summaryrefslogtreecommitdiffstats
path: root/net/data
diff options
context:
space:
mode:
Diffstat (limited to 'net/data')
-rwxr-xr-xnet/data/parse_ocsp_unittest/annotate_test_data.py173
-rw-r--r--net/data/parse_ocsp_unittest/bad_ocsp_type.pem123
-rw-r--r--net/data/parse_ocsp_unittest/bad_signature.pem121
-rw-r--r--net/data/parse_ocsp_unittest/bad_status.pem91
-rw-r--r--net/data/parse_ocsp_unittest/good_response.pem123
-rw-r--r--net/data/parse_ocsp_unittest/good_response_next_update.pem125
-rw-r--r--net/data/parse_ocsp_unittest/has_extension.pem124
-rw-r--r--net/data/parse_ocsp_unittest/has_single_extension.pem124
-rw-r--r--net/data/parse_ocsp_unittest/has_version.pem123
-rw-r--r--net/data/parse_ocsp_unittest/malformed_status.pem91
-rw-r--r--net/data/parse_ocsp_unittest/missing_response.pem112
-rw-r--r--net/data/parse_ocsp_unittest/multiple_response.pem133
-rw-r--r--net/data/parse_ocsp_unittest/no_response.pem112
-rw-r--r--net/data/parse_ocsp_unittest/ocsp_extra_certs.pem205
-rw-r--r--net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem163
-rw-r--r--net/data/parse_ocsp_unittest/ocsp_sign_direct.pem123
-rw-r--r--net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem168
-rw-r--r--net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem123
-rw-r--r--net/data/parse_ocsp_unittest/other_response.pem135
-rw-r--r--net/data/parse_ocsp_unittest/responder_id.pem119
-rw-r--r--net/data/parse_ocsp_unittest/responder_name.pem123
-rw-r--r--net/data/parse_ocsp_unittest/revoke_response.pem124
-rw-r--r--net/data/parse_ocsp_unittest/revoke_response_reason.pem126
-rw-r--r--net/data/parse_ocsp_unittest/unknown_response.pem123
24 files changed, 3107 insertions, 0 deletions
diff --git a/net/data/parse_ocsp_unittest/annotate_test_data.py b/net/data/parse_ocsp_unittest/annotate_test_data.py
new file mode 100755
index 0000000..256a0a2
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/annotate_test_data.py
@@ -0,0 +1,173 @@
+#!/usr/bin/python
+# Copyright (c) 2016 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+# TODO(svaldez): Deduplicate various annotate_test_data.
+
+"""This script is called without any arguments to re-format all of the *.pem
+files in the script's parent directory.
+
+The main formatting change is to run "openssl asn1parse" for each of the PEM
+block sections, and add that output to the comment. It also runs the command
+on the OCTET STRING representing BasicOCSPResponse.
+
+"""
+
+import glob
+import os
+import re
+import base64
+import subprocess
+
+
+def Transform(file_data):
+ """Returns a transformed (formatted) version of file_data"""
+
+ result = ''
+
+ for block in GetPemBlocks(file_data):
+ if len(result) != 0:
+ result += '\n'
+
+ # If there was a user comment (non-script-generated comment) associated
+ # with the block, output it immediately before the block.
+ user_comment = GetUserComment(block.comment)
+ if user_comment:
+ result += user_comment + '\n'
+
+ generated_comment = GenerateCommentForBlock(block.name, block.data)
+ result += generated_comment + '\n'
+
+
+ result += MakePemBlockString(block.name, block.data)
+
+ return result
+
+
+def GenerateCommentForBlock(block_name, block_data):
+ """Returns a string describing the ASN.1 structure of block_data"""
+
+ p = subprocess.Popen(['openssl', 'asn1parse', '-i', '-inform', 'DER'],
+ stdout=subprocess.PIPE, stdin=subprocess.PIPE,
+ stderr=subprocess.PIPE)
+ stdout_data, stderr_data = p.communicate(input=block_data)
+ generated_comment = '$ openssl asn1parse -i < [%s]\n%s' % (block_name,
+ stdout_data)
+
+ # The OCTET STRING encoded BasicOCSPResponse is also parsed out using
+ #'openssl asn1parse'.
+ if block_name == 'OCSP RESPONSE':
+ if '[HEX DUMP]:' in generated_comment:
+ (generated_comment, response) = generated_comment.split('[HEX DUMP]:', 1)
+ response = response.replace('\n', '')
+ if len(response) % 2 != 0:
+ response = '0' + response
+ response = GenerateCommentForBlock('INNER', response.decode('hex'))
+ response = response.split('\n', 1)[1]
+ response = response.replace(': ', ': ')
+ generated_comment += '\n%s' % (response)
+ return generated_comment.strip('\n')
+
+
+
+def GetUserComment(comment):
+ """Removes any script-generated lines (everything after the $ openssl line)"""
+
+ # Consider everything after "$ openssl" to be a generated comment.
+ comment = comment.split('$ openssl asn1parse -i', 1)[0]
+ if IsEntirelyWhiteSpace(comment):
+ comment = ''
+ return comment
+
+
+def MakePemBlockString(name, data):
+ return ('-----BEGIN %s-----\n'
+ '%s'
+ '-----END %s-----\n') % (name, EncodeDataForPem(data), name)
+
+
+def GetPemFilePaths():
+ """Returns an iterable for all the paths to the PEM test files"""
+
+ base_dir = os.path.dirname(os.path.realpath(__file__))
+ return glob.iglob(os.path.join(base_dir, '*.pem'))
+
+
+def ReadFileToString(path):
+ with open(path, 'r') as f:
+ return f.read()
+
+
+def WrapTextToLineWidth(text, column_width):
+ result = ''
+ pos = 0
+ while pos < len(text):
+ result += text[pos : pos + column_width] + '\n'
+ pos += column_width
+ return result
+
+
+def EncodeDataForPem(data):
+ result = base64.b64encode(data)
+ return WrapTextToLineWidth(result, 75)
+
+
+class PemBlock(object):
+ def __init__(self):
+ self.name = None
+ self.data = None
+ self.comment = None
+
+
+def StripAllWhitespace(text):
+ pattern = re.compile(r'\s+')
+ return re.sub(pattern, '', text)
+
+
+def IsEntirelyWhiteSpace(text):
+ return len(StripAllWhitespace(text)) == 0
+
+
+def DecodePemBlockData(text):
+ text = StripAllWhitespace(text)
+ return base64.b64decode(text)
+
+
+def GetPemBlocks(data):
+ """Returns an iterable of PemBlock"""
+
+ comment_start = 0
+
+ regex = re.compile(r'-----BEGIN ([\w ]+)-----(.*?)-----END \1-----',
+ re.DOTALL)
+
+ for match in regex.finditer(data):
+ block = PemBlock()
+
+ block.name = match.group(1)
+ block.data = DecodePemBlockData(match.group(2))
+
+ # Keep track of any non-PEM text above blocks
+ block.comment = data[comment_start : match.start()].strip()
+ comment_start = match.end()
+
+ yield block
+
+
+def WriteStringToFile(data, path):
+ with open(path, "w") as f:
+ f.write(data)
+
+
+def main():
+ for path in GetPemFilePaths():
+ print "Processing %s ..." % (path)
+ original_data = ReadFileToString(path)
+ transformed_data = Transform(original_data)
+ if original_data != transformed_data:
+ WriteStringToFile(transformed_data, path)
+ print "Rewrote %s" % (path)
+
+
+if __name__ == "__main__":
+ main()
