34:d5:b4:a6:e3:b2:e1:3f:8c:39:ed:fb:cd:58:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BogusRoot
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=BogusRoot
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c8:2f:dc:30:b5:3e:65:02:31:fe:76:d5:cf:
18:49:18:9a:99:63:02:ea:1f:9c:fc:34:05:04:f5:
dc:94:15:48:0c:0b:c0:18:b9:0f:a5:a0:8f:66:27:
02:0b:a9:33:0f:a8:27:d7:61:d7:77:7e:d5:ab:db:
d4:a0:32:d0:40:9b:66:91:5b:ec:07:df:67:13:14:
71:1f:21:98:d8:89:ae:15:dd:68:07:3d:3b:62:5c:
34:f8:e8:39:da:2a:23:01:6a:09:a7:91:a1:c1:94:
ab:ba:42:7f:24:20:57:c8:67:2a:d6:cf:24:7b:b6:
14:ad:69:61:c5:50:6b:6b:d2:77:0c:0c:6e:30:df:
2b:e8:c4:de:89:a9:94:bf:8d:70:4e:ee:e1:5d:0f:
11:0f:80:71:3d:67:90:59:c5:c7:d6:8b:6a:29:7d:
8a:43:7a:98:0d:75:83:db:3c:09:27:19:12:77:99:
2c:2b:a2:94:dc:7d:78:41:e2:4a:9a:31:f4:fa:8b:
ef:d3:d3:42:dd:1d:a5:be:5d:2f:1c:9c:33:4f:7d:
c8:bd:12:eb:18:cd:e0:80:d5:7a:1a:2d:93:fc:1f:
59:8e:72:f8:e5:21:e1:f2:fe:b7:6a:c1:e1:39:20:
26:60:98:fd:02:f0:5b:a2:6d:13:c7:15:20:9b:ef:
d5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BD:F8:37:8B:1D:B5:1A:91:4C:D6:08:E8:33:85:8C:08:E9:3E:63
X509v3 Authority Key Identifier:
keyid:6F:BD:F8:37:8B:1D:B5:1A:91:4C:D6:08:E8:33:85:8C:08:E9:3E:63
Authority Information Access:
CA Issuers - URI:http://url-for-aia/BogusRoot.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/BogusRoot.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
24:98:cc:7e:a5:c1:32:61:f4:c3:e0:ab:4f:ce:e5:dd:13:e1:
1c:02:d8:fe:b5:47:5d:db:fe:75:36:35:2a:bf:23:6a:8b:16:
09:5b:db:32:28:ea:3d:77:b9:75:d2:bc:b7:27:ae:7e:be:42:
88:1a:8f:24:ab:2a:9b:21:69:fb:39:30:1f:6f:67:7a:c9:e1:
fc:fb:63:83:ce:a6:d5:e2:6f:46:a4:de:c5:2c:cf:71:e9:b7:
22:70:d3:0e:36:0c:38:f3:91:15:25:6f:27:61:0a:02:e3:06:
c8:9b:56:00:aa:19:fe:99:d5:21:d1:b2:1d:70:87:84:cd:dc:
1b:22:4a:a3:9b:61:65:b8:f8:36:f0:46:22:6a:05:23:fc:cc:
d9:3a:83:8f:e9:dc:f9:fe:71:b7:fa:f0:db:32:a3:46:87:90:
1c:c5:9b:3f:23:24:78:6c:cf:38:ef:64:43:58:99:4c:9f:c2:
e3:fa:b2:93:7d:90:a7:3d:e3:64:99:e1:df:2c:12:f2:93:f6:
2a:a5:e5:b4:98:b5:2d:ac:c5:87:a4:c2:a4:aa:e4:1b:8b:0a:
f4:95:91:f5:b9:e8:82:95:e2:05:3b:19:5f:c7:90:f6:51:e9:
12:bb:81:c0:33:c0:4c:8f:16:6c:b1:ee:ad:a4:4b:e1:d7:de:
69:99:65:ca
-----BEGIN CERTIFICATE-----
MIIDjDCCAnSgAwIBAgIUZmP5JyM01bSm47LhP4w57fvNWPwwDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJQm9ndXNSb290MB4XDTIxMTAwNTEyMDAwMFoXDTIyMTAw
NTEyMDAwMFowFDESMBAGA1UEAwwJQm9ndXNSb290MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuMgv3DC1PmUCMf521c8YSRiamWMC6h+c/DQFBPXclBVI
DAvAGLkPpaCPZicCC6kzD6gn12HXd37Vq9vUoDLQQJtmkVvsB99nExRxHyGY2Imu
Fd1oBz07Ylw0+Og52iojAWoJp5GhwZSrukJ/JCBXyGcq1s8ke7YUrWlhxVBra9J3
DAxuMN8r6MTeiamUv41wTu7hXQ8RD4BxPWeQWcXH1otqKX2KQ3qYDXWD2zwJJxkS
d5ksK6KU3H14QeJKmjH0+ovv09NC3R2lvl0vHJwzT33IvRLrGM3ggNV6Gi2T/B9Z
jnL45SHh8v63asHhOSAmYJj9AvBbom0TxxUgm+/VMQIDAQABo4HVMIHSMB0GA1Ud
DgQWBBRvvfg3ix21GpFM1gjoM4WMCOk+YzAfBgNVHSMEGDAWgBRvvfg3ix21GpFM
1gjoM4WMCOk+YzA8BggrBgEFBQcBAQQwMC4wLAYIKwYBBQUHMAKGIGh0dHA6Ly91
cmwtZm9yLWFpYS9Cb2d1c1Jvb3QuY2VyMDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6
Ly91cmwtZm9yLWNybC9Cb2d1c1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAkmMx+pcEyYfTD4KtPzuXd
E+EcAtj+tUdd2/51NjUqvyNqixYJW9syKOo9d7l10ry3J65+vkKIGo8kqyqbIWn7
OTAfb2d6yeH8+2ODzqbV4m9GpN7FLM9x6bcicNMONgw485EVJW8nYQoC4wbIm1YA
qhn+mdUh0bIdcIeEzdwbIkqjm2FluPg28EYiagUj/MzZOoOP6dz5/nG3+vDbMqNG
h5AcxZs/IyR4bM8472RDWJlMn8Lj+rKTfZCnPeNkmeHfLBLyk/YqpeW0mLUtrMWH
pMKkquQbiwr0lZH1ueiCleIFOxlfx5D2UekSu4HAM8BMjxZsse6tpEvh195pmWXK
-----END CERTIFICATE-----