diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c index 9b8f9543e38..4cafd0e58c2 100644 --- a/dlls/crypt32/tests/chain.c +++ b/dlls/crypt32/tests/chain.c @@ -458,37 +458,1118 @@ static const BYTE verisignCA[] = { 0xe6,0x62,0x9f,0xe6,0x9f,0xc0,0x7d,0xb7,0x72,0x9c,0xc9,0x36,0x3a,0x6b,0x9f, 0x4e,0xa8,0xff,0x64,0x0d,0x64 }; -static BYTE iTunesIssuer[] = { -0x30,0x81,0xb4,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06, -0x13,0x02,0x55,0x53,0x31,0x17,0x30,0x15,0x06,0x03,0x55,0x04, -0x0a,0x13,0x0e,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x2c, -0x20,0x49,0x6e,0x63,0x2e,0x31,0x1f,0x30,0x1d,0x06,0x03,0x55, -0x04,0x0b,0x13,0x16,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e, -0x20,0x54,0x72,0x75,0x73,0x74,0x20,0x4e,0x65,0x74,0x77,0x6f, -0x72,0x6b,0x31,0x3b,0x30,0x39,0x06,0x03,0x55,0x04,0x0b,0x13, -0x32,0x54,0x65,0x72,0x6d,0x73,0x20,0x6f,0x66,0x20,0x75,0x73, -0x65,0x20,0x61,0x74,0x20,0x68,0x74,0x74,0x70,0x73,0x3a,0x2f, -0x2f,0x77,0x77,0x77,0x2e,0x76,0x65,0x72,0x69,0x73,0x69,0x67, -0x6e,0x2e,0x63,0x6f,0x6d,0x2f,0x72,0x70,0x61,0x20,0x28,0x63, -0x29,0x30,0x34,0x31,0x2e,0x30,0x2c,0x06,0x03,0x55,0x04,0x03, -0x13,0x25,0x56,0x65,0x72,0x69,0x53,0x69,0x67,0x6e,0x20,0x43, -0x6c,0x61,0x73,0x73,0x20,0x33,0x20,0x43,0x6f,0x64,0x65,0x20, -0x53,0x69,0x67,0x6e,0x69,0x6e,0x67,0x20,0x32,0x30,0x30,0x34, -0x20,0x43,0x41 }; -static BYTE iTunesSerialNum[] = { -0x8d,0xf6,0x6a,0xdf,0xd2,0x40,0xfe,0xb6,0xa6,0x61,0x9b,0x9b, -0xe0,0xa0,0x1a,0x0f }; +/* chain0_0 -> chain0_1: + * A simple, valid chain + */ +static const BYTE chain0_0[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0xa0,0x9a,0x52,0x5b,0xea,0x24,0xa2,0xb8,0x42,0x63,0x07,0xc3,0xda,0x16,0x08, +0x85,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x98,0x32,0xf8,0xd2,0x7a,0x34,0x64,0x9d,0x40,0xd3,0x85,0x62,0x58, +0x13,0xba,0x2f,0xac,0x2f,0xbd,0x4c,0xe3,0xba,0x05,0xa5,0xbf,0x33,0x4b,0x4a, +0x38,0xd6,0xc9,0x9e,0xa7,0x69,0x95,0xc2,0x67,0x22,0xb6,0xec,0x1f,0x92,0xbc, +0xd3,0xd1,0x59,0x12,0xff,0x83,0xba,0xa1,0x17,0xec,0x52,0x8c,0x21,0x7d,0xf8, +0x68,0x63,0x46,0xbe,0x48,0xd7,0xeb,0x8d,0xbf,0x5e,0x87,0x5f,0xc7,0x56,0x2d, +0xf7,0xf8,0x41,0x8a,0xd1,0xb4,0xe8,0x18,0x71,0xf9,0xf1,0x89,0x7c,0xfc,0x67, +0x9b,0x83,0x5d,0x54,0xb5,0xfd,0x5d,0x94,0x41,0xcd,0x31,0x7d,0x5d,0x02,0x38, +0xff,0x75,0x7d,0xb9,0x86,0x70,0xe4,0x6d,0x96,0x97,0x30,0xeb,0x88,0x45,0xb5, +0x2b,0x7c,0x29,0x84,0x6c,0xe9,0xa3,0xb6,0x11,0x78 }; +static const BYTE chain0_1[] = { +0x30,0x82,0x01,0x98,0x30,0x82,0x01,0x01,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, +0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, +0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, +0x65,0x72,0x74,0x31,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x31,0x31,0x32, +0x32,0x31,0x38,0x35,0x32,0x30,0x37,0x5a,0x18,0x0f,0x31,0x36,0x32,0x38,0x30, +0x38,0x32,0x36,0x30,0x35,0x32,0x30,0x35,0x37,0x5a,0x30,0x10,0x31,0x0e,0x30, +0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81, +0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, +0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda, +0xc5,0x4b,0x3f,0xe5,0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33, +0xba,0xff,0xb4,0xc6,0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c, +0xce,0x30,0xc5,0xa7,0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60, +0x16,0xde,0xc6,0x8b,0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32, +0x3b,0xb9,0xcf,0x6b,0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f, +0xb7,0x82,0x40,0xfc,0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44, +0xcb,0x53,0xac,0x85,0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc, +0x8b,0xa2,0x23,0xb2,0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38, +0xcf,0x49,0x98,0x72,0xa3,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, +0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x3c, +0x90,0x45,0x5b,0x81,0x25,0x9d,0x7a,0x10,0x9f,0x15,0x25,0x03,0x52,0x78,0x09, +0x6f,0x62,0x66,0x78,0x01,0x69,0x6a,0x7f,0x19,0x02,0x18,0xd8,0xc0,0x89,0x2f, +0x0f,0x47,0xa7,0x17,0xc2,0xd7,0xe2,0x81,0x7e,0xea,0x54,0xd4,0xe6,0xcc,0x8f, +0x88,0x1a,0xee,0x28,0x42,0x6c,0x77,0xf5,0xec,0x8c,0x05,0xa5,0x7f,0xee,0x2e, +0x0b,0xbc,0xde,0xb0,0x71,0x2c,0x83,0x32,0xcb,0x49,0x00,0x46,0x03,0x95,0x58, +0x6c,0x57,0x0c,0x5a,0x69,0x3c,0xfa,0xbf,0x46,0x7a,0x4d,0xd0,0x23,0x77,0x23, +0xac,0x1d,0x33,0xb7,0x87,0xb4,0xc6,0x6b,0x52,0xa1,0xed,0x9a,0xb8,0x8e,0x1a, +0xcb,0xc3,0xd3,0x50,0xe0,0x0d,0x12,0x5d,0x0e,0x84,0x52,0xa5,0x12,0x76,0x6b, +0xbf,0xb8,0xbe,0x51,0xc0,0xa6,0xae }; +/* chain0_0 -> chain1_1: + * A chain whose signature is bad + */ +static const BYTE chain1_1[] = { +0x30,0x82,0x01,0x98,0x30,0x82,0x01,0x01,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, +0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, +0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, +0x65,0x72,0x74,0x31,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x31,0x31,0x32, +0x32,0x31,0x38,0x35,0x32,0x30,0x37,0x5a,0x18,0x0f,0x31,0x36,0x32,0x38,0x30, +0x38,0x32,0x36,0x30,0x35,0x32,0x30,0x35,0x37,0x5a,0x30,0x10,0x31,0x0e,0x30, +0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81, +0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, +0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xad,0x7e,0xca, +0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82,0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d, +0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34,0x9e,0x07,0x78,0x08,0x11,0x12,0x2d, +0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7,0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25, +0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91,0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12, +0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5,0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76, +0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd,0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe, +0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c,0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37, +0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35,0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1, +0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, +0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xad, +0x16,0xaa,0x77,0xab,0xd5,0x1a,0x6c,0x90,0x5d,0x4e,0x61,0x49,0x89,0x6e,0x9f, +0x03,0x7b,0x4a,0x49,0xb1,0x46,0x75,0xf3,0x69,0xeb,0x96,0x13,0x3c,0x35,0xb5, +0x37,0x3b,0xc2,0x84,0x5c,0xe5,0x7c,0x46,0xf6,0x6b,0xc7,0x4e,0x72,0x91,0xf4, +0xde,0xc5,0x66,0x0f,0x2d,0x39,0xc6,0x9e,0x8e,0x25,0x4d,0x3f,0x7b,0x45,0xe1, +0xc6,0x1a,0x7e,0x28,0x83,0xf8,0x87,0x30,0x4e,0xa5,0xfd,0x32,0x7a,0xed,0x53, +0x10,0x3b,0x14,0xe5,0xf1,0x32,0x77,0xf1,0x29,0x72,0x98,0x2b,0xa3,0x17,0xd6, +0x8c,0x65,0xaa,0x3b,0x6d,0xab,0xb3,0xbe,0xfa,0x72,0x38,0xf7,0xd0,0xb6,0x0f, +0x5c,0x0d,0xec,0x17,0x43,0x2a,0xfd,0xc1,0x01,0x43,0x98,0xd3,0x1b,0x84,0x3e, +0x32,0xcf,0xda,0x1d,0xc2,0xc9,0x61 }; +/* chain2_0 -> chain0_1: + * A chain whose time nesting is invalid. + */ +static const BYTE chain2_0[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0x23,0x82,0x3b,0x9e,0x51,0x6e,0xc9,0x8c,0x4f,0x22,0x48,0x21,0x20,0xb4,0xa3, +0xac,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x36,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x36,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x18,0x5c,0xb9,0x2f,0x27,0xa5,0x4b,0x2c,0xda,0x04,0x78,0x46,0x5e, +0x36,0xe7,0xc9,0xbb,0x42,0xf6,0x85,0x56,0x45,0xca,0x51,0xb2,0xcf,0x2b,0xbd, +0xed,0x77,0xcf,0x12,0xf5,0x29,0xc2,0x42,0x32,0xf4,0xad,0x25,0xc1,0x17,0xef, +0x93,0xbf,0xa5,0x61,0xb8,0xc7,0x4b,0xae,0xa8,0x1c,0x08,0xda,0x98,0xe0,0x5c, +0x55,0x08,0x74,0xf7,0xf4,0xdc,0x38,0x2b,0xa9,0x2b,0x1e,0x12,0x7b,0xc1,0x61, +0xe5,0x8d,0xf3,0xdc,0x21,0xe2,0xd2,0x56,0x4f,0xb4,0x8d,0x8c,0x36,0x69,0xf8, +0x82,0x83,0x28,0x6d,0x0d,0x81,0x73,0xec,0x41,0x5c,0x90,0x7a,0xc5,0x27,0x36, +0x9d,0xaa,0xf5,0xe0,0x8b,0xf0,0xfa,0x7d,0x41,0x8f,0x6a,0x36,0xa8,0x61,0x75, +0xc0,0xf2,0x06,0xe8,0x83,0xdb,0xbe,0xc4,0x5b,0x72 }; +/* chain3_0 -> chain0_1: + * A chain whose root cannot be a CA. + */ +static const BYTE chain3_0[] = { +0x30,0x82,0x01,0xad,0x30,0x82,0x01,0x1a,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0x63,0x73,0xee,0x45,0x59,0x76,0x1a,0x9e,0x47,0xf1,0xfb,0xf0,0x42,0x44,0x26, +0xeb,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0xa3,0x10,0x30,0x0e,0x30,0x0c,0x06,0x03,0x55,0x1d,0x13,0x01,0x01, +0xff,0x04,0x02,0x30,0x00,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05, +0x00,0x03,0x81,0x81,0x00,0x53,0xb7,0xa9,0x90,0xe0,0x88,0x36,0xc0,0x2d,0xb1, +0xa3,0x97,0xff,0x16,0x62,0x29,0xa2,0xfd,0x92,0x90,0xb7,0x8d,0xd9,0xdf,0x57, +0x94,0x5a,0xce,0x36,0x5c,0x95,0x24,0xab,0x4f,0x63,0x55,0xa7,0xea,0x8b,0xaf, +0xd9,0x41,0x6a,0x2f,0xd8,0x9e,0x1c,0x2d,0xc0,0x11,0x52,0x09,0x4b,0x31,0x1f, +0x5e,0x8f,0x4b,0xbf,0x20,0x73,0x2d,0x04,0x11,0x56,0x6d,0xb1,0xbe,0xb4,0x5d, +0x70,0x6b,0xb2,0xd0,0xd3,0xf5,0x5d,0x60,0x08,0x65,0x2c,0xe3,0x78,0x5a,0x05, +0x36,0xe1,0xf1,0x67,0x3a,0x25,0xf3,0x47,0x83,0xce,0x4f,0xb0,0x74,0x7a,0x35, +0xa0,0x7f,0x70,0x64,0x8a,0x14,0x66,0x03,0xf6,0xae,0xdf,0x1b,0xf5,0x80,0x87, +0x06,0x39,0x76,0x70,0x7b,0xd2,0x83,0xe9,0xce,0x1f,0xf8,0x66,0xc1 }; +/* chain4_0 -> chain0_1 -> chain4_2: + * A chain whose path length constraint is violated. + */ +static const BYTE chain4_0[] = { +0x30,0x82,0x01,0xb3,0x30,0x82,0x01,0x20,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0xcb,0xdc,0x8d,0xca,0xc1,0x0e,0x9c,0x9d,0x4f,0x0a,0xc1,0x09,0x31,0x32,0x94, +0xf9,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0xa3,0x16,0x30,0x14,0x30,0x12,0x06,0x03,0x55,0x1d,0x13,0x01,0x01, +0xff,0x04,0x08,0x30,0x06,0x01,0x01,0xff,0x02,0x01,0x00,0x30,0x09,0x06,0x05, +0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81,0x81,0x00,0x93,0xe8,0x98,0xbe, +0x7b,0x5c,0x4c,0x58,0xbd,0xee,0x31,0x55,0xa8,0xb5,0x86,0xfc,0x23,0x55,0x48, +0xda,0x95,0x60,0x0f,0x53,0x64,0x66,0x50,0x78,0xdc,0x1c,0xf3,0xec,0x38,0x7d, +0x07,0x58,0x19,0xcf,0x83,0xfc,0x92,0xc4,0x3e,0x48,0x5b,0x45,0x54,0xf7,0x15, +0x6f,0xb0,0x5e,0x8c,0xbf,0x03,0x62,0x17,0x27,0x28,0x59,0x49,0xde,0x52,0x2d, +0x4b,0xb3,0x1e,0x4d,0x4f,0x2c,0xa8,0x1e,0x70,0xd1,0xdb,0xe7,0x98,0x6c,0x6f, +0xaa,0x94,0xea,0x5d,0x7f,0xc5,0x1d,0x2a,0x4d,0xb7,0x4c,0xac,0xa6,0xbf,0x79, +0x9a,0xf6,0x1e,0x98,0x64,0x14,0x2e,0xbd,0x8a,0xaf,0xac,0x52,0xd2,0x2c,0xdd, +0xcd,0x1b,0x3d,0x28,0x43,0xea,0x25,0x91,0x15,0xb8,0x54,0x72,0x33,0xca,0xd8, +0x5f,0x06,0x4c,0x97 }; +static const BYTE chain4_2[] = { +0x30,0x82,0x01,0x98,0x30,0x82,0x01,0x01,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, +0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, +0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, +0x65,0x72,0x74,0x32,0x30,0x22,0x18,0x0f,0x31,0x36,0x30,0x31,0x31,0x31,0x32, +0x32,0x31,0x38,0x35,0x32,0x30,0x37,0x5a,0x18,0x0f,0x31,0x36,0x32,0x38,0x30, +0x38,0x32,0x36,0x30,0x35,0x32,0x30,0x35,0x37,0x5a,0x30,0x10,0x31,0x0e,0x30, +0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81, +0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05, +0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xc3,0x31,0x35, +0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9,0xb1,0xf6,0x8f,0xf9,0x05,0x73,0x1d, +0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11,0x7e,0x77,0xa0,0x42,0x80,0xf4,0x79, +0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0,0xeb,0x8a,0x80,0xed,0x07,0xfc,0x64, +0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42,0x63,0xd9,0x79,0xea,0xdd,0x10,0xe8, +0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87,0xca,0xd1,0xc9,0x77,0x14,0x30,0x85, +0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55,0xcb,0xa7,0xd5,0xb8,0x44,0xb5,0x20, +0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f,0x87,0xaf,0x37,0xd1,0x39,0x0c,0x0d, +0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1,0x60,0x65,0x2d,0x08,0x24,0x51,0x1d, +0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a, +0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0xaa, +0x0e,0x17,0x8d,0x5b,0xca,0x11,0xda,0x5a,0xb5,0xd4,0xe8,0x63,0xce,0xa5,0x67, +0x11,0x2f,0xf8,0xb8,0x9f,0x89,0x46,0x7d,0x20,0x94,0x5f,0x0d,0x02,0x7e,0x5e, +0x8c,0x33,0xfc,0x24,0x56,0x08,0xe6,0xf1,0x4d,0x29,0xd5,0xef,0x03,0xe3,0x9a, +0xc6,0xcd,0x6e,0xe3,0xe6,0x45,0xaa,0xce,0x5a,0x2f,0x37,0x6c,0x07,0xd2,0x28, +0x63,0x8e,0x55,0x8a,0xad,0xe3,0x8a,0x58,0x3d,0x24,0x09,0x1e,0x9a,0x7d,0x5f, +0x05,0xc4,0x51,0x18,0x17,0x46,0x33,0x4d,0x72,0x05,0xc2,0x02,0xb6,0x05,0x22, +0x23,0xcc,0xf9,0x1f,0x87,0x6c,0x4a,0x3d,0x6f,0xdb,0x59,0xf6,0x79,0x81,0x02, +0x45,0x9f,0xc8,0xc3,0xf0,0x90,0x82,0xaf,0x58,0x80,0x18,0xea,0x73,0x50,0x29, +0x71,0x8d,0xc1,0x9e,0x53,0x19,0x5a }; +/* chain5_0 -> chain5_1: + * A chain whose name constraints aren't met. + */ +static const BYTE chain5_0[] = { +0x30,0x82,0x01,0xbd,0x30,0x82,0x01,0x2a,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0x80,0xc5,0x90,0x33,0xb6,0xb5,0xf7,0x99,0x4e,0x6d,0xfc,0xf9,0x4a,0xa7,0xcb, +0x20,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0xa3,0x20,0x30,0x1e,0x30,0x1c,0x06,0x03,0x55,0x1d,0x1e,0x01,0x01, +0xff,0x04,0x12,0x30,0x10,0xa0,0x0e,0x30,0x0c,0x82,0x0a,0x77,0x69,0x6e,0x65, +0x68,0x71,0x2e,0x6f,0x72,0x67,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d, +0x05,0x00,0x03,0x81,0x81,0x00,0x17,0x4a,0x31,0x42,0x6a,0x43,0x85,0xf8,0x91, +0x17,0xc2,0x09,0xbe,0xba,0x1f,0x49,0x23,0x2e,0xa1,0x24,0x58,0x46,0xe8,0xfe, +0x6e,0xbc,0x61,0xb9,0x71,0x92,0x99,0x43,0xd4,0x60,0x54,0xe8,0x29,0x78,0x97, +0xb5,0xb4,0x79,0xad,0xe0,0x1e,0x2b,0x8c,0xb8,0x96,0x9f,0xf1,0x23,0x72,0x45, +0xb7,0x1d,0xe1,0xed,0x0a,0x91,0xf3,0x79,0x8b,0x23,0xd8,0xd4,0x10,0x1b,0x9d, +0xf2,0x7b,0xd9,0x6d,0x85,0x23,0x52,0xd5,0xbf,0x56,0x4f,0x81,0x3c,0x8d,0x62, +0x17,0x0b,0xd7,0x2e,0x5b,0xa1,0xee,0x09,0x99,0x39,0x41,0x57,0x8c,0x3b,0xc4, +0x30,0x1d,0xf5,0x87,0x4f,0x81,0x56,0xfa,0xc1,0x83,0x69,0xf2,0x4a,0x97,0xc9, +0xd9,0x20,0xfa,0x09,0x8c,0x9f,0x13,0xfe,0x0f,0x4d,0x50,0xd3,0x24,0x1f }; +static const BYTE chain5_1[] = { +0x30,0x82,0x01,0xb2,0x30,0x82,0x01,0x1b,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, +0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, +0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, +0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30, +0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32, +0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, +0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, +0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, +0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, +0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, +0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, +0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, +0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, +0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, +0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, +0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, +0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, +0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x1c,0x30,0x1a,0x30,0x18,0x06,0x03,0x55, +0x1d,0x07,0x01,0x01,0xff,0x04,0x0e,0x30,0x0c,0x82,0x0a,0x77,0x69,0x6e,0x65, +0x68,0x71,0x2e,0x63,0x6f,0x6d,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7, +0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x08,0x08,0xf5,0x1c,0xca, +0x3b,0x5a,0xd7,0x45,0xac,0x29,0x5c,0x10,0x9d,0xb0,0x4a,0xdb,0x36,0x0b,0x39, +0x14,0x87,0x3d,0x06,0xe8,0x0d,0x54,0xa7,0xb9,0x50,0x14,0x29,0x05,0xd2,0x75, +0xe4,0x88,0xd8,0x8e,0x7e,0xab,0x61,0xba,0x3c,0xb2,0x4f,0x8f,0xfd,0x00,0x6b, +0x94,0x69,0xf0,0x13,0x40,0x7d,0x4e,0x7c,0xac,0xf0,0x1b,0x07,0x2c,0x96,0x46, +0xf6,0x38,0x38,0xc6,0x65,0x2c,0x02,0x28,0x62,0x6f,0x7d,0xf9,0x4d,0xff,0xb1, +0x38,0x0e,0xce,0x89,0x0e,0xdd,0x22,0x51,0xd2,0x6b,0x0e,0x80,0x3c,0xa6,0x0c, +0xe7,0x8b,0x3b,0x2a,0x2f,0x46,0xed,0xda,0x96,0x1a,0xc1,0x5c,0xfe,0xe0,0xef, +0xdb,0xe0,0x11,0xc4,0x56,0x12,0xe2,0x4b,0x84,0xde,0xaf,0x7f,0x3c,0x9f,0xcb, +0xb6,0xac,0x92 }; +/* chain6_0 -> chain6_1: + * A chain whose end certificate is a CA. + */ +static const BYTE chain6_0[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0x5d,0x20,0xc1,0x31,0xc4,0xdd,0x60,0x9d,0x40,0x3d,0xd5,0x53,0xae,0x9a,0x4c, +0xfd,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x25,0x96,0x0f,0xc9,0xc3,0x77,0xd1,0xb4,0x90,0xc2,0xc1,0x45,0x94, +0xdd,0xfd,0xf5,0x18,0xf8,0xf9,0xfc,0xdf,0x28,0x1c,0x65,0x59,0x64,0x66,0x0d, +0x90,0x1b,0xeb,0xe3,0x84,0x84,0x02,0xab,0xb5,0x56,0xd6,0x54,0x0e,0xbc,0x8a, +0x7d,0xb4,0x0c,0x6d,0xef,0x6e,0x1b,0xb9,0xda,0x61,0x6e,0xc3,0x1f,0x37,0x59, +0x86,0x54,0x4c,0xf0,0xf1,0x9e,0xcf,0x1b,0x67,0x3b,0xbe,0x19,0xa6,0xaa,0x3c, +0x04,0xfb,0xbf,0x4c,0xcd,0xeb,0xf8,0xbb,0xa6,0x18,0xce,0xfc,0x16,0xcc,0xa9, +0xa4,0x4f,0x85,0x91,0xc4,0x53,0x6f,0x4b,0x04,0x1d,0xb6,0x81,0x50,0xe6,0x3a, +0xa2,0xab,0x4b,0xb9,0x43,0xcf,0xe6,0x2a,0x15,0x79,0x0f,0x5c,0xab,0x7d,0x79, +0xd0,0x9f,0xeb,0x93,0x49,0x4f,0x16,0xad,0x63,0x1c }; +static const BYTE chain6_1[] = { +0x30,0x82,0x01,0xa9,0x30,0x82,0x01,0x12,0xa0,0x03,0x02,0x01,0x02,0x02,0x01, +0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05, +0x00,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43, +0x65,0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30, +0x30,0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32, +0x33,0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55, +0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06, +0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d, +0x00,0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5, +0x33,0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6, +0xdc,0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7, +0x48,0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b, +0x47,0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b, +0x05,0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc, +0x6a,0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85, +0x85,0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2, +0xd3,0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72, +0xa3,0x02,0x03,0x01,0x00,0x01,0xa3,0x13,0x30,0x11,0x30,0x0f,0x06,0x03,0x55, +0x1d,0x13,0x01,0x01,0xff,0x04,0x05,0x30,0x03,0x01,0x01,0xff,0x30,0x0d,0x06, +0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81, +0x00,0x08,0x71,0x6d,0x6c,0xbf,0xf1,0x0f,0xe9,0x5b,0x9f,0x9c,0x9d,0xa5,0x07, +0x83,0x28,0xa1,0x05,0x0b,0x92,0x73,0xb9,0x8a,0x99,0xbe,0x1e,0x21,0x53,0x9f, +0xae,0x44,0x7b,0x89,0x09,0x36,0x4a,0xef,0xe7,0x73,0x9f,0x84,0x8d,0x9a,0xec, +0x52,0xcd,0x58,0x14,0x2d,0x22,0x5c,0x03,0x6a,0xb3,0x35,0x40,0x35,0x66,0xba, +0xc5,0xe2,0x32,0x72,0x60,0x52,0x86,0xbc,0x6a,0xc3,0x24,0x05,0x6b,0x02,0xe3, +0x70,0xa3,0xad,0x09,0x88,0x1e,0xd1,0x34,0xca,0x52,0x6a,0x55,0x38,0x88,0x60, +0xfa,0x9a,0x1f,0xe9,0x29,0x47,0x54,0x96,0x53,0x65,0x27,0xb1,0x66,0xd0,0x11, +0x1c,0xf6,0x20,0x07,0xb4,0x66,0x88,0x18,0xdc,0x0c,0x57,0x7e,0x1f,0x8a,0x49, +0x7a,0xe2,0x34,0x52,0x0b,0x46,0x6b,0xfd,0x27 }; +/* chain7_0 -> chain 7_1: + * A chain with a bad critical extension. + */ +static const BYTE chain7_0[] = { +0x30,0x82,0x01,0xac,0x30,0x82,0x01,0x19,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0xac,0x23,0x9b,0xc5,0x45,0xc1,0xd0,0x96,0x4e,0xca,0x10,0xc2,0x95,0x9e,0x71, +0x60,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0xa3,0x0f,0x30,0x0d,0x30,0x0b,0x06,0x02,0x2a,0x03,0x01,0x01,0xff, +0x04,0x02,0x30,0x00,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00, +0x03,0x81,0x81,0x00,0x7b,0xad,0xcd,0xfc,0x28,0x12,0x0a,0x64,0x07,0x02,0x89, +0x74,0x47,0xc6,0x3b,0xc6,0xf0,0x1b,0xb1,0x1b,0x42,0xc5,0x7c,0x87,0x9a,0x8d, +0xb1,0xe8,0x3f,0x56,0x28,0x20,0x7e,0xcd,0xbb,0x49,0xef,0x6e,0x15,0x29,0x43, +0x56,0xf1,0xe5,0x76,0xbd,0x32,0x3b,0xa7,0xc6,0xdd,0xb6,0x49,0xce,0x84,0xf3, +0x6b,0xaa,0x28,0x87,0x55,0x0a,0xb7,0x96,0x9a,0x21,0xc0,0x98,0x40,0x7c,0xc8, +0x1c,0xaf,0x53,0xde,0x50,0x66,0x0a,0x0c,0x42,0xbc,0x68,0x02,0x67,0xee,0xfc, +0xbf,0xa0,0xb0,0xd7,0x8b,0x25,0x79,0xb6,0xcc,0xdb,0x1f,0xd4,0x67,0xc4,0xe5, +0x67,0x78,0x8a,0x8e,0xa6,0xa0,0x1a,0xe8,0x28,0x4a,0x5d,0x25,0x10,0xa6,0x16, +0x9a,0x84,0x26,0x1c,0xc6,0x54,0x90,0xa3,0x9b,0xd2,0xf9,0x8f }; +static const BYTE