16867 pkgsign should handle existing signatures better
17982 pkgsign should cleanly handle the aborted transaction case
18021 all information needed to verify a signature action should be included in the action
18047 need support for pathlen basic constraint
18052 manifest.get_size should reflect true signature size
--- a/doc/client_api_versions.txt Mon Apr 04 09:02:59 2011 -0700
+++ b/doc/client_api_versions.txt Wed Apr 06 18:06:57 2011 -0700
@@ -1,3 +1,18 @@
+Version 55:
+Incompatible with clients using versions 0-54:
+
+ pkg.client.publisher.Publisher has changed as follows:
+
+ * The following functions have been removed:
+ get_intermediate_certs
+ verify_ca_certs
+
+ * verify_chain has had the mandatory parameter cur_pathlen added which
+ indicates how many certificates exist between cert and the leaf cert.
+
+ * approve_ca_cert has had the 'manual' parameter removed as only the
+ user can approve a certificate now.
+
Version 54:
Compatible with clients using versions 53-54:
--- a/src/client.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/client.py Wed Apr 06 18:06:57 2011 -0700
@@ -86,7 +86,7 @@
import sys
sys.exit(1)
-CLIENT_API_VERSION = 54
+CLIENT_API_VERSION = 55
PKG_CLIENT_NAME = "pkg"
JUST_UNKNOWN = 0
@@ -3414,7 +3414,7 @@
raise api_errors.PermissionsException(
ca)
raise
- pub.approve_ca_cert(s, manual=True)
+ pub.approve_ca_cert(s)
for hsh in revoked_cas:
pub.revoke_ca_cert(hsh)
--- a/src/gui/modules/misc_non_gui.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/gui/modules/misc_non_gui.py Wed Apr 06 18:06:57 2011 -0700
@@ -40,7 +40,7 @@
# The current version of the Client API the PM, UM and
# WebInstall GUIs have been tested against and are known to work with.
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
LOG_DIR = "/var/tmp"
LOG_ERROR_EXT = "_error.log"
LOG_INFO_EXT = "_info.log"
--- a/src/man/pkgrepo.1.txt Mon Apr 04 09:02:59 2011 -0700
+++ b/src/man/pkgrepo.1.txt Wed Apr 06 18:06:57 2011 -0700
@@ -9,12 +9,6 @@
pkgrepo add-publisher [-s repo_uri_or_path] publisher ...
- pkgrepo add-signing-ca-cert [-p publisher ...]
- [-s repo_uri_or_path] path ...
-
- pkgrepo add-signing-intermediate-cert [-p publisher ...]
- [-s repo_uri_or_path] path ...
-
pkgrepo get [-F format] [-p publisher ...] [-s repo_uri_or_path]
[section/property ...]
@@ -27,12 +21,6 @@
pkgrepo refresh [-p publisher ...] [-s repo_uri_or_path]
[--no-catalog] [--no-index]
- pkgrepo remove-signing-ca-cert [-p publisher ...]
- [-s repo_uri_or_path] hash ...
-
- pkgrepo remove-signing-intermediate-cert [-p publisher ...]
- [-s repo_uri_or_path] hash ...
-
pkgrepo set [-p publisher] [-s repo_uri_or_path]
section/property=[value] ... or
section/property=([value]) ...
@@ -81,34 +69,6 @@
Add the specified publisher(s) to the repository. The new
publisher(s) will not have any packages or content.
- add-signing-ca-certs [-p publisher ...]
- [-s repo_uri_or_path] path ...
- May only be used with filesystem-based repositories.
-
- Add the certificates provided as approved CA certificates.
-
- With -p, only add certificate data for the given publisher.
- The special value 'all' may be used to add the certificate
- data for all publishers. If not specified, the default
- publisher will be used.
-
- With -s, operate on the repository located at the given URI
- or filesystem path.
-
- add-signing-intermediate-certs [-p publisher ...]
- [-s repo_uri_or_path] path ...
- May only be used with filesystem-based repositories.
-
- Add the certificates provided as intermediate certificates.
-
- With -p, only add certificate data for the given publisher.
- The special value 'all' may be used to add the certificate
- data for all publishers. If not specified, the default
- publisher will be used.
-
- With -s, operate on the repository located at the given URI
- or filesystem path.
-
get [-F format] [-H] [-p publisher ...] [-s repo_uri_or_path]
[section/property ...]
Displays the property information for the repository or
@@ -193,36 +153,6 @@
With --no-index, don't update search indexes.
- remove-signing-ca-certs [-p publisher ...]
- [-s repo_uri_or_path] hash ...
- May only be used with filesystem-based repositories.
-
- Remove the certificates provided from the list of CA
- certificates.
-
- With -p, only remove certificate data for the given
- publisher. The special value 'all' may be used to remove
- the certificate data for all publishers. If not specified,
- the default publisher will be used.
-
- With -s, operate on the repository located at the given URI
- or filesystem path.
-
- remove-signing-intermediate-certs [-p publisher ...]
- [-s repo_uri_or_path] hash ...
- May only be used with filesystem-based repositories.
-
- Remove the certificates provided from the list of
- intermediate certificates.
-
- With -p, only remove certificate data for the given
- publisher. The special value 'all' may be used to remove
- the certificate data for all publishers. If not specified,
- the default publisher will be used.
-
- With -s, operate on the repository located at the given URI
- or filesystem path.
-
set [-p publisher] [-s repo_uri_or_path]
[section/property=value ...]
May only be used with filesystem-based repositories.
@@ -396,35 +326,7 @@
$ pkgrepo set -s /my/repository -p example.com \
repository/origins=http://example.com/repository
- Example 9: Add the certificate stored in /tmp/example_file.pem
- as a signing CA certificate for the repository located at
- /my/repository for the default publisher.
-
- $ pkgrepo add-signing-ca-cert -s /my/repository \
- /tmp/example_file.pem
-
- Example 10: Add the certificate stored in /tmp/example_file.pem
- as a signing CA certificate for the repository located at
- /my/repository for a specific publisher.
-
- $ pkgrepo add-signing-ca-cert -s /my/repository \
- -p example.com /tmp/example_file.pem
-
- Example 11: Remove the certificate with hash a12345 from the
- list of intermediate certificates for the repository located at
- /my/repository for the default publisher.
-
- $ pkgrepo remove-signing-intermediate-ca-cert -s /my/repository \
- a12345
-
- Example 12: Remove the certificate with hash a12345 from the
- list of intermediate certificates for the repository located at
- /my/repository for a specific publisher.
-
- $ pkgrepo remove-signing-intermediate-ca-cert -s /my/repository \
- -p example.com a12345
-
- Example 13: Add a new publisher to the repository.
+ Example 9: Add a new publisher to the repository.
$ pkgrepo add-publisher -s /my/repository example.com
--- a/src/modules/actions/generic.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/actions/generic.py Wed Apr 06 18:06:57 2011 -0700
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved.
#
"""module describing a generic packaging object
@@ -885,6 +885,9 @@
datastream."""
return False
+ def get_size(self):
+ return int(self.attrs.get("pkg.size", "0"))
+
def attrlist(self, name):
"""return list containing value of named attribute."""
value = self.attrs.get(name, [])
--- a/src/modules/actions/signature.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/actions/signature.py Wed Apr 06 18:06:57 2011 -0700
@@ -72,13 +72,16 @@
return False
return True
+ def needsdata(self, orig, pkgplan):
+ return self.has_payload
+
@staticmethod
def make_opener(pth):
def file_opener():
return open(pth, "rb")
return file_opener
- def __set_chain_certs_data(self, chain_certs):
+ def __set_chain_certs_data(self, chain_certs, chash_dir):
"""Store the information about the certs needed to validate
this signature in the signature.
@@ -88,6 +91,8 @@
self.chain_cert_openers = []
hshes = []
sizes = []
+ chshes = []
+ csizes = []
for pth in chain_certs:
if not os.path.exists(pth):
raise pkg.actions.ActionDataError(
@@ -108,13 +113,39 @@
with file_opener() as fh:
hsh, data = misc.get_data_digest(fh,
length=fs.st_size, return_content=True)
- hshes.append(hsh)
+ hshes.append(hsh)
+ csize, chash = misc.compute_compressed_attrs(hsh,
+ None, data, fs.st_size, chash_dir)
+ csizes.append(csize)
+ chshes.append(chash.hexdigest())
if hshes:
# These attributes are stored as a single value with
# spaces in it rather than multiple values to ensure
# the ordering remains consistent.
self.attrs["chain.sizes"] = " ".join(sizes)
self.attrs["chain"] = " ".join(hshes)
+ self.attrs["chain.chashes"] = " ".join(chshes)
+ self.attrs["chain.csizes"] = " ".join(csizes)
+
+ def get_size(self):
+ res = generic.Action.get_size(self)
+ for s in self.attrs.get("chain.sizes", "").split():
+ res += int(s)
+ return res
+
+ def get_action_chain_csize(self):
+ res = 0
+ for s in self.attrs.get("chain.csizes", "").split():
+ res += int(s)
+ return res
+
+ def get_chain_csize(self, chain):
+ found = False
+ for c, s in zip(self.attrs.get("chain", "").split(),
+ self.attrs.get("chain.csizes", "").split()):
+ if c == chain:
+ return int(s)
+ return None
def sig_str(self, a, version):
"""Create a stable string representation of an action that
@@ -193,13 +224,23 @@
(b.sig_str(self, version) for b in acts)
if a is not None)))
- def get_chain_certs(self, pub):
- """Retrieve the intermediate certificates needed to validate
- this signature."""
+ def retrieve_chain_certs(self, pub):
+ """Retrieve the chain certificates needed to validate this
+ signature."""
for c in self.attrs.get("chain", "").split():
pub.get_cert_by_hash(c, only_retrieve=True)
+ def get_chain_certs(self):
+ """Return a list of the chain certificates needed to validate
+ this signature."""
+ return self.attrs.get("chain", "").split()
+
+ def get_chain_certs_chashes(self):
+ """Return a list of the chain certificates needed to validate
+ this signature."""
+ return self.attrs.get("chain.chashes", "").split()
+
def is_signed(self):
"""Returns True if this action is signed using a key, instead
of simply being a hash. Since variant tagged signature
@@ -222,7 +263,7 @@
return None, h
return None, None
- def verify_sig(self, acts, pub, required_names=None):
+ def verify_sig(self, acts, pub, trust_anchors, required_names=None):
"""Try to verify this signature. It can return True or
None. None means we didn't know how to verify this signature.
If we do know how to verify the signature but it doesn't verify,
@@ -234,6 +275,9 @@
The 'pub' parameter is the publisher that published the
package this action signed.
+ The 'trust_anchors' parameter contains the trust anchors to use
+ when verifying the signature.
+
The 'required_names' parameter is a set of strings that must
be seen as a CN in the chain of trust for the certificate."""
@@ -267,21 +311,20 @@
# Verify a signature that's not just a hash.
if self.sig_alg is None:
return None
- # Get the approved CA certs for this publisher.
- ca_dict = pub.get_ca_certs()
# Get the certificate paired with the key which signed this
# action.
cert = pub.get_cert_by_hash(self.hash, verify_hash=True)
# Make sure that the intermediate certificates that are needed
# to validate this signature are present.
- self.get_chain_certs(pub)
+ self.retrieve_chain_certs(pub)
try:
# This import is placed here to break a circular
# import seen when merge.py is used.
from pkg.client.publisher import CODE_SIGNING_USE
# Verify the certificate whose key created this
# signature action.
- pub.verify_chain(cert, ca_dict, required_names,
+ pub.verify_chain(cert, trust_anchors, 0,
+ required_names=required_names,
usages=CODE_SIGNING_USE)
except apx.SigningException, e:
e.act = self
@@ -298,7 +341,8 @@
"value. Res: %s") % res)
return True
- def set_signature(self, acts, key_path=None, chain_paths=misc.EmptyI):
+ def set_signature(self, acts, key_path=None, chain_paths=misc.EmptyI,
+ chash_dir=None):
"""Sets the signature value for this action.
The 'acts' parameter is the iterable of actions this action
@@ -310,7 +354,10 @@
The 'chain_paths' parameter is an iterable of paths to
certificates which are needed to form the chain of trust from
the certificate associated with the key in 'key_path' to one of
- the CAs for the publisher of the actions."""
+ the CAs for the publisher of the actions.
+
+ The 'chash_dir' parameter is the temporary directory to use
+ while calculating the compressed hashes for chain certs."""
# Turning this into a list makes debugging vastly more
# tractable.
@@ -333,11 +380,11 @@
# If a private key is used, then the certificate it's
# paired with must be provided.
assert self.data is not None
- self.__set_chain_certs_data(chain_paths)
+ self.__set_chain_certs_data(chain_paths, chash_dir)
try:
priv_key = m2.RSA.load_key(key_path)
- except m2.RSA.RSAError, e:
+ except m2.RSA.RSAError:
raise apx.BadFileFormat(_("%s was expected to "
"be a RSA key but could not be read "
"correctly.") % key_path)
@@ -364,3 +411,26 @@
res.append((self.name, "signature", self.attrs["value"],
self.attrs["value"]))
return res
+
+ def identical(self, other, hsh):
+ """Check whether another action is identical to this
+ signature."""
+ # Only signature actions can be identical to other signature
+ # actions.
+ if self.name != other.name:
+ return False
+ # If the code signing certs are identical, the more checking is
+ # needed.
+ if hsh == other.hash or self.hash == other.hash:
+ # If the algorithms are using different algorithms or
+ # have different versions, then they're not identical.
+ if self.attrs["algorithm"] != \
+ other.attrs["algorithm"] or \
+ self.attrs["version"] != other.attrs["version"]:
+ return False
+ # If the values are the same, then they're identical.
+ if self.attrs["value"] == other.attrs["value"]:
+ return True
+ raise apx.AlmostIdentical(hsh,
+ self.attrs["algorithm"], self.attrs["version"])
+ return False
--- a/src/modules/client/api.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/api.py Wed Apr 06 18:06:57 2011 -0700
@@ -68,7 +68,7 @@
from pkg.client.imageplan import EXECUTED_OK
from pkg.client import global_settings
-CURRENT_API_VERSION = 54
+CURRENT_API_VERSION = 55
CURRENT_P5I_VERSION = 1
# Image type constants.
@@ -249,7 +249,7 @@
other platforms, a value of False will allow any image location.
"""
- compatible_versions = set([53, CURRENT_API_VERSION])
+ compatible_versions = set([CURRENT_API_VERSION])
if version_id not in compatible_versions:
raise apx.VersionException(CURRENT_API_VERSION,
@@ -1777,10 +1777,6 @@
op_time=op_time, pub=pub,
stem=stem, ver=ver)
- # Build a unique set of publisher objects so that
- # signing information can be consolidated and
- # used. (If this isn't done, signed packages
- # can't be installed from temporary sources.)
pub_map = {}
for pub in pubs:
try:
@@ -1790,11 +1786,6 @@
catalog=compkcat)
pub_map[pub.prefix] = opub
- for attr in ("signing_ca_certs",
- "intermediate_certs"):
- getattr(opub, attr).extend(
- getattr(pub, attr))
-
rid_map = {}
for pub in pkg_pub_map:
for stem in pkg_pub_map[pub]:
--- a/src/modules/client/api_errors.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/api_errors.py Wed Apr 06 18:06:57 2011 -0700
@@ -1888,7 +1888,74 @@
"'%(val)s'.") % {"cert": self.cert.get_subject(),
"use": self.use, "name":self.ext.get_name(),
"val":self.ext.get_value()}
-
+
+class PathlenTooShort(InappropriateCertificateUse):
+ """Exception used when a certificate in the chain of trust has been used
+ inappropriately. An example would be a certificate which was only
+ supposed to be used to sign code being used to sign other certificates.
+ """
+
+ def __init__(self, cert, actual_length, cert_length):
+ SigningException.__init__(self)
+ self.cert = cert
+ self.al = actual_length
+ self.cl = cert_length
+
+ def __str__(self):
+ return _("The certificate whose subject is %(cert)s could not "
+ "be verified because it has been used inappropriately. "
+ "There can only be %(cl)s certificates between this "
+ "certificate and the leaf certificate. There are %(al)s "
+ "certificates between this certificate and the leaf in "
+ "this chain.") % {
+ "cert": self.cert.get_subject(),
+ "al": self.al,
+ "cl": self.cl
+ }
+
+
+class AlmostIdentical(ApiException):
+ """Exception used when a package already has a signature action which is
+ nearly identical to the one being added but differs on some
+ attributes."""
+
+ def __init__(self, hsh, algorithm, version, pkg=None):
+ self.hsh = hsh
+ self.algorithm = algorithm
+ self.version = version
+ self.pkg = pkg
+
+ def __str__(self):
+ s = _("The signature to be added to the package has the same "
+ "hash (%(hash)s), algorithm (%(algorithm)s), and "
+ "version (%(version)s) as an existing signature, but "
+ "doesn't match the signature exactly. For this signature "
+ "to be added, the existing signature must be removed.") % {
+ "hash": self.hsh,
+ "algorithm": self.algorithm,
+ "version": self.version
+ }
+ if self.pkg:
+ s += _("The package being signed was %(pkg)s") % \
+ {"pkg": self.pkg}
+ return s
+
+
+class DuplicateSignaturesAlreadyExist(ApiException):
+ """Exception used when a package already has a signature action which is
+ nearly identical to the one being added but differs on some
+ attributes."""
+
+ def __init__(self, pfmri):
+ self.pfmri = pfmri
+
+ def __str__(self):
+ return _("%s could not be signed because it already has two "
+ "copies of this signature in it. One of those signature "
+ "actions must be removed before the package is given to "
+ "users.") % self.pfmri
+
+
class InvalidPropertyValue(ApiException):
"""Exception used when a property was set to an invalid value."""
--- a/src/modules/client/image.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/image.py Wed Apr 06 18:06:57 2011 -0700
@@ -1454,18 +1454,6 @@
try:
img_pub = self.cfg.publishers[pfx]
- # A blind merge of the signing certs
- # is required since which ones are
- # needed isn't known in advance.
- for attr in ("signing_ca_certs",
- "intermediate_certs"):
- ocerts = set(getattr(img_pub,
- attr))
- ncerts = getattr(
- alt_src_pubs[pfx], attr)
- setattr(img_pub, attr,
- list(ocerts.union(ncerts)))
-
if not img_pub.disabled:
# No override needed.
continue
@@ -1667,18 +1655,6 @@
# Nothing to do.
continue
- # Elide any certs that were not retrieved and that came
- # from temporary package sources.
- for hattr in ("signing_ca_certs", "intermediate_certs"):
- certs = set(getattr(ipub, hattr))
- tcerts = set(getattr(pub, hattr))
- for chash in (tcerts & certs):
- cpath = os.path.join(ipub.cert_root,
- chash)
- if not os.path.exists(cpath):
- certs.discard(chash)
- setattr(ipub, hattr, list(certs))
-
def set_alt_pkg_sources(self, alt_sources):
"""Specifies an alternate source of package metadata to be
temporarily merged with image state so that it can be used
@@ -1850,11 +1826,6 @@
pub.validate_config()
self.refresh_publishers(pubs=[pub],
progtrack=progtrack)
- # Check that all CA certs claimed by
- # this publisher validate against the
- # trust anchors for this image.
- self.signature_policy.check_cas(pub,
- self.trust_anchors)
except Exception, e:
# Remove the newly added publisher since
# it is invalid or the retrieval failed.
@@ -1877,7 +1848,7 @@
raise apx.MissingFileArgumentException(
ca)
raise apx._convert_error(e)
- pub.approve_ca_cert(s, manual=True)
+ pub.approve_ca_cert(s)
for hsh in revoked_cas:
pub.revoke_ca_cert(hsh)
@@ -1921,9 +1892,8 @@
# Only perform signature verification logic if there are
# signatures or if signature-policy is not 'ignore'.
try:
- sig_pol.check_cas(pub, self.trust_anchors)
sig_pol.process_signatures(sigs,
- manf.gen_actions(), pub)
+ manf.gen_actions(), pub, self.trust_anchors)
except apx.SigningException, e:
e.pfmri = fmri
yield e.sig, [e], [], []
--- a/src/modules/client/imageconfig.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/imageconfig.py Wed Apr 06 18:06:57 2011 -0700
@@ -493,9 +493,8 @@
pub = self.__publishers[prefix]
section = "authority_%s" % pub.prefix
- for prop in ("alias", "prefix", "signing_ca_certs",
- "approved_ca_certs", "revoked_ca_certs",
- "intermediate_certs", "disabled", "sticky"):
+ for prop in ("alias", "prefix", "approved_ca_certs",
+ "revoked_ca_certs", "disabled", "sticky"):
self.set_property(section, prop,
getattr(pub, prop))
@@ -719,8 +718,6 @@
pub = publisher.Publisher(prefix, alias=sec_idx["alias"],
client_uuid=sec_idx["uuid"], disabled=sec_idx["disabled"],
repositories=[r], sticky=sec_idx.get("sticky", True),
- ca_certs=sec_idx.get("signing_ca_certs", []),
- intermediate_certs=sec_idx.get("intermediate_certs", []),
props=props,
revoked_ca_certs=sec_idx.get("revoked_ca_certs", []),
approved_ca_certs=sec_idx.get("approved_ca_certs", []))
--- a/src/modules/client/pkgplan.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/pkgplan.py Wed Apr 06 18:06:57 2011 -0700
@@ -163,14 +163,10 @@
# there are signatures or if signature-policy
# is not 'ignore'.
- # Check that the publisher's CA certs validate
- # against the image's trust anchors.
- sig_pol.check_cas(dest_pub,
- self.image.trust_anchors)
try:
sig_pol.process_signatures(sigs,
self.__destination_mfst.gen_actions(),
- dest_pub)
+ dest_pub, self.image.trust_anchors)
self.__destination_mfst.exclude_content(
new_excludes)
except apx.SigningException, e:
@@ -281,6 +277,12 @@
if dest and dest.needsdata(src, self):
self.__xfersize += get_pkg_otw_size(dest)
self.__xferfiles += 1
+ if dest.name == "signature":
+ self.__xfersize += \
+ dest.get_action_chain_csize()
+ self.__xferfiles += \
+ len(dest.attrs.get("chain",
+ "").split())
return (self.__xferfiles, self.__xfersize)
--- a/src/modules/client/publisher.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/publisher.py Wed Apr 06 18:06:57 2011 -0700
@@ -96,7 +96,7 @@
# This dictionary records the recognized values of extensions.
SUPPORTED_EXTENSION_VALUES = {
- "basicConstraints": ("CA:TRUE", "CA:FALSE"),
+ "basicConstraints": ("CA:TRUE", "CA:FALSE", "PATHLEN:"),
"keyUsage": ("DIGITAL SIGNATURE", "CERTIFICATE SIGN", "CRL SIGN")
}
@@ -814,11 +814,6 @@
#
# The relevant implementation is probably the line which
# strips ][ from the input in imageconfig.read_list.
- if ca_certs:
- self.signing_ca_certs = ca_certs
- else:
- self.signing_ca_certs = []
-
if revoked_ca_certs:
self.revoked_ca_certs = revoked_ca_certs
else:
@@ -829,19 +824,11 @@
else:
self.approved_ca_certs = []
- if intermediate_certs:
- self.intermediate_certs = intermediate_certs
- else:
- self.intermediate_certs = []
-
if props:
self.properties.update(props)
self.ca_dict = None
- self.__verified_cas = False
- self.__bad_ca_certs = set()
-
# Must be done last.
self.__catalog = catalog
@@ -871,11 +858,10 @@
client_uuid=self.__client_uuid, disabled=self.__disabled,
meta_root=self.meta_root, repositories=repositories,
selected_repository=selected, transport=self.transport,
- sticky=self.__sticky, ca_certs=self.signing_ca_certs,
+ sticky=self.__sticky,
props=self.properties,
revoked_ca_certs=self.revoked_ca_certs,
- approved_ca_certs=self.approved_ca_certs,
- intermediate_certs=self.intermediate_certs)
+ approved_ca_certs=self.approved_ca_certs)
pub._source_object_id = id(self)
return pub
@@ -1703,46 +1689,25 @@
known=known, unknown=[self.prefix],
origins=self.selected_repository.origins)
- def approve_ca_cert(self, cert, manual=False, trust_anchors=None,
- img_policy=None):
+ def approve_ca_cert(self, cert, trust_anchors=None, img_policy=None):
"""Add the cert as a CA for manifest signing for this publisher.
The 'cert' parameter as a string of the certificate to add.
- The 'manual' parameter indicates whether this is a CA the user
- has explicitly added.
-
The 'trust_anchors' parameter is a dictionary which contains
the trust anchors to use to validate the certificate.
The 'img_policy' parameter is the signature policy for the
image."""
- assert manual or (trust_anchors and img_policy)
- # Verifying this one certificate shouldn't change whether
- # the publisher's CA certs have been verified.
- old_verification_value = self.__verified_cas
- # Mark that not all CA certs have been verified.
- self.__verified_cas = False
hsh = self.__add_cert(cert)
- self.signing_ca_certs.append(hsh)
- # If the user had previously removed this certificate, remove
+ # If the user had previously revoked this certificate, remove
# the certificate from that list.
- if manual and hsh in self.revoked_ca_certs:
+ if hsh in self.revoked_ca_certs:
t = set(self.revoked_ca_certs)
t.remove(hsh)
self.revoked_ca_certs = list(t)
- self.__bad_ca_certs.discard(hsh)
- # If the user indicated that this cert should be approved, add
- # it to the approved list.
- if manual:
- self.approved_ca_certs.append(hsh)
- else:
- # If the user did not add this certificate manually,
- # then ensure that it validates against the image's
- # trust anchors.
- self.__verify_ca_cert(cert, trust_anchors, img_policy)
- self.__verified_cas = old_verification_value
+ self.approved_ca_certs.append(hsh)
def revoke_ca_cert(self, s):
"""Record that the cert with hash 's' is no longer trusted
@@ -1770,14 +1735,16 @@
t.remove(s)
self.revoked_ca_certs = list(t)
+ @staticmethod
+ def __hash_cert(s):
+ return hashlib.sha1(s).hexdigest()
+
def __add_cert(self, s):
"""Add the certificate stored as a string in 's' to the
certificates this publisher knows about."""
self.create_meta_root()
- pkg_hash = hashlib.sha1()
- pkg_hash.update(s)
- pkg_hash = pkg_hash.hexdigest()
+ pkg_hash = self.__hash_cert(s)
pkg_hash_pth = os.path.join(self.cert_root, pkg_hash)
try:
with open(pkg_hash_pth, "wb") as fh:
@@ -1875,30 +1842,19 @@
"""Return a dictionary of the CA certificates for this
publisher."""
- # The CA certs must be verified before this method is called.
- assert self.__verified_cas
if self.ca_dict is not None:
return self.ca_dict
self.ca_dict = {}
# CA certs approved for this publisher are stored by hash to
# prevent the later substitution or confusion over what certs
# have or have not been approved.
- for h in (set(self.signing_ca_certs) -
- set(self.__bad_ca_certs)) | set(self.approved_ca_certs):
+ for h in set(self.approved_ca_certs):
c = self.get_cert_by_hash(h, verify_hash=True)
s = c.get_subject().as_hash()
self.ca_dict.setdefault(s, [])
self.ca_dict[s].append(c)
return self.ca_dict
- def get_intermediate_certs(self):
- """Retrieve the intermediate certificates the publisher deemed
- were necessary to validate its CA certificates against the
- image's trust anchors."""
-
- for c in self.intermediate_certs:
- self.get_cert_by_hash(c, verify_hash=True)
-
def update_props(self, set_props=EmptyI, add_prop_values=EmptyDict,
remove_prop_values=EmptyDict, unset_props=EmptyI):
"""Update the properties set for this publisher with the ones
@@ -1946,29 +1902,6 @@
self.__delay_validation = False
self.__validate_properties()
- def verify_ca_certs(self, trust_anchors):
- """Verify the CA certs for this publisher against the image's
- trust anchors."""
-
- self.__bad_ca_certs = set(self.revoked_ca_certs)
-
- self.get_intermediate_certs()
- # The set of potential CA certs is all those certs the publisher
- # declared minus the ones the user has explictly removed.
- for c in set(self.signing_ca_certs) - \
- set(self.revoked_ca_certs):
- cert = self.get_cert_by_hash(c, verify_hash=True)
- try:
- self.verify_chain(cert, trust_anchors,
- usages=CERT_SIGNING_USE)
- except api_errors.CertificateException:
- # If the cert couldn't be verified, add it to
- # the certs to ignore for this operation but
- # don't treat it as if the user had declared
- # the cert untrustworthy.
- self.__bad_ca_certs.add(c)
- self.__verified_cas = True
-
def __validate_properties(self):
"""Check that the properties set for this publisher are
consistent with each other."""
@@ -2099,7 +2032,7 @@
# raises will take the code to the
# except below.
self.__check_extensions(t,
- CRL_SIGNING_USE)
+ CRL_SIGNING_USE, 0)
verified_crl = True
except api_errors.SigningException:
pass
@@ -2108,8 +2041,8 @@
for c in crl_cas:
if crl.verify(c.get_pubkey()):
try:
- self.verify_chain(c, ca_dict,
- usages=CRL_SIGNING_USE)
+ self.verify_chain(c, ca_dict, 0,
+ usages=CRL_SIGNING_USE,)
except api_errors.SigningException:
pass
else:
@@ -2123,10 +2056,37 @@
if rev:
raise api_errors.RevokedCertificate(cert, rev[1])
- def __check_extensions(self, cert, usages):
+ def __check_revocation(self, cert, ca_dict):
+ txt = cert.as_text() + cert.as_pem()
+ hsh = self.__hash_cert(txt)
+ if hsh in self.revoked_ca_certs:
+ raise api_errors.RevokedCertificate(cert,
+ "User manually revoked certificate.")
+ self.__check_crls(cert, ca_dict)
+
+ def __check_extensions(self, cert, usages, cur_pathlen):
"""Check whether the critical extensions in this certificate
are supported and allow the provided use(s)."""
+ def check_values(vs):
+ for v in vs:
+ if v in supported_vs:
+ continue
+ if v.startswith("PATHLEN:") and \
+ "PATHLEN:" in supported_vs:
+ try:
+ cert_pathlen = int(v[len("PATHLEN:"):])
+ except ValueError, e:
+ raise api_errors.UnsupportedExtensionValue(cert, ext, v)
+ if cur_pathlen > cert_pathlen:
+ raise api_errors.PathlenTooShort(cert, cur_pathlen, cert_pathlen)
+ continue
+ if len(vs) < 2:
+ raise api_errors.UnsupportedExtensionValue(cert, ext)
+ else:
+ raise api_errors.UnsupportedExtensionValue(cert, ext, v)
+
+
for i in range(0, cert.get_ext_count()):
ext = cert.get_ext_at(i)
name = ext.get_name()
@@ -2138,12 +2098,7 @@
vs = [s.strip() for s in v.split(",")]
# Check whether the values for the extension are
# recognized.
- for v in vs:
- if v not in supported_vs:
- if len(vs) < 2:
- raise api_errors.UnsupportedExtensionValue(cert, ext)
- else:
- raise api_errors.UnsupportedExtensionValue(cert, ext, v)
+ check_values(vs)
uses = usages.get(name, [])
if isinstance(uses, basestring):
uses = [uses]
@@ -2159,13 +2114,17 @@
raise api_errors.UnsupportedCriticalExtension(
cert, ext)
- def verify_chain(self, cert, ca_dict, required_names=None, usages=None):
+ def verify_chain(self, cert, ca_dict, cur_pathlen, required_names=None,
+ usages=None):
"""Validates the certificate against the given trust anchors.
The 'cert' parameter is the certificate to validate.
- The 'ca_dict' is a dictionary which maps subject hashes to
- certs treated as trust anchors.
+ The 'ca_dict' parameter is a dictionary which maps subject
+ hashes to certs treated as trust anchors.
+
+ The 'cur_pathlen' parameter is an integer indicating how many
+ certificates have been found between cert and the leaf cert.
The 'required_names' parameter is a set of strings that must
be seen as a CN in the chain of trust for the certificate."""
@@ -2176,6 +2135,13 @@
continue_loop = True
certs_with_problems = []
+ ca_dict = copy.copy(ca_dict)
+ for k, v in self.get_ca_certs().iteritems():
+ if k in ca_dict:
+ ca_dict[k].extend(v)
+ else:
+ ca_dict[k] = v
+
def merge_dicts(d1, d2):
"""Function for merging usage dictionaries."""
res = copy.deepcopy(d1)
@@ -2186,20 +2152,7 @@
res[k] = d2[k]
return res
- if not usages:
- usages = {}
- for u in POSSIBLE_USES:
- usages = merge_dicts(usages, u)
-
- # Check whether we can validate this certificate.
- self.__check_extensions(cert, usages)
-
- # Check whether this certificate has been revoked.
- self.__check_crls(cert, ca_dict)
-
- while continue_loop:
- # If this certificate's CN is in the set of required
- # names, remove it.
+ def discard_names(cert, required_names):
for cert_cn in [
str(c.get_data())
for c
@@ -2208,6 +2161,22 @@
]:
required_names.discard(cert_cn)
+ if not usages:
+ usages = {}
+ for u in POSSIBLE_USES:
+ usages = merge_dicts(usages, u)
+
+ # Check whether we can validate this certificate.
+ self.__check_extensions(cert, usages, cur_pathlen)
+
+ # Check whether this certificate has been revoked.
+ self.__check_revocation(cert, ca_dict)
+
+ while continue_loop:
+ # If this certificate's CN is in the set of required
+ # names, remove it.
+ discard_names(cert, required_names)
+
# Find the certificate that issued this certificate.
issuer = cert.get_issuer()
issuer_hash = issuer.as_hash()
@@ -2217,6 +2186,9 @@
for c in ca_dict.get(issuer_hash, []):
if cert.verify(c.get_pubkey()):
verified = True
+ # Remove any required names found in the
+ # trust anchor.
+ discard_names(c, required_names)
# If there are more names to check for
# continue up the chain of trust to look
# for them.
@@ -2262,20 +2234,25 @@
# don't understand.
try:
self.__check_extensions(
- c, CERT_SIGNING_USE)
- self.__check_crls(c,
+ c, CERT_SIGNING_USE,
+ cur_pathlen)
+ self.__check_revocation(c,
ca_dict)
except (api_errors.UnsupportedCriticalExtension, api_errors.RevokedCertificate), e:
certs_with_problems.append(e)
problem = True
# If this certificate has no
# problems with it, it's the
- # next link in the chain so
- # make it the current
- # certificate.
+ # next link in the chain so make
+ # it the current certificate and
+ # add one to cur_pathlen since
+ # there's one more chain cert
+ # between the code signing cert
+ # and the root of the chain.
if not problem:
up_chain = True
cert = c
+ cur_pathlen += 1
break
# If there's not another link in the chain to be
# found, stop the iteration.
--- a/src/modules/client/sigpolicy.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/sigpolicy.py Wed Apr 06 18:06:57 2011 -0700
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2011, Oracle and/or its affiliates. All rights reserved.
#
import pkg.client.api_errors as apx
@@ -43,20 +43,15 @@
# for the factory below.
object.__init__(self)
- def process_signatures(self, sigs, acts, pub):
+ def process_signatures(self, sigs, acts, pub, trust_anchors):
"""Check that the signatures ("sigs") verify against the actions
("acts") using the publisher ("pub") as the repository for
- certificates.
+ certificates and "trust_anchors" as the dictionary of trust
+ anchors.
Not implemented in the base class."""
raise NotImplementedError()
- def check_cas(self, pub, trust_anchors):
- """Almost all policies want to verify the publishers CA certs
- when given the chance to check them."""
-
- pub.verify_ca_certs(trust_anchors)
-
def __cmp__(self, other):
return cmp(self.strictness, other.strictness)
@@ -93,20 +88,13 @@
strictness = 1
name = "ignore"
- def process_signatures(self, sigs, acts, pub):
+ def process_signatures(self, sigs, acts, pub, trust_anchors):
"""Since this policy ignores signatures, only download the
certificates that might be needed so that they're present if
the policy changes later."""
for s in sigs:
- s.get_chain_certs(pub)
-
- def check_cas(self, pub, trust_anchors):
- """Since this policy ignores signatures, only download the
- certificates that might be needed so that they're present if
- the policy changes later."""
-
- pub.get_intermediate_certs()
+ s.retrieve_chain_certs(pub)
Policy._policies[Ignore.name] = Ignore
@@ -118,13 +106,13 @@
strictness = 2
name = "verify"
- def process_signatures(self, sigs, acts, pub):
+ def process_signatures(self, sigs, acts, pub, trust_anchors):
"""Check that all signatures present are valid signatures."""
# Ensure that acts can be iterated over repeatedly.
acts = list(acts)
for s in sigs:
- s.verify_sig(acts, pub)
+ s.verify_sig(acts, pub, trust_anchors)
Policy._policies[Verify.name] = Verify
@@ -135,7 +123,7 @@
strictness = 3
name = "require-signatures"
- def process_signatures(self, sigs, acts, pub):
+ def process_signatures(self, sigs, acts, pub, trust_anchors):
"""Check that all signatures present are valid signatures and
at least one signature action which has been signed with a
private key is present."""
@@ -144,7 +132,8 @@
acts = list(acts)
verified = False
for s in sigs:
- verified |= bool(s.verify_sig(acts, pub)) and \
+ verified |= \
+ bool(s.verify_sig(acts, pub, trust_anchors)) and \
s.is_signed()
if not verified:
raise apx.RequiredSignaturePolicyException(pub)
@@ -167,13 +156,13 @@
req_names = [req_names]
self.required_names = frozenset(req_names)
- def process_signatures(self, sigs, acts, pub):
+ def process_signatures(self, sigs, acts, pub, trust_anchors):
acts = list(acts)
missing_names = set(self.required_names)
verified = False
for s in sigs:
verified |= bool(s.verify_sig(
- acts, pub, missing_names)) and \
+ acts, pub, trust_anchors, missing_names)) and \
s.is_signed()
if missing_names:
raise apx.MissingRequiredNamesException(pub,
--- a/src/modules/client/transport/transport.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/client/transport/transport.py Wed Apr 06 18:06:57 2011 -0700
@@ -2172,6 +2172,17 @@
remove the file and raise an InvalidContentException."""
chash = action.attrs.get("chash", None)
+ if action.name == "signature":
+ name = os.path.basename(filepath)
+ found = False
+ assert len(action.get_chain_certs()) == \
+ len(action.get_chain_certs_chashes())
+ for n, c in zip(action.get_chain_certs(),
+ action.get_chain_certs_chashes()):
+ if name == n:
+ found = True
+ chash = c
+ break
path = action.attrs.get("path", None)
if not chash:
# Compressed hash doesn't exist. Decompress and
@@ -2699,12 +2710,23 @@
action.data = self._make_opener(cpath)
if self._progtrack:
filesz = int(misc.get_pkg_otw_size(action))
- self._progtrack.download_add_progress(1, filesz)
+ file_cnt = 1
+ if action.name == "signature":
+ filesz += \
+ action.get_action_chain_csize()
+ file_cnt += \
+ len(action.attrs.get("chain",
+ "").split())
+ self._progtrack.download_add_progress(file_cnt,
+ filesz)
return
hashval = action.hash
self.add_hash(hashval, action)
+ if action.name == "signature":
+ for c in action.get_chain_certs():
+ self.add_hash(c, action)
def add_hash(self, hashval, item):
"""Add 'item' to list of values that exist for
@@ -2731,13 +2753,17 @@
action's data method."""
totalsz = 0
- nactions = 0
+ nfiles = 0
filesz = os.stat(cache_path).st_size
for action in self._hash[hashval]:
- action.data = self._make_opener(cache_path)
- nactions += 1
- totalsz += misc.get_pkg_otw_size(action)
+ nfiles += 1
+ bn = os.path.basename(cache_path)
+ if action.name != "signature" or action.hash == bn:
+ action.data = self._make_opener(cache_path)
+ totalsz += misc.get_pkg_otw_size(action)
+ else:
+ totalsz += action.get_chain_csize(bn)
# The progress tracker accounts for the sizes of all actions
# even if we only have to perform one download to satisfy
@@ -2751,7 +2777,7 @@
# have received.
nbytes = int(totalsz - filesz)
if self._progtrack:
- self._progtrack.download_add_progress((nactions - 1),
+ self._progtrack.download_add_progress((nfiles - 1),
nbytes)
def subtract_progress(self, size):
@@ -2812,6 +2838,9 @@
return
self.add_hash(hashval, action)
+ if action.name == "signature":
+ for c in action.get_chain_certs():
+ self.add_hash(c, action)
def file_done(self, hashval, current_path):
"""Tell MFile that the transfer completed successfully."""
--- a/src/modules/lint/engine.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/lint/engine.py Wed Apr 06 18:06:57 2011 -0700
@@ -39,7 +39,7 @@
import sys
PKG_CLIENT_NAME = "pkglint"
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
pkg.client.global_settings.client_name = PKG_CLIENT_NAME
class LintEngineException(Exception):
--- a/src/modules/manifest.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/manifest.py Wed Apr 06 18:06:57 2011 -0700
@@ -680,8 +680,7 @@
size = 0
for a in self.gen_actions(excludes):
- size += int(a.attrs.get("pkg.size", "0"))
-
+ size += a.get_size()
return size
def __getitem__(self, key):
--- a/src/modules/p5i.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/p5i.py Wed Apr 06 18:06:57 2011 -0700
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
#
import os
@@ -103,15 +103,11 @@
for p in plist:
alias = p.get("alias", None)
prefix = p.get("name", None)
- signing_ca_certs = p.get("signing_ca_certs", [])
- intermediate_certs = p.get("intermediate_certs", [])
if not prefix:
prefix = "Unknown"
- pub = publisher.Publisher(prefix, alias=alias,
- ca_certs=signing_ca_certs,
- intermediate_certs=intermediate_certs)
+ pub = publisher.Publisher(prefix, alias=alias)
pkglist = p.get("packages", [])
result.append((pub, pkglist))
@@ -184,8 +180,6 @@
dpub = {
"alias": p.alias,
"name": p.prefix,
- "signing_ca_certs": p.signing_ca_certs,
- "intermediate_certs": p.intermediate_certs,
"packages": [],
"repositories": []
}
--- a/src/modules/p5p.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/p5p.py Wed Apr 06 18:06:57 2011 -0700
@@ -672,9 +672,6 @@
pfmri.publisher)
assert pub
- payloads.update(pub.signing_ca_certs)
- payloads.update(pub.intermediate_certs)
-
if not payloads:
# Nothing more to do.
continue
@@ -687,9 +684,6 @@
The archive will be created and the package added to it when
the close() method is called. The package contents must not
change after this method is called while the archive is open.
- Please note that, for signed packages, signing certificates
- used by the publisher are not automatically added to the
- archive.
'pfmri' is the FMRI string or object identifying the package to
add.
@@ -706,41 +700,6 @@
assert pfmri.publisher
self.__add_package(pfmri, mpath, fpath=fpath)
- def add_signing_certs(self, pub, hashes, ca):
- """Queues the specified publisher certs for addition to the
- archive. The archive will be created and the certs added to it
- when the close() method is called. The cert contents must not
- change after this method is called while the archive is open.
-
- 'pub' is the prefix of the publisher to store the package
- files for.
-
- 'hashes' is the list of certificate hash files to store.
- (The certificate files must be in the same compressed format
- that the Repository class stores them in.)
-
- 'ca' is a boolean indicating whether the certs are added as
- as CA certificates or intermediate certificates.
- """
-
- root = os.path.dirname(self.__arc_name)
- pub_dir = os.path.join("publisher", pub)
- file_dir = os.path.join(pub_dir, "file")
-
- pubobj = self.__pubs.get(pub, None)
- if not pubobj:
- self.__pubs[pub] = pubobj = \
- pkg.client.publisher.Publisher(pub)
-
- for fname in hashes:
- hsh = os.path.basename(fname)
- self.__add_publisher_files(root, file_dir, [hsh],
- fpath=os.path.dirname(fname))
- if ca:
- pubobj.signing_ca_certs.append(hsh)
- else:
- pubobj.intermediate_certs.append(hsh)
-
def add_repo_package(self, pfmri, repo):
"""Queues the specified package in a repository for addition to
the archive. The archive will be created and the package added
@@ -1224,14 +1183,12 @@
# If any publisher objects were cached, then there were
# signed packages present, and p5i information for each
- # must be added to the archive so that the client can
- # handle signing ca and intermediate certs.
+ # must be added to the archive.
for pub in self.__pubs.values():
# A new publisher object is created with a copy of only
# the information that's needed for the archive.
npub = pkg.client.publisher.Publisher(pub.prefix,
- alias=pub.alias, ca_certs=pub.signing_ca_certs,
- intermediate_certs=pub.intermediate_certs,
+ alias=pub.alias,
revoked_ca_certs=pub.revoked_ca_certs,
approved_ca_certs=pub.approved_ca_certs)
--- a/src/modules/server/repository.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/modules/server/repository.py Wed Apr 06 18:06:57 2011 -0700
@@ -2136,10 +2136,6 @@
assert self.version < 4
alias = self.cfg.get_property("publisher", "alias")
- icas = self.cfg.get_property("publisher",
- "intermediate_certs")
- scas = self.cfg.get_property("publisher",
- "signing_ca_certs")
rargs = {}
for prop in ("collection_type", "description",
@@ -2151,7 +2147,7 @@
repo = publisher.Repository(**rargs)
return publisher.Publisher(pub, alias=alias,
- repositories=[repo], ca_certs=scas, intermediate_certs=icas)
+ repositories=[repo])
def get_publishers(self):
"""Return publisher objects for all publishers known by the
@@ -2359,63 +2355,6 @@
rstore = self.get_trans_rstore(trans_id)
return rstore.add_file(trans_id, data=data, size=size)
- def add_signing_certs(self, cert_paths, ca, pub=None):
- """Add the certificates stored in the given paths to the
- files in the repository and as properties of the publisher.
- Whether the certificates are added as CA certificates or
- intermediate certificates is determined by the 'ca' parameter.
- """
-
- rstore = self.get_pub_rstore(pub)
-
- hshs = []
- for p in cert_paths:
- try:
- # Get the hash of the cert file and then add it.
- hsh, s = misc.get_data_digest(p,
- return_content=True)
-
- # The cert must be compressed first before
- # adding it to the repository. The temporary
- # file created to do this is moved into place
- # by the insert.
- fd, pth = tempfile.mkstemp()
- os.fchmod(fd, misc.PKG_FILE_MODE)
- gfh = PkgGzipFile(filename=pth, mode="wb")
- gfh.write(s)
- gfh.close()
- rstore.cache_store.insert(hsh, pth)
- hshs.append(hsh)
- except EnvironmentError, e:
- if e.errno == errno.EACCES:
- raise apx.PermissionsException(
- e.filename)
- if e.errno == errno.ENOENT:
- raise RepositoryNoSuchFileError(
- e.filename)
- raise
-
- prop_name = "intermediate_certs"
- if ca:
- prop_name = "signing_ca_certs"
-
- if self.version < 4:
- # For older repositories, the information is stored
- # in the repository configuration.
- t = set(self.cfg.get_property("publisher", prop_name))
- t.update(hshs)
- self.cfg.set_property("publisher", prop_name, sorted(t))
- self.write_config()
- return
-
- # For newer repositories, the certs are stored as part of the
- # publisher's metadata.
- pub_obj = rstore.get_publisher()
- t = set(getattr(pub_obj, prop_name))
- t.update(hshs)
- setattr(pub_obj, prop_name, sorted(t))
- rstore.update_publisher(pub_obj)
-
def rebuild(self, build_catalog=True, build_index=False, pub=None):
"""Rebuilds the repository catalog and search indexes using the
package manifests currently in the repository.
@@ -2443,35 +2382,6 @@
self.__init_state()
self.__unlock_repository()
- def remove_signing_certs(self, hshs, ca, pub=None):
- """Remove the given hashes from the certificates configured
- for the publisher. Whether the hashes are removed from the
- list of CA certificates or the list of intermediate certificates
- is determined by the 'ca' parameter. """
-
- rstore = self.get_pub_rstore(pub)
-
- prop_name = "intermediate_certs"
- if ca:
- prop_name = "signing_ca_certs"
-
- if self.version < 4:
- # For older repositories, the information is stored
- # in the repository configuration.
- t = set(self.cfg.get_property("publisher", prop_name))
- t.difference_update(hshs)
- self.cfg.set_property("publisher", prop_name, sorted(t))
- self.write_config()
- return
-
- # For newer repositories, the certs are stored as part of the
- # publisher's metadata.
- pub_obj = rstore.get_publisher()
- t = set(getattr(pub_obj, prop_name))
- t.difference_update(hshs)
- setattr(pub_obj, prop_name, sorted(t))
- rstore.update_publisher(pub_obj)
-
def replace_package(self, pfmri):
"""Replaces the information for the specified FMRI in the
repository's catalog."""
@@ -2627,8 +2537,6 @@
cfg.PropertySection("publisher", [
cfg.PropPublisher("alias"),
cfg.PropPublisher("prefix"),
- cfg.PropList("signing_ca_certs"),
- cfg.PropList("intermediate_certs"),
]),
cfg.PropertySection("repository", [
cfg.PropDefined("collection_type", ["core",
--- a/src/pkgdep.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/pkgdep.py Wed Apr 06 18:06:57 2011 -0700
@@ -41,7 +41,7 @@
import pkg.publish.dependencies as dependencies
from pkg.misc import msg, emsg, PipeError
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
PKG_CLIENT_NAME = "pkgdepend"
DEFAULT_SUFFIX = ".res"
--- a/src/pkgrepo.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/pkgrepo.py Wed Apr 06 18:06:57 2011 -0700
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2010 Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2011 Oracle and/or its affiliates. All rights reserved.
#
PKG_CLIENT_NAME = "pkgrepo"
@@ -118,12 +118,6 @@
pkgrepo add-publisher [-s repo_uri_or_path] publisher ...
- pkgrepo add-signing-ca-cert [-p publisher ...]
- [-s repo_uri_or_path] path ...
-
- pkgrepo add-signing-intermediate-cert [-p publisher ...]
- [-s repo_uri_or_path] path ...
-
pkgrepo get [-F format] [-p publisher ...] [-s repo_uri_or_path]
[section/property ...]
@@ -136,12 +130,6 @@
pkgrepo refresh [-p publisher ...] [-s repo_uri_or_path]
[--no-catalog] [--no-index]
- pkgrepo remove-signing-ca-cert [-p publisher ...]
- [-s repo_uri_or_path] hash ...
-
- pkgrepo remove-signing-intermediate-cert [-p publisher ...]
- [-s repo_uri_or_path] hash ...
-
pkgrepo set [-p publisher ...] [-s repo_uri_or_path]
section/property[+|-]=[value] ... or
section/property[+|-]=([value]) ...
@@ -170,162 +158,6 @@
return publisher.RepositoryURI(misc.parse_uri(uri))
-def _add_certs(conf, subcommand, args, ca):
- opts, pargs = getopt.getopt(args, "p:s:")
- pubs = set()
-
- for opt, arg in opts:
- if opt == "-p":
- pubs.add(arg)
- elif opt == "-s":
- conf["repo_uri"] = parse_uri(arg)
-
- # Get repository object.
- if not conf.get("repo_uri", None):
- usage(_("A package repository location must be provided "
- "using -s."), cmd=subcommand)
-
- repo = get_repo(conf, read_only=False, subcommand=subcommand)
-
- if len(pargs) < 1:
- usage(_("At least one path to a certificate must be provided."))
-
- failed = []
- def add_certs(pfx=None):
- if orig_cwd:
- certs = [os.path.join(orig_cwd, f) for f in pargs]
- else:
- certs = [os.path.abspath(f) for f in pargs]
-
- try:
- repo.add_signing_certs(certs, ca=ca, pub=pfx)
- except (apx.ApiException, sr.RepositoryError), e:
- failed.append((pfx, e))
-
- if "all" in pubs:
- # Default to list of all publishers.
- pubs = repo.publishers
-
- if not pubs:
- # Assume default publisher or older repository.
- add_certs()
- else:
- # Add for each publisher specified.
- map(add_certs, pubs)
-
- return pubs, failed
-
-
-def subcmd_add_signing_ca_cert(conf, args):
- """Add the provided signing ca certificates to the repository for
- the given publisher."""
-
- subcommand = "add-signing-ca-cert"
- pubs, failed = _add_certs(conf, subcommand, args, True)
- if failed:
- for pfx, details in failed:
- error(_("Unable to add signing ca certificates for "
- "publisher '%(pfx)s':\n%(details)s") % locals(),
- cmd=subcommand)
- if len(failed) < len(pubs):
- return EXIT_PARTIAL
- return EXIT_OOPS
- return EXIT_OK
-
-
-def subcmd_add_signing_intermediate_cert(conf, args):
- subcommand = "add-signing-intermediate-cert"
- pubs, failed = _add_certs(conf, subcommand, args, True)
- if failed:
- for pfx, details in failed:
- if pfx:
- error(_("Unable to add signing intermediate "
- "certificates for publisher '%(pfx)s':\n"
- "%(details)s") % locals(), cmd=subcommand)
- else:
- error(_("Unable to add signing intermediate "
- "certificates:\n%(details)s") % locals(),
- cmd=subcommand)
- if len(failed) < len(pubs):
- return EXIT_PARTIAL
- return EXIT_OOPS
- return EXIT_OK
-
-
-def _remove_certs(conf, subcommand, args, ca):
- opts, pargs = getopt.getopt(args, "p:s:")
- pubs = set()
-
- for opt, arg in opts:
- if opt == "-p":
- pubs.add(arg)
- elif opt == "-s":
- conf["repo_uri"] = parse_uri(arg)
-
- # Get repository object.
- if not conf.get("repo_uri", None):
- usage(_("A package repository location must be provided "
- "using -s."), cmd=subcommand)
-
- repo = get_repo(conf, read_only=False, subcommand=subcommand)
-
- if len(pargs) < 1:
- usage(_("At least one certificate hash must be provided."))
-
- failed = []
- def remove_certs(pfx=None):
- try:
- repo.remove_signing_certs(pargs, ca=True, pub=pfx)
- except (apx.ApiException, sr.RepositoryError), e:
- failed.append((pfx, e))
-
- if "all" in pubs:
- # Default to list of all publishers.
- pubs = repo.publishers
-
- if not pubs:
- # Assume default publisher or older repository.
- remove_certs()
- else:
- # Add for each publisher specified.
- map(remove_certs, pubs)
-
- return pubs, failed
-
-
-def subcmd_remove_signing_ca_cert(conf, args):
- subcommand = "remove-signing-ca-cert"
- pubs, failed = _remove_certs(conf, subcommand, args, True)
- if failed:
- for pfx, details in failed:
- error(_("Unable to remove signing ca certificates for "
- "publisher '%(pfx)s':\n%(details)s") % locals(),
- cmd=subcommand)
- if len(failed) < len(pubs):
- return EXIT_PARTIAL
- return EXIT_OOPS
- return EXIT_OK
-
-
-def subcmd_remove_signing_intermediate_cert(conf, args):
- subcommand = "remove-signing-intermediate-cert"
- pubs, failed = _remove_certs(conf, subcommand, args, True)
- if failed:
- for pfx, details in failed:
- if pfx:
- error(_("Unable to remove signing intermediate "
- "certificates for publisher '%(pfx)s':\n"
- "%(details)s") % locals(), cmd=subcommand)
- else:
- error(_("Unable to remove signing intermediate "
- "certificates:\n%(details)s") % locals(),
- cmd=subcommand)
- if len(failed) < len(pubs):
- return EXIT_PARTIAL
- return EXIT_OOPS
- return EXIT_OK
-
-
def print_col_listing(desired_field_order, field_data, field_values, out_format,
def_fmt, omit_headers):
"""Print a columnar listing defined by provided values."""
--- a/src/pull.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/pull.py Wed Apr 06 18:06:57 2011 -0700
@@ -283,7 +283,7 @@
sendb = 0
sendcb = 0
- for atype in ("file", "license"):
+ for atype in ("file", "license", "signature"):
for a in mfst.gen_actions_by_type(atype):
if a.needsdata(None, None):
multi.add_action(a)
@@ -604,7 +604,7 @@
pkgdir = xport_cfg.get_pkg_dir(f)
mfile = xport.multi_file_ni(src_pub, pkgdir,
progtrack=tracker)
-
+
getb, getf, arcb, arccb = add_hashes_to_multi(m, mfile)
get_bytes += getb
get_files += getf
@@ -905,6 +905,11 @@
a.data = lambda: open(fname,
"rb")
t.add(a)
+ if a.name == "signature":
+ for f in a.get_chain_certs():
+ fname = os.path.join(
+ pkgdir, f)
+ t.add_file(fname)
# Always defer catalog update.
t.close(add_to_catalog=False)
except trans.TransactionError, e:
--- a/src/sign.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/sign.py Wed Apr 06 18:06:57 2011 -0700
@@ -32,14 +32,11 @@
import sys
import tempfile
import traceback
-import urllib
-import urlparse
import pkg
import pkg.actions as actions
import pkg.client.api_errors as api_errors
import pkg.client.transport.transport as transport
-import pkg.config as cfg
import pkg.fmri as fmri
import pkg.manifest as manifest
import pkg.misc as misc
@@ -92,10 +89,6 @@
def fetch_catalog(src_pub, xport, temp_root, list_packages=False):
"""Fetch the catalog from src_uri."""
- global complete_catalog
-
- src_uri = src_pub.selected_repository.origins[0].uri
- # tracker.catalog_start(src_uri)
if not src_pub.meta_root:
# Create a temporary directory for catalog.
@@ -118,7 +111,6 @@
for k in d.keys():
d[k].sort(reverse=True)
- complete_catalog = d
return fmri_list
def main_func():
@@ -220,6 +212,7 @@
cache_dir = tempfile.mkdtemp(dir=temp_root)
incoming_dir = tempfile.mkdtemp(dir=temp_root)
+ chash_dir = tempfile.mkdtemp(dir=temp_root)
try:
xport, xport_cfg = transport.setup_transport()
@@ -260,21 +253,55 @@
# Set the signature value and certificate
# information for the signature action.
a.set_signature(m.gen_actions(),
- key_path=key_path, chain_paths=chain_certs)
+ key_path=key_path, chain_paths=chain_certs,
+ chash_dir=chash_dir)
+
+ # The hash of 'a' is currently a path, we need
+ # to find the hash of that file to allow
+ # comparison to existing signatures.
+ hsh = None
+ if cert_path:
+ hsh, _dummy = \
+ misc.get_data_digest(cert_path)
+
+ # Check whether the signature about to be added
+ # is identical, or almost identical, to existing
+ # signatures on the package. Because 'a' has
+ # already been added to the manifest, it is
+ # generated by gen_actions_by_type, so the cnt
+ # must be 2 or higher to be an issue.
+ cnt = 0
+ almost_identical = False
+ for a2 in m.gen_actions_by_type("signature"):
+ try:
+ if a.identical(a2, hsh):
+ cnt += 1
+ except api_errors.AlmostIdentical, e:
+ e.pkg = pfmri
+ errors.append(e)
+ almost_identical = True
+ if almost_identical:
+ continue
+ if cnt == 2:
+ continue
+ elif cnt > 2:
+ raise api_errors.DuplicateSignaturesAlreadyExist(pfmri)
+ assert cnt == 1, "Cnt was:%s" % cnt
# Append the finished signature action to the
# published manifest.
t = trans.Transaction(repo_uri,
pkg_name=str(pfmri), xport=xport,
pub=src_pub)
- t.append()
try:
+ t.append()
t.add(a)
for c in chain_certs:
t.add_file(c)
t.close(add_to_catalog=add_to_catalog)
except:
- t.close(abandon=True)
+ if t.trans_id:
+ t.close(abandon=True)
raise
msg(_("Signed %s") % pfmri)
successful_publish = True
--- a/src/tests/api/t_api.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/api/t_api.py Wed Apr 06 18:06:57 2011 -0700
@@ -41,7 +41,7 @@
import time
import unittest
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
PKG_CLIENT_NAME = "pkg"
class TestPkgApi(pkg5unittest.SingleDepotTestCase):
@@ -115,7 +115,6 @@
"publishers": [
{
"alias": "cat",
- "intermediate_certs": [],
"name": "bobcat",
"packages": [
"pkg:/[email protected],5.11-0"
@@ -136,8 +135,7 @@
"registration_uri": "",
"related_uris": []
}
- ],
- "signing_ca_certs": []
+ ]
}
],
"version": 1
--- a/src/tests/api/t_api_list.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/api/t_api_list.py Wed Apr 06 18:06:57 2011 -0700
@@ -44,7 +44,7 @@
import pkg.misc as misc
import pkg.version as version
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
PKG_CLIENT_NAME = "pkg"
class TestApiList(pkg5unittest.ManyDepotTestCase):
--- a/src/tests/api/t_p5i.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/api/t_p5i.py Wed Apr 06 18:06:57 2011 -0700
@@ -21,7 +21,7 @@
#
#
-# Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
#
import testutils
@@ -60,7 +60,6 @@
"publishers": [
{
"alias": "cat",
- "intermediate_certs": [],
"name": "bobcat",
"packages": [
"pkg:/[email protected],5.11-0"
@@ -81,8 +80,7 @@
"registration_uri": "",
"related_uris": []
}
- ],
- "signing_ca_certs": []
+ ]
}
],
"version": 1
@@ -226,11 +224,9 @@
"publishers": [
{
"alias": "cat",
- "intermediate_certs": [],
"name": "bobcat",
"packages": [],
- "repositories": [],
- "signing_ca_certs": []
+ "repositories": []
}
],
"version": 1
@@ -259,7 +255,6 @@
"publishers": [
{
"alias": "cat",
- "intermediate_certs": [],
"name": "bobcat",
"packages": [],
"repositories": [
@@ -276,8 +271,7 @@
"registration_uri": "",
"related_uris": []
}
- ],
- "signing_ca_certs": []
+ ]
}
],
"version": 1
--- a/src/tests/api/t_p5p.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/api/t_p5p.py Wed Apr 06 18:06:57 2011 -0700
@@ -119,10 +119,6 @@
"code_signing_certs")
self.chain_certs_dir = os.path.join(self.path_to_certs,
"chain_certs")
- self.pub_cas_dir = os.path.join(self.path_to_certs,
- "publisher_cas")
- self.inter_certs_dir = os.path.join(self.path_to_certs,
- "inter_certs")
self.raw_trust_anchor_dir = os.path.join(self.path_to_certs,
"trust_anchors")
self.crl_dir = os.path.join(self.path_to_certs, "crl")
@@ -138,23 +134,22 @@
# Sign the 'signed' package.
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
-
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(pkg)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "-i %(i3)s -i %(i4)s -i %(i5)s -i %(i6)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
+ "i6": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem"),
"pkg": self.signed
}
self.pkgsign(self.rurl, sign_args)
@@ -197,32 +192,32 @@
"publisher/test/file",
"publisher/test/file/0a",
"publisher/test/file/0a/0acf1107d31f3bab406f8611b21b8fade78ac874",
- "publisher/test/file/4e",
- "publisher/test/file/4e/4ee36c0da7f97dd367d36095c4fcac014f8b2ec4",
- "publisher/test/file/6f",
- "publisher/test/file/6f/6fadc7b6ba9db7705b3833416447ba5daebe1478",
- "publisher/test/file/93",
- "publisher/test/file/93/93911122ac112e5e4cbcbe95d81c9cc5299e239c",
- "publisher/test/file/96",
- "publisher/test/file/96/965dad893f0173a84cf112e7160aa9a2dc8ec2d3",
+ "publisher/test/file/34",
+ "publisher/test/file/34/344f2a94afd12146336340d71962254f647874be",
+ "publisher/test/file/65",
+ "publisher/test/file/65/65154063c6988c4de879751bb112703b06ba5129",
+ "publisher/test/file/6c",
+ "publisher/test/file/6c/6cd1527a2e4a2926b05663e0a29f0fd5207a7119",
+ "publisher/test/file/97",
+ "publisher/test/file/97/97ff81591147d40444c8fea6e794fefda382d199",
+ "publisher/test/file/9c",
+ "publisher/test/file/9c/9cb9f772cc4a01801b983f199114cc7884b026e3",
+
"publisher/test/file/a2",
"publisher/test/file/a2/a285ada5f3cae14ea00e97a8d99bd3e357cb0dca",
"publisher/test/file/b2",
"publisher/test/file/b2/b265f2ec87c4a55eb2b6b4c926e7c65f7247a27e",
- "publisher/test/file/d4",
- "publisher/test/file/d4/d43daefacfba6d0c178dd37178e650bb606936f4",
- "publisher/test/file/d8",
- "publisher/test/file/d8/d851faf1de264d9a04527cc4b7fd2e2daef2cfdd",
+ "publisher/test/file/d0",
+ "publisher/test/file/d0/d087434b648f50ab20107b6dfb03f754a06fa462",
"publisher/test/file/dc",
"publisher/test/file/dc/dc84bd4b606fe43fc892eb245d9602b67f8cba38",
- "publisher/test/file/e2",
- "publisher/test/file/e2/e2c1fd4b0d66150de3d2b28195603c69dfd792e8",
+ "publisher/test/file/f7",
+ "publisher/test/file/f7/f72001172042e0afafef7cf5a1f90697866acf3d",
"publisher/test/pkg",
"publisher/test/pkg/foo",
"publisher/test/pkg/%s" % self.foo.get_dir_path(),
"publisher/test/pkg/signed",
"publisher/test/pkg/%s" % self.signed.get_dir_path(),
- "publisher/test/pub.p5i",
"publisher/test2",
"publisher/test2/file",
"publisher/test2/file/80",
@@ -393,18 +388,6 @@
arc.add_package(self.foo, foo_path, dfroot)
arc.add_package(self.signed, signed_path, dfroot)
arc.add_package(self.quux, quux_path, dfroot)
-
- # Add publisher cert files. (This has to be done manually
- # since add_package() was used instead of add_repo_package().)
- p = repo.get_publisher("test")
- arc.add_signing_certs(p.prefix, [
- repo.file(hsh, pub=p.prefix)
- for hsh in p.signing_ca_certs
- ], True)
- arc.add_signing_certs(p.prefix, [
- repo.file(hsh, pub=p.prefix)
- for hsh in p.intermediate_certs
- ], False)
arc.close()
# Verify the result.
@@ -453,7 +436,10 @@
# Verify the result.
arc = ptf.PkgTarFile(name=arc_path, mode="r")
- expected = self.multi_expected
+ # Add in the p5i file since this is an archive with signed
+ # packages created from a repo.
+ expected = sorted(self.multi_expected +
+ ["publisher/test/pub.p5i"])
actual = sorted(m.name for m in arc.getmembers())
self.assertEqualDiff(expected, actual)
@@ -784,7 +770,10 @@
# Verify that archive has expected contents.
arc = ptf.PkgTarFile(name=arc_path, mode="r")
- expected = self.multi_expected
+ # Add in the p5i file since this is an archive with signed
+ # packages created from a repo.
+ expected = sorted(self.multi_expected +
+ ["publisher/test/pub.p5i"])
actual = sorted(m.name for m in arc.getmembers())
self.assertEqualDiff(expected, actual)
arc.close()
--- a/src/tests/api/t_publisher.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/api/t_publisher.py Wed Apr 06 18:06:57 2011 -0700
@@ -434,39 +434,6 @@
self.assertRaises(api_errors.UnknownRepository,
pobj.get_repository, name=r.name)
- # Verify that adding, removing, and unsetting ca certs works
- # as expected.
- pobj.create_meta_root()
- self.pub_cas_dir = os.path.join(self.ro_data_root,
- "signing_certs", "produced", "publisher_cas")
- ca_path = os.path.join(self.pub_cas_dir, "pubCA1_ta3_cert.pem")
- with open(ca_path, "rb") as fh:
- ca_data = fh.read()
- hsh = self.calc_file_hash(ca_path)
- # Test revoking a ca cert.
- pobj.revoke_ca_cert(hsh)
- self.assert_(hsh in pobj.revoked_ca_certs)
- # Test moving from revoked to approved
- pobj.approve_ca_cert(ca_data, manual=True)
- self.assert_(hsh not in pobj.revoked_ca_certs)
- self.assert_(hsh in pobj.approved_ca_certs)
- self.assert_(hsh in pobj.signing_ca_certs)
- # Test unsetting from approved
- pobj.unset_ca_cert(hsh)
- self.assert_(hsh not in pobj.revoked_ca_certs)
- self.assert_(hsh not in pobj.approved_ca_certs)
- # Test approving a ca cert
- pobj.approve_ca_cert(ca_data, manual=True)
- self.assert_(hsh in pobj.approved_ca_certs)
- # Test moving from approved to revoked
- pobj.revoke_ca_cert(hsh)
- self.assert_(hsh in pobj.revoked_ca_certs)
- self.assert_(hsh not in pobj.approved_ca_certs)
- # Test moving from revoked to unset
- pobj.unset_ca_cert(hsh)
- self.assert_(hsh not in pobj.revoked_ca_certs)
- self.assert_(hsh not in pobj.approved_ca_certs)
-
if __name__ == "__main__":
unittest.main()
--- a/src/tests/cli/t_pkg_publisher.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/cli/t_pkg_publisher.py Wed Apr 06 18:06:57 2011 -0700
@@ -341,12 +341,12 @@
setting an existing publisher works correctly."""
cert_dir = os.path.join(self.ro_data_root,
- "signing_certs", "produced", "publisher_cas")
+ "signing_certs", "produced", "chain_certs")
- app1 = os.path.join(cert_dir, "pubCA1_ta1_cert.pem")
- app2 = os.path.join(cert_dir, "pubCA1_ta3_cert.pem")
- rev1 = os.path.join(cert_dir, "pubCA1_ta4_cert.pem")
- rev2 = os.path.join(cert_dir, "pubCA1_ta5_cert.pem")
+ app1 = os.path.join(cert_dir, "ch1_ta1_cert.pem")
+ app2 = os.path.join(cert_dir, "ch1_ta3_cert.pem")
+ rev1 = os.path.join(cert_dir, "ch1_ta4_cert.pem")
+ rev2 = os.path.join(cert_dir, "ch1_ta5_cert.pem")
app1_h = self.calc_file_hash(app1)
app2_h = self.calc_file_hash(app2)
rev1_h = self.calc_file_hash(rev1)
@@ -717,8 +717,8 @@
# Verify that a cert and key can be set even when non-https
# origins are present.
- key_path = os.path.join(self.keys_dir, "cs1_p1_ta3_key.pem")
- cert_path = os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ key_path = os.path.join(self.keys_dir, "cs1_ch1_ta3_key.pem")
+ cert_path = os.path.join(self.cs_dir, "cs1_ch1_ta3_cert.pem")
self.pkg("set-publisher --no-refresh -k %s -c %s test1" %
(key_path, cert_path))
@@ -892,12 +892,12 @@
setting a new publisher works correctly."""
cert_dir = os.path.join(self.ro_data_root,
- "signing_certs", "produced", "publisher_cas")
+ "signing_certs", "produced", "chain_certs")
- app1 = os.path.join(cert_dir, "pubCA1_ta1_cert.pem")
- app2 = os.path.join(cert_dir, "pubCA1_ta3_cert.pem")
- rev1 = os.path.join(cert_dir, "pubCA1_ta4_cert.pem")
- rev2 = os.path.join(cert_dir, "pubCA1_ta5_cert.pem")
+ app1 = os.path.join(cert_dir, "ch4_ta1_cert.pem")
+ app2 = os.path.join(cert_dir, "ch1_ta3_cert.pem")
+ rev1 = os.path.join(cert_dir, "ch1_ta4_cert.pem")
+ rev2 = os.path.join(cert_dir, "ch1_ta5_cert.pem")
app1_h = self.calc_file_hash(app1)
app2_h = self.calc_file_hash(app2)
rev1_h = self.calc_file_hash(rev1)
@@ -942,12 +942,12 @@
setting a new publisher works correctly."""
cert_dir = os.path.join(self.ro_data_root,
- "signing_certs", "produced", "publisher_cas")
+ "signing_certs", "produced", "chain_certs")
- app1 = os.path.join(cert_dir, "pubCA1_ta1_cert.pem")
- app2 = os.path.join(cert_dir, "pubCA1_ta3_cert.pem")
- rev1 = os.path.join(cert_dir, "pubCA1_ta4_cert.pem")
- rev2 = os.path.join(cert_dir, "pubCA1_ta5_cert.pem")
+ app1 = os.path.join(cert_dir, "ch3_ta1_cert.pem")
+ app2 = os.path.join(cert_dir, "ch1_ta3_cert.pem")
+ rev1 = os.path.join(cert_dir, "ch1_ta4_cert.pem")
+ rev2 = os.path.join(cert_dir, "ch1_ta5_cert.pem")
app1_h = self.calc_file_hash(app1)
app2_h = self.calc_file_hash(app2)
rev1_h = self.calc_file_hash(rev1)
--- a/src/tests/cli/t_pkg_temp_sources.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/cli/t_pkg_temp_sources.py Wed Apr 06 18:06:57 2011 -0700
@@ -133,27 +133,24 @@
# Sign the 'signed' package.
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
-
- sign_args = \
- "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s %(pkg)s" % {
- "key": os.path.join(self.keys_dir,
- "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir,
- "cs1_pubCA1_cert.pem"),
- "i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
- "i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
- "pkg": plist[3]
- }
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
+ "-i %(i3)s -i %(i4)s -i %(i5)s -i %(i6)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta1_cert.pem"),
+ "i2": os.path.join(self.chain_certs_dir,
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
+ "i6": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem"),
+ "pkg": plist[3]
+ }
self.pkgsign(rurl, sign_args)
# This is just a test assertion to verify that the
@@ -206,10 +203,6 @@
"code_signing_certs")
self.chain_certs_dir = os.path.join(self.path_to_certs,
"chain_certs")
- self.pub_cas_dir = os.path.join(self.path_to_certs,
- "publisher_cas")
- self.inter_certs_dir = os.path.join(self.path_to_certs,
- "inter_certs")
self.raw_trust_anchor_dir = os.path.join(self.path_to_certs,
"trust_anchors")
self.crl_dir = os.path.join(self.path_to_certs, "crl")
@@ -508,7 +501,7 @@
Build Release: 5.11
Branch: None
Packaging Date: %(signed10_pkg_date)s
- Size: 2.76 kB
+ Size: 22.92 kB
FMRI: %(signed10_pkg_fmri)s
""" % { "foo10_pkg_date": pd(self.foo10), "foo10_pkg_fmri": self.foo10,
"incorp20_pkg_date": pd(self.incorp20), "incorp20_pkg_fmri": self.incorp20,
--- a/src/tests/cli/t_pkgrepo.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/cli/t_pkgrepo.py Wed Apr 06 18:06:57 2011 -0700
@@ -94,13 +94,6 @@
self.make_misc_files(["tmp/empty", "tmp/truck1",
"tmp/truck2"])
- self.path_to_certs = os.path.join(self.ro_data_root,
- "signing_certs", "produced")
- self.pub_cas_dir = os.path.join(self.path_to_certs,
- "publisher_cas")
- self.inter_certs_dir = os.path.join(self.path_to_certs,
- "inter_certs")
-
def test_00_base(self):
"""Verify pkgrepo handles basic option and subcommand parsing
as expected.
@@ -194,30 +187,28 @@
for uri in (repo_uri, depot_uri):
self.pkgrepo("get -s %s" % uri)
expected = """\
-SECTION PROPERTY VALUE
-feed description ""
-feed icon web/_themes/pkg-block-icon.png
-feed id ""
-feed logo web/_themes/pkg-block-logo.png
-feed name package\ repository\ feed
-feed window 24
-publisher alias ""
-publisher intermediate_certs ()
-publisher prefix test
-publisher signing_ca_certs ()
-repository collection_type core
-repository description ""
-repository detailed_url ""
-repository legal_uris ()
-repository maintainer ""
-repository maintainer_url ""
-repository mirrors ()
-repository name package\ repository
-repository origins ()
-repository refresh_seconds 14400
-repository registration_uri ""
-repository related_uris ()
-repository version 3
+SECTION PROPERTY VALUE
+feed description ""
+feed icon web/_themes/pkg-block-icon.png
+feed id ""
+feed logo web/_themes/pkg-block-logo.png
+feed name package\ repository\ feed
+feed window 24
+publisher alias ""
+publisher prefix test
+repository collection_type core
+repository description ""
+repository detailed_url ""
+repository legal_uris ()
+repository maintainer ""
+repository maintainer_url ""
+repository mirrors ()
+repository name package\ repository
+repository origins ()
+repository refresh_seconds 14400
+repository registration_uri ""
+repository related_uris ()
+repository version 3
"""
self.assertEqualDiff(expected, self.output)
self.dc.stop()
@@ -233,9 +224,7 @@
feed\tname\tpackage\ repository\ feed
feed\twindow\t24
publisher\talias\t""
-publisher\tintermediate_certs\t()
publisher\tprefix\ttest
-publisher\tsigning_ca_certs\t()
repository\tcollection_type\tcore
repository\tdescription\t""
repository\tdetailed_url\t""
@@ -261,16 +250,16 @@
self.pkgrepo("get -s %s publisher/prefix" %
repo_uri)
expected = """\
-SECTION PROPERTY VALUE
-publisher prefix test
+SECTION PROPERTY VALUE
+publisher prefix test
"""
self.assertEqualDiff(expected, self.output)
self.pkgrepo("get -s %s -H publisher/prefix "
"repository/origins" % repo_uri)
expected = """\
-publisher prefix test
-repository origins ()
+publisher prefix test
+repository origins ()
"""
self.assertEqualDiff(expected, self.output)
@@ -1084,114 +1073,7 @@
self.pkgrepo("version")
self.assert_(self.output.find(pkg.VERSION) != -1)
- def __test_add_remove_certs(self, repo_uri, pubs=[]):
- """Private helper method to test certificate add and remove
- for default publisher case."""
-
- pub_opt = "".join(" -p %s " % p for p in pubs)
- exit = 0
- if "nosuchpub" in pubs:
- if len(pubs) > 1:
- # Expect partial in this case.
- exit = 3
- else:
- # Expect failure in this case.
- exit = 1
-
- ca3_pth = os.path.join(self.pub_cas_dir, "pubCA1_ta3_cert.pem")
- ca1_pth = os.path.join(self.pub_cas_dir, "pubCA1_ta1_cert.pem")
-
- ca1_hsh = self.calc_file_hash(ca1_pth)
- ca3_hsh = self.calc_file_hash(ca3_pth)
-
- self.pkgrepo("add-signing-ca-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca3_pth), exit=exit)
- self.pkgrepo("add-signing-ca-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca1_pth), exit=exit)
-
- self.pkgrepo("remove-signing-intermediate-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca1_hsh), exit=exit)
- self.pkgrepo("remove-signing-intermediate-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca3_hsh), exit=exit)
- self.pkgrepo("remove-signing-ca-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca1_hsh), exit=exit)
- self.pkgrepo("remove-signing-ca-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca3_hsh), exit=exit)
-
- self.pkgrepo("add-signing-intermediate-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca3_pth), exit=exit)
- self.pkgrepo("add-signing-intermediate-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca1_pth), exit=exit)
-
- self.pkgrepo("remove-signing-ca-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca1_hsh), exit=exit)
- self.pkgrepo("remove-signing-ca-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca3_hsh), exit=exit)
- self.pkgrepo("remove-signing-intermediate-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca1_hsh), exit=exit)
- self.pkgrepo("remove-signing-intermediate-cert -s %s %s%s" %
- (repo_uri, pub_opt, ca3_hsh), exit=exit)
-
- def test_07_certs(self):
- """Verify that certificate commands work as expected."""
-
- # Create a repository.
- repo_path = os.path.join(self.test_root, "repo")
- repo_uri = "file:%s" % repo_path
- self.create_repo(repo_path)
-
- ca3_pth = os.path.join(self.pub_cas_dir, "pubCA1_ta3_cert.pem")
- ca1_pth = os.path.join(self.pub_cas_dir, "pubCA1_ta1_cert.pem")
-
- ca1_hsh = self.calc_file_hash(ca1_pth)
- ca3_hsh = self.calc_file_hash(ca3_pth)
-
- # Verify that signing commands will fail gracefully if no
- # default publisher has been set and a publisher was not
- # specified.
- self.pkgrepo("-s %s add-signing-ca-cert %s" % (repo_uri,
- ca3_pth), exit=1)
- self.pkgrepo("-s %s add-signing-intermediate-cert %s" %
- (repo_uri, ca3_pth), exit=1)
- self.pkgrepo("-s %s remove-signing-intermediate-cert %s" %
- (repo_uri, ca3_hsh), exit=1)
- self.pkgrepo("-s %s remove-signing-ca-cert %s" %
- (repo_uri, ca1_hsh), exit=1)
-
- # Now verify that add / remove work as expected for a
- # repository.
-
- # Test default publisher case.
- self.pkgrepo("set -s %s publisher/prefix=test" % repo_path)
- self.__test_add_remove_certs(repo_uri)
-
- # Test specific publisher case.
- shutil.rmtree(repo_path)
- self.create_repo(repo_path)
- self.pkgrepo("set -s %s publisher/prefix=test" % repo_path)
- self.__test_add_remove_certs(repo_uri, ["test"])
- self.__test_add_remove_certs(repo_uri, ["nosuchpub"])
-
- # Test multiple publisher case.
- shutil.rmtree(repo_path)
- self.create_repo(repo_path)
- self.pkgrepo("set -s %s -p test publisher/alias=test" %
- repo_path)
- self.pkgrepo("set -s %s -p test2 publisher/alias=test2" %
- repo_path)
- self.__test_add_remove_certs(repo_uri, ["test", "test2"])
- self.__test_add_remove_certs(repo_uri, ["test", "test2",
- "nosuchpub"])
-
- # Last, verify that add/remove works for a v3 repository.
- shutil.rmtree(repo_path)
- self.create_repo(repo_path, version=3)
- self.pkgrepo("set -s %s publisher/prefix=test" % repo_path)
- self.__test_add_remove_certs(repo_uri, ["test"])
- self.__test_add_remove_certs(repo_uri)
- self.__test_add_remove_certs(repo_uri, ["nosuchpub"])
-
- def test_08_add_publisher(self):
+ def test_07_add_publisher(self):
"""Verify that add-publisher subcommand works as expected."""
# Create a repository.
--- a/src/tests/cli/t_pkgsign.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/cli/t_pkgsign.py Wed Apr 06 18:06:57 2011 -0700
@@ -135,10 +135,6 @@
"code_signing_certs")
self.chain_certs_dir = os.path.join(self.path_to_certs,
"chain_certs")
- self.pub_cas_dir = os.path.join(self.path_to_certs,
- "publisher_cas")
- self.inter_certs_dir = os.path.join(self.path_to_certs,
- "inter_certs")
self.raw_trust_anchor_dir = os.path.join(self.path_to_certs,
"trust_anchors")
self.crl_dir = os.path.join(self.path_to_certs, "crl")
@@ -260,17 +256,18 @@
correctly. Uses a chain of certificates three certificates
long."""
- ca_path = os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
+ chain_cert_path = os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
+ ta_cert_path = os.path.join(self.raw_trust_anchor_dir,
+ "ta3_cert.pem")
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(ch1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "ch1": chain_cert_path
}
td = os.environ["TMPDIR"]
sd = os.path.join(td, "tmp_sign")
@@ -288,7 +285,7 @@
self.seed_ta_dir("ta3")
# Find the hash of the publisher CA cert used.
- hsh = self.calc_file_hash(ca_path)
+ hsh = self.calc_file_hash(chain_cert_path)
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
@@ -316,7 +313,7 @@
# Now seed the emptyCA directory to test that certs can be
# pulled from it correctly.
self.seed_ta_dir("ta3", dest_dir=emptyCA)
-
+
self.pkg("set-property signature-policy require-signatures")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
@@ -326,17 +323,17 @@
self.assertRaises(apx.MissingRequiredNamesException,
self._api_install, api_obj, ["example_pkg"])
self.pkg("set-property signature-policy "
- "require-names 'cs1_p1_ta3'")
+ "require-names 'cs1_ch1_ta3'")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("add-property-value signature-required-names "
- "'pubCA1_ta3'")
+ "'ch1_ta3'")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("remove-property-value signature-required-names "
- "'cs1_p1_ta3'")
+ "'cs1_ch1_ta3'")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
@@ -361,17 +358,18 @@
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("set-publisher "
"--set-property signature-policy=require-names "
- "--set-property signature-required-names='cs1_p1_ta3' test")
+ "--set-property signature-required-names='cs1_ch1_ta3' "
+ "test")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("set-publisher --add-property-value "
- "signature-required-names='pubCA1_ta3' test")
+ "signature-required-names='ch1_ta3' test")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("set-publisher --remove-property-value "
- "signature-required-names='cs1_p1_ta3' test")
+ "signature-required-names='cs1_ch1_ta3' test")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
@@ -392,20 +390,21 @@
self.assertRaises(apx.MissingRequiredNamesException,
self._api_install, api_obj, ["example_pkg"])
self.pkg("set-property signature-policy require-names "
- "pubCA1_ta3")
+ "ch1_ta3")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("unset-property signature-policy")
- # Test removing and adding ca certs
+ # Test removing and adding chain certs
self.pkg("set-publisher --set-property signature-policy=verify "
"test")
self.pkg("set-publisher --revoke-ca-cert=%s test" % hsh)
api_obj = self.get_img_api_obj()
self.assertRaises(apx.BrokenChain, self._api_install, api_obj,
["example_pkg"])
- self.pkg("set-publisher --approve-ca-cert=%s test" % ca_path)
+ self.pkg("set-publisher --approve-ca-cert=%s test" %
+ chain_cert_path)
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self.pkg("set-publisher --revoke-ca-cert=%s test" % hsh)
@@ -427,22 +426,19 @@
# verifies signatures.
self.pkg("verify", exit=1)
self.pkg("fix", exit=1)
- self.pkg("set-publisher --approve-ca-cert=%s test" % ca_path)
+ self.pkg("set-publisher --approve-ca-cert=%s test" %
+ chain_cert_path)
self.pkg("verify")
self.pkg("fix")
api_obj = self.get_img_api_obj()
self._api_uninstall(api_obj, ["example_pkg"])
- # Test removing a signing cert.
- # Find the hash of the publisher CA cert used.
- hsh = self.calc_file_hash(ca_path)
- r.remove_signing_certs([hsh], ca=True)
- self.image_destroy()
- self.image_create(self.rurl1)
- self.pkg("set-property signature-policy verify")
+ # Test that manually approving a trust anchor works.
+ self.pkg("set-publisher --unset-ca-cert=%s test" % hsh)
+ self.pkg("set-publisher --approve-ca-cert=%s test" %
+ ta_cert_path)
api_obj = self.get_img_api_obj()
- self.assertRaises(apx.BrokenChain, self._api_install, api_obj,
- ["example_pkg"])
+ self._api_install(api_obj, ["example_pkg"])
def test_sign_2(self):
"""Test that verification of the CS cert failing means the
@@ -452,8 +448,9 @@
sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem")
}
# Specify repository location as relative path.
@@ -472,27 +469,26 @@
def test_sign_3(self):
"""Test that using a chain seven certificates long works. It
- also tests that setting a second publisher ca cert doesn't
- cause anything to break."""
+ also tests that having an extra chain certificate doesn't break
+ anything."""
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(pkg)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "-i %(i3)s -i %(i4)s -i %(i5)s -i %(i6)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
+ "i6": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem"),
"pkg": plist[0]
}
@@ -508,30 +504,29 @@
"""Test that having a package signed with more than one
signature doesn't cause anything to break."""
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.raw_trust_anchor_dir,
- "ta2_cert.pem")], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(pkg)s" % {
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(pkg)s" % {
"key":
- os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
+ os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
"cert":
- os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"i1":
os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2":
os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ "ch2_ta1_cert.pem"),
+ "i3":
+ os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4":
+ os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5":
+ os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.rurl1, sign_args)
@@ -555,7 +550,8 @@
self._api_uninstall(api_obj, ["example_pkg"])
self.pkg("set-property signature-policy require-names "
"'cs1_ta2'")
- self.pkg("add-property-value signature-required-names 'i1_ta1'")
+ self.pkg("add-property-value signature-required-names "
+ "'ch1_ta1'")
api_obj = self.get_img_api_obj()
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
@@ -568,19 +564,23 @@
"""Test that not providing a needed intermediate cert makes
verification fail."""
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s -i %(i2)s %(pkg)s" % \
- { "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
- "i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ sign_args = "-k %(key)s -c %(cert)s -i %(i2)s -i %(i3)s "\
+ "-i %(i4)s -i %(i5)s %(pkg)s" % \
+ { "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
+ "i2":
+ os.path.join(self.chain_certs_dir,
+ "ch2_ta1_cert.pem"),
+ "i3":
+ os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4":
+ os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5":
+ os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.rurl1, sign_args)
@@ -592,26 +592,22 @@
def test_sign_5(self):
"""Test that http repos work."""
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([
- os.path.join(self.pub_cas_dir, "pubCA1_ta1_cert.pem"),
- os.path.join(self.pub_cas_dir, "pubCA1_ta3_cert.pem")],
- ca=True)
- r.add_signing_certs([
- os.path.join(self.inter_certs_dir, "i1_ta1_cert.pem"),
- os.path.join(self.inter_certs_dir, "i2_ta1_cert.pem")],
- ca=False)
- self.dcs[1].start()
-
+ self.dcs[1].start()
plist = self.pkgsend_bulk(self.durl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(pkg)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.durl1, sign_args)
@@ -624,13 +620,13 @@
def test_length_two_chains(self):
"""Check that chains of length two work correctly."""
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.raw_trust_anchor_dir,
- "ta2_cert.pem")], ca=True)
+ ta_path = os.path.join(self.raw_trust_anchor_dir,
+ "ta2_cert.pem")
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(pkg)s" % \
+ sign_args = "-k %(key)s -c %(cert)s -i %(ta)s %(pkg)s" % \
{ "key": os.path.join(self.keys_dir, "cs1_ta2_key.pem"),
"cert": os.path.join(self.cs_dir, "cs1_ta2_cert.pem"),
+ "ta": ta_path,
"pkg": plist[0]
}
@@ -664,6 +660,45 @@
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
+ def test_length_two_chains_two(self):
+ """Check that chains of length two work correctly when the trust
+ anchor is not included as an intermediate cert."""
+
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s %(pkg)s" % \
+ { "key": os.path.join(self.keys_dir, "cs1_ta2_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ta2_cert.pem"),
+ "pkg": plist[0]
+ }
+
+ self.pkgsign(self.rurl1, sign_args)
+ self.pkg_image_create(self.rurl1)
+
+ self.pkg("set-property signature-policy verify")
+ # This should trigger a BrokenChain error.
+ api_obj = self.get_img_api_obj()
+ self.assertRaises(apx.BrokenChain,
+ self._api_install, api_obj, ["example_pkg"])
+ self.seed_ta_dir("ta2")
+
+ self.pkg("set-property signature-policy verify")
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+ self._api_uninstall(api_obj, ["example_pkg"])
+ self.pkg("set-property signature-policy require-names foo")
+ api_obj = self.get_img_api_obj()
+ self.assertRaises(apx.MissingRequiredNamesException,
+ self._api_install, api_obj, ["example_pkg"])
+ self.pkg("set-property signature-policy require-names "
+ "'cs1_ta2'")
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+ self._api_uninstall(api_obj, ["example_pkg"])
+ self.pkg("add-property-value signature-required-names 'ta2'")
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+ self._api_uninstall(api_obj, ["example_pkg"])
+
def test_variant_sigs(self):
"""Test that variant tagged signatures are ignored."""
plist = self.pkgsend_bulk(self.rurl1, self.varsig_pkg)
@@ -707,55 +742,55 @@
# Test bad sig.alg setting.
self.pkgsign(self.durl1, "-a foo -k %(key)s -c %(cert)s "
"%(name)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
}, exit=2)
# Test missing cert option
self.pkgsign(self.durl1, "-k %(key)s %(name)s" %
- { "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
+ { "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
"name": plist[0]
}, exit=2)
# Test missing key option
self.pkgsign(self.durl1, "-c %(cert) %(name)s" %
- { "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ { "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
}, exit=2)
# Test -i with missing -c and -k
self.pkgsign(self.durl1, "-i %(i1)s %(name)s" %
{ "i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"name": plist[0]
}, exit=2)
# Test passing a cert as a key
self.pkgsign(self.durl1, "-c %(cert)s -k %(cert)s %(name)s" %
- { "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ { "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
}, exit=1)
# Test passing a non-existent certificate file
self.pkgsign(self.durl1, "-c /shouldnotexist -k %(key)s "
"%(name)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
"name": plist[0]
}, exit=2)
# Test passing a non-existent key file
self.pkgsign(self.durl1, "-c %(cert)s -k /shouldnotexist "
"%(name)s" % {
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
}, exit=2)
# Test passing a file that's not a key file as a key file
self.pkgsign(self.durl1, "-k %(key)s -c %(cert)s %(name)s" %
{ "key": os.path.join(self.test_root, "tmp/example_file"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
}, exit=1)
# Test passing a non-existent file as an intermediate cert
self.pkgsign(self.durl1, "-k %(key)s -c %(cert)s -i %(i1)s "
"%(name)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
"shouldnot/exist"),
"name": plist[0]
@@ -763,8 +798,8 @@
# Test passing a directory as an intermediate cert
self.pkgsign(self.durl1, "-k %(key)s -c %(cert)s -i %(i1)s "
"%(name)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"i1": self.chain_certs_dir,
"name": plist[0]
}, exit=2)
@@ -775,14 +810,14 @@
# use a key and cert, but passing -k and -c.
self.pkgsign(self.durl1, "-a sha256 -k %(key)s -c %(cert)s "
"%(name)s" % {
- "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
}, exit=2)
# Test that installing a package signed using a bogus
# certificate fails.
self.pkgsign(self.durl1, "-k %(key)s -c %(cert)s %(name)s" %
- { "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
+ { "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
"cert": os.path.join(self.test_root, "tmp/example_file"),
"name": plist[0]
})
@@ -806,8 +841,8 @@
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
self.pkgsign(self.rurl1, "-k %(key)s -c %(cert)s %(name)s" %
- { "key": os.path.join(self.keys_dir, "cs1_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem"),
+ { "key": os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem"),
"name": plist[0]
})
self.pkg_image_create(self.rurl1)
@@ -822,25 +857,27 @@
"""Test that signing with other hash algorithms works
correctly."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1":os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
- sign_args = "-a rsa-sha512 -k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-a rsa-sha512 -k %(key)s -c %(cert)s -i %(i1)s " \
+ "%(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1":os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -858,16 +895,14 @@
"""Test that if the certificate can't validate the signature,
an error happens."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir, "cs1_ta2_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1":os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
self.pkg_image_create(self.rurl1)
@@ -922,16 +957,14 @@
"""Test that if the certificate can't validate the signature,
an error happens."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir, "cs1_ta2_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1":os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
self.pkg_image_create(self.rurl1)
@@ -982,17 +1015,15 @@
unsupported critical extension will not have valid signatures.
"""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs2_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs2_p1_ta3_cert.pem")
+ "cs2_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs2_ch1_ta3_cert.pem"),
+ "i1":os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1014,17 +1045,15 @@
trust contains a certificate with an unsupported critical
extension will not have valid signatures."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA2_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p2_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p2_ta3_cert.pem")
+ "cs1_ch1.1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1.1_ta3_cert.pem"),
+ "i1":os.path.join(self.chain_certs_dir,
+ "ch1.1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1033,34 +1062,32 @@
self.pkg("set-property signature-policy verify")
api_obj = self.get_img_api_obj()
- self.assertRaises(apx.UnsupportedCriticalExtension,
- self._api_install, api_obj, ["example_pkg"])
+ self.assertRaises(apx.BrokenChain, self._api_install, api_obj,
+ ["example_pkg"])
def test_unsupported_critical_extension_3(self):
"""Test that packages signed using a certificate whose chain of
trust contains a certificate with an unsupported critical
extension will not have valid signatures."""
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(name)s" % {
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs4_pubCA1_key.pem"),
+ "cs1_ch5.1_ta1_key.pem"),
"cert": os.path.join(self.cs_dir,
- "cs4_pubCA1_cert.pem"),
+ "cs1_ch5.1_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2": os.path.join(self.chain_certs_dir,
- "ch2.2_pubCA1_cert.pem")
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5.1_ta1_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1076,20 +1103,18 @@
"""Test that signing a certificate with a code signing
certificate results in a broken chain."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2) s " \
+ "%(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_cs8_p1_ta3_key.pem"),
+ "cs1_cs8_ch1_ta3_key.pem"),
"cert": os.path.join(self.cs_dir,
- "cs1_cs8_p1_ta3_cert.pem"),
+ "cs1_cs8_ch1_ta3_cert.pem"),
"i1": os.path.join(self.cs_dir,
- "cs8_p1_ta3_cert.pem")
+ "cs8_ch1_ta3_cert.pem"),
+ "i2": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem"),
}
self.pkgsign(self.rurl1, sign_args)
@@ -1112,18 +1137,13 @@
value for the keyUsage extension to sign a package means
that the package's signature doesn't verify."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "pubCA1_ta3_key.pem"),
- "cert": os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")
+ "ch1_ta3_key.pem"),
+ "cert": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1145,25 +1165,24 @@
"""Test that if a CRL is signed with a CA that has the keyUsage
extension but not the cRLSign value is not considered a valid
CRL."""
