diff options
| author | mattm <mattm@chromium.org> | 2016-02-10 16:06:30 -0800 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2016-02-11 00:08:10 +0000 |
| commit | db034aaf2a2e25138caaff2b5fa1f642460e3d62 (patch) | |
| tree | 5234c0707273c0da14e826cbb32b58393d05deb5 | |
| parent | e4af0377e510216707e1346bbb47a1789273321f (diff) | |
| download | chromium_src-db034aaf2a2e25138caaff2b5fa1f642460e3d62.zip chromium_src-db034aaf2a2e25138caaff2b5fa1f642460e3d62.tar.gz chromium_src-db034aaf2a2e25138caaff2b5fa1f642460e3d62.tar.bz2 | |
Fix GeneralName directoryName parsing in new (unused) name constraints code.
The explicit sequence tag on the Name was not being stripped.
BUG=none
Review URL: https://codereview.chromium.org/1686003002
Cr-Commit-Position: refs/heads/master@{#374795}
11 files changed, 289 insertions, 262 deletions
diff --git a/net/cert/internal/name_constraints.cc b/net/cert/internal/name_constraints.cc index 7234e86..2873acab 100644 --- a/net/cert/internal/name_constraints.cc +++ b/net/cert/internal/name_constraints.cc @@ -179,13 +179,22 @@ WARN_UNUSED_RESULT bool ParseGeneralName( name_type = GENERAL_NAME_X400_ADDRESS; break; // directoryName [4] Name, - case 4: + case 4: { if (!der::IsConstructed(tag)) return false; name_type = GENERAL_NAME_DIRECTORY_NAME; - subtrees->directory_names.push_back(std::vector<uint8_t>( - value.UnsafeData(), value.UnsafeData() + value.Length())); + // Name is a CHOICE { rdnSequence RDNSequence }, therefore the SEQUENCE + // tag is explicit. Remove it, since the name matching functions expect + // only the value portion. + der::Parser name_parser(value); + der::Input name_value; + if (!name_parser.ReadTag(der::kSequence, &name_value) || parser.HasMore()) + return false; + subtrees->directory_names.push_back( + std::vector<uint8_t>(name_value.UnsafeData(), + name_value.UnsafeData() + name_value.Length())); break; + } // ediPartyName [5] EDIPartyName, case 5: if (!der::IsConstructed(tag)) diff --git a/net/data/name_constraints_unittest/directoryname-excludeall.pem b/net/data/name_constraints_unittest/directoryname-excludeall.pem index 4f8bdb2..2e91b30 100644 --- a/net/data/name_constraints_unittest/directoryname-excludeall.pem +++ b/net/data/name_constraints_unittest/directoryname-excludeall.pem @@ -1,14 +1,16 @@ - 0:d=0 hl=2 l= 25 cons: SEQUENCE - 2:d=1 hl=2 l= 17 cons: cont [ 0 ] - 4:d=2 hl=2 l= 15 cons: SEQUENCE - 6:d=3 hl=2 l= 13 cons: cont [ 4 ] - 8:d=4 hl=2 l= 11 cons: SET - 10:d=5 hl=2 l= 9 cons: SEQUENCE - 12:d=6 hl=2 l= 3 prim: OBJECT :countryName - 17:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 21:d=1 hl=2 l= 4 cons: cont [ 1 ] - 23:d=2 hl=2 l= 2 cons: SEQUENCE - 25:d=3 hl=2 l= 0 cons: cont [ 4 ] + 0:d=0 hl=2 l= 29 cons: SEQUENCE + 2:d=1 hl=2 l= 19 cons: cont [ 0 ] + 4:d=2 hl=2 l= 17 cons: SEQUENCE + 6:d=3 hl=2 l= 15 cons: cont [ 4 ] + 8:d=4 hl=2 l= 13 cons: SEQUENCE + 10:d=5 hl=2 l= 11 cons: SET + 12:d=6 hl=2 l= 9 cons: SEQUENCE + 14:d=7 hl=2 l= 3 prim: OBJECT :countryName + 19:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 23:d=1 hl=2 l= 6 cons: cont [ 1 ] + 25:d=2 hl=2 l= 4 cons: SEQUENCE + 27:d=3 hl=2 l= 2 cons: cont [ 4 ] + 29:d=4 hl=2 l= 0 cons: SEQUENCE -----BEGIN NAME CONSTRAINTS----- -MBmgETAPpA0xCzAJBgNVBAYTAlVToQQwAqQA +MB2gEzARpA8wDTELMAkGA1UEBhMCVVOhBjAEpAIwAA== -----END NAME CONSTRAINTS----- diff --git a/net/data/name_constraints_unittest/directoryname-excluded.pem b/net/data/name_constraints_unittest/directoryname-excluded.pem index b55c868..fe525a3 100644 --- a/net/data/name_constraints_unittest/directoryname-excluded.pem +++ b/net/data/name_constraints_unittest/directoryname-excluded.pem @@ -1,15 +1,16 @@ - 0:d=0 hl=2 l= 40 cons: SEQUENCE - 2:d=1 hl=2 l= 38 cons: cont [ 1 ] - 4:d=2 hl=2 l= 36 cons: SEQUENCE - 6:d=3 hl=2 l= 34 cons: cont [ 4 ] - 8:d=4 hl=2 l= 