diff options
Diffstat (limited to 'net/data')
24 files changed, 3107 insertions, 0 deletions
diff --git a/net/data/parse_ocsp_unittest/annotate_test_data.py b/net/data/parse_ocsp_unittest/annotate_test_data.py new file mode 100755 index 0000000..256a0a2 --- /dev/null +++ b/net/data/parse_ocsp_unittest/annotate_test_data.py @@ -0,0 +1,173 @@ +#!/usr/bin/python +# Copyright (c) 2016 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. +# TODO(svaldez): Deduplicate various annotate_test_data. + +"""This script is called without any arguments to re-format all of the *.pem +files in the script's parent directory. + +The main formatting change is to run "openssl asn1parse" for each of the PEM +block sections, and add that output to the comment. It also runs the command +on the OCTET STRING representing BasicOCSPResponse. + +""" + +import glob +import os +import re +import base64 +import subprocess + + +def Transform(file_data): + """Returns a transformed (formatted) version of file_data""" + + result = '' + + for block in GetPemBlocks(file_data): + if len(result) != 0: + result += '\n' + + # If there was a user comment (non-script-generated comment) associated + # with the block, output it immediately before the block. + user_comment = GetUserComment(block.comment) + if user_comment: + result += user_comment + '\n' + + generated_comment = GenerateCommentForBlock(block.name, block.data) + result += generated_comment + '\n' + + + result += MakePemBlockString(block.name, block.data) + + return result + + +def GenerateCommentForBlock(block_name, block_data): + """Returns a string describing the ASN.1 structure of block_data""" + + p = subprocess.Popen(['openssl', 'asn1parse', '-i', '-inform', 'DER'], + stdout=subprocess.PIPE, stdin=subprocess.PIPE, + stderr=subprocess.PIPE) + stdout_data, stderr_data = p.communicate(input=block_data) + generated_comment = '$ openssl asn1parse -i < [%s]\n%s' % (block_name, + stdout_data) + + # The OCTET STRING encoded BasicOCSPResponse is also parsed out using + #'openssl asn1parse'. + if block_name == 'OCSP RESPONSE': + if '[HEX DUMP]:' in generated_comment: + (generated_comment, response) = generated_comment.split('[HEX DUMP]:', 1) + response = response.replace('\n', '') + if len(response) % 2 != 0: + response = '0' + response + response = GenerateCommentForBlock('INNER', response.decode('hex')) + response = response.split('\n', 1)[1] + response = response.replace(': ', ': ') + generated_comment += '\n%s' % (response) + return generated_comment.strip('\n') + + + +def GetUserComment(comment): + """Removes any script-generated lines (everything after the $ openssl line)""" + + # Consider everything after "$ openssl" to be a generated comment. + comment = comment.split('$ openssl asn1parse -i', 1)[0] + if IsEntirelyWhiteSpace(comment): + comment = '' + return comment + + +def MakePemBlockString(name, data): + return ('-----BEGIN %s-----\n' + '%s' + '-----END %s-----\n') % (name, EncodeDataForPem(data), name) + + +def GetPemFilePaths(): + """Returns an iterable for all the paths to the PEM test files""" + + base_dir = os.path.dirname(os.path.realpath(__file__)) + return glob.iglob(os.path.join(base_dir, '*.pem')) + + +def ReadFileToString(path): + with open(path, 'r') as f: + return f.read() + + +def WrapTextToLineWidth(text, column_width): + result = '' + pos = 0 + while pos < len(text): + result += text[pos : pos + column_width] + '\n' + pos += column_width + return result + + +def EncodeDataForPem(data): + result = base64.b64encode(data) + return WrapTextToLineWidth(result, 75) + + +class PemBlock(object): + def __init__(self): + self.name = None + self.data = None + self.comment = None + + +def StripAllWhitespace(text): + pattern = re.compile(r'\s+') + return re.sub(pattern, '', text) + + +def IsEntirelyWhiteSpace(text): + return len(StripAllWhitespace(text)) == 0 + + +def DecodePemBlockData(text): + text = StripAllWhitespace(text) + return base64.b64decode(text) + + +def GetPemBlocks(data): + """Returns an iterable of PemBlock""" + + comment_start = 0 + + regex = re.compile(r'-----BEGIN ([\w ]+)-----(.*?)-----END \1-----', + re.DOTALL) + + for match in regex.finditer(data): + block = PemBlock() + + block.name = match.group(1) + block.data = DecodePemBlockData(match.group(2)) + + # Keep track of any non-PEM text above blocks + block.comment = data[comment_start : match.start()].strip() + comment_start = match.end() + + yield block + + +def WriteStringToFile(data, path): + with open(path, "w") as f: + f.write(data) + + +def main(): + for path in GetPemFilePaths(): + print "Processing %s ..." % (path) + original_data = ReadFileToString(path) + transformed_data = Transform(original_data) + if original_data != transformed_data: + WriteStringToFile(transformed_data, path) + print "Rewrote %s" % (path) + + +if __name__ == "__main__": + main() diff --git a/net/data/parse_ocsp_unittest/bad_ocsp_type.pem b/net/data/parse_ocsp_unittest/bad_ocsp_type.pem new file mode 100644 index 0000000..3441d9e --- /dev/null +++ b/net/data/parse_ocsp_unittest/bad_ocsp_type.pem @@ -0,0 +1,123 @@ +Has an invalid OCSP OID +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 299 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 292 cons: cont [ 0 ] + 11:d=2 hl=4 l= 288 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :OCSP Nonce + 26:d=3 hl=4 l= 273 prim: OCTET STRING + 0:d=0 hl=4 l= 269 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 0 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQIEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg +xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK +/bUfjrcMZcpbblnbPReAfYUsUaiCE +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/bad_signature.pem b/net/data/parse_ocsp_unittest/bad_signature.pem new file mode 100644 index 0000000..f128604 --- /dev/null +++ b/net/data/parse_ocsp_unittest/bad_signature.pem @@ -0,0 +1,121 @@ +Has an invalid signature +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=3 l= 170 cons: SEQUENCE + 3:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 6:d=1 hl=3 l= 164 cons: cont [ 0 ] + 9:d=2 hl=3 l= 161 cons: SEQUENCE + 12:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 23:d=3 hl=3 l= 147 prim: OCTET STRING + 0:d=0 hl=3 l= 144 cons: SEQUENCE + 3:d=1 hl=2 l= 120 cons: SEQUENCE + 5:d=2 hl=2 l= 20 cons: cont [ 1 ] + 7:d=3 hl=2 l= 18 cons: SEQUENCE + 9:d=4 hl=2 l= 16 cons: SET + 11:d=5 hl=2 l= 14 cons: SEQUENCE + 13:d=6 hl=2 l= 3 prim: OBJECT :commonName + 18:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 27:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 44:d=2 hl=2 l= 79 cons: SEQUENCE + 46:d=3 hl=2 l= 77 cons: SEQUENCE + 48:d=4 hl=2 l= 56 cons: SEQUENCE + 50:d=5 hl=2 l= 7 cons: SEQUENCE + 52:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 59:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 81:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 103:d=5 hl=2 l= 1 prim: INTEGER :03 + 106:d=4 hl=2 l= 0 prim: cont [ 0 ] + 108:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 125:d=1 hl=2 l= 13 cons: SEQUENCE + 127:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 138:d=2 hl=2 l= 0 prim: NULL + 140:d=1 hl=2 l= 5 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIGqCgEAoIGkMIGhBgkrBgEFBQcwAQEEgZMwgZAweKEUMBIxEDAOBgNVBAMTB1Rlc3QgQ0EYDzI +wMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQEEFHc1rL +Tf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWjANBgkqhkiG9w0BAQUFAAMFA +N6tvu8= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/bad_status.pem b/net/data/parse_ocsp_unittest/bad_status.pem new file mode 100644 index 0000000..db7c66c --- /dev/null +++ b/net/data/parse_ocsp_unittest/bad_status.pem @@ -0,0 +1,91 @@ +Has an invalid status larger than the defined Status enumeration +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=2 l= 3 cons: SEQUENCE + 2:d=1 hl=2 l= 1 prim: ENUMERATED :11 +-----BEGIN OCSP RESPONSE----- +MAMKARE= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/good_response.pem b/net/data/parse_ocsp_unittest/good_response.pem new file mode 100644 index 0000000..f103d9a --- /dev/null +++ b/net/data/parse_ocsp_unittest/good_response.pem @@ -0,0 +1,123 @@ +Is a valid response for the cert +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 299 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 292 cons: cont [ 0 ] + 11:d=2 hl=4 l= 288 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 273 prim: OCTET STRING + 0:d=0 hl=4 l= 269 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 0 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg +xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK +/bUfjrcMZcpbblnbPReAfYUsUaiCE +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/good_response_next_update.pem b/net/data/parse_ocsp_unittest/good_response_next_update.pem new file mode 100644 index 0000000..7169d7d --- /dev/null +++ b/net/data/parse_ocsp_unittest/good_response_next_update.pem @@ -0,0 +1,125 @@ +Is a valid response for the cert until nextUpdate +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 319 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 312 cons: cont [ 0 ] + 11:d=2 hl=4 l= 308 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 293 prim: OCTET STRING + 0:d=0 hl=4 l= 289 cons: SEQUENCE + 4:d=1 hl=3 l= 139 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=2 l= 98 cons: SEQUENCE + 48:d=3 hl=2 l= 96 cons: SEQUENCE + 50:d=4 hl=2 l= 56 cons: SEQUENCE + 52:d=5 hl=2 l= 7 cons: SEQUENCE + 54:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 105:d=5 hl=2 l= 1 prim: INTEGER :03 + 108:d=4 hl=2 l= 0 prim: cont [ 0 ] + 110:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 127:d=4 hl=2 l= 17 cons: cont [ 0 ] + 129:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 146:d=1 hl=2 l= 13 cons: SEQUENCE + 148:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 159:d=2 hl=2 l= 0 prim: NULL + 161:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBPwoBAKCCATgwggE0BgkrBgEFBQcwAQEEggElMIIBITCBi6EUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjBiMGAwODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ +EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWqARGA8yMDE2MDMwN +DE2NDAwMlowDQYJKoZIhvcNAQEFBQADgYEAUaMzuLydF/skM3i+4I0fPNHhe0Ilzxidd4SW4l7s +NhZLc5kngs2sP+WcPIc9UCHYeB5rGgL8ochmQj8EIO+Z+rlss3L5CLlyYXw2cv3i7Bcb9MJResS +az0cM1VDLiDP2zxS+sPtPtWt5q2PQh91ATJjLH+rl94IJLrfqGJ8m5Vc= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/has_extension.pem b/net/data/parse_ocsp_unittest/has_extension.pem new file mode 100644 index 0000000..5fcd285 --- /dev/null +++ b/net/data/parse_ocsp_unittest/has_extension.pem @@ -0,0 +1,124 @@ +Includes an x509v3 extension +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 319 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 312 cons: cont [ 0 ] + 11:d=2 hl=4 l= 308 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 293 prim: OCTET STRING + 0:d=0 hl=4 l= 289 cons: SEQUENCE + 4:d=1 hl=3 l= 139 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=2 l= 79 cons: SEQUENCE + 48:d=3 hl=2 l= 77 cons: SEQUENCE + 50:d=4 hl=2 l= 56 cons: SEQUENCE + 52:d=5 hl=2 l= 7 cons: SEQUENCE + 54:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 105:d=5 hl=2 l= 1 prim: INTEGER :03 + 108:d=4 hl=2 l= 0 prim: cont [ 0 ] + 110:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 127:d=2 hl=2 l= 17 cons: cont [ 1 ] + 129:d=3 hl=2 l= 15 cons: SEQUENCE + 131:d=4 hl=2 l= 13 cons: SEQUENCE + 133:d=5 hl=2 l= 3 prim: OBJECT :1.2.3.4 +Error in encoding +-----BEGIN OCSP RESPONSE----- +MIIBPwoBAKCCATgwggE0BgkrBgEFBQcwAQEEggElMIIBITCBi6EUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ +EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWqERMA8wDQYDKgMER +EVBREJFRUYwDQYJKoZIhvcNAQEFBQADgYEAIAs38OAgwQtXMBhJwNs8EHgrIUMIKz5aZBX79OL3 +hAtpoA94hSvA/Z7iJ9R6XX+x6RAjVTODkFjQCpZb3cjgUQvJgQDr4ct34KdY0uDYNlEKGfrecaG +z5TEAu92I16UVjj69lBbBuU7IxJQPKjU2ZoR0nqh9VyDgAyOvVcCz608= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/has_single_extension.pem b/net/data/parse_ocsp_unittest/has_single_extension.pem new file mode 100644 index 0000000..385ee05 --- /dev/null +++ b/net/data/parse_ocsp_unittest/has_single_extension.pem @@ -0,0 +1,124 @@ +Has an extension in the SingleResponse +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 