-
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA2_ta4_cert.pem"))
+
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
rstore = r.get_pub_rstore(pub="test")
- os.makedirs(os.path.join(rstore.file_root, "pu"))
+ os.makedirs(os.path.join(rstore.file_root, "ch"))
portable.copyfile(os.path.join(self.crl_dir,
- "pubCA2_ta4_crl.pem"),
- os.path.join(rstore.file_root, "pu", "pubCA2_ta4_crl.pem"))
+ "ch1.1_ta4_crl.pem"),
+ os.path.join(rstore.file_root, "ch", "ch1.1_ta4_crl.pem"))
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p2_ta4_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p2_ta4_cert.pem")
+ "cs1_ch1.1_ta4_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1.1_ta4_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1.1_ta4_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1182,17 +1201,15 @@
"""Test that an unknown value for a recognized non-critical
extension causes an exception to be raised."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs5_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs5_p1_ta3_cert.pem")
+ "cs5_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs5_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1213,17 +1230,15 @@
"""Test that an unknown value for a recognized critical
extension causes an exception to be raised."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs6_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs6_p1_ta3_cert.pem")
+ "cs6_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs6_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1242,17 +1257,15 @@
"""Test that if keyUsage has not been set, the code signing
certificate is considered valid."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs7_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs7_p1_ta3_cert.pem")
+ "cs7_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs7_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1267,17 +1280,15 @@
"""Test that if keyUsage has not been set, the CA certificate is
considered valid."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA5_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p5_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p5_ta3_cert.pem")
+ "cs1_ch1.4_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1.4_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1.4_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1293,18 +1304,16 @@
correctly. Uses a chain of certificates three certificates
long."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "--no-index --no-catalog -k %(key)s -c %(cert)s " \
- "%(name)s" % {
+ sign_args = "--no-index --no-catalog -i %(i1)s -k %(key)s " \
+ "-c %(cert)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1317,6 +1326,7 @@
# This fails because the catalog hasn't been updated with
# the signed manifest yet.
self.pkg("install example_pkg", exit=1)
+ r = self.get_repo(self.dcs[1].get_repodir())
r.rebuild()
self.pkg("install example_pkg")
@@ -1324,20 +1334,20 @@
"""Tests that if a certificate stored on the client is replaced
with a different certificate, installation fails."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- cs_path = os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ chain_cert_path = os.path.join(os.path.join(
+ self.chain_certs_dir, "ch1_ta3_cert.pem"))
+ cs_path = os.path.join(self.cs_dir, "cs1_ch1_ta3_cert.pem")
cs2_path = os.path.join(self.cs_dir, "cs1_ta2_cert.pem")
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s " \
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s " \
"%(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": cs_path
+ "cs1_ch1_ta3_key.pem"),
+ "cert": cs_path,
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1368,19 +1378,20 @@
self._api_install(api_obj, ["example_pkg"])
self._api_uninstall(api_obj, ["example_pkg"])
- # Repeat the test but change the CA cert instead of the CS cert.
+ # Repeat the test but change the chain cert instead of the CS
+ # cert.
- # Replace the client CA cert.
- hsh = self.calc_file_hash(ca_path)
+ # Replace the client chain cert.
+ hsh = self.calc_file_hash(chain_cert_path)
pth = os.path.join(self.img_path, "var", "pkg", "publisher",
"test", "certs", hsh)
portable.copyfile(cs2_path, pth)
api_obj = self.get_img_api_obj()
- self.assertRaises(apx.ModifiedCertificateException,
- self._api_install, api_obj, ["example_pkg"])
+ self.assertRaises(apx.BrokenChain, self._api_install, api_obj,
+ ["example_pkg"])
- # Test that removing the CA cert will cause it to be downloaded
- # again and the installation will then work.
+ # Test that removing the chain cert will cause it to be
+ # downloaded again and the installation will then work.
portable.remove(pth)
api_obj = self.get_img_api_obj()
@@ -1390,9 +1401,9 @@
"""Test that the X509 CRL revocation works correctly."""
crl = m2.X509.load_crl(os.path.join(self.crl_dir,
- "pubCA1_ta4_crl.pem"))
+ "ch1_ta4_crl.pem"))
revoked_cert = m2.X509.load_cert(os.path.join(self.cs_dir,
- "cs1_ta4_cert.pem"))
+ "cs1_ch1_ta4_cert.pem"))
assert crl.is_revoked(revoked_cert)[0]
def test_bogus_inter_certs(self):
@@ -1404,8 +1415,8 @@
attrs = {
"algorithm": "sha256",
}
- key_pth = os.path.join(self.keys_dir, "cs_pubCA1_key.pem")
- cert_pth = os.path.join(self.cs_dir, "cs1_pubCA1_cert.pem")
+ key_pth = os.path.join(self.keys_dir, "cs1_ch5_ta1_key.pem")
+ cert_pth = os.path.join(self.cs_dir, "cs1_ch5_ta1_cert.pem")
sig_act = signature.SignatureAction(cert_pth, **attrs)
self.assertRaises(action.ActionDataError, sig_act.set_signature,
[sig_act], key_path=key_pth,
@@ -1417,18 +1428,16 @@
"""Test that the --sign-all option works correctly, signing
all packages in a repository."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
plist = self.pkgsend_bulk(self.rurl1, self.var_pkg)
- sign_args = "-k %(key)s -c %(cert)s --sign-all" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s --sign-all" % {
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1445,24 +1454,24 @@
def test_crl_1(self):
"""Test that revoking a code signing certificate by the
publisher CA works correctly."""
-
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta4_cert.pem"))
+
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
rstore = r.get_pub_rstore(pub="test")
- os.makedirs(os.path.join(rstore.file_root, "pu"))
+ os.makedirs(os.path.join(rstore.file_root, "ch"))
portable.copyfile(os.path.join(self.crl_dir,
- "pubCA1_ta4_crl.pem"),
- os.path.join(rstore.file_root, "pu", "pubCA1_ta4_crl.pem"))
+ "ch1_ta4_crl.pem"),
+ os.path.join(rstore.file_root, "ch", "ch1_ta4_crl.pem"))
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
- "key": os.path.join(self.keys_dir, "cs1_ta4_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_ta4_cert.pem")
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch1_ta4_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta4_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta4_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1481,12 +1490,8 @@
def test_crl_2(self):
"""Test that revoking a code signing certificate by the
publisher CA works correctly."""
-
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta5_cert.pem"))
+
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
rstore = r.get_pub_rstore(pub="test")
os.makedirs(os.path.join(rstore.file_root, "ta"))
portable.copyfile(os.path.join(self.crl_dir,
@@ -1495,10 +1500,14 @@
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
- "key": os.path.join(self.keys_dir, "cs1_ta5_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_ta5_cert.pem")
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch1_ta5_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta5_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta5_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1515,12 +1524,8 @@
def test_crl_3(self):
"""Test that a CRL with a bad file format does not cause
breakage."""
-
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta4_cert.pem"))
+
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
rstore = r.get_pub_rstore(pub="test")
os.makedirs(os.path.join(rstore.file_root, "ex"))
portable.copyfile(os.path.join(self.test_root,
@@ -1529,10 +1534,14 @@
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
- "key": os.path.join(self.keys_dir, "cs2_ta4_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs2_ta4_cert.pem")
+ "key": os.path.join(self.keys_dir,
+ "cs2_ch1_ta4_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs2_ch1_ta4_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta4_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1549,17 +1558,16 @@
"""Test that a CRL which cannot be retrieved does not cause
breakage."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta4_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
- "key": os.path.join(self.keys_dir, "cs2_ta4_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs2_ta4_cert.pem")
+ "key": os.path.join(self.keys_dir,
+ "cs2_ch1_ta4_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs2_ch1_ta4_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta4_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1577,30 +1585,29 @@
certificate in question works."""
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
-
rstore = r.get_pub_rstore(pub="test")
- os.makedirs(os.path.join(rstore.file_root, "pu"))
+ os.makedirs(os.path.join(rstore.file_root, "ch"))
portable.copyfile(os.path.join(self.crl_dir,
- "pubCA1_ta1_crl.pem"),
- os.path.join(rstore.file_root, "pu", "pubCA1_ta1_crl.pem"))
+ "ch5_ta1_crl.pem"),
+ os.path.join(rstore.file_root, "ch", "ch5_ta1_crl.pem"))
self.dcs[1].start()
plist = self.pkgsend_bulk(self.durl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(pkg)s" % {
- "key": os.path.join(self.keys_dir, "cs2_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs2_pubCA1_cert.pem"),
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir, "cs2_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs2_ch5_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
"pkg": plist[0]
}
@@ -1618,30 +1625,29 @@
certificate of the certificate in question works."""
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([os.path.join(self.pub_cas_dir,
- "pubCA1_ta1_cert.pem")], ca=True)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i1_ta1_cert.pem")], ca=False)
- r.add_signing_certs([os.path.join(self.inter_certs_dir,
- "i2_ta1_cert.pem")], ca=False)
-
rstore = r.get_pub_rstore(pub="test")
os.makedirs(os.path.join(rstore.file_root, "ch"))
portable.copyfile(os.path.join(self.crl_dir,
- "ch1_pubCA1_crl.pem"),
- os.path.join(rstore.file_root, "ch", "ch1_pubCA1_crl.pem"))
+ "ch5_ta1_crl.pem"),
+ os.path.join(rstore.file_root, "ch", "ch5_ta1_crl.pem"))
self.dcs[1].start()
plist = self.pkgsend_bulk(self.durl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
- "%(pkg)s" % {
- "key": os.path.join(self.keys_dir, "cs3_pubCA1_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs3_pubCA1_cert.pem"),
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir, "cs2_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs2_ch5_ta1_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta1_cert.pem"),
"i2": os.path.join(self.chain_certs_dir,
- "ch2_pubCA1_cert.pem"),
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
"pkg": plist[0]
}
@@ -1658,17 +1664,17 @@
"""Test that a CRL location which isn't in a known URI format
doesn't cause breakage."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta4_cert.pem"))
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
- "key": os.path.join(self.keys_dir, "cs3_ta4_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs3_ta4_cert.pem")
+ "key": os.path.join(self.keys_dir,
+ "cs3_ch1_ta4_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs3_ch1_ta4_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta4_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1694,18 +1700,15 @@
"""Test that actions tagged with variants don't break signing.
"""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.var_pkg)
- sign_args = "-k %(key)s -c %(cert)s %(pkg)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(pkg)s" % {
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
+ "cs1_ch1_ta3_key.pem"),
"cert": os.path.join(self.cs_dir,
- "cs1_p1_ta3_cert.pem"),
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.rurl1, sign_args)
@@ -1732,9 +1735,9 @@
sign_args = "-k %(key)s -c %(cert)s %(pkg)s" % {
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
+ "cs1_ch1_ta3_key.pem"),
"cert": os.path.join(self.cs_dir,
- "cs1_p1_ta3_cert.pem"),
+ "cs1_ch1_ta3_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.durl1, sign_args, exit=1)
@@ -1750,9 +1753,9 @@
sign_args = "-k %(key)s -c %(cert)s %(pkg)s" % {
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
+ "cs1_ch1_ta3_key.pem"),
"cert": os.path.join(self.cs_dir,
- "cs1_p1_ta3_cert.pem"),
+ "cs1_ch1_ta3_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.durl1, sign_args, exit=1)
@@ -1767,10 +1770,10 @@
plist = self.pkgsend_bulk(self.durl1, self.example_pkg10)
sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(pkg)s" % {
- "key": os.path.join(self.keys_dir, "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem"),
+ "key": os.path.join(self.keys_dir, "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir, "cs1_ch1_ta3_cert.pem"),
"i1": os.path.join(self.chain_certs_dir,
- "ch1_pubCA1_cert.pem"),
+ "ch1_ta3_cert.pem"),
"pkg": plist[0]
}
self.pkgsign(self.durl1, sign_args, exit=1)
@@ -1779,17 +1782,15 @@
"""Test that expiration dates on the signing cert are
ignored."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs3_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs3_p1_ta3_cert.pem")
+ "cs3_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs3_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1806,17 +1807,15 @@
"""Test that expiration dates on the signing cert are
ignored."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs4_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs4_p1_ta3_cert.pem")
+ "cs4_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs4_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1829,20 +1828,18 @@
# expiration and start dates.
self._api_install(api_obj, ["example_pkg"])
- def test_expired_ca_certs(self):
- """Test that expiration dates on a CA cert are ignored."""
-
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA3_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
+ def test_expired_chain_certs(self):
+ """Test that expiration dates on a chain cert are ignored."""
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p3_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p3_ta3_cert.pem")
+ "cs1_ch1.2_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1.2_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1.2_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1855,20 +1852,18 @@
# expiration and start dates.
self._api_install(api_obj, ["example_pkg"])
- def test_future_ca_certs(self):
- """Test that expiration dates on a CA cert are ignored."""
-
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA4_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
+ def test_future_chain_certs(self):
+ """Test that expiration dates on a chain cert are ignored."""
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p4_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p4_ta3_cert.pem")
+ "cs1_ch1.3_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1.3_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1.3_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1885,17 +1880,15 @@
"""Test that a certificate that can't be retrieved doesn't
cause a traceback."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.var_pkg)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1921,17 +1914,17 @@
"""Test that manually approving a publisher's CA cert works
correctly."""
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
+ ca_path = os.path.join(os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem"))
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": ca_path
}
self.pkgsign(self.rurl1, sign_args)
@@ -1943,17 +1936,16 @@
def test_higher_signature_version(self):
- ca_path = os.path.join(os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem"))
r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -1997,17 +1989,15 @@
"""Test that the default location is properly image relative
and is used."""
- ca_path = os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -2022,17 +2012,15 @@
"""Test that trust anchors are properly pulled from the image
that the pkg command was run from."""
- ca_path = os.path.join(self.pub_cas_dir,
- "pubCA1_ta3_cert.pem")
- r = self.get_repo(self.dcs[1].get_repodir())
- r.add_signing_certs([ca_path], ca=True)
-
plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
- sign_args = "-k %(key)s -c %(cert)s %(name)s" % {
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s %(name)s" % {
"name": plist[0],
"key": os.path.join(self.keys_dir,
- "cs1_p1_ta3_key.pem"),
- "cert": os.path.join(self.cs_dir, "cs1_p1_ta3_cert.pem")
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
}
self.pkgsign(self.rurl1, sign_args)
@@ -2068,5 +2056,310 @@
self.pkg("list example_pkg")
self.pkg("-R %s list example_pkg" % orig_img_path, exit=1)
+ def test_big_pathlen(self):
+ """Test that a chain cert which has a larger pathlen value than
+ is needed is allowed."""
+
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch5.2_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch5.2_ta1_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta1_cert.pem"),
+ "i2": os.path.join(self.chain_certs_dir,
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5.2_ta1_cert.pem"),
+ "pkg": plist[0]
+ }
+
+ self.pkgsign(self.rurl1, sign_args)
+ self.pkg_image_create(self.rurl1)
+ self.seed_ta_dir("ta1")
+
+ self.pkg("set-property signature-policy verify")
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+
+ def test_small_pathlen(self):
+ """Test that a chain cert which has a smaller pathlen value than
+ is needed is allowed."""
+
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(pkg)s" % {
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch5.3_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch5.3_ta1_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta1_cert.pem"),
+ "i2": os.path.join(self.chain_certs_dir,
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4.3_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5.3_ta1_cert.pem"),
+ "pkg": plist[0]
+ }
+
+ self.pkgsign(self.rurl1, sign_args)
+ self.pkg_image_create(self.rurl1)
+ self.seed_ta_dir("ta1")
+
+ self.pkg("set-property signature-policy verify")
+ api_obj = self.get_img_api_obj()
+ self.assertRaises(apx.PathlenTooShort, self._api_install,
+ api_obj, ["example_pkg"])
+ # Check that the cli hands PathlenTooShort exceptions.
+ self.pkg("install example_pkg", exit=1)
+
+ def test_bug_16867_1(self):
+ """Test whether signing a package multiple times makes a package
+ uninstallable."""
+
+ chain_cert_path = os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s -i %(ch1)s %(name)s" % {
+ "name": plist[0],
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "ch1": chain_cert_path
+ }
+ self.pkgsign(self.rurl1, sign_args)
+ self.pkgsign(self.rurl1, sign_args)
+
+ self.pkg_image_create(self.rurl1)
+ self.seed_ta_dir("ta3")
+ self.pkg("set-property signature-policy verify")
+
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+
+ def test_bug_16867_2(self):
+ """Test whether signing a package which already has multiple
+ identical signatures results in an error."""
+
+ r = self.get_repo(self.dcs[1].get_repodir())
+ chain_cert_path = os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s -i %(ch1)s %(name)s" % {
+ "name": plist[0],
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "ch1": chain_cert_path
+ }
+ self.pkgsign(self.rurl1, sign_args)
+
+ mp = r.manifest(plist[0])
+ with open(mp, "rb") as fh:
+ ls = fh.readlines()
+ s = []
+ for l in ls:
+ # Double all signature actions.
+ if l.startswith("signature"):
+ s.append(l)
+ s.append(l)
+ with open(mp, "wb") as fh:
+ for l in s:
+ fh.write(l)
+ # Rebuild the catalog so that hash verification for the manifest
+ # won't cause problems.
+ r.rebuild()
+ # This should fail because the manifest already has identical
+ # signature actions in it.
+ self.pkgsign(self.rurl1, sign_args, exit=1)
+
+ self.pkg_image_create(self.rurl1)
+ self.seed_ta_dir("ta3")
+ self.pkg("set-property signature-policy verify")
+
+ # This fails because the manifest contains duplicate signatures.
+ api_obj = self.get_img_api_obj()
+ self.assertRaises(apx.UnverifiedSignature, self._api_install,
+ api_obj, ["example_pkg"])
+
+ def test_bug_16867_hashes_1(self):
+ """Test whether signing a package a second time with hashes
+ fails."""
+
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "%(name)s" % {
+ "name": plist[0],
+ }
+ self.pkgsign(self.rurl1, sign_args)
+ self.pkgsign(self.rurl1, sign_args)
+
+ self.pkg_image_create(self.rurl1)
+ self.seed_ta_dir("ta3")
+ self.pkg("set-property signature-policy verify")
+
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+
+ def test_bug_16867_almost_identical(self):
+ """Test whether signing a package which already has a similar
+ but not identical signature results in an error."""
+
+ r = self.get_repo(self.dcs[1].get_repodir())
+ chain_cert_path = os.path.join(self.chain_certs_dir,
+ "ch1_ta3_cert.pem")
+ plist = self.pkgsend_bulk(self.rurl1, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s -i %(ch1)s %(name)s" % {
+ "name": plist[0],
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch1_ta3_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch1_ta3_cert.pem"),
+ "ch1": chain_cert_path
+ }
+ self.pkgsign(self.rurl1, sign_args)
+
+ mp = r.manifest(plist[0])
+ with open(mp, "rb") as fh:
+ ls = fh.readlines()
+ s = []
+ for l in ls:
+ # Double all signature actions.
+ if l.startswith("signature"):
+ a = action.fromstr(l)
+ a.attrs["value"] = "foo"
+ s.append(str(a))
+ else:
+ s.append(l)
+ with open(mp, "wb") as fh:
+ for l in s:
+ fh.write(l)
+ # Rebuild the catalog so that hash verification for the manifest
+ # won't cause problems.
+ r.rebuild()
+ # This should fail because the manifest already has almost
+ # identical signature actions in it.
+ self.pkgsign(self.rurl1, sign_args, exit=1)
+
+
+class TestPkgSignMultiDepot(pkg5unittest.ManyDepotTestCase):
+ # Tests in this suite use the read only data directory.
+ need_ro_data = True
+
+ example_pkg10 = """
+ open [email protected],5.11-0
+ add dir mode=0755 owner=root group=bin path=/bin
+ add dir mode=0755 owner=root group=bin path=/bin/example_dir
+ add dir mode=0755 owner=root group=bin path=/usr/lib/python2.4/vendor-packages/OpenSSL
+ add file tmp/example_file mode=0555 owner=root group=bin path=/bin/example_path
+ add set name=com.sun.service.incorporated_changes value="6556919 6627937"
+ add set name=com.sun.service.random_test value=42 value=79
+ add set name=com.sun.service.bug_ids value="4641790 4725245 4817791 4851433 4897491 4913776 6178339 6556919 6627937"
+ add set name=com.sun.service.keywords value="sort null -n -m -t sort 0x86 separator"
+ add set name=com.sun.service.info_url value=http://service.opensolaris.com/xml/pkg/[email protected],5.11-1:20080514I120000Z
+ add set description='FOOO bAr O OO OOO'
+ add set name='weirdness' value='] [ * ?'
+ close """
+
+ image_files = ['simple_file']
+ misc_files = ['tmp/example_file']
+
+ def seed_ta_dir(self, certs, dest_dir=None):
+ if isinstance(certs, basestring):
+ certs = [certs]
+ if not dest_dir:
+ dest_dir = self.ta_dir
+ self.assert_(dest_dir)
+ self.assert_(self.raw_trust_anchor_dir)
+ for c in certs:
+ name = "%s_cert.pem" % c
+ portable.copyfile(
+ os.path.join(self.raw_trust_anchor_dir, name),
+ os.path.join(dest_dir, name))
+
+ def pkg_image_create(self, *args, **kwargs):
+ pkg5unittest.ManyDepotTestCase.pkg_image_create(self,
+ *args, **kwargs)
+ self.ta_dir = os.path.join(self.img_path, "etc/certs/CA")
+ os.makedirs(self.ta_dir)
+ for f in self.image_files:
+ with open(os.path.join(self.img_path, f), "wb") as fh:
+ fh.close()
+
+ def image_create(self, *args, **kwargs):
+ pkg5unittest.ManyDepotTestCase.image_create(self,
+ *args, **kwargs)
+ self.ta_dir = os.path.join(self.img_path, "etc/certs/CA")
+ os.makedirs(self.ta_dir)
+ for f in self.image_files:
+ with open(os.path.join(self.img_path, f), "wb") as fh:
+ fh.close()
+
+ def setUp(self):
+ pkg5unittest.ManyDepotTestCase.setUp(self, ["test", "test"])
+ self.make_misc_files(self.misc_files)
+ self.durl1 = self.dcs[1].get_depot_url()
+ self.rurl1 = self.dcs[1].get_repo_url()
+ self.durl2 = self.dcs[2].get_depot_url()
+ self.rurl2 = self.dcs[2].get_repo_url()
+ self.ta_dir = None
+
+ self.path_to_certs = os.path.join(self.ro_data_root,
+ "signing_certs", "produced")
+ self.keys_dir = os.path.join(self.path_to_certs, "keys")
+ self.cs_dir = os.path.join(self.path_to_certs,
+ "code_signing_certs")
+ self.chain_certs_dir = os.path.join(self.path_to_certs,
+ "chain_certs")
+ self.raw_trust_anchor_dir = os.path.join(self.path_to_certs,
+ "trust_anchors")
+ self.crl_dir = os.path.join(self.path_to_certs, "crl")
+
+ def test_sign_pkgrecv(self):
+ """Check that signed packages can be transferred between
+ repos."""
+
+ plist = self.pkgsend_bulk(self.rurl2, self.example_pkg10)
+ sign_args = "-k %(key)s -c %(cert)s -i %(i1)s -i %(i2)s " \
+ "-i %(i3)s -i %(i4)s -i %(i5)s %(name)s" % {
+ "name": plist[0],
+ "key": os.path.join(self.keys_dir,
+ "cs1_ch5_ta1_key.pem"),
+ "cert": os.path.join(self.cs_dir,
+ "cs1_ch5_ta1_cert.pem"),
+ "i1": os.path.join(self.chain_certs_dir,
+ "ch1_ta1_cert.pem"),
+ "i2": os.path.join(self.chain_certs_dir,
+ "ch2_ta1_cert.pem"),
+ "i3": os.path.join(self.chain_certs_dir,
+ "ch3_ta1_cert.pem"),
+ "i4": os.path.join(self.chain_certs_dir,
+ "ch4_ta1_cert.pem"),
+ "i5": os.path.join(self.chain_certs_dir,
+ "ch5_ta1_cert.pem"),
+ }
+ self.pkgsign(self.rurl2, sign_args)
+
+ self.pkgrecv(self.rurl2, "-d %s example_pkg" % self.rurl1)
+
+ self.pkg_image_create(self.rurl1)
+ self.seed_ta_dir("ta1")
+ self.pkg("set-property signature-policy verify")
+
+ api_obj = self.get_img_api_obj()
+ self._api_install(api_obj, ["example_pkg"])
+
+
if __name__ == "__main__":
unittest.main()
--- a/src/tests/pkg5unittest.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/pkg5unittest.py Wed Apr 06 18:06:57 2011 -0700
@@ -101,7 +101,7 @@
# Version test suite is known to work with.
PKG_CLIENT_NAME = "pkg"
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
ELIDABLE_ERRORS = [ TestSkippedException, depotcontroller.DepotStateException ]
--- a/src/tests/ro_data/signing_certs/generate_certs.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/generate_certs.py Wed Apr 06 18:06:57 2011 -0700
@@ -186,34 +186,45 @@
os.mkdir("crl")
os.mkdir("keys")
os.mkdir("trust_anchors")
- os.mkdir("inter_certs")
- os.mkdir("publisher_cas")
os.mkdir("chain_certs")
os.mkdir("code_signing_certs")
# Make a length 7 chain.
make_trust_anchor("ta1")
- make_ca_cert("inter_certs", "i1_ta1", "trust_anchors", "ta1")
- make_ca_cert("inter_certs", "i2_ta1", "inter_certs", "i1_ta1")
- make_ca_cert("publisher_cas", "pubCA1_ta1", "inter_certs", "i2_ta1")
- make_ca_cert("chain_certs", "ch1_pubCA1", "publisher_cas", "pubCA1_ta1")
- make_ca_cert("chain_certs", "ch2_pubCA1", "chain_certs", "ch1_pubCA1")
- make_cs_cert("code_signing_certs", "cs1_pubCA1",
- "chain_certs", "ch2_pubCA1")
- # Make a chain where the publisher CA has revoked the code signing cert.
- make_cs_cert("code_signing_certs", "cs2_pubCA1",
- "chain_certs", "ch2_pubCA1", ext="pubCA1_ta1_crl")
- revoke_cert("pubCA1_ta1", "cs2_pubCA1", ca_dir="publisher_cas")
- # Make a chain where the chain cert has revoked the code signing cert.
- make_cs_cert("code_signing_certs", "cs3_pubCA1",
- "chain_certs", "ch2_pubCA1", ext="ch1_ta1_crl")
- revoke_cert("ch1_pubCA1", "cs3_pubCA1", ca_dir="chain_certs")
+ make_ca_cert("chain_certs", "ch1_ta1", "trust_anchors", "ta1",
+ ext="v3_ca_lp4")
+ make_ca_cert("chain_certs", "ch2_ta1", "chain_certs", "ch1_ta1",
+ ext="v3_ca_lp3")
+ make_ca_cert("chain_certs", "ch3_ta1", "chain_certs", "ch2_ta1",
+ ext="v3_ca_lp2")
+ make_ca_cert("chain_certs", "ch4_ta1", "chain_certs", "ch3_ta1",
+ ext="v3_ca_lp1")
+ make_ca_cert("chain_certs", "ch5_ta1", "chain_certs", "ch4_ta1",
+ ext="v3_ca_lp0")
+ make_cs_cert("code_signing_certs", "cs1_ch5_ta1",
+ "chain_certs", "ch5_ta1")
+ # Make a chain where a chain cert has revoked the code signing cert.
+ make_cs_cert("code_signing_certs", "cs2_ch5_ta1",
+ "chain_certs", "ch5_ta1", ext="ch5_ta1_crl")
+ revoke_cert("ch5_ta1", "cs2_ch5_ta1", ca_dir="chain_certs")
# Make a chain where the chain cert has an unsupported critical
# extension.
- make_ca_cert("chain_certs", "ch2.2_pubCA1", "chain_certs", "ch1_pubCA1",
+ make_ca_cert("chain_certs", "ch5.1_ta1", "chain_certs", "ch4_ta1",
ext="issuer_ext_ca")
- make_cs_cert("code_signing_certs", "cs4_pubCA1",
- "chain_certs", "ch2.2_pubCA1")
+ make_cs_cert("code_signing_certs", "cs1_ch5.1_ta1",
+ "chain_certs", "ch5.1_ta1")
+ # Make a chain where a chain cert has a larger number than is needed.
+ make_ca_cert("chain_certs", "ch5.2_ta1", "chain_certs", "ch4_ta1",
+ ext="v3_ca_lp1")
+ make_cs_cert("code_signing_certs", "cs1_ch5.2_ta1",
+ "chain_certs", "ch5.2_ta1")
+ # Make a chain where a chain cert has a smaller number than is needed.
+ make_ca_cert("chain_certs", "ch4.3_ta1", "chain_certs", "ch3_ta1",
+ ext="v3_ca_lp0")
+ make_ca_cert("chain_certs", "ch5.3_ta1", "chain_certs", "ch4.3_ta1",
+ ext="v3_ca_lp0")
+ make_cs_cert("code_signing_certs", "cs1_ch5.3_ta1",
+ "chain_certs", "ch5.3_ta1")
# Make a length 2 chain
make_trust_anchor("ta2")
@@ -221,82 +232,82 @@
# Make a length 3 chain
make_trust_anchor("ta3")
- make_ca_cert("publisher_cas", "pubCA1_ta3", "trust_anchors", "ta3")
- make_cs_cert("code_signing_certs", "cs1_p1_ta3",
- "publisher_cas", "pubCA1_ta3")
+ make_ca_cert("chain_certs", "ch1_ta3", "trust_anchors", "ta3")
+ make_cs_cert("code_signing_certs", "cs1_ch1_ta3",
+ "chain_certs", "ch1_ta3")
# Add a certificate to the length 3 chain with an unsupported critical
# extension.
- make_cs_cert("code_signing_certs", "cs2_p1_ta3",
- "publisher_cas", "pubCA1_ta3", ext="issuer_ext")
+ make_cs_cert("code_signing_certs", "cs2_ch1_ta3",
+ "chain_certs", "ch1_ta3", ext="issuer_ext")
# Add a certificate to the length 3 chain that has already expired.
- make_cs_cert("code_signing_certs", "cs3_p1_ta3",
- "publisher_cas", "pubCA1_ta3", expired=True)
+ make_cs_cert("code_signing_certs", "cs3_ch1_ta3",
+ "chain_certs", "ch1_ta3", expired=True)
# Add a certificate to the length 3 chain that is in the future.
- make_cs_cert("code_signing_certs", "cs4_p1_ta3",
- "publisher_cas", "pubCA1_ta3", future=True)
+ make_cs_cert("code_signing_certs", "cs4_ch1_ta3",
+ "chain_certs", "ch1_ta3", future=True)
# Add a certificate to the length 3 chain that has an unknown value for
# a recognized non-critical extension.
- make_cs_cert("code_signing_certs", "cs5_p1_ta3",
- "publisher_cas", "pubCA1_ta3", ext="issuer_ext_non_critical")
+ make_cs_cert("code_signing_certs", "cs5_ch1_ta3",
+ "chain_certs", "ch1_ta3", ext="issuer_ext_non_critical")
# Add a certificate to the length 3 chain that has an unknown value for
# a recognized critical extension.
- make_cs_cert("code_signing_certs", "cs6_p1_ta3",
- "publisher_cas", "pubCA1_ta3", ext="issuer_ext_bad_val")
+ make_cs_cert("code_signing_certs", "cs6_ch1_ta3",
+ "chain_certs", "ch1_ta3", ext="issuer_ext_bad_val")
# Add a certificate to the length 3 chain that has keyUsage information
# but cannot be used to sign code.
- make_cs_cert("code_signing_certs", "cs7_p1_ta3",
- "publisher_cas", "pubCA1_ta3", ext="v3_no_keyUsage")
+ make_cs_cert("code_signing_certs", "cs7_ch1_ta3",
+ "chain_certs", "ch1_ta3", ext="v3_no_keyUsage")
# Make a chain where a CS is used to sign another CS.
- make_cs_cert("code_signing_certs", "cs8_p1_ta3",
- "publisher_cas", "pubCA1_ta3", ext="v3_confused_cs")
- make_cs_cert("code_signing_certs", "cs1_cs8_p1_ta3",
- "code_signing_certs", "cs8_p1_ta3")
+ make_cs_cert("code_signing_certs", "cs8_ch1_ta3",
+ "chain_certs", "ch1_ta3", ext="v3_confused_cs")
+ make_cs_cert("code_signing_certs", "cs1_cs8_ch1_ta3",
+ "code_signing_certs", "cs8_ch1_ta3")
# Make a chain where the CA has an unsupported critical extension.
- make_ca_cert("publisher_cas", "pubCA2_ta3", "trust_anchors", "ta3",
+ make_ca_cert("chain_certs", "ch1.1_ta3", "trust_anchors", "ta3",
ext="issuer_ext_ca")
- make_cs_cert("code_signing_certs", "cs1_p2_ta3",
- "publisher_cas", "pubCA2_ta3")
+ make_cs_cert("code_signing_certs", "cs1_ch1.1_ta3",
+ "chain_certs", "ch1.1_ta3")
# Make a chain where the CA is expired but the CS is current.
- make_ca_cert("publisher_cas", "pubCA3_ta3", "trust_anchors", "ta3",
+ make_ca_cert("chain_certs", "ch1.2_ta3", "trust_anchors", "ta3",
expired=True)
- make_cs_cert("code_signing_certs", "cs1_p3_ta3",
- "publisher_cas", "pubCA3_ta3")
+ make_cs_cert("code_signing_certs", "cs1_ch1.2_ta3",
+ "chain_certs", "ch1.2_ta3")
# Make a chain where the CA is in the future but the CS is current.
- make_ca_cert("publisher_cas", "pubCA4_ta3", "trust_anchors", "ta3",
+ make_ca_cert("chain_certs", "ch1.3_ta3", "trust_anchors", "ta3",
future=True)
- make_cs_cert("code_signing_certs", "cs1_p4_ta3",
- "publisher_cas", "pubCA4_ta3")
+ make_cs_cert("code_signing_certs", "cs1_ch1.3_ta3",
+ "chain_certs", "ch1.3_ta3")
# Make a chain where the CA does not have keyUsage set.
- make_ca_cert("publisher_cas", "pubCA5_ta3", "trust_anchors", "ta3",
+ make_ca_cert("chain_certs", "ch1.4_ta3", "trust_anchors", "ta3",
future=True, ext="v3_ca_no_keyUsage")
- make_cs_cert("code_signing_certs", "cs1_p5_ta3",
- "publisher_cas", "pubCA5_ta3")
+ make_cs_cert("code_signing_certs", "cs1_ch1.4_ta3",
+ "chain_certs", "ch1.4_ta3")
# Revoke a code signing certificate from the publisher.
make_trust_anchor("ta4")
- make_ca_cert("publisher_cas", "pubCA1_ta4", "trust_anchors", "ta4")
- make_cs_cert("code_signing_certs", "cs1_ta4",
- "publisher_cas", "pubCA1_ta4", ext="crl_ext")
- revoke_cert("pubCA1_ta4", "cs1_ta4", ca_dir="publisher_cas")
- make_cs_cert("code_signing_certs", "cs2_ta4",
- "publisher_cas", "pubCA1_ta4", ext="bad_crl")
- make_cs_cert("code_signing_certs", "cs3_ta4",
- "publisher_cas", "pubCA1_ta4", ext="bad_crl_loc")
+ make_ca_cert("chain_certs", "ch1_ta4", "trust_anchors", "ta4")
+ make_cs_cert("code_signing_certs", "cs1_ch1_ta4",
+ "chain_certs", "ch1_ta4", ext="crl_ext")
+ revoke_cert("ch1_ta4", "cs1_ch1_ta4", ca_dir="chain_certs")
+ make_cs_cert("code_signing_certs", "cs2_ch1_ta4",
+ "chain_certs", "ch1_ta4", ext="bad_crl")
+ make_cs_cert("code_signing_certs", "cs3_ch1_ta4",
+ "chain_certs", "ch1_ta4", ext="bad_crl_loc")
# Revoke a code signing certificate but sign the CRL with a CA
# certificate that does not have that keyUsage set.
- make_ca_cert("publisher_cas", "pubCA2_ta4", "trust_anchors", "ta4",
+ make_ca_cert("chain_certs", "ch1.1_ta4", "trust_anchors", "ta4",
ext="v3_ca_no_crl")
- make_cs_cert("code_signing_certs", "cs1_p2_ta4",
- "publisher_cas", "pubCA2_ta4", ext="pubCA2_ta4_crl")
- revoke_cert("pubCA2_ta4", "cs1_p2_ta4", ca_dir="publisher_cas")
+ make_cs_cert("code_signing_certs", "cs1_ch1.1_ta4",
+ "chain_certs", "ch1.1_ta4", ext="ch1.1_ta4_crl")
+ revoke_cert("ch1.1_ta4", "cs1_ch1.1_ta4", ca_dir="chain_certs")
# Revoke a CA cert from the trust anchor
make_trust_anchor("ta5")
- make_ca_cert("publisher_cas", "pubCA1_ta5", "trust_anchors", "ta5",
+ make_ca_cert("chain_certs", "ch1_ta5", "trust_anchors", "ta5",
ext="crl_ca")
- make_cs_cert("code_signing_certs", "cs1_ta5",
- "publisher_cas", "pubCA1_ta5")
- revoke_cert("ta5", "pubCA1_ta5", cert_dir="publisher_cas")
+ make_cs_cert("code_signing_certs", "cs1_ch1_ta5",
+ "chain_certs", "ch1_ta5")
+ revoke_cert("ta5", "ch1_ta5", cert_dir="chain_certs")
os.remove(cnf_file)
os.chdir("../")
--- a/src/tests/ro_data/signing_certs/openssl.cnf Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/openssl.cnf Wed Apr 06 18:06:57 2011 -0700
@@ -116,6 +116,56 @@
basicConstraints = critical,CA:true
keyUsage = critical, keyCertSign, cRLSign
+[ v3_ca_lp4 ]
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true,pathlen:4
+keyUsage = critical, keyCertSign, cRLSign
+
+[ v3_ca_lp3 ]
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true,pathlen:3
+keyUsage = critical, keyCertSign, cRLSign
+
+[ v3_ca_lp2 ]
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true,pathlen:2
+keyUsage = critical, keyCertSign, cRLSign
+
+[ v3_ca_lp1 ]
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true,pathlen:1
+keyUsage = critical, keyCertSign, cRLSign
+
+[ v3_ca_lp0 ]
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true,pathlen:0
+keyUsage = critical, keyCertSign, cRLSign
+
[ v3_ca_no_crl ]
# Extensions for a CA which cannot sign a CRL.
@@ -168,21 +218,21 @@
# Used for testing certificate revocation.
basicConstraints = critical,CA:FALSE
-crlDistributionPoints = URI:http://localhost:12001/file/0/pubCA1_ta4_crl.pem
+crlDistributionPoints = URI:http://localhost:12001/file/0/ch1_ta4_crl.pem
-[ pubCA1_ta1_crl ]
+[ ch5_ta1_crl ]
# Used for testing certificate revocation.
basicConstraints = critical,CA:FALSE
-crlDistributionPoints = URI:http://localhost:12001/file/0/pubCA1_ta1_crl.pem
+crlDistributionPoints = URI:http://localhost:12001/file/0/ch5_ta1_crl.pem
-[ pubCA2_ta4_crl ]
+[ ch1.1_ta4_crl ]
# Used for testing certificate revocation.
basicConstraints = critical,CA:FALSE
-crlDistributionPoints = URI:http://localhost:12001/file/0/pubCA2_ta4_crl.pem
+crlDistributionPoints = URI:http://localhost:12001/file/0/ch1.1_ta4_crl.pem
[ ch1_ta1_crl ]
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/01.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta1/emailAddress=ch1_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ac:0e:d4:ba:18:4f:d2:22:6d:1e:0e:c5:31:18:
+ 76:c2:cd:70:f7:ab:97:60:94:39:69:c9:d5:98:d8:
+ c9:84:a6:1c:93:92:00:e0:fd:79:d2:ee:84:95:b5:
+ a1:38:3a:c0:76:61:fe:fe:be:44:9b:77:a0:bf:17:
+ d1:45:91:1d:ba:a0:7b:e6:7c:5d:3b:ad:50:2c:e7:
+ b9:41:08:d9:c5:ad:09:91:65:d1:72:57:42:2f:fb:
+ 1d:a0:d3:60:39:8c:7f:d2:91:59:d0:9b:0b:0b:85:
+ 77:7c:7a:4e:e3:de:f8:c2:1b:9d:29:19:a6:e4:7b:
+ e3:08:d8:c3:ee:fd:c0:13:1b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ DE:23:2E:B1:97:E8:21:FB:05:0A:EB:ED:50:A7:96:15:27:BE:77:92
+ X509v3 Authority Key Identifier:
+ keyid:06:D0:C0:FB:C5:79:67:F9:F9:10:92:CA:81:5B:5F:92:D8:D8:9F:A6
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
+ serial:DE:88:28:EC:1B:64:08:9C
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:4
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 58:36:94:f1:3b:54:9f:0d:3b:90:64:d6:b9:f4:6f:3f:60:85:
+ 13:a1:80:f3:6e:2b:1a:3a:4f:9a:08:e2:d9:da:14:9f:e2:3f:
+ 9b:10:75:0b:7e:c7:bc:c5:91:78:1d:8d:51:b4:7e:4a:ea:d4:
+ 9f:e9:20:1e:59:8b:8f:13:30:a6:90:fd:be:18:bc:07:39:89:
+ bb:66:65:4a:2a:4a:97:ae:bf:91:32:b6:4c:9d:9e:2d:5d:40:
+ d7:d0:28:f9:f2:89:ee:40:0a:a7:99:d2:ac:08:8b:54:9c:8d:
+ 3a:8c:94:71:76:22:f9:0d:7b:0a:96:31:f5:7d:7c:3b:17:d1:
+ d9:a7
+-----BEGIN CERTIFICATE-----
+MIIDMjCCApugAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcNAQkBFgN0YTEwHhcNMTEw
+MzIxMDA0OTIzWhcNMTMxMjE1MDA0OTIzWjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gxX3RhMTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArA7UuhhP0iJtHg7FMRh2ws1w96uXYJQ5
+acnVmNjJhKYck5IA4P150u6ElbWhODrAdmH+/r5Em3egvxfRRZEduqB75nxdO61Q
+LOe5QQjZxa0JkWXRcldCL/sdoNNgOYx/0pFZ0JsLC4V3fHpO4974whudKRmm5Hvj
+CNjD7v3AExsCAwEAAaOB4zCB4DAdBgNVHQ4EFgQU3iMusZfoIfsFCuvtUKeWFSe+
+d5IwgZoGA1UdIwSBkjCBj4AUBtDA+8V5Z/n5EJLKgVtfktjYn6ahbKRqMGgxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEW
+A3RhMYIJAN6IKOwbZAicMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBCwUAA4GBAFg2lPE7VJ8NO5Bk1rn0bz9ghROhgPNuKxo6
+T5oI4tnaFJ/iP5sQdQt+x7zFkXgdjVG0fkrq1J/pIB5Zi48TMKaQ/b4YvAc5ibtm
+ZUoqSpeuv5Eytkydni1dQNfQKPnyie5ACqeZ0qwIi1ScjTqMlHF2IvkNewqWMfV9
+fDsX0dmn
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/02.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta1/emailAddress=ch1_ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_ta1/emailAddress=ch2_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b2:2e:64:17:3d:dd:32:ab:60:b1:07:9e:8d:da:
+ 3c:50:91:b7:d2:c0:b2:bc:af:74:3b:c1:4e:6c:f3:
+ d0:98:91:32:34:fb:dd:48:04:3a:86:9f:e7:31:2e:
+ 19:b3:49:59:0b:20:19:b1:bb:52:91:45:57:ba:36:
+ 49:62:82:61:3b:8d:63:11:c8:a6:fa:9a:20:b8:34:
+ 4e:0e:4d:31:73:6b:ea:5e:d9:2d:fb:b5:f9:04:7c:
+ f9:9d:b0:0d:4f:74:2b:35:b1:4d:63:5d:11:48:7e:
+ 72:cd:f4:07:35:5f:e7:59:5e:16:e2:99:3a:b4:7f:
+ 4a:cc:bc:86:53:bd:55:bc:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 79:04:42:77:11:18:EC:24:43:48:52:11:99:DE:86:84:23:B1:50:77
+ X509v3 Authority Key Identifier:
+ keyid:DE:23:2E:B1:97:E8:21:FB:05:0A:EB:ED:50:A7:96:15:27:BE:77:92
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
+ serial:01
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:3
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 24:59:ab:c0:7d:fe:62:1b:1a:98:45:78:80:ef:a3:0e:6a:cd:
+ f9:ed:8a:4f:9b:18:59:ad:2b:d5:3d:db:7d:3f:ab:c3:4a:c7:
+ 33:95:33:43:4b:16:44:50:1a:6e:38:ad:7b:8f:f9:06:f4:72:
+ 7b:15:75:59:0d:db:11:a7:86:b4:e9:de:28:c9:39:d0:d7:25:
+ 46:51:26:16:bd:15:70:d1:b2:87:e2:2c:48:aa:28:96:0a:f8:
+ 4e:d4:44:99:66:62:04:6d:8d:2c:0f:f0:08:8d:d2:5c:fa:4e:
+ 62:1a:25:f1:5c:ef:44:56:83:35:a7:e3:a9:ca:c0:18:90:18:
+ 54:42
+-----BEGIN CERTIFICATE-----
+MIIDMjCCApugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDJfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDJf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyLmQXPd0yq2CxB56N2jxQ
+kbfSwLK8r3Q7wU5s89CYkTI0+91IBDqGn+cxLhmzSVkLIBmxu1KRRVe6NkligmE7
+jWMRyKb6miC4NE4OTTFza+pe2S37tfkEfPmdsA1PdCs1sU1jXRFIfnLN9Ac1X+dZ
+XhbimTq0f0rMvIZTvVW8VwIDAQABo4HbMIHYMB0GA1UdDgQWBBR5BEJ3ERjsJENI
+UhGZ3oaEI7FQdzCBkgYDVR0jBIGKMIGHgBTeIy6xl+gh+wUK6+1Qp5YVJ753kqFs
+pGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhMTESMBAGCSqG
+SIb3DQEJARYDdGExggEBMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBCwUAA4GBACRZq8B9/mIbGphFeIDvow5qzfntik+bGFmt
+K9U9230/q8NKxzOVM0NLFkRQGm44rXuP+Qb0cnsVdVkN2xGnhrTp3ijJOdDXJUZR
+Jha9FXDRsofiLEiqKJYK+E7URJlmYgRtjSwP8AiN0lz6TmIaJfFc70RWgzWn46nK
+wBiQGFRC
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/03.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 3 (0x3)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_ta1/emailAddress=ch2_ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch3_ta1/emailAddress=ch3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ab:d1:d5:d2:6a:72:f2:b9:20:07:53:98:e6:14:
+ fc:de:66:e7:0e:1d:ab:35:c7:f5:80:5c:fb:e7:03:
+ 4a:97:15:b7:da:3a:18:5f:50:39:1c:9a:aa:ad:f8:
+ 64:d3:76:a1:c7:e2:f8:56:c9:1d:af:3f:bb:d0:98:
+ f4:2c:c3:1c:ea:e3:18:f2:60:35:6e:3b:99:67:35:
+ 27:cb:64:7e:3c:1c:cb:64:d3:bc:60:f1:8a:37:47:
+ 9c:02:6e:7c:e3:d3:38:1a:f0:3d:93:31:83:57:ae:
+ 36:17:b4:20:e8:44:72:7f:d4:65:25:a5:42:b3:02:
+ 55:69:18:9b:fa:5f:7f:62:f3
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 9D:49:C0:40:BE:F9:2D:9D:38:CF:BB:7C:6C:33:70:E3:13:2C:F9:05
+ X509v3 Authority Key Identifier:
+ keyid:79:04:42:77:11:18:EC:24:43:48:52:11:99:DE:86:84:23:B1:50:77
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta1/emailAddress=ch1_ta1
+ serial:02
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:2
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 41:ff:9f:2c:11:ef:c9:51:0d:5a:68:82:16:89:b4:ab:7e:91:
+ 0e:ef:c9:86:d7:d9:47:8d:63:9a:a4:66:2e:d4:bc:58:c0:6a:
+ 23:e3:8e:ab:0b:44:c0:19:20:eb:96:bc:d2:39:b4:60:3f:3f:
+ 7c:d7:6d:39:09:ff:fb:bd:9f:35:de:54:64:85:fc:ee:86:91:
+ aa:95:11:a4:38:c5:28:71:ae:a8:4b:d7:b2:8f:24:59:da:57:
+ 92:31:ae:34:b3:21:cc:32:02:3c:b5:00:64:c4:1e:be:0d:af:
+ bd:e7:a6:3d:6f:77:84:62:04:21:cf:26:6b:8f:c5:1c:0b:4c:
+ 5c:dd
+-----BEGIN CERTIFICATE-----
+MIIDOjCCAqOgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gyX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gyX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDNfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDNf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCr0dXSanLyuSAHU5jmFPze
+ZucOHas1x/WAXPvnA0qXFbfaOhhfUDkcmqqt+GTTdqHH4vhWyR2vP7vQmPQswxzq
+4xjyYDVuO5lnNSfLZH48HMtk07xg8Yo3R5wCbnzj0zga8D2TMYNXrjYXtCDoRHJ/
+1GUlpUKzAlVpGJv6X39i8wIDAQABo4HjMIHgMB0GA1UdDgQWBBSdScBAvvktnTjP
+u3xsM3DjEyz5BTCBmgYDVR0jBIGSMIGPgBR5BEJ3ERjsJENIUhGZ3oaEI7FQd6F0
+pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEDAOBgNVBAMUB2NoMV90YTExFjAU
+BgkqhkiG9w0BCQEWB2NoMV90YTGCAQIwEgYDVR0TAQH/BAgwBgEB/wIBAjAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAQf+fLBHvyVENWmiCFom0q36R
+Du/JhtfZR41jmqRmLtS8WMBqI+OOqwtEwBkg65a80jm0YD8/fNdtOQn/+72fNd5U
+ZIX87oaRqpURpDjFKHGuqEvXso8kWdpXkjGuNLMhzDICPLUAZMQevg2vveemPW93
+hGIEIc8ma4/FHAtMXN0=
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/chain_certs/04.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/04.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,63 +3,63 @@
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta1/emailAddress=pubCA1_ta1
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch3_ta1/emailAddress=ch3_ta1
Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_pubCA1/emailAddress=ch1_pubCA1
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:d8:64:e4:d7:2c:48:51:df:1e:a5:e3:ba:8e:d9:
- 11:9e:05:43:4c:17:20:37:93:c9:95:40:08:50:c7:
- ed:a7:20:8f:51:fe:45:b6:d5:e6:5b:f5:30:bb:95:
- 95:2e:c9:cc:3d:b6:7d:07:55:7a:ec:36:4b:92:c8:
- cd:97:b4:0e:72:43:22:dd:3b:bc:1f:7e:9a:de:5d:
- 97:3f:cb:48:08:c8:20:64:59:d9:db:88:3a:3c:3d:
- 6d:1f:57:42:c0:17:b3:67:1d:3c:1b:1a:53:02:0d:
- 8c:af:91:89:7b:4c:13:49:77:5d:c1:56:80:2b:a2:
- 5c:79:c7:c6:c1:61:95:4a:35
+ 00:bc:b0:1a:27:f4:c4:84:a7:3e:96:d8:95:a1:35:
+ 16:b8:82:cc:de:c1:b5:3e:66:0d:0e:cd:3f:5f:38:
+ f1:aa:ae:0b:63:56:87:52:e5:b0:b0:6e:6b:fb:47:
+ 97:03:db:50:04:25:d8:f9:75:9b:81:4f:d9:99:bd:
+ 53:47:0a:97:7c:d4:02:40:b8:92:5d:77:d2:2d:64:
+ 88:f7:a9:dc:c2:ba:96:f0:74:fa:61:53:9e:a6:84:
+ 97:ed:97:49:08:36:29:d5:2c:f4:05:d3:81:e2:f8:
+ 7f:f0:05:96:05:29:b0:2f:29:66:6d:32:3d:1e:b7:
+ 79:b5:67:e7:34:4b:00:79:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- C6:B5:AB:18:BB:95:31:CE:CA:76:FC:4A:0E:4A:67:25:0D:6A:2B:8B
+ 52:80:D6:40:50:47:FD:82:5A:83:A4:24:CE:3E:DC:C7:E1:6F:56:00
X509v3 Authority Key Identifier:
- keyid:F1:31:DD:AE:13:EF:6C:62:A3:83:98:4D:1F:0D:25:1A:21:28:1E:5D
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=i2_ta1/emailAddress=i2_ta1
+ keyid:9D:49:C0:40:BE:F9:2D:9D:38:CF:BB:7C:6C:33:70:E3:13:2C:F9:05
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2_ta1/emailAddress=ch2_ta1
serial:03
X509v3 Basic Constraints: critical
- CA:TRUE
+ CA:TRUE, pathlen:1
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 6b:c1:e0:d3:b6:d9:9f:b5:a4:fd:37:99:77:76:4a:55:ee:4e:
- e6:90:6e:98:77:87:56:cc:6f:a8:4d:2b:11:06:e6:bf:66:9d:
- 8f:21:b7:06:bd:1d:1f:df:12:49:41:84:86:ff:e0:19:6a:f0:
- 29:28:dd:d4:45:bd:19:af:f6:67:32:20:1d:af:fa:d4:f8:6e:
- 00:cd:32:c4:ca:62:f9:89:b1:85:21:a6:5c:cc:11:60:b4:50:
- 3b:40:fb:cd:d2:eb:72:f7:f1:26:94:4d:a6:5a:81:e9:67:d2:
- 0c:7d:d6:7f:ee:8a:83:a9:7c:9e:65:b2:c6:67:ef:ef:2b:a6:
- 2d:a6
+ 65:cf:99:2f:0c:5c:87:4b:5c:8e:19:82:57:a8:a2:f9:51:a0:
+ 89:24:0b:6e:ca:8b:68:4c:1f:28:ee:8d:95:44:9d:23:52:76:
+ 6d:90:cb:7f:ab:0a:46:87:0c:69:94:41:4b:2e:04:ef:e9:72:
+ f4:17:ab:6f:86:76:dd:19:e3:65:cb:df:31:e5:2b:10:fb:04:
+ 6e:b8:60:e4:59:98:09:2b:13:31:2f:8d:c6:28:24:1f:39:ae:
+ 2e:39:8c:8f:8f:d1:0c:6b:cd:be:db:16:c9:8d:aa:f0:94:c5:
+ da:cd:85:08:fc:02:2b:f2:6e:e4:d6:9a:ef:55:0c:c2:d0:ba:
+ c0:27
-----BEGIN CERTIFICATE-----
-MIIDQTCCAqqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIDOjCCAqOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMTEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMTAeFw0xMTAxMjgwMjU0MTBaFw0xMzEwMjQwMjU0MTBaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjaDFfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjaDFfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYZOTX
-LEhR3x6l47qO2RGeBUNMFyA3k8mVQAhQx+2nII9R/kW21eZb9TC7lZUuycw9tn0H
-VXrsNkuSyM2XtA5yQyLdO7wffpreXZc/y0gIyCBkWdnbiDo8PW0fV0LAF7NnHTwb
-GlMCDYyvkYl7TBNJd13BVoArolx5x8bBYZVKNQIDAQABo4HeMIHbMB0GA1UdDgQW
-BBTGtasYu5Uxzsp2/EoOSmclDWorizCBmAYDVR0jBIGQMIGNgBTxMd2uE+9sYqOD
-mE0fDSUaISgeXaFypHAwbjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
-aWExEzARBgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDzANBgNVBAMU
-BmkyX3RhMTEVMBMGCSqGSIb3DQEJARYGaTJfdGExggEDMA8GA1UdEwEB/wQFMAMB
-Af8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAGvB4NO22Z+1pP03
-mXd2SlXuTuaQbph3h1bMb6hNKxEG5r9mnY8htwa9HR/fEklBhIb/4Blq8Cko3dRF
-vRmv9mcyIB2v+tT4bgDNMsTKYvmJsYUhplzMEWC0UDtA+83S63L38SaUTaZageln
-0gx91n/uioOpfJ5lssZn7+8rpi2m
+ChMEcGtnNTEQMA4GA1UEAxQHY2gzX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gzX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDRfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDRf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8sBon9MSEpz6W2JWhNRa4
+gszewbU+Zg0OzT9fOPGqrgtjVodS5bCwbmv7R5cD21AEJdj5dZuBT9mZvVNHCpd8
+1AJAuJJdd9ItZIj3qdzCupbwdPphU56mhJftl0kINinVLPQF04Hi+H/wBZYFKbAv
+KWZtMj0et3m1Z+c0SwB5RwIDAQABo4HjMIHgMB0GA1UdDgQWBBRSgNZAUEf9glqD
+pCTOPtzH4W9WADCBmgYDVR0jBIGSMIGPgBSdScBAvvktnTjPu3xsM3DjEyz5BaF0
+pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEDAOBgNVBAMUB2NoMl90YTExFjAU
+BgkqhkiG9w0BCQEWB2NoMl90YTGCAQMwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAZc+ZLwxch0tcjhmCV6ii+VGg
+iSQLbsqLaEwfKO6NlUSdI1J2bZDLf6sKRocMaZRBSy4E7+ly9Berb4Z23RnjZcvf
+MeUrEPsEbrhg5FmYCSsTMS+NxigkHzmuLjmMj4/RDGvNvtsWyY2q8JTF2s2FCPwC
+K/Ju5Naa71UMwtC6wCc=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/chain_certs/05.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/05.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,63 +3,63 @@
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_pubCA1/emailAddress=ch1_pubCA1
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5_ta1/emailAddress=ch5_ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ec:10:82:b8:bd:a9:12:9e:70:2e:52:89:62:d7:
- 8d:9c:a4:01:07:27:ee:20:92:6e:07:1e:dd:58:98:
- 5b:65:6f:85:1b:b0:cd:e7:6d:f6:b3:9b:bd:1f:be:
- 93:09:79:b6:f8:0a:45:8c:c4:b8:22:a3:fb:ad:96:
- 03:6b:0f:18:b6:fa:d3:b5:35:99:92:a3:82:a2:71:
- 93:ba:76:e4:ba:f6:87:2f:e8:a2:ed:2b:0c:a7:e4:
- bf:ae:9c:03:08:8a:1e:29:25:66:72:14:f1:99:05:
- 2c:29:14:4d:59:b8:71:d6:95:78:48:7d:a3:b9:8f:
- eb:9e:e9:7c:b8:5c:65:5b:e7
+ 00:d3:82:fa:b8:50:8a:e0:df:3b:22:76:0f:c1:a2:
+ 7b:fa:c3:09:fc:49:9f:ac:e3:9e:f1:60:66:8f:04:
+ ec:80:fd:1b:5c:a0:b1:3c:14:e0:79:d6:f9:49:d1:
+ 69:21:af:c6:37:7b:f0:e1:29:9e:a5:85:45:ec:e0:
+ 2b:5b:79:4b:39:28:0a:ab:5a:38:46:48:4e:c2:95:
+ b0:ff:77:50:b0:32:25:95:11:c6:52:ff:27:d0:e6:
+ 83:5a:3e:6a:58:11:66:ba:84:ac:7a:d3:db:b4:75:
+ fa:41:ea:ad:af:13:5b:12:b4:c3:3b:46:38:13:5d:
+ 53:b2:59:33:fc:76:5e:e9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- A2:7C:37:64:6C:9B:F6:34:69:35:2F:6E:2A:03:57:1C:DD:C7:69:60
+ ED:B5:69:19:79:F6:9F:B1:40:1F:75:72:AD:B9:B6:7B:EF:65:4A:E9
X509v3 Authority Key Identifier:
- keyid:C6:B5:AB:18:BB:95:31:CE:CA:76:FC:4A:0E:4A:67:25:0D:6A:2B:8B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta1/emailAddress=pubCA1_ta1
+ keyid:52:80:D6:40:50:47:FD:82:5A:83:A4:24:CE:3E:DC:C7:E1:6F:56:00
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
serial:04
X509v3 Basic Constraints: critical
- CA:TRUE
+ CA:TRUE, pathlen:0
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 8f:da:b0:83:87:60:1c:12:43:c5:37:e3:09:36:f2:5b:b2:e8:
- 36:eb:d5:c6:00:30:22:8c:e0:33:6a:61:8b:1b:45:d3:b4:e3:
- c0:05:54:ef:52:1e:d1:41:f5:7d:c2:3b:0d:24:d5:78:bf:f1:
- 93:ad:32:c5:66:8c:3b:84:0d:f7:0b:e4:08:2c:bf:10:47:09:
- 02:18:d4:19:40:f1:18:af:c1:38:90:89:b1:a2:48:d2:b1:4d:
- f9:ad:86:f2:64:cc:35:fb:35:87:25:49:2b:e3:29:23:f3:fd:
- 47:55:4c:2d:05:c3:c4:5b:75:27:4a:45:2a:e2:7f:5b:c5:b8:
- 97:78
+ 13:d3:94:3b:b2:b5:f4:74:4d:09:85:d8:53:0a:c9:b5:54:ab:
+ 83:3b:55:9c:a6:28:33:35:fb:ba:1b:86:4c:19:39:35:f4:91:
+ 4c:9b:78:1e:30:73:58:41:da:b9:5b:7f:54:b1:39:5d:47:56:
+ d8:cc:3a:4b:7a:1c:32:32:b8:9b:90:be:a3:f6:04:87:ea:4c:
+ 81:95:0a:aa:09:03:86:db:d8:61:4f:4b:ea:40:ac:09:eb:7b:
+ 8a:39:07:4d:6a:54:b5:fc:9b:72:52:79:9a:a5:89:01:0d:00:
+ aa:6c:ab:7a:4e:1b:d8:63:c4:a2:dc:7c:51:df:7c:1c:36:ad:
+ a6:ec
-----BEGIN CERTIFICATE-----
-MIIDSTCCArKgAwIBAgIBBTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIDOjCCAqOgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gxX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gx
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTBaFw0xMzEwMjQwMjU0MTBaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjaDJfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjaDJfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDsEIK4
-vakSnnAuUoli142cpAEHJ+4gkm4HHt1YmFtlb4UbsM3nbfazm70fvpMJebb4CkWM
-xLgio/utlgNrDxi2+tO1NZmSo4KicZO6duS69ocv6KLtKwyn5L+unAMIih4pJWZy
-FPGZBSwpFE1ZuHHWlXhIfaO5j+ue6Xy4XGVb5wIDAQABo4HmMIHjMB0GA1UdDgQW
-BBSifDdkbJv2NGk1L24qA1cc3cdpYDCBoAYDVR0jBIGYMIGVgBTGtasYu5Uxzsp2
-/EoOSmclDWori6F6pHgwdjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
-aWExEzARBgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEzARBgNVBAMU
-CnB1YkNBMV90YTExGTAXBgkqhkiG9w0BCQEWCnB1YkNBMV90YTGCAQQwDwYDVR0T
-AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAj9qw
-g4dgHBJDxTfjCTbyW7LoNuvVxgAwIozgM2phixtF07TjwAVU71Ie0UH1fcI7DSTV
-eL/xk60yxWaMO4QN9wvkCCy/EEcJAhjUGUDxGK/BOJCJsaJI0rFN+a2G8mTMNfs1
-hyVJK+MpI/P9R1VMLQXDxFt1J0pFKuJ/W8W4l3g=
+ChMEcGtnNTEQMA4GA1UEAxQHY2g0X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g0X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDVfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDVf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTgvq4UIrg3zsidg/Bonv6
+wwn8SZ+s457xYGaPBOyA/RtcoLE8FOB51vlJ0Wkhr8Y3e/DhKZ6lhUXs4CtbeUs5
+KAqrWjhGSE7ClbD/d1CwMiWVEcZS/yfQ5oNaPmpYEWa6hKx609u0dfpB6q2vE1sS
+tMM7RjgTXVOyWTP8dl7p1wIDAQABo4HjMIHgMB0GA1UdDgQWBBTttWkZefafsUAf
+dXKtubZ772VK6TCBmgYDVR0jBIGSMIGPgBRSgNZAUEf9glqDpCTOPtzH4W9WAKF0
+pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEDAOBgNVBAMUB2NoM190YTExFjAU
+BgkqhkiG9w0BCQEWB2NoM190YTGCAQQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAE9OUO7K19HRNCYXYUwrJtVSr
+gztVnKYoMzX7uhuGTBk5NfSRTJt4HjBzWEHauVt/VLE5XUdW2Mw6S3ocMjK4m5C+
+o/YEh+pMgZUKqgkDhtvYYU9L6kCsCet7ijkHTWpUtfybclJ5mqWJAQ0Aqmyrek4b
+2GPEotx8Ud98HDatpuw=
-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/08.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,55 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 8 (0x8)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.1_ta1/emailAddress=ch5.1_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d7:b9:78:e1:ad:bd:98:ac:da:90:68:26:db:d7:
+ ed:5b:e4:0f:d7:ef:c1:4d:84:20:4b:7c:ef:27:50:
+ 4b:ab:e0:61:10:10:ae:6b:d6:ed:96:b3:04:18:b2:
+ 4d:30:b8:23:97:24:a9:92:6a:19:95:fc:bc:7a:70:
+ ab:65:55:26:4a:62:dd:09:df:9b:03:e1:38:f8:ba:
+ ac:2d:26:f3:76:84:c9:5d:f8:21:a0:57:d0:6c:ad:
+ 2e:60:cc:af:15:03:8f:e5:e0:e2:86:df:ed:07:a5:
+ 4a:35:fe:65:78:94:5f:07:bd:d0:f7:7a:28:8e:5d:
+ 98:21:7b:c5:6d:fe:43:5c:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Issuer Alternative Name: critical
+ <EMPTY>
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 57:9c:5a:4b:ab:37:f1:61:c6:ab:27:91:f0:8b:68:aa:8d:81:
+ 0b:6f:4c:ae:9b:05:91:e6:f3:1a:91:6f:8a:e8:5c:a4:9e:dd:
+ a9:aa:2f:2a:85:e9:77:6d:d4:04:d5:07:e4:ad:3d:db:90:8f:
+ 08:99:ca:c2:4c:c5:8c:c9:6b:01:e8:98:2f:6e:ad:17:46:59:
+ 15:3a:72:ee:16:30:3e:14:82:6a:7f:ea:89:ce:b8:9d:00:14:
+ af:c7:bf:06:54:04:c5:3c:ab:f6:96:48:1a:a5:60:b5:3d:94:
+ 41:91:24:8a:98:bb:8d:ea:be:f3:4b:2d:fc:8d:de:06:48:9e:
+ 35:55
+-----BEGIN CERTIFICATE-----
+MIICezCCAeSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g0X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g0X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHQxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRIwEAYDVQQDFAljaDUuMV90YTExGDAWBgkqhkiG9w0BCQEWCWNo
+NS4xX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA17l44a29mKzakGgm
+29ftW+QP1+/BTYQgS3zvJ1BLq+BhEBCua9btlrMEGLJNMLgjlySpkmoZlfy8enCr
+ZVUmSmLdCd+bA+E4+LqsLSbzdoTJXfghoFfQbK0uYMyvFQOP5eDiht/tB6VKNf5l
+eJRfB73Q93oojl2YIXvFbf5DXFcCAwEAAaMhMB8wDwYDVR0TAQH/BAUwAwEB/zAM
+BgNVHRIBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4GBAFecWkurN/FhxqsnkfCLaKqN
+gQtvTK6bBZHm8xqRb4roXKSe3amqLyqF6Xdt1ATVB+StPduQjwiZysJMxYzJawHo
+mC9urRdGWRU6cu4WMD4Ugmp/6onOuJ0AFK/HvwZUBMU8q/aWSBqlYLU9lEGRJIqY
+u43qvvNLLfyN3gZInjVV
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/chain_certs/09.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 9 (0x9)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_pubCA1/emailAddress=ch1_pubCA1
- Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2.2_pubCA1/emailAddress=ch2.2_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c8:33:0b:b1:2a:41:42:8c:70:88:60:cd:52:0e:
- ac:43:d5:65:9d:4a:29:4d:e6:32:9d:a7:ae:0e:dd:
- 0c:68:3e:bd:0b:51:77:53:7d:c8:1d:49:a2:19:23:
- 95:41:b4:9b:1f:89:fb:21:9c:f8:2b:e3:65:c3:17:
- 22:cb:c6:f6:b4:cd:92:ae:a6:b1:f4:41:78:9e:0d:
- 4c:4b:36:39:a4:8d:a9:2a:11:1e:08:1a:83:f6:3d:
- 36:ab:d2:c7:48:e7:c7:7d:53:54:6a:a0:05:ca:5e:
- 8d:b9:7f:eb:91:64:38:ec:32:0f:69:66:15:52:6a:
- 2d:bd:5f:18:71:99:d4:1e:1d
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Issuer Alternative Name: critical
- <EMPTY>
-
- Signature Algorithm: sha256WithRSAEncryption
- 68:9e:f9:b9:92:e1:89:22:3f:c0:f0:e6:c5:61:f5:c5:c6:8a:
- 01:12:fb:d4:1c:86:1a:33:fa:6d:9f:a1:55:76:6b:1f:bb:13:
- 36:0d:94:20:c6:92:38:1e:5a:4d:e2:a9:60:76:b3:2b:24:c5:
- fc:a7:f3:32:22:14:d6:e3:cd:0b:55:40:92:15:a7:f2:09:35:
- 02:e1:4e:b5:54:5a:41:54:cc:78:82:f3:d7:97:24:16:b0:b9:
- 00:35:a2:55:da:f2:ce:05:d3:46:f9:20:fa:35:9b:aa:12:3e:
- ec:a8:d0:f6:40:6b:0e:5c:de:85:5f:b1:5e:5f:9f:f2:47:ec:
- d4:b9
------BEGIN CERTIFICATE-----
-MIIChzCCAfCgAwIBAgIBCTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gxX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gx
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHoxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRUwEwYDVQQDFAxjaDIuMl9wdWJDQTExGzAZBgkqhkiG
-9w0BCQEWDGNoMi4yX3B1YkNBMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-yDMLsSpBQoxwiGDNUg6sQ9VlnUopTeYynaeuDt0MaD69C1F3U33IHUmiGSOVQbSb
-H4n7IZz4K+Nlwxciy8b2tM2Srqax9EF4ng1MSzY5pI2pKhEeCBqD9j02q9LHSOfH
-fVNUaqAFyl6NuX/rkWQ47DIPaWYVUmotvV8YcZnUHh0CAwEAAaMhMB8wDwYDVR0T
-AQH/BAUwAwEB/zAMBgNVHRIBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4GBAGie+bmS
-4YkiP8Dw5sVh9cXGigES+9Qchhoz+m2foVV2ax+7EzYNlCDGkjgeWk3iqWB2sysk
-xfyn8zIiFNbjzQtVQJIVp/IJNQLhTrVUWkFUzHiC89eXJBawuQA1olXa8s4F00b5
-IPo1m6oSPuyo0PZAaw5c3oVfsV5fn/JH7NS5
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/0A.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 10 (0xa)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.2_ta1/emailAddress=ch5.2_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ae:6a:8e:9d:ec:f8:54:be:fb:5c:ae:02:f6:32:
+ dc:e0:8c:a7:3a:26:62:27:93:68:2d:c5:7d:84:0a:
+ ae:c5:d6:a6:61:a5:d4:0b:6c:e2:b8:43:6a:a4:af:
+ 78:a7:dc:4d:b4:d5:b1:85:67:57:d2:a8:61:c4:08:
+ 21:34:07:4c:d5:87:71:65:8b:d3:af:44:87:3f:f5:
+ d5:2d:45:83:3e:52:4d:0a:6d:cb:68:55:8e:f4:bc:
+ 2b:50:6d:e6:69:50:68:6c:a1:be:ec:cd:e2:96:96:
+ 96:04:8d:ba:32:b9:0d:90:87:0f:ff:f0:ab:77:92:
+ 51:ac:ef:36:b3:6b:2d:17:93
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 51:52:C7:88:A6:9D:32:EF:AC:95:BF:79:10:0B:6E:F7:65:94:A7:F9
+ X509v3 Authority Key Identifier:
+ keyid:52:80:D6:40:50:47:FD:82:5A:83:A4:24:CE:3E:DC:C7:E1:6F:56:00
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
+ serial:04
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:1
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 61:86:a8:a9:d8:9f:08:19:cc:fd:ad:24:65:2e:67:dc:39:79:
+ 35:75:d5:c4:06:4b:e2:84:ce:86:9a:b8:b9:d6:00:a4:47:41:
+ a8:57:4f:09:2d:b4:cb:7f:40:73:8a:a3:fe:9d:eb:14:00:f0:
+ e8:f5:23:b2:30:19:31:d9:15:98:96:f2:6b:80:9e:11:52:b2:
+ f5:d3:ed:30:38:c7:a0:d1:21:fc:7a:99:cd:1f:a8:fc:6b:0b:
+ 31:29:02:1a:1e:77:c8:75:70:5f:13:cf:92:02:79:a9:e1:d7:
+ d9:2a:38:f7:ff:0a:8d:21:1a:5a:8e:25:1e:8c:a7:02:f0:ff:
+ ef:02
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAqegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g0X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g0X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHQxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRIwEAYDVQQDFAljaDUuMl90YTExGDAWBgkqhkiG9w0BCQEWCWNo
+NS4yX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArmqOnez4VL77XK4C
+9jLc4IynOiZiJ5NoLcV9hAquxdamYaXUC2ziuENqpK94p9xNtNWxhWdX0qhhxAgh
+NAdM1YdxZYvTr0SHP/XVLUWDPlJNCm3LaFWO9LwrUG3maVBobKG+7M3ilpaWBI26
+MrkNkIcP//Crd5JRrO82s2stF5MCAwEAAaOB4zCB4DAdBgNVHQ4EFgQUUVLHiKad
+Mu+slb95EAtu92WUp/kwgZoGA1UdIwSBkjCBj4AUUoDWQFBH/YJag6Qkzj7cx+Fv
+VgChdKRyMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD
+VQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjaDNfdGEx
+MRYwFAYJKoZIhvcNAQkBFgdjaDNfdGExggEEMBIGA1UdEwEB/wQIMAYBAf8CAQEw
+DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAGGGqKnYnwgZzP2tJGUu
+Z9w5eTV11cQGS+KEzoaauLnWAKRHQahXTwkttMt/QHOKo/6d6xQA8Oj1I7IwGTHZ
+FZiW8muAnhFSsvXT7TA4x6DRIfx6mc0fqPxrCzEpAhoed8h1cF8Tz5ICeanh19kq
+OPf/Co0hGlqOJR6MpwLw/+8C
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/0C.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 12 (0xc)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch3_ta1/emailAddress=ch3_ta1
+ Validity
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4.3_ta1/emailAddress=ch4.3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bf:bb:29:f0:2f:1e:74:b0:bc:ea:4d:fe:c7:9b:
+ d3:4c:ce:d5:46:d1:11:ef:56:6f:9a:be:1a:53:c3:
+ 04:3b:cd:10:14:87:67:c5:87:39:8e:a3:17:aa:42:
+ f4:09:cc:31:68:2a:6e:1c:50:2c:70:5a:de:59:10:
+ c0:74:ea:73:2b:06:1c:d9:20:29:f4:48:d5:c9:1e:
+ 29:0a:9d:47:73:68:50:f4:75:34:06:93:d5:a9:7e:
+ b8:20:2e:6d:ef:79:c3:92:83:79:53:4b:26:9e:80:
+ 32:19:5f:39:fe:44:7b:89:09:dc:63:7a:4c:ad:d6:
+ 77:31:1a:9c:26:3c:af:3c:7b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ B2:F9:FB:5A:A8:19:23:A0:E6:D5:C5:4C:B0:2D:8B:01:65:7F:9E:49
+ X509v3 Authority Key Identifier:
+ keyid:9D:49:C0:40:BE:F9:2D:9D:38:CF:BB:7C:6C:33:70:E3:13:2C:F9:05
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2_ta1/emailAddress=ch2_ta1
+ serial:03
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 44:f7:b5:6e:5f:59:fc:8f:11:6f:c8:52:14:e2:f6:e2:13:36:
+ 03:88:ab:7f:86:bc:56:a6:d8:f1:94:bd:ac:48:36:f5:af:5d:
+ 63:f5:47:1e:03:ac:64:2d:08:ee:1c:4f:0b:08:3d:cf:48:0a:
+ 2b:94:12:d7:b7:96:00:d0:76:e6:3b:63:fa:ea:2a:c8:46:04:
+ 94:9e:a2:51:88:b5:54:96:63:6d:a5:10:f2:6c:3b:fb:2b:ef:
+ cc:ee:8a:d4:c1:a0:05:e4:c0:4f:23:dc:2b:5b:c3:18:37:68:
+ 90:98:3d:12:17:e0:b8:e4:38:75:34:58:08:03:05:15:3d:b7:
+ b6:64
