Commit 400ff6f0 authored by Paul Bakker's avatar Paul Bakker

- Corrected parsing of UTCTime dates before 1990 and after 1950

 - Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
parent a9507c06
......@@ -12,6 +12,14 @@ Changes
ticket #13). Also possible to remove PEM support for
systems only using DER encoding
Bugfixes
* Corrected parsing of UTCTime dates before 1990 and
after 1950
* Support more exotic OID's when parsing certificates
* Support more exotic name representations when parsing
certificates
* Replaced the expired test certificates
= Version 0.99-pre1 released on 2011-01-30
Features
Note: Most of these features have been donated by Fox-IT
......
......@@ -149,7 +149,8 @@
#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
#define OID_PKCS1_RSA OID_PKCS1 "\x01"
#define OID_PKCS1_RSA_SHA OID_PKCS1 "\x05"
#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01"
......
......@@ -353,9 +353,6 @@ static int x509_get_alg( unsigned char **p,
}
/*
* RelativeDistinguishedName ::=
* SET OF AttributeTypeAndValue
*
* AttributeTypeAndValue ::= SEQUENCE {
* type AttributeType,
* value AttributeValue }
......@@ -364,30 +361,18 @@ static int x509_get_alg( unsigned char **p,
*
* AttributeValue ::= ANY DEFINED BY AttributeType
*/
static int x509_get_name( unsigned char **p,
const unsigned char *end,
x509_name *cur )
static int x509_get_attr_type_value( unsigned char **p,
const unsigned char *end,
x509_name *cur )
{
int ret, len;
const unsigned char *end2;
x509_buf *oid;
x509_buf *val;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
end2 = end;
end = *p + len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
if( *p + len != end )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME |
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
oid = &cur->oid;
oid->tag = **p;
......@@ -418,9 +403,56 @@ static int x509_get_name( unsigned char **p,
cur->next = NULL;
if( *p != end )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME |
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
/*
* RelativeDistinguishedName ::=
* SET OF AttributeTypeAndValue
*
* AttributeTypeAndValue ::= SEQUENCE {
* type AttributeType,
* value AttributeValue }
*
* AttributeType ::= OBJECT IDENTIFIER
*
* AttributeValue ::= ANY DEFINED BY AttributeType
*/
static int x509_get_name( unsigned char **p,
const unsigned char *end,
x509_name *cur )
{
int ret, len;
const unsigned char *end2;
x509_name *use;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 )
return( POLARSSL_ERR_X509_CERT_INVALID_NAME | ret );
end2 = end;
end = *p + len;
use = cur;
do
{
if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 )
return( ret );
if( *p != end )
{
use->next = (x509_name *) malloc(
sizeof( x509_name ) );
if( use->next == NULL )
return( 1 );
memset( use->next, 0, sizeof( x509_name ) );
use = use->next;
}
}
while( *p != end );
/*
* recurse until end of SEQUENCE is reached
......@@ -472,7 +504,7 @@ static int x509_get_time( unsigned char **p,
&time->hour, &time->min, &time->sec ) < 5 )
return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
time->year += 100 * ( time->year < 90 );
time->year += 100 * ( time->year < 50 );
time->year += 1900;
*p += len;
......@@ -546,7 +578,7 @@ static int x509_get_pubkey( unsigned char **p,
x509_buf *pk_alg_oid,
mpi *N, mpi *E )
{
int ret, len;
int ret, len, can_handle;
unsigned char *end2;
if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 )
......@@ -555,8 +587,27 @@ static int x509_get_pubkey( unsigned char **p,
/*
* only RSA public keys handled at this time
*/
if( pk_alg_oid->len != 9 ||
memcmp( pk_alg_oid->p, OID_PKCS1_RSA, 9 ) != 0 )
can_handle = 0;
if( pk_alg_oid->len == 9 &&
memcmp( pk_alg_oid->p, OID_PKCS1_RSA, 9 ) == 0 )
can_handle = 1;
if( pk_alg_oid->len == 9 &&
memcmp( pk_alg_oid->p, OID_PKCS1, 8 ) == 0 )
{
if( pk_alg_oid->p[8] >= 2 && pk_alg_oid->p[8] <= 5 )
can_handle = 1;
if ( pk_alg_oid->p[8] >= 11 && pk_alg_oid->p[8] <= 14 )
can_handle = 1;
}
if( pk_alg_oid->len == 5 &&
memcmp( pk_alg_oid->p, OID_RSA_SHA_OBS, 5 ) == 0 )
can_handle = 1;
if( can_handle == 0 )
return( POLARSSL_ERR_X509_CERT_UNKNOWN_PK_ALG );
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
......@@ -1036,6 +1087,12 @@ static int x509_get_sig_alg( const x509_buf *sig_oid, int *sig_alg )
return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG );
}
if( sig_oid->len == 5 &&
memcmp( sig_oid->p, OID_RSA_SHA_OBS, 5 ) == 0 )
{
*sig_alg = SIG_RSA_SHA1;
return( 0 );
}
return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG );
}
......@@ -2887,6 +2944,7 @@ int x509_self_test( int verbose )
ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &i, NULL, NULL );
if( ret != 0 )
{
printf("%02x", i);
if( verbose != 0 )
printf( "failed\n" );
......
