diff --git a/test/sun/security/ssl/CertPathRestrictions/JSSEClient.java b/test/sun/security/ssl/CertPathRestrictions/JSSEClient.java new file mode 100644 index 0000000000000000000000000000000000000000..e2e1b47d5066f2083bde2ea32b17e2d8c2dbf091 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/JSSEClient.java @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.InputStream; +import java.io.OutputStream; +import java.net.InetSocketAddress; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSocketFactory; + +/* + * A SSL socket client. + */ +public class JSSEClient { + + public static void main(String[] args) throws Exception { + System.out.println("Client: arguments=" + String.join("; ", args)); + + int port = Integer.valueOf(args[0]); + String[] trustNames = args[1].split(TLSRestrictions.DELIMITER); + String[] certNames = args[2].split(TLSRestrictions.DELIMITER); + String constraint = args[3]; + + TLSRestrictions.setConstraint("Client", constraint); + + SSLContext context = TLSRestrictions.createSSLContext( + trustNames, certNames); + SSLSocketFactory socketFactory = context.getSocketFactory(); + try (SSLSocket socket = (SSLSocket) socketFactory.createSocket()) { + socket.connect(new InetSocketAddress("localhost", port), + TLSRestrictions.TIMEOUT); + socket.setSoTimeout(TLSRestrictions.TIMEOUT); + System.out.println("Client: connected"); + + InputStream sslIS = socket.getInputStream(); + OutputStream sslOS = socket.getOutputStream(); + sslOS.write('C'); + sslOS.flush(); + sslIS.read(); + System.out.println("Client: finished"); + } catch (Exception e) { + throw new RuntimeException("Client: failed.", e); + } + } +} diff --git a/test/sun/security/ssl/CertPathRestrictions/JSSEServer.java b/test/sun/security/ssl/CertPathRestrictions/JSSEServer.java new file mode 100644 index 0000000000000000000000000000000000000000..afcae83b2251093efbd9f64e8f23cae6628a9105 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/JSSEServer.java @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.InputStream; +import java.io.OutputStream; + +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLServerSocket; +import javax.net.ssl.SSLServerSocketFactory; +import javax.net.ssl.SSLSocket; + +/* + * A SSL socket server. + */ +public class JSSEServer { + + private SSLServerSocket server = null; + + private Exception exception = null; + + public JSSEServer(SSLContext context, + boolean needClientAuth) throws Exception { + SSLServerSocketFactory serverFactory = context.getServerSocketFactory(); + server = (SSLServerSocket) serverFactory.createServerSocket(0); + server.setSoTimeout(TLSRestrictions.TIMEOUT); + server.setNeedClientAuth(needClientAuth); // for dual authentication + System.out.println("Server: port=" + getPort()); + } + + public void start() { + new Thread(new Runnable() { + + @Override + public void run() { + try { + System.out.println("Server: started"); + try (SSLSocket socket = (SSLSocket) server.accept()) { + socket.setSoTimeout(TLSRestrictions.TIMEOUT); + InputStream sslIS = socket.getInputStream(); + OutputStream sslOS = socket.getOutputStream(); + sslIS.read(); + sslOS.write('S'); + sslOS.flush(); + System.out.println("Server: finished"); + } + } catch (Exception e) { + e.printStackTrace(System.out); + exception = e; + } + } + }).start(); + } + + public int getPort() { + return server.getLocalPort(); + } + + public Exception getException() { + return exception; + } +} diff --git a/test/sun/security/ssl/CertPathRestrictions/TLSRestrictions.java b/test/sun/security/ssl/CertPathRestrictions/TLSRestrictions.java new file mode 100644 index 0000000000000000000000000000000000000000..f23a0a4ee5705986a726d96b6f504f1407a44932 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/TLSRestrictions.java @@ -0,0 +1,541 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.SocketTimeoutException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.security.KeyFactory; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.Security; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.Base64; +import java.util.stream.Collectors; + +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLHandshakeException; +import javax.net.ssl.TrustManagerFactory; + +import jdk.testlibrary.OutputAnalyzer; +import jdk.testlibrary.ProcessTools; + +/* + * @test + * @summary Verify the restrictions for certificate path on JSSE with custom trust store. + * @library /lib/testlibrary + * @compile JSSEClient.java + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions DEFAULT + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C1 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S1 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C2 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S2 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C3 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S3 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C4 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S4 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C5 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S5 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C6 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S6 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C7 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S7 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C8 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S8 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions C9 + * @run main/othervm -Djava.security.debug=certpath TLSRestrictions S9 + */ +public class TLSRestrictions { + + private static final String TEST_CLASSES = System.getProperty("test.classes"); + private static final char[] PASSWORD = "".toCharArray(); + private static final String CERT_DIR = System.getProperty("cert.dir", + System.getProperty("test.src") + "/certs"); + + static final String PROP = "jdk.certpath.disabledAlgorithms"; + static final String NOSHA1 = "MD2, MD5"; + private static final String TLSSERVER = "SHA1 usage TLSServer"; + private static final String TLSCLIENT = "SHA1 usage TLSClient"; + static final String JDKCATLSSERVER = "SHA1 jdkCA & usage TLSServer"; + static final String JDKCATLSCLIENT = "SHA1 jdkCA & usage TLSClient"; + + // This is a space holder in command arguments, and stands for none certificate. + static final String NONE_CERT = "NONE_CERT"; + + static final String DELIMITER = ","; + static final int TIMEOUT = 30000; + + // It checks if java.security contains constraint "SHA1 jdkCA & usage TLSServer" + // for jdk.certpath.disabledAlgorithms by default. + private static void checkDefaultConstraint() { + System.out.println( + "Case: Checks the default value of jdk.certpath.disabledAlgorithms"); + if (!Security.getProperty(PROP).contains(JDKCATLSSERVER)) { + throw new RuntimeException(String.format( + "%s doesn't contain constraint \"%s\", the real value is \"%s\".", + PROP, JDKCATLSSERVER, Security.getProperty(PROP))); + } + } + + /* + * This method creates trust store and key store with specified certificates + * respectively. And then it creates SSL context with the stores. + * If trustNames contains NONE_CERT only, it does not create a custom trust + * store, but the default one in JDK. + * + * @param trustNames Trust anchors, which are used to create custom trust store. + * If null, no custom trust store is created and the default + * trust store in JDK is used. + * @param certNames Certificate chain, which is used to create key store. + * It cannot be null. + */ + static SSLContext createSSLContext(String[] trustNames, + String[] certNames) throws Exception { + CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); + + TrustManagerFactory tmf = null; + if (trustNames != null && trustNames.length > 0 + && !trustNames[0].equals(NONE_CERT)) { + KeyStore trustStore = KeyStore.getInstance("JKS"); + trustStore.load(null, null); + for (int i = 0; i < trustNames.length; i++) { + try (InputStream is = new ByteArrayInputStream( + loadCert(trustNames[i]).getBytes())) { + Certificate trustCert = certFactory.generateCertificate(is); + trustStore.setCertificateEntry("trustCert-" + i, trustCert); + } + } + + tmf = TrustManagerFactory.getInstance("PKIX"); + tmf.init(trustStore); + } + + Certificate[] certChain = new Certificate[certNames.length]; + for (int i = 0; i < certNames.length; i++) { + try (InputStream is = new ByteArrayInputStream( + loadCert(certNames[i]).getBytes())) { + Certificate cert = certFactory.generateCertificate(is); + certChain[i] = cert; + } + } + + PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec( + Base64.getMimeDecoder().decode(loadPrivKey(certNames[0]))); + KeyFactory keyFactory = KeyFactory.getInstance("RSA"); + PrivateKey privKey = keyFactory.generatePrivate(privKeySpec); + + KeyStore keyStore = KeyStore.getInstance("JKS"); + keyStore.load(null, null); + keyStore.setKeyEntry("keyCert", privKey, PASSWORD, certChain); + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509"); + kmf.init(keyStore, PASSWORD); + + SSLContext context = SSLContext.getInstance("TLS"); + context.init(kmf.getKeyManagers(), + tmf == null ? null : tmf.getTrustManagers(), null); + return context; + } + + /* + * This method sets jdk.certpath.disabledAlgorithms, and then retrieves + * and prints its value. + */ + static void setConstraint(String side, String constraint) { + System.out.printf("%s: Old %s=%s%n", side, PROP, + Security.getProperty(PROP)); + Security.setProperty(PROP, constraint); + System.out.printf("%s: New %s=%s%n", side, PROP, + Security.getProperty(PROP)); + } + + /* + * This method is used to run a variety of cases. + * It launches a server, and then takes a client to connect the server. + * Both of server and client use the same certificates. + * + * @param trustNames Trust anchors, which are used to create custom trust store. + * If null, the default trust store in JDK is used. + * @param certNames Certificate chain, which is used to create