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAqegAwIBAgIBDDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gzX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gzX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjZaFw0xMzEyMTUwMDQ5MjZaMHQxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRIwEAYDVQQDFAljaDQuM190YTExGDAWBgkqhkiG9w0BCQEWCWNo
+NC4zX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv7sp8C8edLC86k3+
+x5vTTM7VRtER71Zvmr4aU8MEO80QFIdnxYc5jqMXqkL0CcwxaCpuHFAscFreWRDA
+dOpzKwYc2SAp9EjVyR4pCp1Hc2hQ9HU0BpPVqX64IC5t73nDkoN5U0smnoAyGV85
+/kR7iQncY3pMrdZ3MRqcJjyvPHsCAwEAAaOB4zCB4DAdBgNVHQ4EFgQUsvn7WqgZ
+I6Dm1cVMsC2LAWV/nkkwgZoGA1UdIwSBkjCBj4AUnUnAQL75LZ04z7t8bDNw4xMs
++QWhdKRyMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD
+VQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjaDJfdGEx
+MRYwFAYJKoZIhvcNAQkBFgdjaDJfdGExggEDMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAET3tW5fWfyPEW/IUhTi
+9uITNgOIq3+GvFam2PGUvaxINvWvXWP1Rx4DrGQtCO4cTwsIPc9ICiuUEte3lgDQ
+duY7Y/rqKshGBJSeolGItVSWY22lEPJsO/sr78zuitTBoAXkwE8j3Ctbwxg3aJCY
+PRIX4LjkOHU0WAgDBRU9t7Zk
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/0D.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 13 (0xd)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4.3_ta1/emailAddress=ch4.3_ta1
+ Validity
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.3_ta1/emailAddress=ch5.3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b6:f8:e3:58:93:ea:62:c9:34:62:40:97:14:c7:
+ 2e:45:45:56:a8:05:4b:da:9d:6e:7f:0e:54:92:00:
+ 9a:0d:c7:cf:5f:65:49:35:1a:d3:9d:e3:53:62:59:
+ ab:94:9e:01:8b:df:d6:7f:ea:d9:c9:f8:ff:cb:a3:
+ 43:4e:4b:ba:d4:8c:fb:e7:4d:0b:ac:d3:c2:1b:54:
+ eb:9a:17:95:d9:9d:38:e6:e9:b6:7f:d6:da:1a:33:
+ d0:2e:f7:93:67:9c:1e:7f:12:1f:71:37:a0:e5:ac:
+ f6:18:81:5e:bc:a0:75:a6:96:18:01:6e:7a:e2:42:
+ 2a:90:d1:31:64:f1:06:31:f5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 63:11:18:64:5B:58:88:7E:89:2C:0C:88:B4:3F:5C:02:58:7B:4A:E7
+ X509v3 Authority Key Identifier:
+ keyid:B2:F9:FB:5A:A8:19:23:A0:E6:D5:C5:4C:B0:2D:8B:01:65:7F:9E:49
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
+ serial:0C
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 90:9a:37:9a:90:06:27:6c:4a:27:9e:c4:b5:e0:28:50:27:b2:
+ 0c:d0:64:74:de:79:3f:b8:c1:10:76:a9:5a:04:2e:78:3d:e7:
+ d7:f8:64:aa:0e:1a:a0:bb:0e:3b:23:f0:e8:68:0d:9d:f4:1b:
+ c0:4e:2c:90:b2:5d:de:41:4b:56:6a:85:26:05:83:3a:cf:e2:
+ b0:2a:f7:99:d9:37:6e:df:2a:24:3f:1e:22:6b:a3:cd:b4:4a:
+ da:64:32:a3:5b:f5:02:44:12:65:cd:f3:15:29:71:77:b1:93:
+ 9b:ea:67:5d:de:c0:32:f6:f2:aa:a1:f0:d8:36:d9:5e:d7:50:
+ e6:cc
+-----BEGIN CERTIFICATE-----
+MIIDQjCCAqugAwIBAgIBDTANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2g0LjNfdGExMRgwFgYJKoZIhvcNAQkBFgljaDQu
+M190YTEwHhcNMTEwMzIxMDA0OTI2WhcNMTMxMjE1MDA0OTI2WjB0MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTESMBAGA1UEAxQJY2g1LjNfdGExMRgwFgYJKoZIhvcNAQkB
+FgljaDUuM190YTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALb441iT6mLJ
+NGJAlxTHLkVFVqgFS9qdbn8OVJIAmg3Hz19lSTUa053jU2JZq5SeAYvf1n/q2cn4
+/8ujQ05LutSM++dNC6zTwhtU65oXldmdOObptn/W2hoz0C73k2ecHn8SH3E3oOWs
+9hiBXrygdaaWGAFueuJCKpDRMWTxBjH1AgMBAAGjgeMwgeAwHQYDVR0OBBYEFGMR
+GGRbWIh+iSwMiLQ/XAJYe0rnMIGaBgNVHSMEgZIwgY+AFLL5+1qoGSOg5tXFTLAt
+iwFlf55JoXSkcjBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTET
+MBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEQMA4GA1UEAxQHY2gz
+X3RhMTEWMBQGCSqGSIb3DQEJARYHY2gzX3RhMYIBDDASBgNVHRMBAf8ECDAGAQH/
+AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOBgQCQmjeakAYnbEon
+nsS14ChQJ7IM0GR03nk/uMEQdqlaBC54PefX+GSqDhqguw47I/DoaA2d9BvATiyQ
+sl3eQUtWaoUmBYM6z+KwKveZ2Tdu3yokPx4ia6PNtEraZDKjW/UCRBJlzfMVKXF3
+sZOb6mdd3sAy9vKqofDYNtle11DmzA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/10.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 16 (0x10)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Mar 21 00:49:27 2011 GMT
+ Not After : Dec 15 00:49:27 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ce:60:c2:15:27:ff:ef:55:03:7a:1a:95:17:7f:
+ 93:80:b9:a8:64:3f:96:0f:5e:b2:b6:0b:c0:85:02:
+ 7a:25:96:e0:e7:31:07:f7:4a:b9:8b:a7:87:7c:34:
+ 65:9b:08:b3:26:05:13:c4:d3:2e:88:e7:a7:d8:c7:
+ 05:56:a4:8b:57:b6:12:2e:c4:68:6f:7c:b6:5d:38:
+ 7d:a2:93:6f:30:9f:ef:bf:db:81:ee:7b:7f:3a:2e:
+ 19:7e:b9:0d:9d:e2:0a:e3:56:36:8d:cb:54:d9:c3:
+ fd:67:59:58:19:8b:60:65:1d:9c:70:e8:c3:18:ae:
+ ec:af:56:ef:19:26:e6:94:fd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 0A:B2:12:2B:7E:04:40:9E:1A:C1:B4:A8:96:B9:C3:A1:0A:83:6D:3B
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 35:2f:59:d9:6d:8f:bd:bc:f0:1a:f9:40:91:f3:f9:d7:4e:29:
+ e5:cc:44:92:d1:13:cd:f7:e1:cb:a2:06:d3:ba:f2:c5:cf:c2:
+ 4c:ad:5c:3b:91:a6:2a:35:ed:ae:cb:fc:b9:78:90:fb:6b:8b:
+ fd:20:ef:0a:69:61:5e:76:49:07:3b:11:fe:29:8f:fd:14:4d:
+ be:72:79:aa:49:68:47:22:3e:88:56:71:58:f2:e7:3a:6c:52:
+ 66:73:98:28:41:e4:32:39:a6:c9:3e:40:12:de:4f:9a:fa:b1:
+ 9d:b8:75:5b:c3:05:0b:bc:da:33:a1:a4:6d:c6:4c:21:e6:74:
+ 87:36
+-----BEGIN CERTIFICATE-----
+MIIDLzCCApigAwIBAgIBEDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
+MzIxMDA0OTI3WhcNMTMxMjE1MDA0OTI3WjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3RhMzCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzmDCFSf/71UDehqVF3+TgLmoZD+WD16y
+tgvAhQJ6JZbg5zEH90q5i6eHfDRlmwizJgUTxNMuiOen2McFVqSLV7YSLsRob3y2
+XTh9opNvMJ/vv9uB7nt/Oi4ZfrkNneIK41Y2jctU2cP9Z1lYGYtgZR2ccOjDGK7s
+r1bvGSbmlP0CAwEAAaOB4DCB3TAdBgNVHQ4EFgQUCrISK34EQJ4awbSolrnDoQqD
+bTswgZoGA1UdIwSBkjCBj4AU4p6hi9fTsPHD6XekSV1qTqtzrF2hbKRqMGgxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEW
+A3RhM4IJAO53fmrBHlftMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4GBADUvWdltj7288Br5QJHz+ddOKeXMRJLRE8334cui
+BtO68sXPwkytXDuRpio17a7L/Ll4kPtri/0g7wppYV52SQc7Ef4pj/0UTb5yeapJ
+aEciPohWcVjy5zpsUmZzmChB5DI5psk+QBLeT5r6sZ24dVvDBQu82jOhpG3GTCHm
+dIc2
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/1A.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,55 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 26 (0x1a)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta3/emailAddress=ch1.1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b1:2b:53:b9:59:1d:7a:5f:9b:1e:8f:62:91:94:
+ a7:05:dc:e8:3b:87:d0:e4:3c:76:b8:60:a5:30:bd:
+ 0f:24:a5:5f:9e:cc:4f:cc:e3:b2:23:23:4b:37:3b:
+ 97:25:48:00:0e:1c:31:ae:8f:1d:cd:32:f8:25:a2:
+ fe:d9:50:c5:ec:7e:ef:d8:09:1d:6f:bb:e0:60:b0:
+ 33:fd:66:39:b4:ff:2f:54:6b:7d:88:d8:e8:6a:1e:
+ cd:54:0a:da:ed:c3:5f:89:c5:1d:b4:4f:9e:3c:11:
+ 3c:1d:0b:8a:88:b0:64:c2:79:88:e7:2d:e4:3f:c8:
+ a4:eb:d4:f3:3e:9b:9a:98:7d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Issuer Alternative Name: critical
+ <EMPTY>
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 0a:d2:4f:8e:74:ec:43:44:20:84:14:8b:11:02:10:f1:a0:d3:
+ 93:4f:dc:be:fe:cc:33:ec:f7:7e:2b:58:45:94:d0:03:e4:a3:
+ 58:13:aa:81:f1:6d:d7:f7:64:09:7f:d8:68:e5:97:25:7a:65:
+ 70:e8:b1:60:9a:55:4b:d5:26:fd:0f:7b:36:88:6e:5f:98:ee:
+ 77:cb:df:ce:62:cd:ae:70:14:91:66:ee:e5:a3:9f:72:89:bf:
+ 8f:66:86:4b:71:27:6a:d0:d2:15:20:d5:11:35:4a:e5:28:6f:
+ e2:8a:dc:29:08:e0:da:7d:fa:df:1e:b5:ea:66:80:18:d3:4f:
+ 1d:a8
+-----BEGIN CERTIFICATE-----
+MIICczCCAdygAwIBAgIBGjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
+MzIxMDA0OTI5WhcNMTMxMjE1MDA0OTI5WjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjFfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuMV90YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALErU7lZHXpfmx6PYpGUpwXc6DuH
+0OQ8drhgpTC9DySlX57MT8zjsiMjSzc7lyVIAA4cMa6PHc0y+CWi/tlQxex+79gJ
+HW+74GCwM/1mObT/L1RrfYjY6GoezVQK2u3DX4nFHbRPnjwRPB0LioiwZMJ5iOct
+5D/IpOvU8z6bmph9AgMBAAGjITAfMA8GA1UdEwEB/wQFMAMBAf8wDAYDVR0SAQH/
+BAIwADANBgkqhkiG9w0BAQsFAAOBgQAK0k+OdOxDRCCEFIsRAhDxoNOTT9y+/swz
+7Pd+K1hFlNAD5KNYE6qB8W3X92QJf9ho5ZclemVw6LFgmlVL1Sb9D3s2iG5fmO53
+y9/OYs2ucBSRZu7lo59yib+PZoZLcSdq0NIVINURNUrlKG/iitwpCODaffrfHrXq
+ZoAY008dqA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/1C.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 28 (0x1c)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2009 GMT
+ Not After : Jan 2 01:01:01 2009 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.2_ta3/emailAddress=ch1.2_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:c1:e1:d0:e9:31:7d:20:8f:e8:b6:4e:1c:d2:8a:
+ 1f:b7:70:52:97:50:b5:ea:04:27:50:5f:69:40:42:
+ b9:85:30:ca:ff:d5:b6:c5:c3:fb:c0:58:43:fd:15:
+ ab:3a:0b:a1:21:e5:dc:ef:64:4d:ba:f4:4a:27:ed:
+ 31:dc:be:2f:53:9d:01:7b:72:b3:f4:94:37:8d:45:
+ 88:16:58:4d:dd:83:cd:45:d2:12:41:f0:9a:fb:ab:
+ ae:a5:8e:d2:94:1b:0b:7c:84:f2:a4:9b:de:92:48:
+ 1d:11:44:5f:53:d9:8e:73:a7:6e:03:b8:ed:3d:d5:
+ 30:ee:8b:45:8e:ef:33:06:6b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 3E:1B:50:98:42:E7:84:35:1D:A0:3A:DE:FE:61:87:FF:3D:5A:44:BD
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 3f:59:fa:c1:b5:d6:f4:05:31:0c:ac:e3:c2:a6:fd:df:da:01:
+ 6d:70:e9:f2:23:8c:e6:79:57:53:f9:37:50:93:b1:82:0b:4d:
+ e3:73:1d:ba:4e:f5:b7:de:8a:a0:84:65:ee:de:c0:ae:5d:34:
+ ed:9b:79:07:3f:8e:9f:82:4b:10:00:d6:67:98:ae:86:6c:47:
+ 8a:7a:81:4e:bc:96:85:23:e5:a4:a8:80:4e:24:82:b2:3b:3b:
+ 0e:a0:79:bd:96:52:4b:85:55:4c:5e:fd:86:85:ce:e2:85:bc:
+ fb:25:4a:7d:74:dc:8e:aa:93:d3:bd:23:b9:34:50:fb:4d:2d:
+ 57:38
+-----BEGIN CERTIFICATE-----
+MIIDMzCCApygAwIBAgIBHDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMDkw
+MTAxMDEwMTAxWhcNMDkwMTAyMDEwMTAxWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjJfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuMl90YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMHh0OkxfSCP6LZOHNKKH7dwUpdQ
+teoEJ1BfaUBCuYUwyv/VtsXD+8BYQ/0VqzoLoSHl3O9kTbr0SiftMdy+L1OdAXty
+s/SUN41FiBZYTd2DzUXSEkHwmvurrqWO0pQbC3yE8qSb3pJIHRFEX1PZjnOnbgO4
+7T3VMO6LRY7vMwZrAgMBAAGjgeAwgd0wHQYDVR0OBBYEFD4bUJhC54Q1HaA63v5h
+h/89WkS9MIGaBgNVHSMEgZIwgY+AFOKeoYvX07Dxw+l3pEldak6rc6xdoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcN
+AQkBFgN0YTOCCQDud35qwR5X7TAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjANBgkqhkiG9w0BAQsFAAOBgQA/WfrBtdb0BTEMrOPCpv3f2gFtcOnyI4zm
+eVdT+TdQk7GCC03jcx26TvW33oqghGXu3sCuXTTtm3kHP46fgksQANZnmK6GbEeK
+eoFOvJaFI+WkqIBOJIKyOzsOoHm9llJLhVVMXv2Ghc7ihbz7JUp9dNyOqpPTvSO5
+NFD7TS1XOA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/1E.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 30 (0x1e)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2035 GMT
+ Not After : Jan 2 01:01:01 2035 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.3_ta3/emailAddress=ch1.3_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b0:ce:aa:d1:c2:56:6f:4f:cb:8d:95:8c:65:fd:
+ 26:2f:42:d1:8a:4e:5f:aa:6b:79:c9:d9:f1:ce:85:
+ c0:ab:fe:28:b9:84:12:4a:d7:d8:a9:19:80:c8:0f:
+ c2:1f:45:66:64:d2:df:04:e3:16:4d:93:79:b5:dd:
+ 75:c7:8e:9b:7d:cf:81:1e:3a:45:a1:34:b5:52:e7:
+ 76:e9:9b:5b:71:4f:91:41:72:d2:f4:d2:e4:b5:1a:
+ 1d:87:d1:31:15:56:39:12:71:46:f9:47:0f:e8:2b:
+ 83:78:e8:ee:11:92:17:cb:4a:66:42:85:0b:d8:a7:
+ f5:c4:20:f2:e1:6a:a9:20:cf
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 57:94:FF:CF:71:C0:54:64:35:16:AF:CC:33:F3:BF:54:84:E7:D3:3D
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 0a:29:20:8b:d5:51:eb:d8:bb:c6:d0:c3:c1:c9:b9:e2:9f:13:
+ b5:4f:67:fd:cc:4f:16:66:0e:b0:db:a8:42:f3:0c:72:25:42:
+ b5:71:87:a1:2a:a6:71:69:98:e5:42:70:10:34:66:87:de:d1:
+ 03:0e:6c:df:35:bc:f5:23:18:26:7f:44:f5:d4:48:f0:0b:24:
+ 9a:d4:0c:e8:8d:6c:cb:7a:5b:55:a3:5e:de:87:35:02:b2:ba:
+ 01:02:7f:f4:b3:fd:57:87:59:5b:d2:2d:10:27:e0:4a:a5:9c:
+ b1:d0:d9:55:a5:9a:50:c3:65:97:d6:29:9f:22:7a:6c:8f:13:
+ 64:ed
+-----BEGIN CERTIFICATE-----
+MIIDMzCCApygAwIBAgIBHjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
+MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjNfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuM190YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALDOqtHCVm9Py42VjGX9Ji9C0YpO
+X6precnZ8c6FwKv+KLmEEkrX2KkZgMgPwh9FZmTS3wTjFk2TebXddceOm33PgR46
+RaE0tVLndumbW3FPkUFy0vTS5LUaHYfRMRVWORJxRvlHD+grg3jo7hGSF8tKZkKF
+C9in9cQg8uFqqSDPAgMBAAGjgeAwgd0wHQYDVR0OBBYEFFeU/89xwFRkNRavzDPz
+v1SE59M9MIGaBgNVHSMEgZIwgY+AFOKeoYvX07Dxw+l3pEldak6rc6xdoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcN
+AQkBFgN0YTOCCQDud35qwR5X7TAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjANBgkqhkiG9w0BAQsFAAOBgQAKKSCL1VHr2LvG0MPBybninxO1T2f9zE8W
+Zg6w26hC8wxyJUK1cYehKqZxaZjlQnAQNGaH3tEDDmzfNbz1Ixgmf0T11EjwCySa
+1AzojWzLeltVo17ehzUCsroBAn/0s/1Xh1lb0i0QJ+BKpZyx0NlVpZpQw2WX1imf
+InpsjxNk7Q==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/20.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,62 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 32 (0x20)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2035 GMT
+ Not After : Jan 2 01:01:01 2035 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.4_ta3/emailAddress=ch1.4_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d4:73:3a:40:f9:03:81:b2:0a:4c:a4:d9:45:f7:
+ 81:c0:bb:53:ee:6f:9c:3d:a0:98:89:86:84:8d:33:
+ 1f:02:a6:ed:2a:14:9a:5f:84:11:06:9d:82:28:fb:
+ cf:92:bd:bf:f9:f0:6b:fe:3d:06:5e:65:7c:35:96:
+ 4f:e8:44:2c:83:d5:b8:32:16:8c:e0:7c:ed:8b:96:
+ 79:a6:14:e5:12:87:e0:55:2a:45:3e:e7:fd:bd:0e:
+ 94:70:93:e4:61:82:d3:06:9a:38:ef:e2:22:be:1a:
+ 10:b1:8b:5e:16:60:f3:9a:5c:2d:ff:06:01:cb:5f:
+ 24:cb:e7:c7:27:a7:3a:58:f1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 91:D7:D6:98:F3:B9:7A:A3:30:35:78:02:00:01:14:2D:0E:FD:90:57
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ Signature Algorithm: sha256WithRSAEncryption
+ cc:45:03:b6:88:a7:29:26:ca:08:af:dd:0a:6f:6a:b4:86:35:
+ f7:01:15:32:e5:7c:70:0b:01:01:de:2b:c3:73:66:29:25:97:
+ 0d:28:84:16:7d:fb:97:18:26:a4:07:08:90:00:d2:a4:c4:4e:
+ 7f:53:77:87:da:34:56:0b:38:85:57:e4:e3:24:d4:54:5b:c9:
+ 74:65:9b:6e:d9:79:53:0e:3f:81:7a:61:d2:00:4c:ea:49:9c:
+ 01:02:3f:6e:28:5d:b7:f7:3d:85:4a:78:9d:39:a2:2b:10:25:
+ d1:55:04:46:9f:40:9f:bc:c2:6a:68:3d:cc:6f:18:a7:cf:7e:
+ 67:7a
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAoygAwIBAgIBIDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
+MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjRfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuNF90YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANRzOkD5A4GyCkyk2UX3gcC7U+5v
+nD2gmImGhI0zHwKm7SoUml+EEQadgij7z5K9v/nwa/49Bl5lfDWWT+hELIPVuDIW
+jOB87YuWeaYU5RKH4FUqRT7n/b0OlHCT5GGC0waaOO/iIr4aELGLXhZg85pcLf8G
+ActfJMvnxyenOljxAgMBAAGjgdAwgc0wHQYDVR0OBBYEFJHX1pjzuXqjMDV4AgAB
+FC0O/ZBXMIGaBgNVHSMEgZIwgY+AFOKeoYvX07Dxw+l3pEldak6rc6xdoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcN
+AQkBFgN0YTOCCQDud35qwR5X7TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB
+CwUAA4GBAMxFA7aIpykmygiv3QpvarSGNfcBFTLlfHALAQHeK8NzZikllw0ohBZ9
++5cYJqQHCJAA0qTETn9Td4faNFYLOIVX5OMk1FRbyXRlm27ZeVMOP4F6YdIATOpJ
+nAECP24oXbf3PYVKeJ05oisQJdFVBEafQJ+8wmpoPcxvGKfPfmd6
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/22.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 34 (0x22)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
+ Validity
+ Not Before: Mar 21 00:49:32 2011 GMT
+ Not After : Dec 15 00:49:32 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ad:9c:0a:58:1d:2c:e7:a7:fd:de:8c:0e:99:5d:
+ d0:b2:67:ff:59:40:86:7a:d5:13:cc:5e:a5:e4:81:
+ 95:45:b5:6b:ad:2b:d5:26:bc:b2:53:03:94:57:61:
+ 16:5d:60:df:2e:6a:15:3a:04:88:77:3f:cb:01:20:
+ 10:20:e0:ab:49:6d:44:58:d9:c6:9b:44:73:ed:d9:
+ 1a:f3:eb:ca:74:de:90:06:ff:cb:18:9c:43:f7:4e:
+ e0:cb:06:af:fe:4e:2c:9b:bf:6a:c2:ae:50:c3:e7:
+ fd:d9:c1:f1:18:ad:b7:ae:f7:56:8a:50:f6:13:1b:
+ 47:0d:c2:cf:c4:3f:31:f1:2b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ AB:0B:EF:CE:AA:F0:43:97:3A:CD:58:D0:D9:C2:F9:C4:EB:8D:7C:FF
+ X509v3 Authority Key Identifier:
+ keyid:0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:C5:19:14:97:E3:27:2E:9B
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 00:09:60:76:36:5d:a6:ae:0b:a0:94:ad:78:be:a0:18:7c:96:
+ 13:6c:8b:04:2c:bc:29:d8:f0:93:d8:86:d9:07:71:fb:0f:05:
+ 72:65:fe:ed:e3:1c:ac:bf:22:c2:db:03:c5:2e:3f:f2:cf:98:
+ 00:7b:ee:de:96:11:90:bf:22:03:7a:c3:c3:22:dc:1a:ea:7e:
+ f5:7e:a7:64:70:18:e2:13:be:b0:3e:d8:57:a6:de:28:5b:06:
+ 4e:90:c6:22:e0:3a:e9:2c:9a:de:f4:bf:d8:b7:da:b7:e3:24:
+ f6:11:69:18:e5:64:fd:94:22:7b:b5:ef:e4:4d:6c:1a:eb:8f:
+ 5c:7d
+-----BEGIN CERTIFICATE-----
+MIIDLzCCApigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
+MzIxMDA0OTMyWhcNMTMxMjE1MDA0OTMyWjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3RhNDCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArZwKWB0s56f93owOmV3Qsmf/WUCGetUT
+zF6l5IGVRbVrrSvVJryyUwOUV2EWXWDfLmoVOgSIdz/LASAQIOCrSW1EWNnGm0Rz
+7dka8+vKdN6QBv/LGJxD907gywav/k4sm79qwq5Qw+f92cHxGK23rvdWilD2ExtH
+DcLPxD8x8SsCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUqwvvzqrwQ5c6zVjQ2cL5xOuN
+fP8wgZoGA1UdIwSBkjCBj4AUChy6plvGgzJg5ZsAhTd00Y0wuoqhbKRqMGgxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEW
+A3RhNIIJAMUZFJfjJy6bMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4GBAAAJYHY2XaauC6CUrXi+oBh8lhNsiwQsvCnY8JPY
+htkHcfsPBXJl/u3jHKy/IsLbA8UuP/LPmAB77t6WEZC/IgN6w8Mi3BrqfvV+p2Rw
+GOITvrA+2Fem3ihbBk6QxiLgOuksmt70v9i32rfjJPYRaRjlZP2UInu17+RNbBrr
+j1x9
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/26.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 38 (0x26)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta4/emailAddress=ch1.1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:cb:56:c6:1b:db:76:5c:37:f8:f4:b3:8c:10:c3:
+ 0b:41:85:cb:be:cb:05:4c:1b:6a:26:d3:05:4a:9c:
+ 34:ca:5d:18:de:64:ad:77:29:ae:80:ab:d6:60:45:
+ 62:4f:99:ad:d8:e4:55:40:fc:fd:9d:73:36:67:eb:
+ 8e:71:ff:5c:08:41:c7:d2:37:4a:91:55:e3:eb:0d:
+ 4c:b2:66:7f:35:f2:0b:ad:2b:d1:ad:cc:9d:0d:67:
+ cd:d2:96:c0:71:89:8b:71:34:2a:47:50:15:84:45:
+ 8a:0c:c7:f3:48:b2:de:59:d6:e7:a1:ec:ab:89:32:
+ c4:3d:08:7c:00:21:46:d3:07
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 7A:68:F2:3A:FB:F5:1C:A2:2C:1F:9D:CF:22:ED:77:F0:BE:A9:AC:80
+ X509v3 Authority Key Identifier:
+ keyid:0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:C5:19:14:97:E3:27:2E:9B
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ b0:8b:36:e9:f5:39:51:a6:a4:2e:d3:68:d6:10:0b:0c:8e:64:
+ 23:6f:44:5f:be:6c:53:bb:b8:de:2a:36:cd:e5:82:6e:12:da:
+ 3d:5b:9b:3f:ff:9f:a3:8e:f5:b1:5e:29:a9:ea:b6:ac:1c:ae:
+ 75:54:a8:f4:26:21:ae:47:f5:54:72:71:5d:4a:f8:4e:20:25:
+ ae:e4:f2:9f:5f:5b:2e:df:71:dd:58:b5:a2:37:41:f2:4c:c9:
+ 24:06:fe:e6:c0:f4:39:1e:32:da:99:12:53:b0:30:6d:c1:63:
+ 66:11:58:79:fa:40:f1:75:5b:37:01:1a:0b:20:b7:25:a0:a9:
+ 9e:9f
+-----BEGIN CERTIFICATE-----
+MIIDMzCCApygAwIBAgIBJjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
+MzIxMDA0OTMzWhcNMTMxMjE1MDA0OTMzWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjFfdGE0MRgwFgYJKoZIhvcNAQkBFgljaDEuMV90YTQw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMtWxhvbdlw3+PSzjBDDC0GFy77L
+BUwbaibTBUqcNMpdGN5krXcproCr1mBFYk+ZrdjkVUD8/Z1zNmfrjnH/XAhBx9I3
+SpFV4+sNTLJmfzXyC60r0a3MnQ1nzdKWwHGJi3E0KkdQFYRFigzH80iy3lnW56Hs
+q4kyxD0IfAAhRtMHAgMBAAGjgeAwgd0wHQYDVR0OBBYEFHpo8jr79RyiLB+dzyLt
+d/C+qayAMIGaBgNVHSMEgZIwgY+AFAocuqZbxoMyYOWbAIU3dNGNMLqKoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcN
+AQkBFgN0YTSCCQDFGRSX4ycumzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwICBDANBgkqhkiG9w0BAQsFAAOBgQCwizbp9TlRpqQu02jWEAsMjmQjb0RfvmxT
+u7jeKjbN5YJuEto9W5s//5+jjvWxXimp6rasHK51VKj0JiGuR/VUcnFdSvhOICWu
+5PKfX1su33HdWLWiN0HyTMkkBv7mwPQ5HjLamRJTsDBtwWNmEVh5+kDxdVs3ARoL
+ILcloKmenw==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/28.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,69 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 40 (0x28)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
+ Validity
+ Not Before: Mar 21 00:49:34 2011 GMT
+ Not After : Dec 15 00:49:34 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta5/emailAddress=ch1_ta5
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d2:0e:3e:0c:53:ef:ad:91:13:5e:b6:01:7f:c6:
+ 16:4e:da:7d:c8:26:1b:85:38:e0:98:d4:b2:61:0b:
+ 43:bb:2e:92:d5:9a:0e:db:ab:ad:8f:6e:9d:c8:25:
+ 36:e2:db:ca:fa:ab:4b:5a:25:91:46:c9:66:11:0d:
+ 66:9e:f7:11:82:02:e1:2e:ef:df:f4:ed:9f:0f:a4:
+ 6f:60:41:20:32:8c:10:90:4c:9c:ad:55:cc:40:03:
+ 89:f5:15:53:13:7d:ab:be:53:8b:14:44:88:f8:54:
+ 50:db:31:f5:ae:5c:0d:78:68:aa:3f:9b:4a:fa:1a:
+ b1:47:53:bf:72:1d:89:f9:43
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 08:00:AB:E5:4A:60:83:0C:49:32:88:DC:48:8D:79:30:7A:72:E4:A3
+ X509v3 Authority Key Identifier:
+ keyid:8A:83:E9:51:D7:32:B4:6F:3B:85:AF:1A:11:94:5C:B6:21:E5:5D:0F
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
+ serial:EC:86:C3:65:F9:7F:14:08
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/ta5_crl.pem
+
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 1e:0c:b3:a3:63:49:b5:3d:0e:4d:ed:d1:31:fc:06:39:8c:30:
+ 8d:f8:f1:0f:2e:ae:27:f2:57:d4:64:ff:ac:05:cc:2d:3d:0d:
+ de:b3:e6:be:9c:51:9b:1a:08:b1:e7:9f:6d:3e:a6:af:c0:9c:
+ d0:e6:57:de:d3:61:9c:0f:a9:c9:bc:0d:59:03:e2:d4:4d:f4:
+ 0d:48:49:ad:64:a2:33:71:3e:07:2f:61:a5:02:46:61:1c:c0:
+ b5:f0:3c:f8:4f:42:ff:72:3c:7a:63:5a:16:68:7d:2b:08:aa:
+ 3b:bd:e5:25:9f:19:3e:22:42:cd:4b:e7:0f:17:c3:a9:1d:d6:
+ 9e:53
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAtagAwIBAgIBKDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGE1MRIwEAYJKoZIhvcNAQkBFgN0YTUwHhcNMTEw
+MzIxMDA0OTM0WhcNMTMxMjE1MDA0OTM0WjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhNTEWMBQGCSqGSIb3DQEJARYHY2gxX3RhNTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0g4+DFPvrZETXrYBf8YWTtp9yCYbhTjg
+mNSyYQtDuy6S1ZoO26utj26dyCU24tvK+qtLWiWRRslmEQ1mnvcRggLhLu/f9O2f
+D6RvYEEgMowQkEycrVXMQAOJ9RVTE32rvlOLFESI+FRQ2zH1rlwNeGiqP5tK+hqx
+R1O/ch2J+UMCAwEAAaOCAR0wggEZMB0GA1UdDgQWBBQIAKvlSmCDDEkyiNxIjXkw
+enLkozCBmgYDVR0jBIGSMIGPgBSKg+lR1zK0bzuFrxoRlFy2IeVdD6FspGowaDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcTCk1lbmxv
+IFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhNTESMBAGCSqGSIb3DQEJ
+ARYDdGE1ggkA7IbDZfl/FAgwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8EMzAxMC+g
+LaArhilodHRwOi8vbG9jYWxob3N0OjEyMDAxL2ZpbGUvMC90YTVfY3JsLnBlbTAO
+BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAHgyzo2NJtT0OTe3RMfwG
+OYwwjfjxDy6uJ/JX1GT/rAXMLT0N3rPmvpxRmxoIseefbT6mr8Cc0OZX3tNhnA+p
+ybwNWQPi1E30DUhJrWSiM3E+By9hpQJGYRzAtfA8+E9C/3I8emNaFmh9KwiqO73l
+JZ8ZPiJCzUvnDxfDqR3WnlM=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1.1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,55 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 26 (0x1a)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta3/emailAddress=ch1.1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b1:2b:53:b9:59:1d:7a:5f:9b:1e:8f:62:91:94:
+ a7:05:dc:e8:3b:87:d0:e4:3c:76:b8:60:a5:30:bd:
+ 0f:24:a5:5f:9e:cc:4f:cc:e3:b2:23:23:4b:37:3b:
+ 97:25:48:00:0e:1c:31:ae:8f:1d:cd:32:f8:25:a2:
+ fe:d9:50:c5:ec:7e:ef:d8:09:1d:6f:bb:e0:60:b0:
+ 33:fd:66:39:b4:ff:2f:54:6b:7d:88:d8:e8:6a:1e:
+ cd:54:0a:da:ed:c3:5f:89:c5:1d:b4:4f:9e:3c:11:
+ 3c:1d:0b:8a:88:b0:64:c2:79:88:e7:2d:e4:3f:c8:
+ a4:eb:d4:f3:3e:9b:9a:98:7d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Issuer Alternative Name: critical
+ <EMPTY>
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 0a:d2:4f:8e:74:ec:43:44:20:84:14:8b:11:02:10:f1:a0:d3:
+ 93:4f:dc:be:fe:cc:33:ec:f7:7e:2b:58:45:94:d0:03:e4:a3:
+ 58:13:aa:81:f1:6d:d7:f7:64:09:7f:d8:68:e5:97:25:7a:65:
+ 70:e8:b1:60:9a:55:4b:d5:26:fd:0f:7b:36:88:6e:5f:98:ee:
+ 77:cb:df:ce:62:cd:ae:70:14:91:66:ee:e5:a3:9f:72:89:bf:
+ 8f:66:86:4b:71:27:6a:d0:d2:15:20:d5:11:35:4a:e5:28:6f:
+ e2:8a:dc:29:08:e0:da:7d:fa:df:1e:b5:ea:66:80:18:d3:4f:
+ 1d:a8
+-----BEGIN CERTIFICATE-----
+MIICczCCAdygAwIBAgIBGjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
+MzIxMDA0OTI5WhcNMTMxMjE1MDA0OTI5WjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjFfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuMV90YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALErU7lZHXpfmx6PYpGUpwXc6DuH
+0OQ8drhgpTC9DySlX57MT8zjsiMjSzc7lyVIAA4cMa6PHc0y+CWi/tlQxex+79gJ
+HW+74GCwM/1mObT/L1RrfYjY6GoezVQK2u3DX4nFHbRPnjwRPB0LioiwZMJ5iOct
+5D/IpOvU8z6bmph9AgMBAAGjITAfMA8GA1UdEwEB/wQFMAMBAf8wDAYDVR0SAQH/
+BAIwADANBgkqhkiG9w0BAQsFAAOBgQAK0k+OdOxDRCCEFIsRAhDxoNOTT9y+/swz
+7Pd+K1hFlNAD5KNYE6qB8W3X92QJf9ho5ZclemVw6LFgmlVL1Sb9D3s2iG5fmO53
+y9/OYs2ucBSRZu7lo59yib+PZoZLcSdq0NIVINURNUrlKG/iitwpCODaffrfHrXq
+ZoAY008dqA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1.1_ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 38 (0x26)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta4/emailAddress=ch1.1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:cb:56:c6:1b:db:76:5c:37:f8:f4:b3:8c:10:c3:
+ 0b:41:85:cb:be:cb:05:4c:1b:6a:26:d3:05:4a:9c:
+ 34:ca:5d:18:de:64:ad:77:29:ae:80:ab:d6:60:45:
+ 62:4f:99:ad:d8:e4:55:40:fc:fd:9d:73:36:67:eb:
+ 8e:71:ff:5c:08:41:c7:d2:37:4a:91:55:e3:eb:0d:
+ 4c:b2:66:7f:35:f2:0b:ad:2b:d1:ad:cc:9d:0d:67:
+ cd:d2:96:c0:71:89:8b:71:34:2a:47:50:15:84:45:
+ 8a:0c:c7:f3:48:b2:de:59:d6:e7:a1:ec:ab:89:32:
+ c4:3d:08:7c:00:21:46:d3:07
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 7A:68:F2:3A:FB:F5:1C:A2:2C:1F:9D:CF:22:ED:77:F0:BE:A9:AC:80
+ X509v3 Authority Key Identifier:
+ keyid:0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:C5:19:14:97:E3:27:2E:9B
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ b0:8b:36:e9:f5:39:51:a6:a4:2e:d3:68:d6:10:0b:0c:8e:64:
+ 23:6f:44:5f:be:6c:53:bb:b8:de:2a:36:cd:e5:82:6e:12:da:
+ 3d:5b:9b:3f:ff:9f:a3:8e:f5:b1:5e:29:a9:ea:b6:ac:1c:ae:
+ 75:54:a8:f4:26:21:ae:47:f5:54:72:71:5d:4a:f8:4e:20:25:
+ ae:e4:f2:9f:5f:5b:2e:df:71:dd:58:b5:a2:37:41:f2:4c:c9:
+ 24:06:fe:e6:c0:f4:39:1e:32:da:99:12:53:b0:30:6d:c1:63:
+ 66:11:58:79:fa:40:f1:75:5b:37:01:1a:0b:20:b7:25:a0:a9:
+ 9e:9f
+-----BEGIN CERTIFICATE-----
+MIIDMzCCApygAwIBAgIBJjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
+MzIxMDA0OTMzWhcNMTMxMjE1MDA0OTMzWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjFfdGE0MRgwFgYJKoZIhvcNAQkBFgljaDEuMV90YTQw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMtWxhvbdlw3+PSzjBDDC0GFy77L
+BUwbaibTBUqcNMpdGN5krXcproCr1mBFYk+ZrdjkVUD8/Z1zNmfrjnH/XAhBx9I3
+SpFV4+sNTLJmfzXyC60r0a3MnQ1nzdKWwHGJi3E0KkdQFYRFigzH80iy3lnW56Hs
+q4kyxD0IfAAhRtMHAgMBAAGjgeAwgd0wHQYDVR0OBBYEFHpo8jr79RyiLB+dzyLt
+d/C+qayAMIGaBgNVHSMEgZIwgY+AFAocuqZbxoMyYOWbAIU3dNGNMLqKoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcN
+AQkBFgN0YTSCCQDFGRSX4ycumzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwICBDANBgkqhkiG9w0BAQsFAAOBgQCwizbp9TlRpqQu02jWEAsMjmQjb0RfvmxT
+u7jeKjbN5YJuEto9W5s//5+jjvWxXimp6rasHK51VKj0JiGuR/VUcnFdSvhOICWu
+5PKfX1su33HdWLWiN0HyTMkkBv7mwPQ5HjLamRJTsDBtwWNmEVh5+kDxdVs3ARoL
+ILcloKmenw==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1.2_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 28 (0x1c)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2009 GMT
+ Not After : Jan 2 01:01:01 2009 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.2_ta3/emailAddress=ch1.2_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:c1:e1:d0:e9:31:7d:20:8f:e8:b6:4e:1c:d2:8a:
+ 1f:b7:70:52:97:50:b5:ea:04:27:50:5f:69:40:42:
+ b9:85:30:ca:ff:d5:b6:c5:c3:fb:c0:58:43:fd:15:
+ ab:3a:0b:a1:21:e5:dc:ef:64:4d:ba:f4:4a:27:ed:
+ 31:dc:be:2f:53:9d:01:7b:72:b3:f4:94:37:8d:45:
+ 88:16:58:4d:dd:83:cd:45:d2:12:41:f0:9a:fb:ab:
+ ae:a5:8e:d2:94:1b:0b:7c:84:f2:a4:9b:de:92:48:
+ 1d:11:44:5f:53:d9:8e:73:a7:6e:03:b8:ed:3d:d5:
+ 30:ee:8b:45:8e:ef:33:06:6b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 3E:1B:50:98:42:E7:84:35:1D:A0:3A:DE:FE:61:87:FF:3D:5A:44:BD
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 3f:59:fa:c1:b5:d6:f4:05:31:0c:ac:e3:c2:a6:fd:df:da:01:
+ 6d:70:e9:f2:23:8c:e6:79:57:53:f9:37:50:93:b1:82:0b:4d:
+ e3:73:1d:ba:4e:f5:b7:de:8a:a0:84:65:ee:de:c0:ae:5d:34:
+ ed:9b:79:07:3f:8e:9f:82:4b:10:00:d6:67:98:ae:86:6c:47:
+ 8a:7a:81:4e:bc:96:85:23:e5:a4:a8:80:4e:24:82:b2:3b:3b:
+ 0e:a0:79:bd:96:52:4b:85:55:4c:5e:fd:86:85:ce:e2:85:bc:
+ fb:25:4a:7d:74:dc:8e:aa:93:d3:bd:23:b9:34:50:fb:4d:2d:
+ 57:38
+-----BEGIN CERTIFICATE-----
+MIIDMzCCApygAwIBAgIBHDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMDkw
+MTAxMDEwMTAxWhcNMDkwMTAyMDEwMTAxWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjJfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuMl90YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMHh0OkxfSCP6LZOHNKKH7dwUpdQ
+teoEJ1BfaUBCuYUwyv/VtsXD+8BYQ/0VqzoLoSHl3O9kTbr0SiftMdy+L1OdAXty
+s/SUN41FiBZYTd2DzUXSEkHwmvurrqWO0pQbC3yE8qSb3pJIHRFEX1PZjnOnbgO4
+7T3VMO6LRY7vMwZrAgMBAAGjgeAwgd0wHQYDVR0OBBYEFD4bUJhC54Q1HaA63v5h
+h/89WkS9MIGaBgNVHSMEgZIwgY+AFOKeoYvX07Dxw+l3pEldak6rc6xdoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcN
+AQkBFgN0YTOCCQDud35qwR5X7TAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjANBgkqhkiG9w0BAQsFAAOBgQA/WfrBtdb0BTEMrOPCpv3f2gFtcOnyI4zm
+eVdT+TdQk7GCC03jcx26TvW33oqghGXu3sCuXTTtm3kHP46fgksQANZnmK6GbEeK
+eoFOvJaFI+WkqIBOJIKyOzsOoHm9llJLhVVMXv2Ghc7ihbz7JUp9dNyOqpPTvSO5
+NFD7TS1XOA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1.3_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 30 (0x1e)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2035 GMT
+ Not After : Jan 2 01:01:01 2035 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.3_ta3/emailAddress=ch1.3_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b0:ce:aa:d1:c2:56:6f:4f:cb:8d:95:8c:65:fd:
+ 26:2f:42:d1:8a:4e:5f:aa:6b:79:c9:d9:f1:ce:85:
+ c0:ab:fe:28:b9:84:12:4a:d7:d8:a9:19:80:c8:0f:
+ c2:1f:45:66:64:d2:df:04:e3:16:4d:93:79:b5:dd:
+ 75:c7:8e:9b:7d:cf:81:1e:3a:45:a1:34:b5:52:e7:
+ 76:e9:9b:5b:71:4f:91:41:72:d2:f4:d2:e4:b5:1a:
+ 1d:87:d1:31:15:56:39:12:71:46:f9:47:0f:e8:2b:
+ 83:78:e8:ee:11:92:17:cb:4a:66:42:85:0b:d8:a7:
+ f5:c4:20:f2:e1:6a:a9:20:cf
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 57:94:FF:CF:71:C0:54:64:35:16:AF:CC:33:F3:BF:54:84:E7:D3:3D
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 0a:29:20:8b:d5:51:eb:d8:bb:c6:d0:c3:c1:c9:b9:e2:9f:13:
+ b5:4f:67:fd:cc:4f:16:66:0e:b0:db:a8:42:f3:0c:72:25:42:
+ b5:71:87:a1:2a:a6:71:69:98:e5:42:70:10:34:66:87:de:d1:
+ 03:0e:6c:df:35:bc:f5:23:18:26:7f:44:f5:d4:48:f0:0b:24:
+ 9a:d4:0c:e8:8d:6c:cb:7a:5b:55:a3:5e:de:87:35:02:b2:ba:
+ 01:02:7f:f4:b3:fd:57:87:59:5b:d2:2d:10:27:e0:4a:a5:9c:
+ b1:d0:d9:55:a5:9a:50:c3:65:97:d6:29:9f:22:7a:6c:8f:13:
+ 64:ed
+-----BEGIN CERTIFICATE-----
+MIIDMzCCApygAwIBAgIBHjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
+MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjNfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuM190YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALDOqtHCVm9Py42VjGX9Ji9C0YpO
+X6precnZ8c6FwKv+KLmEEkrX2KkZgMgPwh9FZmTS3wTjFk2TebXddceOm33PgR46
+RaE0tVLndumbW3FPkUFy0vTS5LUaHYfRMRVWORJxRvlHD+grg3jo7hGSF8tKZkKF
+C9in9cQg8uFqqSDPAgMBAAGjgeAwgd0wHQYDVR0OBBYEFFeU/89xwFRkNRavzDPz
+v1SE59M9MIGaBgNVHSMEgZIwgY+AFOKeoYvX07Dxw+l3pEldak6rc6xdoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcN
+AQkBFgN0YTOCCQDud35qwR5X7TAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjANBgkqhkiG9w0BAQsFAAOBgQAKKSCL1VHr2LvG0MPBybninxO1T2f9zE8W
+Zg6w26hC8wxyJUK1cYehKqZxaZjlQnAQNGaH3tEDDmzfNbz1Ixgmf0T11EjwCySa
+1AzojWzLeltVo17ehzUCsroBAn/0s/1Xh1lb0i0QJ+BKpZyx0NlVpZpQw2WX1imf
+InpsjxNk7Q==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1.4_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,62 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 32 (0x20)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2035 GMT
+ Not After : Jan 2 01:01:01 2035 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.4_ta3/emailAddress=ch1.4_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d4:73:3a:40:f9:03:81:b2:0a:4c:a4:d9:45:f7:
+ 81:c0:bb:53:ee:6f:9c:3d:a0:98:89:86:84:8d:33:
+ 1f:02:a6:ed:2a:14:9a:5f:84:11:06:9d:82:28:fb:
+ cf:92:bd:bf:f9:f0:6b:fe:3d:06:5e:65:7c:35:96:
+ 4f:e8:44:2c:83:d5:b8:32:16:8c:e0:7c:ed:8b:96:
+ 79:a6:14:e5:12:87:e0:55:2a:45:3e:e7:fd:bd:0e:
+ 94:70:93:e4:61:82:d3:06:9a:38:ef:e2:22:be:1a:
+ 10:b1:8b:5e:16:60:f3:9a:5c:2d:ff:06:01:cb:5f:
+ 24:cb:e7:c7:27:a7:3a:58:f1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 91:D7:D6:98:F3:B9:7A:A3:30:35:78:02:00:01:14:2D:0E:FD:90:57
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ Signature Algorithm: sha256WithRSAEncryption
+ cc:45:03:b6:88:a7:29:26:ca:08:af:dd:0a:6f:6a:b4:86:35:
+ f7:01:15:32:e5:7c:70:0b:01:01:de:2b:c3:73:66:29:25:97:
+ 0d:28:84:16:7d:fb:97:18:26:a4:07:08:90:00:d2:a4:c4:4e:
+ 7f:53:77:87:da:34:56:0b:38:85:57:e4:e3:24:d4:54:5b:c9:
+ 74:65:9b:6e:d9:79:53:0e:3f:81:7a:61:d2:00:4c:ea:49:9c:
+ 01:02:3f:6e:28:5d:b7:f7:3d:85:4a:78:9d:39:a2:2b:10:25:
+ d1:55:04:46:9f:40:9f:bc:c2:6a:68:3d:cc:6f:18:a7:cf:7e:
+ 67:7a
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAoygAwIBAgIBIDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
+MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB0MQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTESMBAGA1UEAxQJY2gxLjRfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEuNF90YTMw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANRzOkD5A4GyCkyk2UX3gcC7U+5v
+nD2gmImGhI0zHwKm7SoUml+EEQadgij7z5K9v/nwa/49Bl5lfDWWT+hELIPVuDIW
+jOB87YuWeaYU5RKH4FUqRT7n/b0OlHCT5GGC0waaOO/iIr4aELGLXhZg85pcLf8G
+ActfJMvnxyenOljxAgMBAAGjgdAwgc0wHQYDVR0OBBYEFJHX1pjzuXqjMDV4AgAB
+FC0O/ZBXMIGaBgNVHSMEgZIwgY+AFOKeoYvX07Dxw+l3pEldak6rc6xdoWykajBo
+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
+bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcN
+AQkBFgN0YTOCCQDud35qwR5X7TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB
+CwUAA4GBAMxFA7aIpykmygiv3QpvarSGNfcBFTLlfHALAQHeK8NzZikllw0ohBZ9
++5cYJqQHCJAA0qTETn9Td4faNFYLOIVX5OMk1FRbyXRlm27ZeVMOP4F6YdIATOpJ
+nAECP24oXbf3PYVKeJ05oisQJdFVBEafQJ+8wmpoPcxvGKfPfmd6
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/chain_certs/ch1_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 4 (0x4)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta1/emailAddress=pubCA1_ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_pubCA1/emailAddress=ch1_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d8:64:e4:d7:2c:48:51:df:1e:a5:e3:ba:8e:d9:
- 11:9e:05:43:4c:17:20:37:93:c9:95:40:08:50:c7:
- ed:a7:20:8f:51:fe:45:b6:d5:e6:5b:f5:30:bb:95:
- 95:2e:c9:cc:3d:b6:7d:07:55:7a:ec:36:4b:92:c8:
- cd:97:b4:0e:72:43:22:dd:3b:bc:1f:7e:9a:de:5d:
- 97:3f:cb:48:08:c8:20:64:59:d9:db:88:3a:3c:3d:
- 6d:1f:57:42:c0:17:b3:67:1d:3c:1b:1a:53:02:0d:
- 8c:af:91:89:7b:4c:13:49:77:5d:c1:56:80:2b:a2:
- 5c:79:c7:c6:c1:61:95:4a:35
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- C6:B5:AB:18:BB:95:31:CE:CA:76:FC:4A:0E:4A:67:25:0D:6A:2B:8B
- X509v3 Authority Key Identifier:
- keyid:F1:31:DD:AE:13:EF:6C:62:A3:83:98:4D:1F:0D:25:1A:21:28:1E:5D
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=i2_ta1/emailAddress=i2_ta1
- serial:03
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 6b:c1:e0:d3:b6:d9:9f:b5:a4:fd:37:99:77:76:4a:55:ee:4e:
- e6:90:6e:98:77:87:56:cc:6f:a8:4d:2b:11:06:e6:bf:66:9d:
- 8f:21:b7:06:bd:1d:1f:df:12:49:41:84:86:ff:e0:19:6a:f0:
- 29:28:dd:d4:45:bd:19:af:f6:67:32:20:1d:af:fa:d4:f8:6e:
- 00:cd:32:c4:ca:62:f9:89:b1:85:21:a6:5c:cc:11:60:b4:50:
- 3b:40:fb:cd:d2:eb:72:f7:f1:26:94:4d:a6:5a:81:e9:67:d2:
- 0c:7d:d6:7f:ee:8a:83:a9:7c:9e:65:b2:c6:67:ef:ef:2b:a6:
- 2d:a6
------BEGIN CERTIFICATE-----
-MIIDQTCCAqqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMTEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMTAeFw0xMTAxMjgwMjU0MTBaFw0xMzEwMjQwMjU0MTBaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjaDFfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjaDFfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYZOTX
-LEhR3x6l47qO2RGeBUNMFyA3k8mVQAhQx+2nII9R/kW21eZb9TC7lZUuycw9tn0H
-VXrsNkuSyM2XtA5yQyLdO7wffpreXZc/y0gIyCBkWdnbiDo8PW0fV0LAF7NnHTwb
-GlMCDYyvkYl7TBNJd13BVoArolx5x8bBYZVKNQIDAQABo4HeMIHbMB0GA1UdDgQW
-BBTGtasYu5Uxzsp2/EoOSmclDWorizCBmAYDVR0jBIGQMIGNgBTxMd2uE+9sYqOD
-mE0fDSUaISgeXaFypHAwbjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
-aWExEzARBgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDzANBgNVBAMU
-BmkyX3RhMTEVMBMGCSqGSIb3DQEJARYGaTJfdGExggEDMA8GA1UdEwEB/wQFMAMB
-Af8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAGvB4NO22Z+1pP03
-mXd2SlXuTuaQbph3h1bMb6hNKxEG5r9mnY8htwa9HR/fEklBhIb/4Blq8Cko3dRF
-vRmv9mcyIB2v+tT4bgDNMsTKYvmJsYUhplzMEWC0UDtA+83S63L38SaUTaZageln
-0gx91n/uioOpfJ5lssZn7+8rpi2m
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta1/emailAddress=ch1_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ac:0e:d4:ba:18:4f:d2:22:6d:1e:0e:c5:31:18:
+ 76:c2:cd:70:f7:ab:97:60:94:39:69:c9:d5:98:d8:
+ c9:84:a6:1c:93:92:00:e0:fd:79:d2:ee:84:95:b5:
+ a1:38:3a:c0:76:61:fe:fe:be:44:9b:77:a0:bf:17:
+ d1:45:91:1d:ba:a0:7b:e6:7c:5d:3b:ad:50:2c:e7:
+ b9:41:08:d9:c5:ad:09:91:65:d1:72:57:42:2f:fb:
+ 1d:a0:d3:60:39:8c:7f:d2:91:59:d0:9b:0b:0b:85:
+ 77:7c:7a:4e:e3:de:f8:c2:1b:9d:29:19:a6:e4:7b:
+ e3:08:d8:c3:ee:fd:c0:13:1b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ DE:23:2E:B1:97:E8:21:FB:05:0A:EB:ED:50:A7:96:15:27:BE:77:92
+ X509v3 Authority Key Identifier:
+ keyid:06:D0:C0:FB:C5:79:67:F9:F9:10:92:CA:81:5B:5F:92:D8:D8:9F:A6
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
+ serial:DE:88:28:EC:1B:64:08:9C
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:4
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 58:36:94:f1:3b:54:9f:0d:3b:90:64:d6:b9:f4:6f:3f:60:85:
+ 13:a1:80:f3:6e:2b:1a:3a:4f:9a:08:e2:d9:da:14:9f:e2:3f:
+ 9b:10:75:0b:7e:c7:bc:c5:91:78:1d:8d:51:b4:7e:4a:ea:d4:
+ 9f:e9:20:1e:59:8b:8f:13:30:a6:90:fd:be:18:bc:07:39:89:
+ bb:66:65:4a:2a:4a:97:ae:bf:91:32:b6:4c:9d:9e:2d:5d:40:
+ d7:d0:28:f9:f2:89:ee:40:0a:a7:99:d2:ac:08:8b:54:9c:8d:
+ 3a:8c:94:71:76:22:f9:0d:7b:0a:96:31:f5:7d:7c:3b:17:d1:
+ d9:a7
+-----BEGIN CERTIFICATE-----
+MIIDMjCCApugAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcNAQkBFgN0YTEwHhcNMTEw
+MzIxMDA0OTIzWhcNMTMxMjE1MDA0OTIzWjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gxX3RhMTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArA7UuhhP0iJtHg7FMRh2ws1w96uXYJQ5
+acnVmNjJhKYck5IA4P150u6ElbWhODrAdmH+/r5Em3egvxfRRZEduqB75nxdO61Q
+LOe5QQjZxa0JkWXRcldCL/sdoNNgOYx/0pFZ0JsLC4V3fHpO4974whudKRmm5Hvj
+CNjD7v3AExsCAwEAAaOB4zCB4DAdBgNVHQ4EFgQU3iMusZfoIfsFCuvtUKeWFSe+
+d5IwgZoGA1UdIwSBkjCBj4AUBtDA+8V5Z/n5EJLKgVtfktjYn6ahbKRqMGgxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEW
+A3RhMYIJAN6IKOwbZAicMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBCwUAA4GBAFg2lPE7VJ8NO5Bk1rn0bz9ghROhgPNuKxo6
+T5oI4tnaFJ/iP5sQdQt+x7zFkXgdjVG0fkrq1J/pIB5Zi48TMKaQ/b4YvAc5ibtm
+ZUoqSpeuv5Eytkydni1dQNfQKPnyie5ACqeZ0qwIi1ScjTqMlHF2IvkNewqWMfV9
+fDsX0dmn
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 16 (0x10)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
+ Validity
+ Not Before: Mar 21 00:49:27 2011 GMT
+ Not After : Dec 15 00:49:27 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ce:60:c2:15:27:ff:ef:55:03:7a:1a:95:17:7f:
+ 93:80:b9:a8:64:3f:96:0f:5e:b2:b6:0b:c0:85:02:
+ 7a:25:96:e0:e7:31:07:f7:4a:b9:8b:a7:87:7c:34:
+ 65:9b:08:b3:26:05:13:c4:d3:2e:88:e7:a7:d8:c7:
+ 05:56:a4:8b:57:b6:12:2e:c4:68:6f:7c:b6:5d:38:
+ 7d:a2:93:6f:30:9f:ef:bf:db:81:ee:7b:7f:3a:2e:
+ 19:7e:b9:0d:9d:e2:0a:e3:56:36:8d:cb:54:d9:c3:
+ fd:67:59:58:19:8b:60:65:1d:9c:70:e8:c3:18:ae:
+ ec:af:56:ef:19:26:e6:94:fd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 0A:B2:12:2B:7E:04:40:9E:1A:C1:B4:A8:96:B9:C3:A1:0A:83:6D:3B
+ X509v3 Authority Key Identifier:
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
+ serial:EE:77:7E:6A:C1:1E:57:ED
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 35:2f:59:d9:6d:8f:bd:bc:f0:1a:f9:40:91:f3:f9:d7:4e:29:
+ e5:cc:44:92:d1:13:cd:f7:e1:cb:a2:06:d3:ba:f2:c5:cf:c2:
+ 4c:ad:5c:3b:91:a6:2a:35:ed:ae:cb:fc:b9:78:90:fb:6b:8b:
+ fd:20:ef:0a:69:61:5e:76:49:07:3b:11:fe:29:8f:fd:14:4d:
+ be:72:79:aa:49:68:47:22:3e:88:56:71:58:f2:e7:3a:6c:52:
+ 66:73:98:28:41:e4:32:39:a6:c9:3e:40:12:de:4f:9a:fa:b1:
+ 9d:b8:75:5b:c3:05:0b:bc:da:33:a1:a4:6d:c6:4c:21:e6:74:
+ 87:36
+-----BEGIN CERTIFICATE-----
+MIIDLzCCApigAwIBAgIBEDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
+MzIxMDA0OTI3WhcNMTMxMjE1MDA0OTI3WjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3RhMzCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzmDCFSf/71UDehqVF3+TgLmoZD+WD16y
+tgvAhQJ6JZbg5zEH90q5i6eHfDRlmwizJgUTxNMuiOen2McFVqSLV7YSLsRob3y2
+XTh9opNvMJ/vv9uB7nt/Oi4ZfrkNneIK41Y2jctU2cP9Z1lYGYtgZR2ccOjDGK7s
+r1bvGSbmlP0CAwEAAaOB4DCB3TAdBgNVHQ4EFgQUCrISK34EQJ4awbSolrnDoQqD
+bTswgZoGA1UdIwSBkjCBj4AU4p6hi9fTsPHD6XekSV1qTqtzrF2hbKRqMGgxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEW
+A3RhM4IJAO53fmrBHlftMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4GBADUvWdltj7288Br5QJHz+ddOKeXMRJLRE8334cui
+BtO68sXPwkytXDuRpio17a7L/Ll4kPtri/0g7wppYV52SQc7Ef4pj/0UTb5yeapJ
+aEciPohWcVjy5zpsUmZzmChB5DI5psk+QBLeT5r6sZ24dVvDBQu82jOhpG3GTCHm
+dIc2
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1_ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 34 (0x22)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
+ Validity
+ Not Before: Mar 21 00:49:32 2011 GMT
+ Not After : Dec 15 00:49:32 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ad:9c:0a:58:1d:2c:e7:a7:fd:de:8c:0e:99:5d:
+ d0:b2:67:ff:59:40:86:7a:d5:13:cc:5e:a5:e4:81:
+ 95:45:b5:6b:ad:2b:d5:26:bc:b2:53:03:94:57:61:
+ 16:5d:60:df:2e:6a:15:3a:04:88:77:3f:cb:01:20:
+ 10:20:e0:ab:49:6d:44:58:d9:c6:9b:44:73:ed:d9:
+ 1a:f3:eb:ca:74:de:90:06:ff:cb:18:9c:43:f7:4e:
+ e0:cb:06:af:fe:4e:2c:9b:bf:6a:c2:ae:50:c3:e7:
+ fd:d9:c1:f1:18:ad:b7:ae:f7:56:8a:50:f6:13:1b:
+ 47:0d:c2:cf:c4:3f:31:f1:2b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ AB:0B:EF:CE:AA:F0:43:97:3A:CD:58:D0:D9:C2:F9:C4:EB:8D:7C:FF
+ X509v3 Authority Key Identifier:
+ keyid:0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:C5:19:14:97:E3:27:2E:9B
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 00:09:60:76:36:5d:a6:ae:0b:a0:94:ad:78:be:a0:18:7c:96:
+ 13:6c:8b:04:2c:bc:29:d8:f0:93:d8:86:d9:07:71:fb:0f:05:
+ 72:65:fe:ed:e3:1c:ac:bf:22:c2:db:03:c5:2e:3f:f2:cf:98:
+ 00:7b:ee:de:96:11:90:bf:22:03:7a:c3:c3:22:dc:1a:ea:7e:
+ f5:7e:a7:64:70:18:e2:13:be:b0:3e:d8:57:a6:de:28:5b:06:
+ 4e:90:c6:22:e0:3a:e9:2c:9a:de:f4:bf:d8:b7:da:b7:e3:24:
+ f6:11:69:18:e5:64:fd:94:22:7b:b5:ef:e4:4d:6c:1a:eb:8f:
+ 5c:7d
+-----BEGIN CERTIFICATE-----
+MIIDLzCCApigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
+MzIxMDA0OTMyWhcNMTMxMjE1MDA0OTMyWjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3RhNDCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArZwKWB0s56f93owOmV3Qsmf/WUCGetUT
+zF6l5IGVRbVrrSvVJryyUwOUV2EWXWDfLmoVOgSIdz/LASAQIOCrSW1EWNnGm0Rz
+7dka8+vKdN6QBv/LGJxD907gywav/k4sm79qwq5Qw+f92cHxGK23rvdWilD2ExtH
+DcLPxD8x8SsCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUqwvvzqrwQ5c6zVjQ2cL5xOuN
+fP8wgZoGA1UdIwSBkjCBj4AUChy6plvGgzJg5ZsAhTd00Y0wuoqhbKRqMGgxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEW
+A3RhNIIJAMUZFJfjJy6bMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4GBAAAJYHY2XaauC6CUrXi+oBh8lhNsiwQsvCnY8JPY
+htkHcfsPBXJl/u3jHKy/IsLbA8UuP/LPmAB77t6WEZC/IgN6w8Mi3BrqfvV+p2Rw
+GOITvrA+2Fem3ihbBk6QxiLgOuksmt70v9i32rfjJPYRaRjlZP2UInu17+RNbBrr
+j1x9
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch1_ta5_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,69 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 40 (0x28)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
+ Validity
+ Not Before: Mar 21 00:49:34 2011 GMT
+ Not After : Dec 15 00:49:34 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta5/emailAddress=ch1_ta5
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d2:0e:3e:0c:53:ef:ad:91:13:5e:b6:01:7f:c6:
+ 16:4e:da:7d:c8:26:1b:85:38:e0:98:d4:b2:61:0b:
+ 43:bb:2e:92:d5:9a:0e:db:ab:ad:8f:6e:9d:c8:25:
+ 36:e2:db:ca:fa:ab:4b:5a:25:91:46:c9:66:11:0d:
+ 66:9e:f7:11:82:02:e1:2e:ef:df:f4:ed:9f:0f:a4:
+ 6f:60:41:20:32:8c:10:90:4c:9c:ad:55:cc:40:03:
+ 89:f5:15:53:13:7d:ab:be:53:8b:14:44:88:f8:54:
+ 50:db:31:f5:ae:5c:0d:78:68:aa:3f:9b:4a:fa:1a:
+ b1:47:53:bf:72:1d:89:f9:43
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 08:00:AB:E5:4A:60:83:0C:49:32:88:DC:48:8D:79:30:7A:72:E4:A3
+ X509v3 Authority Key Identifier:
+ keyid:8A:83:E9:51:D7:32:B4:6F:3B:85:AF:1A:11:94:5C:B6:21:E5:5D:0F
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
+ serial:EC:86:C3:65:F9:7F:14:08
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/ta5_crl.pem
+
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 1e:0c:b3:a3:63:49:b5:3d:0e:4d:ed:d1:31:fc:06:39:8c:30:
+ 8d:f8:f1:0f:2e:ae:27:f2:57:d4:64:ff:ac:05:cc:2d:3d:0d:
+ de:b3:e6:be:9c:51:9b:1a:08:b1:e7:9f:6d:3e:a6:af:c0:9c:
+ d0:e6:57:de:d3:61:9c:0f:a9:c9:bc:0d:59:03:e2:d4:4d:f4:
+ 0d:48:49:ad:64:a2:33:71:3e:07:2f:61:a5:02:46:61:1c:c0:
+ b5:f0:3c:f8:4f:42:ff:72:3c:7a:63:5a:16:68:7d:2b:08:aa:
+ 3b:bd:e5:25:9f:19:3e:22:42:cd:4b:e7:0f:17:c3:a9:1d:d6:
+ 9e:53
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAtagAwIBAgIBKDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEMMAoGA1UEAxMDdGE1MRIwEAYJKoZIhvcNAQkBFgN0YTUwHhcNMTEw
+MzIxMDA0OTM0WhcNMTMxMjE1MDA0OTM0WjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY2gxX3RhNTEWMBQGCSqGSIb3DQEJARYHY2gxX3RhNTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0g4+DFPvrZETXrYBf8YWTtp9yCYbhTjg
+mNSyYQtDuy6S1ZoO26utj26dyCU24tvK+qtLWiWRRslmEQ1mnvcRggLhLu/f9O2f
+D6RvYEEgMowQkEycrVXMQAOJ9RVTE32rvlOLFESI+FRQ2zH1rlwNeGiqP5tK+hqx
+R1O/ch2J+UMCAwEAAaOCAR0wggEZMB0GA1UdDgQWBBQIAKvlSmCDDEkyiNxIjXkw
+enLkozCBmgYDVR0jBIGSMIGPgBSKg+lR1zK0bzuFrxoRlFy2IeVdD6FspGowaDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcTCk1lbmxv
+IFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhNTESMBAGCSqGSIb3DQEJ
+ARYDdGE1ggkA7IbDZfl/FAgwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8EMzAxMC+g
+LaArhilodHRwOi8vbG9jYWxob3N0OjEyMDAxL2ZpbGUvMC90YTVfY3JsLnBlbTAO
+BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAHgyzo2NJtT0OTe3RMfwG
+OYwwjfjxDy6uJ/JX1GT/rAXMLT0N3rPmvpxRmxoIseefbT6mr8Cc0OZX3tNhnA+p
+ybwNWQPi1E30DUhJrWSiM3E+By9hpQJGYRzAtfA8+E9C/3I8emNaFmh9KwiqO73l
+JZ8ZPiJCzUvnDxfDqR3WnlM=
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/chain_certs/ch2.2_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 9 (0x9)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_pubCA1/emailAddress=ch1_pubCA1
- Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2.2_pubCA1/emailAddress=ch2.2_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c8:33:0b:b1:2a:41:42:8c:70:88:60:cd:52:0e:
- ac:43:d5:65:9d:4a:29:4d:e6:32:9d:a7:ae:0e:dd:
- 0c:68:3e:bd:0b:51:77:53:7d:c8:1d:49:a2:19:23:
- 95:41:b4:9b:1f:89:fb:21:9c:f8:2b:e3:65:c3:17:
- 22:cb:c6:f6:b4:cd:92:ae:a6:b1:f4:41:78:9e:0d:
- 4c:4b:36:39:a4:8d:a9:2a:11:1e:08:1a:83:f6:3d:
- 36:ab:d2:c7:48:e7:c7:7d:53:54:6a:a0:05:ca:5e:
- 8d:b9:7f:eb:91:64:38:ec:32:0f:69:66:15:52:6a:
- 2d:bd:5f:18:71:99:d4:1e:1d
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Issuer Alternative Name: critical
- <EMPTY>
-
- Signature Algorithm: sha256WithRSAEncryption
- 68:9e:f9:b9:92:e1:89:22:3f:c0:f0:e6:c5:61:f5:c5:c6:8a:
- 01:12:fb:d4:1c:86:1a:33:fa:6d:9f:a1:55:76:6b:1f:bb:13:
- 36:0d:94:20:c6:92:38:1e:5a:4d:e2:a9:60:76:b3:2b:24:c5:
- fc:a7:f3:32:22:14:d6:e3:cd:0b:55:40:92:15:a7:f2:09:35:
- 02:e1:4e:b5:54:5a:41:54:cc:78:82:f3:d7:97:24:16:b0:b9:
- 00:35:a2:55:da:f2:ce:05:d3:46:f9:20:fa:35:9b:aa:12:3e:
- ec:a8:d0:f6:40:6b:0e:5c:de:85:5f:b1:5e:5f:9f:f2:47:ec:
- d4:b9
------BEGIN CERTIFICATE-----
-MIIChzCCAfCgAwIBAgIBCTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gxX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gx
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHoxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRUwEwYDVQQDFAxjaDIuMl9wdWJDQTExGzAZBgkqhkiG
-9w0BCQEWDGNoMi4yX3B1YkNBMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-yDMLsSpBQoxwiGDNUg6sQ9VlnUopTeYynaeuDt0MaD69C1F3U33IHUmiGSOVQbSb
-H4n7IZz4K+Nlwxciy8b2tM2Srqax9EF4ng1MSzY5pI2pKhEeCBqD9j02q9LHSOfH
-fVNUaqAFyl6NuX/rkWQ47DIPaWYVUmotvV8YcZnUHh0CAwEAAaMhMB8wDwYDVR0T
-AQH/BAUwAwEB/zAMBgNVHRIBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4GBAGie+bmS
-4YkiP8Dw5sVh9cXGigES+9Qchhoz+m2foVV2ax+7EzYNlCDGkjgeWk3iqWB2sysk
-xfyn8zIiFNbjzQtVQJIVp/IJNQLhTrVUWkFUzHiC89eXJBawuQA1olXa8s4F00b5
-IPo1m6oSPuyo0PZAaw5c3oVfsV5fn/JH7NS5
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/chain_certs/ch2_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 5 (0x5)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_pubCA1/emailAddress=ch1_pubCA1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ec:10:82:b8:bd:a9:12:9e:70:2e:52:89:62:d7:
- 8d:9c:a4:01:07:27:ee:20:92:6e:07:1e:dd:58:98:
- 5b:65:6f:85:1b:b0:cd:e7:6d:f6:b3:9b:bd:1f:be:
- 93:09:79:b6:f8:0a:45:8c:c4:b8:22:a3:fb:ad:96:
- 03:6b:0f:18:b6:fa:d3:b5:35:99:92:a3:82:a2:71:
- 93:ba:76:e4:ba:f6:87:2f:e8:a2:ed:2b:0c:a7:e4:
- bf:ae:9c:03:08:8a:1e:29:25:66:72:14:f1:99:05:
- 2c:29:14:4d:59:b8:71:d6:95:78:48:7d:a3:b9:8f:
- eb:9e:e9:7c:b8:5c:65:5b:e7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- A2:7C:37:64:6C:9B:F6:34:69:35:2F:6E:2A:03:57:1C:DD:C7:69:60
- X509v3 Authority Key Identifier:
- keyid:C6:B5:AB:18:BB:95:31:CE:CA:76:FC:4A:0E:4A:67:25:0D:6A:2B:8B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta1/emailAddress=pubCA1_ta1
- serial:04
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 8f:da:b0:83:87:60:1c:12:43:c5:37:e3:09:36:f2:5b:b2:e8:
- 36:eb:d5:c6:00:30:22:8c:e0:33:6a:61:8b:1b:45:d3:b4:e3:
- c0:05:54:ef:52:1e:d1:41:f5:7d:c2:3b:0d:24:d5:78:bf:f1:
- 93:ad:32:c5:66:8c:3b:84:0d:f7:0b:e4:08:2c:bf:10:47:09:
- 02:18:d4:19:40:f1:18:af:c1:38:90:89:b1:a2:48:d2:b1:4d:
- f9:ad:86:f2:64:cc:35:fb:35:87:25:49:2b:e3:29:23:f3:fd:
- 47:55:4c:2d:05:c3:c4:5b:75:27:4a:45:2a:e2:7f:5b:c5:b8:
- 97:78
------BEGIN CERTIFICATE-----
-MIIDSTCCArKgAwIBAgIBBTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gxX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gx
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTBaFw0xMzEwMjQwMjU0MTBaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjaDJfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjaDJfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDsEIK4
-vakSnnAuUoli142cpAEHJ+4gkm4HHt1YmFtlb4UbsM3nbfazm70fvpMJebb4CkWM
-xLgio/utlgNrDxi2+tO1NZmSo4KicZO6duS69ocv6KLtKwyn5L+unAMIih4pJWZy
-FPGZBSwpFE1ZuHHWlXhIfaO5j+ue6Xy4XGVb5wIDAQABo4HmMIHjMB0GA1UdDgQW
-BBSifDdkbJv2NGk1L24qA1cc3cdpYDCBoAYDVR0jBIGYMIGVgBTGtasYu5Uxzsp2
-/EoOSmclDWori6F6pHgwdjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
-aWExEzARBgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEzARBgNVBAMU
-CnB1YkNBMV90YTExGTAXBgkqhkiG9w0BCQEWCnB1YkNBMV90YTGCAQQwDwYDVR0T
-AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAj9qw
-g4dgHBJDxTfjCTbyW7LoNuvVxgAwIozgM2phixtF07TjwAVU71Ie0UH1fcI7DSTV
-eL/xk60yxWaMO4QN9wvkCCy/EEcJAhjUGUDxGK/BOJCJsaJI0rFN+a2G8mTMNfs1
-hyVJK+MpI/P9R1VMLQXDxFt1J0pFKuJ/W8W4l3g=
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch2_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 2 (0x2)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta1/emailAddress=ch1_ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_ta1/emailAddress=ch2_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b2:2e:64:17:3d:dd:32:ab:60:b1:07:9e:8d:da:
+ 3c:50:91:b7:d2:c0:b2:bc:af:74:3b:c1:4e:6c:f3:
+ d0:98:91:32:34:fb:dd:48:04:3a:86:9f:e7:31:2e:
+ 19:b3:49:59:0b:20:19:b1:bb:52:91:45:57:ba:36:
+ 49:62:82:61:3b:8d:63:11:c8:a6:fa:9a:20:b8:34:
+ 4e:0e:4d:31:73:6b:ea:5e:d9:2d:fb:b5:f9:04:7c:
+ f9:9d:b0:0d:4f:74:2b:35:b1:4d:63:5d:11:48:7e:
+ 72:cd:f4:07:35:5f:e7:59:5e:16:e2:99:3a:b4:7f:
+ 4a:cc:bc:86:53:bd:55:bc:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 79:04:42:77:11:18:EC:24:43:48:52:11:99:DE:86:84:23:B1:50:77
+ X509v3 Authority Key Identifier:
+ keyid:DE:23:2E:B1:97:E8:21:FB:05:0A:EB:ED:50:A7:96:15:27:BE:77:92
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
+ serial:01
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:3
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 24:59:ab:c0:7d:fe:62:1b:1a:98:45:78:80:ef:a3:0e:6a:cd:
+ f9:ed:8a:4f:9b:18:59:ad:2b:d5:3d:db:7d:3f:ab:c3:4a:c7:
+ 33:95:33:43:4b:16:44:50:1a:6e:38:ad:7b:8f:f9:06:f4:72:
+ 7b:15:75:59:0d:db:11:a7:86:b4:e9:de:28:c9:39:d0:d7:25:
+ 46:51:26:16:bd:15:70:d1:b2:87:e2:2c:48:aa:28:96:0a:f8:
+ 4e:d4:44:99:66:62:04:6d:8d:2c:0f:f0:08:8d:d2:5c:fa:4e:
+ 62:1a:25:f1:5c:ef:44:56:83:35:a7:e3:a9:ca:c0:18:90:18:
+ 54:42
+-----BEGIN CERTIFICATE-----
+MIIDMjCCApugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDJfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDJf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyLmQXPd0yq2CxB56N2jxQ
+kbfSwLK8r3Q7wU5s89CYkTI0+91IBDqGn+cxLhmzSVkLIBmxu1KRRVe6NkligmE7
+jWMRyKb6miC4NE4OTTFza+pe2S37tfkEfPmdsA1PdCs1sU1jXRFIfnLN9Ac1X+dZ
+XhbimTq0f0rMvIZTvVW8VwIDAQABo4HbMIHYMB0GA1UdDgQWBBR5BEJ3ERjsJENI
+UhGZ3oaEI7FQdzCBkgYDVR0jBIGKMIGHgBTeIy6xl+gh+wUK6+1Qp5YVJ753kqFs
+pGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhMTESMBAGCSqG
+SIb3DQEJARYDdGExggEBMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBCwUAA4GBACRZq8B9/mIbGphFeIDvow5qzfntik+bGFmt
+K9U9230/q8NKxzOVM0NLFkRQGm44rXuP+Qb0cnsVdVkN2xGnhrTp3ijJOdDXJUZR
+Jha9FXDRsofiLEiqKJYK+E7URJlmYgRtjSwP8AiN0lz6TmIaJfFc70RWgzWn46nK
+wBiQGFRC
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch3_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 3 (0x3)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_ta1/emailAddress=ch2_ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch3_ta1/emailAddress=ch3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ab:d1:d5:d2:6a:72:f2:b9:20:07:53:98:e6:14:
+ fc:de:66:e7:0e:1d:ab:35:c7:f5:80:5c:fb:e7:03:
+ 4a:97:15:b7:da:3a:18:5f:50:39:1c:9a:aa:ad:f8:
+ 64:d3:76:a1:c7:e2:f8:56:c9:1d:af:3f:bb:d0:98:
+ f4:2c:c3:1c:ea:e3:18:f2:60:35:6e:3b:99:67:35:
+ 27:cb:64:7e:3c:1c:cb:64:d3:bc:60:f1:8a:37:47:
+ 9c:02:6e:7c:e3:d3:38:1a:f0:3d:93:31:83:57:ae:
+ 36:17:b4:20:e8:44:72:7f:d4:65:25:a5:42:b3:02:
+ 55:69:18:9b:fa:5f:7f:62:f3
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 9D:49:C0:40:BE:F9:2D:9D:38:CF:BB:7C:6C:33:70:E3:13:2C:F9:05
+ X509v3 Authority Key Identifier:
+ keyid:79:04:42:77:11:18:EC:24:43:48:52:11:99:DE:86:84:23:B1:50:77
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta1/emailAddress=ch1_ta1
+ serial:02
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:2
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 41:ff:9f:2c:11:ef:c9:51:0d:5a:68:82:16:89:b4:ab:7e:91:
+ 0e:ef:c9:86:d7:d9:47:8d:63:9a:a4:66:2e:d4:bc:58:c0:6a:
+ 23:e3:8e:ab:0b:44:c0:19:20:eb:96:bc:d2:39:b4:60:3f:3f:
+ 7c:d7:6d:39:09:ff:fb:bd:9f:35:de:54:64:85:fc:ee:86:91:
+ aa:95:11:a4:38:c5:28:71:ae:a8:4b:d7:b2:8f:24:59:da:57:
+ 92:31:ae:34:b3:21:cc:32:02:3c:b5:00:64:c4:1e:be:0d:af:
+ bd:e7:a6:3d:6f:77:84:62:04:21:cf:26:6b:8f:c5:1c:0b:4c:
+ 5c:dd
+-----BEGIN CERTIFICATE-----
+MIIDOjCCAqOgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gyX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gyX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDNfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDNf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCr0dXSanLyuSAHU5jmFPze
+ZucOHas1x/WAXPvnA0qXFbfaOhhfUDkcmqqt+GTTdqHH4vhWyR2vP7vQmPQswxzq
+4xjyYDVuO5lnNSfLZH48HMtk07xg8Yo3R5wCbnzj0zga8D2TMYNXrjYXtCDoRHJ/
+1GUlpUKzAlVpGJv6X39i8wIDAQABo4HjMIHgMB0GA1UdDgQWBBSdScBAvvktnTjP
+u3xsM3DjEyz5BTCBmgYDVR0jBIGSMIGPgBR5BEJ3ERjsJENIUhGZ3oaEI7FQd6F0
+pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEDAOBgNVBAMUB2NoMV90YTExFjAU
+BgkqhkiG9w0BCQEWB2NoMV90YTGCAQIwEgYDVR0TAQH/BAgwBgEB/wIBAjAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAQf+fLBHvyVENWmiCFom0q36R
+Du/JhtfZR41jmqRmLtS8WMBqI+OOqwtEwBkg65a80jm0YD8/fNdtOQn/+72fNd5U
+ZIX87oaRqpURpDjFKHGuqEvXso8kWdpXkjGuNLMhzDICPLUAZMQevg2vveemPW93
+hGIEIc8ma4/FHAtMXN0=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch4.3_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 12 (0xc)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch3_ta1/emailAddress=ch3_ta1
+ Validity
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4.3_ta1/emailAddress=ch4.3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bf:bb:29:f0:2f:1e:74:b0:bc:ea:4d:fe:c7:9b:
+ d3:4c:ce:d5:46:d1:11:ef:56:6f:9a:be:1a:53:c3:
+ 04:3b:cd:10:14:87:67:c5:87:39:8e:a3:17:aa:42:
+ f4:09:cc:31:68:2a:6e:1c:50:2c:70:5a:de:59:10:
+ c0:74:ea:73:2b:06:1c:d9:20:29:f4:48:d5:c9:1e:
+ 29:0a:9d:47:73:68:50:f4:75:34:06:93:d5:a9:7e:
+ b8:20:2e:6d:ef:79:c3:92:83:79:53:4b:26:9e:80:
+ 32:19:5f:39:fe:44:7b:89:09:dc:63:7a:4c:ad:d6:
+ 77:31:1a:9c:26:3c:af:3c:7b
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ B2:F9:FB:5A:A8:19:23:A0:E6:D5:C5:4C:B0:2D:8B:01:65:7F:9E:49
+ X509v3 Authority Key Identifier:
+ keyid:9D:49:C0:40:BE:F9:2D:9D:38:CF:BB:7C:6C:33:70:E3:13:2C:F9:05
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2_ta1/emailAddress=ch2_ta1
+ serial:03
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 44:f7:b5:6e:5f:59:fc:8f:11:6f:c8:52:14:e2:f6:e2:13:36:
+ 03:88:ab:7f:86:bc:56:a6:d8:f1:94:bd:ac:48:36:f5:af:5d:
+ 63:f5:47:1e:03:ac:64:2d:08:ee:1c:4f:0b:08:3d:cf:48:0a:
+ 2b:94:12:d7:b7:96:00:d0:76:e6:3b:63:fa:ea:2a:c8:46:04:
+ 94:9e:a2:51:88:b5:54:96:63:6d:a5:10:f2:6c:3b:fb:2b:ef:
+ cc:ee:8a:d4:c1:a0:05:e4:c0:4f:23:dc:2b:5b:c3:18:37:68:
+ 90:98:3d:12:17:e0:b8:e4:38:75:34:58:08:03:05:15:3d:b7:
+ b6:64
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAqegAwIBAgIBDDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gzX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gzX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjZaFw0xMzEyMTUwMDQ5MjZaMHQxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRIwEAYDVQQDFAljaDQuM190YTExGDAWBgkqhkiG9w0BCQEWCWNo
+NC4zX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv7sp8C8edLC86k3+
+x5vTTM7VRtER71Zvmr4aU8MEO80QFIdnxYc5jqMXqkL0CcwxaCpuHFAscFreWRDA
+dOpzKwYc2SAp9EjVyR4pCp1Hc2hQ9HU0BpPVqX64IC5t73nDkoN5U0smnoAyGV85
+/kR7iQncY3pMrdZ3MRqcJjyvPHsCAwEAAaOB4zCB4DAdBgNVHQ4EFgQUsvn7WqgZ
+I6Dm1cVMsC2LAWV/nkkwgZoGA1UdIwSBkjCBj4AUnUnAQL75LZ04z7t8bDNw4xMs
++QWhdKRyMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD
+VQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjaDJfdGEx
+MRYwFAYJKoZIhvcNAQkBFgdjaDJfdGExggEDMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAET3tW5fWfyPEW/IUhTi
+9uITNgOIq3+GvFam2PGUvaxINvWvXWP1Rx4DrGQtCO4cTwsIPc9ICiuUEte3lgDQ
+duY7Y/rqKshGBJSeolGItVSWY22lEPJsO/sr78zuitTBoAXkwE8j3Ctbwxg3aJCY
+PRIX4LjkOHU0WAgDBRU9t7Zk
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch4_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4 (0x4)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch3_ta1/emailAddress=ch3_ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bc:b0:1a:27:f4:c4:84:a7:3e:96:d8:95:a1:35:
+ 16:b8:82:cc:de:c1:b5:3e:66:0d:0e:cd:3f:5f:38:
+ f1:aa:ae:0b:63:56:87:52:e5:b0:b0:6e:6b:fb:47:
+ 97:03:db:50:04:25:d8:f9:75:9b:81:4f:d9:99:bd:
+ 53:47:0a:97:7c:d4:02:40:b8:92:5d:77:d2:2d:64:
+ 88:f7:a9:dc:c2:ba:96:f0:74:fa:61:53:9e:a6:84:
+ 97:ed:97:49:08:36:29:d5:2c:f4:05:d3:81:e2:f8:
+ 7f:f0:05:96:05:29:b0:2f:29:66:6d:32:3d:1e:b7:
+ 79:b5:67:e7:34:4b:00:79:47
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 52:80:D6:40:50:47:FD:82:5A:83:A4:24:CE:3E:DC:C7:E1:6F:56:00
+ X509v3 Authority Key Identifier:
+ keyid:9D:49:C0:40:BE:F9:2D:9D:38:CF:BB:7C:6C:33:70:E3:13:2C:F9:05
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2_ta1/emailAddress=ch2_ta1
+ serial:03
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:1
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 65:cf:99:2f:0c:5c:87:4b:5c:8e:19:82:57:a8:a2:f9:51:a0:
+ 89:24:0b:6e:ca:8b:68:4c:1f:28:ee:8d:95:44:9d:23:52:76:
+ 6d:90:cb:7f:ab:0a:46:87:0c:69:94:41:4b:2e:04:ef:e9:72:
+ f4:17:ab:6f:86:76:dd:19:e3:65:cb:df:31:e5:2b:10:fb:04:
+ 6e:b8:60:e4:59:98:09:2b:13:31:2f:8d:c6:28:24:1f:39:ae:
+ 2e:39:8c:8f:8f:d1:0c:6b:cd:be:db:16:c9:8d:aa:f0:94:c5:
+ da:cd:85:08:fc:02:2b:f2:6e:e4:d6:9a:ef:55:0c:c2:d0:ba:
+ c0:27
+-----BEGIN CERTIFICATE-----
+MIIDOjCCAqOgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gzX3RhMTEWMBQGCSqGSIb3DQEJARYHY2gzX3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDRfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDRf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8sBon9MSEpz6W2JWhNRa4
+gszewbU+Zg0OzT9fOPGqrgtjVodS5bCwbmv7R5cD21AEJdj5dZuBT9mZvVNHCpd8
+1AJAuJJdd9ItZIj3qdzCupbwdPphU56mhJftl0kINinVLPQF04Hi+H/wBZYFKbAv
+KWZtMj0et3m1Z+c0SwB5RwIDAQABo4HjMIHgMB0GA1UdDgQWBBRSgNZAUEf9glqD
+pCTOPtzH4W9WADCBmgYDVR0jBIGSMIGPgBSdScBAvvktnTjPu3xsM3DjEyz5BaF0
+pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEDAOBgNVBAMUB2NoMl90YTExFjAU
+BgkqhkiG9w0BCQEWB2NoMl90YTGCAQMwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAZc+ZLwxch0tcjhmCV6ii+VGg
+iSQLbsqLaEwfKO6NlUSdI1J2bZDLf6sKRocMaZRBSy4E7+ly9Berb4Z23RnjZcvf
+MeUrEPsEbrhg5FmYCSsTMS+NxigkHzmuLjmMj4/RDGvNvtsWyY2q8JTF2s2FCPwC
+K/Ju5Naa71UMwtC6wCc=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch5.1_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,55 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 8 (0x8)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.1_ta1/emailAddress=ch5.1_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d7:b9:78:e1:ad:bd:98:ac:da:90:68:26:db:d7:
+ ed:5b:e4:0f:d7:ef:c1:4d:84:20:4b:7c:ef:27:50:
+ 4b:ab:e0:61:10:10:ae:6b:d6:ed:96:b3:04:18:b2:
+ 4d:30:b8:23:97:24:a9:92:6a:19:95:fc:bc:7a:70:
+ ab:65:55:26:4a:62:dd:09:df:9b:03:e1:38:f8:ba:
+ ac:2d:26:f3:76:84:c9:5d:f8:21:a0:57:d0:6c:ad:
+ 2e:60:cc:af:15:03:8f:e5:e0:e2:86:df:ed:07:a5:
+ 4a:35:fe:65:78:94:5f:07:bd:d0:f7:7a:28:8e:5d:
+ 98:21:7b:c5:6d:fe:43:5c:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Issuer Alternative Name: critical
+ <EMPTY>
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 57:9c:5a:4b:ab:37:f1:61:c6:ab:27:91:f0:8b:68:aa:8d:81:
+ 0b:6f:4c:ae:9b:05:91:e6:f3:1a:91:6f:8a:e8:5c:a4:9e:dd:
+ a9:aa:2f:2a:85:e9:77:6d:d4:04:d5:07:e4:ad:3d:db:90:8f:
+ 08:99:ca:c2:4c:c5:8c:c9:6b:01:e8:98:2f:6e:ad:17:46:59:
+ 15:3a:72:ee:16:30:3e:14:82:6a:7f:ea:89:ce:b8:9d:00:14:
+ af:c7:bf:06:54:04:c5:3c:ab:f6:96:48:1a:a5:60:b5:3d:94:
+ 41:91:24:8a:98:bb:8d:ea:be:f3:4b:2d:fc:8d:de:06:48:9e:
+ 35:55
+-----BEGIN CERTIFICATE-----
+MIICezCCAeSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g0X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g0X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHQxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRIwEAYDVQQDFAljaDUuMV90YTExGDAWBgkqhkiG9w0BCQEWCWNo
+NS4xX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA17l44a29mKzakGgm
+29ftW+QP1+/BTYQgS3zvJ1BLq+BhEBCua9btlrMEGLJNMLgjlySpkmoZlfy8enCr
+ZVUmSmLdCd+bA+E4+LqsLSbzdoTJXfghoFfQbK0uYMyvFQOP5eDiht/tB6VKNf5l
+eJRfB73Q93oojl2YIXvFbf5DXFcCAwEAAaMhMB8wDwYDVR0TAQH/BAUwAwEB/zAM
+BgNVHRIBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4GBAFecWkurN/FhxqsnkfCLaKqN
+gQtvTK6bBZHm8xqRb4roXKSe3amqLyqF6Xdt1ATVB+StPduQjwiZysJMxYzJawHo
+mC9urRdGWRU6cu4WMD4Ugmp/6onOuJ0AFK/HvwZUBMU8q/aWSBqlYLU9lEGRJIqY
+u43qvvNLLfyN3gZInjVV
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch5.2_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 10 (0xa)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.2_ta1/emailAddress=ch5.2_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ae:6a:8e:9d:ec:f8:54:be:fb:5c:ae:02:f6:32:
+ dc:e0:8c:a7:3a:26:62:27:93:68:2d:c5:7d:84:0a:
+ ae:c5:d6:a6:61:a5:d4:0b:6c:e2:b8:43:6a:a4:af:
+ 78:a7:dc:4d:b4:d5:b1:85:67:57:d2:a8:61:c4:08:
+ 21:34:07:4c:d5:87:71:65:8b:d3:af:44:87:3f:f5:
+ d5:2d:45:83:3e:52:4d:0a:6d:cb:68:55:8e:f4:bc:
+ 2b:50:6d:e6:69:50:68:6c:a1:be:ec:cd:e2:96:96:
+ 96:04:8d:ba:32:b9:0d:90:87:0f:ff:f0:ab:77:92:
+ 51:ac:ef:36:b3:6b:2d:17:93
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 51:52:C7:88:A6:9D:32:EF:AC:95:BF:79:10:0B:6E:F7:65:94:A7:F9
+ X509v3 Authority Key Identifier:
+ keyid:52:80:D6:40:50:47:FD:82:5A:83:A4:24:CE:3E:DC:C7:E1:6F:56:00
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
+ serial:04
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:1
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 61:86:a8:a9:d8:9f:08:19:cc:fd:ad:24:65:2e:67:dc:39:79:
+ 35:75:d5:c4:06:4b:e2:84:ce:86:9a:b8:b9:d6:00:a4:47:41:
+ a8:57:4f:09:2d:b4:cb:7f:40:73:8a:a3:fe:9d:eb:14:00:f0:
+ e8:f5:23:b2:30:19:31:d9:15:98:96:f2:6b:80:9e:11:52:b2:
+ f5:d3:ed:30:38:c7:a0:d1:21:fc:7a:99:cd:1f:a8:fc:6b:0b:
+ 31:29:02:1a:1e:77:c8:75:70:5f:13:cf:92:02:79:a9:e1:d7:
+ d9:2a:38:f7:ff:0a:8d:21:1a:5a:8e:25:1e:8c:a7:02:f0:ff:
+ ef:02
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAqegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g0X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g0X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHQxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRIwEAYDVQQDFAljaDUuMl90YTExGDAWBgkqhkiG9w0BCQEWCWNo
+NS4yX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArmqOnez4VL77XK4C
+9jLc4IynOiZiJ5NoLcV9hAquxdamYaXUC2ziuENqpK94p9xNtNWxhWdX0qhhxAgh
+NAdM1YdxZYvTr0SHP/XVLUWDPlJNCm3LaFWO9LwrUG3maVBobKG+7M3ilpaWBI26
+MrkNkIcP//Crd5JRrO82s2stF5MCAwEAAaOB4zCB4DAdBgNVHQ4EFgQUUVLHiKad
+Mu+slb95EAtu92WUp/kwgZoGA1UdIwSBkjCBj4AUUoDWQFBH/YJag6Qkzj7cx+Fv
+VgChdKRyMHAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD
+VQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjaDNfdGEx
+MRYwFAYJKoZIhvcNAQkBFgdjaDNfdGExggEEMBIGA1UdEwEB/wQIMAYBAf8CAQEw
+DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAGGGqKnYnwgZzP2tJGUu
+Z9w5eTV11cQGS+KEzoaauLnWAKRHQahXTwkttMt/QHOKo/6d6xQA8Oj1I7IwGTHZ
+FZiW8muAnhFSsvXT7TA4x6DRIfx6mc0fqPxrCzEpAhoed8h1cF8Tz5ICeanh19kq
+OPf/Co0hGlqOJR6MpwLw/+8C
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch5.3_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 13 (0xd)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4.3_ta1/emailAddress=ch4.3_ta1
+ Validity
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.3_ta1/emailAddress=ch5.3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b6:f8:e3:58:93:ea:62:c9:34:62:40:97:14:c7:
+ 2e:45:45:56:a8:05:4b:da:9d:6e:7f:0e:54:92:00:
+ 9a:0d:c7:cf:5f:65:49:35:1a:d3:9d:e3:53:62:59:
+ ab:94:9e:01:8b:df:d6:7f:ea:d9:c9:f8:ff:cb:a3:
+ 43:4e:4b:ba:d4:8c:fb:e7:4d:0b:ac:d3:c2:1b:54:
+ eb:9a:17:95:d9:9d:38:e6:e9:b6:7f:d6:da:1a:33:
+ d0:2e:f7:93:67:9c:1e:7f:12:1f:71:37:a0:e5:ac:
+ f6:18:81:5e:bc:a0:75:a6:96:18:01:6e:7a:e2:42:
+ 2a:90:d1:31:64:f1:06:31:f5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 63:11:18:64:5B:58:88:7E:89:2C:0C:88:B4:3F:5C:02:58:7B:4A:E7
+ X509v3 Authority Key Identifier:
+ keyid:B2:F9:FB:5A:A8:19:23:A0:E6:D5:C5:4C:B0:2D:8B:01:65:7F:9E:49
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
+ serial:0C
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 90:9a:37:9a:90:06:27:6c:4a:27:9e:c4:b5:e0:28:50:27:b2:
+ 0c:d0:64:74:de:79:3f:b8:c1:10:76:a9:5a:04:2e:78:3d:e7:
+ d7:f8:64:aa:0e:1a:a0:bb:0e:3b:23:f0:e8:68:0d:9d:f4:1b:
+ c0:4e:2c:90:b2:5d:de:41:4b:56:6a:85:26:05:83:3a:cf:e2:
+ b0:2a:f7:99:d9:37:6e:df:2a:24:3f:1e:22:6b:a3:cd:b4:4a:
+ da:64:32:a3:5b:f5:02:44:12:65:cd:f3:15:29:71:77:b1:93:
+ 9b:ea:67:5d:de:c0:32:f6:f2:aa:a1:f0:d8:36:d9:5e:d7:50:
+ e6:cc
+-----BEGIN CERTIFICATE-----
+MIIDQjCCAqugAwIBAgIBDTANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2g0LjNfdGExMRgwFgYJKoZIhvcNAQkBFgljaDQu
+M190YTEwHhcNMTEwMzIxMDA0OTI2WhcNMTMxMjE1MDA0OTI2WjB0MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTESMBAGA1UEAxQJY2g1LjNfdGExMRgwFgYJKoZIhvcNAQkB
+FgljaDUuM190YTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALb441iT6mLJ
+NGJAlxTHLkVFVqgFS9qdbn8OVJIAmg3Hz19lSTUa053jU2JZq5SeAYvf1n/q2cn4
+/8ujQ05LutSM++dNC6zTwhtU65oXldmdOObptn/W2hoz0C73k2ecHn8SH3E3oOWs
+9hiBXrygdaaWGAFueuJCKpDRMWTxBjH1AgMBAAGjgeMwgeAwHQYDVR0OBBYEFGMR
+GGRbWIh+iSwMiLQ/XAJYe0rnMIGaBgNVHSMEgZIwgY+AFLL5+1qoGSOg5tXFTLAt
+iwFlf55JoXSkcjBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTET
+MBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEQMA4GA1UEAxQHY2gz
+X3RhMTEWMBQGCSqGSIb3DQEJARYHY2gzX3RhMYIBDDASBgNVHRMBAf8ECDAGAQH/
+AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOBgQCQmjeakAYnbEon
+nsS14ChQJ7IM0GR03nk/uMEQdqlaBC54PefX+GSqDhqguw47I/DoaA2d9BvATiyQ
+sl3eQUtWaoUmBYM6z+KwKveZ2Tdu3yokPx4ia6PNtEraZDKjW/UCRBJlzfMVKXF3
+sZOb6mdd3sAy9vKqofDYNtle11DmzA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/chain_certs/ch5_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,65 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 5 (0x5)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch4_ta1/emailAddress=ch4_ta1
+ Validity
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5_ta1/emailAddress=ch5_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d3:82:fa:b8:50:8a:e0:df:3b:22:76:0f:c1:a2:
+ 7b:fa:c3:09:fc:49:9f:ac:e3:9e:f1:60:66:8f:04:
+ ec:80:fd:1b:5c:a0:b1:3c:14:e0:79:d6:f9:49:d1:
+ 69:21:af:c6:37:7b:f0:e1:29:9e:a5:85:45:ec:e0:
+ 2b:5b:79:4b:39:28:0a:ab:5a:38:46:48:4e:c2:95:
+ b0:ff:77:50:b0:32:25:95:11:c6:52:ff:27:d0:e6:
+ 83:5a:3e:6a:58:11:66:ba:84:ac:7a:d3:db:b4:75:
+ fa:41:ea:ad:af:13:5b:12:b4:c3:3b:46:38:13:5d:
+ 53:b2:59:33:fc:76:5e:e9:d7
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ ED:B5:69:19:79:F6:9F:B1:40:1F:75:72:AD:B9:B6:7B:EF:65:4A:E9
+ X509v3 Authority Key Identifier:
+ keyid:52:80:D6:40:50:47:FD:82:5A:83:A4:24:CE:3E:DC:C7:E1:6F:56:00
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
+ serial:04
+
+ X509v3 Basic Constraints: critical
+ CA:TRUE, pathlen:0
+ X509v3 Key Usage: critical
+ Certificate Sign, CRL Sign
+ Signature Algorithm: sha256WithRSAEncryption
+ 13:d3:94:3b:b2:b5:f4:74:4d:09:85:d8:53:0a:c9:b5:54:ab:
+ 83:3b:55:9c:a6:28:33:35:fb:ba:1b:86:4c:19:39:35:f4:91:
+ 4c:9b:78:1e:30:73:58:41:da:b9:5b:7f:54:b1:39:5d:47:56:
+ d8:cc:3a:4b:7a:1c:32:32:b8:9b:90:be:a3:f6:04:87:ea:4c:
+ 81:95:0a:aa:09:03:86:db:d8:61:4f:4b:ea:40:ac:09:eb:7b:
+ 8a:39:07:4d:6a:54:b5:fc:9b:72:52:79:9a:a5:89:01:0d:00:
+ aa:6c:ab:7a:4e:1b:d8:63:c4:a2:dc:7c:51:df:7c:1c:36:ad:
+ a6:ec
+-----BEGIN CERTIFICATE-----
+MIIDOjCCAqOgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g0X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g0X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMHAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRAwDgYDVQQDFAdjaDVfdGExMRYwFAYJKoZIhvcNAQkBFgdjaDVf
+dGExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTgvq4UIrg3zsidg/Bonv6
+wwn8SZ+s457xYGaPBOyA/RtcoLE8FOB51vlJ0Wkhr8Y3e/DhKZ6lhUXs4CtbeUs5
+KAqrWjhGSE7ClbD/d1CwMiWVEcZS/yfQ5oNaPmpYEWa6hKx609u0dfpB6q2vE1sS
+tMM7RjgTXVOyWTP8dl7p1wIDAQABo4HjMIHgMB0GA1UdDgQWBBTttWkZefafsUAf
+dXKtubZ772VK6TCBmgYDVR0jBIGSMIGPgBRSgNZAUEf9glqDpCTOPtzH4W9WAKF0
+pHIwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
+Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxEDAOBgNVBAMUB2NoM190YTExFjAU
+BgkqhkiG9w0BCQEWB2NoM190YTGCAQQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAE9OUO7K19HRNCYXYUwrJtVSr
+gztVnKYoMzX7uhuGTBk5NfSRTJt4HjBzWEHauVt/VLE5XUdW2Mw6S3ocMjK4m5C+
+o/YEh+pMgZUKqgkDhtvYYU9L6kCsCet7ijkHTWpUtfybclJ5mqWJAQ0Aqmyrek4b
+2GPEotx8Ud98HDatpuw=
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/06.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/06.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,24 +3,24 @@
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5_ta1/emailAddress=ch5_ta1
Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_pubCA1/emailAddress=cs1_pubCA1
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5_ta1/emailAddress=cs1_ch5_ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:d6:e0:78:fd:9b:ec:79:f0:02:f0:cc:7a:8b:63:
- e1:60:e3:41:a8:d8:0d:82:4a:2d:ee:6c:53:b0:6b:
- 21:50:42:06:2e:a6:af:3d:fa:e8:55:a0:79:54:31:
- cb:65:f8:03:e6:84:a9:3d:76:cc:7b:06:de:d3:25:
- 0e:e5:e3:99:18:7c:13:9e:73:3d:5c:88:7a:5d:f5:
- 58:54:08:cf:bf:fc:73:d0:ef:be:f5:04:fb:71:4b:
- 98:84:82:3a:61:f5:04:29:48:5d:3d:c2:73:56:33:
- 8e:0e:fc:0d:3a:1e:57:d9:a3:7c:c9:fd:db:27:8a:
- 1a:de:d4:13:53:ce:a2:12:79
+ 00:b3:a4:c0:9b:2d:3a:3d:41:21:47:c3:96:e2:60:
+ e4:dd:24:83:4a:1c:91:4e:c0:30:f7:c1:8f:7b:87:
+ 58:9a:ce:09:6f:9e:85:0d:cf:a9:33:ea:aa:4e:c8:
+ e6:60:1e:14:25:66:80:c9:e9:9c:1b:60:4a:dc:cb:
+ 66:b0:03:38:bc:42:dc:0e:e1:da:d5:e8:25:20:75:
+ e9:3f:58:20:09:91:b0:b6:da:6f:aa:26:69:50:87:
+ 3b:37:eb:a7:e7:66:b1:de:ad:57:78:98:cf:17:59:
+ 7e:10:b6:da:ca:58:7d:45:14:8a:f1:0f:f1:af:5b:
+ 00:26:36:af:1e:0d:29:47:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- e1:3a:ec:60:96:47:14:c0:7a:76:85:f9:54:21:ae:48:b9:d1:
- 33:a3:62:73:07:04:83:aa:4b:a7:6a:3f:a9:ff:8e:34:8c:38:
- c0:a4:38:c2:66:75:6f:67:20:31:1d:9b:bf:a7:19:52:c5:56:
- ff:5c:f1:a8:07:bc:66:7f:e0:49:23:18:af:fa:ca:c7:36:0b:
- 67:85:08:d3:35:61:44:ce:6b:d5:f2:92:a5:bc:98:d1:24:68:
- 3c:a9:0a:f7:71:a4:0b:41:fb:69:37:7c:78:d4:4b:18:ab:2b:
- 95:a9:19:cb:b7:01:53:65:cc:d4:22:a1:69:47:bd:e8:db:41:
- fe:82
+ cb:cf:66:b0:f1:ff:e3:9f:6a:e8:36:19:07:ee:4a:88:72:25:
+ 41:e5:27:33:e1:2d:81:e0:23:d8:16:1a:db:b7:a2:ad:30:81:
+ b4:19:e6:0d:7a:30:c6:11:8e:c0:e3:89:b9:c8:67:66:17:fa:
+ 28:96:74:30:7b:74:0e:1e:71:b9:fb:6a:34:24:7b:f6:69:bb:
+ 36:c9:00:63:86:4b:49:16:74:6c:64:69:55:ce:bb:15:fb:fd:
+ 89:78:72:d3:47:d2:12:ad:c0:43:f6:56:c2:77:9e:68:04:6c:
+ 30:4a:28:06:7b:a7:74:2a:3a:8a:b8:7d:41:2b:aa:61:93:28:
+ 97:75
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBBjANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICfjCCAeegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gyX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gy
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDW4Hj9
-m+x58ALwzHqLY+Fg40Go2A2CSi3ubFOwayFQQgYupq89+uhVoHlUMctl+APmhKk9
-dsx7Bt7TJQ7l45kYfBOecz1ciHpd9VhUCM+//HPQ7771BPtxS5iEgjph9QQpSF09
-wnNWM44O/A06HlfZo3zJ/dsnihre1BNTzqISeQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQDhOuxglkcUwHp2
-hflUIa5IudEzo2JzBwSDqkunaj+p/440jDjApDjCZnVvZyAxHZu/pxlSxVb/XPGo
-B7xmf+BJIxiv+srHNgtnhQjTNWFEzmvV8pKlvJjRJGg8qQr3caQLQftpN3x41EsY
-qyuVqRnLtwFTZczUIqFpR73o20H+gg==
+ChMEcGtnNTEQMA4GA1UEAxQHY2g1X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g1X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2g1X3RhMTEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoNV90YTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALOkwJstOj1B
+IUfDluJg5N0kg0ockU7AMPfBj3uHWJrOCW+ehQ3PqTPqqk7I5mAeFCVmgMnpnBtg
+StzLZrADOLxC3A7h2tXoJSB16T9YIAmRsLbab6omaVCHOzfrp+dmsd6tV3iYzxdZ
+fhC22spYfUUUivEP8a9bACY2rx4NKUdlAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAMvPZrDx/+Ofaug2GQfu
+SohyJUHlJzPhLYHgI9gWGtu3oq0wgbQZ5g16MMYRjsDjibnIZ2YX+iiWdDB7dA4e
+cbn7ajQke/ZpuzbJAGOGS0kWdGxkaVXOuxX7/Yl4ctNH0hKtwEP2VsJ3nmgEbDBK
+KAZ7p3QqOoq4fUErqmGTKJd1
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/07.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/07.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,54 +3,54 @@
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5_ta1/emailAddress=ch5_ta1
Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_pubCA1/emailAddress=cs2_pubCA1
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ch5_ta1/emailAddress=cs2_ch5_ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:d1:1e:d4:1f:8e:07:3a:4f:d3:23:c7:80:1a:ea:
- 17:87:6b:38:d4:f8:1c:9b:1d:22:de:41:47:d0:dd:
- 65:9f:63:92:a1:a0:a4:58:22:53:dd:68:bd:86:a8:
- 88:a3:a9:64:15:fb:b2:75:6a:bb:cd:f0:d8:11:40:
- 80:ce:2a:55:8f:15:d4:86:f9:2a:47:81:e1:1f:89:
- 02:4d:ce:7f:9a:34:b3:87:08:d3:fd:1f:db:02:09:
- 9c:c6:e6:83:f6:79:78:97:cc:aa:e8:47:0b:d2:f7:
- 9d:55:31:50:e4:ae:d6:24:b2:f5:57:bf:0e:76:ae:
- f7:9c:c0:04:66:b0:3e:7c:4f
+ 00:de:1f:a8:50:7e:6c:fc:18:0a:4a:ef:9e:9e:ef:
+ 1a:1c:87:54:8c:2f:09:55:b5:9d:2b:ae:be:ee:ca:
+ 30:bf:ed:97:c2:8e:4e:6a:29:e6:d0:98:1a:57:72:
+ 19:6d:b3:ad:2c:d0:f0:da:c4:f2:e1:81:27:b5:6a:
+ 35:4c:30:d3:d5:54:e7:b5:3b:04:04:63:b5:05:0a:
+ 50:35:44:19:14:7f:a9:ff:e1:24:e4:63:ef:81:f4:
+ 9e:42:4a:14:b2:b4:ef:ae:36:94:a3:ad:23:3f:67:
+ 2e:69:61:28:3a:2f:1b:9f:d8:f3:e3:76:f0:6c:88:
+ 95:41:33:71:51:f1:90:8f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/pubCA1_ta1_crl.pem
+ URI:http://localhost:12001/file/0/ch5_ta1_crl.pem
Signature Algorithm: sha256WithRSAEncryption
- 89:bf:be:5d:02:b5:ce:54:5d:07:30:23:a2:bf:4d:9f:28:97:
- e1:71:2a:fa:28:42:9e:21:db:7f:e2:58:9e:a2:09:37:6c:85:
- cc:02:8b:fc:8b:d7:f1:d3:86:93:64:7e:bd:4c:6f:1d:90:30:
- b4:b0:f7:57:81:0a:f1:1d:1d:9c:8b:a4:da:1b:9a:ff:0f:4b:
- e4:75:04:10:b1:a8:65:3a:08:2e:02:ae:eb:c6:8f:c0:d9:9c:
- 40:df:0d:58:a6:3f:11:bd:68:a5:2c:58:b9:02:b2:21:d4:e3:
- c8:da:68:52:fd:26:31:34:8a:19:8d:e0:87:c7:23:46:40:92:
- ba:31
+ 67:d1:ca:3f:b4:bc:18:78:03:7b:48:ce:90:a0:01:b9:44:f4:
+ 2a:08:25:94:f0:62:dc:4d:62:dc:8d:36:44:db:63:87:af:21:
+ 06:56:89:b8:e1:6b:31:58:e4:b3:94:57:86:ea:7c:89:0e:38:
+ 69:eb:9f:75:c2:79:55:b4:fc:e8:d9:45:0c:a1:52:8e:f2:d0:
+ b5:35:51:b9:e1:10:50:5a:f3:50:e7:93:76:11:a4:00:e6:38:
+ 59:0d:0d:0d:2e:e8:66:30:20:0e:b0:5b:00:aa:ac:7d:14:ec:
+ 60:02:c1:b9:38:28:1b:42:f9:20:c8:43:13:cc:7e:86:33:eb:
+ 10:70
-----BEGIN CERTIFICATE-----
-MIICtTCCAh6gAwIBAgIBBzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICrjCCAhegAwIBAgIBBzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gyX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gy
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczJfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjczJfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRHtQf
-jgc6T9Mjx4Aa6heHazjU+BybHSLeQUfQ3WWfY5KhoKRYIlPdaL2GqIijqWQV+7J1
-arvN8NgRQIDOKlWPFdSG+SpHgeEfiQJNzn+aNLOHCNP9H9sCCZzG5oP2eXiXzKro
-RwvS951VMVDkrtYksvVXvw52rvecwARmsD58TwIDAQABo1MwUTAMBgNVHRMBAf8E
-AjAAMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmls
-ZS8wL3B1YkNBMV90YTFfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQCJv75dArXO
-VF0HMCOiv02fKJfhcSr6KEKeIdt/4lieogk3bIXMAov8i9fx04aTZH69TG8dkDC0
-sPdXgQrxHR2ci6TaG5r/D0vkdQQQsahlOgguAq7rxo/A2ZxA3w1Ypj8RvWilLFi5
-ArIh1OPI2mhS/SYxNIoZjeCHxyNGQJK6MQ==
+ChMEcGtnNTEQMA4GA1UEAxQHY2g1X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g1X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczJfY2g1X3RhMTEaMBgGCSqGSIb3DQEJARYL
+Y3MyX2NoNV90YTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4fqFB+bPwY
+Ckrvnp7vGhyHVIwvCVW1nSuuvu7KML/tl8KOTmop5tCYGldyGW2zrSzQ8NrE8uGB
+J7VqNUww09VU57U7BARjtQUKUDVEGRR/qf/hJORj74H0nkJKFLK07642lKOtIz9n
+LmlhKDovG5/Y8+N28GyIlUEzcVHxkI8dAgMBAAGjUDBOMAwGA1UdEwEB/wQCMAAw
+PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2xvY2FsaG9zdDoxMjAwMS9maWxlLzAv
+Y2g1X3RhMV9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4GBAGfRyj+0vBh4A3tIzpCg
+AblE9CoIJZTwYtxNYtyNNkTbY4evIQZWibjhazFY5LOUV4bqfIkOOGnrn3XCeVW0
+/OjZRQyhUo7y0LU1UbnhEFBa81Dnk3YRpADmOFkNDQ0u6GYwIA6wWwCqrH0U7GAC
+wbk4KBtC+SDIQxPMfoYz6xBw
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/08.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 8 (0x8)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
- Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_pubCA1/emailAddress=cs3_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:da:26:a1:68:66:ec:6f:7f:7c:94:94:0f:74:17:
- 52:0e:41:86:ae:43:40:f1:ea:c0:af:e8:51:03:96:
- 82:4e:35:d4:44:a0:0d:0d:67:2b:44:bf:81:5c:87:
- 9a:62:42:59:0e:97:81:75:35:6e:18:67:7e:95:41:
- 47:5c:51:f6:5a:27:dc:b9:2a:2a:ea:5b:6c:b9:59:
- 78:7c:fb:ff:59:67:5d:35:8b:b7:90:71:29:68:80:
- c8:b0:ad:37:60:96:21:34:79:25:41:20:f8:40:e4:
- 32:90:c0:16:81:c3:b3:47:9f:02:bb:15:7d:32:6d:
- 5d:75:04:45:cf:23:b5:8e:95
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/ch1_pubCA1_crl.pem
-
- Signature Algorithm: sha256WithRSAEncryption
- dd:86:89:f4:bb:73:30:c8:1d:74:90:de:cc:b0:7b:a5:0c:30:
- 02:d1:b9:f1:65:c0:f7:2b:cb:60:3b:87:73:ad:dd:0c:fe:d7:
- 7f:93:8f:63:ce:fd:de:30:06:30:1d:b4:40:65:86:a8:19:da:
- d6:ac:2f:bb:65:49:51:38:6b:44:fb:69:5e:03:e6:c3:80:86:
- fd:46:4d:c1:4d:c9:7b:85:92:b9:9b:75:72:43:94:75:73:73:
- 06:45:33:3a:5b:16:d0:c3:26:58:39:9c:e6:bf:df:48:b8:72:
- c3:8a:d3:10:cc:9c:c4:91:e9:85:b6:5e:5d:88:f0:94:df:20:
- 9f:33
------BEGIN CERTIFICATE-----
-MIICtTCCAh6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gyX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gy
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczNfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjczNfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaJqFo
-Zuxvf3yUlA90F1IOQYauQ0Dx6sCv6FEDloJONdREoA0NZytEv4Fch5piQlkOl4F1
-NW4YZ36VQUdcUfZaJ9y5KirqW2y5WXh8+/9ZZ101i7eQcSlogMiwrTdgliE0eSVB
-IPhA5DKQwBaBw7NHnwK7FX0ybV11BEXPI7WOlQIDAQABo1MwUTAMBgNVHRMBAf8E
-AjAAMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmls
-ZS8wL2NoMV9wdWJDQTFfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQDdhon0u3Mw
-yB10kN7MsHulDDAC0bnxZcD3K8tgO4dzrd0M/td/k49jzv3eMAYwHbRAZYaoGdrW
-rC+7ZUlROGtE+2leA+bDgIb9Rk3BTcl7hZK5m3VyQ5R1c3MGRTM6WxbQwyZYOZzm
-v99IuHLDitMQzJzEkemFtl5diPCU3yCfMw==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/09.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 9 (0x9)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.1_ta1/emailAddress=ch5.1_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5.1_ta1/emailAddress=cs1_ch5.1_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bf:ce:74:08:89:5a:78:fe:33:bc:42:8f:19:79:
+ 0f:76:ce:ff:da:f1:32:62:4a:34:ee:54:3a:81:61:
+ 9a:02:81:02:4b:77:c7:7c:ef:50:99:68:f4:40:4d:
+ fa:41:a3:a4:86:a4:9c:6a:45:2b:99:15:ba:d8:d5:
+ 97:f5:30:25:c0:f3:7c:a1:eb:50:58:8e:23:04:b0:
+ 72:ea:bb:21:fc:6c:37:37:ab:85:c3:36:8c:42:dc:
+ 83:12:6a:a1:b1:3e:8b:f9:b6:4c:43:8e:38:15:c1:
+ 40:22:f8:7d:59:c0:9c:f6:75:85:0d:ed:43:4c:d8:
+ 7f:84:c8:dd:a4:7d:66:c4:63
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 35:e5:fc:ad:b3:07:3c:23:cc:b9:a1:82:8c:2e:97:3a:65:e1:
+ 25:03:16:50:e7:a3:69:cb:bf:e3:5e:be:59:60:ba:96:af:44:
+ 01:18:de:2e:c7:5f:cf:19:ca:59:fc:01:f5:86:e0:5e:e9:c6:
+ 70:9e:4c:e7:e1:ad:41:1b:be:11:a8:bb:cd:28:67:a8:7d:81:
+ ec:55:25:5e:c6:c7:c3:f2:42:3e:07:e8:68:ca:5c:41:dd:34:
+ b4:de:b2:f4:cb:dd:b3:e9:76:07:4c:d3:87:b1:4f:56:39:40:
+ 77:03:42:ae:80:be:d3:ae:cb:75:80:09:82:87:7c:3b:2a:e0:
+ bd:04
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBCTANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2g1LjFfdGExMRgwFgYJKoZIhvcNAQkBFgljaDUu
+MV90YTEwHhcNMTEwMzIxMDA0OTI0WhcNMTMxMjE1MDA0OTI0WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoNS4xX3RhMTEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoNS4xX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+v850CIlaeP4zvEKPGXkPds7/2vEyYko07lQ6gWGaAoECS3fHfO9QmWj0QE36QaOk
+hqScakUrmRW62NWX9TAlwPN8oetQWI4jBLBy6rsh/Gw3N6uFwzaMQtyDEmqhsT6L
++bZMQ444FcFAIvh9WcCc9nWFDe1DTNh/hMjdpH1mxGMCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEANeX8rbMH
+PCPMuaGCjC6XOmXhJQMWUOejacu/416+WWC6lq9EARjeLsdfzxnKWfwB9YbgXunG
+cJ5M5+GtQRu+Eai7zShnqH2B7FUlXsbHw/JCPgfoaMpcQd00tN6y9Mvds+l2B0zT
+h7FPVjlAdwNCroC+067LdYAJgod8OyrgvQQ=
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/0A.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10 (0xa)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2.2_pubCA1/emailAddress=ch2.2_pubCA1
- Validity
- Not Before: Jan 28 02:54:12 2011 GMT
- Not After : Oct 24 02:54:12 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs4_pubCA1/emailAddress=cs4_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:df:f2:c5:0d:12:9b:77:c9:0f:03:07:db:91:4e:
- 6a:94:fd:50:fc:2b:78:ab:ad:40:eb:8d:d4:fa:42:
- 99:5e:68:4a:1c:a7:ca:82:da:4b:22:b1:81:20:b7:
- df:e4:c6:df:3f:95:5a:fd:03:8e:47:fc:85:43:d4:
- b1:53:d1:cd:6b:eb:82:47:f6:21:35:71:fe:da:c1:
- 2b:50:d7:61:ef:7e:60:d7:61:3e:64:3f:33:ab:0e:
- 88:0f:41:3d:15:9e:f5:f1:4f:c3:90:d3:6e:16:32:
- 5f:33:52:5c:2d:8a:43:dd:23:c5:4a:e7:85:42:29:
- 03:ee:10:cd:a5:e1:02:73:63
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 96:2d:e6:30:36:53:f7:af:a6:40:75:9f:d6:55:7a:8d:71:31:
- 54:f8:61:6c:8e:45:fd:86:5f:1f:88:7c:df:d3:af:5c:1e:da:
- 2d:40:c3:00:b4:a8:05:2d:c2:7c:6e:a7:45:45:26:e9:1f:25:
- 25:9d:b6:2b:1f:7d:ba:79:63:7e:e8:73:2d:49:0e:a5:a3:02:
- 7b:d3:9a:ab:df:55:5e:4d:aa:8e:ae:10:0d:de:50:bd:0e:47:
- d1:60:ff:4c:87:b7:f4:49:ee:68:3f:f4:a1:dd:b6:72:73:43:
- fc:3e:b8:4a:f3:7c:6c:95:b3:cb:ba:78:aa:35:5c:b0:48:3e:
- 0d:90
------BEGIN CERTIFICATE-----
-MIIChjCCAe+gAwIBAgIBCjANBgkqhkiG9w0BAQsFADB6MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEVMBMGA1UEAxQMY2gyLjJfcHViQ0ExMRswGQYJKoZIhvcNAQkBFgxj
-aDIuMl9wdWJDQTEwHhcNMTEwMTI4MDI1NDEyWhcNMTMxMDI0MDI1NDEyWjB2MQsw
-CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8g
-UGFyazENMAsGA1UEChMEcGtnNTETMBEGA1UEAxQKY3M0X3B1YkNBMTEZMBcGCSqG
-SIb3DQEJARYKY3M0X3B1YkNBMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-3/LFDRKbd8kPAwfbkU5qlP1Q/Ct4q61A643U+kKZXmhKHKfKgtpLIrGBILff5Mbf
-P5Va/QOOR/yFQ9SxU9HNa+uCR/YhNXH+2sErUNdh735g12E+ZD8zqw6ID0E9FZ71
-8U/DkNNuFjJfM1JcLYpD3SPFSueFQikD7hDNpeECc2MCAwEAAaMgMB4wDAYDVR0T
-AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAli3mMDZT
-96+mQHWf1lV6jXExVPhhbI5F/YZfH4h839OvXB7aLUDDALSoBS3CfG6nRUUm6R8l
-JZ22Kx99unljfuhzLUkOpaMCe9Oaq99VXk2qjq4QDd5QvQ5H0WD/TIe39EnuaD/0
-od22cnND/D64SvN8bJWzy7p4qjVcsEg+DZA=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/0B.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/0B.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,24 +3,24 @@
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.2_ta1/emailAddress=ch5.2_ta1
Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta2/emailAddress=cs1_ta2
+ Not Before: Mar 21 00:49:25 2011 GMT
+ Not After : Dec 15 00:49:25 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5.2_ta1/emailAddress=cs1_ch5.2_ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:b8:c1:19:42:b1:26:a9:33:1f:1f:55:d0:4f:6d:
- 43:a3:55:75:c7:de:18:5a:69:cc:62:b2:a6:ec:f5:
- 78:19:31:5a:1a:d8:6c:d8:48:66:7d:15:d4:da:fe:
- dd:7c:42:a0:ae:22:d1:51:f5:22:54:49:7d:16:58:
- cf:82:b7:3e:45:c5:7e:da:84:28:f6:b3:5c:90:61:
- 27:0e:70:fe:fa:6c:3f:20:0a:a0:10:50:9c:75:a4:
- 02:62:d8:68:26:63:ba:21:10:89:39:ab:18:fa:10:
- 77:26:4f:ac:f1:50:41:fc:8c:f7:dc:e9:20:19:7c:
- 2c:fb:02:c7:40:6d:69:ff:05
+ 00:b9:44:f7:70:52:8f:e0:c5:7b:7e:68:01:46:0b:
+ e1:54:1a:91:82:96:5d:d9:60:a7:a6:c2:2d:cf:f6:
+ b1:e6:bc:fe:b5:02:49:20:5e:b7:2e:88:07:05:4e:
+ 88:9e:96:f5:51:22:b1:72:23:88:21:7d:70:d4:51:
+ c1:38:26:87:3c:d2:59:b4:0a:b4:0c:99:fb:eb:89:
+ a8:15:fa:ff:2a:40:52:e2:b3:d1:79:61:4b:a5:f3:
+ 8a:0a:18:4b:76:26:9d:68:c7:83:03:88:77:38:ab:
+ d6:2d:95:17:20:43:cc:6b:c5:d2:1d:85:b7:c0:b4:
+ b7:8c:f7:cc:3e:cc:79:8d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 4b:b0:61:5b:c9:9a:81:8a:04:92:d4:98:39:fc:45:bd:34:90:
- cc:69:4f:86:09:47:3f:e9:26:e2:a0:e6:d4:63:53:32:85:48:
- de:1a:ef:43:bb:8d:19:29:5f:f8:13:bc:27:76:82:d2:77:6d:
- 80:68:e9:96:a3:cd:a3:d0:3c:b1:2a:94:54:7f:d9:95:61:07:
- f7:d9:84:67:ea:bf:23:10:1a:9a:23:f7:3b:aa:83:a4:3c:18:
- 12:95:11:18:fb:2e:93:7c:84:61:6c:50:7d:67:ac:44:39:f5:
- f2:9a:b0:89:f9:bd:71:e0:ae:bb:53:bc:ce:97:5e:ee:cd:14:
- ad:14
+ 15:39:6a:5e:1b:b7:b0:9d:56:ed:4e:0f:28:5e:ba:84:d0:14:
+ 92:4b:51:1f:3f:a7:2b:dc:ac:3d:6a:d6:79:7d:16:e6:db:04:
+ a2:4b:03:c9:d0:d0:4d:09:60:c8:92:ae:cf:ec:39:0e:fb:a2:
+ 17:bf:0d:1b:ff:99:b6:c8:2a:cb:f9:25:bc:b1:8e:94:2b:dc:
+ e1:47:43:a0:21:9c:b3:f3:62:d0:ae:49:e0:aa:a9:a8:23:c5:
+ 7f:60:9a:ce:cc:4b:48:6a:98:2a:58:68:df:89:88:fe:d3:17:
+ 50:82:3b:33:45:4a:08:56:2e:e4:5e:4f:3b:6f:c5:e1:c0:53:
+ 28:a8
-----BEGIN CERTIFICATE-----
-MIICbjCCAdegAwIBAgIBCzANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MIIChjCCAe+gAwIBAgIBCzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEyMRIwEAYJKoZIhvcNAQkBFgN0YTIwHhcNMTEw
-MTI4MDI1NDEzWhcNMTMxMDI0MDI1NDEzWjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTEQMA4GA1UEAxQHY3MxX3RhMjEWMBQGCSqGSIb3DQEJARYHY3MxX3RhMjCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuMEZQrEmqTMfH1XQT21Do1V1x94YWmnM
-YrKm7PV4GTFaGths2EhmfRXU2v7dfEKgriLRUfUiVEl9FljPgrc+RcV+2oQo9rNc
-kGEnDnD++mw/IAqgEFCcdaQCYthoJmO6IRCJOasY+hB3Jk+s8VBB/Iz33OkgGXws
-+wLHQG1p/wUCAwEAAaMgMB4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4Aw
-DQYJKoZIhvcNAQELBQADgYEAS7BhW8magYoEktSYOfxFvTSQzGlPhglHP+km4qDm
-1GNTMoVI3hrvQ7uNGSlf+BO8J3aC0ndtgGjplqPNo9A8sSqUVH/ZlWEH99mEZ+q/
-IxAamiP3O6qDpDwYEpURGPsuk3yEYWxQfWesRDn18pqwifm9ceCuu1O8zpde7s0U
-rRQ=
+ChMEcGtnNTESMBAGA1UEAxQJY2g1LjJfdGExMRgwFgYJKoZIhvcNAQkBFgljaDUu
+Ml90YTEwHhcNMTEwMzIxMDA0OTI1WhcNMTMxMjE1MDA0OTI1WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoNS4yX3RhMTEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoNS4yX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+uUT3cFKP4MV7fmgBRgvhVBqRgpZd2WCnpsItz/ax5rz+tQJJIF63LogHBU6Inpb1
+USKxciOIIX1w1FHBOCaHPNJZtAq0DJn764moFfr/KkBS4rPReWFLpfOKChhLdiad
+aMeDA4h3OKvWLZUXIEPMa8XSHYW3wLS3jPfMPsx5jT0CAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAFTlqXhu3
+sJ1W7U4PKF66hNAUkktRHz+nK9ysPWrWeX0W5tsEoksDydDQTQlgyJKuz+w5Dvui
+F78NG/+Ztsgqy/klvLGOlCvc4UdDoCGcs/Ni0K5J4KqpqCPFf2CazsxLSGqYKlho
+34mI/tMXUII7M0VKCFYu5F5PO2/F4cBTKKg=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/0D.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13 (0xd)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p1_ta3/emailAddress=cs1_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:f6:03:62:59:9b:4b:42:80:bd:9e:2c:51:9d:d6:
- d3:5b:3e:36:b3:da:4b:05:ed:d1:77:b7:3e:dc:0a:
- 87:20:89:51:84:e5:f9:f0:9d:fe:1d:e9:ad:ca:43:
- 9d:41:8e:84:7d:eb:36:85:4f:14:da:18:ee:c9:c3:
- e7:f2:cd:9c:c4:11:16:52:d7:07:9f:f5:52:b7:7b:
- 66:d5:ae:10:0f:fc:44:6d:a4:89:60:95:85:12:ca:
- 31:34:26:1b:b5:e6:4f:5b:31:cc:76:76:c3:12:29:
- f6:64:b6:ea:44:da:e9:51:15:d6:1d:5a:91:cb:62:
- 6e:da:c7:25:66:2f:30:52:17
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 5e:5b:97:12:03:fe:8e:f1:93:90:83:b4:65:f5:4b:56:f6:69:
- 44:d7:12:f3:e7:56:bc:5f:f6:ae:5c:95:19:39:0f:0f:77:0f:
- ef:78:bf:49:df:98:bb:91:02:3d:94:5e:90:d6:b0:a2:b0:d2:
- db:70:29:01:d6:39:81:a5:c3:30:9c:b7:95:21:c7:13:36:9e:
- f7:36:c5:be:7e:f4:9d:3b:71:2d:da:d9:07:55:67:62:34:33:
- 01:19:a7:ba:6f:ae:98:0e:22:a4:06:ad:16:ea:33:7f:e2:15:
- 83:4d:ac:ab:55:ff:aa:2b:15:a6:d2:73:e4:a4:43:53:6c:35:
- 9a:33
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBDTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTNaFw0xMzEwMjQwMjU0MTNaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2A2JZ
-m0tCgL2eLFGd1tNbPjaz2ksF7dF3tz7cCocgiVGE5fnwnf4d6a3KQ51BjoR96zaF
-TxTaGO7Jw+fyzZzEERZS1wef9VK3e2bVrhAP/ERtpIlglYUSyjE0Jhu15k9bMcx2
-dsMSKfZktupE2ulRFdYdWpHLYm7axyVmLzBSFwIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBeW5cSA/6O8ZOQ
-g7Rl9UtW9mlE1xLz51a8X/auXJUZOQ8Pdw/veL9J35i7kQI9lF6Q1rCisNLbcCkB
-1jmBpcMwnLeVIccTNp73NsW+fvSdO3Et2tkHVWdiNDMBGae6b66YDiKkBq0W6jN/
-4hWDTayrVf+qKxWm0nPkpENTbDWaMw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/0E.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/0E.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,53 +3,52 @@
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.3_ta1/emailAddress=ch5.3_ta1
Validity
- Not Before: Jan 28 02:54:18 2011 GMT
- Not After : Oct 24 02:54:18 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_p1_ta3/emailAddress=cs2_p1_ta3
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5.3_ta1/emailAddress=cs1_ch5.3_ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:bd:d7:4b:2b:72:c6:0b:98:3b:3d:ec:72:3f:64:
- 78:bf:a2:c5:47:c1:20:2c:2c:b4:e5:0e:2c:be:aa:
- 7c:ec:9f:ea:ec:06:24:fa:e3:0d:64:ce:4c:59:84:
- 4c:c9:65:40:1f:d0:74:de:1b:90:49:ab:70:22:b7:
- 9b:ae:13:98:df:66:44:b4:2c:82:8b:c8:43:54:c0:
- e3:bf:71:61:5a:96:4f:ef:86:f7:e0:d6:84:5d:81:
- 40:0f:1d:d5:25:98:fb:19:52:4b:40:39:3e:2a:d2:
- 2f:f6:15:7f:94:19:19:44:d7:85:c4:b5:9e:2a:e2:
- e3:ca:8d:a4:8f:84:22:b8:0d
+ 00:ba:d5:66:e3:d0:cd:3b:08:d4:e6:6a:9e:7f:22:
+ 39:47:94:a9:77:5a:dd:26:6a:35:fc:d5:e0:1b:41:
+ cf:0d:ff:6f:66:09:96:8b:32:36:ea:68:69:82:5a:
+ c9:6f:20:ea:ff:1c:83:29:11:d8:f2:99:f8:5c:d4:
+ 85:32:bb:c6:69:ca:dc:f7:d7:89:d4:72:2c:89:8a:
+ 36:22:71:48:bc:fa:e0:f9:03:3c:14:7c:c2:48:92:
+ 10:9f:21:db:2a:3b:01:f2:6f:96:18:61:b4:45:56:
+ 27:81:aa:42:fd:d8:92:84:4e:fd:5d:65:ad:67:67:
+ 4d:06:48:10:88:bb:77:af:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 Issuer Alternative Name: critical
- <EMPTY>
-
+ X509v3 Key Usage: critical
+ Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 12:18:e4:2e:db:dc:d1:db:98:c7:15:88:5e:10:47:9d:89:55:
- b8:43:44:2b:30:ff:ca:b9:19:74:ff:f3:05:c3:60:bb:f9:3a:
- 5e:61:41:da:a3:03:59:cd:ae:39:d0:0b:83:e3:df:19:e5:1a:
- 92:79:09:d6:6d:e4:00:4c:32:45:cf:7f:3e:bc:96:c6:2e:7d:
- 80:d5:ae:11:c6:3d:4c:81:bb:97:39:9f:55:74:36:d5:19:63:
- ea:25:43:bc:8e:ab:88:86:e7:53:8f:e8:30:9a:51:3e:f1:6f:
- a2:21:43:b5:c8:d8:0b:84:65:a8:d5:06:55:f4:38:b9:35:90:
- ee:47
+ 7e:14:ca:ef:10:0b:0d:a4:e4:7d:ba:39:5b:7c:63:b7:9a:d2:
+ b7:cb:25:87:b3:fe:9f:34:55:d2:45:a6:b3:68:27:6d:a7:14:
+ 5c:68:43:0b:81:aa:0b:21:6d:1f:ad:ec:72:de:4b:99:b5:a4:
+ f0:24:15:73:f1:eb:dd:6f:41:2f:3c:4b:06:44:eb:ec:f0:9d:
+ 29:79:ce:d2:ea:e2:55:1b:9f:cf:7c:ca:98:35:6f:98:ec:70:
+ de:f1:04:fa:f1:89:ee:bf:af:a4:f8:35:92:b7:f9:27:a7:5e:
+ 76:cc:c0:79:ad:6b:46:d7:d1:a7:60:35:32:9f:26:b3:b2:e7:
+ 21:a5
-----BEGIN CERTIFICATE-----
-MIICgDCCAemgAwIBAgIBDjANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIChjCCAe+gAwIBAgIBDjANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MThaFw0xMzEwMjQwMjU0MThaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczJfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczJfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC910sr
-csYLmDs97HI/ZHi/osVHwSAsLLTlDiy+qnzsn+rsBiT64w1kzkxZhEzJZUAf0HTe
-G5BJq3Ait5uuE5jfZkS0LIKLyENUwOO/cWFalk/vhvfg1oRdgUAPHdUlmPsZUktA
-OT4q0i/2FX+UGRlE14XEtZ4q4uPKjaSPhCK4DQIDAQABox4wHDAMBgNVHRMBAf8E
-AjAAMAwGA1UdEgEB/wQCMAAwDQYJKoZIhvcNAQELBQADgYEAEhjkLtvc0duYxxWI
-XhBHnYlVuENEKzD/yrkZdP/zBcNgu/k6XmFB2qMDWc2uOdALg+PfGeUaknkJ1m3k
-AEwyRc9/PryWxi59gNWuEcY9TIG7lzmfVXQ21Rlj6iVDvI6riIbnU4/oMJpRPvFv
-oiFDtcjYC4RlqNUGVfQ4uTWQ7kc=
+ChMEcGtnNTESMBAGA1UEAxQJY2g1LjNfdGExMRgwFgYJKoZIhvcNAQkBFgljaDUu
+M190YTEwHhcNMTEwMzIxMDA0OTI2WhcNMTMxMjE1MDA0OTI2WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoNS4zX3RhMTEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoNS4zX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+utVm49DNOwjU5mqefyI5R5Spd1rdJmo1/NXgG0HPDf9vZgmWizI26mhpglrJbyDq
+/xyDKRHY8pn4XNSFMrvGacrc99eJ1HIsiYo2InFIvPrg+QM8FHzCSJIQnyHbKjsB
+8m+WGGG0RVYngapC/diShE79XWWtZ2dNBkgQiLt3ryMCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAfhTK7xAL
+DaTkfbo5W3xjt5rSt8slh7P+nzRV0kWms2gnbacUXGhDC4GqCyFtH63sct5LmbWk
+8CQVc/Hr3W9BLzxLBkTr7PCdKXnO0uriVRufz3zKmDVvmOxw3vEE+vGJ7r+vpPg1
+krf5J6dedszAea1rRtfRp2A1Mp8ms7LnIaU=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/0F.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/0F.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,24 +3,24 @@
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
Validity
- Not Before: Jan 1 01:01:01 2009 GMT
- Not After : Jan 2 01:01:01 2009 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_p1_ta3/emailAddress=cs3_p1_ta3
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta2/emailAddress=cs1_ta2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:cd:90:51:4d:d8:59:5e:67:1d:1b:3d:b6:b7:1c:
- ff:05:97:c5:12:37:91:68:81:11:2b:85:ce:55:b8:
- 7a:99:72:c3:53:4a:4e:b6:82:01:7a:44:d1:b4:ea:
- 12:e0:1f:6a:36:5c:c1:f9:56:a4:cb:a2:ff:4a:d8:
- cc:fb:c1:19:3a:0c:e8:c0:3a:ac:f5:d2:32:1c:4e:
- 2d:16:60:df:84:ae:3e:7b:b5:c3:5c:ac:da:5a:b9:
- bc:61:25:c1:ec:d7:df:f9:34:c0:5f:f4:45:56:a1:
- a1:f3:43:e1:ac:61:24:c7:ee:ba:89:6f:fa:36:b3:
- 7d:3a:b1:be:fa:b2:3f:53:15
+ 00:d1:4a:70:39:c8:22:72:ed:59:a6:45:f9:9a:cb:
+ 75:6d:95:17:d1:d5:fc:4c:98:77:5b:2b:18:94:98:
+ 0c:94:72:d5:52:76:65:ed:c7:84:a9:5d:37:fb:1b:
+ 54:f3:0a:e5:1f:fe:7f:9b:b2:30:7a:1a:4b:c1:9c:
+ 46:84:0d:9b:f9:59:c1:83:ce:9d:95:ec:f2:34:8f:
+ 2b:a7:07:fb:3c:58:64:4f:89:0d:ac:e3:92:03:dd:
+ 50:05:15:65:77:7f:ba:06:dc:f9:7b:e9:11:9a:16:
+ 55:a1:ce:6e:c7:d9:f5:ca:54:f3:da:40:08:dd:45:
+ f5:27:09:95:7e:51:ba:f7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 49:8f:d8:83:5e:c9:fa:54:40:51:5f:01:ee:23:32:9a:88:c6:
- c2:57:49:42:61:38:2c:62:86:05:bc:7a:2f:85:5a:e9:d5:73:
- 8e:1d:3f:07:34:bf:69:41:a1:9b:7a:77:50:9f:b0:4a:c7:af:
- bd:c8:e6:bd:9e:ad:85:85:98:12:e9:ce:0c:e3:3d:55:61:6b:
- e7:e2:36:79:d4:78:0f:da:ea:b8:7e:18:33:80:48:1f:b8:25:
- f1:30:d5:a1:59:86:29:5c:dd:a3:74:27:b4:fa:90:06:43:bb:
- 01:a1:72:af:7c:fc:e8:00:fa:6c:ed:7d:55:77:54:13:67:94:
- 6a:31
+ 5d:98:9c:96:be:80:58:ef:e7:53:c2:79:29:8c:e1:40:18:63:
+ 22:09:e6:ee:c2:a1:22:f9:50:ce:f2:9d:72:21:1d:0d:f9:2a:
+ 2d:a8:eb:9f:03:5d:df:45:88:a8:52:e2:b9:0c:b0:27:7f:42:
+ 8a:1c:45:a1:3b:24:ab:38:b4:e5:b2:ab:7c:d1:57:80:9e:be:
+ 18:3a:ff:49:57:b0:61:cc:cc:63:98:e8:7b:79:de:2b:db:39:
+ 44:df:8a:0d:ad:9c:ce:6e:b6:1f:3c:fa:ad:f7:ac:02:eb:08:
+ 59:34:e9:74:bd:2d:bb:5d:8d:80:5d:bb:3b:18:3d:d6:3b:d2:
+ 9d:47
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBDzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICbjCCAdegAwIBAgIBDzANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0wOTAxMDEwMTAxMDFaFw0wOTAxMDIwMTAxMDFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczNfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczNfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNkFFN
-2FleZx0bPba3HP8Fl8USN5FogRErhc5VuHqZcsNTSk62ggF6RNG06hLgH2o2XMH5
-VqTLov9K2Mz7wRk6DOjAOqz10jIcTi0WYN+Erj57tcNcrNpaubxhJcHs19/5NMBf
-9EVWoaHzQ+GsYSTH7rqJb/o2s306sb76sj9TFQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBJj9iDXsn6VEBR
-XwHuIzKaiMbCV0lCYTgsYoYFvHovhVrp1XOOHT8HNL9pQaGbendQn7BKx6+9yOa9
-nq2FhZgS6c4M4z1VYWvn4jZ51HgP2uq4fhgzgEgfuCXxMNWhWYYpXN2jdCe0+pAG
-Q7sBoXKvfPzoAPps7X1Vd1QTZ5RqMQ==
+ChMEcGtnNTEMMAoGA1UEAxMDdGEyMRIwEAYJKoZIhvcNAQkBFgN0YTIwHhcNMTEw
+MzIxMDA0OTI2WhcNMTMxMjE1MDA0OTI2WjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
+NTEQMA4GA1UEAxQHY3MxX3RhMjEWMBQGCSqGSIb3DQEJARYHY3MxX3RhMjCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0UpwOcgicu1ZpkX5mst1bZUX0dX8TJh3
+WysYlJgMlHLVUnZl7ceEqV03+xtU8wrlH/5/m7IwehpLwZxGhA2b+VnBg86dlezy
+NI8rpwf7PFhkT4kNrOOSA91QBRVld3+6Btz5e+kRmhZVoc5ux9n1ylTz2kAI3UX1
+JwmVflG697sCAwEAAaMgMB4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4Aw
+DQYJKoZIhvcNAQELBQADgYEAXZiclr6AWO/nU8J5KYzhQBhjIgnm7sKhIvlQzvKd
+ciEdDfkqLajrnwNd30WIqFLiuQywJ39CihxFoTskqzi05bKrfNFXgJ6+GDr/SVew
+YczMY5joe3neK9s5RN+KDa2czm62Hzz6rfesAusIWTTpdL0tu12NgF27Oxg91jvS
+nUc=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/10.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 16 (0x10)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 1 01:01:01 2035 GMT
- Not After : Jan 2 01:01:01 2035 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs4_p1_ta3/emailAddress=cs4_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:e2:60:08:58:af:0f:1b:38:07:8c:9d:b6:88:c5:
- 99:34:c6:da:7f:37:6b:2e:73:4c:d4:4d:96:c8:9f:
- 66:61:4c:cc:97:79:b8:af:68:50:3a:4a:78:d1:57:
- 9a:b4:f3:4d:20:72:e9:5d:eb:99:9f:0d:04:a9:f0:
- 5b:3f:34:29:b8:b5:28:e1:ea:43:9d:0e:ed:70:4a:
- d1:52:13:41:2c:10:6c:5b:bc:8f:65:ff:3b:fc:b6:
- 27:d7:e9:dc:3b:f8:62:d5:45:85:a5:c1:b7:3d:19:
- f9:78:78:90:a4:b6:a5:42:ef:82:f5:17:80:80:63:
- 9d:2d:51:24:3e:a1:4f:cc:17
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- a1:8e:31:d1:59:5e:8a:db:6f:b4:46:46:46:80:17:32:c7:f4:
- 47:db:6e:ff:48:8e:1b:0c:5a:ae:aa:31:74:da:37:df:d4:01:
- 1a:6a:7f:7d:16:1a:5c:d8:a3:56:26:9b:c4:47:ff:4b:40:69:
- 3d:a8:e0:25:da:31:51:61:bc:08:b0:47:1a:2d:ae:56:e9:ba:
- a7:cb:c5:bd:f2:8d:d7:62:72:9d:ff:4d:9f:f7:63:cc:0c:26:
- 19:f1:41:04:f2:82:06:a8:7c:22:ce:7f:af:5a:57:8c:ba:ca:
- 21:8f:95:5d:80:b0:37:6b:c1:7a:ea:3a:7c:3f:c6:bf:42:d7:
- d4:e4
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBEDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0zNTAxMDEwMTAxMDFaFw0zNTAxMDIwMTAxMDFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczRfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczRfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiYAhY
-rw8bOAeMnbaIxZk0xtp/N2suc0zUTZbIn2ZhTMyXebivaFA6SnjRV5q0800gculd
-65mfDQSp8Fs/NCm4tSjh6kOdDu1wStFSE0EsEGxbvI9l/zv8tifX6dw7+GLVRYWl
-wbc9Gfl4eJCktqVC74L1F4CAY50tUSQ+oU/MFwIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQChjjHRWV6K22+0
-RkZGgBcyx/RH227/SI4bDFquqjF02jff1AEaan99Fhpc2KNWJpvER/9LQGk9qOAl
-2jFRYbwIsEcaLa5W6bqny8W98o3XYnKd/02f92PMDCYZ8UEE8oIGqHwizn+vWleM
-usohj5VdgLA3a8F66jp8P8a/QtfU5A==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/11.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/11.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,52 +3,52 @@
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
Validity
- Not Before: Jan 28 02:54:19 2011 GMT
- Not After : Oct 24 02:54:19 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs5_p1_ta3/emailAddress=cs5_p1_ta3
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1_ta3/emailAddress=cs1_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:f6:3f:57:e4:be:9d:29:77:e5:df:08:72:be:67:
- 5c:c6:37:e7:ad:62:33:22:74:bb:f2:82:f6:1d:f1:
- 42:ec:56:c2:6e:d0:bc:f3:e6:a6:91:a1:db:4c:b8:
- 27:c9:38:3d:c9:d3:e0:78:d0:51:23:22:b2:3f:6f:
- 4b:1e:14:53:3e:fb:5a:58:f6:fa:f9:cf:ca:ef:89:
- 34:cd:51:c1:ee:89:32:c4:c1:30:fc:63:51:13:4d:
- b4:55:fd:a5:6c:fd:ea:3c:f7:ea:8c:7d:3e:fb:0d:
- 0e:f7:70:c7:73:ce:01:98:77:fe:db:1f:1c:32:e3:
- 59:ae:26:b1:1d:eb:3c:83:51
+ 00:c0:f4:07:51:f9:0b:0f:11:0a:28:50:d3:7a:43:
+ 1f:24:71:ac:79:35:17:3c:44:b2:f9:67:b6:b3:ee:
+ 73:27:f6:7d:7b:e9:21:66:33:73:54:5e:98:f9:72:
+ 87:cf:e4:6f:4e:d8:65:76:74:65:41:2d:4c:99:d6:
+ 69:82:c9:ca:35:c3:d7:5e:6a:ec:c5:cd:a6:e0:3e:
+ da:00:b6:ae:e6:a6:0f:f1:2d:1a:bd:92:1a:d8:14:
+ ae:92:90:fb:e9:16:e2:38:85:20:df:dd:8a:11:af:
+ c2:3b:37:9b:ce:99:4e:89:ff:32:c7:53:e1:e0:ad:
+ ed:a6:12:96:9d:97:40:96:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 Key Usage:
- Encipher Only
+ X509v3 Key Usage: critical
+ Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- c9:8a:74:1f:0a:fe:1b:e0:19:64:5f:27:2b:1b:e3:d9:45:a0:
- 19:64:00:d8:12:f5:35:e5:65:70:4d:f2:b3:f2:b6:89:81:12:
- 84:56:f7:11:00:ac:79:f8:9f:c6:4e:77:71:3a:f0:da:50:6b:
- f3:ce:cc:44:38:77:00:c2:d7:33:6f:f4:72:34:33:28:4f:d2:
- fa:aa:2e:8d:e0:37:2b:ac:ab:b5:9b:ad:63:d8:7a:79:07:c2:
- 3b:f4:1b:9a:b6:93:1f:31:26:6e:3f:38:a3:9c:c9:19:e4:6e:
- 17:6d:49:af:f8:c5:55:cf:24:c8:ee:57:ce:81:e3:75:e1:c3:
- 27:cf
+ 29:26:20:2c:c3:ae:e3:84:28:2a:15:af:48:cc:a4:87:d2:8b:
+ 7e:dd:76:80:11:f8:4c:e3:97:0c:34:42:96:78:9f:44:97:b6:
+ 61:3f:66:be:24:60:b4:40:0d:8d:56:3b:ec:d3:31:8d:ae:ac:
+ 1a:cb:cf:e5:68:67:21:87:1a:9b:b1:06:18:c4:d8:9b:d0:1a:
+ 4f:ed:8f:8e:5a:d5:4d:24:ea:d0:55:5b:2f:2c:d7:e8:8d:ff:
+ 99:5b:c1:32:55:f2:f4:d3:72:0b:b5:80:0c:8d:ce:8d:83:29:
+ 6f:2e:e1:e0:d7:99:fe:37:b5:3a:14:71:3e:ec:0c:ec:31:7d:
+ 2c:f0
-----BEGIN CERTIFICATE-----
-MIICfzCCAeigAwIBAgIBETANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICfjCCAeegAwIBAgIBETANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTlaFw0xMzEwMjQwMjU0MTlaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczVfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczVfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2P1fk
-vp0pd+XfCHK+Z1zGN+etYjMidLvygvYd8ULsVsJu0Lzz5qaRodtMuCfJOD3J0+B4
-0FEjIrI/b0seFFM++1pY9vr5z8rviTTNUcHuiTLEwTD8Y1ETTbRV/aVs/eo89+qM
-fT77DQ73cMdzzgGYd/7bHxwy41muJrEd6zyDUQIDAQABox0wGzAMBgNVHRMBAf8E
-AjAAMAsGA1UdDwQEAwIAATANBgkqhkiG9w0BAQsFAAOBgQDJinQfCv4b4BlkXycr
-G+PZRaAZZADYEvU15WVwTfKz8raJgRKEVvcRAKx5+J/GTndxOvDaUGvzzsxEOHcA
-wtczb/RyNDMoT9L6qi6N4DcrrKu1m61j2Hp5B8I79BuatpMfMSZuPzijnMkZ5G4X
-bUmv+MVVzyTI7lfOgeN14cMnzw==
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMD0B1H5Cw8R
+CihQ03pDHyRxrHk1FzxEsvlntrPucyf2fXvpIWYzc1RemPlyh8/kb07YZXZ0ZUEt
+TJnWaYLJyjXD115q7MXNpuA+2gC2ruamD/EtGr2SGtgUrpKQ++kW4jiFIN/dihGv
+wjs3m86ZTon/MsdT4eCt7aYSlp2XQJa1AgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBACkmICzDruOEKCoVr0jM
+pIfSi37ddoAR+Ezjlww0QpZ4n0SXtmE/Zr4kYLRADY1WO+zTMY2urBrLz+VoZyGH
+GpuxBhjE2JvQGk/tj45a1U0k6tBVWy8s1+iN/5lbwTJV8vTTcgu1gAyNzo2DKW8u
+4eDXmf43tToUcT7sDOwxfSzw
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/12.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/12.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,52 +3,53 @@
Version: 3 (0x2)
Serial Number: 18 (0x12)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
Validity
- Not Before: Jan 28 02:54:19 2011 GMT
- Not After : Oct 24 02:54:19 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs6_p1_ta3/emailAddress=cs6_p1_ta3
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ch1_ta3/emailAddress=cs2_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c5:6c:6d:f1:28:4b:56:5d:cf:eb:08:28:a6:85:
- c9:c4:1a:e6:f9:ca:41:a3:80:c6:52:63:78:43:23:
- f9:9c:c2:4a:75:d1:fd:c4:d2:1d:da:c7:e1:d6:a7:
- 5e:16:ad:58:c2:55:db:a1:59:06:58:0f:04:1d:ef:
- 68:22:1c:ec:c3:5c:8e:f9:ab:18:5f:63:fc:72:d8:
- 30:4d:c3:ac:b5:88:d9:be:32:fd:fb:04:e8:7e:86:
- 89:96:f7:a9:aa:09:62:f6:db:42:5d:91:90:82:4a:
- 75:ea:7a:a2:3a:13:05:74:c9:c7:75:71:ad:61:3e:
- a1:a3:40:63:04:44:9a:a7:e1
+ 00:d4:90:83:34:09:3e:04:2e:62:40:f3:44:99:9a:
+ 7b:07:be:79:f3:c6:f6:28:0a:51:df:da:aa:fe:b8:
+ d1:9b:1c:b5:73:6a:31:ba:d2:9f:22:44:b7:3b:d8:
+ f6:80:96:c0:4c:e4:6f:48:90:69:81:6c:84:94:68:
+ 33:74:62:9a:04:b0:1e:93:2c:4d:88:cd:9a:72:ce:
+ e9:53:3d:15:3e:73:2c:c9:f0:ed:87:a5:eb:cf:66:
+ 3c:40:3c:a0:76:ac:c8:69:20:b8:f5:a8:fd:17:7a:
+ 3c:eb:62:c9:a2:cc:56:6b:d8:b7:0c:ff:ed:f9:b1:
+ 13:af:c0:69:aa:8d:0f:50:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 Key Usage: critical
- Encipher Only
+ X509v3 Issuer Alternative Name: critical
+ <EMPTY>
+
Signature Algorithm: sha256WithRSAEncryption
- ac:fb:c4:5d:a4:05:8c:fa:cf:99:69:0b:25:aa:5f:75:74:0d:
- b0:96:10:14:71:6c:97:ba:2b:e6:f6:19:80:da:9d:25:89:2f:
- 19:04:ec:c8:2b:da:2a:bc:5a:67:4f:55:fb:f4:e7:c1:de:7e:
- d3:d7:5c:03:34:00:f2:25:5d:55:75:b4:bc:5f:88:13:a0:ff:
- 8d:6b:ae:78:6f:4e:b8:75:f6:8b:7e:5f:85:ac:1c:2a:62:b9:
- 38:72:84:f3:43:50:23:40:79:c8:7b:5c:6d:2a:97:be:76:a8:
- 98:73:e4:c2:51:d2:46:1b:37:c3:32:72:a2:83:56:7e:73:46:
- 1e:cd
+ 94:86:69:18:74:54:9a:9e:e3:69:24:c4:78:73:6c:e9:e5:b3:
+ 0f:22:4d:54:06:28:c3:bb:d5:ef:18:1c:ce:a1:d0:22:27:c8:
+ e3:79:29:7d:c4:32:73:a2:d4:03:f8:1d:ce:cc:08:87:e2:26:
+ b8:39:02:c0:e2:53:39:37:ad:76:d6:3c:54:87:71:ce:8e:df:
+ 01:2a:1d:96:6b:42:d5:0a:b6:0f:c7:9d:11:91:56:27:bf:2a:
+ 4e:14:72:22:21:96:be:7e:42:a1:59:27:3c:30:8d:bb:a9:4b:
+ 2b:75:d8:75:31:c4:e8:5b:cd:bc:2c:51:d4:62:72:45:29:e1:
+ c5:08
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBEjANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICfDCCAeWgAwIBAgIBEjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTlaFw0xMzEwMjQwMjU0MTlaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczZfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczZfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFbG3x
-KEtWXc/rCCimhcnEGub5ykGjgMZSY3hDI/mcwkp10f3E0h3ax+HWp14WrVjCVduh
-WQZYDwQd72giHOzDXI75qxhfY/xy2DBNw6y1iNm+Mv37BOh+homW96mqCWL220Jd
-kZCCSnXqeqI6EwV0ycd1ca1hPqGjQGMERJqn4QIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIAATANBgkqhkiG9w0BAQsFAAOBgQCs+8RdpAWM+s+Z
-aQslql91dA2wlhAUcWyXuivm9hmA2p0liS8ZBOzIK9oqvFpnT1X79OfB3n7T11wD
-NADyJV1VdbS8X4gToP+Na654b064dfaLfl+FrBwqYrk4coTzQ1AjQHnIe1xtKpe+
-dqiYc+TCUdJGGzfDMnKig1Z+c0YezQ==
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczJfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3MyX2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANSQgzQJPgQu
+YkDzRJmaewe+efPG9igKUd/aqv640ZsctXNqMbrSnyJEtzvY9oCWwEzkb0iQaYFs
+hJRoM3RimgSwHpMsTYjNmnLO6VM9FT5zLMnw7Yel689mPEA8oHasyGkguPWo/Rd6
+POtiyaLMVmvYtwz/7fmxE6/AaaqND1DxAgMBAAGjHjAcMAwGA1UdEwEB/wQCMAAw
+DAYDVR0SAQH/BAIwADANBgkqhkiG9w0BAQsFAAOBgQCUhmkYdFSanuNpJMR4c2zp
+5bMPIk1UBijDu9XvGBzOodAiJ8jjeSl9xDJzotQD+B3OzAiH4ia4OQLA4lM5N612
+1jxUh3HOjt8BKh2Wa0LVCrYPx50RkVYnvypOFHIiIZa+fkKhWSc8MI27qUsrddh1
+McToW828LFHUYnJFKeHFCA==
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/13.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/13.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,50 +3,52 @@
Version: 3 (0x2)
Serial Number: 19 (0x13)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
Validity
- Not Before: Jan 28 02:54:19 2011 GMT
- Not After : Oct 24 02:54:19 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs7_p1_ta3/emailAddress=cs7_p1_ta3
+ Not Before: Jan 1 01:01:01 2009 GMT
+ Not After : Jan 2 01:01:01 2009 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_ch1_ta3/emailAddress=cs3_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ba:54:8d:a5:e9:70:76:e3:0b:e5:b9:8f:21:1f:
- ef:1e:24:1b:fe:d5:67:95:ba:23:6b:f6:55:69:92:
- 09:5a:a2:2b:09:72:e7:e5:a7:fb:04:59:cf:27:3f:
- 8a:b8:28:39:d9:02:24:eb:7a:44:73:6c:29:74:8f:
- 5a:a4:ff:c4:e1:40:5e:77:8f:24:8c:4e:d8:e0:31:
- cf:e6:83:e4:4d:5c:77:29:ae:21:58:84:9f:43:d2:
- 8e:cb:d4:75:79:96:59:78:00:de:0f:05:25:b0:bf:
- 81:35:15:27:ac:58:28:09:7a:49:49:17:49:f1:f8:
- b9:b7:a1:7f:66:2b:b3:25:7b
+ 00:bb:c7:fd:cb:1f:d5:2b:00:7f:dc:00:fe:45:5c:
+ 7d:27:a3:8b:18:da:3f:d2:36:0c:57:2b:c4:48:be:
+ 97:01:f1:71:ce:b9:80:e6:0f:d2:3b:36:2d:25:57:
+ 41:1e:e7:7b:2e:5c:d2:ac:17:fc:ae:45:11:7f:bc:
+ d0:32:a0:e3:09:01:29:27:7a:dd:d2:fc:13:9a:ea:
+ d8:d1:6c:be:73:b3:05:a8:fc:39:05:f7:cd:b0:f9:
+ f2:b8:a4:5c:f9:c3:23:2b:05:4e:fe:da:22:42:80:
+ 70:36:66:b9:f4:6a:00:ae:eb:90:60:ee:e8:fc:40:
+ 6f:3c:38:b5:41:5b:bd:3a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 9f:fc:6d:b4:57:4b:9e:63:53:a8:23:d0:d1:e7:cc:87:bc:37:
- c6:a7:b0:00:ab:f2:a0:c5:e8:07:56:7a:3d:e3:ff:0e:56:ce:
- 40:78:09:2e:56:6b:9f:13:99:da:50:c8:90:43:6a:e2:88:b7:
- 7d:7d:25:ef:8f:ca:f7:e4:89:f1:07:15:b4:db:48:82:c7:40:
- 5f:58:fe:07:8d:4e:f1:30:eb:99:97:fe:58:67:04:52:34:88:
- d5:37:c2:fb:a8:07:c3:47:88:5e:11:0b:aa:f0:18:bb:a0:a1:
- 9c:3e:90:b4:44:b9:e5:28:74:6e:9b:ba:e5:40:63:d2:11:aa:
- 9c:bb
+ 0f:9a:2f:85:f1:58:fd:7f:5b:bf:af:dd:ea:c2:fb:6e:8f:ca:
+ 8f:0b:26:91:01:66:20:df:5c:39:e8:97:c3:7c:fa:c4:8f:13:
+ d6:06:7e:6e:51:49:2b:8a:e7:03:b5:6d:68:2a:18:88:a6:05:
+ 07:c2:9c:28:5b:43:60:32:4e:3e:7d:a0:6e:3f:43:b4:c9:a9:
+ 77:7e:bb:01:68:04:96:18:9e:48:c5:0c:d1:f4:3d:3b:69:ed:
+ 57:29:3d:aa:d1:64:5f:f0:07:a7:74:72:11:d8:0b:62:69:c4:
+ 7d:ca:0c:5d:07:0d:b0:06:62:bc:53:32:e9:5f:a5:5b:28:11:
+ bc:bc
-----BEGIN CERTIFICATE-----
-MIICcjCCAdugAwIBAgIBEzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICfjCCAeegAwIBAgIBEzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTlaFw0xMzEwMjQwMjU0MTlaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczdfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczdfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6VI2l
-6XB24wvluY8hH+8eJBv+1WeVuiNr9lVpkglaoisJcuflp/sEWc8nP4q4KDnZAiTr
-ekRzbCl0j1qk/8ThQF53jySMTtjgMc/mg+RNXHcpriFYhJ9D0o7L1HV5lll4AN4P
-BSWwv4E1FSesWCgJeklJF0nx+Lm3oX9mK7MlewIDAQABoxAwDjAMBgNVHRMBAf8E
-AjAAMA0GCSqGSIb3DQEBCwUAA4GBAJ/8bbRXS55jU6gj0NHnzIe8N8ansACr8qDF
-6AdWej3j/w5WzkB4CS5Wa58TmdpQyJBDauKIt319Je+PyvfkifEHFbTbSILHQF9Y
-/geNTvEw65mX/lhnBFI0iNU3wvuoB8NHiF4RC6rwGLugoZw+kLREueUodG6buuVA
-Y9IRqpy7
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0wOTAxMDEwMTAxMDFaFw0wOTAxMDIwMTAxMDFaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczNfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3MzX2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvH/csf1SsA
+f9wA/kVcfSejixjaP9I2DFcrxEi+lwHxcc65gOYP0js2LSVXQR7ney5c0qwX/K5F
+EX+80DKg4wkBKSd63dL8E5rq2NFsvnOzBaj8OQX3zbD58rikXPnDIysFTv7aIkKA
+cDZmufRqAK7rkGDu6PxAbzw4tUFbvTrtAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAA+aL4XxWP1/W7+v3erC
++26Pyo8LJpEBZiDfXDnol8N8+sSPE9YGfm5RSSuK5wO1bWgqGIimBQfCnChbQ2Ay
+Tj59oG4/Q7TJqXd+uwFoBJYYnkjFDNH0PTtp7VcpParRZF/wB6d0chHYC2JpxH3K
+DF0HDbAGYrxTMulfpVsoEby8
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/14.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/14.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,52 +3,52 @@
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
Validity
- Not Before: Jan 28 02:54:20 2011 GMT
- Not After : Oct 24 02:54:20 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_p1_ta3/emailAddress=cs8_p1_ta3
+ Not Before: Jan 1 01:01:01 2035 GMT
+ Not After : Jan 2 01:01:01 2035 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs4_ch1_ta3/emailAddress=cs4_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ad:72:4f:d0:b8:2b:c4:74:c7:91:71:75:5e:89:
- 88:2f:d8:bd:af:cd:40:a0:7b:48:87:a4:dc:63:96:
- 05:79:4c:ba:d7:80:ec:bf:7f:37:9e:6f:62:4c:d6:
- e9:10:f0:46:1b:5c:23:f7:57:a1:1f:63:77:b5:4e:
- 05:fd:17:7e:4a:a6:6d:ed:46:39:c7:e0:45:7b:b7:
- 6f:39:27:64:57:35:4a:d8:01:37:c6:8e:5b:af:28:
- d7:a9:6c:94:23:4b:93:e1:e5:ab:db:7a:0d:b0:2b:
- 1d:e8:99:f5:2e:89:e9:f6:37:aa:a8:09:fb:e2:0a:
- 32:59:0b:ec:1b:4e:e5:ad:43
+ 00:e2:a3:68:41:2d:e9:bf:94:11:27:37:94:63:8c:
+ 27:88:88:90:7c:76:b7:61:8a:e4:00:39:5d:b3:7a:
+ 27:a4:1b:25:7a:d6:4c:79:f2:82:c5:8d:93:0a:21:
+ 5c:f5:37:fc:c3:c5:86:0c:02:37:8d:0f:ed:80:ad:
+ 8f:3b:1d:9d:9b:99:03:52:99:7d:c0:9e:e7:7a:4e:
+ 81:e9:fe:06:9e:94:78:38:29:97:a6:02:8a:35:ee:
+ bc:d9:99:3c:c0:93:11:53:71:35:57:fd:2d:ea:b0:
+ a6:43:d8:04:d8:ef:55:61:fe:b6:33:23:aa:c5:fb:
+ 43:61:ff:ac:02:90:b9:a3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
- CA:TRUE
+ CA:FALSE
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 65:b5:1a:f3:d3:d8:24:ba:ef:c8:38:30:6f:df:d5:06:2d:a3:
- f0:26:48:7f:77:28:a6:3b:48:40:36:bf:16:50:92:aa:12:33:
- e9:70:59:be:7a:72:66:b8:64:5e:d8:22:c7:c8:29:a5:e3:00:
- 31:11:91:e6:b5:1c:00:6e:76:be:07:e2:35:62:88:c9:d9:f5:
- f0:08:bf:2d:b5:e1:db:31:55:86:ee:0b:ee:cd:2f:6b:e0:82:
- 15:42:46:d1:1a:92:b3:f1:7e:4b:1e:65:9e:7c:a3:95:aa:48:
- 7f:23:c8:12:b2:dd:23:57:14:87:94:b5:62:be:bf:ba:44:6e:
- 23:af
+ 2c:43:e8:be:8b:6f:45:f2:ae:4a:ce:f8:dc:5f:bb:0f:86:db:
+ 5b:a7:81:30:2e:92:a8:15:3a:4a:97:cf:48:48:c6:d4:d6:ce:
+ 4c:7f:b0:fe:74:36:9b:7c:0c:27:9c:af:4e:51:1a:7e:aa:52:
+ 5e:f8:06:10:6f:38:d1:47:8b:dd:08:53:e8:66:e5:34:84:d1:
+ 5b:6c:9d:ff:38:c1:af:17:3a:c9:bd:91:c7:f1:f0:b1:35:38:
+ 36:5b:45:44:12:9c:a4:36:d7:4a:2a:34:3a:c2:20:ec:a3:99:
+ e1:e8:b4:e5:1c:38:16:30:e7:cf:4d:92:0d:9b:9f:71:5e:9f:
+ 31:1e
-----BEGIN CERTIFICATE-----
-MIIChTCCAe6gAwIBAgIBFDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICfjCCAeegAwIBAgIBFDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MjBaFw0xMzEwMjQwMjU0MjBaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczhfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczhfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtck/Q
-uCvEdMeRcXVeiYgv2L2vzUCge0iHpNxjlgV5TLrXgOy/fzeeb2JM1ukQ8EYbXCP3
-V6EfY3e1TgX9F35Kpm3tRjnH4EV7t285J2RXNUrYATfGjluvKNepbJQjS5Ph5avb
-eg2wKx3omfUuien2N6qoCfviCjJZC+wbTuWtQwIDAQABoyMwITAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBltRrz09gk
-uu/IODBv39UGLaPwJkh/dyimO0hANr8WUJKqEjPpcFm+enJmuGRe2CLHyCml4wAx
-EZHmtRwAbna+B+I1YojJ2fXwCL8tteHbMVWG7gvuzS9r4IIVQkbRGpKz8X5LHmWe
-fKOVqkh/I8gSst0jVxSHlLVivr+6RG4jrw==
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0zNTAxMDEwMTAxMDFaFw0zNTAxMDIwMTAxMDFaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczRfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M0X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOKjaEEt6b+U
+ESc3lGOMJ4iIkHx2t2GK5AA5XbN6J6QbJXrWTHnygsWNkwohXPU3/MPFhgwCN40P
+7YCtjzsdnZuZA1KZfcCe53pOgen+Bp6UeDgpl6YCijXuvNmZPMCTEVNxNVf9Leqw
+pkPYBNjvVWH+tjMjqsX7Q2H/rAKQuaN9AgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBACxD6L6Lb0XyrkrO+Nxf
+uw+G21ungTAukqgVOkqXz0hIxtTWzkx/sP50Npt8DCecr05RGn6qUl74BhBvONFH
+i90IU+hm5TSE0Vtsnf84wa8XOsm9kcfx8LE1ODZbRUQSnKQ210oqNDrCIOyjmeHo
+tOUcOBYw589Nkg2bn3FenzEe
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/15.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/15.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,52 +3,52 @@
Version: 3 (0x2)
Serial Number: 21 (0x15)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_p1_ta3/emailAddress=cs8_p1_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
Validity
- Not Before: Jan 28 02:54:20 2011 GMT
- Not After : Oct 24 02:54:20 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_cs8_p1_ta3/emailAddress=cs1_cs8_p1_ta3
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs5_ch1_ta3/emailAddress=cs5_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:b7:b3:67:af:2e:4f:cd:e6:84:61:80:0a:6a:0d:
- d7:48:3e:34:76:b9:51:d4:47:4c:20:d1:cb:29:f3:
- cb:30:f9:de:be:4c:dd:3b:7c:8b:ad:2a:b8:90:49:
- f1:e5:e0:93:e9:c4:72:41:b7:c7:1e:ad:fb:6c:84:
- 51:3f:b6:58:cc:15:7a:cf:3c:16:fa:e1:29:2e:57:
- 90:90:5b:d1:55:a6:0c:76:6a:85:6c:19:71:0b:33:
- cc:93:bb:4e:02:59:d0:08:dc:cb:8c:17:1f:40:de:
- fb:ba:b5:24:e0:f0:b3:df:b1:94:d1:7b:80:d9:74:
- a9:44:4e:b7:eb:cd:cf:62:ed
+ 00:bc:38:5a:89:55:f2:97:d1:61:2a:da:f0:93:31:
+ 58:82:70:d0:fd:23:09:38:82:02:d4:f7:cb:a6:27:
+ c0:cf:76:6e:67:03:78:f5:6c:92:77:b6:8a:f4:a8:
+ 36:6e:de:e3:7c:bd:0d:09:c9:7c:92:3a:be:c9:b1:
+ 2b:18:2a:8c:39:6b:b1:18:a7:34:dc:95:8d:cd:4d:
+ 66:78:56:38:56:2c:a2:9f:5e:4d:14:c3:aa:f8:7f:
+ 20:98:1a:53:4b:f5:20:42:f5:b4:30:d7:62:ea:6d:
+ 54:e4:71:55:0c:1c:1c:41:54:7a:2a:48:b1:d0:8e:
+ a6:82:7c:2b:81:cb:a5:b3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
+ X509v3 Key Usage:
+ Encipher Only
Signature Algorithm: sha256WithRSAEncryption
- 7f:59:dd:b6:d7:6a:bf:e7:c2:c0:53:9c:8f:90:e3:e5:3a:75:
- 04:35:ef:d8:39:f9:53:e6:1e:bf:8b:fd:c3:19:21:81:70:09:
- a1:e6:89:6f:9d:3c:f3:9c:c5:00:5b:0c:7d:e3:13:de:cf:1b:
- 10:2b:ab:c3:d2:77:76:03:59:ef:43:39:a9:de:78:e9:a9:a1:
- fb:8b:b4:c7:ec:37:97:5b:65:ee:af:e4:66:c7:42:a8:24:73:
- d2:3f:37:fc:9f:79:93:53:88:81:0b:f6:be:f7:ac:f8:9d:37:
- c8:c6:66:81:2e:f0:8a:0e:41:95:24:9d:4c:90:50:94:51:45:
- 46:8f
+ 3b:c7:de:1c:36:d2:6d:85:e3:8e:2d:4c:fa:74:f7:2a:75:0b:
+ 1b:b4:79:2f:26:0a:3e:7f:b0:44:12:67:e8:89:f1:6e:ca:2d:
+ e6:18:21:27:cb:e2:7f:61:63:ba:f5:0b:91:40:98:22:cd:51:
+ 16:54:c1:00:a9:89:39:79:20:a4:6b:e5:59:ed:9e:ef:c0:2f:
+ e0:3c:2c:8b:ed:fb:1c:2a:8d:87:5b:b7:49:14:bb:b1:5a:36:
+ 13:9d:b4:2a:99:1f:b5:02:9b:07:70:62:aa:c0:92:98:6b:f7:
+ 4a:73:c5:17:a4:5e:b0:09:b2:61:6a:af:62:64:d5:b9:a6:ac:
+ 09:34
-----BEGIN CERTIFICATE-----
-MIICijCCAfOgAwIBAgIBFTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICezCCAeSgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY3M4X3AxX3RhMzEZMBcGCSqGSIb3DQEJARYKY3M4
-X3AxX3RhMzAeFw0xMTAxMjgwMjU0MjBaFw0xMzEwMjQwMjU0MjBaMH4xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRcwFQYDVQQDFA5jczFfY3M4X3AxX3RhMzEdMBsGCSqG
-SIb3DQEJARYOY3MxX2NzOF9wMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
-AoGBALezZ68uT83mhGGACmoN10g+NHa5UdRHTCDRyynzyzD53r5M3Tt8i60quJBJ
-8eXgk+nEckG3xx6t+2yEUT+2WMwVes88FvrhKS5XkJBb0VWmDHZqhWwZcQszzJO7
-TgJZ0Ajcy4wXH0De+7q1JODws9+xlNF7gNl0qUROt+vNz2LtAgMBAAGjIDAeMAwG
-A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAH9Z
-3bbXar/nwsBTnI+Q4+U6dQQ179g5+VPmHr+L/cMZIYFwCaHmiW+dPPOcxQBbDH3j
-E97PGxArq8PSd3YDWe9DOaneeOmpofuLtMfsN5dbZe6v5GbHQqgkc9I/N/yfeZNT
-iIEL9r73rPidN8jGZoEu8IoOQZUknUyQUJRRRUaP
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczVfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M1X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALw4WolV8pfR
+YSra8JMxWIJw0P0jCTiCAtT3y6YnwM92bmcDePVskne2ivSoNm7e43y9DQnJfJI6
+vsmxKxgqjDlrsRinNNyVjc1NZnhWOFYsop9eTRTDqvh/IJgaU0v1IEL1tDDXYupt
+VORxVQwcHEFUeipIsdCOpoJ8K4HLpbNTAgMBAAGjHTAbMAwGA1UdEwEB/wQCMAAw
+CwYDVR0PBAQDAgABMA0GCSqGSIb3DQEBCwUAA4GBADvH3hw20m2F444tTPp09yp1
+Cxu0eS8mCj5/sEQSZ+iJ8W7KLeYYISfL4n9hY7r1C5FAmCLNURZUwQCpiTl5IKRr
+5Vntnu/AL+A8LIvt+xwqjYdbt0kUu7FaNhOdtCqZH7UCmwdwYqrAkphr90pzxRek
+XrAJsmFqr2Jk1bmmrAk0
-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/16.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 22 (0x16)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs6_ch1_ta3/emailAddress=cs6_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:af:e7:4a:85:57:4a:4a:33:36:44:2a:8c:34:c1:
+ 49:47:13:f6:c7:2e:b3:e5:92:c0:be:b6:74:ba:61:
+ 1b:90:cf:09:1e:2f:d4:3a:d1:fa:1d:76:63:5d:2d:
+ 8f:0d:78:c5:93:a1:bf:ec:51:99:7f:90:57:2d:9e:
+ 41:46:fc:6a:e1:03:63:41:78:d7:84:cf:5e:d4:dd:
+ 37:11:1e:cc:37:05:b7:19:ce:9a:5e:eb:75:8b:19:
+ 95:1f:94:d3:d2:b2:ff:88:26:c5:6f:33:59:ad:7b:
+ 70:8e:c9:95:dd:cc:31:f0:a7:69:d0:97:e0:cb:7b:
+ 42:f1:ea:e5:ed:0d:b7:b3:db
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Encipher Only
+ Signature Algorithm: sha256WithRSAEncryption
+ 7d:42:18:30:29:c0:f1:62:57:00:97:dd:b3:b6:87:f5:af:5e:
+ c6:32:71:5e:06:6b:e2:04:04:89:f2:3d:cc:e2:07:92:8a:90:
+ be:47:58:6e:dc:9a:c6:f0:85:88:a0:a9:38:58:ee:32:65:a8:
+ e8:71:c3:9a:1f:f4:d2:b1:f6:01:46:46:cb:69:1a:9a:c1:7c:
+ d0:ca:93:fd:e0:60:22:db:d6:82:03:2e:d7:f8:23:0d:e1:a3:
+ 4e:5b:6e:61:b2:41:b0:96:78:d8:ae:5e:be:6a:7a:28:b6:83:
+ 0d:f2:a8:dc:92:89:6c:55:ae:25:98:8a:0d:0c:1f:9d:72:85:
+ 3c:2d
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBFjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczZfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M2X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK/nSoVXSkoz
+NkQqjDTBSUcT9scus+WSwL62dLphG5DPCR4v1DrR+h12Y10tjw14xZOhv+xRmX+Q
+Vy2eQUb8auEDY0F414TPXtTdNxEezDcFtxnOml7rdYsZlR+U09Ky/4gmxW8zWa17
+cI7Jld3MMfCnadCX4Mt7QvHq5e0Nt7PbAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgABMA0GCSqGSIb3DQEBCwUAA4GBAH1CGDApwPFiVwCX3bO2
+h/WvXsYycV4Ga+IEBInyPcziB5KKkL5HWG7cmsbwhYigqThY7jJlqOhxw5of9NKx
+9gFGRstpGprBfNDKk/3gYCLb1oIDLtf4Iw3ho05bbmGyQbCWeNiuXr5qeii2gw3y
+qNySiWxVriWYig0MH51yhTwt
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/17.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/17.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,52 +3,50 @@
Version: 3 (0x2)
Serial Number: 23 (0x17)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta3/emailAddress=pubCA2_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p2_ta3/emailAddress=cs1_p2_ta3
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs7_ch1_ta3/emailAddress=cs7_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c6:07:89:ed:17:4d:1d:4c:e9:1f:c3:10:f8:63:
- 50:5e:60:65:9b:13:41:07:a9:5a:b1:5e:e9:4d:6f:
- f7:15:b4:23:87:2b:91:c2:71:9f:4f:68:71:f3:24:
- a4:d6:bb:65:78:9b:8e:c5:ac:a4:1d:eb:ac:73:24:
- 19:67:63:95:34:b3:18:56:62:0b:05:c6:4d:9e:92:
- cb:31:30:58:28:8e:e7:b8:f1:32:bc:cf:76:e2:22:
- a5:56:d2:18:a5:ec:83:65:6f:71:85:0c:62:09:a9:
- 94:c7:ef:c9:39:a0:6f:14:0f:b3:66:36:60:95:c5:
- c2:f2:a6:2c:c6:00:4a:fb:6b
+ 00:bb:2d:57:4a:c4:d9:24:b6:78:a5:dc:9d:7b:b9:
+ 68:c6:63:fc:d4:8a:90:b8:24:50:8d:b9:34:5b:c0:
+ ec:16:bf:c9:30:e0:80:70:7a:6c:9e:55:48:95:13:
+ 16:20:5b:a1:7b:10:de:e8:12:65:21:c5:bf:b9:36:
+ 35:76:4f:79:66:49:82:76:69:a1:22:8e:d1:4c:d9:
+ 21:e6:50:b8:31:f1:66:54:20:cc:98:a9:22:bd:53:
+ d2:af:f6:f0:09:ca:1b:a9:85:a5:61:51:66:1d:54:
+ 58:12:6f:35:5b:ac:4c:7a:8b:4f:63:38:49:e5:d8:
+ 02:88:46:75:73:f2:40:fe:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 8e:38:49:09:7d:23:2f:61:62:28:7c:78:5f:28:8b:1c:ba:8d:
- cf:6d:ec:49:20:d2:17:1c:57:0e:e0:b4:c9:0b:75:d6:9c:41:
- 61:f0:60:69:1c:81:2c:0e:58:4c:2b:6c:65:51:0f:63:ab:61:
- 90:d2:99:7b:45:26:a3:68:18:da:b9:28:5c:15:6e:f1:9b:ac:
- cf:06:93:b5:00:33:aa:8c:a0:5d:45:5c:6a:e3:61:78:b8:1a:
- 5b:bc:77:47:e6:36:58:b4:8e:16:01:4d:9a:2b:b3:8b:77:3c:
- fd:14:4b:c6:ee:9d:cf:15:71:ad:9f:c8:b1:e5:16:68:aa:cd:
- 11:47
+ 6f:28:9e:58:6f:5f:79:47:4e:4c:cc:16:0b:d7:7b:f7:47:bd:
+ 3c:2c:0a:5c:7b:9f:18:15:ae:5f:77:85:7e:9b:a5:0b:67:86:
+ 6f:b6:1b:a1:18:c8:c2:1d:e9:5d:1b:af:31:0f:59:18:95:4a:
+ 1b:0c:59:1d:99:3a:63:53:95:b5:f2:8f:3d:52:5d:9c:9d:e0:
+ 25:0e:1b:b6:38:e8:d6:8b:a6:f0:43:c9:c3:9f:f1:6f:6a:de:
+ 4d:24:aa:06:44:8a:c5:ab:8f:d4:53:64:30:44:e2:23:2c:ae:
+ 80:b0:ca:f2:56:7d:bd:23:62:fa:70:25:eb:0c:79:20:98:f9:
+ 54:25
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBFzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICbjCCAdegAwIBAgIBFzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0EyX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0EyX3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDJfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDJfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGB4nt
-F00dTOkfwxD4Y1BeYGWbE0EHqVqxXulNb/cVtCOHK5HCcZ9PaHHzJKTWu2V4m47F
-rKQd66xzJBlnY5U0sxhWYgsFxk2ekssxMFgojue48TK8z3biIqVW0hil7INlb3GF
-DGIJqZTH78k5oG8UD7NmNmCVxcLypizGAEr7awIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQCOOEkJfSMvYWIo
-fHhfKIscuo3PbexJINIXHFcO4LTJC3XWnEFh8GBpHIEsDlhMK2xlUQ9jq2GQ0pl7
-RSajaBjauShcFW7xm6zPBpO1ADOqjKBdRVxq42F4uBpbvHdH5jZYtI4WAU2aK7OL
-dzz9FEvG7p3PFXGtn8ix5RZoqs0RRw==
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczdfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M3X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALstV0rE2SS2
+eKXcnXu5aMZj/NSKkLgkUI25NFvA7Ba/yTDggHB6bJ5VSJUTFiBboXsQ3ugSZSHF
+v7k2NXZPeWZJgnZpoSKO0UzZIeZQuDHxZlQgzJipIr1T0q/28AnKG6mFpWFRZh1U
+WBJvNVusTHqLT2M4SeXYAohGdXPyQP7JAgMBAAGjEDAOMAwGA1UdEwEB/wQCMAAw
+DQYJKoZIhvcNAQELBQADgYEAbyieWG9feUdOTMwWC9d790e9PCwKXHufGBWuX3eF
+fpulC2eGb7YboRjIwh3pXRuvMQ9ZGJVKGwxZHZk6Y1OVtfKPPVJdnJ3gJQ4btjjo
+1oum8EPJw5/xb2reTSSqBkSKxauP1FNkMETiIyyugLDK8lZ9vSNi+nAl6wx5IJj5
+VCU=
-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/18.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 24 (0x18)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_ch1_ta3/emailAddress=cs8_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d8:42:22:89:49:49:9b:1f:c3:68:43:93:5b:e7:
+ be:cd:d6:0d:24:cb:d8:6a:bd:64:c3:8f:31:6f:4f:
+ 38:c4:ca:39:4e:16:35:32:88:bb:03:f0:04:06:aa:
+ e4:e1:11:24:db:b1:e2:d1:1b:3a:45:49:da:0f:36:
+ b6:79:85:4a:42:e4:01:83:75:4d:1e:81:69:30:f0:
+ 64:20:19:63:c0:d4:5d:50:76:bb:a8:e4:56:b7:bb:
+ e0:54:64:f9:73:c7:eb:84:a6:da:4a:58:16:00:a8:
+ cb:e5:c5:b0:1f:ad:eb:fc:2c:08:93:ee:2e:a3:26:
+ 13:3c:a6:46:64:a5:df:f6:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 30:5f:8a:7d:24:03:2b:2a:c1:cf:07:27:e0:f6:d4:1e:fe:8a:
+ cf:57:06:6b:60:70:41:b2:53:75:14:b9:f8:1c:b7:f0:02:44:
+ 4d:89:78:51:7d:3a:b9:b2:f9:54:76:67:ab:53:11:ac:b2:ac:
+ 75:5d:48:f7:55:c4:0a:e4:03:3d:ba:30:75:f1:a1:28:71:3e:
+ 9e:e5:35:84:70:54:a4:d7:f0:ca:5b:29:33:3e:6b:32:88:eb:
+ 49:9d:46:c7:12:75:96:ec:81:91:b8:5e:01:a6:c1:ec:05:a2:
+ 84:46:9b:39:60:7b:91:d1:9e:4f:c8:dd:00:15:f3:aa:1a:e4:
+ 32:85
+-----BEGIN CERTIFICATE-----
+MIICgTCCAeqgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjlaFw0xMzEyMTUwMDQ5MjlaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczhfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M4X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANhCIolJSZsf
+w2hDk1vnvs3WDSTL2Gq9ZMOPMW9POMTKOU4WNTKIuwPwBAaq5OERJNux4tEbOkVJ
+2g82tnmFSkLkAYN1TR6BaTDwZCAZY8DUXVB2u6jkVre74FRk+XPH64Sm2kpYFgCo
+y+XFsB+t6/wsCJPuLqMmEzymRmSl3/ZXAgMBAAGjIzAhMA8GA1UdEwEB/wQFMAMB
+Af8wDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBADBfin0kAysqwc8H
+J+D21B7+is9XBmtgcEGyU3UUufgct/ACRE2JeFF9Ormy+VR2Z6tTEayyrHVdSPdV
+xArkAz26MHXxoShxPp7lNYRwVKTX8MpbKTM+azKI60mdRscSdZbsgZG4XgGmwewF
+ooRGmzlge5HRnk/I3QAV86oa5DKF
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/19.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/19.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,24 +3,24 @@