11 cons: SET - 10:d=5 hl=2 l= 9 cons: SEQUENCE - 12:d=6 hl=2 l= 3 prim: OBJECT :countryName - 17:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 21:d=4 hl=2 l= 19 cons: SET - 23:d=5 hl=2 l= 17 cons: SEQUENCE - 25:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 30:d=6 hl=2 l= 10 prim: UTF8STRING :California + 0:d=0 hl=2 l= 42 cons: SEQUENCE + 2:d=1 hl=2 l= 40 cons: cont [ 1 ] + 4:d=2 hl=2 l= 38 cons: SEQUENCE + 6:d=3 hl=2 l= 36 cons: cont [ 4 ] + 8:d=4 hl=2 l= 34 cons: SEQUENCE + 10:d=5 hl=2 l= 11 cons: SET + 12:d=6 hl=2 l= 9 cons: SEQUENCE + 14:d=7 hl=2 l= 3 prim: OBJECT :countryName + 19:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 23:d=5 hl=2 l= 19 cons: SET + 25:d=6 hl=2 l= 17 cons: SEQUENCE + 27:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 32:d=7 hl=2 l= 10 prim: UTF8STRING :California -----BEGIN NAME CONSTRAINTS----- -MCihJjAkpCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlh +MCqhKDAmpCQwIjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWE= -----END NAME CONSTRAINTS----- diff --git a/net/data/name_constraints_unittest/directoryname.pem b/net/data/name_constraints_unittest/directoryname.pem index d79e691..01f1121 100644 --- a/net/data/name_constraints_unittest/directoryname.pem +++ b/net/data/name_constraints_unittest/directoryname.pem @@ -1,55 +1,60 @@ - 0:d=0 hl=3 l= 172 cons: SEQUENCE - 3:d=1 hl=2 l= 113 cons: cont [ 0 ] - 5:d=2 hl=2 l= 15 cons: SEQUENCE - 7:d=3 hl=2 l= 13 cons: cont [ 4 ] - 9:d=4 hl=2 l= 11 cons: SET - 11:d=5 hl=2 l= 9 cons: SEQUENCE - 13:d=6 hl=2 l= 3 prim: OBJECT :countryName - 18:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 22:d=2 hl=2 l= 60 cons: SEQUENCE - 24:d=3 hl=2 l= 58 cons: cont [ 4 ] - 26:d=4 hl=2 l= 11 cons: SET - 28:d=5 hl=2 l= 9 cons: SEQUENCE - 30:d=6 hl=2 l= 3 prim: OBJECT :countryName - 35:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 39:d=4 hl=2 l= 19 cons: SET - 41:d=5 hl=2 l= 17 cons: SEQUENCE - 43:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 48:d=6 hl=2 l= 10 prim: UTF8STRING :California - 60:d=4 hl=2 l= 22 cons: SET - 62:d=5 hl=2 l= 20 cons: SEQUENCE - 64:d=6 hl=2 l= 3 prim: OBJECT :localityName - 69:d=6 hl=2 l= 13 prim: UTF8STRING :Mountain View - 84:d=2 hl=2 l= 32 cons: SEQUENCE - 86:d=3 hl=2 l= 30 cons: cont [ 4 ] - 88:d=4 hl=2 l= 11 cons: SET - 90:d=5 hl=2 l= 9 cons: SEQUENCE - 92:d=6 hl=2 l= 3 prim: OBJECT :countryName - 97:d=6 hl=2 l= 2 prim: PRINTABLESTRING :JP - 101:d=4 hl=2 l= 15 cons: SET - 103:d=5 hl=2 l= 13 cons: SEQUENCE - 105:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 110:d=6 hl=2 l= 6 prim: UTF8STRING :東京 - 118:d=1 hl=2 l= 55 cons: cont [ 1 ] - 120:d=2 hl=2 l= 36 cons: SEQUENCE - 122:d=3 hl=2 l= 34 cons: cont [ 4 ] - 124:d=4 hl=2 l= 11 cons: SET - 126:d=5 hl=2 l= 9 cons: SEQUENCE - 128:d=6 hl=2 l= 3 prim: OBJECT :countryName - 133:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 137:d=4 hl=2 l= 19 cons: SET - 139:d=5 hl=2 l= 17 cons: SEQUENCE - 141:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 146:d=6 hl=2 l= 10 prim: UTF8STRING :California - 158:d=2 hl=2 l= 15 cons: SEQUENCE - 160:d=3 hl=2 l= 13 cons: cont [ 4 ] - 162:d=4 hl=2 l= 11 cons: SET - 164:d=5 hl=2 l= 9 cons: SEQUENCE - 166:d=6 hl=2 l= 3 prim: OBJECT :countryName - 171:d=6 hl=2 l= 2 prim: PRINTABLESTRING :DE + 0:d=0 hl=3 l= 182 cons: SEQUENCE + 3:d=1 hl=2 l= 119 cons: cont [ 0 ] + 5:d=2 hl=2 l= 17 cons: SEQUENCE + 7:d=3 hl=2 l= 15 cons: cont [ 4 ] + 9:d=4 hl=2 l= 13 cons: SEQUENCE + 11:d=5 hl=2 l= 11 cons: SET + 13:d=6 hl=2 l= 9 cons: SEQUENCE + 15:d=7 hl=2 l= 3 prim: OBJECT :countryName + 20:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 24:d=2 hl=2 l= 62 cons: SEQUENCE + 26:d=3 hl=2 l= 60 cons: cont [ 4 ] + 28:d=4 hl=2 l= 58 cons: SEQUENCE + 30:d=5 hl=2 l= 11 cons: SET + 32:d=6 hl=2 l= 9 cons: SEQUENCE + 34:d=7 hl=2 l= 3 prim: OBJECT :countryName + 39:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 43:d=5 hl=2 l= 19 cons: SET + 45:d=6 hl=2 l= 17 cons: SEQUENCE + 47:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 52:d=7 hl=2 l= 10 prim: UTF8STRING :California + 64:d=5 hl=2 l= 22 cons: SET + 66:d=6 hl=2 l= 20 cons: SEQUENCE + 68:d=7 hl=2 l= 3 prim: OBJECT :localityName + 73:d=7 hl=2 l= 13 prim: UTF8STRING :Mountain View + 88:d=2 hl=2 l= 34 cons: SEQUENCE + 90:d=3 hl=2 l= 32 cons: cont [ 4 ] + 92:d=4 hl=2 l= 30 cons: SEQUENCE + 94:d=5 hl=2 l= 11 cons: SET + 96:d=6 hl=2 l= 9 cons: SEQUENCE + 98:d=7 hl=2 l= 3 prim: OBJECT :countryName + 103:d=7 hl=2 l= 2 prim: PRINTABLESTRING :JP + 107:d=5 hl=2 l= 15 cons: SET + 109:d=6 hl=2 l= 13 cons: SEQUENCE + 111:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 116:d=7 hl=2 l= 6 prim: UTF8STRING :東京 + 124:d=1 hl=2 l= 59 cons: cont [ 1 ] + 126:d=2 hl=2 l= 38 cons: SEQUENCE + 128:d=3 hl=2 l= 36 cons: cont [ 4 ] + 130:d=4 hl=2 l= 34 cons: SEQUENCE + 132:d=5 hl=2 l= 11 cons: SET + 134:d=6 hl=2 l= 9 cons: SEQUENCE + 136:d=7 hl=2 l= 3 prim: OBJECT :countryName + 141:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 145:d=5 hl=2 l= 19 cons: SET + 147:d=6 hl=2 l= 17 cons: SEQUENCE + 149:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 154:d=7 hl=2 l= 10 prim: UTF8STRING :California + 166:d=2 hl=2 l= 17 cons: SEQUENCE + 168:d=3 hl=2 l= 15 cons: cont [ 4 ] + 170:d=4 hl=2 l= 13 cons: SEQUENCE + 172:d=5 hl=2 l= 11 cons: SET + 174:d=6 hl=2 l= 9 cons: SEQUENCE + 176:d=7 hl=2 l= 3 prim: OBJECT :countryName + 181:d=7 hl=2 l= 2 prim: PRINTABLESTRING :DE -----BEGIN NAME CONSTRAINTS----- -MIGsoHEwD6QNMQswCQYDVQQGEwJVUzA8pDoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9y -bmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MCCkHjELMAkGA1UEBhMCSlAxDzANBgNVBAgMBuad -seS6rKE3MCSkIjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEwD6QNMQswCQYDVQQG -EwJERQ== +MIG2oHcwEaQPMA0xCzAJBgNVBAYTAlVTMD6kPDA6MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs +aWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzAipCAwHjELMAkGA1UEBhMCSlAxDzANBgNV +BAgMBuadseS6rKE7MCakJDAiMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTARpA8w +DTELMAkGA1UEBhMCREU= -----END NAME CONSTRAINTS----- diff --git a/net/data/name_constraints_unittest/directoryname_and_dnsname.pem b/net/data/name_constraints_unittest/directoryname_and_dnsname.pem index 9d4a841..99c9aa8 100644 --- a/net/data/name_constraints_unittest/directoryname_and_dnsname.pem +++ b/net/data/name_constraints_unittest/directoryname_and_dnsname.pem @@ -1,73 +1,78 @@ - 0:d=0 hl=4 l= 402 cons: SEQUENCE - 4:d=1 hl=4 l= 272 cons: cont [ 0 ] - 8:d=2 hl=2 l= 15 cons: SEQUENCE - 10:d=3 hl=2 l= 13 cons: cont [ 4 ] - 12:d=4 hl=2 l= 11 cons: SET - 14:d=5 hl=2 l= 9 cons: SEQUENCE - 16:d=6 hl=2 l= 3 prim: OBJECT :countryName - 21:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 25:d=2 hl=2 l= 60 cons: SEQUENCE - 27:d=3 hl=2 l= 58 cons: cont [ 4 ] - 29:d=4 hl=2 l= 11 cons: SET - 31:d=5 hl=2 l= 9 cons: SEQUENCE - 33:d=6 hl=2 l= 3 prim: OBJECT :countryName - 38:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 42:d=4 hl=2 l= 19 cons: SET - 44:d=5 hl=2 l= 17 cons: SEQUENCE - 46:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 51:d=6 hl=2 l= 10 prim: UTF8STRING :California - 63:d=4 hl=2 l= 22 cons: SET - 65:d=5 hl=2 l= 20 cons: SEQUENCE - 67:d=6 hl=2 l= 3 prim: OBJECT :localityName - 72:d=6 hl=2 l= 13 prim: UTF8STRING :Mountain View - 87:d=2 hl=2 l= 32 cons: SEQUENCE - 89:d=3 hl=2 l= 30 cons: cont [ 4 ] - 91:d=4 hl=2 l= 11 cons: SET - 93:d=5 hl=2 l= 9 cons: SEQUENCE - 95:d=6 hl=2 l= 3 prim: OBJECT :countryName - 100:d=6 hl=2 l= 2 prim: PRINTABLESTRING :JP - 104:d=4 hl=2 l= 15 cons: SET - 106:d=5 hl=2 l= 13 cons: SEQUENCE - 108:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 113:d=6 hl=2 l= 6 prim: UTF8STRING :東京 - 121:d=2 hl=2 l= 23 cons: SEQUENCE - 123:d=3 hl=2 l= 21 prim: cont [ 2 ] - 146:d=2 hl=2 l= 24 cons: SEQUENCE - 148:d=3 hl=2 l= 22 prim: cont [ 2 ] - 172:d=2 hl=2 l= 25 cons: SEQUENCE - 174:d=3 hl=2 l= 23 prim: cont [ 2 ] - 199:d=2 hl=2 l= 27 cons: SEQUENCE - 201:d=3 hl=2 l= 25 prim: cont [ 2 ] - 228:d=2 hl=2 l= 50 cons: SEQUENCE - 230:d=3 hl=2 l= 48 prim: cont [ 2 ] - 280:d=1 hl=2 l= 124 cons: cont [ 1 ] - 282:d=2 hl=2 l= 36 cons: SEQUENCE - 284:d=3 hl=2 l= 34 cons: cont [ 4 ] - 286:d=4 hl=2 l= 11 cons: SET - 288:d=5 hl=2 l= 9 cons: SEQUENCE - 290:d=6 hl=2 l= 3 prim: OBJECT :countryName - 295:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 299:d=4 hl=2 l= 19 cons: SET - 301:d=5 hl=2 l= 17 cons: SEQUENCE - 303:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 308:d=6 hl=2 l= 10 prim: UTF8STRING :California - 320:d=2 hl=2 l= 15 cons: SEQUENCE - 322:d=3 hl=2 l= 13 cons: cont [ 4 ] - 324:d=4 hl=2 l= 11 cons: SET - 326:d=5 hl=2 l= 9 cons: SEQUENCE - 328:d=6 hl=2 l= 3 prim: OBJECT :countryName - 333:d=6 hl=2 l= 2 prim: PRINTABLESTRING :DE - 337:d=2 hl=2 l= 32 cons: SEQUENCE - 339:d=3 hl=2 l= 30 prim: cont [ 2 ] - 371:d=2 hl=2 l= 33 cons: SEQUENCE - 373:d=3 hl=2 l= 31 prim: cont [ 2 ] + 0:d=0 hl=4 l= 413 cons: SEQUENCE + 4:d=1 hl=4 l= 278 cons: cont [ 0 ] + 8:d=2 hl=2 l= 17 cons: SEQUENCE + 10:d=3 hl=2 l= 15 cons: cont [ 4 ] + 12:d=4 hl=2 l= 13 cons: SEQUENCE + 14:d=5 hl=2 l= 11 cons: SET + 16:d=6 hl=2 l= 9 cons: SEQUENCE + 18:d=7 hl=2 l= 3 prim: OBJECT :countryName + 23:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 27:d=2 hl=2 l= 62 cons: SEQUENCE + 29:d=3 hl=2 l= 60 cons: cont [ 4 ] + 31:d=4 hl=2 l= 58 cons: SEQUENCE + 33:d=5 hl=2 l= 11 cons: SET + 35:d=6 hl=2 l= 9 cons: SEQUENCE + 37:d=7 hl=2 l= 3 prim: OBJECT :countryName + 42:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 46:d=5 hl=2 l= 19 cons: SET + 48:d=6 hl=2 l= 17 cons: SEQUENCE + 50:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 55:d=7 hl=2 l= 10 prim: UTF8STRING :California + 67:d=5 hl=2 l= 22 cons: SET + 69:d=6 hl=2 l= 20 cons: SEQUENCE + 71:d=7 hl=2 l= 3 prim: OBJECT :localityName + 76:d=7 hl=2 l= 13 prim: UTF8STRING :Mountain View + 91:d=2 hl=2 l= 34 cons: SEQUENCE + 93:d=3 hl=2 l= 32 cons: cont [ 4 ] + 95:d=4 hl=2 l= 30 cons: SEQUENCE + 97:d=5 hl=2 l= 11 cons: SET + 99:d=6 hl=2 l= 9 cons: SEQUENCE + 101:d=7 hl=2 l= 3 prim: OBJECT :countryName + 106:d=7 hl=2 l= 2 prim: PRINTABLESTRING :JP + 110:d=5 hl=2 l= 15 cons: SET + 112:d=6 hl=2 l= 13 cons: SEQUENCE + 114:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 119:d=7 hl=2 l= 6 prim: UTF8STRING :東京 + 127:d=2 hl=2 l= 23 cons: SEQUENCE + 129:d=3 hl=2 l= 21 prim: cont [ 2 ] + 152:d=2 hl=2 l= 24 cons: SEQUENCE + 154:d=3 hl=2 l= 22 prim: cont [ 2 ] + 178:d=2 hl=2 l= 25 cons: SEQUENCE + 180:d=3 hl=2 l= 23 prim: cont [ 2 ] + 205:d=2 hl=2 l= 27 cons: SEQUENCE + 207:d=3 hl=2 l= 25 prim: cont [ 2 ] + 234:d=2 hl=2 l= 50 cons: SEQUENCE + 236:d=3 hl=2 l= 48 prim: cont [ 2 ] + 286:d=1 hl=3 l= 128 cons: cont [ 1 ] + 289:d=2 hl=2 l= 38 cons: SEQUENCE + 291:d=3 hl=2 l= 36 cons: cont [ 4 ] + 293:d=4 hl=2 l= 34 cons: SEQUENCE + 295:d=5 hl=2 l= 11 cons: SET + 297:d=6 hl=2 l= 9 cons: SEQUENCE + 299:d=7 hl=2 l= 3 prim: OBJECT :countryName + 304:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 308:d=5 hl=2 l= 19 cons: SET + 310:d=6 hl=2 l= 17 cons: SEQUENCE + 312:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 317:d=7 hl=2 l= 10 prim: UTF8STRING :California + 329:d=2 hl=2 l= 17 cons: SEQUENCE + 331:d=3 hl=2 l= 15 cons: cont [ 4 ] + 333:d=4 hl=2 l= 13 cons: SEQUENCE + 335:d=5 hl=2 l= 11 cons: SET + 337:d=6 hl=2 l= 9 cons: SEQUENCE + 339:d=7 hl=2 l= 3 prim: OBJECT :countryName + 344:d=7 hl=2 l= 2 prim: PRINTABLESTRING :DE + 348:d=2 hl=2 l= 32 cons: SEQUENCE + 350:d=3 hl=2 l= 30 prim: cont [ 2 ] + 382:d=2 hl=2 l= 33 cons: SEQUENCE + 384:d=3 hl=2 l= 31 prim: cont [ 2 ] -----BEGIN NAME CONSTRAINTS----- -MIIBkqCCARAwD6QNMQswCQYDVQQGEwJVUzA8pDoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxp -Zm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MCCkHjELMAkGA1UEBhMCSlAxDzANBgNVBAgM -BuadseS6rDAXghVwZXJtaXR0ZWQuZXhhbXBsZS5jb20wGIIWcGVybWl0dGVkLmV4YW1wbGUyLmNv -bTAZghdwZXJtaXR0ZWQuZXhhbXBsZTMuY29tLjAbghlhbHNvcGVybWl0dGVkLmV4YW1wbGUuY29t -MDKCMHN0aWxsbm90cGVybWl0dGVkLmV4Y2x1ZGVkLnBlcm1pdHRlZC5leGFtcGxlLmNvbaF8MCSk -IjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEwD6QNMQswCQYDVQQGEwJERTAggh5l -eGNsdWRlZC5wZXJtaXR0ZWQuZXhhbXBsZS5jb20wIYIfZXh0cmFuZW91c2V4Y2x1c2lvbi5leGFt -cGxlLmNvbQ== +MIIBnaCCARYwEaQPMA0xCzAJBgNVBAYTAlVTMD6kPDA6MQswCQYDVQQGEwJVUzETMBEGA1UECAwK +Q2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzAipCAwHjELMAkGA1UEBhMCSlAxDzAN +BgNVBAgMBuadseS6rDAXghVwZXJtaXR0ZWQuZXhhbXBsZS5jb20wGIIWcGVybWl0dGVkLmV4YW1w +bGUyLmNvbTAZghdwZXJtaXR0ZWQuZXhhbXBsZTMuY29tLjAbghlhbHNvcGVybWl0dGVkLmV4YW1w +bGUuY29tMDKCMHN0aWxsbm90cGVybWl0dGVkLmV4Y2x1ZGVkLnBlcm1pdHRlZC5leGFtcGxlLmNv +baGBgDAmpCQwIjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEwEaQPMA0xCzAJBgNV +BAYTAkRFMCCCHmV4Y2x1ZGVkLnBlcm1pdHRlZC5leGFtcGxlLmNvbTAhgh9leHRyYW5lb3VzZXhj +bHVzaW9uLmV4YW1wbGUuY29t -----END NAME CONSTRAINTS----- diff --git a/net/data/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem b/net/data/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem index 93fc470..211a774 100644 --- a/net/data/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem +++ b/net/data/name_constraints_unittest/directoryname_and_dnsname_and_ipaddress.pem @@ -1,97 +1,102 @@ - 0:d=0 hl=4 l= 643 cons: SEQUENCE - 4:d=1 hl=4 l= 416 cons: cont [ 0 ] - 8:d=2 hl=2 l= 15 cons: SEQUENCE - 10:d=3 hl=2 l= 13 cons: cont [ 4 ] - 12:d=4 hl=2 l= 11 cons: SET - 14:d=5 hl=2 l= 9 cons: SEQUENCE - 16:d=6 hl=2 l= 3 prim: OBJECT :countryName - 21:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 25:d=2 hl=2 l= 60 cons: SEQUENCE - 27:d=3 hl=2 l= 58 cons: cont [ 4 ] - 29:d=4 hl=2 l= 11 cons: SET - 31:d=5 hl=2 l= 9 cons: SEQUENCE - 33:d=6 hl=2 l= 3 prim: OBJECT :countryName - 38:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 42:d=4 hl=2 l= 19 cons: SET - 44:d=5 hl=2 l= 17 cons: SEQUENCE - 46:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 51:d=6 hl=2 l= 10 prim: UTF8STRING :California - 63:d=4 hl=2 l= 22 cons: SET - 65:d=5 hl=2 l= 20 cons: SEQUENCE - 67:d=6 hl=2 l= 3 prim: OBJECT :localityName - 72:d=6 hl=2 l= 13 prim: UTF8STRING :Mountain View - 87:d=2 hl=2 l= 32 cons: SEQUENCE - 89:d=3 hl=2 l= 30 cons: cont [ 4 ] - 91:d=4 hl=2 l= 11 cons: SET - 93:d=5 hl=2 l= 9 cons: SEQUENCE - 95:d=6 hl=2 l= 3 prim: OBJECT :countryName - 100:d=6 hl=2 l= 2 prim: PRINTABLESTRING :JP - 104:d=4 hl=2 l= 15 cons: SET - 106:d=5 hl=2 l= 13 cons: SEQUENCE - 108:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 113:d=6 hl=2 l= 6 prim: UTF8STRING :東京 - 121:d=2 hl=2 l= 23 cons: SEQUENCE - 123:d=3 hl=2 l= 21 prim: cont [ 2 ] - 146:d=2 hl=2 l= 24 cons: SEQUENCE - 148:d=3 hl=2 l= 22 prim: cont [ 2 ] - 172:d=2 hl=2 l= 25 cons: SEQUENCE - 174:d=3 hl=2 l= 23 prim: cont [ 2 ] - 199:d=2 hl=2 l= 27 cons: SEQUENCE - 201:d=3 hl=2 l= 25 prim: cont [ 2 ] - 228:d=2 hl=2 l= 50 cons: SEQUENCE - 230:d=3 hl=2 l= 48 prim: cont [ 2 ] - 280:d=2 hl=2 l= 10 cons: SEQUENCE - 282:d=3 hl=2 l= 8 prim: cont [ 7 ] - 292:d=2 hl=2 l= 10 cons: SEQUENCE - 294:d=3 hl=2 l= 8 prim: cont [ 7 ] - 304:d=2 hl=2 l= 10 cons: SEQUENCE - 306:d=3 hl=2 l= 8 prim: cont [ 7 ] - 316:d=2 hl=2 l= 34 cons: SEQUENCE - 318:d=3 hl=2 l= 32 prim: cont [ 7 ] - 352:d=2 hl=2 l= 34 cons: SEQUENCE - 354:d=3 hl=2 l= 32 prim: cont [ 7 ] - 388:d=2 hl=2 l= 34 cons: SEQUENCE - 390:d=3 hl=2 l= 32 prim: cont [ 7 ] - 424:d=1 hl=3 l= 220 cons: cont [ 1 ] - 427:d=2 hl=2 l= 36 cons: SEQUENCE - 429:d=3 hl=2 l= 34 cons: cont [ 4 ] - 431:d=4 hl=2 l= 11 cons: SET - 433:d=5 hl=2 l= 9 cons: SEQUENCE - 435:d=6 hl=2 l= 3 prim: OBJECT :countryName - 440:d=6 hl=2 l= 2 prim: PRINTABLESTRING :US - 444:d=4 hl=2 l= 19 cons: SET - 446:d=5 hl=2 l= 17 cons: SEQUENCE - 448:d=6 hl=2 l= 3 prim: OBJECT :stateOrProvinceName - 453:d=6 hl=2 l= 10 prim: UTF8STRING :California - 465:d=2 hl=2 l= 15 cons: SEQUENCE - 467:d=3 hl=2 l= 13 cons: cont [ 4 ] - 469:d=4 hl=2 l= 11 cons: SET - 471:d=5 hl=2 l= 9 cons: SEQUENCE - 473:d=6 hl=2 l= 3 prim: OBJECT :countryName - 478:d=6 hl=2 l= 2 prim: PRINTABLESTRING :DE - 482:d=2 hl=2 l= 32 cons: SEQUENCE - 484:d=3 hl=2 l= 30 prim: cont [ 2 ] - 516:d=2 hl=2 l= 33 cons: SEQUENCE - 518:d=3 hl=2 l= 31 prim: cont [ 2 ] - 551:d=2 hl=2 l= 10 cons: SEQUENCE - 553:d=3 hl=2 l= 8 prim: cont [ 7 ] - 563:d=2 hl=2 l= 10 cons: SEQUENCE - 565:d=3 hl=2 l= 8 prim: cont [ 7 ] - 575:d=2 hl=2 l= 34 cons: SEQUENCE - 577:d=3 hl=2 l= 32 prim: cont [ 7 ] - 611:d=2 hl=2 l= 34 cons: SEQUENCE - 613:d=3 hl=2 l= 32 prim: cont [ 7 ] + 0:d=0 hl=4 l= 653 cons: SEQUENCE + 4:d=1 hl=4 l= 422 cons: cont [ 0 ] + 8:d=2 hl=2 l= 17 cons: SEQUENCE + 10:d=3 hl=2 l= 15 cons: cont [ 4 ] + 12:d=4 hl=2 l= 13 cons: SEQUENCE + 14:d=5 hl=2 l= 11 cons: SET + 16:d=6 hl=2 l= 9 cons: SEQUENCE + 18:d=7 hl=2 l= 3 prim: OBJECT :countryName + 23:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 27:d=2 hl=2 l= 62 cons: SEQUENCE + 29:d=3 hl=2 l= 60 cons: cont [ 4 ] + 31:d=4 hl=2 l= 58 cons: SEQUENCE + 33:d=5 hl=2 l= 11 cons: SET + 35:d=6 hl=2 l= 9 cons: SEQUENCE + 37:d=7 hl=2 l= 3 prim: OBJECT :countryName + 42:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 46:d=5 hl=2 l= 19 cons: SET + 48:d=6 hl=2 l= 17 cons: SEQUENCE + 50:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 55:d=7 hl=2 l= 10 prim: UTF8STRING :California + 67:d=5 hl=2 l= 22 cons: SET + 69:d=6 hl=2 l= 20 cons: SEQUENCE + 71:d=7 hl=2 l= 3 prim: OBJECT :localityName + 76:d=7 hl=2 l= 13 prim: UTF8STRING :Mountain View + 91:d=2 hl=2 l= 34 cons: SEQUENCE + 93:d=3 hl=2 l= 32 cons: cont [ 4 ] + 95:d=4 hl=2 l= 30 cons: SEQUENCE + 97:d=5 hl=2 l= 11 cons: SET + 99:d=6 hl=2 l= 9 cons: SEQUENCE + 101:d=7 hl=2 l= 3 prim: OBJECT :countryName + 106:d=7 hl=2 l= 2 prim: PRINTABLESTRING :JP + 110:d=5 hl=2 l= 15 cons: SET + 112:d=6 hl=2 l= 13 cons: SEQUENCE + 114:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 119:d=7 hl=2 l= 6 prim: UTF8STRING :東京 + 127:d=2 hl=2 l= 23 cons: SEQUENCE + 129:d=3 hl=2 l= 21 prim: cont [ 2 ] + 152:d=2 hl=2 l= 24 cons: SEQUENCE + 154:d=3 hl=2 l= 22 prim: cont [ 2 ] + 178:d=2 hl=2 l= 25 cons: SEQUENCE + 180:d=3 hl=2 l= 23 prim: cont [ 2 ] + 205:d=2 hl=2 l= 27 cons: SEQUENCE + 207:d=3 hl=2 l= 25 prim: cont [ 2 ] + 234:d=2 hl=2 l= 50 cons: SEQUENCE + 236:d=3 hl=2 l= 48 prim: cont [ 2 ] + 286:d=2 hl=2 l= 10 cons: SEQUENCE + 288:d=3 hl=2 l= 8 prim: cont [ 7 ] + 298:d=2 hl=2 l= 10 cons: SEQUENCE + 300:d=3 hl=2 l= 8 prim: cont [ 7 ] + 310:d=2 hl=2 l= 10 cons: SEQUENCE + 312:d=3 hl=2 l= 8 prim: cont [ 7 ] + 322:d=2 hl=2 l= 34 cons: SEQUENCE + 324:d=3 hl=2 l= 32 prim: cont [ 7 ] + 358:d=2 hl=2 l= 34 cons: SEQUENCE + 360:d=3 hl=2 l= 32 prim: cont [ 7 ] + 394:d=2 hl=2 l= 34 cons: SEQUENCE + 396:d=3 hl=2 l= 32 prim: cont [ 7 ] + 430:d=1 hl=3 l= 224 cons: cont [ 1 ] + 433:d=2 hl=2 l= 38 cons: SEQUENCE + 435:d=3 hl=2 l= 36 cons: cont [ 4 ] + 437:d=4 hl=2 l= 34 cons: SEQUENCE + 439:d=5 hl=2 l= 11 cons: SET + 441:d=6 hl=2 l= 9 cons: SEQUENCE + 443:d=7 hl=2 l= 3 prim: OBJECT :countryName + 448:d=7 hl=2 l= 2 prim: PRINTABLESTRING :US + 452:d=5 hl=2 l= 19 cons: SET + 454:d=6 hl=2 l= 17 cons: SEQUENCE + 456:d=7 hl=2 l= 3 prim: OBJECT :stateOrProvinceName + 461:d=7 hl=2 l= 10 prim: UTF8STRING :California + 473:d=2 hl=2 l= 17 cons: SEQUENCE + 475:d=3 hl=2 l= 15 cons: cont [ 4 ] + 477:d=4 hl=2 l= 13 cons: SEQUENCE + 479:d=5 hl=2 l= 11 cons: SET + 481:d=6 hl=2 l= 9 cons: SEQUENCE + 483:d=7 hl=2 l= 3 prim: OBJECT :countryName + 488:d=7 hl=2 l= 2 prim: PRINTABLESTRING :DE + 492:d=2 hl=2 l= 32 cons: SEQUENCE + 494:d=3 hl=2 l= 30 prim: cont [ 2 ] + 526:d=2 hl=2 l= 33 cons: SEQUENCE + 528:d=3 hl=2 l= 31 prim: cont [ 2 ] + 561:d=2 hl=2 l= 10 cons: SEQUENCE + 563:d=3 hl=2 l= 8 prim: cont [ 7 ] + 573:d=2 hl=2 l= 10 cons: SEQUENCE + 575:d=3 hl=2 l= 8 prim: cont [ 7 ] + 585:d=2 hl=2 l= 34 cons: SEQUENCE + 587:d=3 hl=2 l= 32 prim: cont [ 7 ] + 621:d=2 hl=2 l= 34 cons: SEQUENCE + 623:d=3 hl=2 l= 32 prim: cont [ 7 ] -----BEGIN NAME CONSTRAINTS----- -MIICg6CCAaAwD6QNMQswCQYDVQQGEwJVUzA8pDoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxp -Zm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MCCkHjELMAkGA1UEBhMCSlAxDzANBgNVBAgM -BuadseS6rDAXghVwZXJtaXR0ZWQuZXhhbXBsZS5jb20wGIIWcGVybWl0dGVkLmV4YW1wbGUyLmNv -bTAZghdwZXJtaXR0ZWQuZXhhbXBsZTMuY29tLjAbghlhbHNvcGVybWl0dGVkLmV4YW1wbGUuY29t -MDKCMHN0aWxsbm90cGVybWl0dGVkLmV4Y2x1ZGVkLnBlcm1pdHRlZC5leGFtcGxlLmNvbTAKhwjA -qAAA//8AADAKhwjAqAUg////4DAKhwjApwUg////4DAihyABAgMEBQYHCAkKCwwAAAAA//////// -////////AAAAADAihyABAgMEBQYHCAkKCwwFIAAA/////////////////+AAADAihyABAgMEBQYH -CAkKCwsFIAAA/////////////////+AAAKGB3DAkpCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApD -YWxpZm9ybmlhMA+kDTELMAkGA1UEBhMCREUwIIIeZXhjbHVkZWQucGVybWl0dGVkLmV4YW1wbGUu -Y29tMCGCH2V4dHJhbmVvdXNleGNsdXNpb24uZXhhbXBsZS5jb20wCocIwKgFAP///wAwCocIwKYF -IP///+AwIocgAQIDBAUGBwgJCgsMBQAAAP////////////////8AAAAwIocgAQIDBAUGBwgJCgsK -BSAAAP/////////////////gAAA= +MIICjaCCAaYwEaQPMA0xCzAJBgNVBAYTAlVTMD6kPDA6MQswCQYDVQQGEwJVUzETMBEGA1UECAwK +Q2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzAipCAwHjELMAkGA1UEBhMCSlAxDzAN +BgNVBAgMBuadseS6rDAXghVwZXJtaXR0ZWQuZXhhbXBsZS5jb20wGIIWcGVybWl0dGVkLmV4YW1w +bGUyLmNvbTAZghdwZXJtaXR0ZWQuZXhhbXBsZTMuY29tLjAbghlhbHNvcGVybWl0dGVkLmV4YW1w +bGUuY29tMDKCMHN0aWxsbm90cGVybWl0dGVkLmV4Y2x1ZGVkLnBlcm1pdHRlZC5leGFtcGxlLmNv +bTAKhwjAqAAA//8AADAKhwjAqAUg////4DAKhwjApwUg////4DAihyABAgMEBQYHCAkKCwwAAAAA +////////////////AAAAADAihyABAgMEBQYHCAkKCwwFIAAA/////////////////+AAADAihyAB +AgMEBQYHCAkKCwsFIAAA/////////////////+AAAKGB4DAmpCQwIjELMAkGA1UEBhMCVVMxEzAR +BgNVBAgMCkNhbGlmb3JuaWEwEaQPMA0xCzAJBgNVBAYTAkRFMCCCHmV4Y2x1ZGVkLnBlcm1pdHRl +ZC5leGFtcGxlLmNvbTAhgh9leHRyYW5lb3VzZXhjbHVzaW9uLmV4YW1wbGUuY29tMAqHCMCoBQD/ +//8AMAqHCMCmBSD////gMCKHIAECAwQFBgcICQoLDAUAAAD/////////////////AAAAMCKHIAEC +AwQFBgcICQoLCgUgAAD/////////////////4AAA -----END NAME CONSTRAINTS----- diff --git a/net/data/name_constraints_unittest/generate_name_constraints.py b/net/data/name_constraints_unittest/generate_name_constraints.py index 5f9fa4d..37ed005 100755 --- a/net/data/name_constraints_unittest/generate_name_constraints.py +++ b/net/data/name_constraints_unittest/generate_name_constraints.py @@ -137,7 +137,7 @@ def x400_address(): def directory_name(name): return str(name).replace( - 'asn1 = SEQUENCE', 'directoryName = IMPLICIT:4,SEQUENCE') + 'asn1 = SEQUENCE', 'directoryName = EXPLICIT:4,SEQUENCE') def edi_party_name(): diff --git a/net/data/name_constraints_unittest/san-excluded-directoryname.pem b/net/data/name_constraints_unittest/san-excluded-directoryname.pem index 3f10f60..65e6ab9 100644 --- a/net/data/name_constraints_unittest/san-excluded-directoryname.pem +++ b/net/data/name_constraints_unittest/san-excluded-directoryname.pem @@ -1,6 +1,6 @@ - 0:d=0 hl=2 l= 124 prim: OCTET STRING [HEX DUMP]:307A82157065726D69747465642E6578616D706C652E636F6D8704C0A80102A41F310B30090603550406130255533110300E06035504080C074172697A6F6E61A43A310B30090603550406130255533113301106035504080C0A43616C69666F726E69613116301406035504070C0D4D6F756E7461696E2056696577 + 0:d=0 hl=3 l= 128 prim: OCTET STRING [HEX DUMP]:307E82157065726D69747465642E6578616D706C652E636F6D8704C0A80102A421301F310B30090603550406130255533110300E06035504080C074172697A6F6E61A43C303A310B30090603550406130255533113301106035504080C0A43616C69666F726E69613116301406035504070C0D4D6F756E7461696E2056696577 -----BEGIN SUBJECT ALTERNATIVE NAME----- -BHwweoIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdBcml6b25hpDoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1N -b3VudGFpbiBWaWV3 +BIGAMH6CFXBlcm1pdHRlZC5leGFtcGxlLmNvbYcEwKgBAqQhMB8xCzAJBgNVBAYTAlVTMRAwDgYD +VQQIDAdBcml6b25hpDwwOjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNV +BAcMDU1vdW50YWluIFZpZXc= -----END SUBJECT ALTERNATIVE NAME----- diff --git a/net/data/name_constraints_unittest/san-excluded-dnsname.pem b/net/data/name_constraints_unittest/san-excluded-dnsname.pem index 834e28a..80ed2b9 100644 --- a/net/data/name_constraints_unittest/san-excluded-dnsname.pem +++ b/net/data/name_constraints_unittest/san-excluded-dnsname.pem @@ -1,6 +1,6 @@ - 0:d=0 hl=2 l= 118 prim: OCTET STRING [HEX DUMP]:307482157065726D69747465642E6578616D706C652E636F6D8704C0A80102A41F310B30090603550406130255533110300E06035504080C074172697A6F6E618234666F6F2E7374696C6C6E6F747065726D69747465642E6578636C756465642E7065726D69747465642E6578616D706C652E636F6D + 0:d=0 hl=2 l= 120 prim: OCTET STRING [HEX DUMP]:307682157065726D69747465642E6578616D706C652E636F6D8704C0A80102A421301F310B30090603550406130255533110300E06035504080C074172697A6F6E618234666F6F2E7374696C6C6E6F747065726D69747465642E6578636C756465642E7065726D69747465642E6578616D706C652E636F6D -----BEGIN SUBJECT ALTERNATIVE NAME----- -BHYwdIIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdBcml6b25hgjRmb28uc3RpbGxub3RwZXJtaXR0ZWQuZXhjbHVkZWQucGVybWl0dGVkLmV4YW1w -bGUuY29t +BHgwdoIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNV +BAgMB0FyaXpvbmGCNGZvby5zdGlsbG5vdHBlcm1pdHRlZC5leGNsdWRlZC5wZXJtaXR0ZWQuZXhh +bXBsZS5jb20= -----END SUBJECT ALTERNATIVE NAME----- diff --git a/net/data/name_constraints_unittest/san-excluded-ipaddress.pem b/net/data/name_constraints_unittest/san-excluded-ipaddress.pem index b4b0f18..80d1f3f 100644 --- a/net/data/name_constraints_unittest/san-excluded-ipaddress.pem +++ b/net/data/name_constraints_unittest/san-excluded-ipaddress.pem @@ -1,5 +1,5 @@ - 0:d=0 hl=2 l= 70 prim: OCTET STRING [HEX DUMP]:304482157065726D69747465642E6578616D706C652E636F6D8704C0A80102A41F310B30090603550406130255533110300E06035504080C074172697A6F6E618704C0A80505 + 0:d=0 hl=2 l= 72 prim: OCTET STRING [HEX DUMP]:304682157065726D69747465642E6578616D706C652E636F6D8704C0A80102A421301F310B30090603550406130255533110300E06035504080C074172697A6F6E618704C0A80505 -----BEGIN SUBJECT ALTERNATIVE NAME----- -BEYwRIIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdBcml6b25hhwTAqAUF +BEgwRoIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNV +BAgMB0FyaXpvbmGHBMCoBQU= -----END SUBJECT ALTERNATIVE NAME----- diff --git a/net/data/name_constraints_unittest/san-permitted.pem b/net/data/name_constraints_unittest/san-permitted.pem index fbb26f7..1110ef6 100644 --- a/net/data/name_constraints_unittest/san-permitted.pem +++ b/net/data/name_constraints_unittest/san-permitted.pem @@ -1,5 +1,5 @@ - 0:d=0 hl=2 l= 64 prim: OCTET STRING [HEX DUMP]:303E82157065726D69747465642E6578616D706C652E636F6D8704C0A80102A41F310B30090603550406130255533110300E06035504080C074172697A6F6E61 + 0:d=0 hl=2 l= 66 prim: OCTET STRING [HEX DUMP]:304082157065726D69747465642E6578616D706C652E636F6D8704C0A80102A421301F310B30090603550406130255533110300E06035504080C074172697A6F6E61 -----BEGIN SUBJECT ALTERNATIVE NAME----- -BEAwPoIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQI -DAdBcml6b25h +BEIwQIIVcGVybWl0dGVkLmV4YW1wbGUuY29thwTAqAECpCEwHzELMAkGA1UEBhMCVVMxEDAOBgNV +BAgMB0FyaXpvbmE= -----END SUBJECT ALTERNATIVE NAME----- |