key store. + * It cannot be null. The first certificate is regarded as + * the end entity. + * @param serverConstraint jdk.certpath.disabledAlgorithms value on server side. + * @param clientConstraint jdk.certpath.disabledAlgorithms value on client side. + * @param needClientAuth If true, server side acquires client authentication; + * otherwise, false. + * @param pass If true, the connection should be blocked; otherwise, false. + */ + static void testConstraint(String[] trustNames, String[] certNames, + String serverConstraint, String clientConstraint, + boolean needClientAuth, boolean pass) throws Throwable { + String trustNameStr = trustNames == null ? "" + : String.join(DELIMITER, trustNames); + String certNameStr = certNames == null ? "" + : String.join(DELIMITER, certNames); + + System.out.printf("Case:%n" + + " trustNames=%s; certNames=%s%n" + + " serverConstraint=%s; clientConstraint=%s%n" + + " needClientAuth=%s%n" + + " pass=%s%n%n", + trustNameStr, certNameStr, + serverConstraint, clientConstraint, + needClientAuth, + pass); + setConstraint("Server", serverConstraint); + JSSEServer server = new JSSEServer( + createSSLContext(trustNames, certNames), + needClientAuth); + int port = server.getPort(); + server.start(); + + // Run client on another JVM so that its properties cannot be in conflict + // with server's. + OutputAnalyzer outputAnalyzer = ProcessTools.executeTestJvm( + "-Dcert.dir=" + CERT_DIR, + "-Djava.security.debug=certpath", + "-classpath", + TEST_CLASSES, + "JSSEClient", + port + "", + trustNameStr, + certNameStr, + clientConstraint); + int exitValue = outputAnalyzer.getExitValue(); + String clientOut = outputAnalyzer.getOutput(); + + Exception serverException = server.getException(); + if (serverException != null) { + System.out.println("Server: failed"); + } + + System.out.println("---------- Client output start ----------"); + System.out.println(clientOut); + System.out.println("---------- Client output end ----------"); + + if (serverException instanceof SocketTimeoutException + || clientOut.contains("SocketTimeoutException")) { + System.out.println("The communication gets timeout and skips the test."); + return; + } + + if (pass) { + if (serverException != null || exitValue != 0) { + throw new RuntimeException( + "Unexpected failure. Operation was blocked."); + } + } else { + if (serverException == null && exitValue == 0) { + throw new RuntimeException( + "Unexpected pass. Operation was allowed."); + } + + // The test may encounter non-SSL issues, like network problem. + if (!(serverException instanceof SSLHandshakeException + || clientOut.contains("SSLHandshakeException"))) { + throw new RuntimeException("Failure with unexpected exception."); + } + } + } + + /* + * This method is used to run a variety of cases, which don't require client + * authentication by default. + */ + static void testConstraint(String[] trustNames, String[] certNames, + String serverConstraint, String clientConstraint, boolean pass) + throws Throwable { + testConstraint(trustNames, certNames, serverConstraint, clientConstraint, + false, pass); + } + + public static void main(String[] args) throws Throwable { + switch (args[0]) { + // Case DEFAULT only checks one of default settings for + // jdk.certpath.disabledAlgorithms in JDK/conf/security/java.security. + case "DEFAULT": + checkDefaultConstraint(); + break; + + // Cases C1 and S1 use SHA256 root CA in trust store, + // and use SHA256 end entity in key store. + // C1 only sets constraint "SHA1 usage TLSServer" on client side; + // S1 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C1": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S1": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + + // Cases C2 and S2 use SHA256 root CA in trust store, + // and use SHA1 end entity in key store. + // C2 only sets constraint "SHA1 usage TLSServer" on client side; + // S2 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C2": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S2": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C3 and S3 use SHA1 root CA in trust store, + // and use SHA1 end entity in key store. + // C3 only sets constraint "SHA1 usage TLSServer" on client side; + // S3 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C3": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S3": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA1-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C4 and S4 use SHA1 root CA as trust store, + // and use SHA256 end entity in key store. + // C4 only sets constraint "SHA1 usage TLSServer" on client side; + // S4 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C4": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S4": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { "INTER_CA_SHA256-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + + // Cases C5 and S5 use SHA1 root CA in trust store, + // and use SHA256 intermediate CA and SHA256 end entity in key store. + // C5 only sets constraint "SHA1 usage TLSServer" on client side; + // S5 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C5": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1", + "INTER_CA_SHA256-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S5": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1", + "INTER_CA_SHA256-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + + // Cases C6 and S6 use SHA1 root CA as trust store, + // and use SHA1 intermediate CA and SHA256 end entity in key store. + // C6 only sets constraint "SHA1 usage TLSServer" on client side; + // S6 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C6": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1", + "INTER_CA_SHA1-ROOT_CA_SHA1" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S6": + testConstraint( + new String[] { "ROOT_CA_SHA1" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1", + "INTER_CA_SHA1-ROOT_CA_SHA1" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C7 and S7 use SHA256 root CA in trust store, + // and use SHA256 intermediate CA and SHA1 end entity in key store. + // C7 only sets constraint "SHA1 usage TLSServer" on client side; + // S7 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C7": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256", + "INTER_CA_SHA256-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S7": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256", + "INTER_CA_SHA256-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C8 and S8 use SHA256 root CA in trust store, + // and use SHA1 intermediate CA and SHA256 end entity in key store. + // C8 only sets constraint "SHA1 usage TLSServer" on client side; + // S8 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should be blocked. + case "C8": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + false); + break; + case "S8": + testConstraint( + new String[] { "ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + false); + break; + + // Cases C9 and S9 use SHA256 root CA and SHA1 intermediate CA in trust store, + // and use SHA256 end entity in key store. + // C9 only sets constraint "SHA1 usage TLSServer" on client side; + // S9 only sets constraint "SHA1 usage TLSClient" on server side with client auth. + // The connection of the both cases should not be blocked. + case "C9": + testConstraint( + new String[] { + "ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256" }, + NOSHA1, + TLSSERVER, + true); + break; + case "S9": + testConstraint( + new String[] { + "ROOT_CA_SHA256", + "INTER_CA_SHA1-ROOT_CA_SHA256" }, + new String[] { + "END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256" }, + TLSCLIENT, + NOSHA1, + true, + true); + break; + } + + System.out.println("Case passed"); + System.out.println("========================================"); + } + + private static String loadCert(String certName) { + try { + Path certFilePath = Paths.get(CERT_DIR, certName + ".cer"); + return String.join("\n", + Files.lines(certFilePath).filter((String line) -> { + return !line.startsWith("Certificate") + && !line.startsWith(" "); + }).collect(Collectors.toList())); + } catch (IOException e) { + throw new RuntimeException("Load certificate failed", e); + } + } + + private static String loadPrivKey(String certName) { + Path priveKeyFilePath = Paths.get(CERT_DIR, certName + "-PRIV.key"); + try { + return new String(Files.readAllBytes(priveKeyFilePath)); + } catch (IOException e) { + throw new RuntimeException("Load private key failed", e); + } + } +} diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..8da367c70556d268543a701be8f5f0b6f9a3c8cc --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCYQDZxHxNJV8dQ +I6mfJjuIZxAe5CX9GCrS3Fajh5DXIQwdcvQ4s6YdKzwFn+8dUdspdNTnS+bWjfYw +0iAbsMt6L6ewutaZf6aufh1EBYiwNOvN8C8Cx0iiE8NiBo833AYWHKhDC4qu63QR +dYwb9j+Jg8t6p0lQ64sFLDN/RJOcWlaPQbJbSNBKePQR7WOFvdJgFAdQmQjL+ND6 +PSui9QByyXQ+3nfs7ID4paUxYbCrJMh5/AJqaT04DYDEumfmURUn5+ZOIqmqvI2I +pNXN5gVzL3b8mM2WGr5dpRY5cZ1X//BQ91SNjrKNJlmKFr7nMCfAdzxIW4b/sArv +eYNE2Vy7AgMBAAECggEBAJNtkopFoiJiKnFypxyiJAG4cwbGu/ZxwX3/uLGPY3S9 +3oJhvxVs+IzEQdHchempSwTAyizS9cuLGfs6bbcConZF0Sa0NXvb/SZ4npQwm6St +Ci2Xx530JWQ0qPyyB1r65rXguBp8AaXR/8msPqkQ8YOSqKWzea4u96Zhn9g8Koe6 +AD/8FeSzJBDVbJ+C7jKX/7sKsHbYqulzLMQf0lqXFxpGW+5UJaozoQOWXnnmqU3T +0i4uaGUCXHbQM8eh3fvMFCU4UQMYVS1QOSvZJTnO5bSb8SqeQnCMnQ18ltq4sL43 +qFsEcmAjrlhNoBwslqvfY1bX9NtXyFZ8PuD8OvoFxPkCgYEAxlVfD2qcrAoOcbDe +Em9hDVPizRuzGuCHi9K2YLDrLVDNd6NF3Pk65JiTsd1fA2AZdi+ljKGEwBhNFOyk +qwmK2K4sYy7zvyV3Blmwvyo7+OaeexYF8RIw5keGlRsgHTGarzlQAlJu91UmyAmE +C/99fZbSWo9QndJ0FVR6G3ti71UCgYEAxITBJqVtNFnv4PGdc3FNsYXlRQcSWjs9 +/1lsppLQjC6HMsb6JpxYUF3D4oFiUESKe/9kZzl1H/65Cm2mYq8sj+7lug8P5tz7 +DQa91dFM02r8JLO6TitSuZfbc0XH0K450ntuQlKX581icYSGBUwQHGApespuNVlh +Mg7CmwNse88CgYAienrhEjaUTdc++nFQoR4tE/UslPEo7fmCXCoqWvc3VIGzl6Ww +iX8seD3MwOAglRc4DYZpETcjsdXMmmrx9OG3U2gSAfqLszai2vq38N6mIWlRmn2D +8BaiIbMKvsFxccsjRQJctPnnc10fj0/uSgcFyy9cYOex2AEoKBxmJKgJVQKBgA0c +HhaJ6qMXbN1AwRQ2dsxk9kqIkjzavuQN/yWNncP8RqCojX+N5oZV+v9dSkW4jNSA +0R3hw2KDB60ea38h2IMxmLm0z4bDLyxLSta8w7dG59M6+i7EzRv8eXNTMGVHeiwE +d/KMt/2Kwgp4oMgxrtF1yM6cOoXslINWYL0emVoZAoGAcEKzO8LgPJsIVjRFz3ri +0AQqiXQzYek2WAXYhlQCvBVn8in3MYcxKhjA3Og3Lym0xvZ+/8SbII9QNaidbgIH +HDreeJW4KE5EfVnDaYcxwK/9LXZXndIxrpR0YKNSvZT7DuuQtFCoxJcASxb1k9Tc +5MPT+pyPL+9v2q56ry56qas= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256.cer b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256.cer new file mode 100644 index 0000000000000000000000000000000000000000..21872d79ba9a4b4b6f6f5892b1dff16c0a61af8d --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256.cer @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + e8:33:78:c7:69:9c:28:c2 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:07 2017 GMT + Not After : Mar 28 04:51:07 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA1-INTER_CA_SHA256-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:98:40:36:71:1f:13:49:57:c7:50:23:a9:9f:26: + 3b:88:67:10:1e:e4:25:fd:18:2a:d2:dc:56:a3:87: + 90:d7:21:0c:1d:72:f4:38:b3:a6:1d:2b:3c:05:9f: + ef:1d:51:db:29:74:d4:e7:4b:e6:d6:8d:f6:30:d2: + 20:1b:b0:cb:7a:2f:a7:b0:ba:d6:99:7f:a6:ae:7e: + 1d:44:05:88:b0:34:eb:cd:f0:2f:02:c7:48:a2:13: + c3:62:06:8f:37:dc:06:16:1c:a8:43:0b:8a:ae:eb: + 74:11:75:8c:1b:f6:3f:89:83:cb:7a:a7:49:50:eb: + 8b:05:2c:33:7f:44:93:9c:5a:56:8f:41:b2:5b:48: + d0:4a:78:f4:11:ed:63:85:bd:d2:60:14:07:50:99: + 08:cb:f8:d0:fa:3d:2b:a2:f5:00:72:c9:74:3e:de: + 77:ec:ec:80:f8:a5:a5:31:61:b0:ab:24:c8:79:fc: + 02:6a:69:3d:38:0d:80:c4:ba:67:e6:51:15:27:e7: + e6:4e:22:a9:aa:bc:8d:88:a4:d5:cd:e6:05:73:2f: + 76:fc:98:cd:96:1a:be:5d:a5:16:39:71:9d:57:ff: + f0:50:f7:54:8d:8e:b2:8d:26:59:8a:16:be:e7:30: + 27:c0:77:3c:48:5b:86:ff:b0:0a:ef:79:83:44:d9: + 5c:bb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:84:A1:70:1D:0A:92:D3:CC + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 22:63:2a:de:80:70:92:f7:53:e4:7f:ea:01:2b:13:b3:1b:02: + 2e:10:b4:1d:b7:33:7f:6f:0d:88:46:5a:b8:db:83:95:77:e2: + db:da:2e:31:0a:85:c6:9a:75:84:ca:73:5c:be:e3:30:22:7e: + bc:60:43:49:7c:69:06:14:4a:89:e4:23:ca:25:99:85:d6:06: + 16:d5:9e:a8:fd:25:43:88:07:12:0a:7e:de:24:33:71:ab:a4: + 23:aa:4e:dc:0f:89:ef:a9:09:89:55:a1:1d:ee:48:35:ea:10: + 42:ff:98:15:2a:e8:5c:46:e0:e4:4f:4c:b9:07:e0:da:08:6f: + ce:4a:fe:98:3e:ae:c5:e5:6a:6e:50:0f:2d:39:01:55:ed:59: + 0b:65:30:54:e8:72:26:ee:9f:cf:3f:ce:6a:20:c8:87:c9:81: + bc:f8:b3:ec:77:bb:bc:5b:8c:3f:18:fd:08:76:ad:27:59:fc: + b8:74:96:0d:cd:ed:97:91:6b:95:89:3a:f3:78:de:9f:06:a6: + ce:36:01:f0:be:ae:d8:d6:c4:3d:51:8a:2a:e0:43:59:8c:b4: + eb:63:93:9d:53:72:f8:4b:a3:c7:4a:da:2e:56:33:b6:46:1b: + 45:a8:23:1b:82:de:6d:4e:e0:18:cf:9b:ba:22:68:8b:8c:de: + 6f:08:2d:bc +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIJAOgzeMdpnCjCMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMScwJQYDVQQDDB5JTlRFUl9DQV9TSEEyNTYtUk9PVF9D +QV9TSEEyNTYwHhcNMTcwMzMwMDQ1MTA3WhcNMjcwMzI4MDQ1MTA3WjB/MQswCQYD +VQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09y +ZzENMAsGA1UECwwESmF2YTE3MDUGA1UEAwwuRU5EX0VOVElUWV9TSEExLUlOVEVS +X0NBX1NIQTI1Ni1ST09UX0NBX1NIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAJhANnEfE0lXx1AjqZ8mO4hnEB7kJf0YKtLcVqOHkNchDB1y9Diz +ph0rPAWf7x1R2yl01OdL5taN9jDSIBuwy3ovp7C61pl/pq5+HUQFiLA0683wLwLH +SKITw2IGjzfcBhYcqEMLiq7rdBF1jBv2P4mDy3qnSVDriwUsM39Ek5xaVo9BsltI +0Ep49BHtY4W90mAUB1CZCMv40Po9K6L1AHLJdD7ed+zsgPilpTFhsKskyHn8Ampp +PTgNgMS6Z+ZRFSfn5k4iqaq8jYik1c3mBXMvdvyYzZYavl2lFjlxnVf/8FD3VI2O +so0mWYoWvucwJ8B3PEhbhv+wCu95g0TZXLsCAwEAAaOBjDCBiTB5BgNVHSMEcjBw +oWOkYTBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkx +DDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEXMBUGA1UEAwwOUk9PVF9DQV9T +SEEyNTaCCQCEoXAdCpLTzDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IB +AQAiYyregHCS91Pkf+oBKxOzGwIuELQdtzN/bw2IRlq424OVd+Lb2i4xCoXGmnWE +ynNcvuMwIn68YENJfGkGFEqJ5CPKJZmF1gYW1Z6o/SVDiAcSCn7eJDNxq6Qjqk7c +D4nvqQmJVaEd7kg16hBC/5gVKuhcRuDkT0y5B+DaCG/OSv6YPq7F5WpuUA8tOQFV +7VkLZTBU6HIm7p/PP85qIMiHyYG8+LPsd7u8W4w/GP0Idq0nWfy4dJYNze2XkWuV +iTrzeN6fBqbONgHwvq7Y1sQ9UYoq4ENZjLTrY5OdU3L4S6PHStouVjO2RhtFqCMb +gt5tTuAYz5u6ImiLjN5vCC28 +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..cd99ead5d10660ae7be822921443ab2b1136e20f --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaYlKNTU1iQes/ +BtivvM1ixjCk1muM1RdMkJQItZB21y1kM1OLp3EmGKqVqwKbS5OTrMIxjPUwD9Ly +aRJMvSP1xve7zwmNXOngA8eukmQ2olQU58ble6IAHcj4qg7a38E1ITvDmAswhTzK +fI4Z6okLCjKfYafnfbi5JA+E6fiArB3zimjne+tiUNYZh2eYspsOOw6cmaLtIbMP +ZyXy4iP6OCNIikb08Da27zjVn04i1SeUEv1YFmn4B9GWcNLAXyM1LmCNi70+SATp +aZYRjr/BBR6LNZMBsNKJblWFXK3UtfYFiypyirgQjzPtLb1XsuMhfqMt8QZDh8n3 +YvYTW59xAgMBAAECggEAb4NPdhnoDulsL5XWZf55vhtH0ZQv/Qz+xbj57myQJS8B +Xa4b1i8dRv/Hc3+MaDIyXHEWBGle9jjOVbwzfP4D88eyzrMMxKOSRTKI72qPQ5qm +ZrpnxNzZv0d2TQvBZCBnrzKWKu1joVYX0anCghdR/VIqwVoDe+Clx9xTFGLI4yKO +7v0dkr4Hxn3NT6bTV18V6PoGbUgIsmpNYQPFyUM/IHG2ewDffLP+tm7RsEfKYmcx +Hr70pmWBpM9hwTAC+uXHuNXnsX4IjEQOXmm4PJ/A/sm2Bad93SPwi15e29MV8YbO +vvirGLaepa7AUvqoK0DFNCLU6vCeFJ7DUZ/u2P8x8QKBgQDxNOWvy3EV4/P/ocSf +itMtXZWj4driT4vUGwFZWfr3CVpZVaUmqXYeVdzNGuoWlmXOiOAuOepnlA36FCb5 +aGE4cq/hbdtbr+v6awEj5/A2me/ax1W1z6lD0pg0QJ7KvqFCBzVol5yTiWZKBVE+ +jp2waPfes770AUHczw9KKvEGtQKBgQDnxxiZAxtoNmOaB/NZmPNBKvWDw858+QX2 ++u/jEH3pW393tUnipgIoo6yvd6djhJ6/4ViOxdioMIQCBab/xuSB4lfQsrJsWvS9 +uYB794s7CV2r3kUa3ux8wAovW6Fc369nD7JjUPX/Cq3zdlyTDt9LVLRCpZ6Li1xB +r0ZVlpgPTQKBgQCgKay+X0tW6sdxHfyOp8Lz46liaa1LCuDhVZE+wHXZpXc9zJXe +JzZMjF0SQGXh27n8O30IlOJmJrRlMw5yG/I6ZkUNXkIDDryVyom2SuOBjhPrZOMv +15UgeO0h/Sqzm4M+ccTwD4Qjn1+xlPhOnqpsoja8xQPtyAvwz/jqGbtz5QKBgH01 +pSgj8Y5es3fmi6P/aInv9ynzgX0p2fsOnMEBi8Og1j+JBB0YqVni8crozNiKMGhg +CEM4xk41x1qASzMp8w/ngqEPqCu5BzXnHG3b0K9X4+6Q6KwXeZH6/IWQ7p8Jh+wZ +IrlcZ0gcMNSxQFmBU0eSvr6yUe/4nSIu2cQq0oKRAoGAUEFd0LxZw50BdCdpJlcQ ++oTbSUYQhAzPF2ybfR6i8IxXoOjVxpvRehlbwXIQV7XEqamXFTmBLIvuAlF1yWoH +hzxNJuEgPRTPztnHD6LVzvuf2ain+CFZuDrXBT2l8PyF9BNL4/DMRrbgdCxr9F0O +Ti0VJo1TRE8vVzUfVc9w1RI= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1.cer b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1.cer new file mode 100644 index 0000000000000000000000000000000000000000..c2cb37cb0eb9c5a241250af44bd2e4dd82253292 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1.cer @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 86:09:85:57:41:bf:86:65 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:06 2017 GMT + Not After : Mar 28 04:51:06 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:da:62:52:8d:4d:4d:62:41:eb:3f:06:d8:af:bc: + cd:62:c6:30:a4:d6:6b:8c:d5:17:4c:90:94:08:b5: + 90:76:d7:2d:64:33:53:8b:a7:71:26:18:aa:95:ab: + 02:9b:4b:93:93:ac:c2:31:8c:f5:30:0f:d2:f2:69: + 12:4c:bd:23:f5:c6:f7:bb:cf:09:8d:5c:e9:e0:03: + c7:ae:92:64:36:a2:54:14:e7:c6:e5:7b:a2:00:1d: + c8:f8:aa:0e:da:df:c1:35:21:3b:c3:98:0b:30:85: + 3c:ca:7c:8e:19:ea:89:0b:0a:32:9f:61:a7:e7:7d: + b8:b9:24:0f:84:e9:f8:80:ac:1d:f3:8a:68:e7:7b: + eb:62:50:d6:19:87:67:98:b2:9b:0e:3b:0e:9c:99: + a2:ed:21:b3:0f:67:25:f2:e2:23:fa:38:23:48:8a: + 46:f4:f0:36:b6:ef:38:d5:9f:4e:22:d5:27:94:12: + fd:58:16:69:f8:07:d1:96:70:d2:c0:5f:23:35:2e: + 60:8d:8b:bd:3e:48:04:e9:69:96:11:8e:bf:c1:05: + 1e:8b:35:93:01:b0:d2:89:6e:55:85:5c:ad:d4:b5: + f6:05:8b:2a:72:8a:b8:10:8f:33:ed:2d:bd:57:b2: + e3:21:7e:a3:2d:f1:06:43:87:c9:f7:62:f6:13:5b: + 9f:71 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:8D:A0:D2:8A:EE:0B:CF:65 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 29:b0:10:dc:45:ee:68:77:5f:12:9b:fc:de:eb:70:41:2e:6a: + a2:5f:a9:cc:ca:97:24:01:4a:1d:c2:78:52:57:34:9c:83:7f: + 60:f5:d9:68:a2:32:89:e9:d7:25:71:72:71:e5:76:e3:37:af: + 41:25:cc:8b:a4:fd:81:ef:6b:15:2b:91:3c:68:a5:25:53:cf: + c1:b9:aa:49:b4:cd:e3:3c:a2:8e:38:ea:e8:51:7c:7b:92:41: + bd:a3:22:7d:97:59:ad:55:e2:7d:9d:6a:bb:1f:95:84:1c:50: + 00:e9:6c:74:1d:bb:6c:07:ca:bc:6a:a2:dd:c1:66:37:64:bd: + fe:1a:c0:8c:a7:8c:a1:60:b8:c3:d2:5f:92:80:ee:ad:79:29: + f2:ad:e2:9f:74:39:bf:3b:a4:b6:25:2a:87:3f:36:49:b9:52: + fd:91:33:be:1d:41:a9:76:29:47:6e:c7:db:a8:ab:6e:78:91: + c0:13:56:1c:25:41:51:a7:64:4f:07:c0:2a:a8:80:63:8d:98: + e0:54:7d:a6:f4:22:6b:70:fa:1c:16:82:f4:07:2e:e1:ba:94: + 96:ec:c7:9e:8e:0a:24:1e:a4:e9:c0:92:ca:bd:32:98:ef:1f: + e1:a6:e6:4d:1f:c5:68:1b:77:d0:e0:35:1a:a9:c9:ee:98:72: + 7b:c3:e7:51 +-----BEGIN CERTIFICATE----- +MIID9jCCAt6gAwIBAgIJAIYJhVdBv4ZlMA0GCSqGSIb3DQEBCwUAMGsxCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMSMwIQYDVQQDDBpJTlRFUl9DQV9TSEExLVJPT1RfQ0Ff +U0hBMTAeFw0xNzAzMzAwNDUxMDZaFw0yNzAzMjgwNDUxMDZaMH0xCzAJBgNVBAYT +AlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0w +CwYDVQQLDARKYXZhMTUwMwYDVQQDDCxFTkRfRU5USVRZX1NIQTI1Ni1JTlRFUl9D +QV9TSEExLVJPT1RfQ0FfU0hBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBANpiUo1NTWJB6z8G2K+8zWLGMKTWa4zVF0yQlAi1kHbXLWQzU4uncSYYqpWr +AptLk5OswjGM9TAP0vJpEky9I/XG97vPCY1c6eADx66SZDaiVBTnxuV7ogAdyPiq +DtrfwTUhO8OYCzCFPMp8jhnqiQsKMp9hp+d9uLkkD4Tp+ICsHfOKaOd762JQ1hmH +Z5iymw47DpyZou0hsw9nJfLiI/o4I0iKRvTwNrbvONWfTiLVJ5QS/VgWafgH0ZZw +0sBfIzUuYI2LvT5IBOlplhGOv8EFHos1kwGw0oluVYVcrdS19gWLKnKKuBCPM+0t +vVey4yF+oy3xBkOHyfdi9hNbn3ECAwEAAaOBijCBhzB3BgNVHSMEcDBuoWGkXzBd +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkxDDAKBgNV +BAoMA09yZzENMAsGA1UECwwESmF2YTEVMBMGA1UEAwwMUk9PVF9DQV9TSEExggkA +jaDSiu4Lz2UwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAKbAQ3EXu +aHdfEpv83utwQS5qol+pzMqXJAFKHcJ4Ulc0nIN/YPXZaKIyienXJXFyceV24zev +QSXMi6T9ge9rFSuRPGilJVPPwbmqSbTN4zyijjjq6FF8e5JBvaMifZdZrVXifZ1q +ux+VhBxQAOlsdB27bAfKvGqi3cFmN2S9/hrAjKeMoWC4w9JfkoDurXkp8q3in3Q5 +vzuktiUqhz82SblS/ZEzvh1BqXYpR27H26irbniRwBNWHCVBUadkTwfAKqiAY42Y +4FR9pvQia3D6HBaC9Acu4bqUluzHno4KJB6k6cCSyr0ymO8f4abmTR/FaBt30OA1 +GqnJ7phye8PnUQ== +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..3f9ad5384df95c364b6b38943958382151cc74db --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDaCsiXcNnu7WpV +t+FarvFhtaRr4RMQbKGhiIHi4aV0vqWmpX/eFde01eQZTZcPGJzEnjJrkyFo3Wbd +31bjBLpt40kkI7kbODHrA2L+vY/hoCQeXK8+BrGioX9qHOpD7OLI3Esm1+KDiPPK +w6qr9O9nS/fOID3zly92r+obY2ZuW6jQC0Yah3K9INrSIjH+rHXsmj2U5dCnktfi +LzRcocvqtQHASYXFXEhWr1TCMnSz7h+l07O5YgYpmhwkRIPCkcdP+9wGhO2eOJYU +kfaBteodDh7vHj2F+A6Lheosa4mi/nysyhQJl8uBFw97dqab9ul5Tb03iHmaY/q0 +xJKcEohnAgMBAAECggEBAJsa6K6yHJWWVfo8IBb+M7+qExiat5ELdb8O+DaJBcYS +iIwPVvKI3zVIokZNp5OZkotbbcqQk0ehl7dlVM2RY30gHbuTne36/6eKdTV5a4y4 ++niOviqFYH+sGpNFlnBTZtAzxVIQaJXhKmum3RYN2u/EXrdGwEsz1RO89/AbuZXu +VdtEKkjPHXrIjnBkiT4271sm3OiPwOe6g0NKBMJ4InTyB+YtpgxlXtF+vv5cv6Vt +ayT3sNsdsD8HLrenMmwv/k7nTYgNbhaJX2YCs9W7ZEscU2th6F7Cx6Z0z9h1SElC ++OKKhU6HnG/pWFMfWu80ZNjb3NTpXzTv4CLKjEYvz6ECgYEA8qEe+Ga7+XD0XwPB +bFjoKmhOQhv0VCIiu9RgvIxQn5DuGX4H2hO1GP8LYOQZBm25nICIa+DyDZEaFGgL +QgfPI4boK/rdV8syFTUNfw1Wq+W/pHhqzgUGHAnzRpX8jBQa9of14O+B7//ZFdGj +5nt0qFTOAgNGslXMvSicKD/g0mMCgYEA5g7MpMmZI8zPf/PKLBkrQegdX2TBBiI5 +3KzvQuA29tEFdVwUIuhkgQkmy1u9Ujw0jZZ8NVBOsqfg7e7XkVr6/OF+MVWBjWl3 +Jn3DMCHl/HCLIZ4ZOM6/ydIMpBX6Ii53nvpO6vxRaOUg2T2gVHadVjjQAN9Oj68r +TKUHfs4rTy0CgYB/g5QuQnfqKaYUxXmDQtqJZxYyAlUPXn1Yr85DaY75vYaVGTpx +L0hPIcNOIbLRQRt6l8aaw7cS0D6fmOrJwibn6f/dFVP8zwq8QIyeSFlTsERe4PZo +3hUO6V/UqgD3cZ2WEXB0zgtBIfpqUCpOeHWf/inivuwJz7PxegVP1fqHNwKBgA0p +CZHfqm/+1lvmcUlGg0/43D1JwTT9nju+dM1pkBtcZ6iIBOreSmmLQXnenJzorsTu +t9pA5s+XhOl3gUNiZfszVwmxb4DMaLF9/j1xovtm4L6ikaTLRvNfnbOBQlbUO6mP +fhY5KtsKSG/E87gBNQzqoRN7sr3Lcnmm8x/Q4W9dAoGAITDcOI7UgPcnKMO8JUI5 +96Po3c/S7nBilVZRFOwjn0z6jrjzNTd+1IqkzIKBWfs5WlRkzXI6LPJVghwPUqUa +q2C/3hQATD3FchEIohLfd8bj/wObaZNlKJB59a1RjxRZxuVQl3jvovvpn/hdXuJB +nGIx7MryEG/yRpfrk2DL0bI= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256.cer b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256.cer new file mode 100644 index 0000000000000000000000000000000000000000..22390ed7d7e60f5dcb4a6e10ea44185c3c6a1524 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256.cer @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 9e:f7:d7:79:1c:06:83:d5 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:05 2017 GMT + Not After : Mar 28 04:51:05 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA1-ROOT_CA_SHA256-PRIV + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:da:0a:c8:97:70:d9:ee:ed:6a:55:b7:e1:5a:ae: + f1:61:b5:a4:6b:e1:13:10:6c:a1:a1:88:81:e2:e1: + a5:74:be:a5:a6:a5:7f:de:15:d7:b4:d5:e4:19:4d: + 97:0f:18:9c:c4:9e:32:6b:93:21:68:dd:66:dd:df: + 56:e3:04:ba:6d:e3:49:24:23:b9:1b:38:31:eb:03: + 62:fe:bd:8f:e1:a0:24:1e:5c:af:3e:06:b1:a2:a1: + 7f:6a:1c:ea:43:ec:e2:c8:dc:4b:26:d7:e2:83:88: + f3:ca:c3:aa:ab:f4:ef:67:4b:f7:ce:20:3d:f3:97: + 2f:76:af:ea:1b:63:66:6e:5b:a8:d0:0b:46:1a:87: + 72:bd:20:da:d2:22:31:fe:ac:75:ec:9a:3d:94:e5: + d0:a7:92:d7:e2:2f:34:5c:a1:cb:ea:b5:01:c0:49: + 85:c5:5c:48:56:af:54:c2:32:74:b3:ee:1f:a5:d3: + b3:b9:62:06:29:9a:1c:24:44:83:c2:91:c7:4f:fb: + dc:06:84:ed:9e:38:96:14:91:f6:81:b5:ea:1d:0e: + 1e:ef:1e:3d:85:f8:0e:8b:85:ea:2c:6b:89:a2:fe: + 7c:ac:ca:14:09:97:cb:81:17:0f:7b:76:a6:9b:f6: + e9:79:4d:bd:37:88:79:9a:63:fa:b4:c4:92:9c:12: + 88:67 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:84:A1:70:1D:0A:92:D3:CD + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 89:84:ce:6d:80:83:e7:19:80:21:a5:d3:79:ac:c4:2f:5c:5f: + 47:f1:1c:e7:40:2a:57:ec:76:01:a9:10:b6:a2:2b:1b:02:ac: + f7:46:b1:67:b3:36:0f:fa:f0:a3:40:c2:5a:38:00:67:a9:9d: + e8:59:be:2f:5b:d0:c6:6c:20:90:c0:3b:6b:af:75:8c:93:ac: + 5a:1e:8b:66:2c:79:0b:6d:9d:0d:d3:68:b5:b6:df:d6:04:6b: + 24:f7:5a:b9:f0:18:08:81:b1:50:1c:ac:1b:7a:b7:b8:d8:8e: + 6f:15:78:7e:23:5f:41:5c:df:76:09:1a:67:36:15:35:6a:77: + 36:09:19:50:12:6d:60:20:c1:7a:36:cb:4c:ee:a8:d7:b7:c7: + 29:26:31:04:0a:44:48:25:be:dd:00:92:ea:8c:00:ee:b4:eb: + 52:4a:da:47:97:d7:42:df:dd:7d:17:de:e3:a1:14:49:3b:2d: + aa:ac:e7:83:0f:c0:2d:3f:31:c5:af:bb:b1:1e:53:d1:a7:13: + 55:e3:25:f6:67:95:a1:75:e9:b8:a1:81:eb:d0:de:8a:a3:af: + 78:dc:d0:39:d0:e7:d6:61:9e:39:7b:8b:f9:ee:44:48:78:92: + e7:22:fa:9c:a4:d0:6b:2b:89:0a:fa:78:3d:7a:af:44:91:e5: + 8a:40:2f:10 +-----BEGIN CERTIFICATE----- +MIIEAjCCAuqgAwIBAgIJAJ7313kcBoPVMA0GCSqGSIb3DQEBCwUAMG0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMSUwIwYDVQQDDBxJTlRFUl9DQV9TSEExLVJPT1RfQ0Ff +U0hBMjU2MB4XDTE3MDMzMDA0NTEwNVoXDTI3MDMyODA0NTEwNVowgYQxCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMTwwOgYDVQQDDDNFTkRfRU5USVRZX1NIQTI1Ni1JTlRF +Ul9DQV9TSEExLVJPT1RfQ0FfU0hBMjU2LVBSSVYwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDaCsiXcNnu7WpVt+FarvFhtaRr4RMQbKGhiIHi4aV0vqWm +pX/eFde01eQZTZcPGJzEnjJrkyFo3Wbd31bjBLpt40kkI7kbODHrA2L+vY/hoCQe +XK8+BrGioX9qHOpD7OLI3Esm1+KDiPPKw6qr9O9nS/fOID3zly92r+obY2ZuW6jQ +C0Yah3K9INrSIjH+rHXsmj2U5dCnktfiLzRcocvqtQHASYXFXEhWr1TCMnSz7h+l +07O5YgYpmhwkRIPCkcdP+9wGhO2eOJYUkfaBteodDh7vHj2F+A6Lheosa4mi/nys +yhQJl8uBFw97dqab9ul5Tb03iHmaY/q0xJKcEohnAgMBAAGjgYwwgYkweQYDVR0j +BHIwcKFjpGEwXzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARD +aXR5MQwwCgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFzAVBgNVBAMMDlJPT1Rf +Q0FfU0hBMjU2ggkAhKFwHQqS080wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF +AAOCAQEAiYTObYCD5xmAIaXTeazEL1xfR/Ec50AqV+x2AakQtqIrGwKs90axZ7M2 +D/rwo0DCWjgAZ6md6Fm+L1vQxmwgkMA7a691jJOsWh6LZix5C22dDdNotbbf1gRr +JPdaufAYCIGxUBysG3q3uNiObxV4fiNfQVzfdgkaZzYVNWp3NgkZUBJtYCDBejbL +TO6o17fHKSYxBApESCW+3QCS6owA7rTrUkraR5fXQt/dfRfe46EUSTstqqzngw/A +LT8xxa+7sR5T0acTVeMl9meVoXXpuKGB69DeiqOveNzQOdDn1mGeOXuL+e5ESHiS +5yL6nKTQayuJCvp4PXqvRJHlikAvEA== +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..8584f50ec7e2f9dfd31c366845c937f8f9d00be8 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHC0ieOFNTJjP+ +HMlFQ/w50Hx/+FYh9z9w3i08dVvi8oEhGUop7fvsqEyuAj3U/BYG87Wsv27wfa9l +qSJRSgqUT3yI4jsMY/ozUInuKpp/yL97abyZVDUZc3diDZqryA/Qur8HNVLyA2hD +DA9x8Ioeu5EDFl7AeqV3jx+A8fbulwVeCa29GByVkWRUEVF/48a1jpazBf2YQvrm +5ElWoG8fuMrz6vgj+gYZYb1GPXmJQrtAIRp4Z1/AquPS4A/O21DnPLEM8WSw+rSC +KGGKMqefJw74zeVyPlOiOmjFTeNfeVDViQrDgU++CTDjFa8XhweU6v+MtY5Mmzmf +2AETGyd9AgMBAAECggEANCdMu8hebOcRsH+ybSfHKw7p0E4to3C5esV8bN8DWI/a +LeYGfL4SyIvAq8eClBAJZYDuFXmDhBgqoSSUDWCtLPc21lcQycpYgKGVwoX/PYRI +R/oIpNRfpW+P1G1kHaaqHjMQYr8iIK+r3gWG9n/kcPEMqhZudVitiopB4vODlDgf +OI0goNWwYOPzoBkJSBbgfYC7vSz0dg+j9ooYPDnyUnHjykhu95mkmBHYc/MVMP8s +ntFB5pgtWuLQATZImW4A1dtZiqCsF6APvJIQASxVq+wv3dwhejF9xMZR96QchVZJ +QvPOcH76njIH4fThb0e46Dn54+KBpCnveSnDtAz5sQKBgQD2u6gWOK/Z4VqGlff1 +diLqzesdalCJhydKzOGRzRiJeW4E4MhEpUjIo44zPGkQ64zq6nefqIltdiaE7T9C +Fnyu/+vd0zE1v3Ipgv0wD3NgTj3gGrBwl2gkY5sfSbCR+8vS/DhRU+s3KN45m3s4 +XfM27Uw/Zh/DFIe7jmGezfe/3wKBgQDOhRjDfxDDLCEXw4QFQb7Sp/43EGfoTd8h +m700T/QXUTGx6qRhzHF9mUVea7FT+3I6CEqYNnZtFlYsJlq1g457rnvUJnTjJZb7 +wFl1h+u4u3IKo/lUUh2vD89PPOkMUF/uamJLh5jK7KNkOjwEDN2yPkRgaedY++nv +NBcUPpGUIwKBgEkFmOWauVC+hVA3qj8XS5Y6g08dW+CYA2T75faEwLJPIeSHsj2+ +vR/EaB15z46WaApOgkDaXHHs+dF1dbdVeGlCjMgF7RZ/JoZqogxLRlZGUcG1pGpu +JQBACnTkFkHeR6CVzQUk1QRqL/rUrU8tXwHukRZiXxwZQ2Ka7QFW6+/5AoGAHGem +Dk2NyqppKtGTeP2f921vw7cX85WyWPcIwQc2NXbPdP8m+OSbv4CzT9dUHo75GQ5G +5ESpaTunQo9L7qdXk59eHMHlVdC3wYylQUsemtv9RYVkJ7rbplZwVx+zliP/7dTo +DCdsVozRtFlmI9B5Najm0rP+Q/jyJhpuCjTI5S0CgYEAsYcmFZZotwOyT4oJ/1Fu +BtSOsoxnCa1vPJTVXEoX3F28ZUP4X0iWgGDO1e3aoWWYxWusf1fUj9BWbVnbtJfb +gJ5JtQTAuMvmjCwFRWcBUytdxTUsWFbuDc5fw7DMW7YqjkCCISkd6Q8JyaFsJPy1 +7uFzumBnFtZGUIo2w4l8yrQ= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1.cer b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1.cer new file mode 100644 index 0000000000000000000000000000000000000000..8b9f080920e895efd402f924ba6a2ab590361cc6 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1.cer @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 9e:b3:99:30:15:24:2c:69 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:06 2017 GMT + Not After : Mar 28 04:51:06 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c7:0b:48:9e:38:53:53:26:33:fe:1c:c9:45:43: + fc:39:d0:7c:7f:f8:56:21:f7:3f:70:de:2d:3c:75: + 5b:e2:f2:81:21:19:4a:29:ed:fb:ec:a8:4c:ae:02: + 3d:d4:fc:16:06:f3:b5:ac:bf:6e:f0:7d:af:65:a9: + 22:51:4a:0a:94:4f:7c:88:e2:3b:0c:63:fa:33:50: + 89:ee:2a:9a:7f:c8:bf:7b:69:bc:99:54:35:19:73: + 77:62:0d:9a:ab:c8:0f:d0:ba:bf:07:35:52:f2:03: + 68:43:0c:0f:71:f0:8a:1e:bb:91:03:16:5e:c0:7a: + a5:77:8f:1f:80:f1:f6:ee:97:05:5e:09:ad:bd:18: + 1c:95:91:64:54:11:51:7f:e3:c6:b5:8e:96:b3:05: + fd:98:42:fa:e6:e4:49:56:a0:6f:1f:b8:ca:f3:ea: + f8:23:fa:06:19:61:bd:46:3d:79:89:42:bb:40:21: + 1a:78:67:5f:c0:aa:e3:d2:e0:0f:ce:db:50:e7:3c: + b1:0c:f1:64:b0:fa:b4:82:28:61:8a:32:a7:9f:27: + 0e:f8:cd:e5:72:3e:53:a2:3a:68:c5:4d:e3:5f:79: + 50:d5:89:0a:c3:81:4f:be:09:30:e3:15:af:17:87: + 07:94:ea:ff:8c:b5:8e:4c:9b:39:9f:d8:01:13:1b: + 27:7d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:8D:A0:D2:8A:EE:0B:CF:64 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 2b:43:e4:c1:37:36:00:a3:ed:25:15:c7:9f:6b:25:0e:24:cd: + 1c:e8:d2:8c:a6:11:05:a9:2b:b5:dc:7b:fd:55:8e:be:1d:15: + d7:8b:a8:a6:44:cf:03:ba:ba:78:74:26:b9:19:11:c0:03:9b: + 4d:2f:f9:f7:ea:da:a3:2f:82:f9:9e:d0:77:d6:bf:eb:fd:57: + c8:eb:03:54:0a:0c:2b:36:0c:e5:99:b7:93:4d:a9:9d:e9:50: + 80:66:4e:73:c1:bd:83:13:09:ee:b9:01:62:ed:90:0e:4f:ff: + 9d:92:f3:cd:db:1f:ba:da:fc:67:9d:cb:a0:09:99:8b:3e:ea: + 9d:61:55:ac:6f:fb:11:5c:c0:fe:fb:ff:5b:15:7d:a7:c1:aa: + 3a:cd:30:43:35:ea:44:8a:21:ae:9f:af:bc:5c:ae:3a:01:2c: + 3b:eb:b6:8c:6a:e1:1c:4e:55:0a:84:5b:f8:68:71:aa:97:02: + 9b:5d:c4:c9:42:df:19:91:28:4a:12:35:8d:2e:3d:10:ec:35: + 8a:b1:d7:e0:e2:a6:f9:f6:47:4b:17:75:84:8e:2d:66:e8:74: + be:d6:27:6b:a2:28:23:26:41:70:92:c2:7c:50:e2:81:c9:e0: + 10:84:5d:87:4f:db:93:ce:dd:09:d2:48:63:3d:53:66:31:64: + 5a:13:b5:a6 +-----BEGIN CERTIFICATE----- +MIID+jCCAuKgAwIBAgIJAJ6zmTAVJCxpMA0GCSqGSIb3DQEBCwUAMG0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMSUwIwYDVQQDDBxJTlRFUl9DQV9TSEEyNTYtUk9PVF9D +QV9TSEExMB4XDTE3MDMzMDA0NTEwNloXDTI3MDMyODA0NTEwNlowfzELMAkGA1UE +BhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARDaXR5MQwwCgYDVQQKDANPcmcx +DTALBgNVBAsMBEphdmExNzA1BgNVBAMMLkVORF9FTlRJVFlfU0hBMjU2LUlOVEVS +X0NBX1NIQTI1Ni1ST09UX0NBX1NIQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDHC0ieOFNTJjP+HMlFQ/w50Hx/+FYh9z9w3i08dVvi8oEhGUop7fvs +qEyuAj3U/BYG87Wsv27wfa9lqSJRSgqUT3yI4jsMY/ozUInuKpp/yL97abyZVDUZ +c3diDZqryA/Qur8HNVLyA2hDDA9x8Ioeu5EDFl7AeqV3jx+A8fbulwVeCa29GByV +kWRUEVF/48a1jpazBf2YQvrm5ElWoG8fuMrz6vgj+gYZYb1GPXmJQrtAIRp4Z1/A +quPS4A/O21DnPLEM8WSw+rSCKGGKMqefJw74zeVyPlOiOmjFTeNfeVDViQrDgU++ +CTDjFa8XhweU6v+MtY5Mmzmf2AETGyd9AgMBAAGjgYowgYcwdwYDVR0jBHAwbqFh +pF8wXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARDaXR5MQww +CgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFTATBgNVBAMMDFJPT1RfQ0FfU0hB +MYIJAI2g0oruC89kMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBACtD +5ME3NgCj7SUVx59rJQ4kzRzo0oymEQWpK7Xce/1Vjr4dFdeLqKZEzwO6unh0JrkZ +EcADm00v+ffq2qMvgvme0HfWv+v9V8jrA1QKDCs2DOWZt5NNqZ3pUIBmTnPBvYMT +Ce65AWLtkA5P/52S883bH7ra/Gedy6AJmYs+6p1hVaxv+xFcwP77/1sVfafBqjrN +MEM16kSKIa6fr7xcrjoBLDvrtoxq4RxOVQqEW/hocaqXAptdxMlC3xmRKEoSNY0u +PRDsNYqx1+Dipvn2R0sXdYSOLWbodL7WJ2uiKCMmQXCSwnxQ4oHJ4BCEXYdP25PO +3QnSSGM9U2YxZFoTtaY= +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..7fa6368571422ed37c65ade81a1dbb48f58fa374 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDuH2+6I/ytoLeW +AG3J0xMQafYmxYDZNaDjiWBl7TGpL4TjRY84FuHI/G8ib0VY9DKtyUixm7qZev+b +ExrfQGk9ZV7Dn41uBvmGcUMSqwb0QV/5/hneP7/3EXhoWjsCFUe0r0zOgCM7O9+F +jUlSuxEHyaFE09PxWGVZpU4Yu71PeoI/JJGITV81o2Fst7Urz65NE5OWrvbO+pfD +EiRvjLv/uil7znYV28lCbH7U1K8q5nGVtnpgTguhGL6/N3lIgvxoBtoXEQwdMV59 +APsH8anA19rHn5h/ZmknryxAs0c6Rg9Plo30MonIU/eAVZwNw8TczD276Rc02xnW +RmbmxToRAgMBAAECggEAbK3OWV9JWJlMkNqbQQzj247w+FsV5ozSZGbzpzFtg/Eb +Lns11XykCg4kTswIE4RIiQaf9efEb34yoL1Ee3YzUgEtEg2FCB2IzvJskV2ba+lW +e4uclNH1tDa2BLKB0f6SXoXPgUP8UHGQH60PNQIJ0MsWnoorZjBY+WQ305QD3/yB +fMonkjpWN+ZNTY8Y3vA2SsS4EoY0Ndy2FpmWPwKKMCcqXw6xzVjKvq+jpFfsGpcj +i3MlKsCG5koreWrXdyt28CVOc6eMW5rsJfAHRw+OSn7PdLaGyZCUUsFXCjG0Vq2G +YwuMfTJprrZk+lbi3XUXWk7XUEURB7Q4lIBxAcskAQKBgQD8pVj0OIsVHAGjQQ7C +ZAnxFlON7XX3fgPdLtil9c+a1GlcPA2K52fBp8YlKlAS4bmZIQHbbkEBjh8KfG1P +x7zBHoUXV8ruo/axzRPoeBVQat5NQKcKnlITrqdf8J3a+8iMxpMpd53h97HGiayq +W04ZQNf7wjXvR+pJVluTEaoVUQKBgQDxSLruMmCsYvD+sipaQ3rBEMIAI3kc7ctl +fEnipEk5wtPkKKldw+rvbh/AwY2i2JMUDcW92hkB5vCvbcKmCEkEO3FbawNkJnJi +qfwbvHP/fGThMV3gbWWF3GZvBKY2+toSa2rwoR5kYTT1e4+byk38NAp/HAItFHIT +DgAgMy6owQKBgQCjd8jKnBtBmVFl9B48oMXd+/gsCM0fSaXuYvVCzH17TJyvVRve +GEQGBSwrt+j/jpWsArNU602cV/y1qDSCPlZfDgRHSkK/jc9805hh/fCsi7kyevaZ +5D5vBb6+UM2Sdv8YNxPY7NB2+PFJ6KKTx2gM5uvYtZx4KivpL7souXE3QQKBgDxg +FZ5q7rPUIjepP13MyteqqNC+D51Eh4PCgP58W3JfpQPPhOnYj14QMVPbWuSnys3W +0Gc8PsuyDQHoti8znYm4khntAjE6SZ8Up+gM1P3WE6wh3Tq+RQwk5WDcSfcx+AVp +6Z2Cw4ccp9LRc1LpYXA9WW8LBCRhnFXWSAPGquNBAoGAdCsvFzSipQ5qxWPlClRM +lKqDdQheRl9IKCuImXZAvdX952VhmP7QV5PUwLV/CkVquvSdRSshrMO/fqFjfkjr +puajXghFXa+YppQW42tPYBmKDnNVgxW5d5sC62AYaykh2iNw3v4BJyN+MMmkSf0M +4/mKvs5m8N2OkOpY6r2wCp8= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256.cer b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256.cer new file mode 100644 index 0000000000000000000000000000000000000000..c503f92fb12da72efe7bef3ecacc6aebfcc48a2f --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256.cer @@ -0,0 +1,81 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + e8:33:78:c7:69:9c:28:c1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:04 2017 GMT + Not After : Mar 28 04:51:04 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=END_ENTITY_SHA256-INTER_CA_SHA256-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ee:1f:6f:ba:23:fc:ad:a0:b7:96:00:6d:c9:d3: + 13:10:69:f6:26:c5:80:d9:35:a0:e3:89:60:65:ed: + 31:a9:2f:84:e3:45:8f:38:16:e1:c8:fc:6f:22:6f: + 45:58:f4:32:ad:c9:48:b1:9b:ba:99:7a:ff:9b:13: + 1a:df:40:69:3d:65:5e:c3:9f:8d:6e:06:f9:86:71: + 43:12:ab:06:f4:41:5f:f9:fe:19:de:3f:bf:f7:11: + 78:68:5a:3b:02:15:47:b4:af:4c:ce:80:23:3b:3b: + df:85:8d:49:52:bb:11:07:c9:a1:44:d3:d3:f1:58: + 65:59:a5:4e:18:bb:bd:4f:7a:82:3f:24:91:88:4d: + 5f:35:a3:61:6c:b7:b5:2b:cf:ae:4d:13:93:96:ae: + f6:ce:fa:97:c3:12:24:6f:8c:bb:ff:ba:29:7b:ce: + 76:15:db:c9:42:6c:7e:d4:d4:af:2a:e6:71:95:b6: + 7a:60:4e:0b:a1:18:be:bf:37:79:48:82:fc:68:06: + da:17:11:0c:1d:31:5e:7d:00:fb:07:f1:a9:c0:d7: + da:c7:9f:98:7f:66:69:27:af:2c:40:b3:47:3a:46: + 0f:4f:96:8d:f4:32:89:c8:53:f7:80:55:9c:0d:c3: + c4:dc:cc:3d:bb:e9:17:34:db:19:d6:46:66:e6:c5: + 3a:11 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:84:A1:70:1D:0A:92:D3:CC + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 1d:1a:87:7d:11:0e:cc:cd:7f:6c:ed:21:1a:2c:35:de:09:b8: + c4:cf:0c:31:00:3d:f5:bd:d4:6e:f0:4f:7e:c2:8d:d6:c5:28: + ed:38:9d:d7:52:32:e2:8d:7b:64:c8:1d:4e:69:7e:49:5f:e1: + 5e:04:c7:d3:96:d2:63:ef:2c:35:4f:eb:08:2b:9d:b0:15:df: + 33:d8:1c:59:8e:bb:f1:28:4f:f0:85:bb:3c:56:e1:86:a4:75: + 2b:44:8a:1c:98:ae:94:f3:b6:76:a9:a3:e7:d6:bc:58:ef:fe: + 32:11:6f:76:5b:85:f8:14:91:83:2c:b6:20:a5:48:48:8b:6e: + ee:a8:6c:2b:12:18:94:3e:59:5e:a6:66:53:dc:40:b2:da:fd: + a4:5f:16:35:b6:20:2b:31:86:9b:91:55:b2:35:63:d2:47:bd: + 91:7e:43:bc:d6:0e:dc:95:1a:f0:8d:08:e5:66:cd:d1:0b:32: + d6:92:26:3e:78:e8:70:74:e1:14:64:b0:39:5d:7c:d0:28:23: + c7:83:53:02:90:fe:fc:9e:aa:9a:fb:c4:ef:9d:d5:22:f6:c1: + fd:e4:07:04:25:4f:8f:b2:13:6f:0d:51:cc:54:b4:38:d3:ac: + 31:aa:94:c5:d0:c8:5a:58:35:13:87:3e:f6:74:26:8c:2b:7d: + 6c:8e:36:a5 +-----BEGIN CERTIFICATE----- +MIIEATCCAumgAwIBAgIJAOgzeMdpnCjBMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMScwJQYDVQQDDB5JTlRFUl9DQV9TSEEyNTYtUk9PVF9D +QV9TSEEyNTYwHhcNMTcwMzMwMDQ1MTA0WhcNMjcwMzI4MDQ1MTA0WjCBgTELMAkG +A1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYDVQQHDARDaXR5MQwwCgYDVQQKDANP +cmcxDTALBgNVBAsMBEphdmExOTA3BgNVBAMMMEVORF9FTlRJVFlfU0hBMjU2LUlO +VEVSX0NBX1NIQTI1Ni1ST09UX0NBX1NIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAO4fb7oj/K2gt5YAbcnTExBp9ibFgNk1oOOJYGXtMakvhONF +jzgW4cj8byJvRVj0Mq3JSLGbupl6/5sTGt9AaT1lXsOfjW4G+YZxQxKrBvRBX/n+ +Gd4/v/cReGhaOwIVR7SvTM6AIzs734WNSVK7EQfJoUTT0/FYZVmlThi7vU96gj8k +kYhNXzWjYWy3tSvPrk0Tk5au9s76l8MSJG+Mu/+6KXvOdhXbyUJsftTUryrmcZW2 +emBOC6EYvr83eUiC/GgG2hcRDB0xXn0A+wfxqcDX2sefmH9maSevLECzRzpGD0+W +jfQyichT94BVnA3DxNzMPbvpFzTbGdZGZubFOhECAwEAAaOBjDCBiTB5BgNVHSME +cjBwoWOkYTBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENp +dHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEXMBUGA1UEAwwOUk9PVF9D +QV9TSEEyNTaCCQCEoXAdCpLTzDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA +A4IBAQAdGod9EQ7MzX9s7SEaLDXeCbjEzwwxAD31vdRu8E9+wo3WxSjtOJ3XUjLi +jXtkyB1OaX5JX+FeBMfTltJj7yw1T+sIK52wFd8z2BxZjrvxKE/whbs8VuGGpHUr +RIocmK6U87Z2qaPn1rxY7/4yEW92W4X4FJGDLLYgpUhIi27uqGwrEhiUPllepmZT +3ECy2v2kXxY1tiArMYabkVWyNWPSR72RfkO81g7clRrwjQjlZs3RCzLWkiY+eOhw +dOEUZLA5XXzQKCPHg1MCkP78nqqa+8TvndUi9sH95AcEJU+PshNvDVHMVLQ406wx +qpTF0MhaWDUThz72dCaMK31sjjal +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..cb077627f1e169a87d2fb13f1eecacf7356ce8e4 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1-PRIV.key @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDX1pPNXGpnPQNc +x9ReXrjbcHkIoyXcdXbhO0TnUBV5aGJTEn5/meDsK76Y2KDVyU/EO2jXpaQ5QiGn +UzY6vKIn6boqTov4NLYwBsVPdAG/xZyr5q7p6bnJ8WRj40A2JeOeZ3FMglRtBCNg +rYeEC4MDp2F41OVxsJZ4huodq94arqhD/hjE40g06UNa0I+/2dIpI2cSamIC5b3L +/DK3ol+gIw/OOxMCgzAUSjeH6nTrrW1hUeSKx0NPGWRLWzLQ2yxhYcXlsedNuKHo +ux/p3EkGXoGPajK7s7IlKj9CPQYwlQez37jCLJGovArqTr/8hxfrKMdZOl5bp+6H +6uWh6af7AgMBAAECggEAXrUsM79qfRR7pjmVCTe9G6T1pwGXum3clSYhrPIqChTw +mA0Ubr9Bv7/OKVlc8ZIdKzj6Xy2yquFGzRopQIrHCIZ5htjieC4BB3/hEmUP42s9 +vPxDIibJvD/s0hvEcD4d68LuJylFDHT1ZRWf0iQPAApxLckVSNa4n/hrQEvK8J+G +HIH8VATq9iHp/GQmmFB8b3ubqn46zDGqly14+TGP2KtVJlY9FuCpvmtZZZjJ+K09 +vYM+BATwje6N6PqX5a3Z+NFC1NK9CmC+U6ECJ27uhySn8kvlU/i/SOAnrPftByO7 +g7K8p2Qzq1LlVIUU/JTidNZGXTaTMOVg8eHLmyt92QKBgQD9a94rLqk9BUtVsTYa +AImt+KbUMB+Zi83cYDiCfNBkfIYw4dVUFJecmqZwg7IeqNwuSmXP41fASOvDel/L +8bOj/rPccVSG9pmU0ir5WK9n8zobogfAzvaFr8cmo+TVv0FOZZA8e/+UfVsiKAsW +3nwhwxN8ieILU1dtaNV1IfnAPwKBgQDaCM9URf+DFILI2WpuzKpk1loF6HrlklIn ++N0IFFcalqUpC8GhXTw7suypRBCZ+cp32h7WEcN9aHLMrnkDQP3bGTv53pJT5N9k +7nk9Bfrk0CJCxeMRKwtuMhLkOmT0eh2aB1lWR0owA5b1Gjtiz5kTW7NN2+paJCDz +SiDLVoFpRQKBgQCHvt0N4nuy/QACkd86BGm7b8LlTDXRCMsnrb73XqY9/VngG0gr +NrCTqV9YS6MAu1Dd1uo8djnN/QGU/xsLYpfoU4nCnk450SQpTH7Ke8/Rbb8FiECA +7hutNqAFuardOApiVRLy4zTfNFq5rBtsj5aMezMX9b/Ic0cUiyA0ExP1/wKBgQCp +SDvI34wRdqRQUtWa7xbAsdg1TBnXEjLtTAA4nKpAP4Q+CR2uLlhstW+fv/PvyIwV +X+mfJS2VubmgBzp3d0dhjAcP6mnL7yAvGiRRZ8ozSxG+rCuvEa+PQBuAzYHCeulu +xJPtM+56tt7GsDY5cpsT95eQNNWQZQqcOgqaNTDGzQKBgCmMwRP1HN0qUSSVO1d8 +8N17OoZe5yntppEjesYQrLf4AEgPS3Qj8dv0qfe3z1B0gAKlG9+OR8cUBCMGVyum +b51SiSi3LSm1VeuMfT7JDMSxTkbaI5CY7v+/5yCRFqikgBtCkHM9m4K95d3dVDO8 +JGrlKiKVIbu5LnQZMkPHRIEX diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1.cer b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1.cer new file mode 100644 index 0000000000000000000000000000000000000000..58a4043c6364d6c7ca1c1e46ee66676000648888 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA1.cer @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 8d:a0:d2:8a:ee:0b:cf:65 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:04 2017 GMT + Not After : Mar 28 04:51:04 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d7:d6:93:cd:5c:6a:67:3d:03:5c:c7:d4:5e:5e: + b8:db:70:79:08:a3:25:dc:75:76:e1:3b:44:e7:50: + 15:79:68:62:53:12:7e:7f:99:e0:ec:2b:be:98:d8: + a0:d5:c9:4f:c4:3b:68:d7:a5:a4:39:42:21:a7:53: + 36:3a:bc:a2:27:e9:ba:2a:4e:8b:f8:34:b6:30:06: + c5:4f:74:01:bf:c5:9c:ab:e6:ae:e9:e9:b9:c9:f1: + 64:63:e3:40:36:25:e3:9e:67:71:4c:82:54:6d:04: + 23:60:ad:87:84:0b:83:03:a7:61:78:d4:e5:71:b0: + 96:78:86:ea:1d:ab:de:1a:ae:a8:43:fe:18:c4:e3: + 48:34:e9:43:5a:d0:8f:bf:d9:d2:29:23:67:12:6a: + 62:02:e5:bd:cb:fc:32:b7:a2:5f:a0:23:0f:ce:3b: + 13:02:83:30:14:4a:37:87:ea:74:eb:ad:6d:61:51: + e4:8a:c7:43:4f:19:64:4b:5b:32:d0:db:2c:61:61: + c5:e5:b1:e7:4d:b8:a1:e8:bb:1f:e9:dc:49:06:5e: + 81:8f:6a:32:bb:b3:b2:25:2a:3f:42:3d:06:30:95: + 07:b3:df:b8:c2:2c:91:a8:bc:0a:ea:4e:bf:fc:87: + 17:eb:28:c7:59:3a:5e:5b:a7:ee:87:ea:e5:a1:e9: + a7:fb + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:F1:3B:B7:FB:28:3F:52:09 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + d3:ce:da:23:e1:7c:73:fb:7f:26:d7:a4:3c:7b:17:01:75:ce: + a5:bd:75:f1:65:1b:56:27:ae:f8:97:a6:c4:ca:94:93:c9:12: + bb:c7:ec:2b:d5:38:d5:43:3a:6c:c2:51:3a:79:2f:d7:4e:da: + 2d:12:1f:b8:c2:4f:c8:ba:33:d3:f5:0c:78:cc:26:69:24:47: + 3f:ed:17:a0:7f:d0:20:fe:11:ca:75:50:1a:61:e1:91:b5:fa: + 91:04:e9:14:59:77:d4:29:0f:43:19:e0:dc:dd:a6:18:14:f4: + 33:3e:f0:cb:36:7b:18:04:03:dd:be:35:41:c4:3e:65:d2:67: + 44:73:ab:7f:d1:b9:26:7e:b3:1e:d0:e4:a4:52:83:60:a9:e6: + e1:bf:62:bb:9b:16:0c:97:ad:11:1a:2f:eb:92:ca:7e:98:15: + 46:23:59:5d:26:d9:ec:57:85:51:5b:09:f1:9b:1b:d3:5d:53: + 02:67:1a:e4:24:49:67:87:04:75:66:13:56:1b:8b:a1:08:de: + c8:4b:f8:87:73:6e:c2:31:ee:f6:32:14:45:32:a3:3f:e4:b1: + 0f:23:28:29:b4:a3:86:65:4f:2e:57:ad:8f:44:77:f8:4b:ea: + 7b:9d:8e:dc:cb:07:ee:b4:78:46:db:cd:12:eb:ad:ef:9b:8f: + 22:ba:83:7b +-----BEGIN CERTIFICATE----- +MIID1jCCAr6gAwIBAgIJAI2g0oruC89lMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTEwHhcNMTcwMzMw +MDQ1MTA0WhcNMjcwMzI4MDQ1MTA0WjBrMQswCQYDVQQGEwJVUzELMAkGA1UECAwC +Q0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEj +MCEGA1UEAwwaSU5URVJfQ0FfU0hBMS1ST09UX0NBX1NIQTEwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDX1pPNXGpnPQNcx9ReXrjbcHkIoyXcdXbhO0Tn +UBV5aGJTEn5/meDsK76Y2KDVyU/EO2jXpaQ5QiGnUzY6vKIn6boqTov4NLYwBsVP +dAG/xZyr5q7p6bnJ8WRj40A2JeOeZ3FMglRtBCNgrYeEC4MDp2F41OVxsJZ4huod +q94arqhD/hjE40g06UNa0I+/2dIpI2cSamIC5b3L/DK3ol+gIw/OOxMCgzAUSjeH +6nTrrW1hUeSKx0NPGWRLWzLQ2yxhYcXlsedNuKHoux/p3EkGXoGPajK7s7IlKj9C +PQYwlQez37jCLJGovArqTr/8hxfrKMdZOl5bp+6H6uWh6af7AgMBAAGjgYowgYcw +dwYDVR0jBHAwbqFhpF8wXTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMQ0wCwYD +VQQHDARDaXR5MQwwCgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFTATBgNVBAMM +DFJPT1RfQ0FfU0hBMYIJAPE7t/soP1IJMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN +AQEFBQADggEBANPO2iPhfHP7fybXpDx7FwF1zqW9dfFlG1YnrviXpsTKlJPJErvH +7CvVONVDOmzCUTp5L9dO2i0SH7jCT8i6M9P1DHjMJmkkRz/tF6B/0CD+Ecp1UBph +4ZG1+pEE6RRZd9QpD0MZ4NzdphgU9DM+8Ms2exgEA92+NUHEPmXSZ0Rzq3/RuSZ+ +sx7Q5KRSg2Cp5uG/YrubFgyXrREaL+uSyn6YFUYjWV0m2exXhVFbCfGbG9NdUwJn +GuQkSWeHBHVmE1Ybi6EI3shL+IdzbsIx7vYyFEUyoz/ksQ8jKCm0o4ZlTy5XrY9E +d/hL6nudjtzLB+60eEbbzRLrre+bjyK6g3s= +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..8997b5f69e009a74092ca9b262290cc25c46e144 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256-PRIV.key @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDWN68vV57EPqPZ +Dtvi2+NI4tfxUgkaWJXbqrLKuAJC8bff9edZpMXGAyqMpDDr7MAjs/3TDYpVaWYN +Id5iwqamImbBLYf/K0LOkaX6+TyogaqwwdNVryR5eYcGXEiJY1MJ2mgzCNeGJ091 +4qwll3xkjAFolB6o9QoIbLB3cctl0vw6oAoi3TKWQxJ+UI6/uBotX5eQ9z1b/MDs +6PNXHB22jYAj4tOePMZxq7AVCwTFpWbHK8j5ftXxpVoU5ECNHfIAHLprJqc/lKdf +7rMyflbsjD8nV7TwY+FW7WfOQgiJhk0OK3VaBeSsovpOOwjS4Lpsazh3eUXeZJUk +lrYrMfI3AgMBAAECggEAEpXmNx9NAQ3GPXDSlw4o3AwCXEeXzpdc+SAIPxpT5+b8 +4wt8tQRcvF9N88HTFMUHrpFRNlx4Ygyw8/a6SqtEtilJ7Py8TeE8/JsaYXn6T0xg +uNE4OrjlWzy2AFFFYdYiQDqYy8S6nkMO29V8xg4slrSm8qHXPyVzZ2O2s8ZFtWG+ +ItAMb+Gv7FU2M4te/TwRnadljFAoyWry0XCXle1fN1Y3QJXtu3VDdmLmU0t+VGfa +wuZ5k0FIb9TFIQuxtgUNXJZmIjZw4Ych3luUc1bMSn9FPHeOzk8J3yo1tGqQu15M +KMLHxASTgt6opfhDbYIpD0fJJqCPdiJlMrqXHBPYwQKBgQDy8lrmsjBE97H0U2sS +tqlJq+7VOe2ien+z6seXFxd6XHBI8D/wTi2Q/7BpIGbpek3xc0ujxaFbcqo/RJZA +TUzYmc5leQLTwy4a54Neo33+sOuYPg8fQIMPT1OGa3DXv3EPSC8FdQrweNjn/bDX +YXbXJ2nKc3RgdTVehuMh6mw25wKBgQDhuitrTL3dlyHMGhO+djxW3cgjsUbJXQsK +1GnkGw5mzzL67M6ixw4WNxNJjuXEUI5Vat8iJzhZOA+Ae84DDbeN2FCM7UBpUsyB +9T9aApBYLLMflZhl4PXK/zkh1J9vA5NqqJbAcw6a5uH0kjtuJOSvP5CVQc2xsX9i +U9+eZesQMQKBgHo4Znasqg/oNIRf+vvdHOlNL8fhbqVQzzHqKSLfoRYTrwFirCfu +jInnuA4LGPrYZqHTiPgJEpX456EQli4fNUu6hNUTvdJe3LD4S2SvB1G8G6npfp4Q +TF7FX5W+M3S2gOBZRh6OtUQo56Y+QFr6U1kGIPiSgLeN/51gap/DWVF9AoGBAMmL +hMEloFF+Y/rtPbvNrkqRc+YKn32jyfw9dN7rGYzKbGaHkmjc+sLzIhGHubfzhWLX +Law9AJ8I4y6BXIx1bvMDtche/igMefV/mLUxnNhd8QG+fHhayJwcDlMamdBxjOqq +5Q+oq927UP0ipFXQMzAWvW3Hd3W1WlvdL8kqjxvBAoGBAMaZ9JZO48Zn17IUweZC +oVfM99YaHa+dm3L47PdQN6Ag6UjQ+sZ/6SLGIIg67SDhUQ+nuPCL8PH3Rf7PCuqW +oHW3F+44SIrVdLlMkWb444dxdP6Xvb9aOMpvopBDuvzYPR3xzZ202DZbZ0sIEVu8 +8a+09JbRmEI2/Ee+em6a/Y4T diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256.cer b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256.cer new file mode 100644 index 0000000000000000000000000000000000000000..440b9c35c57bc6315ec47cb373020e150e5a628d --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA1-ROOT_CA_SHA256.cer @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 84:a1:70:1d:0a:92:d3:cd + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:03 2017 GMT + Not After : Mar 28 04:51:03 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA1-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d6:37:af:2f:57:9e:c4:3e:a3:d9:0e:db:e2:db: + e3:48:e2:d7:f1:52:09:1a:58:95:db:aa:b2:ca:b8: + 02:42:f1:b7:df:f5:e7:59:a4:c5:c6:03:2a:8c:a4: + 30:eb:ec:c0:23:b3:fd:d3:0d:8a:55:69:66:0d:21: + de:62:c2:a6:a6:22:66:c1:2d:87:ff:2b:42:ce:91: + a5:fa:f9:3c:a8:81:aa:b0:c1:d3:55:af:24:79:79: + 87:06:5c:48:89:63:53:09:da:68:33:08:d7:86:27: + 4f:75:e2:ac:25:97:7c:64:8c:01:68:94:1e:a8:f5: + 0a:08:6c:b0:77:71:cb:65:d2:fc:3a:a0:0a:22:dd: + 32:96:43:12:7e:50:8e:bf:b8:1a:2d:5f:97:90:f7: + 3d:5b:fc:c0:ec:e8:f3:57:1c:1d:b6:8d:80:23:e2: + d3:9e:3c:c6:71:ab:b0:15:0b:04:c5:a5:66:c7:2b: + c8:f9:7e:d5:f1:a5:5a:14:e4:40:8d:1d:f2:00:1c: + ba:6b:26:a7:3f:94:a7:5f:ee:b3:32:7e:56:ec:8c: + 3f:27:57:b4:f0:63:e1:56:ed:67:ce:42:08:89:86: + 4d:0e:2b:75:5a:05:e4:ac:a2:fa:4e:3b:08:d2:e0: + ba:6c:6b:38:77:79:45:de:64:95:24:96:b6:2b:31: + f2:37 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:A3:52:9D:82:6F:DD:C6:1D + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 56:fb:b0:ab:a6:bb:3a:55:04:ed:5c:3b:ae:0c:0d:32:8f:aa: + ec:b7:24:2c:d5:37:b9:1f:91:64:21:c2:c0:6d:bc:d4:d4:5e: + e2:f1:12:ad:34:02:93:65:10:6c:93:93:2c:23:53:e8:ed:96: + c7:3b:6b:44:df:ff:24:8b:c1:cc:26:b2:1e:8f:26:66:34:3a: + bb:7d:ef:4e:a6:7e:b2:c8:93:c9:f7:46:5a:de:40:88:70:28: + c7:d1:fd:27:c3:99:fd:6a:a1:a5:e1:6d:c3:5a:bc:99:28:95: + e9:17:ed:a4:56:a5:04:ad:fb:74:a2:01:26:2a:5a:45:bc:7b: + 0d:df:0c:41:79:8b:b4:15:50:cd:88:ce:f5:a7:ee:cb:d2:5b: + 76:81:4c:1b:09:92:0e:e9:c6:42:df:b7:81:9e:89:3d:49:ed: + 17:fa:d2:2f:bd:8b:74:d5:cb:ce:af:46:6a:74:b3:34:a0:c5: + a0:64:66:7a:80:59:15:1e:de:16:df:11:3d:1e:96:e2:e5:2d: + f1:4d:20:f3:f6:f1:19:aa:ac:f8:b4:6e:76:a0:26:6c:cd:90: + f2:23:35:a0:8b:c8:e8:5d:27:5d:34:d3:69:74:61:c5:ac:6a: + 54:e9:86:8d:ca:ca:16:03:48:7f:cd:23:43:41:e2:77:3a:5d: + f2:3e:de:fa +-----BEGIN CERTIFICATE----- +MIID3DCCAsSgAwIBAgIJAIShcB0KktPNMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjAeFw0xNzAz +MzAwNDUxMDNaFw0yNzAzMjgwNDUxMDNaMG0xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZh +MSUwIwYDVQQDDBxJTlRFUl9DQV9TSEExLVJPT1RfQ0FfU0hBMjU2MIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jevL1eexD6j2Q7b4tvjSOLX8VIJGliV +26qyyrgCQvG33/XnWaTFxgMqjKQw6+zAI7P90w2KVWlmDSHeYsKmpiJmwS2H/ytC +zpGl+vk8qIGqsMHTVa8keXmHBlxIiWNTCdpoMwjXhidPdeKsJZd8ZIwBaJQeqPUK +CGywd3HLZdL8OqAKIt0ylkMSflCOv7gaLV+XkPc9W/zA7OjzVxwdto2AI+LTnjzG +cauwFQsExaVmxyvI+X7V8aVaFORAjR3yABy6ayanP5SnX+6zMn5W7Iw/J1e08GPh +Vu1nzkIIiYZNDit1WgXkrKL6TjsI0uC6bGs4d3lF3mSVJJa2KzHyNwIDAQABo4GM +MIGJMHkGA1UdIwRyMHChY6RhMF8xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEN +MAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZhMRcwFQYD +VQQDDA5ST09UX0NBX1NIQTI1NoIJAKNSnYJv3cYdMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQEFBQADggEBAFb7sKumuzpVBO1cO64MDTKPquy3JCzVN7kfkWQhwsBt +vNTUXuLxEq00ApNlEGyTkywjU+jtlsc7a0Tf/ySLwcwmsh6PJmY0Ort9706mfrLI +k8n3RlreQIhwKMfR/SfDmf1qoaXhbcNavJkolekX7aRWpQSt+3SiASYqWkW8ew3f +DEF5i7QVUM2IzvWn7svSW3aBTBsJkg7pxkLft4GeiT1J7Rf60i+9i3TVy86vRmp0 +szSgxaBkZnqAWRUe3hbfET0eluLlLfFNIPP28RmqrPi0bnagJmzNkPIjNaCLyOhd +J10002l0YcWsalTpho3KyhYDSH/NI0NB4nc6XfI+3vo= +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..e1388a1025114288cf4d9b975a3452c18cac55fc --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDh12cWta4H1sY6 +KHyfvxSJk1JIUAe08JFmHwvO0Eb6LRmKrqwbXEyGs0CPGhMlnmxjvrfXbKkUjodY +9ByxSBa7zYaVdPDGKDQ3HvPxyjZ0npPrHDII2wR+0UOD0ftkDbPHWQFBsl0OY/sI +pRzihYRh8MwCrADdza3vHPrNBz2umuM5jnN20FVIGKhGMGbg5eackBmgvcaWT6BW +B67iYRWVRwLywdSE+imOIS4P7ivndBe1DlB+z4oBmbBwYkM+5WyR3yT4+stdByyn +naL+kExsC/TWDw+sE9TQUo2zqRbNI1j8UhBaQZz1pbX5YeGPTq/Z2J8EGvPxz6VY +PmkDyMl3AgMBAAECggEAKrlDKUqpZ5Y73di26smNKxGRqVhqfNJdz0HkS/We18kc +Yd31dR+a4oial/fI038K5ju4L6rAucDU3gEgRHFsy45v/Won+nS0nBDg+UbV0m4F +cZ7d4Er+qLcR3KgmtKDa98VgtXr2m7hSTypdMoUrrBOPpJnBeDRmyStkTtEl3Bfa +Fh72SZXNauGvB5+qrbPhls1HoWVbzZ3i6oUCBDrfmLD6G0ipGM+AQICmXjYX8OxT +Ye5u/6DU4TkWu5A6/1m0Q4clGZXSeMx2d4PkZ0jZKOXdhwvzAaGh7I0AkuA4ZlCj +slXENyAzQhm4EHHWxvld11e8oEh4DUfWtUXeLttawQKBgQDybE5gjAZdv+5BJXWV +l2G+zb5tKHWd0XQQ2epktX+i+iA5lA0bLkAA4rrmZVsDEc4D2yjINsopBHTjwvtV +F/LBBWIynm6MkIyjY6+0fBfoikz9ebKikuf1YRoRC5Dl0pd2Wa/ps2wowDbQnj3o +4e6x+z0WviyL+uRr1JyotR2J5wKBgQDufVw64Z6AdWThlnP8qXqW12QQBd5qChPr +fHJEkx0ViBoM97yalVzDssXn4X2ESVDqtsxH21SzKzDGzLoCG3PwCPgp9zWk9GS/ +HfhXFzI3qHIlI+s6481vjqDnXtvJ7oHutxYkkYQXSMgC69jeRY0nW78Bz03BAYjQ +boRmeK1x8QKBgQDw9VBOTMADLUPvQwGGKAsC8VQHAgEuVcONAF0nrvPoFcA0GwGP +87+wYayuVy5IdckVMiBuKW91p7VbsjHJGd2zl9tMPwfY9dCkkvBRcEr/W4A9Llqt +l2GyF8smCB4FIfZkr67Xlvy54Jxbbf5RXUi5ZeUJlwuGM2IaACGa2zM6HwKBgEmW +iOTqRTwh/RTWlcd6jAcLQybmiLBzl53r8l5SfoDsVA14S8vvFoaUHRjlrRMqhDtI +WFQ7yzDVvOE6vpJz4hxIyDo6u2TAvG10U/Kbh7VA1qe7I5QyQmuPuPprfKocXB9K +gxyZggalQIIWP/6lu15PoupuCvHpBUw7LcNorSwhAoGAXXBcp4U369B3ld+M+hC9 +G+2VttaC2917iqoM8R7WOiwez+10s+fNv89B6DjZxeX5haa7bbB+RvfqN8OysIRK +m0Bh4w6q/JuRydj9T5sJLk9oUrEFLncqihlNT+1WEwR5x50OODYjpHz1YORo5HzL +cnXKk8xTZFE7mXD1ZJoRLxc= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1.cer b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1.cer new file mode 100644 index 0000000000000000000000000000000000000000..3756ab2aeebab18b25d58645dc7124ffa8e2d0f8 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA1.cer @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 8d:a0:d2:8a:ee:0b:cf:64 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:03 2017 GMT + Not After : Mar 28 04:51:03 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e1:d7:67:16:b5:ae:07:d6:c6:3a:28:7c:9f:bf: + 14:89:93:52:48:50:07:b4:f0:91:66:1f:0b:ce:d0: + 46:fa:2d:19:8a:ae:ac:1b:5c:4c:86:b3:40:8f:1a: + 13:25:9e:6c:63:be:b7:d7:6c:a9:14:8e:87:58:f4: + 1c:b1:48:16:bb:cd:86:95:74:f0:c6:28:34:37:1e: + f3:f1:ca:36:74:9e:93:eb:1c:32:08:db:04:7e:d1: + 