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA3_ta3/emailAddress=pubCA3_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_ch1_ta3/emailAddress=cs8_ch1_ta3
Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p3_ta3/emailAddress=cs1_p3_ta3
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_cs8_ch1_ta3/emailAddress=cs1_cs8_ch1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:d6:d5:e1:f4:de:f3:97:61:e0:be:91:78:5f:65:
- f1:be:e1:60:cd:6d:77:93:49:f4:72:d7:18:6c:3c:
- 94:6a:a4:e8:fe:d5:48:70:f2:6b:ef:bf:e1:18:ab:
- 2f:93:8a:0a:7f:4d:47:61:46:08:9b:bd:2d:31:a2:
- b0:0e:0b:77:76:01:77:68:9f:c5:6e:ab:6c:6c:07:
- 2e:62:01:39:ef:43:8e:34:0b:dd:cb:47:ad:58:48:
- bb:1c:a8:df:db:ef:b4:1b:77:15:59:95:e6:14:2a:
- de:98:c7:79:58:e2:77:f7:f4:f4:08:79:21:99:16:
- 5a:5e:43:b0:3e:98:af:28:01
+ 00:b7:e1:e5:53:8b:fe:2e:f4:82:1a:1a:10:f8:1d:
+ 3f:0f:04:e4:35:8b:19:20:11:af:ad:c2:ff:5a:12:
+ 04:f0:4e:4d:3a:b3:ce:42:c3:c5:ad:2a:ca:87:04:
+ c2:f3:8a:5c:22:c9:b9:d5:08:ba:5c:9c:1a:06:d8:
+ db:ea:70:6c:0a:8c:22:0a:9c:9b:ea:4d:0f:d9:98:
+ da:df:d8:cd:26:82:f8:ae:77:93:6a:16:3f:54:eb:
+ c1:c7:fc:94:bb:05:dc:9d:cf:ae:bc:71:e9:f0:4a:
+ 09:d7:06:14:d4:db:63:d6:b2:bc:84:9f:90:a0:21:
+ 75:45:2b:f3:2c:fa:e8:98:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- ae:c7:65:5a:78:09:d1:18:b1:ed:5e:2f:3b:7e:41:1f:93:b6:
- 43:7e:33:ab:43:cc:bd:5c:05:ae:b2:51:cc:28:db:22:aa:b5:
- 4c:35:90:09:4f:64:c0:62:04:83:fd:cd:7b:81:61:2e:63:0b:
- 0b:94:f1:b3:c0:d9:a9:91:e9:2a:df:f8:fb:02:01:6f:90:49:
- 15:0e:ac:54:21:5b:e8:9a:37:2f:d3:67:6a:90:21:e5:0d:4b:
- e2:b9:3e:21:c4:a9:5e:f6:91:57:53:77:ae:8e:01:e8:d2:3f:
- 52:fe:27:e9:56:36:eb:91:5e:63:03:8c:51:b7:c1:0e:78:3b:
- 54:38
+ 80:df:ac:6d:f0:f0:d8:14:72:fa:cc:20:8d:9b:58:f2:1e:bf:
+ a1:31:02:e6:2c:09:fe:2e:c2:d9:02:b4:14:57:9a:60:ea:20:
+ 69:5e:ea:ff:30:86:fe:57:6b:f0:39:68:23:d3:0c:aa:82:dc:
+ 2e:47:91:66:a2:05:14:c8:f9:a1:21:7b:77:19:16:fb:6f:52:
+ a6:04:a1:13:cb:89:b3:1e:fe:d0:f4:e4:9b:4a:65:4a:59:a6:
+ 12:1f:0b:ed:82:bb:06:4b:da:73:52:d5:3f:c7:8a:b2:ba:3f:
+ 78:73:d6:11:ae:94:62:18:db:86:da:1d:87:75:47:df:66:89:
+ 6e:3d
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBGTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICjzCCAfigAwIBAgIBGTANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0EzX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0EzX3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDNfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDNfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDW1eH0
-3vOXYeC+kXhfZfG+4WDNbXeTSfRy1xhsPJRqpOj+1Uhw8mvvv+EYqy+Tigp/TUdh
-RgibvS0xorAOC3d2AXdon8Vuq2xsBy5iATnvQ440C93LR61YSLscqN/b77QbdxVZ
-leYUKt6Yx3lY4nf39PQIeSGZFlpeQ7A+mK8oAQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQCux2VaeAnRGLHt
-Xi87fkEfk7ZDfjOrQ8y9XAWuslHMKNsiqrVMNZAJT2TAYgSD/c17gWEuYwsLlPGz
-wNmpkekq3/j7AgFvkEkVDqxUIVvomjcv02dqkCHlDUviuT4hxKle9pFXU3eujgHo
-0j9S/ifpVjbrkV5jA4xRt8EOeDtUOA==
+ChMEcGtnNTEUMBIGA1UEAxQLY3M4X2NoMV90YTMxGjAYBgkqhkiG9w0BCQEWC2Nz
+OF9jaDFfdGEzMB4XDTExMDMyMTAwNDkyOVoXDTEzMTIxNTAwNDkyOVowgYAxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MRgwFgYDVQQDFA9jczFfY3M4X2NoMV90YTMxHjAc
+BgkqhkiG9w0BCQEWD2NzMV9jczhfY2gxX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAt+HlU4v+LvSCGhoQ+B0/DwTkNYsZIBGvrcL/WhIE8E5NOrPOQsPF
+rSrKhwTC84pcIsm51Qi6XJwaBtjb6nBsCowiCpyb6k0P2Zja39jNJoL4rneTahY/
+VOvBx/yUuwXcnc+uvHHp8EoJ1wYU1Ntj1rK8hJ+QoCF1RSvzLPromM0CAwEAAaMg
+MB4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQAD
+gYEAgN+sbfDw2BRy+swgjZtY8h6/oTEC5iwJ/i7C2QK0FFeaYOogaV7q/zCG/ldr
+8DloI9MMqoLcLkeRZqIFFMj5oSF7dxkW+29SpgShE8uJsx7+0PTkm0plSlmmEh8L
+7YK7Bkvac1LVP8eKsro/eHPWEa6UYhjbhtodh3VH32aJbj0=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/1B.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/1B.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,24 +3,24 @@
Version: 3 (0x2)
Serial Number: 27 (0x1b)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA4_ta3/emailAddress=pubCA4_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta3/emailAddress=ch1.1_ta3
Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p4_ta3/emailAddress=cs1_p4_ta3
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.1_ta3/emailAddress=cs1_ch1.1_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c8:26:36:d7:20:0b:17:ac:dc:e5:21:93:5f:12:
- cc:69:bc:3a:38:c8:78:8a:8c:f9:a8:6a:f3:25:ca:
- 24:ec:71:78:ea:52:45:15:c8:8c:96:0b:95:02:ed:
- 46:80:43:76:fd:e0:45:c8:34:26:ac:cd:c0:63:e7:
- d0:87:29:24:1a:d6:05:94:88:6d:0b:cd:1a:eb:c4:
- bf:5f:6f:01:d5:ab:a6:cf:01:61:aa:e9:77:93:f5:
- 9f:a1:78:7e:e0:5e:99:e0:c8:c8:cb:6b:7e:55:ab:
- 1b:a2:87:a0:d6:27:2d:3e:e1:f9:56:4a:c4:ca:cc:
- 41:f1:6a:59:cd:23:c4:93:13
+ 00:9e:9e:a5:8e:28:f4:bd:9e:0d:46:b9:af:dc:80:
+ 5a:72:49:2f:c8:27:3c:66:ba:13:cb:57:04:0c:0b:
+ a1:71:e2:a0:97:ba:08:79:8c:43:8a:c8:49:5c:8d:
+ a9:b9:79:11:17:68:ea:ca:01:1b:68:0f:98:f6:86:
+ eb:e6:3f:d6:c8:96:a0:b8:5b:93:89:9c:d7:bc:b7:
+ 62:80:68:74:f8:bd:76:33:77:7c:13:ea:f3:53:dc:
+ 30:ce:80:46:93:51:2e:6a:49:bd:bd:48:a7:44:0b:
+ bf:a2:f7:79:b1:34:27:72:b0:e7:1e:13:3e:ec:0e:
+ 7e:bf:00:eb:e3:ac:77:62:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 6d:63:cd:fa:b7:a9:1e:6b:2f:31:e5:a5:84:4b:97:f2:ed:33:
- 21:a8:99:64:fe:72:97:a6:5e:a2:83:8c:20:fe:56:bc:6b:a5:
- 63:39:dd:6d:d7:c6:8c:0e:2c:9a:fb:ad:06:b8:be:6e:bd:f1:
- 54:02:ad:92:c8:52:23:ea:47:53:c3:9a:87:ff:62:56:d9:9e:
- 3b:6b:90:c9:e2:8c:e2:bc:f0:5c:25:b6:cd:a0:e2:cd:23:45:
- e3:b3:21:ad:ee:69:8b:fd:5a:8d:9f:89:29:59:e4:03:ff:be:
- 2f:e5:97:4c:bc:ee:8e:e4:a3:bb:48:6c:25:ed:2f:b3:92:f3:
- 39:80
+ ac:d1:6e:7d:ab:d7:f2:e1:83:3d:79:74:3f:c3:64:61:81:b0:
+ 68:84:57:1d:3a:21:e4:93:ac:82:e2:11:e0:15:c6:bb:a1:b9:
+ 7f:59:96:00:63:31:99:e9:77:d9:b1:cd:b5:87:3d:1e:96:ab:
+ c1:1b:90:05:1c:b2:0b:f3:42:26:87:61:79:a7:0f:dc:fb:f3:
+ e6:4f:65:ff:a1:2b:64:06:9e:82:82:45:a3:4f:0b:3c:67:31:
+ c2:ea:6f:dd:06:d3:b5:a0:e0:d1:a0:a9:fd:1e:cb:e2:0b:82:
+ 7d:aa:08:5f:bd:12:18:d4:1d:77:7e:35:1c:6e:67:68:bb:0b:
+ a4:2c
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBGzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIChjCCAe+gAwIBAgIBGzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0E0X3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0E0X3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDRfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDRfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIJjbX
-IAsXrNzlIZNfEsxpvDo4yHiKjPmoavMlyiTscXjqUkUVyIyWC5UC7UaAQ3b94EXI
-NCaszcBj59CHKSQa1gWUiG0LzRrrxL9fbwHVq6bPAWGq6XeT9Z+heH7gXpngyMjL
-a35Vqxuih6DWJy0+4flWSsTKzEHxalnNI8STEwIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBtY836t6keay8x
-5aWES5fy7TMhqJlk/nKXpl6ig4wg/la8a6VjOd1t18aMDiya+60GuL5uvfFUAq2S
-yFIj6kdTw5qH/2JW2Z47a5DJ4ozivPBcJbbNoOLNI0XjsyGt7mmL/VqNn4kpWeQD
-/74v5ZdMvO6O5KO7SGwl7S+zkvM5gA==
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjFfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+MV90YTMwHhcNMTEwMzIxMDA0OTI5WhcNMTMxMjE1MDA0OTI5WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4xX3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4xX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+np6ljij0vZ4NRrmv3IBackkvyCc8ZroTy1cEDAuhceKgl7oIeYxDishJXI2puXkR
+F2jqygEbaA+Y9obr5j/WyJaguFuTiZzXvLdigGh0+L12M3d8E+rzU9wwzoBGk1Eu
+akm9vUinRAu/ovd5sTQncrDnHhM+7A5+vwDr46x3Yh8CAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEArNFufavX
+8uGDPXl0P8NkYYGwaIRXHToh5JOsguIR4BXGu6G5f1mWAGMxmel32bHNtYc9Hpar
+wRuQBRyyC/NCJodheacP3Pvz5k9l/6ErZAaegoJFo08LPGcxwupv3QbTtaDg0aCp
+/R7L4guCfaoIX70SGNQdd341HG5naLsLpCw=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/1D.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/1D.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,24 +3,24 @@
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA5_ta3/emailAddress=pubCA5_ta3
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.2_ta3/emailAddress=ch1.2_ta3
Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p5_ta3/emailAddress=cs1_p5_ta3
+ Not Before: Mar 21 00:49:30 2011 GMT
+ Not After : Dec 15 00:49:30 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.2_ta3/emailAddress=cs1_ch1.2_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:b3:b9:bc:52:49:6a:cc:8f:ca:8e:6d:1e:40:87:
- 3a:c6:c9:00:0b:93:e1:76:45:27:3e:d2:8c:db:2c:
- 06:35:f3:06:df:4b:e9:63:3e:0e:62:2d:9c:86:6f:
- 05:a3:90:6e:4e:b2:89:c7:c5:60:7a:8f:f0:7a:f8:
- 53:31:fe:e4:c3:e4:ae:09:67:4a:15:f5:ae:97:a1:
- 6c:1f:ec:0a:99:ea:25:4f:a7:fe:f8:e0:55:e1:23:
- ba:65:08:3b:42:ac:c6:b1:30:b5:c5:ed:10:5b:3e:
- 06:d0:63:fb:da:d2:39:e0:fa:b6:17:ac:cb:c0:ed:
- ae:54:cf:f9:73:e4:e8:e4:2d
+ 00:a1:cf:9c:66:1e:c9:07:ed:2b:39:8a:5f:e5:f2:
+ f1:d3:f2:ad:01:f1:81:85:63:04:7f:b8:65:35:05:
+ e6:bd:3d:28:97:96:54:bc:ae:1b:46:b5:5c:f5:c0:
+ ac:75:63:4f:52:80:8b:4c:30:81:8e:85:96:a4:f1:
+ 46:e7:77:1e:7f:3e:80:10:41:cc:e7:92:73:ad:fb:
+ fb:0d:3a:2b:e2:d6:43:0e:ef:b9:54:06:2e:f7:1d:
+ 1d:aa:57:49:06:3e:65:8e:a9:9d:09:0e:83:55:12:
+ de:39:91:44:86:ba:d4:69:be:b8:89:a1:7b:8c:60:
+ 39:30:ea:95:f9:03:3e:c4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 26:bd:71:87:c8:bb:70:76:91:0f:7a:68:e5:4b:2c:80:ba:73:
- 7c:65:30:b5:16:4f:7a:0a:27:17:90:bc:74:c5:6a:c4:ab:3c:
- 3c:78:f5:87:ad:cf:68:1a:4e:1d:10:34:3f:b7:a5:18:d9:d3:
- f7:79:82:7d:16:08:77:d0:20:2c:cd:a1:2d:95:be:fb:d3:64:
- d4:07:b3:3f:51:a4:6f:77:dc:c3:a9:3a:f9:bc:10:49:80:5a:
- f6:2e:d1:c3:34:40:05:6a:65:7a:40:08:4a:e5:32:f3:de:0d:
- 87:7e:cf:fd:8b:a4:9d:2c:28:9c:ee:9d:f4:45:a4:9c:c6:0c:
- d0:25
+ 25:86:6a:6e:7a:be:f5:54:95:b2:ce:49:56:50:fa:ad:e3:34:
+ 84:fe:d9:9e:fb:0e:73:f7:62:3c:c7:29:95:54:91:68:32:cb:
+ 74:91:91:cc:68:a8:e4:12:07:b3:33:d9:f4:5e:bc:8e:0c:35:
+ bf:cb:fa:fc:07:75:c1:35:1e:ea:03:2d:60:a8:d3:39:5b:af:
+ 2f:67:d9:2d:98:da:48:4e:12:ee:87:1c:e5:db:42:7e:ca:45:
+ 4c:23:3d:21:53:fc:ee:66:77:9d:09:08:44:55:9b:2a:0d:10:
+ da:67:77:89:70:00:97:9b:eb:3a:b4:41:98:16:31:cf:bc:b5:
+ 88:bf
-----BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBHTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIChjCCAe+gAwIBAgIBHTANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0E1X3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0E1X3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDVfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDVfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzubxS
-SWrMj8qObR5AhzrGyQALk+F2RSc+0ozbLAY18wbfS+ljPg5iLZyGbwWjkG5OsonH
-xWB6j/B6+FMx/uTD5K4JZ0oV9a6XoWwf7AqZ6iVPp/744FXhI7plCDtCrMaxMLXF
-7RBbPgbQY/va0jng+rYXrMvA7a5Uz/lz5OjkLQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQAmvXGHyLtwdpEP
-emjlSyyAunN8ZTC1Fk96CicXkLx0xWrEqzw8ePWHrc9oGk4dEDQ/t6UY2dP3eYJ9
-Fgh30CAszaEtlb7702TUB7M/UaRvd9zDqTr5vBBJgFr2LtHDNEAFamV6QAhK5TLz
-3g2Hfs/9i6SdLCic7p30RaScxgzQJQ==
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjJfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+Ml90YTMwHhcNMTEwMzIxMDA0OTMwWhcNMTMxMjE1MDA0OTMwWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4yX3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4yX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+oc+cZh7JB+0rOYpf5fLx0/KtAfGBhWMEf7hlNQXmvT0ol5ZUvK4bRrVc9cCsdWNP
+UoCLTDCBjoWWpPFG53cefz6AEEHM55Jzrfv7DTor4tZDDu+5VAYu9x0dqldJBj5l
+jqmdCQ6DVRLeOZFEhrrUab64iaF7jGA5MOqV+QM+xFMCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAJYZqbnq+
+9VSVss5JVlD6reM0hP7ZnvsOc/diPMcplVSRaDLLdJGRzGio5BIHszPZ9F68jgw1
+v8v6/Ad1wTUe6gMtYKjTOVuvL2fZLZjaSE4S7occ5dtCfspFTCM9IVP87mZ3nQkI
+RFWbKg0Q2md3iXAAl5vrOrRBmBYxz7y1iL8=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/1F.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/1F.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,54 +3,52 @@
Version: 3 (0x2)
Serial Number: 31 (0x1f)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.3_ta3/emailAddress=ch1.3_ta3
Validity
- Not Before: Jan 28 02:54:22 2011 GMT
- Not After : Oct 24 02:54:22 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta4/emailAddress=cs1_ta4
+ Not Before: Mar 21 00:49:31 2011 GMT
+ Not After : Dec 15 00:49:31 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.3_ta3/emailAddress=cs1_ch1.3_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:95:55:70:3f:0a:52:f5:90:a0:00:22:11:4d:bf:
- 05:f7:8b:55:2d:8a:1e:66:41:7f:4c:bd:55:09:d3:
- ba:67:0a:c8:80:36:85:a9:90:b2:d3:95:e5:e7:2a:
- f6:91:b6:b3:3c:81:ef:1c:0c:fb:85:91:51:0a:74:
- 05:97:9d:25:17:be:fe:0d:8c:b4:84:37:74:0a:b0:
- e0:f6:74:20:7d:2c:b1:3b:c0:0e:3f:fc:9c:05:26:
- be:0f:41:23:ff:d9:1d:a3:5d:08:f0:33:de:43:d3:
- d2:e5:f1:00:3d:aa:c2:24:cd:4f:35:cc:d1:9b:5b:
- e1:e0:61:11:93:26:e1:ba:ef
+ 00:aa:61:a0:81:fa:99:8a:7d:cb:3e:99:2a:83:5b:
+ 29:10:80:63:6c:51:35:6b:ed:fa:fe:09:07:bc:f1:
+ c7:01:58:63:05:a9:1f:69:4c:36:c0:90:f6:e5:02:
+ ba:d3:2d:ae:ee:53:80:61:18:d6:d6:60:58:8f:07:
+ 14:ec:c2:3d:89:7b:33:90:1c:92:2f:91:fc:77:6b:
+ 52:fa:cf:97:9e:22:69:62:de:25:b4:9b:52:bc:51:
+ c7:04:9d:37:8b:cf:ec:3e:e5:62:76:bb:62:f8:34:
+ 10:6b:28:86:0a:c5:20:e7:3e:e5:76:9f:97:31:2a:
+ 04:0b:02:10:85:c8:48:bc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/pubCA1_ta4_crl.pem
-
+ X509v3 Key Usage: critical
+ Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 45:36:7b:d8:11:49:e9:43:46:59:2a:a4:46:1f:43:37:1e:88:
- 7c:f6:35:f4:e3:b0:a5:8d:cf:77:80:94:84:01:5a:13:9d:1f:
- 84:d5:81:e1:9d:fd:8a:ef:ca:41:f2:df:9c:6f:d5:04:29:e6:
- 55:ab:0b:5c:40:88:a4:8e:d2:48:4b:12:d7:03:91:ec:75:4b:
- 40:b0:37:dd:8c:66:32:36:9c:1e:9d:56:6b:d3:40:91:ca:89:
- 1f:1f:3e:f9:71:e3:d6:d8:fe:09:34:03:dd:b5:3e:e8:66:be:
- 88:a4:3b:94:25:b5:a9:a8:49:d1:bb:44:1a:d3:40:d6:01:d3:
- 1f:58
+ 76:14:29:01:64:51:13:47:26:13:73:43:4e:ac:a9:6b:6e:46:
+ 04:32:7f:b7:f7:6c:6e:73:d1:d2:10:a3:4a:98:7f:c2:57:19:
+ 18:d7:d6:a0:2d:e2:2b:17:4a:49:cc:d8:1e:63:0f:82:88:03:
+ 2e:c2:cf:26:56:24:22:2a:48:73:54:08:97:a0:24:91:6a:05:
+ 63:4a:1f:01:28:06:0b:03:93:b8:75:9e:44:2d:7e:45:6c:a6:
+ c5:35:e0:0f:98:0c:a5:5a:2b:8a:c2:c1:83:f0:b6:b9:84:58:
+ f5:de:d4:b8:68:7d:de:b5:a3:9a:a0:33:91:23:fa:6c:b8:32:
+ 55:fb
-----BEGIN CERTIFICATE-----
-MIICrzCCAhigAwIBAgIBHzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIChjCCAe+gAwIBAgIBHzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNDAeFw0xMTAxMjgwMjU0MjJaFw0xMzEwMjQwMjU0MjJaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczFfdGE0MRYwFAYJKoZIhvcNAQkB
-FgdjczFfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVVXA/ClL1kKAA
-IhFNvwX3i1Utih5mQX9MvVUJ07pnCsiANoWpkLLTleXnKvaRtrM8ge8cDPuFkVEK
-dAWXnSUXvv4NjLSEN3QKsOD2dCB9LLE7wA4//JwFJr4PQSP/2R2jXQjwM95D09Ll
-8QA9qsIkzU81zNGbW+HgYRGTJuG67wIDAQABo1MwUTAMBgNVHRMBAf8EAjAAMEEG
-A1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmlsZS8wL3B1
-YkNBMV90YTRfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQBFNnvYEUnpQ0ZZKqRG
-H0M3Hoh89jX047Cljc93gJSEAVoTnR+E1YHhnf2K78pB8t+cb9UEKeZVqwtcQIik
-jtJISxLXA5HsdUtAsDfdjGYyNpwenVZr00CRyokfHz75cePW2P4JNAPdtT7oZr6I
-pDuUJbWpqEnRu0Qa00DWAdMfWA==
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjNfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+M190YTMwHhcNMTEwMzIxMDA0OTMxWhcNMTMxMjE1MDA0OTMxWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4zX3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4zX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+qmGggfqZin3LPpkqg1spEIBjbFE1a+36/gkHvPHHAVhjBakfaUw2wJD25QK60y2u
+7lOAYRjW1mBYjwcU7MI9iXszkBySL5H8d2tS+s+XniJpYt4ltJtSvFHHBJ03i8/s
+PuVidrti+DQQayiGCsUg5z7ldp+XMSoECwIQhchIvGUCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAdhQpAWRR
+E0cmE3NDTqypa25GBDJ/t/dsbnPR0hCjSph/wlcZGNfWoC3iKxdKSczYHmMPgogD
+LsLPJlYkIipIc1QIl6AkkWoFY0ofASgGCwOTuHWeRC1+RWymxTXgD5gMpVorisLB
+g/C2uYRY9d7UuGh93rWjmqAzkSP6bLgyVfs=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/20.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,67 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 32 (0x20)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Validity
- Not Before: Jan 28 02:54:23 2011 GMT
- Not After : Oct 24 02:54:23 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ta4/emailAddress=cs2_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:97:56:b9:2f:de:53:80:7f:22:c6:a7:29:ce:40:
- 5e:85:76:ad:87:36:38:f2:31:66:99:32:e0:34:2e:
- bd:10:a9:26:f5:1e:dc:27:6e:57:4e:9d:37:1b:ad:
- 14:d2:ba:60:44:2c:13:b2:fc:61:25:33:6f:a9:9e:
- d4:4a:52:28:16:51:3d:6c:3a:f1:43:80:6b:c1:69:
- d7:71:3a:6e:f7:04:8a:ae:2e:95:70:2a:fc:f0:25:
- 50:9d:c6:bd:04:4b:89:1c:ae:22:83:cb:45:2e:d3:
- 7b:74:c4:92:77:ff:bf:5b:a9:73:99:16:30:c9:26:
- c2:16:b9:c2:63:93:e6:5b:a7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 55:DA:B0:E8:E1:F8:5F:D8:68:15:30:36:72:6A:69:CF:9D:A5:F3:FC
- X509v3 Authority Key Identifier:
- keyid:D3:DE:A8:63:F4:5C:5D:8E:DD:53:9F:D7:9E:90:14:71:D1:21:88:4B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:1E
-
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/example_file
-
- Signature Algorithm: sha256WithRSAEncryption
- a4:03:ef:02:5d:84:d8:d3:87:f1:57:35:ae:ec:f1:10:22:4c:
- 26:35:fc:8c:25:c3:2e:e6:5b:0c:46:1a:bf:19:8f:af:b4:f3:
- ad:3e:f0:e2:f5:86:6e:67:fa:d7:9e:d3:db:27:64:df:a5:90:
- 5f:b7:65:8a:47:8a:76:fb:7c:d9:3d:d3:39:17:bc:cc:d6:fc:
- 43:d3:9a:db:8d:10:35:56:7d:88:0e:2c:e8:37:fd:dd:2a:bc:
- de:79:9e:e2:04:d5:7f:93:fb:1f:e2:de:ca:66:27:10:c5:ea:
- b2:41:1b:c0:55:04:37:aa:52:65:9c:d1:cd:39:04:e6:6c:45:
- e0:18
------BEGIN CERTIFICATE-----
-MIIDYDCCAsmgAwIBAgIBIDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNDAeFw0xMTAxMjgwMjU0MjNaFw0xMzEwMjQwMjU0MjNaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczJfdGE0MRYwFAYJKoZIhvcNAQkB
-FgdjczJfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXVrkv3lOAfyLG
-pynOQF6Fdq2HNjjyMWaZMuA0Lr0QqSb1HtwnbldOnTcbrRTSumBELBOy/GElM2+p
-ntRKUigWUT1sOvFDgGvBaddxOm73BIquLpVwKvzwJVCdxr0ES4kcriKDy0Uu03t0
-xJJ3/79bqXOZFjDJJsIWucJjk+ZbpwIDAQABo4IBAjCB/zAdBgNVHQ4EFgQUVdqw
-6OH4X9hoFTA2cmppz52l8/wwgZIGA1UdIwSBijCBh4AU096oY/RcXY7dU5/XnpAU
-cdEhiEuhbKRqMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMw
-EQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQx
-EjAQBgkqhkiG9w0BCQEWA3RhNIIBHjAMBgNVHRMBAf8EAjAAMDsGA1UdHwQ0MDIw
-MKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmlsZS8wL2V4YW1wbGVfZmls
-ZTANBgkqhkiG9w0BAQsFAAOBgQCkA+8CXYTY04fxVzWu7PEQIkwmNfyMJcMu5lsM
-Rhq/GY+vtPOtPvDi9YZuZ/rXntPbJ2TfpZBft2WKR4p2+3zZPdM5F7zM1vxD05rb
-jRA1Vn2IDizoN/3dKrzeeZ7iBNV/k/sf4t7KZicQxeqyQRvAVQQ3qlJlnNHNOQTm
-bEXgGA==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/21.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/21.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,64 +3,52 @@
Version: 3 (0x2)
Serial Number: 33 (0x21)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.4_ta3/emailAddress=ch1.4_ta3
Validity
- Not Before: Jan 28 02:54:24 2011 GMT
- Not After : Oct 24 02:54:24 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_ta4/emailAddress=cs3_ta4
+ Not Before: Mar 21 00:49:31 2011 GMT
+ Not After : Dec 15 00:49:31 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.4_ta3/emailAddress=cs1_ch1.4_ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:df:30:e0:c4:9f:26:44:f8:b3:84:3f:7a:f8:a9:
- 76:a5:47:03:03:2f:c9:56:78:95:3c:0a:57:da:06:
- 2d:45:bf:fd:b3:72:5c:e9:89:44:c7:cd:4e:de:a1:
- c7:02:33:c2:26:4e:06:34:77:62:5e:85:2f:79:e9:
- 9b:91:de:c2:24:dc:b7:7c:b3:9d:fe:41:66:26:6c:
- 8f:37:31:d1:43:ee:ec:8b:ba:b8:86:38:7a:9d:79:
- 65:ac:f6:ca:fe:a8:ff:36:6a:7c:46:54:80:b7:90:
- 82:fd:87:85:ac:1a:9a:0d:81:2f:f8:fb:4d:d3:72:
- a3:86:5a:85:0f:21:a2:94:b9
+ 00:c6:b7:dc:6a:06:a3:1f:5a:98:5f:cd:0e:f1:c3:
+ 40:bd:b3:9e:73:68:16:78:a1:5e:e9:a2:0c:32:68:
+ 56:db:cb:9f:b8:dd:89:c1:f3:7b:b9:61:0e:9e:e1:
+ ff:ad:b3:43:4d:c3:c9:9e:9a:5e:58:48:50:7b:b7:
+ f8:20:0e:54:ce:4c:41:b8:b2:73:0a:6f:f1:0c:40:
+ 3b:81:4a:a1:42:da:01:6a:cd:03:65:a6:83:ff:29:
+ 41:40:45:31:d9:fd:7f:f4:e4:09:38:9f:66:a9:a4:
+ d4:9a:a5:80:6a:9e:43:11:cc:7a:4f:13:84:cc:7f:
+ 21:f9:4c:93:ec:d0:9c:f6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
- X509v3 Subject Key Identifier:
- 11:88:8F:A2:52:4A:58:E7:DF:84:EC:BF:D8:4F:8B:88:81:5A:A4:B0
- X509v3 Authority Key Identifier:
- keyid:D3:DE:A8:63:F4:5C:5D:8E:DD:53:9F:D7:9E:90:14:71:D1:21:88:4B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:1E
-
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 CRL Distribution Points:
- URI:foo://bar/baz
-
+ X509v3 Key Usage: critical
+ Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- ac:a1:4c:cc:d5:75:ae:d4:85:75:01:b3:f6:a0:88:d0:48:25:
- 1b:ca:76:6e:2c:69:df:da:1e:53:89:4e:ed:31:64:a9:a5:96:
- 25:63:15:a1:f5:49:fa:a7:21:5e:8d:84:82:75:74:31:0b:24:
- 03:2d:c0:96:66:f8:40:fb:a4:ca:de:44:1a:a7:ab:08:27:ea:
- f5:eb:a6:fe:34:a8:8b:61:95:53:51:e7:01:3d:ba:a9:93:be:
- 49:71:11:0d:dd:02:b7:97:15:ff:e6:8d:98:58:0d:fb:4d:5c:
- e0:28:db:8e:34:3c:40:14:85:84:2d:38:24:56:2d:5c:5f:ac:
- 64:a9
+ 95:16:43:f9:f7:e3:76:6f:54:ff:74:78:05:e4:85:ae:b0:94:
+ 72:db:f0:d9:99:f7:6d:b6:f7:35:f3:db:c5:87:65:0f:88:65:
+ 8f:06:6f:f2:d7:5f:be:4f:e0:56:02:8e:f5:d5:42:22:48:74:
+ 3b:23:f9:76:82:3d:b0:d6:51:cd:d9:76:bd:22:4d:6d:24:c7:
+ 77:89:c5:9c:38:a9:db:f1:2b:16:16:11:e9:64:71:e3:a4:34:
+ 9a:83:dd:d4:14:38:b6:bf:06:46:b3:a6:e3:d9:8b:e9:cb:5b:
+ e1:fb:c1:30:34:aa:cf:1a:4d:66:39:5f:06:7e:39:ac:6e:01:
+ 81:b7
-----BEGIN CERTIFICATE-----
-MIIDQjCCAqugAwIBAgIBITANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIChjCCAe+gAwIBAgIBITANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNDAeFw0xMTAxMjgwMjU0MjRaFw0xMzEwMjQwMjU0MjRaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczNfdGE0MRYwFAYJKoZIhvcNAQkB
-FgdjczNfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfMODEnyZE+LOE
-P3r4qXalRwMDL8lWeJU8ClfaBi1Fv/2zclzpiUTHzU7eoccCM8ImTgY0d2JehS95
-6ZuR3sIk3Ld8s53+QWYmbI83MdFD7uyLuriGOHqdeWWs9sr+qP82anxGVIC3kIL9
-h4WsGpoNgS/4+03TcqOGWoUPIaKUuQIDAQABo4HlMIHiMB0GA1UdDgQWBBQRiI+i
-UkpY59+E7L/YT4uIgVqksDCBkgYDVR0jBIGKMIGHgBTT3qhj9Fxdjt1Tn9eekBRx
-0SGIS6FspGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzAR
-BgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhNDES
-MBAGCSqGSIb3DQEJARYDdGE0ggEeMAwGA1UdEwEB/wQCMAAwHgYDVR0fBBcwFTAT
-oBGgD4YNZm9vOi8vYmFyL2JhejANBgkqhkiG9w0BAQsFAAOBgQCsoUzM1XWu1IV1
-AbP2oIjQSCUbynZuLGnf2h5TiU7tMWSppZYlYxWh9Un6pyFejYSCdXQxCyQDLcCW
-ZvhA+6TK3kQap6sIJ+r166b+NKiLYZVTUecBPbqpk75JcREN3QK3lxX/5o2YWA37
-TVzgKNuONDxAFIWELTgkVi1cX6xkqQ==
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjRfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+NF90YTMwHhcNMTEwMzIxMDA0OTMxWhcNMTMxMjE1MDA0OTMxWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS40X3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS40X3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+xrfcagajH1qYX80O8cNAvbOec2gWeKFe6aIMMmhW28ufuN2JwfN7uWEOnuH/rbND
+TcPJnppeWEhQe7f4IA5UzkxBuLJzCm/xDEA7gUqhQtoBas0DZaaD/ylBQEUx2f1/
+9OQJOJ9mqaTUmqWAap5DEcx6TxOEzH8h+UyT7NCc9lUCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAlRZD+ffj
+dm9U/3R4BeSFrrCUctvw2Zn3bbb3NfPbxYdlD4hljwZv8tdfvk/gVgKO9dVCIkh0
+OyP5doI9sNZRzdl2vSJNbSTHd4nFnDip2/ErFhYR6WRx46Q0moPd1BQ4tr8GRrOm
+49mL6ctb4fvBMDSqzxpNZjlfBn45rG4Bgbc=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/23.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/23.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,54 +3,54 @@
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta4/emailAddress=pubCA2_ta4
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
Validity
- Not Before: Jan 28 02:54:24 2011 GMT
- Not After : Oct 24 02:54:24 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p2_ta4/emailAddress=cs1_p2_ta4
+ Not Before: Mar 21 00:49:32 2011 GMT
+ Not After : Dec 15 00:49:32 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1_ta4/emailAddress=cs1_ch1_ta4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:cb:fa:59:73:5c:67:c6:f3:3a:0a:79:d9:b8:9d:
- cd:6e:e5:bf:29:79:9f:d7:a0:1f:60:aa:bb:88:5e:
- 55:07:ae:9e:5e:7e:4c:f1:3a:25:1b:72:62:81:44:
- 2b:94:60:2f:24:37:b1:25:72:4f:14:e3:a5:38:ec:
- c5:8f:54:d4:e1:90:71:43:86:dc:d1:a9:a2:84:b3:
- a8:be:e2:ee:ce:57:69:29:e5:69:ac:cd:45:f3:e9:
- 1a:b3:38:f2:a5:e0:a0:8e:d8:0c:05:0a:bf:5e:d8:
- 22:67:60:08:10:ce:37:cb:46:b2:77:fd:56:08:7c:
- 62:d8:fc:5d:69:a6:e6:df:e3
+ 00:af:be:de:74:2a:a1:34:39:6a:e5:7d:9a:a5:a1:
+ 4a:0c:e0:e5:4f:46:71:e4:5a:54:56:05:f1:ab:a5:
+ 7e:17:b6:aa:d4:4e:9c:b7:46:fc:ef:9a:4a:f5:3b:
+ 3b:b0:3a:67:d2:89:6d:3f:f7:6d:8d:59:1f:2b:b9:
+ a4:55:08:b6:76:c5:2e:71:eb:f9:4a:43:7c:db:13:
+ b2:a2:08:f3:b2:f1:1b:66:ef:ef:2d:a6:e6:0a:37:
+ 8a:b3:f9:da:0c:fe:da:23:0c:ef:b6:88:a2:6d:62:
+ 2d:76:42:5c:f3:2c:f8:3f:76:c3:e3:6e:f5:e4:3c:
+ 6e:48:c6:2a:cd:c7:e8:d9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/pubCA2_ta4_crl.pem
+ URI:http://localhost:12001/file/0/ch1_ta4_crl.pem
Signature Algorithm: sha256WithRSAEncryption
- 40:b2:b7:46:97:8c:3b:a8:c8:df:59:13:af:2c:a6:59:93:f2:
- d4:28:6f:bf:b1:3f:ac:7b:9d:f6:a8:29:be:15:1a:53:8d:86:
- 35:44:25:4b:b5:59:ea:54:07:5c:91:9b:a5:9b:94:a6:de:dc:
- 51:be:58:8d:cb:07:fe:1a:1a:1a:12:a5:b3:84:75:f5:9c:83:
- 5f:25:4b:d1:81:31:bb:74:d0:fc:92:41:d4:d2:63:b1:0b:96:
- 3c:da:b1:0b:1a:f6:6c:96:68:3b:36:6a:33:7c:c3:40:1b:7e:
- 4b:e5:dc:88:b4:25:2b:fe:0c:23:df:84:43:28:7c:39:d6:11:
- 22:23
+ ad:09:e5:e2:0a:c7:01:40:b0:d1:ff:83:9a:f7:b7:ac:58:00:
+ dd:a3:36:24:fb:65:f7:85:68:90:86:67:fb:f4:7e:1e:dd:8e:
+ b6:78:ff:a0:5a:12:2a:6f:2c:2b:c0:e3:d7:80:09:25:72:e0:
+ 6b:3a:c3:e4:dd:72:76:05:05:b2:55:f2:38:3e:07:24:2d:47:
+ 4a:db:b2:c6:4e:9c:c4:43:c9:95:23:44:61:db:da:d6:84:9c:
+ 12:dd:63:87:99:7f:7b:00:aa:77:dd:50:76:66:a7:ea:7f:fc:
+ e4:66:ae:08:d0:70:66:0f:23:d3:b4:cb:38:20:de:27:df:12:
+ 3d:b5
-----BEGIN CERTIFICATE-----
-MIICtTCCAh6gAwIBAgIBIzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIICrjCCAhegAwIBAgIBIzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0EyX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0EyX3RhNDAeFw0xMTAxMjgwMjU0MjRaFw0xMzEwMjQwMjU0MjRaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDJfdGE0MRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDJfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDL+llz
-XGfG8zoKedm4nc1u5b8peZ/XoB9gqruIXlUHrp5efkzxOiUbcmKBRCuUYC8kN7El
-ck8U46U47MWPVNThkHFDhtzRqaKEs6i+4u7OV2kp5WmszUXz6RqzOPKl4KCO2AwF
-Cr9e2CJnYAgQzjfLRrJ3/VYIfGLY/F1ppubf4wIDAQABo1MwUTAMBgNVHRMBAf8E
-AjAAMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmls
-ZS8wL3B1YkNBMl90YTRfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQBAsrdGl4w7
-qMjfWROvLKZZk/LUKG+/sT+se532qCm+FRpTjYY1RCVLtVnqVAdckZulm5Sm3txR
-vliNywf+GhoaEqWzhHX1nINfJUvRgTG7dND8kkHU0mOxC5Y82rELGvZslmg7Nmoz
-fMNAG35L5dyItCUr/gwj34RDKHw51hEiIw==
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NDAeFw0xMTAzMjEwMDQ5MzJaFw0xMzEyMTUwMDQ5MzJaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2gxX3RhNDEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoMV90YTQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK++3nQqoTQ5
+auV9mqWhSgzg5U9GceRaVFYF8aulfhe2qtROnLdG/O+aSvU7O7A6Z9KJbT/3bY1Z
+Hyu5pFUItnbFLnHr+UpDfNsTsqII87LxG2bv7y2m5go3irP52gz+2iMM77aIom1i
+LXZCXPMs+D92w+Nu9eQ8bkjGKs3H6NndAgMBAAGjUDBOMAwGA1UdEwEB/wQCMAAw
+PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2xvY2FsaG9zdDoxMjAwMS9maWxlLzAv
+Y2gxX3RhNF9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4GBAK0J5eIKxwFAsNH/g5r3
+t6xYAN2jNiT7ZfeFaJCGZ/v0fh7djrZ4/6BaEipvLCvA49eACSVy4Gs6w+TdcnYF
+BbJV8jg+ByQtR0rbssZOnMRDyZUjRGHb2taEnBLdY4eZf3sAqnfdUHZmp+p//ORm
+rgjQcGYPI9O0yzgg3iffEj21
-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/24.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,67 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 36 (0x24)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ch1_ta4/emailAddress=cs2_ch1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b9:d6:fb:d3:60:e9:bc:e3:70:c9:6d:1b:26:94:
+ ae:f4:76:b6:aa:d8:ef:1a:b6:17:3c:f5:9c:35:8b:
+ 28:55:c1:36:53:5a:1a:67:66:ee:34:4e:b7:f5:68:
+ 8c:8a:1c:af:b4:52:c2:5b:22:d2:d6:0c:ad:d3:40:
+ 89:a6:f5:d0:b9:12:1a:55:85:45:94:c6:3e:ac:b2:
+ 51:8a:75:05:d5:60:c8:c0:f9:fb:d8:0b:0b:7c:ad:
+ e1:b4:78:f4:fb:84:34:bb:1a:66:6e:e6:a6:90:4d:
+ 40:88:32:13:c3:cb:76:ac:02:eb:bb:04:24:9b:c5:
+ f8:b3:be:d1:44:ea:1f:f9:51
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 24:E7:DA:6E:C1:38:4D:41:8C:B0:C1:B2:D1:D2:C6:32:21:4F:57:52
+ X509v3 Authority Key Identifier:
+ keyid:AB:0B:EF:CE:AA:F0:43:97:3A:CD:58:D0:D9:C2:F9:C4:EB:8D:7C:FF
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:22
+
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/example_file
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 5e:7f:21:56:d9:dc:06:15:22:71:7c:3a:a6:37:dc:ba:e9:25:
+ c1:9e:8a:14:31:71:74:9d:bf:db:dd:88:db:da:ff:b1:05:bc:
+ 5b:1a:26:e0:f4:7d:c7:27:21:6c:e3:50:88:4f:2d:df:19:16:
+ 11:bf:5a:8e:fe:d6:ee:2c:53:cf:76:46:90:df:d3:e7:8c:94:
+ b1:b3:11:a8:4b:56:d3:22:85:13:39:92:cb:69:5f:3e:e6:66:
+ de:b1:b7:b1:6b:a8:60:cd:05:0a:6d:42:4e:f5:17:5d:62:e8:
+ f5:46:0a:51:3f:52:aa:aa:d6:a9:3a:6c:a9:af:98:da:fa:99:
+ 74:c1
+-----BEGIN CERTIFICATE-----
+MIIDYjCCAsugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NDAeFw0xMTAzMjEwMDQ5MzNaFw0xMzEyMTUwMDQ5MzNaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczJfY2gxX3RhNDEaMBgGCSqGSIb3DQEJARYL
+Y3MyX2NoMV90YTQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALnW+9Ng6bzj
+cMltGyaUrvR2tqrY7xq2Fzz1nDWLKFXBNlNaGmdm7jROt/VojIocr7RSwlsi0tYM
+rdNAiab10LkSGlWFRZTGPqyyUYp1BdVgyMD5+9gLC3yt4bR49PuENLsaZm7mppBN
+QIgyE8PLdqwC67sEJJvF+LO+0UTqH/lRAgMBAAGjggECMIH/MB0GA1UdDgQWBBQk
+59puwThNQYywwbLR0sYyIU9XUjCBkgYDVR0jBIGKMIGHgBSrC+/OqvBDlzrNWNDZ
+wvnE6418/6FspGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
+EzARBgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3Rh
+NDESMBAGCSqGSIb3DQEJARYDdGE0ggEiMAwGA1UdEwEB/wQCMAAwOwYDVR0fBDQw
+MjAwoC6gLIYqaHR0cDovL2xvY2FsaG9zdDoxMjAwMS9maWxlLzAvZXhhbXBsZV9m
+aWxlMA0GCSqGSIb3DQEBCwUAA4GBAF5/IVbZ3AYVInF8OqY33LrpJcGeihQxcXSd
+v9vdiNva/7EFvFsaJuD0fccnIWzjUIhPLd8ZFhG/Wo7+1u4sU892RpDf0+eMlLGz
+EahLVtMihRM5kstpXz7mZt6xt7FrqGDNBQptQk71F11i6PVGClE/Uqqq1qk6bKmv
+mNr6mXTB
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/25.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/25.pem Wed Apr 06 18:06:57 2011 -0700
@@ -3,52 +3,64 @@
Version: 3 (0x2)
Serial Number: 37 (0x25)
Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta5/emailAddress=pubCA1_ta5
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
Validity
- Not Before: Jan 28 02:54:25 2011 GMT
- Not After : Oct 24 02:54:25 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta5/emailAddress=cs1_ta5
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_ch1_ta4/emailAddress=cs3_ch1_ta4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c4:23:9b:a5:a6:bb:de:48:a0:b4:2e:2d:54:4f:
- e7:61:e4:9d:df:ad:01:7e:70:55:12:35:36:d4:71:
- e5:1f:fe:00:d9:0f:1b:de:62:57:2c:d7:46:67:28:
- 67:84:c7:b3:c3:99:6a:ec:89:c1:e9:d2:60:a8:48:
- d1:06:c9:68:c9:87:d6:82:88:aa:4c:33:d6:60:a4:
- bb:2b:38:0d:e8:11:ae:73:4c:b7:29:39:24:55:3d:
- c2:64:b0:54:e8:8d:67:1f:79:94:8d:6f:4c:95:cd:
- d6:00:9f:cb:f6:90:bd:07:52:f1:fe:16:b2:25:0e:
- 49:40:c0:cf:66:3c:9d:78:89
+ 00:aa:7f:01:31:5c:b9:d2:b5:8d:5c:1c:7f:e9:66:
+ f3:6b:2f:68:cb:3c:8a:4b:28:5e:e6:fb:45:1a:75:
+ d9:0e:cb:a3:41:19:05:05:dd:98:1d:51:f9:78:37:
+ 2a:7f:fa:26:06:27:38:6d:8d:85:5a:b1:8d:08:6a:
+ e2:ac:43:2f:44:f7:02:93:c9:89:c9:83:09:d1:04:
+ 06:0a:2d:c7:28:fa:77:c9:24:7a:6a:44:ac:c6:dd:
+ a2:a0:78:42:0d:d4:c0:5f:a1:b5:b6:e0:5a:f0:5f:
+ 54:83:fe:5d:26:a2:93:3d:94:f8:eb:8b:1c:11:45:
+ e8:e7:08:77:f4:ec:cd:94:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 54:C5:1A:1B:47:F4:1C:20:E1:32:B5:40:10:AB:8B:D6:40:28:99:08
+ X509v3 Authority Key Identifier:
+ keyid:AB:0B:EF:CE:AA:F0:43:97:3A:CD:58:D0:D9:C2:F9:C4:EB:8D:7C:FF
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:22
+
X509v3 Basic Constraints: critical
CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
+ X509v3 CRL Distribution Points:
+ URI:foo://bar/baz
+
Signature Algorithm: sha256WithRSAEncryption
- 86:7e:5b:75:75:be:0f:f3:ba:dd:6c:2c:db:1b:70:e1:3c:30:
- 37:7b:86:54:ad:5a:01:cc:64:e5:c2:67:c8:75:53:7d:65:80:
- 0b:0a:b5:8c:71:e5:42:25:fc:5a:48:6e:e2:5c:ef:19:fe:c1:
- 02:01:16:a7:f0:07:bc:ed:62:3f:2e:b0:7f:c3:73:27:c6:92:
- 69:36:ef:90:fd:1a:f6:7d:f6:5a:98:be:c8:63:da:65:e2:41:
- 3a:0a:4b:40:b2:a7:90:8e:96:d6:8d:d5:4d:a8:a5:60:89:b0:
- 96:d6:c6:cf:d3:3e:8f:0d:4c:34:c9:e8:af:65:d8:6d:fe:ed:
- 88:d1
+ 19:a0:c3:d1:c4:07:ec:73:8c:57:b0:5a:f9:29:b2:d0:89:62:
+ 25:9a:f0:95:fc:dc:99:6d:d6:2d:d0:22:3f:64:14:af:c8:1f:
+ 60:09:3e:ca:7b:2a:9a:32:71:bc:0c:85:24:81:15:14:b0:2a:
+ 97:93:ee:e3:c8:6e:c6:5d:69:84:f2:27:49:45:06:18:8b:82:
+ b8:ca:ad:6a:48:c2:4f:5a:1a:93:6d:f0:56:ca:60:9c:42:f6:
+ 6e:9a:c8:a9:5b:ca:7f:c3:1c:96:9a:3a:60:2d:64:7a:29:1e:
+ 59:c0:bc:63:ff:aa:1f:06:74:ce:26:81:cd:67:b6:b2:79:3d:
+ 30:c0
-----BEGIN CERTIFICATE-----
-MIICfDCCAeWgAwIBAgIBJTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
+MIIDRDCCAq2gAwIBAgIBJTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNTEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNTAeFw0xMTAxMjgwMjU0MjVaFw0xMzEwMjQwMjU0MjVaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczFfdGE1MRYwFAYJKoZIhvcNAQkB
-FgdjczFfdGE1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEI5ulprveSKC0
-Li1UT+dh5J3frQF+cFUSNTbUceUf/gDZDxveYlcs10ZnKGeEx7PDmWrsicHp0mCo
-SNEGyWjJh9aCiKpMM9ZgpLsrOA3oEa5zTLcpOSRVPcJksFTojWcfeZSNb0yVzdYA
-n8v2kL0HUvH+FrIlDklAwM9mPJ14iQIDAQABoyAwHjAMBgNVHRMBAf8EAjAAMA4G
-A1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQCGflt1db4P87rdbCzbG3Dh
-PDA3e4ZUrVoBzGTlwmfIdVN9ZYALCrWMceVCJfxaSG7iXO8Z/sECARan8Ae87WI/
-LrB/w3MnxpJpNu+Q/Rr2ffZamL7IY9pl4kE6CktAsqeQjpbWjdVNqKVgibCW1sbP
-0z6PDUw0yeivZdht/u2I0Q==
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NDAeFw0xMTAzMjEwMDQ5MzNaFw0xMzEyMTUwMDQ5MzNaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczNfY2gxX3RhNDEaMBgGCSqGSIb3DQEJARYL
+Y3MzX2NoMV90YTQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKp/ATFcudK1
+jVwcf+lm82svaMs8iksoXub7RRp12Q7Lo0EZBQXdmB1R+Xg3Kn/6JgYnOG2NhVqx
+jQhq4qxDL0T3ApPJicmDCdEEBgotxyj6d8kkempErMbdoqB4Qg3UwF+htbbgWvBf
+VIP+XSaikz2U+OuLHBFF6OcId/TszZTRAgMBAAGjgeUwgeIwHQYDVR0OBBYEFFTF
+GhtH9Bwg4TK1QBCri9ZAKJkIMIGSBgNVHSMEgYowgYeAFKsL786q8EOXOs1Y0NnC
++cTrjXz/oWykajBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTET
+MBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGE0
+MRIwEAYJKoZIhvcNAQkBFgN0YTSCASIwDAYDVR0TAQH/BAIwADAeBgNVHR8EFzAV
+MBOgEaAPhg1mb286Ly9iYXIvYmF6MA0GCSqGSIb3DQEBCwUAA4GBABmgw9HEB+xz
+jFewWvkpstCJYiWa8JX83Jlt1i3QIj9kFK/IH2AJPsp7KpoycbwMhSSBFRSwKpeT
+7uPIbsZdaYTyJ0lFBhiLgrjKrWpIwk9aGpNt8FbKYJxC9m6ayKlbyn/DHJaaOmAt
+ZHopHlnAvGP/qh8GdM4mgc1ntrJ5PTDA
-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/27.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,56 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 39 (0x27)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta4/emailAddress=ch1.1_ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.1_ta4/emailAddress=cs1_ch1.1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b1:85:77:87:f1:8e:bc:79:3e:8c:58:50:41:f3:
+ e8:26:07:80:e2:80:5f:41:ab:2c:fe:15:60:5e:fc:
+ 50:47:ba:19:65:e0:4e:42:28:18:67:61:55:3f:a4:
+ 3f:e8:e0:10:60:7d:94:72:d7:e7:25:43:61:16:29:
+ 06:7c:7f:e2:a6:c7:b7:ec:b5:9f:bf:98:8a:e7:f3:
+ 55:7f:8e:d9:2a:c7:ac:be:f3:0a:4e:90:39:fd:a3:
+ 9e:b1:2b:dd:cf:fc:61:d0:cb:b6:52:7e:34:eb:8b:
+ 01:6c:a9:cd:37:75:ae:2f:7c:61:6c:a0:c6:53:6a:
+ a6:1a:24:cd:93:72:ec:94:cf
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/ch1.1_ta4_crl.pem
+
+ Signature Algorithm: sha256WithRSAEncryption
+ a5:fb:3c:71:a7:fb:45:a2:a5:f0:42:3a:9f:25:40:e5:d1:c6:
+ 03:90:a0:4b:ca:83:21:8c:fc:3f:53:9c:1a:2e:bf:69:28:0d:
+ f1:bb:fd:bc:b8:66:5a:b9:c8:59:1e:1a:94:8a:c8:07:14:23:
+ f8:ec:a3:40:c8:67:aa:ae:bf:a3:f4:13:bc:80:76:f0:8b:5c:
+ 99:99:e3:f2:0a:7d:a0:5b:24:16:a1:64:02:f1:5c:2c:1c:9a:
+ f0:6d:9e:20:6d:54:2b:d7:5e:84:1d:a6:85:e2:17:1f:ed:cb:
+ 82:96:1b:f4:1d:c5:2f:ee:cd:5c:19:6b:59:25:1e:c6:a5:51:
+ 9e:74
+-----BEGIN CERTIFICATE-----
+MIICuDCCAiGgAwIBAgIBJzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjFfdGE0MRgwFgYJKoZIhvcNAQkBFgljaDEu
+MV90YTQwHhcNMTEwMzIxMDA0OTMzWhcNMTMxMjE1MDA0OTMzWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4xX3RhNDEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4xX3RhNDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+sYV3h/GOvHk+jFhQQfPoJgeA4oBfQass/hVgXvxQR7oZZeBOQigYZ2FVP6Q/6OAQ
+YH2UctfnJUNhFikGfH/ipse37LWfv5iK5/NVf47ZKsesvvMKTpA5/aOesSvdz/xh
+0Mu2Un4064sBbKnNN3WuL3xhbKDGU2qmGiTNk3LslM8CAwEAAaNSMFAwDAYDVR0T
+AQH/BAIwADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vbG9jYWxob3N0OjEyMDAx
+L2ZpbGUvMC9jaDEuMV90YTRfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQCl+zxx
+p/tFoqXwQjqfJUDl0cYDkKBLyoMhjPw/U5waLr9pKA3xu/28uGZauchZHhqUisgH
+FCP47KNAyGeqrr+j9BO8gHbwi1yZmePyCn2gWyQWoWQC8VwsHJrwbZ4gbVQr116E
+HaaF4hcf7cuClhv0HcUv7s1cGWtZJR7GpVGedA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/29.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 41 (0x29)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta5/emailAddress=ch1_ta5
+ Validity
+ Not Before: Mar 21 00:49:34 2011 GMT
+ Not After : Dec 15 00:49:34 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1_ta5/emailAddress=cs1_ch1_ta5
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:9f:3b:31:69:28:44:86:2e:06:eb:0a:fe:f8:f4:
+ a4:e0:ab:ea:c9:9e:9a:9e:c6:57:9d:c8:31:20:ec:
+ 20:d8:02:77:14:98:d9:34:9b:cd:4e:ab:20:bf:a8:
+ fb:2f:e3:09:fe:5c:93:8b:41:b9:2f:f6:22:a8:29:
+ ba:a3:5e:6a:73:47:cc:f1:45:cf:36:c1:90:9b:ee:
+ b9:d0:e7:d3:cc:c1:9e:34:02:03:67:78:81:41:9c:
+ e6:3a:b5:62:a4:01:af:b1:71:4a:e9:29:ec:15:2a:
+ d7:cc:04:a5:f7:55:11:c3:b8:6e:5d:0f:7a:18:4a:
+ 4c:db:d6:34:37:aa:3d:d5:53
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 6f:c1:70:68:66:e9:5f:02:f8:f2:9e:60:dc:51:56:4f:32:ee:
+ 62:72:8d:cb:3e:19:ea:03:1e:92:2a:b4:84:a0:b6:ee:0e:c4:
+ f3:87:b5:75:bd:91:17:96:fe:44:55:0e:33:99:ef:bb:7e:f8:
+ 83:a4:df:e8:90:c1:fe:ef:96:05:aa:c8:ce:6e:38:1b:d1:af:
+ 90:0d:88:21:7e:e6:58:ad:b6:b6:8c:8a:c4:9b:ec:19:1e:55:
+ c2:9f:03:e4:47:49:46:c5:a9:79:78:8f:fa:b5:c6:aa:bc:f0:
+ c2:cb:6a:f0:d7:76:b4:0e:b4:6b:20:53:55:15:1a:39:a7:3f:
+ 1a:bd
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBKTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNTEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NTAeFw0xMTAzMjEwMDQ5MzRaFw0xMzEyMTUwMDQ5MzRaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2gxX3RhNTEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoMV90YTUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ87MWkoRIYu
+BusK/vj0pOCr6smemp7GV53IMSDsINgCdxSY2TSbzU6rIL+o+y/jCf5ck4tBuS/2
+IqgpuqNeanNHzPFFzzbBkJvuudDn08zBnjQCA2d4gUGc5jq1YqQBr7FxSukp7BUq
+18wEpfdVEcO4bl0PehhKTNvWNDeqPdVTAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAG/BcGhm6V8C+PKeYNxR
+Vk8y7mJyjcs+GeoDHpIqtISgtu4OxPOHtXW9kReW/kRVDjOZ77t++IOk3+iQwf7v
+lgWqyM5uOBvRr5ANiCF+5littraMisSb7BkeVcKfA+RHSUbFqXl4j/q1xqq88MLL
+avDXdrQOtGsgU1UVGjmnPxq9
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1.1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 27 (0x1b)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta3/emailAddress=ch1.1_ta3
+ Validity
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.1_ta3/emailAddress=cs1_ch1.1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:9e:9e:a5:8e:28:f4:bd:9e:0d:46:b9:af:dc:80:
+ 5a:72:49:2f:c8:27:3c:66:ba:13:cb:57:04:0c:0b:
+ a1:71:e2:a0:97:ba:08:79:8c:43:8a:c8:49:5c:8d:
+ a9:b9:79:11:17:68:ea:ca:01:1b:68:0f:98:f6:86:
+ eb:e6:3f:d6:c8:96:a0:b8:5b:93:89:9c:d7:bc:b7:
+ 62:80:68:74:f8:bd:76:33:77:7c:13:ea:f3:53:dc:
+ 30:ce:80:46:93:51:2e:6a:49:bd:bd:48:a7:44:0b:
+ bf:a2:f7:79:b1:34:27:72:b0:e7:1e:13:3e:ec:0e:
+ 7e:bf:00:eb:e3:ac:77:62:1f
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ ac:d1:6e:7d:ab:d7:f2:e1:83:3d:79:74:3f:c3:64:61:81:b0:
+ 68:84:57:1d:3a:21:e4:93:ac:82:e2:11:e0:15:c6:bb:a1:b9:
+ 7f:59:96:00:63:31:99:e9:77:d9:b1:cd:b5:87:3d:1e:96:ab:
+ c1:1b:90:05:1c:b2:0b:f3:42:26:87:61:79:a7:0f:dc:fb:f3:
+ e6:4f:65:ff:a1:2b:64:06:9e:82:82:45:a3:4f:0b:3c:67:31:
+ c2:ea:6f:dd:06:d3:b5:a0:e0:d1:a0:a9:fd:1e:cb:e2:0b:82:
+ 7d:aa:08:5f:bd:12:18:d4:1d:77:7e:35:1c:6e:67:68:bb:0b:
+ a4:2c
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBGzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjFfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+MV90YTMwHhcNMTEwMzIxMDA0OTI5WhcNMTMxMjE1MDA0OTI5WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4xX3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4xX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+np6ljij0vZ4NRrmv3IBackkvyCc8ZroTy1cEDAuhceKgl7oIeYxDishJXI2puXkR
+F2jqygEbaA+Y9obr5j/WyJaguFuTiZzXvLdigGh0+L12M3d8E+rzU9wwzoBGk1Eu
+akm9vUinRAu/ovd5sTQncrDnHhM+7A5+vwDr46x3Yh8CAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEArNFufavX
+8uGDPXl0P8NkYYGwaIRXHToh5JOsguIR4BXGu6G5f1mWAGMxmel32bHNtYc9Hpar
+wRuQBRyyC/NCJodheacP3Pvz5k9l/6ErZAaegoJFo08LPGcxwupv3QbTtaDg0aCp
+/R7L4guCfaoIX70SGNQdd341HG5naLsLpCw=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1.1_ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,56 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 39 (0x27)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.1_ta4/emailAddress=ch1.1_ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.1_ta4/emailAddress=cs1_ch1.1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b1:85:77:87:f1:8e:bc:79:3e:8c:58:50:41:f3:
+ e8:26:07:80:e2:80:5f:41:ab:2c:fe:15:60:5e:fc:
+ 50:47:ba:19:65:e0:4e:42:28:18:67:61:55:3f:a4:
+ 3f:e8:e0:10:60:7d:94:72:d7:e7:25:43:61:16:29:
+ 06:7c:7f:e2:a6:c7:b7:ec:b5:9f:bf:98:8a:e7:f3:
+ 55:7f:8e:d9:2a:c7:ac:be:f3:0a:4e:90:39:fd:a3:
+ 9e:b1:2b:dd:cf:fc:61:d0:cb:b6:52:7e:34:eb:8b:
+ 01:6c:a9:cd:37:75:ae:2f:7c:61:6c:a0:c6:53:6a:
+ a6:1a:24:cd:93:72:ec:94:cf
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/ch1.1_ta4_crl.pem
+
+ Signature Algorithm: sha256WithRSAEncryption
+ a5:fb:3c:71:a7:fb:45:a2:a5:f0:42:3a:9f:25:40:e5:d1:c6:
+ 03:90:a0:4b:ca:83:21:8c:fc:3f:53:9c:1a:2e:bf:69:28:0d:
+ f1:bb:fd:bc:b8:66:5a:b9:c8:59:1e:1a:94:8a:c8:07:14:23:
+ f8:ec:a3:40:c8:67:aa:ae:bf:a3:f4:13:bc:80:76:f0:8b:5c:
+ 99:99:e3:f2:0a:7d:a0:5b:24:16:a1:64:02:f1:5c:2c:1c:9a:
+ f0:6d:9e:20:6d:54:2b:d7:5e:84:1d:a6:85:e2:17:1f:ed:cb:
+ 82:96:1b:f4:1d:c5:2f:ee:cd:5c:19:6b:59:25:1e:c6:a5:51:
+ 9e:74
+-----BEGIN CERTIFICATE-----
+MIICuDCCAiGgAwIBAgIBJzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjFfdGE0MRgwFgYJKoZIhvcNAQkBFgljaDEu
+MV90YTQwHhcNMTEwMzIxMDA0OTMzWhcNMTMxMjE1MDA0OTMzWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4xX3RhNDEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4xX3RhNDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+sYV3h/GOvHk+jFhQQfPoJgeA4oBfQass/hVgXvxQR7oZZeBOQigYZ2FVP6Q/6OAQ
+YH2UctfnJUNhFikGfH/ipse37LWfv5iK5/NVf47ZKsesvvMKTpA5/aOesSvdz/xh
+0Mu2Un4064sBbKnNN3WuL3xhbKDGU2qmGiTNk3LslM8CAwEAAaNSMFAwDAYDVR0T
+AQH/BAIwADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vbG9jYWxob3N0OjEyMDAx
+L2ZpbGUvMC9jaDEuMV90YTRfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQCl+zxx
+p/tFoqXwQjqfJUDl0cYDkKBLyoMhjPw/U5waLr9pKA3xu/28uGZauchZHhqUisgH
+FCP47KNAyGeqrr+j9BO8gHbwi1yZmePyCn2gWyQWoWQC8VwsHJrwbZ4gbVQr116E
+HaaF4hcf7cuClhv0HcUv7s1cGWtZJR7GpVGedA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1.2_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 29 (0x1d)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.2_ta3/emailAddress=ch1.2_ta3
+ Validity
+ Not Before: Mar 21 00:49:30 2011 GMT
+ Not After : Dec 15 00:49:30 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.2_ta3/emailAddress=cs1_ch1.2_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:a1:cf:9c:66:1e:c9:07:ed:2b:39:8a:5f:e5:f2:
+ f1:d3:f2:ad:01:f1:81:85:63:04:7f:b8:65:35:05:
+ e6:bd:3d:28:97:96:54:bc:ae:1b:46:b5:5c:f5:c0:
+ ac:75:63:4f:52:80:8b:4c:30:81:8e:85:96:a4:f1:
+ 46:e7:77:1e:7f:3e:80:10:41:cc:e7:92:73:ad:fb:
+ fb:0d:3a:2b:e2:d6:43:0e:ef:b9:54:06:2e:f7:1d:
+ 1d:aa:57:49:06:3e:65:8e:a9:9d:09:0e:83:55:12:
+ de:39:91:44:86:ba:d4:69:be:b8:89:a1:7b:8c:60:
+ 39:30:ea:95:f9:03:3e:c4:53
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 25:86:6a:6e:7a:be:f5:54:95:b2:ce:49:56:50:fa:ad:e3:34:
+ 84:fe:d9:9e:fb:0e:73:f7:62:3c:c7:29:95:54:91:68:32:cb:
+ 74:91:91:cc:68:a8:e4:12:07:b3:33:d9:f4:5e:bc:8e:0c:35:
+ bf:cb:fa:fc:07:75:c1:35:1e:ea:03:2d:60:a8:d3:39:5b:af:
+ 2f:67:d9:2d:98:da:48:4e:12:ee:87:1c:e5:db:42:7e:ca:45:
+ 4c:23:3d:21:53:fc:ee:66:77:9d:09:08:44:55:9b:2a:0d:10:
+ da:67:77:89:70:00:97:9b:eb:3a:b4:41:98:16:31:cf:bc:b5:
+ 88:bf
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBHTANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjJfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+Ml90YTMwHhcNMTEwMzIxMDA0OTMwWhcNMTMxMjE1MDA0OTMwWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4yX3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4yX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+oc+cZh7JB+0rOYpf5fLx0/KtAfGBhWMEf7hlNQXmvT0ol5ZUvK4bRrVc9cCsdWNP
+UoCLTDCBjoWWpPFG53cefz6AEEHM55Jzrfv7DTor4tZDDu+5VAYu9x0dqldJBj5l
+jqmdCQ6DVRLeOZFEhrrUab64iaF7jGA5MOqV+QM+xFMCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAJYZqbnq+
+9VSVss5JVlD6reM0hP7ZnvsOc/diPMcplVSRaDLLdJGRzGio5BIHszPZ9F68jgw1
+v8v6/Ad1wTUe6gMtYKjTOVuvL2fZLZjaSE4S7occ5dtCfspFTCM9IVP87mZ3nQkI
+RFWbKg0Q2md3iXAAl5vrOrRBmBYxz7y1iL8=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1.3_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 31 (0x1f)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.3_ta3/emailAddress=ch1.3_ta3
+ Validity
+ Not Before: Mar 21 00:49:31 2011 GMT
+ Not After : Dec 15 00:49:31 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.3_ta3/emailAddress=cs1_ch1.3_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:aa:61:a0:81:fa:99:8a:7d:cb:3e:99:2a:83:5b:
+ 29:10:80:63:6c:51:35:6b:ed:fa:fe:09:07:bc:f1:
+ c7:01:58:63:05:a9:1f:69:4c:36:c0:90:f6:e5:02:
+ ba:d3:2d:ae:ee:53:80:61:18:d6:d6:60:58:8f:07:
+ 14:ec:c2:3d:89:7b:33:90:1c:92:2f:91:fc:77:6b:
+ 52:fa:cf:97:9e:22:69:62:de:25:b4:9b:52:bc:51:
+ c7:04:9d:37:8b:cf:ec:3e:e5:62:76:bb:62:f8:34:
+ 10:6b:28:86:0a:c5:20:e7:3e:e5:76:9f:97:31:2a:
+ 04:0b:02:10:85:c8:48:bc:65
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 76:14:29:01:64:51:13:47:26:13:73:43:4e:ac:a9:6b:6e:46:
+ 04:32:7f:b7:f7:6c:6e:73:d1:d2:10:a3:4a:98:7f:c2:57:19:
+ 18:d7:d6:a0:2d:e2:2b:17:4a:49:cc:d8:1e:63:0f:82:88:03:
+ 2e:c2:cf:26:56:24:22:2a:48:73:54:08:97:a0:24:91:6a:05:
+ 63:4a:1f:01:28:06:0b:03:93:b8:75:9e:44:2d:7e:45:6c:a6:
+ c5:35:e0:0f:98:0c:a5:5a:2b:8a:c2:c1:83:f0:b6:b9:84:58:
+ f5:de:d4:b8:68:7d:de:b5:a3:9a:a0:33:91:23:fa:6c:b8:32:
+ 55:fb
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBHzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjNfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+M190YTMwHhcNMTEwMzIxMDA0OTMxWhcNMTMxMjE1MDA0OTMxWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS4zX3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS4zX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+qmGggfqZin3LPpkqg1spEIBjbFE1a+36/gkHvPHHAVhjBakfaUw2wJD25QK60y2u
+7lOAYRjW1mBYjwcU7MI9iXszkBySL5H8d2tS+s+XniJpYt4ltJtSvFHHBJ03i8/s
+PuVidrti+DQQayiGCsUg5z7ldp+XMSoECwIQhchIvGUCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAdhQpAWRR
+E0cmE3NDTqypa25GBDJ/t/dsbnPR0hCjSph/wlcZGNfWoC3iKxdKSczYHmMPgogD
+LsLPJlYkIipIc1QIl6AkkWoFY0ofASgGCwOTuHWeRC1+RWymxTXgD5gMpVorisLB
+g/C2uYRY9d7UuGh93rWjmqAzkSP6bLgyVfs=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1.4_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 33 (0x21)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1.4_ta3/emailAddress=ch1.4_ta3
+ Validity
+ Not Before: Mar 21 00:49:31 2011 GMT
+ Not After : Dec 15 00:49:31 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1.4_ta3/emailAddress=cs1_ch1.4_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:c6:b7:dc:6a:06:a3:1f:5a:98:5f:cd:0e:f1:c3:
+ 40:bd:b3:9e:73:68:16:78:a1:5e:e9:a2:0c:32:68:
+ 56:db:cb:9f:b8:dd:89:c1:f3:7b:b9:61:0e:9e:e1:
+ ff:ad:b3:43:4d:c3:c9:9e:9a:5e:58:48:50:7b:b7:
+ f8:20:0e:54:ce:4c:41:b8:b2:73:0a:6f:f1:0c:40:
+ 3b:81:4a:a1:42:da:01:6a:cd:03:65:a6:83:ff:29:
+ 41:40:45:31:d9:fd:7f:f4:e4:09:38:9f:66:a9:a4:
+ d4:9a:a5:80:6a:9e:43:11:cc:7a:4f:13:84:cc:7f:
+ 21:f9:4c:93:ec:d0:9c:f6:55
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 95:16:43:f9:f7:e3:76:6f:54:ff:74:78:05:e4:85:ae:b0:94:
+ 72:db:f0:d9:99:f7:6d:b6:f7:35:f3:db:c5:87:65:0f:88:65:
+ 8f:06:6f:f2:d7:5f:be:4f:e0:56:02:8e:f5:d5:42:22:48:74:
+ 3b:23:f9:76:82:3d:b0:d6:51:cd:d9:76:bd:22:4d:6d:24:c7:
+ 77:89:c5:9c:38:a9:db:f1:2b:16:16:11:e9:64:71:e3:a4:34:
+ 9a:83:dd:d4:14:38:b6:bf:06:46:b3:a6:e3:d9:8b:e9:cb:5b:
+ e1:fb:c1:30:34:aa:cf:1a:4d:66:39:5f:06:7e:39:ac:6e:01:
+ 81:b7
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBITANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2gxLjRfdGEzMRgwFgYJKoZIhvcNAQkBFgljaDEu
+NF90YTMwHhcNMTEwMzIxMDA0OTMxWhcNMTMxMjE1MDA0OTMxWjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoMS40X3RhMzEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoMS40X3RhMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+xrfcagajH1qYX80O8cNAvbOec2gWeKFe6aIMMmhW28ufuN2JwfN7uWEOnuH/rbND
+TcPJnppeWEhQe7f4IA5UzkxBuLJzCm/xDEA7gUqhQtoBas0DZaaD/ylBQEUx2f1/
+9OQJOJ9mqaTUmqWAap5DEcx6TxOEzH8h+UyT7NCc9lUCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAlRZD+ffj
+dm9U/3R4BeSFrrCUctvw2Zn3bbb3NfPbxYdlD4hljwZv8tdfvk/gVgKO9dVCIkh0
+OyP5doI9sNZRzdl2vSJNbSTHd4nFnDip2/ErFhYR6WRx46Q0moPd1BQ4tr8GRrOm
+49mL6ctb4fvBMDSqzxpNZjlfBn45rG4Bgbc=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 17 (0x11)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1_ta3/emailAddress=cs1_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:c0:f4:07:51:f9:0b:0f:11:0a:28:50:d3:7a:43:
+ 1f:24:71:ac:79:35:17:3c:44:b2:f9:67:b6:b3:ee:
+ 73:27:f6:7d:7b:e9:21:66:33:73:54:5e:98:f9:72:
+ 87:cf:e4:6f:4e:d8:65:76:74:65:41:2d:4c:99:d6:
+ 69:82:c9:ca:35:c3:d7:5e:6a:ec:c5:cd:a6:e0:3e:
+ da:00:b6:ae:e6:a6:0f:f1:2d:1a:bd:92:1a:d8:14:
+ ae:92:90:fb:e9:16:e2:38:85:20:df:dd:8a:11:af:
+ c2:3b:37:9b:ce:99:4e:89:ff:32:c7:53:e1:e0:ad:
+ ed:a6:12:96:9d:97:40:96:b5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 29:26:20:2c:c3:ae:e3:84:28:2a:15:af:48:cc:a4:87:d2:8b:
+ 7e:dd:76:80:11:f8:4c:e3:97:0c:34:42:96:78:9f:44:97:b6:
+ 61:3f:66:be:24:60:b4:40:0d:8d:56:3b:ec:d3:31:8d:ae:ac:
+ 1a:cb:cf:e5:68:67:21:87:1a:9b:b1:06:18:c4:d8:9b:d0:1a:
+ 4f:ed:8f:8e:5a:d5:4d:24:ea:d0:55:5b:2f:2c:d7:e8:8d:ff:
+ 99:5b:c1:32:55:f2:f4:d3:72:0b:b5:80:0c:8d:ce:8d:83:29:
+ 6f:2e:e1:e0:d7:99:fe:37:b5:3a:14:71:3e:ec:0c:ec:31:7d:
+ 2c:f0
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBETANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMD0B1H5Cw8R
+CihQ03pDHyRxrHk1FzxEsvlntrPucyf2fXvpIWYzc1RemPlyh8/kb07YZXZ0ZUEt
+TJnWaYLJyjXD115q7MXNpuA+2gC2ruamD/EtGr2SGtgUrpKQ++kW4jiFIN/dihGv
+wjs3m86ZTon/MsdT4eCt7aYSlp2XQJa1AgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBACkmICzDruOEKCoVr0jM
+pIfSi37ddoAR+Ezjlww0QpZ4n0SXtmE/Zr4kYLRADY1WO+zTMY2urBrLz+VoZyGH
+GpuxBhjE2JvQGk/tj45a1U0k6tBVWy8s1+iN/5lbwTJV8vTTcgu1gAyNzo2DKW8u
+4eDXmf43tToUcT7sDOwxfSzw
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1_ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,56 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 35 (0x23)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
+ Validity
+ Not Before: Mar 21 00:49:32 2011 GMT
+ Not After : Dec 15 00:49:32 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1_ta4/emailAddress=cs1_ch1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:af:be:de:74:2a:a1:34:39:6a:e5:7d:9a:a5:a1:
+ 4a:0c:e0:e5:4f:46:71:e4:5a:54:56:05:f1:ab:a5:
+ 7e:17:b6:aa:d4:4e:9c:b7:46:fc:ef:9a:4a:f5:3b:
+ 3b:b0:3a:67:d2:89:6d:3f:f7:6d:8d:59:1f:2b:b9:
+ a4:55:08:b6:76:c5:2e:71:eb:f9:4a:43:7c:db:13:
+ b2:a2:08:f3:b2:f1:1b:66:ef:ef:2d:a6:e6:0a:37:
+ 8a:b3:f9:da:0c:fe:da:23:0c:ef:b6:88:a2:6d:62:
+ 2d:76:42:5c:f3:2c:f8:3f:76:c3:e3:6e:f5:e4:3c:
+ 6e:48:c6:2a:cd:c7:e8:d9:dd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/ch1_ta4_crl.pem
+
+ Signature Algorithm: sha256WithRSAEncryption
+ ad:09:e5:e2:0a:c7:01:40:b0:d1:ff:83:9a:f7:b7:ac:58:00:
+ dd:a3:36:24:fb:65:f7:85:68:90:86:67:fb:f4:7e:1e:dd:8e:
+ b6:78:ff:a0:5a:12:2a:6f:2c:2b:c0:e3:d7:80:09:25:72:e0:
+ 6b:3a:c3:e4:dd:72:76:05:05:b2:55:f2:38:3e:07:24:2d:47:
+ 4a:db:b2:c6:4e:9c:c4:43:c9:95:23:44:61:db:da:d6:84:9c:
+ 12:dd:63:87:99:7f:7b:00:aa:77:dd:50:76:66:a7:ea:7f:fc:
+ e4:66:ae:08:d0:70:66:0f:23:d3:b4:cb:38:20:de:27:df:12:
+ 3d:b5
+-----BEGIN CERTIFICATE-----
+MIICrjCCAhegAwIBAgIBIzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NDAeFw0xMTAzMjEwMDQ5MzJaFw0xMzEyMTUwMDQ5MzJaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2gxX3RhNDEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoMV90YTQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK++3nQqoTQ5
+auV9mqWhSgzg5U9GceRaVFYF8aulfhe2qtROnLdG/O+aSvU7O7A6Z9KJbT/3bY1Z
+Hyu5pFUItnbFLnHr+UpDfNsTsqII87LxG2bv7y2m5go3irP52gz+2iMM77aIom1i
+LXZCXPMs+D92w+Nu9eQ8bkjGKs3H6NndAgMBAAGjUDBOMAwGA1UdEwEB/wQCMAAw
+PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2xvY2FsaG9zdDoxMjAwMS9maWxlLzAv
+Y2gxX3RhNF9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4GBAK0J5eIKxwFAsNH/g5r3
+t6xYAN2jNiT7ZfeFaJCGZ/v0fh7djrZ4/6BaEipvLCvA49eACSVy4Gs6w+TdcnYF
+BbJV8jg+ByQtR0rbssZOnMRDyZUjRGHb2taEnBLdY4eZf3sAqnfdUHZmp+p//ORm
+rgjQcGYPI9O0yzgg3iffEj21
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch1_ta5_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 41 (0x29)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta5/emailAddress=ch1_ta5
+ Validity
+ Not Before: Mar 21 00:49:34 2011 GMT
+ Not After : Dec 15 00:49:34 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch1_ta5/emailAddress=cs1_ch1_ta5
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:9f:3b:31:69:28:44:86:2e:06:eb:0a:fe:f8:f4:
+ a4:e0:ab:ea:c9:9e:9a:9e:c6:57:9d:c8:31:20:ec:
+ 20:d8:02:77:14:98:d9:34:9b:cd:4e:ab:20:bf:a8:
+ fb:2f:e3:09:fe:5c:93:8b:41:b9:2f:f6:22:a8:29:
+ ba:a3:5e:6a:73:47:cc:f1:45:cf:36:c1:90:9b:ee:
+ b9:d0:e7:d3:cc:c1:9e:34:02:03:67:78:81:41:9c:
+ e6:3a:b5:62:a4:01:af:b1:71:4a:e9:29:ec:15:2a:
+ d7:cc:04:a5:f7:55:11:c3:b8:6e:5d:0f:7a:18:4a:
+ 4c:db:d6:34:37:aa:3d:d5:53
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 6f:c1:70:68:66:e9:5f:02:f8:f2:9e:60:dc:51:56:4f:32:ee:
+ 62:72:8d:cb:3e:19:ea:03:1e:92:2a:b4:84:a0:b6:ee:0e:c4:
+ f3:87:b5:75:bd:91:17:96:fe:44:55:0e:33:99:ef:bb:7e:f8:
+ 83:a4:df:e8:90:c1:fe:ef:96:05:aa:c8:ce:6e:38:1b:d1:af:
+ 90:0d:88:21:7e:e6:58:ad:b6:b6:8c:8a:c4:9b:ec:19:1e:55:
+ c2:9f:03:e4:47:49:46:c5:a9:79:78:8f:fa:b5:c6:aa:bc:f0:
+ c2:cb:6a:f0:d7:76:b4:0e:b4:6b:20:53:55:15:1a:39:a7:3f:
+ 1a:bd
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBKTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNTEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NTAeFw0xMTAzMjEwMDQ5MzRaFw0xMzEyMTUwMDQ5MzRaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2gxX3RhNTEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoMV90YTUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ87MWkoRIYu
+BusK/vj0pOCr6smemp7GV53IMSDsINgCdxSY2TSbzU6rIL+o+y/jCf5ck4tBuS/2
+IqgpuqNeanNHzPFFzzbBkJvuudDn08zBnjQCA2d4gUGc5jq1YqQBr7FxSukp7BUq
+18wEpfdVEcO4bl0PehhKTNvWNDeqPdVTAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAG/BcGhm6V8C+PKeYNxR
+Vk8y7mJyjcs+GeoDHpIqtISgtu4OxPOHtXW9kReW/kRVDjOZ77t++IOk3+iQwf7v
+lgWqyM5uOBvRr5ANiCF+5littraMisSb7BkeVcKfA+RHSUbFqXl4j/q1xqq88MLL
+avDXdrQOtGsgU1UVGjmnPxq9
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch5.1_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 9 (0x9)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.1_ta1/emailAddress=ch5.1_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5.1_ta1/emailAddress=cs1_ch5.1_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bf:ce:74:08:89:5a:78:fe:33:bc:42:8f:19:79:
+ 0f:76:ce:ff:da:f1:32:62:4a:34:ee:54:3a:81:61:
+ 9a:02:81:02:4b:77:c7:7c:ef:50:99:68:f4:40:4d:
+ fa:41:a3:a4:86:a4:9c:6a:45:2b:99:15:ba:d8:d5:
+ 97:f5:30:25:c0:f3:7c:a1:eb:50:58:8e:23:04:b0:
+ 72:ea:bb:21:fc:6c:37:37:ab:85:c3:36:8c:42:dc:
+ 83:12:6a:a1:b1:3e:8b:f9:b6:4c:43:8e:38:15:c1:
+ 40:22:f8:7d:59:c0:9c:f6:75:85:0d:ed:43:4c:d8:
+ 7f:84:c8:dd:a4:7d:66:c4:63
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 35:e5:fc:ad:b3:07:3c:23:cc:b9:a1:82:8c:2e:97:3a:65:e1:
+ 25:03:16:50:e7:a3:69:cb:bf:e3:5e:be:59:60:ba:96:af:44:
+ 01:18:de:2e:c7:5f:cf:19:ca:59:fc:01:f5:86:e0:5e:e9:c6:
+ 70:9e:4c:e7:e1:ad:41:1b:be:11:a8:bb:cd:28:67:a8:7d:81:
+ ec:55:25:5e:c6:c7:c3:f2:42:3e:07:e8:68:ca:5c:41:dd:34:
+ b4:de:b2:f4:cb:dd:b3:e9:76:07:4c:d3:87:b1:4f:56:39:40:
+ 77:03:42:ae:80:be:d3:ae:cb:75:80:09:82:87:7c:3b:2a:e0:
+ bd:04
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBCTANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2g1LjFfdGExMRgwFgYJKoZIhvcNAQkBFgljaDUu
+MV90YTEwHhcNMTEwMzIxMDA0OTI0WhcNMTMxMjE1MDA0OTI0WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoNS4xX3RhMTEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoNS4xX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+v850CIlaeP4zvEKPGXkPds7/2vEyYko07lQ6gWGaAoECS3fHfO9QmWj0QE36QaOk
+hqScakUrmRW62NWX9TAlwPN8oetQWI4jBLBy6rsh/Gw3N6uFwzaMQtyDEmqhsT6L
++bZMQ444FcFAIvh9WcCc9nWFDe1DTNh/hMjdpH1mxGMCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEANeX8rbMH
+PCPMuaGCjC6XOmXhJQMWUOejacu/416+WWC6lq9EARjeLsdfzxnKWfwB9YbgXunG
+cJ5M5+GtQRu+Eai7zShnqH2B7FUlXsbHw/JCPgfoaMpcQd00tN6y9Mvds+l2B0zT
+h7FPVjlAdwNCroC+067LdYAJgod8OyrgvQQ=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch5.2_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 11 (0xb)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.2_ta1/emailAddress=ch5.2_ta1
+ Validity
+ Not Before: Mar 21 00:49:25 2011 GMT
+ Not After : Dec 15 00:49:25 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5.2_ta1/emailAddress=cs1_ch5.2_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b9:44:f7:70:52:8f:e0:c5:7b:7e:68:01:46:0b:
+ e1:54:1a:91:82:96:5d:d9:60:a7:a6:c2:2d:cf:f6:
+ b1:e6:bc:fe:b5:02:49:20:5e:b7:2e:88:07:05:4e:
+ 88:9e:96:f5:51:22:b1:72:23:88:21:7d:70:d4:51:
+ c1:38:26:87:3c:d2:59:b4:0a:b4:0c:99:fb:eb:89:
+ a8:15:fa:ff:2a:40:52:e2:b3:d1:79:61:4b:a5:f3:
+ 8a:0a:18:4b:76:26:9d:68:c7:83:03:88:77:38:ab:
+ d6:2d:95:17:20:43:cc:6b:c5:d2:1d:85:b7:c0:b4:
+ b7:8c:f7:cc:3e:cc:79:8d:3d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 15:39:6a:5e:1b:b7:b0:9d:56:ed:4e:0f:28:5e:ba:84:d0:14:
+ 92:4b:51:1f:3f:a7:2b:dc:ac:3d:6a:d6:79:7d:16:e6:db:04:
+ a2:4b:03:c9:d0:d0:4d:09:60:c8:92:ae:cf:ec:39:0e:fb:a2:
+ 17:bf:0d:1b:ff:99:b6:c8:2a:cb:f9:25:bc:b1:8e:94:2b:dc:
+ e1:47:43:a0:21:9c:b3:f3:62:d0:ae:49:e0:aa:a9:a8:23:c5:
+ 7f:60:9a:ce:cc:4b:48:6a:98:2a:58:68:df:89:88:fe:d3:17:
+ 50:82:3b:33:45:4a:08:56:2e:e4:5e:4f:3b:6f:c5:e1:c0:53:
+ 28:a8
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBCzANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2g1LjJfdGExMRgwFgYJKoZIhvcNAQkBFgljaDUu
+Ml90YTEwHhcNMTEwMzIxMDA0OTI1WhcNMTMxMjE1MDA0OTI1WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoNS4yX3RhMTEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoNS4yX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+uUT3cFKP4MV7fmgBRgvhVBqRgpZd2WCnpsItz/ax5rz+tQJJIF63LogHBU6Inpb1
+USKxciOIIX1w1FHBOCaHPNJZtAq0DJn764moFfr/KkBS4rPReWFLpfOKChhLdiad
+aMeDA4h3OKvWLZUXIEPMa8XSHYW3wLS3jPfMPsx5jT0CAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAFTlqXhu3
+sJ1W7U4PKF66hNAUkktRHz+nK9ysPWrWeX0W5tsEoksDydDQTQlgyJKuz+w5Dvui
+F78NG/+Ztsgqy/klvLGOlCvc4UdDoCGcs/Ni0K5J4KqpqCPFf2CazsxLSGqYKlho
+34mI/tMXUII7M0VKCFYu5F5PO2/F4cBTKKg=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch5.3_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 14 (0xe)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5.3_ta1/emailAddress=ch5.3_ta1
+ Validity
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5.3_ta1/emailAddress=cs1_ch5.3_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:ba:d5:66:e3:d0:cd:3b:08:d4:e6:6a:9e:7f:22:
+ 39:47:94:a9:77:5a:dd:26:6a:35:fc:d5:e0:1b:41:
+ cf:0d:ff:6f:66:09:96:8b:32:36:ea:68:69:82:5a:
+ c9:6f:20:ea:ff:1c:83:29:11:d8:f2:99:f8:5c:d4:
+ 85:32:bb:c6:69:ca:dc:f7:d7:89:d4:72:2c:89:8a:
+ 36:22:71:48:bc:fa:e0:f9:03:3c:14:7c:c2:48:92:
+ 10:9f:21:db:2a:3b:01:f2:6f:96:18:61:b4:45:56:
+ 27:81:aa:42:fd:d8:92:84:4e:fd:5d:65:ad:67:67:
+ 4d:06:48:10:88:bb:77:af:23
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 7e:14:ca:ef:10:0b:0d:a4:e4:7d:ba:39:5b:7c:63:b7:9a:d2:
+ b7:cb:25:87:b3:fe:9f:34:55:d2:45:a6:b3:68:27:6d:a7:14:
+ 5c:68:43:0b:81:aa:0b:21:6d:1f:ad:ec:72:de:4b:99:b5:a4:
+ f0:24:15:73:f1:eb:dd:6f:41:2f:3c:4b:06:44:eb:ec:f0:9d:
+ 29:79:ce:d2:ea:e2:55:1b:9f:cf:7c:ca:98:35:6f:98:ec:70:
+ de:f1:04:fa:f1:89:ee:bf:af:a4:f8:35:92:b7:f9:27:a7:5e:
+ 76:cc:c0:79:ad:6b:46:d7:d1:a7:60:35:32:9f:26:b3:b2:e7:
+ 21:a5
+-----BEGIN CERTIFICATE-----
+MIIChjCCAe+gAwIBAgIBDjANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTESMBAGA1UEAxQJY2g1LjNfdGExMRgwFgYJKoZIhvcNAQkBFgljaDUu
+M190YTEwHhcNMTEwMzIxMDA0OTI2WhcNMTMxMjE1MDA0OTI2WjB8MQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazEN
+MAsGA1UEChMEcGtnNTEWMBQGA1UEAxQNY3MxX2NoNS4zX3RhMTEcMBoGCSqGSIb3
+DQEJARYNY3MxX2NoNS4zX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+utVm49DNOwjU5mqefyI5R5Spd1rdJmo1/NXgG0HPDf9vZgmWizI26mhpglrJbyDq
+/xyDKRHY8pn4XNSFMrvGacrc99eJ1HIsiYo2InFIvPrg+QM8FHzCSJIQnyHbKjsB
+8m+WGGG0RVYngapC/diShE79XWWtZ2dNBkgQiLt3ryMCAwEAAaMgMB4wDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAfhTK7xAL
+DaTkfbo5W3xjt5rSt8slh7P+nzRV0kWms2gnbacUXGhDC4GqCyFtH63sct5LmbWk
+8CQVc/Hr3W9BLzxLBkTr7PCdKXnO0uriVRufz3zKmDVvmOxw3vEE+vGJ7r+vpPg1
+krf5J6dedszAea1rRtfRp2A1Mp8ms7LnIaU=
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ch5_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 6 (0x6)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5_ta1/emailAddress=ch5_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ch5_ta1/emailAddress=cs1_ch5_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b3:a4:c0:9b:2d:3a:3d:41:21:47:c3:96:e2:60:
+ e4:dd:24:83:4a:1c:91:4e:c0:30:f7:c1:8f:7b:87:
+ 58:9a:ce:09:6f:9e:85:0d:cf:a9:33:ea:aa:4e:c8:
+ e6:60:1e:14:25:66:80:c9:e9:9c:1b:60:4a:dc:cb:
+ 66:b0:03:38:bc:42:dc:0e:e1:da:d5:e8:25:20:75:
+ e9:3f:58:20:09:91:b0:b6:da:6f:aa:26:69:50:87:
+ 3b:37:eb:a7:e7:66:b1:de:ad:57:78:98:cf:17:59:
+ 7e:10:b6:da:ca:58:7d:45:14:8a:f1:0f:f1:af:5b:
+ 00:26:36:af:1e:0d:29:47:65
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ cb:cf:66:b0:f1:ff:e3:9f:6a:e8:36:19:07:ee:4a:88:72:25:
+ 41:e5:27:33:e1:2d:81:e0:23:d8:16:1a:db:b7:a2:ad:30:81:
+ b4:19:e6:0d:7a:30:c6:11:8e:c0:e3:89:b9:c8:67:66:17:fa:
+ 28:96:74:30:7b:74:0e:1e:71:b9:fb:6a:34:24:7b:f6:69:bb:
+ 36:c9:00:63:86:4b:49:16:74:6c:64:69:55:ce:bb:15:fb:fd:
+ 89:78:72:d3:47:d2:12:ad:c0:43:f6:56:c2:77:9e:68:04:6c:
+ 30:4a:28:06:7b:a7:74:2a:3a:8a:b8:7d:41:2b:aa:61:93:28:
+ 97:75
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBBjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g1X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g1X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczFfY2g1X3RhMTEaMBgGCSqGSIb3DQEJARYL
+Y3MxX2NoNV90YTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALOkwJstOj1B
+IUfDluJg5N0kg0ockU7AMPfBj3uHWJrOCW+ehQ3PqTPqqk7I5mAeFCVmgMnpnBtg