chain7_1[] = { +0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, +0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, +0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, +0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30, +0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, +0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, +0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, +0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, +0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33, +0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc, +0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48, +0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47, +0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05, +0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a, +0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85, +0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3, +0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3, +0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, +0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x9f,0x69,0xfd,0x26,0xd5,0x4b, +0xe0,0xab,0x12,0x21,0xb9,0xfc,0xf7,0xe0,0x0c,0x09,0x94,0xad,0x27,0xd7,0x9d, +0xa3,0xcc,0x46,0x2a,0x25,0x9a,0x24,0xa7,0x31,0x58,0x78,0xf5,0xfc,0x30,0xe1, +0x6d,0xfd,0x59,0xab,0xbe,0x69,0xa0,0xea,0xe3,0x7d,0x7a,0x7b,0xe5,0x85,0xeb, +0x86,0x6a,0x84,0x3c,0x96,0x01,0x1a,0x70,0xa7,0xb8,0xcb,0xf2,0x11,0xe7,0x52, +0x9c,0x58,0x2d,0xac,0x63,0xce,0x72,0x4b,0xad,0x62,0xa8,0x1d,0x75,0x96,0xe2, +0x27,0xf5,0x6f,0xba,0x91,0xf8,0xf1,0xb0,0xbf,0x90,0x24,0x6d,0xba,0x5d,0xd7, +0x39,0x63,0x3b,0x7c,0x04,0x5d,0x89,0x9d,0x1c,0xf2,0xf7,0xcc,0xdf,0x6e,0x8a, +0x43,0xa9,0xdd,0x86,0x05,0xa2,0xf3,0x22,0x2d,0x1e,0x70,0xa1,0x59,0xd7,0xa5, +0x94,0x7d }; +/* chain8_0 -> chain8_1 -> chain8_2: + * A chain whose root cert validity time doesn't overlap the end cert's + * validity time. + */ +static const BYTE chain8_0[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0xfb,0x25,0xa6,0x55,0x98,0xbc,0xdf,0xb7,0x40,0x86,0x44,0xb9,0x36,0x03,0x82, +0x9b,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x30,0x36,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x17,0xdf,0x1d,0x1d,0xa3,0x3b,0x0c,0x26,0x3e,0xc7,0x6c,0x8c,0xbd, +0xc7,0x62,0x01,0xba,0xbd,0x2e,0x6a,0x8d,0xe1,0x4e,0x0a,0xc1,0xc1,0x9a,0xb1, +0x43,0x82,0x05,0xb9,0xf8,0x27,0x4d,0x3e,0x8c,0xaa,0xff,0x5c,0x88,0x82,0x3b, +0x09,0xa4,0x23,0x06,0x54,0x16,0xbf,0xc6,0x57,0x6b,0xb1,0x80,0x2c,0xd2,0x7f, +0x28,0xfc,0xb5,0xac,0x5b,0x1f,0x14,0xb9,0xd8,0x49,0x6a,0x0d,0xf1,0x55,0x51, +0xcd,0x0c,0x2b,0x5b,0xfa,0x01,0x08,0x82,0x98,0x6d,0x39,0xde,0x9a,0xb1,0xbf, +0xc5,0xbd,0x05,0xd1,0x64,0x21,0xc4,0x99,0x40,0xdb,0x3e,0xa0,0x8e,0x46,0x80, +0xd0,0x74,0x93,0xbd,0xad,0x81,0xba,0x40,0x8e,0x0a,0x67,0x47,0xc4,0xae,0xd4, +0xca,0xd8,0x3b,0xa4,0xa6,0xbd,0xc8,0xa9,0x67,0xf9 }; +static const BYTE chain8_1[] = { +0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, +0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, +0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, +0x72,0x74,0x31,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x35,0x30,0x31,0x30,0x30, +0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x30,0x30,0x31,0x30,0x30, +0x30,0x30,0x30,0x30,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, +0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x32,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, +0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, +0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xb8,0x52,0xda,0xc5,0x4b,0x3f,0xe5,0x33, +0x0e,0x67,0x5f,0x48,0x21,0xdc,0x7e,0xef,0x37,0x33,0xba,0xff,0xb4,0xc6,0xdc, +0xb6,0x17,0x8e,0x20,0x55,0x07,0x12,0xd2,0x7b,0x3c,0xce,0x30,0xc5,0xa7,0x48, +0x9f,0x6e,0xfe,0xb8,0xbe,0xdb,0x9f,0x9b,0x17,0x60,0x16,0xde,0xc6,0x8b,0x47, +0xd1,0x57,0x71,0x3c,0x93,0xfc,0xbd,0xec,0x44,0x32,0x3b,0xb9,0xcf,0x6b,0x05, +0x72,0xa7,0x87,0x8e,0x7e,0xd4,0x9a,0x87,0x1c,0x2f,0xb7,0x82,0x40,0xfc,0x6a, +0x80,0x83,0x68,0x28,0xce,0x84,0xf4,0x0b,0x2e,0x44,0xcb,0x53,0xac,0x85,0x85, +0xb5,0x46,0x36,0x98,0x3c,0x10,0x02,0xaa,0x02,0xbc,0x8b,0xa2,0x23,0xb2,0xd3, +0x51,0x9a,0x22,0x4a,0xe3,0xaa,0x4e,0x7c,0xda,0x38,0xcf,0x49,0x98,0x72,0xa3, +0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, +0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x22,0xf1,0x66,0x00,0x79,0xd2, +0xe6,0xb2,0xb2,0xf7,0x2f,0x98,0x92,0x7d,0x73,0xc3,0x6c,0x5c,0x77,0x20,0xe3, +0xbf,0x3e,0xe0,0xb3,0x5c,0x68,0xb4,0x9b,0x3a,0x41,0xae,0x94,0xa0,0x80,0x3a, +0xfe,0x5d,0x7a,0x56,0x87,0x85,0x44,0x45,0xcf,0xa6,0xd3,0x10,0xe7,0x73,0x41, +0xf2,0x7f,0x88,0x85,0x91,0x8e,0xe6,0xec,0xe2,0xce,0x08,0xbc,0xa5,0x76,0xe5, +0x4d,0x1d,0xb7,0x70,0x31,0xdd,0xc9,0x9a,0x15,0x32,0x11,0x5a,0x4e,0x62,0xc8, +0xd1,0xf8,0xec,0x46,0x39,0x5b,0xe7,0x67,0x1f,0x58,0xe8,0xa1,0xa0,0x5b,0xf7, +0x8a,0x6d,0x5f,0x91,0x18,0xd4,0x90,0x85,0xff,0x30,0xc7,0xca,0x9c,0xc6,0x92, +0xb0,0xca,0x16,0xc4,0xa4,0xc0,0xd6,0xe8,0xff,0x15,0x19,0xd1,0x30,0x61,0xf3, +0xef,0x9f }; +static const BYTE chain8_2[] = { +0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, +0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, +0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, +0x72,0x74,0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x39,0x30,0x31,0x30,0x30, +0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, +0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, +0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x33,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, +0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, +0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20, +0xc6,0x32,0xe9,0xb1,0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a, +0x9c,0x7f,0x11,0x7e,0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa, +0x8f,0x0c,0xd0,0xeb,0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f, +0x9b,0xde,0x42,0x63,0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a, +0x39,0x23,0x87,0xca,0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07, +0xb7,0x7c,0x55,0xcb,0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1, +0xd5,0xad,0x0f,0x87,0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed, +0xf9,0x2a,0xb1,0x60,0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7, +0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, +0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x33,0x95,0x73,0x7c,0x7c,0xb0, +0xbb,0x2b,0xe0,0xc4,0x12,0xf0,0x26,0x85,0x97,0x0c,0x81,0xde,0xc5,0x52,0x04, +0xcb,0xee,0x11,0x9a,0x2e,0xa2,0xc4,0x76,0xd5,0x57,0xd1,0x2f,0x2d,0x6f,0x42, +0xbf,0x23,0x85,0x59,0x5c,0x96,0x8d,0xef,0xbc,0xb6,0xf5,0xd3,0x66,0x99,0x54, +0x95,0x09,0x28,0x0b,0x4f,0x05,0x5f,0x61,0x20,0xa8,0x0d,0x46,0x9a,0xab,0x29, +0x97,0x6b,0xa3,0xcd,0xd7,0x5a,0xda,0xaa,0x8e,0xad,0x5a,0x66,0x58,0xf6,0x63, +0x76,0x10,0xdc,0xb0,0xee,0x3f,0x82,0x6d,0x29,0xb9,0xcb,0x99,0x15,0xbb,0xb9, +0x74,0x73,0x00,0x14,0x74,0x79,0xad,0x89,0x73,0xaa,0xa2,0x0e,0x52,0xe8,0x28, +0x69,0xe6,0x8c,0x1e,0xce,0x3a,0x6d,0x85,0x33,0x1e,0x21,0xa3,0x42,0x61,0x3a, +0xeb,0x25 }; +/* chain9_0 -> chain7_1: + * A cyclic chain. + */ +static const BYTE