diff --git a/net/data/parse_ocsp_unittest/bad_ocsp_type.pem b/net/data/parse_ocsp_unittest/bad_ocsp_type.pem
new file mode 100644
index 0000000..3441d9e
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/bad_ocsp_type.pem
@@ -0,0 +1,123 @@
+Has an invalid OCSP OID
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 299 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 292 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 288 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :OCSP Nonce
+ 26:d=3 hl=4 l= 273 prim: OCTET STRING
+ 0:d=0 hl=4 l= 269 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQIEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg
+xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK
+/bUfjrcMZcpbblnbPReAfYUsUaiCE
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/bad_signature.pem b/net/data/parse_ocsp_unittest/bad_signature.pem
new file mode 100644
index 0000000..f128604
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/bad_signature.pem
@@ -0,0 +1,121 @@
+Has an invalid signature
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=3 l= 170 cons: SEQUENCE
+ 3:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 6:d=1 hl=3 l= 164 cons: cont [ 0 ]
+ 9:d=2 hl=3 l= 161 cons: SEQUENCE
+ 12:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 23:d=3 hl=3 l= 147 prim: OCTET STRING
+ 0:d=0 hl=3 l= 144 cons: SEQUENCE
+ 3:d=1 hl=2 l= 120 cons: SEQUENCE
+ 5:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 7:d=3 hl=2 l= 18 cons: SEQUENCE
+ 9:d=4 hl=2 l= 16 cons: SET
+ 11:d=5 hl=2 l= 14 cons: SEQUENCE
+ 13:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 18:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 27:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 44:d=2 hl=2 l= 79 cons: SEQUENCE
+ 46:d=3 hl=2 l= 77 cons: SEQUENCE
+ 48:d=4 hl=2 l= 56 cons: SEQUENCE
+ 50:d=5 hl=2 l= 7 cons: SEQUENCE
+ 52:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 59:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 81:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 103:d=5 hl=2 l= 1 prim: INTEGER :03
+ 106:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 108:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 125:d=1 hl=2 l= 13 cons: SEQUENCE
+ 127:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 138:d=2 hl=2 l= 0 prim: NULL
+ 140:d=1 hl=2 l= 5 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIGqCgEAoIGkMIGhBgkrBgEFBQcwAQEEgZMwgZAweKEUMBIxEDAOBgNVBAMTB1Rlc3QgQ0EYDzI
+wMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQEEFHc1rL
+Tf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWjANBgkqhkiG9w0BAQUFAAMFA
+N6tvu8=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/bad_status.pem b/net/data/parse_ocsp_unittest/bad_status.pem
new file mode 100644
index 0000000..db7c66c
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/bad_status.pem
@@ -0,0 +1,91 @@
+Has an invalid status larger than the defined Status enumeration
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=2 l= 3 cons: SEQUENCE
+ 2:d=1 hl=2 l= 1 prim: ENUMERATED :11
+-----BEGIN OCSP RESPONSE-----
+MAMKARE=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/good_response.pem b/net/data/parse_ocsp_unittest/good_response.pem
new file mode 100644
index 0000000..f103d9a
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/good_response.pem
@@ -0,0 +1,123 @@
+Is a valid response for the cert
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 299 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 292 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 288 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 273 prim: OCTET STRING
+ 0:d=0 hl=4 l= 269 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg
+xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK
+/bUfjrcMZcpbblnbPReAfYUsUaiCE
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/good_response_next_update.pem b/net/data/parse_ocsp_unittest/good_response_next_update.pem
new file mode 100644
index 0000000..7169d7d
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/good_response_next_update.pem
@@ -0,0 +1,125 @@
+Is a valid response for the cert until nextUpdate
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 319 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 312 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 308 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 293 prim: OCTET STRING
+ 0:d=0 hl=4 l= 289 cons: SEQUENCE
+ 4:d=1 hl=3 l= 139 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=2 l= 98 cons: SEQUENCE
+ 48:d=3 hl=2 l= 96 cons: SEQUENCE
+ 50:d=4 hl=2 l= 56 cons: SEQUENCE
+ 52:d=5 hl=2 l= 7 cons: SEQUENCE
+ 54:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 105:d=5 hl=2 l= 1 prim: INTEGER :03
+ 108:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 110:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 127:d=4 hl=2 l= 17 cons: cont [ 0 ]
+ 129:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 146:d=1 hl=2 l= 13 cons: SEQUENCE
+ 148:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 159:d=2 hl=2 l= 0 prim: NULL
+ 161:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBPwoBAKCCATgwggE0BgkrBgEFBQcwAQEEggElMIIBITCBi6EUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjBiMGAwODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ
+EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWqARGA8yMDE2MDMwN
+DE2NDAwMlowDQYJKoZIhvcNAQEFBQADgYEAUaMzuLydF/skM3i+4I0fPNHhe0Ilzxidd4SW4l7s
+NhZLc5kngs2sP+WcPIc9UCHYeB5rGgL8ochmQj8EIO+Z+rlss3L5CLlyYXw2cv3i7Bcb9MJResS
+az0cM1VDLiDP2zxS+sPtPtWt5q2PQh91ATJjLH+rl94IJLrfqGJ8m5Vc=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/has_extension.pem b/net/data/parse_ocsp_unittest/has_extension.pem
new file mode 100644
index 0000000..5fcd285
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/has_extension.pem
@@ -0,0 +1,124 @@
+Includes an x509v3 extension
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 319 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 312 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 308 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 293 prim: OCTET STRING
+ 0:d=0 hl=4 l= 289 cons: SEQUENCE
+ 4:d=1 hl=3 l= 139 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=2 l= 79 cons: SEQUENCE
+ 48:d=3 hl=2 l= 77 cons: SEQUENCE
+ 50:d=4 hl=2 l= 56 cons: SEQUENCE
+ 52:d=5 hl=2 l= 7 cons: SEQUENCE
+ 54:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 105:d=5 hl=2 l= 1 prim: INTEGER :03
+ 108:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 110:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 127:d=2 hl=2 l= 17 cons: cont [ 1 ]
+ 129:d=3 hl=2 l= 15 cons: SEQUENCE
+ 131:d=4 hl=2 l= 13 cons: SEQUENCE
+ 133:d=5 hl=2 l= 3 prim: OBJECT :1.2.3.4
+Error in encoding
+-----BEGIN OCSP RESPONSE-----
+MIIBPwoBAKCCATgwggE0BgkrBgEFBQcwAQEEggElMIIBITCBi6EUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ
+EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWqERMA8wDQYDKgMER
+EVBREJFRUYwDQYJKoZIhvcNAQEFBQADgYEAIAs38OAgwQtXMBhJwNs8EHgrIUMIKz5aZBX79OL3
+hAtpoA94hSvA/Z7iJ9R6XX+x6RAjVTODkFjQCpZb3cjgUQvJgQDr4ct34KdY0uDYNlEKGfrecaG
+z5TEAu92I16UVjj69lBbBuU7IxJQPKjU2ZoR0nqh9VyDgAyOvVcCz608=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/has_single_extension.pem b/net/data/parse_ocsp_unittest/has_single_extension.pem
new file mode 100644
index 0000000..385ee05
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/has_single_extension.pem
@@ -0,0 +1,124 @@
+Has an extension in the SingleResponse
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 319 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 312 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 308 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 293 prim: OCTET STRING
+ 0:d=0 hl=4 l= 289 cons: SEQUENCE
+ 4:d=1 hl=3 l= 139 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=2 l= 98 cons: SEQUENCE
+ 48:d=3 hl=2 l= 96 cons: SEQUENCE
+ 50:d=4 hl=2 l= 56 cons: SEQUENCE
+ 52:d=5 hl=2 l= 7 cons: SEQUENCE
+ 54:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 105:d=5 hl=2 l= 1 prim: INTEGER :03
+ 108:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 110:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 127:d=4 hl=2 l= 17 cons: cont [ 1 ]
+ 129:d=5 hl=2 l= 15 cons: SEQUENCE
+ 131:d=6 hl=2 l= 13 cons: SEQUENCE
+ 133:d=7 hl=2 l= 3 prim: OBJECT :1.2.3.4
+Error in encoding
+-----BEGIN OCSP RESPONSE-----
+MIIBPwoBAKCCATgwggE0BgkrBgEFBQcwAQEEggElMIIBITCBi6EUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjBiMGAwODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ
+EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWqERMA8wDQYDKgMER
+EVBREJFRUYwDQYJKoZIhvcNAQEFBQADgYEAbcAvOhDvLP8Wuine9UmLz2+gIkxLEdPLdexxb844
+9xAX+JuofgeDI4m7+Z3KYH+4Pl0c5d8hcoCNT0gievvtpyb533yOb3ROEEaSSasECEXFi4ZRIiz
+nHUH5pWBtqw0lA/BoVj66Lb0dG5AiuIyrZom3SylNh9A0pHAZIyIDe0M=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/has_version.pem b/net/data/parse_ocsp_unittest/has_version.pem
new file mode 100644
index 0000000..766d76d4
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/has_version.pem
@@ -0,0 +1,123 @@
+Includes a default version V1
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 299 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 292 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 288 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 273 prim: OCTET STRING
+ 0:d=0 hl=4 l= 269 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg
+xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK
+/bUfjrcMZcpbblnbPReAfYUsUaiCE
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/malformed_status.pem b/net/data/parse_ocsp_unittest/malformed_status.pem
new file mode 100644
index 0000000..be983d7
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/malformed_status.pem
@@ -0,0 +1,91 @@
+Has a status of MALFORMED_REQUEST
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=2 l= 3 cons: SEQUENCE
+ 2:d=1 hl=2 l= 1 prim: ENUMERATED :01
+-----BEGIN OCSP RESPONSE-----
+MAMKAQE=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/missing_response.pem b/net/data/parse_ocsp_unittest/missing_response.pem
new file mode 100644
index 0000000..a904537
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/missing_response.pem
@@ -0,0 +1,112 @@
+Missing a response for the cert
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=3 l= 216 cons: SEQUENCE
+ 3:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 6:d=1 hl=3 l= 210 cons: cont [ 0 ]
+ 9:d=2 hl=3 l= 207 cons: SEQUENCE
+ 12:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 23:d=3 hl=3 l= 193 prim: OCTET STRING
+ 0:d=0 hl=3 l= 190 cons: SEQUENCE
+ 3:d=1 hl=2 l= 41 cons: SEQUENCE
+ 5:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 7:d=3 hl=2 l= 18 cons: SEQUENCE
+ 9:d=4 hl=2 l= 16 cons: SET
+ 11:d=5 hl=2 l= 14 cons: SEQUENCE
+ 13:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 18:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 27:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 44:d=2 hl=2 l= 0 cons: SEQUENCE
+ 46:d=1 hl=2 l= 13 cons: SEQUENCE
+ 48:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 59:d=2 hl=2 l= 0 prim: NULL
+ 61:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIHYCgEAoIHSMIHPBgkrBgEFBQcwAQEEgcEwgb4wKaEUMBIxEDAOBgNVBAMTB1Rlc3QgQ0EYDzI
+wMTYwMzA0MTY0MDAyWjAAMA0GCSqGSIb3DQEBBQUAA4GBAFEVksQxQGbZHWAsFEgQHN/UVO6fdf
+nOATPc/lnJLGVzGXgYoa/Rg9bRZ9hVdz0QYLE5u8PbQKqNCWzq31ilry2NZtMbFpd/Gr3TkAcIB
+hpBYTcxK3+x1nq8ztuep36XoV+gGbTaB3f7BqeR60t4/pWzwjf8A+8+6unFC5hYE07J
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/multiple_response.pem b/net/data/parse_ocsp_unittest/multiple_response.pem
new file mode 100644
index 0000000..985bf82
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/multiple_response.pem
@@ -0,0 +1,133 @@
+Has multiple responses for the cert
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 380 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 373 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 369 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 354 prim: OCTET STRING
+ 0:d=0 hl=4 l= 350 cons: SEQUENCE
+ 4:d=1 hl=3 l= 200 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=3 l= 158 cons: SEQUENCE
+ 49:d=3 hl=2 l= 77 cons: SEQUENCE
+ 51:d=4 hl=2 l= 56 cons: SEQUENCE
+ 53:d=5 hl=2 l= 7 cons: SEQUENCE
+ 55:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 62:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 84:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 106:d=5 hl=2 l= 1 prim: INTEGER :03
+ 109:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 111:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 128:d=3 hl=2 l= 77 cons: SEQUENCE
+ 130:d=4 hl=2 l= 56 cons: SEQUENCE
+ 132:d=5 hl=2 l= 7 cons: SEQUENCE
+ 134:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 141:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 163:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 185:d=5 hl=2 l= 1 prim: INTEGER :03
+ 188:d=4 hl=2 l= 0 prim: cont [ 2 ]
+ 190:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 207:d=1 hl=2 l= 13 cons: SEQUENCE
+ 209:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 220:d=2 hl=2 l= 0 prim: NULL
+ 222:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBfAoBAKCCAXUwggFxBgkrBgEFBQcwAQEEggFiMIIBXjCByKEUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjCBnjBNMDgwBwYFKw4DAhoEFAL/ddok3ordFQ+raJ3M5uZjbQ
+kBBBR3Nay03+e53IJZOBt+7fCIK5c1NAIBA4AAGA8yMDE2MDMwNDE2NDAwMlowTTA4MAcGBSsOA
+wIaBBQC/3XaJN6K3RUPq2idzObmY20JAQQUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOCABgPMjAx
+NjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBBQUAA4GBADtJYfmQINzaAJV81Nocj2EBm0O0hXhSKd3
+Vb5EP5e2mAxywv6HzW+kde1cTfQCRLNaumm8/Mow4RpmfquWL/ZCIDYLk1flxYE2MR4Gr7QpPP0
+iiisfzJwe7LpiFSYMO7W4jxlqmPIGeHz28/KD1GT6R0fC+kXJF1dZoQyIRy9xE
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/no_response.pem b/net/data/parse_ocsp_unittest/no_response.pem
new file mode 100644
index 0000000..73b4080
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/no_response.pem
@@ -0,0 +1,112 @@
+No SingleResponses attached to the response
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=3 l= 216 cons: SEQUENCE
+ 3:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 6:d=1 hl=3 l= 210 cons: cont [ 0 ]
+ 9:d=2 hl=3 l= 207 cons: SEQUENCE
+ 12:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 23:d=3 hl=3 l= 193 prim: OCTET STRING
+ 0:d=0 hl=3 l= 190 cons: SEQUENCE
+ 3:d=1 hl=2 l= 41 cons: SEQUENCE
+ 5:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 7:d=3 hl=2 l= 18 cons: SEQUENCE
+ 9:d=4 hl=2 l= 16 cons: SET
+ 11:d=5 hl=2 l= 14 cons: SEQUENCE
+ 13:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 18:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 27:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 44:d=2 hl=2 l= 0 cons: SEQUENCE
+ 46:d=1 hl=2 l= 13 cons: SEQUENCE
+ 48:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 59:d=2 hl=2 l= 0 prim: NULL
+ 61:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIHYCgEAoIHSMIHPBgkrBgEFBQcwAQEEgcEwgb4wKaEUMBIxEDAOBgNVBAMTB1Rlc3QgQ0EYDzI
+wMTYwMzA0MTY0MDAyWjAAMA0GCSqGSIb3DQEBBQUAA4GBAFEVksQxQGbZHWAsFEgQHN/UVO6fdf
+nOATPc/lnJLGVzGXgYoa/Rg9bRZ9hVdz0QYLE5u8PbQKqNCWzq31ilry2NZtMbFpd/Gr3TkAcIB
+hpBYTcxK3+x1nq8ztuep36XoV+gGbTaB3f7BqeR60t4/pWzwjf8A+8+6unFC5hYE07J
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/ocsp_extra_certs.pem b/net/data/parse_ocsp_unittest/ocsp_extra_certs.pem
new file mode 100644
index 0000000..cfdad7b
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/ocsp_extra_certs.pem
@@ -0,0 +1,205 @@
+Includes extra certs
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l=1165 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l=1158 cons: cont [ 0 ]
+ 11:d=2 hl=4 l=1154 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l=1139 prim: OCTET STRING
+ 0:d=0 hl=4 l=1135 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+ 273:d=1 hl=4 l= 862 cons: cont [ 0 ]
+ 277:d=2 hl=4 l= 858 cons: SEQUENCE
+ 281:d=3 hl=4 l= 408 cons: SEQUENCE
+ 285:d=4 hl=4 l= 257 cons: SEQUENCE
+ 289:d=5 hl=2 l= 3 cons: cont [ 0 ]
+ 291:d=6 hl=2 l= 1 prim: INTEGER :02
+ 294:d=5 hl=2 l= 1 prim: INTEGER :00
+ 297:d=5 hl=2 l= 13 cons: SEQUENCE
+ 299:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 310:d=6 hl=2 l= 0 prim: NULL
+ 312:d=5 hl=2 l= 18 cons: SEQUENCE
+ 314:d=6 hl=2 l= 16 cons: SET
+ 316:d=7 hl=2 l= 14 cons: SEQUENCE
+ 318:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 323:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 332:d=5 hl=2 l= 30 cons: SEQUENCE
+ 334:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 349:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 364:d=5 hl=2 l= 18 cons: SEQUENCE
+ 366:d=6 hl=2 l= 16 cons: SET
+ 368:d=7 hl=2 l= 14 cons: SEQUENCE
+ 370:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 375:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 384:d=5 hl=3 l= 159 cons: SEQUENCE
+ 387:d=6 hl=2 l= 13 cons: SEQUENCE
+ 389:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 400:d=7 hl=2 l= 0 prim: NULL
+ 402:d=6 hl=3 l= 141 prim: BIT STRING
+ 546:d=4 hl=2 l= 13 cons: SEQUENCE
+ 548:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 559:d=5 hl=2 l= 0 prim: NULL
+ 561:d=4 hl=3 l= 129 prim: BIT STRING
+ 693:d=3 hl=4 l= 442 cons: SEQUENCE
+ 697:d=4 hl=4 l= 291 cons: SEQUENCE
+ 701:d=5 hl=2 l= 3 cons: cont [ 0 ]
+ 703:d=6 hl=2 l= 1 prim: INTEGER :02
+ 706:d=5 hl=2 l= 1 prim: INTEGER :01
+ 709:d=5 hl=2 l= 13 cons: SEQUENCE
+ 711:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 722:d=6 hl=2 l= 0 prim: NULL
+ 724:d=5 hl=2 l= 18 cons: SEQUENCE
+ 726:d=6 hl=2 l= 16 cons: SET
+ 728:d=7 hl=2 l= 14 cons: SEQUENCE
+ 730:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 735:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 744:d=5 hl=2 l= 30 cons: SEQUENCE
+ 746:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 761:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 776:d=5 hl=2 l= 27 cons: SEQUENCE
+ 778:d=6 hl=2 l= 25 cons: SET
+ 780:d=7 hl=2 l= 23 cons: SEQUENCE
+ 782:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 787:d=8 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer
+ 805:d=5 hl=3 l= 159 cons: SEQUENCE
+ 808:d=6 hl=2 l= 13 cons: SEQUENCE
+ 810:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 821:d=7 hl=2 l= 0 prim: NULL
+ 823:d=6 hl=3 l= 141 prim: BIT STRING
+ 967:d=5 hl=2 l= 23 cons: cont [ 3 ]
+ 969:d=6 hl=2 l= 21 cons: SEQUENCE
+ 971:d=7 hl=2 l= 19 cons: SEQUENCE
+ 973:d=8 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
+ 978:d=8 hl=2 l= 12 prim: OCTET STRING [HEX DUMP]:300A06082B06010505070309
+ 992:d=4 hl=2 l= 13 cons: SEQUENCE
+ 994:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 1005:d=5 hl=2 l= 0 prim: NULL
+ 1007:d=4 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIEjQoBAKCCBIYwggSCBgkrBgEFBQcwAQEEggRzMIIEbzB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg
+xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK
+/bUfjrcMZcpbblnbPReAfYUsUaiCEoIIDXjCCA1owggGYMIIBAaADAgECAgEAMA0GCSqGSIb3DQ
+EBBQUAMBIxEDAOBgNVBAMTB1Rlc3QgQ0EwHhcNMTYwMzA0MjE0MDAyWhcNMjYwMzAyMjE0MDAyW
+jASMRAwDgYDVQQDEwdUZXN0IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDE3whHt7Lq
+NNVTJLqSQKq3bH3+bGdHPvs/LorB2bc/2OojCqsJG6oBd8LlBzJ7JRpcoJzj1uYvtzLrhSjBOuc
+iPKqJg5fRU7q3dl0pzLb/xTa7B0vmhk+UGSkjqZTu+X7espsqQ0808u/xqnAUXXMgdSbW26d3Xn
+Y+UwBZC7quZQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJhpZ2OHHQBEaGzUOPU3pFch/RTrr2clz
+HReS4L/IvkmLXpyMjWzvpqtWMYrs49nTXXHj+A0xEuPfXDLEqx+DepB2ViRWXz0LC0D4rGCFChG
+EPxxJZjVo5BybiEzXUcTm3lXI1uF5I4FXCg5vzA5yBkURF8I1ZtzHZrdZhUkIahTMIIBujCCASO
+gAwIBAgIBATANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE2MDMwNDIxND
+AwMloXDTI2MDMwMjIxNDAwMlowGzEZMBcGA1UEAxMQVGVzdCBPQ1NQIFNpZ25lcjCBnzANBgkqh
+kiG9w0BAQEFAAOBjQAwgYkCgYEAr33RA+84nexEDSI0KGSwbWlLiaACkAiVbJQwXoWDqTSKrD1u
+b376zek9M+5WETYka2V0ZwnW9IbJiEpmnn4rKvTdItkHYv7vYK5+9KBi4s8w4aYRECYDdTKc6+0
+I6ZY/jAXY1Zxz/rAmfFVvV7roAD2QvVM3f7hUC2uIqQPjXJECAwEAAaMXMBUwEwYDVR0lBAwwCg
+YIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADgYEAvIZNLVTEHpgj0gKN9x1LvTJJUVSJovny2zI/Y
+Bt1HluMNjgMmTKUearYNJVBlqWKB0xytByOQVgkkPQjJYSTVFguc6ObfKG005OlhNXa2ZDffSn+
+gmo8NtdOQyDbz0ydaENNCxpSxr4QXNdOGMiwxN3FSjE1V7v0XdGGsAgrSRw=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem b/net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem
new file mode 100644
index 0000000..308d2c7
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/ocsp_sign_bad_indirect.pem
@@ -0,0 +1,163 @@
+Signed through an intermediate without the correct key usage
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 750 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 743 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 739 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 724 prim: OCTET STRING
+ 0:d=0 hl=4 l= 720 cons: SEQUENCE
+ 4:d=1 hl=3 l= 135 cons: SEQUENCE
+ 7:d=2 hl=2 l= 35 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 33 cons: SEQUENCE
+ 11:d=4 hl=2 l= 31 cons: SET
+ 13:d=5 hl=2 l= 29 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 22 prim: PRINTABLESTRING :Test False OCSP Signer
+ 44:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 61:d=2 hl=2 l= 79 cons: SEQUENCE
+ 63:d=3 hl=2 l= 77 cons: SEQUENCE
+ 65:d=4 hl=2 l= 56 cons: SEQUENCE
+ 67:d=5 hl=2 l= 7 cons: SEQUENCE
+ 69:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 76:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 98:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 120:d=5 hl=2 l= 1 prim: INTEGER :03
+ 123:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 125:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 142:d=1 hl=2 l= 13 cons: SEQUENCE
+ 144:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 155:d=2 hl=2 l= 0 prim: NULL
+ 157:d=1 hl=3 l= 129 prim: BIT STRING
+ 289:d=1 hl=4 l= 431 cons: cont [ 0 ]
+ 293:d=2 hl=4 l= 427 cons: SEQUENCE
+ 297:d=3 hl=4 l= 423 cons: SEQUENCE
+ 301:d=4 hl=4 l= 272 cons: SEQUENCE
+ 305:d=5 hl=2 l= 3 cons: cont [ 0 ]
+ 307:d=6 hl=2 l= 1 prim: INTEGER :02
+ 310:d=5 hl=2 l= 1 prim: INTEGER :02
+ 313:d=5 hl=2 l= 13 cons: SEQUENCE
+ 315:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 326:d=6 hl=2 l= 0 prim: NULL
+ 328:d=5 hl=2 l= 18 cons: SEQUENCE
+ 330:d=6 hl=2 l= 16 cons: SET
+ 332:d=7 hl=2 l= 14 cons: SEQUENCE
+ 334:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 339:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 348:d=5 hl=2 l= 30 cons: SEQUENCE
+ 350:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 365:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 380:d=5 hl=2 l= 33 cons: SEQUENCE
+ 382:d=6 hl=2 l= 31 cons: SET
+ 384:d=7 hl=2 l= 29 cons: SEQUENCE
+ 386:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 391:d=8 hl=2 l= 22 prim: PRINTABLESTRING :Test False OCSP Signer
+ 415:d=5 hl=3 l= 159 cons: SEQUENCE
+ 418:d=6 hl=2 l= 13 cons: SEQUENCE
+ 420:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 431:d=7 hl=2 l= 0 prim: NULL
+ 433:d=6 hl=3 l= 141 prim: BIT STRING
+ 577:d=4 hl=2 l= 13 cons: SEQUENCE
+ 579:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 590:d=5 hl=2 l= 0 prim: NULL
+ 592:d=4 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIC7goBAKCCAucwggLjBgkrBgEFBQcwAQEEggLUMIIC0DCBh6EjMCExHzAdBgNVBAMTFlRlc3Q
+gRmFsc2UgT0NTUCBTaWduZXIYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912i
+Teit0VD6tonczm5mNtCQEEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0M
+DAyWjANBgkqhkiG9w0BAQUFAAOBgQBUbTwYMCKST8shnSN4BIA6rdPZn+kUZF2hEWLqY7A0Ru1H
+OaAd4idxtPIfb7nzydt3gXuaI1lgjT5F9Choe99e20X2+xkZpnnzoN5OKeUhiK08I8azqGHsxfC
+hWlrAASXdA7iwld5dGbw+RlNHB4nrAuknAUdTHFGdiP7x7TBhNaCCAa8wggGrMIIBpzCCARCgAw
+IBAgIBAjANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE2MDMwNDIxNDAwM
+loXDTI2MDMwMjIxNDAwMlowITEfMB0GA1UEAxMWVGVzdCBGYWxzZSBPQ1NQIFNpZ25lcjCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApn44UGWdpvHcClqexVMmT8yIGg8DjLaZzDMT4YktTYs
+Df011huQhUoNNOHbVR+zveTORiw+J+Xe2fvz10E35Fp8hrdc2BUXPywcIwGMBAqw4Xfn065B0it
+sUg8AYm4yPTL0/TPXFKj4LF5TbGdOlYD/hQgzehtvsPLEfCPLy6IsCAwEAATANBgkqhkiG9w0BA
+QUFAAOBgQCU24MnAyNiaNesmlQRj9sZSBERuSddMWKsLlXBMs4k3iVJBq92wxOcj3YCk84dFttM
+nj5hEKVnVxzHDTSGjOWLvzJtj7y8CjQ2CS1xkB1c1xrnsYXjQLqWSSIwUFIxC926BsTMIU7zOs/
+mjO7GAm4CJhP9MYGPwv3Yy4g66I+HUA==
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_direct.pem b/net/data/parse_ocsp_unittest/ocsp_sign_direct.pem
new file mode 100644
index 0000000..23b245b
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/ocsp_sign_direct.pem
@@ -0,0 +1,123 @@
+Signed directly by the issuer
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 299 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 292 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 288 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 273 prim: OCTET STRING
+ 0:d=0 hl=4 l= 269 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg
+xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK
+/bUfjrcMZcpbblnbPReAfYUsUaiCE
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem b/net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem
new file mode 100644
index 0000000..3c3cbe1
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/ocsp_sign_indirect.pem
@@ -0,0 +1,168 @@
+Signed indirectly through an intermediate
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 763 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 756 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 752 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 737 prim: OCTET STRING
+ 0:d=0 hl=4 l= 733 cons: SEQUENCE
+ 4:d=1 hl=3 l= 129 cons: SEQUENCE
+ 7:d=2 hl=2 l= 29 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 27 cons: SEQUENCE
+ 11:d=4 hl=2 l= 25 cons: SET
+ 13:d=5 hl=2 l= 23 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer
+ 38:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 55:d=2 hl=2 l= 79 cons: SEQUENCE
+ 57:d=3 hl=2 l= 77 cons: SEQUENCE
+ 59:d=4 hl=2 l= 56 cons: SEQUENCE
+ 61:d=5 hl=2 l= 7 cons: SEQUENCE
+ 63:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 70:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 92:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 114:d=5 hl=2 l= 1 prim: INTEGER :03
+ 117:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 119:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 136:d=1 hl=2 l= 13 cons: SEQUENCE
+ 138:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 149:d=2 hl=2 l= 0 prim: NULL
+ 151:d=1 hl=3 l= 129 prim: BIT STRING
+ 283:d=1 hl=4 l= 450 cons: cont [ 0 ]
+ 287:d=2 hl=4 l= 446 cons: SEQUENCE
+ 291:d=3 hl=4 l= 442 cons: SEQUENCE
+ 295:d=4 hl=4 l= 291 cons: SEQUENCE
+ 299:d=5 hl=2 l= 3 cons: cont [ 0 ]
+ 301:d=6 hl=2 l= 1 prim: INTEGER :02
+ 304:d=5 hl=2 l= 1 prim: INTEGER :01
+ 307:d=5 hl=2 l= 13 cons: SEQUENCE
+ 309:d=6 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 320:d=6 hl=2 l= 0 prim: NULL
+ 322:d=5 hl=2 l= 18 cons: SEQUENCE
+ 324:d=6 hl=2 l= 16 cons: SET
+ 326:d=7 hl=2 l= 14 cons: SEQUENCE
+ 328:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 333:d=8 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 342:d=5 hl=2 l= 30 cons: SEQUENCE
+ 344:d=6 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 359:d=6 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 374:d=5 hl=2 l= 27 cons: SEQUENCE
+ 376:d=6 hl=2 l= 25 cons: SET
+ 378:d=7 hl=2 l= 23 cons: SEQUENCE
+ 380:d=8 hl=2 l= 3 prim: OBJECT :commonName
+ 385:d=8 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer
+ 403:d=5 hl=3 l= 159 cons: SEQUENCE
+ 406:d=6 hl=2 l= 13 cons: SEQUENCE
+ 408:d=7 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 419:d=7 hl=2 l= 0 prim: NULL
+ 421:d=6 hl=3 l= 141 prim: BIT STRING
+ 565:d=5 hl=2 l= 23 cons: cont [ 3 ]
+ 567:d=6 hl=2 l= 21 cons: SEQUENCE
+ 569:d=7 hl=2 l= 19 cons: SEQUENCE
+ 571:d=8 hl=2 l= 3 prim: OBJECT :X509v3 Extended Key Usage
+ 576:d=8 hl=2 l= 12 prim: OCTET STRING [HEX DUMP]:300A06082B06010505070309
+ 590:d=4 hl=2 l= 13 cons: SEQUENCE
+ 592:d=5 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 603:d=5 hl=2 l= 0 prim: NULL
+ 605:d=4 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIC+woBAKCCAvQwggLwBgkrBgEFBQcwAQEEggLhMIIC3TCBgaEdMBsxGTAXBgNVBAMTEFRlc3Q
+gT0NTUCBTaWduZXIYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6
+tonczm5mNtCQEEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWjANB
+gkqhkiG9w0BAQUFAAOBgQClgWYlzN9DKHjCisGXYGbagKQmGo2zPi8/pK5zE9YPzDTx0mFP2w6T
+ZgrdtYW+e66U6WgtbYbUL1USBAugHy2mbXjeZroHiKRHxBdb17M2ADhqS/tyue4IyuPEGuyhUXt
+qvPxIiyXFCNnP4HU0uxcnQK9PMNWQnFlk5aA1ixoQjaCCAcIwggG+MIIBujCCASOgAwIBAgIBAT
+ANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE2MDMwNDIxNDAwMloXDTI2M
+DMwMjIxNDAwMlowGzEZMBcGA1UEAxMQVGVzdCBPQ1NQIFNpZ25lcjCBnzANBgkqhkiG9w0BAQEF
+AAOBjQAwgYkCgYEAr33RA+84nexEDSI0KGSwbWlLiaACkAiVbJQwXoWDqTSKrD1ub376zek9M+5
+WETYka2V0ZwnW9IbJiEpmnn4rKvTdItkHYv7vYK5+9KBi4s8w4aYRECYDdTKc6+0I6ZY/jAXY1Z
+xz/rAmfFVvV7roAD2QvVM3f7hUC2uIqQPjXJECAwEAAaMXMBUwEwYDVR0lBAwwCgYIKwYBBQUHA
+wkwDQYJKoZIhvcNAQEFBQADgYEAvIZNLVTEHpgj0gKN9x1LvTJJUVSJovny2zI/YBt1HluMNjgM
+mTKUearYNJVBlqWKB0xytByOQVgkkPQjJYSTVFguc6ObfKG005OlhNXa2ZDffSn+gmo8NtdOQyD
+bz0ydaENNCxpSxr4QXNdOGMiwxN3FSjE1V7v0XdGGsAgrSRw=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem b/net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem
new file mode 100644
index 0000000..5286b55
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/ocsp_sign_indirect_missing.pem
@@ -0,0 +1,123 @@
+Signed indirectly through a missing intermediate
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 309 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 302 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 298 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 283 prim: OCTET STRING
+ 0:d=0 hl=4 l= 279 cons: SEQUENCE
+ 4:d=1 hl=3 l= 129 cons: SEQUENCE
+ 7:d=2 hl=2 l= 29 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 27 cons: SEQUENCE
+ 11:d=4 hl=2 l= 25 cons: SET
+ 13:d=5 hl=2 l= 23 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 16 prim: PRINTABLESTRING :Test OCSP Signer
+ 38:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 55:d=2 hl=2 l= 79 cons: SEQUENCE
+ 57:d=3 hl=2 l= 77 cons: SEQUENCE
+ 59:d=4 hl=2 l= 56 cons: SEQUENCE
+ 61:d=5 hl=2 l= 7 cons: SEQUENCE
+ 63:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 70:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 92:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 114:d=5 hl=2 l= 1 prim: INTEGER :03
+ 117:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 119:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 136:d=1 hl=2 l= 13 cons: SEQUENCE
+ 138:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 149:d=2 hl=2 l= 0 prim: NULL
+ 151:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBNQoBAKCCAS4wggEqBgkrBgEFBQcwAQEEggEbMIIBFzCBgaEdMBsxGTAXBgNVBAMTEFRlc3Q
+gT0NTUCBTaWduZXIYDzIwMTYwMzA0MTY0MDAyWjBPME0wODAHBgUrDgMCGgQUAv912iTeit0VD6
+tonczm5mNtCQEEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDgAAYDzIwMTYwMzA0MTY0MDAyWjANB
+gkqhkiG9w0BAQUFAAOBgQClgWYlzN9DKHjCisGXYGbagKQmGo2zPi8/pK5zE9YPzDTx0mFP2w6T
+ZgrdtYW+e66U6WgtbYbUL1USBAugHy2mbXjeZroHiKRHxBdb17M2ADhqS/tyue4IyuPEGuyhUXt
+qvPxIiyXFCNnP4HU0uxcnQK9PMNWQnFlk5aA1ixoQjQ==
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/other_response.pem b/net/data/parse_ocsp_unittest/other_response.pem
new file mode 100644
index 0000000..e151cac
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/other_response.pem
@@ -0,0 +1,135 @@
+Is a response for a different cert
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 397 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 390 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 386 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 371 prim: OCTET STRING
+ 0:d=0 hl=4 l= 367 cons: SEQUENCE
+ 4:d=1 hl=3 l= 217 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=3 l= 175 cons: SEQUENCE
+ 49:d=3 hl=2 l= 77 cons: SEQUENCE
+ 51:d=4 hl=2 l= 56 cons: SEQUENCE
+ 53:d=5 hl=2 l= 7 cons: SEQUENCE
+ 55:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 62:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:99D6B1D2B9004AD4235ABC2407F6A911CF4744F5
+ 84:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:47901C53047CFFA389F6D500D49AA1D45500EB94
+ 106:d=5 hl=2 l= 1 prim: INTEGER :04
+ 109:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 111:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 128:d=3 hl=2 l= 94 cons: SEQUENCE
+ 130:d=4 hl=2 l= 56 cons: SEQUENCE
+ 132:d=5 hl=2 l= 7 cons: SEQUENCE
+ 134:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 141:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:99D6B1D2B9004AD4235ABC2407F6A911CF4744F5
+ 163:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:47901C53047CFFA389F6D500D49AA1D45500EB94
+ 185:d=5 hl=2 l= 1 prim: INTEGER :04
+ 188:d=4 hl=2 l= 17 cons: cont [ 1 ]
+ 190:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 207:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 224:d=1 hl=2 l= 13 cons: SEQUENCE
+ 226:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 237:d=2 hl=2 l= 0 prim: NULL
+ 239:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBjQoBAKCCAYYwggGCBgkrBgEFBQcwAQEEggFzMIIBbzCB2aEUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjCBrzBNMDgwBwYFKw4DAhoEFJnWsdK5AErUI1q8JAf2qRHPR0
+T1BBRHkBxTBHz/o4n21QDUmqHUVQDrlAIBBIAAGA8yMDE2MDMwNDE2NDAwMlowXjA4MAcGBSsOA
+wIaBBSZ1rHSuQBK1CNavCQH9qkRz0dE9QQUR5AcUwR8/6OJ9tUA1Jqh1FUA65QCAQShERgPMjAx
+NjAzMDQxNjQwMDJaGA8yMDE2MDMwNDE2NDAwMlowDQYJKoZIhvcNAQEFBQADgYEAYr+5Vsn/I0Z
+bEqIJbRm1hkZE8MFTkxvz+CArS+1FaBnGt+FUTiv8o6XDKDSgZmvAfPpgy5PSoK7cJ5H8Rp09BK
+SLGCeCWF/Kmv2EWGV8RspRFP5CmNYmbjayU0OOSUyNTQFHmmB90/2t1i7wwcLl7tbW4EuFdpBZ5
+hZSLXpsS6U=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/responder_id.pem b/net/data/parse_ocsp_unittest/responder_id.pem
new file mode 100644
index 0000000..13fed4f
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/responder_id.pem
@@ -0,0 +1,119 @@
+Uses byKey to identify the signer
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 301 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 294 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 290 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 275 prim: OCTET STRING
+ 0:d=0 hl=4 l= 271 cons: SEQUENCE
+ 4:d=1 hl=2 l= 122 cons: SEQUENCE
+ 6:d=2 hl=2 l= 22 cons: cont [ 2 ]
+ 8:d=3 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 30:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 47:d=2 hl=2 l= 79 cons: SEQUENCE
+ 49:d=3 hl=2 l= 77 cons: SEQUENCE
+ 51:d=4 hl=2 l= 56 cons: SEQUENCE
+ 53:d=5 hl=2 l= 7 cons: SEQUENCE
+ 55:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 62:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 84:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 106:d=5 hl=2 l= 1 prim: INTEGER :03
+ 109:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 111:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 128:d=1 hl=2 l= 13 cons: SEQUENCE
+ 130:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 141:d=2 hl=2 l= 0 prim: NULL
+ 143:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBLQoBAKCCASYwggEiBgkrBgEFBQcwAQEEggETMIIBDzB6ohYEFHc1rLTf57ncglk4G37t8Ig
+rlzU0GA8yMDE2MDMwNDE2NDAwMlowTzBNMDgwBwYFKw4DAhoEFAL/ddok3ordFQ+raJ3M5uZjbQ
+kBBBR3Nay03+e53IJZOBt+7fCIK5c1NAIBA4AAGA8yMDE2MDMwNDE2NDAwMlowDQYJKoZIhvcNA
+QEFBQADgYEAlBfILkufybGfg0K/0dK5o+xVYsra4kyHHfeGe2+X7Ie/QL88dafZRqycraUmO+Yv
+uqKgLMOUsMJCaWo/leyiAUVFcDa8NzcEWUiqPFtPzq4YSfnHoUIyzHliJMx1//Q9f6HtMAUqBk8
+FaET1SGuZB46eW0cck0ZgeNFT3rOmOno=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/responder_name.pem b/net/data/parse_ocsp_unittest/responder_name.pem
new file mode 100644
index 0000000..45293ad
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/responder_name.pem
@@ -0,0 +1,123 @@
+Uses byName to identify the signer
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 299 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 292 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 288 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 273 prim: OCTET STRING
+ 0:d=0 hl=4 l= 269 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 0 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOAABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBAEaH8xtlTUtrtKBa/dKPjWhP5dl+FQMVmCpKVGYVkh+mq/mltWcFgqmVr2uMuCngTIXg
+xXd9xzvdjl3Y8PqbFXd2267ZQ5JWLkyU1FFxOYRQsjNZD45AnPmXUeHTJ+KqvmIoduFMc2O42RK
+/bUfjrcMZcpbblnbPReAfYUsUaiCE
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/revoke_response.pem b/net/data/parse_ocsp_unittest/revoke_response.pem
new file mode 100644
index 0000000..dfeb6b1
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/revoke_response.pem
@@ -0,0 +1,124 @@
+Is a REVOKE response for the cert
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 317 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 310 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 306 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 291 prim: OCTET STRING
+ 0:d=0 hl=4 l= 287 cons: SEQUENCE
+ 4:d=1 hl=3 l= 137 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=2 l= 96 cons: SEQUENCE
+ 48:d=3 hl=2 l= 94 cons: SEQUENCE
+ 50:d=4 hl=2 l= 56 cons: SEQUENCE
+ 52:d=5 hl=2 l= 7 cons: SEQUENCE
+ 54:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 105:d=5 hl=2 l= 1 prim: INTEGER :03
+ 108:d=4 hl=2 l= 17 cons: cont [ 1 ]
+ 110:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 127:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 144:d=1 hl=2 l= 13 cons: SEQUENCE
+ 146:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 157:d=2 hl=2 l= 0 prim: NULL
+ 159:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBPQoBAKCCATYwggEyBgkrBgEFBQcwAQEEggEjMIIBHzCBiaEUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjBgMF4wODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ
+EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDoREYDzIwMTYwMzA0MTY0MDAyWhgPMjAxNjAzMDQxN
+jQwMDJaMA0GCSqGSIb3DQEBBQUAA4GBAA1dkQpeYy4+X5lBJfNwWY7W9AKtDHgLzI4kxhGmPfsF
+EGVlnyrHpTHP04csXfnW4oF/xK5wpN+3jMDNxoShEZR/OBcfGw0XDZm8ttSOAjHeloPpnO3ozTq
+Zvw+sMIEpWuygFcYMHJ7CnJycYS01A+is5GqCBuRyvXCxv5bVrEu4
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/revoke_response_reason.pem b/net/data/parse_ocsp_unittest/revoke_response_reason.pem
new file mode 100644
index 0000000..0abcecf
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/revoke_response_reason.pem
@@ -0,0 +1,126 @@
+Is a REVOKE response for the cert with a reason
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 322 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 315 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 311 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 296 prim: OCTET STRING
+ 0:d=0 hl=4 l= 292 cons: SEQUENCE
+ 4:d=1 hl=3 l= 142 cons: SEQUENCE
+ 7:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 9:d=3 hl=2 l= 18 cons: SEQUENCE
+ 11:d=4 hl=2 l= 16 cons: SET
+ 13:d=5 hl=2 l= 14 cons: SEQUENCE
+ 15:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 20:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 29:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 46:d=2 hl=2 l= 101 cons: SEQUENCE
+ 48:d=3 hl=2 l= 99 cons: SEQUENCE
+ 50:d=4 hl=2 l= 56 cons: SEQUENCE
+ 52:d=5 hl=2 l= 7 cons: SEQUENCE
+ 54:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 61:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 83:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 105:d=5 hl=2 l= 1 prim: INTEGER :03
+ 108:d=4 hl=2 l= 22 cons: cont [ 1 ]
+ 110:d=5 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 127:d=5 hl=2 l= 3 cons: cont [ 0 ]
+ 129:d=6 hl=2 l= 1 prim: ENUMERATED :01
+ 132:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 149:d=1 hl=2 l= 13 cons: SEQUENCE
+ 151:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 162:d=2 hl=2 l= 0 prim: NULL
+ 164:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBQgoBAKCCATswggE3BgkrBgEFBQcwAQEEggEoMIIBJDCBjqEUMBIxEDAOBgNVBAMTB1Rlc3Q
+gQ0EYDzIwMTYwMzA0MTY0MDAyWjBlMGMwODAHBgUrDgMCGgQUAv912iTeit0VD6tonczm5mNtCQ
+EEFHc1rLTf57ncglk4G37t8IgrlzU0AgEDoRYYDzIwMTYwMzA0MTY0MDAyWqADCgEBGA8yMDE2M
+DMwNDE2NDAwMlowDQYJKoZIhvcNAQEFBQADgYEAdJ2fItNUjBLpAUqtph3z6OGWnlilggMBSayg
+rAWg/BgxKgxoBv/WXMKgjWKJw2/+gdqXsiXxQiunSvCKK4t7ghhTvelofc5R1KUO3zPU95tsMPX
+r1PXdp0BSkt+03qWhiB3xyIboZJp1esjcnGnBC3lQD39V7n28AXW+17n73/Q=
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
diff --git a/net/data/parse_ocsp_unittest/unknown_response.pem b/net/data/parse_ocsp_unittest/unknown_response.pem
new file mode 100644
index 0000000..f19d37a
--- /dev/null
+++ b/net/data/parse_ocsp_unittest/unknown_response.pem
@@ -0,0 +1,123 @@
+Is an UNKNOWN response for the cert
+$ openssl asn1parse -i < [OCSP RESPONSE]
+ 0:d=0 hl=4 l= 299 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: ENUMERATED :00
+ 7:d=1 hl=4 l= 292 cons: cont [ 0 ]
+ 11:d=2 hl=4 l= 288 cons: SEQUENCE
+ 15:d=3 hl=2 l= 9 prim: OBJECT :Basic OCSP Response
+ 26:d=3 hl=4 l= 273 prim: OCTET STRING
+ 0:d=0 hl=4 l= 269 cons: SEQUENCE
+ 4:d=1 hl=2 l= 120 cons: SEQUENCE
+ 6:d=2 hl=2 l= 20 cons: cont [ 1 ]
+ 8:d=3 hl=2 l= 18 cons: SEQUENCE
+ 10:d=4 hl=2 l= 16 cons: SET
+ 12:d=5 hl=2 l= 14 cons: SEQUENCE
+ 14:d=6 hl=2 l= 3 prim: OBJECT :commonName
+ 19:d=6 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 28:d=2 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 45:d=2 hl=2 l= 79 cons: SEQUENCE
+ 47:d=3 hl=2 l= 77 cons: SEQUENCE
+ 49:d=4 hl=2 l= 56 cons: SEQUENCE
+ 51:d=5 hl=2 l= 7 cons: SEQUENCE
+ 53:d=6 hl=2 l= 5 prim: OBJECT :sha1
+ 60:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:02FF75DA24DE8ADD150FAB689DCCE6E6636D0901
+ 82:d=5 hl=2 l= 20 prim: OCTET STRING [HEX DUMP]:7735ACB4DFE7B9DC8259381B7EEDF0882B973534
+ 104:d=5 hl=2 l= 1 prim: INTEGER :03
+ 107:d=4 hl=2 l= 0 prim: cont [ 2 ]
+ 109:d=4 hl=2 l= 15 prim: GENERALIZEDTIME :20160304164002Z
+ 126:d=1 hl=2 l= 13 cons: SEQUENCE
+ 128:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 139:d=2 hl=2 l= 0 prim: NULL
+ 141:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN OCSP RESPONSE-----
+MIIBKwoBAKCCASQwggEgBgkrBgEFBQcwAQEEggERMIIBDTB4oRQwEjEQMA4GA1UEAxMHVGVzdCB
+DQRgPMjAxNjAzMDQxNjQwMDJaME8wTTA4MAcGBSsOAwIaBBQC/3XaJN6K3RUPq2idzObmY20JAQ
+QUdzWstN/nudyCWTgbfu3wiCuXNTQCAQOCABgPMjAxNjAzMDQxNjQwMDJaMA0GCSqGSIb3DQEBB
+QUAA4GBADKSl26nGkptHNremzcuCoEVLVCrOT7EjBpbCktlga4QNAuMaOCwWccIa+yfxCQ1O04M
+jx0vbOWqTSZG/dRCgJYzGV007KNKxEOuQALdwtjrjNg89VZ+VaDp/zJEGO5LqOUdawiwbVxjQK1
+hcwGkVxiFuibzzZKeQf2/xf3jaMWy
+-----END OCSP RESPONSE-----
+
+$ openssl asn1parse -i < [CA CERTIFICATE]
+ 0:d=0 hl=4 l= 408 cons: SEQUENCE
+ 4:d=1 hl=4 l= 257 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :00
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 18 cons: SEQUENCE
+ 85:d=3 hl=2 l= 16 cons: SET
+ 87:d=4 hl=2 l= 14 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 103:d=2 hl=3 l= 159 cons: SEQUENCE
+ 106:d=3 hl=2 l= 13 cons: SEQUENCE
+ 108:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 119:d=4 hl=2 l= 0 prim: NULL
+ 121:d=3 hl=3 l= 141 prim: BIT STRING
+ 265:d=1 hl=2 l= 13 cons: SEQUENCE
+ 267:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 278:d=2 hl=2 l= 0 prim: NULL
+ 280:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CA CERTIFICATE-----
+MIIBmDCCAQGgAwIBAgIBADANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowEjEQMA4GA1UEAxMHVGVzdCBDQTCBnzANBgkqhk
+iG9w0BAQEFAAOBjQAwgYkCgYEAxN8IR7ey6jTVUyS6kkCqt2x9/mxnRz77Py6Kwdm3P9jqIwqrC
+RuqAXfC5QcyeyUaXKCc49bmL7cy64UowTrnIjyqiYOX0VO6t3ZdKcy2/8U2uwdL5oZPlBkpI6mU
+7vl+3rKbKkNPNPLv8apwFF1zIHUm1tund152PlMAWQu6rmUCAwEAATANBgkqhkiG9w0BAQUFAAO
+BgQCYaWdjhx0ARGhs1Dj1N6RXIf0U669nJcx0XkuC/yL5Ji16cjI1s76arVjGK7OPZ011x4/gNM
+RLj31wyxKsfg3qQdlYkVl89CwtA+KxghQoRhD8cSWY1aOQcm4hM11HE5t5VyNbheSOBVwoOb8wO
+cgZFERfCNWbcx2a3WYVJCGoUw==
+-----END CA CERTIFICATE-----
+
+$ openssl asn1parse -i < [CERTIFICATE]
+ 0:d=0 hl=4 l= 410 cons: SEQUENCE
+ 4:d=1 hl=4 l= 259 cons: SEQUENCE
+ 8:d=2 hl=2 l= 3 cons: cont [ 0 ]
+ 10:d=3 hl=2 l= 1 prim: INTEGER :02
+ 13:d=2 hl=2 l= 1 prim: INTEGER :03
+ 16:d=2 hl=2 l= 13 cons: SEQUENCE
+ 18:d=3 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 29:d=3 hl=2 l= 0 prim: NULL
+ 31:d=2 hl=2 l= 18 cons: SEQUENCE
+ 33:d=3 hl=2 l= 16 cons: SET
+ 35:d=4 hl=2 l= 14 cons: SEQUENCE
+ 37:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 42:d=5 hl=2 l= 7 prim: PRINTABLESTRING :Test CA
+ 51:d=2 hl=2 l= 30 cons: SEQUENCE
+ 53:d=3 hl=2 l= 13 prim: UTCTIME :160304214002Z
+ 68:d=3 hl=2 l= 13 prim: UTCTIME :260302214002Z
+ 83:d=2 hl=2 l= 20 cons: SEQUENCE
+ 85:d=3 hl=2 l= 18 cons: SET
+ 87:d=4 hl=2 l= 16 cons: SEQUENCE
+ 89:d=5 hl=2 l= 3 prim: OBJECT :commonName
+ 94:d=5 hl=2 l= 9 prim: PRINTABLESTRING :Test Cert
+ 105:d=2 hl=3 l= 159 cons: SEQUENCE
+ 108:d=3 hl=2 l= 13 cons: SEQUENCE
+ 110:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 121:d=4 hl=2 l= 0 prim: NULL
+ 123:d=3 hl=3 l= 141 prim: BIT STRING
+ 267:d=1 hl=2 l= 13 cons: SEQUENCE
+ 269:d=2 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
+ 280:d=2 hl=2 l= 0 prim: NULL
+ 282:d=1 hl=3 l= 129 prim: BIT STRING
+-----BEGIN CERTIFICATE-----
+MIIBmjCCAQOgAwIBAgIBAzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdUZXN0IENBMB4XDTE
+2MDMwNDIxNDAwMloXDTI2MDMwMjIxNDAwMlowFDESMBAGA1UEAxMJVGVzdCBDZXJ0MIGfMA0GCS
+qGSIb3DQEBAQUAA4GNADCBiQKBgQCynU7qbknY0uuN2uYvVj9/UeLaZ+GTuIICagyaSvwhDdEFI
+ieSELYv5c3TlrIzAzuMlx78eOuhyxyL5SqDe1+YrD4tsHTMoWhSsmjRmKHpxfVScPwgBvnZ3i5d
+jS/iLKlvoTnH8qPE2QC+B2GgoU8HFEaVg5jI1NACo5gh75ZAawIDAQABMA0GCSqGSIb3DQEBBQU
+AA4GBAHSL52wcNMvGbcbSI3fZd9ckcx2Kgor0/FZOcjWFaI877E9ok7TGk1uwy5QsTcRZdEuCsl
+3Ph9kpZYkiB6JIGrEzvmE5Nmv8VmYtEAX4F1JX6WPETlRR95fA4D4WmHNb2bxBy8bP9wLpced2V
+42JEeS36VZs/yhLupvaLx9PcRwM
+-----END CERTIFICATE-----
generated by cgit v1.1 at 2024-06-10 04:39:59 +0000