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEA3BN0gcYS9mddoWZy7dx5tlhcMliz1BT9bAJhnguZRmOjCkHU
QjMh5u1DB1odojtkKagqwWYoAFnYDEktMLc9jLtgYjGDJ39LlZIuoNbGhJRLs+Sm
zP8yOsXsTMkkWL+zM3dqtReLAhApjpWqkWAXQ0KHqHzaCYOYnXplXiBSBy5lpTH9
2XQeAMmunYFWiwgK9R6c3KJebNv/EYMV9NEkV5sP6zXJ8apGTnR//h2wkR+JSoTL
33XjzXeCYgnln20p3i4l2Ei2IL5Rl0wtIGUtKlCeJF1yleCiBkGMYeRQV3SWsSm1
oYg38Vyesp6Og41yO7Vc/rsSiXJcofnYGCmyJwIDAQABAoIBAAbw6iTJrYFuAyr7
AzbzVDdnFAlWeN2Ah/mnHZMRhJUOwW6qYtpvqGsTIqERu4uJWgBiWG7fHPXd342L
pUw7C0rsAf821o8hWa3u/V9/RqWZ08VpucUPa3MlGO3XDjlqWmmOI6RwiKbZAaaI
m+eX40PwzjyHK41PRDn7SUUtuciWJA8zz7f6mYqt3abRoaVpqEAs4OfreKvn60lN
SUgwrCVTVot7c+l+8QaXcvlH600um8Y/avLUbktxZMsSY47i0NIYmBGZahfvHLsE
MmJwlkTInSXPHvKjAoCA4Ny7QWLsx6+xdcig3ZjvFeHaus48hR9dohV1V488XtXP
u3ROIxkCgYEA8LpsoSjFCLL+6nz9Ca156UHD0oGUxVkxPH6ieHMnTCOT1ljl4WD2
pO26NxZI46eWkl48qNMvQujufRS6KUB59KfLK4Is7yYFLkacoxkRuiUT9r3sKhYs
MXU6ObiOA25gYCeu/OuRBbS6B/h03CuhVdkjbir28bbRUKuoi2fdLWsCgYEA6gmg
N2/e00G6YHdNIQRIcfoOvGKvZeEvwJCTwV1BxKKRNgCKMYUT6/50fJW7Nwo+Kfem
+4JCRz1/s9/N/F4pHo8DOHxRkQ+g55pi02S2kPJNYd4Mn1kxQ6s857PZkWCyyltD
y+WRXN3N9ZrAto7+5Etwr2d3tb5zNotdKAYtoTUCgYBeoqs53/E1rkiQnnpLZ6tZ
i8UT6GU4AAxfH9l3SK3WPNZNmb0lkRzlUZ+3MEePV77V474tEHiv8SpwecmFlhdb
mutAO3i2u1emDZReeeiCKTlj8t343aaZ+t/c+TS7HJU+t9sPCvyEJbxMjdxDAdP3
D9nh4XobJCe9cv5bb4V/6QKBgCLM1Z8Iqnh9UIphkv1y1pbkGObYQb6DcodOuDnL
dSkZB0ChaesdH646wvV3ikQP6Nhys8i4QMS5F1EW2VlKYxDhMRhoG/TW/xURNtq6
Ig+BiBIiY3waViH6x26oppRgbZV7ZqRd+XR2otZ/cWJz9uDZeuMKHpnOvPECXhLC
gGx1AoGAfYLKfsB9Im+x1+JwmRz1bMHV93XrQbt6OFt4MQhfcnZqebO7KT3E5/XF
NgjWiQcwTXPKzDxKE2YVpm/WKjh1ewypZ0eJa3PjbPG6aLlVtXGyNauQhyzlUwbZ
nmvjOi6uZv+U+hhvfsTcRIGMfwtohqSouG8wbz59ILXQoZNESaM=
MIIEpQIBAAKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1bYz/qrZBJre+Ea1ccxYM
ZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2BgtgBtU9uVEmvHLr2Eu30kN
nQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFnui4HZwsDL6IJ7fAzjwvO
EO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLySruvfJ2sWVrfc7NFVV6Vu
7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB37gdv3sBpWWi4B42t6Zc
zDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQABAoIBACV0r5n2zDvTnzRG
X2jfsFSmeq5jj6grTrdySxJNLT3d1EfhOXgylmGMaiL5EGIoI7BY5kAVgZKTxGRB
4urT02M7CXKQ0QKKhE+4ZHsAUbOQ7y1vVDVg9bQ2vYJLorziHJxUUCjLXn4dntVQ
Sdz0FO+pncfwAk1/aTfI3kgPd/qIsvnXfwnfSPkbn9JZeHSFuWR1nfaQzaz8y+h0
g+gNrEzweix+llPk1s7WtficQdIOhiuD4+f7uQmCiUpNlFgojRc+CxVGtw0eCB1o
74hNxswPGj9ianEGstzWWV2g4h83laTA2RvnGKsiZ0BisLw5KRmHkf0RPx+eZOBC
gMS/ruECgYEA9K00uYKDSNq8dlmTaiOM9ppKPDr2B++0xNf+8TKNhsLIDxnsJulW
LgZegCl6gExfyLbYT6XrG5FjNADSk5uD9oGqa1mPq6J7KAzpkZ1dvF/NtiHo4MAK
Obj/jo084HCWIqMEhfve6UmkMiGg+6ht40LWYdeqlEd2Lwe6QUHSqmMCgYEAwc7c
