diff options
| -rw-r--r-- | net/base/cert_database_nss_unittest.cc | 16 | ||||
| -rw-r--r-- | net/base/test_root_certs_unittest.cc | 114 | ||||
| -rw-r--r-- | net/data/ssl/certificates/README | 48 | ||||
| -rw-r--r-- | net/data/ssl/certificates/expired_cert.pem | 110 | ||||
| -rw-r--r-- | net/data/ssl/certificates/ok_cert.pem | 110 | ||||
| -rw-r--r-- | net/data/ssl/certificates/openssl_ca.cnf | 72 | ||||
| -rw-r--r-- | net/data/ssl/certificates/openssl_cert.cnf | 23 | ||||
| -rw-r--r-- | net/data/ssl/certificates/root_ca_cert.crt | 35 | ||||
| -rw-r--r-- | net/data/ssl/certificates/root_ca_cert.pem | 72 | ||||
| -rw-r--r-- | net/net.gyp | 1 | ||||
| -rw-r--r-- | net/test/test_server.cc | 2 | ||||
| -rw-r--r-- | tools/python/google/httpd_config/httpd2.pem | 110 | ||||
| -rw-r--r-- | tools/python/google/httpd_config/root_ca_cert.crt | 35 | ||||
| -rw-r--r-- | tools/python/google/httpd_config/root_ca_cert.pem | 72 | ||||
| -rwxr-xr-x | tools/valgrind/valgrind_test.py | 9 | ||||
| -rwxr-xr-x | tools/wine_valgrind/chrome_tests.sh | 10 |
16 files changed, 623 insertions, 216 deletions
diff --git a/net/base/cert_database_nss_unittest.cc b/net/base/cert_database_nss_unittest.cc index 8e69104..cd9f7a9 100644 --- a/net/base/cert_database_nss_unittest.cc +++ b/net/base/cert_database_nss_unittest.cc @@ -169,7 +169,7 @@ TEST_F(CertDatabaseNSSTest, ImportFromPKCS12AndExportAgain) { } TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { - std::string cert_data = ReadTestFile("root_ca_cert.crt"); + std::string cert_data = ReadTestFile("root_ca_cert.pem"); CertificateList certs = X509Certificate::CreateCertificateListFromBytes( @@ -187,7 +187,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { CertificateList cert_list = ListCertsInSlot(slot_.get()); ASSERT_EQ(1U, cert_list.size()); scoped_refptr<X509Certificate> cert(cert_list[0]); - EXPECT_EQ("Test CA", cert->subject().common_name); + EXPECT_EQ("Test Root CA", cert->subject().common_name); EXPECT_EQ(CertDatabase::TRUSTED_SSL, cert_db_.GetCertTrust(cert.get(), CA_CERT)); @@ -201,7 +201,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACert_SSLTrust) { } TEST_F(CertDatabaseNSSTest, ImportCACert_EmailTrust) { - std::string cert_data = ReadTestFile("root_ca_cert.crt"); + std::string cert_data = ReadTestFile("root_ca_cert.pem"); CertificateList certs = X509Certificate::CreateCertificateListFromBytes( @@ -219,7 +219,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACert_EmailTrust) { CertificateList cert_list = ListCertsInSlot(slot_.get()); ASSERT_EQ(1U, cert_list.size()); scoped_refptr<X509Certificate> cert(cert_list[0]); - EXPECT_EQ("Test CA", cert->subject().common_name); + EXPECT_EQ("Test Root CA", cert->subject().common_name); EXPECT_EQ(CertDatabase::TRUSTED_EMAIL, cert_db_.GetCertTrust(cert.get(), CA_CERT)); @@ -232,7 +232,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACert_EmailTrust) { } TEST_F(CertDatabaseNSSTest, ImportCACert_ObjSignTrust) { - std::string cert_data = ReadTestFile("root_ca_cert.crt"); + std::string cert_data = ReadTestFile("root_ca_cert.pem"); CertificateList certs = X509Certificate::CreateCertificateListFromBytes( @@ -250,7 +250,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACert_ObjSignTrust) { CertificateList cert_list = ListCertsInSlot(slot_.get()); ASSERT_EQ(1U, cert_list.size()); scoped_refptr<X509Certificate> cert(cert_list[0]); - EXPECT_EQ("Test CA", cert->subject().common_name); + EXPECT_EQ("Test Root CA", cert->subject().common_name); EXPECT_EQ(CertDatabase::TRUSTED_OBJ_SIGN, cert_db_.GetCertTrust(cert.get(), CA_CERT)); @@ -391,7 +391,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACertHierarchyTree) { } TEST_F(CertDatabaseNSSTest, ImportCACertNotHierarchy) { - std::string cert_data = ReadTestFile("root_ca_cert.crt"); + std::string cert_data = ReadTestFile("root_ca_cert.pem"); CertificateList certs = X509Certificate::CreateCertificateListFromBytes( cert_data.data(), cert_data.size(), X509Certificate::FORMAT_AUTO); @@ -415,7 +415,7 @@ TEST_F(CertDatabaseNSSTest, ImportCACertNotHierarchy) { CertificateList cert_list = ListCertsInSlot(slot_.get()); ASSERT_EQ(1U, cert_list.size()); - EXPECT_EQ("Test CA", cert_list[0]->subject().common_name); + EXPECT_EQ("Test Root CA", cert_list[0]->subject().common_name); } TEST_F(CertDatabaseNSSTest, ImportServerCert) { diff --git a/net/base/test_root_certs_unittest.cc b/net/base/test_root_certs_unittest.cc new file mode 100644 index 0000000..5697e11 --- /dev/null +++ b/net/base/test_root_certs_unittest.cc @@ -0,0 +1,114 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/file_path.h" +#include "build/build_config.h" +#include "net/base/cert_status_flags.h" +#include "net/base/cert_test_util.h" +#include "net/base/cert_verify_result.h" +#include "net/base/net_errors.h" +#include "net/base/test_root_certs.h" +#include "net/base/x509_certificate.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace net { + +namespace { + +// The local test root certificate. +const char kRootCertificateFile[] = "root_ca_cert.pem"; +// A certificate issued by the local test root for 127.0.0.1. +const char kGoodCertificateFile[] = "ok_cert.pem"; + +} // namespace + +// Test basic functionality when adding from an existing X509Certificate. +TEST(TestRootCertsTest, AddFromPointer) { + scoped_refptr<X509Certificate> root_cert = + ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile); + ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert); + + TestRootCerts* test_roots = TestRootCerts::GetInstance(); + ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots); + EXPECT_TRUE(test_roots->IsEmpty()); + + EXPECT_TRUE(test_roots->Add(root_cert)); + EXPECT_FALSE(test_roots->IsEmpty()); + + test_roots->Clear(); + EXPECT_TRUE(test_roots->IsEmpty()); +} + +// Test basic functionality when adding directly from a file, which should +// behave the same as when adding from an existing certificate. +TEST(TestRootCertsTest, AddFromFile) { + TestRootCerts* test_roots = TestRootCerts::GetInstance(); + ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots); + EXPECT_TRUE(test_roots->IsEmpty()); + + FilePath cert_path = + GetTestCertsDirectory().AppendASCII(kRootCertificateFile); + EXPECT_TRUE(test_roots->AddFromFile(cert_path)); + EXPECT_FALSE(test_roots->IsEmpty()); + + test_roots->Clear(); + EXPECT_TRUE(test_roots->IsEmpty()); +} + +// Test