319 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 312 cons: cont [ 0 ] + 11:d=2 hl=4 l= 308 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 293 prim: OCTET STRING + 0:d=0 hl=4 l= 289 cons: SEQUENCE + 4:d=1 hl=3 l= 139 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=2 l= 98 cons: SEQUENCE + 48:d=3 hl=2 l= 96 cons: SEQUENCE + 50:d=4 hl=2 l= 56 cons: SEQUENCE + 52:d=5 hl=2 l= 7 cons: SEQUENCE + 54:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 105:d=5 hl=2 l= 1 prim: INTEGER :03 + 108:d=4 hl=2 l= 0 prim: cont [ 0 ] + 110:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 127:d=4 hl=2 l= 17 cons: cont [ 1 ] + 129:d=5 hl=2 l= 15 cons: SEQUENCE + 131:d=6 hl=2 l= 13 cons: SEQUENCE + 133:d=7 hl=2 l= 3 prim: OBJECT :1.2.3.4 +Error in encoding +-----BEGIN OCSP RESPONSE----- +MIIBPwoBAKCCATgwggE0BgkrBgEFBQcwAQEEggElMIIBITCBi6EUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjBiMGAwODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ +EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWqERMA8wDQYDKgMER +EVBREJFRUYwDQYJKoZIhvcNAQEFBQADgYEAbcAvOhDvLP8Wuine9UmLz2+gIkxLEdPLdexxb844 +9xAX+JuofgeDI4m7+Z3KYH+4Pl0c5d8hcoCNT0gievvtpyb533yOb3ROEEaSSasECEXFi4ZRIiz +nHUH5pWBtqw0lA/BoVj66Lb0dG5AiuIyrZom3SylNh9A0pHAZIyIDe0M= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/has_version.pem b/net/data/parse_ocsp_unittest/has_version.pem new file mode 100644 index 0000000..766d76d4 --- /dev/null +++ b/net/data/parse_ocsp_unittest/has_version.pem @@ -0,0 +1,123 @@ +Includes a default version V1 +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 299 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 292 cons: cont [ 0 ] + 11:d=2 hl=4 l= 288 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 273 prim: OCTET STRING + 0:d=0 hl=4 l= 269 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 0 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg +xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK +/bUfjrcMZcpbblnbPReAfYUsUaiCE +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/malformed_status.pem b/net/data/parse_ocsp_unittest/malformed_status.pem new file mode 100644 index 0000000..be983d7 --- /dev/null +++ b/net/data/parse_ocsp_unittest/malformed_status.pem @@ -0,0 +1,91 @@ +Has a status of MALFORMED_REQUEST +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=2 l= 3 cons: SEQUENCE + 2:d=1 hl=2 l= 1 prim: ENUMERATED :01 +-----BEGIN OCSP RESPONSE----- +MAMKAQE= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/missing_response.pem b/net/data/parse_ocsp_unittest/missing_response.pem new file mode 100644 index 0000000..a904537 --- /dev/null +++ b/net/data/parse_ocsp_unittest/missing_response.pem @@ -0,0 +1,112 @@ +Missing a response for the cert +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=3 l= 216 cons: SEQUENCE + 3:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 6:d=1 hl=3 l= 210 cons: cont [ 0 ] + 9:d=2 hl=3 l= 207 cons: SEQUENCE + 12:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 23:d=3 hl=3 l= 193 prim: OCTET STRING + 0:d=0 hl=3 l= 190 cons: SEQUENCE + 3:d=1 hl=2 l= 41 cons: SEQUENCE + 5:d=2 hl=2 l= 20 cons: cont [ 1 ] + 7:d=3 hl=2 l= 18 cons: SEQUENCE + 9:d=4 hl=2 l= 16 cons: SET + 11:d=5 hl=2 l= 14 cons: SEQUENCE + 13:d=6 hl=2 l= 3 prim: OBJECT :commonName + 18:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 27:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 44:d=2 hl=2 l= 0 cons: SEQUENCE + 46:d=1 hl=2 l= 13 cons: SEQUENCE + 48:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 59:d=2 hl=2 l= 0 prim: NULL + 61:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIHYCgEAoIHSMIHPBgkrBgEFBQcwAQEEgcEwgb4wKaEUMBIxEDAOBgNVBAMTB1Rlc3QgQ0EYDzI +wMTYwMzA0MTY0MDAyWjAAMA0GCSqGSIb3DQEBBQUAA4GBAFEVksQxQGbZHWAsFEgQHN/UVO6fdf +nOATPc/lnJLGVzGXgYoa/Rg9bRZ9hVdz0QYLE5u8PbQKqNCWzq31ilry2NZtMbFpd/Gr3TkAcIB +hpBYTcxK3+x1nq8ztuep36XoV+gGbTaB3f7BqeR60t4/pWzwjf8A+8+6unFC5hYE07J +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/multiple_response.pem b/net/data/parse_ocsp_unittest/multiple_response.pem new file mode 100644 index 0000000..985bf82 --- /dev/null +++ b/net/data/parse_ocsp_unittest/multiple_response.pem @@ -0,0 +1,133 @@ +Has multiple responses for the cert +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 380 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 373 cons: cont [ 0 ] + 11:d=2 hl=4 l= 369 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 354 prim: OCTET STRING + 0:d=0 hl=4 l= 350 cons: SEQUENCE + 4:d=1 hl=3 l= 200 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=3 l= 158 cons: SEQUENCE + 49:d=3 hl=2 l= 77 cons: SEQUENCE + 51:d=4 hl=2 l= 56 cons: SEQUENCE + 53:d=5 hl=2 l= 7 cons: SEQUENCE + 55:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 62:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 84:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 106:d=5 hl=2 l= 1 prim: INTEGER :03 + 109:d=4 hl=2 l= 0 prim: cont [ 0 ] + 111:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 128:d=3 hl=2 l= 77 cons: SEQUENCE + 130:d=4 hl=2 l= 56 cons: SEQUENCE + 132:d=5 hl=2 l= 7 cons: SEQUENCE + 134:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 141:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 163:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 185:d=5 hl=2 l= 1 prim: INTEGER :03 + 188:d=4 hl=2 l= 0 prim: cont [ 2 ] + 190:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 207:d=1 hl=2 l= 13 cons: SEQUENCE + 209:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 220:d=2 hl=2 l= 0 prim: NULL + 222:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBfAoBAKCCAXUwggFxBgkrBgEFBQcwAQEEggFiMIIBXjCByKEUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjCBnjBNMDgwBwYFKw4DAhoEFAL/ddok3ordFQ+raJ3M5uZjbQ +kBBBR3Nay03+e53IJZOBt+7fCIK5c1NAIBA4AAGA8yMDE2MDMwNDE2NDAwMlowTTA4MAcGBSsOA +wIaBBQC/3XaJN6K3RUPq2idzObmY20JAQQUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOCABgPMjAx +NjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBBQUAA4GBADtJYfmQINzaAJV81Nocj2EBm0O0hXhSKd3 +Vb5EP5e2mAxywv6HzW+kde1cTfQCRLNaumm8/Mow4RpmfquWL/ZCIDYLk1flxYE2MR4Gr7QpPP0 +iiisfzJwe7LpiFSYMO7W4jxlqmPIGeHz28/KD1GT6R0fC+kXJF1dZoQyIRy9xE +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/no_response.pem b/net/data/parse_ocsp_unittest/no_response.pem new file mode 100644 index 0000000..73b4080 --- /dev/null +++ b/net/data/parse_ocsp_unittest/no_response.pem @@ -0,0 +1,112 @@ +No SingleResponses attached to the response +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=3 l= 216 cons: SEQUENCE + 3:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 6:d=1 hl=3 l= 210 cons: cont [ 0 ] + 9:d=2 hl=3 l= 207 cons: SEQUENCE + 12:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 23:d=3 hl=3 l= 193 prim: OCTET STRING + 0:d=0 hl=3 l= 190 cons: SEQUENCE + 3:d=1 hl=2 l= 41 cons: SEQUENCE + 5:d=2 hl=2 l= 20 cons: cont [ 1 ] + 7:d=3 hl=2 l= 18 cons: SEQUENCE + 9:d=4 hl=2 l= 16 cons: SET + 11:d=5 hl=2 l= 14 cons: SEQUENCE + 13:d=6 hl=2 l= 3 prim: OBJECT :commonName + 18:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 27:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 44:d=2 hl=2 l= 0 cons: SEQUENCE + 46:d=1 hl=2 l= 13 cons: SEQUENCE + 48:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 59:d=2 hl=2 l= 0 prim: NULL + 61:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIHYCgEAoIHSMIHPBgkrBgEFBQcwAQEEgcEwgb4wKaEUMBIxEDAOBgNVBAMTB1Rlc3QgQ0EYDzI +wMTYwMzA0MTY0MDAyWjAAMA0GCSqGSIb3DQEBBQUAA4GBAFEVksQxQGbZHWAsFEgQHN/UVO6fdf +nOATPc/lnJLGVzGXgYoa/Rg9bRZ9hVdz0QYLE5u8PbQKqNCWzq31ilry2NZtMbFpd/Gr3TkAcIB +hpBYTcxK3+x1nq8ztuep36XoV+gGbTaB3f7BqeR60t4/pWzwjf8A+8+6unFC5hYE07J +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/ocsp_extra_certs.pem b/net/data/parse_ocsp_unittest/ocsp_extra_certs.pem new file mode 100644 index 0000000..cfdad7b --- /dev/null +++ b/net/data/parse_ocsp_unittest/ocsp_extra_certs.pem @@ -0,0 +1,205 @@ +Includes extra certs +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l=1165 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l=1158 cons: cont [ 0 ] + 11:d=2 hl=4 l=1154 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l=1139 prim: OCTET STRING + 0:d=0 hl=4 l=1135 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 0 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING + 273:d=1 hl=4 l= 862 cons: cont [ 0 ] + 277:d=2 hl=4 l= 858 cons: SEQUENCE + 281:d=3 hl=4 l= 408 cons: SEQUENCE + 285:d=4 hl=4 l= 257 cons: SEQUENCE + 289:d=5 hl=2 l= 3 cons: cont [ 0 ] + 291:d=6 hl=2 l= 1 prim: INTEGER :02 + 294:d=5 hl=2 l= 1 prim: INTEGER :00 + 297:d=5 hl=2 l= 13 cons: SEQUENCE + 299:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 310:d=6 hl=2 l= 0 prim: NULL + 312:d=5 hl=2 l= 18 cons: SEQUENCE + 314:d=6 hl=2 l= 16 cons: SET + 316:d=7 hl=2 l= 14 cons: SEQUENCE + 318:d=8 hl=2 l= 3 prim: OBJECT :commonName + 323:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 332:d=5 hl=2 l= 30 cons: SEQUENCE + 334:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z + 349:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z + 364:d=5 hl=2 l= 18 cons: SEQUENCE + 366:d=6 hl=2 l= 16 cons: SET + 368:d=7 hl=2 l= 14 cons: SEQUENCE + 370:d=8 hl=2 l= 3 prim: OBJECT :commonName + 375:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 384:d=5 hl=3 l= 159 cons: SEQUENCE + 387:d=6 hl=2 l= 13 cons: SEQUENCE + 389:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption + 400:d=7 hl=2 l= 0 prim: NULL + 402:d=6 hl=3 l= 141 prim: BIT STRING + 546:d=4 hl=2 l= 13 cons: SEQUENCE + 548:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 559:d=5 hl=2 l= 0 prim: NULL + 561:d=4 hl=3 l= 129 prim: BIT STRING + 693:d=3 hl=4 l= 442 cons: SEQUENCE + 697:d=4 hl=4 l= 291 cons: SEQUENCE + 701:d=5 hl=2 l= 3 cons: cont [ 0 ] + 703:d=6 hl=2 l= 1 prim: INTEGER :02 + 706:d=5 hl=2 l= 1 prim: INTEGER :01 + 709:d=5 hl=2 l= 13 cons: SEQUENCE + 711:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 722:d=6 hl=2 l= 0 prim: NULL + 724:d=5 hl=2 l= 18 cons: SEQUENCE + 726:d=6 hl=2 l= 16 cons: SET + 728:d=7 hl=2 l= 14 cons: SEQUENCE + 730:d=8 hl=2 l= 3 prim: OBJECT :commonName + 735:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 744:d=5 hl=2 l= 30 cons: SEQUENCE + 746:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z + 761:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z + 776:d=5 hl=2 l= 27 cons: SEQUENCE + 778:d=6 hl=2 l= 25 cons: SET + 780:d=7 hl=2 l= 23 cons: SEQUENCE + 782:d=8 hl=2 l= 3 prim: OBJECT :commonName + 787:d=8 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer + 805:d=5 hl=3 l= 159 cons: SEQUENCE + 808:d=6 hl=2 l= 13 cons: SEQUENCE + 810:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption + 821:d=7 hl=2 l= 0 prim: NULL + 823:d=6 hl=3 l= 141 prim: BIT STRING + 967:d=5 hl=2 l= 23 cons: cont [ 3 ] + 969:d=6 hl=2 l= 21 cons: SEQUENCE + 971:d=7 hl=2 l= 19 cons: SEQUENCE + 973:d=8 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage + 978:d=8 hl=2 l= 12 prim: OCTET STRING [HEX DUMP]:300A06082B06010505070309 + 992:d=4 hl=2 l= 13 cons: SEQUENCE + 994:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 1005:d=5 hl=2 l= 0 prim: NULL + 1007:d=4 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIEjQoBAKCCBIYwggSCBgkrBgEFBQcwAQEEggRzMIIEbzB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg +xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK +/bUfjrcMZcpbblnbPReAfYUsUaiCEoIIDXjCCA1owggGYMIIBAaADAgECAgEAMA0GCSqGSIb3DQ +EBBQUAMBIxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMTYwMzA0MjE0MDAyWhcNMjYwMzAyMjE0MDAyW +jASMRAwDgYDVQQDEwdUZXN0IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDE3whHt7Lq +NNVTJLqSQKq3bH3+bGdHPvs/LorB2bc/2OojCqsJG6oBd8LlBzJ7JRpcoJzj1uYvtzLrhSjBOuc +iPKqJg5fRU7q3dl0pzLb/xTa7B0vmhk+UGSkjqZTu+X7espsqQ0808u/xqnAUXXMgdSbW26d3Xn +Y+UwBZC7quZQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJhpZ2OHHQBEaGzUOPU3pFch/RTrr2clz +HReS4L/IvkmLXpyMjWzvpqtWMYrs49nTXXHj+A0xEuPfXDLEqx+DepB2ViRWXz0LC0D4rGCFChG +EPxxJZjVo5BybiEzXUcTm3lXI1uF5I4FXCg5vzA5yBkURF8I1ZtzHZrdZhUkIahTMIIBujCCASO +gAwIBAgIBATANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE2MDMwNDIxND +AwMloXDTI2MDMwMjIxNDAwMlowGzEZMBcGA1UEAxMQVGVzdCBPQ1NQIFNpZ25lcjCBnzANBgkqh +kiG9w0BAQEFAAOBjQAwgYkCgYEAr33RA+84nexEDSI0KGSwbWlLiaACkAiVbJQwXoWDqTSKrD1u +b376zek9M+5WETYka2V0ZwnW9IbJiEpmnn4rKvTdItkHYv7vYK5+9KBi4s8w4aYRECYDdTKc6+0 +I6ZY/jAXY1Zxz/rAmfFVvV7roAD2QvVM3f7hUC2uIqQPjXJECAwEAAaMXMBUwEwYDVR0lBAwwCg +YIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADgYEAvIZNLVTEHpgj0gKN9x1LvTJJUVSJovny2zI/Y +Bt1HluMNjgMmTKUearYNJVBlqWKB0xytByOQVgkkPQjJYSTVFguc6ObfKG005OlhNXa2ZDffSn+ +gmo8NtdOQyDbz0ydaENNCxpSxr4QXNdOGMiwxN3FSjE1V7v0XdGGsAgrSRw= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem b/net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem new file mode 100644 index 0000000..308d2c7 --- /dev/null +++ b/net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem @@ -0,0 +1,163 @@ +Signed through an intermediate without the correct key usage +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 750 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 743 cons: cont [ 0 ] + 11:d=2 hl=4 l= 739 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 724 prim: OCTET STRING + 0:d=0 hl=4 l= 720 cons: SEQUENCE + 4:d=1 hl=3 l= 135 cons: SEQUENCE + 7:d=2 hl=2 l= 35 cons: cont [ 1 ] + 9:d=3 hl=2 l= 33 cons: SEQUENCE + 11:d=4 hl=2 l= 31 cons: SET + 13:d=5 hl=2 l= 29 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 22 prim: PRINTABLESTRING :Test False OCSP Signer + 44:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 61:d=2 hl=2 l= 79 cons: SEQUENCE + 63:d=3 hl=2 l= 77 cons: SEQUENCE + 65:d=4 hl=2 l= 56 cons: SEQUENCE + 67:d=5 hl=2 l= 7 cons: SEQUENCE + 69:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 76:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 98:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 120:d=5 hl=2 l= 1 prim: INTEGER :03 + 123:d=4 hl=2 l= 0 prim: cont [ 0 ] + 125:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 142:d=1 hl=2 l= 13 cons: SEQUENCE + 144:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 155:d=2 hl=2 l= 0 prim: NULL + 157:d=1 hl=3 l= 129 prim: BIT STRING + 289:d=1 hl=4 l= 431 cons: cont [ 0 ] + 293:d=2 hl=4 l= 427 cons: SEQUENCE + 297:d=3 hl=4 l= 423 cons: SEQUENCE + 301:d=4 hl=4 l= 272 cons: SEQUENCE + 305:d=5 hl=2 l= 3 cons: cont [ 0 ] + 307:d=6 hl=2 l= 1 prim: INTEGER :02 + 310:d=5 hl=2 l= 1 prim: INTEGER :02 + 313:d=5 hl=2 l= 13 cons: SEQUENCE + 315:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 326:d=6 hl=2 l= 0 prim: NULL + 328:d=5 hl=2 l= 18 cons: SEQUENCE + 330:d=6 hl=2 l= 16 cons: SET + 332:d=7 hl=2 l= 14 cons: SEQUENCE + 334:d=8 hl=2 l= 3 prim: OBJECT :commonName + 339:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 348:d=5 hl=2 l= 30 cons: SEQUENCE + 350:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z + 365:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z + 380:d=5 hl=2 l= 33 cons: SEQUENCE + 382:d=6 hl=2 l= 31 cons: SET + 384:d=7 hl=2 l= 29 cons: SEQUENCE + 386:d=8 hl=2 l= 3 prim: OBJECT :commonName + 391:d=8 hl=2 l= 22 prim: PRINTABLESTRING :Test False OCSP Signer + 415:d=5 hl=3 l= 159 cons: SEQUENCE + 418:d=6 hl=2 l= 13 cons: SEQUENCE + 420:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption + 431:d=7 hl=2 l= 0 prim: NULL + 433:d=6 hl=3 l= 141 prim: BIT STRING + 577:d=4 hl=2 l= 13 cons: SEQUENCE + 579:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 590:d=5 hl=2 l= 0 prim: NULL + 592:d=4 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIC7goBAKCCAucwggLjBgkrBgEFBQcwAQEEggLUMIIC0DCBh6EjMCExHzAdBgNVBAMTFlRlc3Q +gRmFsc2UgT0NTUCBTaWduZXIYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912i +Teit0VD6tonczm5mNtCQEEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0M +DAyWjANBgkqhkiG9w0BAQUFAAOBgQBUbTwYMCKST8shnSN4BIA6rdPZn+kUZF2hEWLqY7A0Ru1H +OaAd4idxtPIfb7nzydt3gXuaI1lgjT5F9Choe99e20X2+xkZpnnzoN5OKeUhiK08I8azqGHsxfC +hWlrAASXdA7iwld5dGbw+RlNHB4nrAuknAUdTHFGdiP7x7TBhNaCCAa8wggGrMIIBpzCCARCgAw +IBAgIBAjANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE2MDMwNDIxNDAwM +loXDTI2MDMwMjIxNDAwMlowITEfMB0GA1UEAxMWVGVzdCBGYWxzZSBPQ1NQIFNpZ25lcjCBnzAN +BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApn44UGWdpvHcClqexVMmT8yIGg8DjLaZzDMT4YktTYs +Df011huQhUoNNOHbVR+zveTORiw+J+Xe2fvz10E35Fp8hrdc2BUXPywcIwGMBAqw4Xfn065B0it +sUg8AYm4yPTL0/TPXFKj4LF5TbGdOlYD/hQgzehtvsPLEfCPLy6IsCAwEAATANBgkqhkiG9w0BA +QUFAAOBgQCU24MnAyNiaNesmlQRj9sZSBERuSddMWKsLlXBMs4k3iVJBq92wxOcj3YCk84dFttM +nj5hEKVnVxzHDTSGjOWLvzJtj7y8CjQ2CS1xkB1c1xrnsYXjQLqWSSIwUFIxC926BsTMIU7zOs/ +mjO7GAm4CJhP9MYGPwv3Yy4g66I+HUA== +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_direct.pem b/net/data/parse_ocsp_unittest/ocsp_sign_direct.pem new file mode 100644 index 0000000..23b245b --- /dev/null +++ b/net/data/parse_ocsp_unittest/ocsp_sign_direct.pem @@ -0,0 +1,123 @@ +Signed directly by the issuer +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 299 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 292 cons: cont [ 0 ] + 11:d=2 hl=4 l= 288 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 273 prim: OCTET STRING + 0:d=0 hl=4 l= 269 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 0 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg +xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK +/bUfjrcMZcpbblnbPReAfYUsUaiCE +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem b/net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem new file mode 100644 index 0000000..3c3cbe1 --- /dev/null +++ b/net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem @@ -0,0 +1,168 @@ +Signed indirectly through an intermediate +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 763 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 756 cons: cont [ 0 ] + 11:d=2 hl=4 l= 752 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 737 prim: OCTET STRING + 0:d=0 hl=4 l= 733 cons: SEQUENCE + 4:d=1 hl=3 l= 129 cons: SEQUENCE + 7:d=2 hl=2 l= 29 cons: cont [ 1 ] + 9:d=3 hl=2 l= 27 cons: SEQUENCE + 11:d=4 hl=2 l= 25 cons: SET + 13:d=5 hl=2 l= 23 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer + 38:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 55:d=2 hl=2 l= 79 cons: SEQUENCE + 57:d=3 hl=2 l= 77 cons: SEQUENCE + 59:d=4 hl=2 l= 56 cons: SEQUENCE + 61:d=5 hl=2 l= 7 cons: SEQUENCE + 63:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 70:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 92:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 