1 /* 2 * crypt32 certificate chain functions tests 3 * 4 * Copyright 2006 Juan Lang 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, write to the Free Software 18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA 19 */ 20 21 #include "precomp.h" 22 23 #include <wininet.h> 24 25 static const BYTE selfSignedCert[] = { 26 0x30, 0x82, 0x01, 0x1f, 0x30, 0x81, 0xce, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 27 0x10, 0xeb, 0x0d, 0x57, 0x2a, 0x9c, 0x09, 0xba, 0xa4, 0x4a, 0xb7, 0x25, 0x49, 28 0xd9, 0x3e, 0xb5, 0x73, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1d, 29 0x05, 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 30 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 31 0x1e, 0x17, 0x0d, 0x30, 0x36, 0x30, 0x36, 0x32, 0x39, 0x30, 0x35, 0x30, 0x30, 32 0x34, 0x36, 0x5a, 0x17, 0x0d, 0x30, 0x37, 0x30, 0x36, 0x32, 0x39, 0x31, 0x31, 33 0x30, 0x30, 0x34, 0x36, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 34 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 35 0x67, 0x00, 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 36 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41, 37 0x00, 0xe2, 0x54, 0x3a, 0xa7, 0x83, 0xb1, 0x27, 0x14, 0x3e, 0x59, 0xbb, 0xb4, 38 0x53, 0xe6, 0x1f, 0xe7, 0x5d, 0xf1, 0x21, 0x68, 0xad, 0x85, 0x53, 0xdb, 0x6b, 39 0x1e, 0xeb, 0x65, 0x97, 0x03, 0x86, 0x60, 0xde, 0xf3, 0x6c, 0x38, 0x75, 0xe0, 40 0x4c, 0x61, 0xbb, 0xbc, 0x62, 0x17, 0xa9, 0xcd, 0x79, 0x3f, 0x21, 0x4e, 0x96, 41 0xcb, 0x0e, 0xdc, 0x61, 0x94, 0x30, 0x18, 0x10, 0x6b, 0xd0, 0x1c, 0x10, 0x79, 42 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 43 0x1d, 0x05, 0x00, 0x03, 0x41, 0x00, 0x25, 0x90, 0x53, 0x34, 0xd9, 0x56, 0x41, 44 0x5e, 0xdb, 0x7e, 0x01, 0x36, 0xec, 0x27, 0x61, 0x5e, 0xb7, 0x4d, 0x90, 0x66, 45 0xa2, 0xe1, 0x9d, 0x58, 0x76, 0xd4, 0x9c, 0xba, 0x2c, 0x84, 0xc6, 0x83, 0x7a, 46 0x22, 0x0d, 0x03, 0x69, 0x32, 0x1a, 0x6d, 0xcb, 0x0c, 0x15, 0xb3, 0x6b, 0xc7, 47 0x0a, 0x8c, 0xb4, 0x5c, 0x34, 0x78, 0xe0, 0x3c, 0x9c, 0xe9, 0xf3, 0x30, 0x9f, 48 0xa8, 0x76, 0x57, 0x92, 0x36 }; 49 50 static BOOL (WINAPI *pCertCreateCertificateChainEngine)(PCERT_CHAIN_ENGINE_CONFIG,HCERTCHAINENGINE*); 51 static BOOL (WINAPI *pCertGetCertificateChain)(HCERTCHAINENGINE,PCCERT_CONTEXT,LPFILETIME,HCERTSTORE,PCERT_CHAIN_PARA,DWORD,LPVOID,PCCERT_CHAIN_CONTEXT*); 52 static VOID (WINAPI *pCertFreeCertificateChain)(PCCERT_CHAIN_CONTEXT); 53 static VOID (WINAPI *pCertFreeCertificateChainEngine)(HCERTCHAINENGINE); 54 static BOOL (WINAPI *pCertVerifyCertificateChainPolicy)(LPCSTR,PCCERT_CHAIN_CONTEXT,PCERT_CHAIN_POLICY_PARA,PCERT_CHAIN_POLICY_STATUS); 55 56 #define IS_INTOID(x) (((ULONG_PTR)(x) >> 16) == 0) 57 58 typedef struct _CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT 59 { 60 DWORD cbSize; 61 HCERTSTORE hRestrictedRoot; 62 HCERTSTORE hRestrictedTrust; 63 HCERTSTORE hRestrictedOther; 64 DWORD cAdditionalStore; 65 HCERTSTORE *rghAdditionalStore; 66 DWORD dwFlags; 67 DWORD dwUrlRetrievalTimeout; 68 DWORD MaximumCachedCertificates; 69 DWORD CycleDetectionModulus; 70 } CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT; 71 72 static void testCreateCertChainEngine(void) 73 { 74 BOOL ret; 75 CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT config = { 0 }; 76 CERT_CHAIN_ENGINE_CONFIG *pConfig = (CERT_CHAIN_ENGINE_CONFIG *)&config; 77 HCERTCHAINENGINE engine; 78 HCERTSTORE store; 79 80 if (!pCertCreateCertificateChainEngine || !pCertFreeCertificateChainEngine) 81 { 82 win_skip("Cert*CertificateChainEngine() functions are not available\n"); 83 return; 84 } 85 86 /* Crash 87 ret = pCertCreateCertificateChainEngine(NULL, NULL); 88 ret = pCertCreateCertificateChainEngine(NULL, &engine); 89 ret = pCertCreateCertificateChainEngine(pConfig, NULL); 90 */ 91 ret = pCertCreateCertificateChainEngine(pConfig, &engine); 92 ok(!ret && GetLastError() == E_INVALIDARG, 93 "Expected E_INVALIDARG, got %08x\n", GetLastError()); 94 /* Crashes 95 config.cbSize = sizeof(config); 96 ret = pCertCreateCertificateChainEngine(pConfig, NULL); 97 */ 98 config.cbSize = sizeof(config); 99 ret = pCertCreateCertificateChainEngine(pConfig, &engine); 100 ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError()); 101 pCertFreeCertificateChainEngine(engine); 102 config.dwFlags = 0xff000000; 103 ret = pCertCreateCertificateChainEngine(pConfig, &engine); 104 ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError()); 105 pCertFreeCertificateChainEngine(engine); 106 107 /* Creating a cert with no root certs at all is allowed.. */ 108 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 109 CERT_STORE_CREATE_NEW_FLAG, NULL); 110 config.hRestrictedRoot = store; 111 ret = pCertCreateCertificateChainEngine(pConfig, &engine); 112 ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError()); 113 pCertFreeCertificateChainEngine(engine); 114 115 /* but creating one with a restricted root with a cert that isn't a member 116 * of the Root store isn't allowed. 117 */ 118 CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, selfSignedCert, 119 sizeof(selfSignedCert), CERT_STORE_ADD_ALWAYS, NULL); 120 ret = pCertCreateCertificateChainEngine(pConfig, &engine); 121 /* ERROR_FILE_NOT_FOUND used in Windows 10 */ 122 ok(!ret && ((GetLastError() == CRYPT_E_NOT_FOUND) || 123 (GetLastError() == ERROR_FILE_NOT_FOUND)), 124 "Expected CRYPT_E_NOT_FOUND or ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError()); 125 126 CertCloseStore(store, 0); 127 } 128 129 static const BYTE bigCert[] = { 0x30, 0x7a, 0x02, 0x01, 0x01, 0x30, 0x02, 0x06, 130 0x00, 0x30, 0x15, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 131 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x22, 132 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 133 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x31, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 134 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x30, 0x15, 0x31, 0x13, 0x30, 135 0x11, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0a, 0x4a, 0x75, 0x61, 0x6e, 0x20, 136 0x4c, 0x61, 0x6e, 0x67, 0x00, 0x30, 0x07, 0x30, 0x02, 0x06, 0x00, 0x03, 0x01, 137 0x00, 0xa3, 0x16, 0x30, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 138 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01 }; 139 static const BYTE geotrust_global_ca[]={ 140 0x30,0x82,0x03,0x54,0x30,0x82,0x02,0x3c,0xa0,0x03,0x02,0x01,0x02,0x02,0x03, 141 0x02,0x34,0x56,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01, 142 0x05,0x05,0x00,0x30,0x42,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13, 143 0x02,0x55,0x53,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x0a,0x13,0x0d,0x47, 144 0x65,0x6f,0x54,0x72,0x75,0x73,0x74,0x20,0x49,0x6e,0x63,0x2e,0x31,0x1b,0x30, 145 0x19,0x06,0x03,0x55,0x04,0x03,0x13,0x12,0x47,0x65,0x6f,0x54,0x72,0x75,0x73, 146 0x74,0x20,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d, 147 0x30,0x32,0x30,0x35,0x32,0x31,0x30,0x34,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d, 148 0x32,0x32,0x30,0x35,0x32,0x31,0x30,0x34,0x30,0x30,0x30,0x30,0x5a,0x30,0x42, 149 0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x16, 150 0x30,0x14,0x06,0x03,0x55,0x04,0x0a,0x13,0x0d,0x47,0x65,0x6f,0x54,0x72,0x75, 151 0x73,0x74,0x20,0x49,0x6e,0x63,0x2e,0x31,0x1b,0x30,0x19,0x06,0x03,0x55,0x04, 152 0x03,0x13,0x12,0x47,0x65,0x6f,0x54,0x72,0x75,0x73,0x74,0x20,0x47,0x6c,0x6f, 153 0x62,0x61,0x6c,0x20,0x43,0x41,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a, 154 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00, 155 0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01,0x00,0xda,0xcc,0x18,0x63,0x30,0xfd, 156 0xf4,0x17,0x23,0x1a,0x56,0x7e,0x5b,0xdf,0x3c,0x6c,0x38,0xe4,0x71,0xb7,0x78, 157 0x91,0xd4,0xbc,0xa1,0xd8,0x4c,0xf8,0xa8,0x43,0xb6,0x03,0xe9,0x4d,0x21,0x07, 158 0x08,0x88,0xda,0x58,0x2f,0x66,0x39,0x29,0xbd,0x05,0x78,0x8b,0x9d,0x38,0xe8, 159 0x05,0xb7,0x6a,0x7e,0x71,0xa4,0xe6,0xc4,0x60,0xa6,0xb0,0xef,0x80,0xe4,0x89, 160 0x28,0x0f,0x9e,0x25,0xd6,0xed,0x83,0xf3,0xad,0xa6,0x91,0xc7,0x98,0xc9,0x42, 161 0x18,0x35,0x14,0x9d,0xad,0x98,0x46,0x92,0x2e,0x4f,0xca,0xf1,0x87,0x43,0xc1, 162 0x16,0x95,0x57,0x2d,0x50,0xef,0x89,0x2d,0x80,0x7a,0x57,0xad,0xf2,0xee,0x5f, 163 0x6b,0xd2,0x00,0x8d,0xb9,0x14,0xf8,0x14,0x15,0x35,0xd9,0xc0,0x46,0xa3,0x7b, 164 0x72,0xc8,0x91,0xbf,0xc9,0x55,0x2b,0xcd,0xd0,0x97,0x3e,0x9c,0x26,0x64,0xcc, 165 0xdf,0xce,0x83,0x19,0x71,0xca,0x4e,0xe6,0xd4,0xd5,0x7b,0xa9,0x19,0xcd,0x55, 166 0xde,0xc8,0xec,0xd2,0x5e,0x38,0x53,0xe5,0x5c,0x4f,0x8c,0x2d,0xfe,0x50,0x23, 167 0x36,0xfc,0x66,0xe6,0xcb,0x8e,0xa4,0x39,0x19,0x00,0xb7,0x95,0x02,0x39,0x91, 168 0x0b,0x0e,0xfe,0x38,0x2e,0xd1,0x1d,0x05,0x9a,0xf6,0x4d,0x3e,0x6f,0x0f,0x07, 169 0x1d,0xaf,0x2c,0x1e,0x8f,0x60,0x39,0xe2,0xfa,0x36,0x53,0x13,0x39,0xd4,0x5e, 170 0x26,0x2b,0xdb,0x3d,0xa8,0x14,0xbd,0x32,0xeb,0x18,0x03,0x28,0x52,0x04,0x71, 171 0xe5,0xab,0x33,0x3d,0xe1,0x38,0xbb,0x07,0x36,0x84,0x62,0x9c,0x79,0xea,0x16, 172 0x30,0xf4,0x5f,0xc0,0x2b,0xe8,0x71,0x6b,0xe4,0xf9,0x02,0x03,0x01,0x00,0x01, 173 0xa3,0x53,0x30,0x51,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04, 174 0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16, 175 0x04,0x14,0xc0,0x7a,0x98,0x68,0x8d,0x89,0xfb,0xab,0x05,0x64,0x0c,0x11,0x7d, 176 0xaa,0x7d,0x65,0xb8,0xca,0xcc,0x4e,0x30,0x1f,0x06,0x03,0x55,0x1d,0x23,0x04, 177 0x18,0x30,0x16,0x80,0x14,0xc0,0x7a,0x98,0x68,0x8d,0x89,0xfb,0xab,0x05,0x64, 178 0x0c,0x11,0x7d,0xaa,0x7d,0x65,0xb8,0xca,0xcc,0x4e,0x30,0x0d,0x06,0x09,0x2a, 179 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00, 180 0x35,0xe3,0x29,0x6a,0xe5,0x2f,0x5d,0x54,0x8e,0x29,0x50,0x94,0x9f,0x99,0x1a, 181 0x14,0xe4,0x8f,0x78,0x2a,0x62,0x94,0xa2,0x27,0x67,0x9e,0xd0,0xcf,0x1a,0x5e, 182 0x47,0xe9,0xc1,0xb2,0xa4,0xcf,0xdd,0x41,0x1a,0x05,0x4e,0x9b,0x4b,0xee,0x4a, 183 0x6f,0x55,0x52,0xb3,0x24,0xa1,0x37,0x0a,0xeb,0x64,0x76,0x2a,0x2e,0x2c,0xf3, 184 0xfd,0x3b,0x75,0x90,0xbf,0xfa,0x71,0xd8,0xc7,0x3d,0x37,0xd2,0xb5,0x05,0x95, 185 0x62,0xb9,0xa6,0xde,0x89,0x3d,0x36,0x7b,0x38,0x77,0x48,0x97,0xac,0xa6,0x20, 186 0x8f,0x2e,0xa6,0xc9,0x0c,0xc2,0xb2,0x99,0x45,0x00,0xc7,0xce,0x11,0x51,0x22, 187 0x22,0xe0,0xa5,0xea,0xb6,0x15,0x48,0x09,0x64,0xea,0x5e,0x4f,0x74,0xf7,0x05, 188 0x3e,0xc7,0x8a,0x52,0x0c,0xdb,0x15,0xb4,0xbd,0x6d,0x9b,0xe5,0xc6,0xb1,0x54, 189 0x68,0xa9,0xe3,0x69,0x90,0xb6,0x9a,0xa5,0x0f,0xb8,0xb9,0x3f,0x20,0x7d,0xae, 190 0x4a,0xb5,0xb8,0x9c,0xe4,0x1d,0xb6,0xab,0xe6,0x94,0xa5,0xc1,0xc7,0x83,0xad, 191 0xdb,0xf5,0x27,0x87,0x0e,0x04,0x6c,0xd5,0xff,0xdd,0xa0,0x5d,0xed,0x87,0x52, 192 0xb7,0x2b,0x15,0x02,0xae,0x39,0xa6,0x6a,0x74,0xe9,0xda,0xc4,0xe7,0xbc,0x4d, 193 0x34,0x1e,0xa9,0x5c,0x4d,0x33,0x5f,0x92,0x09,0x2f,0x88,0x66,0x5d,0x77,0x97, 194 0xc7,0x1d,0x76,0x13,0xa9,0xd5,0xe5,0xf1,0x16,0x09,0x11,0x35,0xd5,0xac,0xdb, 195 0x24,0x71,0x70,0x2c,0x98,0x56,0x0b,0xd9,0x17,0xb4,0xd1,0xe3,0x51,0x2b,0x5e, 196 0x75,0xe8,0xd5,0xd0,0xdc,0x4f,0x34,0xed,0xc2,0x05,0x66,0x80,0xa1,0xcb,0xe6, 197 0x33 198 }; 199 /* Google Internet Authority G2 */ 200 static const BYTE google_internet_authority[]={ 201 0x30,0x82,0x03,0xf0,0x30,0x82,0x02,0xd8,0xa0,0x03,0x02,0x01,0x02,0x02,0x03, 202 0x02,0x3a,0x92,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01, 203 0x0b,0x05,0x00,0x30,0x42,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13, 204 0x02,0x55,0x53,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x0a,0x13,0x0d,0x47, 205 0x65,0x6f,0x54,0x72,0x75,0x73,0x74,0x20,0x49,0x6e,0x63,0x2e,0x31,0x1b,0x30, 206 0x19,0x06,0x03,0x55,0x04,0x03,0x13,0x12,0x47,0x65,0x6f,0x54,0x72,0x75,0x73, 207 0x74,0x20,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d, 208 0x31,0x35,0x30,0x34,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d, 209 0x31,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x49, 210 0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13, 211 0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,0x47,0x6f,0x6f,0x67,0x6c,0x65, 212 0x20,0x49,0x6e,0x63,0x31,0x25,0x30,0x23,0x06,0x03,0x55,0x04,0x03,0x13,0x1c, 213 0x47,0x6f,0x6f,0x67,0x6c,0x65,0x20,0x49,0x6e,0x74,0x65,0x72,0x6e,0x65,0x74, 214 0x20,0x41,0x75,0x74,0x68,0x6f,0x72,0x69,0x74,0x79,0x20,0x47,0x32,0x30,0x82, 215 0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01, 216 0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01, 217 0x00,0x9c,0x2a,0x04,0x77,0x5c,0xd8,0x50,0x91,0x3a,0x06,0xa3,0x82,0xe0,0xd8, 218 0x50,0x48,0xbc,0x89,0x3f,0xf1,0x19,0x70,0x1a,0x88,0x46,0x7e,0xe0,0x8f,0xc5, 219 0xf1,0x89,0xce,0x21,0xee,0x5a,0xfe,0x61,0x0d,0xb7,0x32,0x44,0x89,0xa0,0x74, 220 0x0b,0x53,0x4f,0x55,0xa4,0xce,0x82,0x62,0x95,0xee,0xeb,0x59,0x5f,0xc6,0xe1, 221 0x05,0x80,0x12,0xc4,0x5e,0x94,0x3f,0xbc,0x5b,0x48,0x38,0xf4,0x53,0xf7,0x24, 222 0xe6,0xfb,0x91,0xe9,0x15,0xc4,0xcf,0xf4,0x53,0x0d,0xf4,0x4a,0xfc,0x9f,0x54, 223 0xde,0x7d,0xbe,0xa0,0x6b,0x6f,0x87,0xc0,0xd0,0x50,0x1f,0x28,0x30,0x03,0x40, 224 0xda,0x08,0x73,0x51,0x6c,0x7f,0xff,0x3a,0x3c,0xa7,0x37,0x06,0x8e,0xbd,0x4b, 225 0x11,0x04,0xeb,0x7d,0x24,0xde,0xe6,0xf9,0xfc,0x31,0x71,0xfb,0x94,0xd5,0x60, 226 0xf3,0x2e,0x4a,0xaf,0x42,0xd2,0xcb,0xea,0xc4,0x6a,0x1a,0xb2,0xcc,0x53,0xdd, 227 0x15,0x4b,0x8b,0x1f,0xc8,0x19,0x61,0x1f,0xcd,0x9d,0xa8,0x3e,0x63,0x2b,0x84, 228 0x35,0x69,0x65,0x84,0xc8,0x19,0xc5,0x46,0x22,0xf8,0x53,0x95,0xbe,0xe3,0x80, 229 0x4a,0x10,0xc6,0x2a,0xec,0xba,0x97,0x20,0x11,0xc7,0x39,0x99,0x10,0x04,0xa0, 230 0xf0,0x61,0x7a,0x95,0x25,0x8c,0x4e,0x52,0x75,0xe2,0xb6,0xed,0x08,0xca,0x14, 231 0xfc,0xce,0x22,0x6a,0xb3,0x4e,0xcf,0x46,0x03,0x97,0x97,0x03,0x7e,0xc0,0xb1, 232 0xde,0x7b,0xaf,0x45,0x33,0xcf,0xba,0x3e,0x71,0xb7,0xde,0xf4,0x25,0x25,0xc2, 233 0x0d,0x35,0x89,0x9d,0x9d,0xfb,0x0e,0x11,0x79,0x89,0x1e,0x37,0xc5,0xaf,0x8e, 234 0x72,0x69,0x02,0x03,0x01,0x00,0x01,0xa3,0x81,0xe7,0x30,0x81,0xe4,0x30,0x1f, 235 0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0xc0,0x7a,0x98,0x68, 236 0x8d,0x89,0xfb,0xab,0x05,0x64,0x0c,0x11,0x7d,0xaa,0x7d,0x65,0xb8,0xca,0xcc, 237 0x4e,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x4a,0xdd,0x06, 238 0x16,0x1b,0xbc,0xf6,0x68,0xb5,0x76,0xf5,0x81,0xb6,0xbb,0x62,0x1a,0xba,0x5a, 239 0x81,0x2f,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03, 240 0x02,0x01,0x06,0x30,0x2e,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01, 241 0x04,0x22,0x30,0x20,0x30,0x1e,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30, 242 0x01,0x86,0x12,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x67,0x2e,0x73,0x79,0x6d, 243 0x63,0x64,0x2e,0x63,0x6f,0x6d,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01, 244 0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x00,0x30,0x35,0x06,0x03, 245 0x55,0x1d,0x1f,0x04,0x2e,0x30,0x2c,0x30,0x2a,0xa0,0x28,0xa0,0x26,0x86,0x24, 246 0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x67,0x2e,0x73,0x79,0x6d,0x63,0x62,0x2e, 247 0x63,0x6f,0x6d,0x2f,0x63,0x72,0x6c,0x73,0x2f,0x67,0x74,0x67,0x6c,0x6f,0x62, 248 0x61,0x6c,0x2e,0x63,0x72,0x6c,0x30,0x17,0x06,0x03,0x55,0x1d,0x20,0x04,0x10, 249 0x30,0x0e,0x30,0x0c,0x06,0x0a,0x2b,0x06,0x01,0x04,0x01,0xd6,0x79,0x02,0x05, 250 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0b,0x05, 251 0x00,0x03,0x82,0x01,0x01,0x00,0x08,0x4e,0x04,0xa7,0x80,0x7f,0x10,0x16,0x43, 252 0x5e,0x02,0xad,0xd7,0x42,0x80,0xf4,0xb0,0x8e,0xd2,0xae,0xb3,0xeb,0x11,0x7d, 253 0x90,0x84,0x18,0x7d,0xe7,0x90,0x15,0xfb,0x49,0x7f,0xa8,0x99,0x05,0x91,0xbb, 254 0x7a,0xc9,0xd6,0x3c,0x37,0x18,0x09,0x9a,0xb6,0xc7,0x92,0x20,0x07,0x35,0x33, 255 0x09,0xe4,0x28,0x63,0x72,0x0d,0xb4,0xe0,0x32,0x9c,0x87,0x98,0xc4,0x1b,0x76, 256 0x89,0x67,0xc1,0x50,0x58,0xb0,0x13,0xaa,0x13,0x1a,0x1b,0x32,0xa5,0xbe,0xea, 257 0x11,0x95,0x4c,0x48,0x63,0x49,0xe9,0x99,0x5d,0x20,0x37,0xcc,0xfe,0x2a,0x69, 258 0x51,0x16,0x95,0x4b,0xa9,0xde,0x49,0x82,0xc0,0x10,0x70,0xf4,0x2c,0xf3,0xec, 259 0xbc,0x24,0x24,0xd0,0x4e,0xac,0xa5,0xd9,0x5e,0x1e,0x6d,0x92,0xc1,0xa7,0xac, 260 0x48,0x35,0x81,0xf9,0xe5,0xe4,0x9c,0x65,0x69,0xcd,0x87,0xa4,0x41,0x50,0x3f, 261 0x2e,0x57,0xa5,0x91,0x51,0x12,0x58,0x0e,0x8c,0x09,0xa1,0xac,0x7a,0xa4,0x12, 262 0xa5,0x27,0xf3,0x9a,0x10,0x97,0x7d,0x55,0x03,0x06,0xf7,0x66,0x58,0x5f,0x5f, 263 0x64,0xe1,0xab,0x5d,0x6d,0xa5,0x39,0x48,0x75,0x98,0x4c,0x29,0x5a,0x3a,0x8d, 264 0xd3,0x2b,0xca,0x9c,0x55,0x04,0xbf,0xf4,0xe6,0x14,0xd5,0x80,0xac,0x26,0xed, 265 0x17,0x89,0xa6,0x93,0x6c,0x5c,0xa4,0xcc,0xb8,0xf0,0x66,0x8e,0x64,0xe3,0x7d, 266 0x9a,0xe2,0x00,0xb3,0x49,0xc7,0xe4,0x0a,0xaa,0xdd,0x5b,0x83,0xc7,0x70,0x90, 267 0x46,0x4e,0xbe,0xd0,0xdb,0x59,0x96,0x6c,0x2e,0xf5,0x16,0x36,0xde,0x71,0xcc, 268 0x01,0xc2,0x12,0xc1,0x21,0xc6,0x16 269 }; 270 /* *.google.com cert */ 271 static const BYTE google_com[]={ 272 0x30,0x82,0x07,0x2f,0x30,0x82,0x06,0x17,0xa0,0x03,0x02,0x01,0x02,0x02,0x08, 273 0x73,0x73,0x50,0xab,0x51,0x66,0x4b,0x73,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 274 0x86,0xf7,0x0d,0x01,0x01,0x0b,0x05,0x00,0x30,0x49,0x31,0x0b,0x30,0x09,0x06, 275 0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55, 276 0x04,0x0a,0x13,0x0a,0x47,0x6f,0x6f,0x67,0x6c,0x65,0x20,0x49,0x6e,0x63,0x31, 277 0x25,0x30,0x23,0x06,0x03,0x55,0x04,0x03,0x13,0x1c,0x47,0x6f,0x6f,0x67,0x6c, 278 0x65,0x20,0x49,0x6e,0x74,0x65,0x72,0x6e,0x65,0x74,0x20,0x41,0x75,0x74,0x68, 279 0x6f,0x72,0x69,0x74,0x79,0x20,0x47,0x32,0x30,0x1e,0x17,0x0d,0x31,0x36,0x31, 280 0x31,0x31,0x30,0x31,0x35,0x34,0x35,0x35,0x33,0x5a,0x17,0x0d,0x31,0x37,0x30, 281 0x32,0x30,0x32,0x31,0x35,0x33,0x31,0x30,0x30,0x5a,0x30,0x66,0x31,0x0b,0x30, 282 0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06, 283 0x03,0x55,0x04,0x08,0x0c,0x0a,0x43,0x61,0x6c,0x69,0x66,0x6f,0x72,0x6e,0x69, 284 0x61,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x07,0x0c,0x0d,0x4d,0x6f,0x75, 285 0x6e,0x74,0x61,0x69,0x6e,0x20,0x56,0x69,0x65,0x77,0x31,0x13,0x30,0x11,0x06, 286 0x03,0x55,0x04,0x0a,0x0c,0x0a,0x47,0x6f,0x6f,0x67,0x6c,0x65,0x20,0x49,0x6e, 287 0x63,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04,0x03,0x0c,0x0c,0x2a,0x2e,0x67, 288 0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x30,0x59,0x30,0x13,0x06,0x07, 289 0x2a,0x86,0x48,0xce,0x3d,0x02,0x01,0x06,0x08,0x2a,0x86,0x48,0xce,0x3d,0x03, 290 0x01,0x07,0x03,0x42,0x00,0x04,0xe6,0xec,0xdc,0xce,0x7e,0x73,0xe8,0x34,0x4f, 291 0x1a,0xe1,0x29,0xf6,0x6d,0xe1,0xd4,0x63,0xc6,0x5f,0xcd,0xa7,0x0e,0x91,0xe3, 292 0x6a,0x41,0xf6,0x64,0x30,0xfb,0x01,0xec,0x98,0xa2,0xb9,0xfe,0x63,0xef,0x07, 293 0xec,0x09,0x50,0x99,0x0e,0x91,0xf9,0xca,0x56,0x16,0xdb,0x1c,0x10,0xe8,0x51, 294 0x84,0xc7,0xb0,0x62,0x05,0x52,0x09,0xfc,0xce,0x1c,0xa3,0x82,0x04,0xc7,0x30, 295 0x82,0x04,0xc3,0x30,0x1d,0x06,0x03,0x55,0x1d,0x25,0x04,0x16,0x30,0x14,0x06, 296 0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x01,0x06,0x08,0x2b,0x06,0x01,0x05, 297 0x05,0x07,0x03,0x02,0x30,0x82,0x03,0x86,0x06,0x03,0x55,0x1d,0x11,0x04,0x82, 298 0x03,0x7d,0x30,0x82,0x03,0x79,0x82,0x0c,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c, 299 0x65,0x2e,0x63,0x6f,0x6d,0x82,0x0d,0x2a,0x2e,0x61,0x6e,0x64,0x72,0x6f,0x69, 300 0x64,0x2e,0x63,0x6f,0x6d,0x82,0x16,0x2a,0x2e,0x61,0x70,0x70,0x65,0x6e,0x67, 301 0x69,0x6e,0x65,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x82, 302 0x12,0x2a,0x2e,0x63,0x6c,0x6f,0x75,0x64,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65, 303 0x2e,0x63,0x6f,0x6d,0x82,0x16,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2d, 304 0x61,0x6e,0x61,0x6c,0x79,0x74,0x69,0x63,0x73,0x2e,0x63,0x6f,0x6d,0x82,0x0b, 305 0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x61,0x82,0x0b,0x2a,0x2e, 306 0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6c,0x82,0x0e,0x2a,0x2e,0x67,0x6f, 307 0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x2e,0x69,0x6e,0x82,0x0e,0x2a,0x2e,0x67, 308 0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x2e,0x6a,0x70,0x82,0x0e,0x2a,0x2e, 309 0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x2e,0x75,0x6b,0x82,0x0f,0x2a, 310 0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x2e,0x61,0x72,0x82, 311 0x0f,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x2e,0x61, 312 0x75,0x82,0x0f,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d, 313 0x2e,0x62,0x72,0x82,0x0f,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63, 314 0x6f,0x6d,0x2e,0x63,0x6f,0x82,0x0f,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65, 315 0x2e,0x63,0x6f,0x6d,0x2e,0x6d,0x78,0x82,0x0f,0x2a,0x2e,0x67,0x6f,0x6f,0x67, 316 0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x2e,0x74,0x72,0x82,0x0f,0x2a,0x2e,0x67,0x6f, 317 0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x2e,0x76,0x6e,0x82,0x0b,0x2a,0x2e, 318 0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x64,0x65,0x82,0x0b,0x2a,0x2e,0x67,0x6f, 319 0x6f,0x67,0x6c,0x65,0x2e,0x65,0x73,0x82,0x0b,0x2a,0x2e,0x67,0x6f,0x6f,0x67, 320 0x6c,0x65,0x2e,0x66,0x72,0x82,0x0b,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65, 321 0x2e,0x68,0x75,0x82,0x0b,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x69, 322 0x74,0x82,0x0b,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x6e,0x6c,0x82, 323 0x0b,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x70,0x6c,0x82,0x0b,0x2a, 324 0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x70,0x74,0x82,0x12,0x2a,0x2e,0x67, 325 0x6f,0x6f,0x67,0x6c,0x65,0x61,0x64,0x61,0x70,0x69,0x73,0x2e,0x63,0x6f,0x6d, 326 0x82,0x0f,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x61,0x70,0x69,0x73,0x2e, 327 0x63,0x6e,0x82,0x14,0x2a,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x63,0x6f,0x6d, 328 0x6d,0x65,0x72,0x63,0x65,0x2e,0x63,0x6f,0x6d,0x82,0x11,0x2a,0x2e,0x67,0x6f, 329 0x6f,0x67,0x6c,0x65,0x76,0x69,0x64,0x65,0x6f,0x2e,0x63,0x6f,0x6d,0x82,0x0c, 330 0x2a,0x2e,0x67,0x73,0x74,0x61,0x74,0x69,0x63,0x2e,0x63,0x6e,0x82,0x0d,0x2a, 331 0x2e,0x67,0x73,0x74,0x61,0x74,0x69,0x63,0x2e,0x63,0x6f,0x6d,0x82,0x0a,0x2a, 332 0x2e,0x67,0x76,0x74,0x31,0x2e,0x63,0x6f,0x6d,0x82,0x0a,0x2a,0x2e,0x67,0x76, 333 0x74,0x32,0x2e,0x63,0x6f,0x6d,0x82,0x14,0x2a,0x2e,0x6d,0x65,0x74,0x72,0x69, 334 0x63,0x2e,0x67,0x73,0x74,0x61,0x74,0x69,0x63,0x2e,0x63,0x6f,0x6d,0x82,0x0c, 335 0x2a,0x2e,0x75,0x72,0x63,0x68,0x69,0x6e,0x2e,0x63,0x6f,0x6d,0x82,0x10,0x2a, 336 0x2e,0x75,0x72,0x6c,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d, 337 0x82,0x16,0x2a,0x2e,0x79,0x6f,0x75,0x74,0x75,0x62,0x65,0x2d,0x6e,0x6f,0x63, 338 0x6f,0x6f,0x6b,0x69,0x65,0x2e,0x63,0x6f,0x6d,0x82,0x0d,0x2a,0x2e,0x79,0x6f, 339 0x75,0x74,0x75,0x62,0x65,0x2e,0x63,0x6f,0x6d,0x82,0x16,0x2a,0x2e,0x79,0x6f, 340 0x75,0x74,0x75,0x62,0x65,0x65,0x64,0x75,0x63,0x61,0x74,0x69,0x6f,0x6e,0x2e, 341 0x63,0x6f,0x6d,0x82,0x0b,0x2a,0x2e,0x79,0x74,0x69,0x6d,0x67,0x2e,0x63,0x6f, 342 0x6d,0x82,0x1a,0x61,0x6e,0x64,0x72,0x6f,0x69,0x64,0x2e,0x63,0x6c,0x69,0x65, 343 0x6e,0x74,0x73,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x82, 344 0x0b,0x61,0x6e,0x64,0x72,0x6f,0x69,0x64,0x2e,0x63,0x6f,0x6d,0x82,0x1b,0x64, 345 0x65,0x76,0x65,0x6c,0x6f,0x70,0x65,0x72,0x2e,0x61,0x6e,0x64,0x72,0x6f,0x69, 346 0x64,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6e,0x82,0x04,0x67,0x2e, 347 0x63,0x6f,0x82,0x06,0x67,0x6f,0x6f,0x2e,0x67,0x6c,0x82,0x14,0x67,0x6f,0x6f, 348 0x67,0x6c,0x65,0x2d,0x61,0x6e,0x61,0x6c,0x79,0x74,0x69,0x63,0x73,0x2e,0x63, 349 0x6f,0x6d,0x82,0x0a,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x82, 350 0x12,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x63,0x6f,0x6d,0x6d,0x65,0x72,0x63,0x65, 351 0x2e,0x63,0x6f,0x6d,0x82,0x19,0x70,0x6f,0x6c,0x69,0x63,0x79,0x2e,0x6d,0x74, 352 0x61,0x2d,0x73,0x74,0x73,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f, 353 0x6d,0x82,0x0a,0x75,0x72,0x63,0x68,0x69,0x6e,0x2e,0x63,0x6f,0x6d,0x82,0x0a, 354 0x77,0x77,0x77,0x2e,0x67,0x6f,0x6f,0x2e,0x67,0x6c,0x82,0x08,0x79,0x6f,0x75, 355 0x74,0x75,0x2e,0x62,0x65,0x82,0x0b,0x79,0x6f,0x75,0x74,0x75,0x62,0x65,0x2e, 356 0x63,0x6f,0x6d,0x82,0x14,0x79,0x6f,0x75,0x74,0x75,0x62,0x65,0x65,0x64,0x75, 357 0x63,0x61,0x74,0x69,0x6f,0x6e,0x2e,0x63,0x6f,0x6d,0x30,0x0b,0x06,0x03,0x55, 358 0x1d,0x0f,0x04,0x04,0x03,0x02,0x07,0x80,0x30,0x68,0x06,0x08,0x2b,0x06,0x01, 359 0x05,0x05,0x07,0x01,0x01,0x04,0x5c,0x30,0x5a,0x30,0x2b,0x06,0x08,0x2b,0x06, 360 0x01,0x05,0x05,0x07,0x30,0x02,0x86,0x1f,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f, 361 0x70,0x6b,0x69,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x2f, 362 0x47,0x49,0x41,0x47,0x32,0x2e,0x63,0x72,0x74,0x30,0x2b,0x06,0x08,0x2b,0x06, 363 0x01,0x05,0x05,0x07,0x30,0x01,0x86,0x1f,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f, 364 0x63,0x6c,0x69,0x65,0x6e,0x74,0x73,0x31,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65, 365 0x2e,0x63,0x6f,0x6d,0x2f,0x6f,0x63,0x73,0x70,0x30,0x1d,0x06,0x03,0x55,0x1d, 366 0x0e,0x04,0x16,0x04,0x14,0xe8,0xf5,0x4a,0xed,0x91,0xb9,0xc8,0x2d,0x5d,0xfb, 367 0x47,0x65,0x53,0x1b,0x47,0x6f,0xe6,0xe9,0x63,0xa3,0x30,0x0c,0x06,0x03,0x55, 368 0x1d,0x13,0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30,0x1f,0x06,0x03,0x55,0x1d, 369 0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x4a,0xdd,0x06,0x16,0x1b,0xbc,0xf6,0x68, 370 0xb5,0x76,0xf5,0x81,0xb6,0xbb,0x62,0x1a,0xba,0x5a,0x81,0x2f,0x30,0x21,0x06, 371 0x03,0x55,0x1d,0x20,0x04,0x1a,0x30,0x18,0x30,0x0c,0x06,0x0a,0x2b,0x06,0x01, 372 0x04,0x01,0xd6,0x79,0x02,0x05,0x01,0x30,0x08,0x06,0x06,0x67,0x81,0x0c,0x01, 373 0x02,0x02,0x30,0x30,0x06,0x03,0x55,0x1d,0x1f,0x04,0x29,0x30,0x27,0x30,0x25, 374 0xa0,0x23,0xa0,0x21,0x86,0x1f,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x70,0x6b, 375 0x69,0x2e,0x67,0x6f,0x6f,0x67,0x6c,0x65,0x2e,0x63,0x6f,0x6d,0x2f,0x47,0x49, 376 0x41,0x47,0x32,0x2e,0x63,0x72,0x6c,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86, 377 0xf7,0x0d,0x01,0x01,0x0b,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x0c,0x58,0x93, 378 0x06,0x54,0x42,0x57,0x48,0xe4,0xfa,0x57,0xf0,0x5b,0x96,0x94,0xfc,0xf3,0x3d, 379 0xe3,0xba,0x73,0x71,0xe9,0xe7,0x56,0x3d,0x21,0x70,0x82,0x4d,0x59,0x7e,0x85, 380 0xbd,0x87,0x36,0xb6,0x43,0x4a,0xe7,0x6f,0x0a,0x95,0xbf,0xde,0x35,0x1c,0x60, 381 0xbf,0xd1,0x60,0x41,0x98,0x6d,0xe9,0xea,0xcc,0xa1,0x85,0x91,0x94,0x7e,0x71, 382 0xa3,0x40,0x40,0x5a,0xbb,0x7d,0x49,0xfd,0x39,0xf9,0xf1,0xe5,0x2f,0xee,0xcf, 383 0xcf,0x65,0xca,0xc1,0xb4,0xf1,0xb5,0xae,0xf3,0x6b,0x53,0x7d,0x8d,0x2b,0x60, 384 0x1c,0x2a,0xb3,0xa5,0xe0,0x55,0x11,0x8d,0x13,0xd8,0x91,0x5a,0xb0,0xcc,0x91, 385 0xa8,0xbc,0x2b,0x6b,0x63,0xff,0x14,0xfe,0x00,0x16,0x07,0xfb,0xef,0xae,0xd5, 386 0xa8,0x13,0x0e,0x59,0xdc,0x68,0x96,0xd5,0x63,0xea,0xf7,0x56,0x0e,0x38,0x5a, 387 0x57,0xc8,0x5e,0x52,0x95,0xe3,0xab,0x0a,0x33,0xc8,0x61,0xb2,0xdf,0xdb,0x77, 388 0xea,0x49,0x90,0x3d,0xa8,0xd1,0x56,0x40,0x16,0xa5,0x14,0x5d,0xc3,0xc6,0x09, 389 0xc2,0xd1,0x03,0xac,0x2e,0x02,0xab,0x88,0x59,0xb2,0x18,0x2b,0xf9,0xfb,0xf5, 390 0xfc,0x64,0x7c,0x73,0x1c,0xa0,0x05,0xaf,0xc8,0x2f,0x4d,0xb0,0x1b,0x20,0x40, 391 0xe2,0x8b,0x17,0xb1,0x5b,0x71,0xd0,0x4b,0x5d,0xa4,0x07,0x7b,0xd9,0xbf,0x39, 392 0x72,0x4e,0x35,0x8f,0xf2,0x13,0x6d,0xb9,0x6b,0x5d,0x02,0x55,0x85,0x4a,0x78, 393 0xfc,0x76,0x0e,0x65,0xf4,0xd6,0xe0,0x29,0x6e,0x04,0x57,0x22,0x03,0x8e,0x6b, 394 0x59,0x4f,0x43,0x6a,0x5b,0x36,0xaa,0xa5,0x68,0xb4,0x1a,0x60,0x88 395 }; 396 /* *.winehq.org cert */ 397 static const BYTE winehq_org[] = { 398 0x30,0x82,0x05,0x2a,0x30,0x82,0x04,0x12,0xa0,0x03,0x02,0x01,0x02,0x02,0x03, 399 0x0c,0x35,0xd0,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01, 400 0x05,0x05,0x00,0x30,0x3c,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13, 401 0x02,0x55,0x53,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,0x0a,0x13,0x0e,0x47, 402 0x65,0x6f,0x54,0x72,0x75,0x73,0x74,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x14, 403 0x30,0x12,0x06,0x03,0x55,0x04,0x03,0x13,0x0b,0x52,0x61,0x70,0x69,0x64,0x53, 404 0x53,0x4c,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x31,0x33,0x30,0x35,0x32,0x32, 405 0x30,0x33,0x35,0x36,0x30,0x39,0x5a,0x17,0x0d,0x31,0x34,0x30,0x35,0x32,0x35, 406 0x30,0x37,0x33,0x34,0x31,0x34,0x5a,0x30,0x81,0xbb,0x31,0x29,0x30,0x27,0x06, 407 0x03,0x55,0x04,0x05,0x13,0x20,0x30,0x6d,0x4a,0x75,0x76,0x31,0x74,0x2d,0x31, 408 0x43,0x46,0x79,0x70,0x51,0x6b,0x79,0x54,0x5a,0x77,0x66,0x76,0x6a,0x48,0x48, 409 0x42,0x41,0x62,0x6e,0x55,0x6e,0x64,0x47,0x31,0x13,0x30,0x11,0x06,0x03,0x55, 410 0x04,0x0b,0x13,0x0a,0x47,0x54,0x39,0x38,0x33,0x38,0x30,0x30,0x31,0x31,0x31, 411 0x31,0x30,0x2f,0x06,0x03,0x55,0x04,0x0b,0x13,0x28,0x53,0x65,0x65,0x20,0x77, 412 0x77,0x77,0x2e,0x72,0x61,0x70,0x69,0x64,0x73,0x73,0x6c,0x2e,0x63,0x6f,0x6d, 413 0x2f,0x72,0x65,0x73,0x6f,0x75,0x72,0x63,0x65,0x73,0x2f,0x63,0x70,0x73,0x20, 414 0x28,0x63,0x29,0x31,0x33,0x31,0x2f,0x30,0x2d,0x06,0x03,0x55,0x04,0x0b,0x13, 415 0x26,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x20,0x43,0x6f,0x6e,0x74,0x72,0x6f,0x6c, 416 0x20,0x56,0x61,0x6c,0x69,0x64,0x61,0x74,0x65,0x64,0x20,0x2d,0x20,0x52,0x61, 417 0x70,0x69,0x64,0x53,0x53,0x4c,0x28,0x52,0x29,0x31,0x15,0x30,0x13,0x06,0x03, 418 0x55,0x04,0x03,0x0c,0x0c,0x2a,0x2e,0x77,0x69,0x6e,0x65,0x68,0x71,0x2e,0x6f, 419 0x72,0x67,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, 420 0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a, 421 0x02,0x82,0x01,0x01,0x00,0xc2,0x91,0x35,0xc7,0x67,0x32,0xf1,0x66,0x12,0x38, 422 0x79,0xdb,0x02,0x11,0x95,0x89,0x1b,0x4a,0x6a,0x63,0x45,0x35,0x58,0x1b,0x57, 423 0x8d,0xec,0x19,0x88,0xf5,0xa3,0x9e,0x6b,0xdb,0x07,0xfb,0x6e,0x29,0xe9,0xa9, 424 0x14,0x07,0x8c,0x3a,0xc1,0xd7,0x88,0xcc,0xe4,0x55,0x79,0x6e,0x97,0xe9,0x93, 425 0x88,0x9a,0x89,0xf9,0x31,0x0f,0x91,0x61,0xc2,0x9c,0xae,0x59,0x25,0x93,0x9a, 426 0xc8,0xf9,0x28,0x7a,0x0f,0x0f,0x89,0x9a,0xda,0x46,0xbe,0xb2,0xdc,0x90,0x5b, 427 0xd8,0x87,0xda,0xda,0xce,0x70,0x70,0x95,0x43,0x51,0xa0,0x21,0x22,0x54,0xab, 428 0xa7,0x09,0xe1,0x81,0x09,0x8c,0x00,0x15,0x30,0x5a,0xa7,0x61,0x77,0xba,0x48, 429 0x91,0xc6,0x94,0x90,0xdd,0x1a,0xf4,0x3f,0xa6,0x8a,0xb4,0x2f,0x98,0x16,0x0d, 430 0x96,0x9f,0x0c,0x96,0x01,0x15,0xbc,0x74,0x7e,0x5c,0x4e,0xe3,0x95,0xae,0x00, 431 0xf5,0x5b,0x88,0x0f,0xef,0x7c,0x1f,0xab,0x22,0xfe,0x95,0x42,0x1a,0xbd,0xee, 432 0x23,0xca,0x5b,0x7f,0x4a,0xb0,0xbe,0x15,0x65,0xe2,0xce,0x02,0xc4,0xf6,0xb8, 433 0xf3,0xd6,0x7e,0x75,0x5e,0x63,0x47,0x5d,0xc1,0xca,0xc3,0xc4,0x4a,0xf5,0x4d, 434 0x66,0x34,0x03,0xf8,0xf4,0x54,0x7d,0x6b,0x54,0x2f,0x17,0x7c,0x39,0x13,0x78, 435 0x09,0x9e,0xd0,0x9c,0x51,0x02,0x11,0x9d,0xa7,0x53,0x60,0xdd,0x62,0x2b,0xee, 436 0xb0,0xd1,0xf2,0x1a,0x5c,0xdc,0xa7,0x58,0xc2,0xfa,0x29,0xcf,0xf3,0xc9,0xe9, 437 0xae,0xe8,0x70,0x60,0x99,0xc7,0x30,0xdd,0x1c,0xda,0x32,0xc0,0x45,0xa5,0x48, 438 0xc5,0x22,0x29,0x0c,0x74,0x25,0x02,0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0xb3, 439 0x30,0x82,0x01,0xaf,0x30,0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16, 440 0x80,0x14,0x6b,0x69,0x3d,0x6a,0x18,0x42,0x4a,0xdd,0x8f,0x02,0x65,0x39,0xfd, 441 0x35,0x24,0x86,0x78,0x91,0x16,0x30,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01, 442 0x01,0xff,0x04,0x04,0x03,0x02,0x05,0xa0,0x30,0x1d,0x06,0x03,0x55,0x1d,0x25, 443 0x04,0x16,0x30,0x14,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x01,0x06, 444 0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x02,0x30,0x23,0x06,0x03,0x55,0x1d, 445 0x11,0x04,0x1c,0x30,0x1a,0x82,0x0c,0x2a,0x2e,0x77,0x69,0x6e,0x65,0x68,0x71, 446 0x2e,0x6f,0x72,0x67,0x82,0x0a,0x77,0x69,0x6e,0x65,0x68,0x71,0x2e,0x6f,0x72, 447 0x67,0x30,0x43,0x06,0x03,0x55,0x1d,0x1f,0x04,0x3c,0x30,0x3a,0x30,0x38,0xa0, 448 0x36,0xa0,0x34,0x86,0x32,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x72,0x61,0x70, 449 0x69,0x64,0x73,0x73,0x6c,0x2d,0x63,0x72,0x6c,0x2e,0x67,0x65,0x6f,0x74,0x72, 450 0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x2f,0x63,0x72,0x6c,0x73,0x2f,0x72,0x61, 451 0x70,0x69,0x64,0x73,0x73,0x6c,0x2e,0x63,0x72,0x6c,0x30,0x1d,0x06,0x03,0x55, 452 0x1d,0x0e,0x04,0x16,0x04,0x14,0xff,0x4c,0x0f,0x46,0xb8,0x3c,0x5b,0x72,0xe4, 453 0x10,0x96,0xbb,0xa7,0xbc,0x91,0xa2,0x63,0xf6,0x81,0x0a,0x30,0x0c,0x06,0x03, 454 0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30,0x78,0x06,0x08,0x2b, 455 0x06,0x01,0x05,0x05,0x07,0x01,0x01,0x04,0x6c,0x30,0x6a,0x30,0x2d,0x06,0x08, 456 0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x86,0x21,0x68,0x74,0x74,0x70,0x3a, 457 0x2f,0x2f,0x72,0x61,0x70,0x69,0x64,0x73,0x73,0x6c,0x2d,0x6f,0x63,0x73,0x70, 458 0x2e,0x67,0x65,0x6f,0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x30,0x39, 459 0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x02,0x86,0x2d,0x68,0x74,0x74, 460 0x70,0x3a,0x2f,0x2f,0x72,0x61,0x70,0x69,0x64,0x73,0x73,0x6c,0x2d,0x61,0x69, 461 0x61,0x2e,0x67,0x65,0x6f,0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x2f, 462 0x72,0x61,0x70,0x69,0x64,0x73,0x73,0x6c,0x2e,0x63,0x72,0x74,0x30,0x4c,0x06, 463 0x03,0x55,0x1d,0x20,0x04,0x45,0x30,0x43,0x30,0x41,0x06,0x0a,0x60,0x86,0x48, 464 0x01,0x86,0xf8,0x45,0x01,0x07,0x36,0x30,0x33,0x30,0x31,0x06,0x08,0x2b,0x06, 465 0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x25,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f, 466 0x77,0x77,0x77,0x2e,0x67,0x65,0x6f,0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f, 467 0x6d,0x2f,0x72,0x65,0x73,0x6f,0x75,0x72,0x63,0x65,0x73,0x2f,0x63,0x70,0x73, 468 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 469 0x03,0x82,0x01,0x01,0x00,0x1b,0xa8,0x34,0xc1,0xb7,0xf3,0xbe,0xb6,0xed,0x12, 470 0x85,0x58,0xe1,0x69,0x35,0x0c,0xb8,0x7e,0x38,0x11,0xb3,0xd2,0xe2,0x2e,0x52, 471 0xcf,0xa6,0x39,0xe1,0x25,0x73,0xf0,0x1d,0xc9,0x54,0xa1,0xc2,0x50,0x19,0xea, 472 0x68,0xeb,0x1a,0x21,0xdb,0x86,0x14,0x55,0x73,0x02,0x28,0x56,0x14,0xf7,0xf1, 473 0x48,0x43,0xfb,0xd7,0xbf,0xcf,0xbb,0x20,0xc4,0x1e,0x4e,0x9a,0x7c,0xf1,0xe8, 474 0x28,0x76,0xce,0xf9,0xb3,0xf0,0x6f,0x93,0x70,0x51,0xcd,0xed,0x28,0x1b,0xdd, 475 0x66,0x38,0x40,0x5e,0x0b,0x13,0xaf,0x21,0xff,0x23,0xf1,0x5b,0xcd,0x32,0x43, 476 0x00,0x87,0x3d,0x10,0xc6,0x6e,0xe5,0x67,0xdc,0x9f,0x44,0x12,0x94,0xb4,0x76, 477 0xbd,0xd9,0x4c,0x53,0x12,0x1c,0x2e,0x2c,0x09,0x66,0x41,0x83,0x6c,0xee,0x68, 478 0x98,0x38,0xd2,0xc8,0x32,0xa3,0x42,0xcf,0x1c,0xfd,0x60,0x6c,0x5d,0x4b,0x4b, 479 0x6c,0xb8,0xf3,0x7e,0xc8,0x93,0x0a,0x68,0x66,0x14,0x3b,0x39,0x73,0x82,0xfe, 480 0x86,0x3c,0x3d,0xb3,0xb5,0x42,0xec,0x4c,0xc6,0xe6,0xdd,0x7e,0xd7,0xb4,0x5d, 481 0xeb,0x6d,0x8c,0x9e,0x29,0x95,0x99,0xb6,0x95,0x5b,0xc0,0xdd,0x46,0xdf,0xdc, 482 0xf2,0x1c,0x3d,0x80,0xeb,0x14,0x3d,0xd9,0x4a,0xb4,0x6f,0x3e,0x79,0xca,0x7f, 483 0xbc,0x27,0x47,0x90,0x86,0x55,0xfa,0x27,0xf5,0x35,0x3d,0x1d,0xc4,0xa8,0x55, 484 0x31,0x8f,0x3a,0x76,0x8d,0x98,0x50,0xa3,0x11,0x91,0x1c,0xb0,0xa8,0x06,0xf9, 485 0x22,0xb1,0xca,0x20,0x49,0xaa,0xe1,0x4d,0x41,0xf1,0x21,0xcc,0x25,0x45,0x33, 486 0x4f,0x2f,0x3a,0x48,0x70,0xbb }; 487 /* Battle.Net's cert */ 488 static const BYTE battlenet[] = { 489 0x30,0x82,0x03,0xd8,0x30,0x82,0x02,0xc0,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 490 0x1e,0x4c,0xc1,0xf1,0xac,0xbd,0xf3,0xf5,0x96,0x05,0xbd,0x5f,0xbb,0x3f,0x75, 491 0x6b,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 492 0x00,0x30,0x3c,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55, 493 0x53,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,0x54,0x68,0x61, 494 0x77,0x74,0x65,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x16,0x30,0x14,0x06,0x03, 495 0x55,0x04,0x03,0x13,0x0d,0x54,0x68,0x61,0x77,0x74,0x65,0x20,0x53,0x53,0x4c, 496 0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x31,0x30,0x30,0x38,0x32,0x36,0x30,0x30, 497 0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x31,0x32,0x30,0x39,0x32,0x34,0x32,0x33, 498 0x35,0x39,0x35,0x39,0x5a,0x30,0x71,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04, 499 0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x08,0x0c, 500 0x0a,0x43,0x61,0x6c,0x69,0x66,0x6f,0x72,0x6e,0x69,0x61,0x31,0x0f,0x30,0x0d, 501 0x06,0x03,0x55,0x04,0x07,0x0c,0x06,0x49,0x72,0x76,0x69,0x6e,0x65,0x31,0x25, 502 0x30,0x23,0x06,0x03,0x55,0x04,0x0a,0x0c,0x1c,0x42,0x6c,0x69,0x7a,0x7a,0x61, 503 0x72,0x64,0x20,0x45,0x6e,0x74,0x65,0x72,0x74,0x61,0x69,0x6e,0x6d,0x65,0x6e, 504 0x74,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04, 505 0x03,0x0c,0x0c,0x2a,0x2e,0x62,0x61,0x74,0x74,0x6c,0x65,0x2e,0x6e,0x65,0x74, 506 0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01, 507 0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82, 508 0x01,0x01,0x00,0xa8,0x27,0x24,0x42,0x24,0xc8,0xe4,0x4e,0xfa,0x12,0x53,0x78, 509 0x14,0xa9,0xec,0x20,0x2d,0x79,0x07,0x55,0x36,0xad,0x04,0x8b,0xbc,0xd9,0x3b, 510 0xcc,0x3e,0xae,0xa0,0x3b,0xa1,0x79,0xf9,0x03,0x20,0x3e,0xa6,0x6a,0xeb,0x8c, 511 0xb1,0x45,0xcb,0x00,0x43,0x76,0x35,0x1b,0x3d,0xc9,0x4b,0xa9,0xc0,0xb6,0x32, 512 0x88,0xaa,0x4c,0x2c,0x53,0xf8,0xc4,0xcf,0xee,0xee,0xef,0x28,0xdf,0x44,0xfa, 513 0xa9,0x26,0xf6,0x99,0x7b,0xa4,0x7f,0xe8,0x5c,0x7f,0x59,0x51,0xe1,0x2c,0x57, 514 0x2f,0x8f,0xb3,0xad,0x7b,0x88,0x50,0xbc,0x76,0xfe,0x03,0xbd,0xfd,0x11,0x5d, 515 0x6e,0xbc,0x13,0x5b,0xd9,0x2e,0x38,0xc7,0x56,0x89,0x93,0x08,0xa2,0x24,0xbd, 516 0x1d,0x48,0xd9,0x48,0xce,0x6e,0x12,0x4f,0x10,0x60,0x94,0x54,0xb7,0x6b,0x51, 517 0xd0,0xdf,0x04,0xa8,0x16,0x39,0xcb,0xa5,0xd9,0xe7,0xb5,0xa9,0x02,0xfa,0xd3, 518 0xca,0x52,0xe7,0xc8,0x45,0xf8,0x4d,0xbb,0x70,0x1a,0xfd,0xb3,0x7d,0x9c,0x77, 519 0x8b,0x34,0xbe,0xd2,0xad,0xe7,0x17,0xb0,0x55,0xfa,0x1b,0x3e,0x51,0xcf,0x37, 520 0xbd,0x29,0x94,0x9f,0x56,0x28,0xd1,0x9d,0xe5,0x56,0xce,0x78,0x61,0x6e,0x8b, 521 0xae,0x95,0x44,0x3c,0xc8,0x54,0x48,0x78,0x1e,0x4c,0x72,0xff,0x0e,0xb9,0x14, 522 0x78,0xdc,0x7c,0x2e,0x50,0x05,0xd9,0xd0,0xa5,0x97,0xf7,0xb9,0x45,0x3f,0x7e, 523 0xdc,0xc6,0x4e,0x64,0x93,0x82,0xb7,0x97,0xcf,0xb1,0x7a,0x04,0xc1,0x1d,0x70, 524 0xf8,0x6b,0x43,0xc4,0xd0,0xa7,0x03,0x4e,0xc9,0x14,0x90,0x4f,0x05,0xb5,0x11, 525 0x36,0xc0,0xc2,0xbb,0x02,0x03,0x01,0x00,0x01,0xa3,0x81,0xa0,0x30,0x81,0x9d, 526 0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30, 527 0x3a,0x06,0x03,0x55,0x1d,0x1f,0x04,0x33,0x30,0x31,0x30,0x2f,0xa0,0x2d,0xa0, 528 0x2b,0x86,0x29,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x73,0x76,0x72,0x2d,0x6f, 529 0x76,0x2d,0x63,0x72,0x6c,0x2e,0x74,0x68,0x61,0x77,0x74,0x65,0x2e,0x63,0x6f, 530 0x6d,0x2f,0x54,0x68,0x61,0x77,0x74,0x65,0x4f,0x56,0x2e,0x63,0x72,0x6c,0x30, 531 0x1d,0x06,0x03,0x55,0x1d,0x25,0x04,0x16,0x30,0x14,0x06,0x08,0x2b,0x06,0x01, 532 0x05,0x05,0x07,0x03,0x01,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x02, 533 0x30,0x32,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01,0x04,0x26,0x30, 534 0x24,0x30,0x22,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x86,0x16, 535 0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73,0x70,0x2e,0x74,0x68,0x61, 536 0x77,0x74,0x65,0x2e,0x63,0x6f,0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86, 537 0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x5c,0x44,0xe2, 538 0x2f,0x50,0x41,0xc8,0x54,0x0a,0xdd,0x2a,0xa2,0xa7,0x62,0x2d,0xc9,0xe8,0xa8, 539 0xf7,0x53,0x14,0xe1,0x88,0x89,0x81,0x22,0x1b,0x82,0xb5,0xa1,0x75,0xcc,0x91, 540 0x76,0x30,0x71,0xae,0x56,0x68,0xa9,0x75,0x65,0x7f,0xd8,0xc7,0xae,0x3b,0x68, 541 0x66,0xd6,0x2d,0x92,0xb7,0x9b,0x28,0x59,0x98,0x89,0x29,0xf9,0x69,0xff,0xff, 542 0xfa,0x4f,0x04,0x6b,0x96,0x78,0x1d,0xfe,0x67,0x78,0x33,0xd3,0xd5,0x91,0xee, 543 0xa7,0x36,0xcd,0x86,0x4c,0xc6,0x08,0xf4,0x12,0x4b,0x2b,0xd2,0x95,0x6a,0x87, 544 0xcd,0xe6,0x2d,0xf3,0xe0,0x8d,0x0c,0x77,0x9d,0xa0,0x2e,0xdc,0xf2,0xc1,0x06, 545 0xc5,0xb0,0xd5,0xa0,0x00,0xe5,0x0e,0x53,0xad,0x04,0xc4,0xf6,0x6e,0x6b,0x7e, 546 0x04,0xc2,0xea,0xaa,0xdf,0xe1,0x26,0x4a,0x14,0x33,0x03,0x77,0x15,0x5b,0x3e, 547 0x41,0x22,0x5d,0xb7,0xaf,0x65,0x2f,0x46,0xbc,0x24,0xd7,0x30,0xe6,0x82,0x7d, 548 0x2a,0x3b,0x81,0x04,0xa7,0xd5,0x0b,0x61,0x57,0xe0,0x91,0x04,0x6c,0xc6,0x08, 549 0xbc,0xc0,0x1b,0x26,0x7f,0x69,0x22,0x69,0xd3,0x41,0x4c,0x9d,0x61,0xe0,0xfe, 550 0x2b,0xd8,0x2e,0xe9,0x2d,0x72,0x30,0x68,0x81,0xa1,0x37,0x06,0xb5,0xdc,0xd3, 551 0x48,0x65,0x16,0x74,0xfb,0x3c,0xb2,0x70,0xef,0x3d,0xee,0x63,0xea,0x62,0xf5, 552 0xd2,0xc7,0x48,0x6a,0xb8,0x53,0xcb,0xbe,0x9a,0xeb,0xc1,0x77,0xfb,0x9b,0xec, 553 0xb8,0x06,0x04,0xaa,0x23,0x2c,0x6d,0x17,0x9e,0xb9,0x6e,0xc9,0xa4,0xde,0x7e, 554 0x61,0xc4,0xa7,0x45,0x68,0xf6,0x2a,0x57,0xaa,0xad,0xca,0x84,0x03 }; 555 static const BYTE thawte_primary_ca[] = { 556 0x30,0x82,0x04,0x20,0x30,0x82,0x03,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 557 0x34,0x4e,0xd5,0x57,0x20,0xd5,0xed,0xec,0x49,0xf4,0x2f,0xce,0x37,0xdb,0x2b, 558 0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 559 0x00,0x30,0x81,0xa9,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02, 560 0x55,0x53,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,0x74,0x68, 561 0x61,0x77,0x74,0x65,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x28,0x30,0x26,0x06, 562 0x03,0x55,0x04,0x0b,0x13,0x1f,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61, 563 0x74,0x69,0x6f,0x6e,0x20,0x53,0x65,0x72,0x76,0x69,0x63,0x65,0x73,0x20,0x44, 564 0x69,0x76,0x69,0x73,0x69,0x6f,0x6e,0x31,0x38,0x30,0x36,0x06,0x03,0x55,0x04, 565 0x0b,0x13,0x2f,0x28,0x63,0x29,0x20,0x32,0x30,0x30,0x36,0x20,0x74,0x68,0x61, 566 0x77,0x74,0x65,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x20,0x2d,0x20,0x46,0x6f,0x72, 567 0x20,0x61,0x75,0x74,0x68,0x6f,0x72,0x69,0x7a,0x65,0x64,0x20,0x75,0x73,0x65, 568 0x20,0x6f,0x6e,0x6c,0x79,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x03,0x13, 569 0x16,0x74,0x68,0x61,0x77,0x74,0x65,0x20,0x50,0x72,0x69,0x6d,0x61,0x72,0x79, 570 0x20,0x52,0x6f,0x6f,0x74,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x30,0x36,0x31, 571 0x31,0x31,0x37,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x33,0x36,0x30, 572 0x37,0x31,0x36,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x81,0xa9,0x31,0x0b, 573 0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x15,0x30,0x13, 574 0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,0x74,0x68,0x61,0x77,0x74,0x65,0x2c,0x20, 575 0x49,0x6e,0x63,0x2e,0x31,0x28,0x30,0x26,0x06,0x03,0x55,0x04,0x0b,0x13,0x1f, 576 0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20,0x53, 577 0x65,0x72,0x76,0x69,0x63,0x65,0x73,0x20,0x44,0x69,0x76,0x69,0x73,0x69,0x6f, 578 0x6e,0x31,0x38,0x30,0x36,0x06,0x03,0x55,0x04,0x0b,0x13,0x2f,0x28,0x63,0x29, 579 0x20,0x32,0x30,0x30,0x36,0x20,0x74,0x68,0x61,0x77,0x74,0x65,0x2c,0x20,0x49, 580 0x6e,0x63,0x2e,0x20,0x2d,0x20,0x46,0x6f,0x72,0x20,0x61,0x75,0x74,0x68,0x6f, 581 0x72,0x69,0x7a,0x65,0x64,0x20,0x75,0x73,0x65,0x20,0x6f,0x6e,0x6c,0x79,0x31, 582 0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x03,0x13,0x16,0x74,0x68,0x61,0x77,0x74, 583 0x65,0x20,0x50,0x72,0x69,0x6d,0x61,0x72,0x79,0x20,0x52,0x6f,0x6f,0x74,0x20, 584 0x43,0x41,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, 585 0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a, 586 0x02,0x82,0x01,0x01,0x00,0xac,0xa0,0xf0,0xfb,0x80,0x59,0xd4,0x9c,0xc7,0xa4, 587 0xcf,0x9d,0xa1,0x59,0x73,0x09,0x10,0x45,0x0c,0x0d,0x2c,0x6e,0x68,0xf1,0x6c, 588 0x5b,0x48,0x68,0x49,0x59,0x37,0xfc,0x0b,0x33,0x19,0xc2,0x77,0x7f,0xcc,0x10, 589 0x2d,0x95,0x34,0x1c,0xe6,0xeb,0x4d,0x09,0xa7,0x1c,0xd2,0xb8,0xc9,0x97,0x36, 590 0x02,0xb7,0x89,0xd4,0x24,0x5f,0x06,0xc0,0xcc,0x44,0x94,0x94,0x8d,0x02,0x62, 591 0x6f,0xeb,0x5a,0xdd,0x11,0x8d,0x28,0x9a,0x5c,0x84,0x90,0x10,0x7a,0x0d,0xbd, 592 0x74,0x66,0x2f,0x6a,0x38,0xa0,0xe2,0xd5,0x54,0x44,0xeb,0x1d,0x07,0x9f,0x07, 593 0xba,0x6f,0xee,0xe9,0xfd,0x4e,0x0b,0x29,0xf5,0x3e,0x84,0xa0,0x01,0xf1,0x9c, 594 0xab,0xf8,0x1c,0x7e,0x89,0xa4,0xe8,0xa1,0xd8,0x71,0x65,0x0d,0xa3,0x51,0x7b, 595 0xee,0xbc,0xd2,0x22,0x60,0x0d,0xb9,0x5b,0x9d,0xdf,0xba,0xfc,0x51,0x5b,0x0b, 596 0xaf,0x98,0xb2,0xe9,0x2e,0xe9,0x04,0xe8,0x62,0x87,0xde,0x2b,0xc8,0xd7,0x4e, 597 0xc1,0x4c,0x64,0x1e,0xdd,0xcf,0x87,0x58,0xba,0x4a,0x4f,0xca,0x68,0x07,0x1d, 598 0x1c,0x9d,0x4a,0xc6,0xd5,0x2f,0x91,0xcc,0x7c,0x71,0x72,0x1c,0xc5,0xc0,0x67, 599 0xeb,0x32,0xfd,0xc9,0x92,0x5c,0x94,0xda,0x85,0xc0,0x9b,0xbf,0x53,0x7d,0x2b, 600 0x09,0xf4,0x8c,0x9d,0x91,0x1f,0x97,0x6a,0x52,0xcb,0xde,0x09,0x36,0xa4,0x77, 601 0xd8,0x7b,0x87,0x50,0x44,0xd5,0x3e,0x6e,0x29,0x69,0xfb,0x39,0x49,0x26,0x1e, 602 0x09,0xa5,0x80,0x7b,0x40,0x2d,0xeb,0xe8,0x27,0x85,0xc9,0xfe,0x61,0xfd,0x7e, 603 0xe6,0x7c,0x97,0x1d,0xd5,0x9d,0x02,0x03,0x01,0x00,0x01,0xa3,0x42,0x30,0x40, 604 0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x05,0x30,0x03,0x01, 605 0x01,0xff,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03, 606 0x02,0x01,0x06,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x7b, 607 0x5b,0x45,0xcf,0xaf,0xce,0xcb,0x7a,0xfd,0x31,0x92,0x1a,0x6a,0xb6,0xf3,0x46, 608 0xeb,0x57,0x48,0x50,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01, 609 0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x79,0x11,0xc0,0x4b,0xb3,0x91, 610 0xb6,0xfc,0xf0,0xe9,0x67,0xd4,0x0d,0x6e,0x45,0xbe,0x55,0xe8,0x93,0xd2,0xce, 611 0x03,0x3f,0xed,0xda,0x25,0xb0,0x1d,0x57,0xcb,0x1e,0x3a,0x76,0xa0,0x4c,0xec, 612 0x50,0x76,0xe8,0x64,0x72,0x0c,0xa4,0xa9,0xf1,0xb8,0x8b,0xd6,0xd6,0x87,0x84, 613 0xbb,0x32,0xe5,0x41,0x11,0xc0,0x77,0xd9,0xb3,0x60,0x9d,0xeb,0x1b,0xd5,0xd1, 614 0x6e,0x44,0x44,0xa9,0xa6,0x01,0xec,0x55,0x62,0x1d,0x77,0xb8,0x5c,0x8e,0x48, 615 0x49,0x7c,0x9c,0x3b,0x57,0x11,0xac,0xad,0x73,0x37,0x8e,0x2f,0x78,0x5c,0x90, 616 0x68,0x47,0xd9,0x60,0x60,0xe6,0xfc,0x07,0x3d,0x22,0x20,0x17,0xc4,0xf7,0x16, 617 0xe9,0xc4,0xd8,0x72,0xf9,0xc8,0x73,0x7c,0xdf,0x16,0x2f,0x15,0xa9,0x3e,0xfd, 618 0x6a,0x27,0xb6,0xa1,0xeb,0x5a,0xba,0x98,0x1f,0xd5,0xe3,0x4d,0x64,0x0a,0x9d, 619 0x13,0xc8,0x61,0xba,0xf5,0x39,0x1c,0x87,0xba,0xb8,0xbd,0x7b,0x22,0x7f,0xf6, 620 0xfe,0xac,0x40,0x79,0xe5,0xac,0x10,0x6f,0x3d,0x8f,0x1b,0x79,0x76,0x8b,0xc4, 621 0x37,0xb3,0x21,0x18,0x84,0xe5,0x36,0x00,0xeb,0x63,0x20,0x99,0xb9,0xe9,0xfe, 622 0x33,0x04,0xbb,0x41,0xc8,0xc1,0x02,0xf9,0x44,0x63,0x20,0x9e,0x81,0xce,0x42, 623 0xd3,0xd6,0x3f,0x2c,0x76,0xd3,0x63,0x9c,0x59,0xdd,0x8f,0xa6,0xe1,0x0e,0xa0, 624 0x2e,0x41,0xf7,0x2e,0x95,0x47,0xcf,0xbc,0xfd,0x33,0xf3,0xf6,0x0b,0x61,0x7e, 625 0x7e,0x91,0x2b,0x81,0x47,0xc2,0x27,0x30,0xee,0xa7,0x10,0x5d,0x37,0x8f,0x5c, 626 0x39,0x2b,0xe4,0x04,0xf0,0x7b,0x8d,0x56,0x8c,0x68 }; 627 static const BYTE thawte_ssl_ca[] = { 628 0x30,0x82,0x04,0x6c,0x30,0x82,0x03,0x54,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 629 0x4d,0x5f,0x2c,0x34,0x08,0xb2,0x4c,0x20,0xcd,0x6d,0x50,0x7e,0x24,0x4d,0xc9, 630 0xec,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 631 0x00,0x30,0x81,0xa9,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02, 632 0x55,0x53,0x31,0x15,0x30,0x13,0x06,0x03,0x55,0x04,0x0a,0x13,0x0c,0x74,0x68, 633 0x61,0x77,0x74,0x65,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x31,0x28,0x30,0x26,0x06, 634 0x03,0x55,0x04,0x0b,0x13,0x1f,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61, 635 0x74,0x69,0x6f,0x6e,0x20,0x53,0x65,0x72,0x76,0x69,0x63,0x65,0x73,0x20,0x44, 636 0x69,0x76,0x69,0x73,0x69,0x6f,0x6e,0x31,0x38,0x30,0x36,0x06,0x03,0x55,0x04, 637 0x0b,0x13,0x2f,0x28,0x63,0x29,0x20,0x32,0x30,0x30,0x36,0x20,0x74,0x68,0x61, 638 0x77,0x74,0x65,0x2c,0x20,0x49,0x6e,0x63,0x2e,0x20,0x2d,0x20,0x46,0x6f,0x72, 639 0x20,0x61,0x75,0x74,0x68,0x6f,0x72,0x69,0x7a,0x65,0x64,0x20,0x75,0x73,0x65, 640 0x20,0x6f,0x6e,0x6c,0x79,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x03,0x13, 641 0x16,0x74,0x68,0x61,0x77,0x74,0x65,0x20,0x50,0x72,0x69,0x6d,0x61,0x72,0x79, 642 0x20,0x52,0x6f,0x6f,0x74,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x31,0x30,0x30, 643 0x32,0x30,0x38,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x32,0x30,0x30, 644 0x32,0x30,0x37,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x3c,0x31,0x0b,0x30, 645 0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x15,0x30,0x13,0x06, 646 0x03,0x55,0x04,0x0a,0x13,0x0c,0x54,0x68,0x61,0x77,0x74,0x65,0x2c,0x20,0x49, 647 0x6e,0x63,0x2e,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x03,0x13,0x0d,0x54, 648 0x68,0x61,0x77,0x74,0x65,0x20,0x53,0x53,0x4c,0x20,0x43,0x41,0x30,0x82,0x01, 649 0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, 650 0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01,0x00, 651 0x99,0xe4,0x85,0x5b,0x76,0x49,0x7d,0x2f,0x05,0xd8,0xc5,0xac,0xc8,0xc8,0xa9, 652 0xd3,0xdc,0x98,0xe6,0xd7,0x34,0xa6,0x2f,0x0c,0xf2,0x22,0x26,0xd8,0xa3,0xc9, 653 0x14,0x4c,0x8f,0x05,0xa4,0x45,0xe8,0x14,0x0c,0x58,0x90,0x05,0x1a,0xb7,0xc5, 654 0xc1,0x06,0xa5,0x80,0xaf,0xbb,0x1d,0x49,0x6b,0x52,0x34,0x88,0xc3,0x59,0xe7, 655 0xef,0x6b,0xc4,0x27,0x41,0x8c,0x2b,0x66,0x1d,0xd0,0xe0,0xa3,0x97,0x98,0x19, 656 0x34,0x4b,0x41,0xd5,0x98,0xd5,0xc7,0x05,0xad,0xa2,0xe4,0xd7,0xed,0x0c,0xad, 657 0x4f,0xc1,0xb5,0xb0,0x21,0xfd,0x3e,0x50,0x53,0xb2,0xc4,0x90,0xd0,0xd4,0x30, 658 0x67,0x6c,0x9a,0xf1,0x0e,0x74,0xc4,0xc2,0xdc,0x8a,0xe8,0x97,0xff,0xc9,0x92, 659 0xae,0x01,0x8a,0x56,0x0a,0x98,0x32,0xb0,0x00,0x23,0xec,0x90,0x1a,0x60,0xc3, 660 0xed,0xbb,0x3a,0xcb,0x0f,0x63,0x9f,0x0d,0x44,0xc9,0x52,0xe1,0x25,0x96,0xbf, 661 0xed,0x50,0x95,0x89,0x7f,0x56,0x14,0xb1,0xb7,0x61,0x1d,0x1c,0x07,0x8c,0x3a, 662 0x2c,0xf7,0xff,0x80,0xde,0x39,0x45,0xd5,0xaf,0x1a,0xd1,0x78,0xd8,0xc7,0x71, 663 0x6a,0xa3,0x19,0xa7,0x32,0x50,0x21,0xe9,0xf2,0x0e,0xa1,0xc6,0x13,0x03,0x44, 664 0x48,0xd1,0x66,0xa8,0x52,0x57,0xd7,0x11,0xb4,0x93,0x8b,0xe5,0x99,0x9f,0x5d, 665 0xe7,0x78,0x51,0xe5,0x4d,0xf6,0xb7,0x59,0xb4,0x76,0xb5,0x09,0x37,0x4d,0x06, 666 0x38,0x13,0x7a,0x1c,0x08,0x98,0x5c,0xc4,0x48,0x4a,0xcb,0x52,0xa0,0xa9,0xf8, 667 0xb1,0x9d,0x8e,0x7b,0x79,0xb0,0x20,0x2f,0x3c,0x96,0xa8,0x11,0x62,0x47,0xbb, 668 0x11,0x02,0x03,0x01,0x00,0x01,0xa3,0x81,0xfb,0x30,0x81,0xf8,0x30,0x32,0x06, 669 0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01,0x04,0x26,0x30,0x24,0x30,0x22, 670 0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x86,0x16,0x68,0x74,0x74, 671 0x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73,0x70,0x2e,0x74,0x68,0x61,0x77,0x74,0x65, 672 0x2e,0x63,0x6f,0x6d,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04, 673 0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x00,0x30,0x34,0x06,0x03,0x55,0x1d, 674 0x1f,0x04,0x2d,0x30,0x2b,0x30,0x29,0xa0,0x27,0xa0,0x25,0x86,0x23,0x68,0x74, 675 0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x6c,0x2e,0x74,0x68,0x61,0x77,0x74,0x65, 676 0x2e,0x63,0x6f,0x6d,0x2f,0x54,0x68,0x61,0x77,0x74,0x65,0x50,0x43,0x41,0x2e, 677 0x63,0x72,0x6c,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04, 678 0x03,0x02,0x01,0x06,0x30,0x28,0x06,0x03,0x55,0x1d,0x11,0x04,0x21,0x30,0x1f, 679 0xa4,0x1d,0x30,0x1b,0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04,0x03,0x13,0x10, 680 0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x4d,0x50,0x4b,0x49,0x2d,0x32,0x2d, 681 0x39,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0xa7,0xa2,0x83, 682 0xbb,0x34,0x45,0x40,0x3d,0xfc,0xd5,0x30,0x4f,0x12,0xb9,0x3e,0xa1,0x01,0x9f, 683 0xf6,0xdb,0x30,0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14, 684 0x7b,0x5b,0x45,0xcf,0xaf,0xce,0xcb,0x7a,0xfd,0x31,0x92,0x1a,0x6a,0xb6,0xf3, 685 0x46,0xeb,0x57,0x48,0x50,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 686 0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x80,0x22,0x80,0xe0,0x6c, 687 0xc8,0x95,0x16,0xd7,0x57,0x26,0x87,0xf3,0x72,0x34,0xdb,0xc6,0x72,0x56,0x27, 688 0x3e,0xd3,0x96,0xf6,0x2e,0x25,0x91,0xa5,0x3e,0x33,0x97,0xa7,0x4b,0xe5,0x2f, 689 0xfb,0x25,0x7d,0x2f,0x07,0x61,0xfa,0x6f,0x83,0x74,0x4c,0x4c,0x53,0x72,0x20, 690 0xa4,0x7a,0xcf,0x51,0x51,0x56,0x81,0x88,0xb0,0x6d,0x1f,0x36,0x2c,0xc8,0x2b, 691 0xb1,0x88,0x99,0xc1,0xfe,0x44,0xab,0x48,0x51,0x7c,0xd8,0xf2,0x44,0x64,0x2a, 692 0xd8,0x71,0xa7,0xfb,0x1a,0x2f,0xf9,0x19,0x8d,0x34,0xb2,0x23,0xbf,0xc4,0x4c, 693 0x55,0x1d,0x8e,0x44,0xe8,0xaa,0x5d,0x9a,0xdd,0x9f,0xfd,0x03,0xc7,0xba,0x24, 694 0x43,0x8d,0x2d,0x47,0x44,0xdb,0xf6,0xd8,0x98,0xc8,0xb2,0xf9,0xda,0xef,0xed, 695 0x29,0x5c,0x69,0x12,0xfa,0xd1,0x23,0x96,0x0f,0xbf,0x9c,0x0d,0xf2,0x79,0x45, 696 0x53,0x37,0x9a,0x56,0x2f,0xe8,0x57,0x10,0x70,0xf6,0xee,0x89,0x0c,0x49,0x89, 697 0x9a,0xc1,0x23,0xf5,0xc2,0x2a,0xcc,0x41,0xcf,0x22,0xab,0x65,0x6e,0xb7,0x94, 698 0x82,0x6d,0x2f,0x40,0x5f,0x58,0xde,0xeb,0x95,0x2b,0xa6,0x72,0x68,0x52,0x19, 699 0x91,0x2a,0xae,0x75,0x9d,0x4e,0x92,0xe6,0xca,0xde,0x54,0xea,0x18,0xab,0x25, 700 0x3c,0xe6,0x64,0xa6,0x79,0x1f,0x26,0x7d,0x61,0xed,0x7d,0xd2,0xe5,0x71,0x55, 701 0xd8,0x93,0x17,0x7c,0x14,0x38,0x30,0x3c,0xdf,0x86,0xe3,0x4c,0xad,0x49,0xe3, 702 0x97,0x59,0xce,0x1b,0x9b,0x2b,0xce,0xdc,0x65,0xd4,0x0b,0x28,0x6b,0x4e,0x84, 703 0x46,0x51,0x44,0xf7,0x33,0x08,0x2d,0x58,0x97,0x21,0xae }; 704 /* global_sign_root -> global_sign_ca -> openssl_org: 705 * "*.openssl.org"'s certificate 706 */ 707 static const BYTE global_sign_root[] = { 708 0x30,0x82,0x04,0x6e,0x30,0x82,0x03,0x56,0xa0,0x03,0x02,0x01,0x02,0x02,0x0b,0x04, 709 0x00,0x00,0x00,0x00,0x01,0x12,0x56,0xad,0x62,0x04,0x30,0x0d,0x06,0x09,0x2a,0x86, 710 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x57,0x31,0x0b,0x30,0x09,0x06, 711 0x03,0x55,0x04,0x06,0x13,0x02,0x42,0x45,0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04, 712 0x0a,0x13,0x10,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e,0x20,0x6e,0x76, 713 0x2d,0x73,0x61,0x31,0x10,0x30,0x0e,0x06,0x03,0x55,0x04,0x0b,0x13,0x07,0x52,0x6f, 714 0x6f,0x74,0x20,0x43,0x41,0x31,0x1b,0x30,0x19,0x06,0x03,0x55,0x04,0x03,0x13,0x12, 715 0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e,0x20,0x52,0x6f,0x6f,0x74,0x20, 716 0x43,0x41,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x34,0x31,0x30,0x30,0x30, 717 0x30,0x30,0x5a,0x17,0x0d,0x31,0x34,0x30,0x31,0x32,0x37,0x31,0x31,0x30,0x30,0x30, 718 0x30,0x5a,0x30,0x71,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x42, 719 0x45,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04,0x0b,0x13,0x14,0x44,0x6f,0x6d,0x61, 720 0x69,0x6e,0x20,0x56,0x61,0x6c,0x69,0x64,0x61,0x74,0x69,0x6f,0x6e,0x20,0x43,0x41, 721 0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04,0x0a,0x13,0x10,0x47,0x6c,0x6f,0x62,0x61, 722 0x6c,0x53,0x69,0x67,0x6e,0x20,0x6e,0x76,0x2d,0x73,0x61,0x31,0x28,0x30,0x26,0x06, 723 0x03,0x55,0x04,0x03,0x13,0x1f,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e, 724 0x20,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x20,0x56,0x61,0x6c,0x69,0x64,0x61,0x74,0x69, 725 0x6f,0x6e,0x20,0x43,0x41,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 726 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01, 727 0x0a,0x02,0x82,0x01,0x01,0x00,0xb4,0x9f,0x49,0xe6,0xb3,0x9f,0x01,0x55,0x36,0xd0, 728 0x36,0x95,0x6c,0xcb,0x16,0x5a,0x6c,0x72,0xb5,0xe2,0x9d,0xe2,0xfa,0x39,0xe9,0x0a, 729 0xdc,0x73,0x5c,0xa0,0x3b,0x76,0x6d,0x05,0x28,0x93,0x0d,0xa5,0x42,0xf3,0xe8,0xcb, 730 0xee,0xd3,0x33,0x1a,0x13,0x27,0x0a,0xdf,0x5c,0xd1,0x54,0x62,0x6a,0x9a,0x17,0x36, 731 0xd6,0x3c,0x58,0x87,0x1e,0xb2,0x66,0x1f,0x55,0x69,0x2b,0x89,0x56,0x47,0xb4,0xc2, 732 0x50,0x0c,0xe5,0x5d,0xc1,0xfd,0x29,0x1b,0x66,0x73,0x43,0xf4,0x6f,0xd1,0x14,0x4f, 733 0x2a,0x6d,0x48,0x52,0x3a,0xf5,0xe4,0x90,0x3f,0xde,0xb2,0xf4,0x10,0xd5,0xf9,0xfa, 734 0xac,0x96,0x0d,0x10,0x32,0x23,0xd2,0xd3,0x51,0xa7,0x95,0x85,0x50,0xfa,0x0f,0x29, 735 0x9d,0xa7,0x88,0x4e,0x0d,0x31,0x9b,0x44,0x41,0x8e,0x41,0x2f,0x6e,0x9a,0x1a,0xb4, 736 0xb6,0xa5,0x59,0xf1,0x49,0x59,0x09,0x7e,0x7e,0x49,0xd3,0x69,0x33,0x4b,0x00,0x92, 737 0xc5,0x1b,0x42,0x20,0x69,0xf8,0x64,0xdf,0xd8,0xa7,0x44,0xd1,0x90,0x5e,0xfd,0x39, 738 0xad,0x6b,0x7d,0xfe,0xd5,0x8b,0xa4,0x01,0x64,0xf6,0xa7,0xb4,0x20,0x84,0xcc,0x05, 739 0x2f,0x27,0xee,0x1e,0xd5,0x24,0x96,0xae,0x84,0x43,0xa4,0x3e,0x43,0xf3,0x3b,0x99, 740 0xd7,0xf9,0xf2,0xde,0x3d,0x19,0xed,0xd0,0x65,0xf1,0x49,0xca,0x48,0xd2,0x38,0x7d, 741 0xc6,0x48,0xd7,0x72,0x61,0xb8,0xc6,0xc2,0x67,0x0a,0xd8,0x65,0x5a,0xfd,0x5b,0xf3, 742 0xc5,0xfd,0xbe,0x8c,0x69,0xcf,0x99,0x20,0xb6,0xea,0xec,0x39,0x80,0xe9,0x66,0xa8, 743 0xee,0x3d,0x9d,0x46,0x7b,0x87,0x02,0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0x1f,0x30, 744 0x82,0x01,0x1b,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03, 745 0x02,0x01,0x06,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30, 746 0x06,0x01,0x01,0xff,0x02,0x01,0x00,0x30,0x4b,0x06,0x03,0x55,0x1d,0x20,0x04,0x44, 747 0x30,0x42,0x30,0x40,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0xa0,0x32,0x01,0x0a,0x30, 748 0x33,0x30,0x31,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x25,0x68, 749 0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e,0x67,0x6c,0x6f,0x62,0x61,0x6c, 750 0x73,0x69,0x67,0x6e,0x2e,0x6e,0x65,0x74,0x2f,0x72,0x65,0x70,0x6f,0x73,0x69,0x74, 751 0x6f,0x72,0x79,0x2f,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x36, 752 0x12,0x4e,0x9e,0x71,0xc4,0x26,0x41,0xf1,0xfa,0xf1,0x29,0x4c,0xbf,0x17,0xa4,0x53, 753 0x28,0xb6,0xeb,0x30,0x33,0x06,0x03,0x55,0x1d,0x1f,0x04,0x2c,0x30,0x2a,0x30,0x28, 754 0xa0,0x26,0xa0,0x24,0x86,0x22,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x6c, 755 0x2e,0x67,0x6c,0x6f,0x62,0x61,0x6c,0x73,0x69,0x67,0x6e,0x2e,0x6e,0x65,0x74,0x2f, 756 0x72,0x6f,0x6f,0x74,0x2e,0x63,0x72,0x6c,0x30,0x11,0x06,0x09,0x60,0x86,0x48,0x01, 757 0x86,0xf8,0x42,0x01,0x01,0x04,0x04,0x03,0x02,0x02,0x04,0x30,0x20,0x06,0x03,0x55, 758 0x1d,0x25,0x04,0x19,0x30,0x17,0x06,0x0a,0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a, 759 0x03,0x03,0x06,0x09,0x60,0x86,0x48,0x01,0x86,0xf8,0x42,0x04,0x01,0x30,0x1f,0x06, 760 0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x60,0x7b,0x66,0x1a,0x45,0x0d, 761 0x97,0xca,0x89,0x50,0x2f,0x7d,0x04,0xcd,0x34,0xa8,0xff,0xfc,0xfd,0x4b,0x30,0x0d, 762 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01, 763 0x01,0x00,0xc3,0x25,0x79,0x4a,0xfa,0xcd,0x26,0x6f,0x40,0x6a,0xb8,0x94,0x1b,0xe6, 764 0xa0,0xe1,0x6b,0xd2,0x31,0x9a,0x3f,0x89,0xfb,0xc5,0x0a,0x22,0x75,0x7a,0xfd,0xbb, 765 0x40,0x34,0x9c,0xbc,0x9e,0x85,0x49,0x59,0x7a,0x95,0xcc,0x0d,0x2d,0x44,0x0b,0xc7, 766 0xcb,0x15,0x10,0x1e,0xd2,0xdc,0xe3,0x78,0xea,0x5f,0xf5,0x35,0x51,0xa6,0xc8,0x3f, 767 0x39,0x90,0x15,0x9e,0x5f,0x15,0xc9,0xb7,0x8f,0x5d,0x6b,0x63,0x99,0x68,0xe1,0x6e, 768 0x5c,0xfc,0x9d,0x37,0x33,0x0a,0xae,0x87,0x70,0x4a,0xa2,0xe3,0xab,0x26,0x7d,0x73, 769 0x07,0xe4,0xf7,0x0a,0xaa,0x75,0x8f,0xa6,0xee,0x9b,0x04,0xd1,0x05,0x43,0x74,0x1a, 770 0xba,0xd4,0xc2,0x9d,0x7f,0xb7,0xa0,0x6c,0xed,0x16,0x9a,0x67,0x40,0x56,0xab,0x83, 771 0x9f,0x4c,0x9c,0xeb,0x28,0x34,0x1f,0x8d,0xe6,0x5a,0x0f,0x69,0x40,0xd9,0xa9,0x9e, 772 0x6a,0xf9,0x89,0x7f,0xd0,0xf8,0x8c,0xb3,0x48,0x2e,0x0b,0x4f,0xf1,0xf9,0xcf,0xf5, 773 0x0e,0x11,0x02,0x0c,0x89,0x16,0x73,0x53,0x5d,0x2c,0xd3,0xef,0xde,0x5f,0x0b,0x25, 774 0xba,0xd5,0x4e,0x8f,0x85,0x90,0x3f,0x88,0x93,0x79,0xa5,0x20,0xac,0xff,0xb0,0x8a, 775 0xcb,0xcb,0xa5,0x55,0x78,0x83,0x39,0x41,0x32,0xaa,0x5d,0x25,0x93,0xa7,0xea,0xee, 776 0x18,0x72,0xb5,0xe2,0x1d,0x7f,0x08,0x74,0x11,0xb6,0x01,0x27,0x4e,0x96,0xcf,0xa8, 777 0xf0,0x2a,0xf9,0x52,0xac,0x24,0x1a,0x19,0x9e,0x9f,0x6c,0x52,0x7c,0x8b,0x3a,0xa6, 778 0x54,0xde,0xc1,0xc7,0x21,0x7d,0x3a,0xd3,0xbc,0x1a,0xa8,0x6d,0xf2,0xbf,0xdf,0x76, 779 0xca,0x03 780 }; 781 static const BYTE global_sign_ca[] = { 782 0x30,0x82,0x04,0x6e,0x30,0x82,0x03,0x56,0xa0,0x03,0x02,0x01,0x02,0x02,0x0b,0x04, 783 0x00,0x00,0x00,0x00,0x01,0x12,0x56,0xad,0x62,0x04,0x30,0x0d,0x06,0x09,0x2a,0x86, 784 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x57,0x31,0x0b,0x30,0x09,0x06, 785 0x03,0x55,0x04,0x06,0x13,0x02,0x42,0x45,0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04, 786 0x0a,0x13,0x10,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e,0x20,0x6e,0x76, 787 0x2d,0x73,0x61,0x31,0x10,0x30,0x0e,0x06,0x03,0x55,0x04,0x0b,0x13,0x07,0x52,0x6f, 788 0x6f,0x74,0x20,0x43,0x41,0x31,0x1b,0x30,0x19,0x06,0x03,0x55,0x04,0x03,0x13,0x12, 789 0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e,0x20,0x52,0x6f,0x6f,0x74,0x20, 790 0x43,0x41,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x34,0x31,0x30,0x30,0x30, 791 0x30,0x30,0x5a,0x17,0x0d,0x31,0x34,0x30,0x31,0x32,0x37,0x31,0x31,0x30,0x30,0x30, 792 0x30,0x5a,0x30,0x71,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x42, 793 0x45,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04,0x0b,0x13,0x14,0x44,0x6f,0x6d,0x61, 794 0x69,0x6e,0x20,0x56,0x61,0x6c,0x69,0x64,0x61,0x74,0x69,0x6f,0x6e,0x20,0x43,0x41, 795 0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04,0x0a,0x13,0x10,0x47,0x6c,0x6f,0x62,0x61, 796 0x6c,0x53,0x69,0x67,0x6e,0x20,0x6e,0x76,0x2d,0x73,0x61,0x31,0x28,0x30,0x26,0x06, 797 0x03,0x55,0x04,0x03,0x13,0x1f,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e, 798 0x20,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x20,0x56,0x61,0x6c,0x69,0x64,0x61,0x74,0x69, 799 0x6f,0x6e,0x20,0x43,0x41,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 800 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01, 801 0x0a,0x02,0x82,0x01,0x01,0x00,0xb4,0x9f,0x49,0xe6,0xb3,0x9f,0x01,0x55,0x36,0xd0, 802 0x36,0x95,0x6c,0xcb,0x16,0x5a,0x6c,0x72,0xb5,0xe2,0x9d,0xe2,0xfa,0x39,0xe9,0x0a, 803 0xdc,0x73,0x5c,0xa0,0x3b,0x76,0x6d,0x05,0x28,0x93,0x0d,0xa5,0x42,0xf3,0xe8,0xcb, 804 0xee,0xd3,0x33,0x1a,0x13,0x27,0x0a,0xdf,0x5c,0xd1,0x54,0x62,0x6a,0x9a,0x17,0x36, 805 0xd6,0x3c,0x58,0x87,0x1e,0xb2,0x66,0x1f,0x55,0x69,0x2b,0x89,0x56,0x47,0xb4,0xc2, 806 0x50,0x0c,0xe5,0x5d,0xc1,0xfd,0x29,0x1b,0x66,0x73,0x43,0xf4,0x6f,0xd1,0x14,0x4f, 807 0x2a,0x6d,0x48,0x52,0x3a,0xf5,0xe4,0x90,0x3f,0xde,0xb2,0xf4,0x10,0xd5,0xf9,0xfa, 808 0xac,0x96,0x0d,0x10,0x32,0x23,0xd2,0xd3,0x51,0xa7,0x95,0x85,0x50,0xfa,0x0f,0x29, 809 0x9d,0xa7,0x88,0x4e,0x0d,0x31,0x9b,0x44,0x41,0x8e,0x41,0x2f,0x6e,0x9a,0x1a,0xb4, 810 0xb6,0xa5,0x59,0xf1,0x49,0x59,0x09,0x7e,0x7e,0x49,0xd3,0x69,0x33,0x4b,0x00,0x92, 811 0xc5,0x1b,0x42,0x20,0x69,0xf8,0x64,0xdf,0xd8,0xa7,0x44,0xd1,0x90,0x5e,0xfd,0x39, 812 0xad,0x6b,0x7d,0xfe,0xd5,0x8b,0xa4,0x01,0x64,0xf6,0xa7,0xb4,0x20,0x84,0xcc,0x05, 813 0x2f,0x27,0xee,0x1e,0xd5,0x24,0x96,0xae,0x84,0x43,0xa4,0x3e,0x43,0xf3,0x3b,0x99, 814 0xd7,0xf9,0xf2,0xde,0x3d,0x19,0xed,0xd0,0x65,0xf1,0x49,0xca,0x48,0xd2,0x38,0x7d, 815 0xc6,0x48,0xd7,0x72,0x61,0xb8,0xc6,0xc2,0x67,0x0a,0xd8,0x65,0x5a,0xfd,0x5b,0xf3, 816 0xc5,0xfd,0xbe,0x8c,0x69,0xcf,0x99,0x20,0xb6,0xea,0xec,0x39,0x80,0xe9,0x66,0xa8, 817 0xee,0x3d,0x9d,0x46,0x7b,0x87,0x02,0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0x1f,0x30, 818 0x82,0x01,0x1b,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03, 819 0x02,0x01,0x06,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30, 820 0x06,0x01,0x01,0xff,0x02,0x01,0x00,0x30,0x4b,0x06,0x03,0x55,0x1d,0x20,0x04,0x44, 821 0x30,0x42,0x30,0x40,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0xa0,0x32,0x01,0x0a,0x30, 822 0x33,0x30,0x31,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x25,0x68, 823 0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e,0x67,0x6c,0x6f,0x62,0x61,0x6c, 824 0x73,0x69,0x67,0x6e,0x2e,0x6e,0x65,0x74,0x2f,0x72,0x65,0x70,0x6f,0x73,0x69,0x74, 825 0x6f,0x72,0x79,0x2f,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x36, 826 0x12,0x4e,0x9e,0x71,0xc4,0x26,0x41,0xf1,0xfa,0xf1,0x29,0x4c,0xbf,0x17,0xa4,0x53, 827 0x28,0xb6,0xeb,0x30,0x33,0x06,0x03,0x55,0x1d,0x1f,0x04,0x2c,0x30,0x2a,0x30,0x28, 828 0xa0,0x26,0xa0,0x24,0x86,0x22,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x6c, 829 0x2e,0x67,0x6c,0x6f,0x62,0x61,0x6c,0x73,0x69,0x67,0x6e,0x2e,0x6e,0x65,0x74,0x2f, 830 0x72,0x6f,0x6f,0x74,0x2e,0x63,0x72,0x6c,0x30,0x11,0x06,0x09,0x60,0x86,0x48,0x01, 831 0x86,0xf8,0x42,0x01,0x01,0x04,0x04,0x03,0x02,0x02,0x04,0x30,0x20,0x06,0x03,0x55, 832 0x1d,0x25,0x04,0x19,0x30,0x17,0x06,0x0a,0x2b,0x06,0x01,0x04,0x01,0x82,0x37,0x0a, 833 0x03,0x03,0x06,0x09,0x60,0x86,0x48,0x01,0x86,0xf8,0x42,0x04,0x01,0x30,0x1f,0x06, 834 0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x60,0x7b,0x66,0x1a,0x45,0x0d, 835 0x97,0xca,0x89,0x50,0x2f,0x7d,0x04,0xcd,0x34,0xa8,0xff,0xfc,0xfd,0x4b,0x30,0x0d, 836 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01, 837 0x01,0x00,0xc3,0x25,0x79,0x4a,0xfa,0xcd,0x26,0x6f,0x40,0x6a,0xb8,0x94,0x1b,0xe6, 838 0xa0,0xe1,0x6b,0xd2,0x31,0x9a,0x3f,0x89,0xfb,0xc5,0x0a,0x22,0x75,0x7a,0xfd,0xbb, 839 0x40,0x34,0x9c,0xbc,0x9e,0x85,0x49,0x59,0x7a,0x95,0xcc,0x0d,0x2d,0x44,0x0b,0xc7, 840 0xcb,0x15,0x10,0x1e,0xd2,0xdc,0xe3,0x78,0xea,0x5f,0xf5,0x35,0x51,0xa6,0xc8,0x3f, 841 0x39,0x90,0x15,0x9e,0x5f,0x15,0xc9,0xb7,0x8f,0x5d,0x6b,0x63,0x99,0x68,0xe1,0x6e, 842 0x5c,0xfc,0x9d,0x37,0x33,0x0a,0xae,0x87,0x70,0x4a,0xa2,0xe3,0xab,0x26,0x7d,0x73, 843 0x07,0xe4,0xf7,0x0a,0xaa,0x75,0x8f,0xa6,0xee,0x9b,0x04,0xd1,0x05,0x43,0x74,0x1a, 844 0xba,0xd4,0xc2,0x9d,0x7f,0xb7,0xa0,0x6c,0xed,0x16,0x9a,0x67,0x40,0x56,0xab,0x83, 845 0x9f,0x4c,0x9c,0xeb,0x28,0x34,0x1f,0x8d,0xe6,0x5a,0x0f,0x69,0x40,0xd9,0xa9,0x9e, 846 0x6a,0xf9,0x89,0x7f,0xd0,0xf8,0x8c,0xb3,0x48,0x2e,0x0b,0x4f,0xf1,0xf9,0xcf,0xf5, 847 0x0e,0x11,0x02,0x0c,0x89,0x16,0x73,0x53,0x5d,0x2c,0xd3,0xef,0xde,0x5f,0x0b,0x25, 848 0xba,0xd5,0x4e,0x8f,0x85,0x90,0x3f,0x88,0x93,0x79,0xa5,0x20,0xac,0xff,0xb0,0x8a, 849 0xcb,0xcb,0xa5,0x55,0x78,0x83,0x39,0x41,0x32,0xaa,0x5d,0x25,0x93,0xa7,0xea,0xee, 850 0x18,0x72,0xb5,0xe2,0x1d,0x7f,0x08,0x74,0x11,0xb6,0x01,0x27,0x4e,0x96,0xcf,0xa8, 851 0xf0,0x2a,0xf9,0x52,0xac,0x24,0x1a,0x19,0x9e,0x9f,0x6c,0x52,0x7c,0x8b,0x3a,0xa6, 852 0x54,0xde,0xc1,0xc7,0x21,0x7d,0x3a,0xd3,0xbc,0x1a,0xa8,0x6d,0xf2,0xbf,0xdf,0x76, 853 0xca,0x03 854 }; 855 static const BYTE openssl_org[] = { 856 0x30,0x82,0x04,0xc8,0x30,0x82,0x03,0xb0,0xa0,0x03,0x02,0x01,0x02,0x02,0x0b,0x01, 857 0x00,0x00,0x00,0x00,0x01,0x1c,0x57,0x8e,0x3a,0xeb,0x30,0x0d,0x06,0x09,0x2a,0x86, 858 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x71,0x31,0x0b,0x30,0x09,0x06, 859 0x03,0x55,0x04,0x06,0x13,0x02,0x42,0x45,0x31,0x1d,0x30,0x1b,0x06,0x03,0x55,0x04, 860 0x0b,0x13,0x14,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x20,0x56,0x61,0x6c,0x69,0x64,0x61, 861 0x74,0x69,0x6f,0x6e,0x20,0x43,0x41,0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04,0x0a, 862 0x13,0x10,0x47,0x6c,0x6f,0x62,0x61,0x6c,0x53,0x69,0x67,0x6e,0x20,0x6e,0x76,0x2d, 863 0x73,0x61,0x31,0x28,0x30,0x26,0x06,0x03,0x55,0x04,0x03,0x13,0x1f,0x47,0x6c,0x6f, 864 0x62,0x61,0x6c,0x53,0x69,0x67,0x6e,0x20,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x20,0x56, 865 0x61,0x6c,0x69,0x64,0x61,0x74,0x69,0x6f,0x6e,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d, 866 0x30,0x38,0x30,0x39,0x31,0x32,0x31,0x37,0x31,0x34,0x31,0x31,0x5a,0x17,0x0d,0x31, 867 0x31,0x30,0x39,0x31,0x33,0x31,0x37,0x31,0x34,0x30,0x36,0x5a,0x30,0x60,0x31,0x0b, 868 0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x47,0x42,0x31,0x21,0x30,0x1f,0x06, 869 0x03,0x55,0x04,0x0b,0x13,0x18,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x20,0x43,0x6f,0x6e, 870 0x74,0x72,0x6f,0x6c,0x20,0x56,0x61,0x6c,0x69,0x64,0x61,0x74,0x65,0x64,0x31,0x16, 871 0x30,0x14,0x06,0x03,0x55,0x04,0x0a,0x14,0x0d,0x2a,0x2e,0x6f,0x70,0x65,0x6e,0x73, 872 0x73,0x6c,0x2e,0x6f,0x72,0x67,0x31,0x16,0x30,0x14,0x06,0x03,0x55,0x04,0x03,0x14, 873 0x0d,0x2a,0x2e,0x6f,0x70,0x65,0x6e,0x73,0x73,0x6c,0x2e,0x6f,0x72,0x67,0x30,0x82, 874 0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, 875 0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01,0x00,0xb9, 876 0x23,0x4e,0x1d,0xb5,0xef,0x87,0xb2,0xce,0x43,0x75,0x6a,0xc3,0x11,0x1c,0xd2,0xf7, 877 0x32,0xf3,0xf7,0x92,0x9b,0xed,0xe6,0x86,0xc3,0xb7,0x93,0x93,0x5e,0x7d,0x32,0x6a, 878 0x2b,0x03,0xb7,0x2a,0xc8,0x80,0x98,0x91,0x41,0x40,0x08,0xac,0xde,0xa6,0x7a,0x7c, 879 0x4f,0x44,0x8b,0x9c,0xd8,0xd3,0x87,0x71,0xf2,0x4e,0x3e,0x54,0xd7,0xa4,0x11,0x81, 880 0xb7,0x71,0x68,0x87,0xc1,0xc9,0xaf,0x2a,0xfa,0xb2,0x74,0xa3,0x70,0xa1,0x4d,0x19, 881 0x06,0x8d,0x1c,0x95,0x04,0x14,0x9c,0x8f,0x1f,0xf0,0x98,0xc1,0xc0,0x70,0xfa,0xb1, 882 0x10,0x1d,0x77,0xda,0x80,0x14,0x53,0xa5,0x5c,0xbe,0x05,0x9a,0x43,0xf4,0x54,0xf3, 883 0x70,0xf4,0x71,0x39,0xea,0x50,0x9c,0xe6,0xa8,0xd0,0x78,0xa6,0x30,0x1e,0x6d,0x4d, 884 0x22,0x10,0xdd,0x15,0x2d,0x50,0x00,0x5d,0xd9,0xc9,0xd2,0xa6,0xb9,0xdb,0x7f,0xad, 885 0xd8,0xeb,0xef,0x65,0x1f,0xce,0xbb,0x8d,0x4e,0x51,0x95,0x84,0x6e,0x95,0x16,0xef, 886 0x0b,0xf0,0x7b,0xff,0x2d,0x6c,0x1b,0x81,0x6c,0xca,0xe0,0x25,0x3d,0x2a,0x5c,0x6f, 887 0xad,0xce,0x4b,0x5c,0x46,0x7c,0xb1,0xa9,0xf4,0xea,0x72,0x02,0xa1,0xcc,0x87,0x63, 888 0x85,0x19,0x52,0x01,0x23,0x04,0x8e,0x2a,0xb4,0x94,0xde,0x6d,0x69,0x13,0x65,0x0b, 889 0x70,0x5f,0x92,0x1a,0x44,0x68,0x41,0xcd,0x80,0xef,0xc9,0xe9,0x83,0xd8,0x1e,0x95, 890 0x86,0xc7,0x1a,0x51,0xaf,0x3d,0xaa,0xca,0x97,0x19,0xe0,0xb4,0x69,0x87,0x75,0xe1, 891 0x09,0x9a,0x53,0xcd,0xf5,0x43,0xcf,0x2b,0x1d,0xe7,0x81,0x20,0x1e,0x97,0x25,0x02, 892 0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0x70,0x30,0x82,0x01,0x6c,0x30,0x1f,0x06,0x03, 893 0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x36,0x12,0x4e,0x9e,0x71,0xc4,0x26, 894 0x41,0xf1,0xfa,0xf1,0x29,0x4c,0xbf,0x17,0xa4,0x53,0x28,0xb6,0xeb,0x30,0x49,0x06, 895 0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01,0x04,0x3d,0x30,0x3b,0x30,0x39,0x06, 896 0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x02,0x86,0x2d,0x68,0x74,0x74,0x70,0x3a, 897 0x2f,0x2f,0x73,0x65,0x63,0x75,0x72,0x65,0x2e,0x67,0x6c,0x6f,0x62,0x61,0x6c,0x73, 898 0x69,0x67,0x6e,0x2e,0x6e,0x65,0x74,0x2f,0x63,0x61,0x63,0x65,0x72,0x74,0x2f,0x64, 899 0x76,0x68,0x65,0x31,0x2e,0x63,0x72,0x74,0x30,0x39,0x06,0x03,0x55,0x1d,0x1f,0x04, 900 0x32,0x30,0x30,0x30,0x2e,0xa0,0x2c,0xa0,0x2a,0x86,0x28,0x68,0x74,0x74,0x70,0x3a, 901 0x2f,0x2f,0x63,0x72,0x6c,0x2e,0x67,0x6c,0x6f,0x62,0x61,0x6c,0x73,0x69,0x67,0x6e, 902 0x2e,0x6e,0x65,0x74,0x2f,0x44,0x6f,0x6d,0x61,0x69,0x6e,0x56,0x61,0x6c,0x31,0x2e, 903 0x63,0x72,0x6c,0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0xec,0x81, 904 0x7d,0x47,0xa8,0xc0,0x19,0xa7,0xbc,0x6b,0x52,0x5e,0xb6,0x90,0xfb,0x17,0xae,0x7f, 905 0x41,0x8f,0x30,0x09,0x06,0x03,0x55,0x1d,0x13,0x04,0x02,0x30,0x00,0x30,0x0e,0x06, 906 0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x04,0xf0,0x30,0x29,0x06, 907 0x03,0x55,0x1d,0x25,0x04,0x22,0x30,0x20,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07, 908 0x03,0x01,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x02,0x06,0x0a,0x2b,0x06, 909 0x01,0x04,0x01,0x82,0x37,0x0a,0x03,0x03,0x30,0x4b,0x06,0x03,0x55,0x1d,0x20,0x04, 910 0x44,0x30,0x42,0x30,0x40,0x06,0x09,0x2b,0x06,0x01,0x04,0x01,0xa0,0x32,0x01,0x0a, 911 0x30,0x33,0x30,0x31,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x02,0x01,0x16,0x25, 912 0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e,0x67,0x6c,0x6f,0x62,0x61, 913 0x6c,0x73,0x69,0x67,0x6e,0x2e,0x6e,0x65,0x74,0x2f,0x72,0x65,0x70,0x6f,0x73,0x69, 914 0x74,0x6f,0x72,0x79,0x2f,0x30,0x11,0x06,0x09,0x60,0x86,0x48,0x01,0x86,0xf8,0x42, 915 0x01,0x01,0x04,0x04,0x03,0x02,0x06,0xc0,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86, 916 0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x2b,0x22,0xdd,0xa3, 917 0x1a,0xf9,0x12,0xee,0x77,0xbf,0x34,0xdd,0xbf,0x57,0x98,0x72,0xb3,0x05,0x8d,0x49, 918 0xa4,0x5d,0x55,0xec,0x08,0xf4,0x70,0xb9,0x83,0xaf,0x57,0xb2,0x0f,0x54,0x12,0xc5, 919 0xf4,0x0e,0x6e,0xd9,0xe4,0xd4,0x7c,0x6a,0x11,0x4a,0xd7,0xc3,0x46,0x42,0x7e,0x13, 920 0x4c,0x39,0x1b,0xe3,0x53,0xb1,0x8b,0x8a,0xd7,0xa2,0x74,0xcb,0x18,0x0a,0x40,0x50, 921 0xbe,0xbe,0x86,0x81,0xa9,0x8e,0x23,0x0b,0xa0,0x38,0x02,0x1c,0x55,0x57,0xfd,0xf7, 922 0x98,0x43,0x7f,0x6e,0xe9,0x26,0xc5,0x64,0x7d,0x8a,0x42,0xfb,0x67,0xbd,0x93,0x39, 923 0x75,0x49,0xcd,0x26,0x20,0x71,0xb4,0x65,0xca,0x04,0x15,0xfb,0x1a,0xcb,0x80,0x2e, 924 0x20,0x43,0x81,0x3e,0x58,0x7f,0x3f,0x2c,0x93,0x92,0x06,0x96,0x69,0xb0,0x49,0x4c, 925 0xd1,0xa8,0x53,0x9b,0x41,0x55,0x13,0x75,0xc3,0x51,0xe8,0x16,0x3d,0x3e,0x6f,0xbd, 926 0xb7,0x0c,0x49,0x48,0x64,0x97,0xb4,0x14,0x89,0x57,0x62,0x75,0x32,0x31,0xda,0x94, 927 0x82,0xf8,0xb3,0xc6,0x02,0x20,0x5e,0x0e,0x00,0x87,0x9c,0x0f,0x34,0x65,0xda,0xf2, 928 0x47,0x78,0x18,0xf5,0xd5,0xea,0xf3,0x93,0x4e,0x60,0xd6,0x6b,0x7a,0xe8,0x88,0xd7, 929 0x69,0x41,0xaa,0x10,0x56,0xd7,0x16,0x14,0xde,0xc9,0x1c,0xb6,0xb6,0x10,0xab,0x6b, 930 0x97,0xbd,0x6a,0xa9,0xb7,0x67,0xd7,0x96,0xeb,0x52,0x12,0x9e,0x9a,0x69,0xaf,0x38, 931 0x53,0x4d,0x99,0xd8,0x84,0xea,0x54,0xba,0x89,0x67,0xff,0x40,0x66,0x0d,0x53,0x99, 932 0xb6,0x65,0xba,0xf3,0x8a,0x01,0x3d,0xd0,0xf1,0x21,0x5f,0xdd 933 }; 934 935 /* USERTrust -> InCommon RSA CA -> cs.stanford.edu 936 * cs.stanford.edu's chain, also valid for www.cs.stanford.edu 937 */ 938 static const BYTE usertrust_ca[] = { 939 0x30,0x82,0x05,0xde,0x30,0x82,0x03,0xc6,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,0x01, 940 0xfd,0x6d,0x30,0xfc,0xa3,0xca,0x51,0xa8,0x1b,0xbc,0x64,0x0e,0x35,0x03,0x2d,0x30, 941 0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0c,0x05,0x00,0x30,0x81, 942 0x88,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13, 943 0x30,0x11,0x06,0x03,0x55,0x04,0x08,0x13,0x0a,0x4e,0x65,0x77,0x20,0x4a,0x65,0x72, 944 0x73,0x65,0x79,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x07,0x13,0x0b,0x4a,0x65, 945 0x72,0x73,0x65,0x79,0x20,0x43,0x69,0x74,0x79,0x31,0x1e,0x30,0x1c,0x06,0x03,0x55, 946 0x04,0x0a,0x13,0x15,0x54,0x68,0x65,0x20,0x55,0x53,0x45,0x52,0x54,0x52,0x55,0x53, 947 0x54,0x20,0x4e,0x65,0x74,0x77,0x6f,0x72,0x6b,0x31,0x2e,0x30,0x2c,0x06,0x03,0x55, 948 0x04,0x03,0x13,0x25,0x55,0x53,0x45,0x52,0x54,0x72,0x75,0x73,0x74,0x20,0x52,0x53, 949 0x41,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20, 950 0x41,0x75,0x74,0x68,0x6f,0x72,0x69,0x74,0x79,0x30,0x1e,0x17,0x0d,0x31,0x30,0x30, 951 0x32,0x30,0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x33,0x38,0x30,0x31, 952 0x31,0x38,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x81,0x88,0x31,0x0b,0x30,0x09, 953 0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13,0x30,0x11,0x06,0x03,0x55, 954 0x04,0x08,0x13,0x0a,0x4e,0x65,0x77,0x20,0x4a,0x65,0x72,0x73,0x65,0x79,0x31,0x14, 955 0x30,0x12,0x06,0x03,0x55,0x04,0x07,0x13,0x0b,0x4a,0x65,0x72,0x73,0x65,0x79,0x20, 956 0x43,0x69,0x74,0x79,0x31,0x1e,0x30,0x1c,0x06,0x03,0x55,0x04,0x0a,0x13,0x15,0x54, 957 0x68,0x65,0x20,0x55,0x53,0x45,0x52,0x54,0x52,0x55,0x53,0x54,0x20,0x4e,0x65,0x74, 958 0x77,0x6f,0x72,0x6b,0x31,0x2e,0x30,0x2c,0x06,0x03,0x55,0x04,0x03,0x13,0x25,0x55, 959 0x53,0x45,0x52,0x54,0x72,0x75,0x73,0x74,0x20,0x52,0x53,0x41,0x20,0x43,0x65,0x72, 960 0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20,0x41,0x75,0x74,0x68,0x6f, 961 0x72,0x69,0x74,0x79,0x30,0x82,0x02,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86, 962 0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x02,0x0f,0x00,0x30,0x82,0x02,0x0a, 963 0x02,0x82,0x02,0x01,0x00,0x80,0x12,0x65,0x17,0x36,0x0e,0xc3,0xdb,0x08,0xb3,0xd0, 964 0xac,0x57,0x0d,0x76,0xed,0xcd,0x27,0xd3,0x4c,0xad,0x50,0x83,0x61,0xe2,0xaa,0x20, 965 0x4d,0x09,0x2d,0x64,0x09,0xdc,0xce,0x89,0x9f,0xcc,0x3d,0xa9,0xec,0xf6,0xcf,0xc1, 966 0xdc,0xf1,0xd3,0xb1,0xd6,0x7b,0x37,0x28,0x11,0x2b,0x47,0xda,0x39,0xc6,0xbc,0x3a, 967 0x19,0xb4,0x5f,0xa6,0xbd,0x7d,0x9d,0xa3,0x63,0x42,0xb6,0x76,0xf2,0xa9,0x3b,0x2b, 968 0x91,0xf8,0xe2,0x6f,0xd0,0xec,0x16,0x20,0x90,0x09,0x3e,0xe2,0xe8,0x74,0xc9,0x18, 969 0xb4,0x91,0xd4,0x62,0x64,0xdb,0x7f,0xa3,0x06,0xf1,0x88,0x18,0x6a,0x90,0x22,0x3c, 970 0xbc,0xfe,0x13,0xf0,0x87,0x14,0x7b,0xf6,0xe4,0x1f,0x8e,0xd4,0xe4,0x51,0xc6,0x11, 971 0x67,0x46,0x08,0x51,0xcb,0x86,0x14,0x54,0x3f,0xbc,0x33,0xfe,0x7e,0x6c,0x9c,0xff, 972 0x16,0x9d,0x18,0xbd,0x51,0x8e,0x35,0xa6,0xa7,0x66,0xc8,0x72,0x67,0xdb,0x21,0x66, 973 0xb1,0xd4,0x9b,0x78,0x03,0xc0,0x50,0x3a,0xe8,0xcc,0xf0,0xdc,0xbc,0x9e,0x4c,0xfe, 974 0xaf,0x05,0x96,0x35,0x1f,0x57,0x5a,0xb7,0xff,0xce,0xf9,0x3d,0xb7,0x2c,0xb6,0xf6, 975 0x54,0xdd,0xc8,0xe7,0x12,0x3a,0x4d,0xae,0x4c,0x8a,0xb7,0x5c,0x9a,0xb4,0xb7,0x20, 976 0x3d,0xca,0x7f,0x22,0x34,0xae,0x7e,0x3b,0x68,0x66,0x01,0x44,0xe7,0x01,0x4e,0x46, 977 0x53,0x9b,0x33,0x60,0xf7,0x94,0xbe,0x53,0x37,0x90,0x73,0x43,0xf3,0x32,0xc3,0x53, 978 0xef,0xdb,0xaa,0xfe,0x74,0x4e,0x69,0xc7,0x6b,0x8c,0x60,0x93,0xde,0xc4,0xc7,0x0c, 979 0xdf,0xe1,0x32,0xae,0xcc,0x93,0x3b,0x51,0x78,0x95,0x67,0x8b,0xee,0x3d,0x56,0xfe, 980 0x0c,0xd0,0x69,0x0f,0x1b,0x0f,0xf3,0x25,0x26,0x6b,0x33,0x6d,0xf7,0x6e,0x47,0xfa, 981 0x73,0x43,0xe5,0x7e,0x0e,0xa5,0x66,0xb1,0x29,0x7c,0x32,0x84,0x63,0x55,0x89,0xc4, 982 0x0d,0xc1,0x93,0x54,0x30,0x19,0x13,0xac,0xd3,0x7d,0x37,0xa7,0xeb,0x5d,0x3a,0x6c, 983 0x35,0x5c,0xdb,0x41,0xd7,0x12,0xda,0xa9,0x49,0x0b,0xdf,0xd8,0x80,0x8a,0x09,0x93, 984 0x62,0x8e,0xb5,0x66,0xcf,0x25,0x88,0xcd,0x84,0xb8,0xb1,0x3f,0xa4,0x39,0x0f,0xd9, 985 0x02,0x9e,0xeb,0x12,0x4c,0x95,0x7c,0xf3,0x6b,0x05,0xa9,0x5e,0x16,0x83,0xcc,0xb8, 986 0x67,0xe2,0xe8,0x13,0x9d,0xcc,0x5b,0x82,0xd3,0x4c,0xb3,0xed,0x5b,0xff,0xde,0xe5, 987 0x73,0xac,0x23,0x3b,0x2d,0x00,0xbf,0x35,0x55,0x74,0x09,0x49,0xd8,0x49,0x58,0x1a, 988 0x7f,0x92,0x36,0xe6,0x51,0x92,0x0e,0xf3,0x26,0x7d,0x1c,0x4d,0x17,0xbc,0xc9,0xec, 989 0x43,0x26,0xd0,0xbf,0x41,0x5f,0x40,0xa9,0x44,0x44,0xf4,0x99,0xe7,0x57,0x87,0x9e, 990 0x50,0x1f,0x57,0x54,0xa8,0x3e,0xfd,0x74,0x63,0x2f,0xb1,0x50,0x65,0x09,0xe6,0x58, 991 0x42,0x2e,0x43,0x1a,0x4c,0xb4,0xf0,0x25,0x47,0x59,0xfa,0x04,0x1e,0x93,0xd4,0x26, 992 0x46,0x4a,0x50,0x81,0xb2,0xde,0xbe,0x78,0xb7,0xfc,0x67,0x15,0xe1,0xc9,0x57,0x84, 993 0x1e,0x0f,0x63,0xd6,0xe9,0x62,0xba,0xd6,0x5f,0x55,0x2e,0xea,0x5c,0xc6,0x28,0x08, 994 0x04,0x25,0x39,0xb8,0x0e,0x2b,0xa9,0xf2,0x4c,0x97,0x1c,0x07,0x3f,0x0d,0x52,0xf5, 995 0xed,0xef,0x2f,0x82,0x0f,0x02,0x03,0x01,0x00,0x01,0xa3,0x42,0x30,0x40,0x30,0x1d, 996 0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x53,0x79,0xbf,0x5a,0xaa,0x2b,0x4a, 997 0xcf,0x54,0x80,0xe1,0xd8,0x9b,0xc0,0x9d,0xf2,0xb2,0x03,0x66,0xcb,0x30,0x0e,0x06, 998 0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x01,0x06,0x30,0x0f,0x06, 999 0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0d, 1000 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0c,0x05,0x00,0x03,0x82,0x02, 1001 0x01,0x00,0x5c,0xd4,0x7c,0x0d,0xcf,0xf7,0x01,0x7d,0x41,0x99,0x65,0x0c,0x73,0xc5, 1002 0x52,0x9f,0xcb,0xf8,0xcf,0x99,0x06,0x7f,0x1b,0xda,0x43,0x15,0x9f,0x9e,0x02,0x55, 1003 0x57,0x96,0x14,0xf1,0x52,0x3c,0x27,0x87,0x94,0x28,0xed,0x1f,0x3a,0x01,0x37,0xa2, 1004 0x76,0xfc,0x53,0x50,0xc0,0x84,0x9b,0xc6,0x6b,0x4e,0xba,0x8c,0x21,0x4f,0xa2,0x8e, 1005 0x55,0x62,0x91,0xf3,0x69,0x15,0xd8,0xbc,0x88,0xe3,0xc4,0xaa,0x0b,0xfd,0xef,0xa8, 1006 0xe9,0x4b,0x55,0x2a,0x06,0x20,0x6d,0x55,0x78,0x29,0x19,0xee,0x5f,0x30,0x5c,0x4b, 1007 0x24,0x11,0x55,0xff,0x24,0x9a,0x6e,0x5e,0x2a,0x2b,0xee,0x0b,0x4d,0x9f,0x7f,0xf7, 1008 0x01,0x38,0x94,0x14,0x95,0x43,0x07,0x09,0xfb,0x60,0xa9,0xee,0x1c,0xab,0x12,0x8c, 1009 0xa0,0x9a,0x5e,0xa7,0x98,0x6a,0x59,0x6d,0x8b,0x3f,0x08,0xfb,0xc8,0xd1,0x45,0xaf, 1010 0x18,0x15,0x64,0x90,0x12,0x0f,0x73,0x28,0x2e,0xc5,0xe2,0x24,0x4e,0xfc,0x58,0xec, 1011 0xf0,0xf4,0x45,0xfe,0x22,0xb3,0xeb,0x2f,0x8e,0xd2,0xd9,0x45,0x61,0x05,0xc1,0x97, 1012 0x6f,0xa8,0x76,0x72,0x8f,0x8b,0x8c,0x36,0xaf,0xbf,0x0d,0x05,0xce,0x71,0x8d,0xe6, 1013 0xa6,0x6f,0x1f,0x6c,0xa6,0x71,0x62,0xc5,0xd8,0xd0,0x83,0x72,0x0c,0xf1,0x67,0x11, 1014 0x89,0x0c,0x9c,0x13,0x4c,0x72,0x34,0xdf,0xbc,0xd5,0x71,0xdf,0xaa,0x71,0xdd,0xe1, 1015 0xb9,0x6c,0x8c,0x3c,0x12,0x5d,0x65,0xda,0xbd,0x57,0x12,0xb6,0x43,0x6b,0xff,0xe5, 1016 0xde,0x4d,0x66,0x11,0x51,0xcf,0x99,0xae,0xec,0x17,0xb6,0xe8,0x71,0x91,0x8c,0xde, 1017 0x49,0xfe,0xdd,0x35,0x71,0xa2,0x15,0x27,0x94,0x1c,0xcf,0x61,0xe3,0x26,0xbb,0x6f, 1018 0xa3,0x67,0x25,0x21,0x5d,0xe6,0xdd,0x1d,0x0b,0x2e,0x68,0x1b,0x3b,0x82,0xaf,0xec, 1019 0x83,0x67,0x85,0xd4,0x98,0x51,0x74,0xb1,0xb9,0x99,0x80,0x89,0xff,0x7f,0x78,0x19, 1020 0x5c,0x79,0x4a,0x60,0x2e,0x92,0x40,0xae,0x4c,0x37,0x2a,0x2c,0xc9,0xc7,0x62,0xc8, 1021 0x0e,0x5d,0xf7,0x36,0x5b,0xca,0xe0,0x25,0x25,0x01,0xb4,0xdd,0x1a,0x07,0x9c,0x77, 1022 0x00,0x3f,0xd0,0xdc,0xd5,0xec,0x3d,0xd4,0xfa,0xbb,0x3f,0xcc,0x85,0xd6,0x6f,0x7f, 1023 0xa9,0x2d,0xdf,0xb9,0x02,0xf7,0xf5,0x97,0x9a,0xb5,0x35,0xda,0xc3,0x67,0xb0,0x87, 1024 0x4a,0xa9,0x28,0x9e,0x23,0x8e,0xff,0x5c,0x27,0x6b,0xe1,0xb0,0x4f,0xf3,0x07,0xee, 1025 0x00,0x2e,0xd4,0x59,0x87,0xcb,0x52,0x41,0x95,0xea,0xf4,0x47,0xd7,0xee,0x64,0x41, 1026 0x55,0x7c,0x8d,0x59,0x02,0x95,0xdd,0x62,0x9d,0xc2,0xb9,0xee,0x5a,0x28,0x74,0x84, 1027 0xa5,0x9b,0xb7,0x90,0xc7,0x0c,0x07,0xdf,0xf5,0x89,0x36,0x74,0x32,0xd6,0x28,0xc1, 1028 0xb0,0xb0,0x0b,0xe0,0x9c,0x4c,0xc3,0x1c,0xd6,0xfc,0xe3,0x69,0xb5,0x47,0x46,0x81, 1029 0x2f,0xa2,0x82,0xab,0xd3,0x63,0x44,0x70,0xc4,0x8d,0xff,0x2d,0x33,0xba,0xad,0x8f, 1030 0x7b,0xb5,0x70,0x88,0xae,0x3e,0x19,0xcf,0x40,0x28,0xd8,0xfc,0xc8,0x90,0xbb,0x5d, 1031 0x99,0x22,0xf5,0x52,0xe6,0x58,0xc5,0x1f,0x88,0x31,0x43,0xee,0x88,0x1d,0xd7,0xc6, 1032 0x8e,0x3c,0x43,0x6a,0x1d,0xa7,0x18,0xde,0x7d,0x3d,0x16,0xf1,0x62,0xf9,0xca,0x90, 1033 0xa8,0xfd 1034 }; 1035 static const BYTE incommon_rsa_ca[] = { 1036 0x30,0x82,0x05,0xf9,0x30,0x82,0x03,0xe1,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,0x47, 1037 0x20,0xd0,0xfa,0x85,0x46,0x1a,0x7e,0x17,0xa1,0x64,0x02,0x91,0x84,0x63,0x74,0x30, 1038 0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0c,0x05,0x00,0x30,0x81, 1039 0x88,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x13, 1040 0x30,0x11,0x06,0x03,0x55,0x04,0x08,0x13,0x0a,0x4e,0x65,0x77,0x20,0x4a,0x65,0x72, 1041 0x73,0x65,0x79,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x07,0x13,0x0b,0x4a,0x65, 1042 0x72,0x73,0x65,0x79,0x20,0x43,0x69,0x74,0x79,0x31,0x1e,0x30,0x1c,0x06,0x03,0x55, 1043 0x04,0x0a,0x13,0x15,0x54,0x68,0x65,0x20,0x55,0x53,0x45,0x52,0x54,0x52,0x55,0x53, 1044 0x54,0x20,0x4e,0x65,0x74,0x77,0x6f,0x72,0x6b,0x31,0x2e,0x30,0x2c,0x06,0x03,0x55, 1045 0x04,0x03,0x13,0x25,0x55,0x53,0x45,0x52,0x54,0x72,0x75,0x73,0x74,0x20,0x52,0x53, 1046 0x41,0x20,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61,0x74,0x69,0x6f,0x6e,0x20, 1047 0x41,0x75,0x74,0x68,0x6f,0x72,0x69,0x74,0x79,0x30,0x1e,0x17,0x0d,0x31,0x34,0x31, 1048 0x30,0x30,0x36,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x32,0x34,0x31,0x30, 1049 0x30,0x35,0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x76,0x31,0x0b,0x30,0x09,0x06, 1050 0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04, 1051 0x08,0x13,0x02,0x4d,0x49,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x07,0x13,0x09, 1052 0x41,0x6e,0x6e,0x20,0x41,0x72,0x62,0x6f,0x72,0x31,0x12,0x30,0x10,0x06,0x03,0x55, 1053 0x04,0x0a,0x13,0x09,0x49,0x6e,0x74,0x65,0x72,0x6e,0x65,0x74,0x32,0x31,0x11,0x30, 1054 0x0f,0x06,0x03,0x55,0x04,0x0b,0x13,0x08,0x49,0x6e,0x43,0x6f,0x6d,0x6d,0x6f,0x6e, 1055 0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x03,0x13,0x16,0x49,0x6e,0x43,0x6f,0x6d, 1056 0x6d,0x6f,0x6e,0x20,0x52,0x53,0x41,0x20,0x53,0x65,0x72,0x76,0x65,0x72,0x20,0x43, 1057 0x41,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01, 1058 0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01, 1059 0x01,0x00,0x9c,0x1b,0xf1,0xbb,0x2f,0x7f,0x63,0x18,0x15,0x51,0x51,0x54,0x0f,0x9e, 1060 0xc5,0x4e,0x4d,0x10,0x58,0xfa,0x30,0x9b,0x17,0x29,0x90,0xe6,0x33,0x0c,0xac,0x13, 1061 0x53,0x7c,0x54,0x91,0xb4,0xea,0xd8,0x6e,0x9b,0x89,0x6d,0xbb,0x33,0x3e,0x8f,0xd2, 1062 0x0d,0xa6,0xe9,0xf9,0xba,0xe9,0x0d,0x0c,0x1a,0x9e,0xb2,0x8e,0xc9,0x70,0x2e,0xef, 1063 0x1e,0x05,0x7d,0x95,0xeb,0x2d,0x8d,0xa2,0xa9,0x4d,0xb3,0x9c,0xe7,0xf3,0x19,0x36, 1064 0xbb,0xa7,0xf1,0x7c,0xe6,0x08,0x1e,0x61,0x27,0x44,0x7a,0x96,0xf4,0xa8,0x34,0xdb, 1065 0xe2,0x42,0xc8,0xa5,0xdb,0x37,0xd5,0xb5,0xe7,0xe4,0x42,0x72,0x3f,0xb4,0x13,0xcf, 1066 0x8b,0x07,0x24,0x45,0x1e,0x8c,0x91,0x83,0x46,0xb9,0x09,0xa6,0xfc,0x18,0xa3,0x06, 1067 0x02,0xec,0x34,0x8d,0x32,0x66,0x95,0x27,0xea,0xe1,0x97,0xe8,0xdb,0x35,0xa3,0x2b, 1068 0x56,0xeb,0x57,0xe8,0xf0,0x10,0x59,0xdf,0x6d,0x70,0x0c,0x66,0x6a,0xd0,0x64,0xe5, 1069 0xa8,0xa3,0x98,0x31,0xad,0x1d,0x62,0xd5,0xfa,0x92,0xe3,0x9a,0x43,0xcd,0x2d,0x35, 1070 0xfb,0xd9,0x9e,0x33,0x5b,0x45,0x7d,0xc4,0x86,0x28,0x2c,0x66,0x12,0xc8,0xdb,0x0f, 1071 0x19,0x30,0x0d,0x3f,0xe9,0xf0,0xea,0x4a,0x5e,0x40,0x07,0xc7,0xf6,0x20,0x7a,0x53, 1072 0x78,0x81,0x64,0x7a,0x7e,0x45,0x6a,0x16,0x6f,0xf4,0x93,0x58,0xc9,0x62,0xfb,0x29, 1073 0x27,0x7d,0xa1,0x7f,0x21,0xce,0xe7,0x4f,0x47,0xd6,0x8a,0x56,0xe0,0xe3,0x66,0xf8, 1074 0xec,0xdd,0x89,0xdc,0x26,0x8c,0x19,0x68,0x3b,0x8d,0x8b,0xe2,0xfb,0x47,0x23,0x0b, 1075 0x7f,0x37,0x02,0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0x6e,0x30,0x82,0x01,0x6a,0x30, 1076 0x1f,0x06,0x03,0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x53,0x79,0xbf,0x5a, 1077 0xaa,0x2b,0x4a,0xcf,0x54,0x80,0xe1,0xd8,0x9b,0xc0,0x9d,0xf2,0xb2,0x03,0x66,0xcb, 1078 0x30,0x1d,0x06,0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x1e,0x05,0xa3,0x77,0x8f, 1079 0x6c,0x96,0xe2,0x5b,0x87,0x4b,0xa6,0xb4,0x86,0xac,0x71,0x00,0x0c,0xe7,0x38,0x30, 1080 0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x01,0x86,0x30, 1081 0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff, 1082 0x02,0x01,0x00,0x30,0x1d,0x06,0x03,0x55,0x1d,0x25,0x04,0x16,0x30,0x14,0x06,0x08, 1083 0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x01,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07, 1084 0x03,0x02,0x30,0x1b,0x06,0x03,0x55,0x1d,0x20,0x04,0x14,0x30,0x12,0x30,0x06,0x06, 1085 0x04,0x55,0x1d,0x20,0x00,0x30,0x08,0x06,0x06,0x67,0x81,0x0c,0x01,0x02,0x02,0x30, 1086 0x50,0x06,0x03,0x55,0x1d,0x1f,0x04,0x49,0x30,0x47,0x30,0x45,0xa0,0x43,0xa0,0x41, 1087 0x86,0x3f,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x6c,0x2e,0x75,0x73,0x65, 1088 0x72,0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x2f,0x55,0x53,0x45,0x52,0x54, 1089 0x72,0x75,0x73,0x74,0x52,0x53,0x41,0x43,0x65,0x72,0x74,0x69,0x66,0x69,0x63,0x61, 1090 0x74,0x69,0x6f,0x6e,0x41,0x75,0x74,0x68,0x6f,0x72,0x69,0x74,0x79,0x2e,0x63,0x72, 1091 0x6c,0x30,0x76,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x01,0x01,0x04,0x6a,0x30, 1092 0x68,0x30,0x3f,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x02,0x86,0x33,0x68, 1093 0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x74,0x2e,0x75,0x73,0x65,0x72,0x74,0x72, 1094 0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x2f,0x55,0x53,0x45,0x52,0x54,0x72,0x75,0x73, 1095 0x74,0x52,0x53,0x41,0x41,0x64,0x64,0x54,0x72,0x75,0x73,0x74,0x43,0x41,0x2e,0x63, 1096 0x72,0x74,0x30,0x25,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x86,0x19, 1097 0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73,0x70,0x2e,0x75,0x73,0x65,0x72, 1098 0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 1099 0x86,0xf7,0x0d,0x01,0x01,0x0c,0x05,0x00,0x03,0x82,0x02,0x01,0x00,0x2d,0x11,0x06, 1100 0x38,0xd6,0xdb,0xd7,0x58,0x68,0xaf,0xaa,0x38,0x67,0x17,0x8d,0xe2,0x13,0xd7,0xa3, 1101 0x14,0x24,0xd9,0x06,0x13,0xeb,0xeb,0x91,0x2f,0xdf,0x4f,0x67,0x2d,0xc8,0xd3,0x14, 1102 0xd7,0x56,0x65,0x52,0x9e,0x6e,0x1f,0x98,0x08,0x8e,0x9a,0x48,0x1b,0xc1,0x8b,0x59, 1103 0x9a,0xa3,0x57,0x9b,0xdb,0x86,0xf8,0x59,0x40,0xfc,0x19,0xb0,0x75,0x11,0x2a,0xc2, 1104 0x12,0x36,0xba,0x8e,0x72,0x8a,0x06,0x4e,0x27,0xb7,0x8d,0x58,0x14,0xd1,0x6f,0xb4, 1105 0xf9,0x68,0xfc,0x98,0xdd,0xa4,0x9c,0x25,0x40,0x36,0xde,0xbd,0x17,0x66,0x2b,0x03, 1106 0x7f,0x78,0x81,0xb1,0x80,0x74,0x9e,0x5f,0x3a,0xb4,0x26,0x2f,0x6a,0x48,0x84,0x36, 1107 0x34,0x8e,0xa7,0x28,0xef,0x87,0xf3,0x61,0xe7,0xdb,0x67,0xf5,0x52,0xdb,0xd7,0xd1, 1108 0xe6,0x30,0x71,0xbb,0x8b,0xa3,0xd4,0xff,0xb9,0x64,0x89,0x9e,0x9b,0x81,0x9b,0x8f, 1109 0x57,0xb8,0x64,0x4c,0xd5,0x06,0x19,0x8e,0xe7,0x91,0x85,0x7c,0x18,0xd1,0x89,0xd8, 1110 0xf6,0xea,0x1d,0x68,0x14,0x11,0xd9,0xee,0x17,0x83,0x1f,0x50,0x63,0xcf,0x0e,0xf6, 1111 0x86,0x2a,0x6e,0xe3,0xb1,0xa4,0xc9,0xfa,0xf6,0x34,0x4c,0x77,0x2a,0x80,0x86,0x30, 1112 0xb0,0xa3,0xdc,0x1b,0x71,0xec,0x04,0xa7,0xe4,0x98,0xbc,0x16,0x85,0x3e,0x84,0x26, 1113 0xb3,0xc0,0xe5,0x35,0x55,0x7e,0x79,0x98,0xa3,0xd4,0xd4,0x8d,0xb6,0xe7,0x42,0xe8, 1114 0x44,0x20,0x12,0x37,0x5f,0x09,0xc9,0xfb,0x03,0xe4,0xf5,0x65,0x74,0x96,0xed,0xca, 1115 0xb9,0xb3,0xf6,0x09,0xff,0x4c,0xa6,0xd1,0x5d,0x3a,0xfc,0xd1,0x4d,0xaa,0xe4,0x98, 1116 0x72,0xbe,0x38,0x4b,0x7f,0x89,0x4e,0x26,0x8f,0xd4,0xcc,0xbe,0x56,0x09,0x71,0x03, 1117 0x4a,0x6c,0xa3,0xe2,0x35,0x86,0xdd,0x1e,0xd9,0xf1,0x31,0x03,0xf7,0x13,0x4d,0x0b, 1118 0x11,0x81,0x31,0x79,0xcc,0x7a,0xd7,0xbe,0xdc,0xfb,0xf3,0x76,0x1b,0x2c,0xbd,0xb3, 1119 0x91,0x0f,0x00,0x59,0x07,0x2a,0x20,0x43,0xdc,0x4b,0xd8,0xb5,0x19,0x14,0x8f,0xe2, 1120 0x7a,0x84,0x29,0xd1,0x43,0x3f,0x2f,0xcc,0xdf,0x3f,0x9d,0xbb,0xbd,0x68,0xc4,0xce, 1121 0xe0,0xcd,0xe7,0x1c,0x31,0x32,0x78,0x62,0xfa,0xf0,0x93,0xa2,0x1e,0xc9,0xd7,0x9f, 1122 0x68,0xe5,0xa8,0x76,0xf6,0x63,0xfe,0x68,0x99,0xef,0xba,0x36,0xd7,0x12,0x71,0x9a, 1123 0x9e,0xb3,0x71,0x1f,0x3b,0xbe,0x00,0x63,0x9e,0x3d,0x5f,0x21,0xc2,0xb1,0x86,0x1b, 1124 0xb8,0x4e,0x21,0xc3,0xc3,0x43,0x09,0x2e,0x63,0x0c,0xcd,0xff,0x14,0xf6,0xf6,0x22, 1125 0xe9,0xfd,0xca,0x9f,0xf5,0x98,0x44,0xb6,0x41,0x9c,0x41,0xc2,0x08,0x98,0x7d,0xdb, 1126 0xa0,0x9f,0x22,0x7e,0xc0,0xa7,0x49,0xbb,0xb4,0x18,0x1f,0x4b,0xd3,0xa6,0x2a,0x87, 1127 0xb9,0x5c,0xca,0xf2,0x83,0x4c,0x40,0x03,0xb2,0x52,0x1a,0x79,0x21,0x08,0x37,0x18, 1128 0x4e,0xd9,0x8d,0x5f,0x99,0xc6,0x05,0x5f,0xf1,0x6a,0xae,0xba,0x75,0x5a,0x78,0x47, 1129 0x3a,0x3a,0x65,0x5e,0xe5,0xc4,0xd0,0xe3,0xda,0xd2,0xeb,0x5a,0x28,0x2d,0xb9,0x02, 1130 0x99,0x60,0xa2,0x6f,0x3c,0x2f,0x66,0x7c,0x98,0x45,0x9c,0xc9,0xfa,0x01,0xef,0x32, 1131 0x8e,0x7c,0x3e,0xf9,0xf4,0x03,0x7b,0x24,0xa6,0x56,0x09,0x8c,0x24 1132 }; 1133 static const BYTE cs_stanford_edu[] = { 1134 0x30,0x82,0x05,0xa5,0x30,0x82,0x04,0x8d,0xa0,0x03,0x02,0x01,0x02,0x02,0x11,0x00, 1135 0xf1,0x06,0x35,0xc6,0xee,0x01,0x95,0x98,0x11,0xab,0x60,0x00,0x75,0x72,0x30,0xb3, 1136 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0b,0x05,0x00,0x30, 1137 0x76,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x0b, 1138 0x30,0x09,0x06,0x03,0x55,0x04,0x08,0x13,0x02,0x4d,0x49,0x31,0x12,0x30,0x10,0x06, 1139 0x03,0x55,0x04,0x07,0x13,0x09,0x41,0x6e,0x6e,0x20,0x41,0x72,0x62,0x6f,0x72,0x31, 1140 0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x0a,0x13,0x09,0x49,0x6e,0x74,0x65,0x72,0x6e, 1141 0x65,0x74,0x32,0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,0x0b,0x13,0x08,0x49,0x6e, 1142 0x43,0x6f,0x6d,0x6d,0x6f,0x6e,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55,0x04,0x03,0x13, 1143 0x16,0x49,0x6e,0x43,0x6f,0x6d,0x6d,0x6f,0x6e,0x20,0x52,0x53,0x41,0x20,0x53,0x65, 1144 0x72,0x76,0x65,0x72,0x20,0x43,0x41,0x30,0x1e,0x17,0x0d,0x31,0x36,0x31,0x30,0x32, 1145 0x31,0x30,0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x31,0x39,0x31,0x30,0x32,0x31, 1146 0x32,0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x81,0xb4,0x31,0x0b,0x30,0x09,0x06,0x03, 1147 0x55,0x04,0x06,0x13,0x02,0x55,0x53,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x11, 1148 0x13,0x05,0x39,0x34,0x33,0x30,0x35,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x08, 1149 0x13,0x02,0x43,0x41,0x31,0x11,0x30,0x0f,0x06,0x03,0x55,0x04,0x07,0x13,0x08,0x53, 1150 0x74,0x61,0x6e,0x66,0x6f,0x72,0x64,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04,0x09, 1151 0x13,0x0e,0x34,0x35,0x30,0x20,0x53,0x65,0x72,0x72,0x61,0x20,0x4d,0x61,0x6c,0x6c, 1152 0x31,0x1c,0x30,0x1a,0x06,0x03,0x55,0x04,0x0a,0x13,0x13,0x53,0x74,0x61,0x6e,0x66, 1153 0x6f,0x72,0x64,0x20,0x55,0x6e,0x69,0x76,0x65,0x72,0x73,0x69,0x74,0x79,0x31,0x24, 1154 0x30,0x22,0x06,0x03,0x55,0x04,0x0b,0x13,0x1b,0x43,0x6f,0x6d,0x70,0x75,0x74,0x65, 1155 0x72,0x20,0x53,0x63,0x69,0x65,0x6e,0x63,0x65,0x20,0x44,0x65,0x70,0x61,0x72,0x74, 1156 0x6d,0x65,0x6e,0x74,0x31,0x18,0x30,0x16,0x06,0x03,0x55,0x04,0x03,0x13,0x0f,0x63, 1157 0x73,0x2e,0x73,0x74,0x61,0x6e,0x66,0x6f,0x72,0x64,0x2e,0x65,0x64,0x75,0x30,0x82, 1158 0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, 1159 0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,0x01,0x01,0x00,0xb5, 1160 0x8c,0x69,0x22,0xf1,0xd4,0x39,0x0a,0x45,0x7b,0x5f,0x1e,0x15,0x00,0xae,0x9a,0x0f, 1161 0x79,0x5c,0x08,0xea,0x52,0x0e,0x74,0x6d,0xcf,0x0b,0x1a,0x92,0x88,0x57,0xe4,0x8c, 1162 0x9e,0xbc,0xc6,0xd9,0x29,0x8f,0xe1,0x5f,0x52,0x11,0x59,0xf8,0x12,0x78,0xfa,0xdf, 1163 0xac,0xe6,0xdf,0xfb,0x3f,0x10,0xf3,0x93,0x23,0xdd,0xea,0x6c,0x0b,0xf6,0xda,0x99, 1164 0xbc,0x15,0x51,0xf9,0x8d,0x03,0x9e,0x79,0x28,0xf9,0x44,0x5d,0x06,0xac,0x95,0x61, 1165 0xc6,0x81,0xe4,0x6e,0x49,0x1a,0x8f,0xe9,0xea,0x1c,0x7d,0x05,0x53,0x20,0xfc,0xea, 1166 0x14,0xc4,0x2f,0x11,0x57,0x86,0x3a,0x53,0xc1,0x17,0x6b,0xb1,0xe6,0x77,0x4c,0x21, 1167 0x0d,0xe0,0x68,0x6c,0xac,0xc9,0xcb,0xe9,0xc2,0x5a,0x91,0xcb,0x51,0x1a,0xb8,0x53, 1168 0x13,0x75,0x13,0xef,0xfd,0x50,0x0b,0xd7,0x84,0xb0,0xb8,0x29,0x2c,0x64,0x00,0xd9, 1169 0x11,0xe5,0xef,0x9d,0x9d,0xb3,0xae,0x5f,0xa2,0x78,0x24,0x18,0xc3,0x68,0x13,0x86, 1170 0x0d,0x86,0xf8,0x2d,0xfe,0x47,0xba,0xae,0xe8,0xc2,0x6c,0xf3,0x80,0xc9,0x96,0x33, 1171 0xc2,0x08,0xa3,0x01,0xc9,0x70,0x04,0x25,0x2a,0x32,0x0e,0xd5,0x84,0xe3,0x91,0x57, 1172 0xb3,0x9c,0xbf,0x9f,0x37,0x71,0xbb,0x0a,0x21,0x22,0x09,0x01,0xfc,0x10,0x75,0x14, 1173 0x0c,0x53,0x3f,0xbe,0x6d,0x1f,0x96,0x4d,0xb5,0x3c,0xcd,0x2f,0xd9,0x9d,0xe7,0xb8, 1174 0x52,0x8b,0xac,0x24,0x8a,0x95,0xf4,0xd3,0x44,0xc3,0xe0,0x9f,0x85,0x86,0x3f,0x2e, 1175 0xf0,0xbe,0x73,0x8e,0x82,0x01,0x46,0x59,0x8d,0xd7,0x90,0x64,0x4a,0x2d,0x4d,0x02, 1176 0x03,0x01,0x00,0x01,0xa3,0x82,0x01,0xed,0x30,0x82,0x01,0xe9,0x30,0x1f,0x06,0x03, 1177 0x55,0x1d,0x23,0x04,0x18,0x30,0x16,0x80,0x14,0x1e,0x05,0xa3,0x77,0x8f,0x6c,0x96, 1178 0xe2,0x5b,0x87,0x4b,0xa6,0xb4,0x86,0xac,0x71,0x00,0x0c,0xe7,0x38,0x30,0x1d,0x06, 1179 0x03,0x55,0x1d,0x0e,0x04,0x16,0x04,0x14,0x48,0xf2,0x68,0xbb,0xd9,0xab,0xe3,0x04, 1180 0xba,0x2f,0x9d,0x7d,0x94,0xca,0xcf,0x77,0xd7,0xb1,0x0b,0x23,0x30,0x0e,0x06,0x03, 1181 0x55,0x1d,0x0f,0x01,0x01,0xff,0x04,0x04,0x03,0x02,0x05,0xa0,0x30,0x0c,0x06,0x03, 1182 0x55,0x1d,0x13,0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30,0x1d,0x06,0x03,0x55,0x1d, 1183 0x25,0x04,0x16,0x30,0x14,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x01,0x06, 1184 0x08,0x2b,0x06,0x01,0x05,0x05,0x07,0x03,0x02,0x30,0x67,0x06,0x03,0x55,0x1d,0x20, 1185 0x04,0x60,0x30,0x5e,0x30,0x52,0x06,0x0c,0x2b,0x06,0x01,0x04,0x01,0xae,0x23,0x01, 1186 0x04,0x03,0x01,0x01,0x30,0x42,0x30,0x40,0x06,0x08,0x2b,0x06,0x01,0x05,0x05,0x07, 1187 0x02,0x01,0x16,0x34,0x68,0x74,0x74,0x70,0x73,0x3a,0x2f,0x2f,0x77,0x77,0x77,0x2e, 1188 0x69,0x6e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x2e,0x6f,0x72,0x67,0x2f,0x63,0x65,0x72, 1189 0x74,0x2f,0x72,0x65,0x70,0x6f,0x73,0x69,0x74,0x6f,0x72,0x79,0x2f,0x63,0x70,0x73, 1190 0x5f,0x73,0x73,0x6c,0x2e,0x70,0x64,0x66,0x30,0x08,0x06,0x06,0x67,0x81,0x0c,0x01, 1191 0x02,0x02,0x30,0x44,0x06,0x03,0x55,0x1d,0x1f,0x04,0x3d,0x30,0x3b,0x30,0x39,0xa0, 1192 0x37,0xa0,0x35,0x86,0x33,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x6c,0x2e, 1193 0x69,0x6e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x2d,0x72,0x73,0x61,0x2e,0x6f,0x72,0x67, 1194 0x2f,0x49,0x6e,0x43,0x6f,0x6d,0x6d,0x6f,0x6e,0x52,0x53,0x41,0x53,0x65,0x72,0x76, 1195 0x65,0x72,0x43,0x41,0x2e,0x63,0x72,0x6c,0x30,0x75,0x06,0x08,0x2b,0x06,0x01,0x05, 1196 0x05,0x07,0x01,0x01,0x04,0x69,0x30,0x67,0x30,0x3e,0x06,0x08,0x2b,0x06,0x01,0x05, 1197 0x05,0x07,0x30,0x02,0x86,0x32,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x63,0x72,0x74, 1198 0x2e,0x75,0x73,0x65,0x72,0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x2f,0x49, 1199 0x6e,0x43,0x6f,0x6d,0x6d,0x6f,0x6e,0x52,0x53,0x41,0x53,0x65,0x72,0x76,0x65,0x72, 1200 0x43,0x41,0x5f,0x32,0x2e,0x63,0x72,0x74,0x30,0x25,0x06,0x08,0x2b,0x06,0x01,0x05, 1201 0x05,0x07,0x30,0x01,0x86,0x19,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x6f,0x63,0x73, 1202 0x70,0x2e,0x75,0x73,0x65,0x72,0x74,0x72,0x75,0x73,0x74,0x2e,0x63,0x6f,0x6d,0x30, 1203 0x44,0x06,0x03,0x55,0x1d,0x11,0x04,0x3d,0x30,0x3b,0x82,0x0f,0x63,0x73,0x2e,0x73, 1204 0x74,0x61,0x6e,0x66,0x6f,0x72,0x64,0x2e,0x65,0x64,0x75,0x82,0x13,0x77,0x77,0x77, 1205 0x2d,0x63,0x73,0x2e,0x73,0x74,0x61,0x6e,0x66,0x6f,0x72,0x64,0x2e,0x65,0x64,0x75, 1206 0x82,0x13,0x77,0x77,0x77,0x2e,0x63,0x73,0x2e,0x73,0x74,0x61,0x6e,0x66,0x6f,0x72, 1207 0x64,0x2e,0x65,0x64,0x75,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01, 1208 0x01,0x0b,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x7e,0xad,0x31,0x04,0x9a,0xe0,0xc2, 1209 0x42,0x8a,0x3b,0x5a,0x8a,0x5f,0xe9,0x50,0x33,0xd7,0xf9,0x18,0xd3,0x96,0x05,0x15, 1210 0xe5,0xcf,0x61,0x99,0x0d,0x97,0xda,0xf4,0xdd,0x6e,0x45,0xfb,0xe4,0x0e,0x4d,0x23, 1211 0xcd,0xe1,0xe0,0x46,0x8f,0x96,0x35,0xa7,0x04,0xe5,0x78,0xfe,0x78,0xed,0xf9,0x33, 1212 0xeb,0xde,0x0b,0x9f,0xf4,0x79,0xba,0x2a,0x04,0xea,0xdb,0x63,0xd4,0x8c,0x82,0x12, 1213 0x0e,0xdd,0xf1,0xa5,0xa4,0x36,0x86,0x43,0x75,0x1f,0x2e,0x84,0xcd,0xbf,0x7a,0x80, 1214 0x9f,0x96,0x89,0x58,0x69,0xe1,0x31,0x17,0xb1,0x16,0x34,0x53,0xb6,0xf0,0x31,0xfd, 1215 0xc1,0x1e,0x9e,0x40,0x9f,0xa7,0x56,0x26,0xb0,0xa4,0x15,0x19,0x70,0x1c,0xb3,0x47, 1216 0x2b,0x8e,0x90,0x43,0x37,0xd7,0xb5,0xba,0x54,0xe5,0xa4,0xda,0x69,0xae,0xb8,0x73, 1217 0x35,0x47,0x01,0xac,0xd9,0x21,0xff,0x18,0x88,0x0b,0xda,0x4a,0xff,0x26,0x2f,0xef, 1218 0x15,0xcd,0x6f,0x79,0xf3,0xcb,0x0a,0xaf,0x11,0x3b,0x7e,0xc0,0x11,0xbb,0xeb,0x13, 1219 0xe7,0xb2,0x28,0x62,0x92,0x90,0x63,0x50,0xf2,0x6f,0x93,0x92,0x67,0xc0,0xde,0x22, 1220 0x3f,0x6e,0x25,0x00,0x60,0x42,0xfe,0x29,0x8d,0x7b,0x5c,0xc1,0xa9,0x09,0xb4,0xc6, 1221 0x18,0x56,0x5b,0xb6,0xd0,0xd2,0xdd,0x1b,0x51,0xcb,0x97,0xe7,0x20,0x94,0x97,0xb1, 1222 0x40,0xff,0x05,0xec,0x10,0xd6,0xa3,0x4d,0xc8,0x32,0x99,0xf0,0xab,0x51,0xda,0x5b, 1223 0x12,0x70,0x63,0x8a,0x5b,0x63,0x6d,0xc8,0x31,0x76,0x70,0xe3,0x02,0x18,0x4e,0x0e, 1224 0x9c,0xea,0xab,0x78,0xfa,0x07,0x48,0x59,0xc6 1225 }; 1226 1227 /* chain0_0 -> chain0_1: 1228 * A simple, valid chain 1229 */ 1230 static const BYTE chain0_0[] = { 1231 0x30,0x82,0x01,0xc2,0x30,0x82,0x01,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1232 0x73,0x87,0xdb,0x32,0x3a,0x6c,0x89,0x74,0x0f,0xda,0x07,0xd4,0x6a,0x2c,0x81, 1233 0x59,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1234 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1235 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1236 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1237 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1238 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1239 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1240 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1241 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1242 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1243 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1244 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1245 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1246 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1247 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1248 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1249 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1250 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1251 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1252 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x82,0xcd,0x5c,0x0a, 1253 0x9d,0x0d,0x3f,0xd1,0xd8,0x74,0xfc,0x52,0x65,0x11,0x76,0x10,0x62,0xb0,0x9a, 1254 0xc5,0x54,0x66,0xae,0xfa,0xd5,0x66,0x36,0xcb,0x1e,0xe7,0xad,0xb9,0xfa,0x2e, 1255 0xbb,0xb9,0x0b,0x4b,0xbf,0xe7,0x26,0x75,0x2c,0xae,0x2d,0x14,0x84,0x92,0xae, 1256 0x56,0xdf,0x55,0x56,0xf3,0xa6,0xc5,0x21,0xa8,0x5e,0xce,0x7a,0x9d,0xff,0x7f, 1257 0x10,0xd9,0xc3,0x05,0x52,0x86,0xdc,0x9b,0x46,0xe7,0x69,0xfb,0x1e,0xf0,0x68, 1258 0x7d,0x34,0xd7,0xf3,0x56,0xe3,0x0a,0xf3,0xe4,0xdc,0x0f,0xd6,0x4d,0xa8,0xc5, 1259 0xb5,0x5b,0xbf,0x0b,0x5d,0xe7,0x76,0xa1,0x56,0xc1,0xa7,0x55,0xa0,0x88,0x7f, 1260 0x57,0x8e,0x64,0xda,0x6f,0xaa,0x9c,0xca,0x47,0xf3,0x37,0x08,0x4b,0x9a,0xdc, 1261 0xbc,0x65,0x4d,0x9a }; 1262 static const BYTE chain0_1[] = { 1263 0x30,0x82,0x01,0x98,0x30,0x82,0x01,0x01,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1264 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 1265 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 1266 0x65,0x72,0x74,0x31,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x31,0x31,0x32, 1267 0x32,0x31,0x38,0x35,0x32,0x30,0x37,0x5a,0x18,0x0f,0x31,0x36,0x32,0x38,0x30, 1268 0x38,0x32,0x36,0x30,0x35,0x32,0x30,0x35,0x37,0x5a,0x30,0x10,0x31,0x0e,0x30, 1269 0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81, 1270 0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, 1271 0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda, 1272 0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33, 1273 0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c, 1274 0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60, 1275 0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32, 1276 0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f, 1277 0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44, 1278 0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc, 1279 0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38, 1280 0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, 1281 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x3c, 1282 0x90,0x45,0x5b,0x81,0x25,0x9d,0x7a,0x10,0x9f,0x15,0x25,0x03,0x52,0x78,0x09, 1283 0x6f,0x62,0x66,0x78,0x01,0x69,0x6a,0x7f,0x19,0x02,0x18,0xd8,0xc0,0x89,0x2f, 1284 0x0f,0x47,0xa7,0x17,0xc2,0xd7,0xe2,0x81,0x7e,0xea,0x54,0xd4,0xe6,0xcc,0x8f, 1285 0x88,0x1a,0xee,0x28,0x42,0x6c,0x77,0xf5,0xec,0x8c,0x05,0xa5,0x7f,0xee,0x2e, 1286 0x0b,0xbc,0xde,0xb0,0x71,0x2c,0x83,0x32,0xcb,0x49,0x00,0x46,0x03,0x95,0x58, 1287 0x6c,0x57,0x0c,0x5a,0x69,0x3c,0xfa,0xbf,0x46,0x7a,0x4d,0xd0,0x23,0x77,0x23, 1288 0xac,0x1d,0x33,0xb7,0x87,0xb4,0xc6,0x6b,0x52,0xa1,0xed,0x9a,0xb8,0x8e,0x1a, 1289 0xcb,0xc3,0xd3,0x50,0xe0,0x0d,0x12,0x5d,0x0e,0x84,0x52,0xa5,0x12,0x76,0x6b, 1290 0xbf,0xb8,0xbe,0x51,0xc0,0xa6,0xae }; 1291 /* chain0_0 -> chain1_1: 1292 * A chain whose signature is bad 1293 */ 1294 static const BYTE chain1_1[] = { 1295 0x30,0x82,0x01,0x98,0x30,0x82,0x01,0x01,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1296 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 1297 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 1298 0x65,0x72,0x74,0x31,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x31,0x31,0x32, 1299 0x32,0x31,0x38,0x35,0x32,0x30,0x37,0x5a,0x18,0x0f,0x31,0x36,0x32,0x38,0x30, 1300 0x38,0x32,0x36,0x30,0x35,0x32,0x30,0x35,0x37,0x5a,0x30,0x10,0x31,0x0e,0x30, 1301 0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81, 1302 0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, 1303 0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xad,0x7e,0xca, 1304 0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d, 1305 0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,0x9e,0x07,0x78,0x08,0x11,0x12,0x2d, 1306 0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25, 1307 0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12, 1308 0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76, 1309 0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe, 1310 0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37, 1311 0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1, 1312 0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, 1313 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xad, 1314 0x16,0xaa,0x77,0xab,0xd5,0x1a,0x6c,0x90,0x5d,0x4e,0x61,0x49,0x89,0x6e,0x9f, 1315 0x03,0x7b,0x4a,0x49,0xb1,0x46,0x75,0xf3,0x69,0xeb,0x96,0x13,0x3c,0x35,0xb5, 1316 0x37,0x3b,0xc2,0x84,0x5c,0xe5,0x7c,0x46,0xf6,0x6b,0xc7,0x4e,0x72,0x91,0xf4, 1317 0xde,0xc5,0x66,0x0f,0x2d,0x39,0xc6,0x9e,0x8e,0x25,0x4d,0x3f,0x7b,0x45,0xe1, 1318 0xc6,0x1a,0x7e,0x28,0x83,0xf8,0x87,0x30,0x4e,0xa5,0xfd,0x32,0x7a,0xed,0x53, 1319 0x10,0x3b,0x14,0xe5,0xf1,0x32,0x77,0xf1,0x29,0x72,0x98,0x2b,0xa3,0x17,0xd6, 1320 0x8c,0x65,0xaa,0x3b,0x6d,0xab,0xb3,0xbe,0xfa,0x72,0x38,0xf7,0xd0,0xb6,0x0f, 1321 0x5c,0x0d,0xec,0x17,0x43,0x2a,0xfd,0xc1,0x01,0x43,0x98,0xd3,0x1b,0x84,0x3e, 1322 0x32,0xcf,0xda,0x1d,0xc2,0xc9,0x61 }; 1323 /* chain2_0 -> chain0_1: 1324 * A chain whose time nesting is invalid. 1325 */ 1326 static const BYTE chain2_0[] = { 1327 0x30,0x82,0x01,0xc2,0x30,0x82,0x01,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1328 0x11,0x58,0x73,0x34,0x62,0x2b,0xa5,0xa5,0x54,0x4a,0x14,0x48,0x3c,0x90,0x4e, 1329 0x86,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1330 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1331 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x36,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1332 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x36,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1333 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1334 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1335 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1336 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1337 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1338 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1339 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1340 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1341 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1342 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1343 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1344 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1345 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1346 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1347 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1348 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x88,0x44,0x83,0xfc, 1349 0x38,0xa4,0x6e,0x53,0x24,0x8f,0xac,0xcf,0xc0,0xb9,0xaa,0xdc,0x5f,0x30,0xf3, 1350 0xc3,0x5c,0xd5,0x10,0x4e,0xb7,0x30,0x24,0x80,0xb3,0x5e,0xcb,0x6a,0xec,0x88, 1351 0xa6,0x02,0xbd,0x37,0x97,0xcc,0x60,0x04,0x03,0xdd,0xfa,0xb0,0x4e,0xd6,0x00, 1352 0x22,0x41,0xaa,0x2b,0x3c,0x3e,0x1f,0xcd,0xe3,0xf0,0x88,0x84,0x1c,0x00,0xc4, 1353 0x97,0x69,0x3d,0x40,0x6d,0x33,0x8c,0xb7,0xb4,0x41,0xf3,0x28,0x00,0xa8,0xa1, 1354 0x81,0x76,0x50,0x69,0xb2,0x2c,0xc4,0x56,0xab,0x2b,0x4a,0x77,0x41,0x3e,0x6c, 1355 0x78,0x0b,0xf9,0x6c,0x86,0x84,0x1a,0x5a,0x0e,0x8c,0x12,0x59,0xbd,0x74,0xf3, 1356 0xb9,0x91,0xa1,0x70,0x91,0xf3,0xe8,0x8d,0x78,0x42,0xc3,0x4f,0xfa,0xef,0xe7, 1357 0xca,0x09,0x5c,0x18 }; 1358 /* chain3_0 -> chain0_1: 1359 * A chain whose root cannot be a CA. 1360 */ 1361 static const BYTE chain3_0[] = { 1362 0x30,0x82,0x01,0xad,0x30,0x82,0x01,0x1a,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1363 0x63,0x73,0xee,0x45,0x59,0x76,0x1a,0x9e,0x47,0xf1,0xfb,0xf0,0x42,0x44,0x26, 1364 0xeb,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 1365 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 1366 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 1367 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 1368 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 1369 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 1370 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1371 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1372 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1373 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1374 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1375 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1376 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1377 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1378 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1379 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1380 0x00,0x01,0xa3,0x10,0x30,0x0e,0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01,0x01, 1381 0xff,0x04,0x02,0x30,0x00,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05, 1382 0x00,0x03,0x81,0x81,0x00,0x53,0xb7,0xa9,0x90,0xe0,0x88,0x36,0xc0,0x2d,0xb1, 1383 0xa3,0x97,0xff,0x16,0x62,0x29,0xa2,0xfd,0x92,0x90,0xb7,0x8d,0xd9,0xdf,0x57, 1384 0x94,0x5a,0xce,0x36,0x5c,0x95,0x24,0xab,0x4f,0x63,0x55,0xa7,0xea,0x8b,0xaf, 1385 0xd9,0x41,0x6a,0x2f,0xd8,0x9e,0x1c,0x2d,0xc0,0x11,0x52,0x09,0x4b,0x31,0x1f, 1386 0x5e,0x8f,0x4b,0xbf,0x20,0x73,0x2d,0x04,0x11,0x56,0x6d,0xb1,0xbe,0xb4,0x5d, 1387 0x70,0x6b,0xb2,0xd0,0xd3,0xf5,0x5d,0x60,0x08,0x65,0x2c,0xe3,0x78,0x5a,0x05, 1388 0x36,0xe1,0xf1,0x67,0x3a,0x25,0xf3,0x47,0x83,0xce,0x4f,0xb0,0x74,0x7a,0x35, 1389 0xa0,0x7f,0x70,0x64,0x8a,0x14,0x66,0x03,0xf6,0xae,0xdf,0x1b,0xf5,0x80,0x87, 1390 0x06,0x39,0x76,0x70,0x7b,0xd2,0x83,0xe9,0xce,0x1f,0xf8,0x66,0xc1 }; 1391 /* chain4_0 -> chain4_1 -> chain4_2: 1392 * A chain whose path length constraint is violated. 1393 */ 1394 static const BYTE chain4_0[] = { 1395 0x30,0x82,0x01,0xc5,0x30,0x82,0x01,0x30,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1396 0x01,0xcd,0x67,0x9e,0xec,0xae,0x1e,0x69,0x16,0x3f,0x92,0x8a,0xed,0x6d,0x57, 1397 0xac,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1398 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1399 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1400 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1401 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1402 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1403 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1404 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1405 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1406 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1407 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1408 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1409 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1410 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1411 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1412 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1413 0x00,0x01,0xa3,0x26,0x30,0x24,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1414 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01, 1415 0x01,0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x00,0x30,0x0b,0x06, 1416 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x70, 1417 0x60,0x8d,0x5f,0x29,0x8e,0x6b,0x48,0x79,0xaa,0xd1,0x7a,0xbb,0x6c,0x7c,0x54, 1418 0x11,0x55,0x08,0xb9,0x2e,0x5e,0x53,0xd6,0x9b,0xb9,0xe4,0xc8,0x0e,0x48,0xe7, 1419 0x20,0x9e,0xbd,0x7c,0x55,0xb8,0xf1,0x69,0x0c,0x08,0xd6,0x32,0x32,0xd9,0x05, 1420 0x81,0x8a,0x33,0x4c,0x57,0x20,0xae,0xe8,0xde,0x61,0x63,0x85,0xc8,0xe1,0x1d, 1421 0xef,0x4b,0xa4,0x42,0x4e,0x0a,0x25,0x48,0x2b,0xc2,0x06,0x79,0x90,0x45,0x90, 1422 0x94,0x3d,0xb0,0x36,0xe6,0x60,0xe6,0xd2,0x1a,0x11,0x01,0x4b,0xaf,0x23,0x4d, 1423 0x62,0x6b,0xdc,0x3a,0xae,0x61,0x93,0xce,0x7b,0xae,0x21,0xfe,0x42,0xd8,0x86, 1424 0x36,0x19,0x00,0x18,0x13,0x4d,0xf9,0xd1,0x94,0xa2,0xb7,0xbd,0xb0,0x5c,0x9b, 1425 0x5c,0x03,0xf5,0x86,0x85,0x07,0x1c }; 1426 static const BYTE chain4_1[] = { 1427 0x30,0x82,0x01,0xb3,0x30,0x82,0x01,0x1e,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1428 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1429 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1430 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1431 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1432 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1433 0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1434 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1435 0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f, 1436 0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e, 1437 0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe, 1438 0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71, 1439 0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87, 1440 0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68, 1441 0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36, 1442 0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22, 1443 0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01, 1444 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1445 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1446 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1447 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x26,0x56,0x31,0x53, 1448 0x65,0xe3,0xd8,0x59,0xc8,0x6f,0xa3,0x5b,0x8a,0x11,0x53,0xde,0x8d,0x6f,0x6d, 1449 0x8c,0xe1,0x79,0x25,0xb2,0xbf,0xc6,0x3b,0xa1,0x8b,0x6b,0xcd,0x99,0xcf,0x0c, 1450 0x6f,0xaa,0xbc,0xd0,0x3d,0xb2,0xf8,0x1c,0x6f,0xb0,0x84,0x7b,0xb1,0x88,0xec, 1451 0xd6,0x77,0xbe,0xb1,0x0b,0x8c,0x18,0x85,0xb7,0x38,0x81,0x12,0xc9,0xc7,0x4a, 1452 0xf6,0x83,0xc4,0xd9,0xae,0xb6,0x1d,0xbb,0xd2,0x08,0x01,0x4a,0xe1,0xdc,0x8f, 1453 0x67,0xa9,0xed,0xe2,0x3f,0x96,0xf6,0x72,0x7e,0x4a,0x63,0x46,0xc4,0x82,0x89, 1454 0x0a,0x81,0xc8,0x3a,0x9c,0xe7,0x23,0x5f,0x8d,0xd9,0x6c,0xb2,0x5d,0x9a,0x40, 1455 0x04,0x04,0xd5,0x4a,0x29,0x57,0xbd,0x18,0xd8,0xca,0x1f,0xf7,0xf8,0x23,0x07, 1456 0x4b,0x03,0xa3,0xd9 }; 1457 static const BYTE chain4_2[] = { 1458 0x30,0x82,0x01,0x98,0x30,0x82,0x01,0x01,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1459 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 1460 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 1461 0x65,0x72,0x74,0x32,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x31,0x31,0x32, 1462 0x32,0x31,0x38,0x35,0x32,0x30,0x37,0x5a,0x18,0x0f,0x31,0x36,0x32,0x38,0x30, 1463 0x38,0x32,0x36,0x30,0x35,0x32,0x30,0x35,0x37,0x5a,0x30,0x10,0x31,0x0e,0x30, 1464 0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81, 1465 0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, 1466 0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xc3,0x31,0x35, 1467 0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9,0xb1,0xf6,0x8f,0xf9,0x05,0x73,0x1d, 1468 0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11,0x7e,0x77,0xa0,0x42,0x80,0xf4,0x79, 1469 0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0,0xeb,0x8a,0x80,0xed,0x07,0xfc,0x64, 1470 0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42,0x63,0xd9,0x79,0xea,0xdd,0x10,0xe8, 1471 0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87,0xca,0xd1,0xc9,0x77,0x14,0x30,0x85, 1472 0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55,0xcb,0xa7,0xd5,0xb8,0x44,0xb5,0x20, 1473 0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f,0x87,0xaf,0x37,0xd1,0x39,0x0c,0x0d, 1474 0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1,0x60,0x65,0x2d,0x08,0x24,0x51,0x1d, 1475 0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, 1476 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xaa, 1477 0x0e,0x17,0x8d,0x5b,0xca,0x11,0xda,0x5a,0xb5,0xd4,0xe8,0x63,0xce,0xa5,0x67, 1478 0x11,0x2f,0xf8,0xb8,0x9f,0x89,0x46,0x7d,0x20,0x94,0x5f,0x0d,0x02,0x7e,0x5e, 1479 0x8c,0x33,0xfc,0x24,0x56,0x08,0xe6,0xf1,0x4d,0x29,0xd5,0xef,0x03,0xe3,0x9a, 1480 0xc6,0xcd,0x6e,0xe3,0xe6,0x45,0xaa,0xce,0x5a,0x2f,0x37,0x6c,0x07,0xd2,0x28, 1481 0x63,0x8e,0x55,0x8a,0xad,0xe3,0x8a,0x58,0x3d,0x24,0x09,0x1e,0x9a,0x7d,0x5f, 1482 0x05,0xc4,0x51,0x18,0x17,0x46,0x33,0x4d,0x72,0x05,0xc2,0x02,0xb6,0x05,0x22, 1483 0x23,0xcc,0xf9,0x1f,0x87,0x6c,0x4a,0x3d,0x6f,0xdb,0x59,0xf6,0x79,0x81,0x02, 1484 0x45,0x9f,0xc8,0xc3,0xf0,0x90,0x82,0xaf,0x58,0x80,0x18,0xea,0x73,0x50,0x29, 1485 0x71,0x8d,0xc1,0x9e,0x53,0x19,0x5a }; 1486 /* chain5_0 -> chain5_1: 1487 * A chain whose name constraints aren't met. 1488 */ 1489 static const BYTE chain5_0[] = { 1490 0x30,0x82,0x01,0xe0,0x30,0x82,0x01,0x4b,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1491 0xed,0xb8,0x3b,0xf2,0x95,0xe6,0x8e,0xdf,0x75,0x6a,0x22,0xbc,0xca,0x51,0xb6, 1492 0x83,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1493 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1494 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1495 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1496 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1497 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1498 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1499 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1500 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1501 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1502 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1503 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1504 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1505 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1506 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1507 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1508 0x00,0x01,0xa3,0x41,0x30,0x3f,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1509 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1510 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x1c,0x06,0x03,0x55,0x1d, 1511 0x1e,0x01,0x01,0xff,0x04,0x12,0x30,0x10,0xa0,0x0e,0x30,0x0c,0x82,0x0a,0x77, 1512 0x69,0x6e,0x65,0x68,0x71,0x2e,0x6f,0x72,0x67,0x30,0x0b,0x06,0x09,0x2a,0x86, 1513 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x7f,0x98,0xd1,0x58, 1514 0x70,0x36,0x2c,0x08,0x63,0x2c,0xf9,0xe0,0x16,0xda,0x59,0xd9,0x1b,0xa5,0xba, 1515 0xe0,0xec,0xd9,0x0a,0x1b,0x78,0xd0,0xea,0x49,0xc7,0x01,0x06,0x78,0xe5,0xb3, 1516 0x81,0x5a,0x53,0x3d,0x9b,0x0d,0xaf,0xc8,0x04,0x57,0x15,0xee,0xfd,0x05,0x80, 1517 0x72,0x8a,0x54,0x51,0x6a,0x15,0xdc,0xbf,0xfc,0xe3,0x04,0xe4,0x6f,0x20,0xb2, 1518 0xfd,0xa6,0x32,0x4c,0xbc,0x1b,0x60,0xf7,0xc3,0x9c,0x5f,0x17,0x94,0xc7,0xdf, 1519 0x9f,0xae,0xdb,0x72,0x8a,0x98,0x28,0x9d,0x26,0x1f,0x14,0x76,0xb1,0x8e,0x26, 1520 0xf6,0x97,0x96,0x57,0x14,0x9e,0x44,0x13,0xef,0x85,0xc1,0x6f,0x38,0xda,0xf2, 1521 0x3a,0xf6,0xad,0x0b,0x35,0xcf,0xea,0xb0,0x5a,0x9c,0x36,0x80,0x45,0x1f,0x88, 1522 0x2f,0xff,0xb4,0xb5 }; 1523 static const BYTE chain5_1[] = { 1524 0x30,0x82,0x01,0xb2,0x30,0x82,0x01,0x1b,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1525 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 1526 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 1527 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30, 1528 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32, 1529 0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 1530 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 1531 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 1532 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 1533 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 1534 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 1535 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 1536 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 1537 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 1538 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 1539 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 1540 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 1541 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x1c,0x30,0x1a,0x30,0x18,0x06,0x03,0x55, 1542 0x1d,0x07,0x01,0x01,0xff,0x04,0x0e,0x30,0x0c,0x82,0x0a,0x77,0x69,0x6e,0x65, 1543 0x68,0x71,0x2e,0x63,0x6f,0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, 1544 0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x08,0x08,0xf5,0x1c,0xca, 1545 0x3b,0x5a,0xd7,0x45,0xac,0x29,0x5c,0x10,0x9d,0xb0,0x4a,0xdb,0x36,0x0b,0x39, 1546 0x14,0x87,0x3d,0x06,0xe8,0x0d,0x54,0xa7,0xb9,0x50,0x14,0x29,0x05,0xd2,0x75, 1547 0xe4,0x88,0xd8,0x8e,0x7e,0xab,0x61,0xba,0x3c,0xb2,0x4f,0x8f,0xfd,0x00,0x6b, 1548 0x94,0x69,0xf0,0x13,0x40,0x7d,0x4e,0x7c,0xac,0xf0,0x1b,0x07,0x2c,0x96,0x46, 1549 0xf6,0x38,0x38,0xc6,0x65,0x2c,0x02,0x28,0x62,0x6f,0x7d,0xf9,0x4d,0xff,0xb1, 1550 0x38,0x0e,0xce,0x89,0x0e,0xdd,0x22,0x51,0xd2,0x6b,0x0e,0x80,0x3c,0xa6,0x0c, 1551 0xe7,0x8b,0x3b,0x2a,0x2f,0x46,0xed,0xda,0x96,0x1a,0xc1,0x5c,0xfe,0xe0,0xef, 1552 0xdb,0xe0,0x11,0xc4,0x56,0x12,0xe2,0x4b,0x84,0xde,0xaf,0x7f,0x3c,0x9f,0xcb, 1553 0xb6,0xac,0x92 }; 1554 /* chain0_0 -> chain4_1: 1555 * A chain whose end certificate is a CA. 1556 */ 1557 /* chain0_0 -> chain 7_1: 1558 * A chain whose end cert has a bad critical extension. 1559 */ 1560 static const BYTE chain7_1[] = { 1561 0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 1562 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 1563 0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, 1564 0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30, 1565 0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, 1566 0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, 1567 0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, 1568 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, 1569 0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33, 1570 0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc, 1571 0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48, 1572 0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47, 1573 0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05, 1574 0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a, 1575 0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85, 1576 0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3, 1577 0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3, 1578 0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 1579 0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x9f,0x69,0xfd,0x26,0xd5,0x4b, 1580 0xe0,0xab,0x12,0x21,0xb9,0xfc,0xf7,0xe0,0x0c,0x09,0x94,0xad,0x27,0xd7,0x9d, 1581 0xa3,0xcc,0x46,0x2a,0x25,0x9a,0x24,0xa7,0x31,0x58,0x78,0xf5,0xfc,0x30,0xe1, 1582 0x6d,0xfd,0x59,0xab,0xbe,0x69,0xa0,0xea,0xe3,0x7d,0x7a,0x7b,0xe5,0x85,0xeb, 1583 0x86,0x6a,0x84,0x3c,0x96,0x01,0x1a,0x70,0xa7,0xb8,0xcb,0xf2,0x11,0xe7,0x52, 1584 0x9c,0x58,0x2d,0xac,0x63,0xce,0x72,0x4b,0xad,0x62,0xa8,0x1d,0x75,0x96,0xe2, 1585 0x27,0xf5,0x6f,0xba,0x91,0xf8,0xf1,0xb0,0xbf,0x90,0x24,0x6d,0xba,0x5d,0xd7, 1586 0x39,0x63,0x3b,0x7c,0x04,0x5d,0x89,0x9d,0x1c,0xf2,0xf7,0xcc,0xdf,0x6e,0x8a, 1587 0x43,0xa9,0xdd,0x86,0x05,0xa2,0xf3,0x22,0x2d,0x1e,0x70,0xa1,0x59,0xd7,0xa5, 1588 0x94,0x7d }; 1589 /* chain8_0 -> chain8_1 -> chain8_2: 1590 * A chain whose root cert validity time doesn't overlap the end cert's 1591 * validity time. 1592 */ 1593 static const BYTE chain8_0[] = { 1594 0x30,0x82,0x01,0xc2,0x30,0x82,0x01,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1595 0x76,0x09,0xeb,0xc1,0x06,0x61,0x69,0x50,0x0e,0x0c,0xaf,0xc9,0x0a,0x6b,0x93, 1596 0x50,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1597 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1598 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1599 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x30,0x36,0x30,0x31,0x30,0x30,0x30, 1600 0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1601 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1602 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1603 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1604 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1605 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1606 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1607 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1608 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1609 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1610 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1611 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1612 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1613 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1614 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1615 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x87,0x74,0x4a,0xb7, 1616 0xbe,0xd4,0x21,0xa5,0x5f,0x51,0xd6,0xea,0x89,0x4c,0x68,0x16,0x38,0x09,0x49, 1617 0xf5,0xef,0xac,0x0c,0x59,0x27,0xa3,0x0f,0x8f,0xb9,0x21,0x35,0x91,0xef,0x15, 1618 0x91,0xe2,0xac,0xf2,0xad,0xfe,0x05,0x9a,0x9f,0x24,0x81,0x75,0x69,0x57,0x51, 1619 0xe3,0x2f,0x29,0xad,0x55,0x8b,0xc7,0x25,0xbe,0xcd,0x38,0xa7,0xff,0xdb,0xb0, 1620 0x85,0x4e,0x8d,0x56,0x5a,0x79,0xf7,0x7a,0xfb,0x64,0x3d,0x4e,0x04,0x34,0xf7, 1621 0x2f,0x7f,0xe3,0x21,0xee,0x8d,0xd3,0xb0,0x26,0x7d,0xb8,0xc3,0xb6,0x0f,0xe2, 1622 0x3f,0xb6,0x8a,0x53,0x27,0xc0,0xe1,0xfb,0xd8,0xea,0xfe,0xed,0x80,0x51,0xb6, 1623 0x46,0x59,0x65,0x6c,0x34,0x01,0xcc,0x2e,0x50,0xc7,0x4e,0x37,0x83,0x54,0x3f, 1624 0x7b,0xa2,0x1d,0x3a }; 1625 static const BYTE chain8_1[] = { 1626 0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 1627 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 1628 0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, 1629 0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,0x30, 1630 0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,0x30, 1631 0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, 1632 0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, 1633 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, 1634 0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33, 1635 0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc, 1636 0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48, 1637 0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47, 1638 0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05, 1639 0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a, 1640 0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85, 1641 0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3, 1642 0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3, 1643 0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 1644 0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x22,0xf1,0x66,0x00,0x79,0xd2, 1645 0xe6,0xb2,0xb2,0xf7,0x2f,0x98,0x92,0x7d,0x73,0xc3,0x6c,0x5c,0x77,0x20,0xe3, 1646 0xbf,0x3e,0xe0,0xb3,0x5c,0x68,0xb4,0x9b,0x3a,0x41,0xae,0x94,0xa0,0x80,0x3a, 1647 0xfe,0x5d,0x7a,0x56,0x87,0x85,0x44,0x45,0xcf,0xa6,0xd3,0x10,0xe7,0x73,0x41, 1648 0xf2,0x7f,0x88,0x85,0x91,0x8e,0xe6,0xec,0xe2,0xce,0x08,0xbc,0xa5,0x76,0xe5, 1649 0x4d,0x1d,0xb7,0x70,0x31,0xdd,0xc9,0x9a,0x15,0x32,0x11,0x5a,0x4e,0x62,0xc8, 1650 0xd1,0xf8,0xec,0x46,0x39,0x5b,0xe7,0x67,0x1f,0x58,0xe8,0xa1,0xa0,0x5b,0xf7, 1651 0x8a,0x6d,0x5f,0x91,0x18,0xd4,0x90,0x85,0xff,0x30,0xc7,0xca,0x9c,0xc6,0x92, 1652 0xb0,0xca,0x16,0xc4,0xa4,0xc0,0xd6,0xe8,0xff,0x15,0x19,0xd1,0x30,0x61,0xf3, 1653 0xef,0x9f }; 1654 static const BYTE chain8_2[] = { 1655 0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 1656 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 1657 0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, 1658 0x72,0x74,0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30, 1659 0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, 1660 0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, 1661 0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, 1662 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, 1663 0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20, 1664 0xc6,0x32,0xe9,0xb1,0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a, 1665 0x9c,0x7f,0x11,0x7e,0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa, 1666 0x8f,0x0c,0xd0,0xeb,0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f, 1667 0x9b,0xde,0x42,0x63,0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a, 1668 0x39,0x23,0x87,0xca,0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07, 1669 0xb7,0x7c,0x55,0xcb,0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1, 1670 0xd5,0xad,0x0f,0x87,0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed, 1671 0xf9,0x2a,0xb1,0x60,0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7, 1672 0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 1673 0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x33,0x95,0x73,0x7c,0x7c,0xb0, 1674 0xbb,0x2b,0xe0,0xc4,0x12,0xf0,0x26,0x85,0x97,0x0c,0x81,0xde,0xc5,0x52,0x04, 1675 0xcb,0xee,0x11,0x9a,0x2e,0xa2,0xc4,0x76,0xd5,0x57,0xd1,0x2f,0x2d,0x6f,0x42, 1676 0xbf,0x23,0x85,0x59,0x5c,0x96,0x8d,0xef,0xbc,0xb6,0xf5,0xd3,0x66,0x99,0x54, 1677 0x95,0x09,0x28,0x0b,0x4f,0x05,0x5f,0x61,0x20,0xa8,0x0d,0x46,0x9a,0xab,0x29, 1678 0x97,0x6b,0xa3,0xcd,0xd7,0x5a,0xda,0xaa,0x8e,0xad,0x5a,0x66,0x58,0xf6,0x63, 1679 0x76,0x10,0xdc,0xb0,0xee,0x3f,0x82,0x6d,0x29,0xb9,0xcb,0x99,0x15,0xbb,0xb9, 1680 0x74,0x73,0x00,0x14,0x74,0x79,0xad,0x89,0x73,0xaa,0xa2,0x0e,0x52,0xe8,0x28, 1681 0x69,0xe6,0x8c,0x1e,0xce,0x3a,0x6d,0x85,0x33,0x1e,0x21,0xa3,0x42,0x61,0x3a, 1682 0xeb,0x25 }; 1683 /* chain9_0 -> chain7_1: 1684 * A cyclic chain. 1685 */ 1686 static const BYTE chain9_0[] = { 1687 0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 1688 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 1689 0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, 1690 0x72,0x74,0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30, 1691 0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, 1692 0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, 1693 0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, 1694 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, 1695 0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a, 1696 0xca,0x50,0x82,0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde, 1697 0xc5,0xc3,0x34,0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14, 1698 0x03,0x7a,0xe7,0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f, 1699 0xc1,0x33,0x91,0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98, 1700 0x1b,0x99,0xc5,0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06, 1701 0x49,0xba,0xcd,0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45, 1702 0x72,0xb6,0x1c,0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5, 1703 0x1f,0x2f,0x35,0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f, 1704 0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 1705 0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x2c,0xf5,0x25,0xaa,0xb4,0x63, 1706 0x5a,0x5d,0xae,0x7b,0x42,0x79,0xbc,0x41,0x2f,0x8a,0x2a,0x70,0x9f,0x8e,0xb2, 1707 0x14,0x1b,0x6f,0xb2,0xf3,0x3e,0xab,0x06,0x9c,0xa8,0x92,0x43,0xc4,0x57,0x63, 1708 0xa4,0xee,0x83,0x04,0xab,0xa5,0x2c,0xd9,0x90,0xed,0xc9,0x4d,0xa8,0x7b,0xca, 1709 0x3b,0x5f,0xdf,0x46,0xe1,0x3b,0x7f,0x72,0xb7,0x92,0x82,0xe6,0x05,0xc3,0x64, 1710 0x38,0xfb,0x86,0x13,0xeb,0x19,0xb6,0x16,0x82,0x63,0x84,0x13,0x04,0x38,0x51, 1711 0x4c,0x89,0x12,0xf1,0x13,0x46,0x75,0x4e,0x99,0x46,0xcb,0xc6,0x76,0x9f,0x97, 1712 0x9c,0xda,0x63,0x01,0x6a,0x71,0x68,0xc4,0x21,0x67,0xa6,0x51,0x19,0x5e,0xc7, 1713 0x8c,0x8d,0x63,0x5c,0xbe,0x04,0x8f,0xad,0xea,0xa5,0xcd,0xc3,0xd6,0x6b,0xc7, 1714 0xb5,0x56 }; 1715 /* chain0_0 -+ 1716 * +-> chain7_1 1717 * chain10_1 -+ 1718 * A chain with two issuers, only one of whose dates is valid. 1719 */ 1720 static const BYTE chain10_1[] = { 1721 0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1722 0xbf,0x99,0x4f,0x14,0x03,0x77,0x44,0xb8,0x49,0x02,0x70,0xa1,0xb8,0x9c,0xa7, 1723 0x24,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 1724 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 1725 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 1726 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 1727 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 1728 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 1729 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1730 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1731 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1732 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1733 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1734 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1735 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1736 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1737 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1738 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1739 0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, 1740 0x81,0x00,0xa8,0xec,0x8c,0x34,0xe7,0x2c,0xdf,0x75,0x87,0xc4,0xf7,0xda,0x71, 1741 0x72,0x29,0xb2,0x48,0xa8,0x2a,0xec,0x7b,0x7d,0x19,0xb9,0x5f,0x1d,0xd9,0x91, 1742 0x2b,0xc4,0x28,0x7e,0xd6,0xb5,0x91,0x69,0xa5,0x8a,0x1a,0x1f,0x97,0x98,0x46, 1743 0x9d,0xdf,0x12,0xf6,0x45,0x62,0xad,0x60,0xb6,0xba,0xb0,0xfd,0xf5,0x9f,0xc6, 1744 0x98,0x05,0x4f,0x4d,0x48,0xdc,0xee,0x69,0xbe,0xb8,0xc4,0xc4,0xd7,0x1b,0xb1, 1745 0x1f,0x64,0xd6,0x45,0xa7,0xdb,0xb3,0x87,0x63,0x0f,0x54,0xe1,0x3a,0x6b,0x57, 1746 0x36,0xd7,0x68,0x65,0xcf,0xda,0x57,0x8d,0xcd,0x84,0x75,0x47,0x26,0x2c,0xef, 1747 0x1e,0x8f,0xc7,0x3b,0xee,0x5d,0x03,0xa6,0xdf,0x3a,0x20,0xb2,0xcc,0xc9,0x09, 1748 0x2c,0xfe,0x2b,0x79,0xb0,0xca,0x2c,0x9a,0x81,0x6b }; 1749 /* chain0_0 -+ 1750 * +-> chain7_1 1751 * chain11_1 -+ 1752 * A chain with two issuers, only one of whose public keys matches the 1753 * signature. 1754 */ 1755 static const BYTE chain11_1[] = { 1756 0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1757 0x72,0x41,0xa2,0x53,0xd2,0x33,0x0b,0xac,0x4a,0x30,0xfe,0x0a,0xe0,0x2e,0xd4, 1758 0x03,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 1759 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 1760 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 1761 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 1762 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 1763 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 1764 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1765 0x02,0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9, 1766 0xb1,0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11, 1767 0x7e,0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0, 1768 0xeb,0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42, 1769 0x63,0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87, 1770 0xca,0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55, 1771 0xcb,0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f, 1772 0x87,0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1, 1773 0x60,0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01, 1774 0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, 1775 0x81,0x00,0x51,0x17,0xfb,0x2a,0x69,0x31,0x36,0xa7,0x37,0x2c,0x1f,0x38,0xee, 1776 0xe3,0xf1,0xae,0x63,0x61,0xac,0x63,0x13,0xc2,0x3b,0x29,0xca,0xb1,0x8e,0x27, 1777 0x41,0xfa,0xb3,0x7d,0x42,0xbe,0xf0,0x9c,0xe0,0xc7,0x69,0xba,0x80,0xf4,0x87, 1778 0x7c,0x6f,0x77,0x70,0x6b,0x77,0x7d,0x5c,0x58,0x95,0x07,0xbd,0xac,0xe2,0x5d, 1779 0x65,0x12,0xb0,0xae,0xf4,0x01,0x14,0x01,0xba,0xf9,0xa0,0x32,0x10,0xea,0x09, 1780 0x12,0xcf,0xf1,0xbc,0x37,0xc9,0x42,0xc3,0x8c,0x9e,0xa2,0xc3,0x5e,0x2e,0x56, 1781 0xe9,0xa7,0xd8,0x1c,0x1c,0x8c,0x1c,0x2f,0xd8,0xfb,0x67,0x44,0xd4,0xa3,0x79, 1782 0x6d,0x53,0x17,0x56,0x3c,0x3e,0xd0,0x67,0x36,0x0c,0x8b,0x77,0xab,0x40,0xc7, 1783 0x27,0xd9,0x44,0x69,0x13,0xeb,0x09,0xec,0x06,0xe2 }; 1784 /* chain12_0 -> chain7_1: 1785 * A chain whose root has an invalid signature. 1786 */ 1787 static const BYTE chain12_0[] = { 1788 0x30,0x82,0x01,0xc2,0x30,0x82,0x01,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1789 0x73,0x87,0xdb,0x32,0x3a,0x6c,0x89,0x74,0x0f,0xda,0x07,0xd4,0x6a,0x2c,0x81, 1790 0x59,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1791 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1792 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1793 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1794 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1795 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1796 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1797 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1798 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1799 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1800 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1801 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1802 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1803 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1804 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1805 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1806 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1807 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1808 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1809 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x82,0xcd,0x5c,0x0a, 1810 0x9d,0x0d,0x3f,0xd1,0xd8,0x74,0xfc,0x52,0x65,0x11,0x76,0x10,0x62,0xb0,0x9a, 1811 0xc5,0x54,0x66,0xae,0xfa,0xd5,0x66,0x36,0xcb,0x1e,0xe7,0xad,0xb9,0xfa,0x2e, 1812 0xbb,0xb9,0x0b,0x4b,0xbf,0xe7,0x26,0x75,0x2c,0xae,0x2d,0x14,0x84,0x92,0xae, 1813 0x56,0xdf,0x55,0x56,0xf3,0xa6,0xc5,0x21,0xa8,0x5e,0xce,0x7a,0x9d,0xff,0x7f, 1814 0x10,0xd9,0xc3,0x05,0x52,0x86,0xdc,0x9b,0x46,0xe7,0x69,0xfb,0x1e,0xf0,0x68, 1815 0x7d,0x34,0xd7,0xf3,0x56,0xe3,0x0a,0xf3,0xe4,0xdc,0x0f,0xd6,0x4d,0xa8,0xc5, 1816 0xb5,0x5b,0xbf,0x0b,0x5d,0xe7,0x76,0xa1,0x56,0xc1,0xa7,0x55,0xa0,0x88,0x7f, 1817 0x57,0x8e,0x64,0xda,0x6f,0xaa,0x9c,0xca,0x47,0xf3,0x37,0x08,0x4b,0x9a,0xdc, 1818 0xbc,0x65,0x4d,0xff }; 1819 /* chain0_0 -> chain13_1: 1820 * A chain whose time validity nesting is invalid. 1821 */ 1822 static const BYTE chain13_1[] = { 1823 0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 1824 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 1825 0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, 1826 0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x36,0x30,0x31,0x30,0x31,0x30,0x30, 1827 0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, 1828 0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, 1829 0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, 1830 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, 1831 0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33, 1832 0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc, 1833 0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48, 1834 0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47, 1835 0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05, 1836 0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a, 1837 0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85, 1838 0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3, 1839 0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3, 1840 0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, 1841 0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x85,0xc9,0xc5,0x08,0x0b,0xb1, 1842 0xff,0x58,0x8f,0xee,0x66,0x5f,0xa3,0x77,0x63,0x9f,0xd1,0x53,0x03,0xdc,0xf6, 1843 0x59,0x08,0x02,0x1f,0xdc,0x52,0x5a,0x52,0x38,0xa4,0x0b,0x83,0x12,0x19,0xd6, 1844 0xb5,0xb8,0x81,0x17,0xcd,0x10,0x5d,0x96,0x16,0x9d,0x51,0x5b,0xf9,0x31,0x3e, 1845 0x36,0xac,0x30,0xd5,0xd6,0xa0,0x30,0x5c,0x9c,0xcb,0xe1,0x02,0xfd,0x73,0xc3, 1846 0xa1,0x58,0xfe,0x12,0xb0,0xa6,0xbd,0x11,0x86,0xdb,0x20,0x17,0x29,0x1e,0x09, 1847 0x63,0x4d,0x28,0xe4,0x55,0x2d,0xa1,0x78,0xde,0x28,0x0b,0x1b,0x35,0x40,0x4c, 1848 0xf1,0xb0,0x6e,0x82,0x34,0x2b,0x7f,0x3b,0x2e,0x27,0x6b,0xf7,0xde,0x73,0x9a, 1849 0x98,0xac,0x79,0x33,0x1a,0xdd,0x03,0x95,0x60,0x8a,0x08,0xba,0xcb,0x8a,0xbf, 1850 0xea,0xe3 }; 1851 /* chain14_0 -> chain14_1: 1852 * A chain whose root is allowed to sign certificates. 1853 */ 1854 static const BYTE chain14_0[] = { 1855 0x30,0x82,0x01,0xc2,0x30,0x82,0x01,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1856 0xe0,0x3a,0xae,0xb4,0x23,0x65,0x59,0x5c,0x05,0x85,0x76,0x8b,0x8e,0x7f,0xa4, 1857 0x12,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1858 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1859 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1860 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1861 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1862 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1863 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1864 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1865 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1866 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1867 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1868 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1869 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1870 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1871 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1872 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1873 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1874 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1875 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1876 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x10,0xb9,0x5c,0x13, 1877 0x7f,0xe9,0xf3,0x45,0xfb,0x40,0xa2,0x2b,0xe6,0x99,0x5e,0x74,0x9a,0x0b,0x15, 1878 0xa0,0x16,0xf2,0xff,0x6e,0xfa,0x92,0x78,0x4f,0x05,0x02,0xbd,0x70,0x4f,0x28, 1879 0x6f,0x43,0xc7,0xaa,0xaf,0xb6,0xd1,0x60,0x77,0xc6,0x8a,0x58,0x85,0xf0,0xac, 1880 0x04,0x90,0x4a,0x06,0xf0,0x17,0x88,0x12,0x90,0x22,0x65,0x98,0xb1,0x67,0x93, 1881 0x8a,0xe6,0x2d,0x54,0x79,0x99,0xd3,0x8c,0xe7,0x86,0xf4,0xec,0x08,0xae,0x18, 1882 0xa3,0xa9,0x23,0x7b,0x4f,0x8d,0xde,0xe6,0xf9,0x11,0x92,0xcf,0xe0,0x45,0xc3, 1883 0x42,0x72,0x43,0x64,0x07,0x8b,0x7f,0x28,0x11,0x0a,0xea,0xf2,0xbd,0x24,0x1b, 1884 0x93,0x5c,0x6f,0xed,0x67,0xae,0xee,0x7e,0x40,0x88,0x8b,0x28,0x2c,0xe7,0xee, 1885 0xec,0x34,0xe0,0x7b }; 1886 static const BYTE chain14_1[] = { 1887 0x30,0x82,0x01,0x8d,0x30,0x81,0xf9,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 1888 0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30,0x10, 1889 0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74, 1890 0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30, 1891 0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39, 1892 0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13, 1893 0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a,0x86, 1894 0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02, 1895 0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f,0x48, 1896 0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e,0x20, 1897 0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe,0xb8, 1898 0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71,0x3c, 1899 0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87,0x8e, 1900 0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68,0x28, 1901 0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36,0x98, 1902 0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22,0x4a, 1903 0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01,0x00, 1904 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03, 1905 0x81,0x81,0x00,0x63,0x67,0x7f,0x82,0x91,0xe2,0x42,0x45,0x98,0xbc,0xe5,0x03, 1906 0x6c,0x7d,0xc9,0xab,0xdb,0x95,0xc4,0x96,0x86,0xfd,0xcf,0xe6,0x32,0x4a,0x0b, 1907 0x7c,0x5b,0x76,0x39,0x71,0x26,0x54,0x60,0x1d,0xce,0x4f,0x29,0x22,0x9a,0xb7, 1908 0x7d,0x8d,0xfa,0x2c,0x99,0x0d,0xa6,0xa4,0x2e,0xd3,0xf6,0x3e,0xaf,0xea,0x89, 1909 0xa0,0x16,0x40,0x0f,0xf1,0x50,0xaa,0x98,0xdc,0xc2,0x69,0x90,0x6f,0xc6,0x4a, 1910 0xee,0x26,0x9e,0x5e,0x7d,0x4b,0x06,0x65,0x54,0x15,0x67,0x9e,0xe5,0x1d,0x1c, 1911 0x6f,0x0c,0x6e,0x84,0x29,0xf9,0x12,0xe9,0x71,0xdd,0xaf,0x9a,0x3d,0x2a,0xc1, 1912 0x60,0xeb,0x27,0xed,0x7c,0xbf,0xc4,0x84,0x17,0xa5,0xa6,0x41,0x29,0x13,0x8d, 1913 0x6c,0xdd,0x7c,0x3d,0x01,0x03,0xf8,0x70,0x97,0x3c,0x45 }; 1914 /* chain15_0 -> chain14_1: 1915 * A chain whose root is not allowed to sign certificates. 1916 */ 1917 static const BYTE chain15_0[] = { 1918 0x30,0x82,0x01,0xc2,0x30,0x82,0x01,0x2d,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 1919 0x10,0xb3,0x62,0xed,0xed,0x4a,0x92,0xda,0x74,0x62,0x74,0x48,0x99,0xa5,0xe9, 1920 0x0d,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1921 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1922 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1923 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1924 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1925 0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1926 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1927 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 1928 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 1929 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 1930 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 1931 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 1932 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 1933 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 1934 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 1935 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 1936 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1937 0xff,0x04,0x04,0x03,0x02,0x00,0x00,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 1938 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 1939 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x51,0x48,0x43,0xc9, 1940 0xe3,0xb4,0xbc,0xc1,0x1d,0x98,0x14,0x69,0xd9,0xec,0x83,0x4d,0x07,0x70,0x58, 1941 0xe9,0x45,0x88,0xe5,0x11,0x4a,0xf0,0x58,0x2d,0x8d,0x08,0x35,0x76,0x0e,0x42, 1942 0x9f,0x62,0xda,0xf9,0x71,0x51,0x58,0xc7,0xd3,0x7e,0x88,0x6a,0x92,0xd2,0xfe, 1943 0x86,0x4f,0xa2,0x17,0xe3,0xdd,0x9b,0x55,0xe0,0xdc,0xa7,0xe7,0x08,0xe0,0x0a, 1944 0xa6,0xf3,0x09,0x17,0x63,0x10,0x89,0xe6,0x07,0x00,0x8e,0x2c,0x44,0x79,0x3e, 1945 0x6c,0x51,0x9a,0xa3,0x59,0x17,0x8b,0x90,0xa8,0x82,0x64,0x09,0x77,0x95,0x55, 1946 0xd6,0x38,0x43,0x8c,0x66,0xe6,0x7b,0xb9,0xf4,0xe1,0x7b,0x86,0x9b,0x8e,0xe3, 1947 0x56,0xc9,0x62,0x62,0x6e,0x3d,0x4d,0x67,0x8d,0x5e,0x20,0xe5,0xd0,0xfa,0xaa, 1948 0xbe,0x91,0xa8,0xf1 }; 1949 /* chain0_0 -> chain16_1: 1950 * A chain whose end cert has a name constraints extension saying it can't 1951 * be a CA, and which also has a key usage extension allowing it to sign 1952 * certs. 1953 */ 1954 static const BYTE chain16_1[] = { 1955 0x30,0x82,0x01,0xb0,0x30,0x82,0x01,0x1b,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1956 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1957 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1958 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1959 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1960 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1961 0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1962 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1963 0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f, 1964 0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e, 1965 0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe, 1966 0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71, 1967 0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87, 1968 0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68, 1969 0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36, 1970 0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22, 1971 0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01, 1972 0x00,0x01,0xa3,0x20,0x30,0x1e,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 1973 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01, 1974 0x01,0xff,0x04,0x02,0x30,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, 1975 0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x47,0xdb,0xb4,0x95,0xb1,0xe2,0x5c, 1976 0x03,0x3b,0x28,0x16,0x6b,0xed,0xe9,0x38,0xeb,0x74,0xe6,0xde,0xc5,0xaf,0x93, 1977 0xad,0x2e,0xaa,0x29,0x14,0x21,0xae,0xe9,0x7d,0x46,0x18,0x05,0x67,0xad,0x2d, 1978 0xaa,0xfa,0xf8,0x41,0xc8,0x8c,0xde,0xe0,0xd7,0x3e,0x9a,0x89,0x58,0x71,0x73, 1979 0x57,0xc1,0xd9,0x42,0x51,0xfb,0xaa,0xb8,0x50,0x98,0x9b,0x87,0xb1,0x14,0xa2, 1980 0x23,0xa7,0xfc,0x51,0x23,0x97,0x9f,0xef,0x06,0x83,0x63,0x91,0x14,0xc3,0xbe, 1981 0xaa,0xc8,0x7c,0x03,0x0e,0x41,0x5a,0x23,0x9c,0x1d,0x32,0x3a,0xa5,0xf1,0x6a, 1982 0x56,0x6c,0x36,0xe3,0x3d,0xa1,0xac,0x8e,0x1a,0x75,0x30,0x1c,0xd8,0xbc,0xae, 1983 0x3e,0x4a,0x1a,0x05,0xf4,0x09,0x24,0xb2,0x89,0x75,0xa4,0x28,0x78,0x6b,0xfa, 1984 0xcc }; 1985 /* chain0_0 -> chain17_1 -> chain17_2: 1986 * A root cert, an intermediate cert that's a CA and allowed to sign a cert, 1987 * and an end cert. 1988 */ 1989 static const BYTE chain17_1[] = { 1990 0x30,0x82,0x01,0xb3,0x30,0x82,0x01,0x1e,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 1991 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 1992 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 1993 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 1994 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 1995 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 1996 0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 1997 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 1998 0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f, 1999 0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e, 2000 0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe, 2001 0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71, 2002 0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87, 2003 0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68, 2004 0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36, 2005 0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22, 2006 0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01, 2007 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2008 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2009 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 2010 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x26,0x56,0x31,0x53, 2011 0x65,0xe3,0xd8,0x59,0xc8,0x6f,0xa3,0x5b,0x8a,0x11,0x53,0xde,0x8d,0x6f,0x6d, 2012 0x8c,0xe1,0x79,0x25,0xb2,0xbf,0xc6,0x3b,0xa1,0x8b,0x6b,0xcd,0x99,0xcf,0x0c, 2013 0x6f,0xaa,0xbc,0xd0,0x3d,0xb2,0xf8,0x1c,0x6f,0xb0,0x84,0x7b,0xb1,0x88,0xec, 2014 0xd6,0x77,0xbe,0xb1,0x0b,0x8c,0x18,0x85,0xb7,0x38,0x81,0x12,0xc9,0xc7,0x4a, 2015 0xf6,0x83,0xc4,0xd9,0xae,0xb6,0x1d,0xbb,0xd2,0x08,0x01,0x4a,0xe1,0xdc,0x8f, 2016 0x67,0xa9,0xed,0xe2,0x3f,0x96,0xf6,0x72,0x7e,0x4a,0x63,0x46,0xc4,0x82,0x89, 2017 0x0a,0x81,0xc8,0x3a,0x9c,0xe7,0x23,0x5f,0x8d,0xd9,0x6c,0xb2,0x5d,0x9a,0x40, 2018 0x04,0x04,0xd5,0x4a,0x29,0x57,0xbd,0x18,0xd8,0xca,0x1f,0xf7,0xf8,0x23,0x07, 2019 0x4b,0x03,0xa3,0xd9 }; 2020 static const BYTE chain17_2[] = { 2021 0x30,0x82,0x01,0x8d,0x30,0x81,0xf9,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 2022 0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30,0x10, 2023 0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74, 2024 0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30, 2025 0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39, 2026 0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13, 2027 0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a,0x86, 2028 0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02, 2029 0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9,0xb1, 2030 0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11,0x7e, 2031 0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0,0xeb, 2032 0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42,0x63, 2033 0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87,0xca, 2034 0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55,0xcb, 2035 0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f,0x87, 2036 0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1,0x60, 2037 0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01,0x00, 2038 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03, 2039 0x81,0x81,0x00,0x5c,0xb5,0x55,0xd7,0x2c,0x70,0xc5,0x6e,0xc0,0x8e,0x30,0x1f, 2040 0xf2,0x8e,0x55,0xd6,0xf6,0x95,0xa4,0x51,0xd8,0xf0,0x39,0x98,0x12,0x57,0xa7, 2041 0x6d,0x0c,0xfd,0xcb,0x25,0xf1,0xc4,0x73,0x85,0x78,0x82,0x15,0x12,0x08,0xb6, 2042 0x05,0x85,0x4f,0x5a,0x59,0x1f,0x03,0xdf,0x04,0xef,0xc2,0xb0,0xee,0xd7,0x73, 2043 0x09,0xca,0xbb,0xfb,0xd8,0xec,0x8b,0x39,0x01,0x14,0xc9,0x03,0xc9,0x08,0x4d, 2044 0x97,0xc7,0xf2,0x0b,0x54,0x67,0xf7,0x7c,0xc6,0xee,0x74,0xd5,0xa2,0x10,0x3e, 2045 0xd9,0x3a,0x7a,0x9d,0xeb,0xeb,0xd8,0x8e,0x43,0x74,0xc3,0xa5,0x3b,0x1a,0x4b, 2046 0x8a,0xbc,0x6a,0x2c,0x15,0x4b,0x72,0x0b,0xac,0xa4,0x1a,0x97,0x80,0xf8,0xb1, 2047 0xd3,0xd7,0x1a,0xf3,0xf5,0x9f,0x7c,0x4c,0x7d,0x7c,0xc7 }; 2048 /* chain0_0 -> chain18_1 -> chain18_2: 2049 * A root, an intermediate CA not allowed to sign certs, and an end cert. 2050 */ 2051 static const BYTE chain18_1[] = { 2052 0x30,0x82,0x01,0xb3,0x30,0x82,0x01,0x1e,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2053 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 2054 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 2055 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30, 2056 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35, 2057 0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 2058 0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 2059 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2060 0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f, 2061 0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e, 2062 0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe, 2063 0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71, 2064 0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87, 2065 0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68, 2066 0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36, 2067 0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22, 2068 0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01, 2069 0x00,0x01,0xa3,0x23,0x30,0x21,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2070 0xff,0x04,0x04,0x03,0x02,0x00,0x00,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2071 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x09,0x2a,0x86, 2072 0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x2c,0x49,0x9f,0xc2, 2073 0xce,0xf5,0x0d,0x59,0xaa,0xff,0xa0,0x72,0xa7,0xcf,0x4c,0x35,0xc5,0x5e,0x1b, 2074 0x32,0xe6,0x46,0x53,0x3e,0x70,0xe6,0xbc,0xa2,0x37,0xe0,0x9d,0x41,0x40,0x12, 2075 0x9e,0x81,0x2b,0xd9,0x46,0x3a,0xdc,0xd7,0x37,0xc4,0xbf,0x0f,0x0c,0xf8,0x74, 2076 0x7a,0xf9,0x92,0x2d,0xf8,0xfe,0xec,0x17,0xfb,0x38,0x4f,0x83,0x02,0x6f,0x49, 2077 0xb4,0xad,0xb2,0x84,0x41,0x13,0x71,0x32,0xee,0x34,0x8d,0xea,0x2b,0x64,0x9b, 2078 0x26,0x76,0xe9,0xcc,0xdf,0x73,0xe0,0x84,0xc1,0x8b,0xea,0xfc,0x8c,0x18,0x93, 2079 0xfd,0xa3,0x5f,0x8f,0xde,0x05,0x11,0x88,0x62,0x0b,0x03,0x35,0x1a,0xef,0x65, 2080 0x82,0x06,0xc8,0xa5,0xf6,0xd2,0x1e,0x46,0xc2,0x86,0xe7,0x26,0x8e,0x9e,0x10, 2081 0x33,0xe2,0x89,0x93 }; 2082 static const BYTE chain18_2[] = { 2083 0x30,0x82,0x01,0x8d,0x30,0x81,0xf9,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 2084 0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30,0x10, 2085 0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74, 2086 0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30, 2087 0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39, 2088 0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13, 2089 0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a,0x86, 2090 0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02, 2091 0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9,0xb1, 2092 0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11,0x7e, 2093 0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0,0xeb, 2094 0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42,0x63, 2095 0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87,0xca, 2096 0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55,0xcb, 2097 0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f,0x87, 2098 0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1,0x60, 2099 0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01,0x00, 2100 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03, 2101 0x81,0x81,0x00,0x5c,0xb5,0x55,0xd7,0x2c,0x70,0xc5,0x6e,0xc0,0x8e,0x30,0x1f, 2102 0xf2,0x8e,0x55,0xd6,0xf6,0x95,0xa4,0x51,0xd8,0xf0,0x39,0x98,0x12,0x57,0xa7, 2103 0x6d,0x0c,0xfd,0xcb,0x25,0xf1,0xc4,0x73,0x85,0x78,0x82,0x15,0x12,0x08,0xb6, 2104 0x05,0x85,0x4f,0x5a,0x59,0x1f,0x03,0xdf,0x04,0xef,0xc2,0xb0,0xee,0xd7,0x73, 2105 0x09,0xca,0xbb,0xfb,0xd8,0xec,0x8b,0x39,0x01,0x14,0xc9,0x03,0xc9,0x08,0x4d, 2106 0x97,0xc7,0xf2,0x0b,0x54,0x67,0xf7,0x7c,0xc6,0xee,0x74,0xd5,0xa2,0x10,0x3e, 2107 0xd9,0x3a,0x7a,0x9d,0xeb,0xeb,0xd8,0x8e,0x43,0x74,0xc3,0xa5,0x3b,0x1a,0x4b, 2108 0x8a,0xbc,0x6a,0x2c,0x15,0x4b,0x72,0x0b,0xac,0xa4,0x1a,0x97,0x80,0xf8,0xb1, 2109 0xd3,0xd7,0x1a,0xf3,0xf5,0x9f,0x7c,0x4c,0x7d,0x7c,0xc7 }; 2110 /* A chain which allows a.com, where the end cert is issued to a.com */ 2111 static const BYTE chain19_0[] = { 2112 0x30,0x82,0x01,0xd9,0x30,0x82,0x01,0x46,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2113 0x22,0xf4,0xa5,0xbe,0xe7,0x5f,0x91,0x89,0x4b,0x10,0x5c,0x86,0x89,0x94,0x36, 2114 0xab,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2115 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2116 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2117 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2118 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2119 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2120 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2121 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2122 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2123 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2124 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2125 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2126 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2127 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2128 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2129 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2130 0x00,0x01,0xa3,0x3c,0x30,0x3a,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2131 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2132 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x17,0x06,0x03,0x55,0x1d, 2133 0x1e,0x01,0x01,0xff,0x04,0x0d,0x30,0x0b,0xa0,0x09,0x30,0x07,0x82,0x05,0x61, 2134 0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, 2135 0x03,0x81,0x81,0x00,0x19,0x84,0xa8,0xed,0x39,0xb3,0xc0,0x7e,0xc1,0x50,0x50, 2136 0xb7,0x4c,0xf2,0xf4,0x16,0xc8,0x2a,0x00,0xc9,0x9e,0x0a,0x77,0x7f,0x65,0xb0, 2137 0xe9,0x46,0x88,0x39,0x03,0xd9,0xcc,0x83,0x27,0x22,0xd3,0xec,0x98,0xb3,0x0d, 2138 0xf6,0x85,0xe2,0x3f,0x82,0x02,0x96,0xd2,0x9f,0x17,0xcb,0x7c,0x06,0xbb,0xe5, 2139 0x58,0x0d,0x9e,0xc3,0x01,0xcd,0xba,0xee,0x26,0x7d,0xc6,0x2b,0x50,0xa7,0xf3, 2140 0x9e,0x28,0x87,0xa8,0x9a,0x8b,0x1c,0x73,0x79,0x3e,0xed,0xa0,0xcf,0x70,0xf0, 2141 0x53,0x89,0x1f,0xbf,0x0d,0x6b,0x30,0xb1,0x5e,0x16,0x6d,0x57,0x81,0xe9,0xad, 2142 0x63,0xe5,0x03,0x50,0x99,0x3d,0xb3,0xad,0x1d,0x9c,0x6b,0x32,0xea,0xc3,0x7f, 2143 0x54,0x22,0x89,0x69,0xbf,0x73,0xdc,0x87,0xff,0x4b,0xf1,0xf6 }; 2144 static const BYTE chain19_1[] = { 2145 0x30,0x82,0x01,0xaa,0x30,0x82,0x01,0x13,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2146 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2147 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2148 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2149 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2150 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2151 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2152 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2153 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2154 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2155 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2156 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2157 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2158 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2159 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2160 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2161 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2162 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x14,0x30,0x12,0x30,0x10,0x06,0x03,0x55, 2163 0x1d,0x07,0x04,0x09,0x30,0x07,0x82,0x05,0x61,0x2e,0x63,0x6f,0x6d,0x30,0x0d, 2164 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81, 2165 0x81,0x00,0x8e,0x1d,0xf5,0xac,0x59,0x8e,0x39,0x7a,0x4d,0x79,0x79,0x68,0xa9, 2166 0x13,0x25,0xbf,0x71,0x62,0x73,0x55,0xb0,0x22,0xcb,0x8a,0x22,0xa2,0x4f,0xa3, 2167 0xfc,0x22,0xa3,0x2c,0x4c,0xe3,0x95,0xc6,0x97,0xe1,0x97,0xf1,0xee,0xb0,0xb4, 2168 0xac,0x7a,0x80,0xe3,0xdd,0x02,0x5a,0x42,0x30,0xe7,0x27,0x0e,0x69,0xff,0x6b, 2169 0xb2,0x83,0x7a,0x4f,0xc7,0xaa,0x05,0x95,0xb5,0x18,0x5f,0xa8,0x29,0x97,0x3b, 2170 0xf2,0xb8,0x35,0x06,0x1b,0xfe,0xfa,0xa8,0x91,0xc7,0xb7,0x1b,0x8b,0xaa,0xd5, 2171 0x23,0x88,0x7f,0xd9,0x88,0x45,0xee,0xd4,0xb9,0xcd,0x36,0xd4,0x5a,0x28,0x86, 2172 0x0d,0x92,0x5d,0xcb,0x8c,0xf1,0xd9,0xfb,0xcc,0xa4,0x65,0xda,0x8d,0x6e,0xfd, 2173 0x99,0xed,0xf1,0xc6,0x45,0xdf,0x5b,0x1f,0xf5,0xa0 }; 2174 /* A chain which allows a.com, where the end cert is issued to b.com */ 2175 static const BYTE chain20_0[] = { 2176 0x30,0x82,0x01,0xd9,0x30,0x82,0x01,0x46,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2177 0x5e,0xf5,0xbf,0x5a,0x8d,0x92,0xd9,0x8e,0x46,0x09,0xbf,0x50,0x27,0x2f,0xc1, 2178 0x4b,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2179 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2180 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2181 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2182 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2183 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2184 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2185 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2186 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2187 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2188 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2189 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2190 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2191 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2192 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2193 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2194 0x00,0x01,0xa3,0x3c,0x30,0x3a,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2195 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2196 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x17,0x06,0x03,0x55,0x1d, 2197 0x1e,0x01,0x01,0xff,0x04,0x0d,0x30,0x0b,0xa0,0x09,0x30,0x07,0x82,0x05,0x61, 2198 0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, 2199 0x03,0x81,0x81,0x00,0x4e,0xd8,0x55,0xa5,0x18,0xa8,0xc3,0xc4,0xa2,0xed,0x11, 2200 0xff,0x12,0x78,0xbe,0xa5,0xaf,0x6c,0x9f,0xa5,0x94,0x46,0xd3,0x74,0x8e,0x44, 2201 0x45,0x9f,0xf2,0xf9,0x0b,0xbe,0x28,0x08,0xf2,0x28,0x4a,0xd5,0x00,0x71,0xb2, 2202 0xa5,0x01,0x3b,0x86,0xd6,0x8f,0xb8,0x9a,0xbc,0x8e,0xe4,0x33,0x9e,0xc2,0x5d, 2203 0xcc,0x5c,0x24,0x90,0x52,0xbc,0xe6,0x83,0x38,0x77,0xd6,0x25,0x1b,0xfa,0x37, 2204 0xc1,0xf6,0x22,0xa7,0xff,0xc6,0x4b,0x16,0x73,0xf5,0xca,0x04,0xad,0xa5,0x71, 2205 0xff,0x15,0x5b,0x34,0x84,0xd4,0x45,0xce,0xfb,0xd1,0x76,0x13,0x2f,0x53,0x3e, 2206 0x82,0xba,0x2f,0x53,0x82,0x48,0xcb,0x3a,0x77,0xd4,0xb0,0x0f,0xb5,0x38,0x68, 2207 0x73,0x3f,0x49,0x60,0x0f,0x61,0x58,0xae,0x25,0xd8,0xe6,0x73 }; 2208 static const BYTE chain20_1[] = { 2209 0x30,0x82,0x01,0xaa,0x30,0x82,0x01,0x13,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2210 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2211 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2212 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2213 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2214 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2215 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2216 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2217 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2218 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2219 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2220 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2221 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2222 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2223 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2224 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2225 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2226 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x14,0x30,0x12,0x30,0x10,0x06,0x03,0x55, 2227 0x1d,0x07,0x04,0x09,0x30,0x07,0x82,0x05,0x62,0x2e,0x63,0x6f,0x6d,0x30,0x0d, 2228 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81, 2229 0x81,0x00,0x17,0xbb,0xec,0x37,0x4c,0xaf,0x0f,0xb0,0x57,0x04,0x01,0x67,0x69, 2230 0x77,0xe4,0x73,0xc4,0x12,0x0a,0xa5,0xfe,0x0c,0x8b,0x89,0x90,0x98,0x0d,0x3b, 2231 0x37,0xbe,0xe7,0x7e,0xba,0x84,0x27,0x5f,0xed,0x40,0xc9,0x57,0x91,0x6b,0x72, 2232 0xe3,0x4c,0xfa,0x9f,0x6d,0xd5,0xe6,0xf8,0x33,0xa1,0x6e,0xbd,0x5f,0x8d,0xfb, 2233 0x8f,0xe6,0xe1,0x6a,0x64,0x51,0x1e,0x3b,0x04,0xe4,0x3b,0xa2,0x49,0x15,0x23, 2234 0x35,0x17,0x61,0x4a,0xa6,0x03,0xee,0xa2,0xa6,0x4f,0x42,0x13,0x75,0x14,0xd3, 2235 0x87,0x3b,0x71,0x6a,0x2f,0x11,0xcd,0xe6,0xd0,0x63,0xce,0x62,0x8c,0xd9,0x64, 2236 0xc0,0xaa,0x53,0x4e,0x5e,0xa2,0x4c,0x6e,0xd0,0x13,0x49,0x2e,0xdf,0x81,0x3a, 2237 0x3c,0x67,0xcf,0x4e,0xde,0x95,0x14,0x74,0xa8,0x31 }; 2238 /* A chain which allows A.com, where the end cert is issued to a.COM */ 2239 static const BYTE chain21_0[] = { 2240 0x30,0x82,0x01,0xd9,0x30,0x82,0x01,0x46,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2241 0x66,0xaf,0x57,0xcc,0x4b,0x41,0xd1,0x96,0x40,0xef,0xa4,0xc9,0xe0,0x96,0xad, 2242 0x5c,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2243 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2244 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2245 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2246 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2247 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2248 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2249 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2250 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2251 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2252 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2253 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2254 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2255 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2256 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2257 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2258 0x00,0x01,0xa3,0x3c,0x30,0x3a,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2259 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2260 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x17,0x06,0x03,0x55,0x1d, 2261 0x1e,0x01,0x01,0xff,0x04,0x0d,0x30,0x0b,0xa0,0x09,0x30,0x07,0x82,0x05,0x41, 2262 0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, 2263 0x03,0x81,0x81,0x00,0x66,0x0e,0x8e,0x3d,0x1b,0xe8,0x51,0x2d,0x5f,0xfa,0xf5, 2264 0x01,0xb1,0xf8,0x8e,0x65,0xf6,0xcf,0x63,0x40,0x27,0x20,0x41,0xfc,0xa2,0x97, 2265 0x14,0x8d,0x46,0x33,0x3b,0x79,0xc7,0x3d,0xc8,0x1d,0xb3,0xf1,0xf3,0x52,0xfb, 2266 0x76,0x55,0x00,0xb9,0x4d,0x89,0x4c,0xfd,0xa9,0xcc,0xa0,0x96,0x86,0x15,0x40, 2267 0xfc,0xd2,0x5b,0x60,0xca,0x9c,0x00,0xf8,0x02,0x6a,0x56,0x1c,0x79,0x94,0x01, 2268 0x8a,0x60,0x44,0x1a,0x2f,0x34,0x94,0xb6,0xfb,0x00,0xa7,0xd1,0x47,0xd8,0x8f, 2269 0xf7,0xf5,0xfc,0xfd,0xeb,0xf7,0xa1,0xab,0xa7,0x38,0x13,0x16,0x50,0x04,0x8e, 2270 0xf2,0x17,0x45,0xac,0x10,0x83,0x08,0x1c,0x0d,0xe9,0xa9,0xea,0x4e,0x0e,0x06, 2271 0x09,0xca,0xb3,0x54,0xd1,0x44,0x10,0x47,0xac,0xaf,0xbc,0xbb }; 2272 static const BYTE chain21_1[] = { 2273 0x30,0x82,0x01,0xaa,0x30,0x82,0x01,0x13,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2274 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2275 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2276 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2277 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2278 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2279 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2280 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2281 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2282 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2283 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2284 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2285 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2286 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2287 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2288 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2289 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2290 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x14,0x30,0x12,0x30,0x10,0x06,0x03,0x55, 2291 0x1d,0x07,0x04,0x09,0x30,0x07,0x82,0x05,0x61,0x2e,0x43,0x4f,0x4d,0x30,0x0d, 2292 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81, 2293 0x81,0x00,0x65,0xd5,0xaa,0x17,0x1f,0xa8,0xda,0x62,0x04,0x9d,0xf5,0xe0,0x82, 2294 0xe4,0xed,0xc6,0x1b,0x54,0x8f,0xb7,0x46,0xac,0xcd,0xaf,0xaa,0xe3,0xd8,0x4a, 2295 0x8b,0xd9,0xe6,0x87,0x4f,0x8c,0xa6,0x86,0x97,0x75,0x08,0x42,0xf1,0xed,0x3e, 2296 0x70,0x99,0x13,0xf2,0x00,0xf8,0xcc,0xf4,0x55,0x36,0xf5,0x29,0x97,0x47,0x71, 2297 0xb8,0x40,0x8d,0x47,0x03,0xe2,0x66,0x3c,0x00,0x01,0xcc,0xa7,0x39,0xf7,0xf9, 2298 0x76,0xfc,0x14,0x31,0x1f,0x6f,0xf0,0x87,0xe0,0x43,0x8b,0xad,0x98,0xa2,0xe3, 2299 0xfe,0x49,0xa3,0x1e,0x57,0x34,0xe8,0x61,0x97,0x23,0xc8,0x03,0x05,0xa4,0x2f, 2300 0xab,0x49,0x97,0xff,0x3f,0xbf,0x6c,0x08,0x2c,0x6b,0x4d,0x6a,0x54,0x62,0x2e, 2301 0x16,0x83,0xac,0xdd,0x21,0x8f,0xe7,0x71,0x12,0x5f }; 2302 /* A chain which allows A.com, where the end cert is issued to b.COM */ 2303 static const BYTE chain22_0[] = { 2304 0x30,0x82,0x01,0xd9,0x30,0x82,0x01,0x46,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2305 0x75,0xff,0x32,0x4c,0x24,0xbb,0x4e,0xb9,0x45,0x70,0xc3,0x4a,0xe1,0xfd,0xdb, 2306 0xdc,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2307 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2308 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2309 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2310 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2311 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2312 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2313 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2314 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2315 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2316 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2317 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2318 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2319 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2320 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2321 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2322 0x00,0x01,0xa3,0x3c,0x30,0x3a,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2323 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2324 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x17,0x06,0x03,0x55,0x1d, 2325 0x1e,0x01,0x01,0xff,0x04,0x0d,0x30,0x0b,0xa0,0x09,0x30,0x07,0x82,0x05,0x41, 2326 0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, 2327 0x03,0x81,0x81,0x00,0x43,0x9b,0xcf,0x0d,0x31,0x9a,0x33,0x9d,0x7a,0xf8,0x2b, 2328 0x5a,0x6f,0x52,0x68,0x25,0x7e,0x14,0x04,0xb1,0x88,0x90,0xa3,0xa8,0x4e,0xa8, 2329 0x0c,0xc2,0x06,0x35,0x6c,0xb9,0x07,0x9a,0x28,0xd0,0x54,0xad,0x5f,0xc7,0x5e, 2330 0xbf,0x1d,0xde,0x3d,0x76,0x6d,0x32,0x6c,0xc2,0x95,0x26,0x8e,0x6a,0xc5,0xfd, 2331 0x45,0x47,0x3a,0x2e,0x81,0x47,0x37,0xf9,0xe3,0xdb,0x57,0xd5,0x24,0xe9,0x10, 2332 0x91,0x55,0xbf,0x48,0xaa,0x27,0x7a,0x32,0xc8,0x96,0xbc,0xd8,0x9d,0xb5,0x03, 2333 0x6e,0x64,0x50,0xa6,0x9d,0xc2,0xd9,0xdb,0x67,0x8d,0xad,0x76,0x82,0x75,0x42, 2334 0x78,0x38,0x3c,0x31,0x55,0x1e,0x8f,0xbb,0x18,0xc9,0xf3,0xa4,0x49,0xc7,0x24, 2335 0x1a,0x9b,0xef,0x61,0x03,0x75,0xb7,0x2b,0x8b,0xd4,0x50,0x8b }; 2336 static const BYTE chain22_1[] = { 2337 0x30,0x82,0x01,0xaa,0x30,0x82,0x01,0x13,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2338 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2339 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2340 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2341 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2342 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2343 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2344 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2345 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2346 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2347 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2348 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2349 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2350 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2351 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2352 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2353 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2354 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x14,0x30,0x12,0x30,0x10,0x06,0x03,0x55, 2355 0x1d,0x07,0x04,0x09,0x30,0x07,0x82,0x05,0x62,0x2e,0x43,0x4f,0x4d,0x30,0x0d, 2356 0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81, 2357 0x81,0x00,0x4b,0x4c,0x2f,0x68,0xd2,0x64,0x82,0x7d,0x95,0x1d,0xd0,0x2b,0xa4, 2358 0xab,0xc3,0x9d,0xd8,0xc1,0x0f,0xaa,0x3e,0xc6,0xa3,0x11,0x9a,0xc6,0x58,0x40, 2359 0x49,0xcc,0x92,0x8e,0xd4,0x0d,0x20,0x81,0x65,0x59,0xca,0x7d,0x54,0xce,0xd4, 2360 0x43,0x95,0xb5,0xc3,0x8c,0x79,0x01,0xc6,0x17,0xf8,0x04,0x13,0xf7,0x7c,0xf7, 2361 0x7f,0xd7,0xc6,0x62,0x2c,0x21,0x0d,0xab,0x79,0x82,0xd7,0x70,0x9f,0x38,0xba, 2362 0x5f,0x2f,0xb4,0xfd,0xe8,0x62,0x40,0xe3,0x69,0xe7,0xc4,0xe5,0x5a,0xc1,0x71, 2363 0xc0,0x9a,0xdc,0xcc,0xa6,0x0e,0x5e,0x84,0x27,0x70,0xc3,0x47,0x98,0x72,0x89, 2364 0xf9,0x7c,0xe4,0x15,0x4b,0x4c,0xec,0x56,0x1b,0xbf,0x6c,0xf1,0xf7,0x5a,0x76, 2365 0x80,0x1f,0x43,0x7c,0xae,0xdb,0xb3,0x49,0xbc,0xcb }; 2366 /* A chain which allows *.com, where the end cert is issued to foo.com */ 2367 static const BYTE chain23_0[] = { 2368 0x30,0x82,0x01,0xd9,0x30,0x82,0x01,0x46,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2369 0x70,0x29,0x25,0xb2,0x21,0xd9,0x44,0x8a,0x4b,0x9d,0xf3,0x4e,0x6b,0xdb,0x7c, 2370 0xa7,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2371 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2372 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2373 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2374 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2375 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2376 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2377 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2378 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2379 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2380 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2381 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2382 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2383 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2384 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2385 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2386 0x00,0x01,0xa3,0x3c,0x30,0x3a,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2387 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2388 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x17,0x06,0x03,0x55,0x1d, 2389 0x1e,0x01,0x01,0xff,0x04,0x0d,0x30,0x0b,0xa0,0x09,0x30,0x07,0x82,0x05,0x2a, 2390 0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, 2391 0x03,0x81,0x81,0x00,0x39,0x5b,0xf7,0xc9,0x4e,0xac,0x65,0x8b,0x56,0xf4,0xaf, 2392 0x23,0xaa,0x1b,0x95,0x0a,0x6e,0x62,0xa8,0x39,0xa0,0xc7,0x86,0x6f,0xb2,0xac, 2393 0x45,0xb6,0x99,0x21,0x66,0x48,0x1a,0x7d,0xe9,0xa9,0xfe,0x5c,0xc6,0xa7,0x25, 2394 0x89,0x66,0x84,0xc4,0x8e,0x05,0x3b,0x53,0xcf,0xee,0x78,0x88,0x85,0xf1,0x8f, 2395 0xce,0x6e,0x72,0xc6,0x0c,0x06,0x3d,0xa6,0x12,0xad,0x0a,0x07,0xbb,0x16,0x2f, 2396 0x0c,0x96,0x0c,0x78,0x31,0xfa,0x93,0x5a,0x2d,0x8d,0x02,0xf5,0xb0,0x1c,0x83, 2397 0x53,0x14,0xc6,0xa6,0x29,0xa6,0xfe,0xb1,0xc0,0x65,0x72,0x47,0xe9,0xf6,0x01, 2398 0x09,0xa4,0xff,0xd2,0x60,0x87,0x81,0xc1,0xb4,0xe7,0xe8,0x3e,0x9a,0xba,0x25, 2399 0xb2,0x36,0x50,0xc4,0xf8,0xb1,0x94,0x07,0xba,0xdd,0x6a,0x95 }; 2400 static const BYTE chain23_1[] = { 2401 0x30,0x82,0x01,0xac,0x30,0x82,0x01,0x15,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2402 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2403 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2404 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2405 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2406 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2407 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2408 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2409 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2410 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2411 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2412 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2413 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2414 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2415 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2416 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2417 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2418 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55, 2419 0x1d,0x07,0x04,0x0b,0x30,0x09,0x82,0x07,0x66,0x6f,0x6f,0x2e,0x63,0x6f,0x6d, 2420 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 2421 0x03,0x81,0x81,0x00,0xa5,0xc0,0xf6,0xb1,0x63,0x3a,0x23,0xc5,0xb0,0x07,0xb4, 2422 0x83,0xcf,0x36,0xb4,0xfe,0x3c,0xcb,0xa6,0x6b,0xed,0xf7,0x4c,0x25,0x9f,0x2d, 2423 0x88,0xcd,0x8a,0xe4,0x88,0xe3,0x33,0xbb,0x50,0x54,0xee,0xc9,0xad,0xed,0x8b, 2424 0xec,0x1e,0x64,0x36,0xe8,0xb5,0x51,0xca,0xd3,0xa5,0xb9,0x7a,0x2d,0x4b,0xe7, 2425 0xe8,0xc9,0xa5,0x1d,0x49,0xa1,0x31,0x0f,0x50,0x46,0xb0,0x0f,0xd0,0xf6,0xad, 2426 0x51,0x18,0x93,0x25,0x8f,0x4f,0x57,0x12,0x72,0x1e,0xa7,0x44,0x37,0x9f,0xf2, 2427 0xc0,0x28,0xe8,0xbe,0xb8,0x75,0x42,0xef,0x1d,0x7a,0xca,0x87,0x0c,0x11,0x25, 2428 0xeb,0xab,0xcf,0xe0,0xe1,0x12,0x38,0xf6,0x68,0x31,0xfb,0x16,0xcb,0xef,0x67, 2429 0x8c,0x4b,0x6b,0xfd,0x69,0xba,0x0b,0x69,0xee,0x74,0xe0,0x73 }; 2430 /* A chain which allows *.com, where the end cert is issued to foo.bar.com */ 2431 static const BYTE chain24_0[] = { 2432 0x30,0x82,0x01,0xd9,0x30,0x82,0x01,0x46,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2433 0x57,0xa6,0x19,0xe0,0x2a,0x65,0x89,0x8d,0x4c,0xd9,0x58,0x8f,0xd0,0xe5,0x5a, 2434 0x02,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2435 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2436 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2437 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2438 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2439 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2440 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2441 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2442 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2443 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2444 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2445 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2446 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2447 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2448 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2449 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2450 0x00,0x01,0xa3,0x3c,0x30,0x3a,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2451 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2452 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x17,0x06,0x03,0x55,0x1d, 2453 0x1e,0x01,0x01,0xff,0x04,0x0d,0x30,0x0b,0xa0,0x09,0x30,0x07,0x82,0x05,0x2a, 2454 0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, 2455 0x03,0x81,0x81,0x00,0x44,0xec,0x96,0x0c,0x82,0x70,0xd6,0x4f,0xa0,0xa0,0x9e, 2456 0x6f,0xfc,0x93,0xcb,0xbb,0x9b,0xb7,0x34,0xf9,0x9c,0x00,0x00,0x7e,0x11,0xeb, 2457 0x38,0x85,0x8d,0xc9,0xc5,0x69,0x05,0x8e,0xcd,0x82,0x6c,0xe4,0xe5,0xb8,0x63, 2458 0xa6,0x8b,0xe5,0x17,0x9e,0x24,0x67,0x34,0xdd,0x4c,0x62,0xdd,0x08,0xfe,0xdc, 2459 0x90,0xe1,0x8e,0x02,0xfe,0xe9,0xc4,0x19,0xfc,0x7d,0xef,0x24,0xcc,0x99,0x9f, 2460 0x11,0x81,0x6a,0x4d,0x46,0xc8,0x48,0x73,0xc8,0x52,0x89,0xab,0xc7,0x0d,0x9b, 2461 0x77,0xc0,0xbc,0xb5,0x57,0x51,0x2e,0x64,0xad,0x98,0x39,0xd3,0x6d,0xe9,0xe1, 2462 0x58,0x32,0x01,0xfa,0xc7,0xa9,0x89,0x58,0x86,0x3c,0x34,0xc3,0x90,0xd6,0xed, 2463 0x4a,0xdc,0x23,0x66,0xc5,0xab,0x76,0xb9,0x47,0xc8,0x00,0x4c }; 2464 static const BYTE chain24_1[] = { 2465 0x30,0x82,0x01,0xb0,0x30,0x82,0x01,0x19,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2466 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2467 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2468 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2469 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2470 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2471 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2472 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2473 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2474 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2475 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2476 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2477 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2478 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2479 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2480 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2481 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2482 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x1a,0x30,0x18,0x30,0x16,0x06,0x03,0x55, 2483 0x1d,0x07,0x04,0x0f,0x30,0x0d,0x82,0x0b,0x66,0x6f,0x6f,0x2e,0x62,0x61,0x72, 2484 0x2e,0x63,0x6f,0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01, 2485 0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x28,0x64,0x0b,0xad,0x9f,0x12,0xd4, 2486 0x77,0xbe,0x1d,0x20,0x3b,0x69,0x74,0xce,0x91,0x69,0xbe,0x3f,0x76,0x1d,0xe7, 2487 0x81,0x92,0x2b,0xdc,0xbb,0xf9,0xd9,0xba,0xf0,0xba,0x58,0x4a,0x9b,0x47,0x59, 2488 0x34,0xf7,0x19,0xb5,0x15,0x31,0x35,0x4a,0x6d,0x7b,0x91,0x3d,0xc2,0x6c,0x8f, 2489 0x58,0x27,0x0f,0x79,0x96,0x57,0xee,0x4e,0x66,0x3e,0xfa,0x5c,0x22,0xb9,0x57, 2490 0xbf,0x8e,0x7e,0xce,0x98,0x62,0x28,0xb1,0x39,0x0e,0x2d,0x7b,0x5d,0x23,0x70, 2491 0xf0,0x4a,0x63,0x11,0x66,0x80,0xf9,0x99,0x53,0x80,0xda,0x87,0x87,0xf7,0x3c, 2492 0x44,0x76,0x66,0x26,0xa7,0x05,0x3c,0x68,0x66,0x1c,0x07,0x4d,0xcf,0x54,0xaa, 2493 0x5d,0xba,0x7a,0x8f,0x06,0xa7,0x1e,0x86,0xf1,0x5a,0x4b,0x50,0x16,0xad,0x9f, 2494 0x89 }; 2495 /* A chain which allows f*.com, where the end cert is issued to foo.com */ 2496 static const BYTE chain25_0[] = { 2497 0x30,0x82,0x01,0xda,0x30,0x82,0x01,0x47,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2498 0x58,0x61,0x5e,0xb3,0x52,0x48,0xc2,0xa7,0x4a,0xa4,0x70,0x8a,0x64,0x96,0xac, 2499 0xc6,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2500 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2501 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2502 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2503 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2504 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2505 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2506 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2507 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2508 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2509 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2510 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2511 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2512 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2513 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2514 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2515 0x00,0x01,0xa3,0x3d,0x30,0x3b,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2516 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2517 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x18,0x06,0x03,0x55,0x1d, 2518 0x1e,0x01,0x01,0xff,0x04,0x0e,0x30,0x0c,0xa0,0x0a,0x30,0x08,0x82,0x06,0x66, 2519 0x2a,0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05, 2520 0x00,0x03,0x81,0x81,0x00,0x18,0xb1,0xb1,0x84,0x3c,0x55,0x29,0xfc,0xd0,0xa7, 2521 0xcd,0x40,0x88,0x9b,0x35,0x9a,0x14,0xa1,0x34,0xd7,0x20,0xd9,0xfb,0x52,0x2f, 2522 0xba,0x6c,0x19,0x5c,0xdc,0x0b,0x0b,0xa5,0x21,0xf9,0x0f,0x98,0x23,0xb6,0xcd, 2523 0x36,0x3f,0xed,0xeb,0xf3,0x10,0xbf,0x62,0x33,0xbb,0xb1,0x94,0x79,0x45,0xe4, 2524 0x42,0x2b,0x9e,0x32,0x53,0x18,0x19,0x59,0x4d,0xc9,0x2d,0x65,0xa4,0xcb,0xd4, 2525 0x0b,0x90,0x2a,0xfe,0xea,0x7f,0x10,0xa9,0xb7,0x65,0xf8,0xc3,0xad,0x26,0x4c, 2526 0x29,0x45,0x60,0xce,0x6a,0x63,0x3e,0xa4,0x6f,0x47,0xaf,0x96,0xea,0xc4,0x35, 2527 0xb0,0x83,0xd7,0x52,0xa9,0x1a,0xd0,0x9a,0x6d,0xac,0xcf,0x6a,0xa6,0xe8,0x8e, 2528 0x52,0x61,0x34,0x95,0xd2,0x22,0x83,0x1f,0x86,0x15,0xa0,0x91,0x2b }; 2529 static const BYTE chain25_1[] = { 2530 0x30,0x82,0x01,0xac,0x30,0x82,0x01,0x15,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2531 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2532 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2533 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2534 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2535 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2536 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2537 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2538 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2539 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2540 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2541 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2542 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2543 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2544 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2545 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2546 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2547 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55, 2548 0x1d,0x07,0x04,0x0b,0x30,0x09,0x82,0x07,0x66,0x6f,0x6f,0x2e,0x63,0x6f,0x6d, 2549 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 2550 0x03,0x81,0x81,0x00,0xa5,0xc0,0xf6,0xb1,0x63,0x3a,0x23,0xc5,0xb0,0x07,0xb4, 2551 0x83,0xcf,0x36,0xb4,0xfe,0x3c,0xcb,0xa6,0x6b,0xed,0xf7,0x4c,0x25,0x9f,0x2d, 2552 0x88,0xcd,0x8a,0xe4,0x88,0xe3,0x33,0xbb,0x50,0x54,0xee,0xc9,0xad,0xed,0x8b, 2553 0xec,0x1e,0x64,0x36,0xe8,0xb5,0x51,0xca,0xd3,0xa5,0xb9,0x7a,0x2d,0x4b,0xe7, 2554 0xe8,0xc9,0xa5,0x1d,0x49,0xa1,0x31,0x0f,0x50,0x46,0xb0,0x0f,0xd0,0xf6,0xad, 2555 0x51,0x18,0x93,0x25,0x8f,0x4f,0x57,0x12,0x72,0x1e,0xa7,0x44,0x37,0x9f,0xf2, 2556 0xc0,0x28,0xe8,0xbe,0xb8,0x75,0x42,0xef,0x1d,0x7a,0xca,0x87,0x0c,0x11,0x25, 2557 0xeb,0xab,0xcf,0xe0,0xe1,0x12,0x38,0xf6,0x68,0x31,0xfb,0x16,0xcb,0xef,0x67, 2558 0x8c,0x4b,0x6b,0xfd,0x69,0xba,0x0b,0x69,0xee,0x74,0xe0,0x73 }; 2559 /* A chain which allows f*.com, where the end cert is issued to bar.com */ 2560 static const BYTE chain26_0[] = { 2561 0x30,0x82,0x01,0xda,0x30,0x82,0x01,0x47,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2562 0x6f,0x9d,0x2b,0x8a,0x6d,0xf2,0xd4,0x9f,0x42,0xea,0x3d,0x16,0xe8,0xa5,0x80, 2563 0x7e,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2564 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2565 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2566 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2567 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2568 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2569 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2570 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2571 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2572 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2573 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2574 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2575 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2576 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2577 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2578 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2579 0x00,0x01,0xa3,0x3d,0x30,0x3b,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2580 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2581 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x18,0x06,0x03,0x55,0x1d, 2582 0x1e,0x01,0x01,0xff,0x04,0x0e,0x30,0x0c,0xa0,0x0a,0x30,0x08,0x82,0x06,0x66, 2583 0x2a,0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05, 2584 0x00,0x03,0x81,0x81,0x00,0x6c,0x34,0x75,0x37,0xd9,0x65,0x9e,0x20,0x05,0x67, 2585 0x16,0x2e,0xc9,0x53,0xc1,0x69,0x53,0xd6,0x00,0x2c,0x92,0x53,0x91,0xa2,0x2a, 2586 0x94,0x2c,0xfa,0x6f,0xc1,0x7e,0xee,0x3c,0x22,0x06,0xcc,0xd1,0xdc,0xd7,0x21, 2587 0x6a,0xf2,0xd3,0x1b,0xaf,0x34,0x20,0x97,0x0f,0xa1,0xec,0x7f,0x72,0x22,0xf2, 2588 0x98,0x5d,0xf4,0x0b,0x83,0x23,0xa7,0x73,0xb2,0xde,0x12,0x56,0xc9,0x11,0xa6, 2589 0x5d,0xbc,0x32,0x79,0x41,0x8b,0xe6,0x8c,0x9c,0xf9,0x78,0xd2,0x20,0x96,0x27, 2590 0x85,0x41,0xc1,0xb8,0x8a,0x74,0x1e,0xbb,0x27,0xc1,0xf7,0xaf,0xe8,0x1c,0x21, 2591 0xe4,0x10,0x64,0x6a,0xdf,0x79,0x30,0x29,0x0e,0x5a,0x04,0x48,0x18,0xdd,0xb0, 2592 0xaa,0x43,0x08,0x71,0x2e,0x49,0x9f,0x9b,0xc1,0x1a,0xcc,0x5f,0xee }; 2593 static const BYTE chain26_1[] = { 2594 0x30,0x82,0x01,0xac,0x30,0x82,0x01,0x15,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2595 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2596 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2597 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2598 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2599 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2600 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2601 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2602 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2603 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2604 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2605 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2606 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2607 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2608 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2609 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2610 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2611 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55, 2612 0x1d,0x07,0x04,0x0b,0x30,0x09,0x82,0x07,0x62,0x61,0x72,0x2e,0x63,0x6f,0x6d, 2613 0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, 2614 0x03,0x81,0x81,0x00,0x47,0xa6,0x37,0x73,0x4f,0x19,0xf9,0xaf,0xa9,0xb5,0xa8, 2615 0x41,0x99,0x31,0xa5,0xaa,0x0d,0x6c,0xb8,0x9d,0xe6,0xf6,0x59,0x4d,0xd8,0x12, 2616 0x76,0xcc,0x0b,0xaa,0x2f,0x08,0x1c,0x75,0x54,0x5a,0xae,0x09,0x39,0x25,0xfc, 2617 0x44,0xa1,0x00,0x24,0x5c,0xec,0x20,0x04,0xc7,0xe9,0x14,0xb0,0x71,0x4a,0x33, 2618 0x41,0x7f,0x1d,0x47,0xe5,0x7c,0xe4,0x86,0xb1,0xeb,0xa4,0x9d,0x2a,0x89,0xeb, 2619 0x1d,0x15,0xd6,0x42,0x39,0xe4,0x05,0x26,0xbf,0xc2,0x09,0x6c,0x5c,0xd1,0x56, 2620 0xfd,0x18,0x42,0xd3,0xd5,0x7c,0x52,0xa8,0x4a,0x77,0xe8,0xc0,0x53,0x2b,0xa6, 2621 0x01,0xf9,0x90,0x68,0x60,0x3f,0xcb,0xb8,0x24,0x16,0x0b,0x69,0x4b,0xd9,0xf8, 2622 0x2c,0x92,0xed,0x89,0xa5,0xff,0x71,0xc5,0xed,0xe8,0xbc,0x70 }; 2623 /* A chain which allows foo.com, where the end cert is issued to 2624 * foo.com\0baddie 2625 */ 2626 static const BYTE chain27_0[] = { 2627 0x30,0x82,0x01,0xdb,0x30,0x82,0x01,0x48,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2628 0x3d,0xd2,0x79,0xf1,0xa7,0x1a,0xac,0xb2,0x43,0x5e,0x53,0x67,0xc9,0xa1,0x8c, 2629 0x53,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2630 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2631 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2632 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2633 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2634 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2635 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2636 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2637 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2638 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2639 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2640 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2641 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2642 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2643 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2644 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2645 0x00,0x01,0xa3,0x3e,0x30,0x3c,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2646 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2647 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x19,0x06,0x03,0x55,0x1d, 2648 0x1e,0x01,0x01,0xff,0x04,0x0f,0x30,0x0d,0xa0,0x0b,0x30,0x09,0x82,0x07,0x66, 2649 0x6f,0x6f,0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d, 2650 0x05,0x00,0x03,0x81,0x81,0x00,0x18,0x5d,0xb0,0x42,0x96,0xf7,0x96,0x7b,0x23, 2651 0x46,0xa9,0xf4,0x99,0x57,0x27,0x8e,0x24,0xae,0x29,0xb8,0x04,0xe3,0x1b,0x64, 2652 0x22,0x8e,0x20,0xf1,0x45,0xb8,0x84,0x38,0x41,0x99,0x73,0xb2,0xbc,0xd9,0xcb, 2653 0x9d,0x9f,0xf4,0x86,0xed,0x21,0x34,0x42,0x21,0xf4,0x8f,0xa7,0xcf,0x19,0xe5, 2654 0xd3,0x4f,0x7c,0x4f,0xc7,0x9e,0x91,0x3a,0x16,0x0b,0x61,0x9e,0xfa,0x08,0x1b, 2655 0x01,0xc0,0x19,0xeb,0xe8,0xd4,0x5a,0xe9,0xe0,0x71,0x04,0xaa,0x88,0x93,0x10, 2656 0x3e,0xc5,0x23,0xbe,0x0b,0xab,0xa9,0x07,0x46,0x4d,0x4b,0xf2,0x95,0xeb,0x69, 2657 0xf2,0x70,0x33,0x5c,0xf7,0xd1,0xa9,0x5b,0xd2,0x84,0x10,0xa6,0x00,0xbe,0xb5, 2658 0xd4,0xe7,0xa3,0x54,0x63,0x3c,0xca,0xb0,0xbf,0x96,0xd1,0x6f,0x64,0xaf }; 2659 static const BYTE chain27_1[] = { 2660 0x30,0x82,0x01,0xb3,0x30,0x82,0x01,0x1c,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2661 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2662 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2663 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2664 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2665 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2666 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2667 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2668 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2669 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2670 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2671 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2672 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2673 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2674 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2675 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2676 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2677 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x1d,0x30,0x1b,0x30,0x19,0x06,0x03,0x55, 2678 0x1d,0x07,0x04,0x12,0x30,0x10,0x82,0x0e,0x66,0x6f,0x6f,0x2e,0x63,0x6f,0x6d, 2679 0x00,0x62,0x61,0x64,0x64,0x69,0x65,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86, 2680 0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x6f,0x06,0xc6,0xd0, 2681 0xa1,0x8c,0xc6,0xed,0x33,0x04,0xf6,0x64,0x81,0xa1,0x0f,0x79,0x4d,0x9a,0xbd, 2682 0xc0,0x8f,0x18,0xc2,0xb8,0x82,0xb9,0x70,0x6f,0xbe,0xaa,0xbb,0x43,0x95,0x79, 2683 0x58,0xec,0xdf,0x94,0x8b,0x4d,0xe1,0xee,0x56,0xc4,0x57,0x7c,0xff,0xde,0x5f, 2684 0x52,0xf9,0x3a,0x9e,0x33,0x99,0x6e,0xdf,0xf2,0xce,0x40,0xc7,0xd8,0xb5,0x86, 2685 0xae,0xb7,0x52,0x8b,0xc5,0x62,0x17,0xce,0x03,0x06,0x29,0x5a,0xf6,0x5a,0x9a, 2686 0x8e,0xb7,0xe3,0xb2,0xcd,0x3f,0xa7,0x61,0x2b,0xba,0xe6,0x68,0xa8,0x92,0x8a, 2687 0xe5,0x32,0xe0,0x49,0xd4,0x42,0xc0,0x1a,0x92,0x72,0xb0,0x66,0x48,0x84,0x74, 2688 0xd3,0x25,0xe3,0x66,0x2f,0x30,0xea,0x40,0x72,0x82,0xc4,0xc5,0x4a,0x4e,0xcc, 2689 0x32,0xbc,0x36,0xa4 }; 2690 /* A chain which allows foo.*.com, where the end cert is issued to foo.bar.com. 2691 */ 2692 static const BYTE chain28_0[] = { 2693 0x30,0x82,0x01,0xdd,0x30,0x82,0x01,0x4a,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, 2694 0x72,0x7f,0x98,0xcd,0x99,0xa6,0x5f,0x89,0x4a,0x5c,0xd2,0x15,0xd0,0x68,0x25, 2695 0xc8,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, 2696 0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, 2697 0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, 2698 0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, 2699 0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, 2700 0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, 2701 0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2702 0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, 2703 0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, 2704 0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, 2705 0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, 2706 0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, 2707 0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, 2708 0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, 2709 0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, 2710 0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, 2711 0x00,0x01,0xa3,0x40,0x30,0x3e,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2712 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2713 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x1b,0x06,0x03,0x55,0x1d, 2714 0x1e,0x01,0x01,0xff,0x04,0x11,0x30,0x0f,0xa0,0x0d,0x30,0x0b,0x82,0x09,0x66, 2715 0x6f,0x6f,0x2e,0x2a,0x2e,0x63,0x6f,0x6d,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03, 2716 0x02,0x1d,0x05,0x00,0x03,0x81,0x81,0x00,0x01,0x9a,0x8c,0x75,0x20,0x9f,0x91, 2717 0xe9,0xde,0x28,0x3c,0x7a,0xd9,0xf1,0x2d,0xa3,0x0d,0x66,0x9f,0xd8,0x2a,0xb0, 2718 0xb5,0x19,0x9a,0x29,0xc7,0xd5,0xe5,0xf6,0x75,0xee,0x06,0xe4,0xd2,0x71,0x77, 2719 0x7e,0xbc,0x1a,0x5f,0xbe,0x28,0xba,0x6e,0x50,0x8e,0xe6,0xd9,0xd5,0x5a,0x21, 2720 0xa6,0x29,0xff,0xb0,0xc7,0xfe,0x06,0xb6,0xde,0x51,0x5b,0xab,0xe4,0xbb,0xbf, 2721 0xaa,0x03,0xa9,0xfe,0x71,0xb8,0x3f,0x65,0xe2,0x2c,0xa9,0x31,0x18,0x6d,0xe6, 2722 0x54,0xd0,0x90,0x6b,0x7b,0x3a,0x9a,0x45,0xa9,0x1b,0x05,0x2e,0xca,0xd7,0x5f, 2723 0x79,0x3d,0x1c,0xbf,0xdb,0xce,0x23,0x5d,0x0a,0x9b,0xb4,0x91,0xfe,0xd4,0x94, 2724 0x92,0x76,0x36,0xae,0x03,0xb8,0x30,0x13,0x58,0x69,0x71,0xea,0xc2,0xbc,0x31, 2725 0x83 }; 2726 static const BYTE chain28_1[] = { 2727 0x30,0x82,0x01,0xb0,0x30,0x82,0x01,0x19,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2728 0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, 2729 0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, 2730 0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30, 2731 0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30, 2732 0x30,0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, 2733 0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, 2734 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, 2735 0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, 2736 0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, 2737 0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, 2738 0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, 2739 0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, 2740 0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, 2741 0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, 2742 0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, 2743 0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, 2744 0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x1a,0x30,0x18,0x30,0x16,0x06,0x03,0x55, 2745 0x1d,0x07,0x04,0x0f,0x30,0x0d,0x82,0x0b,0x66,0x6f,0x6f,0x2e,0x62,0x61,0x72, 2746 0x2e,0x63,0x6f,0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01, 2747 0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x28,0x64,0x0b,0xad,0x9f,0x12,0xd4, 2748 0x77,0xbe,0x1d,0x20,0x3b,0x69,0x74,0xce,0x91,0x69,0xbe,0x3f,0x76,0x1d,0xe7, 2749 0x81,0x92,0x2b,0xdc,0xbb,0xf9,0xd9,0xba,0xf0,0xba,0x58,0x4a,0x9b,0x47,0x59, 2750 0x34,0xf7,0x19,0xb5,0x15,0x31,0x35,0x4a,0x6d,0x7b,0x91,0x3d,0xc2,0x6c,0x8f, 2751 0x58,0x27,0x0f,0x79,0x96,0x57,0xee,0x4e,0x66,0x3e,0xfa,0x5c,0x22,0xb9,0x57, 2752 0xbf,0x8e,0x7e,0xce,0x98,0x62,0x28,0xb1,0x39,0x0e,0x2d,0x7b,0x5d,0x23,0x70, 2753 0xf0,0x4a,0x63,0x11,0x66,0x80,0xf9,0x99,0x53,0x80,0xda,0x87,0x87,0xf7,0x3c, 2754 0x44,0x76,0x66,0x26,0xa7,0x05,0x3c,0x68,0x66,0x1c,0x07,0x4d,0xcf,0x54,0xaa, 2755 0x5d,0xba,0x7a,0x8f,0x06,0xa7,0x1e,0x86,0xf1,0x5a,0x4b,0x50,0x16,0xad,0x9f, 2756 0x89 }; 2757 /* A chain whose end certificate is issued to *.winehq.org. */ 2758 static const BYTE chain29_1[] = { 2759 0x30,0x82,0x01,0xab,0x30,0x82,0x01,0x16,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2760 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 2761 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 2762 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,0x30,0x30, 2763 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,0x30,0x30, 2764 0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 2765 0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 2766 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2767 0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f, 2768 0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e, 2769 0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe, 2770 0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71, 2771 0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87, 2772 0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68, 2773 0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36, 2774 0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22, 2775 0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01, 2776 0x00,0x01,0xa3,0x1b,0x30,0x19,0x30,0x17,0x06,0x03,0x55,0x1d,0x07,0x04,0x10, 2777 0x30,0x0e,0x82,0x0c,0x2a,0x2e,0x77,0x69,0x6e,0x65,0x68,0x71,0x2e,0x6f,0x72, 2778 0x67,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03, 2779 0x81,0x81,0x00,0x65,0xbf,0xfa,0xf7,0xc3,0x09,0x70,0x25,0x8a,0x46,0x69,0xf6, 2780 0xdc,0x07,0x1e,0x30,0xc9,0xe4,0x58,0x89,0x65,0x3a,0xa8,0xda,0xbd,0x17,0xf8, 2781 0x1d,0x0d,0x7d,0x47,0xb1,0xb2,0xda,0x17,0x9f,0xf6,0x47,0xe0,0xe4,0x4a,0xeb, 2782 0x02,0xc9,0x2e,0x69,0x1c,0x57,0x2a,0x80,0xc9,0x01,0x77,0x7b,0x27,0xff,0x2f, 2783 0xaf,0xdf,0xf3,0x65,0x12,0xd8,0x7d,0xc2,0xbf,0x1b,0x1d,0x18,0x96,0x5c,0xf6, 2784 0xba,0x43,0xc5,0x43,0x57,0xc0,0xdd,0x97,0x95,0xfb,0x1c,0xad,0x64,0x0f,0x61, 2785 0x3a,0xe9,0x27,0xa4,0x57,0x27,0x34,0xa7,0x42,0xde,0x78,0x1a,0x71,0x80,0x23, 2786 0xd6,0xd7,0x22,0xf0,0x24,0x0d,0x71,0xf1,0x2b,0xd0,0xd8,0x76,0x3d,0xef,0x4c, 2787 0xce,0x1c,0x3b,0x83,0x1b,0x63,0x10,0x6c,0x63,0xe5,0x69 }; 2788 /* chain0_0 -> chain30_1 -> chain30_2 2789 * A chain whose intermediate certificate has an unsupported critical 2790 * extension. 2791 */ 2792 static const BYTE chain30_1[] = { 2793 0x30,0x82,0x01,0xc0,0x30,0x82,0x01,0x2b,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2794 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 2795 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 2796 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,0x30,0x30, 2797 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,0x30,0x30, 2798 0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03, 2799 0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a, 2800 0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, 2801 0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f, 2802 0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e, 2803 0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe, 2804 0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71, 2805 0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87, 2806 0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68, 2807 0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36, 2808 0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22, 2809 0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01, 2810 0x00,0x01,0xa3,0x30,0x30,0x2e,0x30,0x0e,0x06,0x03,0x55,0x1d,0x0f,0x01,0x01, 2811 0xff,0x04,0x04,0x03,0x02,0x00,0x04,0x30,0x0f,0x06,0x03,0x55,0x1d,0x13,0x01, 2812 0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0b,0x06,0x02,0x2a,0x03, 2813 0x01,0x01,0xff,0x04,0x02,0x30,0x00,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86, 2814 0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0x51,0x3e,0x35,0x1b,0x66,0x3c, 2815 0xca,0x5e,0xf3,0xf9,0x1b,0xd5,0x03,0x13,0xf8,0xcf,0x87,0xdf,0xed,0x75,0xa6, 2816 0xcd,0x4b,0x1c,0x15,0xd3,0xd8,0x58,0x85,0x85,0x2c,0x64,0x31,0xbd,0xbb,0xad, 2817 0xff,0x38,0x64,0xc5,0x16,0x43,0x14,0x0e,0x71,0x35,0xf3,0xe9,0xca,0xf9,0xf4, 2818 0x69,0xa7,0x67,0xa8,0x0f,0xc9,0xcf,0x6f,0x22,0xe5,0x39,0xb8,0xfc,0xe7,0x50, 2819 0x82,0xf7,0xa4,0xaa,0x29,0xe1,0xa9,0xb5,0x03,0x5e,0x0b,0x5f,0x9c,0x8e,0x29, 2820 0x64,0xe5,0xb6,0xed,0xde,0x04,0x0e,0xdb,0xad,0xa3,0xc6,0x2a,0xb0,0x12,0x86, 2821 0x60,0xd4,0xff,0xd8,0xea,0x85,0x54,0x34,0xca,0xc1,0x85,0x4e,0xb5,0x15,0x96, 2822 0xb7,0xa5,0x64,0x7b,0xc7,0x76,0xcb,0x04,0x75,0x9e,0x1e,0xbd,0x62,0x79,0xc5, 2823 0x1f,0x32 }; 2824 static const BYTE chain30_2[] = { 2825 0x30,0x82,0x01,0x8d,0x30,0x81,0xf9,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, 2826 0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30,0x10, 2827 0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74, 2828 0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30,0x30,0x30, 2829 0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39, 2830 0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13, 2831 0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81,0x9d,0x30,0x0b,0x06,0x09,0x2a,0x86, 2832 0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02, 2833 0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9,0xb1, 2834 0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11,0x7e, 2835 0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0,0xeb, 2836 0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42,0x63, 2837 0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87,0xca, 2838 0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55,0xcb, 2839 0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f,0x87, 2840 0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1,0x60, 2841 0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01,0x00, 2842 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x03, 2843 0x81,0x81,0x00,0x14,0x75,0x85,0xcc,0x68,0xfe,0x98,0x6f,0xf6,0x67,0x00,0x5b, 2844 0x0c,0xfc,0x36,0x18,0xf4,0x56,0x46,0x7c,0xb9,0xfa,0x6c,0xe6,0x37,0xaf,0x69, 2845 0x37,0x93,0x8c,0x35,0x3a,0x1b,0x58,0x2f,0xe2,0x06,0x39,0x85,0x3f,0x73,0xcf, 2846 0xe1,0x3f,0x27,0x19,0x60,0xc3,0x1b,0xf6,0x69,0x3b,0x8e,0x57,0x7b,0xd8,0xb9, 2847 0xc6,0x9f,0x13,0x72,0x22,0x04,0x8f,0x5c,0x54,0x13,0x8c,0x63,0xe3,0x6b,0x70, 2848 0x98,0xec,0xcc,0xe1,0x93,0xb1,0x4b,0x30,0x4c,0xde,0xe8,0x3c,0x68,0x38,0x44, 2849 0x5e,0xe2,0x2b,0xf5,0xa1,0xee,0x02,0x7e,0x09,0x15,0xff,0xc9,0xf6,0xaf,0xf5, 2850 0xcc,0xeb,0xfc,0xe7,0x3c,0x92,0xdb,0x31,0xab,0x1e,0xb8,0x9e,0xf0,0x5e,0xa3, 2851 0x93,0xfe,0xab,0x26,0x7b,0x01,0xa8,0x98,0x88,0xbb,0xee }; 2852 /* chain0_0 -> chain31_1: a chain whose end certificate has two CNs, a 2853 * wildcard name "*.foo.com" and a non-wildcard name "foo.com". 2854 */ 2855 static const BYTE chain31_1[] = { 2856 0x30,0x82,0x01,0xa2,0x30,0x82,0x01,0x0d,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, 2857 0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x30, 2858 0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72, 2859 0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,0x30,0x30, 2860 0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,0x30,0x30, 2861 0x30,0x30,0x30,0x5a,0x30,0x24,0x31,0x22,0x30,0x0e,0x06,0x03,0x55,0x04,0x03, 2862 0x13,0x07,0x66,0x6f,0x6f,0x2e,0x63,0x6f,0x6d,0x30,0x10,0x06,0x03,0x55,0x04, 2863 0x03,0x13,0x09,0x2a,0x2e,0x66,0x6f,0x6f,0x2e,0x63,0x6f,0x6d,0x30,0x81,0x9d, 2864 0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x03,0x81, 2865 0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f, 2866 0xe5,0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4, 2867 0xc6,0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5, 2868 0xa7,0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6, 2869 0x8b,0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf, 2870 0x6b,0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40, 2871 0xfc,0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac, 2872 0x85,0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23, 2873 0xb2,0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98, 2874 0x72,0xa3,0x02,0x03,0x01,0x00,0x01,0x30,0x0b,0x06,0x09,0x2a,0x86,0x48,0x86, 2875 0xf7,0x0d,0x01,0x01,0x05,0x03,0x81,0x81,0x00,0xa0,0x93,0x52,0x87,0x81,0xe2, 2876 0xff,0x2a,0xc7,0xef,0x5f,0x3c,0xbc,0x88,0x99,0xc0,0x47,0x3e,0x13,0xe9,0x87, 2877 0xfa,0x36,0xd7,0xb5,0xe8,0xdf,0x70,0xcc,0x36,0xe4,0x70,0x3c,0xcd,0xa2,0x0b, 2878 0x31,0x6e,0x0a,0xb9,0x00,0xf0,0x4f,0xb6,0xc2,0xce,0xf4,0x33,0x1e,0xc0,0x29, 2879 0xc0,0x73,0x0c,0xcf,0x28,0xa5,0x26,0x9d,0xc2,0xaf,0x85,0x30,0x81,0xbf,0xd1, 2880 0x70,0x3f,0x69,0x15,0xc5,0x41,0x1d,0x8e,0xd4,0xfa,0x02,0xcd,0xba,0xf1,0xf2, 2881 0x67,0xb5,0x45,0x29,0xad,0xe8,0x54,0x9a,0x0f,0x1a,0x8f,0xdf,0x16,0xf4,0xcb, 2882 0x43,0x08,0xe5,0x78,0x2b,0x95,0xf3,0x75,0xb6,0x88,0xf0,0x6b,0x5c,0x5b,0x50, 2883 0x04,0x91,0x3b,0x89,0x5a,0x60,0x1f,0xfc,0x36,0x53,0x32,0x36,0x0a,0x4d,0x03, 2884 0x2c,0xd7 }; 2885 2886 typedef struct _CONST_DATA_BLOB 2887 { 2888 DWORD cbData; 2889 const BYTE *pbData; 2890 } CONST_DATA_BLOB; 2891 2892 typedef struct _CONST_BLOB_ARRAY 2893 { 2894 DWORD cBlob; 2895 CONST_DATA_BLOB *rgBlob; 2896 } CONST_BLOB_ARRAY; 2897 2898 #define TODO_CHAIN 1 2899 #define TODO_ERROR 2 2900 #define TODO_INFO 4 2901 #define TODO_ELEMENTS 8 2902 #define TODO_CHAINS 16 2903 #define TODO_POLICY 32 2904 2905 /* Gets a certificate chain built from a store containing all the certs in 2906 * certArray, where the last certificate in the chain is expected to be the 2907 * end certificate (the one from which the chain is built.) 2908 */ 2909 static PCCERT_CHAIN_CONTEXT getChain(HCERTCHAINENGINE engine, 2910 const CONST_BLOB_ARRAY *certArray, DWORD flags, BOOL includeStore, 2911 LPSYSTEMTIME checkTime, DWORD todo, DWORD testIndex) 2912 { 2913 HCERTSTORE store; 2914 PCCERT_CHAIN_CONTEXT chain = NULL; 2915 2916 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 2917 CERT_STORE_CREATE_NEW_FLAG, NULL); 2918 if (store) 2919 { 2920 BOOL ret; 2921 PCCERT_CONTEXT endCert; 2922 2923 if (certArray->cBlob > 1) 2924 { 2925 DWORD i; 2926 2927 for (i = 0, ret = TRUE; ret && i < certArray->cBlob - 1; i++) 2928 { 2929 ret = CertAddEncodedCertificateToStore(store, 2930 X509_ASN_ENCODING, certArray->rgBlob[i].pbData, 2931 certArray->rgBlob[i].cbData, CERT_STORE_ADD_ALWAYS, NULL); 2932 ok(ret, "Chain %d: adding cert %d failed: %08x\n", 2933 testIndex, i, GetLastError()); 2934 } 2935 } 2936 ret = CertAddEncodedCertificateToStore(store, 2937 X509_ASN_ENCODING, certArray->rgBlob[certArray->cBlob - 1].pbData, 2938 certArray->rgBlob[certArray->cBlob - 1].cbData, CERT_STORE_ADD_ALWAYS, 2939 &endCert); 2940 ok(ret, "Chain %d: adding end cert failed: %08x\n", 2941 testIndex, GetLastError()); 2942 if (ret) 2943 { 2944 /* FIXME: allow caller to specify usage matches? */ 2945 CERT_CHAIN_PARA chainPara = { sizeof(chainPara), { 0 } }; 2946 FILETIME fileTime; 2947 2948 ok(SystemTimeToFileTime(checkTime, &fileTime), 2949 "SystemTimeToFileTime failed for day %d, month %d, year %d\n", 2950 checkTime->wDay, checkTime->wMonth, checkTime->wYear); 2951 ret = pCertGetCertificateChain(engine, endCert, &fileTime, 2952 includeStore ? store : NULL, &chainPara, flags, NULL, &chain); 2953 todo_wine_if (todo & TODO_CHAIN) 2954 ok(ret, "Chain %d: CertGetCertificateChain failed: %08x\n", 2955 testIndex, GetLastError()); 2956 CertFreeCertificateContext(endCert); 2957 } 2958 CertCloseStore(store, 0); 2959 } 2960 return chain; 2961 } 2962 2963 typedef struct _SimpleChainStatusCheck 2964 { 2965 DWORD cElement; 2966 const CERT_TRUST_STATUS *rgElementStatus; 2967 } SimpleChainStatusCheck; 2968 2969 static void checkElementStatus(const CERT_TRUST_STATUS *expected, 2970 const CERT_TRUST_STATUS *got, const CERT_TRUST_STATUS *ignore, 2971 DWORD todo, LPCSTR testName, DWORD testIndex, DWORD chainIndex, 2972 DWORD elementIndex) 2973 { 2974 if (got->dwErrorStatus == expected->dwErrorStatus) 2975 ok(got->dwErrorStatus == expected->dwErrorStatus, 2976 "%s[%d], element [%d,%d]: expected error %08x, got %08x\n", 2977 testName, testIndex, chainIndex, elementIndex, expected->dwErrorStatus, 2978 got->dwErrorStatus); 2979 else todo_wine_if (todo & TODO_ERROR) 2980 ok(got->dwErrorStatus == expected->dwErrorStatus || 2981 broken((got->dwErrorStatus & ~ignore->dwErrorStatus) == 2982 (expected->dwErrorStatus & ~ignore->dwErrorStatus)), 2983 "%s[%d], element [%d,%d]: expected error %08x, got %08x. %08x is " 2984 "expected if no valid root certificate is available.\n", 2985 testName, testIndex, chainIndex, elementIndex, expected->dwErrorStatus, 2986 got->dwErrorStatus, CERT_TRUST_IS_UNTRUSTED_ROOT); 2987 if (got->dwInfoStatus == expected->dwInfoStatus) 2988 ok(got->dwInfoStatus == expected->dwInfoStatus, 2989 "%s[%d], element [%d,%d]: expected info %08x, got %08x\n", 2990 testName, testIndex, chainIndex, elementIndex, expected->dwInfoStatus, 2991 got->dwInfoStatus); 2992 else todo_wine_if (todo & TODO_INFO) 2993 ok(got->dwInfoStatus == expected->dwInfoStatus || 2994 broken((got->dwInfoStatus & ~ignore->dwInfoStatus) == 2995 (expected->dwInfoStatus & ~ignore->dwInfoStatus)), 2996 "%s[%d], element [%d,%d]: expected info %08x, got %08x\n", 2997 testName, testIndex, chainIndex, elementIndex, expected->dwInfoStatus, 2998 got->dwInfoStatus); 2999 } 3000 3001 static void checkSimpleChainStatus(const CERT_SIMPLE_CHAIN *simpleChain, 3002 const SimpleChainStatusCheck *simpleChainStatus, 3003 const CERT_TRUST_STATUS *ignore, DWORD todo, LPCSTR testName, DWORD testIndex, 3004 DWORD chainIndex) 3005 { 3006 todo_wine_if (todo & TODO_ELEMENTS) 3007 ok(simpleChain->cElement == simpleChainStatus->cElement, 3008 "%s[%d]: expected %d elements, got %d\n", testName, testIndex, 3009 simpleChainStatus->cElement, simpleChain->cElement); 3010 if (simpleChain->cElement == simpleChainStatus->cElement) 3011 { 3012 DWORD i; 3013 3014 for (i = 0; i < simpleChain->cElement; i++) 3015 checkElementStatus(&simpleChainStatus->rgElementStatus[i], 3016 &simpleChain->rgpElement[i]->TrustStatus, ignore, todo, testName, 3017 testIndex, chainIndex, i); 3018 } 3019 } 3020 3021 typedef struct _ChainStatusCheck 3022 { 3023 CERT_TRUST_STATUS statusToIgnore; 3024 CERT_TRUST_STATUS status; 3025 DWORD cChain; 3026 const SimpleChainStatusCheck *rgChainStatus; 3027 } ChainStatusCheck; 3028 3029 static void checkChainStatus(PCCERT_CHAIN_CONTEXT chain, 3030 const ChainStatusCheck *chainStatus, DWORD todo, LPCSTR testName, 3031 DWORD testIndex) 3032 { 3033 ok(chain->cChain == chainStatus->cChain, 3034 "%s[%d]: expected %d simple chains, got %d\n", testName, testIndex, 3035 chainStatus->cChain, chain->cChain); 3036 todo_wine_if (todo & TODO_ERROR && 3037 chain->TrustStatus.dwErrorStatus != chainStatus->status.dwErrorStatus) 3038 ok(chain->TrustStatus.dwErrorStatus == 3039 chainStatus->status.dwErrorStatus || 3040 broken((chain->TrustStatus.dwErrorStatus & 3041 ~chainStatus->statusToIgnore.dwErrorStatus) == 3042 (chainStatus->status.dwErrorStatus & 3043 ~chainStatus->statusToIgnore.dwErrorStatus)), 3044 "%s[%d]: expected error %08x, got %08x. %08x is expected if no valid " 3045 "root certificate is available.\n", 3046 testName, testIndex, chainStatus->status.dwErrorStatus, 3047 chain->TrustStatus.dwErrorStatus, CERT_TRUST_IS_UNTRUSTED_ROOT); 3048 todo_wine_if (todo & TODO_INFO && 3049 chain->TrustStatus.dwInfoStatus != chainStatus->status.dwInfoStatus) 3050 ok(chain->TrustStatus.dwInfoStatus == 3051 chainStatus->status.dwInfoStatus || 3052 broken((chain->TrustStatus.dwInfoStatus & 3053 ~chainStatus->statusToIgnore.dwInfoStatus) == 3054 (chainStatus->status.dwInfoStatus & 3055 ~chainStatus->statusToIgnore.dwInfoStatus)), 3056 "%s[%d]: expected info %08x, got %08x\n", 3057 testName, testIndex, chainStatus->status.dwInfoStatus, 3058 chain->TrustStatus.dwInfoStatus); 3059 if (chain->cChain == chainStatus->cChain) 3060 { 3061 DWORD i; 3062 3063 for (i = 0; i < chain->cChain; i++) 3064 checkSimpleChainStatus(chain->rgpChain[i], 3065 &chainStatus->rgChainStatus[i], &chainStatus->statusToIgnore, 3066 todo, testName, testIndex, i); 3067 } 3068 } 3069 3070 /* Wednesday, Oct 1, 2007 */ 3071 static SYSTEMTIME oct2007 = { 2007, 10, 1, 1, 0, 0, 0, 0 }; 3072 /* Wednesday, Oct 28, 2009 */ 3073 static SYSTEMTIME oct2009 = { 2009, 10, 3, 28, 0, 0, 0, 0 }; 3074 /* Wednesday, Oct 28, 2010 */ 3075 static SYSTEMTIME oct2010 = { 2010, 10, 3, 28, 0, 0, 0, 0 }; 3076 /* Friday, June 6, 2013 */ 3077 static SYSTEMTIME jun2013 = { 2013, 6, 5, 6, 0, 0, 0, 0 }; 3078 /* Saturday, Oct 1, 2016 */ 3079 static SYSTEMTIME oct2016 = { 2016, 10, 6, 1, 0, 0, 0, 0 }; 3080 /* Wednesday, Nov 17, 2016 */ 3081 static SYSTEMTIME nov2016 = { 2016, 11, 3, 17, 0, 0, 0, 0 }; 3082 3083 typedef struct _ChainCheck 3084 { 3085 CONST_BLOB_ARRAY certs; 3086 ChainStatusCheck status; 3087 DWORD todo; 3088 PSYSTEMTIME validfor; 3089 } ChainCheck; 3090 3091 static CONST_DATA_BLOB chain0[] = { 3092 { sizeof(chain0_0), chain0_0 }, 3093 { sizeof(chain0_1), chain0_1 }, 3094 }; 3095 static const CERT_TRUST_STATUS elementStatus0[] = { 3096 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3097 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3098 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3099 }; 3100 static const SimpleChainStatusCheck simpleStatus0[] = { 3101 { sizeof(elementStatus0) / sizeof(elementStatus0[0]), elementStatus0 }, 3102 }; 3103 static CONST_DATA_BLOB chain1[] = { 3104 { sizeof(chain0_0), chain0_0 }, 3105 { sizeof(chain1_1), chain1_1 }, 3106 }; 3107 static const CERT_TRUST_STATUS elementStatus1[] = { 3108 { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_NOT_SIGNATURE_VALID, 3109 CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3110 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3111 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3112 }; 3113 static const SimpleChainStatusCheck simpleStatus1[] = { 3114 { sizeof(elementStatus1) / sizeof(elementStatus1[0]), elementStatus1 }, 3115 }; 3116 static CONST_DATA_BLOB chain2[] = { 3117 { sizeof(chain2_0), chain2_0 }, 3118 { sizeof(chain0_1), chain0_1 }, 3119 }; 3120 static const CERT_TRUST_STATUS elementStatus2[] = { 3121 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3122 { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 3123 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3124 }; 3125 static const SimpleChainStatusCheck simpleStatus2[] = { 3126 { sizeof(elementStatus2) / sizeof(elementStatus2[0]), elementStatus2 }, 3127 }; 3128 static CONST_DATA_BLOB chain3[] = { 3129 { sizeof(chain3_0), chain3_0 }, 3130 { sizeof(chain0_1), chain0_1 }, 3131 }; 3132 static const CERT_TRUST_STATUS elementStatus3[] = { 3133 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3134 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT, 3135 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3136 }; 3137 static const SimpleChainStatusCheck simpleStatus3[] = { 3138 { sizeof(elementStatus3) / sizeof(elementStatus3[0]), elementStatus3 }, 3139 }; 3140 static CONST_DATA_BLOB chain4[] = { 3141 { sizeof(chain4_0), chain4_0 }, 3142 { sizeof(chain4_1), chain4_1 }, 3143 { sizeof(chain4_2), chain4_2 }, 3144 }; 3145 static const CERT_TRUST_STATUS elementStatus4[] = { 3146 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3147 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3148 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT, 3149 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3150 }; 3151 static const SimpleChainStatusCheck simpleStatus4[] = { 3152 { sizeof(elementStatus4) / sizeof(elementStatus4[0]), elementStatus4 }, 3153 }; 3154 static CONST_DATA_BLOB chain5[] = { 3155 { sizeof(chain5_0), chain5_0 }, 3156 { sizeof(chain5_1), chain5_1 }, 3157 }; 3158 static const CERT_TRUST_STATUS elementStatus5[] = { 3159 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3160 { CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT | 3161 CERT_TRUST_IS_UNTRUSTED_ROOT, 3162 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3163 }; 3164 static const SimpleChainStatusCheck simpleStatus5[] = { 3165 { sizeof(elementStatus5) / sizeof(elementStatus5[0]), elementStatus5 }, 3166 }; 3167 static CONST_DATA_BLOB chain6[] = { 3168 { sizeof(chain0_0), chain0_0 }, 3169 { sizeof(chain4_1), chain4_1 }, 3170 }; 3171 static const CERT_TRUST_STATUS elementStatus6[] = { 3172 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3173 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3174 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3175 }; 3176 static const SimpleChainStatusCheck simpleStatus6[] = { 3177 { sizeof(elementStatus6) / sizeof(elementStatus6[0]), elementStatus6 }, 3178 }; 3179 static CONST_DATA_BLOB chain7[] = { 3180 { sizeof(chain0_0), chain0_0 }, 3181 { sizeof(chain7_1), chain7_1 }, 3182 }; 3183 static const CERT_TRUST_STATUS elementStatus7[] = { 3184 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3185 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3186 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3187 }; 3188 static const SimpleChainStatusCheck simpleStatus7[] = { 3189 { sizeof(elementStatus7) / sizeof(elementStatus7[0]), elementStatus7 }, 3190 }; 3191 static CONST_DATA_BLOB chain8[] = { 3192 { sizeof(chain8_0), chain8_0 }, 3193 { sizeof(chain8_1), chain8_1 }, 3194 { sizeof(chain8_2), chain8_2 }, 3195 }; 3196 static const CERT_TRUST_STATUS elementStatus8[] = { 3197 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3198 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3199 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 3200 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3201 }; 3202 static const SimpleChainStatusCheck simpleStatus8[] = { 3203 { sizeof(elementStatus8) / sizeof(elementStatus8[0]), elementStatus8 }, 3204 }; 3205 static CONST_DATA_BLOB chain9[] = { 3206 { sizeof(chain9_0), chain9_0 }, 3207 { sizeof(chain7_1), chain7_1 }, 3208 }; 3209 static const CERT_TRUST_STATUS elementStatus9[] = { 3210 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3211 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3212 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_CYCLIC, 3213 CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3214 }; 3215 static const SimpleChainStatusCheck simpleStatus9[] = { 3216 { sizeof(elementStatus9) / sizeof(elementStatus9[0]), elementStatus9 }, 3217 }; 3218 static CONST_DATA_BLOB chain10[] = { 3219 { sizeof(chain0_0), chain0_0 }, 3220 { sizeof(chain10_1), chain10_1 }, 3221 { sizeof(chain7_1), chain7_1 }, 3222 }; 3223 static const CERT_TRUST_STATUS elementStatus10[] = { 3224 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3225 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3226 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3227 }; 3228 static const SimpleChainStatusCheck simpleStatus10[] = { 3229 { sizeof(elementStatus10) / sizeof(elementStatus10[0]), elementStatus10 }, 3230 }; 3231 static CONST_DATA_BLOB chain11[] = { 3232 { sizeof(chain0_0), chain0_0 }, 3233 { sizeof(chain11_1), chain11_1 }, 3234 { sizeof(chain7_1), chain7_1 }, 3235 }; 3236 static CONST_DATA_BLOB chain12[] = { 3237 { sizeof(chain12_0), chain12_0 }, 3238 { sizeof(chain7_1), chain7_1 }, 3239 }; 3240 static const CERT_TRUST_STATUS elementStatus12[] = { 3241 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3242 { CERT_TRUST_IS_NOT_SIGNATURE_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 3243 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3244 }; 3245 static const SimpleChainStatusCheck simpleStatus12[] = { 3246 { sizeof(elementStatus12) / sizeof(elementStatus12[0]), elementStatus12 }, 3247 }; 3248 static CONST_DATA_BLOB chain13[] = { 3249 { sizeof(chain0_0), chain0_0 }, 3250 { sizeof(chain13_1), chain13_1 }, 3251 }; 3252 static const CERT_TRUST_STATUS elementStatus13[] = { 3253 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3254 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3255 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3256 }; 3257 static const SimpleChainStatusCheck simpleStatus13[] = { 3258 { sizeof(elementStatus13) / sizeof(elementStatus13[0]), elementStatus13 }, 3259 }; 3260 static CONST_DATA_BLOB chain14[] = { 3261 { sizeof(chain14_0), chain14_0 }, 3262 { sizeof(chain14_1), chain14_1 }, 3263 }; 3264 static const CERT_TRUST_STATUS elementStatus14[] = { 3265 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3266 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3267 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3268 }; 3269 static const SimpleChainStatusCheck simpleStatus14[] = { 3270 { sizeof(elementStatus14) / sizeof(elementStatus14[0]), elementStatus14 }, 3271 }; 3272 static CONST_DATA_BLOB chain15[] = { 3273 { sizeof(chain15_0), chain15_0 }, 3274 { sizeof(chain14_1), chain14_1 }, 3275 }; 3276 static const CERT_TRUST_STATUS elementStatus15[] = { 3277 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3278 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3279 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3280 }; 3281 static const SimpleChainStatusCheck simpleStatus15[] = { 3282 { sizeof(elementStatus15) / sizeof(elementStatus15[0]), elementStatus15 }, 3283 }; 3284 static CONST_DATA_BLOB chain16[] = { 3285 { sizeof(chain0_0), chain0_0 }, 3286 { sizeof(chain16_1), chain16_1 }, 3287 }; 3288 static const CERT_TRUST_STATUS elementStatus16[] = { 3289 { CERT_TRUST_NO_ERROR | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3290 CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3291 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3292 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3293 }; 3294 static const SimpleChainStatusCheck simpleStatus16[] = { 3295 { sizeof(elementStatus16) / sizeof(elementStatus16[0]), elementStatus16 }, 3296 }; 3297 static CONST_DATA_BLOB chain17[] = { 3298 { sizeof(chain0_0), chain0_0 }, 3299 { sizeof(chain17_1), chain17_1 }, 3300 { sizeof(chain17_2), chain17_2 }, 3301 }; 3302 static const CERT_TRUST_STATUS elementStatus17[] = { 3303 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3304 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3305 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3306 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3307 }; 3308 static const SimpleChainStatusCheck simpleStatus17[] = { 3309 { sizeof(elementStatus17) / sizeof(elementStatus17[0]), elementStatus17 }, 3310 }; 3311 static CONST_DATA_BLOB chain18[] = { 3312 { sizeof(chain0_0), chain0_0 }, 3313 { sizeof(chain18_1), chain18_1 }, 3314 { sizeof(chain18_2), chain18_2 }, 3315 }; 3316 static const CERT_TRUST_STATUS elementStatus18[] = { 3317 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3318 { CERT_TRUST_IS_NOT_VALID_FOR_USAGE, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3319 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3320 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3321 }; 3322 static const SimpleChainStatusCheck simpleStatus18[] = { 3323 { sizeof(elementStatus18) / sizeof(elementStatus18[0]), elementStatus18 }, 3324 }; 3325 static CONST_DATA_BLOB chain19[] = { 3326 { sizeof(chain19_0), chain19_0 }, 3327 { sizeof(chain19_1), chain19_1 }, 3328 }; 3329 static const CERT_TRUST_STATUS elementStatus19[] = { 3330 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3331 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3332 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER | 3333 CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS }, 3334 }; 3335 static const SimpleChainStatusCheck simpleStatus19[] = { 3336 { sizeof(elementStatus19) / sizeof(elementStatus19[0]), elementStatus19 }, 3337 }; 3338 static CONST_DATA_BLOB chain20[] = { 3339 { sizeof(chain20_0), chain20_0 }, 3340 { sizeof(chain20_1), chain20_1 }, 3341 }; 3342 static const CERT_TRUST_STATUS elementStatus20[] = { 3343 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3344 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3345 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3346 }; 3347 static const SimpleChainStatusCheck simpleStatus20[] = { 3348 { sizeof(elementStatus20) / sizeof(elementStatus20[0]), elementStatus20 }, 3349 }; 3350 static CONST_DATA_BLOB chain21[] = { 3351 { sizeof(chain21_0), chain21_0 }, 3352 { sizeof(chain21_1), chain21_1 }, 3353 }; 3354 static const CERT_TRUST_STATUS elementStatus21[] = { 3355 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3356 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3357 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER | 3358 CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS }, 3359 }; 3360 static const SimpleChainStatusCheck simpleStatus21[] = { 3361 { sizeof(elementStatus21) / sizeof(elementStatus21[0]), elementStatus21 }, 3362 }; 3363 static CONST_DATA_BLOB chain22[] = { 3364 { sizeof(chain22_0), chain22_0 }, 3365 { sizeof(chain22_1), chain22_1 }, 3366 }; 3367 static const CERT_TRUST_STATUS elementStatus22[] = { 3368 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3369 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3370 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3371 }; 3372 static const SimpleChainStatusCheck simpleStatus22[] = { 3373 { sizeof(elementStatus22) / sizeof(elementStatus22[0]), elementStatus22 }, 3374 }; 3375 static CONST_DATA_BLOB chain23[] = { 3376 { sizeof(chain23_0), chain23_0 }, 3377 { sizeof(chain23_1), chain23_1 }, 3378 }; 3379 static const CERT_TRUST_STATUS elementStatus23[] = { 3380 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3381 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3382 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3383 }; 3384 static const SimpleChainStatusCheck simpleStatus23[] = { 3385 { sizeof(elementStatus23) / sizeof(elementStatus23[0]), elementStatus23 }, 3386 }; 3387 static CONST_DATA_BLOB chain24[] = { 3388 { sizeof(chain24_0), chain24_0 }, 3389 { sizeof(chain24_1), chain24_1 }, 3390 }; 3391 static const CERT_TRUST_STATUS elementStatus24[] = { 3392 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3393 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3394 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3395 }; 3396 static const SimpleChainStatusCheck simpleStatus24[] = { 3397 { sizeof(elementStatus24) / sizeof(elementStatus24[0]), elementStatus24 }, 3398 }; 3399 static CONST_DATA_BLOB chain25[] = { 3400 { sizeof(chain25_0), chain25_0 }, 3401 { sizeof(chain25_1), chain25_1 }, 3402 }; 3403 static const CERT_TRUST_STATUS elementStatus25[] = { 3404 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3405 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3406 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3407 }; 3408 static const SimpleChainStatusCheck simpleStatus25[] = { 3409 { sizeof(elementStatus25) / sizeof(elementStatus25[0]), elementStatus25 }, 3410 }; 3411 static CONST_DATA_BLOB chain26[] = { 3412 { sizeof(chain26_0), chain26_0 }, 3413 { sizeof(chain26_1), chain26_1 }, 3414 }; 3415 static const CERT_TRUST_STATUS elementStatus26[] = { 3416 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3417 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3418 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3419 }; 3420 static const SimpleChainStatusCheck simpleStatus26[] = { 3421 { sizeof(elementStatus26) / sizeof(elementStatus26[0]), elementStatus26 }, 3422 }; 3423 static CONST_DATA_BLOB chain27[] = { 3424 { sizeof(chain27_0), chain27_0 }, 3425 { sizeof(chain27_1), chain27_1 }, 3426 }; 3427 static const CERT_TRUST_STATUS elementStatus27[] = { 3428 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3429 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_NAME_CONSTRAINTS | 3430 CERT_TRUST_INVALID_EXTENSION, 3431 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3432 }; 3433 static const SimpleChainStatusCheck simpleStatus27[] = { 3434 { sizeof(elementStatus27) / sizeof(elementStatus27[0]), elementStatus27 }, 3435 }; 3436 static const CERT_TRUST_STATUS elementStatus27Broken[] = { 3437 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3438 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3439 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER | 3440 CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS }, 3441 }; 3442 static const SimpleChainStatusCheck simpleStatus27Broken[] = { 3443 { sizeof(elementStatus27Broken) / sizeof(elementStatus27Broken[0]), 3444 elementStatus27Broken }, 3445 }; 3446 static CONST_DATA_BLOB chain28[] = { 3447 { sizeof(chain28_0), chain28_0 }, 3448 { sizeof(chain28_1), chain28_1 }, 3449 }; 3450 static const CERT_TRUST_STATUS elementStatus28[] = { 3451 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3452 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3453 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3454 }; 3455 static const SimpleChainStatusCheck simpleStatus28[] = { 3456 { sizeof(elementStatus28) / sizeof(elementStatus28[0]), elementStatus28 }, 3457 }; 3458 static CONST_DATA_BLOB chain29[] = { 3459 { sizeof(chain0_0), chain0_0 }, 3460 { sizeof(chain29_1), chain29_1 }, 3461 }; 3462 static CONST_DATA_BLOB chain30[] = { 3463 { sizeof(chain0_0), chain0_0 }, 3464 { sizeof(chain30_1), chain30_1 }, 3465 { sizeof(chain30_2), chain30_2 }, 3466 }; 3467 static const CERT_TRUST_STATUS elementStatus30[] = { 3468 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3469 { CERT_TRUST_INVALID_EXTENSION | CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT, 3470 CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3471 { CERT_TRUST_IS_UNTRUSTED_ROOT, 3472 CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3473 }; 3474 static const SimpleChainStatusCheck simpleStatus30[] = { 3475 { sizeof(elementStatus30) / sizeof(elementStatus30[0]), elementStatus30 }, 3476 }; 3477 static CONST_DATA_BLOB chain31[] = { 3478 { sizeof(chain0_0), chain0_0 }, 3479 { sizeof(chain31_1), chain31_1 }, 3480 }; 3481 static CONST_DATA_BLOB selfSignedChain[] = { 3482 { sizeof(selfSignedCert), selfSignedCert } 3483 }; 3484 static const CERT_TRUST_STATUS selfSignedElementStatus[] = { 3485 { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 3486 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, 3487 }; 3488 static const SimpleChainStatusCheck selfSignedSimpleStatus[] = { 3489 { sizeof(selfSignedElementStatus) / sizeof(selfSignedElementStatus[0]), 3490 selfSignedElementStatus }, 3491 }; 3492 static CONST_DATA_BLOB googleChain[] = { 3493 { sizeof(geotrust_global_ca), geotrust_global_ca }, 3494 { sizeof(google_internet_authority), google_internet_authority }, 3495 { sizeof(google_com), google_com }, 3496 }; 3497 /* The Google cert is only valid from 11/10/2016 to 2/2/2017, so with the date 3498 * tested (October 2016) it's not time valid. 3499 */ 3500 static const CERT_TRUST_STATUS googleElementStatus[] = { 3501 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3502 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3503 { CERT_TRUST_NO_ERROR, 3504 /* TODO_INFO */ 3505 CERT_TRUST_HAS_KEY_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_PREFERRED_ISSUER}, 3506 }; 3507 static const SimpleChainStatusCheck googleSimpleStatus[] = { 3508 { sizeof(googleElementStatus) / sizeof(googleElementStatus[0]), 3509 googleElementStatus }, 3510 }; 3511 static CONST_DATA_BLOB battlenetChain[] = { 3512 { sizeof(thawte_primary_ca), thawte_primary_ca }, 3513 { sizeof(thawte_ssl_ca), thawte_ssl_ca }, 3514 { sizeof(battlenet), battlenet }, 3515 }; 3516 /* The openssl cert is only valid from 9/12/2008 to 9/13/2012, so with the date 3517 * tested (October 2007) it's not time valid. 3518 */ 3519 static CONST_DATA_BLOB opensslChain[] = { 3520 { sizeof(global_sign_root), global_sign_root }, 3521 { sizeof(global_sign_ca), global_sign_ca }, 3522 { sizeof(openssl_org), openssl_org }, 3523 }; 3524 static const CERT_TRUST_STATUS opensslElementStatus[] = { 3525 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3526 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3527 { CERT_TRUST_NO_ERROR, 3528 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED}, 3529 }; 3530 static const SimpleChainStatusCheck opensslSimpleStatus[] = { 3531 { sizeof(opensslElementStatus) / sizeof(opensslElementStatus[0]), 3532 opensslElementStatus }, 3533 }; 3534 /* The OpenSSL chain may not have its root trusted, in which case the chain 3535 * is truncated (on Win98). 3536 */ 3537 static CONST_DATA_BLOB incompleteOpensslChain[] = { 3538 { sizeof(global_sign_ca), global_sign_ca }, 3539 { sizeof(openssl_org), openssl_org }, 3540 }; 3541 static const CERT_TRUST_STATUS incompleteOpensslElementStatus[] = { 3542 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3543 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3544 }; 3545 static const SimpleChainStatusCheck incompleteOpensslSimpleStatus[] = { 3546 { sizeof(incompleteOpensslElementStatus) / sizeof(incompleteOpensslElementStatus[0]), 3547 incompleteOpensslElementStatus }, 3548 }; 3549 /* 3550 * USERTrust -> InCommon RSA CA -> cs.stanford.edu 3551 * cs.stanford.edu's cert is only valid from 10/21/2016 to 10/22/2019, so with 3552 * the date tested (October 1, 2016) it's not time valid. 3553 */ 3554 static CONST_DATA_BLOB stanfordChain[] = { 3555 { sizeof(usertrust_ca), usertrust_ca }, 3556 { sizeof(incommon_rsa_ca), incommon_rsa_ca }, 3557 { sizeof(cs_stanford_edu), cs_stanford_edu }, 3558 }; 3559 static const CERT_TRUST_STATUS stanfordElementStatus[] = { 3560 { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3561 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, 3562 { CERT_TRUST_NO_ERROR, 3563 CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED}, 3564 }; 3565 static const SimpleChainStatusCheck stanfordSimpleStatus[] = { 3566 { sizeof(stanfordElementStatus) / sizeof(stanfordElementStatus[0]), 3567 stanfordElementStatus }, 3568 }; 3569 static ChainCheck chainCheck[] = { 3570 /* Windows XP erroneously sets CERT_TRUST_HAS_PREFERRED_ISSUER on all 3571 * elements, so ignore it. 3572 * Windows 98/NT4 also set CERT_TRUST_IS_NOT_TIME_NESTED on chains they 3573 * shouldn't, so ignore those too. 3574 */ 3575 { { sizeof(chain0) / sizeof(chain0[0]), chain0 }, 3576 { { CERT_TRUST_IS_NOT_TIME_NESTED, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3577 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3578 1, simpleStatus0 }, 0, &oct2007 }, 3579 { { sizeof(chain1) / sizeof(chain1[0]), chain1 }, 3580 { { CERT_TRUST_IS_NOT_TIME_NESTED, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3581 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_SIGNATURE_VALID | 3582 CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3583 1, simpleStatus1 }, 0, &oct2007 }, 3584 { { sizeof(chain2) / sizeof(chain2[0]), chain2 }, 3585 { { CERT_TRUST_IS_NOT_TIME_NESTED, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3586 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3587 1, simpleStatus2 }, 0, &oct2007 }, 3588 /* Earlier versions of Windows incorrectly don't set 3589 * CERT_TRUST_INVALID_BASIC_CONSTRAINTS on this chain. 3590 */ 3591 { { sizeof(chain3) / sizeof(chain3[0]), chain3 }, 3592 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_INVALID_BASIC_CONSTRAINTS, 3593 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3594 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | 3595 CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3596 1, simpleStatus3 }, 0, &oct2007 }, 3597 /* Earlier versions of Windows incorrectly don't set 3598 * CERT_TRUST_INVALID_BASIC_CONSTRAINTS on this chain. 3599 */ 3600 { { sizeof(chain4) / sizeof(chain4[0]), chain4 }, 3601 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_INVALID_BASIC_CONSTRAINTS, 3602 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3603 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | 3604 CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3605 1, simpleStatus4 }, 0, &oct2007 }, 3606 /* Windows versions prior to Vista/2008 incorrectly set 3607 * CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT on this chain, so ignore it. 3608 * Similarly, some older versions of Windows incorrectly set 3609 * CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, ignore that too. 3610 */ 3611 { { sizeof(chain5) / sizeof(chain5[0]), chain5 }, 3612 { { CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3613 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3614 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3615 { CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT | 3616 CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus5 }, 0, &oct2007 }, 3617 { { sizeof(chain6) / sizeof(chain6[0]), chain6 }, 3618 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3619 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus6 }, 0, &oct2007 }, 3620 { { sizeof(chain7) / sizeof(chain7[0]), chain7 }, 3621 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3622 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus7 }, 0, &oct2007 }, 3623 /* Earlier versions of Windows incorrectly don't set 3624 * CERT_TRUST_INVALID_BASIC_CONSTRAINTS on this chain. 3625 */ 3626 { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, 3627 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_INVALID_BASIC_CONSTRAINTS, 3628 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3629 { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | 3630 CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3631 1, simpleStatus8 }, 0, &oct2007 }, 3632 /* Earlier versions of Windows incorrectly don't set 3633 * CERT_TRUST_INVALID_BASIC_CONSTRAINTS on this chain. 3634 */ 3635 { { sizeof(chain9) / sizeof(chain9[0]), chain9 }, 3636 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_INVALID_BASIC_CONSTRAINTS, 3637 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3638 { CERT_TRUST_IS_PARTIAL_CHAIN | 3639 CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_CYCLIC, 0 }, 3640 1, simpleStatus9 }, 0, &oct2007 }, 3641 { { sizeof(chain10) / sizeof(chain10[0]), chain10 }, 3642 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3643 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, 0, &oct2007 }, 3644 { { sizeof(chain11) / sizeof(chain11[0]), chain11 }, 3645 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3646 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, 0, &oct2007 }, 3647 { { sizeof(chain12) / sizeof(chain12[0]), chain12 }, 3648 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3649 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_SIGNATURE_VALID, 0 }, 3650 1, simpleStatus12 }, 0, &oct2007 }, 3651 { { sizeof(chain13) / sizeof(chain13[0]), chain13 }, 3652 { { CERT_TRUST_IS_NOT_TIME_NESTED, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3653 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus13 }, 3654 0, &oct2007 }, 3655 { { sizeof(chain14) / sizeof(chain14[0]), chain14 }, 3656 { { CERT_TRUST_IS_NOT_TIME_NESTED, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3657 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus14 }, 3658 0, &oct2007 }, 3659 /* Earlier versions of crypt32 incorrectly do not complain that the end cert's 3660 * key usage is invalid, so ignore that error. 3661 */ 3662 { { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 3663 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3664 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3665 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 0 }, 3666 1, simpleStatus15 }, 3667 0, &oct2007 }, 3668 { { sizeof(chain16) / sizeof(chain16[0]), chain16 }, 3669 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3670 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3671 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 0 }, 3672 1, simpleStatus16 }, 3673 0, &oct2007 }, 3674 { { sizeof(chain17) / sizeof(chain17[0]), chain17 }, 3675 { { CERT_TRUST_IS_NOT_TIME_NESTED, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3676 { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus17 }, 3677 0, &oct2007 }, 3678 { { sizeof(chain18) / sizeof(chain18[0]), chain18 }, 3679 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3680 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3681 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 0 }, 3682 1, simpleStatus18 }, 3683 0, &oct2007 }, 3684 /* Older versions of crypt32 set CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT 3685 * even though the constraint and alt name match. 3686 * They also do not set CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS, since they 3687 * incorrectly find a name constraint error. 3688 */ 3689 { { sizeof(chain19) / sizeof(chain19[0]), chain19 }, 3690 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3691 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT, 3692 CERT_TRUST_HAS_PREFERRED_ISSUER | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS 3693 }, 3694 { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS }, 3695 1, simpleStatus19 }, 3696 0, &oct2007 }, 3697 /* Older versions of crypt32 do not set 3698 * CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, though they should. So 3699 * ignore it (on Windows) but require it (on Wine.) 3700 */ 3701 { { sizeof(chain20) / sizeof(chain20[0]), chain20 }, 3702 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3703 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3704 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3705 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3706 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3707 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3708 1, simpleStatus20 }, 3709 0, &oct2007 }, 3710 { { sizeof(chain21) / sizeof(chain21[0]), chain21 }, 3711 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3712 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT, 3713 CERT_TRUST_HAS_PREFERRED_ISSUER | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS 3714 }, 3715 { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS }, 3716 1, simpleStatus21 }, 3717 0, &oct2007 }, 3718 { { sizeof(chain22) / sizeof(chain22[0]), chain22 }, 3719 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3720 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3721 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3722 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3723 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3724 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3725 1, simpleStatus22 }, 3726 0, &oct2007 }, 3727 { { sizeof(chain23) / sizeof(chain23[0]), chain23 }, 3728 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3729 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3730 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3731 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3732 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3733 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3734 1, simpleStatus23 }, 3735 0, &oct2007 }, 3736 { { sizeof(chain24) / sizeof(chain24[0]), chain24 }, 3737 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3738 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3739 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3740 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3741 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3742 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3743 1, simpleStatus24 }, 3744 0, &oct2007 }, 3745 { { sizeof(chain25) / sizeof(chain25[0]), chain25 }, 3746 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3747 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3748 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3749 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3750 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3751 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3752 1, simpleStatus25 }, 3753 0, &oct2007 }, 3754 { { sizeof(chain26) / sizeof(chain26[0]), chain26 }, 3755 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3756 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3757 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3758 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3759 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3760 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3761 1, simpleStatus26 }, 3762 0, &oct2007 }, 3763 /* chain27 is handled separately elsewhere */ 3764 { { sizeof(chain28) / sizeof(chain28[0]), chain28 }, 3765 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3766 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3767 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 3768 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3769 { CERT_TRUST_IS_UNTRUSTED_ROOT | 3770 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 }, 3771 1, simpleStatus28 }, 3772 0, &oct2007 }, 3773 /* chain29 is handled separately elsewhere */ 3774 /* Microsoft incorrectly ignores unknown/unsupported critical extensions on 3775 * older Windows versions, so ignore the error on Windows. 3776 */ 3777 { { sizeof(chain30) / sizeof(chain30[0]), chain30 }, 3778 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3779 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | 3780 CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT | 3781 CERT_TRUST_INVALID_EXTENSION | 3782 CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT, 3783 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3784 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_EXTENSION | 3785 CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT, 0 }, 3786 1, simpleStatus30 }, 3787 0, &oct2007 }, 3788 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, 3789 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3790 { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 3791 1, selfSignedSimpleStatus }, 0, &oct2007 }, 3792 /* The google chain may or may not have its root trusted, so ignore the error. 3793 * The chain is also considered not time nested on Win98, so ignore that 3794 * error too. 3795 * TODO_INFO: If the root cert is considered self-signed, InfoStatus is hardcoded in Wine 3796 * e.g. has always CERT_TRUST_HAS_NAME_MATCH_ISSUER flag 3797 * @see CRYPT_CheckSimpleChain 3798 */ 3799 { { sizeof(googleChain) / sizeof(googleChain[0]), googleChain }, 3800 { { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_NESTED, 3801 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3802 { CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3803 1, googleSimpleStatus }, TODO_INFO, &oct2016 }, 3804 /* The stanford chain may or may not have its root trusted, so ignore the error 3805 */ 3806 { { sizeof(stanfordChain) / sizeof(stanfordChain[0]), stanfordChain }, 3807 { { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3808 { CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3809 1, stanfordSimpleStatus }, 0, &oct2016 }, 3810 }; 3811 3812 static const CERT_TRUST_STATUS elementStatus8NoStore[] = { 3813 { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, 3814 }; 3815 static const SimpleChainStatusCheck simpleStatus8NoStore[] = { 3816 { sizeof(elementStatus8NoStore) / sizeof(elementStatus8NoStore[0]), 3817 elementStatus8NoStore }, 3818 }; 3819 static ChainCheck chainCheckNoStore[] = { 3820 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, 3821 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3822 { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 3823 1, selfSignedSimpleStatus }, 3824 0 }, 3825 { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, 3826 { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3827 { CERT_TRUST_IS_PARTIAL_CHAIN, 0 }, 3828 1, simpleStatus8NoStore }, 3829 0 }, 3830 }; 3831 3832 /* The openssl chain may or may not have its root trusted, so ignore the error 3833 */ 3834 static ChainCheck opensslChainCheck = 3835 { { sizeof(opensslChain) / sizeof(opensslChain[0]), opensslChain }, 3836 { { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3837 { CERT_TRUST_IS_NOT_TIME_VALID, 0 }, 3838 1, opensslSimpleStatus }, 0 }; 3839 static ChainCheck incompleteOpensslChainCheck = 3840 { { sizeof(incompleteOpensslChain) / sizeof(incompleteOpensslChain[0]), 3841 incompleteOpensslChain }, 3842 { { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_PREFERRED_ISSUER }, 3843 { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_PARTIAL_CHAIN, 0 }, 3844 1, incompleteOpensslSimpleStatus }, 0 }; 3845 3846 /* Chain27 checks a certificate with a subject alternate name containing an 3847 * embedded NULL. Newer crypt32 versions fail to decode such alternate names, 3848 * correctly prohibiting them. Older crypt32 versions do not. Rather than 3849 * ignoring the expected error bits, check each version separately depending 3850 * on the chain's error status. 3851 */ 3852 static ChainCheck chainCheckEmbeddedNull = { 3853 { sizeof(chain27) / sizeof(chain27[0]), chain27 }, 3854 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3855 CERT_TRUST_HAS_PREFERRED_ISSUER }, 3856 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_NAME_CONSTRAINTS | 3857 CERT_TRUST_INVALID_EXTENSION, 0 }, 3858 1, simpleStatus27 }, 3859 0 }; 3860 static ChainCheck chainCheckEmbeddedNullBroken = { 3861 { sizeof(chain27) / sizeof(chain27[0]), chain27 }, 3862 { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE | 3863 CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT, 3864 CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS | CERT_TRUST_HAS_PREFERRED_ISSUER }, 3865 { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT, 3866 CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS }, 3867 1, simpleStatus27Broken }, 3868 0 }; 3869 3870 #define test_name_blob(a,b) _test_name_blob(__LINE__,a,b) 3871 static void _test_name_blob(unsigned line, CERT_NAME_BLOB *blob, const char *exdata) 3872 { 3873 char buf[1024]; 3874 3875 CertNameToStrA(CRYPT_ASN_ENCODING, blob, CERT_SIMPLE_NAME_STR, buf, sizeof(buf)); 3876 ok_(__FILE__,line)(!strcmp(buf, exdata), "got string %s, expected %s\n", buf, exdata); 3877 } 3878 3879 static void testGetCertChain(void) 3880 { 3881 BOOL ret; 3882 PCCERT_CONTEXT cert; 3883 CERT_CHAIN_PARA para = { 0 }; 3884 PCCERT_CHAIN_CONTEXT chain; 3885 const CERT_SIMPLE_CHAIN *simple_chain; 3886 const CERT_CHAIN_ELEMENT *chain_elem; 3887 FILETIME fileTime; 3888 DWORD i; 3889 HCERTSTORE store; 3890 static char one_two_three[] = "1.2.3"; 3891 static char oid_server_auth[] = szOID_PKIX_KP_SERVER_AUTH; 3892 LPSTR oids[2]; 3893 3894 /* Basic parameter checks */ 3895 if (0) 3896 { 3897 /* Crash on Vista */ 3898 ret = pCertGetCertificateChain(NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL); 3899 ok(!ret && GetLastError() == E_INVALIDARG, 3900 "Expected E_INVALIDARG, got %08x\n", GetLastError()); 3901 } 3902 ret = pCertGetCertificateChain(NULL, NULL, NULL, NULL, NULL, 0, NULL, 3903 &chain); 3904 ok(!ret && GetLastError() == E_INVALIDARG, 3905 "Expected E_INVALIDARG, got %08x\n", GetLastError()); 3906 /* Crash 3907 ret = pCertGetCertificateChain(NULL, NULL, NULL, NULL, ¶, 0, NULL, NULL); 3908 ret = pCertGetCertificateChain(NULL, NULL, NULL, NULL, ¶, 0, NULL, 3909 &chain); 3910 */ 3911 cert = CertCreateCertificateContext(X509_ASN_ENCODING, bigCert, 3912 sizeof(bigCert)); 3913 if (0) 3914 { 3915 /* Crash on Vista */ 3916 ret = pCertGetCertificateChain(NULL, cert, NULL, NULL, NULL, 0, NULL, NULL); 3917 ok(!ret && GetLastError() == E_INVALIDARG, 3918 "Expected E_INVALIDARG, got %08x\n", GetLastError()); 3919 } 3920 /* Crash 3921 ret = pCertGetCertificateChain(NULL, cert, NULL, NULL, ¶, 0, NULL, NULL); 3922 */ 3923 3924 /* Tests with an invalid cert (one whose signature is bad) */ 3925 SetLastError(0xdeadbeef); 3926 ret = pCertGetCertificateChain(NULL, cert, NULL, NULL, ¶, 0, NULL, 3927 &chain); 3928 ok(!ret, "Expected failure\n"); 3929 ok(GetLastError() == ERROR_INVALID_DATA || 3930 GetLastError() == CRYPT_E_ASN1_BADTAG /* Vista */, 3931 "Expected ERROR_INVALID_DATA or CRYPT_E_ASN1_BADTAG, got %d\n", GetLastError()); 3932 para.cbSize = sizeof(para); 3933 SetLastError(0xdeadbeef); 3934 ret = pCertGetCertificateChain(NULL, cert, NULL, NULL, ¶, 0, NULL, 3935 &chain); 3936 ok(!ret, "Expected failure\n"); 3937 ok(GetLastError() == ERROR_INVALID_DATA || 3938 GetLastError() == CRYPT_E_ASN1_BADTAG /* Vista */, 3939 "Expected ERROR_INVALID_DATA or CRYPT_E_ASN1_BADTAG, got %d\n", GetLastError()); 3940 3941 para.cbSize = 0; 3942 SetLastError(0xdeadbeef); 3943 ret = pCertGetCertificateChain(NULL, cert, NULL, NULL, ¶, 0, NULL, 3944 &chain); 3945 ok(!ret, "Expected failure\n"); 3946 ok(GetLastError() == ERROR_INVALID_DATA || 3947 GetLastError() == CRYPT_E_ASN1_BADTAG, /* Vista and higher */ 3948 "Expected ERROR_INVALID_DATA or CRYPT_E_ASN1_BADTAG, got %d\n", GetLastError()); 3949 3950 CertFreeCertificateContext(cert); 3951 3952 /* Test usage match with Google's cert */ 3953 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 3954 CERT_STORE_CREATE_NEW_FLAG, NULL); 3955 CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, 3956 geotrust_global_ca, sizeof(geotrust_global_ca), CERT_STORE_ADD_ALWAYS, NULL); 3957 CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, 3958 google_internet_authority, sizeof(google_internet_authority), CERT_STORE_ADD_ALWAYS, NULL); 3959 cert = CertCreateCertificateContext(X509_ASN_ENCODING, 3960 google_com, sizeof(google_com)); 3961 SystemTimeToFileTime(&oct2009, &fileTime); 3962 memset(¶, 0, sizeof(para)); 3963 para.cbSize = sizeof(para); 3964 oids[0] = one_two_three; 3965 para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND; 3966 para.RequestedUsage.Usage.rgpszUsageIdentifier = oids; 3967 para.RequestedUsage.Usage.cUsageIdentifier = 1; 3968 ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶, 3969 0, NULL, &chain); 3970 ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError()); 3971 if (ret) 3972 { 3973 ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3974 "expected CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n"); 3975 pCertFreeCertificateChain(chain); 3976 } 3977 oids[0] = oid_server_auth; 3978 ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶, 3979 0, NULL, &chain); 3980 ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError()); 3981 if (ret) 3982 { 3983 ok(!(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE), 3984 "didn't expect CERT_TRUST_IS_NOT_VALID_FOR_USAGE, got %x\n", chain->TrustStatus.dwErrorStatus); 3985 pCertFreeCertificateChain(chain); 3986 } 3987 oids[1] = one_two_three; 3988 para.RequestedUsage.Usage.cUsageIdentifier = 2; 3989 para.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND; 3990 ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶, 3991 0, NULL, &chain); 3992 ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError()); 3993 if (ret) 3994 { 3995 ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE, 3996 "expected CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n"); 3997 pCertFreeCertificateChain(chain); 3998 } 3999 para.RequestedUsage.dwType = USAGE_MATCH_TYPE_OR; 4000 ret = pCertGetCertificateChain(NULL, cert, &fileTime, store, ¶, 4001 0, NULL, &chain); 4002 ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError()); 4003 if (ret) 4004 { 4005 ok(!(chain->TrustStatus.dwErrorStatus & 4006 CERT_TRUST_IS_NOT_VALID_FOR_USAGE), 4007 "didn't expect CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n"); 4008 pCertFreeCertificateChain(chain); 4009 } 4010 CertCloseStore(store, 0); 4011 CertFreeCertificateContext(cert); 4012 4013 for (i = 0; i < sizeof(chainCheck) / sizeof(chainCheck[0]); i++) 4014 { 4015 chain = getChain(NULL, &chainCheck[i].certs, 0, TRUE, chainCheck[i].validfor, 4016 chainCheck[i].todo, i); 4017 if (chain) 4018 { 4019 checkChainStatus(chain, &chainCheck[i].status, chainCheck[i].todo, 4020 "chainCheck", i); 4021 pCertFreeCertificateChain(chain); 4022 } 4023 } 4024 chain = getChain(NULL, &opensslChainCheck.certs, 0, TRUE, &oct2007, 4025 opensslChainCheck.todo, 0); 4026 if (chain) 4027 { 4028 ok(chain->TrustStatus.dwErrorStatus == 4029 opensslChainCheck.status.status.dwErrorStatus || 4030 broken((chain->TrustStatus.dwErrorStatus & 4031 ~incompleteOpensslChainCheck.status.statusToIgnore.dwErrorStatus) == 4032 (incompleteOpensslChainCheck.status.status.dwErrorStatus & 4033 ~incompleteOpensslChainCheck.status.statusToIgnore.dwErrorStatus)), 4034 "unexpected chain error status %08x\n", 4035 chain->TrustStatus.dwErrorStatus); 4036 if (opensslChainCheck.status.status.dwErrorStatus == 4037 chain->TrustStatus.dwErrorStatus) 4038 checkChainStatus(chain, &opensslChainCheck.status, 4039 opensslChainCheck.todo, "opensslChainCheck", 0); 4040 else 4041 checkChainStatus(chain, &incompleteOpensslChainCheck.status, 4042 incompleteOpensslChainCheck.todo, "incompleteOpensslChainCheck", 4043 0); 4044 pCertFreeCertificateChain(chain); 4045 } 4046 for (i = 0; i < sizeof(chainCheckNoStore) / sizeof(chainCheckNoStore[0]); 4047 i++) 4048 { 4049 chain = getChain(NULL, &chainCheckNoStore[i].certs, 0, FALSE, &oct2007, 4050 chainCheckNoStore[i].todo, i); 4051 if (chain) 4052 { 4053 checkChainStatus(chain, &chainCheckNoStore[i].status, 4054 chainCheckNoStore[i].todo, "chainCheckNoStore", i); 4055 pCertFreeCertificateChain(chain); 4056 } 4057 } 4058 chain = getChain(NULL, &chainCheckEmbeddedNull.certs, 0, TRUE, &oct2007, 4059 chainCheckEmbeddedNull.todo, 0); 4060 if (chain) 4061 { 4062 ok(chain->TrustStatus.dwErrorStatus == 4063 chainCheckEmbeddedNull.status.status.dwErrorStatus || 4064 broken((chain->TrustStatus.dwErrorStatus & 4065 ~chainCheckEmbeddedNullBroken.status.statusToIgnore.dwErrorStatus) == 4066 (chainCheckEmbeddedNullBroken.status.status.dwErrorStatus & 4067 ~chainCheckEmbeddedNullBroken.status.statusToIgnore.dwErrorStatus)), 4068 "unexpected chain error status %08x\n", 4069 chain->TrustStatus.dwErrorStatus); 4070 if (chainCheckEmbeddedNull.status.status.dwErrorStatus == 4071 chain->TrustStatus.dwErrorStatus) 4072 checkChainStatus(chain, &chainCheckEmbeddedNull.status, 4073 chainCheckEmbeddedNull.todo, "chainCheckEmbeddedNull", 0); 4074 else 4075 checkChainStatus(chain, &chainCheckEmbeddedNullBroken.status, 4076 chainCheckEmbeddedNullBroken.todo, "chainCheckEmbeddedNullBroken", 4077 0); 4078 pCertFreeCertificateChain(chain); 4079 } 4080 4081 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, NULL); 4082 ok(store != NULL, "CertOpenStore failed: %u\n", GetLastError()); 4083 4084 ret = CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, winehq_org, sizeof(winehq_org), 4085 CERT_STORE_ADD_ALWAYS, &cert); 4086 ok(ret, "CertAddEncodedCertificateToStore failed: %u\n", GetLastError()); 4087 4088 oids[0] = oid_server_auth; 4089 memset(¶, 0, sizeof(para)); 4090 para.cbSize = sizeof(para); 4091 para.RequestedUsage.Usage.cUsageIdentifier = 1; 4092 para.RequestedUsage.Usage.rgpszUsageIdentifier = oids; 4093 SystemTimeToFileTime(&jun2013, &fileTime); 4094 4095 /* Pass store that does not contain all certs in chain. */ 4096 ret = CertGetCertificateChain(NULL, cert, &fileTime, store, ¶, 0, NULL, &chain); 4097 ok(ret, "CertGetCertificateChain failed: %u\n", GetLastError()); 4098 4099 if(chain->TrustStatus.dwErrorStatus == CERT_TRUST_IS_PARTIAL_CHAIN) { /* win2k */ 4100 win_skip("winehq cert reported as partial chain, skipping its tests\n"); 4101 pCertFreeCertificateChain(chain); 4102 CertCloseStore(store, 0); 4103 return; 4104 } 4105 4106 ok(!chain->TrustStatus.dwErrorStatus, "chain->TrustStatus.dwErrorStatus = %x\n", chain->TrustStatus.dwErrorStatus); 4107 todo_wine 4108 ok(chain->TrustStatus.dwInfoStatus == CERT_TRUST_HAS_PREFERRED_ISSUER, "chain->TrustStatus.dwInfoStatus = %x\n", 4109 chain->TrustStatus.dwInfoStatus); 4110 4111 ok(chain->cChain == 1, "chain->cChain = %d\n", chain->cChain); 4112 ok(!chain->cLowerQualityChainContext, "chain->cLowerQualityChainContext = %x\n", chain->cLowerQualityChainContext); 4113 ok(!chain->rgpLowerQualityChainContext, "chain->rgpLowerQualityChainContext = %p\n", chain->rgpLowerQualityChainContext); 4114 4115 simple_chain = *chain->rgpChain; 4116 ok(simple_chain->cbSize == sizeof(*simple_chain), "simple_chain->cbSize = %u\n", simple_chain->cbSize); 4117 ok(!simple_chain->TrustStatus.dwErrorStatus, "simple_chain->TrustStatus.dwErrorStatus = %x\n", 4118 simple_chain->TrustStatus.dwErrorStatus); 4119 todo_wine 4120 ok(simple_chain->TrustStatus.dwInfoStatus == CERT_TRUST_HAS_PREFERRED_ISSUER, 4121 "simple_chain->TrustStatus.dwInfoStatus = %x\n", simple_chain->TrustStatus.dwInfoStatus); 4122 ok(simple_chain->cElement == 3, "simple_chain->cElement = %u\n", simple_chain->cElement); 4123 4124 for(i=0; i < simple_chain->cElement; i++) { 4125 chain_elem = simple_chain->rgpElement[i]; 4126 ok(chain_elem->cbSize == sizeof(*chain_elem), "chain_elem->cbSize = %u\n", chain_elem->cbSize); 4127 4128 ok(!chain_elem->TrustStatus.dwErrorStatus, "chain_elem->TrustStatus.dwErrorStatus = %x\n", 4129 chain_elem->TrustStatus.dwErrorStatus); 4130 trace("info[%u] = %x\n", i, chain_elem->TrustStatus.dwInfoStatus); 4131 ok(chain_elem->pCertContext->dwCertEncodingType == CRYPT_ASN_ENCODING, 4132 "chain_elem->pCertContext->dwCertEncodingType = %x\n", 4133 chain_elem->pCertContext->dwCertEncodingType); 4134 } 4135 4136 ok(simple_chain->rgpElement[0]->pCertContext == cert, "simple_chain->rgpElement[0]->pCertContext != cert\n"); 4137 test_name_blob(&simple_chain->rgpElement[1]->pCertContext->pCertInfo->Issuer, "US, GeoTrust Inc., GeoTrust Global CA"); 4138 test_name_blob(&simple_chain->rgpElement[1]->pCertContext->pCertInfo->Subject, "US, \"GeoTrust, Inc.\", RapidSSL CA"); 4139 test_name_blob(&simple_chain->rgpElement[2]->pCertContext->pCertInfo->Issuer, "US, GeoTrust Inc., GeoTrust Global CA"); 4140 test_name_blob(&simple_chain->rgpElement[2]->pCertContext->pCertInfo->Subject, "US, GeoTrust Inc., GeoTrust Global CA"); 4141 4142 pCertFreeCertificateChain(chain); 4143 4144 /* Test HCCE_LOCAL_MACHINE */ 4145 ret = CertGetCertificateChain(HCCE_LOCAL_MACHINE, cert, &fileTime, store, ¶, 0, NULL, &chain); 4146 ok(ret, "CertGetCertificateChain failed: %u\n", GetLastError()); 4147 pCertFreeCertificateChain(chain); 4148 4149 CertFreeCertificateContext(cert); 4150 CertCloseStore(store, 0); 4151 } 4152 4153 static void test_CERT_CHAIN_PARA_cbSize(void) 4154 { 4155 BOOL ret; 4156 PCCERT_CONTEXT cert; 4157 CERT_CHAIN_PARA para = { 0 }; 4158 PCCERT_CHAIN_CONTEXT chain; 4159 HCERTSTORE store; 4160 DWORD i; 4161 4162 store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 4163 CERT_STORE_CREATE_NEW_FLAG, NULL); 4164 4165 ret = CertAddEncodedCertificateToStore(store, 4166 X509_ASN_ENCODING, chain0_0, sizeof(chain0_0), 4167 CERT_STORE_ADD_ALWAYS, NULL); 4168 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError()); 4169 ret = CertAddEncodedCertificateToStore(store, 4170 X509_ASN_ENCODING, chain0_1, sizeof(chain0_1), 4171 CERT_STORE_ADD_ALWAYS, &cert); 4172 ok(ret, "CertAddEncodedCertificateToStore failed: %08x\n", GetLastError()); 4173 4174 for (i = 0; i < sizeof(CERT_CHAIN_PARA) + 2; i++) 4175 { 4176 FILETIME fileTime; 4177 4178 SystemTimeToFileTime(&oct2007, &fileTime); 4179 4180 para.cbSize = i; 4181 ret = pCertGetCertificateChain(NULL, cert, &fileTime, 4182 NULL, ¶, 0, NULL, &chain); 4183 ok(ret, "CertGetCertificateChain failed %u\n", GetLastError()); 4184 pCertFreeCertificateChain(chain); 4185 } 4186 4187 CertFreeCertificateContext(cert); 4188 CertCloseStore(store, 0); 4189 } 4190 4191 typedef struct _ChainPolicyCheck 4192 { 4193 CONST_BLOB_ARRAY certs; 4194 CERT_CHAIN_POLICY_STATUS status; 4195 const CERT_CHAIN_POLICY_STATUS *brokenStatus; 4196 DWORD todo; 4197 } ChainPolicyCheck; 4198 4199 static const ChainPolicyCheck basePolicyCheck[] = { 4200 { { sizeof(chain0) / sizeof(chain0[0]), chain0 }, 4201 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4202 { { sizeof(chain1) / sizeof(chain1[0]), chain1 }, 4203 { 0, TRUST_E_CERT_SIGNATURE, 0, 0, NULL }, NULL, 0 }, 4204 { { sizeof(chain2) / sizeof(chain2[0]), chain2 }, 4205 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4206 { { sizeof(chain3) / sizeof(chain3[0]), chain3 }, 4207 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4208 { { sizeof(chain4) / sizeof(chain4[0]), chain4 }, 4209 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4210 { { sizeof(chain5) / sizeof(chain5[0]), chain5 }, 4211 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4212 { { sizeof(chain6) / sizeof(chain6[0]), chain6 }, 4213 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4214 { { sizeof(chain7) / sizeof(chain7[0]), chain7 }, 4215 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4216 { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, 4217 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4218 { { sizeof(chain9) / sizeof(chain9[0]), chain9 }, 4219 { 0, CERT_E_CHAINING, 0, -1, NULL }, NULL, 0 }, 4220 { { sizeof(chain10) / sizeof(chain10[0]), chain10 }, 4221 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4222 { { sizeof(chain11) / sizeof(chain11[0]), chain11 }, 4223 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4224 { { sizeof(chain12) / sizeof(chain12[0]), chain12 }, 4225 { 0, TRUST_E_CERT_SIGNATURE, 0, 1, NULL }, NULL, 0 }, 4226 { { sizeof(chain13) / sizeof(chain13[0]), chain13 }, 4227 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4228 { { sizeof(chain14) / sizeof(chain14[0]), chain14 }, 4229 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4230 { { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 4231 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4232 { { sizeof(chain16) / sizeof(chain16[0]), chain16 }, 4233 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4234 { { sizeof(chain17) / sizeof(chain17[0]), chain17 }, 4235 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4236 { { sizeof(chain18) / sizeof(chain18[0]), chain18 }, 4237 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4238 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, 4239 { 0, CERT_E_UNTRUSTEDROOT, 0, 0, NULL }, NULL, 0 }, 4240 }; 4241 4242 /* Windows NT 4 has a different error code when the validity period doesn't 4243 * nest. (It's arguably more correct than other Windows versions, but since 4244 * others do not emulate its behavior, we mark its behavior broken.) 4245 */ 4246 static const CERT_CHAIN_POLICY_STATUS badDateNestingStatus = 4247 { 0, CERT_E_VALIDITYPERIODNESTING, 0, 0, NULL }; 4248 4249 static const ChainPolicyCheck ignoredBadDateNestingBasePolicyCheck = { 4250 { sizeof(chain2) / sizeof(chain2[0]), chain2 }, 4251 { 0, CERT_E_EXPIRED, 0, 1, NULL}, &badDateNestingStatus, TODO_ELEMENTS 4252 }; 4253 4254 static const ChainPolicyCheck ignoredInvalidDateBasePolicyCheck = { 4255 { sizeof(googleChain) / sizeof(googleChain[0]), googleChain }, 4256 { 0, CERT_E_EXPIRED, 0, 1, NULL}, &badDateNestingStatus, TODO_ELEMENTS 4257 }; 4258 4259 static const ChainPolicyCheck ignoredInvalidUsageBasePolicyCheck = { 4260 { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 4261 { 0, CERT_E_EXPIRED, 0, 1, NULL}, NULL, TODO_ERROR 4262 }; 4263 4264 static const ChainPolicyCheck invalidUsageBasePolicyCheck = { 4265 { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 4266 { 0, CERT_E_WRONG_USAGE, 0, 1, NULL}, NULL, 0 4267 }; 4268 4269 static const ChainPolicyCheck sslPolicyCheck[] = { 4270 { { sizeof(chain0) / sizeof(chain0[0]), chain0 }, 4271 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4272 { { sizeof(chain1) / sizeof(chain1[0]), chain1 }, 4273 { 0, TRUST_E_CERT_SIGNATURE, 0, 0, NULL }, NULL, 0 }, 4274 { { sizeof(chain2) / sizeof(chain2[0]), chain2 }, 4275 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4276 { { sizeof(chain3) / sizeof(chain3[0]), chain3 }, 4277 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4278 { { sizeof(chain4) / sizeof(chain4[0]), chain4 }, 4279 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4280 { { sizeof(chain5) / sizeof(chain5[0]), chain5 }, 4281 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4282 { { sizeof(chain6) / sizeof(chain6[0]), chain6 }, 4283 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4284 { { sizeof(chain7) / sizeof(chain7[0]), chain7 }, 4285 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4286 { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, 4287 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4288 { { sizeof(chain9) / sizeof(chain9[0]), chain9 }, 4289 { 0, CERT_E_UNTRUSTEDROOT, 0, -1, NULL }, NULL, 0 }, 4290 { { sizeof(chain10) / sizeof(chain10[0]), chain10 }, 4291 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4292 { { sizeof(chain11) / sizeof(chain11[0]), chain11 }, 4293 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4294 { { sizeof(chain12) / sizeof(chain12[0]), chain12 }, 4295 { 0, TRUST_E_CERT_SIGNATURE, 0, 1, NULL }, NULL, 0 }, 4296 { { sizeof(chain13) / sizeof(chain13[0]), chain13 }, 4297 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4298 { { sizeof(chain14) / sizeof(chain14[0]), chain14 }, 4299 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4300 { { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 4301 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4302 { { sizeof(chain16) / sizeof(chain16[0]), chain16 }, 4303 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4304 { { sizeof(chain17) / sizeof(chain17[0]), chain17 }, 4305 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4306 { { sizeof(chain18) / sizeof(chain18[0]), chain18 }, 4307 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4308 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, 4309 { 0, CERT_E_UNTRUSTEDROOT, 0, 0, NULL }, NULL, 0 }, 4310 }; 4311 4312 static const ChainPolicyCheck ignoredUnknownCAPolicyCheck = { 4313 { sizeof(chain0) / sizeof(chain0[0]), chain0 }, 4314 { 0, CERT_E_EXPIRED, 0, 0, NULL }, NULL, 0 4315 }; 4316 4317 static const ChainPolicyCheck googlePolicyCheckWithMatchingNameExpired = { 4318 { sizeof(googleChain) / sizeof(googleChain[0]), googleChain }, 4319 { 0, CERT_E_EXPIRED, 0, 0, NULL}, NULL, 0 4320 }; 4321 4322 /* Win98 sees the chain as expired, even though it isn't for the date tested */ 4323 static const CERT_CHAIN_POLICY_STATUS expiredStatus = 4324 { 0, CERT_E_EXPIRED, 0, 0, NULL }; 4325 4326 static const ChainPolicyCheck googlePolicyCheckWithMatchingName = { 4327 { sizeof(googleChain) / sizeof(googleChain[0]), googleChain }, 4328 { 0, 0, -1, -1, NULL}, &expiredStatus, 0 4329 }; 4330 4331 /* Win98 does not trust the root of the OpenSSL chain or the Stanford chain */ 4332 static const CERT_CHAIN_POLICY_STATUS untrustedRootStatus = 4333 { 0, CERT_E_UNTRUSTEDROOT, 0, 0, NULL }; 4334 4335 static const ChainPolicyCheck opensslPolicyCheckWithMatchingName = { 4336 { sizeof(opensslChain) / sizeof(opensslChain[0]), opensslChain }, 4337 { 0, 0, -1, -1, NULL}, &untrustedRootStatus, 0 4338 }; 4339 4340 static const ChainPolicyCheck opensslPolicyCheckWithoutMatchingName = { 4341 { sizeof(opensslChain) / sizeof(opensslChain[0]), opensslChain }, 4342 { 0, CERT_E_CN_NO_MATCH, 0, 0, NULL}, &untrustedRootStatus, 0 4343 }; 4344 4345 static const ChainPolicyCheck winehqPolicyCheckWithMatchingName = { 4346 { sizeof(chain29) / sizeof(chain29[0]), chain29 }, 4347 { 0, 0, -1, -1, NULL}, NULL, 0 4348 }; 4349 4350 static const ChainPolicyCheck winehqPolicyCheckWithoutMatchingName = { 4351 { sizeof(chain29) / sizeof(chain29[0]), chain29 }, 4352 { 0, CERT_E_CN_NO_MATCH, 0, 0, NULL}, NULL, 0 4353 }; 4354 4355 static const ChainPolicyCheck stanfordPolicyCheckWithMatchingName = { 4356 { sizeof(stanfordChain) / sizeof(stanfordChain[0]), stanfordChain }, 4357 { 0, 0, -1, -1, NULL}, &untrustedRootStatus, 0 4358 }; 4359 4360 static const ChainPolicyCheck stanfordPolicyCheckWithoutMatchingName = { 4361 { sizeof(stanfordChain) / sizeof(stanfordChain[0]), stanfordChain }, 4362 { 0, CERT_E_CN_NO_MATCH, 0, 0, NULL}, &untrustedRootStatus, 0 4363 }; 4364 4365 static const ChainPolicyCheck nullTerminatedDomainComponentPolicyCheck = { 4366 { sizeof(battlenetChain) / sizeof(battlenetChain[0]), battlenetChain }, 4367 { 0, 0, -1, -1, NULL}, &untrustedRootStatus, 0 4368 }; 4369 4370 static const ChainPolicyCheck invalidExtensionPolicyCheck = { 4371 { sizeof(chain30) / sizeof(chain30[0]), chain30 }, 4372 { 0, CERT_E_CRITICAL, 0, 1, NULL}, &badDateNestingStatus, 0 4373 }; 4374 4375 static const ChainPolicyCheck fooPolicyCheckWithMatchingName = { 4376 { sizeof(chain31) / sizeof(chain31[0]), chain31 }, 4377 { 0, 0, -1, -1, NULL}, NULL, 0 4378 }; 4379 4380 static const ChainPolicyCheck fooPolicyCheckWithoutMatchingName = { 4381 { sizeof(chain31) / sizeof(chain31[0]), chain31 }, 4382 { 0, CERT_E_CN_NO_MATCH, 0, 0, NULL}, NULL, 0 4383 }; 4384 4385 static const ChainPolicyCheck authenticodePolicyCheck[] = { 4386 { { sizeof(chain0) / sizeof(chain0[0]), chain0 }, 4387 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4388 { { sizeof(chain1) / sizeof(chain1[0]), chain1 }, 4389 { 0, TRUST_E_CERT_SIGNATURE, 0, 0, NULL }, NULL, 0 }, 4390 { { sizeof(chain2) / sizeof(chain2[0]), chain2 }, 4391 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4392 { { sizeof(chain3) / sizeof(chain3[0]), chain3 }, 4393 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4394 { { sizeof(chain4) / sizeof(chain4[0]), chain4 }, 4395 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4396 { { sizeof(chain5) / sizeof(chain5[0]), chain5 }, 4397 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4398 { { sizeof(chain6) / sizeof(chain6[0]), chain6 }, 4399 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4400 { { sizeof(chain7) / sizeof(chain7[0]), chain7 }, 4401 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4402 { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, 4403 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4404 { { sizeof(chain9) / sizeof(chain9[0]), chain9 }, 4405 { 0, CERT_E_CHAINING, 0, -1, NULL }, NULL, 0 }, 4406 { { sizeof(chain10) / sizeof(chain10[0]), chain10 }, 4407 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4408 { { sizeof(chain11) / sizeof(chain11[0]), chain11 }, 4409 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4410 { { sizeof(chain12) / sizeof(chain12[0]), chain12 }, 4411 { 0, TRUST_E_CERT_SIGNATURE, 0, 1, NULL }, NULL, 0 }, 4412 { { sizeof(chain13) / sizeof(chain13[0]), chain13 }, 4413 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4414 { { sizeof(chain14) / sizeof(chain14[0]), chain14 }, 4415 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4416 { { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 4417 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4418 { { sizeof(chain16) / sizeof(chain16[0]), chain16 }, 4419 { 0, CERT_E_UNTRUSTEDROOT, 0, 1, NULL }, NULL, 0 }, 4420 { { sizeof(chain17) / sizeof(chain17[0]), chain17 }, 4421 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4422 { { sizeof(chain18) / sizeof(chain18[0]), chain18 }, 4423 { 0, CERT_E_UNTRUSTEDROOT, 0, 2, NULL }, NULL, 0 }, 4424 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, 4425 { 0, CERT_E_UNTRUSTEDROOT, 0, 0, NULL }, NULL, 0 }, 4426 }; 4427 4428 /* On some older systems, the element index is set to 2 rather than 1 for 4429 * chain 4, because they do not catch the basic constraints error in the 4430 * chain, which occurs at element 1. 4431 */ 4432 static const CERT_CHAIN_POLICY_STATUS chain4BrokenStatus = 4433 { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 2, NULL }; 4434 4435 static const ChainPolicyCheck basicConstraintsPolicyCheck[] = { 4436 { { sizeof(chain0) / sizeof(chain0[0]), chain0 }, 4437 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4438 { { sizeof(chain1) / sizeof(chain1[0]), chain1 }, 4439 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4440 { { sizeof(chain2) / sizeof(chain2[0]), chain2 }, 4441 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4442 { { sizeof(chain3) / sizeof(chain3[0]), chain3 }, 4443 { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, NULL, 0 }, 4444 { { sizeof(chain4) / sizeof(chain4[0]), chain4 }, 4445 { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, &chain4BrokenStatus, 0 }, 4446 { { sizeof(chain5) / sizeof(chain5[0]), chain5 }, 4447 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4448 { { sizeof(chain6) / sizeof(chain6[0]), chain6 }, 4449 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4450 { { sizeof(chain7) / sizeof(chain7[0]), chain7 }, 4451 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4452 { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, 4453 { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, NULL, 0 }, 4454 { { sizeof(chain9) / sizeof(chain9[0]), chain9 }, 4455 { 0, TRUST_E_BASIC_CONSTRAINTS, 0, 1, NULL }, NULL, 0 }, 4456 { { sizeof(chain10) / sizeof(chain10[0]), chain10 }, 4457 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4458 { { sizeof(chain11) / sizeof(chain11[0]), chain11 }, 4459 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4460 { { sizeof(chain12) / sizeof(chain12[0]), chain12 }, 4461 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4462 { { sizeof(chain13) / sizeof(chain13[0]), chain13 }, 4463 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4464 { { sizeof(chain14) / sizeof(chain14[0]), chain14 }, 4465 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4466 { { sizeof(chain15) / sizeof(chain15[0]), chain15 }, 4467 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4468 { { sizeof(chain16) / sizeof(chain16[0]), chain16 }, 4469 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4470 { { sizeof(chain17) / sizeof(chain17[0]), chain17 }, 4471 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4472 { { sizeof(chain18) / sizeof(chain18[0]), chain18 }, 4473 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4474 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, 4475 { 0, 0, -1, -1, NULL }, NULL, 0 }, 4476 }; 4477 4478 static const char *num_to_str(WORD num) 4479 { 4480 static char buf[6]; 4481 4482 sprintf(buf, "#%04X", num); 4483 return buf; 4484 } 4485 4486 static void checkChainPolicyStatus(LPCSTR policy, HCERTCHAINENGINE engine, 4487 const ChainPolicyCheck *check, LPCSTR testName, DWORD testIndex, 4488 SYSTEMTIME *sysTime, PCERT_CHAIN_POLICY_PARA para) 4489 { 4490 PCCERT_CHAIN_CONTEXT chain = getChain(engine, &check->certs, 0, TRUE, 4491 sysTime, check->todo, testIndex); 4492 4493 if (chain) 4494 { 4495 CERT_CHAIN_POLICY_STATUS policyStatus = { 0 }; 4496 BOOL ret = pCertVerifyCertificateChainPolicy(policy, chain, para, 4497 &policyStatus); 4498 4499 if (check->todo & TODO_POLICY) 4500 todo_wine ok(ret, 4501 "%s[%d](%s): CertVerifyCertificateChainPolicy failed: %08x\n", 4502 testName, testIndex, 4503 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy, 4504 GetLastError()); 4505 else 4506 { 4507 if (!ret && GetLastError() == ERROR_FILE_NOT_FOUND) 4508 { 4509 skip("%s[%d]: missing policy %s, skipping test\n", 4510 testName, testIndex, 4511 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy); 4512 pCertFreeCertificateChain(chain); 4513 return; 4514 } 4515 ok(ret, "%s[%d](%s): CertVerifyCertificateChainPolicy failed: %08x\n", 4516 testName, testIndex, 4517 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy, 4518 GetLastError()); 4519 } 4520 if (ret) 4521 { 4522 todo_wine_if (check->todo & TODO_ERROR) 4523 ok(policyStatus.dwError == check->status.dwError || 4524 broken(policyStatus.dwError == CERT_TRUST_NO_ERROR) || 4525 (check->brokenStatus && broken(policyStatus.dwError == 4526 check->brokenStatus->dwError)), 4527 "%s[%d](%s): expected %08x, got %08x\n", 4528 testName, testIndex, 4529 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy, 4530 check->status.dwError, policyStatus.dwError); 4531 if (policyStatus.dwError != check->status.dwError) 4532 { 4533 skip("%s[%d](%s): error %08x doesn't match expected %08x, not checking indexes\n", 4534 testName, testIndex, 4535 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy, 4536 policyStatus.dwError, check->status.dwError); 4537 pCertFreeCertificateChain(chain); 4538 return; 4539 } 4540 todo_wine_if (check->todo & TODO_CHAINS) 4541 ok(policyStatus.lChainIndex == check->status.lChainIndex || 4542 (check->brokenStatus && broken(policyStatus.lChainIndex == 4543 check->brokenStatus->lChainIndex)), 4544 "%s[%d](%s): expected %d, got %d\n", 4545 testName, testIndex, 4546 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy, 4547 check->status.lChainIndex, policyStatus.lChainIndex); 4548 todo_wine_if (check->todo & TODO_ELEMENTS) 4549 ok(policyStatus.lElementIndex == check->status.lElementIndex || 4550 (check->brokenStatus && broken(policyStatus.lElementIndex == 4551 check->brokenStatus->lElementIndex)), 4552 "%s[%d](%s): expected %d, got %d\n", 4553 testName, testIndex, 4554 IS_INTOID(policy) ? num_to_str(LOWORD(policy)) : policy, 4555 check->status.lElementIndex, policyStatus.lElementIndex); 4556 } 4557 pCertFreeCertificateChain(chain); 4558 } 4559 } 4560 4561 #define CHECK_CHAIN_POLICY_STATUS_ARRAY(policy, engine, array, date, para) \ 4562 do { \ 4563 DWORD i; \ 4564 for (i = 0; i < sizeof(array) / sizeof(array)[0]; i++) \ 4565 checkChainPolicyStatus((policy), (engine), &(array)[i], \ 4566 #array, i, (date), (para)); \ 4567 } while(0) 4568 4569 #define CHECK_CHAIN_POLICY_STATUS(policy, engine, policyCheck, date, para) \ 4570 checkChainPolicyStatus((policy), (engine), &(policyCheck), \ 4571 #policyCheck, 0, (date), (para)) 4572 4573 static void check_base_policy(void) 4574 { 4575 CERT_CHAIN_POLICY_PARA policyPara = { 0 }; 4576 4577 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_BASE, NULL, 4578 basePolicyCheck, &oct2007, NULL); 4579 policyPara.cbSize = sizeof(policyPara); 4580 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG; 4581 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4582 ignoredUnknownCAPolicyCheck, &oct2007, &policyPara); 4583 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG | 4584 CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG; 4585 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4586 ignoredBadDateNestingBasePolicyCheck, &oct2007, &policyPara); 4587 policyPara.dwFlags = CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG; 4588 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4589 ignoredInvalidDateBasePolicyCheck, &oct2007, &policyPara); 4590 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG | 4591 CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG; 4592 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4593 ignoredInvalidUsageBasePolicyCheck, &oct2007, &policyPara); 4594 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG | 4595 CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG | 4596 CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG; 4597 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4598 ignoredInvalidUsageBasePolicyCheck, &oct2007, &policyPara); 4599 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG | 4600 CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG; 4601 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4602 invalidUsageBasePolicyCheck, &oct2007, &policyPara); 4603 /* Test chain30, which has an invalid critical extension in an intermediate 4604 * cert, against the base policy. 4605 */ 4606 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG; 4607 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_BASE, NULL, 4608 invalidExtensionPolicyCheck, &oct2007, &policyPara); 4609 } 4610 4611 static void check_authenticode_policy(void) 4612 { 4613 CERT_CHAIN_POLICY_PARA policyPara = { 0 }; 4614 SYSTEMTIME epochStart = { 0 }; 4615 4616 /* The authenticode policy doesn't seem to check anything beyond the base 4617 * policy. It might check for chains signed by the MS test cert, but none 4618 * of these chains is. 4619 */ 4620 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, 4621 authenticodePolicyCheck, &oct2007, NULL); 4622 policyPara.cbSize = sizeof(policyPara); 4623 policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG; 4624 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, 4625 ignoredUnknownCAPolicyCheck, &oct2007, &policyPara); 4626 epochStart.wDay = epochStart.wMonth = 1; 4627 epochStart.wYear = 1601; 4628 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, 4629 ignoredUnknownCAPolicyCheck, &epochStart, &policyPara); 4630 policyPara.dwFlags = CERT_CHAIN_POLICY_IGNORE_NOT_TIME_VALID_FLAG; 4631 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_AUTHENTICODE, NULL, 4632 ignoredInvalidDateBasePolicyCheck, &oct2007, &policyPara); 4633 } 4634 4635 static void check_ssl_policy(void) 4636 { 4637 CERT_CHAIN_POLICY_PARA policyPara = { 0 }; 4638 SSL_EXTRA_CERT_CHAIN_POLICY_PARA sslPolicyPara = { { 0 } }; 4639 WCHAR winehq[] = { 'w','i','n','e','h','q','.','o','r','g',0 }; 4640 WCHAR google_dot_com[] = { 'w','w','w','.','g','o','o','g','l','e','.', 4641 'c','o','m',0 }; 4642 WCHAR battle_dot_net[] = { 'w','w','w','.','b','a','t','t','l','e','.', 4643 'n','e','t',0 }; 4644 WCHAR a_dot_openssl_dot_org[] = { 'a','.','o','p','e','n','s','s','l','.', 4645 'o','r','g',0 }; 4646 WCHAR openssl_dot_org[] = { 'o','p','e','n','s','s','l','.','o','r','g',0 }; 4647 WCHAR fopenssl_dot_org[] = { 'f','o','p','e','n','s','s','l','.', 4648 'o','r','g',0 }; 4649 WCHAR a_dot_b_dot_openssl_dot_org[] = { 'a','.','b','.', 4650 'o','p','e','n','s','s','l','.','o','r','g',0 }; 4651 WCHAR cs_dot_stanford_dot_edu[] = { 'c','s','.', 4652 's','t','a','n','f','o','r','d','.','e','d','u',0 }; 4653 WCHAR www_dot_cs_dot_stanford_dot_edu[] = { 'w','w','w','.','c','s','.', 4654 's','t','a','n','f','o','r','d','.','e','d','u',0 }; 4655 WCHAR a_dot_cs_dot_stanford_dot_edu[] = { 'a','.','c','s','.', 4656 's','t','a','n','f','o','r','d','.','e','d','u',0 }; 4657 WCHAR test_dot_winehq_dot_org[] = { 't','e','s','t','.', 4658 'w','i','n','e','h','q','.','o','r','g',0 }; 4659 WCHAR a_dot_b_dot_winehq_dot_org[] = { 'a','.','b','.', 4660 'w','i','n','e','h','q','.','o','r','g',0 }; 4661 WCHAR foo_dot_com[] = { 'f','o','o','.','c','o','m',0 }; 4662 WCHAR afoo_dot_com[] = { 'a','f','o','o','.','c','o','m',0 }; 4663 WCHAR a_dot_foo_dot_com[] = { 'a','.','f','o','o','.','c','o','m',0 }; 4664 HCERTSTORE testRoot; 4665 CERT_CHAIN_ENGINE_CONFIG engineConfig = { sizeof(engineConfig), 0 }; 4666 HCERTCHAINENGINE engine; 4667 4668 /* Check ssl policy with no parameter */ 4669 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4670 &oct2007, NULL); 4671 /* Check again with a policy parameter that specifies nothing */ 4672 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4673 &oct2007, &policyPara); 4674 /* Check yet again, but specify an empty SSL_EXTRA_CERT_CHAIN_POLICY_PARA 4675 * argument. 4676 */ 4677 policyPara.pvExtraPolicyPara = &sslPolicyPara; 4678 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4679 &oct2007, &policyPara); 4680 /* And again, but specify the auth type as a client */ 4681 sslPolicyPara.dwAuthType = AUTHTYPE_CLIENT; 4682 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4683 &oct2007, &policyPara); 4684 /* And again, but specify the auth type as a server */ 4685 sslPolicyPara.dwAuthType = AUTHTYPE_SERVER; 4686 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4687 &oct2007, &policyPara); 4688 /* And again authenticating a client, but specify the size of the policy 4689 * parameter. 4690 */ 4691 U(sslPolicyPara).cbSize = sizeof(sslPolicyCheck); 4692 sslPolicyPara.dwAuthType = AUTHTYPE_CLIENT; 4693 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4694 &oct2007, &policyPara); 4695 /* One more time authenticating a client, but specify winehq.org as the 4696 * server name. 4697 */ 4698 sslPolicyPara.pwszServerName = winehq; 4699 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4700 &oct2007, &policyPara); 4701 /* And again authenticating a server, still specifying winehq.org as the 4702 * server name. 4703 */ 4704 sslPolicyPara.dwAuthType = AUTHTYPE_SERVER; 4705 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4706 &oct2007, &policyPara); 4707 /* And again authenticating a server, this time specifying the size of the 4708 * policy param. 4709 */ 4710 policyPara.cbSize = sizeof(policyPara); 4711 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_SSL, NULL, sslPolicyCheck, 4712 &oct2007, &policyPara); 4713 /* And again, specifying a chain with an untrusted root, but ignoring 4714 * unknown CAs. 4715 */ 4716 sslPolicyPara.fdwChecks = SECURITY_FLAG_IGNORE_UNKNOWN_CA; 4717 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4718 ignoredUnknownCAPolicyCheck, &oct2007, &policyPara); 4719 sslPolicyPara.fdwChecks = 0; 4720 /* And again, but checking the Google chain at a bad date */ 4721 sslPolicyPara.pwszServerName = google_dot_com; 4722 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4723 googlePolicyCheckWithMatchingNameExpired, &oct2007, &policyPara); 4724 /* Again checking the Google chain at a bad date, but ignoring date 4725 * errors. 4726 */ 4727 sslPolicyPara.fdwChecks = SECURITY_FLAG_IGNORE_CERT_DATE_INVALID; 4728 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4729 googlePolicyCheckWithMatchingName, &oct2007, &policyPara); 4730 sslPolicyPara.fdwChecks = 0; 4731 /* And again, but checking the Google chain at a good date */ 4732 sslPolicyPara.pwszServerName = google_dot_com; 4733 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4734 googlePolicyCheckWithMatchingName, &nov2016, &policyPara); 4735 4736 /* Check again with the openssl cert, which has a wildcard in its name, 4737 * with various combinations of matching and non-matching names. 4738 * With "a.openssl.org": match 4739 */ 4740 sslPolicyPara.pwszServerName = a_dot_openssl_dot_org; 4741 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4742 opensslPolicyCheckWithMatchingName, &oct2009, &policyPara); 4743 /* With "openssl.org": no match */ 4744 sslPolicyPara.pwszServerName = openssl_dot_org; 4745 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4746 opensslPolicyCheckWithoutMatchingName, &oct2009, &policyPara); 4747 /* With "fopenssl.org": no match */ 4748 sslPolicyPara.pwszServerName = fopenssl_dot_org; 4749 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4750 opensslPolicyCheckWithoutMatchingName, &oct2009, &policyPara); 4751 /* with "a.b.openssl.org": no match */ 4752 sslPolicyPara.pwszServerName = a_dot_b_dot_openssl_dot_org; 4753 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4754 opensslPolicyCheckWithoutMatchingName, &oct2009, &policyPara); 4755 /* Check again with the cs.stanford.edu, which has both cs.stanford.edu 4756 * and www.cs.stanford.edu in its subject alternative name. 4757 * With "cs.stanford.edu": match 4758 */ 4759 sslPolicyPara.pwszServerName = cs_dot_stanford_dot_edu; 4760 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4761 stanfordPolicyCheckWithMatchingName, &nov2016, &policyPara); 4762 /* With "www.cs.stanford.edu": match */ 4763 sslPolicyPara.pwszServerName = www_dot_cs_dot_stanford_dot_edu; 4764 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4765 stanfordPolicyCheckWithMatchingName, &nov2016, &policyPara); 4766 /* With "a.cs.stanford.edu": no match */ 4767 sslPolicyPara.pwszServerName = a_dot_cs_dot_stanford_dot_edu; 4768 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4769 stanfordPolicyCheckWithoutMatchingName, &nov2016, &policyPara); 4770 /* Check chain29, which has a wildcard in its subject alternative name, 4771 * but not in its distinguished name. 4772 * Step 1: create a chain engine that trusts chain29's root. 4773 */ 4774 testRoot = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 4775 CERT_STORE_CREATE_NEW_FLAG, NULL); 4776 CertAddEncodedCertificateToStore(testRoot, X509_ASN_ENCODING, chain0_0, 4777 sizeof(chain0_0), CERT_STORE_ADD_ALWAYS, NULL); 4778 engineConfig.hExclusiveRoot = testRoot; 4779 if (!pCertCreateCertificateChainEngine(&engineConfig, &engine)) 4780 { 4781 skip("Couldn't create chain engine\n"); 4782 return; 4783 } 4784 /* With "winehq.org": no match */ 4785 sslPolicyPara.pwszServerName = winehq; 4786 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, engine, 4787 winehqPolicyCheckWithoutMatchingName, &oct2007, &policyPara); 4788 /* With "test.winehq.org": match */ 4789 sslPolicyPara.pwszServerName = test_dot_winehq_dot_org; 4790 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, engine, 4791 winehqPolicyCheckWithMatchingName, &oct2007, &policyPara); 4792 /* With "a.b.winehq.org": no match */ 4793 sslPolicyPara.pwszServerName = a_dot_b_dot_winehq_dot_org; 4794 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, engine, 4795 winehqPolicyCheckWithoutMatchingName, &oct2007, &policyPara); 4796 /* When specifying to ignore name mismatch: match */ 4797 sslPolicyPara.fdwChecks |= SECURITY_FLAG_IGNORE_CERT_CN_INVALID; 4798 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, engine, 4799 winehqPolicyCheckWithMatchingName, &oct2007, &policyPara); 4800 pCertFreeCertificateChainEngine(engine); 4801 CertCloseStore(testRoot, 0); 4802 /* Test chain30, which has an invalid critical extension in an intermediate 4803 * cert, against the SSL policy. 4804 */ 4805 sslPolicyPara.fdwChecks = SECURITY_FLAG_IGNORE_UNKNOWN_CA; 4806 sslPolicyPara.pwszServerName = NULL; 4807 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4808 invalidExtensionPolicyCheck, &oct2007, &policyPara); 4809 /* Test chain31, which has two CNs, "*.foo.com" and "foo.com", against 4810 * some names that match one of the CNs: 4811 */ 4812 sslPolicyPara.pwszServerName = foo_dot_com; 4813 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4814 fooPolicyCheckWithMatchingName, &oct2007, &policyPara); 4815 sslPolicyPara.pwszServerName = a_dot_foo_dot_com; 4816 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4817 fooPolicyCheckWithMatchingName, &oct2007, &policyPara); 4818 /* and against a name that doesn't match either CN: */ 4819 sslPolicyPara.pwszServerName = afoo_dot_com; 4820 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4821 fooPolicyCheckWithoutMatchingName, &oct2007, &policyPara); 4822 /* The Battle.Net chain checks a certificate with a domain component 4823 * containing a terminating NULL. 4824 */ 4825 sslPolicyPara.pwszServerName = battle_dot_net; 4826 CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL, 4827 nullTerminatedDomainComponentPolicyCheck, &oct2010, &policyPara); 4828 } 4829 4830 static void testVerifyCertChainPolicy(void) 4831 { 4832 BOOL ret; 4833 PCCERT_CONTEXT cert; 4834 CERT_CHAIN_PARA chainPara = { sizeof(CERT_CHAIN_PARA), { 0 } }; 4835 PCCERT_CHAIN_CONTEXT chain; 4836 CERT_CHAIN_POLICY_STATUS policyStatus = { 0 }; 4837 CERT_CHAIN_POLICY_PARA policyPara = { 0 }; 4838 4839 if (!pCertVerifyCertificateChainPolicy) 4840 { 4841 win_skip("CertVerifyCertificateChainPolicy() is not available\n"); 4842 return; 4843 } 4844 4845 /* Crash 4846 ret = pCertVerifyCertificateChainPolicy(NULL, NULL, NULL, NULL); 4847 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, NULL, NULL, 4848 NULL); 4849 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, NULL, 4850 &chainPara, NULL); 4851 */ 4852 SetLastError(0xdeadbeef); 4853 ret = pCertVerifyCertificateChainPolicy(NULL, NULL, NULL, &policyStatus); 4854 ok(!ret && GetLastError() == ERROR_FILE_NOT_FOUND, 4855 "Expected ERROR_FILE_NOT_FOUND, got %08x\n", GetLastError()); 4856 /* Crashes 4857 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, NULL, NULL, 4858 &policyStatus); 4859 */ 4860 cert = CertCreateCertificateContext(X509_ASN_ENCODING, selfSignedCert, 4861 sizeof(selfSignedCert)); 4862 pCertGetCertificateChain(NULL, cert, NULL, NULL, &chainPara, 0, NULL, 4863 &chain); 4864 /* Crash 4865 ret = pCertVerifyCertificateChainPolicy(NULL, chain, NULL, NULL); 4866 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, chain, NULL, 4867 NULL); 4868 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, chain, 4869 &chainPara, NULL); 4870 */ 4871 /* Size of policy status is apparently ignored, as is pChainPolicyPara */ 4872 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, chain, NULL, 4873 &policyStatus); 4874 ok(ret, "CertVerifyCertificateChainPolicy failed: %08x\n", GetLastError()); 4875 ok(policyStatus.dwError == CERT_E_UNTRUSTEDROOT || 4876 policyStatus.dwError == TRUST_E_CERT_SIGNATURE, /* win7 + win8 */ 4877 "Expected CERT_E_UNTRUSTEDROOT or TRUST_E_CERT_SIGNATURE, got %08x\n", policyStatus.dwError); 4878 ok(policyStatus.lChainIndex == 0 && policyStatus.lElementIndex == 0, 4879 "Expected both indexes 0, got %d, %d\n", policyStatus.lChainIndex, 4880 policyStatus.lElementIndex); 4881 ret = pCertVerifyCertificateChainPolicy(CERT_CHAIN_POLICY_BASE, chain, 4882 &policyPara, &policyStatus); 4883 ok(ret, "CertVerifyCertificateChainPolicy failed: %08x\n", GetLastError()); 4884 ok(policyStatus.dwError == CERT_E_UNTRUSTEDROOT || 4885 policyStatus.dwError == TRUST_E_CERT_SIGNATURE, /* win7 + win8 */ 4886 "Expected CERT_E_UNTRUSTEDROOT or TRUST_E_CERT_SIGNATURE, got %08x\n", policyStatus.dwError); 4887 ok(policyStatus.lChainIndex == 0 && policyStatus.lElementIndex == 0, 4888 "Expected both indexes 0, got %d, %d\n", policyStatus.lChainIndex, 4889 policyStatus.lElementIndex); 4890 pCertFreeCertificateChain(chain); 4891 CertFreeCertificateContext(cert); 4892 4893 check_base_policy(); 4894 check_ssl_policy(); 4895 check_authenticode_policy(); 4896 CHECK_CHAIN_POLICY_STATUS_ARRAY(CERT_CHAIN_POLICY_BASIC_CONSTRAINTS, NULL, 4897 basicConstraintsPolicyCheck, &oct2007, NULL); 4898 } 4899 4900 START_TEST(chain) 4901 { 4902 HMODULE hCrypt32 = GetModuleHandleA("crypt32.dll"); 4903 pCertCreateCertificateChainEngine = (void*)GetProcAddress(hCrypt32, "CertCreateCertificateChainEngine"); 4904 pCertGetCertificateChain = (void*)GetProcAddress(hCrypt32, "CertGetCertificateChain"); 4905 pCertFreeCertificateChain = (void*)GetProcAddress(hCrypt32, "CertFreeCertificateChain"); 4906 pCertFreeCertificateChainEngine = (void*)GetProcAddress(hCrypt32, "CertFreeCertificateChainEngine"); 4907 pCertVerifyCertificateChainPolicy = (void*)GetProcAddress(hCrypt32, "CertVerifyCertificateChainPolicy"); 4908 4909 testCreateCertChainEngine(); 4910 if (!pCertGetCertificateChain || !pCertFreeCertificateChain) 4911 { 4912 win_skip("Cert*CertificateChain functions not available\n"); 4913 } 4914 else 4915 { 4916 testVerifyCertChainPolicy(); 4917 testGetCertChain(); 4918 test_CERT_CHAIN_PARA_cbSize(); 4919 } 4920 } 4921