// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 OR ISC #include #include #include "../internal.h" #include "internal.h" #include "../test/test_util.h" #include "../test/x509_util.h" /* The default root certificate key, "ROOT_KEY_1", used for self-signed roots, unless otherwise specified. This is EC prime256v1 key. -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfVMH4tqIaJ6OzyxY mqWXNwmK7gpXYDFhX80mXKgzrGGhRANCAATCqXrfbdTjFimzdBHxj71Ejcc/stea 5xAU/xxK+s77yXzB5lfy/zEbcYxuOrnwHrWsX9sugWgCy74ZRNWJPTDW -----END PRIVATE KEY----- The default intermediate certificate key, "INT_KEY_1", used for intermediate certs, unless otherwise specified. This is EC prime256v1 key. -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgi8u0pAYRFQMfuPFA lZbxzOm4ZKQ0WovdzFj+CzdvnzOhRANCAASeZNGM4efwO6Ui3wQtVProzLEi54vG YNlyza0aFtw0n5noIoCV3hlbCk7W1kdat0QyFz9rMoDlDjXLaGLE3THR -----END PRIVATE KEY----- The default end-entity certificate key, "EE_KEY_1", used for ee certs, unless otherwise specified. This is EC prime256v1 key. -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfVMH4tqIaJ6OzyxY mqWXNwmK7gpXYDFhX80mXKgzrGGhRANCAATCqXrfbdTjFimzdBHxj71Ejcc/stea 5xAU/xxK+s77yXzB5lfy/zEbcYxuOrnwHrWsX9sugWgCy74ZRNWJPTDW -----END PRIVATE KEY----- */ /* This self-signed root certificate's basicConstraints extension cA:false. The root certificate though has the keyCertSign bit set for the keyUsage extension. This is in violation of RFC 5280 4.2.1.9: "If the cA boolean is not asserted, then the keyCertSign bit in the key usage extension MUST NOT be asserted" Certificate: Data: Version: 3 (0x2) Serial Number: 0b:1e:77:95:de:6d:eb:b6:ab:2b:c4:51:3c:a6:70:02:99:f7:e5:f3 Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad CA, CN = RFC 5280 4.2.1.9 cA:false Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad CA, CN = RFC 5280 4.2.1.9 cA:false Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:c2:a9:7a:df:6d:d4:e3:16:29:b3:74:11:f1:8f: bd:44:8d:c7:3f:b2:d7:9a:e7:10:14:ff:1c:4a:fa: ce:fb:c9:7c:c1:e6:57:f2:ff:31:1b:71:8c:6e:3a: b9:f0:1e:b5:ac:5f:db:2e:81:68:02:cb:be:19:44: d5:89:3d:30:d6 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Certificate Sign X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:55:72:9f:65:36:59:eb:0f:c4:50:d0:d7:fb:58: 3e:54:5e:dc:bf:7e:37:a8:a4:9c:41:a8:91:91:ae:ce:39:ff: 02:21:00:8b:d0:01:0d:89:6f:61:4b:7a:ec:85:d4:ef:80:13: bd:52:44:ae:cd:56:32:08:5d:37:44:32:ac:50:f2:cb:c1 */ static const char kRootBadBasicConstraints[] = R"( -----BEGIN CERTIFICATE----- MIICITCCAcegAwIBAgIUCx53ld5t67arK8RRPKZwApn35fMwCgYIKoZIzj0EAwIw bzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xDzANBgNVBAsMBkJhZCBDQTEiMCAGA1UEAwwZUkZDIDUyODAg NC4yLjEuOSBjQTpmYWxzZTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAw MFowbzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoM DUFXUyBMaWJjcnlwdG8xDzANBgNVBAsMBkJhZCBDQTEiMCAGA1UEAwwZUkZDIDUy ODAgNC4yLjEuOSBjQTpmYWxzZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMKp et9t1OMWKbN0EfGPvUSNxz+y15rnEBT/HEr6zvvJfMHmV/L/MRtxjG46ufAetaxf 2y6BaALLvhlE1Yk9MNajPzA9MA4GA1UdDwEB/wQEAwICBDAMBgNVHRMBAf8EAjAA MB0GA1UdDgQWBBQZGeGMCeJdXBYE4Zx0Zhn9uFJb3zAKBggqhkjOPQQDAgNIADBF AiBVcp9lNlnrD8RQ0Nf7WD5UXty/fjeopJxBqJGRrs45/wIhAIvQAQ2Jb2FLeuyF 1O+AE71SRK7NVjIIXTdEMqxQ8svB -----END CERTIFICATE----- )"; /* This is an EE certificate signed by |kRootBadBasicConstraints|. This should not be considered valid as the kRootBadBasicConstraints is a v3 certificate which has a basicConstraints extension indicating that it is not a CA, and it violates the RFC 5280 condition. Certificate: Data: Version: 3 (0x2) Serial Number: 7b:8e:6c:6e:5a:d0:53:59:e7:fc:e2:93:b3:f4:19:16:1e:c3:81:82 Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad CA, CN = RFC 5280 4.2.1.9 cA:false Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad Endpoint, CN = RFC 5280 4.2.1.9 cA:false Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:38:ca:c4:54:ed:fc:bb:76:60:e9:4e:b5:85:91: f8:dc:a5:6a:54:9b:d2:22:a4:2c:6e:a6:df:fd:00:85:c0:06: 02:21:00:ee:15:23:50:40:1b:67:b0:eb:13:75:6e:29:66:b0: e6:58:cf:1f:c2:5e:a1:85:01:45:9c:4d:ab:e7:61:ac:70 */ static const char kEndEntitySignedByBadRoot[] = R"( -----BEGIN CERTIFICATE----- MIICZzCCAg2gAwIBAgIUe45sblrQU1nn/OKTs/QZFh7DgYIwCgYIKoZIzj0EAwIw bzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xDzANBgNVBAsMBkJhZCBDQTEiMCAGA1UEAwwZUkZDIDUyODAg NC4yLjEuOSBjQTpmYWxzZTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAw MFowdTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoM DUFXUyBMaWJjcnlwdG8xFTATBgNVBAsMDEJhZCBFbmRwb2ludDEiMCAGA1UEAwwZ UkZDIDUyODAgNC4yLjEuOSBjQTpmYWxzZTBZMBMGByqGSM49AgEGCCqGSM49AwEH A0IABLK3vTXy69qG1dxARMcjFPnQpUAXMIW2xhE4wtssxbwMGRHYaGHWo5JrihhS LNyGp60prZGsft+HJDvztHErTlijfzB9MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU yHhk6fecD1biHc7u7STgnx1Lo78wHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGcdGYZ /bhSW98wCgYIKoZIzj0EAwIDSAAwRQIgOMrEVO38u3Zg6U61hZH43KVqVJvSIqQs bqbf/QCFwAYCIQDuFSNQQBtnsOsTdW4pZrDmWM8fwl6hhQFFnE2r52GscA== -----END CERTIFICATE----- )"; /* The is a valid root certificate that is expected to pass validation. It may be used as a trust-anchor for both good or bad intermediate or client certificates in testing. Certificate: Data: Version: 3 (0x2) Serial Number: 2e:0f:2e:da:e3:11:b2:fa:42:b3:29:09:b0:cc:93:87:ac:15:25:3d Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Good CA, CN = Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Good CA, CN = Root CA 1 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) 04:c2:a9:7a:df:6d:d4:e3:16:29:b3:74:11:f1:8f: bd:44:8d:c7:3f:b2:d7:9a:e7:10:14:ff:1c:4a:fa: ce:fb:c9:7c:c1:e6:57:f2:ff:31:1b:71:8c:6e:3a: b9:f0:1e:b5:ac:5f:db:2e:81:68:02:cb:be:19:44: d5:89:3d:30:d6 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:a4:39:29:1b:07:a2:3e:cc:21:eb:f6:5c:fd: b8:88:ee:79:46:37:25:e5:9a:79:2e:3d:2f:21:15:56:43:c8: b8:02:20:36:bd:03:bc:df:f6:7d:d2:a3:d2:a5:48:a8:64:75: 00:4e:01:cd:67:b9:19:87:49:2b:bd:15:94:3e:f5:75:ca */ static const char kValidRootCA1[] = R"( -----BEGIN CERTIFICATE----- MIICBjCCAaygAwIBAgIULg8u2uMRsvpCsykJsMyTh6wVJT0wCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowYDELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x EDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0EgMTBZMBMGByqGSM49 AgEGCCqGSM49AwEHA0IABMKpet9t1OMWKbN0EfGPvUSNxz+y15rnEBT/HEr6zvvJ fMHmV/L/MRtxjG46ufAetaxf2y6BaALLvhlE1Yk9MNajQjBAMA4GA1UdDwEB/wQE AwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQZGeGMCeJdXBYE4Zx0Zhn9 uFJb3zAKBggqhkjOPQQDAgNIADBFAiEApDkpGweiPswh6/Zc/biI7nlGNyXlmnku PS8hFVZDyLgCIDa9A7zf9n3So9KlSKhkdQBOAc1nuRmHSSu9FZQ+9XXK -----END CERTIFICATE----- )"; /* This is an EE certificate signed by |kValidRootCA1|, and is invalid as it has an Authority Key Identifier (AKID) extension marked critical which is not valid per RFC 5280 4.2.1.1: "Conforming CAs MUST mark this extension as non-critical." Certificate: Data: Version: 3 (0x2) Serial Number: 27:8c:f7:17:16:47:56:c0:58:32:6c:dd:65:09:10:6b:44:bb:0e:a7 Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Good CA, CN = Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad Endpoint, CN = RFC 5280 4.2.1.1 AKID MUST be non-critical Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Authority Key Identifier: critical 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:9f:57:ba:de:8e:1a:82:1f:02:11:87:8d:00: fa:a2:eb:85:43:0d:c2:57:c6:12:c6:65:3b:e6:e9:aa:66:13: 9e:02:21:00:fc:7f:a9:58:79:ba:bf:51:50:21:8f:f8:6e:89: c9:2c:14:fd:9f:9b:dd:f7:15:a9:6e:8d:9e:fe:0d:df:4e:35 */ static const char kInvalidEECertificateWithCriticalAKID[] = R"( -----BEGIN CERTIFICATE----- MIICcDCCAhWgAwIBAgIUJ4z3FxZHVsBYMmzdZQkQa0S7DqcwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowgYYxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRv MRUwEwYDVQQLDAxCYWQgRW5kcG9pbnQxMzAxBgNVBAMMKlJGQyA1MjgwIDQuMi4x LjEgQUtJRCBNVVNUIGJlIG5vbi1jcml0aWNhbDBZMBMGByqGSM49AgEGCCqGSM49 AwEHA0IABLK3vTXy69qG1dxARMcjFPnQpUAXMIW2xhE4wtssxbwMGRHYaGHWo5Jr ihhSLNyGp60prZGsft+HJDvztHErTlijgYMwgYAwDgYDVR0PAQH/BAQDAgWgMAwG A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud IwEB/wQYMBaAFBkZ4YwJ4l1cFgThnHRmGf24UlvfMB0GA1UdDgQWBBTIeGTp95wP VuIdzu7tJOCfHUujvzAKBggqhkjOPQQDAgNJADBGAiEAn1e63o4agh8CEYeNAPqi 64VDDcJXxhLGZTvm6apmE54CIQD8f6lYebq/UVAhj/huicksFP2fm933FalujZ7+ Dd9ONQ== -----END CERTIFICATE----- )"; /* This certificate has a CRL Distribution Points extension, that per RFC 5280: "The [CRL distribution points] extension SHOULD be non-critical, but this profile RECOMMENDS support for this extension by CAs and applications." OpenSSL 1.1.1 supports this extension being marked as critical, and will not fail certificate verification because so. Certificate: Data: Version: 3 (0x2) Serial Number: 78:ea:d8:8b:b6:51:24:24:05:ed:24:af:8f:d5:1f:e2:43:bb:f6:1c Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Good CA, CN = Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Good Endpoint, CN = RFC 5280 4.2.1.13, SN = CRL distribution points ... extension SHOULD be non-critical Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 CRL Distribution Points: critical Full Name: URI:http://example.com/crl X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:cc:41:52:6e:40:01:46:d1:5e:4c:5b:23:27: 55:ea:02:55:60:62:10:0c:9b:45:65:9a:a4:5b:9b:74:72:fa: c4:02:21:00:ba:2f:dc:ba:96:6d:ae:f3:19:3e:66:aa:18:9b: c5:ec:61:53:5a:d6:25:e5:66:bf:f3:9b:d6:d9:d2:e3:88:63 */ static char kValidEECertWithCriticalCRLDistributionExt[] = R"( -----BEGIN CERTIFICATE----- MIICyDCCAm2gAwIBAgIUeOrYi7ZRJCQF7SSvj9Uf4kO79hwwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowgbUxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRv MRYwFAYDVQQLDA1Hb29kIEVuZHBvaW50MRowGAYDVQQDDBFSRkMgNTI4MCA0LjIu MS4xMzFFMEMGA1UEBAw8Q1JMIGRpc3RyaWJ1dGlvbiBwb2ludHMgLi4uIGV4dGVu c2lvbiBTSE9VTEQgYmUgbm9uLWNyaXRpY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0D AQcDQgAEsre9NfLr2obV3EBExyMU+dClQBcwhbbGETjC2yzFvAwZEdhoYdajkmuK GFIs3IanrSmtkax+34ckO/O0cStOWKOBrDCBqTAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwKgYDVR0f AQH/BCAwHjAcoBqgGIYWaHR0cDovL2V4YW1wbGUuY29tL2NybDAdBgNVHQ4EFgQU yHhk6fecD1biHc7u7STgnx1Lo78wHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGcdGYZ /bhSW98wCgYIKoZIzj0EAwIDSQAwRgIhAMxBUm5AAUbRXkxbIydV6gJVYGIQDJtF ZZqkW5t0cvrEAiEAui/cupZtrvMZPmaqGJvF7GFTWtYl5Wa/85vW2dLjiGM= -----END CERTIFICATE----- )"; /* This is a v3 certificate that has the keyCertSign keyUsage bit set but is missing the Basic Constraints extension. Per RFC 5280 4.2.1.9: "If the basic constraints extension is not present in a version 3 certificate, or the extension is present but the cA boolean is not asserted, then the certified public key MUST NOT be used to verify certificate signatures." Certificate: Data: Version: 3 (0x2) Serial Number: 3e:d2:f9:bf:f8:43:a5:8a:69:cb:8f:6e:e6:29:43:a3:b8:be:2c:e1 Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad CA, CN = RFC 528 4.2.1.9 not present, SN = MUST NOT be used to verify certificate signatures Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad CA, CN = RFC 528 4.2.1.9 not present, SN = MUST NOT be used to verify certificate signatures Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:c2:a9:7a:df:6d:d4:e3:16:29:b3:74:11:f1:8f: bd:44:8d:c7:3f:b2:d7:9a:e7:10:14:ff:1c:4a:fa: ce:fb:c9:7c:c1:e6:57:f2:ff:31:1b:71:8c:6e:3a: b9:f0:1e:b5:ac:5f:db:2e:81:68:02:cb:be:19:44: d5:89:3d:30:d6 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Subject Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:35:fb:3a:0f:95:a5:bf:2d:bc:74:91:f9:f5:0f: bb:79:34:dc:e7:b5:cb:c4:21:5a:be:4d:10:e1:3e:97:e0:b8: 02:20:54:2e:9c:98:89:3a:11:ec:7a:34:40:64:84:3f:b1:72: b1:bb:33:a2:d2:29:aa:ab:c1:1d:38:44:fa:62:fb:20 */ static char kInvalidRootCertificateWithMissingBasicConstraintsExt[] = R"( -----BEGIN CERTIFICATE----- MIICkDCCAjegAwIBAgIUPtL5v/hDpYppy49u5ilDo7i+LOEwCgYIKoZIzj0EAwIw ga0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1B V1MgTGliY3J5cHRvMQ8wDQYDVQQLDAZCYWQgQ0ExJDAiBgNVBAMMG1JGQyA1Mjgg NC4yLjEuOSBub3QgcHJlc2VudDE6MDgGA1UEBAwxTVVTVCBOT1QgYmUgdXNlZCB0 byB2ZXJpZnkgY2VydGlmaWNhdGUgc2lnbmF0dXJlczAgFw0xNTAxMDEwMDAwMDBa GA8yMTAwMDEwMTAwMDAwMFowga0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo aW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRvMQ8wDQYDVQQLDAZCYWQgQ0Ex JDAiBgNVBAMMG1JGQyA1MjggNC4yLjEuOSBub3QgcHJlc2VudDE6MDgGA1UEBAwx TVVTVCBOT1QgYmUgdXNlZCB0byB2ZXJpZnkgY2VydGlmaWNhdGUgc2lnbmF0dXJl czBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMKpet9t1OMWKbN0EfGPvUSNxz+y 15rnEBT/HEr6zvvJfMHmV/L/MRtxjG46ufAetaxf2y6BaALLvhlE1Yk9MNajMTAv MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUGRnhjAniXVwWBOGcdGYZ/bhSW98w CgYIKoZIzj0EAwIDRwAwRAIgNfs6D5Wlvy28dJH59Q+7eTTc57XLxCFavk0Q4T6X 4LgCIFQunJiJOhHsejRAZIQ/sXKxuzOi0imqq8EdOET6Yvsg -----END CERTIFICATE----- )"; /* This is a bad endpoint certificate that has been signed by |kInvalidRootCertificateWithMissingBasicConstraintsExt| which is an invalid CA due to it missing the Basic Constraints extension per RFC 528 4.2.1.9. Certificate: Data: Version: 3 (0x2) Serial Number: 64:73:40:dd:b0:f3:e9:45:6f:12:bf:f8:76:46:ef:77:f0:8d:02:2a Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad CA, CN = RFC 528 4.2.1.9 not present, SN = MUST NOT be used to verify certificate signatures Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad Endpoint, CN = RFC 528 4.2.1.9 not present, SN = MUST NOT be used to verify certificate signatures Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:47:a2:ae:cc:22:a1:00:17:00:db:d6:f9:1d:73: 09:c3:d4:cf:4f:f2:e0:2c:e9:3d:14:2f:46:c9:c7:73:c1:dd: 02:20:3f:6a:d3:15:10:f6:38:fe:84:90:06:08:17:f7:cf:37: b7:9a:a2:6e:b1:ba:38:ba:ca:0f:c0:52:06:10:a5:4c */ static char kInvalidEECertificateSignedByRootMissingBasicConstraintsExt[] = R"( -----BEGIN CERTIFICATE----- MIIC5DCCAougAwIBAgIUZHNA3bDz6UVvEr/4dkbvd/CNAiowCgYIKoZIzj0EAwIw ga0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1B V1MgTGliY3J5cHRvMQ8wDQYDVQQLDAZCYWQgQ0ExJDAiBgNVBAMMG1JGQyA1Mjgg NC4yLjEuOSBub3QgcHJlc2VudDE6MDgGA1UEBAwxTVVTVCBOT1QgYmUgdXNlZCB0 byB2ZXJpZnkgY2VydGlmaWNhdGUgc2lnbmF0dXJlczAgFw0xNTAxMDEwMDAwMDBa GA8yMTAwMDEwMTAwMDAwMFowgbMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo aW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRvMRUwEwYDVQQLDAxCYWQgRW5k cG9pbnQxJDAiBgNVBAMMG1JGQyA1MjggNC4yLjEuOSBub3QgcHJlc2VudDE6MDgG A1UEBAwxTVVTVCBOT1QgYmUgdXNlZCB0byB2ZXJpZnkgY2VydGlmaWNhdGUgc2ln bmF0dXJlczBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLK3vTXy69qG1dxARMcj FPnQpUAXMIW2xhE4wtssxbwMGRHYaGHWo5JrihhSLNyGp60prZGsft+HJDvztHEr TlijfzB9MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUyHhk6fecD1biHc7u7STgnx1L o78wHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGcdGYZ/bhSW98wCgYIKoZIzj0EAwID RwAwRAIgR6KuzCKhABcA29b5HXMJw9TPT/LgLOk9FC9Gycdzwd0CID9q0xUQ9jj+ hJAGCBf3zze3mqJusbo4usoPwFIGEKVM -----END CERTIFICATE----- )"; /* This is technically an invalid certificate due to it having a negative serial number which is not valid per RFC 5280 4.1.2.2: "The serial number MUST be a positive integer assigned by the CA to each certificate". Historically OpenSSL 1.1.1 supports negative serial numbers as had other implementations. Certificate is signed by |kValidRootCA1|. Certificate: Data: Version: 3 (0x2) Serial Number: -1337 (-0x539) Signature Algorithm: ecdsa-with-SHA256 Issuer: C = US, ST = Washington, O = AWS Libcrypto, OU = Good CA, CN = Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C = US, ST = Washington, O = AWS Libcrypto, OU = Bad Endpoint, CN = RFC 5280 serial number MUST be a positive integer Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:a1:0d:15:19:11:bc:84:2f:9c:64:ae:c1:89: c6:37:90:df:c9:36:f0:bf:e5:4f:5b:53:54:48:55:dd:e0:f3: 8c:02:20:21:22:ff:f5:9b:79:55:03:04:86:92:e1:c5:b2:11: 6d:7f:f8:77:23:e4:c0:09:53:c0:01:07:3d:f5:00:77:ec */ static char kValidEECertificateWithNegativeSerialNumber[] = R"( -----BEGIN CERTIFICATE----- MIICXzCCAgWgAwIBAgIC+scwCgYIKoZIzj0EAwIwYDELMAkGA1UEBhMCVVMxEzAR BgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8xEDAOBgNV BAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0EgMTAgFw0xNTAxMDEwMDAwMDBa GA8yMTAwMDEwMTAwMDAwMFowgY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo aW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRvMRUwEwYDVQQLDAxCYWQgRW5k cG9pbnQxOjA4BgNVBAMMMVJGQyA1MjgwIHNlcmlhbCBudW1iZXIgTVVTVCBiZSBh IHBvc2l0aXZlIGludGVnZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASyt701 8uvahtXcQETHIxT50KVAFzCFtsYROMLbLMW8DBkR2Ghh1qOSa4oYUizchqetKa2R rH7fhyQ787RxK05Yo38wfTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMh4ZOn3nA9W 4h3O7u0k4J8dS6O/MB8GA1UdIwQYMBaAFBkZ4YwJ4l1cFgThnHRmGf24UlvfMAoG CCqGSM49BAMCA0gAMEUCIQChDRUZEbyEL5xkrsGJxjeQ38k28L/lT1tTVEhV3eDz jAIgISL/9Zt5VQMEhpLhxbIRbX/4dyPkwAlTwAEHPfUAd+w= -----END CERTIFICATE----- )"; /* Intermediate CA signed by |kValidRootCA1|. Certificate: Data: Version: 3 (0x2) Serial Number: 31:b6:83:37:da:68:56:9c:ac:0a:fd:0c:f1:7b:d1:8c:c9:23:e7:8f Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 1 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:9e:64:d1:8c:e1:e7:f0:3b:a5:22:df:04:2d:54: fa:e8:cc:b1:22:e7:8b:c6:60:d9:72:cd:ad:1a:16: dc:34:9f:99:e8:22:80:95:de:19:5b:0a:4e:d6:d6: 47:5a:b7:44:32:17:3f:6b:32:80:e5:0e:35:cb:68: 62:c4:dd:31:d1 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Name Constraints: critical Permitted: IP:10.1.0.0/255.255.0.0 Excluded: IP:10.1.1.0/255.255.255.0 X509v3 Subject Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:0f:7a:b1:66:83:b6:b7:70:af:14:ae:0f:98:3d: 36:5c:9e:65:8f:e7:3c:f5:05:00:b4:14:53:10:15:2b:c5:7d: 02:21:00:ac:53:f8:9c:65:e2:38:7f:66:da:96:b2:03:ad:68: 57:30:30:8a:4c:0f:2b:4b:9f:36:ea:1f:e3:8e:25:14:9b */ static char kValidIntCAWithIPv4NameConstraints[] = R"( -----BEGIN CERTIFICATE----- MIICVTCCAfugAwIBAgIUMbaDN9poVpysCv0M8XvRjMkj548wCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowYjELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x EDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBDQSAxMFkwEwYHKoZI zj0CAQYIKoZIzj0DAQcDQgAEnmTRjOHn8DulIt8ELVT66MyxIueLxmDZcs2tGhbc NJ+Z6CKAld4ZWwpO1tZHWrdEMhc/azKA5Q41y2hixN0x0aOBjjCBizAOBgNVHQ8B Af8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAoBgNVHR4BAf8EHjAcoAwwCocICgEA AP//AAChDDAKhwgKAQEA////ADAdBgNVHQ4EFgQUudHPCKXymStagMl4I3jRvHlw n/swHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGcdGYZ/bhSW98wCgYIKoZIzj0EAwID SAAwRQIgD3qxZoO2t3CvFK4PmD02XJ5lj+c89QUAtBRTEBUrxX0CIQCsU/icZeI4 f2balrIDrWhXMDCKTA8rS5826h/jjiUUmw== -----END CERTIFICATE----- )"; /* End-entity certificate signed by |kValidIntCAWithIPv4NameConstraints|. Certificate: Data: Version: 3 (0x2) Serial Number: 3c:e0:97:cf:b4:c1:15:28:aa:a8:21:76:23:3b:ad:08:31:18:a5:4f Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, CN=Permitted IP Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com, IP Address:10.1.2.1 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:da:b5:af:58:58:38:69:be:d1:c0:38:b3:7c: 2e:18:fe:5a:a8:7e:2b:85:44:b2:d8:66:78:bf:fa:b7:44:9d: a7:02:20:7a:80:35:24:95:08:5e:98:af:3e:4a:4a:a5:8d:11: 06:90:cf:b8:34:25:04:94:86:a4:b4:9b:84:b9:61:00:65 */ static char kValidEECertWithValidIPv4SubjectAltName[] = R"( -----BEGIN CERTIFICATE----- MIICbjCCAhSgAwIBAgIUPOCXz7TBFSiqqCF2IzutCDEYpU8wCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAxMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBpMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEWMBQGA1UECwwNR29vZCBFbmRwb2ludDEVMBMGA1UEAwwMUGVybWl0dGVkIElQ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsre9NfLr2obV3EBExyMU+dClQBcw hbbGETjC2yzFvAwZEdhoYdajkmuKGFIs3IanrSmtkax+34ckO/O0cStOWKOBnjCB mzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBAoBAgEwHQYD VR0OBBYEFMh4ZOn3nA9W4h3O7u0k4J8dS6O/MB8GA1UdIwQYMBaAFLnRzwil8pkr WoDJeCN40bx5cJ/7MAoGCCqGSM49BAMCA0gAMEUCIQData9YWDhpvtHAOLN8Lhj+ Wqh+K4VEsthmeL/6t0SdpwIgeoA1JJUIXpivPkpKpY0RBpDPuDQlBJSGpLSbhLlh AGU= -----END CERTIFICATE----- )"; /* An invalid end-entity certificate signed by |kValidIntCAWithIPv4NameConstraints| with an excluded IP address in the subject alternative name. Certificate: Data: Version: 3 (0x2) Serial Number: 33:19:62:14:a9:8a:02:74:a0:ba:55:ad:73:c9:a4:7e:83:ce:18:7e Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Excluded IP Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com, IP Address:10.1.1.2 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:72:ec:70:f1:58:de:9c:66:8f:98:22:9d:ad:5a: b2:e2:4a:24:2f:82:43:0f:6d:17:e7:a6:3f:81:8a:e6:76:40: 02:20:10:e0:6e:15:9b:9e:db:15:c8:39:5a:76:5f:17:f9:62: f3:8d:c7:87:0b:eb:bc:42:42:22:73:65:b5:82:01:91 */ static char kInvalidEECertWithInvalidExcludedIPv4SubjAlt[] = R"( -----BEGIN CERTIFICATE----- MIICazCCAhKgAwIBAgIUMxliFKmKAnSgulWtc8mkfoPOGH4wCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAxMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBnMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEVMBMGA1UECwwMQmFkIEVuZHBvaW50MRQwEgYDVQQDDAtFeGNsdWRlZCBJUDBZ MBMGByqGSM49AgEGCCqGSM49AwEHA0IABLK3vTXy69qG1dxARMcjFPnQpUAXMIW2 xhE4wtssxbwMGRHYaGHWo5JrihhSLNyGp60prZGsft+HJDvztHErTlijgZ4wgZsw DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwQKAQECMB0GA1Ud DgQWBBTIeGTp95wPVuIdzu7tJOCfHUujvzAfBgNVHSMEGDAWgBS50c8IpfKZK1qA yXgjeNG8eXCf+zAKBggqhkjOPQQDAgNHADBEAiBy7HDxWN6cZo+YIp2tWrLiSiQv gkMPbRfnpj+BiuZ2QAIgEOBuFZue2xXIOVp2Xxf5YvONx4cL67xCQiJzZbWCAZE= -----END CERTIFICATE----- )"; /* Signed by |kValidIntCAWithIPv4NameConstraints|, but with an invalid permitted ip address. Certificate: Data: Version: 3 (0x2) Serial Number: 7a:15:18:c0:d9:39:b6:d9:8e:9a:29:87:d8:6a:ad:ce:5b:90:cc:49 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Not Permitted IP Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com, IP Address:10.2.0.1 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:de:8a:39:0b:90:fe:1b:37:f3:9f:ab:60:77: 58:8b:79:1b:3a:06:ed:dc:91:85:98:b5:21:44:d5:a6:da:04: e9:02:20:22:60:af:9d:79:56:4c:bf:50:ae:eb:93:ac:fd:6e: d1:f9:60:d5:24:0e:09:00:33:8c:f1:46:6a:69:f8:24:03 */ static char kInvalidEECertWithInvalidPermittedIPv4SubjAlt[] = R"( -----BEGIN CERTIFICATE----- MIICcTCCAhegAwIBAgIUehUYwNk5ttmOmimH2GqtzluQzEkwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAxMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBsMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEVMBMGA1UECwwMQmFkIEVuZHBvaW50MRkwFwYDVQQDDBBOb3QgUGVybWl0dGVk IElQMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsre9NfLr2obV3EBExyMU+dCl QBcwhbbGETjC2yzFvAwZEdhoYdajkmuKGFIs3IanrSmtkax+34ckO/O0cStOWKOB njCBmzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBAoCAAEw HQYDVR0OBBYEFMh4ZOn3nA9W4h3O7u0k4J8dS6O/MB8GA1UdIwQYMBaAFLnRzwil 8pkrWoDJeCN40bx5cJ/7MAoGCCqGSM49BAMCA0gAMEUCIQDeijkLkP4bN/Ofq2B3 WIt5GzoG7dyRhZi1IUTVptoE6QIgImCvnXlWTL9QruuTrP1u0flg1SQOCQAzjPFG amn4JAM= -----END CERTIFICATE----- )"; /* Signed by |kValidRootCA1|. Certificate: Data: Version: 3 (0x2) Serial Number: 75:fb:e0:27:bc:8e:e1:39:d5:90:91:20:c7:40:ec:dd:d4:e8:13:a3 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 2 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:9e:64:d1:8c:e1:e7:f0:3b:a5:22:df:04:2d:54: fa:e8:cc:b1:22:e7:8b:c6:60:d9:72:cd:ad:1a:16: dc:34:9f:99:e8:22:80:95:de:19:5b:0a:4e:d6:d6: 47:5a:b7:44:32:17:3f:6b:32:80:e5:0e:35:cb:68: 62:c4:dd:31:d1 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Name Constraints: critical Permitted: IP:0:0:0:0:0:FFFF:A01:0/FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:0 Excluded: IP:0:0:0:0:0:FFFF:A01:100/FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00 X509v3 Subject Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:73:9d:b0:46:93:44:d4:8e:cc:b0:a0:dd:93:28: 38:df:1f:cd:ff:52:91:4b:d7:6e:1f:9d:36:23:ad:77:b9:52: 02:21:00:c8:e5:54:f3:2d:f3:f3:e9:7c:8b:03:60:94:75:5c: ca:66:94:5f:ac:87:ed:7b:53:52:2d:71:89:e1:d0:d2:fc */ static char kValidIntCAWithIPv6NameConstraints[] = R"( -----BEGIN CERTIFICATE----- MIIChTCCAiugAwIBAgIUdfvgJ7yO4TnVkJEgx0Ds3dToE6MwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowYjELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x EDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBDQSAyMFkwEwYHKoZI zj0CAQYIKoZIzj0DAQcDQgAEnmTRjOHn8DulIt8ELVT66MyxIueLxmDZcs2tGhbc NJ+Z6CKAld4ZWwpO1tZHWrdEMhc/azKA5Q41y2hixN0x0aOBvjCBuzAOBgNVHQ8B Af8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zBYBgNVHR4BAf8ETjBMoCQwIocgAAAA AAAAAAAAAP//CgEAAP//////////////////AAChJDAihyAAAAAAAAAAAAAA//8K AQEA////////////////////ADAdBgNVHQ4EFgQUudHPCKXymStagMl4I3jRvHlw n/swHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGcdGYZ/bhSW98wCgYIKoZIzj0EAwID SAAwRQIgc52wRpNE1I7MsKDdkyg43x/N/1KRS9duH502I613uVICIQDI5VTzLfPz 6XyLA2CUdVzKZpRfrIfte1NSLXGJ4dDS/A== -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 50:69:9a:a0:95:99:2f:a6:e6:b1:72:93:88:56:64:bd:33:98:83:92 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 2 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, CN=Permitted IPv6 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com, IP Address:0:0:0:0:0:FFFF:A01:201 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:06:7e:89:4d:f3:c0:9f:bc:8d:1c:b7:10:43:a4: 06:dc:63:b3:29:d3:96:bb:b8:15:a6:f3:8f:28:75:6b:a6:f0: 02:20:49:7f:ce:91:3d:44:0e:f4:c8:22:c0:c1:fe:f0:e1:a4: 55:31:29:24:30:40:06:27:29:51:89:1a:aa:a9:7e:4e */ static char kValidEECertWithValidIPv6SubjectAltName[] = R"( -----BEGIN CERTIFICATE----- MIICezCCAiKgAwIBAgIUUGmaoJWZL6bmsXKTiFZkvTOYg5IwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAyMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBrMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEWMBQGA1UECwwNR29vZCBFbmRwb2ludDEXMBUGA1UEAwwOUGVybWl0dGVkIElQ djYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASyt7018uvahtXcQETHIxT50KVA FzCFtsYROMLbLMW8DBkR2Ghh1qOSa4oYUizchqetKa2RrH7fhyQ787RxK05Yo4Gq MIGnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAoBgNVHREEITAfggtleGFtcGxlLmNvbYcQAAAAAAAA AAAAAP//CgECATAdBgNVHQ4EFgQUyHhk6fecD1biHc7u7STgnx1Lo78wHwYDVR0j BBgwFoAUudHPCKXymStagMl4I3jRvHlwn/swCgYIKoZIzj0EAwIDRwAwRAIgBn6J TfPAn7yNHLcQQ6QG3GOzKdOWu7gVpvOPKHVrpvACIEl/zpE9RA70yCLAwf7w4aRV MSkkMEAGJylRiRqqqX5O -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 15:a5:1d:5a:37:04:67:db:0c:ff:14:fe:5e:48:6b:fe:bb:d3:13:6c Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 2 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, CN=Excluded IPv6 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com, IP Address:0:0:0:0:0:FFFF:A01:102 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:4c:76:bd:2e:df:89:c9:be:78:53:f7:71:d6:85: 49:a0:f7:5e:c6:ed:f5:f2:88:be:3f:dc:ad:19:ab:bd:ec:ee: 02:20:0d:ad:b4:45:a4:3d:c3:e5:f4:16:56:40:0b:5e:33:10: e6:4e:49:a6:9d:c3:eb:27:bf:3e:98:cd:d5:87:ce:db */ static char kInvalidEECertWithInvalidExcludedIPv6SubjAlt[] = R"( -----BEGIN CERTIFICATE----- MIICejCCAiGgAwIBAgIUFaUdWjcEZ9sM/xT+Xkhr/rvTE2wwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAyMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBqMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEWMBQGA1UECwwNR29vZCBFbmRwb2ludDEWMBQGA1UEAwwNRXhjbHVkZWQgSVB2 NjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLK3vTXy69qG1dxARMcjFPnQpUAX MIW2xhE4wtssxbwMGRHYaGHWo5JrihhSLNyGp60prZGsft+HJDvztHErTlijgaow gacwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMCgGA1UdEQQhMB+CC2V4YW1wbGUuY29thxAAAAAAAAAA AAAA//8KAQECMB0GA1UdDgQWBBTIeGTp95wPVuIdzu7tJOCfHUujvzAfBgNVHSME GDAWgBS50c8IpfKZK1qAyXgjeNG8eXCf+zAKBggqhkjOPQQDAgNHADBEAiBMdr0u 34nJvnhT93HWhUmg917G7fXyiL4/3K0Zq73s7gIgDa20RaQ9w+X0FlZAC14zEOZO Saadw+snvz6YzdWHzts= -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 75:62:5c:30:b0:0e:c2:19:c0:ae:5d:f1:32:70:09:9c:7f:0e:db:d1 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 2 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Not Permitted IPv6 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com, IP Address:0:0:0:0:0:FFFF:A02:1 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:4f:a4:0e:29:a3:3c:43:53:78:87:5b:9e:f7:a4: 92:ae:fa:d0:51:db:da:1e:ec:69:cc:25:6b:be:cf:b7:e1:8a: 02:20:1d:f5:10:0a:3d:92:84:f3:7d:b0:86:0e:95:6b:97:b5: 0f:ca:4c:6b:99:0b:a0:b1:10:17:17:94:a0:bd:62:f9 */ static char kInvalidEECertWithInvalidPermittedIPv6SubjAlt[] = R"( -----BEGIN CERTIFICATE----- MIICfjCCAiWgAwIBAgIUdWJcMLAOwhnArl3xMnAJnH8O29EwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAyMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBuMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEVMBMGA1UECwwMQmFkIEVuZHBvaW50MRswGQYDVQQDDBJOb3QgUGVybWl0dGVk IElQdjYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASyt7018uvahtXcQETHIxT5 0KVAFzCFtsYROMLbLMW8DBkR2Ghh1qOSa4oYUizchqetKa2RrH7fhyQ787RxK05Y o4GqMIGnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAoBgNVHREEITAfggtleGFtcGxlLmNvbYcQAAAA AAAAAAAAAP//CgIAATAdBgNVHQ4EFgQUyHhk6fecD1biHc7u7STgnx1Lo78wHwYD VR0jBBgwFoAUudHPCKXymStagMl4I3jRvHlwn/swCgYIKoZIzj0EAwIDRwAwRAIg T6QOKaM8Q1N4h1ue96SSrvrQUdvaHuxpzCVrvs+34YoCIB31EAo9koTzfbCGDpVr l7UPykxrmQugsRAXF5SgvWL5 -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 5c:d4:93:85:c2:28:23:5a:05:29:9d:3b:f5:7a:fb:80:2d:fa:bb:a2 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad CA, CN=Int NC CA Bad IPv4 Mask Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:9e:64:d1:8c:e1:e7:f0:3b:a5:22:df:04:2d:54: fa:e8:cc:b1:22:e7:8b:c6:60:d9:72:cd:ad:1a:16: dc:34:9f:99:e8:22:80:95:de:19:5b:0a:4e:d6:d6: 47:5a:b7:44:32:17:3f:6b:32:80:e5:0e:35:cb:68: 62:c4:dd:31:d1 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Name Constraints: critical Permitted: IP:10.1.0.0/255.0.255.0 X509v3 Subject Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:0d:e7:20:8c:c2:1e:d7:06:b3:38:32:75:41:88: 00:9d:26:47:d6:d6:71:1c:ff:7d:82:00:ec:d4:90:19:d3:b7: 02:21:00:a4:7e:86:f4:f4:7b:aa:86:9e:de:7b:63:ee:3f:fb: c5:a1:bf:1d:75:a0:0c:b0:fb:b5:60:d2:17:2e:00:2c:6e */ static char kIntCAWithBadIPv4NameConstraint[] = R"( -----BEGIN CERTIFICATE----- MIICUDCCAfagAwIBAgIUXNSThcIoI1oFKZ079Xr7gC36u6IwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowbTELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x DzANBgNVBAsMBkJhZCBDQTEgMB4GA1UEAwwXSW50IE5DIENBIEJhZCBJUHY0IE1h c2swWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASeZNGM4efwO6Ui3wQtVProzLEi 54vGYNlyza0aFtw0n5noIoCV3hlbCk7W1kdat0QyFz9rMoDlDjXLaGLE3THRo38w fTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAaBgNVHR4BAf8EEDAO oAwwCocICgEAAP8A/wAwHQYDVR0OBBYEFLnRzwil8pkrWoDJeCN40bx5cJ/7MB8G A1UdIwQYMBaAFBkZ4YwJ4l1cFgThnHRmGf24UlvfMAoGCCqGSM49BAMCA0gAMEUC IA3nIIzCHtcGszgydUGIAJ0mR9bWcRz/fYIA7NSQGdO3AiEApH6G9PR7qoae3ntj 7j/7xaG/HXWgDLD7tWDSFy4ALG4= -----END CERTIFICATE----- )"; /* EE signed by |kIntCAWithBadIPv4NameConstraint|. Certificate: Data: Version: 3 (0x2) Serial Number: 27:22:eb:9c:37:f5:67:2b:a1:22:02:1e:c4:6a:17:a1:97:77:37:46 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad CA, CN=Int NC CA Bad IPv4 Mask Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Issued by Bad CA NC, SN=IPv4 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: IP Address:10.1.0.1 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:9f:5e:56:73:d5:f4:ea:87:68:e0:75:4a:ed: 1f:17:6f:c0:8e:db:0d:b7:13:a9:9e:77:51:a7:7d:3d:42:03: 17:02:20:51:74:cd:cb:97:0c:c6:8c:bb:50:b0:71:f5:24:d6: 20:10:ba:12:e5:1b:c6:cf:e5:e2:cf:fa:75:20:5f:10:ba */ static char kInvalidEECertIssuedByCAWithBadIPv4NameConstraint[] = R"( -----BEGIN CERTIFICATE----- MIICgTCCAiegAwIBAgIUJyLrnDf1ZyuhIgIexGoXoZd3N0YwCgYIKoZIzj0EAwIw bTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xDzANBgNVBAsMBkJhZCBDQTEgMB4GA1UEAwwXSW50IE5DIENB IEJhZCBJUHY0IE1hc2swIBcNMTUwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBa MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1B V1MgTGliY3J5cHRvMRUwEwYDVQQLDAxCYWQgRW5kcG9pbnQxHDAaBgNVBAMME0lz c3VlZCBieSBCYWQgQ0EgTkMxDTALBgNVBAQMBElQdjQwWTATBgcqhkjOPQIBBggq hkjOPQMBBwNCAASyt7018uvahtXcQETHIxT50KVAFzCFtsYROMLbLMW8DBkR2Ghh 1qOSa4oYUizchqetKa2RrH7fhyQ787RxK05Yo4GRMIGOMA4GA1UdDwEB/wQEAwIF oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAP BgNVHREECDAGhwQKAQABMB0GA1UdDgQWBBTIeGTp95wPVuIdzu7tJOCfHUujvzAf BgNVHSMEGDAWgBS50c8IpfKZK1qAyXgjeNG8eXCf+zAKBggqhkjOPQQDAgNIADBF AiEAn15Wc9X06odo4HVK7R8Xb8CO2w23E6med1GnfT1CAxcCIFF0zcuXDMaMu1Cw cfUk1iAQuhLlG8bP5eLP+nUgXxC6 -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 47:43:7b:1f:0f:d3:ac:f6:5f:36:ea:94:9b:42:e9:4f:5c:54:11:d8 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad CA, CN=Int NC CA Bad IPv6 Mask Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:9e:64:d1:8c:e1:e7:f0:3b:a5:22:df:04:2d:54: fa:e8:cc:b1:22:e7:8b:c6:60:d9:72:cd:ad:1a:16: dc:34:9f:99:e8:22:80:95:de:19:5b:0a:4e:d6:d6: 47:5a:b7:44:32:17:3f:6b:32:80:e5:0e:35:cb:68: 62:c4:dd:31:d1 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Name Constraints: critical Permitted: IP:0:0:0:0:0:FFFF:A01:0/FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FF00:FF00 X509v3 Subject Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:ab:ab:07:24:39:02:2c:a7:03:c9:90:86:b3: 55:8f:14:95:04:2d:ed:35:3f:cc:a2:1a:f2:7a:89:90:fa:31: e9:02:21:00:85:2b:cb:9d:0f:de:3c:77:3f:0a:48:7c:bf:d0: a6:ab:95:35:2d:29:c5:13:af:bd:96:fd:9e:9c:ab:1c:ee:8d */ static char kIntCAWithBadIPv6NameConstraint[] = R"( -----BEGIN CERTIFICATE----- MIICazCCAhCgAwIBAgIUR0N7Hw/TrPZfNuqUm0LpT1xUEdgwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowbTELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x DzANBgNVBAsMBkJhZCBDQTEgMB4GA1UEAwwXSW50IE5DIENBIEJhZCBJUHY2IE1h c2swWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASeZNGM4efwO6Ui3wQtVProzLEi 54vGYNlyza0aFtw0n5noIoCV3hlbCk7W1kdat0QyFz9rMoDlDjXLaGLE3THRo4GY MIGVMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MDIGA1UdHgEB/wQo MCagJDAihyAAAAAAAAAAAAAA//8KAQAA/////////////////wD/ADAdBgNVHQ4E FgQUudHPCKXymStagMl4I3jRvHlwn/swHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGc dGYZ/bhSW98wCgYIKoZIzj0EAwIDSQAwRgIhAKurByQ5AiynA8mQhrNVjxSVBC3t NT/MohryeomQ+jHpAiEAhSvLnQ/ePHc/Ckh8v9Cmq5U1LSnFE6+9lv2enKsc7o0= -----END CERTIFICATE----- )"; /* EE signed by |kIntCAWithBadIPv6NameConstraint|. Certificate: Data: Version: 3 (0x2) Serial Number: 43:ce:68:79:84:f1:d7:60:ff:b2:f5:c5:70:3e:85:55:9e:ac:d2:46 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad CA, CN=Int NC CA Bad IPv6 Mask Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Issued by Bad CA NC, SN=IPv6 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: IP Address:0:0:0:0:0:FFFF:A01:1 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:b4:bb:a6:9c:9f:6a:e7:bf:aa:ec:93:91:5d: 98:76:2a:3d:b2:d0:4e:4d:48:a4:c0:cc:f8:fb:a3:27:ff:c9: ca:02:20:7b:19:8f:e0:cd:31:07:2f:22:79:18:a5:6a:85:d0: 8f:e6:85:d0:7f:c4:8c:3e:39:95:5a:41:0f:42:48:9a:81 */ static char kInvalidEECertIssuedByCAWithBadIPv6NameConstraint[] = R"( -----BEGIN CERTIFICATE----- MIICjTCCAjOgAwIBAgIUQ85oeYTx12D/svXFcD6FVZ6s0kYwCgYIKoZIzj0EAwIw bTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xDzANBgNVBAsMBkJhZCBDQTEgMB4GA1UEAwwXSW50IE5DIENB IEJhZCBJUHY2IE1hc2swIBcNMTUwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBa MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1B V1MgTGliY3J5cHRvMRUwEwYDVQQLDAxCYWQgRW5kcG9pbnQxHDAaBgNVBAMME0lz c3VlZCBieSBCYWQgQ0EgTkMxDTALBgNVBAQMBElQdjYwWTATBgcqhkjOPQIBBggq hkjOPQMBBwNCAASyt7018uvahtXcQETHIxT50KVAFzCFtsYROMLbLMW8DBkR2Ghh 1qOSa4oYUizchqetKa2RrH7fhyQ787RxK05Yo4GdMIGaMA4GA1UdDwEB/wQEAwIF oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAb BgNVHREEFDAShxAAAAAAAAAAAAAA//8KAQABMB0GA1UdDgQWBBTIeGTp95wPVuId zu7tJOCfHUujvzAfBgNVHSMEGDAWgBS50c8IpfKZK1qAyXgjeNG8eXCf+zAKBggq hkjOPQQDAgNIADBFAiEAtLumnJ9q57+q7JORXZh2Kj2y0E5NSKTAzPj7oyf/ycoC IHsZj+DNMQcvInkYpWqF0I/mhdB/xIw+OZVaQQ9CSJqB -----END CERTIFICATE----- )"; /* Signed by |kValidRootCA1| it's name constraints contains an address and mask that is neither IPv4 or IPv6. Certificate: Data: Version: 3 (0x2) Serial Number: 39:84:7b:3f:07:39:af:7e:9c:ef:59:13:92:df:af:f6:22:ac:70:f7 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad CA, CN=Int NC CA Neither IPv4 or IPv6 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:9e:64:d1:8c:e1:e7:f0:3b:a5:22:df:04:2d:54: fa:e8:cc:b1:22:e7:8b:c6:60:d9:72:cd:ad:1a:16: dc:34:9f:99:e8:22:80:95:de:19:5b:0a:4e:d6:d6: 47:5a:b7:44:32:17:3f:6b:32:80:e5:0e:35:cb:68: 62:c4:dd:31:d1 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Name Constraints: critical Permitted: IP:C0C0:A8A8:101:101:FFFF:FFFF:FFFF:FF00/ X509v3 Subject Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:44:02:20:3e:ab:ff:8d:48:ef:16:05:cd:27:07:72:10:60: a2:6d:1c:4a:d3:d0:98:9c:42:ce:00:4e:11:22:1d:65:34:5b: 02:20:2a:05:09:5f:0e:e2:bf:a4:d3:80:40:f5:80:85:d2:96: f6:3f:18:46:a0:d0:9e:d3:1a:36:0f:a4:d9:53:89:8f */ static char kIntCAWithBadIPNameConstraint[] = R"( -----BEGIN CERTIFICATE----- MIICYDCCAgegAwIBAgIUOYR7Pwc5r36c71kTkt+v9iKscPcwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowdDELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x DzANBgNVBAsMBkJhZCBDQTEnMCUGA1UEAwweSW50IE5DIENBIE5laXRoZXIgSVB2 NCBvciBJUHY2MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnmTRjOHn8DulIt8E LVT66MyxIueLxmDZcs2tGhbcNJ+Z6CKAld4ZWwpO1tZHWrdEMhc/azKA5Q41y2hi xN0x0aOBiDCBhTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAiBgNV HR4BAf8EGDAWoBQwEocQwMCoqAEBAQH/////////ADAdBgNVHQ4EFgQUudHPCKXy mStagMl4I3jRvHlwn/swHwYDVR0jBBgwFoAUGRnhjAniXVwWBOGcdGYZ/bhSW98w CgYIKoZIzj0EAwIDRwAwRAIgPqv/jUjvFgXNJwdyEGCibRxK09CYnELOAE4RIh1l NFsCICoFCV8O4r+k04BA9YCF0pb2PxhGoNCe0xo2D6TZU4mP -----END CERTIFICATE----- )"; /* EE certificate signed by |kIntCAWithBadIPNameConstraint| but it contains an invalid IP address that is only 64-bits in length. Certificate: Data: Version: 3 (0x2) Serial Number: 60:02:49:78:95:9b:55:29:92:4c:93:6b:4f:05:41:5e:84:74:c3:13 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad CA, CN=Int NC CA Neither IPv4 or IPv6 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Issued by Bad CA NC, SN=Neither IPv4 or IPv6 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: IP Address: X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:85:67:03:40:76:c2:fc:f9:fa:64:3d:6a:32: 7b:57:f6:2f:53:22:9e:92:3b:2c:ca:04:ca:82:0b:71:28:e8: ac:02:20:39:9f:a2:3d:81:d1:2c:0c:49:83:ee:bf:b0:81:cb: db:57:6b:6e:e4:92:aa:ec:63:50:d0:13:55:1b:68:2b:d7 */ static char kInvalidEECertIssuedByCAWithBadIPNameConstraint[] = R"( -----BEGIN CERTIFICATE----- MIICnTCCAkOgAwIBAgIUYAJJeJWbVSmSTJNrTwVBXoR0wxMwCgYIKoZIzj0EAwIw dDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xDzANBgNVBAsMBkJhZCBDQTEnMCUGA1UEAwweSW50IE5DIENB IE5laXRoZXIgSVB2NCBvciBJUHY2MCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAx MDAwMDAwWjCBjjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAU BgNVBAoMDUFXUyBMaWJjcnlwdG8xFTATBgNVBAsMDEJhZCBFbmRwb2ludDEcMBoG A1UEAwwTSXNzdWVkIGJ5IEJhZCBDQSBOQzEdMBsGA1UEBAwUTmVpdGhlciBJUHY0 IG9yIElQdjYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASyt7018uvahtXcQETH IxT50KVAFzCFtsYROMLbLMW8DBkR2Ghh1qOSa4oYUizchqetKa2RrH7fhyQ787Rx K05Yo4GVMIGSMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjATBgNVHREEDDAKhwjAwKioAQEBATAdBgNV HQ4EFgQUyHhk6fecD1biHc7u7STgnx1Lo78wHwYDVR0jBBgwFoAUudHPCKXymSta gMl4I3jRvHlwn/swCgYIKoZIzj0EAwIDSAAwRQIhAIVnA0B2wvz5+mQ9ajJ7V/Yv UyKekjssygTKggtxKOisAiA5n6I9gdEsDEmD7r+wgcvbV2tu5JKq7GNQ0BNVG2gr 1w== -----END CERTIFICATE----- )"; /* Intermediate CA signed by |kValidRootCA1|, with DNS name constraints. Certificate: Data: Version: 3 (0x2) Serial Number: 25:d6:88:31:c9:7c:a9:15:3c:a6:01:02:09:92:a9:bb:30:86:3d:04 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:9e:64:d1:8c:e1:e7:f0:3b:a5:22:df:04:2d:54: fa:e8:cc:b1:22:e7:8b:c6:60:d9:72:cd:ad:1a:16: dc:34:9f:99:e8:22:80:95:de:19:5b:0a:4e:d6:d6: 47:5a:b7:44:32:17:3f:6b:32:80:e5:0e:35:cb:68: 62:c4:dd:31:d1 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Name Constraints: critical Permitted: DNS:sub1.example.org DNS:example.com Excluded: DNS:example.net X509v3 Subject Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:c0:82:44:fe:0b:f3:1b:db:b4:e4:69:14:64: e0:00:0c:1c:fd:87:26:f4:4b:d5:77:25:90:42:cb:06:3e:c1: 01:02:21:00:b2:4e:2b:01:f8:9b:73:f4:c2:aa:5e:0b:7b:18: ed:d6:68:0a:18:fe:b6:d6:7c:20:95:10:57:b1:d1:13:15:a3 */ static char kValidIntCAWithDNSNameConstraints[] = R"( -----BEGIN CERTIFICATE----- MIICcDCCAhWgAwIBAgIUJdaIMcl8qRU8pgECCZKpuzCGPQQwCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowYjELMAkGA1UEBhMC VVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlwdG8x EDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBDQSAzMFkwEwYHKoZI zj0CAQYIKoZIzj0DAQcDQgAEnmTRjOHn8DulIt8ELVT66MyxIueLxmDZcs2tGhbc NJ+Z6CKAld4ZWwpO1tZHWrdEMhc/azKA5Q41y2hixN0x0aOBqDCBpTAOBgNVHQ8B Af8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zBCBgNVHR4BAf8EODA2oCMwEoIQc3Vi MS5leGFtcGxlLm9yZzANggtleGFtcGxlLmNvbaEPMA2CC2V4YW1wbGUubmV0MB0G A1UdDgQWBBS50c8IpfKZK1qAyXgjeNG8eXCf+zAfBgNVHSMEGDAWgBQZGeGMCeJd XBYE4Zx0Zhn9uFJb3zAKBggqhkjOPQQDAgNJADBGAiEAwIJE/gvzG9u05GkUZOAA DBz9hyb0S9V3JZBCywY+wQECIQCyTisB+Jtz9MKqXgt7GO3WaAoY/rbWfCCVEFex 0RMVow== -----END CERTIFICATE----- )"; /* End-entity certificate signed by |kValidIntCAWithDNSNameConstraints|. Certificate: Data: Version: 3 (0x2) Serial Number: 13:a7:6c:6b:2b:be:f1:de:3c:6b:a3:49:de:f1:54:c5:ee:d9:f6:40 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, CN=Valid DNS SAN 1 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:sub1.example.com X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:a7:bd:f2:19:89:ac:03:87:ff:e5:3c:66:2b: 15:62:a3:32:60:c8:72:07:8d:5e:ae:a4:ef:eb:74:ad:3f:9b: 8a:02:20:28:5b:6e:9b:79:48:e3:c2:c7:07:96:b4:40:78:8b: aa:de:54:d9:d6:77:45:21:03:66:65:d9:b1:f2:96:81:58 */ static char kValidEndEntityCert1BoundByDNSNameConstraints[] = R"( -----BEGIN CERTIFICATE----- MIICcDCCAhagAwIBAgIUSNu3E7HssOiTs61FkbhbgoYPs/swCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAzMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBsMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEWMBQGA1UECwwNR29vZCBFbmRwb2ludDEYMBYGA1UEAwwPVmFsaWQgRE5TIFNB TiAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsre9NfLr2obV3EBExyMU+dCl QBcwhbbGETjC2yzFvAwZEdhoYdajkmuKGFIs3IanrSmtkax+34ckO/O0cStOWKOB nTCBmjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0RBBQwEoIQc3ViMS5leGFtcGxlLm9yZzAd BgNVHQ4EFgQUyHhk6fecD1biHc7u7STgnx1Lo78wHwYDVR0jBBgwFoAUudHPCKXy mStagMl4I3jRvHlwn/swCgYIKoZIzj0EAwIDSAAwRQIgamePGu5VqtoHMBTiUCVE vq2ZETn7r5x+nkUlwuv1ikwCIQCTZt832F+9wDkTpZIzObzjIi2sYfQ+s9tlf52e xt/tmA== -----END CERTIFICATE----- )"; /* End-entity certificate signed by |kValidIntCAWithDNSNameConstraints| Certificate: Data: Version: 3 (0x2) Serial Number: 7c:1c:0f:2e:ae:d0:fb:db:b2:03:03:b7:40:db:1f:04:eb:0f:bb:9e Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, CN=Valid DNS SAN 2 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:21:00:ac:75:ec:a3:f2:cf:89:48:c0:0e:32:7b:1d: 94:8e:72:46:33:e7:6e:4b:56:65:a2:2f:1f:27:2b:e2:cf:77: 8b:02:20:5e:49:31:87:80:73:c8:61:de:45:06:b5:bd:a8:26: fb:8f:7c:95:3e:4b:d6:e1:ff:7a:27:19:c0:f9:81:61:8c */ static char kValidEndEntityCert2BoundByDNSNameConstraints[] = R"( -----BEGIN CERTIFICATE----- MIICazCCAhGgAwIBAgIUfBwPLq7Q+9uyAwO3QNsfBOsPu54wCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAzMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBsMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEWMBQGA1UECwwNR29vZCBFbmRwb2ludDEYMBYGA1UEAwwPVmFsaWQgRE5TIFNB TiAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsre9NfLr2obV3EBExyMU+dCl QBcwhbbGETjC2yzFvAwZEdhoYdajkmuKGFIs3IanrSmtkax+34ckO/O0cStOWKOB mDCBlTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwFgYDVR0RBA8wDYILZXhhbXBsZS5jb20wHQYDVR0O BBYEFMh4ZOn3nA9W4h3O7u0k4J8dS6O/MB8GA1UdIwQYMBaAFLnRzwil8pkrWoDJ eCN40bx5cJ/7MAoGCCqGSM49BAMCA0gAMEUCIQCsdeyj8s+JSMAOMnsdlI5yRjPn bktWZaIvHycr4s93iwIgXkkxh4BzyGHeRQa1vagm+498lT5L1uH/eicZwPmBYYw= -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 6b:65:97:b0:26:c2:c0:2c:4a:d1:ce:c8:04:b8:9f:ed:0c:56:0c:67 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=Invalid DNS SAN 1 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.net X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:82:51:95:a9:e1:4b:fc:42:5d:00:d0:36:ca: 9e:3b:2c:15:98:5a:0f:12:41:0f:64:69:2b:68:c9:1f:ea:22: 01:02:21:00:a7:87:49:1e:dd:c3:e2:ac:17:b9:d0:8a:52:87: 26:ec:85:7e:35:54:16:93:d2:7c:51:a9:4a:a9:11:32:6c:d2 */ static char kInvalidEndEntityCertBoundByDNSNameConstraints[] = R"( -----BEGIN CERTIFICATE----- MIICbTCCAhKgAwIBAgIUa2WXsCbCwCxK0c7IBLif7QxWDGcwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAzMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjBtMQswCQYDVQQG EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UECgwNQVdTIExpYmNyeXB0 bzEVMBMGA1UECwwMQmFkIEVuZHBvaW50MRowGAYDVQQDDBFJbnZhbGlkIEROUyBT QU4gMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLK3vTXy69qG1dxARMcjFPnQ pUAXMIW2xhE4wtssxbwMGRHYaGHWo5JrihhSLNyGp60prZGsft+HJDvztHErTlij gZgwgZUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMBYGA1UdEQQPMA2CC2V4YW1wbGUubmV0MB0GA1Ud DgQWBBTIeGTp95wPVuIdzu7tJOCfHUujvzAfBgNVHSMEGDAWgBS50c8IpfKZK1qA yXgjeNG8eXCf+zAKBggqhkjOPQQDAgNJADBGAiEAglGVqeFL/EJdANA2yp47LBWY Wg8SQQ9kaStoyR/qIgECIQCnh0ke3cPirBe50IpShybshX41VBaT0nxRqUqpETJs 0g== -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 72:4f:3b:96:ff:25:4a:64:c0:11:3b:4f:e1:67:c8:16:e2:9f:d7:5e Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, SN=Valid DNS in CN, CN=example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:4d:66:e6:5d:50:b7:a6:14:c2:6c:7f:d2:a2:8d: 8e:3a:76:5c:15:7c:16:9c:b2:cd:d1:0d:1c:f6:3f:9c:25:fb: 02:21:00:c7:a6:3d:14:7c:03:8a:87:38:b8:48:a0:1b:84:90: ce:2e:d8:72:ea:44:cc:1b:6f:38:d3:08:69:99:ed:09:1b */ static char kValidEECertWithDnsCnNoSubjAltDnsName[] = R"( -----BEGIN CERTIFICATE----- MIICaDCCAg6gAwIBAgIUck87lv8lSmTAETtP4WfIFuKf114wCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAzMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjCBgjELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlw dG8xFjAUBgNVBAsMDUdvb2QgRW5kcG9pbnQxGDAWBgNVBAQMD1ZhbGlkIEROUyBp biBDTjEUMBIGA1UEAwwLZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMB BwNCAASyt7018uvahtXcQETHIxT50KVAFzCFtsYROMLbLMW8DBkR2Ghh1qOSa4oY UizchqetKa2RrH7fhyQ787RxK05Yo38wfTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE FMh4ZOn3nA9W4h3O7u0k4J8dS6O/MB8GA1UdIwQYMBaAFLnRzwil8pkrWoDJeCN4 0bx5cJ/7MAoGCCqGSM49BAMCA0gAMEUCIE1m5l1Qt6YUwmx/0qKNjjp2XBV8Fpyy zdENHPY/nCX7AiEAx6Y9FHwDioc4uEigG4SQzi7YcupEzBtvONMIaZntCRs= -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 23:ea:00:83:d0:f1:fb:e1:1c:d2:63:e7:9e:8b:cb:3f:66:42:a8:93 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, SN=Invalid DNS CN and Valid SubjAlt, CN=example.net Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:f3:e3:f2:ba:4d:e5:ae:7a:8d:38:cf:13:76: e9:e3:ec:9b:7b:00:4a:42:70:b8:0b:dd:a1:ae:9f:3e:87:56: f0:02:21:00:a9:ea:f5:8f:3c:1d:2d:9b:1a:86:e2:3c:18:f6: 43:3f:61:3b:62:d5:12:df:37:28:31:ad:06:fe:21:f1:df:ff */ static char kEECertWithInvalidDnsCnValidSubjAltDnsName[] = R"( -----BEGIN CERTIFICATE----- MIIClDCCAjmgAwIBAgIUI+oAg9Dx++Ec0mPnnovLP2ZCqJMwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAzMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjCBkzELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlw dG8xFjAUBgNVBAsMDUdvb2QgRW5kcG9pbnQxKTAnBgNVBAQMIEludmFsaWQgRE5T IENOIGFuZCBWYWxpZCBTdWJqQWx0MRQwEgYDVQQDDAtleGFtcGxlLm5ldDBZMBMG ByqGSM49AgEGCCqGSM49AwEHA0IABLK3vTXy69qG1dxARMcjFPnQpUAXMIW2xhE4 wtssxbwMGRHYaGHWo5JrihhSLNyGp60prZGsft+HJDvztHErTlijgZgwgZUwDgYD VR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMBYGA1UdEQQPMA2CC2V4YW1wbGUuY29tMB0GA1UdDgQWBBTIeGTp 95wPVuIdzu7tJOCfHUujvzAfBgNVHSMEGDAWgBS50c8IpfKZK1qAyXgjeNG8eXCf +zAKBggqhkjOPQQDAgNJADBGAiEA8+Pyuk3lrnqNOM8Tdunj7Jt7AEpCcLgL3aGu nz6HVvACIQCp6vWPPB0tmxqG4jwY9kM/YTti1RLfNygxrQb+IfHf/w== -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 75:39:ec:88:9a:bd:4b:2c:1e:65:92:f0:c6:46:1f:03:2d:42:23:55 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Int NC CA 3 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, SN=Invalid DNS CN and IP SubjAlt, CN=example.net Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: IP Address:10.1.1.1 X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: B9:D1:CF:08:A5:F2:99:2B:5A:80:C9:78:23:78:D1:BC:79:70:9F:FB Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:46:02:21:00:c9:e5:1c:b9:30:96:f6:3b:34:bb:69:73:b1: 72:a8:fc:0a:6b:9f:88:46:b3:1b:38:e3:2e:73:91:ac:17:bb: 9f:02:21:00:c5:83:2f:0e:9d:42:ad:96:18:6e:a0:02:92:ff: 09:cd:10:a2:7b:f3:92:cb:d8:e4:4c:1f:da:a2:29:bb:64:a2 */ static char kEECertWithInvalidDnsCnSubjAltIp[] = R"( -----BEGIN CERTIFICATE----- MIICijCCAi+gAwIBAgIUdTnsiJq9SyweZZLwxkYfAy1CI1UwCgYIKoZIzj0EAwIw YjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExFDASBgNVBAMMC0ludCBOQyBD QSAzMCAXDTE1MDEwMTAwMDAwMFoYDzIxMDAwMTAxMDAwMDAwWjCBkDELMAkGA1UE BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFXUyBMaWJjcnlw dG8xFjAUBgNVBAsMDUdvb2QgRW5kcG9pbnQxJjAkBgNVBAQMHUludmFsaWQgRE5T IENOIGFuZCBJUCBTdWJqQWx0MRQwEgYDVQQDDAtleGFtcGxlLm5ldDBZMBMGByqG SM49AgEGCCqGSM49AwEHA0IABLK3vTXy69qG1dxARMcjFPnQpUAXMIW2xhE4wtss xbwMGRHYaGHWo5JrihhSLNyGp60prZGsft+HJDvztHErTlijgZEwgY4wDgYDVR0P AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMA8GA1UdEQQIMAaHBAoBAQEwHQYDVR0OBBYEFMh4ZOn3nA9W4h3O7u0k 4J8dS6O/MB8GA1UdIwQYMBaAFLnRzwil8pkrWoDJeCN40bx5cJ/7MAoGCCqGSM49 BAMCA0kAMEYCIQDJ5Ry5MJb2OzS7aXOxcqj8CmufiEazGzjjLnORrBe7nwIhAMWD Lw6dQq2WGG6gApL/Cc0QonvzksvY5Ewf2qIpu2Si -----END CERTIFICATE----- )"; /* Certificate: Data: Version: 3 (0x2) Serial Number: 13:c1:63:e7:03:6f:a3:26:ac:31:71:a9:fe:ad:a6:34:20:94:bf:3a Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Good Endpoint, SN=Wildcard Testing, CN=*.sub2.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b2:b7:bd:35:f2:eb:da:86:d5:dc:40:44:c7:23: 14:f9:d0:a5:40:17:30:85:b6:c6:11:38:c2:db:2c: c5:bc:0c:19:11:d8:68:61:d6:a3:92:6b:8a:18:52: 2c:dc:86:a7:ad:29:ad:91:ac:7e:df:87:24:3b:f3: b4:71:2b:4e:58 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:*.sub1.example.com, DNS:*.example.org, DNS:host.example.com X509v3 Subject Key Identifier: C8:78:64:E9:F7:9C:0F:56:E2:1D:CE:EE:ED:24:E0:9F:1D:4B:A3:BF X509v3 Authority Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:13:bc:6c:9c:3b:8e:c7:95:e7:9f:31:08:dd:7f: 6c:ea:97:4e:29:01:72:b5:9c:45:f1:29:bc:d7:ce:39:5a:21: 02:21:00:f5:77:2c:9d:23:6d:71:69:4d:93:eb:7e:fd:a5:17: 24:37:ee:97:01:4f:1c:54:09:cd:3d:87:e9:1d:da:5f:7e */ static char kWildCardCommonNameAndSubjAlt[] = R"( -----BEGIN CERTIFICATE----- MIICsDCCAlagAwIBAgIUE8Fj5wNvoyasMXGp/q2mNCCUvzowCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowgYoxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRv MRYwFAYDVQQLDA1Hb29kIEVuZHBvaW50MRkwFwYDVQQEDBBXaWxkY2FyZCBUZXN0 aW5nMRswGQYDVQQDDBIqLnN1YjIuZXhhbXBsZS5jb20wWTATBgcqhkjOPQIBBggq hkjOPQMBBwNCAASyt7018uvahtXcQETHIxT50KVAFzCFtsYROMLbLMW8DBkR2Ghh 1qOSa4oYUizchqetKa2RrH7fhyQ787RxK05Yo4HAMIG9MA4GA1UdDwEB/wQEAwIF oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+ BgNVHREENzA1ghIqLnN1YjEuZXhhbXBsZS5jb22CDSouZXhhbXBsZS5vcmeCEGhv c3QuZXhhbXBsZS5jb20wHQYDVR0OBBYEFMh4ZOn3nA9W4h3O7u0k4J8dS6O/MB8G A1UdIwQYMBaAFBkZ4YwJ4l1cFgThnHRmGf24UlvfMAoGCCqGSM49BAMCA0gAMEUC IBO8bJw7jseV558xCN1/bOqXTikBcrWcRfEpvNfOOVohAiEA9XcsnSNtcWlNk+t+ /aUXJDfulwFPHFQJzT2H6R3aX34= -----END CERTIFICATE----- )"; /* This certificate uses the |EE_KEY_1| key but uses the explicit curve parameters rather then the prime256v1 curve identifier. Certificate: Data: Version: 3 (0x2) Serial Number: 07:52:c5:b3:fd:bd:67:6b:68:bf:ff:2e:ab:a5:81:31:d1:58:86:0f Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=Washington, O=AWS Libcrypto, OU=Good CA, CN=Root CA 1 Validity Not Before: Jan 1 00:00:00 2015 GMT Not After : Jan 1 00:00:00 2100 GMT Subject: C=US, ST=Washington, O=AWS Libcrypto, OU=Bad Endpoint, CN=rfc5480 specifiedCurve MUST NOT be used in PKIX Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:c2:a9:7a:df:6d:d4:e3:16:29:b3:74:11:f1:8f: bd:44:8d:c7:3f:b2:d7:9a:e7:10:14:ff:1c:4a:fa: ce:fb:c9:7c:c1:e6:57:f2:ff:31:1b:71:8c:6e:3a: b9:f0:1e:b5:ac:5f:db:2e:81:68:02:cb:be:19:44: d5:89:3d:30:d6 Field Type: prime-field Prime: 00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00: 00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff: ff:ff:ff A: 00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00: 00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff: ff:ff:fc B: 5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86: bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2: 60:4b Generator (uncompressed): 04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4: 40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8: 98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a: 7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40: 68:37:bf:51:f5 Order: 00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff: ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc: 63:25:51 Cofactor: 1 (0x1) Seed: c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26: b7:81:9f:7e:90 X509v3 extensions: X509v3 Key Usage: critical Digital Signature X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Alternative Name: DNS:example.com X509v3 Subject Key Identifier: 19:19:E1:8C:09:E2:5D:5C:16:04:E1:9C:74:66:19:FD:B8:52:5B:DF Signature Algorithm: ecdsa-with-SHA256 Signature Value: 30:45:02:20:3e:3e:8b:43:6b:9b:dd:7e:c7:45:24:94:47:28: 04:ac:2a:4c:22:a8:3b:74:1d:c6:0f:10:38:fe:11:0b:34:1e: 02:21:00:eb:8d:66:70:e2:2c:76:2b:a2:a3:38:e9:10:51:1c: e8:89:82:7e:ce:80:a1:fd:f2:ca:06:60:d0:e6:1e:49:f8 */ static char kLeafCertificateWithExplicitECParams[] = R"( -----BEGIN CERTIFICATE----- MIIDUDCCAvagAwIBAgIUB1LFs/29Z2tov/8uq6WBMdFYhg8wCgYIKoZIzj0EAwIw YDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAoMDUFX UyBMaWJjcnlwdG8xEDAOBgNVBAsMB0dvb2QgQ0ExEjAQBgNVBAMMCVJvb3QgQ0Eg MTAgFw0xNTAxMDEwMDAwMDBaGA8yMTAwMDEwMTAwMDAwMFowgYsxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRYwFAYDVQQKDA1BV1MgTGliY3J5cHRv MRUwEwYDVQQLDAxCYWQgRW5kcG9pbnQxODA2BgNVBAMML3JmYzU0ODAgc3BlY2lm aWVkQ3VydmUgTVVTVCBOT1QgYmUgdXNlZCBpbiBQS0lYMIIBSzCCAQMGByqGSM49 AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAABAAAAAAAAAAAAAAAA//////// ////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA///////////////8BCBaxjXY qjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMVAMSdNgiG5wSTamZ44ROdJreB n36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li/hp/m47n 60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8AAAAA//////////+85vqtpxee hPO5ysL8YyVRAgEBA0IABMKpet9t1OMWKbN0EfGPvUSNxz+y15rnEBT/HEr6zvvJ fMHmV/L/MRtxjG46ufAetaxf2y6BaALLvhlE1Yk9MNajbDBqMA4GA1UdDwEB/wQE AwIHgDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBYGA1UdEQQP MA2CC2V4YW1wbGUuY29tMB0GA1UdDgQWBBQZGeGMCeJdXBYE4Zx0Zhn9uFJb3zAK BggqhkjOPQQDAgNIADBFAiA+PotDa5vdfsdFJJRHKASsKkwiqDt0HcYPEDj+EQs0 HgIhAOuNZnDiLHYroqM46RBRHOiJgn7OgKH98soGYNDmHkn4 -----END CERTIFICATE----- )"; // EE certificate should not verify if signed by invalid root CA TEST(X509CompatTest, CertificatesFromTrustStoreValidated) { bssl::UniquePtr root = CertFromPEM(kRootBadBasicConstraints); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kEndEntitySignedByBadRoot); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_INVALID_CA, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0)); } // Certificate should be rejected if it contains a critical AKID extension. // This reports a X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION due to it being an // unhandled critical exception. TEST(X509CompatTest, EECertificateWithCriticalAKID) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertificateWithCriticalAKID); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0)); } // Certificate should not be rejected if it contains a critical CRL Distribution // Points extension. TEST(X509CompatTest, EECertificateWithCriticalCRLDistributionPointsExt) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kValidEECertWithCriticalCRLDistributionExt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0)); } // EE certificate's trust root is missing the basic constraints extension. TEST(X509CompatTest, EECertificateSignedByInvalidRootMissingBasicConstraints) { bssl::UniquePtr root = CertFromPEM(kInvalidRootCertificateWithMissingBasicConstraintsExt); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertificateSignedByRootMissingBasicConstraintsExt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_INVALID_CA, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0)); } // EE certificate with negative serial number, while technically invalid per RFC // 5280, should pass. TEST(X509CompatTest, EECertificateWithNegativeSerialNumber) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kValidEECertificateWithNegativeSerialNumber); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithValidNameConstrainedSubjAltIPv4) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithIPv4NameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kValidEECertWithValidIPv4SubjectAltName); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX * ctx){ X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); const char ip[] = "10.1.2.1"; X509_VERIFY_PARAM_set1_ip_asc(param, ip); })); } TEST(X509CompatTest, EECertificateWithInvalidExcludedNameConstrainedSubjAltIPv4) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithIPv4NameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertWithInvalidExcludedIPv4SubjAlt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_EXCLUDED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithInvalidPermittedNameConstrainedSubjAltIPv4) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithIPv4NameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertWithInvalidPermittedIPv4SubjAlt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_PERMITTED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithValidNameConstrainedSubjAltIPv6) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithIPv6NameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kValidEECertWithValidIPv6SubjectAltName); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX * ctx){ X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); const char ip[] = "::ffff:a01:201"; X509_VERIFY_PARAM_set1_ip_asc(param, ip); })); } TEST(X509CompatTest, EECertificateWithInvalidExcludedNameConstrainedSubjAltIPv6) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithIPv6NameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertWithInvalidExcludedIPv6SubjAlt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_EXCLUDED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithInvalidPermittedNameConstrainedSubjAltIPv6) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithIPv6NameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertWithInvalidPermittedIPv6SubjAlt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_PERMITTED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithIPv4SANIssuedByCAWithBadNameConstraint) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kIntCAWithBadIPv4NameConstraint); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertIssuedByCAWithBadIPv4NameConstraint); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithIPv6SANIssuedByCAWithBadNameConstraint) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kIntCAWithBadIPv6NameConstraint); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertIssuedByCAWithBadIPv6NameConstraint); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, EECertificateWithIPSANIssuedByCAWithBadNameConstraint) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kIntCAWithBadIPNameConstraint); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEECertIssuedByCAWithBadIPNameConstraint); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0)); } TEST(X509CompatTest, IpCidrNetmaskTest) { struct IpCidrNetmaskTestParam { std::vector mask; bool valid; }; IpCidrNetmaskTestParam testInputs[] = { // invalid lengths {HexToBytes("00"), false}, // single byte address too short {HexToBytes("000000"), false}, // one byte less then IPv4 {HexToBytes("ffffffffff"), false}, // 255.255.255.255.255 (/40) {HexToBytes("ffffffff0000000000000000000000"), false}, // 1 byte short of IPv6 {HexToBytes("ffffffffffffffffffffffffffffffff00"), false}, // Invalid length - 17 bytes // valid v4 {HexToBytes("00000000"), true}, // 0.0.0.0 (/0) {HexToBytes("ff000000"), true}, // 255.0.0.0 (/8) {HexToBytes("ffff0000"), true}, // 255.255.0.0 (/16) {HexToBytes("ffffff00"), true}, // 255.255.255.0 (/24) {HexToBytes("ffffffff"), true}, // 255.255.255.255 (/32) // invalid v4 (non-contiguous 1s) {HexToBytes("ffff00ff"), false}, // 255.255.0.255 {HexToBytes("ff00ff00"), false}, // 255.0.255.0 {HexToBytes("f0f0f0f0"), false}, // 240.240.240.240 {HexToBytes("0fff0000"), false}, // 15.255.0.0 // valid v6 {HexToBytes("00000000000000000000000000000000"), true}, // 0000:0000:0000:0000:0000:0000:0000:0000 (/0) {HexToBytes("ffff0000000000000000000000000000"), true}, // ffff:0000:0000:0000:0000:0000:0000:0000 (/16) {HexToBytes("ffffffff000000000000000000000000"), true}, // ffff:ffff:0000:0000:0000:0000:0000:0000 (/32) {HexToBytes("ffffffffffff00000000000000000000"), true}, // ffff:ffff:ffff:0000:0000:0000:0000:0000 (/48) {HexToBytes("ffffffffffffffff0000000000000000"), true}, // ffff:ffff:ffff:ffff:0000:0000:0000:0000 (/64) {HexToBytes("ffffffffffffffffffff000000000000"), true}, // ffff:ffff:ffff:ffff:ffff:0000:0000:0000 (/80) {HexToBytes("ffffffffffffffffffffffff00000000"), true}, // ffff:ffff:ffff:ffff:ffff:ffff:0000:0000 (/96) {HexToBytes("ffffffffffffffffffffffffffff0000"), true}, // ffff:ffff:ffff:ffff:ffff:ffff:ffff:0000 (/112) {HexToBytes("ffffffffffffffffffffffffffffffff"), true}, // ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff (/128) // invalid v6 (non-contiguous 1s) {HexToBytes("ffff0000ffffffffffffffffffffffff"), false}, // Non-contiguous 1s {HexToBytes("ffffffffffffffff0000ffff00000000"), false}, // Non-contiguous 1s {HexToBytes("f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0"), false}, // Non-contiguous 1s }; for (const IpCidrNetmaskTestParam ¶ms : testInputs) { CBS mask; CBS_init(&mask, params.mask.data(), params.mask.size()); ASSERT_EQ(params.valid, validate_cidr_mask(&mask)); } } TEST(X509CompatTest, EECertificate1WithValidSANBoundByNameConstraints) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithDNSNameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kValidEndEntityCert1BoundByDNSNameConstraints); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); const char host[] = "sub1.example.org"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); } TEST(X509CompatTest, EECertificate2WithValidSANBoundByNameConstraints) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithDNSNameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kValidEndEntityCert2BoundByDNSNameConstraints); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); const char host[] = "example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); } TEST(X509CompatTest, EECertificate3WithInvalidSANBoundByNameConstraints) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithDNSNameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kInvalidEndEntityCertBoundByDNSNameConstraints); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_PERMITTED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); const char host[] = "example.net"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); } TEST(X509CompatTest, ValidEECertWithDnsCnNoSubjAltDnsName) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithDNSNameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kValidEECertWithDnsCnNoSubjAltDnsName); ASSERT_TRUE(leaf); const char host[] = "example.com"; EXPECT_EQ( X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&host](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ( X509_V_ERR_HOSTNAME_MISMATCH, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&host](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_NEVER_CHECK_SUBJECT); X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); } TEST(X509CompatTest, kEECertWithInvalidDnsCnValidSubjAltDnsName) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithDNSNameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kEECertWithInvalidDnsCnValidSubjAltDnsName); ASSERT_TRUE(leaf); const char host[] = "example.com"; EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&host](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&host](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_NEVER_CHECK_SUBJECT); X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_ERR_PERMITTED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&host](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT); X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); } TEST(X509CompatTest, EECertWithInvalidDnsCnSubjAltIp) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr inter = CertFromPEM(kValidIntCAWithDNSNameConstraints); ASSERT_TRUE(inter); bssl::UniquePtr leaf = CertFromPEM(kEECertWithInvalidDnsCnSubjAltIp); ASSERT_TRUE(leaf); const char ip[] = "10.1.1.1"; EXPECT_EQ(X509_V_ERR_PERMITTED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&ip](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set1_ip_asc(param, ip); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&ip](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_NEVER_CHECK_SUBJECT); X509_VERIFY_PARAM_set1_ip_asc(param, ip); })); EXPECT_EQ(X509_V_ERR_PERMITTED_VIOLATION, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{inter.get()}, /*crls=*/{}, /*flags=*/0, [&ip](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT); X509_VERIFY_PARAM_set1_ip_asc(param, ip); })); } TEST(X509CompatTest, CommonNameToDNS) { struct CommonNameToDNSTestParam { std::string common_name; bool expect_dns; std::string expected_dns_name; }; CommonNameToDNSTestParam params[] = { {"example.com", true, "example.com"}, {"exa_mple.com", true, "exa_mple.com"}, {"foo-bar.example.com", true, "foo-bar.example.com"}, {"1.example.com", true, "1.example.com"}, {"", false, ""}, {".", false, ""}, {"-", false, ""}, {"example.com.", false, ""}, {".example.com", false, ""}, {".example.com.", false, ""}, {"-example.com", false, ""}, {"example.com-", false, ""}, {"-example.com-", false, ""}, {"example.-com", false, ""}, {"example..com", false, ""}, {"example-.com", false, ""}, {"example", false, ""}, {"eXaMpLe", false, ""}, {"cn with spaces", false, ""}, {"1 and 2 and 3", false, ""}, // Wildcard CN test cases: wildcard CNs must be recognized as DNS-IDs // so that name constraints are enforced on them. {"*.example.com", true, "*.example.com"}, {"*.sub.example.com", true, "*.sub.example.com"}, {"*.exa_mple.com", true, "*.exa_mple.com"}, {"*.foo-bar.example.com", true, "*.foo-bar.example.com"}, // Wildcard with single remaining label is not a DNS name. {"*.com", false, ""}, // Bare wildcard or incomplete wildcard prefix. {"*", false, ""}, {"*.", false, ""}, {"*..", false, ""}, // Star without dot is not a valid wildcard prefix. {"*example.com", false, ""}, // Double star is not valid. {"**.example.com", false, ""}, // Invalid DNS syntax after wildcard prefix. {"*.-example.com", false, ""}, {"*.example-.com", false, ""}, {"*.example..com", false, ""}, {"*.example.com.", false, ""}, {".*.example.com", false, ""}, // Single-label CNs with non-ASCII are accepted (not DNS names). {"r\xc3\xa4ger", false, ""}, {"\xc3\x9cnternehmen", false, ""}, // Single-label CNs with control characters are accepted (not DNS names). {"foo\x01" "bar", false, ""}, {std::string("\x7f") + "tld", false, ""}, // Single-label CN with space is accepted (not a DNS name). {"foo bar", false, ""}, // Punycode equivalents are valid ASCII DNS names. {"xn--rger-koa.evil.com", true, "xn--rger-koa.evil.com"}, {"xn--caf-dma.example.com", true, "xn--caf-dma.example.com"}, }; for (CommonNameToDNSTestParam ¶m : params) { ASN1_STRING *asn1_str_ptr = NULL; std::vector cn(param.common_name.begin(), param.common_name.end()); ASSERT_GE(ASN1_mbstring_copy(&asn1_str_ptr, cn.data(), cn.size(), MBSTRING_UTF8, V_ASN1_IA5STRING), 0); bssl::UniquePtr asn1_cn(asn1_str_ptr); ASSERT_TRUE(asn1_cn); unsigned char *dnsid_ptr = NULL; size_t idlen = 0; ASSERT_EQ(X509_V_OK, cn2dnsid(asn1_cn.get(), &dnsid_ptr, &idlen)); std::unique_ptr dnsid( dnsid_ptr, [](unsigned char *ptr) { OPENSSL_free(ptr); }); if (param.expect_dns) { ASSERT_TRUE(dnsid.get()); std::string dns_name(reinterpret_cast(dnsid.get()), idlen); ASSERT_EQ(param.expected_dns_name, dns_name); } else { ASSERT_FALSE(dnsid.get()); ASSERT_EQ((size_t)0, idlen); } } // Multi-label CNs with non-ASCII bytes should return // X509_V_ERR_UNSUPPORTED_NAME_SYNTAX. Per RFC 6125 Section 6.4.2, // internationalized domain names should use A-label (punycode) form. const std::string non_ascii_dns[] = { "r\xc3\xa4ger.evil.com", "caf\xc3\xa9.example.com", "*.r\xc3\xa4ger.evil.com", // Control characters in multi-label CNs. "foo\x01.evil.com", std::string("bar\x7f") + ".evil.com", "baz\x1f.example.com", // Space in multi-label CN. "foo .evil.com", }; for (const std::string &name : non_ascii_dns) { SCOPED_TRACE(name); ASN1_STRING *asn1_str_ptr = NULL; std::vector cn(name.begin(), name.end()); ASSERT_GE(ASN1_mbstring_copy(&asn1_str_ptr, cn.data(), cn.size(), MBSTRING_UTF8, V_ASN1_IA5STRING), 0); bssl::UniquePtr asn1_cn(asn1_str_ptr); ASSERT_TRUE(asn1_cn); unsigned char *dnsid_ptr = NULL; size_t idlen = 0; ASSERT_EQ(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, cn2dnsid(asn1_cn.get(), &dnsid_ptr, &idlen)); ASSERT_FALSE(dnsid_ptr); ASSERT_EQ((size_t)0, idlen); } } TEST(X509CompatTest, WildcardNameBehaviors) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kWildCardCommonNameAndSubjAlt); ASSERT_TRUE(leaf); EXPECT_EQ(X509_V_ERR_HOSTNAME_MISMATCH, Verify( leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = "example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = "host.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = "foo.sub1.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); // *.sub2.example.com is in the commonName so not checked by default if DNS // SAN is present EXPECT_EQ(X509_V_ERR_HOSTNAME_MISMATCH, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = "bar.sub2.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT); char host[] = "bar.sub2.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = "baz.example.org"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); // client-side host name verification behavior with leading '.' EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = ".example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = ".sub1.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_ERR_HOSTNAME_MISMATCH, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); char host[] = ".sub2.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT); char host[] = ".sub2.example.com"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT); char host[] = ".example.org"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); EXPECT_EQ(X509_V_ERR_HOSTNAME_MISMATCH, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set_hostflags( param, X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT); char host[] = ".baz.example.org"; X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); })); } TEST(X509CompatTest, LeafCertificateWithExplicitECParams) { bssl::UniquePtr root = CertFromPEM(kValidRootCA1); ASSERT_TRUE(root); bssl::UniquePtr leaf = CertFromPEM(kLeafCertificateWithExplicitECParams); ASSERT_TRUE(leaf); const char host[] = "example.com"; EXPECT_EQ( X509_V_ERR_EC_KEY_EXPLICIT_PARAMS, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0)); EXPECT_EQ( X509_V_OK, Verify(leaf.get(), /*roots=*/{root.get()}, /*intermediates=*/{}, /*crls=*/{}, /*flags=*/0, [&host](X509_STORE_CTX *ctx) { X509_VERIFY_PARAM *param = X509_STORE_CTX_get0_param(ctx); X509_VERIFY_PARAM_set1_host(param, host, sizeof(host) - 1); X509_VERIFY_PARAM_enable_ec_key_explicit_params(param); })); }