chain9_0[] = { +0x30,0x82,0x01,0x93,0x30,0x81,0xfd,0xa0,0x03,0x02,0x01,0x02,0x02,0x01,0x01, +0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00, +0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65, +0x72,0x74,0x32,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30, +0x30,0x30,0x30,0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33, +0x35,0x39,0x35,0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04, +0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09, +0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00, +0x30,0x81,0x89,0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a, +0xca,0x50,0x82,0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde, +0xc5,0xc3,0x34,0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14, +0x03,0x7a,0xe7,0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f, +0xc1,0x33,0x91,0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98, +0x1b,0x99,0xc5,0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06, +0x49,0xba,0xcd,0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45, +0x72,0xb6,0x1c,0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5, +0x1f,0x2f,0x35,0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f, +0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d, +0x01,0x01,0x05,0x05,0x00,0x03,0x81,0x81,0x00,0x2c,0xf5,0x25,0xaa,0xb4,0x63, +0x5a,0x5d,0xae,0x7b,0x42,0x79,0xbc,0x41,0x2f,0x8a,0x2a,0x70,0x9f,0x8e,0xb2, +0x14,0x1b,0x6f,0xb2,0xf3,0x3e,0xab,0x06,0x9c,0xa8,0x92,0x43,0xc4,0x57,0x63, +0xa4,0xee,0x83,0x04,0xab,0xa5,0x2c,0xd9,0x90,0xed,0xc9,0x4d,0xa8,0x7b,0xca, +0x3b,0x5f,0xdf,0x46,0xe1,0x3b,0x7f,0x72,0xb7,0x92,0x82,0xe6,0x05,0xc3,0x64, +0x38,0xfb,0x86,0x13,0xeb,0x19,0xb6,0x16,0x82,0x63,0x84,0x13,0x04,0x38,0x51, +0x4c,0x89,0x12,0xf1,0x13,0x46,0x75,0x4e,0x99,0x46,0xcb,0xc6,0x76,0x9f,0x97, +0x9c,0xda,0x63,0x01,0x6a,0x71,0x68,0xc4,0x21,0x67,0xa6,0x51,0x19,0x5e,0xc7, +0x8c,0x8d,0x63,0x5c,0xbe,0x04,0x8f,0xad,0xea,0xa5,0xcd,0xc3,0xd6,0x6b,0xc7, +0xb5,0x56 }; +/* chain10_0 -+ + * +-> chain7_1 + * chain10_1 -+ + * A chain with two issuers, only one of whose dates is valid. + */ +static const BYTE chain10_0[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0x4a,0x30,0x3a,0x42,0xa2,0x5a,0xb3,0x93,0x4d,0x94,0x06,0xad,0x6d,0x1c,0x34, +0xe6,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x36,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x36,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x85,0x6e,0x35,0x2f,0x2c,0x51,0x4f,0xd6,0x2a,0xe4,0x9e,0xd0,0x4b, +0xe6,0x90,0xfd,0xf7,0x20,0xad,0x76,0x3f,0x93,0xea,0x7f,0x0d,0x1f,0xb3,0x8e, +0xfd,0xe0,0xe1,0xd6,0xd7,0x9c,0x7d,0x46,0x6b,0x15,0x5c,0xe6,0xc9,0x62,0x3b, +0x70,0x4a,0x4b,0xb2,0x82,0xe3,0x55,0x0c,0xc4,0x90,0x44,0x06,0x6c,0x86,0x1c, +0x6d,0x47,0x12,0xda,0x33,0x95,0x5d,0x98,0x43,0xcb,0x7c,0xfa,0x2b,0xee,0xc4, +0x2d,0xc8,0x95,0x33,0x89,0x08,0x3f,0x9f,0x87,0xea,0x20,0x04,0xaf,0x58,0x4b, +0x9d,0xc0,0x7c,0x0a,0x1b,0x05,0x31,0x3b,0xbb,0x13,0x58,0x2e,0x3f,0x61,0x6b, +0x10,0xb4,0xeb,0xb9,0x1a,0x30,0xfd,0xea,0xca,0x29,0x99,0x5f,0x42,0x2b,0x00, +0xb0,0x08,0xc3,0xf0,0xb6,0xd6,0x6b,0xf9,0x35,0x95 }; +static const BYTE chain10_1[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0xbf,0x99,0x4f,0x14,0x03,0x77,0x44,0xb8,0x49,0x02,0x70,0xa1,0xb8,0x9c,0xa7, +0x24,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0xa8,0xec,0x8c,0x34,0xe7,0x2c,0xdf,0x75,0x87,0xc4,0xf7,0xda,0x71, +0x72,0x29,0xb2,0x48,0xa8,0x2a,0xec,0x7b,0x7d,0x19,0xb9,0x5f,0x1d,0xd9,0x91, +0x2b,0xc4,0x28,0x7e,0xd6,0xb5,0x91,0x69,0xa5,0x8a,0x1a,0x1f,0x97,0x98,0x46, +0x9d,0xdf,0x12,0xf6,0x45,0x62,0xad,0x60,0xb6,0xba,0xb0,0xfd,0xf5,0x9f,0xc6, +0x98,0x05,0x4f,0x4d,0x48,0xdc,0xee,0x69,0xbe,0xb8,0xc4,0xc4,0xd7,0x1b,0xb1, +0x1f,0x64,0xd6,0x45,0xa7,0xdb,0xb3,0x87,0x63,0x0f,0x54,0xe1,0x3a,0x6b,0x57, +0x36,0xd7,0x68,0x65,0xcf,0xda,0x57,0x8d,0xcd,0x84,0x75,0x47,0x26,0x2c,0xef, +0x1e,0x8f,0xc7,0x3b,0xee,0x5d,0x03,0xa6,0xdf,0x3a,0x20,0xb2,0xcc,0xc9,0x09, +0x2c,0xfe,0x2b,0x79,0xb0,0xca,0x2c,0x9a,0x81,0x6b }; +/* chain11_0 -+ + * +-> chain7_1 + * chain11_1 -+ + * A chain with two issuers, only one of whose public keys matches the + * signature. + */ +static const BYTE chain11_0[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0xcf,0xbe,0xf0,0xa0,0x3c,0xd7,0xb3,0xb2,0x4d,0xff,0xa2,0x18,0x5f,0x8d,0xfc, +0xf4,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xad,0x7e,0xca,0xf3,0xe5,0x99,0xc2,0x2a,0xca,0x50,0x82, +0x7c,0x2d,0xa4,0x81,0xcd,0x0d,0x0d,0x86,0xd7,0xd8,0xb2,0xde,0xc5,0xc3,0x34, +0x9e,0x07,0x78,0x08,0x11,0x12,0x2d,0x21,0x0a,0x09,0x07,0x14,0x03,0x7a,0xe7, +0x3b,0x58,0xf1,0xde,0x3e,0x01,0x25,0x93,0xab,0x8f,0xce,0x1f,0xc1,0x33,0x91, +0xfe,0x59,0xb9,0x3b,0x9e,0x95,0x12,0x89,0x8e,0xc3,0x4b,0x98,0x1b,0x99,0xc5, +0x07,0xe2,0xdf,0x15,0x4c,0x39,0x76,0x06,0xad,0xdb,0x16,0x06,0x49,0xba,0xcd, +0x0f,0x07,0xd6,0xea,0x27,0xa6,0xfe,0x3d,0x88,0xe5,0x97,0x45,0x72,0xb6,0x1c, +0xc0,0x1c,0xb1,0xa2,0x89,0xe8,0x37,0x9e,0xf6,0x2a,0xcf,0xd5,0x1f,0x2f,0x35, +0x5e,0x8f,0x3a,0x9c,0x61,0xb1,0xf1,0x6c,0xff,0x8c,0xb2,0x2f,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x27,0xae,0x97,0xc0,0xe0,0x87,0x6c,0x70,0xb6,0x9d,0xef,0x47,0x52, +0x1f,0x1f,0x33,0x09,0xb5,0x46,0x9b,0x3d,0x54,0x69,0x6b,0xd8,0xbf,0x46,0xe5, +0xab,0x83,0xb1,0xdf,0xc3,0x1b,0x86,0x33,0x2c,0xdc,0x4a,0xe3,0x98,0xa7,0xcc, +0xe5,0x72,0xa4,0x20,0xb7,0x7c,0x0c,0x93,0x7f,0x37,0xc8,0xb0,0x8b,0xd5,0x3e, +0x91,0x46,0x2a,0xc2,0xa3,0xfe,0x20,0x81,0x5f,0xb0,0x5a,0x85,0xa6,0xbc,0xca, +0xaa,0xb5,0x50,0x7d,0xe7,0x8f,0x17,0x1f,0xa7,0xb3,0xe3,0xd4,0x54,0x6e,0xeb, +0xc9,0xcb,0x36,0x05,0xd3,0x66,0x37,0x83,0x08,0x55,0x48,0x88,0x09,0x5c,0x26, +0x37,0x37,0x81,0x52,0x8f,0x2b,0x2e,0xa4,0x43,0x5c,0x05,0x93,0xb6,0x4a,0x44, +0x0f,0x2d,0x08,0x4f,0x0d,0x43,0x9c,0xd6,0x8e,0x4a }; +static const BYTE chain11_1[] = { +0x30,0x82,0x01,0x9b,0x30,0x82,0x01,0x08,0xa0,0x03,0x02,0x01,0x02,0x02,0x10, +0x72,0x41,0xa2,0x53,0xd2,0x33,0x0b,0xac,0x4a,0x30,0xfe,0x0a,0xe0,0x2e,0xd4, +0x03,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x30,0x10,0x31, +0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05,0x43,0x65,0x72,0x74,0x31, +0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,0x31,0x30,0x31,0x30,0x30,0x30,0x30,0x30, +0x30,0x5a,0x17,0x0d,0x30,0x37,0x31,0x32,0x33,0x31,0x32,0x33,0x35,0x39,0x35, +0x39,0x5a,0x30,0x10,0x31,0x0e,0x30,0x0c,0x06,0x03,0x55,0x04,0x03,0x13,0x05, +0x43,0x65,0x72,0x74,0x31,0x30,0x81,0x9f,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48, +0x86,0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x81,0x8d,0x00,0x30,0x81,0x89, +0x02,0x81,0x81,0x00,0xc3,0x31,0x35,0xc3,0x9d,0x8a,0x87,0x20,0xc6,0x32,0xe9, +0xb1,0xf6,0x8f,0xf9,0x05,0x73,0x1d,0xa7,0xde,0xab,0x15,0x8a,0x9c,0x7f,0x11, +0x7e,0x77,0xa0,0x42,0x80,0xf4,0x79,0xda,0x98,0x7b,0x00,0xfa,0x8f,0x0c,0xd0, +0xeb,0x8a,0x80,0xed,0x07,0xfc,0x64,0x71,0x03,0xc1,0xd6,0x2f,0x9b,0xde,0x42, +0x63,0xd9,0x79,0xea,0xdd,0x10,0xe8,0x68,0xc8,0x69,0x4f,0x4a,0x39,0x23,0x87, +0xca,0xd1,0xc9,0x77,0x14,0x30,0x85,0x9e,0xf7,0x79,0xf9,0x07,0xb7,0x7c,0x55, +0xcb,0xa7,0xd5,0xb8,0x44,0xb5,0x20,0xb5,0x01,0x5c,0xa2,0xd1,0xd5,0xad,0x0f, +0x87,0xaf,0x37,0xd1,0x39,0x0c,0x0d,0xd5,0xde,0x26,0x7a,0xed,0xf9,0x2a,0xb1, +0x60,0x65,0x2d,0x08,0x24,0x51,0x1d,0xb0,0x0a,0xb5,0x13,0xc7,0x02,0x03,0x01, +0x00,0x01,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1d,0x05,0x00,0x03,0x81, +0x81,0x00,0x51,0x17,0xfb,0x2a,0x69,0x31,0x36,0xa7,0x37,0x2c,0x1f,0x38,0xee, +0xe3,0xf1,0xae,0x63,0x61,0xac,0x63,0x13,0xc2,0x3b,0x29,0xca,0xb1,0x8e,0x27, +0x41,0xfa,0xb3,0x7d,0x42,0xbe,0xf0,0x9c,0xe0,0xc7,0x69,0xba,0x80,0xf4,0x87, +0x7c,0x6f,0x77,0x70,0x6b,0x77,0x7d,0x5c,0x58,0x95,0x07,0xbd,0xac,0xe2,0x5d, +0x65,0x12,0xb0,0xae,0xf4,0x01,0x14,0x01,0xba,0xf9,0xa0,0x32,0x10,0xea,0x09, +0x12,0xcf,0xf1,0xbc,0x37,0xc9,0x42,0xc3,0x8c,0x9e,0xa2,0xc3,0x5e,0x2e,0x56, +0xe9,0xa7,0xd8,0x1c,0x1c,0x8c,0x1c,0x2f,0xd8,0xfb,0x67,0x44,0xd4,0xa3,0x79, +0x6d,0x53,0x17,0x56,0x3c,0x3e,0xd0,0x67,0x36,0x0c,0x8b,0x77,0xab,0x40,0xc7, +0x27,0xd9,0x44,0x69,0x13,0xeb,0x09,0xec,0x06,0xe2 }; + +typedef struct _CONST_DATA_BLOB +{ + DWORD cbData; + const BYTE *pbData; +} CONST_DATA_BLOB; + +typedef struct _CONST_BLOB_ARRAY +{ + DWORD cBlob; + CONST_DATA_BLOB *rgBlob; +} CONST_BLOB_ARRAY; + +#define TODO_CHAIN 1 +#define TODO_ERROR 2 +#define TODO_INFO 4 + +/* Gets a certificate chain built from a store containing all the certs in + * certArray, where the last certificate in the chain is expected to be the + * end certificate (the one from which the chain is built.) + */ +static PCCERT_CHAIN_CONTEXT getChain(const CONST_BLOB_ARRAY *certArray, + DWORD flags, LPSYSTEMTIME checkTime, DWORD todo, DWORD testIndex) +{ + HCERTSTORE store; + PCCERT_CHAIN_CONTEXT chain = NULL; + + store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, + CERT_STORE_CREATE_NEW_FLAG, NULL); + if (store) + { + BOOL ret; + PCCERT_CONTEXT endCert; + + if (certArray->cBlob > 1) + { + DWORD i; + + for (i = 0, ret = TRUE; ret && i < certArray->cBlob - 1; i++) + { + ret = CertAddEncodedCertificateToStore(store, + X509_ASN_ENCODING, certArray->rgBlob[i].pbData, + certArray->rgBlob[i].cbData, CERT_STORE_ADD_ALWAYS, NULL); + ok(ret, "Chain %d: adding cert %d failed: %08x\n", + testIndex, i, GetLastError()); + } + } + ret = CertAddEncodedCertificateToStore(store, + X509_ASN_ENCODING, certArray->rgBlob[certArray->cBlob - 1].pbData, + certArray->rgBlob[certArray->cBlob - 1].cbData, CERT_STORE_ADD_ALWAYS, + &endCert); + ok(ret, "Chain %d: adding end cert failed: %08x\n", + testIndex, GetLastError()); + if (ret) + { + /* FIXME: allow caller to specify usage matches? */ + CERT_CHAIN_PARA chainPara = { sizeof(chainPara), { 0 } }; + FILETIME fileTime; + + SystemTimeToFileTime(checkTime, &fileTime); + ret = CertGetCertificateChain(NULL, endCert, &fileTime, store, + &chainPara, flags, NULL, &chain); + if (todo & TODO_CHAIN) + todo_wine ok(ret, "Chain %d: CertGetCertificateChain failed: %08x\n", + testIndex, GetLastError()); + else + ok(ret, "Chain %d: CertGetCertificateChain failed: %08x\n", + testIndex, GetLastError()); + CertFreeCertificateContext(endCert); + } + CertCloseStore(store, 0); + } + return chain; +} + +typedef struct _SimpleChainStatusCheck +{ + DWORD cElement; + const CERT_TRUST_STATUS *rgElementStatus; +} SimpleChainStatusCheck; + +static void checkSimpleChainStatus(const CERT_SIMPLE_CHAIN *simpleChain, + const SimpleChainStatusCheck *simpleChainStatus, + const CERT_TRUST_STATUS *ignore, DWORD todo, DWORD testIndex, DWORD chainIndex) +{ + ok(simpleChain->cElement == simpleChainStatus->cElement, + "Chain %d: expected %d elements, got %d\n", testIndex, + simpleChainStatus->cElement, simpleChain->cElement); + if (simpleChain->cElement == simpleChainStatus->cElement) + { + DWORD i; + + for (i = 0; i < simpleChain->cElement; i++) + { + DWORD error = + simpleChain->rgpElement[i]->TrustStatus.dwErrorStatus & + ~ignore->dwErrorStatus; + DWORD info = + simpleChain->rgpElement[i]->TrustStatus.dwInfoStatus & + ~ignore->dwInfoStatus; + + if (todo & TODO_ERROR && error != + simpleChainStatus->rgElementStatus[i].dwErrorStatus) + todo_wine ok(error == + simpleChainStatus->rgElementStatus[i].dwErrorStatus, + "Chain %d, element [%d,%d]: expected error %08x, got %08x\n", + testIndex, chainIndex, i, + simpleChainStatus->rgElementStatus[i].dwErrorStatus, error); + else + ok(error == + simpleChainStatus->rgElementStatus[i].dwErrorStatus, + "Chain %d, element [%d,%d]: expected error %08x, got %08x\n", + testIndex, chainIndex, i, + simpleChainStatus->rgElementStatus[i].dwErrorStatus, error); + if (todo & TODO_INFO && info != + simpleChainStatus->rgElementStatus[i].dwInfoStatus) + todo_wine ok(info == + simpleChainStatus->rgElementStatus[i].dwInfoStatus, + "Chain %d, element [%d,%d]: expected info %08x, got %08x\n", + testIndex, chainIndex, i, + simpleChainStatus->rgElementStatus[i].dwInfoStatus, info); + else + ok(info == + simpleChainStatus->rgElementStatus[i].dwInfoStatus, + "Chain %d, element [%d,%d]: expected info %08x, got %08x\n", + testIndex, chainIndex, i, + simpleChainStatus->rgElementStatus[i].dwInfoStatus, info); + } + } +} + +typedef struct _ChainStatusCheck +{ + CERT_TRUST_STATUS statusToIgnore; + CERT_TRUST_STATUS status; + DWORD cChain; + const SimpleChainStatusCheck *rgChainStatus; +} ChainStatusCheck; + +static void checkChainStatus(PCCERT_CHAIN_CONTEXT chain, + const ChainStatusCheck *chainStatus, DWORD todo, DWORD testIndex) +{ + DWORD error = chainStatus->status.dwErrorStatus & + ~chainStatus->statusToIgnore.dwErrorStatus; + DWORD info = chainStatus->status.dwInfoStatus & + ~chainStatus->statusToIgnore.dwInfoStatus; + + ok(chain->cChain == chainStatus->cChain, + "Chain %d: expected %d simple chains, got %d\n", testIndex, + chainStatus->cChain, chain->cChain); + if (todo & TODO_ERROR && error != chainStatus->status.dwErrorStatus) + todo_wine ok(error == chainStatus->status.dwErrorStatus, + "Chain %d: expected error %08x, got %08x\n", + testIndex, chainStatus->status.dwErrorStatus, error); + else + ok(error == chainStatus->status.dwErrorStatus, + "Chain %d: expected error %08x, got %08x\n", + testIndex, chainStatus->status.dwErrorStatus, error); + if (todo & TODO_INFO && info != chainStatus->status.dwInfoStatus) + todo_wine ok(info == chainStatus->status.dwInfoStatus, + "Chain %d: expected info %08x, got %08x\n", + testIndex, chainStatus->status.dwInfoStatus, info); + else + ok(info == chainStatus->status.dwInfoStatus, + "Chain %d: expected info %08x, got %08x\n", + testIndex, chainStatus->status.dwInfoStatus, info); + if (chain->cChain == chainStatus->cChain) + { + DWORD i; + + for (i = 0; i < chain->cChain; i++) + checkSimpleChainStatus(chain->rgpChain[i], + &chainStatus->rgChainStatus[i], &chainStatus->statusToIgnore, + todo, testIndex, i); + } +} + +typedef struct _ChainCheck +{ + CONST_BLOB_ARRAY certs; + ChainStatusCheck status; + DWORD todo; +} ChainCheck; + +static CONST_DATA_BLOB chain0[] = { + { sizeof(chain0_0), chain0_0 }, + { sizeof(chain0_1), chain0_1 }, +}; +static const CERT_TRUST_STATUS elementStatus0[] = { + { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus0[] = { + { sizeof(elementStatus0) / sizeof(elementStatus0[0]), elementStatus0 }, +}; +static CONST_DATA_BLOB chain1[] = { + { sizeof(chain0_0), chain0_0 }, + { sizeof(chain1_1), chain1_1 }, +}; +static const CERT_TRUST_STATUS elementStatus1[] = { + { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_NOT_SIGNATURE_VALID, + CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus1[] = { + { sizeof(elementStatus1) / sizeof(elementStatus1[0]), elementStatus1 }, +}; +static CONST_DATA_BLOB chain2[] = { + { sizeof(chain2_0), chain2_0 }, + { sizeof(chain0_1), chain0_1 }, +}; +static const CERT_TRUST_STATUS elementStatus2[] = { + { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus2[] = { + { sizeof(elementStatus2) / sizeof(elementStatus2[0]), elementStatus2 }, +}; +static CONST_DATA_BLOB chain3[] = { + { sizeof(chain3_0), chain3_0 }, + { sizeof(chain0_1), chain0_1 }, +}; +static const CERT_TRUST_STATUS elementStatus3[] = { + { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus3[] = { + { sizeof(elementStatus3) / sizeof(elementStatus3[0]), elementStatus3 }, +}; +static CONST_DATA_BLOB chain4[] = { + { sizeof(chain4_0), chain4_0 }, + { sizeof(chain0_1), chain0_1 }, + { sizeof(chain4_2), chain4_2 }, +}; +static const CERT_TRUST_STATUS elementStatus4[] = { + { CERT_TRUST_IS_NOT_TIME_VALID, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_NOT_TIME_VALID, + CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus4[] = { + { sizeof(elementStatus4) / sizeof(elementStatus4[0]), elementStatus4 }, +}; +static CONST_DATA_BLOB chain5[] = { + { sizeof(chain5_0), chain5_0 }, + { sizeof(chain5_1), chain5_1 }, +}; +static const CERT_TRUST_STATUS elementStatus5[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | + CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT | + CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus5[] = { + { sizeof(elementStatus5) / sizeof(elementStatus5[0]), elementStatus5 }, +}; +static CONST_DATA_BLOB chain6[] = { + { sizeof(chain6_0), chain6_0 }, + { sizeof(chain6_1), chain6_1 }, +}; +static const CERT_TRUST_STATUS elementStatus6[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus6[] = { + { sizeof(elementStatus6) / sizeof(elementStatus6[0]), elementStatus6 }, +}; +static CONST_DATA_BLOB chain7[] = { + { sizeof(chain7_0), chain7_0 }, + { sizeof(chain7_1), chain7_1 }, +}; +static const CERT_TRUST_STATUS elementStatus7[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus7[] = { + { sizeof(elementStatus7) / sizeof(elementStatus7[0]), elementStatus7 }, +}; +static CONST_DATA_BLOB chain8[] = { + { sizeof(chain8_0), chain8_0 }, + { sizeof(chain8_1), chain8_1 }, + { sizeof(chain8_2), chain8_2 }, +}; +static const CERT_TRUST_STATUS elementStatus8[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck simpleStatus8[] = { + { sizeof(elementStatus8) / sizeof(elementStatus8[0]), elementStatus8 }, +}; +static CONST_DATA_BLOB chain9[] = { + { sizeof(chain9_0), chain9_0 }, + { sizeof(chain7_1), chain7_1 }, +}; +static const CERT_TRUST_STATUS elementStatus9[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_CYCLIC, + CERT_TRUST_HAS_NAME_MATCH_ISSUER }, +}; +static const SimpleChainStatusCheck simpleStatus9[] = { + { sizeof(elementStatus9) / sizeof(elementStatus9[0]), elementStatus9 }, +}; +static CONST_DATA_BLOB chain10[] = { + { sizeof(chain10_0), chain10_0 }, + { sizeof(chain10_1), chain10_1 }, + { sizeof(chain7_1), chain7_1 }, +}; +static const CERT_TRUST_STATUS elementStatus10[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER }, +}; +static const SimpleChainStatusCheck simpleStatus10[] = { + { sizeof(elementStatus10) / sizeof(elementStatus10[0]), elementStatus10 }, +}; +static CONST_DATA_BLOB chain11[] = { + { sizeof(chain11_0), chain11_0 }, + { sizeof(chain11_1), chain11_1 }, + { sizeof(chain7_1), chain7_1 }, +}; +static CONST_DATA_BLOB selfSignedChain[] = { + { sizeof(selfSignedCert), selfSignedCert } +}; +static const CERT_TRUST_STATUS selfSignedElementStatus[] = { + { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED }, +}; +static const SimpleChainStatusCheck selfSignedSimpleStatus[] = { + { sizeof(selfSignedElementStatus) / sizeof(selfSignedElementStatus[0]), + selfSignedElementStatus }, +}; +static CONST_DATA_BLOB iTunesChain[] = { + { sizeof(verisignCA), verisignCA }, + { sizeof(iTunesCert0), iTunesCert0 }, + { sizeof(iTunesCert1), iTunesCert1 }, + { sizeof(iTunesCert2), iTunesCert2 }, + { sizeof(iTunesCert3), iTunesCert3 }, +}; +static const CERT_TRUST_STATUS iTunesElementStatus[] = { + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_KEY_MATCH_ISSUER }, + { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_EXACT_MATCH_ISSUER }, + { CERT_TRUST_NO_ERROR, + CERT_TRUST_HAS_NAME_MATCH_ISSUER | CERT_TRUST_IS_SELF_SIGNED}, +}; +static const SimpleChainStatusCheck iTunesSimpleStatus[] = { + { sizeof(iTunesElementStatus) / sizeof(iTunesElementStatus[0]), + iTunesElementStatus }, +}; +static ChainCheck chainCheck[] = { + /* Windows XP erroneously sets CERT_TRUST_HAS_PREFERRED_ISSUER on all + * elements, so ignore it + */ + { { sizeof(chain0) / sizeof(chain0[0]), chain0 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 }, + 1, simpleStatus0 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain1) / sizeof(chain1[0]), chain1 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_SIGNATURE_VALID | + CERT_TRUST_IS_NOT_TIME_VALID, 0 }, + 1, simpleStatus1 }, + TODO_CHAIN | TODO_ERROR | TODO_INFO }, + { { sizeof(chain2) / sizeof(chain2[0]), chain2 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 }, + 1, simpleStatus2 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain3) / sizeof(chain3[0]), chain3 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | + CERT_TRUST_IS_NOT_TIME_VALID, 0 }, + 1, simpleStatus3 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain4) / sizeof(chain4[0]), chain4 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | + CERT_TRUST_IS_NOT_TIME_VALID, 0 }, + 1, simpleStatus4 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain5) / sizeof(chain5[0]), chain5 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT | + CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT | + CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus5 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain6) / sizeof(chain6[0]), chain6 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus6 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain7) / sizeof(chain7[0]), chain7 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus7 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain8) / sizeof(chain8[0]), chain8 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_UNTRUSTED_ROOT | + CERT_TRUST_IS_NOT_TIME_VALID, 0 }, + 1, simpleStatus8 }, + TODO_ERROR | TODO_INFO }, + /* This (cyclic) chain never completes in Wine, so don't test it yet + { { sizeof(chain9) / sizeof(chain9[0]), chain9 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT | + CERT_TRUST_INVALID_BASIC_CONSTRAINTS | CERT_TRUST_IS_CYCLIC, 0 }, + 1, simpleStatus9 }, + TODO_ERROR | TODO_INFO }, + */ + { { sizeof(chain10) / sizeof(chain10[0]), chain10 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(chain11) / sizeof(chain11[0]), chain11 }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, 1, simpleStatus10 }, + TODO_ERROR | TODO_INFO }, + { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain }, + { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 }, + 1, selfSignedSimpleStatus }, + TODO_ERROR | TODO_INFO }, + /* The iTunes chain may or may not have its root trusted, so ignore the + * error + */ + { { sizeof(iTunesChain) / sizeof(iTunesChain[0]), iTunesChain }, + { { CERT_TRUST_IS_UNTRUSTED_ROOT, CERT_TRUST_HAS_PREFERRED_ISSUER }, + { 0, 0 }, + 1, iTunesSimpleStatus }, + TODO_INFO }, +}; + +/* Wednesday, Oct 1, 2007 */ +static SYSTEMTIME oct2007 = { 2007, 10, 1, 1, 0, 0, 0, 0 }; static void testGetCertChain(void) { BOOL ret; - CERT_CHAIN_ENGINE_CONFIG config = { 0 }; - HCERTCHAINENGINE engine; PCCERT_CONTEXT cert; CERT_CHAIN_PARA para = { 0 }; PCCERT_CHAIN_CONTEXT chain; - HCERTSTORE store; - CERT_INFO info = { 0 }; + DWORD i; /* Basic parameter checks */ ret = CertGetCertificateChain(NULL, NULL, NULL, NULL, NULL, 0, NULL, NULL); @@ -523,128 +1604,17 @@ static void testGetCertChain(void) ok(!ret, "Expected failure\n"); CertFreeCertificateContext(cert); - /* Tests with a valid cert that doesn't trace back to a trusted root */ - cert = CertCreateCertificateContext(X509_ASN_ENCODING, selfSignedCert, - sizeof(selfSignedCert)); - ret = CertGetCertificateChain(NULL, cert, NULL, NULL, NULL, 0, NULL, NULL); - ok(!ret && GetLastError() == E_INVALIDARG, - "Expected E_INVALIDARG, got %08x\n", GetLastError()); - ret = CertGetCertificateChain(NULL, cert, NULL, NULL, ¶, 0, NULL, - &chain); - ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError()); - ok(chain != NULL, "Expected a chain\n"); - if (chain) + for (i = 0; i < sizeof(chainCheck) / sizeof(chainCheck[0]); i++) { - ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_UNTRUSTED_ROOT, - "Expected CERT_TRUST_IS_UNTRUSTED_ROOT, got %08x\n", - chain->TrustStatus.dwErrorStatus); - ok(chain->TrustStatus.dwInfoStatus == CERT_TRUST_HAS_PREFERRED_ISSUER, - "Expected CERT_TRUST_HAS_PREFERRED_ISSUER, got %08x\n", - chain->TrustStatus.dwInfoStatus); - ok(chain->cChain == 1, "Expected 1 chain, got %d\n", chain->cChain); - ok(chain->rgpChain[0]->cElement == 1, - "Expected one chain element, got %d\n", chain->rgpChain[0]->cElement); - ok(chain->rgpChain[0]->pTrustListInfo == NULL, - "Expected no trust list\n"); - CertFreeCertificateChain(chain); - } - - /* A self-signed cert isn't affected by having no chain to a trusted root */ - store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, - CERT_STORE_CREATE_NEW_FLAG, NULL); - config.cbSize = sizeof(config); - config.hRestrictedRoot = store; - ret = CertCreateCertificateChainEngine(&config, &engine); - ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError()); - ret = CertGetCertificateChain(engine, cert, NULL, NULL, ¶, 0, NULL, - &chain); - ok(chain != NULL, "Expected a chain\n"); - if (chain) - { - ok(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_UNTRUSTED_ROOT, - "Expected CERT_TRUST_IS_UNTRUSTED_ROOT, got %08x\n", - chain->TrustStatus.dwErrorStatus); - ok(chain->TrustStatus.dwInfoStatus == CERT_TRUST_HAS_PREFERRED_ISSUER, - "Expected CERT_TRUST_HAS_PREFERRED_ISSUER, got %08x\n", - chain->TrustStatus.dwInfoStatus); - ok(chain->cChain == 1, "Expected 1 chain, got %d\n", chain->cChain); - ok(chain->rgpChain[0]->cElement == 1, - "Expected one chain element, got %d\n", chain->rgpChain[0]->cElement); - ok(chain->rgpChain[0]->pTrustListInfo == NULL, - "Expected no trust list\n"); - CertFreeCertificateChain(chain); - } - CertFreeCertificateChainEngine(engine); - CertCloseStore(store, 0); - CertFreeCertificateContext(cert); - - /* Test a real chain */ - info.Issuer.cbData = sizeof(iTunesIssuer); - info.Issuer.pbData = iTunesIssuer; - info.SerialNumber.cbData = sizeof(iTunesSerialNum); - info.SerialNumber.pbData = iTunesSerialNum; - - store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, - CERT_STORE_CREATE_NEW_FLAG, NULL); - CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, iTunesCert0, - sizeof(iTunesCert0), CERT_STORE_ADD_NEW, NULL); - CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, iTunesCert1, - sizeof(iTunesCert1), CERT_STORE_ADD_NEW, NULL); - CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, iTunesCert2, - sizeof(iTunesCert2), CERT_STORE_ADD_NEW, NULL); - CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, iTunesCert3, - sizeof(iTunesCert3), CERT_STORE_ADD_NEW, NULL); - - config.hRestrictedRoot = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, - CERT_STORE_CREATE_NEW_FLAG, NULL); - CertAddEncodedCertificateToStore(config.hRestrictedRoot, X509_ASN_ENCODING, - verisignCA, sizeof(verisignCA), CERT_STORE_ADD_NEW, NULL); - engine = NULL; - ret = CertCreateCertificateChainEngine(&config, &engine); - - cert = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0, - CERT_FIND_SUBJECT_CERT, &info, NULL); - ok(cert != NULL, "CertFindCertificateInStore failed: %08x\n", - GetLastError()); - if (cert) - { - /* There's no guarantee the Verisign cert is in the root store, in - * which case the engine creation will fail => we need to pass the - * memory store that includes the Verisign cert. - */ - if (engine) - ret = CertGetCertificateChain(engine, cert, NULL, NULL, ¶, 0, - NULL, &chain); - else - ret = CertGetCertificateChain(NULL, cert, NULL, - config.hRestrictedRoot, ¶, 0, NULL, &chain); - ok(ret, "CertGetCertificateChain failed: %08x\n", GetLastError()); - if (ret) + chain = getChain(&chainCheck[i].certs, 0, &oct2007, chainCheck[i].todo, + i); + if (chain) { - /* Since there's no guarantee the Verisign cert is in the Root - * store, either error is acceptable. - */ - ok(chain->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR || - chain->TrustStatus.dwErrorStatus == CERT_TRUST_IS_UNTRUSTED_ROOT, - "Expected no error or CERT_TRUST_IS_UNTRUSTED_ROOT, got %08x\n", - chain->TrustStatus.dwErrorStatus); - ok(chain->TrustStatus.dwInfoStatus == - CERT_TRUST_HAS_PREFERRED_ISSUER, - "Expected CERT_TRUST_HAS_PREFERRED_ISSUER, got %08x\n", - chain->TrustStatus.dwInfoStatus); - ok(chain->cChain == 1, "Expected 1 chain, got %d\n", chain->cChain); - ok(chain->rgpChain[0]->cElement == 3, - "Expected three chain elements, got %d\n", - chain->rgpChain[0]->cElement); - ok(chain->rgpChain[0]->pTrustListInfo == NULL, - "Expected no trust list\n"); + checkChainStatus(chain, &chainCheck[i].status, chainCheck[i].todo, + i); CertFreeCertificateChain(chain); } - CertFreeCertificateContext(cert); } - CertCloseStore(config.hRestrictedRoot, 0); - CertFreeCertificateChainEngine(engine); - CertCloseStore(store, 0); } START_TEST(chain)