43:83:d1:fb:64:0d:b3:c7:59:01:41:b2:5d:0e:63: + fb:08:a5:1c:e2:85:84:61:f0:cc:02:ac:00:dd:cd: + ad:ef:1c:fa:cd:07:3d:ae:9a:e3:39:8e:73:76:d0: + 55:48:18:a8:46:30:66:e0:e5:e6:9c:90:19:a0:bd: + c6:96:4f:a0:56:07:ae:e2:61:15:95:47:02:f2:c1: + d4:84:fa:29:8e:21:2e:0f:ee:2b:e7:74:17:b5:0e: + 50:7e:cf:8a:01:99:b0:70:62:43:3e:e5:6c:91:df: + 24:f8:fa:cb:5d:07:2c:a7:9d:a2:fe:90:4c:6c:0b: + f4:d6:0f:0f:ac:13:d4:d0:52:8d:b3:a9:16:cd:23: + 58:fc:52:10:5a:41:9c:f5:a5:b5:f9:61:e1:8f:4e: + af:d9:d8:9f:04:1a:f3:f1:cf:a5:58:3e:69:03:c8: + c9:77 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:F1:3B:B7:FB:28:3F:52:09 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 24:74:94:0a:7d:81:62:16:ed:4e:0f:e2:19:06:bd:8b:7a:e4: + 35:63:4c:73:ec:3a:45:d7:2a:8c:80:e6:6b:d9:26:7d:78:9f: + 6b:36:f9:fd:94:f7:ac:86:3c:0e:95:66:80:f3:0b:93:0f:44: + 0a:05:76:d9:1d:c6:37:6f:ea:02:b9:29:e9:96:11:d1:e6:1e: + 70:95:31:77:22:ed:3c:96:ad:9f:74:8c:41:f5:44:47:a2:4e: + d4:58:86:92:31:36:94:90:05:9d:94:16:8c:f8:c8:18:7b:45: + dc:49:45:53:63:06:bb:c6:a9:33:72:fe:48:7b:0e:21:89:e2: + 6c:44:29:3c:10:65:c6:7d:8e:6c:cb:95:ea:a1:ae:3b:c1:12: + 98:ce:b9:c8:98:12:0d:ac:a7:bd:31:cc:aa:ac:51:b4:a7:33: + 5b:60:0d:d6:ed:e0:29:5a:29:f5:fc:e0:27:db:77:88:fd:59: + 0c:02:70:d8:f4:1d:89:88:13:94:55:5b:77:a3:a6:8e:18:9a: + b8:82:5b:64:27:8c:ef:10:6a:df:ed:fd:a4:b5:2b:44:0f:5f: + 89:08:15:48:df:b0:13:08:7c:08:cc:07:ea:b8:a6:17:ab:35: + 65:07:2c:b9:ec:9a:d0:1f:e7:b9:a7:36:9e:24:f7:73:10:e0: + 70:6c:78:6e +-----BEGIN CERTIFICATE----- +MIID2DCCAsCgAwIBAgIJAI2g0oruC89kMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTEwHhcNMTcwMzMw +MDQ1MTAzWhcNMjcwMzI4MDQ1MTAzWjBtMQswCQYDVQQGEwJVUzELMAkGA1UECAwC +Q0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEl +MCMGA1UEAwwcSU5URVJfQ0FfU0hBMjU2LVJPT1RfQ0FfU0hBMTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAOHXZxa1rgfWxjoofJ+/FImTUkhQB7TwkWYf +C87QRvotGYqurBtcTIazQI8aEyWebGO+t9dsqRSOh1j0HLFIFrvNhpV08MYoNDce +8/HKNnSek+scMgjbBH7RQ4PR+2QNs8dZAUGyXQ5j+wilHOKFhGHwzAKsAN3Nre8c ++s0HPa6a4zmOc3bQVUgYqEYwZuDl5pyQGaC9xpZPoFYHruJhFZVHAvLB1IT6KY4h +Lg/uK+d0F7UOUH7PigGZsHBiQz7lbJHfJPj6y10HLKedov6QTGwL9NYPD6wT1NBS +jbOpFs0jWPxSEFpBnPWltflh4Y9Or9nYnwQa8/HPpVg+aQPIyXcCAwEAAaOBijCB +hzB3BgNVHSMEcDBuoWGkXzBdMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTAL +BgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEVMBMGA1UE +AwwMUk9PVF9DQV9TSEExggkA8Tu3+yg/UgkwDAYDVR0TBAUwAwEB/zANBgkqhkiG +9w0BAQsFAAOCAQEAJHSUCn2BYhbtTg/iGQa9i3rkNWNMc+w6RdcqjIDma9kmfXif +azb5/ZT3rIY8DpVmgPMLkw9ECgV22R3GN2/qArkp6ZYR0eYecJUxdyLtPJatn3SM +QfVER6JO1FiGkjE2lJAFnZQWjPjIGHtF3ElFU2MGu8apM3L+SHsOIYnibEQpPBBl +xn2ObMuV6qGuO8ESmM65yJgSDaynvTHMqqxRtKczW2AN1u3gKVop9fzgJ9t3iP1Z +DAJw2PQdiYgTlFVbd6OmjhiauIJbZCeM7xBq3+39pLUrRA9fiQgVSN+wEwh8CMwH +6rimF6s1ZQcsueya0B/nuac2niT3cxDgcGx4bg== +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..e01b5aed2cd62b247c87c2fd18509118a8160705 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256-PRIV.key @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDbXbqJwTisc3wF +Z6MYWonNxMsWBfNfwFB/KLQfEfZ+phvReORvJZ5lVT/1gTVs5/QhREU0qW48OxyM +NXKgkcBZGLkRvVlDaOEcbTIDa4PYf7rnsTtU8DWYuyqqmeBnJ2ViKJ3ZGA750ctm +ZsDZlWdwE5iCqX3hA/pfHGu+CNiW2jWSulookdIPqdJeLiwgnntm5tZFxoZ9hD1h +J88iRqmqpS4joYXPxUNxfJ49Nx4iRfrx7HpyUVg3i5Q2q/AVuVSwbbPfNaQrG71V +EbK0K7EjtL8Gw8DCS8Gvr0ApIpabA644BueWA9skjns9lvfSuH76Y5e2nHGJiOz7 +LWMFV24LAgMBAAECggEAD546u7gQCucl+1SHniJEEWxjcSv3SeftU0BYoqWqwRWe +gWl0Ch3Jizlollger6RME1pC+x7dBFjJDYp4oMn/wdgqxQKQKmZ7MITtvKSY/H8L +lZdevAtmJXud7AuMmIuLglOV+XDnEA5Jxv6l2Ff0x1v9zb+3gJ/B4aeqXBtRIFxD +CfCcvcN1Bl+jj2fvS8iRrqofGa6DGXZVZvtIVjIvJnR1YBVMVYBNs6kcscM5Nblr +PJFDDsg+Ph7hq5gpwj7pyb4e54sn06pdfBLgGkHJ82tCNkc+f4Ee2M7MoS//m4IC +ajV+xht4REHuB7h5GM50TF5Gziianyc3g8//M7sC8QKBgQD7tvSzJK1N0w9NPK1e +Q5zfEWxU1c7dJ/hr81OpvEzUut1vZeKT1mydtA0YJftDTFTXe5fsPKNTIrL4BWUw +PLa3jWQNNDSLDNhdoqKrno+017pD7+p8G8x3AfyHxn6x2Shoz0jHTnGf+Q0vnvdT +ZTFpWU+3J8Wp4+1Nx2lwGGEJXwKBgQDfGcnk/fTSs/QQNgzkC1HaQ35b66eEBwK3 +yi8KNsNxDByvdYGxaK/tLRiZIsKMxAV+3jebfA4WSgDkenmzGLn4gYUr5gkkmEW5 +irETT+HDK8LeM2iIbCROactwu3ytJrgpaoDXxRbDsGCUf98hjz1JDCR94wjGH78H +K3Pmbm6e1QKBgEIuTVIYj5RJrNlC3dZN8p3Xx+LaQER3cOJ5HIMhJhY8d2IFqLf0 +BaTFJTg3LEP6esgZD82l988w7Vs2l+9B10yVWTv7gOEaZHzh+OEklGYY3jlkiANP +j8eudwX/02nRTcWY0mrMniVQZv4hTqfXkFFBkSr3wwmzCr6LcpZtYn4DAoGBAIEm +2bTBu1/aoxhbYd0GHI1g8x5dbm1E7bLdzZt5Fm00GMsOGFVOiEGiEJJeCAgbVh8a +n1BYYYNPtfKOYDNoxgfxWtmN4o8Xw41kl5vZa5VjmPyu//2xtNbb8dTCBKvsNUJs +kEfYpZQFX/O3jsFLvauy5tElhCfFqv2IjyC/nzQ9AoGBAJLCz62crl/AXqArSnAH +efX9ozrNMJMQDMDtw5xB/EqRMazmTlqkYr0H4iTS69QNAPr8czdmpY6uO6BRE9+/ +f/tWZXQj7eT8pd1Dp2Ed1vHsOfiAUha0cYUMrqshsqKNXrCxl7144iRGZY7OjFI1 +USqVVNaci2IrtW5+NGV62BYP diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256.cer b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256.cer new file mode 100644 index 0000000000000000000000000000000000000000..8c7e21cc629cabf7b40a846d4410889ddb598d26 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/INTER_CA_SHA256-ROOT_CA_SHA256.cer @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 84:a1:70:1d:0a:92:d3:cc + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:02 2017 GMT + Not After : Mar 28 04:51:02 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=INTER_CA_SHA256-ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:db:5d:ba:89:c1:38:ac:73:7c:05:67:a3:18:5a: + 89:cd:c4:cb:16:05:f3:5f:c0:50:7f:28:b4:1f:11: + f6:7e:a6:1b:d1:78:e4:6f:25:9e:65:55:3f:f5:81: + 35:6c:e7:f4:21:44:45:34:a9:6e:3c:3b:1c:8c:35: + 72:a0:91:c0:59:18:b9:11:bd:59:43:68:e1:1c:6d: + 32:03:6b:83:d8:7f:ba:e7:b1:3b:54:f0:35:98:bb: + 2a:aa:99:e0:67:27:65:62:28:9d:d9:18:0e:f9:d1: + cb:66:66:c0:d9:95:67:70:13:98:82:a9:7d:e1:03: + fa:5f:1c:6b:be:08:d8:96:da:35:92:ba:5a:28:91: + d2:0f:a9:d2:5e:2e:2c:20:9e:7b:66:e6:d6:45:c6: + 86:7d:84:3d:61:27:cf:22:46:a9:aa:a5:2e:23:a1: + 85:cf:c5:43:71:7c:9e:3d:37:1e:22:45:fa:f1:ec: + 7a:72:51:58:37:8b:94:36:ab:f0:15:b9:54:b0:6d: + b3:df:35:a4:2b:1b:bd:55:11:b2:b4:2b:b1:23:b4: + bf:06:c3:c0:c2:4b:c1:af:af:40:29:22:96:9b:03: + ae:38:06:e7:96:03:db:24:8e:7b:3d:96:f7:d2:b8: + 7e:fa:63:97:b6:9c:71:89:88:ec:fb:2d:63:05:57: + 6e:0b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:A3:52:9D:82:6F:DD:C6:1D + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 3f:f2:91:96:59:da:c1:8a:8c:4d:eb:25:1f:74:87:6f:fc:2e: + 92:7e:44:ff:a7:0b:78:aa:6d:2b:fe:b8:0a:b9:e9:bc:19:87: + 44:15:e1:3a:e4:54:e6:4b:54:3c:75:d9:f8:c9:07:83:74:f4: + 4c:ab:e4:6b:19:64:b6:4b:69:44:6e:74:f6:66:cf:16:43:8f: + 9c:cb:20:e4:7a:5e:78:13:00:6f:28:78:8d:c5:05:46:a9:92: + 0f:d0:38:c3:8b:0e:39:d4:87:e9:ee:35:07:78:dd:1a:1a:8c: + 3a:36:56:4e:3b:96:7a:d1:2c:29:95:06:29:ac:b2:f7:5c:fc: + 09:1c:72:24:e2:9e:72:bf:60:3a:7a:9b:59:35:48:6a:d2:3e: + 76:7f:ad:41:45:a5:6f:93:96:10:c4:4c:cf:3f:f1:1d:00:5f: + d1:60:f1:88:86:d8:ef:ff:72:63:8f:4c:df:9e:35:cb:17:2c: + 16:7b:d4:6c:0e:67:b6:ee:bc:68:07:b0:99:df:c5:f3:88:28: + a1:46:bb:6d:f5:2c:45:6b:e9:90:c0:78:35:20:73:14:5a:d0: + a5:56:cb:04:f4:43:a7:cf:28:f5:a3:5b:ac:f2:a3:4c:f6:39: + 3c:ef:f4:b1:42:20:8e:2a:14:0d:a1:b4:38:b2:f2:6c:14:33: + 05:04:bb:a7 +-----BEGIN CERTIFICATE----- +MIID3jCCAsagAwIBAgIJAIShcB0KktPMMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjAeFw0xNzAz +MzAwNDUxMDJaFw0yNzAzMjgwNDUxMDJaMG8xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZh +MScwJQYDVQQDDB5JTlRFUl9DQV9TSEEyNTYtUk9PVF9DQV9TSEEyNTYwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbXbqJwTisc3wFZ6MYWonNxMsWBfNf +wFB/KLQfEfZ+phvReORvJZ5lVT/1gTVs5/QhREU0qW48OxyMNXKgkcBZGLkRvVlD +aOEcbTIDa4PYf7rnsTtU8DWYuyqqmeBnJ2ViKJ3ZGA750ctmZsDZlWdwE5iCqX3h +A/pfHGu+CNiW2jWSulookdIPqdJeLiwgnntm5tZFxoZ9hD1hJ88iRqmqpS4joYXP +xUNxfJ49Nx4iRfrx7HpyUVg3i5Q2q/AVuVSwbbPfNaQrG71VEbK0K7EjtL8Gw8DC +S8Gvr0ApIpabA644BueWA9skjns9lvfSuH76Y5e2nHGJiOz7LWMFV24LAgMBAAGj +gYwwgYkweQYDVR0jBHIwcKFjpGEwXzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNB +MQ0wCwYDVQQHDARDaXR5MQwwCgYDVQQKDANPcmcxDTALBgNVBAsMBEphdmExFzAV +BgNVBAMMDlJPT1RfQ0FfU0hBMjU2ggkAo1Kdgm/dxh0wDAYDVR0TBAUwAwEB/zAN +BgkqhkiG9w0BAQsFAAOCAQEAP/KRllnawYqMTeslH3SHb/wukn5E/6cLeKptK/64 +CrnpvBmHRBXhOuRU5ktUPHXZ+MkHg3T0TKvkaxlktktpRG509mbPFkOPnMsg5Hpe +eBMAbyh4jcUFRqmSD9A4w4sOOdSH6e41B3jdGhqMOjZWTjuWetEsKZUGKayy91z8 +CRxyJOKecr9gOnqbWTVIatI+dn+tQUWlb5OWEMRMzz/xHQBf0WDxiIbY7/9yY49M +3541yxcsFnvUbA5ntu68aAewmd/F84gooUa7bfUsRWvpkMB4NSBzFFrQpVbLBPRD +p88o9aNbrPKjTPY5PO/0sUIgjioUDaG0OLLybBQzBQS7pw== +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..c56e9f1bdaeaf05ef7b8728e8a5c5763e1260988 --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1-PRIV.key @@ -0,0 +1,26 @@ +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDhROyqYZ5UdQJ0 +xJdG4B+aXPHbIKV0w5AvJ7r4SuvIJ/4pEmV6fIU3+4CvN2sXKzW+0DppOBz99Oe6 +19jfMAx5t0pKHkwh5J0bduLf1k83lm8CvoX1a9lYY6ER4Y8wWtTcHG016onl8Lxq +QVqlqbk9zsbNipvWxipIQOgzq7DmTXQ2Hrx0tg4DROlgwuarPBWcZjq6dG09nI0E +zSY/Wis619L/6sdCxGFhvnJ0YbULvIqdR2J638KEO+rx1RXD66Jqc0KhnGZLf7NT +YfTlY0zIMHE8oMkJPdH9tPKbyXMXhiG/u5x81RcJxT4gLi5fq2yrvMsaUC13bnJJ +npFNy6XTAgMBAAECggEAPS4h9Jg0jw2EUEBAMaCXFK5fhTrVlOO0Ggp5TgvTA3ZR +Ich8RQrih3TH2056yD0VCLC23HK/9Pz5npYWsW70RG5SP9UAqkfTn2znaxFiTF+P +4Lfr296hlc7hJOEUqXZRz0HtKzJ6pzd9hIIhY1K4G6A4AATAFFGXlC4Eolvj3Hf0 +NgVFDYaFDEpEiin+fAsM5c1ZE0pxRZSVE5Emr9XvkvxLm5dK9lKOyyOQ+5RHhxQ6 +J4n+6Ct0O+FkeP9u3jTMtew9gxTwvHSgkf05hSRoqgMKcusKpqhHp6E4mT7sus7q +AYzdv5sNIcx7PpojuHjploMH7ghhYxCmVOOFxXJ4CQKBgQD2naA8zZnh5BfbVC8p +C9A6HfwnZ7cCjGtL30y8fh8OAMHbdGE4JXlhifPgW7PDxZ0Yho4rYd9MxLVcGl+p +YPOKKcaKbzwdUJwZ4Zs1dJC+LTRqku6O3qlEofeojHN5IctLoLqDsiZBD7aT4l+O +wmAWqwLZZQtiFpA/jbCb/Qw7tQKBgQDp11rFSHLKuVdMuSnUon3WN6lj9WNM3KFy +C8R4EN/DTnuHrVL0MCff9eddBYvpQe0z/LA74oAD9fSjmtYe/24qIm2lAWVkwxBm +yyspUmOybU8Q3GN8xw1Vrwg8JR5JVAOwKHwCGmybT7Zs+9eJRONnnZ6nUbTQ94cP +sJVkyGUgZwKBgQCd/0CAk+xpl1tdbiLEtkfSZBF/IWhTXqkDM+2SuW6l5wBL29TJ +RuDsB5jR/Y4+96T86H++9XY9Va0nc9IjzvRYaQlE+ZzW3yUTQ8HPTn3JCWcSfE4Q +BEEHsojbWBhG28rGChRUeVceybVcK2SzLn6nJyqtIppXXkNOJDWoykcDHQKBgHzY +27+k1JTjq3ZtDaZXMvQiN7AEnYW17gRjv/uSlsVBq7ZelYGGDGQIeAQ0J+Tbq/cr +nDP80/hJYtnOmy9llL2uL/f+7NGFS8Z2Bo9DS7NBpQsNf5ho9fefQbhK4Qapcmak +1sCQtxec0XsSYpsJSphRkRkoCG/hGB0KXFi4nTVVAoGAJrrh1rG1UMXmFUpraXIy +Mc58lEYB87EkMOthyK8XklxLoYKPZlVS7AZZDtQMpRC6YnweiX6LmO4AamtlT71x +BzQgmwHn4wOaysDPHFuf5hNCobXJREoiNzHb4AcqiZ7SNAW5Jd+0/PSY47hrDnRy +wNFyg3O0k3kaXz5h3lVhxo4= diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1.cer b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1.cer new file mode 100644 index 0000000000000000000000000000000000000000..490d03b0a7841e831f670c9f6b16c6c24d315caf --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA1.cer @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + f1:3b:b7:fb:28:3f:52:09 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Validity + Not Before: Mar 30 04:51:01 2017 GMT + Not After : Mar 28 04:51:01 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e1:44:ec:aa:61:9e:54:75:02:74:c4:97:46:e0: + 1f:9a:5c:f1:db:20:a5:74:c3:90:2f:27:ba:f8:4a: + eb:c8:27:fe:29:12:65:7a:7c:85:37:fb:80:af:37: + 6b:17:2b:35:be:d0:3a:69:38:1c:fd:f4:e7:ba:d7: + d8:df:30:0c:79:b7:4a:4a:1e:4c:21:e4:9d:1b:76: + e2:df:d6:4f:37:96:6f:02:be:85:f5:6b:d9:58:63: + a1:11:e1:8f:30:5a:d4:dc:1c:6d:35:ea:89:e5:f0: + bc:6a:41:5a:a5:a9:b9:3d:ce:c6:cd:8a:9b:d6:c6: + 2a:48:40:e8:33:ab:b0:e6:4d:74:36:1e:bc:74:b6: + 0e:03:44:e9:60:c2:e6:ab:3c:15:9c:66:3a:ba:74: + 6d:3d:9c:8d:04:cd:26:3f:5a:2b:3a:d7:d2:ff:ea: + c7:42:c4:61:61:be:72:74:61:b5:0b:bc:8a:9d:47: + 62:7a:df:c2:84:3b:ea:f1:d5:15:c3:eb:a2:6a:73: + 42:a1:9c:66:4b:7f:b3:53:61:f4:e5:63:4c:c8:30: + 71:3c:a0:c9:09:3d:d1:fd:b4:f2:9b:c9:73:17:86: + 21:bf:bb:9c:7c:d5:17:09:c5:3e:20:2e:2e:5f:ab: + 6c:ab:bc:cb:1a:50:2d:77:6e:72:49:9e:91:4d:cb: + a5:d3 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA1 + serial:F1:3B:B7:FB:28:3F:52:09 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 0b:be:7b:c7:53:14:87:37:02:66:37:f5:6f:38:3c:75:b3:72: + f6:f8:9c:77:4d:9a:e4:5c:23:3a:4a:5f:aa:6e:90:23:e9:b8: + 48:fd:6d:e1:88:b5:a2:a5:0a:30:c0:7d:33:a8:6f:79:42:52: + 80:f8:87:4b:2a:15:0a:ff:14:88:97:21:12:89:1c:d3:33:bf: + fa:4f:5e:68:9a:c6:69:2f:aa:1d:31:aa:80:f5:b0:d3:72:c9: + fa:ce:3b:5f:15:a6:61:e0:f1:d1:ab:e7:40:48:c1:d4:30:bd: + 0a:13:37:0d:ea:ac:38:b2:af:1b:78:3a:29:53:ee:90:71:3b: + 2b:a4:8b:16:e9:da:94:59:44:3d:7f:34:fb:0a:d1:6b:db:3d: + 66:01:a6:0f:98:b5:cc:57:39:b9:09:f2:01:cc:e5:89:86:7d: + f2:9a:b2:ad:08:3d:da:05:f9:24:1e:30:98:cc:92:a9:4c:4a: + cf:a3:53:6e:7f:5e:db:aa:43:9c:ac:b1:b5:80:ab:7e:a3:89: + 71:37:c2:4a:c1:16:9d:26:d5:70:89:8a:8e:a8:cb:40:3b:b8: + f0:d2:31:54:c2:1f:fc:24:5e:29:c1:5e:86:48:1e:83:4e:44: + 30:ff:8d:46:47:b6:0e:9c:77:bf:ba:08:8b:bd:eb:b7:ca:45: + 0a:e3:0c:ec +-----BEGIN CERTIFICATE----- +MIIDyDCCArCgAwIBAgIJAPE7t/soP1IJMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTEwHhcNMTcwMzMw +MDQ1MTAxWhcNMjcwMzI4MDQ1MTAxWjBdMQswCQYDVQQGEwJVUzELMAkGA1UECAwC +Q0ExDTALBgNVBAcMBENpdHkxDDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEV +MBMGA1UEAwwMUk9PVF9DQV9TSEExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEA4UTsqmGeVHUCdMSXRuAfmlzx2yCldMOQLye6+ErryCf+KRJlenyFN/uA +rzdrFys1vtA6aTgc/fTnutfY3zAMebdKSh5MIeSdG3bi39ZPN5ZvAr6F9WvZWGOh +EeGPMFrU3BxtNeqJ5fC8akFapam5Pc7GzYqb1sYqSEDoM6uw5k10Nh68dLYOA0Tp +YMLmqzwVnGY6unRtPZyNBM0mP1orOtfS/+rHQsRhYb5ydGG1C7yKnUdiet/ChDvq +8dUVw+uianNCoZxmS3+zU2H05WNMyDBxPKDJCT3R/bTym8lzF4Yhv7ucfNUXCcU+ +IC4uX6tsq7zLGlAtd25ySZ6RTcul0wIDAQABo4GKMIGHMHcGA1UdIwRwMG6hYaRf +MF0xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoG +A1UECgwDT3JnMQ0wCwYDVQQLDARKYXZhMRUwEwYDVQQDDAxST09UX0NBX1NIQTGC +CQDxO7f7KD9SCTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQALvnvH +UxSHNwJmN/VvODx1s3L2+Jx3TZrkXCM6Sl+qbpAj6bhI/W3hiLWipQowwH0zqG95 +QlKA+IdLKhUK/xSIlyESiRzTM7/6T15omsZpL6odMaqA9bDTcsn6zjtfFaZh4PHR +q+dASMHUML0KEzcN6qw4sq8beDopU+6QcTsrpIsW6dqUWUQ9fzT7CtFr2z1mAaYP +mLXMVzm5CfIBzOWJhn3ymrKtCD3aBfkkHjCYzJKpTErPo1Nuf17bqkOcrLG1gKt+ +o4lxN8JKwRadJtVwiYqOqMtAO7jw0jFUwh/8JF4pwV6GSB6DTkQw/41GR7YOnHe/ +ugiLveu3ykUK4wzs +-----END CERTIFICATE----- diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256-PRIV.key b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256-PRIV.key new file mode 100644 index 0000000000000000000000000000000000000000..4c53e23e8ab1c9ab31727d794946674a88b47dfc --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256-PRIV.key @@ -0,0 +1,26 @@ +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC2DzrIXts3huIs +dtX+ZbY6RR5/S4yXUs3jJXc4mbITLn7PO1QVBT528NZVOu6jUxXsPTpTg1jgresh +6Pcv1LNj7bP30uPXhmyawgQVUgLTGyU0+JWLJrpU7cEOTK4f/j58A+UHL255fM7T +B3EvIj2Ad1MAYwIvVZnAXPSFt72YGz15doYiewp8dTXcX4TsFisCbypFikWxpXIF +qjVqbAUx8fYgQxfPWFw4HbVvo3Nu1LqypswAfsmHd2v5nMv8wkAcPG5dIYHACN9r +kPLMoUNUcBLn6QdIUrhk7dldRlR0TWT+VtRLKVWlGkMk9rRK+RnskNSuPg8fjb/Y +gM0m5p0JAgMBAAECggEAPVk8cbClJjzpkhopWiRkF5abBEItCgD5KAXD+uqvuw77 +5FEVsE+oEORvFSFasOaaiJTJRsMH/A4fIbojMZb3LEE5V9VUuZeumSevwI92LDUF +gKgTnGRcfanwWCU2t8kwvRGC57zv+Tg5aZskZMGg/901tvemENVDjjLEoxqbZNmX +WZnhB8XiPxl9K32K0l+qNW3HvKJ8lkaW0L6/4HWWU4rYwbc9TZpzHDOXhAICQB76 +fCw4hcy1K6KjfGjfE/6afqMa76KSxxeCvUYorZlm2gk1WcEafkg9Jwzz2SWtsa8W +L+YzbTd1GE8Z9bDA88Dw3vgdC1Pt0ywX/fJ/GCDHUQKBgQDjNaW/enKYXGTsM5C1 +I94OgSmgnjnjPZIBY0u89iCAf07ueqrNaLJgOEkGpCrLEa4tC2qc57ge1DO2rxTa +6RowUzqG3Oqdsq21QaQZAmjjDC5mXlYPRpWvWVjBRaIDKw9zAUg9qEy24e/pRjdP +cugR30d1OaxExdgoAt8iOqZ67wKBgQDNIPqF/+npd1UAqgdC9lOxnPQly1zjz/zY +jbeJeww9Ut9aCXj0+we4gKhD37d178y1H2QBod+IPpqQ/uZmbNmN5JP+MIk2kZKB +4jquQLa5jEc+y57h8UrWJBY+Ls7xiu/cw3aCAk0JaZRSrH/KzWE91x3s7o2yV43d +dMkRmTTHhwKBgQCHaq4C1WP/UvIDpSgWDe6HDoxU4nj16vheQ2Qcl0T/0OCmWg36 +pu/JUUKU5rtqlHsO9cLxCVo/ZZH8y5TOdCfbrX8wafKbUqcdZKX9EeaZi+ULtiXs +rNEB1WqEpo/M+5kVnioENY6jYT2v9t14SK/wFvdr8pet1YzjK/L5X6NhmQKBgFK4 +0u7I9k61Ve0vpEAH0FaXIgo/yZUBYkj+VZ62pYfxbKsFmObKeSGZmMHObVC9RMNi +BlV2LwvlmzWP5eA2U0GahWgDsMH10KxaTCnLZSTMgkq7mLYrNW/IG8Q14jScQAC6 +PodNYD3EexEgCWUCkA19O885oKDkGAzPtOpI63TvAoGBAJvbKiJSFJNd3CIQlrOM +wNw+Sww+c2Qw4PZZvIJNzjWumjesfUsuAyySrO2nXPzzSOrh7dRW98suaFi1Mih6 +ZwBpIll5VQsd2dwEa6vp6RFGWFNKPvDILEVgcCEOmckKRWDo+fb5bx2VHj1v4kfG +MHDqy8Y2ercsU0Z5mEN8bUD7 diff --git a/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256.cer b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256.cer new file mode 100644 index 0000000000000000000000000000000000000000..09d0dbd7f5c872cc0b9ce34f05946a236c1720bc --- /dev/null +++ b/test/sun/security/ssl/CertPathRestrictions/certs/ROOT_CA_SHA256.cer @@ -0,0 +1,80 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + a3:52:9d:82:6f:dd:c6:1d + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Validity + Not Before: Mar 30 04:51:01 2017 GMT + Not After : Mar 28 04:51:01 2027 GMT + Subject: C=US, ST=CA, L=City, O=Org, OU=Java, CN=ROOT_CA_SHA256 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:b6:0f:3a:c8:5e:db:37:86:e2:2c:76:d5:fe:65: + b6:3a:45:1e:7f:4b:8c:97:52:cd:e3:25:77:38:99: + b2:13:2e:7e:cf:3b:54:15:05:3e:76:f0:d6:55:3a: + ee:a3:53:15:ec:3d:3a:53:83:58:e0:ad:eb:21:e8: + f7:2f:d4:b3:63:ed:b3:f7:d2:e3:d7:86:6c:9a:c2: + 04:15:52:02:d3:1b:25:34:f8:95:8b:26:ba:54:ed: + c1:0e:4c:ae:1f:fe:3e:7c:03:e5:07:2f:6e:79:7c: + ce:d3:07:71:2f:22:3d:80:77:53:00:63:02:2f:55: + 99:c0:5c:f4:85:b7:bd:98:1b:3d:79:76:86:22:7b: + 0a:7c:75:35:dc:5f:84:ec:16:2b:02:6f:2a:45:8a: + 45:b1:a5:72:05:aa:35:6a:6c:05:31:f1:f6:20:43: + 17:cf:58:5c:38:1d:b5:6f:a3:73:6e:d4:ba:b2:a6: + cc:00:7e:c9:87:77:6b:f9:9c:cb:fc:c2:40:1c:3c: + 6e:5d:21:81:c0:08:df:6b:90:f2:cc:a1:43:54:70: + 12:e7:e9:07:48:52:b8:64:ed:d9:5d:46:54:74:4d: + 64:fe:56:d4:4b:29:55:a5:1a:43:24:f6:b4:4a:f9: + 19:ec:90:d4:ae:3e:0f:1f:8d:bf:d8:80:cd:26:e6: + 9d:09 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Authority Key Identifier: + DirName:/C=US/ST=CA/L=City/O=Org/OU=Java/CN=ROOT_CA_SHA256 + serial:A3:52:9D:82:6F:DD:C6:1D + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 6f:2f:a4:56:d5:58:6d:20:74:6b:66:b7:41:eb:c2:8c:56:2e: + 1b:51:79:b0:07:a6:63:28:8b:20:40:b9:72:4b:f5:e0:6b:18: + 39:5b:b4:ae:50:58:25:81:86:e3:19:ec:b1:dd:fb:5c:f5:d4: + a8:7d:a0:50:46:ac:1e:80:dc:cc:aa:0c:61:f8:a3:41:af:03: + 35:a4:02:4f:23:c7:5c:36:26:90:fe:51:07:58:0f:e7:14:26: + 34:c2:a7:bd:f2:34:33:cf:67:e4:2d:82:b6:e8:94:85:d6:8b: + 01:6f:ba:3d:78:f6:db:3d:dc:ba:6e:6d:83:fa:ea:d0:60:ab: + 1b:ad:9b:e2:ba:e3:e3:9f:26:5b:9a:c7:fb:9f:c1:7d:cc:0b: + cf:23:e0:ac:e1:e4:09:08:84:98:d4:6e:16:34:a5:5e:74:d5: + a8:61:e1:65:f7:9a:51:9f:f0:9f:86:65:ce:4f:b8:b6:64:7d: + 86:62:21:ec:71:50:70:ca:6b:2e:74:12:51:b1:68:b0:4a:66: + 19:60:e9:f8:b0:bf:6e:d8:ad:75:29:c3:31:13:73:01:3d:d5: + d4:5b:c2:60:bb:c4:c8:e6:29:cf:a3:49:65:8d:c2:1d:7d:c9: + 75:33:9b:97:73:38:99:5c:7d:b3:9f:b0:be:0d:f4:6a:c6:19: + 8d:98:a1:ca +-----BEGIN CERTIFICATE----- +MIIDzjCCAragAwIBAgIJAKNSnYJv3cYdMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV +BAYTAlVTMQswCQYDVQQIDAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3Jn +MQ0wCwYDVQQLDARKYXZhMRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjAeFw0xNzAz +MzAwNDUxMDFaFw0yNzAzMjgwNDUxMDFaMF8xCzAJBgNVBAYTAlVTMQswCQYDVQQI +DAJDQTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMQ0wCwYDVQQLDARKYXZh +MRcwFQYDVQQDDA5ST09UX0NBX1NIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBALYPOshe2zeG4ix21f5ltjpFHn9LjJdSzeMldziZshMufs87VBUF +Pnbw1lU67qNTFew9OlODWOCt6yHo9y/Us2Pts/fS49eGbJrCBBVSAtMbJTT4lYsm +ulTtwQ5Mrh/+PnwD5Qcvbnl8ztMHcS8iPYB3UwBjAi9VmcBc9IW3vZgbPXl2hiJ7 +Cnx1NdxfhOwWKwJvKkWKRbGlcgWqNWpsBTHx9iBDF89YXDgdtW+jc27UurKmzAB+ +yYd3a/mcy/zCQBw8bl0hgcAI32uQ8syhQ1RwEufpB0hSuGTt2V1GVHRNZP5W1Esp +VaUaQyT2tEr5GeyQ1K4+Dx+Nv9iAzSbmnQkCAwEAAaOBjDCBiTB5BgNVHSMEcjBw +oWOkYTBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExDTALBgNVBAcMBENpdHkx +DDAKBgNVBAoMA09yZzENMAsGA1UECwwESmF2YTEXMBUGA1UEAwwOUk9PVF9DQV9T +SEEyNTaCCQCjUp2Cb93GHTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IB +AQBvL6RW1VhtIHRrZrdB68KMVi4bUXmwB6ZjKIsgQLlyS/Xgaxg5W7SuUFglgYbj +Geyx3ftc9dSofaBQRqwegNzMqgxh+KNBrwM1pAJPI8dcNiaQ/lEHWA/nFCY0wqe9 +8jQzz2fkLYK26JSF1osBb7o9ePbbPdy6bm2D+urQYKsbrZviuuPjnyZbmsf7n8F9 +zAvPI+Cs4eQJCISY1G4WNKVedNWoYeFl95pRn/CfhmXOT7i2ZH2GYiHscVBwymsu +dBJRsWiwSmYZYOn4sL9u2K11KcMxE3MBPdXUW8Jgu8TI5inPo0lljcIdfcl1M5uX +cziZXH2zn7C+DfRqxhmNmKHK +-----END CERTIFICATE-----