that TestRootCerts actually adds the appropriate trust status flags +// when requested, and that the trusted status is cleared once the root is +// removed the TestRootCerts. This test acts as a canary/sanity check for +// the results of the rest of net_unittests, ensuring that the trust status +// is properly being set and cleared. +TEST(TestRootCertsTest, OverrideTrust) { + TestRootCerts* test_roots = TestRootCerts::GetInstance(); + ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots); + EXPECT_TRUE(test_roots->IsEmpty()); + + scoped_refptr<X509Certificate> test_cert = + ImportCertFromFile(GetTestCertsDirectory(), kGoodCertificateFile); + ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); + + // Test that the good certificate fails verification, because the root + // certificate should not yet be trusted. + int flags = 0; + CertVerifyResult bad_verify_result; + int bad_status = test_cert->Verify("127.0.0.1", flags, &bad_verify_result); + EXPECT_NE(OK, bad_status); + EXPECT_NE(0, bad_verify_result.cert_status & + CERT_STATUS_AUTHORITY_INVALID); + + // Add the root certificate and mark it as trusted. + EXPECT_TRUE(test_roots->AddFromFile( + GetTestCertsDirectory().AppendASCII(kRootCertificateFile))); + EXPECT_FALSE(test_roots->IsEmpty()); + + // Test that the certificate verification now succeeds, because the + // TestRootCerts is successfully imbuing trust. + CertVerifyResult good_verify_result; + int good_status = test_cert->Verify("127.0.0.1", flags, &good_verify_result); + EXPECT_EQ(OK, good_status); + EXPECT_EQ(0, good_verify_result.cert_status); + + test_roots->Clear(); + EXPECT_TRUE(test_roots->IsEmpty()); + + // Ensure that when the TestRootCerts is cleared, the trust settings + // revert to their original state, and don't linger. If trust status + // lingers, it will likely break other tests in net_unittests. + CertVerifyResult restored_verify_result; + int restored_status = test_cert->Verify("127.0.0.1", flags, + &restored_verify_result); + EXPECT_NE(OK, restored_status); + EXPECT_NE(0, restored_verify_result.cert_status & + CERT_STATUS_AUTHORITY_INVALID); + EXPECT_EQ(bad_status, restored_status); + EXPECT_EQ(bad_verify_result.cert_status, restored_verify_result.cert_status); +} + +// TODO(rsleevi): Add tests for revocation checking via CRLs, ensuring that +// TestRootCerts properly injects itself into the validation process. See +// http://crbug.com/63958 + +} // namespace net diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README index a58aaa1..fda8fc7 100644 --- a/net/data/ssl/certificates/README +++ b/net/data/ssl/certificates/README @@ -20,13 +20,6 @@ unit tests. - dod_root_ca_2_cert.der : A certificate chain for regression tests of http://crbug.com/31497. -- expired_cert.pem : An expired certificate, used by test_server.cc. - -- ok_cert.pem : A valid certificate, used by test_server.cc - -- root_ca_cert.crt : The testing root CA used to sign the test_server.cc's - certificates. - - unosoft_hu_cert : Certificate used by X509CertificateTest.UnoSoftCertParsing. - client.p12 : A PKCS #12 file containing a client certificate and a private @@ -34,3 +27,44 @@ unit tests. - punycodetest.der : A test self-signed server certificate with punycode name. The common name is "xn--wgv71a119e.com" (日本語.com) + +===== +Generated Test Certificates: +===== +The following certificates were generated locally, and are primarily used +by test_server.cc and test_server.py. Each file contains the certificate +and associated private key. + - expired_cert.pem : An expired certificate, used by test_server.cc. + - ok_cert.pem : A valid certificate, used by test_server.cc and others + - root_ca_cert.pem : The test root CA certificate, used to sign the test + certificates. + +In addition, two support files are provided to make it easy to make +modifications or regenerate these certificates. + - openssl_ca.cnf : The configuration file used to generate the test CA + certificate and sign certificate requests. + - openssl_cert.cnf : The configuration file used to generate the certificate + requests for the ok and expired certificates. + +The following commands were used to generated the test root certificates +Note: Be sure to adjust path slashes as appropriate for your platform. + +mkdir root_ca +mkdir root_ca\private +mkdir root_ca\newcerts +echo 01 > root_ca\serial +[On Windows] + copy nul: root_ca\index.txt + copy nul: root_ca\index.txt.attr +[On POSIX] + touch root_ca\index.txt + touch root_ca\index.txt.attr + +openssl req -new -x509 -days 18250 -keyout root_ca\private\cacert.key -out root_ca\cacert.pem -config openssl_ca.cnf +openssl req -new -keyout expired_cert.key -out expired_cert.req -config openssl_cert.cnf +openssl req -new -keyout ok_cert.key -out ok_cert.req -config openssl_cert.cnf +openssl ca -name CA_root -extensions user_cert -startdate 060101000000Z -enddate 070101000000Z -in expired_cert.req -out expired_cert.pem -config openssl_ca.cnf +openssl ca -name CA_root -extensions user_cert -days 18250 -in ok_cert.req -out ok_cert.pem -config openssl_ca.cnf + + Each generated certificate (.pem) and private key (.key) were then combined + into a single file matching the naming scheme described above. diff --git a/net/data/ssl/certificates/expired_cert.pem b/net/data/ssl/certificates/expired_cert.pem index 370330d..68a29be 100644 --- a/net/data/ssl/certificates/expired_cert.pem +++ b/net/data/ssl/certificates/expired_cert.pem @@ -1,41 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Validity + Not Before: Jan 1 00:00:00 2006 GMT + Not After : Jan 1 00:00:00 2007 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:d3:b1:98:19:4f:40:2b:f0:73:a0:e1:9d:af:32: + 36:cb:62:aa:d9:9e:81:a1:60:1a:a8:2f:1a:6f:f3: + 0e:5e:31:50:a6:a3:f3:15:b1:71:8e:e7:e6:9b:ed: + 7f:b5:ff:2f:3e:b3:50:83:5b:70:a6:70:80:32:d5: + 26:6c:67:bb:40:41:0d:b7:63:f0:60:b8:63:d0:ad: + 10:be:4b:ad:b2:57:9f:c1:fc:42:2e:56:46:71:b8: + 78:00:28:9e:ec:80:2d:8d:a5:4e:c6:3c:e0:53:9a: + a3:c8:4b:3c:58:0f:89:4c:64:93:c0:db:49:a4:85: + 1e:50:31:b6:4e:66:c7:a1:fb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 32:7B:D6:18:4F:26:9C:71:90:B5:37:FF:E4:33:5E:C8:C5:02:34:90 + X509v3 Authority Key Identifier: + keyid:CB:0C:83:29:5E:38:A2:D6:9F:F7:76:FB:B3:B6:48:84:4E:F8:4D:F3 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Alternative Name: + IP Address:127.0.0.1 + Signature Algorithm: sha1WithRSAEncryption + 66:6b:d6:b8:e5:77:c8:e5:af:6d:5f:f9:97:cd:ae:72:f0:68: + 23:28:b2:58:d2:6d:b0:37:5f:ec:36:d5:77:af:a2:80:02:27: + 02:43:84:e7:de:54:7a:40:43:06:fd:93:78:59:16:d4:6f:e5: + a0:a5:6d:98:26:1b:6d:bf:67:92:67:e6:d1:d2:e7:e0:b2:5d: + ee:83:00:ab:1a:15:bd:25:a7:be:36:26:06:34:3b:1c:5d:be: + 21:31:45:51:4c:0e:83:c2:04:e6:fd:2e:a9:94:f8:8a:4e:ff: + af:89:ac:47:4c:85:79:19:f0:68:32:4c:aa:c0:6a:6c:9f:dc: + 4d:50 -----BEGIN CERTIFICATE----- -MIIEZDCCAkygAwIBAgIBAzANBgkqhkiG9w0BAQUFADBgMRAwDgYDVQQDEwdUZXN0 -IENBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN -TW91bnRhaW4gVmlldzESMBAGA1UEChMJQ2VydCBUZXN0MB4XDTA2MDEwMTAwMDAw -MFoXDTA3MDEwMTAwMDAwMFowSjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm -b3JuaWExEjAQBgNVBAoTCUNlcnQgVGVzdDESMBAGA1UEAxMJMTI3LjAuMC4xMIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDuUjUPzXBw61Xsh1RGSyJowrqC+TYv -pf44P2c5sF/Y/KX0LoJEA72in+2d7N8sf3IsJvy6X1uPnVdX7wKzgtHI6FFjOcbR -zs9MiyEJkeFKADI+ZMV0httNOy93ajESsjZMwgoHMKOv5ikNCdwE/nefSfu6Zuap -CsadArkHe3d5dwIDAQABo4HCMIG/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNr8t46H -i0oOuzYzmjE24g25B9fKMIGSBgNVHSMEgYowgYeAFF3Of5nj1BlBMU/Gz7El9Vqv -45cxoWSkYjBgMRAwDgYDVQQDEwdUZXN0IENBMQswCQYDVQQGEwJVUzETMBEGA1UE -CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzESMBAGA1UEChMJ -Q2VydCBUZXN0ggkA1FGT1D/e2U4wDQYJKoZIhvcNAQEFBQADggIBABdhpWwsDDAn -eQKSk70sigbUk1eeGzE0AR2nNfs1N/Lx+EYBmWdOEZTi5ngwJoDavb6okaOWRYV5 -nIyIWGuJQfJ6OPZycNn9HMC2vL9er2gu6y8/6Sob4POThAdf519oHXFWR7S5fnPK -rvbspRHm/gycMA3Lvkzm2tHEQI4d+3pKAPtGtDUEnHEuo13tbaA3N8RJXStJXp4y -foqYEPJpG5SD3hDBTlVbg6J3li6B4r2LfCMgRXjrsNJSBamPrXX8n+K2SzCPLDli -9s387TMKLxGI7v5y5BcLcxuvBrAGS5rUw1q6+wNAvAkOSai6SfBmhUSn4OwQl0yX -y/1IOj2iCEwUJDMHQRp0K03xvN+nAaqFbnbBxVcL42lgMkLt2cL+X4tkBPzx2/Ys -4tuEk2/BftaHX0rby7OWCCh8q9QM+CmXzOipbwsjViTBpdR99RP7lrhojO3Tkx58 -bxHBj9EpOjxCQyv1x3xZ5GpyAIgSduVusHwk7FJBNetg5Csa0GBEr2d6Lh+zPSm/ -ZPgWqaVH6YoY+2HP2Mi2YxNYWJOR3ycNOxTuTp3M/glDBFYJaB5/PXTzFKrzo/vE -za7vs4El0Ei7YZYC0vxqpUbiS6l7Ul+TPfk6q/OAkYjaJ76uYlcKVmN060wK83z5 -Vtoy6YuY/8hrMRl3jrMaiVsMSMg+nOsM +MIICujCCAiOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzET +MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G +A1UECgwHVGVzdCBDQTEVMBMGA1UEAwwMVGVzdCBSb290IENBMB4XDTA2MDEwMTAw +MDAwMFoXDTA3MDEwMTAwMDAwMFowYDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNh +bGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxEDAOBgNVBAoMB1Rlc3Qg +Q0ExEjAQBgNVBAMMCTEyNy4wLjAuMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC +gYEA07GYGU9AK/BzoOGdrzI2y2Kq2Z6BoWAaqC8ab/MOXjFQpqPzFbFxjufmm+1/ +tf8vPrNQg1twpnCAMtUmbGe7QEENt2PwYLhj0K0QvkutslefwfxCLlZGcbh4ACie +7IAtjaVOxjzgU5qjyEs8WA+JTGSTwNtJpIUeUDG2TmbHofsCAwEAAaOBgDB+MAwG +A1UdEwEB/wQCMAAwHQYDVR0OBBYEFDJ71hhPJpxxkLU3/+QzXsjFAjSQMB8GA1Ud +IwQYMBaAFMsMgyleOKLWn/d2+7O2SIRO+E3zMB0GA1UdJQQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjAPBgNVHREECDAGhwR/AAABMA0GCSqGSIb3DQEBBQUAA4GBAGZr +1rjld8jlr21f+ZfNrnLwaCMosljSbbA3X+w21XevooACJwJDhOfeVHpAQwb9k3hZ +FtRv5aClbZgmG22/Z5Jn5tHS5+CyXe6DAKsaFb0lp742JgY0OxxdviExRVFMDoPC +BOb9LqmU+IpO/6+JrEdMhXkZ8GgyTKrAamyf3E1Q -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- -MIICWwIBAAKBgQDuUjUPzXBw61Xsh1RGSyJowrqC+TYvpf44P2c5sF/Y/KX0LoJE -A72in+2d7N8sf3IsJvy6X1uPnVdX7wKzgtHI6FFjOcbRzs9MiyEJkeFKADI+ZMV0 -httNOy93ajESsjZMwgoHMKOv5ikNCdwE/nefSfu6ZuapCsadArkHe3d5dwIDAQAB -AoGARF1wu0fDqaDY1TE9C60iActalZfH44NKmfgWNIZT+HsBYDq3Q6uPCse18kew -/aLRrbjBZvVT3q7UD3WQ4M32P44rEAAhdYGhMndF53xrtX5SQ7LPb381mlPoJ2AE -Wv9R+0X45aRtiSC/Y7E9ebN5p4RY9NjRUjcaI67d1NgNAwECQQD6k83u6R73tsJt -k2OCTnUxvQi9Oo5GwDfiubHOQx3tG3ZDIjsyg1GCJa/PVRiP6PXkgIoAWmiyGFIR -+gIO86kPAkEA83qA4L4HxLQLapDvBDNgiz9eHA/FJvsk5yH0jupR+CDLRqM6Dfzj -iLeztyJV3n96lMDIc4lEzplysDw/TD6ZGQJABzYFsSBoUbyir8CUFoXnfXzxKXDr -80FI2m95nHP2AoLNznTHu1ZoHBS1kIPkZw/PM7o3Pndbl/R3OCk3sfJ1JQJABSB7 -PkBCIZ4471GF9uyuB8CZ1rVuTVfUexl38Np2R2dJYH9nZYwBrotPuXd7n2fHyQIW -NniZflA03gkmvBBFYQJADftQ5+jabFxXkqwZsrsvtG+Ji53BZrLrczFxgPyGVfUF -A1pyQE3M6SykYjp+S3Zg6eS+yKE06guecEVhTQtwBA== +MIICWwIBAAKBgQDTsZgZT0Ar8HOg4Z2vMjbLYqrZnoGhYBqoLxpv8w5eMVCmo/MV +sXGO5+ab7X+1/y8+s1CDW3CmcIAy1SZsZ7tAQQ23Y/BguGPQrRC+S62yV5/B/EIu +VkZxuHgAKJ7sgC2NpU7GPOBTmqPISzxYD4lMZJPA20mkhR5QMbZOZseh+wIDAQAB +AoGAQlI9SJCfliR61UhZ0m105TtAM3WJPzmQoGhBbBlFwxTII6zxlzZEUXUttmQt +wqLz9jzPWJfpLvvH7iUBKK1G6ESXTzquNUYq6Yhn48EeLUygjple/T2EYwHxrVKg +lxt7TpFrkH/lJyRSRTSJjCnBBMfFwM8NA7rJkONsUocyKqECQQDsR6DAAmiw5PDe +PRiPww+Dup9Tps1DpcVcbzXw66bGRnM8WlTu++IQPzn09mGCBjFVEX0TjdGl9OLx +GFvfGPjNAkEA5Vyoi4YIiF22Ul/9Mwo5wmqOaTK2WZO/4XynpstW7n0ySk5XIKL4 +x17NMTuhbXqLtvO4LLRboIE1O3cFlm+l5wJAKQvUcCa6+yf6dBEXCDpxooe0D/sl +I4BTxdgH/d9iLIWmlTB4GsAlKH9jWRvIGqdqwIV2PgRgDD17gzihFSOobQJAHR/w +/xacCsTrm/Y4brzDrN5fCxi3cxSB7x4nI9T6Svp24lykT66iLJ7rK29JBl/jUe4M +2xBj+jOuEMkCWqH+zQJAfY8tFgk+lTz4uXklpyeU1ZR9VZup4g3eJf21bp5nBRfk +yROePkvzYNRyOIceRKFMXMUWQ2+CPauBCiwZcOpISQ== -----END RSA PRIVATE KEY----- diff --git a/net/data/ssl/certificates/ok_cert.pem b/net/data/ssl/certificates/ok_cert.pem index 6349b78..fedfb43 100644 --- a/net/data/ssl/certificates/ok_cert.pem +++ b/net/data/ssl/certificates/ok_cert.pem @@ -1,41 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 2 (0x2) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Validity + Not Before: Dec 6 01:05:39 2010 GMT + Not After : Nov 23 01:05:39 2060 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:c8:a8:e7:59:13:08:20:9b:55:83:33:b2:1b:58: + 29:5f:0a:13:b5:f6:71:5e:69:e5:76:c5:50:dd:32: + 8e:ad:11:2e:fe:47:f8:3a:9f:d3:66:74:70:b2:ad: + 19:1d:b7:03:64:7d:97:f7:57:38:26:22:cd:06:62: + 6b:71:60:d3:55:cc:96:db:e3:e7:16:76:61:49:b5: + 13:20:2b:45:2e:4a:11:52:2d:c9:e0:be:d0:5a:5f: + fe:6e:e6:a1:22:80:81:cb:e7:5e:b8:46:20:7a:85: + 8a:fb:d5:7c:e1:f6:83:67:92:a5:37:a1:58:82:c6: + fc:90:2e:4d:d6:3d:68:86:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 1E:43:8E:14:6F:C3:47:85:45:BE:27:89:6C:F6:5B:98:D7:0B:DF:FD + X509v3 Authority Key Identifier: + keyid:CB:0C:83:29:5E:38:A2:D6:9F:F7:76:FB:B3:B6:48:84:4E:F8:4D:F3 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Alternative Name: + IP Address:127.0.0.1 + Signature Algorithm: sha1WithRSAEncryption + 75:f7:88:9c:c6:fe:44:17:d5:34:16:ca:80:58:c1:8c:70:95: + d6:d9:39:d3:44:01:36:a9:ed:73:80:7e:62:ee:3a:5a:ad:ee: + 88:42:1e:72:8e:21:b6:12:30:a2:1e:2b:6a:1f:ec:48:c1:9c: + 28:8c:e2:7a:3a:df:7f:fe:2b:2b:18:81:32:b6:f9:ae:e6:de: + 3a:6c:90:9f:da:0f:9e:c7:d4:e5:e0:2c:ab:86:4e:c4:ee:63: + 8f:e0:b6:31:a0:52:b5:b3:cf:24:17:f7:14:78:7a:56:e9:43: + f4:8c:2c:b8:4f:5b:ff:21:a8:8f:3c:38:32:52:6f:e3:a9:6d: + 6e:23 -----BEGIN CERTIFICATE----- -MIIEZDCCAkygAwIBAgIBATANBgkqhkiG9w0BAQUFADBgMRAwDgYDVQQDEwdUZXN0 -IENBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN -TW91bnRhaW4gVmlldzESMBAGA1UEChMJQ2VydCBUZXN0MB4XDTA4MDcyODIyMzIy -OFoXDTEzMDcyNzIyMzIyOFowSjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm -b3JuaWExEjAQBgNVBAoTCUNlcnQgVGVzdDESMBAGA1UEAxMJMTI3LjAuMC4xMIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQj2tPWPUgbuI4H3/3dnttqVbndwU3 -3BdRCd67DFM44GRrsjDSH4bY/EbFyX9D52d/iy6ZaAmDePcCz5k/fgP3DMujykYG -qgNiV2ywxTlMj7NlN2C7SRt68fQMZr5iI7rypdxuaZt9lSMD3ENBffYtuLTyZd9a -3JPJe1TaIab5GwIDAQABo4HCMIG/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFCYLBv5K -x5sLNVlpLh5FwTwhdDl7MIGSBgNVHSMEgYowgYeAFF3Of5nj1BlBMU/Gz7El9Vqv -45cxoWSkYjBgMRAwDgYDVQQDEwdUZXN0IENBMQswCQYDVQQGEwJVUzETMBEGA1UE -CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzESMBAGA1UEChMJ -Q2VydCBUZXN0ggkA1FGT1D/e2U4wDQYJKoZIhvcNAQEFBQADggIBAEtkVmLObUgk -b2cIA2S+QDtifq1UgVfBbytvR2lFmnADOR55mo0gHQG3HHqq4g034LmoVXDHhUk8 -Gb6aFiv4QubmVhLXcUelTRXwiNvGzkW7pC6Jrq105hdPjzXMKTcmiLaopm5Fqfc7 -hj5Cn1Sjspc8pdeQjrbeMdvca7KlFrGP8YkwCU2xOOX9PiN9G0966BWfjnr/fZZp -+OQVuUFHdiAZwthEMuDpAAXHqYXIsermgdOpgJaA53cf8NqBV2QGhtFgtsJCRoiu -7DKqhyRWBGyz19VIH2b7y+6qvQVxuHk19kKRM0nftw/yNcJnm7gtttespMUPsOMa -a2SD1G0hm0TND6vxaBhgR3cVqpl/qIpAdFi00Tm7hTyYE7I43zPW03t+/DpCt3Um -EMRZsQ90co5q+bcx/vQ7YAtwUh30uMb0wpibeyCwDp8cqNmSiRkEuc/FjTYes5t8 -5gR//WX1l0+qjrjusO9NmoLnq2Yk6UcioX+z+q6Z/dudGfqhLfeWD2Q0LWYA242C -d7km5Y3KAt1PJdVsof/aiVhVdddY/OIEKTRQhWEdDbosy2eh16BCKXT2FFvhNDg1 -AYFvn6I8nj9IldMJiIc3DdhacEAEzRMeRgPdzAa1griKUGknxsyTyRii8ru0WS6w -DCNrlDOVXdzYGEZooBI76BDVY0W0akjV +MIICvDCCAiWgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzET +MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G +A1UECgwHVGVzdCBDQTEVMBMGA1UEAwwMVGVzdCBSb290IENBMCAXDTEwMTIwNjAx +MDUzOVoYDzIwNjAxMTIzMDEwNTM5WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECAwK +Q2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4GA1UECgwHVGVz +dCBDQTESMBAGA1UEAwwJMTI3LjAuMC4xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQDIqOdZEwggm1WDM7IbWClfChO19nFeaeV2xVDdMo6tES7+R/g6n9NmdHCy +rRkdtwNkfZf3VzgmIs0GYmtxYNNVzJbb4+cWdmFJtRMgK0UuShFSLcngvtBaX/5u +5qEigIHL5164RiB6hYr71Xzh9oNnkqU3oViCxvyQLk3WPWiGZwIDAQABo4GAMH4w +DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUHkOOFG/DR4VFvieJbPZbmNcL3/0wHwYD +VR0jBBgwFoAUywyDKV44otaf93b7s7ZIhE74TfMwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMA8GA1UdEQQIMAaHBH8AAAEwDQYJKoZIhvcNAQEFBQADgYEA +dfeInMb+RBfVNBbKgFjBjHCV1tk500QBNqntc4B+Yu46Wq3uiEIeco4hthIwoh4r +ah/sSMGcKIziejrff/4rKxiBMrb5rubeOmyQn9oPnsfU5eAsq4ZOxO5jj+C2MaBS +tbPPJBf3FHh6VulD9IwsuE9b/yGojzw4MlJv46ltbiM= -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDQj2tPWPUgbuI4H3/3dnttqVbndwU33BdRCd67DFM44GRrsjDS -H4bY/EbFyX9D52d/iy6ZaAmDePcCz5k/fgP3DMujykYGqgNiV2ywxTlMj7NlN2C7 -SRt68fQMZr5iI7rypdxuaZt9lSMD3ENBffYtuLTyZd9a3JPJe1TaIab5GwIDAQAB -AoGANHXu8z2YIzlhE+bwhGm8MGBpKL3qhRuKjeriqMA36tWezOw8lY4ymEAU+Ulv -BsCdaxqydQoTYou57m4TyUHEcxq9pq3H0zB0qL709DdHi/t4zbV9XIoAzC5v0/hG -9+Ca29TwC02FCw+qLkNrtwCpwOcQmc+bPxqvFu1iMiahURECQQD2I/Hi2413CMZz -TBjl8fMiVO9GhA2J0sc8Qi+YcgJakaLD9xcbaiLkTzPZDlA389C1b6Ia+poAr4YA -Ve0FFbxpAkEA2OobayyHE/QtPEqoy6NLR57jirmVBNmSWWd4lAyL5UIHIYVttJZg -8CLvbzaU/iDGwR+wKsM664rKPHEmtlyo4wJBAMeSqYO5ZOCJGu9NWjrHjM3fdAsG -8zs2zhiLya+fcU0iHIksBW5TBmt71Jw/wMc9R5J1K0kYvFml98653O5si1ECQBCk -RV4/mE1rmlzZzYFyEcB47DQkcM5ictvxGEsje0gnfKyRtAz6zI0f4QbDRUMJ+LWw -XK+rMsYHa+SfOb0b9skCQQCLdeonsIpFDv/Uv+flHISy0WA+AFkLXrRkBKh6G/OD -dMHaNevkJgUnpceVEnkrdenp5CcEoFTI17pd+nBgDm/B +MIICWwIBAAKBgQDIqOdZEwggm1WDM7IbWClfChO19nFeaeV2xVDdMo6tES7+R/g6 +n9NmdHCyrRkdtwNkfZf3VzgmIs0GYmtxYNNVzJbb4+cWdmFJtRMgK0UuShFSLcng +vtBaX/5u5qEigIHL5164RiB6hYr71Xzh9oNnkqU3oViCxvyQLk3WPWiGZwIDAQAB +AoGAf5i4FDI/9swP4nBbD3xOQnsb8ZeWm5znJ1FtjFr70x2cLmIBfPXo7buZdmUQ +FY8s/xfGLKgvskBq82ZeQCh7+XDOteAv5ixLoez0q91l6zP4pqoCRzpYzt8EDjs0 +V7cs0rUxRZXksEuUxkKqUR+b1KUDVwrZyLUgMoJaSOyb2cECQQDpx0iyFeKvGXAC +1jiCb9GQBWHh/W2Opi2+4gRvNRpcCnZ+JqELeXS/l7LOAO+pezwta0kFnQYL7QUG +6mhUrdIRAkEA27u3hK/CDBhHO7Atinn5+U6r4m3ztNoAc1cvBRYix/Z33EOJTuj7 +6xicUYC29fTRWOp90rsiNyE8x3SolK1Y9wJAMCCqwp7m0A14ldzsPU4v4mp5QEEg +MOHdQRLevtY72v78bfQd63LRqi/cy7Q9orKQLPmNSu6MtB/TjRzs5aHzQQJAUl19 +HxmazVnUacVSbNPoJdGdkJTSg3osLRADKg7wHrB+oWwXbiLbO3bQMaTj8DJCvue3 +HmTTIIMu+zz5bDHGZQJANhxaCoMFJkeKG0N7580hFrxzTzRXeQyeDbP3TzLRJygX +d+YkP+lFcuOlvWBy/tv/i9BTqsC0y+2V76FSoH9JPQ== -----END RSA PRIVATE KEY----- diff --git a/net/data/ssl/certificates/openssl_ca.cnf b/net/data/ssl/certificates/openssl_ca.cnf new file mode 100644 index 0000000..103b80a --- /dev/null +++ b/net/data/ssl/certificates/openssl_ca.cnf @@ -0,0 +1,72 @@ +[ca]
+default_ca = CA_root
+preserve = yes
+
+# The default test root, used to generate certificates and CRLs.
+[CA_root]
+dir = ./root_ca
+database = $dir/index.txt
+new_certs_dir = $dir/newcerts
+serial = $dir/serial
+certificate = $dir/cacert.pem
+private_key = $dir/private/cacert.key
+RANDFILE = $dir/private/.rand
+default_days = 365
+default_crl_days = 30
+default_md = sha1
+policy = policy_anything
+unique_subject = no
+copy_extensions = copy
+
+[user_cert]
+# Extensions to add when signing a request for an EE cert
+basicConstraints = critical, CA:false
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always
+extendedKeyUsage = serverAuth,clientAuth
+
+[ca_cert]
+# Extensions to add when signing a request for an intermediate/CA cert
+basicConstraints = critical, CA:true
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always
+keyUsage = critical, keyCertSign, cRLSign
+
+[crl_extensions]
+# Extensions to add when signing a CRL
+authorityKeyIdentifier = keyid:always
+
+[policy_anything]
+# Default signing policy
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = optional
+emailAddress = optional
+
+[req]
+# The request section used to generate the root CA certificate. This should
+# not be used to generate end-entity certificates. For certificates other
+# than the root CA, see README to find the appropriate configuration file
+# (ie: openssl_cert.cnf).
+default_bits = 1024
+default_md = sha1
+string_mask = utf8only
+prompt = no
+encrypt_key = no
+distinguished_name = req_ca_dn
+x509_extensions = req_ca_exts
+
+[req_ca_dn]
+C = US
+ST = California
+L = Mountain View
+O = Test CA
+CN = Test Root CA
+
+[req_ca_exts]
+basicConstraints = critical, CA:true
+keyUsage = critical, keyCertSign, cRLSign
+subjectKeyIdentifier = hash
\ No newline at end of file diff --git a/net/data/ssl/certificates/openssl_cert.cnf b/net/data/ssl/certificates/openssl_cert.cnf new file mode 100644 index 0000000..078ae03 --- /dev/null +++ b/net/data/ssl/certificates/openssl_cert.cnf @@ -0,0 +1,23 @@ +# The default configuration to use when requesting a certificate to be used
+# as the server test certificate, whether OK or expired.
+[req]
+# Common configuration for all requests
+default_bits = 1024
+default_md = sha1
+string_mask = utf8only
+prompt = no
+encrypt_key = no
+distinguished_name = req_dn
+req_extensions = req_extensions
+
+[req_dn]
+C = US
+ST = California
+L = Mountain View
+O = Test CA
+# TODO(joth): Support matching the iPAddress subjectAltName when using
+# OpenSSL. See http://crbug.com/62973 and http://crbug.com/20276
+CN = 127.0.0.1
+
+[req_extensions]
+subjectAltName = IP:127.0.0.1
\ No newline at end of file diff --git a/net/data/ssl/certificates/root_ca_cert.crt b/net/data/ssl/certificates/root_ca_cert.crt deleted file mode 100644 index 873b4f7..0000000 --- a/net/data/ssl/certificates/root_ca_cert.crt +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGCTCCA/GgAwIBAgIJANRRk9Q/3tlOMA0GCSqGSIb3DQEBBQUAMGAxEDAOBgNV -BAMTB1Rlc3QgQ0ExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYw -FAYDVQQHEw1Nb3VudGFpbiBWaWV3MRIwEAYDVQQKEwlDZXJ0IFRlc3QwHhcNMDgw -NzI4MjIzMjAxWhcNMTMwNzI3MjIzMjAxWjBgMRAwDgYDVQQDEwdUZXN0IENBMQsw -CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRh -aW4gVmlldzESMBAGA1UEChMJQ2VydCBUZXN0MIICIjANBgkqhkiG9w0BAQEFAAOC -Ag8AMIICCgKCAgEAuyR/rlxmPi+L48rXdlACgz+Cq06jf8Ns0H/eaofQCB7odsKu -CXzyngqGetohqAmW8XNzGKAlHzjJcnySzhxG8V3V22aILTI7lfSxrNpLKGaJ69MO -lg6zFty/zkZ94oRX6Q1t2yRrWBN4isXMOxwRg7cGzuN8ejG0/vbgIVQulF6cqDge -5BXtXhD4GnKEbvLh5TRxK8x3VBNlVIlRx1gKVz0q8MFgyFRcMS3PEiaFarSWwq8M -I7QaeifUnXwA5BquXdwf6+8CWdanPv2wG9LylWHK/YbnBz4g/9ppYCAz2V++em+K -/CADHRNIyuEXw6LWmwmYzMd05J+46dbEEua0tRiK3yVl5Q60Bo4NZcUZA3KZ7A9l -JS13/tzFKLqCn+SLzQnZfDAp8ys/Eu9arxYq70dAPUv0eJDSuXNQx2HQBxF3phQ+ -9AvKH5Vu4UgD3lSCqXiLwtOjeCxXZJ3830jIkFOupSZI7H3f3NmMxDba5OzLXXb+ -GfLgR9ulI1Qk+UmISL6/Tsu5453jn6opv/kapD9g7Jc6AFTak1SlHWZU4JH7c1x6 -THSB9FLcjbHt5heK8qcFMU5U6OiJmKW2WKn5k2Rwv0hteLhfN1lchqZkwobzu74z -QG/Z2Q/ClU89X95U5qF1ZxuriP668SxETzPR8D9uBU/5VzkrC3c8SbcTFUECAwEA -AaOBxTCBwjAdBgNVHQ4EFgQUXc5/mePUGUExT8bPsSX1Wq/jlzEwgZIGA1UdIwSB -ijCBh4AUXc5/mePUGUExT8bPsSX1Wq/jlzGhZKRiMGAxEDAOBgNVBAMTB1Rlc3Qg -Q0ExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N -b3VudGFpbiBWaWV3MRIwEAYDVQQKEwlDZXJ0IFRlc3SCCQDUUZPUP97ZTjAMBgNV -HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQA2FoW/5tyDSkEfEQFVfLcfNvmt -s2XK7SbPZtoIYx0lnqXZ8fUxCg0chmkiCypng6msvhEwGs3z7qZWd04bY8RAZYbQ -9bhjvB0LH4lVfsK4pCAKYQDAHC271XZPd3RmdHaekH70T0w2avFxG9M91CaVRaLh -SheeCVm6aJcFnaBfSd78vDz8Ly+Jtod737JZrkmP7Oko78SrB/CfiMcf6jIdekxP -9bwi75Y0+rfaK9x/Pyjz4U23ooZLX2f/21c3JSTwR19qGZOHvQircP7scQzgtlJl -zGxQKEZwYHAPxNHbPoScLOP2LXqWUnheC5LQcsm3BtRKM5AniEqW8HqKAxrGOPNO -cj8E3hVf6lZaAeFH5CTN/rudb869k/ibJkaeo6pjeytssMr+PvpstWmWqhfEJTZn -om7w+xMsYKe1cZv6c2WIVFuvl/g8CLYuu6SXjtDqj7HVbhC1+IupXl5N4pBXIXCf -Q33D4JsmM51ySMk5SxAl6HaxiB9hU3dqJqWjiKBJztLnZUDWUpCb3g09yygXeTmY -fNGaY+mZX3HBohrAy0kj06OgT12ovmWsmQRIvpTBybTbX37vt11xOLN/WNnifkH9 -HcEOc/WW68x2dJbnF4sBfV/0edA8ectGdyqzn1gvYjdMDPSSbAZ4B/EIijfHqILb -R3901wi9fJwhBxFIuQ== ------END CERTIFICATE----- diff --git a/net/data/ssl/certificates/root_ca_cert.pem b/net/data/ssl/certificates/root_ca_cert.pem new file mode 100644 index 0000000..2c7de65 --- /dev/null +++ b/net/data/ssl/certificates/root_ca_cert.pem @@ -0,0 +1,72 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 9c:2f:96:4d:cf:ed:53:de + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Validity + Not Before: Dec 6 00:53:08 2010 GMT + Not After : Nov 23 00:53:08 2060 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:a7:be:04:ae:99:87:df:58:e1:c9:cb:ba:f1:0d: + 91:be:9c:14:66:f5:27:55:ad:9e:ea:ba:11:78:fa: + cf:a5:4d:50:02:9a:23:ad:9d:3a:c7:d9:23:6b:b1: + ec:8e:0f:ce:c3:de:d1:a6:8e:29:ba:15:12:4b:39: + d9:31:28:64:08:dd:8e:b9:f3:b9:67:f1:3d:76:16: + c1:cb:a6:3f:f5:26:86:8e:37:29:0f:2f:62:de:87: + 44:31:60:88:3f:d2:bc:ad:43:ea:0f:69:bc:4b:cd: + 32:b3:3b:1b:e8:7f:31:3d:d7:37:f7:5a:4a:51:38: + 24:91:dc:ec:18:19:a4:ec:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + CB:0C:83:29:5E:38:A2:D6:9F:F7:76:FB:B3:B6:48:84:4E:F8:4D:F3 + Signature Algorithm: sha1WithRSAEncryption + 60:e9:9d:7b:e2:38:d2:cf:65:82:d1:b8:f3:11:b1:be:33:9b: + f8:fd:16:6c:0f:5e:ef:ae:d7:da:61:9a:0d:db:c7:76:17:c9: + b5:f3:da:e1:c0:2b:73:45:9f:b5:29:e0:20:52:3a:76:e3:38: + 9a:1d:95:34:65:e2:ac:8d:bb:9a:19:fa:b3:49:41:e4:2c:88: + e6:ab:31:c2:d8:25:0c:82:84:4d:d7:50:f2:84:b5:01:7e:ed: + f2:4a:b6:33:4f:9d:44:e9:24:8b:be:47:a7:66:82:dc:16:72: + 9e:5a:82:7b:cf:95:df:60:cb:90:fe:cc:10:88:d0:ae:96:1b: + 88:72 +-----BEGIN CERTIFICATE----- +MIICiDCCAfGgAwIBAgIJAJwvlk3P7VPeMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV +BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBW +aWV3MRAwDgYDVQQKDAdUZXN0IENBMRUwEwYDVQQDDAxUZXN0IFJvb3QgQ0EwIBcN +MTAxMjA2MDA1MzA4WhgPMjA2MDExMjMwMDUzMDhaMGMxCzAJBgNVBAYTAlVTMRMw +EQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYD +VQQKDAdUZXN0IENBMRUwEwYDVQQDDAxUZXN0IFJvb3QgQ0EwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAKe+BK6Zh99Y4cnLuvENkb6cFGb1J1Wtnuq6EXj6z6VN +UAKaI62dOsfZI2ux7I4PzsPe0aaOKboVEks52TEoZAjdjrnzuWfxPXYWwcumP/Um +ho43KQ8vYt6HRDFgiD/SvK1D6g9pvEvNMrM7G+h/MT3XN/daSlE4JJHc7BgZpOxn +AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1Ud +DgQWBBTLDIMpXjii1p/3dvuztkiETvhN8zANBgkqhkiG9w0BAQUFAAOBgQBg6Z17 +4jjSz2WC0bjzEbG+M5v4/RZsD17vrtfaYZoN28d2F8m189rhwCtzRZ+1KeAgUjp2 +4ziaHZU0ZeKsjbuaGfqzSUHkLIjmqzHC2CUMgoRN11DyhLUBfu3ySrYzT51E6SSL +vkenZoLcFnKeWoJ7z5XfYMuQ/swQiNCulhuIcg== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCnvgSumYffWOHJy7rxDZG+nBRm9SdVrZ7quhF4+s+lTVACmiOt +nTrH2SNrseyOD87D3tGmjim6FRJLOdkxKGQI3Y6587ln8T12FsHLpj/1JoaONykP +L2Leh0QxYIg/0rytQ+oPabxLzTKzOxvofzE91zf3WkpROCSR3OwYGaTsZwIDAQAB +AoGAAeGYrdic9H1Lsvas9w0e6FNZyznOoiBbWuiRT5kIgSMX1Z+i7MyJnzopMokB +TSqSOBIkqciIYUThOqTAcdOxI3+oz1nCOdbBJ5Rfg8EHG6RlMYG+d1OZ2hVFOWR9 +whM3b+kXjsHw5CKtsH3tdj/1UmjrVZnNQwOM5QKoAwfNUOECQQDbNc4WfleotScu +u7ogLMueKIwq8sf9X15DecK9IIpqvW17uHZV4zb2LUQrF+/2ALNXpqPw75aCbAVl +Mezm6eqXAkEAw+TvJiw6FggEiOe43eT0EU5eXmuLFyHpwcSg5HwPn+UVGu0JDmXE +iF3Xr418vke/tD/9rra+m0gzdaEzRh1WsQJBANgBffGWT8SztUeMvsyjt4VCyVQs +5jra9eUhn26EGUEzJiZKz3i0q90LH+gi71cGu7J8R4HMZRBhZzOfbaThDUMCQQC0 +j3TbU5KqsfM0GZotdRZ+SST0lN3ckZa70riWQb/JGsdMTUW2rpjrNMxUdO6RGOMb +iowSmUCxMmi0OMRhETPRAkBrMCWdw63RmQ21zs6joJT24hv4IpBcxK41o/aH3kUg +KWrXmZ98GqnH9DdQpAGGAP0G7JVIYXCZaMww6N/zNE5U +-----END RSA PRIVATE KEY----- diff --git a/net/net.gyp b/net/net.gyp index 4460b41..c0ef9ea 100644 --- a/net/net.gyp +++ b/net/net.gyp @@ -880,6 +880,7 @@ 'base/transport_security_state_unittest.cc', 'base/test_certificate_data.h', 'base/test_completion_callback_unittest.cc', + 'base/test_root_certs_unittest.cc', 'base/upload_data_stream_unittest.cc', 'base/x509_certificate_unittest.cc', 'base/x509_cert_types_mac_unittest.cc', diff --git a/net/test/test_server.cc b/net/test/test_server.cc index 9722dc1..ec8c687 100644 --- a/net/test/test_server.cc +++ b/net/test/test_server.cc @@ -307,7 +307,7 @@ bool TestServer::SetPythonPath() { } FilePath TestServer::GetRootCertificatePath() { - return certificates_dir_.AppendASCII("root_ca_cert.crt"); + return certificates_dir_.AppendASCII("root_ca_cert.pem"); } bool TestServer::LoadTestRootCert() { diff --git a/tools/python/google/httpd_config/httpd2.pem b/tools/python/google/httpd_config/httpd2.pem index 6349b78..fedfb43 100644 --- a/tools/python/google/httpd_config/httpd2.pem +++ b/tools/python/google/httpd_config/httpd2.pem @@ -1,41 +1,77 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 2 (0x2) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Validity + Not Before: Dec 6 01:05:39 2010 GMT + Not After : Nov 23 01:05:39 2060 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:c8:a8:e7:59:13:08:20:9b:55:83:33:b2:1b:58: + 29:5f:0a:13:b5:f6:71:5e:69:e5:76:c5:50:dd:32: + 8e:ad:11:2e:fe:47:f8:3a:9f:d3:66:74:70:b2:ad: + 19:1d:b7:03:64:7d:97:f7:57:38:26:22:cd:06:62: + 6b:71:60:d3:55:cc:96:db:e3:e7:16:76:61:49:b5: + 13:20:2b:45:2e:4a:11:52:2d:c9:e0:be:d0:5a:5f: + fe:6e:e6:a1:22:80:81:cb:e7:5e:b8:46:20:7a:85: + 8a:fb:d5:7c:e1:f6:83:67:92:a5:37:a1:58:82:c6: + fc:90:2e:4d:d6:3d:68:86:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:FALSE + X509v3 Subject Key Identifier: + 1E:43:8E:14:6F:C3:47:85:45:BE:27:89:6C:F6:5B:98:D7:0B:DF:FD + X509v3 Authority Key Identifier: + keyid:CB:0C:83:29:5E:38:A2:D6:9F:F7:76:FB:B3:B6:48:84:4E:F8:4D:F3 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Subject Alternative Name: + IP Address:127.0.0.1 + Signature Algorithm: sha1WithRSAEncryption + 75:f7:88:9c:c6:fe:44:17:d5:34:16:ca:80:58:c1:8c:70:95: + d6:d9:39:d3:44:01:36:a9:ed:73:80:7e:62:ee:3a:5a:ad:ee: + 88:42:1e:72:8e:21:b6:12:30:a2:1e:2b:6a:1f:ec:48:c1:9c: + 28:8c:e2:7a:3a:df:7f:fe:2b:2b:18:81:32:b6:f9:ae:e6:de: + 3a:6c:90:9f:da:0f:9e:c7:d4:e5:e0:2c:ab:86:4e:c4:ee:63: + 8f:e0:b6:31:a0:52:b5:b3:cf:24:17:f7:14:78:7a:56:e9:43: + f4:8c:2c:b8:4f:5b:ff:21:a8:8f:3c:38:32:52:6f:e3:a9:6d: + 6e:23 -----BEGIN CERTIFICATE----- -MIIEZDCCAkygAwIBAgIBATANBgkqhkiG9w0BAQUFADBgMRAwDgYDVQQDEwdUZXN0 -IENBMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN -TW91bnRhaW4gVmlldzESMBAGA1UEChMJQ2VydCBUZXN0MB4XDTA4MDcyODIyMzIy -OFoXDTEzMDcyNzIyMzIyOFowSjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlm -b3JuaWExEjAQBgNVBAoTCUNlcnQgVGVzdDESMBAGA1UEAxMJMTI3LjAuMC4xMIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQj2tPWPUgbuI4H3/3dnttqVbndwU3 -3BdRCd67DFM44GRrsjDSH4bY/EbFyX9D52d/iy6ZaAmDePcCz5k/fgP3DMujykYG -qgNiV2ywxTlMj7NlN2C7SRt68fQMZr5iI7rypdxuaZt9lSMD3ENBffYtuLTyZd9a -3JPJe1TaIab5GwIDAQABo4HCMIG/MAkGA1UdEwQCMAAwHQYDVR0OBBYEFCYLBv5K -x5sLNVlpLh5FwTwhdDl7MIGSBgNVHSMEgYowgYeAFF3Of5nj1BlBMU/Gz7El9Vqv -45cxoWSkYjBgMRAwDgYDVQQDEwdUZXN0IENBMQswCQYDVQQGEwJVUzETMBEGA1UE -CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzESMBAGA1UEChMJ -Q2VydCBUZXN0ggkA1FGT1D/e2U4wDQYJKoZIhvcNAQEFBQADggIBAEtkVmLObUgk -b2cIA2S+QDtifq1UgVfBbytvR2lFmnADOR55mo0gHQG3HHqq4g034LmoVXDHhUk8 -Gb6aFiv4QubmVhLXcUelTRXwiNvGzkW7pC6Jrq105hdPjzXMKTcmiLaopm5Fqfc7 -hj5Cn1Sjspc8pdeQjrbeMdvca7KlFrGP8YkwCU2xOOX9PiN9G0966BWfjnr/fZZp -+OQVuUFHdiAZwthEMuDpAAXHqYXIsermgdOpgJaA53cf8NqBV2QGhtFgtsJCRoiu -7DKqhyRWBGyz19VIH2b7y+6qvQVxuHk19kKRM0nftw/yNcJnm7gtttespMUPsOMa -a2SD1G0hm0TND6vxaBhgR3cVqpl/qIpAdFi00Tm7hTyYE7I43zPW03t+/DpCt3Um -EMRZsQ90co5q+bcx/vQ7YAtwUh30uMb0wpibeyCwDp8cqNmSiRkEuc/FjTYes5t8 -5gR//WX1l0+qjrjusO9NmoLnq2Yk6UcioX+z+q6Z/dudGfqhLfeWD2Q0LWYA242C -d7km5Y3KAt1PJdVsof/aiVhVdddY/OIEKTRQhWEdDbosy2eh16BCKXT2FFvhNDg1 -AYFvn6I8nj9IldMJiIc3DdhacEAEzRMeRgPdzAa1griKUGknxsyTyRii8ru0WS6w -DCNrlDOVXdzYGEZooBI76BDVY0W0akjV +MIICvDCCAiWgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzET +MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4G +A1UECgwHVGVzdCBDQTEVMBMGA1UEAwwMVGVzdCBSb290IENBMCAXDTEwMTIwNjAx +MDUzOVoYDzIwNjAxMTIzMDEwNTM5WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECAwK +Q2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEQMA4GA1UECgwHVGVz +dCBDQTESMBAGA1UEAwwJMTI3LjAuMC4xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQDIqOdZEwggm1WDM7IbWClfChO19nFeaeV2xVDdMo6tES7+R/g6n9NmdHCy +rRkdtwNkfZf3VzgmIs0GYmtxYNNVzJbb4+cWdmFJtRMgK0UuShFSLcngvtBaX/5u +5qEigIHL5164RiB6hYr71Xzh9oNnkqU3oViCxvyQLk3WPWiGZwIDAQABo4GAMH4w +DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUHkOOFG/DR4VFvieJbPZbmNcL3/0wHwYD +VR0jBBgwFoAUywyDKV44otaf93b7s7ZIhE74TfMwHQYDVR0lBBYwFAYIKwYBBQUH +AwEGCCsGAQUFBwMCMA8GA1UdEQQIMAaHBH8AAAEwDQYJKoZIhvcNAQEFBQADgYEA +dfeInMb+RBfVNBbKgFjBjHCV1tk500QBNqntc4B+Yu46Wq3uiEIeco4hthIwoh4r +ah/sSMGcKIziejrff/4rKxiBMrb5rubeOmyQn9oPnsfU5eAsq4ZOxO5jj+C2MaBS +tbPPJBf3FHh6VulD9IwsuE9b/yGojzw4MlJv46ltbiM= -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- -MIICXQIBAAKBgQDQj2tPWPUgbuI4H3/3dnttqVbndwU33BdRCd67DFM44GRrsjDS -H4bY/EbFyX9D52d/iy6ZaAmDePcCz5k/fgP3DMujykYGqgNiV2ywxTlMj7NlN2C7 -SRt68fQMZr5iI7rypdxuaZt9lSMD3ENBffYtuLTyZd9a3JPJe1TaIab5GwIDAQAB -AoGANHXu8z2YIzlhE+bwhGm8MGBpKL3qhRuKjeriqMA36tWezOw8lY4ymEAU+Ulv -BsCdaxqydQoTYou57m4TyUHEcxq9pq3H0zB0qL709DdHi/t4zbV9XIoAzC5v0/hG -9+Ca29TwC02FCw+qLkNrtwCpwOcQmc+bPxqvFu1iMiahURECQQD2I/Hi2413CMZz -TBjl8fMiVO9GhA2J0sc8Qi+YcgJakaLD9xcbaiLkTzPZDlA389C1b6Ia+poAr4YA -Ve0FFbxpAkEA2OobayyHE/QtPEqoy6NLR57jirmVBNmSWWd4lAyL5UIHIYVttJZg -8CLvbzaU/iDGwR+wKsM664rKPHEmtlyo4wJBAMeSqYO5ZOCJGu9NWjrHjM3fdAsG -8zs2zhiLya+fcU0iHIksBW5TBmt71Jw/wMc9R5J1K0kYvFml98653O5si1ECQBCk -RV4/mE1rmlzZzYFyEcB47DQkcM5ictvxGEsje0gnfKyRtAz6zI0f4QbDRUMJ+LWw -XK+rMsYHa+SfOb0b9skCQQCLdeonsIpFDv/Uv+flHISy0WA+AFkLXrRkBKh6G/OD -dMHaNevkJgUnpceVEnkrdenp5CcEoFTI17pd+nBgDm/B +MIICWwIBAAKBgQDIqOdZEwggm1WDM7IbWClfChO19nFeaeV2xVDdMo6tES7+R/g6 +n9NmdHCyrRkdtwNkfZf3VzgmIs0GYmtxYNNVzJbb4+cWdmFJtRMgK0UuShFSLcng +vtBaX/5u5qEigIHL5164RiB6hYr71Xzh9oNnkqU3oViCxvyQLk3WPWiGZwIDAQAB +AoGAf5i4FDI/9swP4nBbD3xOQnsb8ZeWm5znJ1FtjFr70x2cLmIBfPXo7buZdmUQ +FY8s/xfGLKgvskBq82ZeQCh7+XDOteAv5ixLoez0q91l6zP4pqoCRzpYzt8EDjs0 +V7cs0rUxRZXksEuUxkKqUR+b1KUDVwrZyLUgMoJaSOyb2cECQQDpx0iyFeKvGXAC +1jiCb9GQBWHh/W2Opi2+4gRvNRpcCnZ+JqELeXS/l7LOAO+pezwta0kFnQYL7QUG +6mhUrdIRAkEA27u3hK/CDBhHO7Atinn5+U6r4m3ztNoAc1cvBRYix/Z33EOJTuj7 +6xicUYC29fTRWOp90rsiNyE8x3SolK1Y9wJAMCCqwp7m0A14ldzsPU4v4mp5QEEg +MOHdQRLevtY72v78bfQd63LRqi/cy7Q9orKQLPmNSu6MtB/TjRzs5aHzQQJAUl19 +HxmazVnUacVSbNPoJdGdkJTSg3osLRADKg7wHrB+oWwXbiLbO3bQMaTj8DJCvue3 +HmTTIIMu+zz5bDHGZQJANhxaCoMFJkeKG0N7580hFrxzTzRXeQyeDbP3TzLRJygX +d+YkP+lFcuOlvWBy/tv/i9BTqsC0y+2V76FSoH9JPQ== -----END RSA PRIVATE KEY----- diff --git a/tools/python/google/httpd_config/root_ca_cert.crt b/tools/python/google/httpd_config/root_ca_cert.crt deleted file mode 100644 index 873b4f7..0000000 --- a/tools/python/google/httpd_config/root_ca_cert.crt +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGCTCCA/GgAwIBAgIJANRRk9Q/3tlOMA0GCSqGSIb3DQEBBQUAMGAxEDAOBgNV -BAMTB1Rlc3QgQ0ExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYw -FAYDVQQHEw1Nb3VudGFpbiBWaWV3MRIwEAYDVQQKEwlDZXJ0IFRlc3QwHhcNMDgw -NzI4MjIzMjAxWhcNMTMwNzI3MjIzMjAxWjBgMRAwDgYDVQQDEwdUZXN0IENBMQsw -CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRh -aW4gVmlldzESMBAGA1UEChMJQ2VydCBUZXN0MIICIjANBgkqhkiG9w0BAQEFAAOC -Ag8AMIICCgKCAgEAuyR/rlxmPi+L48rXdlACgz+Cq06jf8Ns0H/eaofQCB7odsKu -CXzyngqGetohqAmW8XNzGKAlHzjJcnySzhxG8V3V22aILTI7lfSxrNpLKGaJ69MO -lg6zFty/zkZ94oRX6Q1t2yRrWBN4isXMOxwRg7cGzuN8ejG0/vbgIVQulF6cqDge -5BXtXhD4GnKEbvLh5TRxK8x3VBNlVIlRx1gKVz0q8MFgyFRcMS3PEiaFarSWwq8M -I7QaeifUnXwA5BquXdwf6+8CWdanPv2wG9LylWHK/YbnBz4g/9ppYCAz2V++em+K -/CADHRNIyuEXw6LWmwmYzMd05J+46dbEEua0tRiK3yVl5Q60Bo4NZcUZA3KZ7A9l -JS13/tzFKLqCn+SLzQnZfDAp8ys/Eu9arxYq70dAPUv0eJDSuXNQx2HQBxF3phQ+ -9AvKH5Vu4UgD3lSCqXiLwtOjeCxXZJ3830jIkFOupSZI7H3f3NmMxDba5OzLXXb+ -GfLgR9ulI1Qk+UmISL6/Tsu5453jn6opv/kapD9g7Jc6AFTak1SlHWZU4JH7c1x6 -THSB9FLcjbHt5heK8qcFMU5U6OiJmKW2WKn5k2Rwv0hteLhfN1lchqZkwobzu74z -QG/Z2Q/ClU89X95U5qF1ZxuriP668SxETzPR8D9uBU/5VzkrC3c8SbcTFUECAwEA -AaOBxTCBwjAdBgNVHQ4EFgQUXc5/mePUGUExT8bPsSX1Wq/jlzEwgZIGA1UdIwSB -ijCBh4AUXc5/mePUGUExT8bPsSX1Wq/jlzGhZKRiMGAxEDAOBgNVBAMTB1Rlc3Qg -Q0ExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N -b3VudGFpbiBWaWV3MRIwEAYDVQQKEwlDZXJ0IFRlc3SCCQDUUZPUP97ZTjAMBgNV -HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQA2FoW/5tyDSkEfEQFVfLcfNvmt -s2XK7SbPZtoIYx0lnqXZ8fUxCg0chmkiCypng6msvhEwGs3z7qZWd04bY8RAZYbQ -9bhjvB0LH4lVfsK4pCAKYQDAHC271XZPd3RmdHaekH70T0w2avFxG9M91CaVRaLh -SheeCVm6aJcFnaBfSd78vDz8Ly+Jtod737JZrkmP7Oko78SrB/CfiMcf6jIdekxP -9bwi75Y0+rfaK9x/Pyjz4U23ooZLX2f/21c3JSTwR19qGZOHvQircP7scQzgtlJl -zGxQKEZwYHAPxNHbPoScLOP2LXqWUnheC5LQcsm3BtRKM5AniEqW8HqKAxrGOPNO -cj8E3hVf6lZaAeFH5CTN/rudb869k/ibJkaeo6pjeytssMr+PvpstWmWqhfEJTZn -om7w+xMsYKe1cZv6c2WIVFuvl/g8CLYuu6SXjtDqj7HVbhC1+IupXl5N4pBXIXCf -Q33D4JsmM51ySMk5SxAl6HaxiB9hU3dqJqWjiKBJztLnZUDWUpCb3g09yygXeTmY -fNGaY+mZX3HBohrAy0kj06OgT12ovmWsmQRIvpTBybTbX37vt11xOLN/WNnifkH9 -HcEOc/WW68x2dJbnF4sBfV/0edA8ectGdyqzn1gvYjdMDPSSbAZ4B/EIijfHqILb -R3901wi9fJwhBxFIuQ== ------END CERTIFICATE----- diff --git a/tools/python/google/httpd_config/root_ca_cert.pem b/tools/python/google/httpd_config/root_ca_cert.pem new file mode 100644 index 0000000..2c7de65 --- /dev/null +++ b/tools/python/google/httpd_config/root_ca_cert.pem @@ -0,0 +1,72 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 9c:2f:96:4d:cf:ed:53:de + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Validity + Not Before: Dec 6 00:53:08 2010 GMT + Not After : Nov 23 00:53:08 2060 GMT + Subject: C=US, ST=California, L=Mountain View, O=Test CA, CN=Test Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:a7:be:04:ae:99:87:df:58:e1:c9:cb:ba:f1:0d: + 91:be:9c:14:66:f5:27:55:ad:9e:ea:ba:11:78:fa: + cf:a5:4d:50:02:9a:23:ad:9d:3a:c7:d9:23:6b:b1: + ec:8e:0f:ce:c3:de:d1:a6:8e:29:ba:15:12:4b:39: + d9:31:28:64:08:dd:8e:b9:f3:b9:67:f1:3d:76:16: + c1:cb:a6:3f:f5:26:86:8e:37:29:0f:2f:62:de:87: + 44:31:60:88:3f:d2:bc:ad:43:ea:0f:69:bc:4b:cd: + 32:b3:3b:1b:e8:7f:31:3d:d7:37:f7:5a:4a:51:38: + 24:91:dc:ec:18:19:a4:ec:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + CB:0C:83:29:5E:38:A2:D6:9F:F7:76:FB:B3:B6:48:84:4E:F8:4D:F3 + Signature Algorithm: sha1WithRSAEncryption + 60:e9:9d:7b:e2:38:d2:cf:65:82:d1:b8:f3:11:b1:be:33:9b: + f8:fd:16:6c:0f:5e:ef:ae:d7:da:61:9a:0d:db:c7:76:17:c9: + b5:f3:da:e1:c0:2b:73:45:9f:b5:29:e0:20:52:3a:76:e3:38: + 9a:1d:95:34:65:e2:ac:8d:bb:9a:19:fa:b3:49:41:e4:2c:88: + e6:ab:31:c2:d8:25:0c:82:84:4d:d7:50:f2:84:b5:01:7e:ed: + f2:4a:b6:33:4f:9d:44:e9:24:8b:be:47:a7:66:82:dc:16:72: + 9e:5a:82:7b:cf:95:df:60:cb:90:fe:cc:10:88:d0:ae:96:1b: + 88:72 +-----BEGIN CERTIFICATE----- +MIICiDCCAfGgAwIBAgIJAJwvlk3P7VPeMA0GCSqGSIb3DQEBBQUAMGMxCzAJBgNV +BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBW +aWV3MRAwDgYDVQQKDAdUZXN0IENBMRUwEwYDVQQDDAxUZXN0IFJvb3QgQ0EwIBcN +MTAxMjA2MDA1MzA4WhgPMjA2MDExMjMwMDUzMDhaMGMxCzAJBgNVBAYTAlVTMRMw +EQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRAwDgYD +VQQKDAdUZXN0IENBMRUwEwYDVQQDDAxUZXN0IFJvb3QgQ0EwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAKe+BK6Zh99Y4cnLuvENkb6cFGb1J1Wtnuq6EXj6z6VN +UAKaI62dOsfZI2ux7I4PzsPe0aaOKboVEks52TEoZAjdjrnzuWfxPXYWwcumP/Um +ho43KQ8vYt6HRDFgiD/SvK1D6g9pvEvNMrM7G+h/MT3XN/daSlE4JJHc7BgZpOxn +AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1Ud +DgQWBBTLDIMpXjii1p/3dvuztkiETvhN8zANBgkqhkiG9w0BAQUFAAOBgQBg6Z17 +4jjSz2WC0bjzEbG+M5v4/RZsD17vrtfaYZoN28d2F8m189rhwCtzRZ+1KeAgUjp2 +4ziaHZU0ZeKsjbuaGfqzSUHkLIjmqzHC2CUMgoRN11DyhLUBfu3ySrYzT51E6SSL +vkenZoLcFnKeWoJ7z5XfYMuQ/swQiNCulhuIcg== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIICXQIBAAKBgQCnvgSumYffWOHJy7rxDZG+nBRm9SdVrZ7quhF4+s+lTVACmiOt +nTrH2SNrseyOD87D3tGmjim6FRJLOdkxKGQI3Y6587ln8T12FsHLpj/1JoaONykP +L2Leh0QxYIg/0rytQ+oPabxLzTKzOxvofzE91zf3WkpROCSR3OwYGaTsZwIDAQAB +AoGAAeGYrdic9H1Lsvas9w0e6FNZyznOoiBbWuiRT5kIgSMX1Z+i7MyJnzopMokB +TSqSOBIkqciIYUThOqTAcdOxI3+oz1nCOdbBJ5Rfg8EHG6RlMYG+d1OZ2hVFOWR9 +whM3b+kXjsHw5CKtsH3tdj/1UmjrVZnNQwOM5QKoAwfNUOECQQDbNc4WfleotScu +u7ogLMueKIwq8sf9X15DecK9IIpqvW17uHZV4zb2LUQrF+/2ALNXpqPw75aCbAVl +Mezm6eqXAkEAw+TvJiw6FggEiOe43eT0EU5eXmuLFyHpwcSg5HwPn+UVGu0JDmXE +iF3Xr418vke/tD/9rra+m0gzdaEzRh1WsQJBANgBffGWT8SztUeMvsyjt4VCyVQs +5jra9eUhn26EGUEzJiZKz3i0q90LH+gi71cGu7J8R4HMZRBhZzOfbaThDUMCQQC0 +j3TbU5KqsfM0GZotdRZ+SST0lN3ckZa70riWQb/JGsdMTUW2rpjrNMxUdO6RGOMb +iowSmUCxMmi0OMRhETPRAkBrMCWdw63RmQ21zs6joJT24hv4IpBcxK41o/aH3kUg +KWrXmZ98GqnH9DdQpAGGAP0G7JVIYXCZaMww6N/zNE5U +-----END RSA PRIVATE KEY----- diff --git a/tools/valgrind/valgrind_test.py b/tools/valgrind/valgrind_test.py index 0280b1d..75eaa5e 100755 --- a/tools/valgrind/valgrind_test.py +++ b/tools/valgrind/valgrind_test.py @@ -327,15 +327,6 @@ class ValgrindTool(BaseTool): We need to run some sanity checks, set up a Wine prefix, and make sure wineserver is running by starting a dummy win32 program. """ - if not os.path.exists('/usr/share/ca-certificates/root_ca_cert.crt'): - logging.warning('WARNING: SSL certificate missing! SSL tests will fail.') - logging.warning('You need to run:') - logging.warning('sudo cp src/net/data/ssl/certificates/root_ca_cert.crt ' - '/usr/share/ca-certificates/') - logging.warning('sudo vi /etc/ca-certificates.conf') - logging.warning(' (and add the line root_ca_cert.crt)') - logging.warning('sudo update-ca-certificates') - # Shutdown the Wine server in case the last run got interrupted. common.RunSubprocess([os.environ.get('WINESERVER'), '-k']) diff --git a/tools/wine_valgrind/chrome_tests.sh b/tools/wine_valgrind/chrome_tests.sh index 990e0a5..f98486d 100755 --- a/tools/wine_valgrind/chrome_tests.sh +++ b/tools/wine_valgrind/chrome_tests.sh @@ -241,16 +241,6 @@ init_runtime() { echo Please kill the server listening on port 1337, or reboot. The net tests need this port. exit 1 fi - if test ! -f /usr/share/ca-certificates/root_ca_cert.crt - then - echo "You need to do" - echo "sudo cp src/net/data/ssl/certificates/root_ca_cert.crt /usr/share/ca-certificates/" - echo "sudo vi /etc/ca-certificates.conf (and add the line root_ca_cert.crt)" - echo "sudo update-ca-certificates" - echo "else ssl tests will fail." - echo "(Alternately, modify this script to run Juan's importer, http://bugs.winehq.org/show_bug.cgi?id=20370#c4 )" - exit 1 - fi if test -n "$VNC" then |