ZR+5kYeSjnLIxVbfHgBCcE44zcGnRI2wuzgZDQ+65rPnx5l6mEECmlzLudk7OSK7
XGZODu1W7l/CUja8io6cuhZPMsnSrm1KJ+mMe3qKUH+eaeeisEMxsK4ZdvCKsGTe
dg41Yi/V+TvsQocRqkSjq3bLaW3F/rQLJeZzpl0CgYEAmGL70IIhpBFfiVJWxqcn
lzsW+xY5v02ix2pDRROYI5NSqF0bwExZOUcMOkQbIKbwjQCcDlcm67+MCopsnDQi
Zzfw3PUlzt7eV15bZi6df8InS8Uo1jmk5Lh8qdr7TEmyqBXhrlTlS2RrGDHronEP
J5isDroUak9rovTsItKNE0MCgYEAwOZyOzyeaRk1aA8bgj97B9NeTYWtyC3tnLAi
rdWiKXv0nVeHZQWAHjbmrlmadLqg1beaINe67eSRV+V79nSAqLBVkmpOHdD/n5kr
7BnrN6O6M3EybVqedS4MMTy4H8g/Yl6jhYGS5M2T/eQEvhrOHFkBRtKQl7kpDuCJ
EAoWJgkCgYEA7Ey6LpS40L/fU5BosQwPGu82Sh/V+WRwR3QZZHxiyKoh1v3qAA/6
3jw/xsrM0Br311DUTUPRQQLnyAzmzZqWmJWEZU7YS55NdTG3R75NzB2ZAffV4W+Y
lE0G2DglzGeZQV8n3FK3fEu1hVkIoYfq4+6YqO6YPbpa49xbwZ2AJdU=
-----END RSA PRIVATE KEY-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: md2WithRSAEncryption
Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
Validity
Not Before: Jul 12 10:56:59 2009 GMT
Not After : Jul 12 10:56:59 2011 GMT
Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:dc:13:74:81:c6:12:f6:67:5d:a1:66:72:ed:dc:
79:b6:58:5c:32:58:b3:d4:14:fd:6c:02:61:9e:0b:
99:46:63:a3:0a:41:d4:42:33:21:e6:ed:43:07:5a:
1d:a2:3b:64:29:a8:2a:c1:66:28:00:59:d8:0c:49:
2d:30:b7:3d:8c:bb:60:62:31:83:27:7f:4b:95:92:
2e:a0:d6:c6:84:94:4b:b3:e4:a6:cc:ff:32:3a:c5:
ec:4c:c9:24:58:bf:b3:33:77:6a:b5:17:8b:02:10:
29:8e:95:aa:91:60:17:43:42:87:a8:7c:da:09:83:
98:9d:7a:65:5e:20:52:07:2e:65:a5:31:fd:d9:74:
1e:00:c9:ae:9d:81:56:8b:08:0a:f5:1e:9c:dc:a2:
5e:6c:db:ff:11:83:15:f4:d1:24:57:9b:0f:eb:35:
c9:f1:aa:46:4e:74:7f:fe:1d:b0:91:1f:89:4a:84:
cb:df:75:e3:cd:77:82:62:09:e5:9f:6d:29:de:2e:
25:d8:48:b6:20:be:51:97:4c:2d:20:65:2d:2a:50:
9e:24:5d:72:95:e0:a2:06:41:8c:61:e4:50:57:74:
96:b1:29:b5:a1:88:37:f1:5c:9e:b2:9e:8e:83:8d:
72:3b:b5:5c:fe:bb:12:89:72:5c:a1:f9:d8:18:29:
b2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
B7:51:D4:E5:20:D5:45:54:F4:C5:51:1B:E0:82:B5:61:05:AF:9B:B6
X509v3 Authority Key Identifier:
keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
Signature Algorithm: md2WithRSAEncryption
28:5a:dd:48:fb:ec:80:fe:de:b7:20:c0:4c:05:a9:4b:51:e9:
a7:d1:4b:5e:76:42:d2:5d:9a:14:19:3b:cb:f9:91:d7:0f:11:
c9:cd:dd:00:8b:2c:76:73:22:a0:19:49:81:63:40:30:48:27:
62:90:ca:b8:dc:33:35:b3:4b:58:ca:dc:07:66:87:2e:ea:44:
2a:6a:13:67:7a:32:5e:48:1d:88:88:c5:70:e6:e7:ec:1b:2f:
a7:f4:61:71:29:f6:66:93:30:60:7e:b3:4c:01:c8:2c:53:ce:
00:11:ec:bf:f6:f2:ce:51:97:d8:ed:ed:dc:c9:6b:b8:19:15:
c8:9a:61:6d:12:9a:99:25:d8:03:1d:a6:4c:20:a5:f8:46:a3:
05:32:bb:1a:8e:1a:65:0d:f3:13:35:1d:6f:73:28:31:12:d7:
c4:9e:73:a0:a7:ce:82:25:d1:40:e8:1b:77:60:f3:3e:81:7f:
19:ee:cf:97:4d:c8:c3:35:9b:72:98:3b:c3:35:43:14:0a:04:
21:7b:f7:db:e6:5f:ce:21:d1:ce:bf:b7:ef:c1:63:21:c2:78:
e1:37:aa:b1:e0:31:b3:b6:63:4c:fd:66:c8:e6:cf:f8:d9:97:
2f:cf:92:81:3f:d4:bf:ec:e2:ad:6e:39:c7:a6:a8:e0:32:b0:
2e:0d:e1:30
-----BEGIN CERTIFICATE-----
MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MDkwNzEyMTA1NjU5WhcNMTEwNzEyMTA1NjU5WjA8MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BN0gcYS9mddoWZy7dx5tlhcMliz
1BT9bAJhnguZRmOjCkHUQjMh5u1DB1odojtkKagqwWYoAFnYDEktMLc9jLtgYjGD
J39LlZIuoNbGhJRLs+SmzP8yOsXsTMkkWL+zM3dqtReLAhApjpWqkWAXQ0KHqHza
CYOYnXplXiBSBy5lpTH92XQeAMmunYFWiwgK9R6c3KJebNv/EYMV9NEkV5sP6zXJ
8apGTnR//h2wkR+JSoTL33XjzXeCYgnln20p3i4l2Ei2IL5Rl0wtIGUtKlCeJF1y
leCiBkGMYeRQV3SWsSm1oYg38Vyesp6Og41yO7Vc/rsSiXJcofnYGCmyJwIDAQAB
o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBS3UdTlINVFVPTFURvggrVhBa+btjAf
BgNVHSMEGDAWgBTPIjEnkdjCVP8e2tnuisWJMq0MITANBgkqhkiG9w0BAQIFAAOC
AQEAKFrdSPvsgP7etyDATAWpS1Hpp9FLXnZC0l2aFBk7y/mR1w8Ryc3dAIssdnMi
oBlJgWNAMEgnYpDKuNwzNbNLWMrcB2aHLupEKmoTZ3oyXkgdiIjFcObn7Bsvp/Rh
cSn2ZpMwYH6zTAHILFPOABHsv/byzlGX2O3t3MlruBkVyJphbRKamSXYAx2mTCCl
+EajBTK7Go4aZQ3zEzUdb3MoMRLXxJ5zoKfOgiXRQOgbd2DzPoF/Ge7Pl03IwzWb
cpg7wzVDFAoEIXv32+ZfziHRzr+378FjIcJ44TeqseAxs7ZjTP1myObP+NmXL8+S
gT/Uv+zirW45x6ao4DKwLg3hMA==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Serial Number: 5 (0x5)
Signature Algorithm: md4WithRSAEncryption
Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
Validity
Not Before: Jul 12 10:56:59 2009 GMT
Not After : Jul 12 10:56:59 2011 GMT
Not Before: Feb 12 14:44:07 2011 GMT
Not After : Feb 12 14:44:07 2021 GMT
Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:dc:13:74:81:c6:12:f6:67:5d:a1:66:72:ed:dc:
79:b6:58:5c:32:58:b3:d4:14:fd:6c:02:61:9e:0b:
99:46:63:a3:0a:41:d4:42:33:21:e6:ed:43:07:5a:
1d:a2:3b:64:29:a8:2a:c1:66:28:00:59:d8:0c:49:
2d:30:b7:3d:8c:bb:60:62:31:83:27:7f:4b:95:92:
2e:a0:d6:c6:84:94:4b:b3:e4:a6:cc:ff:32:3a:c5:
ec:4c:c9:24:58:bf:b3:33:77:6a:b5:17:8b:02:10:
29:8e:95:aa:91:60:17:43:42:87:a8:7c:da:09:83:
98:9d:7a:65:5e:20:52:07:2e:65:a5:31:fd:d9:74:
1e:00:c9:ae:9d:81:56:8b:08:0a:f5:1e:9c:dc:a2:
5e:6c:db:ff:11:83:15:f4:d1:24:57:9b:0f:eb:35:
c9:f1:aa:46:4e:74:7f:fe:1d:b0:91:1f:89:4a:84:
cb:df:75:e3:cd:77:82:62:09:e5:9f:6d:29:de:2e:
25:d8:48:b6:20:be:51:97:4c:2d:20:65:2d:2a:50:
9e:24:5d:72:95:e0:a2:06:41:8c:61:e4:50:57:74:
96:b1:29:b5:a1:88:37:f1:5c:9e:b2:9e:8e:83:8d:
72:3b:b5:5c:fe:bb:12:89:72:5c:a1:f9:d8:18:29:
b2:27
00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71:
75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7:
be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b:
05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0:
3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5:
44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1:
fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5:
ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e:
07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef:
67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9:
5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc:
92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5:
6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d:
97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8:
41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e:
36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25:
ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d:
17:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
B7:51:D4:E5:20:D5:45:54:F4:C5:51:1B:E0:82:B5:61:05:AF:9B:B6
7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C
X509v3 Authority Key Identifier:
keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
Signature Algorithm: md4WithRSAEncryption
3d:34:e7:aa:98:28:91:95:d4:df:be:66:4e:92:7f:25:f7:ce:
23:59:db:30:52:3f:67:a0:ab:06:18:be:32:ad:f9:d5:24:87:
90:c5:ac:42:a6:8f:2a:e3:b3:36:c4:9c:38:e4:2e:6a:64:26:
33:39:e0:46:4e:f5:09:a7:d2:cd:6a:16:30:49:80:81:4c:19:
43:2e:55:0d:b8:18:d6:db:8e:e0:3e:25:ca:a2:74:76:b7:1c:
97:13:db:21:83:50:38:eb:f7:36:d5:74:3d:fc:90:d8:7f:d6:
ad:2d:5d:ab:99:fc:45:41:c1:55:22:f7:57:c0:c5:24:a0:67:
a0:e8:03:f1:98:87:7a:be:d9:57:04:06:ba:57:29:ca:6e:33:
28:16:7d:fa:5c:2b:ae:40:78:01:6f:77:9f:54:94:fb:bb:73:
3f:f1:ca:81:4f:65:49:2c:1a:62:15:fe:0e:43:d3:81:10:b2:
b6:e9:92:f9:b8:be:cf:50:85:a4:65:af:ed:fa:58:6c:5c:90:
b1:ae:90:7a:a4:68:93:cf:85:6b:73:98:c0:a7:97:d7:03:59:
0c:97:33:1b:9d:5a:4a:9d:31:71:c3:e4:57:21:1e:9a:67:16:
89:ff:de:42:88:97:05:cf:ab:63:3b:a4:fc:7f:7b:4d:54:b7:
f5:bb:68:c4
94:db:e1:86:71:2d:43:d6:51:61:a7:95:bc:e8:73:da:ff:e4:
fd:41:0f:5c:de:14:f4:c4:ba:5d:2c:30:2c:a6:dc:2d:e8:87:
45:f1:c5:fe:d1:4a:64:99:19:09:2f:72:7c:3f:8d:c8:31:22:
dd:0a:69:03:3d:12:8c:4d:c3:f7:a3:c5:d1:5d:c9:ff:4b:83:
6b:d6:b4:e5:d8:ce:94:5e:ec:bf:68:c5:b2:63:8e:5c:cb:f3:
8d:62:73:82:62:7e:df:db:7d:0b:8d:21:10:db:9a:a1:62:4d:
46:42:d1:bb:38:32:ef:c1:fc:a1:e2:7f:60:08:37:32:20:2c:
7c:a2:c9:12:0d:89:fe:2b:15:08:91:79:e2:a9:79:a4:da:cd:
81:43:01:e2:09:2d:1a:f4:16:ef:af:4d:50:46:5e:2d:dd:48:
27:10:c0:42:b7:a5:9e:c2:1f:6e:50:36:03:ed:95:77:9a:a3:
d9:4c:d7:23:93:b1:24:2a:63:27:28:7a:de:3d:59:d2:92:c8:
8f:f6:39:1d:65:ab:09:78:05:46:90:a9:f6:10:b1:ef:c8:8c:
4d:7d:8d:f2:78:b7:88:15:09:7e:df:e9:87:a8:64:c1:95:53:
fb:da:05:b7:62:bc:ad:fb:d9:a4:a9:06:6c:6b:98:01:b9:39:
78:d3:4e:87
-----BEGIN CERTIFICATE-----
MIIDPzCCAiegAwIBAgIBCjANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER
MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MDkwNzEyMTA1NjU5WhcNMTEwNzEyMTA1NjU5WjA8MQswCQYDVQQGEwJOTDERMA8G
MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BN0gcYS9mddoWZy7dx5tlhcMliz
1BT9bAJhnguZRmOjCkHUQjMh5u1DB1odojtkKagqwWYoAFnYDEktMLc9jLtgYjGD
J39LlZIuoNbGhJRLs+SmzP8yOsXsTMkkWL+zM3dqtReLAhApjpWqkWAXQ0KHqHza
CYOYnXplXiBSBy5lpTH92XQeAMmunYFWiwgK9R6c3KJebNv/EYMV9NEkV5sP6zXJ
8apGTnR//h2wkR+JSoTL33XjzXeCYgnln20p3i4l2Ei2IL5Rl0wtIGUtKlCeJF1y
leCiBkGMYeRQV3SWsSm1oYg38Vyesp6Og41yO7Vc/rsSiXJcofnYGCmyJwIDAQAB
o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBS3UdTlINVFVPTFURvggrVhBa+btjAf
BgNVHSMEGDAWgBTPIjEnkdjCVP8e2tnuisWJMq0MITANBgkqhkiG9w0BAQMFAAOC
AQEAPTTnqpgokZXU375mTpJ/JffOI1nbMFI/Z6CrBhi+Mq351SSHkMWsQqaPKuOz
NsScOOQuamQmMzngRk71CafSzWoWMEmAgUwZQy5VDbgY1tuO4D4lyqJ0drcclxPb
IYNQOOv3NtV0PfyQ2H/WrS1dq5n8RUHBVSL3V8DFJKBnoOgD8ZiHer7ZVwQGulcp
ym4zKBZ9+lwrrkB4AW93n1SU+7tzP/HKgU9lSSwaYhX+DkPTgRCytumS+bi+z1CF
pGWv7fpYbFyQsa6QeqRok8+Fa3OYwKeX1wNZDJczG51aSp0xccPkVyEemmcWif/e
QoiXBc+rYzuk/H97TVS39btoxA==
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1
bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2Bgt
gBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFn
ui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLyS
ruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB
37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQAB
o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4TDAf
BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC
AQEAlNvhhnEtQ9ZRYaeVvOhz2v/k/UEPXN4U9MS6XSwwLKbcLeiHRfHF/tFKZJkZ
CS9yfD+NyDEi3QppAz0SjE3D96PF0V3J/0uDa9a05djOlF7sv2jFsmOOXMvzjWJz
gmJ+39t9C40hENuaoWJNRkLRuzgy78H8oeJ/YAg3MiAsfKLJEg2J/isVCJF54ql5
pNrNgUMB4gktGvQW769NUEZeLd1IJxDAQrelnsIfblA2A+2Vd5qj2UzXI5OxJCpj
Jyh63j1Z0pLIj/Y5HWWrCXgFRpCp9hCx78iMTX2N8ni3iBUJft/ph6hkwZVT+9oF
t2K8rfvZpKkGbGuYAbk5eNNOhw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Serial Number: 6 (0x6)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
Validity
Not Before: Jul 12 10:56:59 2009 GMT
Not After : Jul 12 10:56:59 2011 GMT
Not Before: Feb 12 14:44:07 2011 GMT
Not After : Feb 12 14:44:07 2021 GMT
Subject: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:dc:13:74:81:c6:12:f6:67:5d:a1:66:72:ed:dc:
79:b6:58:5c:32:58:b3:d4:14:fd:6c:02:61:9e:0b:
99:46:63:a3:0a:41:d4:42:33:21:e6:ed:43:07:5a:
1d:a2:3b:64:29:a8:2a:c1:66:28:00:59:d8:0c:49:
2d:30:b7:3d:8c:bb:60:62:31:83:27:7f:4b:95:92:
2e:a0:d6:c6:84:94:4b:b3:e4:a6:cc:ff:32:3a:c5:
ec:4c:c9:24:58:bf:b3:33:77:6a:b5:17:8b:02:10:
29:8e:95:aa:91:60:17:43:42:87:a8:7c:da:09:83:
98:9d:7a:65:5e:20:52:07:2e:65:a5:31:fd:d9:74:
1e:00:c9:ae:9d:81:56:8b:08:0a:f5:1e:9c:dc:a2:
5e:6c:db:ff:11:83:15:f4:d1:24:57:9b:0f:eb:35:
c9:f1:aa:46:4e:74:7f:fe:1d:b0:91:1f:89:4a:84:
cb:df:75:e3:cd:77:82:62:09:e5:9f:6d:29:de:2e:
25:d8:48:b6:20:be:51:97:4c:2d:20:65:2d:2a:50:
9e:24:5d:72:95:e0:a2:06:41:8c:61:e4:50:57:74:
96:b1:29:b5:a1:88:37:f1:5c:9e:b2:9e:8e:83:8d:
72:3b:b5:5c:fe:bb:12:89:72:5c:a1:f9:d8:18:29:
b2:27
00:b9:3c:4a:c5:c8:a3:8e:90:17:a4:9e:52:aa:71:
75:26:61:80:e7:c7:b5:6d:8c:ff:aa:b6:41:26:b7:
be:11:ad:5c:73:16:0c:64:11:48:04:ff:d6:e1:3b:
05:db:89:bb:b3:97:09:d5:1c:14:dd:68:87:39:b0:
3d:71:cb:e2:76:d0:1a:d8:18:2d:80:1b:54:f6:e5:
44:9a:f1:cb:af:61:2e:df:49:0d:9d:09:b7:ed:b1:
fd:3c:fd:3c:fa:24:cf:5d:bf:7c:e4:53:e7:25:b5:
ea:44:22:e9:26:d3:ea:20:94:9e:e6:61:67:ba:2e:
07:67:0b:03:2f:a2:09:ed:f0:33:8f:0b:ce:10:ef:
67:a4:c6:08:da:c1:ed:c2:3f:d7:4a:dd:15:3d:f9:
5e:1c:81:60:46:3e:b5:b3:3d:2f:a6:de:47:1c:bc:
92:ae:eb:df:27:6b:16:56:b7:dc:ec:d1:55:57:a5:
6e:ec:75:25:f5:b7:7b:df:ab:d2:3a:5a:91:98:7d:
97:17:0b:13:0a:a7:6b:4a:8b:c1:47:30:fb:3a:f8:
41:04:d5:c1:df:b8:1d:bf:7b:01:a5:65:a2:e0:1e:
36:b7:a6:5c:cc:30:5a:f8:cd:6f:cd:f1:19:62:25:
ca:01:e3:35:7f:fa:20:f5:dc:fd:69:b2:6a:00:7d:
17:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
B7:51:D4:E5:20:D5:45:54:F4:C5:51:1B:E0:82:B5:61:05:AF:9B:B6
7D:E4:9C:6B:E6:F9:71:7D:46:D2:12:3D:AD:6B:1D:FD:C2:AA:78:4C
X509v3 Authority Key Identifier:
keyid:CF:22:31:27:91:D8:C2:54:FF:1E:DA:D9:EE:8A:C5:89:32:AD:0C:21
keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
Signature Algorithm: md5WithRSAEncryption
7d:c7:ae:4b:1d:56:8c:c8:2a:40:13:24:91:38:b0:72:77:6a:
a3:fd:7e:0d:30:ca:96:7e:55:85:ff:fb:cd:a7:29:bd:a3:f8:
bc:df:e3:ee:f8:f0:5d:4b:91:0e:f6:e2:c5:9c:3f:74:26:d1:
d2:37:13:59:09:d6:39:43:ce:d7:67:70:92:c8:98:2b:5a:f5:
09:e1:ea:d9:43:f1:92:61:b8:43:74:d8:a9:f0:af:b6:df:11:
61:cd:8f:35:39:1f:d1:17:70:f9:2b:86:3e:df:4b:c6:81:0b:
f5:cc:de:62:dd:f7:7f:14:2a:1a:e7:98:3d:6e:db:1c:47:df:
8d:31:49:7b:78:b0:81:89:c8:b5:f5:e9:e4:9e:00:a5:20:70:
e5:32:56:e6:a7:be:68:ba:bf:d4:8e:8f:c8:42:31:30:b3:39:
fa:3e:9c:70:53:64:d6:96:af:f7:8a:e7:de:20:3a:f0:66:71:
98:ec:c0:f8:52:c9:07:be:29:0e:0d:6e:7e:4e:36:9c:bb:a1:
5a:ea:1e:6f:d9:8e:81:0c:58:88:1a:be:1b:01:14:ad:ad:4a:
58:7a:10:53:43:1b:6d:2d:17:44:94:ba:31:5d:09:4e:85:5c:
c7:f2:c2:53:a5:1d:58:dc:4e:de:3c:88:b3:13:5a:7f:5d:a5:
c6:e6:3a:f7
92:13:81:0c:ff:ac:ab:98:52:6c:28:c9:c6:3e:80:c6:ec:77:
d0:13:e1:a2:29:1d:2f:b7:c5:95:41:83:60:d9:50:9c:d0:d6:
09:f7:0f:97:cd:c0:e6:b2:68:fa:31:c9:2a:a3:d3:1e:53:ae:
79:dc:35:ba:b0:d9:e5:7a:37:1b:2a:92:fa:d2:59:90:43:1b:
6a:91:c1:db:36:da:e9:39:d3:f5:ac:e3:46:01:ca:55:04:17:
1a:b1:97:28:e8:ff:1b:e7:e1:10:c9:b5:31:d8:ce:a6:89:6a:
4a:df:78:7b:02:2f:83:b3:41:d5:ef:0b:b6:44:ff:32:a6:cf:
1b:c2:f4:b0:75:66:a9:da:6f:7c:a5:e3:c6:c1:3a:2f:bf:f8:
12:6f:04:2c:37:f2:4e:fc:b9:09:ff:a4:5b:40:19:e9:58:91:
64:82:d6:ad:b9:7f:c0:12:c2:ce:b7:b6:ba:fb:10:a2:3f:74:
97:10:39:d4:dc:4a:e5:5c:f7:e5:3a:d9:68:d7:17:6b:f5:51:
08:b4:a2:30:0d:cc:36:10:6d:4e:1d:22:cc:48:d1:38:44:ba:
cc:2b:47:99:f7:c6:8b:41:24:f3:f1:2c:10:1a:f2:88:bb:b2:
e0:fd:44:26:3d:ad:ea:af:1d:d0:00:56:41:4e:f4:b0:3b:9d:
32:6f:48:c7
-----BEGIN CERTIFICATE-----
MIIDPzCCAiegAwIBAgIBCzANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER
MIIDPzCCAiegAwIBAgIBBjANBgkqhkiG9w0BAQQFADA7MQswCQYDVQQGEwJOTDER
MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
MDkwNzEyMTA1NjU5WhcNMTEwNzEyMTA1NjU5WjA8MQswCQYDVQQGEwJOTDERMA8G
MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENlcnQgTUQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BN0gcYS9mddoWZy7dx5tlhcMliz
1BT9bAJhnguZRmOjCkHUQjMh5u1DB1odojtkKagqwWYoAFnYDEktMLc9jLtgYjGD
J39LlZIuoNbGhJRLs+SmzP8yOsXsTMkkWL+zM3dqtReLAhApjpWqkWAXQ0KHqHza
CYOYnXplXiBSBy5lpTH92XQeAMmunYFWiwgK9R6c3KJebNv/EYMV9NEkV5sP6zXJ
8apGTnR//h2wkR+JSoTL33XjzXeCYgnln20p3i4l2Ei2IL5Rl0wtIGUtKlCeJF1y
leCiBkGMYeRQV3SWsSm1oYg38Vyesp6Og41yO7Vc/rsSiXJcofnYGCmyJwIDAQAB
o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBS3UdTlINVFVPTFURvggrVhBa+btjAf
BgNVHSMEGDAWgBTPIjEnkdjCVP8e2tnuisWJMq0MITANBgkqhkiG9w0BAQQFAAOC
AQEAfceuSx1WjMgqQBMkkTiwcndqo/1+DTDKln5Vhf/7zacpvaP4vN/j7vjwXUuR
DvbixZw/dCbR0jcTWQnWOUPO12dwksiYK1r1CeHq2UPxkmG4Q3TYqfCvtt8RYc2P
NTkf0Rdw+SuGPt9LxoEL9czeYt33fxQqGueYPW7bHEffjTFJe3iwgYnItfXp5J4A
pSBw5TJW5qe+aLq/1I6PyEIxMLM5+j6ccFNk1pav94rn3iA68GZxmOzA+FLJB74p
Dg1ufk42nLuhWuoeb9mOgQxYiBq+GwEUra1KWHoQU0MbbS0XRJS6MV0JToVcx/LC
U6UdWNxO3jyIsxNaf12lxuY69w==
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTxKxcijjpAXpJ5SqnF1JmGA58e1
bYz/qrZBJre+Ea1ccxYMZBFIBP/W4TsF24m7s5cJ1RwU3WiHObA9ccvidtAa2Bgt
gBtU9uVEmvHLr2Eu30kNnQm37bH9PP08+iTPXb985FPnJbXqRCLpJtPqIJSe5mFn
ui4HZwsDL6IJ7fAzjwvOEO9npMYI2sHtwj/XSt0VPfleHIFgRj61sz0vpt5HHLyS
ruvfJ2sWVrfc7NFVV6Vu7HUl9bd736vSOlqRmH2XFwsTCqdrSovBRzD7OvhBBNXB
37gdv3sBpWWi4B42t6ZczDBa+M1vzfEZYiXKAeM1f/og9dz9abJqAH0X9wIDAQAB
o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBR95Jxr5vlxfUbSEj2tax39wqp4TDAf
BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQQFAAOC
AQEAkhOBDP+sq5hSbCjJxj6Axux30BPhoikdL7fFlUGDYNlQnNDWCfcPl83A5rJo
+jHJKqPTHlOuedw1urDZ5Xo3GyqS+tJZkEMbapHB2zba6TnT9azjRgHKVQQXGrGX
KOj/G+fhEMm1MdjOpolqSt94ewIvg7NB1e8LtkT/MqbPG8L0sHVmqdpvfKXjxsE6
L7/4Em8ELDfyTvy5Cf+kW0AZ6ViRZILWrbl/wBLCzre2uvsQoj90lxA51NxK5Vz3
5TrZaNcXa/VRCLSiMA3MNhBtTh0izEjROES6zCtHmffGi0Ek8/EsEBryiLuy4P1E
Jj2t6q8d0ABWQU70sDudMm9Ixw==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: