Google Git
Sign in
fuchsia / third_party / boringssl / 0aa300b9ba9d66b914793ad18c5b469163e58905 / . / pki / testdata / verify_certificate_chain_unittest / intermediate-wrong-signature-no-authority-key-identifier / chain.pem
blob: 4b2b4a42349ff17ee60af764f1e5e4b22d58c8fe [file] [log] [blame]
[Created by: generate-chains.py]
Certificate chain where the intermediate was signed by a different
certificate with a different key. The intermediate lacks an
authorityKeyIdentifier extension as some verifiers will not try verifying with
the bogus root if the authorityKeyIdentifier does not match the root's
subjectKeyIdentifier.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:09:02:a5:7e:5f:ed:29:b0:9c:e2:2b:f0:ed:48:a5:f4:32:81:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Intermediate
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Target
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:e3:ca:56:56:53:39:63:22:cd:90:66:ef:
33:38:2d:22:ef:23:1b:4c:81:d0:2e:d0:8e:f8:63:
f4:36:e4:45:45:5c:98:6d:46:f1:d4:98:49:15:44:
6d:81:cd:55:14:95:f8:b0:80:e6:26:4e:ff:04:c7:
d7:71:ab:01:0c:0b:f1:7b:18:80:a2:e2:9c:29:0e:
7d:d5:c0:a7:b5:4a:04:42:5e:d5:4d:9c:68:ed:b4:
04:f2:3e:e3:ce:1e:89:2c:06:13:f3:85:ec:63:01:
a5:de:7c:01:ed:fd:35:60:d2:66:ac:d7:9b:3a:81:
07:7c:90:7f:ae:e2:ac:b3:41:1c:58:7b:21:c6:7d:
22:dc:e9:16:5c:53:a5:bc:4d:09:51:8b:6c:c8:93:
9a:65:cc:16:20:01:3c:cf:99:8e:9e:17:57:0b:d7:
9a:30:6f:db:ed:64:85:d1:ad:8b:a3:ad:f1:c0:6f:
de:3e:83:9a:33:fb:1c:d3:ed:a6:46:1c:3c:c0:41:
95:7c:da:5b:a2:73:eb:99:58:4d:dd:ee:76:4a:d6:
9c:0d:66:46:72:79:f0:95:94:aa:08:18:0e:12:b1:
03:73:9c:a4:52:b2:54:c8:e4:cb:27:6b:aa:24:07:
14:98:76:12:7d:01:5f:df:a7:e8:34:2a:46:61:b6:
11:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:80:B5:C8:C1:DB:F2:5A:84:C6:36:8C:08:04:72:6B:FC:78:48:55
X509v3 Authority Key Identifier:
keyid:9C:50:7F:A1:0F:62:41:B6:41:8A:7E:5C:6E:73:B4:3E:44:FE:E6:C2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Intermediate.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Intermediate.crl
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Alternative Name:
DNS:test.example
Signature Algorithm: sha256WithRSAEncryption
8c:ed:0b:9b:5a:c2:d1:7e:0f:6f:a0:c0:0d:1f:08:e7:ee:b6:
b1:1a:f3:85:3b:97:2c:00:57:13:f0:37:64:53:eb:98:07:4e:
fd:62:53:d4:94:6c:28:16:1d:4e:a5:61:ff:6c:f2:a5:04:d0:
2f:3b:e9:64:8d:cc:93:6a:47:44:e5:3a:cc:7f:ee:00:e3:6d:
40:70:ed:b5:21:88:1f:c5:b3:d9:3b:8b:7a:87:23:17:1e:c5:
df:ae:e6:e7:b8:51:7f:a3:d5:41:ef:be:f9:fa:df:39:19:85:
4e:3c:fc:a5:43:84:6f:ae:49:cd:4f:73:db:29:fe:94:1a:f0:
11:b9:41:12:c3:3c:91:7f:c2:34:3f:9b:dc:69:c7:80:fa:af:
ba:f7:25:72:c8:d1:d2:5d:87:42:86:d0:03:49:76:bd:e4:1f:
11:90:43:02:b4:7b:b4:23:c1:b1:ff:c5:83:4d:95:80:7f:fd:
bd:df:d6:5b:af:f9:3c:5b:c5:95:aa:79:ac:e6:11:fd:7f:5a:
ad:54:29:ac:9b:23:61:b5:3a:89:18:cf:55:84:30:87:1b:14:
39:9b:19:5f:bd:38:43:da:6e:f1:54:33:13:d9:87:5b:45:b4:
69:e6:89:85:e7:69:4b:d1:aa:12:1a:bd:ab:cd:ff:de:86:e6:
ec:14:bf:0f
-----BEGIN CERTIFICATE-----
MIIDujCCAqKgAwIBAgIUeQkCpX5f7SmwnOIr8O1IpfQygWQwDQYJKoZIhvcNAQEL
BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTIxMTAwNTEyMDAwMFoXDTIy
MTAwNTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAqxLjylZWUzljIs2QZu8zOC0i7yMbTIHQLtCO+GP0NuRF
RVyYbUbx1JhJFURtgc1VFJX4sIDmJk7/BMfXcasBDAvxexiAouKcKQ591cCntUoE
Ql7VTZxo7bQE8j7jzh6JLAYT84XsYwGl3nwB7f01YNJmrNebOoEHfJB/ruKss0Ec
WHshxn0i3OkWXFOlvE0JUYtsyJOaZcwWIAE8z5mOnhdXC9eaMG/b7WSF0a2Lo63x
wG/ePoOaM/sc0+2mRhw8wEGVfNpbonPrmVhN3e52StacDWZGcnnwlZSqCBgOErED
c5ykUrJUyOTLJ2uqJAcUmHYSfQFf36foNCpGYbYR9QIDAQABo4IBAjCB/zAdBgNV
HQ4EFgQUO4C1yMHb8lqExjaMCARya/x4SFUwHwYDVR0jBBgwFoAUnFB/oQ9iQbZB
in5cbnO0PkT+5sIwPwYIKwYBBQUHAQEEMzAxMC8GCCsGAQUFBzAChiNodHRwOi8v
dXJsLWZvci1haWEvSW50ZXJtZWRpYXRlLmNlcjA0BgNVHR8ELTArMCmgJ6AlhiNo
dHRwOi8vdXJsLWZvci1jcmwvSW50ZXJtZWRpYXRlLmNybDAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBcGA1UdEQQQMA6CDHRl
c3QuZXhhbXBsZTANBgkqhkiG9w0BAQsFAAOCAQEAjO0Lm1rC0X4Pb6DADR8I5+62
sRrzhTuXLABXE/A3ZFPrmAdO/WJT1JRsKBYdTqVh/2zypQTQLzvpZI3Mk2pHROU6
zH/uAONtQHDttSGIH8Wz2TuLeocjFx7F367m57hRf6PVQe+++frfORmFTjz8pUOE
b65JzU9z2yn+lBrwEblBEsM8kX/CND+b3GnHgPqvuvclcsjR0l2HQobQA0l2veQf
EZBDArR7tCPBsf/Fg02VgH/9vd/WW6/5PFvFlap5rOYR/X9arVQprJsjYbU6iRjP
VYQwhxsUOZsZX704Q9pu8VQzE9mHW0W0aeaJhedpS9GqEhq9q83/3obm7BS/Dw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:e9:3f:62:d9:75:26:c4:22:75:a1:77:c9:f1:44:79:41:3f:cb:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Intermediate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:2a:19:91:cd:d4:28:05:9d:4e:95:4e:47:
cf:79:0a:12:27:4f:0c:29:93:3f:2a:9c:3a:b3:a3:
07:43:a3:40:06:07:37:7c:1f:d8:6c:6a:af:38:06:
a8:3c:31:cf:c6:46:1e:ba:b8:70:95:5f:85:49:59:
41:78:3b:f9:c2:03:d2:a1:9d:5a:82:f5:c7:ae:74:
53:ec:d1:ae:07:26:0c:bd:67:47:bb:05:fd:d5:a6:
24:d4:c0:39:db:3b:ff:1e:f0:8f:0d:bf:f2:0d:00:
e5:7d:63:13:2d:d0:9b:3f:96:46:5d:c9:06:34:40:
15:94:a3:29:9f:fe:7d:ec:95:9f:e9:e5:c6:97:f6:
10:3f:ea:09:40:84:ba:59:64:d6:83:06:bc:ec:ea:
3f:7c:99:f3:b4:c7:13:9d:1a:74:bc:f5:4f:b5:d7:
c0:fc:0f:78:f9:87:fb:9a:f1:44:00:91:d2:d9:5d:
12:67:a0:cd:75:a4:eb:c2:47:86:b8:bd:d5:4c:7e:
6b:48:8e:a9:7d:0c:3f:4e:a0:2e:a1:fc:67:63:40:
fa:c4:56:b0:a3:ee:8a:73:55:69:fa:ec:5f:39:57:
74:65:1d:ef:66:9e:ad:76:84:e3:a7:ec:7e:d8:c2:
fb:8b:16:0e:1e:65:79:1d:c7:8e:d9:df:1e:31:49:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:50:7F:A1:0F:62:41:B6:41:8A:7E:5C:6E:73:B4:3E:44:FE:E6:C2
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
7e:f8:bb:44:37:c0:8a:7d:19:4d:c1:36:97:e9:13:ee:87:62:
f7:39:10:53:39:e1:76:fa:89:44:b0:1a:8d:36:5e:79:45:48:
8e:a8:a6:57:fe:cc:78:1f:91:a9:59:9c:64:ac:79:91:b0:f2:
b9:bd:1c:be:89:df:0c:c7:ee:71:bf:9b:29:38:8e:50:f8:9e:
6a:16:6d:c5:69:f8:be:9f:3b:0c:15:1d:1e:be:b6:68:88:c6:
03:c9:1f:e0:ed:9b:98:56:fe:d5:a3:0c:6b:76:bb:3e:9d:5d:
29:cc:6a:50:ad:e8:6f:38:e7:ab:17:83:86:02:dc:d6:7d:de:
93:e1:30:dc:00:60:6a:94:11:40:3d:52:ef:ad:55:59:94:5a:
dc:46:1d:3c:ad:ff:d8:fd:ad:09:ee:dd:88:84:48:5b:a0:18:
a8:a4:c8:29:85:1a:c1:5a:36:a9:64:1c:f3:66:0c:f5:ae:46:
a6:6e:3f:e7:c2:2a:50:9c:5f:46:dc:be:5d:fb:5b:a9:d4:85:
6e:bc:92:28:dd:36:2c:11:df:80:2f:54:d7:5b:32:38:1b:e5:
73:27:25:08:6a:c9:91:8c:9a:d1:0a:20:a0:30:72:e3:77:7d:
4d:08:c7:57:9a:c6:1b:ea:0e:86:80:42:38:25:69:12:e9:98:
48:e0:ef:06
-----BEGIN CERTIFICATE-----
MIIDXzCCAkegAwIBAgIUcOk/Ytl1JsQidaF3yfFEeUE/yxAwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFaKhmRzdQoBZ1OlU5Hz3kKEidPDCmTPyqcOrOjB0OjQAYH
N3wf2GxqrzgGqDwxz8ZGHrq4cJVfhUlZQXg7+cID0qGdWoL1x650U+zRrgcmDL1n
R7sF/dWmJNTAOds7/x7wjw2/8g0A5X1jEy3Qmz+WRl3JBjRAFZSjKZ/+feyVn+nl
xpf2ED/qCUCEullk1oMGvOzqP3yZ87THE50adLz1T7XXwPwPePmH+5rxRACR0tld
EmegzXWk68JHhri91Ux+a0iOqX0MP06gLqH8Z2NA+sRWsKPuinNVafrsXzlXdGUd
72aerXaE46fsftjC+4sWDh5leR3HjtnfHjFJHoUCAwEAAaOBqjCBpzAdBgNVHQ4E
FgQUnFB/oQ9iQbZBin5cbnO0PkT+5sIwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUF
BzAChhtodHRwOi8vdXJsLWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+g
HYYbaHR0cDovL3VybC1mb3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAP
BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB++LtEN8CKfRlNwTaX
6RPuh2L3ORBTOeF2+olEsBqNNl55RUiOqKZX/sx4H5GpWZxkrHmRsPK5vRy+id8M
x+5xv5spOI5Q+J5qFm3Fafi+nzsMFR0evrZoiMYDyR/g7ZuYVv7Vowxrdrs+nV0p
zGpQrehvOOerF4OGAtzWfd6T4TDcAGBqlBFAPVLvrVVZlFrcRh08rf/Y/a0J7t2I
hEhboBiopMgphRrBWjapZBzzZgz1rkambj/nwipQnF9G3L5d+1up1IVuvJIo3TYs
Ed+AL1TXWzI4G+VzJyUIasmRjJrRCiCgMHLjd31NCMdXmsYb6g6GgEI4JWkS6ZhI
4O8G
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:e9:3f:62:d9:75:26:c4:22:75:a1:77:c9:f1:44:79:41:3f:cb:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Root
Validity
Not Before: Oct 5 12:00:00 2021 GMT
Not After : Oct 5 12:00:00 2022 GMT
Subject: CN=Root
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:03:e4:44:d9:35:7b:d7:f5:f0:78:21:45:10:
23:6f:06:36:12:ff:a2:76:ef:19:ec:6f:a5:07:40:
3c:81:11:8d:0b:5a:6b:1f:fe:73:80:3e:62:0b:00:
de:05:eb:a6:e8:e6:70:33:d1:16:6c:56:d7:0e:a5:
a7:52:9b:9c:9b:33:ab:7e:98:d6:1f:42:36:65:d4:
54:bf:85:fd:ba:23:40:84:c6:0f:48:e6:0a:14:2c:
6e:12:b2:ce:c4:2b:47:aa:61:5c:ba:37:c3:c1:7b:
39:04:1f:2d:5a:6a:b1:35:33:d9:02:66:92:36:0e:
30:50:d6:57:4a:e0:07:d9:4c:39:f3:2f:8d:e3:e6:
2b:ce:ab:37:6b:24:d6:99:fa:25:b2:f5:dc:6c:bd:
85:a2:e5:bb:41:a6:a5:44:8c:12:3f:a8:89:90:8b:
51:bf:25:40:f7:fa:f9:f3:4f:d7:0c:43:c8:ea:bf:
4e:1f:08:90:e6:6e:cc:3f:ab:83:41:52:d4:96:9b:
df:18:90:f0:dc:51:05:10:e0:44:9e:9f:5a:f3:f5:
9b:81:41:fe:64:40:00:54:db:22:c4:b1:dd:7b:1a:
c9:f9:54:21:fc:15:13:c2:b6:c5:8c:45:c8:f6:44:
c8:32:6e:9c:23:cd:2a:61:92:b1:11:b6:35:a2:e4:
e8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:09:C4:04:3B:00:F6:3C:A0:27:CB:BE:2F:C5:65:78:EE:43:F1:56
X509v3 Authority Key Identifier:
keyid:A4:09:C4:04:3B:00:F6:3C:A0:27:CB:BE:2F:C5:65:78:EE:43:F1:56
Authority Information Access:
CA Issuers - URI:http://url-for-aia/Root.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://url-for-crl/Root.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
88:08:7b:8f:39:fe:18:2d:2a:ef:32:b8:63:40:62:49:72:b8:
49:a2:9a:15:e9:4f:33:43:b4:1a:98:39:b6:e4:33:37:8f:3a:
96:b5:12:c2:91:ef:32:a7:c0:64:b8:b9:38:90:ba:b5:5f:12:
04:0c:d3:bf:e0:74:c2:5f:60:bf:54:2e:cd:26:2a:dd:3c:fd:
c1:55:96:4c:df:6b:26:23:41:26:a0:48:97:82:d4:b3:27:57:
ad:74:dd:ea:5a:20:cf:01:e7:6f:9c:34:a2:79:c4:6c:1a:9d:
f6:da:21:4b:1e:9e:70:9d:5b:1e:30:3f:7a:b0:5b:7b:bc:05:
73:46:50:ee:97:44:3c:70:7a:e3:08:d0:c8:d6:57:96:32:19:
d4:91:d3:68:fd:21:b6:e8:e5:b1:01:db:27:6e:f5:1e:6c:d9:
e4:7f:49:f4:57:90:ad:d4:bd:f9:5d:2d:35:ca:a7:f1:66:f2:
f7:06:20:a5:09:4d:63:9e:d0:1e:77:84:ab:e9:06:51:6b:bd:
33:d1:78:78:f1:6c:3b:3e:39:29:01:30:09:48:35:23:40:7e:
4f:17:03:9b:3c:2c:8e:3b:cc:a1:3a:82:08:2f:b2:8b:f6:b6:
1d:f2:22:41:12:c2:c1:04:c5:29:1e:4d:1a:11:0d:68:9b:0f:
78:10:11:14
-----BEGIN CERTIFICATE-----
MIIDeDCCAmCgAwIBAgIUcOk/Ytl1JsQidaF3yfFEeUE/yxEwDQYJKoZIhvcNAQEL
BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0yMTEwMDUxMjAwMDBaFw0yMjEwMDUxMjAw
MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCcA+RE2TV71/XweCFFECNvBjYS/6J27xnsb6UHQDyBEY0LWmsf/nOAPmIL
AN4F66bo5nAz0RZsVtcOpadSm5ybM6t+mNYfQjZl1FS/hf26I0CExg9I5goULG4S
ss7EK0eqYVy6N8PBezkEHy1aarE1M9kCZpI2DjBQ1ldK4AfZTDnzL43j5ivOqzdr
JNaZ+iWy9dxsvYWi5btBpqVEjBI/qImQi1G/JUD3+vnzT9cMQ8jqv04fCJDmbsw/
q4NBUtSWm98YkPDcUQUQ4ESen1rz9ZuBQf5kQABU2yLEsd17Gsn5VCH8FRPCtsWM
Rcj2RMgybpwjzSphkrERtjWi5OgrAgMBAAGjgcswgcgwHQYDVR0OBBYEFKQJxAQ7
APY8oCfLvi/FZXjuQ/FWMB8GA1UdIwQYMBaAFKQJxAQ7APY8oCfLvi/FZXjuQ/FW
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
9w0BAQsFAAOCAQEAiAh7jzn+GC0q7zK4Y0BiSXK4SaKaFelPM0O0Gpg5tuQzN486
lrUSwpHvMqfAZLi5OJC6tV8SBAzTv+B0wl9gv1QuzSYq3Tz9wVWWTN9rJiNBJqBI
l4LUsydXrXTd6logzwHnb5w0onnEbBqd9tohSx6ecJ1bHjA/erBbe7wFc0ZQ7pdE
PHB64wjQyNZXljIZ1JHTaP0htujlsQHbJ271HmzZ5H9J9FeQrdS9+V0tNcqn8Wby
9wYgpQlNY57QHneEq+kGUWu9M9F4ePFsOz45KQEwCUg1I0B+TxcDmzwsjjvMoTqC
CC+yi/a2HfIiQRLCwQTFKR5NGhENaJsPeBARFA==
-----END CERTIFICATE-----