114:d=5 hl=2 l= 1 prim: INTEGER :03 + 117:d=4 hl=2 l= 0 prim: cont [ 0 ] + 119:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 136:d=1 hl=2 l= 13 cons: SEQUENCE + 138:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 149:d=2 hl=2 l= 0 prim: NULL + 151:d=1 hl=3 l= 129 prim: BIT STRING + 283:d=1 hl=4 l= 450 cons: cont [ 0 ] + 287:d=2 hl=4 l= 446 cons: SEQUENCE + 291:d=3 hl=4 l= 442 cons: SEQUENCE + 295:d=4 hl=4 l= 291 cons: SEQUENCE + 299:d=5 hl=2 l= 3 cons: cont [ 0 ] + 301:d=6 hl=2 l= 1 prim: INTEGER :02 + 304:d=5 hl=2 l= 1 prim: INTEGER :01 + 307:d=5 hl=2 l= 13 cons: SEQUENCE + 309:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 320:d=6 hl=2 l= 0 prim: NULL + 322:d=5 hl=2 l= 18 cons: SEQUENCE + 324:d=6 hl=2 l= 16 cons: SET + 326:d=7 hl=2 l= 14 cons: SEQUENCE + 328:d=8 hl=2 l= 3 prim: OBJECT :commonName + 333:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 342:d=5 hl=2 l= 30 cons: SEQUENCE + 344:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z + 359:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z + 374:d=5 hl=2 l= 27 cons: SEQUENCE + 376:d=6 hl=2 l= 25 cons: SET + 378:d=7 hl=2 l= 23 cons: SEQUENCE + 380:d=8 hl=2 l= 3 prim: OBJECT :commonName + 385:d=8 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer + 403:d=5 hl=3 l= 159 cons: SEQUENCE + 406:d=6 hl=2 l= 13 cons: SEQUENCE + 408:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption + 419:d=7 hl=2 l= 0 prim: NULL + 421:d=6 hl=3 l= 141 prim: BIT STRING + 565:d=5 hl=2 l= 23 cons: cont [ 3 ] + 567:d=6 hl=2 l= 21 cons: SEQUENCE + 569:d=7 hl=2 l= 19 cons: SEQUENCE + 571:d=8 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage + 576:d=8 hl=2 l= 12 prim: OCTET STRING [HEX DUMP]:300A06082B06010505070309 + 590:d=4 hl=2 l= 13 cons: SEQUENCE + 592:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 603:d=5 hl=2 l= 0 prim: NULL + 605:d=4 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIC+woBAKCCAvQwggLwBgkrBgEFBQcwAQEEggLhMIIC3TCBgaEdMBsxGTAXBgNVBAMTEFRlc3Q +gT0NTUCBTaWduZXIYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6 +tonczm5mNtCQEEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWjANB +gkqhkiG9w0BAQUFAAOBgQClgWYlzN9DKHjCisGXYGbagKQmGo2zPi8/pK5zE9YPzDTx0mFP2w6T +ZgrdtYW+e66U6WgtbYbUL1USBAugHy2mbXjeZroHiKRHxBdb17M2ADhqS/tyue4IyuPEGuyhUXt +qvPxIiyXFCNnP4HU0uxcnQK9PMNWQnFlk5aA1ixoQjaCCAcIwggG+MIIBujCCASOgAwIBAgIBAT +ANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE2MDMwNDIxNDAwMloXDTI2M +DMwMjIxNDAwMlowGzEZMBcGA1UEAxMQVGVzdCBPQ1NQIFNpZ25lcjCBnzANBgkqhkiG9w0BAQEF +AAOBjQAwgYkCgYEAr33RA+84nexEDSI0KGSwbWlLiaACkAiVbJQwXoWDqTSKrD1ub376zek9M+5 +WETYka2V0ZwnW9IbJiEpmnn4rKvTdItkHYv7vYK5+9KBi4s8w4aYRECYDdTKc6+0I6ZY/jAXY1Z +xz/rAmfFVvV7roAD2QvVM3f7hUC2uIqQPjXJECAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYBBQUHA +wkwDQYJKoZIhvcNAQEFBQADgYEAvIZNLVTEHpgj0gKN9x1LvTJJUVSJovny2zI/YBt1HluMNjgM +mTKUearYNJVBlqWKB0xytByOQVgkkPQjJYSTVFguc6ObfKG005OlhNXa2ZDffSn+gmo8NtdOQyD +bz0ydaENNCxpSxr4QXNdOGMiwxN3FSjE1V7v0XdGGsAgrSRw= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem b/net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem new file mode 100644 index 0000000..5286b55 --- /dev/null +++ b/net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem @@ -0,0 +1,123 @@ +Signed indirectly through a missing intermediate +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 309 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 302 cons: cont [ 0 ] + 11:d=2 hl=4 l= 298 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 283 prim: OCTET STRING + 0:d=0 hl=4 l= 279 cons: SEQUENCE + 4:d=1 hl=3 l= 129 cons: SEQUENCE + 7:d=2 hl=2 l= 29 cons: cont [ 1 ] + 9:d=3 hl=2 l= 27 cons: SEQUENCE + 11:d=4 hl=2 l= 25 cons: SET + 13:d=5 hl=2 l= 23 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer + 38:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 55:d=2 hl=2 l= 79 cons: SEQUENCE + 57:d=3 hl=2 l= 77 cons: SEQUENCE + 59:d=4 hl=2 l= 56 cons: SEQUENCE + 61:d=5 hl=2 l= 7 cons: SEQUENCE + 63:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 70:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 92:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 114:d=5 hl=2 l= 1 prim: INTEGER :03 + 117:d=4 hl=2 l= 0 prim: cont [ 0 ] + 119:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 136:d=1 hl=2 l= 13 cons: SEQUENCE + 138:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 149:d=2 hl=2 l= 0 prim: NULL + 151:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBNQoBAKCCAS4wggEqBgkrBgEFBQcwAQEEggEbMIIBFzCBgaEdMBsxGTAXBgNVBAMTEFRlc3Q +gT0NTUCBTaWduZXIYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6 +tonczm5mNtCQEEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWjANB +gkqhkiG9w0BAQUFAAOBgQClgWYlzN9DKHjCisGXYGbagKQmGo2zPi8/pK5zE9YPzDTx0mFP2w6T +ZgrdtYW+e66U6WgtbYbUL1USBAugHy2mbXjeZroHiKRHxBdb17M2ADhqS/tyue4IyuPEGuyhUXt +qvPxIiyXFCNnP4HU0uxcnQK9PMNWQnFlk5aA1ixoQjQ== +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/other_response.pem b/net/data/parse_ocsp_unittest/other_response.pem new file mode 100644 index 0000000..e151cac --- /dev/null +++ b/net/data/parse_ocsp_unittest/other_response.pem @@ -0,0 +1,135 @@ +Is a response for a different cert +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 397 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 390 cons: cont [ 0 ] + 11:d=2 hl=4 l= 386 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 371 prim: OCTET STRING + 0:d=0 hl=4 l= 367 cons: SEQUENCE + 4:d=1 hl=3 l= 217 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=3 l= 175 cons: SEQUENCE + 49:d=3 hl=2 l= 77 cons: SEQUENCE + 51:d=4 hl=2 l= 56 cons: SEQUENCE + 53:d=5 hl=2 l= 7 cons: SEQUENCE + 55:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 62:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:99D6B1D2B9004AD4235ABC2407F6A911CF4744F5 + 84:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:47901C53047CFFA389F6D500D49AA1D45500EB94 + 106:d=5 hl=2 l= 1 prim: INTEGER :04 + 109:d=4 hl=2 l= 0 prim: cont [ 0 ] + 111:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 128:d=3 hl=2 l= 94 cons: SEQUENCE + 130:d=4 hl=2 l= 56 cons: SEQUENCE + 132:d=5 hl=2 l= 7 cons: SEQUENCE + 134:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 141:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:99D6B1D2B9004AD4235ABC2407F6A911CF4744F5 + 163:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:47901C53047CFFA389F6D500D49AA1D45500EB94 + 185:d=5 hl=2 l= 1 prim: INTEGER :04 + 188:d=4 hl=2 l= 17 cons: cont [ 1 ] + 190:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 207:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 224:d=1 hl=2 l= 13 cons: SEQUENCE + 226:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 237:d=2 hl=2 l= 0 prim: NULL + 239:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBjQoBAKCCAYYwggGCBgkrBgEFBQcwAQEEggFzMIIBbzCB2aEUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjCBrzBNMDgwBwYFKw4DAhoEFJnWsdK5AErUI1q8JAf2qRHPR0 +T1BBRHkBxTBHz/o4n21QDUmqHUVQDrlAIBBIAAGA8yMDE2MDMwNDE2NDAwMlowXjA4MAcGBSsOA +wIaBBSZ1rHSuQBK1CNavCQH9qkRz0dE9QQUR5AcUwR8/6OJ9tUA1Jqh1FUA65QCAQShERgPMjAx +NjAzMDQxNjQwMDJaGA8yMDE2MDMwNDE2NDAwMlowDQYJKoZIhvcNAQEFBQADgYEAYr+5Vsn/I0Z +bEqIJbRm1hkZE8MFTkxvz+CArS+1FaBnGt+FUTiv8o6XDKDSgZmvAfPpgy5PSoK7cJ5H8Rp09BK +SLGCeCWF/Kmv2EWGV8RspRFP5CmNYmbjayU0OOSUyNTQFHmmB90/2t1i7wwcLl7tbW4EuFdpBZ5 +hZSLXpsS6U= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/responder_id.pem b/net/data/parse_ocsp_unittest/responder_id.pem new file mode 100644 index 0000000..13fed4f --- /dev/null +++ b/net/data/parse_ocsp_unittest/responder_id.pem @@ -0,0 +1,119 @@ +Uses byKey to identify the signer +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 301 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 294 cons: cont [ 0 ] + 11:d=2 hl=4 l= 290 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 275 prim: OCTET STRING + 0:d=0 hl=4 l= 271 cons: SEQUENCE + 4:d=1 hl=2 l= 122 cons: SEQUENCE + 6:d=2 hl=2 l= 22 cons: cont [ 2 ] + 8:d=3 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 30:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 47:d=2 hl=2 l= 79 cons: SEQUENCE + 49:d=3 hl=2 l= 77 cons: SEQUENCE + 51:d=4 hl=2 l= 56 cons: SEQUENCE + 53:d=5 hl=2 l= 7 cons: SEQUENCE + 55:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 62:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 84:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 106:d=5 hl=2 l= 1 prim: INTEGER :03 + 109:d=4 hl=2 l= 0 prim: cont [ 0 ] + 111:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 128:d=1 hl=2 l= 13 cons: SEQUENCE + 130:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 141:d=2 hl=2 l= 0 prim: NULL + 143:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBLQoBAKCCASYwggEiBgkrBgEFBQcwAQEEggETMIIBDzB6ohYEFHc1rLTf57ncglk4G37t8Ig +rlzU0GA8yMDE2MDMwNDE2NDAwMlowTzBNMDgwBwYFKw4DAhoEFAL/ddok3ordFQ+raJ3M5uZjbQ +kBBBR3Nay03+e53IJZOBt+7fCIK5c1NAIBA4AAGA8yMDE2MDMwNDE2NDAwMlowDQYJKoZIhvcNA +QEFBQADgYEAlBfILkufybGfg0K/0dK5o+xVYsra4kyHHfeGe2+X7Ie/QL88dafZRqycraUmO+Yv +uqKgLMOUsMJCaWo/leyiAUVFcDa8NzcEWUiqPFtPzq4YSfnHoUIyzHliJMx1//Q9f6HtMAUqBk8 +FaET1SGuZB46eW0cck0ZgeNFT3rOmOno= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/responder_name.pem b/net/data/parse_ocsp_unittest/responder_name.pem new file mode 100644 index 0000000..45293ad --- /dev/null +++ b/net/data/parse_ocsp_unittest/responder_name.pem @@ -0,0 +1,123 @@ +Uses byName to identify the signer +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 299 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 292 cons: cont [ 0 ] + 11:d=2 hl=4 l= 288 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 273 prim: OCTET STRING + 0:d=0 hl=4 l= 269 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 0 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg +xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK +/bUfjrcMZcpbblnbPReAfYUsUaiCE +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/revoke_response.pem b/net/data/parse_ocsp_unittest/revoke_response.pem new file mode 100644 index 0000000..dfeb6b1 --- /dev/null +++ b/net/data/parse_ocsp_unittest/revoke_response.pem @@ -0,0 +1,124 @@ +Is a REVOKE response for the cert +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 317 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 310 cons: cont [ 0 ] + 11:d=2 hl=4 l= 306 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 291 prim: OCTET STRING + 0:d=0 hl=4 l= 287 cons: SEQUENCE + 4:d=1 hl=3 l= 137 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=2 l= 96 cons: SEQUENCE + 48:d=3 hl=2 l= 94 cons: SEQUENCE + 50:d=4 hl=2 l= 56 cons: SEQUENCE + 52:d=5 hl=2 l= 7 cons: SEQUENCE + 54:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 105:d=5 hl=2 l= 1 prim: INTEGER :03 + 108:d=4 hl=2 l= 17 cons: cont [ 1 ] + 110:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 127:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 144:d=1 hl=2 l= 13 cons: SEQUENCE + 146:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 157:d=2 hl=2 l= 0 prim: NULL + 159:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBPQoBAKCCATYwggEyBgkrBgEFBQcwAQEEggEjMIIBHzCBiaEUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjBgMF4wODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ +EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDoREYDzIwMTYwMzA0MTY0MDAyWhgPMjAxNjAzMDQxN +jQwMDJaMA0GCSqGSIb3DQEBBQUAA4GBAA1dkQpeYy4+X5lBJfNwWY7W9AKtDHgLzI4kxhGmPfsF +EGVlnyrHpTHP04csXfnW4oF/xK5wpN+3jMDNxoShEZR/OBcfGw0XDZm8ttSOAjHeloPpnO3ozTq +Zvw+sMIEpWuygFcYMHJ7CnJycYS01A+is5GqCBuRyvXCxv5bVrEu4 +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/revoke_response_reason.pem b/net/data/parse_ocsp_unittest/revoke_response_reason.pem new file mode 100644 index 0000000..0abcecf --- /dev/null +++ b/net/data/parse_ocsp_unittest/revoke_response_reason.pem @@ -0,0 +1,126 @@ +Is a REVOKE response for the cert with a reason +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 322 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 315 cons: cont [ 0 ] + 11:d=2 hl=4 l= 311 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 296 prim: OCTET STRING + 0:d=0 hl=4 l= 292 cons: SEQUENCE + 4:d=1 hl=3 l= 142 cons: SEQUENCE + 7:d=2 hl=2 l= 20 cons: cont [ 1 ] + 9:d=3 hl=2 l= 18 cons: SEQUENCE + 11:d=4 hl=2 l= 16 cons: SET + 13:d=5 hl=2 l= 14 cons: SEQUENCE + 15:d=6 hl=2 l= 3 prim: OBJECT :commonName + 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 46:d=2 hl=2 l= 101 cons: SEQUENCE + 48:d=3 hl=2 l= 99 cons: SEQUENCE + 50:d=4 hl=2 l= 56 cons: SEQUENCE + 52:d=5 hl=2 l= 7 cons: SEQUENCE + 54:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 105:d=5 hl=2 l= 1 prim: INTEGER :03 + 108:d=4 hl=2 l= 22 cons: cont [ 1 ] + 110:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 127:d=5 hl=2 l= 3 cons: cont [ 0 ] + 129:d=6 hl=2 l= 1 prim: ENUMERATED :01 + 132:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 149:d=1 hl=2 l= 13 cons: SEQUENCE + 151:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 162:d=2 hl=2 l= 0 prim: NULL + 164:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBQgoBAKCCATswggE3BgkrBgEFBQcwAQEEggEoMIIBJDCBjqEUMBIxEDAOBgNVBAMTB1Rlc3Q +gQ0EYDzIwMTYwMzA0MTY0MDAyWjBlMGMwODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ +EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDoRYYDzIwMTYwMzA0MTY0MDAyWqADCgEBGA8yMDE2M +DMwNDE2NDAwMlowDQYJKoZIhvcNAQEFBQADgYEAdJ2fItNUjBLpAUqtph3z6OGWnlilggMBSayg +rAWg/BgxKgxoBv/WXMKgjWKJw2/+gdqXsiXxQiunSvCKK4t7ghhTvelofc5R1KUO3zPU95tsMPX +r1PXdp0BSkt+03qWhiB3xyIboZJp1esjcnGnBC3lQD39V7n28AXW+17n73/Q= +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- diff --git a/net/data/parse_ocsp_unittest/unknown_response.pem b/net/data/parse_ocsp_unittest/unknown_response.pem new file mode 100644 index 0000000..f19d37a --- /dev/null +++ b/net/data/parse_ocsp_unittest/unknown_response.pem @@ -0,0 +1,123 @@ +Is an UNKNOWN response for the cert +$ openssl asn1parse -i < [OCSP RESPONSE] + 0:d=0 hl=4 l= 299 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: ENUMERATED :00 + 7:d=1 hl=4 l= 292 cons: cont [ 0 ] + 11:d=2 hl=4 l= 288 cons: SEQUENCE + 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response + 26:d=3 hl=4 l= 273 prim: OCTET STRING + 0:d=0 hl=4 l= 269 cons: SEQUENCE + 4:d=1 hl=2 l= 120 cons: SEQUENCE + 6:d=2 hl=2 l= 20 cons: cont [ 1 ] + 8:d=3 hl=2 l= 18 cons: SEQUENCE + 10:d=4 hl=2 l= 16 cons: SET + 12:d=5 hl=2 l= 14 cons: SEQUENCE + 14:d=6 hl=2 l= 3 prim: OBJECT :commonName + 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 45:d=2 hl=2 l= 79 cons: SEQUENCE + 47:d=3 hl=2 l= 77 cons: SEQUENCE + 49:d=4 hl=2 l= 56 cons: SEQUENCE + 51:d=5 hl=2 l= 7 cons: SEQUENCE + 53:d=6 hl=2 l= 5 prim: OBJECT :sha1 + 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901 + 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534 + 104:d=5 hl=2 l= 1 prim: INTEGER :03 + 107:d=4 hl=2 l= 0 prim: cont [ 2 ] + 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z + 126:d=1 hl=2 l= 13 cons: SEQUENCE + 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 139:d=2 hl=2 l= 0 prim: NULL + 141:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN OCSP RESPONSE----- +MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB +DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ +QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOCABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB +QUAA4GBADKSl26nGkptHNremzcuCoEVLVCrOT7EjBpbCktlga4QNAuMaOCwWccIa+yfxCQ1O04M +jx0vbOWqTSZG/dRCgJYzGV007KNKxEOuQALdwtjrjNg89VZ+VaDp/zJEGO5LqOUdawiwbVxjQK1 +hcwGkVxiFuibzzZKeQf2/xf3jaMWy +-----END OCSP RESPONSE----- + +$ openssl asn1parse -i < [CA CERTIFICATE] + 0:d=0 hl=4 l= 408 cons: SEQUENCE + 4:d=1 hl=4 l= 257 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :00 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 18 cons: SEQUENCE + 85:d=3 hl=2 l= 16 cons: SET + 87:d=4 hl=2 l= 14 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 103:d=2 hl=3 l= 159 cons: SEQUENCE + 106:d=3 hl=2 l= 13 cons: SEQUENCE + 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 119:d=4 hl=2 l= 0 prim: NULL + 121:d=3 hl=3 l= 141 prim: BIT STRING + 265:d=1 hl=2 l= 13 cons: SEQUENCE + 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 278:d=2 hl=2 l= 0 prim: NULL + 280:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CA CERTIFICATE----- +MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk +iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC +RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU +7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO +BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM +RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO +cgZFERfCNWbcx2a3WYVJCGoUw== +-----END CA CERTIFICATE----- + +$ openssl asn1parse -i < [CERTIFICATE] + 0:d=0 hl=4 l= 410 cons: SEQUENCE + 4:d=1 hl=4 l= 259 cons: SEQUENCE + 8:d=2 hl=2 l= 3 cons: cont [ 0 ] + 10:d=3 hl=2 l= 1 prim: INTEGER :02 + 13:d=2 hl=2 l= 1 prim: INTEGER :03 + 16:d=2 hl=2 l= 13 cons: SEQUENCE + 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 29:d=3 hl=2 l= 0 prim: NULL + 31:d=2 hl=2 l= 18 cons: SEQUENCE + 33:d=3 hl=2 l= 16 cons: SET + 35:d=4 hl=2 l= 14 cons: SEQUENCE + 37:d=5 hl=2 l= 3 prim: OBJECT :commonName + 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA + 51:d=2 hl=2 l= 30 cons: SEQUENCE + 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z + 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z + 83:d=2 hl=2 l= 20 cons: SEQUENCE + 85:d=3 hl=2 l= 18 cons: SET + 87:d=4 hl=2 l= 16 cons: SEQUENCE + 89:d=5 hl=2 l= 3 prim: OBJECT :commonName + 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert + 105:d=2 hl=3 l= 159 cons: SEQUENCE + 108:d=3 hl=2 l= 13 cons: SEQUENCE + 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption + 121:d=4 hl=2 l= 0 prim: NULL + 123:d=3 hl=3 l= 141 prim: BIT STRING + 267:d=1 hl=2 l= 13 cons: SEQUENCE + 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption + 280:d=2 hl=2 l= 0 prim: NULL + 282:d=1 hl=3 l= 129 prim: BIT STRING +-----BEGIN CERTIFICATE----- +MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE +2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS +qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI +ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d +jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU +AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl +3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V +42JEeS36VZs/yhLupvaLx9PcRwM +-----END CERTIFICATE----- |