+StzLZrADOLxC3A7h2tXoJSB16T9YIAmRsLbab6omaVCHOzfrp+dmsd6tV3iYzxdZ
+fhC22spYfUUUivEP8a9bACY2rx4NKUdlAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAMvPZrDx/+Ofaug2GQfu
+SohyJUHlJzPhLYHgI9gWGtu3oq0wgbQZ5g16MMYRjsDjibnIZ2YX+iiWdDB7dA4e
+cbn7ajQke/ZpuzbJAGOGS0kWdGxkaVXOuxX7/Yl4ctNH0hKtwEP2VsJ3nmgEbDBK
+KAZ7p3QqOoq4fUErqmGTKJd1
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_cs8_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 25 (0x19)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_ch1_ta3/emailAddress=cs8_ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_cs8_ch1_ta3/emailAddress=cs1_cs8_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b7:e1:e5:53:8b:fe:2e:f4:82:1a:1a:10:f8:1d:
+ 3f:0f:04:e4:35:8b:19:20:11:af:ad:c2:ff:5a:12:
+ 04:f0:4e:4d:3a:b3:ce:42:c3:c5:ad:2a:ca:87:04:
+ c2:f3:8a:5c:22:c9:b9:d5:08:ba:5c:9c:1a:06:d8:
+ db:ea:70:6c:0a:8c:22:0a:9c:9b:ea:4d:0f:d9:98:
+ da:df:d8:cd:26:82:f8:ae:77:93:6a:16:3f:54:eb:
+ c1:c7:fc:94:bb:05:dc:9d:cf:ae:bc:71:e9:f0:4a:
+ 09:d7:06:14:d4:db:63:d6:b2:bc:84:9f:90:a0:21:
+ 75:45:2b:f3:2c:fa:e8:98:cd
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 80:df:ac:6d:f0:f0:d8:14:72:fa:cc:20:8d:9b:58:f2:1e:bf:
+ a1:31:02:e6:2c:09:fe:2e:c2:d9:02:b4:14:57:9a:60:ea:20:
+ 69:5e:ea:ff:30:86:fe:57:6b:f0:39:68:23:d3:0c:aa:82:dc:
+ 2e:47:91:66:a2:05:14:c8:f9:a1:21:7b:77:19:16:fb:6f:52:
+ a6:04:a1:13:cb:89:b3:1e:fe:d0:f4:e4:9b:4a:65:4a:59:a6:
+ 12:1f:0b:ed:82:bb:06:4b:da:73:52:d5:3f:c7:8a:b2:ba:3f:
+ 78:73:d6:11:ae:94:62:18:db:86:da:1d:87:75:47:df:66:89:
+ 6e:3d
+-----BEGIN CERTIFICATE-----
+MIICjzCCAfigAwIBAgIBGTANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEUMBIGA1UEAxQLY3M4X2NoMV90YTMxGjAYBgkqhkiG9w0BCQEWC2Nz
+OF9jaDFfdGEzMB4XDTExMDMyMTAwNDkyOVoXDTEzMTIxNTAwNDkyOVowgYAxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
+YXJrMQ0wCwYDVQQKEwRwa2c1MRgwFgYDVQQDFA9jczFfY3M4X2NoMV90YTMxHjAc
+BgkqhkiG9w0BCQEWD2NzMV9jczhfY2gxX3RhMzCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAt+HlU4v+LvSCGhoQ+B0/DwTkNYsZIBGvrcL/WhIE8E5NOrPOQsPF
+rSrKhwTC84pcIsm51Qi6XJwaBtjb6nBsCowiCpyb6k0P2Zja39jNJoL4rneTahY/
+VOvBx/yUuwXcnc+uvHHp8EoJ1wYU1Ntj1rK8hJ+QoCF1RSvzLPromM0CAwEAAaMg
+MB4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQAD
+gYEAgN+sbfDw2BRy+swgjZtY8h6/oTEC5iwJ/i7C2QK0FFeaYOogaV7q/zCG/ldr
+8DloI9MMqoLcLkeRZqIFFMj5oSF7dxkW+29SpgShE8uJsx7+0PTkm0plSlmmEh8L
+7YK7Bkvac1LVP8eKsro/eHPWEa6UYhjbhtodh3VH32aJbj0=
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_cs8_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 21 (0x15)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_p1_ta3/emailAddress=cs8_p1_ta3
- Validity
- Not Before: Jan 28 02:54:20 2011 GMT
- Not After : Oct 24 02:54:20 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_cs8_p1_ta3/emailAddress=cs1_cs8_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b7:b3:67:af:2e:4f:cd:e6:84:61:80:0a:6a:0d:
- d7:48:3e:34:76:b9:51:d4:47:4c:20:d1:cb:29:f3:
- cb:30:f9:de:be:4c:dd:3b:7c:8b:ad:2a:b8:90:49:
- f1:e5:e0:93:e9:c4:72:41:b7:c7:1e:ad:fb:6c:84:
- 51:3f:b6:58:cc:15:7a:cf:3c:16:fa:e1:29:2e:57:
- 90:90:5b:d1:55:a6:0c:76:6a:85:6c:19:71:0b:33:
- cc:93:bb:4e:02:59:d0:08:dc:cb:8c:17:1f:40:de:
- fb:ba:b5:24:e0:f0:b3:df:b1:94:d1:7b:80:d9:74:
- a9:44:4e:b7:eb:cd:cf:62:ed
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 7f:59:dd:b6:d7:6a:bf:e7:c2:c0:53:9c:8f:90:e3:e5:3a:75:
- 04:35:ef:d8:39:f9:53:e6:1e:bf:8b:fd:c3:19:21:81:70:09:
- a1:e6:89:6f:9d:3c:f3:9c:c5:00:5b:0c:7d:e3:13:de:cf:1b:
- 10:2b:ab:c3:d2:77:76:03:59:ef:43:39:a9:de:78:e9:a9:a1:
- fb:8b:b4:c7:ec:37:97:5b:65:ee:af:e4:66:c7:42:a8:24:73:
- d2:3f:37:fc:9f:79:93:53:88:81:0b:f6:be:f7:ac:f8:9d:37:
- c8:c6:66:81:2e:f0:8a:0e:41:95:24:9d:4c:90:50:94:51:45:
- 46:8f
------BEGIN CERTIFICATE-----
-MIICijCCAfOgAwIBAgIBFTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY3M4X3AxX3RhMzEZMBcGCSqGSIb3DQEJARYKY3M4
-X3AxX3RhMzAeFw0xMTAxMjgwMjU0MjBaFw0xMzEwMjQwMjU0MjBaMH4xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRcwFQYDVQQDFA5jczFfY3M4X3AxX3RhMzEdMBsGCSqG
-SIb3DQEJARYOY3MxX2NzOF9wMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
-AoGBALezZ68uT83mhGGACmoN10g+NHa5UdRHTCDRyynzyzD53r5M3Tt8i60quJBJ
-8eXgk+nEckG3xx6t+2yEUT+2WMwVes88FvrhKS5XkJBb0VWmDHZqhWwZcQszzJO7
-TgJZ0Ajcy4wXH0De+7q1JODws9+xlNF7gNl0qUROt+vNz2LtAgMBAAGjIDAeMAwG
-A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAH9Z
-3bbXar/nwsBTnI+Q4+U6dQQ179g5+VPmHr+L/cMZIYFwCaHmiW+dPPOcxQBbDH3j
-E97PGxArq8PSd3YDWe9DOaneeOmpofuLtMfsN5dbZe6v5GbHQqgkc9I/N/yfeZNT
-iIEL9r73rPidN8jGZoEu8IoOQZUknUyQUJRRRUaP
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 13 (0xd)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p1_ta3/emailAddress=cs1_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:f6:03:62:59:9b:4b:42:80:bd:9e:2c:51:9d:d6:
- d3:5b:3e:36:b3:da:4b:05:ed:d1:77:b7:3e:dc:0a:
- 87:20:89:51:84:e5:f9:f0:9d:fe:1d:e9:ad:ca:43:
- 9d:41:8e:84:7d:eb:36:85:4f:14:da:18:ee:c9:c3:
- e7:f2:cd:9c:c4:11:16:52:d7:07:9f:f5:52:b7:7b:
- 66:d5:ae:10:0f:fc:44:6d:a4:89:60:95:85:12:ca:
- 31:34:26:1b:b5:e6:4f:5b:31:cc:76:76:c3:12:29:
- f6:64:b6:ea:44:da:e9:51:15:d6:1d:5a:91:cb:62:
- 6e:da:c7:25:66:2f:30:52:17
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 5e:5b:97:12:03:fe:8e:f1:93:90:83:b4:65:f5:4b:56:f6:69:
- 44:d7:12:f3:e7:56:bc:5f:f6:ae:5c:95:19:39:0f:0f:77:0f:
- ef:78:bf:49:df:98:bb:91:02:3d:94:5e:90:d6:b0:a2:b0:d2:
- db:70:29:01:d6:39:81:a5:c3:30:9c:b7:95:21:c7:13:36:9e:
- f7:36:c5:be:7e:f4:9d:3b:71:2d:da:d9:07:55:67:62:34:33:
- 01:19:a7:ba:6f:ae:98:0e:22:a4:06:ad:16:ea:33:7f:e2:15:
- 83:4d:ac:ab:55:ff:aa:2b:15:a6:d2:73:e4:a4:43:53:6c:35:
- 9a:33
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBDTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTNaFw0xMzEwMjQwMjU0MTNaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2A2JZ
-m0tCgL2eLFGd1tNbPjaz2ksF7dF3tz7cCocgiVGE5fnwnf4d6a3KQ51BjoR96zaF
-TxTaGO7Jw+fyzZzEERZS1wef9VK3e2bVrhAP/ERtpIlglYUSyjE0Jhu15k9bMcx2
-dsMSKfZktupE2ulRFdYdWpHLYm7axyVmLzBSFwIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBeW5cSA/6O8ZOQ
-g7Rl9UtW9mlE1xLz51a8X/auXJUZOQ8Pdw/veL9J35i7kQI9lF6Q1rCisNLbcCkB
-1jmBpcMwnLeVIccTNp73NsW+fvSdO3Et2tkHVWdiNDMBGae6b66YDiKkBq0W6jN/
-4hWDTayrVf+qKxWm0nPkpENTbDWaMw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_p2_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 23 (0x17)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta3/emailAddress=pubCA2_ta3
- Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p2_ta3/emailAddress=cs1_p2_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c6:07:89:ed:17:4d:1d:4c:e9:1f:c3:10:f8:63:
- 50:5e:60:65:9b:13:41:07:a9:5a:b1:5e:e9:4d:6f:
- f7:15:b4:23:87:2b:91:c2:71:9f:4f:68:71:f3:24:
- a4:d6:bb:65:78:9b:8e:c5:ac:a4:1d:eb:ac:73:24:
- 19:67:63:95:34:b3:18:56:62:0b:05:c6:4d:9e:92:
- cb:31:30:58:28:8e:e7:b8:f1:32:bc:cf:76:e2:22:
- a5:56:d2:18:a5:ec:83:65:6f:71:85:0c:62:09:a9:
- 94:c7:ef:c9:39:a0:6f:14:0f:b3:66:36:60:95:c5:
- c2:f2:a6:2c:c6:00:4a:fb:6b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 8e:38:49:09:7d:23:2f:61:62:28:7c:78:5f:28:8b:1c:ba:8d:
- cf:6d:ec:49:20:d2:17:1c:57:0e:e0:b4:c9:0b:75:d6:9c:41:
- 61:f0:60:69:1c:81:2c:0e:58:4c:2b:6c:65:51:0f:63:ab:61:
- 90:d2:99:7b:45:26:a3:68:18:da:b9:28:5c:15:6e:f1:9b:ac:
- cf:06:93:b5:00:33:aa:8c:a0:5d:45:5c:6a:e3:61:78:b8:1a:
- 5b:bc:77:47:e6:36:58:b4:8e:16:01:4d:9a:2b:b3:8b:77:3c:
- fd:14:4b:c6:ee:9d:cf:15:71:ad:9f:c8:b1:e5:16:68:aa:cd:
- 11:47
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBFzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0EyX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0EyX3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDJfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDJfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGB4nt
-F00dTOkfwxD4Y1BeYGWbE0EHqVqxXulNb/cVtCOHK5HCcZ9PaHHzJKTWu2V4m47F
-rKQd66xzJBlnY5U0sxhWYgsFxk2ekssxMFgojue48TK8z3biIqVW0hil7INlb3GF
-DGIJqZTH78k5oG8UD7NmNmCVxcLypizGAEr7awIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQCOOEkJfSMvYWIo
-fHhfKIscuo3PbexJINIXHFcO4LTJC3XWnEFh8GBpHIEsDlhMK2xlUQ9jq2GQ0pl7
-RSajaBjauShcFW7xm6zPBpO1ADOqjKBdRVxq42F4uBpbvHdH5jZYtI4WAU2aK7OL
-dzz9FEvG7p3PFXGtn8ix5RZoqs0RRw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_p2_ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 35 (0x23)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta4/emailAddress=pubCA2_ta4
- Validity
- Not Before: Jan 28 02:54:24 2011 GMT
- Not After : Oct 24 02:54:24 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p2_ta4/emailAddress=cs1_p2_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:cb:fa:59:73:5c:67:c6:f3:3a:0a:79:d9:b8:9d:
- cd:6e:e5:bf:29:79:9f:d7:a0:1f:60:aa:bb:88:5e:
- 55:07:ae:9e:5e:7e:4c:f1:3a:25:1b:72:62:81:44:
- 2b:94:60:2f:24:37:b1:25:72:4f:14:e3:a5:38:ec:
- c5:8f:54:d4:e1:90:71:43:86:dc:d1:a9:a2:84:b3:
- a8:be:e2:ee:ce:57:69:29:e5:69:ac:cd:45:f3:e9:
- 1a:b3:38:f2:a5:e0:a0:8e:d8:0c:05:0a:bf:5e:d8:
- 22:67:60:08:10:ce:37:cb:46:b2:77:fd:56:08:7c:
- 62:d8:fc:5d:69:a6:e6:df:e3
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/pubCA2_ta4_crl.pem
-
- Signature Algorithm: sha256WithRSAEncryption
- 40:b2:b7:46:97:8c:3b:a8:c8:df:59:13:af:2c:a6:59:93:f2:
- d4:28:6f:bf:b1:3f:ac:7b:9d:f6:a8:29:be:15:1a:53:8d:86:
- 35:44:25:4b:b5:59:ea:54:07:5c:91:9b:a5:9b:94:a6:de:dc:
- 51:be:58:8d:cb:07:fe:1a:1a:1a:12:a5:b3:84:75:f5:9c:83:
- 5f:25:4b:d1:81:31:bb:74:d0:fc:92:41:d4:d2:63:b1:0b:96:
- 3c:da:b1:0b:1a:f6:6c:96:68:3b:36:6a:33:7c:c3:40:1b:7e:
- 4b:e5:dc:88:b4:25:2b:fe:0c:23:df:84:43:28:7c:39:d6:11:
- 22:23
------BEGIN CERTIFICATE-----
-MIICtTCCAh6gAwIBAgIBIzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0EyX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0EyX3RhNDAeFw0xMTAxMjgwMjU0MjRaFw0xMzEwMjQwMjU0MjRaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDJfdGE0MRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDJfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDL+llz
-XGfG8zoKedm4nc1u5b8peZ/XoB9gqruIXlUHrp5efkzxOiUbcmKBRCuUYC8kN7El
-ck8U46U47MWPVNThkHFDhtzRqaKEs6i+4u7OV2kp5WmszUXz6RqzOPKl4KCO2AwF
-Cr9e2CJnYAgQzjfLRrJ3/VYIfGLY/F1ppubf4wIDAQABo1MwUTAMBgNVHRMBAf8E
-AjAAMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmls
-ZS8wL3B1YkNBMl90YTRfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQBAsrdGl4w7
-qMjfWROvLKZZk/LUKG+/sT+se532qCm+FRpTjYY1RCVLtVnqVAdckZulm5Sm3txR
-vliNywf+GhoaEqWzhHX1nINfJUvRgTG7dND8kkHU0mOxC5Y82rELGvZslmg7Nmoz
-fMNAG35L5dyItCUr/gwj34RDKHw51hEiIw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_p3_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 25 (0x19)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA3_ta3/emailAddress=pubCA3_ta3
- Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p3_ta3/emailAddress=cs1_p3_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d6:d5:e1:f4:de:f3:97:61:e0:be:91:78:5f:65:
- f1:be:e1:60:cd:6d:77:93:49:f4:72:d7:18:6c:3c:
- 94:6a:a4:e8:fe:d5:48:70:f2:6b:ef:bf:e1:18:ab:
- 2f:93:8a:0a:7f:4d:47:61:46:08:9b:bd:2d:31:a2:
- b0:0e:0b:77:76:01:77:68:9f:c5:6e:ab:6c:6c:07:
- 2e:62:01:39:ef:43:8e:34:0b:dd:cb:47:ad:58:48:
- bb:1c:a8:df:db:ef:b4:1b:77:15:59:95:e6:14:2a:
- de:98:c7:79:58:e2:77:f7:f4:f4:08:79:21:99:16:
- 5a:5e:43:b0:3e:98:af:28:01
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- ae:c7:65:5a:78:09:d1:18:b1:ed:5e:2f:3b:7e:41:1f:93:b6:
- 43:7e:33:ab:43:cc:bd:5c:05:ae:b2:51:cc:28:db:22:aa:b5:
- 4c:35:90:09:4f:64:c0:62:04:83:fd:cd:7b:81:61:2e:63:0b:
- 0b:94:f1:b3:c0:d9:a9:91:e9:2a:df:f8:fb:02:01:6f:90:49:
- 15:0e:ac:54:21:5b:e8:9a:37:2f:d3:67:6a:90:21:e5:0d:4b:
- e2:b9:3e:21:c4:a9:5e:f6:91:57:53:77:ae:8e:01:e8:d2:3f:
- 52:fe:27:e9:56:36:eb:91:5e:63:03:8c:51:b7:c1:0e:78:3b:
- 54:38
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBGTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0EzX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0EzX3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDNfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDNfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDW1eH0
-3vOXYeC+kXhfZfG+4WDNbXeTSfRy1xhsPJRqpOj+1Uhw8mvvv+EYqy+Tigp/TUdh
-RgibvS0xorAOC3d2AXdon8Vuq2xsBy5iATnvQ440C93LR61YSLscqN/b77QbdxVZ
-leYUKt6Yx3lY4nf39PQIeSGZFlpeQ7A+mK8oAQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQCux2VaeAnRGLHt
-Xi87fkEfk7ZDfjOrQ8y9XAWuslHMKNsiqrVMNZAJT2TAYgSD/c17gWEuYwsLlPGz
-wNmpkekq3/j7AgFvkEkVDqxUIVvomjcv02dqkCHlDUviuT4hxKle9pFXU3eujgHo
-0j9S/ifpVjbrkV5jA4xRt8EOeDtUOA==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_p4_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 27 (0x1b)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA4_ta3/emailAddress=pubCA4_ta3
- Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p4_ta3/emailAddress=cs1_p4_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c8:26:36:d7:20:0b:17:ac:dc:e5:21:93:5f:12:
- cc:69:bc:3a:38:c8:78:8a:8c:f9:a8:6a:f3:25:ca:
- 24:ec:71:78:ea:52:45:15:c8:8c:96:0b:95:02:ed:
- 46:80:43:76:fd:e0:45:c8:34:26:ac:cd:c0:63:e7:
- d0:87:29:24:1a:d6:05:94:88:6d:0b:cd:1a:eb:c4:
- bf:5f:6f:01:d5:ab:a6:cf:01:61:aa:e9:77:93:f5:
- 9f:a1:78:7e:e0:5e:99:e0:c8:c8:cb:6b:7e:55:ab:
- 1b:a2:87:a0:d6:27:2d:3e:e1:f9:56:4a:c4:ca:cc:
- 41:f1:6a:59:cd:23:c4:93:13
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 6d:63:cd:fa:b7:a9:1e:6b:2f:31:e5:a5:84:4b:97:f2:ed:33:
- 21:a8:99:64:fe:72:97:a6:5e:a2:83:8c:20:fe:56:bc:6b:a5:
- 63:39:dd:6d:d7:c6:8c:0e:2c:9a:fb:ad:06:b8:be:6e:bd:f1:
- 54:02:ad:92:c8:52:23:ea:47:53:c3:9a:87:ff:62:56:d9:9e:
- 3b:6b:90:c9:e2:8c:e2:bc:f0:5c:25:b6:cd:a0:e2:cd:23:45:
- e3:b3:21:ad:ee:69:8b:fd:5a:8d:9f:89:29:59:e4:03:ff:be:
- 2f:e5:97:4c:bc:ee:8e:e4:a3:bb:48:6c:25:ed:2f:b3:92:f3:
- 39:80
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBGzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0E0X3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0E0X3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDRfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDRfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIJjbX
-IAsXrNzlIZNfEsxpvDo4yHiKjPmoavMlyiTscXjqUkUVyIyWC5UC7UaAQ3b94EXI
-NCaszcBj59CHKSQa1gWUiG0LzRrrxL9fbwHVq6bPAWGq6XeT9Z+heH7gXpngyMjL
-a35Vqxuih6DWJy0+4flWSsTKzEHxalnNI8STEwIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBtY836t6keay8x
-5aWES5fy7TMhqJlk/nKXpl6ig4wg/la8a6VjOd1t18aMDiya+60GuL5uvfFUAq2S
-yFIj6kdTw5qH/2JW2Z47a5DJ4ozivPBcJbbNoOLNI0XjsyGt7mmL/VqNn4kpWeQD
-/74v5ZdMvO6O5KO7SGwl7S+zkvM5gA==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_p5_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 29 (0x1d)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA5_ta3/emailAddress=pubCA5_ta3
- Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_p5_ta3/emailAddress=cs1_p5_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b3:b9:bc:52:49:6a:cc:8f:ca:8e:6d:1e:40:87:
- 3a:c6:c9:00:0b:93:e1:76:45:27:3e:d2:8c:db:2c:
- 06:35:f3:06:df:4b:e9:63:3e:0e:62:2d:9c:86:6f:
- 05:a3:90:6e:4e:b2:89:c7:c5:60:7a:8f:f0:7a:f8:
- 53:31:fe:e4:c3:e4:ae:09:67:4a:15:f5:ae:97:a1:
- 6c:1f:ec:0a:99:ea:25:4f:a7:fe:f8:e0:55:e1:23:
- ba:65:08:3b:42:ac:c6:b1:30:b5:c5:ed:10:5b:3e:
- 06:d0:63:fb:da:d2:39:e0:fa:b6:17:ac:cb:c0:ed:
- ae:54:cf:f9:73:e4:e8:e4:2d
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 26:bd:71:87:c8:bb:70:76:91:0f:7a:68:e5:4b:2c:80:ba:73:
- 7c:65:30:b5:16:4f:7a:0a:27:17:90:bc:74:c5:6a:c4:ab:3c:
- 3c:78:f5:87:ad:cf:68:1a:4e:1d:10:34:3f:b7:a5:18:d9:d3:
- f7:79:82:7d:16:08:77:d0:20:2c:cd:a1:2d:95:be:fb:d3:64:
- d4:07:b3:3f:51:a4:6f:77:dc:c3:a9:3a:f9:bc:10:49:80:5a:
- f6:2e:d1:c3:34:40:05:6a:65:7a:40:08:4a:e5:32:f3:de:0d:
- 87:7e:cf:fd:8b:a4:9d:2c:28:9c:ee:9d:f4:45:a4:9c:c6:0c:
- d0:25
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBHTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0E1X3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0E1X3RhMzAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcDVfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcDVfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzubxS
-SWrMj8qObR5AhzrGyQALk+F2RSc+0ozbLAY18wbfS+ljPg5iLZyGbwWjkG5OsonH
-xWB6j/B6+FMx/uTD5K4JZ0oV9a6XoWwf7AqZ6iVPp/744FXhI7plCDtCrMaxMLXF
-7RBbPgbQY/va0jng+rYXrMvA7a5Uz/lz5OjkLQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQAmvXGHyLtwdpEP
-emjlSyyAunN8ZTC1Fk96CicXkLx0xWrEqzw8ePWHrc9oGk4dEDQ/t6UY2dP3eYJ9
-Fgh30CAszaEtlb7702TUB7M/UaRvd9zDqTr5vBBJgFr2LtHDNEAFamV6QAhK5TLz
-3g2Hfs/9i6SdLCic7p30RaScxgzQJQ==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 6 (0x6)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
- Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_pubCA1/emailAddress=cs1_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d6:e0:78:fd:9b:ec:79:f0:02:f0:cc:7a:8b:63:
- e1:60:e3:41:a8:d8:0d:82:4a:2d:ee:6c:53:b0:6b:
- 21:50:42:06:2e:a6:af:3d:fa:e8:55:a0:79:54:31:
- cb:65:f8:03:e6:84:a9:3d:76:cc:7b:06:de:d3:25:
- 0e:e5:e3:99:18:7c:13:9e:73:3d:5c:88:7a:5d:f5:
- 58:54:08:cf:bf:fc:73:d0:ef:be:f5:04:fb:71:4b:
- 98:84:82:3a:61:f5:04:29:48:5d:3d:c2:73:56:33:
- 8e:0e:fc:0d:3a:1e:57:d9:a3:7c:c9:fd:db:27:8a:
- 1a:de:d4:13:53:ce:a2:12:79
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- e1:3a:ec:60:96:47:14:c0:7a:76:85:f9:54:21:ae:48:b9:d1:
- 33:a3:62:73:07:04:83:aa:4b:a7:6a:3f:a9:ff:8e:34:8c:38:
- c0:a4:38:c2:66:75:6f:67:20:31:1d:9b:bf:a7:19:52:c5:56:
- ff:5c:f1:a8:07:bc:66:7f:e0:49:23:18:af:fa:ca:c7:36:0b:
- 67:85:08:d3:35:61:44:ce:6b:d5:f2:92:a5:bc:98:d1:24:68:
- 3c:a9:0a:f7:71:a4:0b:41:fb:69:37:7c:78:d4:4b:18:ab:2b:
- 95:a9:19:cb:b7:01:53:65:cc:d4:22:a1:69:47:bd:e8:db:41:
- fe:82
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBBjANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gyX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gy
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczFfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjczFfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDW4Hj9
-m+x58ALwzHqLY+Fg40Go2A2CSi3ubFOwayFQQgYupq89+uhVoHlUMctl+APmhKk9
-dsx7Bt7TJQ7l45kYfBOecz1ciHpd9VhUCM+//HPQ7771BPtxS5iEgjph9QQpSF09
-wnNWM44O/A06HlfZo3zJ/dsnihre1BNTzqISeQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQDhOuxglkcUwHp2
-hflUIa5IudEzo2JzBwSDqkunaj+p/440jDjApDjCZnVvZyAxHZu/pxlSxVb/XPGo
-B7xmf+BJIxiv+srHNgtnhQjTNWFEzmvV8pKlvJjRJGg8qQr3caQLQftpN3x41EsY
-qyuVqRnLtwFTZczUIqFpR73o20H+gg==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ta2_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ta2_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,26 +1,26 @@
Certificate:
Data:
Version: 3 (0x2)
- Serial Number: 11 (0xb)
+ Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta2/emailAddress=cs1_ta2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:b8:c1:19:42:b1:26:a9:33:1f:1f:55:d0:4f:6d:
- 43:a3:55:75:c7:de:18:5a:69:cc:62:b2:a6:ec:f5:
- 78:19:31:5a:1a:d8:6c:d8:48:66:7d:15:d4:da:fe:
- dd:7c:42:a0:ae:22:d1:51:f5:22:54:49:7d:16:58:
- cf:82:b7:3e:45:c5:7e:da:84:28:f6:b3:5c:90:61:
- 27:0e:70:fe:fa:6c:3f:20:0a:a0:10:50:9c:75:a4:
- 02:62:d8:68:26:63:ba:21:10:89:39:ab:18:fa:10:
- 77:26:4f:ac:f1:50:41:fc:8c:f7:dc:e9:20:19:7c:
- 2c:fb:02:c7:40:6d:69:ff:05
+ 00:d1:4a:70:39:c8:22:72:ed:59:a6:45:f9:9a:cb:
+ 75:6d:95:17:d1:d5:fc:4c:98:77:5b:2b:18:94:98:
+ 0c:94:72:d5:52:76:65:ed:c7:84:a9:5d:37:fb:1b:
+ 54:f3:0a:e5:1f:fe:7f:9b:b2:30:7a:1a:4b:c1:9c:
+ 46:84:0d:9b:f9:59:c1:83:ce:9d:95:ec:f2:34:8f:
+ 2b:a7:07:fb:3c:58:64:4f:89:0d:ac:e3:92:03:dd:
+ 50:05:15:65:77:7f:ba:06:dc:f9:7b:e9:11:9a:16:
+ 55:a1:ce:6e:c7:d9:f5:ca:54:f3:da:40:08:dd:45:
+ f5:27:09:95:7e:51:ba:f7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
@@ -28,27 +28,27 @@
X509v3 Key Usage: critical
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
- 4b:b0:61:5b:c9:9a:81:8a:04:92:d4:98:39:fc:45:bd:34:90:
- cc:69:4f:86:09:47:3f:e9:26:e2:a0:e6:d4:63:53:32:85:48:
- de:1a:ef:43:bb:8d:19:29:5f:f8:13:bc:27:76:82:d2:77:6d:
- 80:68:e9:96:a3:cd:a3:d0:3c:b1:2a:94:54:7f:d9:95:61:07:
- f7:d9:84:67:ea:bf:23:10:1a:9a:23:f7:3b:aa:83:a4:3c:18:
- 12:95:11:18:fb:2e:93:7c:84:61:6c:50:7d:67:ac:44:39:f5:
- f2:9a:b0:89:f9:bd:71:e0:ae:bb:53:bc:ce:97:5e:ee:cd:14:
- ad:14
+ 5d:98:9c:96:be:80:58:ef:e7:53:c2:79:29:8c:e1:40:18:63:
+ 22:09:e6:ee:c2:a1:22:f9:50:ce:f2:9d:72:21:1d:0d:f9:2a:
+ 2d:a8:eb:9f:03:5d:df:45:88:a8:52:e2:b9:0c:b0:27:7f:42:
+ 8a:1c:45:a1:3b:24:ab:38:b4:e5:b2:ab:7c:d1:57:80:9e:be:
+ 18:3a:ff:49:57:b0:61:cc:cc:63:98:e8:7b:79:de:2b:db:39:
+ 44:df:8a:0d:ad:9c:ce:6e:b6:1f:3c:fa:ad:f7:ac:02:eb:08:
+ 59:34:e9:74:bd:2d:bb:5d:8d:80:5d:bb:3b:18:3d:d6:3b:d2:
+ 9d:47
-----BEGIN CERTIFICATE-----
-MIICbjCCAdegAwIBAgIBCzANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
+MIICbjCCAdegAwIBAgIBDzANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
ChMEcGtnNTEMMAoGA1UEAxMDdGEyMRIwEAYJKoZIhvcNAQkBFgN0YTIwHhcNMTEw
-MTI4MDI1NDEzWhcNMTMxMDI0MDI1NDEzWjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
+MzIxMDA0OTI2WhcNMTMxMjE1MDA0OTI2WjBwMQswCQYDVQQGEwJVUzETMBEGA1UE
CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
NTEQMA4GA1UEAxQHY3MxX3RhMjEWMBQGCSqGSIb3DQEJARYHY3MxX3RhMjCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuMEZQrEmqTMfH1XQT21Do1V1x94YWmnM
-YrKm7PV4GTFaGths2EhmfRXU2v7dfEKgriLRUfUiVEl9FljPgrc+RcV+2oQo9rNc
-kGEnDnD++mw/IAqgEFCcdaQCYthoJmO6IRCJOasY+hB3Jk+s8VBB/Iz33OkgGXws
-+wLHQG1p/wUCAwEAAaMgMB4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4Aw
-DQYJKoZIhvcNAQELBQADgYEAS7BhW8magYoEktSYOfxFvTSQzGlPhglHP+km4qDm
-1GNTMoVI3hrvQ7uNGSlf+BO8J3aC0ndtgGjplqPNo9A8sSqUVH/ZlWEH99mEZ+q/
-IxAamiP3O6qDpDwYEpURGPsuk3yEYWxQfWesRDn18pqwifm9ceCuu1O8zpde7s0U
-rRQ=
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0UpwOcgicu1ZpkX5mst1bZUX0dX8TJh3
+WysYlJgMlHLVUnZl7ceEqV03+xtU8wrlH/5/m7IwehpLwZxGhA2b+VnBg86dlezy
+NI8rpwf7PFhkT4kNrOOSA91QBRVld3+6Btz5e+kRmhZVoc5ux9n1ylTz2kAI3UX1
+JwmVflG697sCAwEAAaMgMB4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4Aw
+DQYJKoZIhvcNAQELBQADgYEAXZiclr6AWO/nU8J5KYzhQBhjIgnm7sKhIvlQzvKd
+ciEdDfkqLajrnwNd30WIqFLiuQywJ39CihxFoTskqzi05bKrfNFXgJ6+GDr/SVew
+YczMY5joe3neK9s5RN+KDa2czm62Hzz6rfesAusIWTTpdL0tu12NgF27Oxg91jvS
+nUc=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 31 (0x1f)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Validity
- Not Before: Jan 28 02:54:22 2011 GMT
- Not After : Oct 24 02:54:22 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta4/emailAddress=cs1_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:95:55:70:3f:0a:52:f5:90:a0:00:22:11:4d:bf:
- 05:f7:8b:55:2d:8a:1e:66:41:7f:4c:bd:55:09:d3:
- ba:67:0a:c8:80:36:85:a9:90:b2:d3:95:e5:e7:2a:
- f6:91:b6:b3:3c:81:ef:1c:0c:fb:85:91:51:0a:74:
- 05:97:9d:25:17:be:fe:0d:8c:b4:84:37:74:0a:b0:
- e0:f6:74:20:7d:2c:b1:3b:c0:0e:3f:fc:9c:05:26:
- be:0f:41:23:ff:d9:1d:a3:5d:08:f0:33:de:43:d3:
- d2:e5:f1:00:3d:aa:c2:24:cd:4f:35:cc:d1:9b:5b:
- e1:e0:61:11:93:26:e1:ba:ef
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/pubCA1_ta4_crl.pem
-
- Signature Algorithm: sha256WithRSAEncryption
- 45:36:7b:d8:11:49:e9:43:46:59:2a:a4:46:1f:43:37:1e:88:
- 7c:f6:35:f4:e3:b0:a5:8d:cf:77:80:94:84:01:5a:13:9d:1f:
- 84:d5:81:e1:9d:fd:8a:ef:ca:41:f2:df:9c:6f:d5:04:29:e6:
- 55:ab:0b:5c:40:88:a4:8e:d2:48:4b:12:d7:03:91:ec:75:4b:
- 40:b0:37:dd:8c:66:32:36:9c:1e:9d:56:6b:d3:40:91:ca:89:
- 1f:1f:3e:f9:71:e3:d6:d8:fe:09:34:03:dd:b5:3e:e8:66:be:
- 88:a4:3b:94:25:b5:a9:a8:49:d1:bb:44:1a:d3:40:d6:01:d3:
- 1f:58
------BEGIN CERTIFICATE-----
-MIICrzCCAhigAwIBAgIBHzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNDAeFw0xMTAxMjgwMjU0MjJaFw0xMzEwMjQwMjU0MjJaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczFfdGE0MRYwFAYJKoZIhvcNAQkB
-FgdjczFfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVVXA/ClL1kKAA
-IhFNvwX3i1Utih5mQX9MvVUJ07pnCsiANoWpkLLTleXnKvaRtrM8ge8cDPuFkVEK
-dAWXnSUXvv4NjLSEN3QKsOD2dCB9LLE7wA4//JwFJr4PQSP/2R2jXQjwM95D09Ll
-8QA9qsIkzU81zNGbW+HgYRGTJuG67wIDAQABo1MwUTAMBgNVHRMBAf8EAjAAMEEG
-A1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmlsZS8wL3B1
-YkNBMV90YTRfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQBFNnvYEUnpQ0ZZKqRG
-H0M3Hoh89jX047Cljc93gJSEAVoTnR+E1YHhnf2K78pB8t+cb9UEKeZVqwtcQIik
-jtJISxLXA5HsdUtAsDfdjGYyNpwenVZr00CRyokfHz75cePW2P4JNAPdtT7oZr6I
-pDuUJbWpqEnRu0Qa00DWAdMfWA==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs1_ta5_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 37 (0x25)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta5/emailAddress=pubCA1_ta5
- Validity
- Not Before: Jan 28 02:54:25 2011 GMT
- Not After : Oct 24 02:54:25 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs1_ta5/emailAddress=cs1_ta5
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c4:23:9b:a5:a6:bb:de:48:a0:b4:2e:2d:54:4f:
- e7:61:e4:9d:df:ad:01:7e:70:55:12:35:36:d4:71:
- e5:1f:fe:00:d9:0f:1b:de:62:57:2c:d7:46:67:28:
- 67:84:c7:b3:c3:99:6a:ec:89:c1:e9:d2:60:a8:48:
- d1:06:c9:68:c9:87:d6:82:88:aa:4c:33:d6:60:a4:
- bb:2b:38:0d:e8:11:ae:73:4c:b7:29:39:24:55:3d:
- c2:64:b0:54:e8:8d:67:1f:79:94:8d:6f:4c:95:cd:
- d6:00:9f:cb:f6:90:bd:07:52:f1:fe:16:b2:25:0e:
- 49:40:c0:cf:66:3c:9d:78:89
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 86:7e:5b:75:75:be:0f:f3:ba:dd:6c:2c:db:1b:70:e1:3c:30:
- 37:7b:86:54:ad:5a:01:cc:64:e5:c2:67:c8:75:53:7d:65:80:
- 0b:0a:b5:8c:71:e5:42:25:fc:5a:48:6e:e2:5c:ef:19:fe:c1:
- 02:01:16:a7:f0:07:bc:ed:62:3f:2e:b0:7f:c3:73:27:c6:92:
- 69:36:ef:90:fd:1a:f6:7d:f6:5a:98:be:c8:63:da:65:e2:41:
- 3a:0a:4b:40:b2:a7:90:8e:96:d6:8d:d5:4d:a8:a5:60:89:b0:
- 96:d6:c6:cf:d3:3e:8f:0d:4c:34:c9:e8:af:65:d8:6d:fe:ed:
- 88:d1
------BEGIN CERTIFICATE-----
-MIICfDCCAeWgAwIBAgIBJTANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNTEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNTAeFw0xMTAxMjgwMjU0MjVaFw0xMzEwMjQwMjU0MjVaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczFfdGE1MRYwFAYJKoZIhvcNAQkB
-FgdjczFfdGE1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEI5ulprveSKC0
-Li1UT+dh5J3frQF+cFUSNTbUceUf/gDZDxveYlcs10ZnKGeEx7PDmWrsicHp0mCo
-SNEGyWjJh9aCiKpMM9ZgpLsrOA3oEa5zTLcpOSRVPcJksFTojWcfeZSNb0yVzdYA
-n8v2kL0HUvH+FrIlDklAwM9mPJ14iQIDAQABoyAwHjAMBgNVHRMBAf8EAjAAMA4G
-A1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQCGflt1db4P87rdbCzbG3Dh
-PDA3e4ZUrVoBzGTlwmfIdVN9ZYALCrWMceVCJfxaSG7iXO8Z/sECARan8Ae87WI/
-LrB/w3MnxpJpNu+Q/Rr2ffZamL7IY9pl4kE6CktAsqeQjpbWjdVNqKVgibCW1sbP
-0z6PDUw0yeivZdht/u2I0Q==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs2_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,55 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 18 (0x12)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ch1_ta3/emailAddress=cs2_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d4:90:83:34:09:3e:04:2e:62:40:f3:44:99:9a:
+ 7b:07:be:79:f3:c6:f6:28:0a:51:df:da:aa:fe:b8:
+ d1:9b:1c:b5:73:6a:31:ba:d2:9f:22:44:b7:3b:d8:
+ f6:80:96:c0:4c:e4:6f:48:90:69:81:6c:84:94:68:
+ 33:74:62:9a:04:b0:1e:93:2c:4d:88:cd:9a:72:ce:
+ e9:53:3d:15:3e:73:2c:c9:f0:ed:87:a5:eb:cf:66:
+ 3c:40:3c:a0:76:ac:c8:69:20:b8:f5:a8:fd:17:7a:
+ 3c:eb:62:c9:a2:cc:56:6b:d8:b7:0c:ff:ed:f9:b1:
+ 13:af:c0:69:aa:8d:0f:50:f1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Issuer Alternative Name: critical
+ <EMPTY>
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 94:86:69:18:74:54:9a:9e:e3:69:24:c4:78:73:6c:e9:e5:b3:
+ 0f:22:4d:54:06:28:c3:bb:d5:ef:18:1c:ce:a1:d0:22:27:c8:
+ e3:79:29:7d:c4:32:73:a2:d4:03:f8:1d:ce:cc:08:87:e2:26:
+ b8:39:02:c0:e2:53:39:37:ad:76:d6:3c:54:87:71:ce:8e:df:
+ 01:2a:1d:96:6b:42:d5:0a:b6:0f:c7:9d:11:91:56:27:bf:2a:
+ 4e:14:72:22:21:96:be:7e:42:a1:59:27:3c:30:8d:bb:a9:4b:
+ 2b:75:d8:75:31:c4:e8:5b:cd:bc:2c:51:d4:62:72:45:29:e1:
+ c5:08
+-----BEGIN CERTIFICATE-----
+MIICfDCCAeWgAwIBAgIBEjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczJfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3MyX2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANSQgzQJPgQu
+YkDzRJmaewe+efPG9igKUd/aqv640ZsctXNqMbrSnyJEtzvY9oCWwEzkb0iQaYFs
+hJRoM3RimgSwHpMsTYjNmnLO6VM9FT5zLMnw7Yel689mPEA8oHasyGkguPWo/Rd6
+POtiyaLMVmvYtwz/7fmxE6/AaaqND1DxAgMBAAGjHjAcMAwGA1UdEwEB/wQCMAAw
+DAYDVR0SAQH/BAIwADANBgkqhkiG9w0BAQsFAAOBgQCUhmkYdFSanuNpJMR4c2zp
+5bMPIk1UBijDu9XvGBzOodAiJ8jjeSl9xDJzotQD+B3OzAiH4ia4OQLA4lM5N612
+1jxUh3HOjt8BKh2Wa0LVCrYPx50RkVYnvypOFHIiIZa+fkKhWSc8MI27qUsrddh1
+McToW828LFHUYnJFKeHFCA==
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs2_ch1_ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,67 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 36 (0x24)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ch1_ta4/emailAddress=cs2_ch1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:b9:d6:fb:d3:60:e9:bc:e3:70:c9:6d:1b:26:94:
+ ae:f4:76:b6:aa:d8:ef:1a:b6:17:3c:f5:9c:35:8b:
+ 28:55:c1:36:53:5a:1a:67:66:ee:34:4e:b7:f5:68:
+ 8c:8a:1c:af:b4:52:c2:5b:22:d2:d6:0c:ad:d3:40:
+ 89:a6:f5:d0:b9:12:1a:55:85:45:94:c6:3e:ac:b2:
+ 51:8a:75:05:d5:60:c8:c0:f9:fb:d8:0b:0b:7c:ad:
+ e1:b4:78:f4:fb:84:34:bb:1a:66:6e:e6:a6:90:4d:
+ 40:88:32:13:c3:cb:76:ac:02:eb:bb:04:24:9b:c5:
+ f8:b3:be:d1:44:ea:1f:f9:51
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 24:E7:DA:6E:C1:38:4D:41:8C:B0:C1:B2:D1:D2:C6:32:21:4F:57:52
+ X509v3 Authority Key Identifier:
+ keyid:AB:0B:EF:CE:AA:F0:43:97:3A:CD:58:D0:D9:C2:F9:C4:EB:8D:7C:FF
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:22
+
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/example_file
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 5e:7f:21:56:d9:dc:06:15:22:71:7c:3a:a6:37:dc:ba:e9:25:
+ c1:9e:8a:14:31:71:74:9d:bf:db:dd:88:db:da:ff:b1:05:bc:
+ 5b:1a:26:e0:f4:7d:c7:27:21:6c:e3:50:88:4f:2d:df:19:16:
+ 11:bf:5a:8e:fe:d6:ee:2c:53:cf:76:46:90:df:d3:e7:8c:94:
+ b1:b3:11:a8:4b:56:d3:22:85:13:39:92:cb:69:5f:3e:e6:66:
+ de:b1:b7:b1:6b:a8:60:cd:05:0a:6d:42:4e:f5:17:5d:62:e8:
+ f5:46:0a:51:3f:52:aa:aa:d6:a9:3a:6c:a9:af:98:da:fa:99:
+ 74:c1
+-----BEGIN CERTIFICATE-----
+MIIDYjCCAsugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NDAeFw0xMTAzMjEwMDQ5MzNaFw0xMzEyMTUwMDQ5MzNaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczJfY2gxX3RhNDEaMBgGCSqGSIb3DQEJARYL
+Y3MyX2NoMV90YTQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALnW+9Ng6bzj
+cMltGyaUrvR2tqrY7xq2Fzz1nDWLKFXBNlNaGmdm7jROt/VojIocr7RSwlsi0tYM
+rdNAiab10LkSGlWFRZTGPqyyUYp1BdVgyMD5+9gLC3yt4bR49PuENLsaZm7mppBN
+QIgyE8PLdqwC67sEJJvF+LO+0UTqH/lRAgMBAAGjggECMIH/MB0GA1UdDgQWBBQk
+59puwThNQYywwbLR0sYyIU9XUjCBkgYDVR0jBIGKMIGHgBSrC+/OqvBDlzrNWNDZ
+wvnE6418/6FspGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
+EzARBgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3Rh
+NDESMBAGCSqGSIb3DQEJARYDdGE0ggEiMAwGA1UdEwEB/wQCMAAwOwYDVR0fBDQw
+MjAwoC6gLIYqaHR0cDovL2xvY2FsaG9zdDoxMjAwMS9maWxlLzAvZXhhbXBsZV9m
+aWxlMA0GCSqGSIb3DQEBCwUAA4GBAF5/IVbZ3AYVInF8OqY33LrpJcGeihQxcXSd
+v9vdiNva/7EFvFsaJuD0fccnIWzjUIhPLd8ZFhG/Wo7+1u4sU892RpDf0+eMlLGz
+EahLVtMihRM5kstpXz7mZt6xt7FrqGDNBQptQk71F11i6PVGClE/Uqqq1qk6bKmv
+mNr6mXTB
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs2_ch5_ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,56 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 7 (0x7)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch5_ta1/emailAddress=ch5_ta1
+ Validity
+ Not Before: Mar 21 00:49:24 2011 GMT
+ Not After : Dec 15 00:49:24 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ch5_ta1/emailAddress=cs2_ch5_ta1
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:de:1f:a8:50:7e:6c:fc:18:0a:4a:ef:9e:9e:ef:
+ 1a:1c:87:54:8c:2f:09:55:b5:9d:2b:ae:be:ee:ca:
+ 30:bf:ed:97:c2:8e:4e:6a:29:e6:d0:98:1a:57:72:
+ 19:6d:b3:ad:2c:d0:f0:da:c4:f2:e1:81:27:b5:6a:
+ 35:4c:30:d3:d5:54:e7:b5:3b:04:04:63:b5:05:0a:
+ 50:35:44:19:14:7f:a9:ff:e1:24:e4:63:ef:81:f4:
+ 9e:42:4a:14:b2:b4:ef:ae:36:94:a3:ad:23:3f:67:
+ 2e:69:61:28:3a:2f:1b:9f:d8:f3:e3:76:f0:6c:88:
+ 95:41:33:71:51:f1:90:8f:1d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:http://localhost:12001/file/0/ch5_ta1_crl.pem
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 67:d1:ca:3f:b4:bc:18:78:03:7b:48:ce:90:a0:01:b9:44:f4:
+ 2a:08:25:94:f0:62:dc:4d:62:dc:8d:36:44:db:63:87:af:21:
+ 06:56:89:b8:e1:6b:31:58:e4:b3:94:57:86:ea:7c:89:0e:38:
+ 69:eb:9f:75:c2:79:55:b4:fc:e8:d9:45:0c:a1:52:8e:f2:d0:
+ b5:35:51:b9:e1:10:50:5a:f3:50:e7:93:76:11:a4:00:e6:38:
+ 59:0d:0d:0d:2e:e8:66:30:20:0e:b0:5b:00:aa:ac:7d:14:ec:
+ 60:02:c1:b9:38:28:1b:42:f9:20:c8:43:13:cc:7e:86:33:eb:
+ 10:70
+-----BEGIN CERTIFICATE-----
+MIICrjCCAhegAwIBAgIBBzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2g1X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g1X3Rh
+MTAeFw0xMTAzMjEwMDQ5MjRaFw0xMzEyMTUwMDQ5MjRaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczJfY2g1X3RhMTEaMBgGCSqGSIb3DQEJARYL
+Y3MyX2NoNV90YTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN4fqFB+bPwY
+Ckrvnp7vGhyHVIwvCVW1nSuuvu7KML/tl8KOTmop5tCYGldyGW2zrSzQ8NrE8uGB
+J7VqNUww09VU57U7BARjtQUKUDVEGRR/qf/hJORj74H0nkJKFLK07642lKOtIz9n
+LmlhKDovG5/Y8+N28GyIlUEzcVHxkI8dAgMBAAGjUDBOMAwGA1UdEwEB/wQCMAAw
+PgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2xvY2FsaG9zdDoxMjAwMS9maWxlLzAv
+Y2g1X3RhMV9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4GBAGfRyj+0vBh4A3tIzpCg
+AblE9CoIJZTwYtxNYtyNNkTbY4evIQZWibjhazFY5LOUV4bqfIkOOGnrn3XCeVW0
+/OjZRQyhUo7y0LU1UbnhEFBa81Dnk3YRpADmOFkNDQ0u6GYwIA6wWwCqrH0U7GAC
+wbk4KBtC+SDIQxPMfoYz6xBw
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs2_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 14 (0xe)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:18 2011 GMT
- Not After : Oct 24 02:54:18 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_p1_ta3/emailAddress=cs2_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:bd:d7:4b:2b:72:c6:0b:98:3b:3d:ec:72:3f:64:
- 78:bf:a2:c5:47:c1:20:2c:2c:b4:e5:0e:2c:be:aa:
- 7c:ec:9f:ea:ec:06:24:fa:e3:0d:64:ce:4c:59:84:
- 4c:c9:65:40:1f:d0:74:de:1b:90:49:ab:70:22:b7:
- 9b:ae:13:98:df:66:44:b4:2c:82:8b:c8:43:54:c0:
- e3:bf:71:61:5a:96:4f:ef:86:f7:e0:d6:84:5d:81:
- 40:0f:1d:d5:25:98:fb:19:52:4b:40:39:3e:2a:d2:
- 2f:f6:15:7f:94:19:19:44:d7:85:c4:b5:9e:2a:e2:
- e3:ca:8d:a4:8f:84:22:b8:0d
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Issuer Alternative Name: critical
- <EMPTY>
-
- Signature Algorithm: sha256WithRSAEncryption
- 12:18:e4:2e:db:dc:d1:db:98:c7:15:88:5e:10:47:9d:89:55:
- b8:43:44:2b:30:ff:ca:b9:19:74:ff:f3:05:c3:60:bb:f9:3a:
- 5e:61:41:da:a3:03:59:cd:ae:39:d0:0b:83:e3:df:19:e5:1a:
- 92:79:09:d6:6d:e4:00:4c:32:45:cf:7f:3e:bc:96:c6:2e:7d:
- 80:d5:ae:11:c6:3d:4c:81:bb:97:39:9f:55:74:36:d5:19:63:
- ea:25:43:bc:8e:ab:88:86:e7:53:8f:e8:30:9a:51:3e:f1:6f:
- a2:21:43:b5:c8:d8:0b:84:65:a8:d5:06:55:f4:38:b9:35:90:
- ee:47
------BEGIN CERTIFICATE-----
-MIICgDCCAemgAwIBAgIBDjANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MThaFw0xMzEwMjQwMjU0MThaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczJfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczJfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC910sr
-csYLmDs97HI/ZHi/osVHwSAsLLTlDiy+qnzsn+rsBiT64w1kzkxZhEzJZUAf0HTe
-G5BJq3Ait5uuE5jfZkS0LIKLyENUwOO/cWFalk/vhvfg1oRdgUAPHdUlmPsZUktA
-OT4q0i/2FX+UGRlE14XEtZ4q4uPKjaSPhCK4DQIDAQABox4wHDAMBgNVHRMBAf8E
-AjAAMAwGA1UdEgEB/wQCMAAwDQYJKoZIhvcNAQELBQADgYEAEhjkLtvc0duYxxWI
-XhBHnYlVuENEKzD/yrkZdP/zBcNgu/k6XmFB2qMDWc2uOdALg+PfGeUaknkJ1m3k
-AEwyRc9/PryWxi59gNWuEcY9TIG7lzmfVXQ21Rlj6iVDvI6riIbnU4/oMJpRPvFv
-oiFDtcjYC4RlqNUGVfQ4uTWQ7kc=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs2_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 7 (0x7)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
- Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_pubCA1/emailAddress=cs2_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d1:1e:d4:1f:8e:07:3a:4f:d3:23:c7:80:1a:ea:
- 17:87:6b:38:d4:f8:1c:9b:1d:22:de:41:47:d0:dd:
- 65:9f:63:92:a1:a0:a4:58:22:53:dd:68:bd:86:a8:
- 88:a3:a9:64:15:fb:b2:75:6a:bb:cd:f0:d8:11:40:
- 80:ce:2a:55:8f:15:d4:86:f9:2a:47:81:e1:1f:89:
- 02:4d:ce:7f:9a:34:b3:87:08:d3:fd:1f:db:02:09:
- 9c:c6:e6:83:f6:79:78:97:cc:aa:e8:47:0b:d2:f7:
- 9d:55:31:50:e4:ae:d6:24:b2:f5:57:bf:0e:76:ae:
- f7:9c:c0:04:66:b0:3e:7c:4f
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/pubCA1_ta1_crl.pem
-
- Signature Algorithm: sha256WithRSAEncryption
- 89:bf:be:5d:02:b5:ce:54:5d:07:30:23:a2:bf:4d:9f:28:97:
- e1:71:2a:fa:28:42:9e:21:db:7f:e2:58:9e:a2:09:37:6c:85:
- cc:02:8b:fc:8b:d7:f1:d3:86:93:64:7e:bd:4c:6f:1d:90:30:
- b4:b0:f7:57:81:0a:f1:1d:1d:9c:8b:a4:da:1b:9a:ff:0f:4b:
- e4:75:04:10:b1:a8:65:3a:08:2e:02:ae:eb:c6:8f:c0:d9:9c:
- 40:df:0d:58:a6:3f:11:bd:68:a5:2c:58:b9:02:b2:21:d4:e3:
- c8:da:68:52:fd:26:31:34:8a:19:8d:e0:87:c7:23:46:40:92:
- ba:31
------BEGIN CERTIFICATE-----
-MIICtTCCAh6gAwIBAgIBBzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gyX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gy
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczJfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjczJfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRHtQf
-jgc6T9Mjx4Aa6heHazjU+BybHSLeQUfQ3WWfY5KhoKRYIlPdaL2GqIijqWQV+7J1
-arvN8NgRQIDOKlWPFdSG+SpHgeEfiQJNzn+aNLOHCNP9H9sCCZzG5oP2eXiXzKro
-RwvS951VMVDkrtYksvVXvw52rvecwARmsD58TwIDAQABo1MwUTAMBgNVHRMBAf8E
-AjAAMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmls
-ZS8wL3B1YkNBMV90YTFfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQCJv75dArXO
-VF0HMCOiv02fKJfhcSr6KEKeIdt/4lieogk3bIXMAov8i9fx04aTZH69TG8dkDC0
-sPdXgQrxHR2ci6TaG5r/D0vkdQQQsahlOgguAq7rxo/A2ZxA3w1Ypj8RvWilLFi5
-ArIh1OPI2mhS/SYxNIoZjeCHxyNGQJK6MQ==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs2_ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,67 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 32 (0x20)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Validity
- Not Before: Jan 28 02:54:23 2011 GMT
- Not After : Oct 24 02:54:23 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs2_ta4/emailAddress=cs2_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:97:56:b9:2f:de:53:80:7f:22:c6:a7:29:ce:40:
- 5e:85:76:ad:87:36:38:f2:31:66:99:32:e0:34:2e:
- bd:10:a9:26:f5:1e:dc:27:6e:57:4e:9d:37:1b:ad:
- 14:d2:ba:60:44:2c:13:b2:fc:61:25:33:6f:a9:9e:
- d4:4a:52:28:16:51:3d:6c:3a:f1:43:80:6b:c1:69:
- d7:71:3a:6e:f7:04:8a:ae:2e:95:70:2a:fc:f0:25:
- 50:9d:c6:bd:04:4b:89:1c:ae:22:83:cb:45:2e:d3:
- 7b:74:c4:92:77:ff:bf:5b:a9:73:99:16:30:c9:26:
- c2:16:b9:c2:63:93:e6:5b:a7
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 55:DA:B0:E8:E1:F8:5F:D8:68:15:30:36:72:6A:69:CF:9D:A5:F3:FC
- X509v3 Authority Key Identifier:
- keyid:D3:DE:A8:63:F4:5C:5D:8E:DD:53:9F:D7:9E:90:14:71:D1:21:88:4B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:1E
-
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/example_file
-
- Signature Algorithm: sha256WithRSAEncryption
- a4:03:ef:02:5d:84:d8:d3:87:f1:57:35:ae:ec:f1:10:22:4c:
- 26:35:fc:8c:25:c3:2e:e6:5b:0c:46:1a:bf:19:8f:af:b4:f3:
- ad:3e:f0:e2:f5:86:6e:67:fa:d7:9e:d3:db:27:64:df:a5:90:
- 5f:b7:65:8a:47:8a:76:fb:7c:d9:3d:d3:39:17:bc:cc:d6:fc:
- 43:d3:9a:db:8d:10:35:56:7d:88:0e:2c:e8:37:fd:dd:2a:bc:
- de:79:9e:e2:04:d5:7f:93:fb:1f:e2:de:ca:66:27:10:c5:ea:
- b2:41:1b:c0:55:04:37:aa:52:65:9c:d1:cd:39:04:e6:6c:45:
- e0:18
------BEGIN CERTIFICATE-----
-MIIDYDCCAsmgAwIBAgIBIDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNDAeFw0xMTAxMjgwMjU0MjNaFw0xMzEwMjQwMjU0MjNaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczJfdGE0MRYwFAYJKoZIhvcNAQkB
-FgdjczJfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXVrkv3lOAfyLG
-pynOQF6Fdq2HNjjyMWaZMuA0Lr0QqSb1HtwnbldOnTcbrRTSumBELBOy/GElM2+p
-ntRKUigWUT1sOvFDgGvBaddxOm73BIquLpVwKvzwJVCdxr0ES4kcriKDy0Uu03t0
-xJJ3/79bqXOZFjDJJsIWucJjk+ZbpwIDAQABo4IBAjCB/zAdBgNVHQ4EFgQUVdqw
-6OH4X9hoFTA2cmppz52l8/wwgZIGA1UdIwSBijCBh4AU096oY/RcXY7dU5/XnpAU
-cdEhiEuhbKRqMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMw
-EQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQx
-EjAQBgkqhkiG9w0BCQEWA3RhNIIBHjAMBgNVHRMBAf8EAjAAMDsGA1UdHwQ0MDIw
-MKAuoCyGKmh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmlsZS8wL2V4YW1wbGVfZmls
-ZTANBgkqhkiG9w0BAQsFAAOBgQCkA+8CXYTY04fxVzWu7PEQIkwmNfyMJcMu5lsM
-Rhq/GY+vtPOtPvDi9YZuZ/rXntPbJ2TfpZBft2WKR4p2+3zZPdM5F7zM1vxD05rb
-jRA1Vn2IDizoN/3dKrzeeZ7iBNV/k/sf4t7KZicQxeqyQRvAVQQ3qlJlnNHNOQTm
-bEXgGA==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs3_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 19 (0x13)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2009 GMT
+ Not After : Jan 2 01:01:01 2009 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_ch1_ta3/emailAddress=cs3_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bb:c7:fd:cb:1f:d5:2b:00:7f:dc:00:fe:45:5c:
+ 7d:27:a3:8b:18:da:3f:d2:36:0c:57:2b:c4:48:be:
+ 97:01:f1:71:ce:b9:80:e6:0f:d2:3b:36:2d:25:57:
+ 41:1e:e7:7b:2e:5c:d2:ac:17:fc:ae:45:11:7f:bc:
+ d0:32:a0:e3:09:01:29:27:7a:dd:d2:fc:13:9a:ea:
+ d8:d1:6c:be:73:b3:05:a8:fc:39:05:f7:cd:b0:f9:
+ f2:b8:a4:5c:f9:c3:23:2b:05:4e:fe:da:22:42:80:
+ 70:36:66:b9:f4:6a:00:ae:eb:90:60:ee:e8:fc:40:
+ 6f:3c:38:b5:41:5b:bd:3a:ed
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 0f:9a:2f:85:f1:58:fd:7f:5b:bf:af:dd:ea:c2:fb:6e:8f:ca:
+ 8f:0b:26:91:01:66:20:df:5c:39:e8:97:c3:7c:fa:c4:8f:13:
+ d6:06:7e:6e:51:49:2b:8a:e7:03:b5:6d:68:2a:18:88:a6:05:
+ 07:c2:9c:28:5b:43:60:32:4e:3e:7d:a0:6e:3f:43:b4:c9:a9:
+ 77:7e:bb:01:68:04:96:18:9e:48:c5:0c:d1:f4:3d:3b:69:ed:
+ 57:29:3d:aa:d1:64:5f:f0:07:a7:74:72:11:d8:0b:62:69:c4:
+ 7d:ca:0c:5d:07:0d:b0:06:62:bc:53:32:e9:5f:a5:5b:28:11:
+ bc:bc
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBEzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0wOTAxMDEwMTAxMDFaFw0wOTAxMDIwMTAxMDFaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczNfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3MzX2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvH/csf1SsA
+f9wA/kVcfSejixjaP9I2DFcrxEi+lwHxcc65gOYP0js2LSVXQR7ney5c0qwX/K5F
+EX+80DKg4wkBKSd63dL8E5rq2NFsvnOzBaj8OQX3zbD58rikXPnDIysFTv7aIkKA
+cDZmufRqAK7rkGDu6PxAbzw4tUFbvTrtAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBAA+aL4XxWP1/W7+v3erC
++26Pyo8LJpEBZiDfXDnol8N8+sSPE9YGfm5RSSuK5wO1bWgqGIimBQfCnChbQ2Ay
+Tj59oG4/Q7TJqXd+uwFoBJYYnkjFDNH0PTtp7VcpParRZF/wB6d0chHYC2JpxH3K
+DF0HDbAGYrxTMulfpVsoEby8
+-----END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs3_ch1_ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,66 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 37 (0x25)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta4/emailAddress=ch1_ta4
+ Validity
+ Not Before: Mar 21 00:49:33 2011 GMT
+ Not After : Dec 15 00:49:33 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_ch1_ta4/emailAddress=cs3_ch1_ta4
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:aa:7f:01:31:5c:b9:d2:b5:8d:5c:1c:7f:e9:66:
+ f3:6b:2f:68:cb:3c:8a:4b:28:5e:e6:fb:45:1a:75:
+ d9:0e:cb:a3:41:19:05:05:dd:98:1d:51:f9:78:37:
+ 2a:7f:fa:26:06:27:38:6d:8d:85:5a:b1:8d:08:6a:
+ e2:ac:43:2f:44:f7:02:93:c9:89:c9:83:09:d1:04:
+ 06:0a:2d:c7:28:fa:77:c9:24:7a:6a:44:ac:c6:dd:
+ a2:a0:78:42:0d:d4:c0:5f:a1:b5:b6:e0:5a:f0:5f:
+ 54:83:fe:5d:26:a2:93:3d:94:f8:eb:8b:1c:11:45:
+ e8:e7:08:77:f4:ec:cd:94:d1
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 54:C5:1A:1B:47:F4:1C:20:E1:32:B5:40:10:AB:8B:D6:40:28:99:08
+ X509v3 Authority Key Identifier:
+ keyid:AB:0B:EF:CE:AA:F0:43:97:3A:CD:58:D0:D9:C2:F9:C4:EB:8D:7C:FF
+ DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
+ serial:22
+
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 CRL Distribution Points:
+ URI:foo://bar/baz
+
+ Signature Algorithm: sha256WithRSAEncryption
+ 19:a0:c3:d1:c4:07:ec:73:8c:57:b0:5a:f9:29:b2:d0:89:62:
+ 25:9a:f0:95:fc:dc:99:6d:d6:2d:d0:22:3f:64:14:af:c8:1f:
+ 60:09:3e:ca:7b:2a:9a:32:71:bc:0c:85:24:81:15:14:b0:2a:
+ 97:93:ee:e3:c8:6e:c6:5d:69:84:f2:27:49:45:06:18:8b:82:
+ b8:ca:ad:6a:48:c2:4f:5a:1a:93:6d:f0:56:ca:60:9c:42:f6:
+ 6e:9a:c8:a9:5b:ca:7f:c3:1c:96:9a:3a:60:2d:64:7a:29:1e:
+ 59:c0:bc:63:ff:aa:1f:06:74:ce:26:81:cd:67:b6:b2:79:3d:
+ 30:c0
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAq2gAwIBAgIBJTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+NDAeFw0xMTAzMjEwMDQ5MzNaFw0xMzEyMTUwMDQ5MzNaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczNfY2gxX3RhNDEaMBgGCSqGSIb3DQEJARYL
+Y3MzX2NoMV90YTQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKp/ATFcudK1
+jVwcf+lm82svaMs8iksoXub7RRp12Q7Lo0EZBQXdmB1R+Xg3Kn/6JgYnOG2NhVqx
+jQhq4qxDL0T3ApPJicmDCdEEBgotxyj6d8kkempErMbdoqB4Qg3UwF+htbbgWvBf
+VIP+XSaikz2U+OuLHBFF6OcId/TszZTRAgMBAAGjgeUwgeIwHQYDVR0OBBYEFFTF
+GhtH9Bwg4TK1QBCri9ZAKJkIMIGSBgNVHSMEgYowgYeAFKsL786q8EOXOs1Y0NnC
++cTrjXz/oWykajBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTET
+MBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGE0
+MRIwEAYJKoZIhvcNAQkBFgN0YTSCASIwDAYDVR0TAQH/BAIwADAeBgNVHR8EFzAV
+MBOgEaAPhg1mb286Ly9iYXIvYmF6MA0GCSqGSIb3DQEBCwUAA4GBABmgw9HEB+xz
+jFewWvkpstCJYiWa8JX83Jlt1i3QIj9kFK/IH2AJPsp7KpoycbwMhSSBFRSwKpeT
+7uPIbsZdaYTyJ0lFBhiLgrjKrWpIwk9aGpNt8FbKYJxC9m6ayKlbyn/DHJaaOmAt
+ZHopHlnAvGP/qh8GdM4mgc1ntrJ5PTDA
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs3_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 15 (0xf)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 1 01:01:01 2009 GMT
- Not After : Jan 2 01:01:01 2009 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_p1_ta3/emailAddress=cs3_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:cd:90:51:4d:d8:59:5e:67:1d:1b:3d:b6:b7:1c:
- ff:05:97:c5:12:37:91:68:81:11:2b:85:ce:55:b8:
- 7a:99:72:c3:53:4a:4e:b6:82:01:7a:44:d1:b4:ea:
- 12:e0:1f:6a:36:5c:c1:f9:56:a4:cb:a2:ff:4a:d8:
- cc:fb:c1:19:3a:0c:e8:c0:3a:ac:f5:d2:32:1c:4e:
- 2d:16:60:df:84:ae:3e:7b:b5:c3:5c:ac:da:5a:b9:
- bc:61:25:c1:ec:d7:df:f9:34:c0:5f:f4:45:56:a1:
- a1:f3:43:e1:ac:61:24:c7:ee:ba:89:6f:fa:36:b3:
- 7d:3a:b1:be:fa:b2:3f:53:15
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 49:8f:d8:83:5e:c9:fa:54:40:51:5f:01:ee:23:32:9a:88:c6:
- c2:57:49:42:61:38:2c:62:86:05:bc:7a:2f:85:5a:e9:d5:73:
- 8e:1d:3f:07:34:bf:69:41:a1:9b:7a:77:50:9f:b0:4a:c7:af:
- bd:c8:e6:bd:9e:ad:85:85:98:12:e9:ce:0c:e3:3d:55:61:6b:
- e7:e2:36:79:d4:78:0f:da:ea:b8:7e:18:33:80:48:1f:b8:25:
- f1:30:d5:a1:59:86:29:5c:dd:a3:74:27:b4:fa:90:06:43:bb:
- 01:a1:72:af:7c:fc:e8:00:fa:6c:ed:7d:55:77:54:13:67:94:
- 6a:31
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBDzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0wOTAxMDEwMTAxMDFaFw0wOTAxMDIwMTAxMDFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczNfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczNfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNkFFN
-2FleZx0bPba3HP8Fl8USN5FogRErhc5VuHqZcsNTSk62ggF6RNG06hLgH2o2XMH5
-VqTLov9K2Mz7wRk6DOjAOqz10jIcTi0WYN+Erj57tcNcrNpaubxhJcHs19/5NMBf
-9EVWoaHzQ+GsYSTH7rqJb/o2s306sb76sj9TFQIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBJj9iDXsn6VEBR
-XwHuIzKaiMbCV0lCYTgsYoYFvHovhVrp1XOOHT8HNL9pQaGbendQn7BKx6+9yOa9
-nq2FhZgS6c4M4z1VYWvn4jZ51HgP2uq4fhgzgEgfuCXxMNWhWYYpXN2jdCe0+pAG
-Q7sBoXKvfPzoAPps7X1Vd1QTZ5RqMQ==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs3_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 8 (0x8)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2_pubCA1/emailAddress=ch2_pubCA1
- Validity
- Not Before: Jan 28 02:54:11 2011 GMT
- Not After : Oct 24 02:54:11 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_pubCA1/emailAddress=cs3_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:da:26:a1:68:66:ec:6f:7f:7c:94:94:0f:74:17:
- 52:0e:41:86:ae:43:40:f1:ea:c0:af:e8:51:03:96:
- 82:4e:35:d4:44:a0:0d:0d:67:2b:44:bf:81:5c:87:
- 9a:62:42:59:0e:97:81:75:35:6e:18:67:7e:95:41:
- 47:5c:51:f6:5a:27:dc:b9:2a:2a:ea:5b:6c:b9:59:
- 78:7c:fb:ff:59:67:5d:35:8b:b7:90:71:29:68:80:
- c8:b0:ad:37:60:96:21:34:79:25:41:20:f8:40:e4:
- 32:90:c0:16:81:c3:b3:47:9f:02:bb:15:7d:32:6d:
- 5d:75:04:45:cf:23:b5:8e:95
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/ch1_pubCA1_crl.pem
-
- Signature Algorithm: sha256WithRSAEncryption
- dd:86:89:f4:bb:73:30:c8:1d:74:90:de:cc:b0:7b:a5:0c:30:
- 02:d1:b9:f1:65:c0:f7:2b:cb:60:3b:87:73:ad:dd:0c:fe:d7:
- 7f:93:8f:63:ce:fd:de:30:06:30:1d:b4:40:65:86:a8:19:da:
- d6:ac:2f:bb:65:49:51:38:6b:44:fb:69:5e:03:e6:c3:80:86:
- fd:46:4d:c1:4d:c9:7b:85:92:b9:9b:75:72:43:94:75:73:73:
- 06:45:33:3a:5b:16:d0:c3:26:58:39:9c:e6:bf:df:48:b8:72:
- c3:8a:d3:10:cc:9c:c4:91:e9:85:b6:5e:5d:88:f0:94:df:20:
- 9f:33
------BEGIN CERTIFICATE-----
-MIICtTCCAh6gAwIBAgIBCDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKY2gyX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gy
-X3B1YkNBMTAeFw0xMTAxMjgwMjU0MTFaFw0xMzEwMjQwMjU0MTFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczNfcHViQ0ExMRkwFwYJKoZIhvcN
-AQkBFgpjczNfcHViQ0ExMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaJqFo
-Zuxvf3yUlA90F1IOQYauQ0Dx6sCv6FEDloJONdREoA0NZytEv4Fch5piQlkOl4F1
-NW4YZ36VQUdcUfZaJ9y5KirqW2y5WXh8+/9ZZ101i7eQcSlogMiwrTdgliE0eSVB
-IPhA5DKQwBaBw7NHnwK7FX0ybV11BEXPI7WOlQIDAQABo1MwUTAMBgNVHRMBAf8E
-AjAAMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9sb2NhbGhvc3Q6MTIwMDEvZmls
-ZS8wL2NoMV9wdWJDQTFfY3JsLnBlbTANBgkqhkiG9w0BAQsFAAOBgQDdhon0u3Mw
-yB10kN7MsHulDDAC0bnxZcD3K8tgO4dzrd0M/td/k49jzv3eMAYwHbRAZYaoGdrW
-rC+7ZUlROGtE+2leA+bDgIb9Rk3BTcl7hZK5m3VyQ5R1c3MGRTM6WxbQwyZYOZzm
-v99IuHLDitMQzJzEkemFtl5diPCU3yCfMw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs3_ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,66 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 33 (0x21)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Validity
- Not Before: Jan 28 02:54:24 2011 GMT
- Not After : Oct 24 02:54:24 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs3_ta4/emailAddress=cs3_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:df:30:e0:c4:9f:26:44:f8:b3:84:3f:7a:f8:a9:
- 76:a5:47:03:03:2f:c9:56:78:95:3c:0a:57:da:06:
- 2d:45:bf:fd:b3:72:5c:e9:89:44:c7:cd:4e:de:a1:
- c7:02:33:c2:26:4e:06:34:77:62:5e:85:2f:79:e9:
- 9b:91:de:c2:24:dc:b7:7c:b3:9d:fe:41:66:26:6c:
- 8f:37:31:d1:43:ee:ec:8b:ba:b8:86:38:7a:9d:79:
- 65:ac:f6:ca:fe:a8:ff:36:6a:7c:46:54:80:b7:90:
- 82:fd:87:85:ac:1a:9a:0d:81:2f:f8:fb:4d:d3:72:
- a3:86:5a:85:0f:21:a2:94:b9
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 11:88:8F:A2:52:4A:58:E7:DF:84:EC:BF:D8:4F:8B:88:81:5A:A4:B0
- X509v3 Authority Key Identifier:
- keyid:D3:DE:A8:63:F4:5C:5D:8E:DD:53:9F:D7:9E:90:14:71:D1:21:88:4B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:1E
-
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 CRL Distribution Points:
- URI:foo://bar/baz
-
- Signature Algorithm: sha256WithRSAEncryption
- ac:a1:4c:cc:d5:75:ae:d4:85:75:01:b3:f6:a0:88:d0:48:25:
- 1b:ca:76:6e:2c:69:df:da:1e:53:89:4e:ed:31:64:a9:a5:96:
- 25:63:15:a1:f5:49:fa:a7:21:5e:8d:84:82:75:74:31:0b:24:
- 03:2d:c0:96:66:f8:40:fb:a4:ca:de:44:1a:a7:ab:08:27:ea:
- f5:eb:a6:fe:34:a8:8b:61:95:53:51:e7:01:3d:ba:a9:93:be:
- 49:71:11:0d:dd:02:b7:97:15:ff:e6:8d:98:58:0d:fb:4d:5c:
- e0:28:db:8e:34:3c:40:14:85:84:2d:38:24:56:2d:5c:5f:ac:
- 64:a9
------BEGIN CERTIFICATE-----
-MIIDQjCCAqugAwIBAgIBITANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhNDAeFw0xMTAxMjgwMjU0MjRaFw0xMzEwMjQwMjU0MjRaMHAxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRAwDgYDVQQDFAdjczNfdGE0MRYwFAYJKoZIhvcNAQkB
-FgdjczNfdGE0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfMODEnyZE+LOE
-P3r4qXalRwMDL8lWeJU8ClfaBi1Fv/2zclzpiUTHzU7eoccCM8ImTgY0d2JehS95
-6ZuR3sIk3Ld8s53+QWYmbI83MdFD7uyLuriGOHqdeWWs9sr+qP82anxGVIC3kIL9
-h4WsGpoNgS/4+03TcqOGWoUPIaKUuQIDAQABo4HlMIHiMB0GA1UdDgQWBBQRiI+i
-UkpY59+E7L/YT4uIgVqksDCBkgYDVR0jBIGKMIGHgBTT3qhj9Fxdjt1Tn9eekBRx
-0SGIS6FspGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzAR
-BgNVBAcTCk1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhNDES
-MBAGCSqGSIb3DQEJARYDdGE0ggEeMAwGA1UdEwEB/wQCMAAwHgYDVR0fBBcwFTAT
-oBGgD4YNZm9vOi8vYmFyL2JhejANBgkqhkiG9w0BAQsFAAOBgQCsoUzM1XWu1IV1
-AbP2oIjQSCUbynZuLGnf2h5TiU7tMWSppZYlYxWh9Un6pyFejYSCdXQxCyQDLcCW
-ZvhA+6TK3kQap6sIJ+r166b+NKiLYZVTUecBPbqpk75JcREN3QK3lxX/5o2YWA37
-TVzgKNuONDxAFIWELTgkVi1cX6xkqQ==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs4_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 20 (0x14)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Jan 1 01:01:01 2035 GMT
+ Not After : Jan 2 01:01:01 2035 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs4_ch1_ta3/emailAddress=cs4_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:e2:a3:68:41:2d:e9:bf:94:11:27:37:94:63:8c:
+ 27:88:88:90:7c:76:b7:61:8a:e4:00:39:5d:b3:7a:
+ 27:a4:1b:25:7a:d6:4c:79:f2:82:c5:8d:93:0a:21:
+ 5c:f5:37:fc:c3:c5:86:0c:02:37:8d:0f:ed:80:ad:
+ 8f:3b:1d:9d:9b:99:03:52:99:7d:c0:9e:e7:7a:4e:
+ 81:e9:fe:06:9e:94:78:38:29:97:a6:02:8a:35:ee:
+ bc:d9:99:3c:c0:93:11:53:71:35:57:fd:2d:ea:b0:
+ a6:43:d8:04:d8:ef:55:61:fe:b6:33:23:aa:c5:fb:
+ 43:61:ff:ac:02:90:b9:a3:7d
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 2c:43:e8:be:8b:6f:45:f2:ae:4a:ce:f8:dc:5f:bb:0f:86:db:
+ 5b:a7:81:30:2e:92:a8:15:3a:4a:97:cf:48:48:c6:d4:d6:ce:
+ 4c:7f:b0:fe:74:36:9b:7c:0c:27:9c:af:4e:51:1a:7e:aa:52:
+ 5e:f8:06:10:6f:38:d1:47:8b:dd:08:53:e8:66:e5:34:84:d1:
+ 5b:6c:9d:ff:38:c1:af:17:3a:c9:bd:91:c7:f1:f0:b1:35:38:
+ 36:5b:45:44:12:9c:a4:36:d7:4a:2a:34:3a:c2:20:ec:a3:99:
+ e1:e8:b4:e5:1c:38:16:30:e7:cf:4d:92:0d:9b:9f:71:5e:9f:
+ 31:1e
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBFDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0zNTAxMDEwMTAxMDFaFw0zNTAxMDIwMTAxMDFaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczRfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M0X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOKjaEEt6b+U
+ESc3lGOMJ4iIkHx2t2GK5AA5XbN6J6QbJXrWTHnygsWNkwohXPU3/MPFhgwCN40P
+7YCtjzsdnZuZA1KZfcCe53pOgen+Bp6UeDgpl6YCijXuvNmZPMCTEVNxNVf9Leqw
+pkPYBNjvVWH+tjMjqsX7Q2H/rAKQuaN9AgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBACxD6L6Lb0XyrkrO+Nxf
+uw+G21ungTAukqgVOkqXz0hIxtTWzkx/sP50Npt8DCecr05RGn6qUl74BhBvONFH
+i90IU+hm5TSE0Vtsnf84wa8XOsm9kcfx8LE1ODZbRUQSnKQ210oqNDrCIOyjmeHo
+tOUcOBYw589Nkg2bn3FenzEe
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs4_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 16 (0x10)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 1 01:01:01 2035 GMT
- Not After : Jan 2 01:01:01 2035 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs4_p1_ta3/emailAddress=cs4_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:e2:60:08:58:af:0f:1b:38:07:8c:9d:b6:88:c5:
- 99:34:c6:da:7f:37:6b:2e:73:4c:d4:4d:96:c8:9f:
- 66:61:4c:cc:97:79:b8:af:68:50:3a:4a:78:d1:57:
- 9a:b4:f3:4d:20:72:e9:5d:eb:99:9f:0d:04:a9:f0:
- 5b:3f:34:29:b8:b5:28:e1:ea:43:9d:0e:ed:70:4a:
- d1:52:13:41:2c:10:6c:5b:bc:8f:65:ff:3b:fc:b6:
- 27:d7:e9:dc:3b:f8:62:d5:45:85:a5:c1:b7:3d:19:
- f9:78:78:90:a4:b6:a5:42:ef:82:f5:17:80:80:63:
- 9d:2d:51:24:3e:a1:4f:cc:17
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- a1:8e:31:d1:59:5e:8a:db:6f:b4:46:46:46:80:17:32:c7:f4:
- 47:db:6e:ff:48:8e:1b:0c:5a:ae:aa:31:74:da:37:df:d4:01:
- 1a:6a:7f:7d:16:1a:5c:d8:a3:56:26:9b:c4:47:ff:4b:40:69:
- 3d:a8:e0:25:da:31:51:61:bc:08:b0:47:1a:2d:ae:56:e9:ba:
- a7:cb:c5:bd:f2:8d:d7:62:72:9d:ff:4d:9f:f7:63:cc:0c:26:
- 19:f1:41:04:f2:82:06:a8:7c:22:ce:7f:af:5a:57:8c:ba:ca:
- 21:8f:95:5d:80:b0:37:6b:c1:7a:ea:3a:7c:3f:c6:bf:42:d7:
- d4:e4
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBEDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0zNTAxMDEwMTAxMDFaFw0zNTAxMDIwMTAxMDFaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczRfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczRfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiYAhY
-rw8bOAeMnbaIxZk0xtp/N2suc0zUTZbIn2ZhTMyXebivaFA6SnjRV5q0800gculd
-65mfDQSp8Fs/NCm4tSjh6kOdDu1wStFSE0EsEGxbvI9l/zv8tifX6dw7+GLVRYWl
-wbc9Gfl4eJCktqVC74L1F4CAY50tUSQ+oU/MFwIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQChjjHRWV6K22+0
-RkZGgBcyx/RH227/SI4bDFquqjF02jff1AEaan99Fhpc2KNWJpvER/9LQGk9qOAl
-2jFRYbwIsEcaLa5W6bqny8W98o3XYnKd/02f92PMDCYZ8UEE8oIGqHwizn+vWleM
-usohj5VdgLA3a8F66jp8P8a/QtfU5A==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs4_pubCA1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 10 (0xa)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch2.2_pubCA1/emailAddress=ch2.2_pubCA1
- Validity
- Not Before: Jan 28 02:54:12 2011 GMT
- Not After : Oct 24 02:54:12 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs4_pubCA1/emailAddress=cs4_pubCA1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:df:f2:c5:0d:12:9b:77:c9:0f:03:07:db:91:4e:
- 6a:94:fd:50:fc:2b:78:ab:ad:40:eb:8d:d4:fa:42:
- 99:5e:68:4a:1c:a7:ca:82:da:4b:22:b1:81:20:b7:
- df:e4:c6:df:3f:95:5a:fd:03:8e:47:fc:85:43:d4:
- b1:53:d1:cd:6b:eb:82:47:f6:21:35:71:fe:da:c1:
- 2b:50:d7:61:ef:7e:60:d7:61:3e:64:3f:33:ab:0e:
- 88:0f:41:3d:15:9e:f5:f1:4f:c3:90:d3:6e:16:32:
- 5f:33:52:5c:2d:8a:43:dd:23:c5:4a:e7:85:42:29:
- 03:ee:10:cd:a5:e1:02:73:63
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 96:2d:e6:30:36:53:f7:af:a6:40:75:9f:d6:55:7a:8d:71:31:
- 54:f8:61:6c:8e:45:fd:86:5f:1f:88:7c:df:d3:af:5c:1e:da:
- 2d:40:c3:00:b4:a8:05:2d:c2:7c:6e:a7:45:45:26:e9:1f:25:
- 25:9d:b6:2b:1f:7d:ba:79:63:7e:e8:73:2d:49:0e:a5:a3:02:
- 7b:d3:9a:ab:df:55:5e:4d:aa:8e:ae:10:0d:de:50:bd:0e:47:
- d1:60:ff:4c:87:b7:f4:49:ee:68:3f:f4:a1:dd:b6:72:73:43:
- fc:3e:b8:4a:f3:7c:6c:95:b3:cb:ba:78:aa:35:5c:b0:48:3e:
- 0d:90
------BEGIN CERTIFICATE-----
-MIIChjCCAe+gAwIBAgIBCjANBgkqhkiG9w0BAQsFADB6MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEVMBMGA1UEAxQMY2gyLjJfcHViQ0ExMRswGQYJKoZIhvcNAQkBFgxj
-aDIuMl9wdWJDQTEwHhcNMTEwMTI4MDI1NDEyWhcNMTMxMDI0MDI1NDEyWjB2MQsw
-CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8g
-UGFyazENMAsGA1UEChMEcGtnNTETMBEGA1UEAxQKY3M0X3B1YkNBMTEZMBcGCSqG
-SIb3DQEJARYKY3M0X3B1YkNBMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-3/LFDRKbd8kPAwfbkU5qlP1Q/Ct4q61A643U+kKZXmhKHKfKgtpLIrGBILff5Mbf
-P5Va/QOOR/yFQ9SxU9HNa+uCR/YhNXH+2sErUNdh735g12E+ZD8zqw6ID0E9FZ71
-8U/DkNNuFjJfM1JcLYpD3SPFSueFQikD7hDNpeECc2MCAwEAAaMgMB4wDAYDVR0T
-AQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADgYEAli3mMDZT
-96+mQHWf1lV6jXExVPhhbI5F/YZfH4h839OvXB7aLUDDALSoBS3CfG6nRUUm6R8l
-JZ22Kx99unljfuhzLUkOpaMCe9Oaq99VXk2qjq4QDd5QvQ5H0WD/TIe39EnuaD/0
-od22cnND/D64SvN8bJWzy7p4qjVcsEg+DZA=
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs5_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 21 (0x15)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs5_ch1_ta3/emailAddress=cs5_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bc:38:5a:89:55:f2:97:d1:61:2a:da:f0:93:31:
+ 58:82:70:d0:fd:23:09:38:82:02:d4:f7:cb:a6:27:
+ c0:cf:76:6e:67:03:78:f5:6c:92:77:b6:8a:f4:a8:
+ 36:6e:de:e3:7c:bd:0d:09:c9:7c:92:3a:be:c9:b1:
+ 2b:18:2a:8c:39:6b:b1:18:a7:34:dc:95:8d:cd:4d:
+ 66:78:56:38:56:2c:a2:9f:5e:4d:14:c3:aa:f8:7f:
+ 20:98:1a:53:4b:f5:20:42:f5:b4:30:d7:62:ea:6d:
+ 54:e4:71:55:0c:1c:1c:41:54:7a:2a:48:b1:d0:8e:
+ a6:82:7c:2b:81:cb:a5:b3:53
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage:
+ Encipher Only
+ Signature Algorithm: sha256WithRSAEncryption
+ 3b:c7:de:1c:36:d2:6d:85:e3:8e:2d:4c:fa:74:f7:2a:75:0b:
+ 1b:b4:79:2f:26:0a:3e:7f:b0:44:12:67:e8:89:f1:6e:ca:2d:
+ e6:18:21:27:cb:e2:7f:61:63:ba:f5:0b:91:40:98:22:cd:51:
+ 16:54:c1:00:a9:89:39:79:20:a4:6b:e5:59:ed:9e:ef:c0:2f:
+ e0:3c:2c:8b:ed:fb:1c:2a:8d:87:5b:b7:49:14:bb:b1:5a:36:
+ 13:9d:b4:2a:99:1f:b5:02:9b:07:70:62:aa:c0:92:98:6b:f7:
+ 4a:73:c5:17:a4:5e:b0:09:b2:61:6a:af:62:64:d5:b9:a6:ac:
+ 09:34
+-----BEGIN CERTIFICATE-----
+MIICezCCAeSgAwIBAgIBFTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczVfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M1X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALw4WolV8pfR
+YSra8JMxWIJw0P0jCTiCAtT3y6YnwM92bmcDePVskne2ivSoNm7e43y9DQnJfJI6
+vsmxKxgqjDlrsRinNNyVjc1NZnhWOFYsop9eTRTDqvh/IJgaU0v1IEL1tDDXYupt
+VORxVQwcHEFUeipIsdCOpoJ8K4HLpbNTAgMBAAGjHTAbMAwGA1UdEwEB/wQCMAAw
+CwYDVR0PBAQDAgABMA0GCSqGSIb3DQEBCwUAA4GBADvH3hw20m2F444tTPp09yp1
+Cxu0eS8mCj5/sEQSZ+iJ8W7KLeYYISfL4n9hY7r1C5FAmCLNURZUwQCpiTl5IKRr
+5Vntnu/AL+A8LIvt+xwqjYdbt0kUu7FaNhOdtCqZH7UCmwdwYqrAkphr90pzxRek
+XrAJsmFqr2Jk1bmmrAk0
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs5_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 17 (0x11)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:19 2011 GMT
- Not After : Oct 24 02:54:19 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs5_p1_ta3/emailAddress=cs5_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:f6:3f:57:e4:be:9d:29:77:e5:df:08:72:be:67:
- 5c:c6:37:e7:ad:62:33:22:74:bb:f2:82:f6:1d:f1:
- 42:ec:56:c2:6e:d0:bc:f3:e6:a6:91:a1:db:4c:b8:
- 27:c9:38:3d:c9:d3:e0:78:d0:51:23:22:b2:3f:6f:
- 4b:1e:14:53:3e:fb:5a:58:f6:fa:f9:cf:ca:ef:89:
- 34:cd:51:c1:ee:89:32:c4:c1:30:fc:63:51:13:4d:
- b4:55:fd:a5:6c:fd:ea:3c:f7:ea:8c:7d:3e:fb:0d:
- 0e:f7:70:c7:73:ce:01:98:77:fe:db:1f:1c:32:e3:
- 59:ae:26:b1:1d:eb:3c:83:51
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage:
- Encipher Only
- Signature Algorithm: sha256WithRSAEncryption
- c9:8a:74:1f:0a:fe:1b:e0:19:64:5f:27:2b:1b:e3:d9:45:a0:
- 19:64:00:d8:12:f5:35:e5:65:70:4d:f2:b3:f2:b6:89:81:12:
- 84:56:f7:11:00:ac:79:f8:9f:c6:4e:77:71:3a:f0:da:50:6b:
- f3:ce:cc:44:38:77:00:c2:d7:33:6f:f4:72:34:33:28:4f:d2:
- fa:aa:2e:8d:e0:37:2b:ac:ab:b5:9b:ad:63:d8:7a:79:07:c2:
- 3b:f4:1b:9a:b6:93:1f:31:26:6e:3f:38:a3:9c:c9:19:e4:6e:
- 17:6d:49:af:f8:c5:55:cf:24:c8:ee:57:ce:81:e3:75:e1:c3:
- 27:cf
------BEGIN CERTIFICATE-----
-MIICfzCCAeigAwIBAgIBETANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTlaFw0xMzEwMjQwMjU0MTlaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczVfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczVfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2P1fk
-vp0pd+XfCHK+Z1zGN+etYjMidLvygvYd8ULsVsJu0Lzz5qaRodtMuCfJOD3J0+B4
-0FEjIrI/b0seFFM++1pY9vr5z8rviTTNUcHuiTLEwTD8Y1ETTbRV/aVs/eo89+qM
-fT77DQ73cMdzzgGYd/7bHxwy41muJrEd6zyDUQIDAQABox0wGzAMBgNVHRMBAf8E
-AjAAMAsGA1UdDwQEAwIAATANBgkqhkiG9w0BAQsFAAOBgQDJinQfCv4b4BlkXycr
-G+PZRaAZZADYEvU15WVwTfKz8raJgRKEVvcRAKx5+J/GTndxOvDaUGvzzsxEOHcA
-wtczb/RyNDMoT9L6qi6N4DcrrKu1m61j2Hp5B8I79BuatpMfMSZuPzijnMkZ5G4X
-bUmv+MVVzyTI7lfOgeN14cMnzw==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs6_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 22 (0x16)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs6_ch1_ta3/emailAddress=cs6_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:af:e7:4a:85:57:4a:4a:33:36:44:2a:8c:34:c1:
+ 49:47:13:f6:c7:2e:b3:e5:92:c0:be:b6:74:ba:61:
+ 1b:90:cf:09:1e:2f:d4:3a:d1:fa:1d:76:63:5d:2d:
+ 8f:0d:78:c5:93:a1:bf:ec:51:99:7f:90:57:2d:9e:
+ 41:46:fc:6a:e1:03:63:41:78:d7:84:cf:5e:d4:dd:
+ 37:11:1e:cc:37:05:b7:19:ce:9a:5e:eb:75:8b:19:
+ 95:1f:94:d3:d2:b2:ff:88:26:c5:6f:33:59:ad:7b:
+ 70:8e:c9:95:dd:cc:31:f0:a7:69:d0:97:e0:cb:7b:
+ 42:f1:ea:e5:ed:0d:b7:b3:db
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Encipher Only
+ Signature Algorithm: sha256WithRSAEncryption
+ 7d:42:18:30:29:c0:f1:62:57:00:97:dd:b3:b6:87:f5:af:5e:
+ c6:32:71:5e:06:6b:e2:04:04:89:f2:3d:cc:e2:07:92:8a:90:
+ be:47:58:6e:dc:9a:c6:f0:85:88:a0:a9:38:58:ee:32:65:a8:
+ e8:71:c3:9a:1f:f4:d2:b1:f6:01:46:46:cb:69:1a:9a:c1:7c:
+ d0:ca:93:fd:e0:60:22:db:d6:82:03:2e:d7:f8:23:0d:e1:a3:
+ 4e:5b:6e:61:b2:41:b0:96:78:d8:ae:5e:be:6a:7a:28:b6:83:
+ 0d:f2:a8:dc:92:89:6c:55:ae:25:98:8a:0d:0c:1f:9d:72:85:
+ 3c:2d
+-----BEGIN CERTIFICATE-----
+MIICfjCCAeegAwIBAgIBFjANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczZfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M2X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK/nSoVXSkoz
+NkQqjDTBSUcT9scus+WSwL62dLphG5DPCR4v1DrR+h12Y10tjw14xZOhv+xRmX+Q
+Vy2eQUb8auEDY0F414TPXtTdNxEezDcFtxnOml7rdYsZlR+U09Ky/4gmxW8zWa17
+cI7Jld3MMfCnadCX4Mt7QvHq5e0Nt7PbAgMBAAGjIDAeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgABMA0GCSqGSIb3DQEBCwUAA4GBAH1CGDApwPFiVwCX3bO2
+h/WvXsYycV4Ga+IEBInyPcziB5KKkL5HWG7cmsbwhYigqThY7jJlqOhxw5of9NKx
+9gFGRstpGprBfNDKk/3gYCLb1oIDLtf4Iw3ho05bbmGyQbCWeNiuXr5qeii2gw3y
+qNySiWxVriWYig0MH51yhTwt
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs6_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 18 (0x12)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:19 2011 GMT
- Not After : Oct 24 02:54:19 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs6_p1_ta3/emailAddress=cs6_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c5:6c:6d:f1:28:4b:56:5d:cf:eb:08:28:a6:85:
- c9:c4:1a:e6:f9:ca:41:a3:80:c6:52:63:78:43:23:
- f9:9c:c2:4a:75:d1:fd:c4:d2:1d:da:c7:e1:d6:a7:
- 5e:16:ad:58:c2:55:db:a1:59:06:58:0f:04:1d:ef:
- 68:22:1c:ec:c3:5c:8e:f9:ab:18:5f:63:fc:72:d8:
- 30:4d:c3:ac:b5:88:d9:be:32:fd:fb:04:e8:7e:86:
- 89:96:f7:a9:aa:09:62:f6:db:42:5d:91:90:82:4a:
- 75:ea:7a:a2:3a:13:05:74:c9:c7:75:71:ad:61:3e:
- a1:a3:40:63:04:44:9a:a7:e1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- X509v3 Key Usage: critical
- Encipher Only
- Signature Algorithm: sha256WithRSAEncryption
- ac:fb:c4:5d:a4:05:8c:fa:cf:99:69:0b:25:aa:5f:75:74:0d:
- b0:96:10:14:71:6c:97:ba:2b:e6:f6:19:80:da:9d:25:89:2f:
- 19:04:ec:c8:2b:da:2a:bc:5a:67:4f:55:fb:f4:e7:c1:de:7e:
- d3:d7:5c:03:34:00:f2:25:5d:55:75:b4:bc:5f:88:13:a0:ff:
- 8d:6b:ae:78:6f:4e:b8:75:f6:8b:7e:5f:85:ac:1c:2a:62:b9:
- 38:72:84:f3:43:50:23:40:79:c8:7b:5c:6d:2a:97:be:76:a8:
- 98:73:e4:c2:51:d2:46:1b:37:c3:32:72:a2:83:56:7e:73:46:
- 1e:cd
------BEGIN CERTIFICATE-----
-MIICgjCCAeugAwIBAgIBEjANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTlaFw0xMzEwMjQwMjU0MTlaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczZfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczZfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFbG3x
-KEtWXc/rCCimhcnEGub5ykGjgMZSY3hDI/mcwkp10f3E0h3ax+HWp14WrVjCVduh
-WQZYDwQd72giHOzDXI75qxhfY/xy2DBNw6y1iNm+Mv37BOh+homW96mqCWL220Jd
-kZCCSnXqeqI6EwV0ycd1ca1hPqGjQGMERJqn4QIDAQABoyAwHjAMBgNVHRMBAf8E
-AjAAMA4GA1UdDwEB/wQEAwIAATANBgkqhkiG9w0BAQsFAAOBgQCs+8RdpAWM+s+Z
-aQslql91dA2wlhAUcWyXuivm9hmA2p0liS8ZBOzIK9oqvFpnT1X79OfB3n7T11wD
-NADyJV1VdbS8X4gToP+Na654b064dfaLfl+FrBwqYrk4coTzQ1AjQHnIe1xtKpe+
-dqiYc+TCUdJGGzfDMnKig1Z+c0YezQ==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs7_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,52 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 23 (0x17)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:28 2011 GMT
+ Not After : Dec 15 00:49:28 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs7_ch1_ta3/emailAddress=cs7_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:bb:2d:57:4a:c4:d9:24:b6:78:a5:dc:9d:7b:b9:
+ 68:c6:63:fc:d4:8a:90:b8:24:50:8d:b9:34:5b:c0:
+ ec:16:bf:c9:30:e0:80:70:7a:6c:9e:55:48:95:13:
+ 16:20:5b:a1:7b:10:de:e8:12:65:21:c5:bf:b9:36:
+ 35:76:4f:79:66:49:82:76:69:a1:22:8e:d1:4c:d9:
+ 21:e6:50:b8:31:f1:66:54:20:cc:98:a9:22:bd:53:
+ d2:af:f6:f0:09:ca:1b:a9:85:a5:61:51:66:1d:54:
+ 58:12:6f:35:5b:ac:4c:7a:8b:4f:63:38:49:e5:d8:
+ 02:88:46:75:73:f2:40:fe:c9
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ Signature Algorithm: sha256WithRSAEncryption
+ 6f:28:9e:58:6f:5f:79:47:4e:4c:cc:16:0b:d7:7b:f7:47:bd:
+ 3c:2c:0a:5c:7b:9f:18:15:ae:5f:77:85:7e:9b:a5:0b:67:86:
+ 6f:b6:1b:a1:18:c8:c2:1d:e9:5d:1b:af:31:0f:59:18:95:4a:
+ 1b:0c:59:1d:99:3a:63:53:95:b5:f2:8f:3d:52:5d:9c:9d:e0:
+ 25:0e:1b:b6:38:e8:d6:8b:a6:f0:43:c9:c3:9f:f1:6f:6a:de:
+ 4d:24:aa:06:44:8a:c5:ab:8f:d4:53:64:30:44:e2:23:2c:ae:
+ 80:b0:ca:f2:56:7d:bd:23:62:fa:70:25:eb:0c:79:20:98:f9:
+ 54:25
+-----BEGIN CERTIFICATE-----
+MIICbjCCAdegAwIBAgIBFzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjhaFw0xMzEyMTUwMDQ5MjhaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczdfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M3X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALstV0rE2SS2
+eKXcnXu5aMZj/NSKkLgkUI25NFvA7Ba/yTDggHB6bJ5VSJUTFiBboXsQ3ugSZSHF
+v7k2NXZPeWZJgnZpoSKO0UzZIeZQuDHxZlQgzJipIr1T0q/28AnKG6mFpWFRZh1U
+WBJvNVusTHqLT2M4SeXYAohGdXPyQP7JAgMBAAGjEDAOMAwGA1UdEwEB/wQCMAAw
+DQYJKoZIhvcNAQELBQADgYEAbyieWG9feUdOTMwWC9d790e9PCwKXHufGBWuX3eF
+fpulC2eGb7YboRjIwh3pXRuvMQ9ZGJVKGwxZHZk6Y1OVtfKPPVJdnJ3gJQ4btjjo
+1oum8EPJw5/xb2reTSSqBkSKxauP1FNkMETiIyyugLDK8lZ9vSNi+nAl6wx5IJj5
+VCU=
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs7_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,52 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 19 (0x13)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:19 2011 GMT
- Not After : Oct 24 02:54:19 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs7_p1_ta3/emailAddress=cs7_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ba:54:8d:a5:e9:70:76:e3:0b:e5:b9:8f:21:1f:
- ef:1e:24:1b:fe:d5:67:95:ba:23:6b:f6:55:69:92:
- 09:5a:a2:2b:09:72:e7:e5:a7:fb:04:59:cf:27:3f:
- 8a:b8:28:39:d9:02:24:eb:7a:44:73:6c:29:74:8f:
- 5a:a4:ff:c4:e1:40:5e:77:8f:24:8c:4e:d8:e0:31:
- cf:e6:83:e4:4d:5c:77:29:ae:21:58:84:9f:43:d2:
- 8e:cb:d4:75:79:96:59:78:00:de:0f:05:25:b0:bf:
- 81:35:15:27:ac:58:28:09:7a:49:49:17:49:f1:f8:
- b9:b7:a1:7f:66:2b:b3:25:7b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:FALSE
- Signature Algorithm: sha256WithRSAEncryption
- 9f:fc:6d:b4:57:4b:9e:63:53:a8:23:d0:d1:e7:cc:87:bc:37:
- c6:a7:b0:00:ab:f2:a0:c5:e8:07:56:7a:3d:e3:ff:0e:56:ce:
- 40:78:09:2e:56:6b:9f:13:99:da:50:c8:90:43:6a:e2:88:b7:
- 7d:7d:25:ef:8f:ca:f7:e4:89:f1:07:15:b4:db:48:82:c7:40:
- 5f:58:fe:07:8d:4e:f1:30:eb:99:97:fe:58:67:04:52:34:88:
- d5:37:c2:fb:a8:07:c3:47:88:5e:11:0b:aa:f0:18:bb:a0:a1:
- 9c:3e:90:b4:44:b9:e5:28:74:6e:9b:ba:e5:40:63:d2:11:aa:
- 9c:bb
------BEGIN CERTIFICATE-----
-MIICcjCCAdugAwIBAgIBEzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MTlaFw0xMzEwMjQwMjU0MTlaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczdfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczdfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6VI2l
-6XB24wvluY8hH+8eJBv+1WeVuiNr9lVpkglaoisJcuflp/sEWc8nP4q4KDnZAiTr
-ekRzbCl0j1qk/8ThQF53jySMTtjgMc/mg+RNXHcpriFYhJ9D0o7L1HV5lll4AN4P
-BSWwv4E1FSesWCgJeklJF0nx+Lm3oX9mK7MlewIDAQABoxAwDjAMBgNVHRMBAf8E
-AjAAMA0GCSqGSIb3DQEBCwUAA4GBAJ/8bbRXS55jU6gj0NHnzIe8N8ansACr8qDF
-6AdWej3j/w5WzkB4CS5Wa58TmdpQyJBDauKIt319Je+PyvfkifEHFbTbSILHQF9Y
-/geNTvEw65mX/lhnBFI0iNU3wvuoB8NHiF4RC6rwGLugoZw+kLREueUodG6buuVA
-Y9IRqpy7
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs8_ch1_ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,54 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 24 (0x18)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ch1_ta3/emailAddress=ch1_ta3
+ Validity
+ Not Before: Mar 21 00:49:29 2011 GMT
+ Not After : Dec 15 00:49:29 2013 GMT
+ Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_ch1_ta3/emailAddress=cs8_ch1_ta3
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:d8:42:22:89:49:49:9b:1f:c3:68:43:93:5b:e7:
+ be:cd:d6:0d:24:cb:d8:6a:bd:64:c3:8f:31:6f:4f:
+ 38:c4:ca:39:4e:16:35:32:88:bb:03:f0:04:06:aa:
+ e4:e1:11:24:db:b1:e2:d1:1b:3a:45:49:da:0f:36:
+ b6:79:85:4a:42:e4:01:83:75:4d:1e:81:69:30:f0:
+ 64:20:19:63:c0:d4:5d:50:76:bb:a8:e4:56:b7:bb:
+ e0:54:64:f9:73:c7:eb:84:a6:da:4a:58:16:00:a8:
+ cb:e5:c5:b0:1f:ad:eb:fc:2c:08:93:ee:2e:a3:26:
+ 13:3c:a6:46:64:a5:df:f6:57
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature
+ Signature Algorithm: sha256WithRSAEncryption
+ 30:5f:8a:7d:24:03:2b:2a:c1:cf:07:27:e0:f6:d4:1e:fe:8a:
+ cf:57:06:6b:60:70:41:b2:53:75:14:b9:f8:1c:b7:f0:02:44:
+ 4d:89:78:51:7d:3a:b9:b2:f9:54:76:67:ab:53:11:ac:b2:ac:
+ 75:5d:48:f7:55:c4:0a:e4:03:3d:ba:30:75:f1:a1:28:71:3e:
+ 9e:e5:35:84:70:54:a4:d7:f0:ca:5b:29:33:3e:6b:32:88:eb:
+ 49:9d:46:c7:12:75:96:ec:81:91:b8:5e:01:a6:c1:ec:05:a2:
+ 84:46:9b:39:60:7b:91:d1:9e:4f:c8:dd:00:15:f3:aa:1a:e4:
+ 32:85
+-----BEGIN CERTIFICATE-----
+MIICgTCCAeqgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
+ChMEcGtnNTEQMA4GA1UEAxQHY2gxX3RhMzEWMBQGCSqGSIb3DQEJARYHY2gxX3Rh
+MzAeFw0xMTAzMjEwMDQ5MjlaFw0xMzEyMTUwMDQ5MjlaMHgxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
+VQQKEwRwa2c1MRQwEgYDVQQDFAtjczhfY2gxX3RhMzEaMBgGCSqGSIb3DQEJARYL
+Y3M4X2NoMV90YTMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANhCIolJSZsf
+w2hDk1vnvs3WDSTL2Gq9ZMOPMW9POMTKOU4WNTKIuwPwBAaq5OERJNux4tEbOkVJ
+2g82tnmFSkLkAYN1TR6BaTDwZCAZY8DUXVB2u6jkVre74FRk+XPH64Sm2kpYFgCo
+y+XFsB+t6/wsCJPuLqMmEzymRmSl3/ZXAgMBAAGjIzAhMA8GA1UdEwEB/wQFMAMB
+Af8wDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4GBADBfin0kAysqwc8H
+J+D21B7+is9XBmtgcEGyU3UUufgct/ACRE2JeFF9Ormy+VR2Z6tTEayyrHVdSPdV
+xArkAz26MHXxoShxPp7lNYRwVKTX8MpbKTM+azKI60mdRscSdZbsgZG4XgGmwewF
+ooRGmzlge5HRnk/I3QAV86oa5DKF
+-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/code_signing_certs/cs8_p1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 20 (0x14)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Validity
- Not Before: Jan 28 02:54:20 2011 GMT
- Not After : Oct 24 02:54:20 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=cs8_p1_ta3/emailAddress=cs8_p1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ad:72:4f:d0:b8:2b:c4:74:c7:91:71:75:5e:89:
- 88:2f:d8:bd:af:cd:40:a0:7b:48:87:a4:dc:63:96:
- 05:79:4c:ba:d7:80:ec:bf:7f:37:9e:6f:62:4c:d6:
- e9:10:f0:46:1b:5c:23:f7:57:a1:1f:63:77:b5:4e:
- 05:fd:17:7e:4a:a6:6d:ed:46:39:c7:e0:45:7b:b7:
- 6f:39:27:64:57:35:4a:d8:01:37:c6:8e:5b:af:28:
- d7:a9:6c:94:23:4b:93:e1:e5:ab:db:7a:0d:b0:2b:
- 1d:e8:99:f5:2e:89:e9:f6:37:aa:a8:09:fb:e2:0a:
- 32:59:0b:ec:1b:4e:e5:ad:43
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Digital Signature
- Signature Algorithm: sha256WithRSAEncryption
- 65:b5:1a:f3:d3:d8:24:ba:ef:c8:38:30:6f:df:d5:06:2d:a3:
- f0:26:48:7f:77:28:a6:3b:48:40:36:bf:16:50:92:aa:12:33:
- e9:70:59:be:7a:72:66:b8:64:5e:d8:22:c7:c8:29:a5:e3:00:
- 31:11:91:e6:b5:1c:00:6e:76:be:07:e2:35:62:88:c9:d9:f5:
- f0:08:bf:2d:b5:e1:db:31:55:86:ee:0b:ee:cd:2f:6b:e0:82:
- 15:42:46:d1:1a:92:b3:f1:7e:4b:1e:65:9e:7c:a3:95:aa:48:
- 7f:23:c8:12:b2:dd:23:57:14:87:94:b5:62:be:bf:ba:44:6e:
- 23:af
------BEGIN CERTIFICATE-----
-MIIChTCCAe6gAwIBAgIBFDANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMzAeFw0xMTAxMjgwMjU0MjBaFw0xMzEwMjQwMjU0MjBaMHYxCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
-MQ0wCwYDVQQKEwRwa2c1MRMwEQYDVQQDFApjczhfcDFfdGEzMRkwFwYJKoZIhvcN
-AQkBFgpjczhfcDFfdGEzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtck/Q
-uCvEdMeRcXVeiYgv2L2vzUCge0iHpNxjlgV5TLrXgOy/fzeeb2JM1ukQ8EYbXCP3
-V6EfY3e1TgX9F35Kpm3tRjnH4EV7t285J2RXNUrYATfGjluvKNepbJQjS5Ph5avb
-eg2wKx3omfUuien2N6qoCfviCjJZC+wbTuWtQwIDAQABoyMwITAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOBgQBltRrz09gk
-uu/IODBv39UGLaPwJkh/dyimO0hANr8WUJKqEjPpcFm+enJmuGRe2CLHyCml4wAx
-EZHmtRwAbna+B+I1YojJ2fXwCL8tteHbMVWG7gvuzS9r4IIVQkbRGpKz8X5LHmWe
-fKOVqkh/I8gSst0jVxSHlLVivr+6RG4jrw==
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/crl/ch1.1_ta4_crl.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,32 @@
+Certificate Revocation List (CRL):
+ Version 1 (0x0)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1.1_ta4/emailAddress=ch1.1_ta4
+ Last Update: Mar 21 00:49:34 2011 GMT
+ Next Update: Dec 15 00:49:34 2013 GMT
+Revoked Certificates:
+ Serial Number: 07
+ Revocation Date: Mar 21 00:49:24 2011 GMT
+ Serial Number: 23
+ Revocation Date: Mar 21 00:49:32 2011 GMT
+ Serial Number: 27
+ Revocation Date: Mar 21 00:49:34 2011 GMT
+ Signature Algorithm: sha256WithRSAEncryption
+ 31:4b:ae:a8:e4:93:46:5d:3a:10:72:b5:d0:c0:44:d9:3d:aa:
+ cc:a1:19:b9:8a:80:64:5e:95:71:67:ed:cd:99:1c:05:0b:af:
+ ee:68:a6:ee:dd:b9:cb:c8:7a:36:da:a5:3a:34:60:62:7c:38:
+ 91:37:4b:36:61:87:2d:b3:d9:95:40:25:ab:e2:1d:4c:27:0f:
+ fb:01:cb:14:6a:c7:d3:60:ef:54:2c:d9:f5:a7:57:d1:1d:9d:
+ fe:28:ef:f3:2c:37:91:08:51:eb:e6:9a:f1:35:8a:bc:00:20:
+ 64:74:e5:a1:7d:c4:19:ad:54:2e:52:71:c8:70:44:a6:53:7b:
+ 2e:88
+-----BEGIN X509 CRL-----
+MIIBdzCB4TANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
+Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTES
+MBAGA1UEAxQJY2gxLjFfdGE0MRgwFgYJKoZIhvcNAQkBFgljaDEuMV90YTQXDTEx
+MDMyMTAwNDkzNFoXDTEzMTIxNTAwNDkzNFowPDASAgEHFw0xMTAzMjEwMDQ5MjRa
+MBICASMXDTExMDMyMTAwNDkzMlowEgIBJxcNMTEwMzIxMDA0OTM0WjANBgkqhkiG
+9w0BAQsFAAOBgQAxS66o5JNGXToQcrXQwETZParMoRm5ioBkXpVxZ+3NmRwFC6/u
+aKbu3bnLyHo22qU6NGBifDiRN0s2YYcts9mVQCWr4h1MJw/7AcsUasfTYO9ULNn1
+p1fRHZ3+KO/zLDeRCFHr5prxNYq8ACBkdOWhfcQZrVQuUnHIcESmU3suiA==
+-----END X509 CRL-----
--- a/src/tests/ro_data/signing_certs/produced/crl/ch1_pubCA1_crl.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,30 +0,0 @@
-Certificate Revocation List (CRL):
- Version 1 (0x0)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_pubCA1/emailAddress=ch1_pubCA1
- Last Update: Jan 28 02:54:11 2011 GMT
- Next Update: Oct 24 02:54:11 2013 GMT
-Revoked Certificates:
- Serial Number: 07
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 08
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Signature Algorithm: sha256WithRSAEncryption
- 2c:da:bc:ca:35:2f:5d:8e:79:04:05:17:43:d7:85:d1:68:71:
- 6a:0c:9b:dd:4f:a5:1e:d2:fb:70:c6:bf:56:f2:69:b4:b0:f1:
- bd:e6:41:45:86:f0:be:13:07:ed:4a:06:7f:7b:22:5c:19:1d:
- d8:89:6b:75:53:b1:07:52:ce:b5:5c:5c:14:fc:80:28:eb:db:
- d2:8d:16:09:49:97:13:eb:db:16:7d:c6:85:36:0a:72:a8:1e:
- 02:84:8f:b9:cd:84:41:f4:68:07:64:7e:4b:e4:ad:4e:96:8d:
- 6c:4c:31:b2:f7:ca:e9:60:03:c8:df:bc:3b:77:3c:1e:43:30:
- 21:73
------BEGIN X509 CRL-----
-MIIBZTCBzzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
-Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTET
-MBEGA1UEAxQKY2gxX3B1YkNBMTEZMBcGCSqGSIb3DQEJARYKY2gxX3B1YkNBMRcN
-MTEwMTI4MDI1NDExWhcNMTMxMDI0MDI1NDExWjAoMBICAQcXDTExMDEyODAyNTQx
-MVowEgIBCBcNMTEwMTI4MDI1NDExWjANBgkqhkiG9w0BAQsFAAOBgQAs2rzKNS9d
-jnkEBRdD14XRaHFqDJvdT6Ue0vtwxr9W8mm0sPG95kFFhvC+EwftSgZ/eyJcGR3Y
-iWt1U7EHUs61XFwU/IAo69vSjRYJSZcT69sWfcaFNgpyqB4ChI+5zYRB9GgHZH5L
-5K1Olo1sTDGy98rpYAPI37w7dzweQzAhcw==
------END X509 CRL-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/crl/ch1_ta4_crl.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,30 @@
+Certificate Revocation List (CRL):
+ Version 1 (0x0)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta4/emailAddress=ch1_ta4
+ Last Update: Mar 21 00:49:32 2011 GMT
+ Next Update: Dec 15 00:49:32 2013 GMT
+Revoked Certificates:
+ Serial Number: 07
+ Revocation Date: Mar 21 00:49:24 2011 GMT
+ Serial Number: 23
+ Revocation Date: Mar 21 00:49:32 2011 GMT
+ Signature Algorithm: sha256WithRSAEncryption
+ a5:ad:ec:47:89:19:2e:6e:0e:1e:04:a6:1b:7d:1d:64:cb:68:
+ df:cb:51:98:24:5a:a0:1b:5f:3a:22:31:7e:78:bf:7e:fe:28:
+ f6:a4:fd:92:16:ed:07:59:fa:f4:9b:ed:e3:f9:67:35:f0:b8:
+ 83:65:f3:52:f8:ee:98:c1:8f:36:53:dc:8d:23:ee:d9:35:07:
+ 72:64:dd:e6:2c:5b:b8:1a:4a:40:70:a7:2f:a4:ce:c3:77:ca:
+ 1f:16:1d:6e:aa:46:9a:b4:7b:f2:0c:f0:9a:35:25:6f:e8:40:
+ cd:61:ec:e3:8b:07:d7:51:8d:3f:af:d2:12:bc:5e:68:81:60:
+ a6:e7
+-----BEGIN X509 CRL-----
+MIIBXzCByTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
+Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEQ
+MA4GA1UEAxQHY2gxX3RhNDEWMBQGCSqGSIb3DQEJARYHY2gxX3RhNBcNMTEwMzIx
+MDA0OTMyWhcNMTMxMjE1MDA0OTMyWjAoMBICAQcXDTExMDMyMTAwNDkyNFowEgIB
+IxcNMTEwMzIxMDA0OTMyWjANBgkqhkiG9w0BAQsFAAOBgQClrexHiRkubg4eBKYb
+fR1ky2jfy1GYJFqgG186IjF+eL9+/ij2pP2SFu0HWfr0m+3j+Wc18LiDZfNS+O6Y
+wY82U9yNI+7ZNQdyZN3mLFu4GkpAcKcvpM7Dd8ofFh1uqkaatHvyDPCaNSVv6EDN
+YezjiwfXUY0/r9ISvF5ogWCm5w==
+-----END X509 CRL-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/crl/ch5_ta1_crl.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,27 @@
+Certificate Revocation List (CRL):
+ Version 1 (0x0)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch5_ta1/emailAddress=ch5_ta1
+ Last Update: Mar 21 00:49:24 2011 GMT
+ Next Update: Dec 15 00:49:24 2013 GMT
+Revoked Certificates:
+ Serial Number: 07
+ Revocation Date: Mar 21 00:49:24 2011 GMT
+ Signature Algorithm: sha256WithRSAEncryption
+ a0:ce:1d:25:10:90:84:12:77:2d:77:d0:78:40:e5:6f:0f:46:
+ 42:d8:55:6a:1d:ca:3f:e0:67:da:3b:ad:aa:62:18:43:f8:1c:
+ ef:1e:79:3f:90:ee:82:4c:6f:81:9b:20:3c:bb:81:7e:ed:db:
+ 40:41:00:c9:29:77:25:87:b7:7b:b5:2b:b1:a8:c1:d4:f2:6b:
+ 9e:67:56:b2:bc:69:9b:ef:62:a7:26:05:7e:e7:7e:24:3a:21:
+ 90:ce:cf:4a:47:b5:59:68:6e:01:88:a8:5f:81:02:fc:4e:7d:
+ 07:67:41:7b:42:eb:3d:4c:de:94:0b:89:78:fc:bc:0e:b4:fe:
+ 2d:fd
+-----BEGIN X509 CRL-----
+MIIBSzCBtTANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
+Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEQ
+MA4GA1UEAxQHY2g1X3RhMTEWMBQGCSqGSIb3DQEJARYHY2g1X3RhMRcNMTEwMzIx
+MDA0OTI0WhcNMTMxMjE1MDA0OTI0WjAUMBICAQcXDTExMDMyMTAwNDkyNFowDQYJ
+KoZIhvcNAQELBQADgYEAoM4dJRCQhBJ3LXfQeEDlbw9GQthVah3KP+Bn2jutqmIY
+Q/gc7x55P5DugkxvgZsgPLuBfu3bQEEAySl3JYe3e7UrsajB1PJrnmdWsrxpm+9i
+pyYFfud+JDohkM7PSke1WWhuAYioX4EC/E59B2dBe0LrPUzelAuJePy8DrT+Lf0=
+-----END X509 CRL-----
--- a/src/tests/ro_data/signing_certs/produced/crl/pubCA1_ta1_crl.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,28 +0,0 @@
-Certificate Revocation List (CRL):
- Version 1 (0x0)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta1/emailAddress=pubCA1_ta1
- Last Update: Jan 28 02:54:11 2011 GMT
- Next Update: Oct 24 02:54:11 2013 GMT
-Revoked Certificates:
- Serial Number: 07
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Signature Algorithm: sha256WithRSAEncryption
- 41:4e:ba:b3:ec:4a:41:ab:a2:57:45:78:64:b4:ad:69:7f:48:
- e6:d7:7b:1c:6e:dd:c4:8a:eb:db:6e:2d:be:a0:e8:3d:87:be:
- b4:95:1f:e2:6f:ec:01:83:71:cb:d9:eb:ce:88:59:14:cc:bd:
- 20:94:9c:12:48:d7:65:75:0c:83:67:e1:5b:2d:4c:c7:a0:b1:
- 3d:4a:a3:a9:3c:d8:dd:8e:e6:31:26:56:5e:d2:4f:44:29:77:
- 54:b1:40:1f:15:bf:06:07:12:60:3f:cf:c8:65:19:14:d9:f1:
- 58:97:6c:b4:c8:c4:19:b3:c5:ef:de:de:42:68:a1:7e:c3:b8:
- 18:d1
------BEGIN X509 CRL-----
-MIIBUTCBuzANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
-Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTET
-MBEGA1UEAxQKcHViQ0ExX3RhMTEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3RhMRcN
-MTEwMTI4MDI1NDExWhcNMTMxMDI0MDI1NDExWjAUMBICAQcXDTExMDEyODAyNTQx
-MVowDQYJKoZIhvcNAQELBQADgYEAQU66s+xKQauiV0V4ZLStaX9I5td7HG7dxIrr
-224tvqDoPYe+tJUf4m/sAYNxy9nrzohZFMy9IJScEkjXZXUMg2fhWy1Mx6CxPUqj
-qTzY3Y7mMSZWXtJPRCl3VLFAHxW/BgcSYD/PyGUZFNnxWJdstMjEGbPF797eQmih
-fsO4GNE=
------END X509 CRL-----
--- a/src/tests/ro_data/signing_certs/produced/crl/pubCA1_ta4_crl.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,32 +0,0 @@
-Certificate Revocation List (CRL):
- Version 1 (0x0)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Last Update: Jan 28 02:54:23 2011 GMT
- Next Update: Oct 24 02:54:23 2013 GMT
-Revoked Certificates:
- Serial Number: 07
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 08
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 1F
- Revocation Date: Jan 28 02:54:22 2011 GMT
- Signature Algorithm: sha256WithRSAEncryption
- 39:0f:9c:ed:09:d5:34:f9:bd:1f:7e:a3:2c:3c:06:d9:8a:3c:
- ee:07:33:34:b8:4a:9c:59:74:fb:8d:5d:06:9c:8c:1e:b3:6d:
- 73:e0:32:86:2d:bf:78:3a:c7:c7:a2:be:ed:cc:08:9f:e7:d3:
- db:5c:0f:33:67:56:e3:ae:e8:f3:fd:35:58:c7:63:d9:fc:e1:
- 4a:80:2e:65:db:51:a1:6f:ec:a9:d7:a4:c7:37:18:bf:5e:e8:
- 12:18:80:f2:3b:3c:ab:2f:e2:72:34:68:74:e8:2b:40:54:e6:
- 6a:a1:25:12:ed:90:b8:52:c9:60:06:af:7d:d3:c7:11:a8:58:
- 85:bb
------BEGIN X509 CRL-----
-MIIBeTCB4zANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
-Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTET
-MBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3RhNBcN
-MTEwMTI4MDI1NDIzWhcNMTMxMDI0MDI1NDIzWjA8MBICAQcXDTExMDEyODAyNTQx
-MVowEgIBCBcNMTEwMTI4MDI1NDExWjASAgEfFw0xMTAxMjgwMjU0MjJaMA0GCSqG
-SIb3DQEBCwUAA4GBADkPnO0J1TT5vR9+oyw8BtmKPO4HMzS4SpxZdPuNXQacjB6z
-bXPgMoYtv3g6x8eivu3MCJ/n09tcDzNnVuOu6PP9NVjHY9n84UqALmXbUaFv7KnX
-pMc3GL9e6BIYgPI7PKsv4nI0aHToK0BU5mqhJRLtkLhSyWAGr33TxxGoWIW7
------END X509 CRL-----
--- a/src/tests/ro_data/signing_certs/produced/crl/pubCA2_ta4_crl.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,35 +0,0 @@
-Certificate Revocation List (CRL):
- Version 1 (0x0)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA2_ta4/emailAddress=pubCA2_ta4
- Last Update: Jan 28 02:54:24 2011 GMT
- Next Update: Oct 24 02:54:24 2013 GMT
-Revoked Certificates:
- Serial Number: 07
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 08
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 1F
- Revocation Date: Jan 28 02:54:22 2011 GMT
- Serial Number: 23
- Revocation Date: Jan 28 02:54:24 2011 GMT
- Signature Algorithm: sha256WithRSAEncryption
- 00:0d:ab:e1:51:f8:3f:36:bb:64:50:1f:d5:2a:00:42:db:4a:
- 5f:a8:b1:d3:a6:5a:3e:51:4d:bb:af:93:6f:be:4e:d2:ca:dc:
- eb:7d:c5:84:ed:a7:c3:fa:eb:40:e5:04:c1:6c:66:fa:9f:8e:
- e8:dc:84:5a:94:9d:91:ff:8d:4d:62:72:75:47:39:c7:63:09:
- fb:33:57:e1:4f:ec:35:6f:e0:55:25:5e:7c:0c:1d:e9:9f:1c:
- 77:a3:2e:34:c3:41:d6:b5:eb:0e:79:7f:72:8c:49:22:af:ed:
- 8e:5f:a0:70:bb:4d:2b:88:50:34:d0:8d:55:86:7e:9c:5b:03:
- 8d:fe
------BEGIN X509 CRL-----
-MIIBjTCB9zANBgkqhkiG9w0BAQsFADB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
-Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTET
-MBEGA1UEAxQKcHViQ0EyX3RhNDEZMBcGCSqGSIb3DQEJARYKcHViQ0EyX3RhNBcN
-MTEwMTI4MDI1NDI0WhcNMTMxMDI0MDI1NDI0WjBQMBICAQcXDTExMDEyODAyNTQx
-MVowEgIBCBcNMTEwMTI4MDI1NDExWjASAgEfFw0xMTAxMjgwMjU0MjJaMBICASMX
-DTExMDEyODAyNTQyNFowDQYJKoZIhvcNAQELBQADgYEAAA2r4VH4Pza7ZFAf1SoA
-QttKX6ix06ZaPlFNu6+Tb75O0src633FhO2nw/rrQOUEwWxm+p+O6NyEWpSdkf+N
-TWJydUc5x2MJ+zNX4U/sNW/gVSVefAwd6Z8cd6MuNMNB1rXrDnl/coxJIq/tjl+g
-cLtNK4hQNNCNVYZ+nFsDjf4=
------END X509 CRL-----
--- a/src/tests/ro_data/signing_certs/produced/crl/ta5_crl.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/crl/ta5_crl.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,36 +2,34 @@
Version 1 (0x0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
- Last Update: Jan 28 02:54:25 2011 GMT
- Next Update: Oct 24 02:54:25 2013 GMT
+ Last Update: Mar 21 00:49:35 2011 GMT
+ Next Update: Dec 15 00:49:35 2013 GMT
Revoked Certificates:
Serial Number: 07
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 08
- Revocation Date: Jan 28 02:54:11 2011 GMT
- Serial Number: 1F
- Revocation Date: Jan 28 02:54:22 2011 GMT
+ Revocation Date: Mar 21 00:49:24 2011 GMT
Serial Number: 23
- Revocation Date: Jan 28 02:54:24 2011 GMT
- Serial Number: 24
- Revocation Date: Jan 28 02:54:25 2011 GMT
+ Revocation Date: Mar 21 00:49:32 2011 GMT
+ Serial Number: 27
+ Revocation Date: Mar 21 00:49:34 2011 GMT
+ Serial Number: 28
+ Revocation Date: Mar 21 00:49:35 2011 GMT
Signature Algorithm: sha256WithRSAEncryption
- 94:82:fa:b9:39:bb:a6:53:fe:a4:d5:9a:47:d7:9b:0d:f4:b8:
- 29:c1:58:66:47:4a:b0:be:6e:7f:f2:2c:39:0e:5b:1a:24:e7:
- dd:99:6f:63:19:f2:7c:97:4c:83:ee:df:31:93:0c:44:cb:67:
- f2:11:16:9b:fb:ee:ab:27:52:6c:00:b9:4e:88:9b:b5:02:ea:
- b4:df:5b:c4:a7:94:38:b5:2c:90:e9:22:fd:86:3f:03:60:91:
- 1b:36:8c:da:b1:61:27:cd:05:d7:fd:5a:46:c9:c5:9a:9c:b1:
- 7b:52:96:20:6a:d2:ef:cc:47:40:fd:2e:2a:33:b0:20:6d:8d:
- f7:fb
+ 81:8c:4a:60:d8:d7:48:e8:ef:57:75:bf:0f:12:1f:a2:f3:5b:
+ f4:78:d8:a8:6b:b9:72:c1:80:60:a5:1b:e1:82:71:88:2d:38:
+ ff:2f:c6:be:36:16:d1:76:6c:e1:d9:ad:b4:c3:a2:c9:64:11:
+ ee:d6:32:0a:b8:14:a7:73:7c:59:2f:86:8c:9a:83:80:35:79:
+ 3c:59:9e:7b:75:b6:8e:ef:15:2a:5d:f4:d0:69:04:f9:58:2f:
+ b4:85:b9:5e:49:e9:8a:ae:72:94:34:28:87:6d:cd:ec:d6:86:
+ 79:17:a3:31:e0:9c:21:fb:b4:6d:84:ac:3d:86:47:f5:c8:c8:
+ 89:ca
-----BEGIN X509 CRL-----
-MIIBkzCB/TANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
+MIIBfzCB6TANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMK
Q2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtnNTEM
-MAoGA1UEAxMDdGE1MRIwEAYJKoZIhvcNAQkBFgN0YTUXDTExMDEyODAyNTQyNVoX
-DTEzMTAyNDAyNTQyNVowZDASAgEHFw0xMTAxMjgwMjU0MTFaMBICAQgXDTExMDEy
-ODAyNTQxMVowEgIBHxcNMTEwMTI4MDI1NDIyWjASAgEjFw0xMTAxMjgwMjU0MjRa
-MBICASQXDTExMDEyODAyNTQyNVowDQYJKoZIhvcNAQELBQADgYEAlIL6uTm7plP+
-pNWaR9ebDfS4KcFYZkdKsL5uf/IsOQ5bGiTn3ZlvYxnyfJdMg+7fMZMMRMtn8hEW
-m/vuqydSbAC5ToibtQLqtN9bxKeUOLUskOki/YY/A2CRGzaM2rFhJ80F1/1aRsnF
-mpyxe1KWIGrS78xHQP0uKjOwIG2N9/s=
+MAoGA1UEAxMDdGE1MRIwEAYJKoZIhvcNAQkBFgN0YTUXDTExMDMyMTAwNDkzNVoX
+DTEzMTIxNTAwNDkzNVowUDASAgEHFw0xMTAzMjEwMDQ5MjRaMBICASMXDTExMDMy
+MTAwNDkzMlowEgIBJxcNMTEwMzIxMDA0OTM0WjASAgEoFw0xMTAzMjEwMDQ5MzVa
+MA0GCSqGSIb3DQEBCwUAA4GBAIGMSmDY10jo71d1vw8SH6LzW/R42KhruXLBgGCl
+G+GCcYgtOP8vxr42FtF2bOHZrbTDoslkEe7WMgq4FKdzfFkvhoyag4A1eTxZnnt1
+to7vFSpd9NBpBPlYL7SFuV5J6YqucpQ0KIdtzezWhnkXozHgnCH7tG2ErD2GR/XI
+yInK
-----END X509 CRL-----
--- a/src/tests/ro_data/signing_certs/produced/index Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/index Wed Apr 06 18:06:57 2011 -0700
@@ -1,37 +1,41 @@
-V 131024025410Z 01 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=i1_ta1/emailAddress=i1_ta1
-V 131024025410Z 02 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=i2_ta1/emailAddress=i2_ta1
-V 131024025410Z 03 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta1/emailAddress=pubCA1_ta1
-V 131024025410Z 04 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_pubCA1/emailAddress=ch1_pubCA1
-V 131024025410Z 05 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2_pubCA1/emailAddress=ch2_pubCA1
-V 131024025411Z 06 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_pubCA1/emailAddress=cs1_pubCA1
-R 131024025411Z 110128025411Z 07 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs2_pubCA1/emailAddress=cs2_pubCA1
-R 131024025411Z 110128025411Z 08 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs3_pubCA1/emailAddress=cs3_pubCA1
-V 131024025411Z 09 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2.2_pubCA1/emailAddress=ch2.2_pubCA1
-V 131024025412Z 0A unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs4_pubCA1/emailAddress=cs4_pubCA1
-V 131024025413Z 0B unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ta2/emailAddress=cs1_ta2
-V 131024025413Z 0C unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta3/emailAddress=pubCA1_ta3
-V 131024025413Z 0D unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_p1_ta3/emailAddress=cs1_p1_ta3
-V 131024025418Z 0E unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs2_p1_ta3/emailAddress=cs2_p1_ta3
-V 090102010101Z 0F unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs3_p1_ta3/emailAddress=cs3_p1_ta3
-V 350102010101Z 10 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs4_p1_ta3/emailAddress=cs4_p1_ta3
-V 131024025419Z 11 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs5_p1_ta3/emailAddress=cs5_p1_ta3
-V 131024025419Z 12 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs6_p1_ta3/emailAddress=cs6_p1_ta3
-V 131024025419Z 13 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs7_p1_ta3/emailAddress=cs7_p1_ta3
-V 131024025420Z 14 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs8_p1_ta3/emailAddress=cs8_p1_ta3
-V 131024025420Z 15 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_cs8_p1_ta3/emailAddress=cs1_cs8_p1_ta3
-V 131024025420Z 16 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA2_ta3/emailAddress=pubCA2_ta3
-V 131024025421Z 17 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_p2_ta3/emailAddress=cs1_p2_ta3
-V 090102010101Z 18 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA3_ta3/emailAddress=pubCA3_ta3
-V 131024025421Z 19 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_p3_ta3/emailAddress=cs1_p3_ta3
-V 350102010101Z 1A unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA4_ta3/emailAddress=pubCA4_ta3
-V 131024025421Z 1B unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_p4_ta3/emailAddress=cs1_p4_ta3
-V 350102010101Z 1C unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA5_ta3/emailAddress=pubCA5_ta3
-V 131024025421Z 1D unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_p5_ta3/emailAddress=cs1_p5_ta3
-V 131024025422Z 1E unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta4/emailAddress=pubCA1_ta4
-R 131024025422Z 110128025422Z 1F unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ta4/emailAddress=cs1_ta4
-V 131024025423Z 20 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs2_ta4/emailAddress=cs2_ta4
-V 131024025424Z 21 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs3_ta4/emailAddress=cs3_ta4
-V 131024025424Z 22 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA2_ta4/emailAddress=pubCA2_ta4
-R 131024025424Z 110128025424Z 23 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_p2_ta4/emailAddress=cs1_p2_ta4
-R 131024025425Z 110128025425Z 24 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=pubCA1_ta5/emailAddress=pubCA1_ta5
-V 131024025425Z 25 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ta5/emailAddress=cs1_ta5
+V 131215004923Z 01 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta1/emailAddress=ch1_ta1
+V 131215004923Z 02 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch2_ta1/emailAddress=ch2_ta1
+V 131215004923Z 03 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch3_ta1/emailAddress=ch3_ta1
+V 131215004923Z 04 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch4_ta1/emailAddress=ch4_ta1
+V 131215004923Z 05 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch5_ta1/emailAddress=ch5_ta1
+V 131215004924Z 06 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch5_ta1/emailAddress=cs1_ch5_ta1
+R 131215004924Z 110321004924Z 07 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs2_ch5_ta1/emailAddress=cs2_ch5_ta1
+V 131215004924Z 08 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch5.1_ta1/emailAddress=ch5.1_ta1
+V 131215004924Z 09 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch5.1_ta1/emailAddress=cs1_ch5.1_ta1
+V 131215004924Z 0A unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch5.2_ta1/emailAddress=ch5.2_ta1
+V 131215004925Z 0B unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch5.2_ta1/emailAddress=cs1_ch5.2_ta1
+V 131215004926Z 0C unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch4.3_ta1/emailAddress=ch4.3_ta1
+V 131215004926Z 0D unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch5.3_ta1/emailAddress=ch5.3_ta1
+V 131215004926Z 0E unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch5.3_ta1/emailAddress=cs1_ch5.3_ta1
+V 131215004926Z 0F unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ta2/emailAddress=cs1_ta2
+V 131215004927Z 10 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta3/emailAddress=ch1_ta3
+V 131215004928Z 11 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1_ta3/emailAddress=cs1_ch1_ta3
+V 131215004928Z 12 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs2_ch1_ta3/emailAddress=cs2_ch1_ta3
+V 090102010101Z 13 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs3_ch1_ta3/emailAddress=cs3_ch1_ta3
+V 350102010101Z 14 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs4_ch1_ta3/emailAddress=cs4_ch1_ta3
+V 131215004928Z 15 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs5_ch1_ta3/emailAddress=cs5_ch1_ta3
+V 131215004928Z 16 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs6_ch1_ta3/emailAddress=cs6_ch1_ta3
+V 131215004928Z 17 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs7_ch1_ta3/emailAddress=cs7_ch1_ta3
+V 131215004929Z 18 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs8_ch1_ta3/emailAddress=cs8_ch1_ta3
+V 131215004929Z 19 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_cs8_ch1_ta3/emailAddress=cs1_cs8_ch1_ta3
+V 131215004929Z 1A unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1.1_ta3/emailAddress=ch1.1_ta3
+V 131215004929Z 1B unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1.1_ta3/emailAddress=cs1_ch1.1_ta3
+V 090102010101Z 1C unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1.2_ta3/emailAddress=ch1.2_ta3
+V 131215004930Z 1D unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1.2_ta3/emailAddress=cs1_ch1.2_ta3
+V 350102010101Z 1E unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1.3_ta3/emailAddress=ch1.3_ta3
+V 131215004931Z 1F unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1.3_ta3/emailAddress=cs1_ch1.3_ta3
+V 350102010101Z 20 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1.4_ta3/emailAddress=ch1.4_ta3
+V 131215004931Z 21 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1.4_ta3/emailAddress=cs1_ch1.4_ta3
+V 131215004932Z 22 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta4/emailAddress=ch1_ta4
+R 131215004932Z 110321004932Z 23 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1_ta4/emailAddress=cs1_ch1_ta4
+V 131215004933Z 24 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs2_ch1_ta4/emailAddress=cs2_ch1_ta4
+V 131215004933Z 25 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs3_ch1_ta4/emailAddress=cs3_ch1_ta4
+V 131215004933Z 26 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1.1_ta4/emailAddress=ch1.1_ta4
+R 131215004933Z 110321004934Z 27 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1.1_ta4/emailAddress=cs1_ch1.1_ta4
+R 131215004934Z 110321004935Z 28 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=ch1_ta5/emailAddress=ch1_ta5
+V 131215004934Z 29 unknown /C=US/ST=California/L=Menlo Park/O=pkg5/CN=cs1_ch1_ta5/emailAddress=cs1_ch1_ta5
--- a/src/tests/ro_data/signing_certs/produced/inter_certs/01.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i1_ta1/emailAddress=i1_ta1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:cb:34:c4:83:e1:23:3a:30:58:ea:08:7f:6b:81:
- 7d:7c:15:1c:72:94:47:9c:af:19:f2:2f:1c:dc:7d:
- 4f:bd:0e:d1:0d:3c:3f:5c:94:0b:75:e4:a6:ce:c8:
- f9:53:40:8b:49:35:b9:76:3a:6f:28:03:f8:a1:1e:
- 7f:e7:c9:c0:b5:aa:dc:2c:a0:23:94:c6:47:3a:55:
- 64:50:79:a9:08:e2:ab:9c:7e:b9:84:b4:b2:e6:10:
- b6:a2:8e:b1:5a:b4:69:1b:12:d3:8d:7c:44:44:e1:
- a1:c7:31:b1:4a:97:63:7e:ab:a5:02:3c:f3:2a:10:
- a2:91:3e:63:f9:b0:54:85:87
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 7B:97:31:F3:69:92:87:B0:E3:15:19:3F:91:50:24:E5:21:FA:67:61
- X509v3 Authority Key Identifier:
- keyid:15:AB:A2:AB:34:BD:EB:C4:C9:AE:0D:82:51:00:DD:2D:B1:1D:1A:7B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
- serial:C1:E4:F1:A8:14:C7:A7:58
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 2a:f6:d1:6c:93:95:9e:b4:ca:91:ba:de:50:8a:de:d4:08:11:
- 2c:5e:70:7b:ce:a2:cc:91:f6:c3:54:c1:ed:07:c0:c1:19:6f:
- aa:a8:10:f8:f5:83:10:9d:a5:1e:74:f6:0e:dd:74:01:0c:e6:
- 4c:d8:40:40:be:ee:1b:88:bf:eb:51:b8:ac:bc:ab:5c:ea:3c:
- 23:d5:15:8f:a2:df:4d:2c:58:1f:5f:95:c0:c1:d4:71:b3:af:
- cc:07:6e:51:82:3f:f0:d7:fe:c8:85:a4:48:ae:81:d8:b2:28:
- 11:4a:fb:f1:c3:59:01:6a:54:d7:5f:ff:26:c3:15:5d:d7:cc:
- a9:bb
------BEGIN CERTIFICATE-----
-MIIDLTCCApagAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcNAQkBFgN0YTEwHhcNMTEw
-MTI4MDI1NDEwWhcNMTMxMDI0MDI1NDEwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTEPMA0GA1UEAxQGaTFfdGExMRUwEwYJKoZIhvcNAQkBFgZpMV90YTEwgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAMs0xIPhIzowWOoIf2uBfXwVHHKUR5yvGfIv
-HNx9T70O0Q08P1yUC3Xkps7I+VNAi0k1uXY6bygD+KEef+fJwLWq3CygI5TGRzpV
-ZFB5qQjiq5x+uYS0suYQtqKOsVq0aRsS0418REThoccxsUqXY36rpQI88yoQopE+
-Y/mwVIWHAgMBAAGjgeAwgd0wHQYDVR0OBBYEFHuXMfNpkoew4xUZP5FQJOUh+mdh
-MIGaBgNVHSMEgZIwgY+AFBWroqs0vevEya4NglEA3S2xHRp7oWykajBoMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFy
-azENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcNAQkBFgN0
-YTGCCQDB5PGoFMenWDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOBgQAq9tFsk5WetMqRut5Qit7UCBEsXnB7zqLMkfbDVMHt
-B8DBGW+qqBD49YMQnaUedPYO3XQBDOZM2EBAvu4biL/rUbisvKtc6jwj1RWPot9N
-LFgfX5XAwdRxs6/MB25Rgj/w1/7IhaRIroHYsigRSvvxw1kBalTXX/8mwxVd18yp
-uw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/inter_certs/02.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,64 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 2 (0x2)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i1_ta1/emailAddress=i1_ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i2_ta1/emailAddress=i2_ta1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b1:2b:50:52:0e:01:25:b0:1a:8b:58:c2:e3:99:
- 47:54:32:41:79:5b:5e:2a:37:7a:d8:4a:cf:91:26:
- 72:71:37:8c:0c:4f:58:4e:52:1b:ed:33:4e:c3:22:
- 0a:ad:d8:f2:7b:a1:0c:17:79:57:eb:2a:0f:df:4d:
- 65:e3:73:4e:1b:a7:ba:b2:4b:c0:2c:63:11:73:f4:
- 12:96:60:d1:06:44:d5:29:b9:df:e1:ba:8b:2f:7d:
- df:82:9f:f1:26:e0:d0:ec:2d:cd:f9:53:e8:ea:3e:
- 3d:e3:45:dd:2f:cb:02:be:b4:88:b9:e7:a9:28:47:
- 33:39:04:31:96:7f:91:b7:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 4A:49:37:7B:87:42:F2:B2:3F:07:11:1E:FC:AD:31:B2:C9:DA:CD:25
- X509v3 Authority Key Identifier:
- keyid:7B:97:31:F3:69:92:87:B0:E3:15:19:3F:91:50:24:E5:21:FA:67:61
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
- serial:01
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 6d:9f:bf:30:b0:53:f9:b5:f6:95:da:a9:ef:fb:77:40:50:19:
- 68:11:5f:08:e9:70:c2:9d:23:2e:25:56:bc:ac:b0:1e:cd:71:
- c0:94:01:5d:f3:a9:9a:9f:30:a9:72:67:37:6c:cc:d1:66:2a:
- a7:ec:2c:d4:23:70:8d:e6:20:f3:8e:96:e4:5f:9d:7d:97:f6:
- 8a:62:53:0f:1b:6f:c9:1e:11:31:70:2b:f7:64:6b:63:c8:2f:
- a9:a2:2e:de:e9:37:81:c9:5f:9e:61:25:2b:d3:3f:f3:46:a1:
- 52:d1:2b:ce:33:eb:0a:a7:bf:c7:35:14:64:2a:1c:00:26:1f:
- b4:fc
------BEGIN CERTIFICATE-----
-MIIDKzCCApSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEPMA0GA1UEAxQGaTFfdGExMRUwEwYJKoZIhvcNAQkBFgZpMV90YTEw
-HhcNMTEwMTI4MDI1NDEwWhcNMTMxMDI0MDI1NDEwWjBuMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEPMA0GA1UEAxQGaTJfdGExMRUwEwYJKoZIhvcNAQkBFgZpMl90YTEw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALErUFIOASWwGotYwuOZR1QyQXlb
-Xio3ethKz5EmcnE3jAxPWE5SG+0zTsMiCq3Y8nuhDBd5V+sqD99NZeNzThunurJL
-wCxjEXP0EpZg0QZE1Sm53+G6iy9934Kf8Sbg0OwtzflT6Oo+PeNF3S/LAr60iLnn
-qShHMzkEMZZ/kbd3AgMBAAGjgdgwgdUwHQYDVR0OBBYEFEpJN3uHQvKyPwcRHvyt
-MbLJ2s0lMIGSBgNVHSMEgYowgYeAFHuXMfNpkoew4xUZP5FQJOUh+mdhoWykajBo
-MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
-bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcN
-AQkBFgN0YTGCAQEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADgYEAbZ+/MLBT+bX2ldqp7/t3QFAZaBFfCOlwwp0jLiVWvKyw
-Hs1xwJQBXfOpmp8wqXJnN2zM0WYqp+ws1CNwjeYg846W5F+dfZf2imJTDxtvyR4R
-MXAr92RrY8gvqaIu3uk3gclfnmElK9M/80ahUtErzjPrCqe/xzUUZCocACYftPw=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/inter_certs/i1_ta1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i1_ta1/emailAddress=i1_ta1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:cb:34:c4:83:e1:23:3a:30:58:ea:08:7f:6b:81:
- 7d:7c:15:1c:72:94:47:9c:af:19:f2:2f:1c:dc:7d:
- 4f:bd:0e:d1:0d:3c:3f:5c:94:0b:75:e4:a6:ce:c8:
- f9:53:40:8b:49:35:b9:76:3a:6f:28:03:f8:a1:1e:
- 7f:e7:c9:c0:b5:aa:dc:2c:a0:23:94:c6:47:3a:55:
- 64:50:79:a9:08:e2:ab:9c:7e:b9:84:b4:b2:e6:10:
- b6:a2:8e:b1:5a:b4:69:1b:12:d3:8d:7c:44:44:e1:
- a1:c7:31:b1:4a:97:63:7e:ab:a5:02:3c:f3:2a:10:
- a2:91:3e:63:f9:b0:54:85:87
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 7B:97:31:F3:69:92:87:B0:E3:15:19:3F:91:50:24:E5:21:FA:67:61
- X509v3 Authority Key Identifier:
- keyid:15:AB:A2:AB:34:BD:EB:C4:C9:AE:0D:82:51:00:DD:2D:B1:1D:1A:7B
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
- serial:C1:E4:F1:A8:14:C7:A7:58
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 2a:f6:d1:6c:93:95:9e:b4:ca:91:ba:de:50:8a:de:d4:08:11:
- 2c:5e:70:7b:ce:a2:cc:91:f6:c3:54:c1:ed:07:c0:c1:19:6f:
- aa:a8:10:f8:f5:83:10:9d:a5:1e:74:f6:0e:dd:74:01:0c:e6:
- 4c:d8:40:40:be:ee:1b:88:bf:eb:51:b8:ac:bc:ab:5c:ea:3c:
- 23:d5:15:8f:a2:df:4d:2c:58:1f:5f:95:c0:c1:d4:71:b3:af:
- cc:07:6e:51:82:3f:f0:d7:fe:c8:85:a4:48:ae:81:d8:b2:28:
- 11:4a:fb:f1:c3:59:01:6a:54:d7:5f:ff:26:c3:15:5d:d7:cc:
- a9:bb
------BEGIN CERTIFICATE-----
-MIIDLTCCApagAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcNAQkBFgN0YTEwHhcNMTEw
-MTI4MDI1NDEwWhcNMTMxMDI0MDI1NDEwWjBuMQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTEPMA0GA1UEAxQGaTFfdGExMRUwEwYJKoZIhvcNAQkBFgZpMV90YTEwgZ8wDQYJ
-KoZIhvcNAQEBBQADgY0AMIGJAoGBAMs0xIPhIzowWOoIf2uBfXwVHHKUR5yvGfIv
-HNx9T70O0Q08P1yUC3Xkps7I+VNAi0k1uXY6bygD+KEef+fJwLWq3CygI5TGRzpV
-ZFB5qQjiq5x+uYS0suYQtqKOsVq0aRsS0418REThoccxsUqXY36rpQI88yoQopE+
-Y/mwVIWHAgMBAAGjgeAwgd0wHQYDVR0OBBYEFHuXMfNpkoew4xUZP5FQJOUh+mdh
-MIGaBgNVHSMEgZIwgY+AFBWroqs0vevEya4NglEA3S2xHRp7oWykajBoMQswCQYD
-VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFy
-azENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcNAQkBFgN0
-YTGCCQDB5PGoFMenWDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOBgQAq9tFsk5WetMqRut5Qit7UCBEsXnB7zqLMkfbDVMHt
-B8DBGW+qqBD49YMQnaUedPYO3XQBDOZM2EBAvu4biL/rUbisvKtc6jwj1RWPot9N
-LFgfX5XAwdRxs6/MB25Rgj/w1/7IhaRIroHYsigRSvvxw1kBalTXX/8mwxVd18yp
-uw==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/inter_certs/i2_ta1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,64 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 2 (0x2)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i1_ta1/emailAddress=i1_ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i2_ta1/emailAddress=i2_ta1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b1:2b:50:52:0e:01:25:b0:1a:8b:58:c2:e3:99:
- 47:54:32:41:79:5b:5e:2a:37:7a:d8:4a:cf:91:26:
- 72:71:37:8c:0c:4f:58:4e:52:1b:ed:33:4e:c3:22:
- 0a:ad:d8:f2:7b:a1:0c:17:79:57:eb:2a:0f:df:4d:
- 65:e3:73:4e:1b:a7:ba:b2:4b:c0:2c:63:11:73:f4:
- 12:96:60:d1:06:44:d5:29:b9:df:e1:ba:8b:2f:7d:
- df:82:9f:f1:26:e0:d0:ec:2d:cd:f9:53:e8:ea:3e:
- 3d:e3:45:dd:2f:cb:02:be:b4:88:b9:e7:a9:28:47:
- 33:39:04:31:96:7f:91:b7:77
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 4A:49:37:7B:87:42:F2:B2:3F:07:11:1E:FC:AD:31:B2:C9:DA:CD:25
- X509v3 Authority Key Identifier:
- keyid:7B:97:31:F3:69:92:87:B0:E3:15:19:3F:91:50:24:E5:21:FA:67:61
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
- serial:01
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 6d:9f:bf:30:b0:53:f9:b5:f6:95:da:a9:ef:fb:77:40:50:19:
- 68:11:5f:08:e9:70:c2:9d:23:2e:25:56:bc:ac:b0:1e:cd:71:
- c0:94:01:5d:f3:a9:9a:9f:30:a9:72:67:37:6c:cc:d1:66:2a:
- a7:ec:2c:d4:23:70:8d:e6:20:f3:8e:96:e4:5f:9d:7d:97:f6:
- 8a:62:53:0f:1b:6f:c9:1e:11:31:70:2b:f7:64:6b:63:c8:2f:
- a9:a2:2e:de:e9:37:81:c9:5f:9e:61:25:2b:d3:3f:f3:46:a1:
- 52:d1:2b:ce:33:eb:0a:a7:bf:c7:35:14:64:2a:1c:00:26:1f:
- b4:fc
------BEGIN CERTIFICATE-----
-MIIDKzCCApSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEPMA0GA1UEAxQGaTFfdGExMRUwEwYJKoZIhvcNAQkBFgZpMV90YTEw
-HhcNMTEwMTI4MDI1NDEwWhcNMTMxMDI0MDI1NDEwWjBuMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEPMA0GA1UEAxQGaTJfdGExMRUwEwYJKoZIhvcNAQkBFgZpMl90YTEw
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALErUFIOASWwGotYwuOZR1QyQXlb
-Xio3ethKz5EmcnE3jAxPWE5SG+0zTsMiCq3Y8nuhDBd5V+sqD99NZeNzThunurJL
-wCxjEXP0EpZg0QZE1Sm53+G6iy9934Kf8Sbg0OwtzflT6Oo+PeNF3S/LAr60iLnn
-qShHMzkEMZZ/kbd3AgMBAAGjgdgwgdUwHQYDVR0OBBYEFEpJN3uHQvKyPwcRHvyt
-MbLJ2s0lMIGSBgNVHSMEgYowgYeAFHuXMfNpkoew4xUZP5FQJOUh+mdhoWykajBo
-MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu
-bG8gUGFyazENMAsGA1UEChMEcGtnNTEMMAoGA1UEAxMDdGExMRIwEAYJKoZIhvcN
-AQkBFgN0YTGCAQEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADgYEAbZ+/MLBT+bX2ldqp7/t3QFAZaBFfCOlwwp0jLiVWvKyw
-Hs1xwJQBXfOpmp8wqXJnN2zM0WYqp+ws1CNwjeYg846W5F+dfZf2imJTDxtvyR4R
-MXAr92RrY8gvqaIu3uk3gclfnmElK9M/80ahUtErzjPrCqe/xzUUZCocACYftPw=
------END CERTIFICATE-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1.1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCxK1O5WR16X5sej2KRlKcF3Og7h9DkPHa4YKUwvQ8kpV+ezE/M
+47IjI0s3O5clSAAOHDGujx3NMvglov7ZUMXsfu/YCR1vu+BgsDP9Zjm0/y9Ua32I
+2OhqHs1UCtrtw1+JxR20T548ETwdC4qIsGTCeYjnLeQ/yKTr1PM+m5qYfQIDAQAB
+AoGAIqNS6iDnJ367qBzma4oBoZ7P9JuYFpdPqrqScVX1OPfwGu7dBzTZJg+HbBQF
+d+98u0V93R/z9qNpaopUgw5Ms511c6KlTMz2sYdPwzZYcc3BT1ccwgkGI8MREiV6
+GL4Ue8b7igHn2PaUD6FIGcq6U3yNl04lfTjLud47bXRUcW0CQQDp58qbqfkCyAmm
+bS8laVUbecTf5tTWxq/q7qqTUNLWNyFr3BEGmVkJg3a3OpKO9sKOPMq0wRXVSPTw
+7H1c5BDbAkEAweeQRdAFVToEFRRL50WSkvLvvTdghHnSeU13FlA4No8L1VL131ls
+cSx3yi2TLK0ICIassSUDvmTh0B7liHCvhwJAO3QRSbPQeWaDHWxPOYEmgs9WvVqc
+6uKhwGNdtAgtLwngUtwi77x2pzZlLHmU2wXZufG1zG/vrsDWkY5q5vuJVQJBALrc
+IJhmYv1Cr3Rw3sS8sweRvZ6mowiHLWFgWYbTP5i0OT8Wd4MJdguKQtY/HTlMdhVh
+U0JS3Uy5gzNA0wmtLjkCQDqZT6YlC7avgH51Xrhx9gbXcatEA0dk52MsdMK6zz7D
++1NtdXVUSQb1Yq/ZTKMT63kljIu/EVKnhOgIsjHPt44=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1.1_ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDLVsYb23ZcN/j0s4wQwwtBhcu+ywVMG2om0wVKnDTKXRjeZK13
+Ka6Aq9ZgRWJPma3Y5FVA/P2dczZn645x/1wIQcfSN0qRVePrDUyyZn818gutK9Gt
+zJ0NZ83SlsBxiYtxNCpHUBWERYoMx/NIst5Z1ueh7KuJMsQ9CHwAIUbTBwIDAQAB
+AoGAIq2s4cle+UFOgyUv6RfqjoUsB2EGiUFPrElm6J+VXUHdYOhYsS75pNYpnIeY
+yayS+p+ObqP2+OhSSgzhYU3EuxGyZTvzMtbH1ExaA3Trf4HqL9zR4ihur1/mYQLG
+lp9wxTrbA7soUaUItRiabIeblkCV4cFk9V8zfyV+MiGY7SkCQQD3LqF2Mx5wPnT8
+Rm9nP0BnKWYBnuCsxdMiulKcQeX2kUzYzCQLmsa1qB0J+rmuvD/FqM2OG/hA0XQG
+kvBPNJ9bAkEA0pe/wpIJbH2m5OGHHZlSS4PZYoxtAt7b7+DWgcaL/Fmo9S/EKlg6
+eS0sehIvdY1Ryg5hIdNSdXeZOsYMx3E2xQJAJhb+dItuDlfhiRqFgkCB+SOs/2Tv
+NFCLt5dEsaWJ/VPopqPWjh88rbOJPgdv45hIr3nSqypuN/bOzVCJTXtLbwJBAIFO
+C8A8Su0CeecvUvcpnQ4g9uk7r/ODQygWtZ8ZefqIUuW5XolhgwXEZvrND7bt/rpB
++gH67zaRKNSdplsPeMECQH4wfbw6RwU/pgA1HBikDAF7+muNE/NTtKZ8tyfx2u/e
+EmFm2wK37zMz3qr9u/NShCgHZt9HdU6443Dsc7lm/Ls=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1.2_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDB4dDpMX0gj+i2ThzSih+3cFKXULXqBCdQX2lAQrmFMMr/1bbF
+w/vAWEP9Fas6C6Eh5dzvZE269Eon7THcvi9TnQF7crP0lDeNRYgWWE3dg81F0hJB
+8Jr7q66ljtKUGwt8hPKkm96SSB0RRF9T2Y5zp24DuO091TDui0WO7zMGawIDAQAB
+AoGBALFi4tnITpxRLnBFjXdPqm8SFG6fCKFgRXvyn4CMy+JBXymtJflRM2+rEiFn
+Bu8nnrg97+MTGU8YnRRknv9A/lhfqSb1jkVPAqkLiiBr3U50I+lhRjbQyGbF0avU
+brR29ts6fd/Wiomi/ACpHzG7wZtUCeBeX8cfCY6uNEm5qFPJAkEA8mv41KQsy1dS
+na6F2CdSaGXeJA3er2AdOra4nNu5X51IrizjuNti8F5J886yBJo/y3D7QenWh547
+mpaNFl3jDQJBAMy92GMyp16vvI+lSiG2L/lRxP8Dsy/zWne2WBuThIvc/mJRmP3H
+vaDSkabMvgO/8+nD2K87kOAX1qWC/mxTEVcCQQCpbteKX3jDYjPm62y2x7zsJI6f
+KmaCsq2bNMxRLa0ha7+5pLxAnm1HTM9pLQT0/I4r9bpWtkXvoaNNB35yrIodAkBS
+WBBNZTP3WwqlYz77bADDb2WhguVwZZl/CDFLdfsbHViaRmMXvlu/8LBvu2y4qVz6
+KbBeWcCcwDmt+49EFeylAkBmpEGzeITqIl0c1WKGEMqj8CqpHsqpx3FSx4JjlUsn
+26ahZDW4SWpU9RyQ009mHfZ8WPr3nqZ1JRlGJa4XD77N
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1.3_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCwzqrRwlZvT8uNlYxl/SYvQtGKTl+qa3nJ2fHOhcCr/ii5hBJK
+19ipGYDID8IfRWZk0t8E4xZNk3m13XXHjpt9z4EeOkWhNLVS53bpm1txT5FBctL0
+0uS1Gh2H0TEVVjkScUb5Rw/oK4N46O4RkhfLSmZChQvYp/XEIPLhaqkgzwIDAQAB
+AoGBAJyrBIJKCf0oX95dncLhxmwqcTJ0sCB6i7ho/vNZYZkF5WA9v1fCW6G7j3m3
+PPQossq0cBoMfz7OZxLX4f2qR+yA8pWS2NqaU22c5wF2/bvpv5T1eY7cQbYX2AfK
+6drCc9UIn3VTorTwPTmn/xMsvIBwzoI4JqIu4JL7dBqJnSDBAkEA6BkIdJVDT2CK
+vf1FhQNmP/sZ+wETpgwEzqe/FftifzZ9c7baSEKI7fhe1fgkcVWoJm0iFJIqP2lX
+AxQEH/fMJQJBAMMD+EPzPlF3lxrRtXJ/vZUgKG7naImzZsrZ6FEw8qdD7uaMo4Nw
+jENIQ2sxwnlQaj/xtRgF5A9P3YdbXT+57OMCQHDK4ZIOi8SCjUphUCyhB0rmk6yo
+zEywoJFxceqT3T0nVPYsEY52Tycewa/IRKWTVAFAngRTOBbS8Yc8bfi/KsUCQBef
+rHx2w+7UgN6D1uom5U1iVuOQbs53iBU8rnLfbhWrGg6drNUoViV0ZI5gucE+Z5CV
+dC2T0Ru1vg0+mR42JKcCQEpa1BGEed85ogDqYCT0UMmJdS+iCk1KWPq1gWnbq7BQ
+JB79qrdxCNsiedY2FZaYc4T41KTXzVfrFfredffN0/M=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1.4_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDUczpA+QOBsgpMpNlF94HAu1Pub5w9oJiJhoSNMx8Cpu0qFJpf
+hBEGnYIo+8+Svb/58Gv+PQZeZXw1lk/oRCyD1bgyFozgfO2LlnmmFOUSh+BVKkU+
+5/29DpRwk+RhgtMGmjjv4iK+GhCxi14WYPOaXC3/BgHLXyTL58cnpzpY8QIDAQAB
+AoGAJQ5AH+sPIIUUZM/wEdMc76f8+L7A6sLjOEGdRx+ejhDdlxRm5LgdXCEG/e0G
+BJtSK98yhvLP9JEQ/CvOnj2d4cN0yemVVTxuYngqFlEo8dO4+2fsaG34dgO7k4Si
+Nr8jGk7FCx6SKRKxhRyuoMWcqyyIIpUvehU3A3eh0hmG3/0CQQDw0CjVEsArMb4N
+Ss/hftusdstcrXK/jEJxA3icKB4X4idm2YIXwddmse3Dben4UmmLAQRT0f1LDTn5
+Ol5/kVvnAkEA4dkoT0Rb/Egn9J9znIRE3I8GaY697bP4hGc34QhalsWSaQYef2Sa
+t4W8oeT88qRDfYAKaQrkQbWCJrA4lfrJZwJATERg6jqqCgQTAPq0o+IdiJ2HAq8c
+LHYrhMdop2w9O6swd25juUp3AdtQRhjFhRP0wUVtLW7QHbjup3RJAXXz+QJBAMdJ
+HGWdl2Fstj0HujdBC5ZnaiwYtYUbSk5i2g7qlSz3V3Lu4FhfCJqqGsHsUjs1MQx7
+wDPiVXmZ1SeYVcYZzj8CQANUL6NgN0cuz2bx3D+aTjEexpvg67+0aN9N4Dv8+p1n
+g1BoGxm3NvU29DAIkNxxOJ63mzfmTuFauaJw9cuOxO0=
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ch1_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXwIBAAKBgQDYZOTXLEhR3x6l47qO2RGeBUNMFyA3k8mVQAhQx+2nII9R/kW2
-1eZb9TC7lZUuycw9tn0HVXrsNkuSyM2XtA5yQyLdO7wffpreXZc/y0gIyCBkWdnb
-iDo8PW0fV0LAF7NnHTwbGlMCDYyvkYl7TBNJd13BVoArolx5x8bBYZVKNQIDAQAB
-AoGBAKQRy5iB0MuSmlA5HEgWuU7QurfEiP7apOruw99L1xryivgmDIGWKLTscOip
-f5UcGClqZd3bp/nVKPPAIHG3aYM//7u9h4XtVWm/nxlS7kshzgexFEZJjvNVS5he
-oLbgrWcT19YZm38pQHB076qi/Kq41EbwJgKK+NErrUr+herBAkEA755fXQH5ZW2+
-BiysZvFWG0ymL4KMcWcwGdZS2FmiNBcgXN1eMDZ880C3lv9TyVwWpdNl5qkepWwO
-DCnStH/yLQJBAOcwECCNWa97gJ2aHO2T/DFcKJan2OzRw+Bpyw1TR7x+1uV4OuSE
-ur2quYUN3Fxrb4AtA/cK8AIqoHHq0ODTJSkCQQCqTrIQ9PpBcQKCePYAJL/Cn3Pu
-iKcxYtn5Qy+Wvf5fb6B84Im1UsT0T6ctF0SB9YXTTrE6hDFX+bjyRDeSOu3xAkEA
-yVrbMP7rtiNjCeFIgMP7SyJxV4YpMVohuDtsVtbKDCqNEJ9+67mOy9L+chx4aSZJ
-nuGWKnykPb7Sr2VNOAOuwQJBAIcSfpj+ikL9YHg3IE6q/M8mRjDwDjwsMk91BllG
-ds6x4DLIP50V4nmyIPmMP7+2V8F9GvtdmVa41xl4emL9gR0=
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCsDtS6GE/SIm0eDsUxGHbCzXD3q5dglDlpydWY2MmEphyTkgDg
+/XnS7oSVtaE4OsB2Yf7+vkSbd6C/F9FFkR26oHvmfF07rVAs57lBCNnFrQmRZdFy
+V0Iv+x2g02A5jH/SkVnQmwsLhXd8ek7j3vjCG50pGabke+MI2MPu/cATGwIDAQAB
+AoGAHD+zHXqwYEfWsoCqT408sm8YhRFfITQ02PGSaC3vqB+9wVzPWCFFxyPyEMJp
+XdoHj2g3fYuvp/bUJYu7iDhzMNPVvBcd68toP3sfmuXe7bA1gqfge+BREAID613O
+0hwedOCGkbxWaqzYaFAMC9ddd3cG063HYXue+GF5Tg2T74ECQQDjUrw+gEZJmRla
++BZiLDR+DJb9+bt9yF3Nx1I7cPH0Q0l5kpRT/H+acgfDdMJYGODOkLfbTNJkj4yJ
+YxN+OdBzAkEAwcNWeWPWJJ5Dn89MZn3mF+GxMGFtXH+2shjkJ8aMznflber27Tcc
+fqXJBYwAU9VwhBiPNPPg6dNLkugyUTnQuQJAWl44kUwjJPzk1IINO+fA0l8k40AU
+5dLyX2yeZxzmQqlBG0BHEQAupfIw3eWboLP7IoLrZBWtCeb7Al7Nj/9huwJBAIVd
+IcPjh50koX75e6h/t0NwwDiAlnk4HlNu9nq6Gmhx9aQ2OUcEy8QP79C1j/Qj0JHb
+JZZY1dGa8UVoNFnb5WECQCOwhohOXWQES9BWLICr8fQ3ihGH2R2Sz+r+tpCuoA1h
+qTDIScm43GwqOOUv+EAcE0nrwnzJMK9XhPPLo96nmsk=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDOYMIVJ//vVQN6GpUXf5OAuahkP5YPXrK2C8CFAnolluDnMQf3
+SrmLp4d8NGWbCLMmBRPE0y6I56fYxwVWpItXthIuxGhvfLZdOH2ik28wn++/24Hu
+e386Lhl+uQ2d4grjVjaNy1TZw/1nWVgZi2BlHZxw6MMYruyvVu8ZJuaU/QIDAQAB
+AoGAZn0CpUMCBLbxTRgaZlsCw3BvwakaOnPKyEE50FQUmMo+0lE1JYfEcSg3TmUu
++DjvzrfCw4Ikn/R7FFpxuj9ourfltLVfma1BPHWI8oorUJbFpa4XziifvU5nXaV7
+jdvolrv7i2vaJjIHA0dxc4OVxUi2848a97pq/i4O51CzPkECQQDquihAb2xf6Y4A
+TShkF/VTHUai7qwboeJty1qITHZIcn13lZQeh9O8JoRjr2STSontuJvtxfn0WpQ+
+CCKiMmzpAkEA4RTg2Hr2ZQhC50lZK9l3qVZ1OisNIqtpSnBfddqZC2ztMC3bNSpj
+3jxQQlAxihB4GxNCsSgDdH8g/QRu4kFK9QJANgVv/Bxouc47wy/+ysKE0IMdXaRG
+cfmY7iHuDQ5j7pqC68G+HCSwg03uDC8ym399LPvezyNQOn+aPIiMx/2I+QJAas95
+k8FmQ7OT7CXGhyR/wIAiySO87ALjyEtjQY4mqmFafU6Fg8lF8yQ0AgQEPjxqgo61
+S1Rtr07U3LzJ0dyiMQJAFa16FJ57hVfg/u8Gpr6sCkO/jGHgcZXatPgK3p+2B5PE
+sRA+l8UcB2DPjeRa8J7ukG8rPxU/I7BUI+3yaTFTGw==
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1_ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCtnApYHSznp/3ejA6ZXdCyZ/9ZQIZ61RPMXqXkgZVFtWutK9Um
+vLJTA5RXYRZdYN8uahU6BIh3P8sBIBAg4KtJbURY2cabRHPt2Rrz68p03pAG/8sY
+nEP3TuDLBq/+Tiybv2rCrlDD5/3ZwfEYrbeu91aKUPYTG0cNws/EPzHxKwIDAQAB
+AoGAMDvKI/D3KOVjgxEmfTWzZd2+8+0Zb8cDWSRysqnN7zAYWmRzM+/5G1dDP4OZ
+0xe26g5PF29q+raekBF4aaoB7E9eXWGUoTmdt5H9hE1L0VdkEDjCK7taHpjbihef
+yJfTBjiBuXAfkO70najMivc7+d9jHYiSk5oaZiYYmW0ilQECQQDY5xkvJW4UtUKL
+1TZUzbCS4hhGHaxkKCENJc0+6tfnYY0Cd0ZI5yRNJfn5Kku+UXe1KH5bdqQDBi/t
+K/gWOrXHAkEAzOcxRSVpRkFaGMlAXLjZZXkvjq1cDqJyHAUvc39pG0UC4NUW6jwq
+35oPD7ggHaSDW94BcljLmS5qpmqqVgNZfQJBANG8xfF89DE6BRtKFLt0GmYuEuLa
+FrTSyQL5prpMRHINNllIFMKyH7wqGMoDSDLEfEjE20p+MqJp/TYN6ls0ckkCQCMj
+lsB77PTeajwL71y3WpjbUnuOYVYlJ5qEjSGqfPTvPdIe2QIsdVHJUsHoWqGav+g2
+R1s7vRa07hdB/ZookuUCQQDGXVeL9hko83p1x6cZBpb/xq1BCPVP/i8O7RXt/p+B
+ghnG6sNAolPqdxTuCM/hbPtIntqvTPAfZYarJ/EuJpt+
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch1_ta5_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQDSDj4MU++tkRNetgF/xhZO2n3IJhuFOOCY1LJhC0O7LpLVmg7b
+q62Pbp3IJTbi28r6q0taJZFGyWYRDWae9xGCAuEu79/07Z8PpG9gQSAyjBCQTJyt
+VcxAA4n1FVMTfau+U4sURIj4VFDbMfWuXA14aKo/m0r6GrFHU79yHYn5QwIDAQAB
+AoGAQ5FTQjHpwgINogSXvNsiJ+E+Xphrd9IQ5PheHLs74UUc9Fqm9uBlZuLlHBFk
+c1rSEwnwpiG5dnSoQUn3PaEp3vuGpCSnYLRIA2Ts3WxAhxv/bqpnW2/2+0rJObjk
+TRPw1TTfHP40tlQ9z3iSTbGYUR2sGVBadE+cr5UndxZUpeECQQD8c2Nzn2IoyEcS
+FQNBps0py7XCD31hhp8z3bm4mU29Nf1I2n0XGt7AaSmANHe4oKzydA3wkQg7yziV
+t2mmjfBzAkEA1QJEWO6l4xq4C4HD4J4pnl+V/gyi/8RU7a+BJne2IdQoK0qld3YV
+fGSuDwt+KmbAMU5cKgTNYNXqlJvd5ESv8QJBALbMWuQbMfmz4/qM6pm8TW0JS+hk
+TPa0g00MLXIk1+y9TlVVmCSF2Wvb+igSVeqDthetv3ZFnn+ljKikccUfnE8CQQDG
+RpHwZlSsDZb7vxLh5te+wCMSlBi2E78qcI+7ivtSifXKNnXHuXdOjzkmcABE39hP
+DS3lPwsd9IGjS2NEtFtBAkEA8jx7z0NHTRNoBRBUrhP5YhnB5bXtRSNtlw37tjwL
+iZEFw4gGRrkvoru4/3qIq8FqnzOMRyinNbp60cub2zhHyA==
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ch2.2_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDIMwuxKkFCjHCIYM1SDqxD1WWdSilN5jKdp64O3QxoPr0LUXdT
-fcgdSaIZI5VBtJsfifshnPgr42XDFyLLxva0zZKuprH0QXieDUxLNjmkjakqER4I
-GoP2PTar0sdI58d9U1RqoAXKXo25f+uRZDjsMg9pZhVSai29XxhxmdQeHQIDAQAB
-AoGAeVKV71OQIOhC+iLPyr6hnqof3mYnCdJLMkd/r/o9np8GqWlBSxOaxkTtOxbZ
-SOxOZZqU2hXqP46bCNNoft2ge3bD9czdVV/TD4OIuKzdve015aI4vTifgYO5CoPf
-rHwtJB6ePh3bWcPc9qIKESG26LOaR/DRvK+cbGYqMt71R4ECQQDsY+8xiKnfY4v2
-0lNlx3H+jw4Er/eeC9JrC0jvyoP2FZnDeK8kDIAuuul2vNMwl6s6oiqCr2tNufgC
-PZ0hnY+FAkEA2M6MMhRQgxTyLWv+BIm+xiZjxrkYwPhe/4FiVt49Z06E41q8J2vz
-EifHC0Q5wWkiXyH847JXAD0Ij/3cykD7uQJASJCs3pHLQ831K0GJZFcDQVd8wCec
-ZaHPaBjAvQt30tTyrLShXvmPZ8js3gw88E++unMJhbB/yg5qeZWcZLNPWQJAKwks
-+Q/hP3Pb8ro6DQqOrOSX7610RXHH4a38KEQrKiOC62JqcOTTtinhL9JWKJdG9F1Z
-xpTzAiAbYAHDXv5xOQJBANNvk96SYGPOYZxbLuaxT8V5dPGlcNVHHKStxdDo7AH3
-npFJub+giD04OhLrJybfjWjQ1G7XMr56ZQvZbWgGOJ8=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ch2_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDsEIK4vakSnnAuUoli142cpAEHJ+4gkm4HHt1YmFtlb4UbsM3n
-bfazm70fvpMJebb4CkWMxLgio/utlgNrDxi2+tO1NZmSo4KicZO6duS69ocv6KLt
-Kwyn5L+unAMIih4pJWZyFPGZBSwpFE1ZuHHWlXhIfaO5j+ue6Xy4XGVb5wIDAQAB
-AoGAdEMJbp0SKPZZP6csvL52oz/utayHzgjwIZek4h5fXQzYnLOuJR32U60PLxQ3
-7IHCiFTevh6gpYbnzC1Gz7Jms71w1Mwn2wWgMeoRm4XPSUwnHtLCvzAJuPOE4F8L
-VYcyjJlHnggP2aPGPvecf4ANMvu4f+2PPjKkkrox2G8o0OECQQD/Vufo8WQGCgQM
-/uWQWngU53+3WguSNLZ1UUjCAr8kmjt2Ld5Z/ezV3gxCfJb/Z0X4sz+gWnXXPIvC
-6qWdENF3AkEA7KzXGEHf0DrkiR3vpEh8WzdFtQ0wutJ2bx+PqIcZYkdbv8OaZzCa
-gkCFMnyn4PhUmLaB1zmsZnQaMg7+rljlEQJAP3q2mxXwHQQ+b5CrN9EWC3RmLwom
-2ElclxwHL5yJMqtZXw8WOV9EkwLqH1lkHMjq/2Jozg/PPhxiTqoRVFQLDwJBALq6
-GvH+dxCYhlpQDhP1RHfLAeo4P+wFxH8jzXnPLQ3G8vI25wjm5eBB+1S72M+73TKn
-O4WM8SHcFBbOkc0IQaECQBQSsxl3dgAWhxLzRvuORZFmvLD3M40jbfBMrq3TdT2O
-Pj36+GmyGHL2J1dzFeltKmMvFuLwrLyISHnylkMazf4=
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch2_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCyLmQXPd0yq2CxB56N2jxQkbfSwLK8r3Q7wU5s89CYkTI0+91I
+BDqGn+cxLhmzSVkLIBmxu1KRRVe6NkligmE7jWMRyKb6miC4NE4OTTFza+pe2S37
+tfkEfPmdsA1PdCs1sU1jXRFIfnLN9Ac1X+dZXhbimTq0f0rMvIZTvVW8VwIDAQAB
+AoGBAJ+k/xrv2+ONN4oF+KLCOS47EUesTbjPP0ZW0Yy++1PnK+PbEo129HUwifU/
+h9liS3yzWzIqUzVDuvFluGShyrkQnN9807oh+CR45uZl/aKRkbN10Z3hbdkCwM9z
+/72eR09QeddrVmsJx+i2Jd+p9EPsvGrl91JVmyXa25g7xzDhAkEA4QE6qn7HUqaN
+tTbGSFpg2vW7iLg8puyWQycSocpyP5IYavbjHGdbcUxNDbWCUviUvOIx4wpymEBN
+bgWw7h5CBwJBAMq57tPRa3J4ym7/W6s0HaXXjLGTzKOiYLd9EuSnwBPxpAtQoP05
+Oq88wOaI2d24pqyDdZ0Wpr1KOv1IZRQB3zECQAWYoDrpWE/H8LJXIGtgRBRuFDH8
+UxXbwIj/CcmYXWsTWSQf69oi//U7bpcusoUZxalE/vSkp+D9iG96GMJzYjUCQEKt
+IrryLwfIaLRXMpw9mN655WFmfjD3sB3JelRQRCGLIWxDSZ/fmciXD88DBb0iBVfK
+KP3QvGiXqI0zqWMKNpECQEnozhu5Cd5JAtQqgc82ElN/Ogjhs4VC9lUBfsk8ak/+
+soD2wXyAv+WHWX/g199NsdFQcd1mQ+x0zS3McL4+fik=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch3_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCr0dXSanLyuSAHU5jmFPzeZucOHas1x/WAXPvnA0qXFbfaOhhf
+UDkcmqqt+GTTdqHH4vhWyR2vP7vQmPQswxzq4xjyYDVuO5lnNSfLZH48HMtk07xg
+8Yo3R5wCbnzj0zga8D2TMYNXrjYXtCDoRHJ/1GUlpUKzAlVpGJv6X39i8wIDAQAB
+AoGANl/djw1o+y9i1265QHb731YpYOo6uHZjVxAWF/GOtWmGGWWxONimekroIM4u
++kzcvekyNiTHZCKDSWxeOZw1lgsq5Wwxtw4VDH/xTsGaEL4Isw45EHH6st0/pY4Y
+q3gJCIRZVkka62Euqi9VoTrWC0+L+hQbNpZ+J0lbWJ6ssOECQQDWCCgItYqR8H0+
+XOlGQD7S2fJPlas1AyI1jyWrtkdw56cbK2Gb1Pwzz7oFMXwavmTmAqVgu1breuqh
+QddZqI21AkEAzYK8h02voDpvKSF/+knPXtwOJ2CkHzw43eGTqsDD+P67pzrYPQqU
+mgXZY0w8taLY8u+W7dBALB/KwPwB0a9XBwJAWdYKl707cI40w5xT/byxoecBIg58
+UkACd+ChuzVDP0y8g1buHW6EfWrPdaaTpNYNm824hKWdkjGBkjYEoglxkQJAVUGL
+XMZJubsEKpgPM5IzSTMZXBSngZ3GKaZPUGMv6bgjuTicRJaDF3KdwKf7945bWk0y
+2+2s8aEux+jECG0pOQJBALyPNOK7NHn+iEu2HYSfKD0f1M0mL9cGxtzAaqGvZHsQ
+XLuZqxz8S8BHzoJDHEMT2H0CW921qYFowrmq8EY5ivo=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch4.3_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC/uynwLx50sLzqTf7Hm9NMztVG0RHvVm+avhpTwwQ7zRAUh2fF
+hzmOoxeqQvQJzDFoKm4cUCxwWt5ZEMB06nMrBhzZICn0SNXJHikKnUdzaFD0dTQG
+k9WpfrggLm3vecOSg3lTSyaegDIZXzn+RHuJCdxjekyt1ncxGpwmPK88ewIDAQAB
+AoGBAKRskxOqpPi3lNtvFd8C0FufSSIZK8NQIhfXjeZlaR0LyA2C7chlJkQfs6zN
+DFHWrkxBjvpy+xlDpElHZ3UclrRDty5P/G7y7NC1ElQVpk4LluN3MyO7CiQY0ea8
+Mg1oiQUzrrXH3vNMdPerl0OGhnvTi/UtNeBzN4zqN7Qxv2S5AkEA5GleGFvTZmke
+dDN4X4FSK8X/53rYk7qwcqll3m2xiPGwODeWltuyyK/IqTU6JcXk+8PRqLb3oOCw
+4tz0EmOBFwJBANbjnL2cfmsF4KUNryyazOAXiboLZEanClxK2s6NGZp76BNU+G4k
+w3HooJMKrYdN1lUEWywujt9lK6XN87calj0CQDtihbtRjHnw1KEjjKVQCxwkY288
+ijiGbj+xeTHGVUUkiUtkcHuSbT4uLb6IfzC47drjQ4xY3bLvGC4zgiWRx0sCQFJX
+y+MYiZTHHssAkGSeOO2R93O0E8vDDIRLJsdJaEs7ObXWtI+4RLBsfMN7rv0PBZd0
+YN9wQ800vmH9pms+o90CQDzQnNYtY8aQaKo2rDpcaB+UGxgUqNBT5FEKC060ky3Z
+cWc5wy8jMOFJIuxdJVo+Q6/yImHqUrigPGeyQ1+diCw=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch4_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC8sBon9MSEpz6W2JWhNRa4gszewbU+Zg0OzT9fOPGqrgtjVodS
+5bCwbmv7R5cD21AEJdj5dZuBT9mZvVNHCpd81AJAuJJdd9ItZIj3qdzCupbwdPph
+U56mhJftl0kINinVLPQF04Hi+H/wBZYFKbAvKWZtMj0et3m1Z+c0SwB5RwIDAQAB
+AoGAPuz7zBd08khUNzpDrF9oFGCKsj8nkoe2Exmf6MG01pb0dUyGFL9FDZHFsSdO
+1ZpuNPPqSEdQdO+MQhlBjI+btRLKK8SdDrl57BQW6p3jtTMZ1L+bsavSsfQpbngf
+KbaVWifa2U8pKVnJWIOaLT4Oyg436jKH4+9sCEAveqfdkwECQQDkoYPB0pqcheP3
+7aaxYx9gt1lBvrZ4x4OXQwW/u6JjLd21W2X+cu1V5Q8yTjHCv3gAWa9C/+jx+osq
+dSEZWo5VAkEA00aEkXHykbuK2mSbsLeiVZMJOKmpRHzU4oQaDJ3eQrDOpRPs7WSB
+aEoUBgloq5QKZ58CZ1fvCGbmQUpnoQ9NKwJANi139XQcoz6vGM8+Ewb0Jo0MH6I7
+xz8wFaYSNK8X+fyibxlrf/Jn/1S6Vydkb0vD+gFGoM/XuY+vbq4227UzyQJAGQAQ
+MdHE/V+u15buIWQpbmzeu3jAEd2fp0owduu7YDLh0QDhmVm6Qmf5pJk6bIsxC//x
+3d6250yd1H4EczeHTwJAXyfA6QoPpK913zEu+2hVetfe7I5wCnSC5wSUXCCqvz65
+L42wm+hI8HtwJiyTZruZV3gPF2HLGzbvvmObVFAE6A==
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch5.1_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDXuXjhrb2YrNqQaCbb1+1b5A/X78FNhCBLfO8nUEur4GEQEK5r
+1u2WswQYsk0wuCOXJKmSahmV/Lx6cKtlVSZKYt0J35sD4Tj4uqwtJvN2hMld+CGg
+V9BsrS5gzK8VA4/l4OKG3+0HpUo1/mV4lF8HvdD3eiiOXZghe8Vt/kNcVwIDAQAB
+AoGAOm07djQuQ6mdULtEuwpSeS7ds6h1/F6quIdP5p/yvsx4vXcnJoIBu20k0OOJ
+0IYu7YK6grNF1r+q9KaLZViYk9F1I8gftmnLvZvQyNZ6pkJiail6eJjWFQAarSDu
+hCWaboZO5IR9LvuDEFBPhU2sZWhKHtTOEieJFMnDNihfKyECQQD7z3AznNT/Xkvg
+nWHEIzXblrRsL3h/TuejMtp5e/0XoG1Op8ibVZR7T2C/lidgsc3c113HseQlaLyl
+HR/lRQv/AkEA21BUdEzkweulCopqPxTzbYH6dWimbYnjGZ8Hld2cJUzIbrrGS7h8
+LrWxoXZdVBLyctKOjLE8RIq2dTgDKgWPqQJBALts70q7VR6uhTOucPKYcqH7Tleo
+DbxUcr1aQJtj2kIXusRsxjg4Psh5kL2Jec3TCjNyae8VTYc6qg8L2o3AEukCQQDG
+lguTL9loGwdb7w/bxQ3TmAGBdNxWjafdGFpXAs8UG13WnjtWb1vLM+z/Zl2F9o4h
+GLXJgecvrWcf5zM+RsDZAkApQYiEiWIqjQDw/8sPyCkBEKWcehRtlb1c9EtNkxIS
+RP0e2lOfdnxpDXJgUyYSf/MPDrtfrVKM4skGYRVunSae
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch5.2_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCuao6d7PhUvvtcrgL2MtzgjKc6JmInk2gtxX2ECq7F1qZhpdQL
+bOK4Q2qkr3in3E201bGFZ1fSqGHECCE0B0zVh3Fli9OvRIc/9dUtRYM+Uk0Kbcto
+VY70vCtQbeZpUGhsob7szeKWlpYEjboyuQ2Qhw//8Kt3klGs7zazay0XkwIDAQAB
+AoGAGx/XLhg8RnGtBazKKR+f2gwFtbVibmUuPnAIJRDEPWA0X9s6LsywNZfGbfYb
+/X71Vrok8Wow7kHhcmsRPtYjzI9xiP6hta2/Ry4eRF6mHqKHZTFCzzsSa7MsmPz5
+3q1tlV47VFOWhPKmwGDRwFHv8Q94EArrO8cHpsceJ0KOzIECQQDikVXTQkU4Af/p
+oNYRxL8xs21Hn+GIXkK5vUCIUwBNVlogMuEScYVtPqwytb1Fv5/ZLvpfeXdgM5i3
+PmWXWaafAkEAxRLjgnJcZgQfKJn0aonrBFEUsWw3rwHoH48c6yFiZgcmtJGbokCg
+Z1bd/iD2w6y1nfnzaFJimbenVsqHrkxujQJBAMw8ILa4ZXcwbkVnA7Guvn8J9Dd9
+iyuHdPTEAdkhoQMWFVYzJyqeBJ3OwiFQLJckPu7jZzULZK3mtQJyD9gYK5cCQF16
+Piwr7qP9JIJvtD2suatMglI+EJOUhfQiQAdPyIq4raVMw9PMb8lUrOvT2vipvWP3
+oXtESLy9HkTOwFjurCkCQDH54djMWWfwsw9baAHSmHGeterR+xOYbnvlKM2pZWy2
+KXIWeHV8uYyL1cSKgSOROC+/ZSwhTv/aWg16zwmywxc=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch5.3_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQC2+ONYk+piyTRiQJcUxy5FRVaoBUvanW5/DlSSAJoNx89fZUk1
+GtOd41NiWauUngGL39Z/6tnJ+P/Lo0NOS7rUjPvnTQus08IbVOuaF5XZnTjm6bZ/
+1toaM9Au95NnnB5/Eh9xN6DlrPYYgV68oHWmlhgBbnriQiqQ0TFk8QYx9QIDAQAB
+AoGAWhBKv/gXIEcP3OkUNOsSMJC/5fatbs+dazcfk7puGihnP/q4PUaWMZqLGdcv
+qPjZpAMrL03npA5HwvH7GFgYfuAkZA3pB51lNbJtLXcTqBIum80XIe873F3L1bET
+A3kOgIuAiqquW3tdamH3lFksVTyMpxDepTGWTYnb9lSOOqECQQDhdI9w5/sYlLWM
+ANdFGrMB4oqfbJSwDTjd5pcDQ12j3/aMoLOIdfWFLpXLEzpB/yFJGRQ1E0IDSAab
+5yCuZCEpAkEAz8LkQ94Bj8crFDJdyC3xSaIZgVDevrt02TE73EcNIrFiBmctpfRA
+XUqCIz7VVNz77vtLjXZ3IOpfGYrtAJxn7QJADccWwPqcQKtN0Ol4PlPcXqAegpGb
+IIseT4k4700dmtcj9QIZFpzGzUXEh618IO5bdWEf+AJeRV8QcFSWjbG2yQJBAMPo
+fKJaZ5KSNlb3H2OxnsLWLcK45TFpRke/mzidbw91wH9VL8A7T64oogpmJ3e8YXv6
+TkX4nWDWYBKP4+gdlAkCQQCnNqwL/24l6ZYyJt3PoN/eu4fr5BxGpVx2M0TGzH3q
+lYZ/+U84+cjj+mGNlTRcYLWMfogCFbZrddexCC+9a0bd
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/ch5_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDTgvq4UIrg3zsidg/Bonv6wwn8SZ+s457xYGaPBOyA/RtcoLE8
+FOB51vlJ0Wkhr8Y3e/DhKZ6lhUXs4CtbeUs5KAqrWjhGSE7ClbD/d1CwMiWVEcZS
+/yfQ5oNaPmpYEWa6hKx609u0dfpB6q2vE1sStMM7RjgTXVOyWTP8dl7p1wIDAQAB
+AoGAG7dyO2zyhf06to1aCznLnVSpnlHXhsRdM6w6REuU4mJIj57PGtxxfgXZrP6w
+FCYAh4zKR/c4PuB0BVJq3BXM8XdZvsKc89ltk39AS/NeVnKX9QtRXvSM6cbJk1vf
+85zGrzg5XnzAv0KR0elTLLk6HChbh/zsIyhUjOb323D8kAECQQD4962oRhKLuC1O
+nYDof+3WzhFys7Xrq1xq3VbEnyu8wHcqWMBL0XGwM2s+sHQynJZ41mXN9YTdUHja
+1BtFWfIBAkEA2XxzumuhXOsYDhZhPFrmVp61e9N4S0rnE+6vA2mnPc6QpoBcgpP6
+aqXqQIZo5B4SR2GORbM7f2zUwOK6py6r1wJAXdgGJjqbfPzkXxCxaXHnNaOhIgop
+VXbXNBTQQvb4ZoJpqJWhjjKZVuBa2VtrwTQS5+NwpkyYU0+k7l8rFF4OAQJBAJhs
+U4NkqWvAzFQbNTyijGpKwvCsrdM/BKKAlqHyqyZzHgfDUJKneUrDS2C7ksnFlZP3
+eEm7KsjMknM4tA41dHMCQQDNFesAJlmM0xR4MmJtDlqg8i3A61sueaAaJA+vk/r+
+35cWi6l9JS3PdlqeCH6D0fgJ/z24z2rXMKe8Ah97LYgq
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1.1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCenqWOKPS9ng1Gua/cgFpySS/IJzxmuhPLVwQMC6Fx4qCXugh5
+jEOKyElcjam5eREXaOrKARtoD5j2huvmP9bIlqC4W5OJnNe8t2KAaHT4vXYzd3wT
+6vNT3DDOgEaTUS5qSb29SKdEC7+i93mxNCdysOceEz7sDn6/AOvjrHdiHwIDAQAB
+AoGAEtM9Tsvpj/+MD9LF3mOVWG77LsQJVR/MbZucLVnMBVoiOR+pFdPhyDzRCB0A
+AbUupBqdku/issz3GHsW0DLPaLsq8HqFFpgQH5ETp79gobi2qK20GBswM++7Yx/g
+sQibJcGREI8IGZR3T0oID1gLgfQSbGgj3WfvXJOia27+3wECQQDQ4C7weqzw2iT5
+nUUmUoGJe7GBvUdNUaL2w7ZsvaD+anBROsjTnCDtEbdEtvcdJ6cbKMOlIS86mEnO
+ns0iyMhBAkEAwmfhP7tJHcgFoeKx2BNKEUZ93eP/ZElQhy9BLSXIFe+KszwfCz0D
+gSB3mgf/RS53aAwlBrGIkWPXPtda0cCSXwJBAIxN6nnSjZSDk86wG6DwTt8A3W1e
+rSR8r9C+Ci3k+t2qtaN6ryelemCEQ+y+UiOdXRxbN4AWWFktrnZCKV0yLYECQQCL
+EksmD3HP1z6IP6bgH3R2BUqXiLoz4Oq1uo1SoduQLau4asL+hChUoIhO7Xek4wfS
+rBV0w14iPB1IPEEhGjTbAkEAjz7iUU2DeHJ9n+JA9WF8q/9SawTBpSD+rJFQOPA0
+nFCS8PIqUUQbOQgcNvqvZgajw+VaJnyK0H1XUEG4hoIvLw==
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1.1_ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCxhXeH8Y68eT6MWFBB8+gmB4DigF9Bqyz+FWBe/FBHuhll4E5C
+KBhnYVU/pD/o4BBgfZRy1+clQ2EWKQZ8f+Kmx7fstZ+/mIrn81V/jtkqx6y+8wpO
+kDn9o56xK93P/GHQy7ZSfjTriwFsqc03da4vfGFsoMZTaqYaJM2TcuyUzwIDAQAB
+AoGBAJgneWg/lsPcd8v69e9RiyztSX7Z4Mt8WDf/QnandHfF/nbfZrQ1gZU6S8Mc
+mNqVEfRiLpawjyHVOqWvzCtxwWUcYLSqbFOSDZ79M8CYaj3GibUmlQ9N+wCocNJe
+pZUNj3uOdzTh44ToXoUHY3tzEUSJp989b4fhg2XLFfEtVSRBAkEA1b2i1AJtn3ab
+jdJkMc81z46qVOnzert/PQqJmdkhjR4LndugT3jv0wLiwqc7mY/DBOV4fJZmg5Ej
+UmVx5CncSQJBANSem0fu9kjriDIE1vJPJZ7r/JbvDdStS7AqViGrMWtJx+xE9cX8
+B5+NBA01r1aL4HL6xhZNQEMuhn9MdQjs+FcCQH2FQ1VMI8KM7ecIkiyqKki82IzL
+Y2BFMgDP6mT+HXT5GwtWSjvBot2BiVeUzCxvP7Dlba+Ex6kmF98wkgTTDHkCQEGX
+tJvacoxIbTnRGGakWBzQ/Jmrof6sf58XUH8Oiy5oEo8nLxMnD0r/e/J/T1pJyLJv
+/tA+gMa5AbEf6zMXt/0CQQC19+RZIYsilkJ+4JlbKFOTH211Iiu1nwsdqxPxkaXV
+mtb57cwzv9qW2Nx1Cf6K4G1E1mML1Zs1DBtWdhVPKWXf
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1.2_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQChz5xmHskH7Ss5il/l8vHT8q0B8YGFYwR/uGU1Bea9PSiXllS8
+rhtGtVz1wKx1Y09SgItMMIGOhZak8Ubndx5/PoAQQcznknOt+/sNOivi1kMO77lU
+Bi73HR2qV0kGPmWOqZ0JDoNVEt45kUSGutRpvriJoXuMYDkw6pX5Az7EUwIDAQAB
+AoGAPOrtZaDXbE2ExW/r9KVHF9U3/xBOA8qoafEg4RpsqPf6bT9ifXpKuI8VBUxZ
+YQRXW6cbSj7Et8RhV42idQfqicGoGkHUYNPLIFqeK5+z0/5s5Dmh1MFU075ykFqn
+3+Gwdxc6lMA+Cl/hy9sQMB3yonudfbAtWv9FU6K+ukz7C/ECQQDWaYTSuTB6cy1n
+wu26IVXo8Hsk+EYruqMHcW2nK13m9vwyityQeDYXfvumjKXQFPYvroeWiaxEHbRP
+i2K3FwmZAkEAwTI3s9yFHLaIQnlST7TZqcchn2IPeGMyhtkP7MJwaRvJXb9NnQxZ
+bdscH+dbIZC5n5QIcAjy/1pYAn5rzTRoywJAeRN8/cG1rm/74+wfckwAx1mFMItC
+lM7/4OQcl5nVnOc74w6nHq3DXeFHGfWybJ5ppuNXjZqQvKZJe+GqDNnlgQJBAJbv
+ZcdWNIS/MmtEn4L4FslmcqUzlkSGs1XYxXFCY1IqzEI6kCdvG3sRIMLoHDF4AR1k
+KMdmpnnLGlEwdYZHOMsCQG8pSKhIDHK11WAdKxsAFYjH+mrXqiYET/Do+7cIRTDh
+QNg3gq1IlrxtXRito3iIwAo5P3KfGOpG/78Q4w3iPEM=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1.3_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCqYaCB+pmKfcs+mSqDWykQgGNsUTVr7fr+CQe88ccBWGMFqR9p
+TDbAkPblArrTLa7uU4BhGNbWYFiPBxTswj2JezOQHJIvkfx3a1L6z5eeImli3iW0
+m1K8UccEnTeLz+w+5WJ2u2L4NBBrKIYKxSDnPuV2n5cxKgQLAhCFyEi8ZQIDAQAB
+AoGBAIBsccVHFLBUvPuEC41TCxLLEyWz2GZvzH3qZJDAVNXov0qm/Wwq7CIdoltf
+wV4n0vEEs4F8bYLMwDOejOEgT6yzTBUEeW++SJjkX7lXKGCHEK2UenfS/oCqPJ2D
+y1/V3Lq63pIO/irj4aV+roxB+gus6XbU4JCvHiENSTWfueJBAkEA3z6cklxln/Qy
+KklsaqFloUSXNeVDJxe9YETUVULh8aNY6e0QByvLhBRkwhkaENAfN+ppms2GxNo/
+Ov2kar42HQJBAMNhZYIc5Di9OSyNpYjOAcgAZsKmjjgXnLuwGx0yQ2/gRekV39w7
+mda8U4MwCCg7200CeS8USLVp5Bix9FamrOkCQF9IlgNSNH3k+FRcKk4IvRvr7q4u
+QE87LrUcK5SIi29bTOPrLuAgrSiem7LMi/eJHQn8nz5XYqI6lKpVAAwfS3ECQFEs
+Odwg3MCl/QcBonCABkVtxUPBpvyu8rMXq2wp4dKtPt5j9CmvqW6Jt7idUAZHOAl6
+qZZhuwOEBvwrkvQdM2ECQElLZwFAT95tY8+F3fq2FlbWjUasr7KocgXPsocCr8Jp
+oEJFD3R6Z87oyNszpI6tHhv2/85iqeGVcBPDjHRYCEM=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1.4_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDGt9xqBqMfWphfzQ7xw0C9s55zaBZ4oV7pogwyaFbby5+43YnB
+83u5YQ6e4f+ts0NNw8meml5YSFB7t/ggDlTOTEG4snMKb/EMQDuBSqFC2gFqzQNl
+poP/KUFARTHZ/X/05Ak4n2appNSapYBqnkMRzHpPE4TMfyH5TJPs0Jz2VQIDAQAB
+AoGBAIOu8VQdY9lyKolJlL6m+e776WNmtYVowkGmTdjVhcGPVR+nRxOMqw90fsDQ
+2KKdqVsOBDyi5SQxf4wMpFNxy8XiJV8WtcONs2jukLtsG/85Yy/UK91kwby1NpZE
+8TZMYtoepDQ10rCEIJneN73KSFnZvcNj+utVbsWhtXyUnN4BAkEA7mOQJGat23H8
+ahsBqZR/QJj/N/UtwHouboEhYdutEzGR0mKuqh+sq6mbNfRRJLaugpuP/Z1RaCTV
+UwQH7FJE1QJBANVmConnuwWZBjFg6OcxrjMFUtKOeLBxcmu7BlnsRS4cnwJPiMjw
+KFXtCfJvXOdlF9eOj3I/mTiomsR5Ull2q4ECQQDSZRsFlX3iDOMa/oTkF0SMTbwK
+tiBQHUW3j85XoNtK8lfh1+iSC2yJASMUZnHrNjQk34kg6+S6Rq/kGc2oXB+VAkA0
+rMBzM/ktM42cyLAUyWWXgHvmL3bJDufQgdTag4C8FiKF3n4EI4vBUgZ/ik+jaofN
+FIqCCALZQn0ZfF0AalOBAkAQGoCdKNWoPTI6mB0dKlrGc3unw9USTOFwVoMv7R1V
+oZ+476aIa94U00XTQvmKx5QSxGPlljfx4Hl5xf8BHxT3
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDA9AdR+QsPEQooUNN6Qx8kcax5NRc8RLL5Z7az7nMn9n176SFm
+M3NUXpj5cofP5G9O2GV2dGVBLUyZ1mmCyco1w9deauzFzabgPtoAtq7mpg/xLRq9
+khrYFK6SkPvpFuI4hSDf3YoRr8I7N5vOmU6J/zLHU+Hgre2mEpadl0CWtQIDAQAB
+AoGBAKkdOM0/2dF6vcxYCwI9ki3+84vIXHUWQUcW/6r0czmzcIgJ7JwGvC5WOv1m
+xGIRdP1F7KfFnHljmp+6rP9UnUS7aQXKpYK8r+1HTHzAla2UD+9ZZHA0OHmSodAv
+x3VYTl5h4sGpDcjMZLCTofnK9SJPqEItt/zAl3qpYEwadUwBAkEA8MwkWnYUzHty
+SeVytyGrxS/RI2Sf6CFdva9pKgb2EQWdzoQ2KQBTn8qPKP9r5QWoe1ZrI0AKZ5u9
+fJ2GcqJX3QJBAM0inGIiM6IaRVmHbv3mlq5mUFgQNTqNBsT5304JLaPdyWtybpvL
+1nnfcMMVRCBSqZZao/jAdAsvjwSGVFmF+LkCQCtGZNolEoPVQ6roI3+p+3bKqylT
+MjHDnVczqRC2g453le7BcAJaXqz++E+D594W8DqKQ2LoZXZNVPaKUNlVN7kCQHQM
+5JPP7Y4DdsBTkkMptI0tbL6lTLe3GOFOyzoGjz9pNY4HyvNwugFwmwaCfWwb170r
+wh/0ILJDUZGpvQZ4eGECQQDlXkvFG5po44D5LXf+RwG5fWSp0xTvf0dU3vDtAD6Q
+9rX3IFoF1h6m+48jas3xvOvrWAL7twwKIsTT0duWGyCG
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1_ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCvvt50KqE0OWrlfZqloUoM4OVPRnHkWlRWBfGrpX4XtqrUTpy3
+Rvzvmkr1OzuwOmfSiW0/922NWR8ruaRVCLZ2xS5x6/lKQ3zbE7KiCPOy8Rtm7+8t
+puYKN4qz+doM/tojDO+2iKJtYi12QlzzLPg/dsPjbvXkPG5IxirNx+jZ3QIDAQAB
+AoGAQEBv49iSBx3WzwAUwektwXeXXlxK10mO+8RAjph6eQD3g5caBIeXgaHPNcjq
+EYvI2VgU8QXsr3idxMaiJdSBoF7QiD5dYMk2Q35rE8F8hTyGI5YB+Dvw1TJwU//z
+etdQswYip33bQ9LfpNAohotXuRuNQa+Zs/CTY2pF7DuKmaECQQDn3ufzMaajMI5p
+kd/MWPjOiI0yLuoDnZH/MhjI3iZqOXlj/hKipYnES5MaiUSLy1QzqTk2ZAKLaYt0
+7OM589izAkEAwgjGajtMB054uFUL9B4z12eDXcmvcfPAPcHt1+x8OAT8f5kyuRVn
+GS/YN39U1rOqsWKqQSqsrBFuykLjyUorLwJBAN7GRWhczdOAdXNsme8FlJcqjy4l
+8ORkYb8kbLeg6JuqeLzfgRwPm9ujGMSoGdmOE2pHLhbZ46/6SeifKHmnlQ0CQH6E
+Eju6JjytYfFvIrgt6UeOaw2AMDFw6exawqaDwAsW1Tytu3ELD4pQs/6bu8mypJ28
+455SIPyg8UhYjQX2omkCQFjbdoDToVP9SByNIdgN/310VcliznPXxrMuG5HzUjV+
+wZ6IKLW7lMexIq2nZNsfe9mUG6jpy++9V0rumNj8uxk=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch1_ta5_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfOzFpKESGLgbrCv749KTgq+rJnpqexledyDEg7CDYAncUmNk0
+m81OqyC/qPsv4wn+XJOLQbkv9iKoKbqjXmpzR8zxRc82wZCb7rnQ59PMwZ40AgNn
+eIFBnOY6tWKkAa+xcUrpKewVKtfMBKX3VRHDuG5dD3oYSkzb1jQ3qj3VUwIDAQAB
+AoGAeMyYXLW+3qjWeMRb0RUQbJ4gPhtEJEZGvB3fH6Hj/NxJ6OdYiS/V3uO2sZCK
+F7c/oqgrCw+uZXNusXMO89eyG1anXYNZUZp66d234YbgDvQ9Dkkq9iS4SU8F4frI
+gdx27bTGOZNzQsZ9/xWzZiSmEVnhqfYxNBjgOUXD5xaRipkCQQDOcvwgaPgsoq9l
+CWzwqDCFzyH0rbCaenoTBtQQ2koY/b2TOOF4dILUpH1xPA6x73OTi6Htvi7fOzHk
+fJ832ettAkEAxXL1wVCyR4ck7k+UM7a0XXudJPJSonN5LjHhutHij9iddvVKwoLK
+PXC7FLi8EAnB/hP7O0wy7zG4aavKLD+LvwJAW963bATKS7KpsqCbJgzyatleFvAk
+ItpV8JmdTVKWnsBr2FP7ogrXHaGFYRqEv5H7MLF2gcGcQiKpdTAv+j6zkQJAeH/c
+M4pIAxcbFsVCMP1Dvfl+wdmRTMskHWkb1aPZnOgZ0UuJwIOJYU23HsJPI4qQ9brE
+DEBIpWm2nebVj4OIiQJBALj11iZzj22cr/FLSU2de7v3NaoyjpwH8+zQcQCLjybE
+i+uanwaCToAYyjdMfUv5ylKDTpbfx0Q4xEHTRDckzLY=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch5.1_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQC/znQIiVp4/jO8Qo8ZeQ92zv/a8TJiSjTuVDqBYZoCgQJLd8d8
+71CZaPRATfpBo6SGpJxqRSuZFbrY1Zf1MCXA83yh61BYjiMEsHLquyH8bDc3q4XD
+NoxC3IMSaqGxPov5tkxDjjgVwUAi+H1ZwJz2dYUN7UNM2H+EyN2kfWbEYwIDAQAB
+AoGAe6TTydj5OHvtz9M8Ohh/LoB8EKBhcVkSy/wCBvtq82hEmW+qalA/LdWpdnaN
+95hM6/rbVeonE7UdUMBIB+e0vZLEMRTxdTRQBfOUyN+ThqZy9nBoN10c4/JKljk0
+o1OBKFkxBb1pxYGUXWjEfGolkiKFcZe3uiRF9Npz0WLBRjkCQQDfqS5H8pCJ9/yU
+9Pjb/hybylhtcNJLL/+bISXExB3iNWp91xRHpj1B5nTIUP+ZMR4yiz17njAWEm68
+cNH1ZwCfAkEA24ouD5yeVWt/iEy+gJDFHywSQxnq25d+tgt4DOEtiMa8VpV27xJv
+3sik1+2LFNlC5FJD+zt7cmJdrTZqCTdRvQJATvlpCySeXuk+ucYqXVvD9EqloLc2
+ui/PnJI+yNTLDIX5/UdFtOsBNFTQpa7cIdaTKBu8cPrxVcnaahWYPYPKVwJBANBN
+DWMWsUxPENRcLKyDr+ThxfoQzzvHRByqSR+/T5rlJbHpYs13atmw+mc+JaaEdel4
+/LOVPo3LMyKz7GwOJukCQQC5KIVWx55fieVjr6mR95VWoU+JV6VoLNVrYMphZ2rJ
+jejM/1oYfr6ZT3mDnv+bmnrpFLKz4sr6DQZTJfTGKFzp
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch5.2_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQC5RPdwUo/gxXt+aAFGC+FUGpGCll3ZYKemwi3P9rHmvP61Akkg
+XrcuiAcFToielvVRIrFyI4ghfXDUUcE4Joc80lm0CrQMmfvriagV+v8qQFLis9F5
+YUul84oKGEt2Jp1ox4MDiHc4q9YtlRcgQ8xrxdIdhbfAtLeM98w+zHmNPQIDAQAB
+AoGAdFqq5+ECOVDtYRLikeJOLmrNLe1PnYDFacaTzQMK8XWKpZV85ZZ2hwOpHR0Y
+UjlOchlOxfcovJeyb7W0mpYf4fJI78UqS07nxMgUYLkhOYBtNWObGHMNXkl/nFAm
+TumWQzpmQPF1eamT54WK+y5o8OdaTxm/tccegliejITB2qUCQQDdE8l4C2AVsqrr
+ZIvtsMGD8VqEdWmPgF2aT2ezDuD01JmVadumot90yuNiXQzgCJ0XcSuDa0Ud641P
+2QRxv1fPAkEA1okiFXRLTnjcTngg9ZpfpQvRfHz1N3HyHkqAj7OSs3QNtOQcggk4
+3ABqwxwYUc6++XGkhDAJU5WJDNxJ3VjBMwJBAI1mQ3zpYapfHVzzcWA0poE6lJeV
+9U9YXgX9dakcAhv2AsmC7H9XOy8bOXZHZ52/RKKiup8StCFf8IE6n9IU/RcCQQDR
+77gOzpKy48qSbzOxo7Ncy0fgTleYPkT0J2vPM6anPTX8ggzzoxqlDzNqYp/ZzjtL
+1k1rnaZCyN4oW5lcpXHJAkAJHeWB4XVr9Bk6g2082oFbTHb9q9WB28KJB2WBmW8u
+j/l2FG3e0L/dJ5KGC3nAzgH9dudzAK1wsAK/VOZHVa1h
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch5.3_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC61Wbj0M07CNTmap5/IjlHlKl3Wt0majX81eAbQc8N/29mCZaL
+MjbqaGmCWslvIOr/HIMpEdjymfhc1IUyu8Zpytz314nUciyJijYicUi8+uD5AzwU
+fMJIkhCfIdsqOwHyb5YYYbRFVieBqkL92JKETv1dZa1nZ00GSBCIu3evIwIDAQAB
+AoGBAJ78pB6u+0YGQO2GwzNakzWnewJXLyPWc/Sgp6FqQeEegdRpylLPO04D5e0I
+hqtrbq4CvFZBmsTvYxrTujku8ypyYlwS/D72VCOJ8BC3QVblHBc2PDexeBLeKUGX
+Jv9UHXCPiAbqFrieVWGHugOGERE/86kM1gRjFD0+qkj2Y3eRAkEA95svk6eKta62
+8ZHze+RwAjt/kEpWUhfDkAJOvnIOakZh9GEmkZKyAqb/tqHmguniNWX6YA8tM4t4
+IxBZQjuS6QJBAMEqz1w7/j/tSoKN6HHLhNap+w1FNt8pB0gO8tk+FecHdVatuDeZ
+gTLWQsYlO5kdsfkt4JWgbNQvuPWUcALQsisCQEzbr/X+YLEqrYDo1BKWAyq+O0eX
+u5m55Ktz++tjzhOxC0DnUyiGx5jJK8EOGlZysRPwNrrQmzBPz5fawEot4dkCQGz9
+rLaMGy8SwoHbdBYREUjV7BNWxFkyGyurU5cEEvOiH7DioBivAlkez9phU7lXKf5A
+xoFmXUF0E9ZtBK5x9rUCQCzfEUVk5Iac475MpH+iOzYmUrx9xi7iYO0705j9CBUq
+sA7QCX8M2rSJAv3IF86K5gZj6V+MOM14xeD0WQVcz/M=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ch5_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCzpMCbLTo9QSFHw5biYOTdJINKHJFOwDD3wY97h1iazglvnoUN
+z6kz6qpOyOZgHhQlZoDJ6ZwbYErcy2awAzi8QtwO4drV6CUgdek/WCAJkbC22m+q
+JmlQhzs366fnZrHerVd4mM8XWX4QttrKWH1FFIrxD/GvWwAmNq8eDSlHZQIDAQAB
+AoGAaQDdABcgmptOO6dMs4fVXpmwEArAuJpIRRkjqB3Fob7a7x5mQVtnWIxK/gAa
+AIa0WeQfVWYyNCJFv+c4X5uSdiWMn1/VdeLcnoB+IAP60iw/f0DqVcT3hMLdK4WD
+gz+TgPGVUYw1Mu+IjVhcGvZQMma7mMu3rl21Dqg5vndU7qUCQQDbsZG5qWu7Negk
+NsH3gLGZRq1nz1h1SryWN0fSacPTlInV/ZSahAkOANmrb/jFUmb6MT/pMeiGNZEx
+YBgeWXPPAkEA0VTP2PnBUViPMglPWhgpcaL8HNrGr8EUdqjVrT2t75LP/gJ6X8A7
+ZH47S6Skqc7R5NIbVUWeyqn7EOThqh26iwJATZVfyRkzmmFnIaLUzPr9vQtgoZBv
+xLwn7USIcJ45Mbb7Fj7/A7ItIGzccdaRG94Fz8UktM2TOBIivDUbT1x3sQJAX3Y8
+/ycOyQkI7HmgbWa9Z6w7KvF+UGJN8bsXDtUlAC9EmQMKSaZBr5d9dQaVbTb7M025
+105Tlvqjm1W1r7209wJAdrZBQ7qfpESRfpp/RBeaYSXehtWBWlGvd0bOGJfxb9hU
+uB4/bX6/X/n7yBPL+bsE4m4nRhsqvOsVIpVpAvNZcw==
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_cs8_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQC34eVTi/4u9IIaGhD4HT8PBOQ1ixkgEa+twv9aEgTwTk06s85C
+w8WtKsqHBMLzilwiybnVCLpcnBoG2NvqcGwKjCIKnJvqTQ/ZmNrf2M0mgviud5Nq
+Fj9U68HH/JS7Bdydz668cenwSgnXBhTU22PWsryEn5CgIXVFK/Ms+uiYzQIDAQAB
+AoGAeMwYaAsmX1hXA6iuDyC/ZTF0bcxEJDIaM89PCq+duPPnfjHSxT9w4/Khe5Ng
+MrdpEZ1tzApgyyftXSQnTFqwThxx7ADVb1vXgpDgdtU1bTk1YIFJemJMps7iPRJb
+/lICBsjRpL45W4jViBIcpUTh5XXXvK4Ox7HMDkqaPHcRnI0CQQDZpSEQj/VRyWpL
+lCWnlvCaozqpqb2enaUFJw18+kUsA0HCrd/5qsX/jLTWwVM7xvH20SMf7R0jvxaD
+OM86irHLAkEA2EmYIjnrbKa+BtaAUHOK6oAlwc53TdRy5uO5TLpGMs0x6UnGjxRT
+FiBkUHEp3GlO+0lYS488m+ABzB9R2GysxwJBAJXHMvr/5vZy4wjCGiu8DzaMMHnE
+C29V09O47WpdnS7Nyvqbx/A8Wugjv+uuvYX8wlV11XNKLWyFO4vwk4QZIIMCQDMY
+H6JmQGFoepeu8J0Qzo5bO5AvMCvotkQpI8smbhLuOo476XY/fOlLOadvNE5nakse
+pocjDVRddM89zt3rvl0CQQCTMsJZ3mladfA8IReVSMyGuuKO5+Z9fxy2cDLOYwIs
+1urgZgB1iB+wg2bzNOhKrvaiQINqUue1iaL2skGEH9cu
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_cs8_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC3s2evLk/N5oRhgApqDddIPjR2uVHUR0wg0csp88sw+d6+TN07
-fIutKriQSfHl4JPpxHJBt8cerftshFE/tljMFXrPPBb64SkuV5CQW9FVpgx2aoVs
-GXELM8yTu04CWdAI3MuMFx9A3vu6tSTg8LPfsZTRe4DZdKlETrfrzc9i7QIDAQAB
-AoGBAIT6QLcmLizdjrzJpEBLTqkEJpQ+6IZjKi+jzo7K5S7J4j0dhRR3vuCWyU3h
-yVLftBMH2rHJ6EFELnnKespFJJczOYYqRqjpX6DpzsOR5Sdmf6A//U4tgtc3d6b4
-qI8B6GAWTlZl9CXzHr/VEBNMfqrMCcrIhy9mdGpib/hL5vahAkEA9Nojzqbuk7dz
-6Wlgs8sPoT71WmMZoYx482G3bcPIYHjaa9yKcEhywoETTbMhbiexoOLjv9MaeP3y
-S8R8ftnt5QJBAMAQhPx4PQpk0w5bQzro8DSK5oeG4QUmAb2IrAxxaUedjC4KUtBk
-X9QBM9MLab1z0e1WCyP7R1dMGw7C4ERskGkCQQDPzwww6dD2oe7InV0rex5K1ipa
-il1IlPZaagbKLC42YpvOi6EbZwGvPulpOq0W1q2VRLvTJJIFOlKYJ60Z5FBZAkBU
-USxAtfx+KqMpQ1FxdD+3oV7xEnqIyxWqgmydjdBdO0IGGEwg5l/Xb6uzs+f43vbD
-DaoYYsEABw493bmc8Fg5AkBmkWF05L49deIT50ygI0yfrl2aRULhVd6HP2ktvVL1
-8L+emNFwIpes8jCx/w/X201SoQcSmU3x74IYPQpBdRrh
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQD2A2JZm0tCgL2eLFGd1tNbPjaz2ksF7dF3tz7cCocgiVGE5fnw
-nf4d6a3KQ51BjoR96zaFTxTaGO7Jw+fyzZzEERZS1wef9VK3e2bVrhAP/ERtpIlg
-lYUSyjE0Jhu15k9bMcx2dsMSKfZktupE2ulRFdYdWpHLYm7axyVmLzBSFwIDAQAB
-AoGAespvoXgQlW36tuM6DYU3U1h3J0fyoE/2eEF/X4blsUi45pN/MCk7uCR1uPoM
-mLcQzGTFfr5dEwrUzOI6eIdGEeBML1Q/CyG39UrEhNhv5rZTjHh3E+gmUXDQ/yon
-H46JbmGWyoiWx2wQPyu21bi9Yx/D56vHOmFv334D8Uf+tmECQQD7VwnXlOLmX4NJ
-4pRQfZbIExZi80u+z1UN7h1tsDocUKrT1k83MlOI++bQdpM9KT0tWFa8omgOhgr/
-xAHgUPUHAkEA+pMQDTohF/kKxZ6V3UnakRgwdkhzhmuJgryY3hOtRLVb4EvZKgiH
-8vGnfw2jTDmORq2pEWkDK8Js04nvxRoGcQJBANw34OnBDCWpnlEIc8cqowheoQjF
-/6IJ644vCh3ngKL6kxLU/cdxEvw9KnmQy2WVUoL+mdDhw6amD9EVnkc659UCQCO9
-vlhkpjvJJiQyDqZV1ntDvAXjJ7dQt3iSdiuXGuvmAojnyL4aIWoh1gZlZ5mDzCuA
-sdDt7ancPbGexziSEcECQQDGIHQYFB7pKZe/PEOovQTX0gLb7Ogc6eII8sQLXbKk
-RTQ+9f6p0JWuh2HB86N9A6JW/hJodXZZgEiZPdq4XHxZ
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_p2_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDGB4ntF00dTOkfwxD4Y1BeYGWbE0EHqVqxXulNb/cVtCOHK5HC
-cZ9PaHHzJKTWu2V4m47FrKQd66xzJBlnY5U0sxhWYgsFxk2ekssxMFgojue48TK8
-z3biIqVW0hil7INlb3GFDGIJqZTH78k5oG8UD7NmNmCVxcLypizGAEr7awIDAQAB
-AoGBAKlx1+38CyrwHWXlFodDC4jFuQsZTYKNwaGVkdGF5Yk3q1LE0CLt8CAVQbOH
-/lgS3z9085RnJcLIXrXjBK23wvlkeRCY/nb4VyN6FUdyV8cWiBRjGb0mDEdCELLB
-CVx8injDNOp99A6ZgyfCmO2Y2BtPae+J4GQT2j8n4oBFq3xpAkEA5t5d1W66IprN
-dKX3tv0+LA7v94G+dSRH48K72v4p7OEgt8V/rQqjM4s/cbBtmq5eOAf6pU/nLUFh
-pfa1utXxVwJBANuWCmFmrYyUgCKxg4XESn6uBg5nJFhRDbS1FkfDvCcw6zzGZS6O
-QdPkr8SHiZrpTGKU3AMC/JzxJKtPYGlp1g0CQQCrsaXxC8br41p2rNNbyFxLYdR+
-qoPdFF1Oek1A4RKG8ypk4UFBjI6wz5cgUshAZ/r0CqMR/Cl904juZ1rhlyhDAkAd
-xsfbk2ffU1fY3IeAQTD04rZRh60HCN657YB69NDz449Sq3iXCpVknXM0TEjdp9tC
-1vrKscH9qjmVvWrOgJqVAkBZjDDSfJnSpCZkGKYJTHE81a0SGbT+30u3Hk3LIbh+
-gtj1aTYm3rRATik0DUMvGQPjqrjJqIlTEGSzRjUFFzuH
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_p2_ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDL+llzXGfG8zoKedm4nc1u5b8peZ/XoB9gqruIXlUHrp5efkzx
-OiUbcmKBRCuUYC8kN7Elck8U46U47MWPVNThkHFDhtzRqaKEs6i+4u7OV2kp5Wms
-zUXz6RqzOPKl4KCO2AwFCr9e2CJnYAgQzjfLRrJ3/VYIfGLY/F1ppubf4wIDAQAB
-AoGBAMB+PmIepxTaPkDaovuVd+Qazl7+lziutE3OcXGMzCOWx3+XI1dWruQK+yjQ
-Q2wfpP1BzVvwVu74sdhZoUrVHJsckE6Q1LQnpTDfSSXtD2I8RpfCML8fjwwLBC+G
-rozqbcN//lePP3dRvKe3G+uk/GpqcpWgUHHuseKoWXIsmLxRAkEA+MSEkVhj6S5+
-pDzpS9CYs355lTHUOKyTWgMGxdZMhtdR1ryw1UCEe7aGJpfJOd9K5Qly/44Wx1Z/
-ZhcLvLcm+QJBANHoepctuVZNAUcGDbN5hjQw36eh//XCS5fpihtbv1VlStboeHMk
-JsVLINEMXQRbjOpqs+yytGVn3xKWpChaqLsCQQDA3sQVWB1mPZkMRvltwVWS3Hzx
-UkfChPJdeDk5C5QbezdFMNg9Dh9pNzM9GrN1vgx4FOJnBkfc1tBBW57K+okpAkEA
-vET093WmXzZwJ+DRFyGvck5Hu9X8etQK8zUfjwxKX3CboIgfyL4rHBgXVgjtwQPQ
-L00HFgzu6mkw1j5Q/HTcEwJAbIxz0qyjVO4jBDTdG9cLQ/bAH92zkQa77T44auYY
-O4IqIXAG8Tf8QtbKtLbtJyNL7uRVMnb5pTulO/MUT5ISeg==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_p3_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDW1eH03vOXYeC+kXhfZfG+4WDNbXeTSfRy1xhsPJRqpOj+1Uhw
-8mvvv+EYqy+Tigp/TUdhRgibvS0xorAOC3d2AXdon8Vuq2xsBy5iATnvQ440C93L
-R61YSLscqN/b77QbdxVZleYUKt6Yx3lY4nf39PQIeSGZFlpeQ7A+mK8oAQIDAQAB
-AoGAbwMcfJVMmDgKk07GPb2G+tSpWd2sAV8gwsrlIuD27FiE0VHS2hJatguXvFCR
-CBM3s2pybRBsWFWb6d8gTFGei1gE4UEF7ZWqlQOUc2CtSPXY+JdAfshCnAjQ5fQb
-Z5jBrfNBlXHK231xdT6qGrEn4skx0VmYxw/2JW+X6S9TXAECQQD5rFpurwCpGCtw
-Ay4TCFQ5qbaZ6hzr8Sb9u9e/D5aaqnya4gUk/4VzVN/AHjxkzMs3Z5bwM/lUpZig
-L3EJnvAhAkEA3EeI0k5fWMzVzBiq3pf6Zlo3nAT6D29TeTVbz5CEUOxUedNdfJ99
-Os7NnLRyJwDFRiC1wW0pZpNfGNaDb9a74QJAfB5WhpexOF6vmWu7R/LoDBJ2mGVu
-I00rGRB83JqfQBxo/YZHEHGGoiMbaKKfW20DyXNR8e+kj5QTH+71vtaogQJAeiMn
-2AQgleoteVcMFxQJgQrw3o9b34cIr6JIX9RvqTcAt/PcWCdOlnboRsU+riWdPH8S
-iEdwtzFrfygiBLb5wQJBALMsvMOyZYycMt9ZHs+q5CwFrpNTckO4JryYTADBSy8u
-RoYvp2HSUAKiWOILNMHIPDYFPPieUMTNCGYA0k8FleA=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_p4_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDIJjbXIAsXrNzlIZNfEsxpvDo4yHiKjPmoavMlyiTscXjqUkUV
-yIyWC5UC7UaAQ3b94EXINCaszcBj59CHKSQa1gWUiG0LzRrrxL9fbwHVq6bPAWGq
-6XeT9Z+heH7gXpngyMjLa35Vqxuih6DWJy0+4flWSsTKzEHxalnNI8STEwIDAQAB
-AoGBAIqRknQ79hINFt338eznuegWbgS0HmhmE87bRL3MBuY/5WPtU3EyaMrU9/SP
-y7ivfKll5UoneQM4a9N/Qerhu+ExzOItyk5Jy2rF6QQbL1Ks74KXYAeU5ASCrK0a
-/hUQUycuEzCM1fritnHBoKITF9icgueOmrgB889MSc8A2gMBAkEA95Cj7Vwituln
-ATbzNatir32Z6HwKDVSdDhuRrR+aWIqS2C+rjd5h98QXThazzomIqdUqRdIMjL6r
-mIkC95SwkwJBAM73/sTwbDb1ekMQHw+pnWU3WtluTxsjhsNmS4veeB4mgfV7bSyG
-4rVNtm6FxkSzYEEAjYd9ChXxUicYfPkuo4ECQQCmhOHenGS1R9WDGaUJ6pfcls1Z
-dWWFhe6GOMEKBAHboIoZZCcuq/CVqY5LdjXHrPcB1WIzyI+sc+wUE8StJ5SFAkA3
-94PjSYhZzEPFgsSDfcBcMH3WsieeFRtKF41yQzSEIrGd6kR5d/gyQtOES5Rz23W5
-3iZnbv6dNGacv9h7oYsBAkEA92DuO0bzY2D1xRRB2J609A3xp38fnAsOws4oCSSn
-PXrF9FR+txma/UjY2XjJGxi3K4wCXv1haEstMQ+mDfnn8A==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_p5_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCzubxSSWrMj8qObR5AhzrGyQALk+F2RSc+0ozbLAY18wbfS+lj
-Pg5iLZyGbwWjkG5OsonHxWB6j/B6+FMx/uTD5K4JZ0oV9a6XoWwf7AqZ6iVPp/74
-4FXhI7plCDtCrMaxMLXF7RBbPgbQY/va0jng+rYXrMvA7a5Uz/lz5OjkLQIDAQAB
-AoGBAIzwwPA+xtP4hz498BVmdv9grPpnU83t2SL49qEB2zT/iood+75p8dmoLzF1
-axSjtP1eIZJaBJjYvBuTFZsFaturGnQSxDb0hTvt1OOBJJy90nBGLJxpePnVCR4D
-POL/w3ecO4Vk5wd4NfFk7LnntS1qBvfSlJlUUkGpQ8SdP6YBAkEA5QHEaiC/7C9W
-eVxr7WGbzMKbRbDYxcGy8QrkGViWl8+kurMCpaqiyYymeQ7ppDmQkNOXuW/93Suf
-0HkudRH27QJBAMjo6fAUYHvc4KWXc7pl7/JAyupimExIlyFdztYQowhuIW7aLa8A
-rnd1dqmcyBz1264N90LD9SZt+cUV0z6VukECQQC89y5Z3FhBzfXvAqJUKJzk4xg4
-82qME/9SAwihGYZ6Em79V8UxapIU+ahMcE++oXl26AJkk9LI87xVzAjXtVEpAkEA
-ld4ge8VHf73xGbUTT+0wgx5P/21SvDy999bZLpe0ddppOB6qS0wP2O6XeMiKAgho
-ObsTQguY+HS7B4hTTvEzwQJAPMfqfnkzR9TUPos8GOQ6yymDA1+QY3dFE1WpvVHK
-vgvk0syvRpabJiOGb/e/B8Bi2jdlgPimgx4mFK1N9WhfOg==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDW4Hj9m+x58ALwzHqLY+Fg40Go2A2CSi3ubFOwayFQQgYupq89
-+uhVoHlUMctl+APmhKk9dsx7Bt7TJQ7l45kYfBOecz1ciHpd9VhUCM+//HPQ7771
-BPtxS5iEgjph9QQpSF09wnNWM44O/A06HlfZo3zJ/dsnihre1BNTzqISeQIDAQAB
-AoGBANLhThynL/ej417rbsDp70ClB8Vq9CcQIe/CBIg5O2KGyYZzM70CR43xheFp
-VRLnyvwq6eVWd+utnHVgAzT+nzmp8RRZl+SA/E5v5km5jNnAp50HI8Y4DMbFHtkB
-qTgAZ9SX1OQudSomMjW78cfX4DcvTro1JuIXeyuMQzOiCyG5AkEA7j0MpgxZo0vF
-F/TVkT3mA1kffLh19UUnJF8VqRVFKNQRupgzA+IFhlUEpkVrcwXhq28tFvbQmPPH
-uuBFjeRHUwJBAObljMilI06C7KfYAzdTnpUHLvFYtNfFIfQQZ4O+kT6Yl8AKvlvJ
-/8LhuwAq9qXgAK35Pnm/+Ko8a42WDV1EwYMCQHgBIIHz7qMm45zxozKKL3a4SfgV
-IrXto43ap5qIMFIkoNmRGQF3tLi50qG+jiVebRJh6iCLKwAgrBciKWcT+ikCQQCI
-kHiGK/YH97PVShQM4y5GYqtHH/pGLFh6rEEtUMdDSKlocnJIg977+trJrJ+ZWDXO
-sD5dcEe5GGdcpMVexs3VAkBUBbSfWMgLB+TaOVMRSi3JKyGF7qTkx9KKAVL3W/Rp
-krswWNPV6/w+gM+JlHAvoxOHU12MDsRLUJ6hU2K+PcT6
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_ta2_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs1_ta2_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQC4wRlCsSapMx8fVdBPbUOjVXXH3hhaacxisqbs9XgZMVoa2GzY
-SGZ9FdTa/t18QqCuItFR9SJUSX0WWM+Ctz5FxX7ahCj2s1yQYScOcP76bD8gCqAQ
-UJx1pAJi2GgmY7ohEIk5qxj6EHcmT6zxUEH8jPfc6SAZfCz7AsdAbWn/BQIDAQAB
-AoGASgpYrTmBXN13437odGw9Zv+gq/B9of40QnmGHABjmPUGPyvssuCQ8iAFpZ3t
-9RZefmrFqCqtD0pELuh4gNIeyfj+vFnuzGyFxs24oCV03ybA1Db/dVmScJP3myV/
-43EoI1iHidn06GcVVRHQmR2XwAO4PU/9Zuvi8q3M0hpwtCECQQDczYaaGFTbKjeq
-SbMGMJA73TCVh97gZ2mxWW36NrXyeJgA6ZT3y073kyiegMmLVzdDTGGGhxVXLCwX
-1wrg5LBnAkEA1jSDAZVdqOu+mMVcXyOFch4k36dlNI53Qqm+s6pzeSy/32fJzZgJ
-LVe/PY39DiEk7qrtEvTOZ8/GQUOlYDPBswJAJtNtC8OjiDZQO31iIYCAnEY0uNZ/
-dm44w5q6H/lm3RAfimmIbFovtJEH33c9+WaIrSjNLV6rffyidD64BvuvmQJANsoJ
-tE77POjHwJXCsccJLA5PyjEr7sx97rwyPgxcKuNqVH9cm8zGlCV8kgcOch3CL5Xi
-u9WIMf9wK2NdGoVChwJANjsQIBg82zIrQPVFxbtUvSwhTK913XLo7W5bfUwRNfr/
-APN9cYfV2oQ5hPFmNvacU2x0tndrPClLcSaglUWVnQ==
+MIICXQIBAAKBgQDRSnA5yCJy7VmmRfmay3VtlRfR1fxMmHdbKxiUmAyUctVSdmXt
+x4SpXTf7G1TzCuUf/n+bsjB6GkvBnEaEDZv5WcGDzp2V7PI0jyunB/s8WGRPiQ2s
+45ID3VAFFWV3f7oG3Pl76RGaFlWhzm7H2fXKVPPaQAjdRfUnCZV+Ubr3uwIDAQAB
+AoGAWkumXZeWHUV/3zfjd8B+Glgv3a1X2+gP3rqaMUnka4ubs6c3VL424yc/xsvE
++9Lghcw0XAUl2xhLRO3akpCYkNU9Z5apligufEvUyUvGPmoB1suuv4myNj6eAcZv
+oj3ERa7y+fUZqQAWrAt57KLoPNVLv/li/hUrqiDNt0xsI9kCQQDsSOCDbPgouwwt
+0LL8v6M6THCIxVtDvXsx16RflY733edWgOhiotykEyt5fTuokOCnhUfSUEMeSQcQ
+Mibi9IbnAkEA4sD2VfZmrzasbdcEqW1knt109zuRpAPw2I55kXvq+w62Y5SJIWmI
+eVoQi8+H7hjxjwFjXXFDEE5zP357+3EyDQJBAKER0NJmfwgs8dFtegXnkRqVrwTd
+HCiiSw+gA3IRHqODBkcmmsNaZ/QFCVbI8tkm4a3wohQRGJ/VglYdCfseW7MCQQDc
+qSsPPFlw6KOjwDqpJetlLd1FOpLgKXWXSA7FpPFmn0qeXU2VVj2Y2ix/4dVFvsBT
+ieZIaI/6rl04zL2aUu2BAkBS3nVnsuTmyPKys5S5gQPcMAyJD+3Lqm4zmU09Ydt0
+9Iaqp18iDhnfRyM4fEckWUIYx7M15Swx3fXql/Er9MR0
-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCVVXA/ClL1kKAAIhFNvwX3i1Utih5mQX9MvVUJ07pnCsiANoWp
-kLLTleXnKvaRtrM8ge8cDPuFkVEKdAWXnSUXvv4NjLSEN3QKsOD2dCB9LLE7wA4/
-/JwFJr4PQSP/2R2jXQjwM95D09Ll8QA9qsIkzU81zNGbW+HgYRGTJuG67wIDAQAB
-AoGAL/6Yp7oitYe41LIeS5V0Tn36bztvz7+HMVu8Y/8nboyZqhNb3AaEYtpPXH+D
-ZYuJiY3dEm/duqzclfZ6AaNg0wY9vIZij0zFpXF2cgiTj8QPqWro41Qzn/2HFC6Q
-hD4KjQJXGh4pC86/tEdkLzd/iJRNs/N1j3zLgMKDOoaEvuECQQDGvO38q5VaNG/l
-bQvLt/o+jJv2Q98ayhzC83VqGDW/2fof1oKmwvimJ0yKmGVyMvbKWpq/HB2/F8sw
-bND06qvxAkEAwFxpcgaOAT/SIXGdDd/4Fl4edmwlPcQAUbexXMSng4RnqEXCaEco
-a6AQkaf5VRNdqEJBLDJ4lqnz9fO16Rk03wJAfni40rS2pOL92njcqtX3sFp23e8v
-SbMZPo8ER3IEsoSbAivWlR06czJLKV/2HwiDuR6Tn87at0MDEVwOVe4JYQJAXzXe
-YzfnVar3IOKRL+rpanjPbyH8FORMnCXlvdsAZtJEVD+jB+YglZS2XsHbYUailsOk
-anHYygn43IXyRhvZ1QJAFOnL7zZlxoT8G95RGazW/nL+I8TnmShHTUsqQ1NoUwBS
-S/aDFuZs29z9gdLfmO7tZfsO2RSt+xTs8Q85t0xQLA==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs1_ta5_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDEI5ulprveSKC0Li1UT+dh5J3frQF+cFUSNTbUceUf/gDZDxve
-Ylcs10ZnKGeEx7PDmWrsicHp0mCoSNEGyWjJh9aCiKpMM9ZgpLsrOA3oEa5zTLcp
-OSRVPcJksFTojWcfeZSNb0yVzdYAn8v2kL0HUvH+FrIlDklAwM9mPJ14iQIDAQAB
-AoGBAIu+6xjdcSFxEb8O35Eg1TT0VF+Xvma91n8Aly5Kb/uZWDVPBIYv/vid8TVy
-nj8GolgMqRgbFqRoFiIQr41sV1Fv1zHjl/URlPgQ66lDanEiw0qhuFdg6R4JFeQr
-tB7m9jE31PoPPorr2esESxtcSoLZeCNwkRBEwGEE9ak4IKr5AkEA65X01kEo+TZF
-n9bPQ6nwRCCxWFm2NZIwPHf7HO1FH1n608KE3jilhMp+kVDb58O6sFP85uBXa17A
-jAH74OoBTwJBANUimT0ebezW5kzKg3/gwfgYeq/7X0rAwzfPID56sTfKXYMaqpAA
-ANnuk9zR1thEP/iC+1xKdSZZmXknjsvMAqcCQQCV1ZAc3OCEcEIkAOld7a2Ehw6E
-VLqQo+PN8blikn3ODNp86FC9TWXoaSnKnpTeeRw5nZFR/glbnq3z3icmy239AkEA
-nkPf2HO1Gs6FGvayaQ3j2y+KQw19OEwlalbC0cJXwF7jy4vMpbtq5mlzoOCtEdC0
-U/wnXOPpU/3qqf2G2qx2NwJAWx5yq5IcXtdHho17oVaON842pVwSzA8ZfYmKzMuY
-1BJT/ybKsfecl5PbKbbgkAVLJPe+26xvQDUDw5u3YqYdyA==
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs2_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDUkIM0CT4ELmJA80SZmnsHvnnzxvYoClHf2qr+uNGbHLVzajG6
+0p8iRLc72PaAlsBM5G9IkGmBbISUaDN0YpoEsB6TLE2IzZpyzulTPRU+cyzJ8O2H
+pevPZjxAPKB2rMhpILj1qP0XejzrYsmizFZr2LcM/+35sROvwGmqjQ9Q8QIDAQAB
+AoGALkBTjBsGt3owPtmv74xBgOndN0Hvhb7ZGdBGrK4iTZHtmXNd5ry1i4tQI2GO
+IWSr6w85d5yUmGi4YGJb79MUl9ME3fIl/9HWhWzW9pkzk4rg5zmGcRGOt2HH1Pu/
+cPZOjNXMIqXZcnT+4U8eOi1TRXid53JKaLPj5IpQ/1YT6FECQQDr3gTtFVEaTxUW
+DuMLL68A9sHA8krQuCg8WyILc/7oM9N4UG3nKWuB0h2+4Ir18YBlLEdF3HiAPG+D
+h9GDKmJfAkEA5rVM2K1Nmui2oieSTSUrg/CgYSQM76Gl3LLSumTA6P8X139t8SW+
+hm6RWz901qfLtrHoQ3pdPrB3WQD7vTcurwJAez2Hb2U6+jcl+l+O7DJfC27jL/Cp
+fMMsatTnRfq2zxb9QJktw6HVxYBHAIwMr5MfFj37g5o98CsjzSLzKsjDmwJAHDU8
+oR2HaJJdijQGalJKIMayBU6QGliMXBCtPUcGYzaVZq7Y9WwlAHDSavK2SWyYtszH
+1kBG2FxhK0u4e+kcVwJBAMoEQPEmQDmX8GiWoqV9k66U5zShtrZxyT75OKMKwXJl
+cIWMQm32gEbzVkYPz9R5xNEus4XjRINLiaxhMIDeByQ=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs2_ch1_ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC51vvTYOm843DJbRsmlK70draq2O8athc89Zw1iyhVwTZTWhpn
+Zu40Trf1aIyKHK+0UsJbItLWDK3TQImm9dC5EhpVhUWUxj6sslGKdQXVYMjA+fvY
+Cwt8reG0ePT7hDS7GmZu5qaQTUCIMhPDy3asAuu7BCSbxfizvtFE6h/5UQIDAQAB
+AoGAN5fFS42BPp03PzphVeBCmiTtLhypIm94cibzLN1NGqIq8zJQFcCn34Pw6fv1
+ltdQBHyBYawAMEIoubpjs0tzvXaPaJwabvBtK25KtUdD2mLx1ZTIHkVBF/8rCHuR
+W3rTF0Et8Mfym3hIM04QV3cpu2FVhRLDI3/q7UwcUFFUqsUCQQDpNehc8iVqR5Ea
+mjBjD3tesWRNGdvoQhBViHQYvO8nN4p4Q5GpvMc8xQdlNlhvRKJ8I5aIGi3eQrHh
+htSHvnmrAkEAzAAHT/TAbKo2MteY7mQRjXSMoQEF2JmkIADhVSk2woUOawrZ7DXa
+8SyFdV5b8frfosrTvm/2zaenYsK1rJN08wJBAMxv2GmaUFhRso86eY5tZP4GzeGU
++KUrPLxuaS/CeHfNhZKV0RyWA6ZvJmOAd5fa+AGRBQX8xRbhKqSEmM0Cmg8CQEEF
+rU796yt3oWjZMWSivrmAsaZL5iog5qBQx4HWbh7YPD1AKy/QBqYik7NSTSo21XtU
+/OLRWzA3xPGEsFV+dqMCQFyUdlbyHTX1z/V/2MZUbNaUgeLoWWqtZsWgweLOti/r
+GWXjVHnvqAKhOhZukQGT39NBh/4XZNEttWV4wlZDwus=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs2_ch5_ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDeH6hQfmz8GApK756e7xoch1SMLwlVtZ0rrr7uyjC/7ZfCjk5q
+KebQmBpXchlts60s0PDaxPLhgSe1ajVMMNPVVOe1OwQEY7UFClA1RBkUf6n/4STk
+Y++B9J5CShSytO+uNpSjrSM/Zy5pYSg6Lxuf2PPjdvBsiJVBM3FR8ZCPHQIDAQAB
+AoGARlWf5l0iBXFXUQMvJwRvMDlp/DmoqwsnCX3714EOjredJm4JRnSeMc74CFiI
+1MPgQiCnI57Zia5r9HX9CnMrn/pr5T/g+/D7Nj8GbtdDcqJj0vAYDlC7SN9TMRoW
+QKc/6plOAeT1awbAxQ/1kZG5ZZhIb57NYmTyW4s7lLsX9cECQQD4tnMAUp5S+x5M
+U8dLgvDe2zZoL+OS0oYTjJASLxMHFIwRlq6P5cpAQLGtsMLfO4N5HqjUWbIuAqAW
+k2f7g2c3AkEA5KHEv6YzHg9G78Qz+Fxh7YIjbcSqQbKs/obvC2VkfxH7WDRLuhDZ
+qjy4e0eufPCZsGM+fk7eDPHCf9ztbn4+SwJAX+g7QIybcPRVIqnL2FqN9+IggNy2
+rQ9xlGhHxjtQ4xIRUVcByYubClvoKEpZWyvf7vzbrcdI5mUsxofhOSPa0QJAFf/C
+0LYLQR8zMirs3T72ZUYaZpt/zmaE4tDU+4G8E8YFK02M49BvQUQqdCJHldoIz8Ic
+50Zrc09n6am2ZuVa1QJBAKFQaEbBpLQ8rTmD8IYqMz+3PGTzrSlFNkx3fOXF5EMd
+qTWp0wPV79ZghiZaYozwuJO7fxUSZeD7bCjDCE8/LjI=
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs2_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC910srcsYLmDs97HI/ZHi/osVHwSAsLLTlDiy+qnzsn+rsBiT6
-4w1kzkxZhEzJZUAf0HTeG5BJq3Ait5uuE5jfZkS0LIKLyENUwOO/cWFalk/vhvfg
-1oRdgUAPHdUlmPsZUktAOT4q0i/2FX+UGRlE14XEtZ4q4uPKjaSPhCK4DQIDAQAB
-AoGBAI0TNts82Yu4Px4PXf9Z7JmMnkpqbDwnpO4rEHlIPLmjRXLMRiLjJArre7Vy
-KZXoVjTONmrv1NPKQPSruVctXQYuEOxUbsbCNKJn//rp9R5K/RxpBP5Hl1W7thKg
-Dc6LaP/EWDkfUMN+yk1fImmTZ1k1ILCanhAJA0eDgubs4kZBAkEA8LJ28dMyCOIZ
-huoo9EULN143seIzv1uvmeFRmPIVytwUs0uuB0Shp2ys4NtlO/mgjq0CVQa8bb1I
-blv2kUeAWQJBAMnpGvXkpRFEogzJ1ViD1FPAR212RcGF0Rh0teWE987sK+E4H3L8
-ujuwj8Vyht5L0wXA+wDmQ694G1VRWjgentUCQCQmeazaTnJ9Gt5jfuEpGYUoVm8W
-DTWZXKdc6vdwrIs6QLWpESswSKMvtEtVSEAYvt+O5oHEsDo/KojAsSiit4kCQQDF
-KCO1W9B7LiN2jVcQGZopNaYJkuXGdF6anMxJFC/OE/s87kp3Q6SuSFf7GzvqsOub
-wLbYSABrxMIb61ZHWk8JAkABradjtQJPMiU45QyBCP0jjssrIMiseKiZc5UV8IqQ
-f7lSsW31FQmPsO5NivODQAHjOkl59Od4r55pxHRB9pG8
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs2_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDRHtQfjgc6T9Mjx4Aa6heHazjU+BybHSLeQUfQ3WWfY5KhoKRY
-IlPdaL2GqIijqWQV+7J1arvN8NgRQIDOKlWPFdSG+SpHgeEfiQJNzn+aNLOHCNP9
-H9sCCZzG5oP2eXiXzKroRwvS951VMVDkrtYksvVXvw52rvecwARmsD58TwIDAQAB
-AoGARhP4reJgla/uZ40RZvOPkvfhgazrmSd4adaihGHNDk7F8pfsuwQ16nqRGLEd
-qQq42Y0RTrvH18mf/pgJEg2pwb+aJvVvWzBfrujxOhYC0pMVpQ3MpioH/WUrVyIk
-U1YS0NDc22m6zBywVIBST0QOtL3jSuHNb1ywzUe22k53nMECQQD+vX49x7ukblAL
-xx6EscuF0l5M4NuER7ZO8RhBTelEIa1WOTT1LXsTS783GRnC5lwHDdLXOP/VSuGR
-j8+6dc+RAkEA0ieUbaHnXybdeD2Y57E4AydIckLE1l5zsoyUQtYr3DxINT3Tajpo
-fyiQfcODIvqddzF7eXFwHILcg1Ykhkdd3wJAGm1wPlqNRfbHySEEMoH7ekujytf9
-DhEegbwTZxr9GztfLzXKH7FzNkJCeSXafVTGsVimyfs411joY+CGjXKRcQJAYy28
-tdSvzc8YvBNN4yJWzd4vKYVrQcQHlB8WJUjQIDru1PmdmceA42nwbvnjHJHr2IGo
-xRKNF1eG3BC+YgSyPwJBAPFauww+k+tcOW9NMDhx925o/DWs0XOPmUmDDmWEnmRf
-2Pqafy4IXNMCITRIsmIn50PGkhBI4S2KphOt0cGDYOA=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs2_ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQCXVrkv3lOAfyLGpynOQF6Fdq2HNjjyMWaZMuA0Lr0QqSb1Htwn
-bldOnTcbrRTSumBELBOy/GElM2+pntRKUigWUT1sOvFDgGvBaddxOm73BIquLpVw
-KvzwJVCdxr0ES4kcriKDy0Uu03t0xJJ3/79bqXOZFjDJJsIWucJjk+ZbpwIDAQAB
-AoGBAJE4J5V2anwIAy/KYkRG4iyBd/wiHLzSiJgDCL8qBkRBfF+EEE9KAz8tfx7w
-k+Wt8Agan4CFyxYuaDzEawMyGMHvyrNGcg4IP/rXcBXzNUMauVrdT/yXeHXbLXzM
-p9H5F9sYPHpvuTV7jds8flzrmT1w2jz3nV5THHqXKxocd82RAkEAxglBLH1woqAk
-hFr342VZANjVu+sBrxo7BR9S0g44EFqqiplwBOK+lOE/KVw2LXMW2rBtTIRhWjl5
-2WPmMXUdyQJBAMOidTrTqh3TJ9r3tBanLRD1pXAquRh8FvG/WfO3Kzk3R1muzXi1
-A3+SJFYpI6tU5hFVWIjYPnyRWZVmBxr1pe8CQQDAoVfn8syRI7zhkar2YirFDCY6
-+ElXDejC/skM0g/uuIKS9tVjqzs+jitmC/AXHY/pgRuQBmS74pSHxQiwqv8hAkBt
-5YHzJNoIXQijgchhfVHcmBFyXB2UOojtDm/qb3fRcVMcdwynhQ/NBvxwhjWqVkvT
-at0MKmWXtlLbkO/m3h1zAkEAmp16IZClM9P4LUwFsAqZ2MFmtb5sjsx1ej9NH4ol
-8oVrkSxr/O93pakh7ZDNUj/yB0on83y6zAzgxfA7F9RUKw==
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs3_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC7x/3LH9UrAH/cAP5FXH0no4sY2j/SNgxXK8RIvpcB8XHOuYDm
+D9I7Ni0lV0Ee53suXNKsF/yuRRF/vNAyoOMJASknet3S/BOa6tjRbL5zswWo/DkF
+982w+fK4pFz5wyMrBU7+2iJCgHA2Zrn0agCu65Bg7uj8QG88OLVBW7067QIDAQAB
+AoGARuDREfec/ZM9r6wMTeAAOZMIcMQIbO8Lr2eMuix+UTRyUaZBWhVEtCbZ2Yta
+wDB9lV1iA6U2Mg1N8poxN7r0lo50SrWFnODp6fQBk1ddL8Dao+KPB7zWBU1Crlmo
+8Zmacjt9kVQuuOjo/0en7WgeAEZ2Co/hjyqLvHoSTVpXWGECQQDtq7ik/nCgRRAo
+p3AQIn+pjuqb77ORVGGQp7keGvHpxih9zWnamhLgu5ifa94v8MceyujxCp1feg4g
+3DOY+gDVAkEAykNP36DU3QkJA/7yWZzndnGXte8+A6+hRz7PqvEO8/2QXyCASuxH
+g0na/D9pVo8G5LnI28neeAgTrKq6UlCduQJAI615hFslsQltCY1JB0MGgv+PPGVZ
+QWG3W62x3lERK5Sxk2D4mPY0C0Rd/uCEdBHi8j5nhXegdCqwYEJuBHLTGQJBAJCB
+AsG8gBfi6qQGM1M+vEds5HzBDkdH5Sunfmqcipha4hh0efQNVxI/Y8qv6yxCRySG
+bzBHyz9qVdQYrcE9g1ECQBiK+8qoayAioh7YR14BfZ/VWI5foKipCJpsqdjeO9Dy
+PhgK/hmPhtzlkPCNcWhtp2S7NTP0Hys7wLPxmeqgdDo=
+-----END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs3_ch1_ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCqfwExXLnStY1cHH/pZvNrL2jLPIpLKF7m+0UaddkOy6NBGQUF
+3ZgdUfl4Nyp/+iYGJzhtjYVasY0IauKsQy9E9wKTyYnJgwnRBAYKLcco+nfJJHpq
+RKzG3aKgeEIN1MBfobW24FrwX1SD/l0mopM9lPjrixwRRejnCHf07M2U0QIDAQAB
+AoGAOn91E1CzWT59j/sfUB/IqSANHp5Y/MyPM0VHQnrozJDGJNHGzWpohLbZl4um
+A176qOXQEJacCLAeqaKyv1QV5U5CmOsx7NjmkiwoP1ItCTLqpH8fSKzFSc8aItrA
+L/utLlAhDdHEcMgjVhKEhIhD5OwSDyovdFzCIpRqz2zpzqECQQDXzzdPePCLz1YV
+/1nfdcs0/UIfUk4uaEK9eqAtqMhwmnM46TgmhmBl40KyKNpjP1A2bERYV42bzR9B
+Zz95F2jVAkEAyj92GFnwFyKschXzSiWcKTY5lT75CzO0mRBpheEUEtL/CvjUCOJD
+diadD7LLYnToM3U7VdlGKTnpie99U+k6DQJBAIUFiQZHeZ3z8xAkEXWX2eWTpcpA
+pUgdo+W/TDRYsRQXX6ZYuu+kLI8hAd9nJxW91Od23LnHXdYHHZjm100AjPECQHFb
+wpiBiIWfJKLJVNThYbbjssDJTBOQRpBoV4z3jCXE57jBoS7di0xk9jF/WGn19tQo
+yDolDyM6V4C9oDRxC90CQQC6dpLixfoDUF67yBnrujAONgGe4voUe4V2m9KN2bUZ
+MaaSGnUZ7E1E4gH4QiQRL/ZiyUp/qX3Qs0/Knr7Mbp94
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs3_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQDNkFFN2FleZx0bPba3HP8Fl8USN5FogRErhc5VuHqZcsNTSk62
-ggF6RNG06hLgH2o2XMH5VqTLov9K2Mz7wRk6DOjAOqz10jIcTi0WYN+Erj57tcNc
-rNpaubxhJcHs19/5NMBf9EVWoaHzQ+GsYSTH7rqJb/o2s306sb76sj9TFQIDAQAB
-AoGAfZ1jEZ7TfcylDLB5pwwhCtnjo24xfRrh0ybBH8DLqllm4s7VqtFm9cB4JYWk
-YzDPRskH/8Xijk3ck3BIUs99CdMpYj4jwzWEYNUivmCnXou5O1pi6+0RTu7n6aBs
-4g8evU0Y6rmAOzkXtiO7QDHAJ8kGfQZYjLA7eIamoYosrAECQQD2LDGs3zZZG1yF
-acmok4/jrUfip+FhrtsnOeYd7LEl8Bg8VDsPtl9sQNEWVz+xtM6aait1+3bDbDfM
-+KvCRVPRAkEA1cUdFJEWwisp/U9/1joqQzRkR+tEx6i2FbAKrUakjghYjyOuiuS+
-/6pEQ+442ZLKHu+tKM1uxpeNXQ7fczWwBQJBANYqbK0xJF8xZrTK7B41AqHZRwjx
-dSs+rHrb7E9sdFHFJ9CUly18RFgxq7X8AfXgjz3X0Ce8tf4eUA2K6iMBnYECQCmC
-izERM3Ak3ZR4uYQp60b9h3OHteVnV2RCuPAIxa9m43t4HE6QOJ6Au5zNR3DIVkNH
-m0JPEfGyQBsP5kgC5tkCP3gRekHb/Tdnl9mFE1vwqEj4VVKJji93P2i1It7iLCzl
-vgB36d7fMP9nR0ubno19AoeKf2+oQ6kIoc0ROJM8ew==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs3_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXwIBAAKBgQDaJqFoZuxvf3yUlA90F1IOQYauQ0Dx6sCv6FEDloJONdREoA0N
-ZytEv4Fch5piQlkOl4F1NW4YZ36VQUdcUfZaJ9y5KirqW2y5WXh8+/9ZZ101i7eQ
-cSlogMiwrTdgliE0eSVBIPhA5DKQwBaBw7NHnwK7FX0ybV11BEXPI7WOlQIDAQAB
-AoGBAMdAL37fOycfx1ch4PeE8WKqAOyb6u7LHxHMXGqthvkOe4Huud07FS8mx24P
-QThsJ1GHmivHEHbj2J9Uz2wIRLwk6oD6WQFul5+mWBCvDKu+sqDALWNmVy4Iu9IP
-7fsOsyTLqcdV3aFVvlAnjwcwW/63VSeb/xYMAIYuZyPSoTOFAkEA/u/hqI3tmWP3
-dKPQ1SPH3X4s7fCa5LztQn2XttXngI6NsCzjnjCcIGUGnYA9BpCKSyjZ0OEeAvWP
-rJoLCQ1SrwJBANsPe9KbE5sbd41FPWST54mYjkO53ZznW8NGMn/w8JXt2bImxIV5
-bh6hCEBzVUVcdktNb+VXxH8K91+YJuxFk/sCQQCnXrGVyWgd9kV1rD7kT5Nd1QKG
-TBpE5cwWhQHfpVtRSUW4TiA5sMwvcGQBbzmhX6+LXIxz1/euFa13scJg9QA9AkEA
-ncqmb4rC8Zw0Xm88jME5K9TWzRQJ/OZuI9fhsmT0d5rPj9L7BgX0+10VW494IbE7
-iHxsGHBDGxvkGli32MM5lwJBAN2VVnxGgNHWQqqVRKL4bFjFDMh4VA8TdljowV9y
-fjWLROYvL3gnbYwIveWgtACKWu9XHXToX/ZTkquOmG3i08Q=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs3_ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDfMODEnyZE+LOEP3r4qXalRwMDL8lWeJU8ClfaBi1Fv/2zclzp
-iUTHzU7eoccCM8ImTgY0d2JehS956ZuR3sIk3Ld8s53+QWYmbI83MdFD7uyLuriG
-OHqdeWWs9sr+qP82anxGVIC3kIL9h4WsGpoNgS/4+03TcqOGWoUPIaKUuQIDAQAB
-AoGBAI1N0MArUntQSbdsyVotUCSLtOiLlJjedv0wPzaVuovyZZj6ysBAW/9ziH+D
-RQ+r3TuLInqNKwZUpB43PHs54QdugsBxh6fCnPVB410SYkocGGbLkrvjFPgUVcc7
-Z4ZIYlptPOnPxnHb7v0PE/u97zRISSBygbe1A6H3HA+3Jx5BAkEA+qLnM8G8JE8J
-ZBsSOFoRUH6/gk1SzuvphCaRlPRSuImrJyZxAPcFVdxHQ9zMHUlVRpzVZmc0NW36
-kUxern02bQJBAOP3neOD8nvUjcBP0pu8qterdDBdIwnlAx8kCUjrg+84pHaZPR+1
-nZUYoE+/BQvVVVdkRKeFP3dItB65JzAAF/0CQGbOX0upkgTKrq1zNTwMJcIA24kV
-MnxR5E0ijOCufyfWwG+kowGkUXnwiwLZFJiGtgXq2tXQS2gHHppu2v9zuNkCQQC6
-ee38kw2Cf89oVaNY4474lnaXrUghKuVPzuGNdaHZyIK3xQf77Us3EArq0L2m/V4u
-+4UxZ00QHTfBvgExQZJdAkA3TGUEPEQhB7A/QZwVy8EkIGnEFWUImFZe88RiKypJ
-1H6adg8v3iRwTq9XE3254/lnE/WEaLXE4OKMsNnA6Co1
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs4_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDio2hBLem/lBEnN5RjjCeIiJB8drdhiuQAOV2zeiekGyV61kx5
+8oLFjZMKIVz1N/zDxYYMAjeND+2ArY87HZ2bmQNSmX3Anud6ToHp/gaelHg4KZem
+Aoo17rzZmTzAkxFTcTVX/S3qsKZD2ATY71Vh/rYzI6rF+0Nh/6wCkLmjfQIDAQAB
+AoGBAJ4XJDsLHtlPHKQBhhXmhxEbScY4PXTiIGbznSP72rkDYqKL567M9mF9fwr6
++M/o7P1WxEmOJlfUu3QeHSI8Z1n5V8rLPBzigZDtPKcD7SNZ4vpRWK6bYqLvmc3i
+siJYiHDtYh/fK90z0l79iJ+y/CkonDBcYM6F9R7k3/YnvNm1AkEA8X386RDEzNuZ
+njHMZCa7zGL6pq0lIOFeoZUhxBixWjeN8yVi+7zfV6R95ygrvk44lSOaGuy/GiN6
+o6HJVnu6vwJBAPBA+c+t6fs25M+1WuONPxRGBovjGFM8UBtic+5LqWxSFq5SdF+9
+b61vACQrqudBaUfah2FK8wBDGwqItWbSnMMCQQCZ1m2Ht0P3UKmCqiyPXFFkOWV9
+Sm2NjaQwAQW6mxRX6W4HB7kPrtkERuhhmiiLmd7Xuw9PuaNfrlxQ4x6UdkuXAkBE
+vHI8RqeQpe3ktyAfxkNry3UIBJrrBXBtxUchwCfiw8GVciW1Vn9jAUTrFEs7Cm3S
+juT4ovbO9mQAKYisuEj9AkBAalLsf5mTMEwf0wxwucjBXw5l48Gg2YidDp+kwX1D
+i+aUWseGOYYS/aP/xNA4RMp33f50QGWBpUWXUvK+Xgdz
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs4_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDiYAhYrw8bOAeMnbaIxZk0xtp/N2suc0zUTZbIn2ZhTMyXebiv
-aFA6SnjRV5q0800gculd65mfDQSp8Fs/NCm4tSjh6kOdDu1wStFSE0EsEGxbvI9l
-/zv8tifX6dw7+GLVRYWlwbc9Gfl4eJCktqVC74L1F4CAY50tUSQ+oU/MFwIDAQAB
-AoGAPvV8fMW7StOrbdVTNfjW4lHH5QfRvGp+3LDzlbqXa8pDQIGu9sHpRjz+GyLl
-ORxNwA+VjfR/lje1q1nY1tw4GcvkgkFsUbWJ1canqzUB+TuUr5A2uxXLGucX+n/q
-mA71u+bZsDoImSYJIciRspS1w+8aODSP3VuJ6M8sWGL/E3kCQQD8DmnZVOPw3yvF
-aCN+B9HE8t0E63673fGM4Je8zEL5vw2JMC2O3sKI6c0fjkm3aAACFTZpvcbMS3Qk
-Nsm3f4PrAkEA5erBd37sGmV4IUbxI+CnkCuZTl48SOmZlvx69Mvh4foE4TxwqQme
-uU9+J56weELUCxNjbko0ghRMmxEqXwcJhQJBAPoUVuLhffKbifMnmqdNnMv6Zl2e
-RTSiRSmQIBya0Qy3iPeHTHxG+d4bkn/vjaYh0ng+kakiOF6zsjzH+yVLqBcCQHeO
-VmIsBtxHDWvIdxZf+OI4ObUNva1wg6SGz+1Bo8kdeLIi+rZ7wSS9mG1D0KIIpjjI
-MTklrx5BLgCosW7Ouv0CQQDk9mIDmJ4+fbnFptf7roTs3dZnvtWkwFisfP9Dy1YQ
-V7L8/GfuXDgSa+QN+1bmIHPrfluXCq/cw1s9+k2Qhdnb
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs4_pubCA1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDf8sUNEpt3yQ8DB9uRTmqU/VD8K3irrUDrjdT6QpleaEocp8qC
-2ksisYEgt9/kxt8/lVr9A45H/IVD1LFT0c1r64JH9iE1cf7awStQ12HvfmDXYT5k
-PzOrDogPQT0VnvXxT8OQ024WMl8zUlwtikPdI8VK54VCKQPuEM2l4QJzYwIDAQAB
-AoGAc4XZTnAN0NHfs5GHG0LXSjoOX7bRDcZW2ewVNG/Mi93CdVu85JlU7vWgBc+0
-aGCKY1NZV3FRISNLX31FaFau3wh/keEvIHeAMkU87pPuZ+9bhqFgszKlYLzk9eBC
-ZQye8ffu3Aoz4OKJaXwPri2VRCtFoQ0tfEfK0BVB/dhCICkCQQD8rKulL6R24yKb
-wHRnolACepp1HMwtt1Ap1y+Wiarep9e63v1530/wH36Qp5m9hikCUXnZJIG6N3lt
-+5LbCf1nAkEA4uVQGhThCgF3sbedxLX/3gLsHEoGuJqsCXzK4QAdjt1tAANnLAh4
-Qoyr+BbN/dwb0q+VRgfufGuyTClaXGjgpQJAEmvcT7y7dtd0bHqJggy5XJTnseYZ
-lLOqqoI/u+/pfzYpajxbqoj3YQBKz+0ILmMblkmuYoBg3Nyyg6w1trZxvQJBAN4r
-hB/FygUuIrHWBZoUTBJr8h5RLfudGE/B7jYbEtZNYuncay3mrTsc21b1nYax/Fx0
-qUoFgjQ6kD+bTmumFjECQDvJyioAREl2fHkdL7rSZSjni10l4JbjYKpsUGVGXbfW
-5J0snNcyvXK/MR+XAoT0H4Groc3FumBl0ufeWmj7oIU=
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs5_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC8OFqJVfKX0WEq2vCTMViCcND9Iwk4ggLU98umJ8DPdm5nA3j1
+bJJ3tor0qDZu3uN8vQ0JyXySOr7JsSsYKow5a7EYpzTclY3NTWZ4VjhWLKKfXk0U
+w6r4fyCYGlNL9SBC9bQw12LqbVTkcVUMHBxBVHoqSLHQjqaCfCuBy6WzUwIDAQAB
+AoGAPncdZPLHPidY7hYXPWJlE3VJhpk4GC7drbxHM++Bh9iwLzPx0tGjkmNcnnGt
+DwKd0OoVB6h81TL12o4X1T9ZpaowgOqOhgYbiFRpWfeAxmqMZULYJYIvzrORNHpU
+XfrAZO/yZT9nNxOBK9Uw0I2ebmcF6PLPAfCTHb/84nFCVWECQQD2b+yHOz1sF1fa
+S7/qBe14HeC3dBpOAJ5pjHFpacgdYEO5fV9RJHvOgj0sp19NdUmuzekPU3QiXUiA
+bbTFINapAkEAw4Yb0pTW08IKk+BKAkfa6CH44CzNC+5HTnn/VlfMHySimbNC95Wq
+o7dgyNlkanoZdRUIXbESlQuYJ6LvuNnDmwJAMoXnvCHNCegPPtXg1p24fbPCaloH
+Oo6t6327kpz5ReyCdfjaHcyZBVF2MT1vMHYnUQsuCNJXMORnBM15DiEZYQJAb8kT
+zSCVdjohTAxWo9krGb6aiKh0jtarY/2x8059AG00nYV0yxKBndpw9kP7+jhWp67f
+uplLU3Vuh3LLdbbi8wJBAJllcyFrvrFEtAJpb103g9MOPg0cwnsVxsLtKPnawD9x
+OwG5EXwJXeIn6iHmGSiLc7vPOoUBwHyOro2c1KyR0d0=
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs5_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQD2P1fkvp0pd+XfCHK+Z1zGN+etYjMidLvygvYd8ULsVsJu0Lzz
-5qaRodtMuCfJOD3J0+B40FEjIrI/b0seFFM++1pY9vr5z8rviTTNUcHuiTLEwTD8
-Y1ETTbRV/aVs/eo89+qMfT77DQ73cMdzzgGYd/7bHxwy41muJrEd6zyDUQIDAQAB
-AoGBAMJeiXAjDUa4PxfnQTsNt2s2oYZ4Jsihv+DSgpZr41lNujdiSGN0wjHdwo4y
-JiVsYUk4Fs0GEaVcM7pijLZ3cKSPv91ZM+QWG6rOB5XyhwpFkaea1g9ZC26ddCKh
-sbXJ5oVIsxGhhPrEPqBfYk46B5MyBuMj6uPUQLy7bhfoNwABAkEA+8LGBTKy4kHE
-AVNvsJ8Xf1lSW9W2Nfs5FcLN8cjV7RhR+B5ar03Bzyl/2lCcLlpPirRObzqxS3g6
-5aGVEjPDUQJBAPpkzdbnhGlTXMrYXnXUVq8g/YsHO7CsAyFuyNEUFpPkQxxraisG
-kjl8LItlOgDq6KK7i0cQ0+A1iO3O78LMwAECQQDZ6NNm6mQFDHFvyF0zHfDDrHdp
-v4fwH1tgp3WEIpZvmo5QWU2a0I3BFqVwPDeCs26HmtsM0Vtl/FHWMk6KK72RAkEA
-+eeb7S36YKi7xxP2CwHXVkjF5HleoLC9GyQXt1ymQAqk1Ht8Zd7UGB2P07w/DOVn
-M+ucUVxBKtgjhr1vXGvAAQJACi4c6ToeBEjoQF62zeS1EqTlRrQkGECcyvL2I/3k
-59u4Jl7nN4d9c+KIHELBVOPhuhZZ5u1jQuRPJKQvs9EMFA==
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs6_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCv50qFV0pKMzZEKow0wUlHE/bHLrPlksC+tnS6YRuQzwkeL9Q6
+0foddmNdLY8NeMWTob/sUZl/kFctnkFG/GrhA2NBeNeEz17U3TcRHsw3BbcZzppe
+63WLGZUflNPSsv+IJsVvM1mte3COyZXdzDHwp2nQl+DLe0Lx6uXtDbez2wIDAQAB
+AoGASuc/iWYxQUVrbz169J/11yl+JTUS78g9ATjqnc7qERDIPi15vw5Y5iDakPvs
+dX0fDQ2Mj1Hz/ij1pnxEKbkkvTTbrnDsmVugOf5Sm02R72jjlsMM0ezXK2/YKcsW
+0UHLukAA8Yb0AAiXyRK03E3dOhCAj5f+6UXdSA3CYlj/A5kCQQDohqxyooRfqFGZ
+LyCP/knesBXZvfkz3gknHNk2voj0fk6zgZbWULfyVRZ4fSlWE700MpkKgX8gtFwL
+DBNsxx8nAkEAwalIOpFpRF9vEfnQ8ebSrgpZPCtFEokJ6f9Rl+WjfYe/COFT9OKp
+HcfzLgcJeR84SXGdDySFtRoOtIDEV9M2LQJBAKOn1cvBEoX5A6VbBAIUqY0wRdDA
+4ppc1fhPV5ouNFpQY7f3p2Aj47ONq4kWHnfU4L/SNOCuD/nGt1mXIDzZUNUCQQCd
+K4nXHpRUTS+TYy/UYwSxAu0RC/zu4hENu4y4vkJFapn71wOQRzQBW3lc7ZEen9vK
+n05cL8PkCtXMYIT40g2xAkBS9HQg4pz365lX1eKvsPTGtiM53qcHfrgijxfxmXfc
+qHViK+ZFgZ64KXsyiTClw7M6Bb9i9pOGMwRsO7hqmBxa
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs6_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQDFbG3xKEtWXc/rCCimhcnEGub5ykGjgMZSY3hDI/mcwkp10f3E
-0h3ax+HWp14WrVjCVduhWQZYDwQd72giHOzDXI75qxhfY/xy2DBNw6y1iNm+Mv37
-BOh+homW96mqCWL220JdkZCCSnXqeqI6EwV0ycd1ca1hPqGjQGMERJqn4QIDAQAB
-AoGAflcJdI7ox3h5mls6SHbNzCW7MpdwsgWy5P6q86yODPd5VzTvRYmBeYT4zbmF
-yNVeO99eEj86hBf39oBDD7GbAbrEmWJcuiPsEblj8zjlHKfEKHAh7TRbgnfWDvLc
-mpdnLNiJlO4CrkZhNMbWkmnZITtlRVsrwZeBPptNenAa0cECQQDpce4q8xnf3McT
-dT1qCWcl8R/OBesKrOobjwZDwaIAznkm5NYWwtbS5ZbtldXu0J1i3pSTyTvLtaQa
-y3pbSSUtAkEA2H+JlxumDWaEArZZDiqiOZeU0lZlo4Dayc6AiKstokRVFA+C/Vtz
-Zt3TzpvgGRmZVW/ksoWagL+SRfeBuPFmBQJAGulCXnsl2XO3E1wpl0a8OFiCpRpz
-jQh/+GtVeowg49zphH1O3NLbNva2nm7ueZhc/F/SWvMQzJwE7f3U/h8BhQJAYtiI
-F2fWPtQJfbuHmYI5oxXkKsyrhyUzv2P7J2sQYL/WIFycr9RrMhIhvHlKresUKP/3
-aNK7IgFVZYCFx8zfiQJAORQ9e4IY6macip/D7ESbIrpFMGAlv0kfa9vANV83omm2
-3ua9j3wBL+KgqY7GDwEGeJF7taY4X2Ad8Yt0J08PvA==
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs7_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC7LVdKxNkktnil3J17uWjGY/zUipC4JFCNuTRbwOwWv8kw4IBw
+emyeVUiVExYgW6F7EN7oEmUhxb+5NjV2T3lmSYJ2aaEijtFM2SHmULgx8WZUIMyY
+qSK9U9Kv9vAJyhuphaVhUWYdVFgSbzVbrEx6i09jOEnl2AKIRnVz8kD+yQIDAQAB
+AoGBAKIvDV4Z5tTqzutYl5Rm+SQ96wr27aLAxJOokHeYWHj1wQx62o+bZJZk6zlQ
+inGLNAaAfcS0e7Chuhhvoi9beaHr3+FkqFb+eefic7/ucOMhi+QDjTlBk3R4VMDR
+889yqNJgTay/r+NN/eabvV+UulKsAHgvwzMg7UgAI8jHTXZpAkEA9ZUm9fXin3nM
+OM7ftvpxFqBPKT3YapyEHT26QYJV074lhh9olazslkSbNCyW1RnzX2p4dE8t4FZt
+EUNVTEfj5wJBAMMd8pcoiGwfmYcW3gRtcCEvrvjVFWGxl3rLMlu0VJXz5NiiwYUy
+7JIbalkRUcYoMGNW35D1d5TaCklrmoJrsc8CQHLYZXfwnSJnGxIV7JjtVaV3Io3u
+1h5FQ6NJEqlAAlMbQQEP/yC/1YQQYWRs1byifiXI7Lu3q4SV5juEeYdKt1ECQEkX
+4/QafBi9Mb94oo1YDgRwn4SaFpt1cwDONDxEbteJ+XXqasKiVBtb59gb891e2tms
+Bq6ANl7t26Kri8NF4uMCQGzrv8B+bO1tXbUoYgPJYlhtpXamII135OQ7sYQyefoO
+m0bMCIBbngulUHAQnSZrbvP7jRLB9SVgG2bv96lUCdQ=
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs7_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC6VI2l6XB24wvluY8hH+8eJBv+1WeVuiNr9lVpkglaoisJcufl
-p/sEWc8nP4q4KDnZAiTrekRzbCl0j1qk/8ThQF53jySMTtjgMc/mg+RNXHcpriFY
-hJ9D0o7L1HV5lll4AN4PBSWwv4E1FSesWCgJeklJF0nx+Lm3oX9mK7MlewIDAQAB
-AoGAI6N+gEhZCXQ910+Zj7Vi7/nqHODGcj3q/oBcL9gNz/cKkkEXF7b8bQWceJ5P
-sw+GmPovA5ccNpNujmvI45xEFJmoS/+n8l5gm4xIelEklRhoW9NeFi671263X6TE
-03VyOLkCVqmhwl0GegZiAQg2ecVZjRDJnW5An2KBEBry1XECQQDmNR4hjO84g9gp
-RXIPYCPWUsXltM1TJ8LfsF/QyemGc08P3qGDwOunAa7PoGmp0/CzBaZMJKfstzip
-sYyIabWJAkEAzzTvo4zpXB4N/8ItL/BBW40iNflJWo6ZOFSu4C+nImNjocGIbF60
-VT0mOdiOI4uLiamUACEENB57jgZzIq+F4wJBAIByTOCdeXDIJ9lHVU/87aINRzxW
-+GWYfuQ+zgd6UaFiP0/0gZw5DYN+reJNeAd5KQlKcrJzlXq/9I7CcU4/5TkCQEc0
-QLlqPfMK3PKrzo1vuXX1jPERRlTZNev2pdWiaoPVtbIraG8dKEk2Z0FvmoC6fmwD
-GznkHqauZvUKYFxmBtMCQB2x0m9E4U+f8e53cSziwnmsa8wIdKgDOGCdcMMeK2ur
-YmDorHkm9xXzHFiIFFbyTiwbf2hvhvztve4jafgKg0U=
------END RSA PRIVATE KEY-----
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/tests/ro_data/signing_certs/produced/keys/cs8_ch1_ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQDYQiKJSUmbH8NoQ5Nb577N1g0ky9hqvWTDjzFvTzjEyjlOFjUy
+iLsD8AQGquThESTbseLRGzpFSdoPNrZ5hUpC5AGDdU0egWkw8GQgGWPA1F1Qdruo
+5Fa3u+BUZPlzx+uEptpKWBYAqMvlxbAfrev8LAiT7i6jJhM8pkZkpd/2VwIDAQAB
+AoGAGdSsc2GBnTnKCWYo781aiROMNlzy2K0OoB02dmksCrVs6trUN9kFHY9Jq9I1
+zHxTvrocsYVjDGup1C9g1FsLZ4HG7sCBOzJe5Nj3sfF8DI9DVsj+Ite3nZeLezz0
+rs/ADZ0vbLiUx93gQageXATzLsb2PrRGu5Esto/pbqGocgECQQDrawls9VL6A9su
+6MczxfCt90epHuf339Vf1kvceBjsDB5Mtf5+ES0ytPKoWbzD/gGSf/XtJkDkJyqt
+ZRWgqsgXAkEA6ypHCLxmSwXeESD90BkaNlxrCFEmPiRMedRPKFxXtIkE2zg/jhk3
+1qAOcTANxwddjf0d2y5TFhc/Nn4zUV7rwQJAYLm+yqzVZfIVqWVtC2GlrOSv5dXT
++21VLyZOTwxtOPcVr/EK2mNWTcI4/WC5hVGk9btroP+Zo+RPzaR9yWDCCwJADLTD
+E8jCKimN/xTuQdEpZmiF6/QegdsKOsbq4/5hSsLgfUvDu1THfJQ3U4xKIkfWmTZk
+55PQL3BgHPyinzHmwQJAB7Hodce/vDl9srDnq0q+s5RdsV72VnloInu2hzYoY20Y
+e6zlDNasAJ6va5LQ5yk8+EsuFxS/kK47wDDZtsnIcg==
+-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/cs8_p1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCtck/QuCvEdMeRcXVeiYgv2L2vzUCge0iHpNxjlgV5TLrXgOy/
-fzeeb2JM1ukQ8EYbXCP3V6EfY3e1TgX9F35Kpm3tRjnH4EV7t285J2RXNUrYATfG
-jluvKNepbJQjS5Ph5avbeg2wKx3omfUuien2N6qoCfviCjJZC+wbTuWtQwIDAQAB
-AoGAA93Zg6inaSDFViu2Vx4vyAlH6URlHW7CJiv5scqlYpfgTm+UV4yJe+G1ykq8
-NWF13qRGNPxiHiYEhCkyHvtIGG6B5rcX74qM+NfOsZVJX0WyzApzsXZ5Ggx6oMfB
-dCuxUaiNbQG+W7jHT/Z5xQReFoYsf5Y7p7T3NuQMNNItNnECQQDlAEy0f/tXanAO
-GnEQttqWd7rYVTxPs5+mIVWCSbB3XQgRKrjImbdSqmLnqTvzcGbWUgdksCjjGF3X
-P6MOsre5AkEAweVD4KMVhGKZR6NjVtEiXlSmI9meXb9GFAc8MWPeY8+VVzSj+kgV
-u7Vzgq7cqTSKmnb7ohlx51WVAVEG0JOS2wJAHOv1xBIp1zd9IXrbbsX5Q2mpsmrJ
-bDN+ZUfueb7+x4R7YVeo8MThL1KPnTx1cuBuTIEdp+zLrSrFp0rFODUAGQJBAKEB
-U7/xLCjmBwnprs+kkblq6RrT1iFad0KiT2Vj3INdGFF1sMRfn0xjfCuEME+BBacG
-LiWIo4DJHBYfxlzkbgkCQEsJSS6fdiqiKzw2ympjwuTvj91rUCIHn9yzuvWAL65t
-AdYAhnmRFoO7PIV1JJS780PHj6postUCTvuNHuG9dno=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/i1_ta1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQDLNMSD4SM6MFjqCH9rgX18FRxylEecrxnyLxzcfU+9DtENPD9c
-lAt15KbOyPlTQItJNbl2Om8oA/ihHn/nycC1qtwsoCOUxkc6VWRQeakI4qucfrmE
-tLLmELaijrFatGkbEtONfERE4aHHMbFKl2N+q6UCPPMqEKKRPmP5sFSFhwIDAQAB
-AoGANxIA5ADCzEVIA3z0E02PlW4fPIok8jieHn1YJAUt8/2s+BpIza0tgfDKqCXd
-NAu888VEkt75Ou4AlqGuZkHOILFZ5W+SYY6r0GrZBMtj729Mn+ENlIvONomtcXLu
-4hHZZ+NqtXfTCdy+xHcsIRcVF5N0M02nUVoDRNHiVDGSXkkCQQD/Pef0JvBhnEBS
-eXpmo+k4E/0V0WYz808rkrp6lITvCtgOScQ9GwjgkpmVFozYyKqBYAH7pYkp80RJ
-m5U2XWgVAkEAy89Kv2PmO9uMlpQSTYdaZf9BAV3/1vH5dPWfZlZjdeYvk4qYTgsD
-eiOOU+/Zh+q+Ih1aSNjVw/QVsTWs4JxiKwJACkwhE4SOpiF7ptgnzARI4G5OA5dT
-HD1wsD1XMKLVSh+R3+Gx/RUeIpFHiPBD9msCFf4dll1zTzH1S1LvjiXukQJADGO9
-l4TrKhheo4i81Bm2VRz/RqYAN4DeOU31MrNtuG0V11JFj/j7bSFcNZ4PC0Qp6sj+
-BA+qbw8Xgn5Q1BatoQJAI5L+o6A2C8+P8WlZGbJvAZ/Ao6LnFYB0UlUnQhQZKsot
-5TtxCfORFGJL45dOfe5mr+BkSaVWAeEsaHnFPcu9SA==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/i2_ta1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCxK1BSDgElsBqLWMLjmUdUMkF5W14qN3rYSs+RJnJxN4wMT1hO
-UhvtM07DIgqt2PJ7oQwXeVfrKg/fTWXjc04bp7qyS8AsYxFz9BKWYNEGRNUpud/h
-uosvfd+Cn/Em4NDsLc35U+jqPj3jRd0vywK+tIi556koRzM5BDGWf5G3dwIDAQAB
-AoGAN8MNNbZIsCb8Q819EYuFwr9KkjqqqZjqpjbtm57BOFcmUh2LCqOXPJIAgTQu
-rkbxEu4+UwkTHeYQNtUyc2MwOse9fmJaLqoPMTIyfC641289okWshCnYTmMrAP5A
-7V+02VCVX3WmqB/qiV9j3ieyQsEGG0GoWoQE7+6z/LgR7ykCQQDizACn7ws0rO1p
-xtNfttukpUgSg3pYfn18+3WiHgYBY3wBj78fv6LAtoyXuv+7kdHJTYNKB6ee3BNR
-3Q9dkRxdAkEAx/tp3paGagEMguDP6LoUSPmD6QedTdBgGRMpHIfC85R+vOVtPLX/
-PUG44FUtbBVdUi59GaugsqxPwvyUMDrF4wJAA5QIZp3k5V3dGRAkAZyW9pANBQ3B
-/mdwf2pQPtCOc7MoH7Yu48dYQAYhTbuLkWAJmU15xs88G8uJGn+MYIOLmQJAcE7k
-TOoSAJQoN5QTjup5m+Xsy8DH+bxNS6e0Dd68gFjjuCfMaiz3c6pmLi4HvUxeRVnw
-TatSKyWUAbghbNiE6wJAOnyMv4Qkk3+DF+oAb1Igk073bHAIpgb0TYxJppiEMkWD
-p3cm6ZgZEhaNjjqQs+guUuQkVoO0iyJIfBRDap0RPA==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA1_ta1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDfmeExIVJMUiF0rspN6XVtOiN1jpxSoz5Tz/vNzEd00o5dZVeh
-rRvPWCOeU508GkZgmNlePOXQxMsMKFmWXibIHSnpAaVaO9+eGoX0nVMOGYEg2Lw9
-KonnjP51YUWl92p/rZSilUtYNSpv6VRLLL8HCjkDfsCWG56POfpJPtBPawIDAQAB
-AoGAZbamDadOvJEPzvhD5rUwSYOM5cj9q0m+7HlL3g3y4110jV+wQUdxwxwg98Cp
-YdHB+ecN2iRxlkou41Tni9NAaCWu/AKuL0NYOSyFFFT+La88uWcFwLx3fl5ROQsb
-Uj34eRSzhO1C7Dl7EtsbkGoiEkhHepV1GcHX5CWoWszpnIECQQD3tVYBMUhphQTb
-zX0YEMb0Y9NZqi9Gn/6hnkt1fKhXEGZy/p1MNSyDsJfkFruWejmROKJLwVQOqUqo
-S0taYuK7AkEA5xX2s4/6c5cvYFQXzr5Jo+ikDpYO1T6xMMNm/W/py9BebmDnXHXj
-LhB1oJzZFBD3kFfo3jo9xB/6+ynr4fwzEQJBAK++TxuffJGo126fFw6Y8J75qDyo
-eswvvXerGDxtyf2jXBxgOveTjlaMVudznXnAk9FNjhATRPD1+Ur3yKmDGPsCQQCC
-pYxAoJn8V/FVCLYdEMAZhyGZjYT9UuBirVbA2lDYBgodZXPodk3mcS/Pil3AVodg
-eBMT8OGSzHHdJipSLX/BAkEA9ZoFsf4lODYD4KZnV76FW9o1zczrtcIcSVYseiVP
-9kqpMKqgruWmW1e91EmwCNnr7ELkVAWgRwfX0+IUp3xGpg==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA1_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDd4PfK+UJq6Si/jAhITBf8NcUsDLQHfMHEBbuIFS8lI9tBsCSO
-VDtEAkuPYDsT7/l9jV3cNLMTuShdPEvBdmyu/6N6RHF2+QsazN9aN5yzEus4mTuF
-9+sTkzQCS1R8Uv2tWEZwr3stf1Za85VmWlIq2sOymHsvzUQvLSTJaimQ/QIDAQAB
-AoGAIGEgSEKv6qI0DCAHZWWVanz+VTtVWnJeZJjhkS5mPulIqgFmlE6+h2I+XKIS
-fQpcQnJK7EPUjmBK/7A47fa2TV31ViHmiAW4fly6TFGzoTCQfnoJ6qpcCjFVD9WU
-cA2NMC91AhmNKcZ3OF1Lt/gEwBTJ0EetIuXAaUSrHRVGLAECQQDzgTsHyE0JVOnI
-njg6gxlx3mjBKSXQFUAGYrKAIWMyZpUEWj2G9xFP4nEYq8p9uA+SzAPFnqZyAM80
-FgJWrPDBAkEA6UOmXTEWw7FfBfMou+WYO2W0Qnys6oUVCgARuwZoMotgy7MyqVa7
-MQg79m1E0oSwtQTuRnUKMHRUzxOn6K3zPQJBAMBQ4H5VBALKvZlk3KPZxs7YCYQF
-K4gcQGTKro/jzqSPwEGfw9hEabfd79S8WUDRjfsyhggeNPb1DLDmcRJjpAECQQDC
-BQnoc786kFq4STN1bhf8N7ECqE7vVjhUtBALXt3mRLYDWI7n+QMEWpP9eY+IBuQv
-/OTv58PM38X246OCzsUFAkB/74FxGAQ12eGQPjnlDEJj/aH29/46XvibGYzXhXb+
-+etCtSYD15KpKsvbTma0/xHeQcNmPURdw70K4j4Xu5bl
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA1_ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCuHujGUXDMewaHR6HwWvrzz8T966wy2avdNhUJcXMSo24WSq+D
-M9ngHOhjrMeNeUdaz2Nn4Q10vAkWi+EnJHhqQaXJL01J76JhgUWYIbMq04mUBhiH
-gZBj/EAXjYk1bsVo1W2J0xjiB+Gf9194JIMRxuULd8M/yVAmOZyLDRj+OwIDAQAB
-AoGAYzIIurK66ENOPNN6Vkv+m9fKCj6xI2cOmj+tTGvterjQhrKVutFXVm4hlmdg
-aCCnnfx4TT3RRKe7JbUa2AnW7wFMZwcpKY2eZTKj8eqH56zNcjzy7vmyADcRRrQb
-4/hJmH7XUTfrT34JUNWfn/SHV17giQzOfkk5SAmOhCP1CAECQQDXQqelA1obfDjn
-81yjavDRxruTiJrnS6scylgvvRKG+/93VYtiUbWFdOLlB8efTM0djUM4QF7Cutg4
-ZDahaieBAkEAzxMLBqPIEYe5IUtmPAHHqRVL5anl0uzVjcX1ThdzBG/UtlqV1zZ5
-n7X5sRWpsKkap/ji+taQVqwBWvhG6OejuwJAIU1bmEjTeOsX9rKMw295AEtJm8KH
-jH8FYvfe+su6gQ2dcT3XyYcwmQwDSkGQ3ZFJLmg7XQmAX4n+h4LhfMlqgQJAcJqU
-Zlnt08qQW5Ca2YrGPiX8jbkj5t0vC9dYG80YmJMPgtIjpVJUNQtJ6ogzLIPooOrw
-0yKWfusuGX/lX4WHPQJBALN29dCtKwoE64ikroR8pB+4ixNcTz2PMeb7rrGd4qGF
-vyBI0Z0IgDBGvZvnFfj+g1MroP88Nooz/v8kmBc6Uu0=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA1_ta5_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDUxmkRRS8ysCCNLQ9cXjYQ72M3agO0YoZoj/tyh5EVX461JQzR
-s8BXKLVW2Iu8wPXtitD7VkWRyq6jL/E2v1SRxpMEaBcn5Zb9kq+PW2Jl9y1tWtwv
-BUS3fd5JJgvsCXHQvTmXWwrIgFtrqhmMst9z6s6jSLGyuj9YP3WGsJxMWwIDAQAB
-AoGAHMMRUtdSUPzD+bF8oRTPJCzn8YawJ4Ml/h5wdAPlVclMBiqS+AnfVyjWkn3F
-Lee7lresFj2MO+/0+XQynB7y9F5lpq2EeeCuO6sdTIJVkaR4gqqEczQ+XExwNp5v
-p4fewlozlz/iARM8TWplRXHOlaAU3JKNn3b1QEYBb25T+vkCQQD8BVKh9bhHmlXV
-G2pFp7KLfPuz4jQWfVG0kDxMHVwwxLZthEvI/duKtqHEe9GPJCDgnkvNFYad/hh7
-Fvhsab6dAkEA2CJ0cwSV0I3ER+kOPOH5CGTnHlGEjMW0tdegwdLhHnRXod1OA1lU
-uOt7MJWdk1Tt4Wae4DIIUaLbZlitTw0JVwJBALyBTrmODfSg4Cqygt7u/IGRTsPS
-IpvfyMmCSVe1bkucF8f6+KSyHRC4Ym+RHcIvh9f7Dz+rJjHu6WjIWbDdt5ECQAFw
-8V/W9vzGBToJhsvHIfb5XUUpe/3IT7Uqs+q28kNWuULeC+gfz13QTCj9xmg2F8P6
-ADM0gjOxJ09eZgFx788CQQDWxnT0Qfdixcm1o2HrbbJ5bUTp+WQAF2qqShIZKHTR
-ji28neWEQIpK3U6jTinfsyTYh8yWXhhWRGZkE70dVMPO
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA2_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC4wO0/7rLEgoWCbtzSY3LZ13O/JLxaq5qqOdwBI5VAixzECOE6
-IKnzIeTK6ci+SFI0NV+vGWCJek+V4sLcCvJ6fWLO1TlVThDY2pBIc2lk732pV6Ly
-bebb0KPfKqHB9MZEMryv2btewTkQJ/0ebp/cZWMcnL07sY+a2oJuW3GglwIDAQAB
-AoGAJoRaMezyqhNIAERalyYSiKXpRJ1FA2YpTXnYiwg/EoCuE5SCWBr9M2oKh98r
-cbgkIyxJcXjJ7n9oXigzVaqWmGW/RdPLj0w3Djzwkdio9oSlb8PoDyiE3JC5uPDS
-jadVWBKfZOrodnJf2VAKAEyGaRgcSti/J1Z3M8jfHP66eWkCQQDupJ+uXS0IOfXw
-nYn4PGLZL2g2F8pip/AkPo44pRzxaxohYpKKF45Iuw3bZW6VU9i6ByRg0H5NW0Dm
-9ef7SQ9tAkEAxjDqzIXfd1EFzT9E1oVeBFG7U1lfKBTMgNPU6qbNfJBoEXlzcC2w
-+i6u+qHV/KiZhBk676XDc1Vqwb+kJri5kwJAX8R4wERsGe0IoXLXN2MkV/wKWgra
-ERVL7X+dG2ZHYyqT5enk3L3vP4ixWuYtpodrZdwP4TpKNUj1lroASntbUQJAS1lF
-q0QqVV6Eaifnr/c8az/3jBSqTL67kS73/84yyWzNY/dcoAV/B17AP6FPjaM72jEN
-axcGW87Zq5eEfQQ16QJBALJTo1rrNcW+nsR2wBPml8k+1m33IIy5WlFnCk91gPm1
-qkZp+waTo0d1ekEYONIQDleiQPWmSzLTmC+YyfXL4Nc=
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA2_ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC0rUNWwEdZRRebJZSmPwf6DYwXvR3qsBRzT6uRreVyFajDXdI3
-0xyfDbWxXdzpyt26WN7XEMrO93ZK2mKHBAA07tIqMvpXDqOoDPiYZXKbZS2QUL7A
-oi4zE1UvF4+Igyrp4KHhbUPRL6drTKlnjz2dPEaRyPy4OGUWxWC4in424wIDAQAB
-AoGAUIzWcryykogNKCwvA5ciVUbo6ER2LAVoeKhSU1Z17tDdNoyDhkPmhLq2AGda
-cBjzlXq9jqB76p3E7UZDmvIbrL3Ckkpuv126liiVkQkwTr/CK8ax0ejHEUYoJsUX
-cVkR/G43c8jD2hnGJTGMu59xc1VHAdEWD3/TNPHkddZtMTECQQDgkUAG1ha/8Tp5
-iAP3mQUn9nDlxcs9T0ZZd7N/8Mgz1LtFhdPlRZNkoGfWinA848ZGPQXgTnkzhoFY
-wRfDPRgFAkEAzfdQ2dwk3Iy38+Qmdn6og/eIwt+mQL8Vi4DPiUQ9H/oDWzPeAXgF
-kEliRBMcJ4ghPJDwymI5bhdwxe2gk+tPxwJACk6gYa/x2113EZzskbC0S+FDzUgG
-zAmXcQPNeVHT3o0lC0vZLezDlxrFqVMxU5ogv5iNbH4tke/af/hc3tkvAQJBAI6H
-nwOkPD4DgyjbsWI+tA7etV1lt38GvLoVIYk0F7iRItFySydpDzCSF9ZUAx+4LIfl
-JTxoTKXKwte1YXH7XPECQQC8m4hYpuH6PI5Fm/3GozP0IS0iJfNlD/AAUtF3FDmf
-iWtKoRphc0qLJND8eYAxL3nGPDWAwppt3sJEwk7QuNbv
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA3_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC6sZD0+k6CVgSSetXXI5PkU0fCKAbDoW7tfAIO9nMLjhF1M/PR
-mMCtNxK4QRpXEpVeY2G1aZdgB2xuS6UZDvi6NZ168Fx0M3p4JM0vKs0xhBcP4E0G
-upJ6rtCpVIDx0k3c6YGErcl0wIjoZ2NwKsSFdbgyqO2vKmtjU5cn053mVwIDAQAB
-AoGALODGYb1R5g7bZoLUqLTKtlY2p7uLdLd3vOrUa9hea2apV603bSj1GC5m95fe
-xxOWiGwHbt6FHvZp4FGazF1G+MJNGCnhAH5snJaaBaAyF8AkhwijXbZohKPL/DiZ
-DkjpWtgV7RemTVKTgyN1JmT/fpkR69cBFMYwILBvN0voMyECQQD21paPfe1Dne4i
-jdSCsdKRbk4u5qPnOwdUsh0aPEHJiG5PNBFE4iDPMoHq6dinlBtbZ4bLOWAsUvwZ
-Rs4CKszvAkEAwZ9+tB1PeCWt7we+VGRuWVI5LORqAvt98RpKPmhTUC3K4OEcOFOR
-jD/67dREs2uirPH8KF+mhq1FIGFzNvRNGQJAQa2rdhbNsPYuzObsKrJiEuxExVn9
-NqOQOcsCz15FKviwUUbLaYa5sCgCRZ1fVoekF9geF6j2nBSgm6EpY4475QJBAJlK
-2xdidT5cJn6uFMPf13WkIVwnYr8FuUofVFRgaEV8W7j6wErf7sWpCdMtUU7zkpF1
-6/tS7xaFK8tdG8iQVlECQQCC39PMnIkEi0VQomJ1KGWWKLUPVj/v1volfaz/U3rL
-NVZGWTYTKO432ARwG+juMsD4z6uVHnEjtuYB3mKnVCZf
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA4_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDKqsQLdSe4ogOA/Vud2x3RaRtOu33GiNu2FF328v9F87Z0fzW2
-oZdJXoq8lDYl0TU0NFUK4H/jwRv+J+4zUwI7oaeZ7fHRuBqRFrqDnAINeAwceVl0
-vPELIRr6qlVypbQ5mUAcd9oX1m+iFGGWX8UU2Gzsgvm0RXZosqkH7pTfZQIDAQAB
-AoGBALrgkdt60QC4LADyHlvF443onGySCF1cbzRLPYXr9aV8H/72GgJoqIbX7ZgM
-Fo3yhlu38b8Q2fyaYYSPL18WKNRNkSyRLag4fV5ArK+5iKHKt32SlLsEn09Yfrkj
-R7qa2ZjMQKm46wrVaLSpbUgVBFZv35XYBMDtbayYGJXbmCcVAkEA52+KsZMgYpyO
-DjVbLtk3r6tfbCNsvS36dTgqcyroNOeAop8IigkJhVO3xQ+/bwYu5JzuKJaUPWmF
-7OUtnv7ykwJBAOAtiUAqI/haEp0trHgNuMesaL3hy55V6ys6GkCO+D/409SK4Uyb
-jrtwxndrjj7OF3oy0VPqe0iPueO7PrRmSScCQFFUwoHK+WuOJuHZYFTjYw1qBRuk
-i1ckLEs7VLeqUXYeEPeVOdQAfwcKt58Z/KVQn/QZLhy3Zhr61WS92T1xzN8CQQCF
-ibqLdU7N/uG9rVpifVIH52TRT3Kak/WtX0QKFuA8Qz30CvKgTr2cXFZtBq3KLbwA
-d8sH4NKla7BAvuZgUdnbAkB2H9ZVhrSWTa/2xvmkVp26b5TYMuAGQau9oFDb83XU
-rwA8G4unt4XKJvoqV071qzmESyqkCrbdNI2hZXHkeTiz
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/pubCA5_ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDBfegBh8ApVU/ngkk/01gjr2BYImjZ/me0aZ5I7rkF3DGFnV66
-LxlhlyDVmdmEZ1DOvxvvhgdwDv0/IqkWENYt9jAjNlQoFjPVWGwV+3kurwdDdxG7
-VOnj5VxbWmdvu0MITsOodwYlkhDMyx1KfQcegx5DWby1Vhj2LopOUr/+wQIDAQAB
-AoGBAK689rXTE44AVm3bci0qvtFTQy20vX4IyzzZmTGCLSOGrE5fRTnc6Q4B/owI
-KbDx4L8lRaQ1JShk0P2gXpTn1ZMO933XqmMH0tXh2DK3S9SORXABVUS+0Z3E3NDs
-dGWK9PUzbBsX0HIJxgeEbPHadoY6YS7G675X3C5nzWaJ8i9FAkEA8gg3gibOShzP
-HB6mGyafbETVMGibSkwnNsLjLSttbrUV+GJubedAcPmVbhm2oKLkCYR43e1JpweU
-eZzfyDZXLwJBAMyojiK5qhWzVVX9pdwUyxJ/GZ6wvwfTH4depiMvYPaycZ/OinMq
-KLi+c/ttGW2ZO8OvTPNqHSPogD+lAEw0jQ8CQQCc9mM5Tv1d5w0SCXZkCUo+pu0z
-dcOwDW8o/n7iHlXcBCh5ayx+rgiGu/YC7z4XM0x8N6NDGc44Opw5ulkOuN8VAkBf
-be0w9gAANGoDOc4ADFYQnuF0ZJf+7wwRlCnF2E7PWa+vw6A9SRhJ5MyyHVIxD7WV
-boVkL0O9Pamng6na3tozAkEA08Pv16+h9lLdOA83mAcjIqMV5MDMlnMAJB4zWdK6
-1z9/Ga3gpgB4whNg6zn/aj/X4rzxesCUq8RtzKCcvmO55w==
------END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ta1_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/keys/ta1_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCk5VBP3YX/cP3pgsC0RE4/UF4yV1KeHc6WpDY4XyzAQSenTfQE
-2AVxs1akCTImOPgXptfoTPZkVuD7+mtBRJwG/vGZNdW7ZowS9qvNkALflJdejJSJ
-io8ui4o8CoUvmiU0rbSC5ARNqIvctEJYPcEPhSjXJSICuAnyIy5X693jMQIDAQAB
-AoGAa3yPPYBJOJmO6ggxVVCxMNRSkr4ZPLhxUgD41wYzRZ8zGfvWdNHbuqIMeCEG
-b6PzFHfNhb+lXQLE5Xv3LjRq/5hTRT2X3FRhZvWjBmvzb67LeMg8qsSidyas6U0j
-ZbCUTbnf47qw0ZlbzI1ulXoEnbwNJGmKzcMuwtJUt5/6t4ECQQDWmgTUL6FX1DaA
-pqgkrDAzTkXxbgGhK1fzs01po975AmW+/F8z56ahlS8OQI0f7Pkk8eGSQBsGR1Ac
-r65EN8THAkEAxLSZEwtjPJAAweW4mfkh2PkWL9P1yFPyiQy4lnLwoSwF4ftFFjJw
-gZwhzMWQMc6TZkkseRhqxkyqEqBaVXcwRwJAJjkurQCC01r4Djgg8M8+kpTZfmQi
-pCtNMhn4qt1GRMH5j2fyKROUqWkiBX7X5BzYT41JqTwD1D11dnaQKpRoVwJBAKAK
-+IjAOSurVpJsH/hW9S0d7OlZIZ6ufqT3TrBKMHJR6S9mS122CEfMCswa6ik8FD2i
-x6Z3MVjKQ44IHbdv1D0CQQCGHUu0i4p+Z/cUauAvbZm6ft9Snj9vaSHJ4V5EvIa8
-MRPR3y+JaBcy4quuK2bFPyy2KtHGxXSVsblWWuRYbTum
+MIICXQIBAAKBgQDW6VX1hgHVK91SboKJ3HojoosyKK8JKzf0mNktPbbTWG1N+eWv
+QKpBjspqEShuvRfuF18iwxWZZT38tha8Wvu9pxWw//ZdGSA89XhUGXXMYYJvvLsa
+X8g3erDAXjAnoaqyh00QV/wt1hdtsDm9BrUPztEAL4U1rchyOeUs5AYqGwIDAQAB
+AoGATy1eNvutFy1299SxETuCYDiVUeB9REKA9gOOF8Xh4pF0i8LipSOM1mRWHKe/
+nrTZ6SUBLtxyy7XqFX28eJ6ImhRSKBq0887g4Bx+r5ULLU1mKjNROuUjmrqveKZb
+S/hkBhTxi5nlKb+ZhAHlchi4tR0xyR9eHAMWpHmr4q7dM5ECQQD++4L3bW+Qk7iB
+GsO0c2yitNsFIPjKo0WWUkaDBdlbHz0AZ4Y6TwyOnrCxLhndMibs76IKM6QgDL1v
+ZixN1x1DAkEA18TjTr6oC7IoIjquPmhgxzzewr2ohKF5U6QsizC6PBHHTiJcZI6m
+ueRmvVuEefdOj/nrh6p9FqizSu6qS2/GSQJBAMRenrY/KbSGj4meOyo12mxULHj+
+s5wbsfPa2UL+ti5fGHO/RriROHJ99EX/4xtfDGtdAcYpjzS/mwS4A1bPXFECQQCT
+GQg6W+JmrtuLkmPN6gzoZ4gaTYBAg3EaY5d2gQ7F+vzcOLKyX0os+xhLycOD/uTR
+ZPl8cO98biBlWlZAvX/5AkAhetIzZgQqUhk/irz0U96O6LiYEgz5sBYTzXlQS3/s
+fbmqP++KW7ShlPMTHUSkMe3sAx77r7RoRNSOD+5hSlA+
-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ta2_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/keys/ta2_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDWOoQYetY67n1MdQoY9M7ALLVZ672DDDxZkAw1uchVpMEEiEHE
-QKhzTvHk24SquwN74V5dkaDuIj3zhDUJ3qkHaTXmj2XEVXBSpl82/2rTfMVs08tP
-odiUaBRJMpNMrawJJcW05ZLEXfXQSVTc5t+Ab8KGNDkO5qibazIhQcp7rQIDAQAB
-AoGBALblnoGH3f7SPgdYpRZJa3qGsQ3kRhfsClossT/tLSxxTJkh+4Qh768CZ2KM
-R+e7Ym4RKw+XlV25vkp5RQ74GjW5oGvDzkOH8NsFBx9yQwG+E1vR5JhX3cHM3ews
-IrfXzBW39FGpX0oWl9AW485ZsPmaVk1FD0oRgsyya+yEjRgBAkEA7e70eSuinGjG
-rj/aRJwqzf77OQW5hGb2u+Q5yxUT6s4izs3g4eKpdllUm2y9rFinq18Odae19UL7
-0ChtCaWDDQJBAOZ+xuBNRyz3kwsSrVv+qdlbhK/tJM8V/dDwLvuqkO0D56ORhBWe
-clvHpNOpuhHmlai3npCJhLdb9/DeXwF9MyECQEqMkkDc8Sg8k/PIweS5YZgFikVF
-i+j2MdyRF6KPyhvJ1pIhY5Ki6CHSv3WrToqPhIlnUSqAD7z27ds8r11UZIkCQCSV
-hrdfTKbEfOBLDJ0HZKoNLphFyYvc77ZUCQEE54/XCNMba52K0pfirjSyQchJkwN+
-cXp7eUcpH8dpZCb2WkECQQCviGvKbAO5OwnWTI51HioYmqMmKIf1gPyRiPW6PkXw
-nGCsBSr4/AxpS9d4cG+XDEvgG/9bI01VWtIFSXk0pMd4
+MIICXAIBAAKBgQCkRPuU5JKrLMAioe19TN5SkaZw5Il1VaQB72ZjtP5prLeD5kNf
+kET2zGYhab7TBj2CLdxt8dJt47Ay1jLns9Y5dhMaFPUcoMyNsHq1Y7MQuTfMNO4Y
+sTVZhpYc1LQacSXnqspWV9XqirZK/NjWllRc2sSzPfkl5eW9vI5Hv+nH/QIDAQAB
+AoGAfCAH/kUNMr0Y3dJ/ssuPvtKB8xItb/Trfe7Y7oSILW+uJ8Opqx9HjTl7/sl5
+wNkZRzHCO22b9R80N+W1B3HTb9f0SUE/QMWRoc0//II5xHnErazEDGCcImqsSx8L
+CZztAL7A/WZAwhNOk8YTJI0T1+zPioqzGDakiRStSD2yRiECQQDRufDxGNC75qDO
+jtE5NySmiv9ZXifBBePlAJyzXEu983w6K1CdEmLUeqn29iJZqfy6fyn57YC4RVwo
+xYk/6Yy1AkEAyIN7hia3glAwKhrHtOWK0OBidh3xLDDJtZYckD/IAB8XsJHO68Z1
+pN7LVQldGn+D1B3w5JD2aIeDEx+H0R+jKQJAIunPYHN/HCiykHBaCCpT4Z22EIyK
+FaoDXDYT4A/3U/HatlxLmTpcVX7uGHy1DzQrLGjK9h5BlWuGggsQZCFfGQJBAMSx
+/l1143SI9waGqLtypT8LrmrSKoBAB88Cx1hVyPsdhR6nmgU99K/cAjiT6+oPhqFx
+EZsV/TJDJLiAqLnjQCkCQF3GW3TyFO34Fj456oKyb8C6j8bEqRtDGKoFOxYEvjmR
+T8GGz8JpT23qHquHwx/K3MVCIRNKok0Y1ivnvuAodto=
-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ta3_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/keys/ta3_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDufcKMDiMrfbW5UcqPRTcqIVst1uxXxfqs8Tlj021AOcxTI6Wl
-cm4a8LzlC/sNgkC0YdepG7RKVWLPTjymOWX6dPmRjLkOASvNNIendvcC3e2Bd8rV
-x5y4A6eBfsC/FDJ7glBpFQOwfF1m1NFYcAqQDJe3q2QwRV+oeieCiYiYDQIDAQAB
-AoGAZEUXoI7pFoX5+3p58ZamRN5VWYZ9Q8IHTOL2wBPKYTBryaC5KkBcLpN8t8g7
-u0hCMBTa+UyeloojywkX0sNbLgxpeY6TUurq167qtO6VavR13yw6/O+bPXgcAn7u
-dLkNPcHuekupM41f9PboHFks2y1652VZLe72C95FNB2DxwECQQD6ZdEkFjwbpSwM
-fvI2TKPoUz0mNgVebdet0ydeQlYw0qGO82Oa8n1egyu/zhP49xdLCtV/pTuXyqKJ
-77DAy+ntAkEA89O/Sxn9MI+eEvVwsVd2tTpaAKgSjmHMejxipa20DkLkwRkCoe35
-4TATN2EAHBbB4/Z+YoT4DwGR2wZjef0ioQJAeTg3UmANQ1joBTijq5PYuc0qSkhW
-uws0IauaYHB+523g1qKPcuC3vryDvnxWgO2l8idRilUEj4yCuYI3MG7HVQJASFJj
-aDRSPEgtG/R/M6r8w+6F6bHwpxjtHMiyffAS+zPuRDRV6o/60UeAO6ni7XH2mtZv
-UGueZF0T1UKE2RczYQJBAOLD27YypM6SOZKea5UXhWLmnvTmjKu3R9qqg/QI8mRN
-bDvUmU/LbNQetwaJ3uGxNo2cBxJJoGR8yD8okl8SPUk=
+MIICXAIBAAKBgQDYkDhD03lMAWnceLDljByQhXLVMGoDLajkaq0nxFnojKZReWL/
+GCaH5yloLj0gsXhAVsCCBCpKN+E4nwrODcat54yxjiVhoXIJmCylpLtWYYfwLhKN
+2oto4TmayC+q3MmE/xvrzimCVbNMyZj92HwT6sDVchd+kgv01HGgIvrF9wIDAQAB
+AoGAAOOOp5Cdpdc3pQUFzNtnXpx9nSxmsv6j+9QIQ+qFZ/Pz1s/FvUBPIC2tuNS/
+wXuY/8KbZa04szdJgF7+v1vFHf2uV4Ihhi7Ys4tO/RlJpDfL8YKoX/U5VNH8Zcb6
+DcHyBovEkB7eW7QVevrYxpt7VjsRLm3wZNRBSjxTAgZylDkCQQD8CpZJC7YM8OT1
+9362IvHmX+Hv2xq+RSjHn4QMQ5x3kHNeLnmAF6ACRScvs8qYAboX7LiOmOYTlghq
+lY33iILtAkEA2/b7ai9CixkJ+jTDse93GPsI6aB/3TBR4T70Hhrw5PQUriWzj0eV
+xXS/dfbZjKo1RopciUD1I/A46hqMgIWb8wJBAKtDsm1+ZL2Ub7Dn9ZVkV4XYv5mS
+BDEoo5ZKQZtn0gm5AXwNDojJBPSl8wPKIy95dO/O7nYPVcAXYi6y415Bx90CQBa8
+YqRJGkGyZtub1JZxwAeu+u7bDhxYwD3d+fGaq0efCvwtHXAz4AE23gtdZoMpnLQb
+3RC6zBvY2qkn8VnfdY0CQEzdcnWs9TeOXwA3pc6cy/QzP2DtimSQtV0Ii4qYD6ec
+e+LVK2cONKNskdhgVA0S6opNslTjs4Ay/Yd7Jwuekl4=
-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ta4_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/keys/ta4_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDAK/ITpSnoGe0Vt+9lKjO8qiMXB0/iuML86PA20nFV/kUVT2I9
-C/YaTmx8WQkGEG72FxyWTtbO+ri2pDaXldxJh87tEBr4yrmPPtTmiWQnAR3gVp1x
-VXvxU+sWudY89DU/pSO3UB7YDWev+2V3VTQPqc81mrzq7ct8XJ9hGpbqowIDAQAB
-AoGAFfTvc88rOpm7vP+HGsf3oVbPK5JqTj1OCheTWrAwwuKKgiTP1KnJNLhBLPP/
-U/IMu5FocsQPRxbeg/+/PRKiWJFojG5ZpFrChwuTHXvRCQOkQCJLERPJ6TytNg3l
-xsRUQ8dmwI1i1gdSAiH7QM0THbWvxrYV56sWAsmErITXNAECQQD4fzZYKQNfzJZH
-ZBisFM7HEzNC231tKeMc6Mdeen70QqG4fsjX5/C+ocixUkWyIOUtwjwE3yJvXJwL
-6gzzLSepAkEAxflcOezxcCkU7ctMQo6h6bmW+R5IL5pcwkaXuq4uVouAiLqKOb1Z
-1Q/5NEi0omTZOfLXeHGNYhFpFWBWBEb/awJBAL6UIcOfQL06FI8QD3P6SVOYQBoo
-Z5tPIqVLSYwF+lOuvoTWh4Y+lf496cNEy7r/S4S6kHlT//7UUcE5cVEW8nECQQCc
-MLzDcp2VSMQbS85RoGg7ltF2n56B9/4AxGMGxE8Itqzkso9FOI98GksZJddlW71K
-C75VZvkNiwDl/Yg/fagbAkEAqDu7IK6L5gqf+pc/PiG+UZfzDHH50wCk6RH2vd/5
-BfiQlHiVEFfFf7QtijFyEErzqFmDk0jAqGqHOf7FSxI2xg==
+MIICXAIBAAKBgQCxS4iVsx6MCJUhQ04Z9sHgSmhJ2ChIuiAiLavYYhXVTiG9wK8A
+0AlK2jsALRMMbuE9NwD1CV3NaYFOKz04jPBkZg6g1mixJ1c+AcMnKsGoNbJUp04X
+PYOFQ234B7o7QAW1w5unZvVfpfiwXz09lyVMT4ljUX1KvkgaHHGj+mqHEwIDAQAB
+AoGAcXKz45bKZTDYvIAk6dhMFwmF0jrPDDqNdVFkNQIOln94d8NkOFDmoU8jkelF
+1x7cYh9gLWvg6iAo7awdcKI+7+43+cjXeJ1+mYSzFyWMuWAfqDAUu130OeLFM5Wu
+2sdmfo0ShuR1T8vywsaQ2VtEcrKVEHpCvIjUJye+kO1RPQECQQDlcLQekOxj2rgB
+MLYdJwkr0JcLxMTzoesFdAnjVC3C4dn6hlvURq6ZHTmvcoDjIX2Mp7F2bS8zW3Qk
+Z3yE1vfbAkEAxdGLbmKmdGzaXwrMtwrail0l7G2cNdxgxJMjy7JuDIQHnmTGyxAL
+lcdZ0Pp/4Hgl8KSIclaV9B0YE1pjW5UPKQJBAKz7FbFdzftSsRukoAjGn3F7KAXl
+ah/M2aYY4EOV+ZJOOMtadO1MBOLHV/Bgwa98Vm2vGGqS0t1DfALeStDUSbUCQERU
+w6MXtIPW7f+SjXBU8XSGBImMuz7npw1//gdo1RbBrJgMG5cdLcNJHz9OqElzdzeO
+vgsw2Y9/VUeqG1QRQzECQE/6eNC5Ec/7mtAW+qyHOmTRXXT16s0mIA3dawQcLvmc
+6NdPcGO+5Af/BzteNPLBk1DGjLhiJD1eKv9AbJHaKts=
-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/keys/ta5_key.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/keys/ta5_key.pem Wed Apr 06 18:06:57 2011 -0700
@@ -1,15 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCrzoWgjvBGYHXiuJA57wOoR6DXdaMJ3t2mssrhOuH7u1k2Q4Xi
-l4kjgo5uk7V2qmdWKDcaivNPUPdZUD1SnbKzKDa1scTPklbUFJU9xwR5zYiucp6a
-b0l6wqG+5TjC/GLvZasgegJ0Vg0Ji4aya4aXAwQCWHwBEh3kJwxgNCP3NQIDAQAB
-AoGAMbLmONHgc5tHvrQBFKEtf6povqsK5LoRiD1ELu8nm/hQEEBsJGYNh7YmmZok
-7hTRG706Y3U6eQFE7BMoChQQMwV0GIuLjm5LohautkpFcgB9sA8R/QQIerG99aCp
-v5BBXLRrMe/x+7KcEiqyJT4rQ7ABI7j8s2Ynj1xcZueu/AECQQDkP5vcMkP4DxpE
-scuvNyj/hfqWr9Y8Vp2pImU4sD4MwA+GShDWBu3rNS9MrwYv0K7a6T1NTuvURRCa
-XA13yp61AkEAwLIf+D+GoqbJGAN2gkR3lnYRwKC95/T13LIa5rAbzCnXxf5tLXoB
-BX0gE02IT0HAW61JZ1GJjKrrv7w+Q2LGgQJAZGhPCjjaiZ8rMRj9v2CGmpG3wN4t
-YnG//Y1x9dQiF73NloeyjFSUCSpmWleMYzBsG0ULgJy9Ra30NdNU4WOzGQJBAI6o
-kOCR71QllEUx8x+4Hq0G1le86Tt78DWmqiHViY7Z/4P2u89qPq1YmFGSGfNLY2S7
-4tcZ13KL66L0c0giLYECQQCCv/gSoin3lGqWyXWbaoLRmhzVds6KWaNGLiqjsbhU
-pmyuGpYPQj1y8uZE/ToWyJ2oGUrUe1l+UySDGOXUEqnL
+MIICXQIBAAKBgQDMJ7TCwYg2653EAnkEjY49hHIykn13XoenGxl9CT7/g97eZJsD
+xJVkoxbvtjMr1yg/cI2BwwOvTgTe6IZRgnWBTh+X4VN2WCdh8gwvLrrSt/VqsWaH
+gSx4z4x0kiwuvY3uaOyS4w1zG4InPkRnlxxCRiBliWGuGwcfIGA8whYnDwIDAQAB
+AoGAMtUYHv4NKo+UIr/y3f1ZE1wtCwaKkvRIloUa3ZU1yG1PStSF/HQwNnSdO2aE
+a0ARV2pw8YRbIIUulUoUV6tCElRG2wZWtI+HGr5A7cqoO78VmUcyRZoqt2To3UHQ
+heSNks/4dwg2fj7qoeEf1xRWtrPgqr6pXKiZ3gXjwk4DMBECQQDlAFGj7PZkGMIQ
+vPLMnSks8zGvPjdi5CSNYuVXg4DbmUXr7rIcorFBTjRwNBhbmSwm2Eavjunc/f1J
+fMqau9ZLAkEA5Dl8ECDkkuPCl6ycfuM7rG9QDr8YaxZCYTiOBrP6tOBOCYm09oZE
+Yy2xK1miCC77OS1YwDfvSpP2gy3+QL6HzQJADKuJ2NIBh+Q+yIJLxLplTtFdzF5a
+3iPVSeVQ3xithnjif31DaYYu3HghOpwHRPoikTuiHZCAq/N5khlPdGQ0JQJBAMU9
+6TsHMoTA0yzCwX3oZWphyY71GOV0F2putlCUu9gXA1q66Osmn3QXyUbt8FuiPvzr
+dAisTuLlfedhmJvcDwECQQChSwcnOzWUV+tzyOtTCRvYzCcGkPJpVURd+CRNMsxC
+JY33rwhvxHSHdrOc6mo5NSg+NvIFHaCudqPLrNbMur9g
-----END RSA PRIVATE KEY-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/03.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 3 (0x3)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i2_ta1/emailAddress=i2_ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta1/emailAddress=pubCA1_ta1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:df:99:e1:31:21:52:4c:52:21:74:ae:ca:4d:e9:
- 75:6d:3a:23:75:8e:9c:52:a3:3e:53:cf:fb:cd:cc:
- 47:74:d2:8e:5d:65:57:a1:ad:1b:cf:58:23:9e:53:
- 9d:3c:1a:46:60:98:d9:5e:3c:e5:d0:c4:cb:0c:28:
- 59:96:5e:26:c8:1d:29:e9:01:a5:5a:3b:df:9e:1a:
- 85:f4:9d:53:0e:19:81:20:d8:bc:3d:2a:89:e7:8c:
- fe:75:61:45:a5:f7:6a:7f:ad:94:a2:95:4b:58:35:
- 2a:6f:e9:54:4b:2c:bf:07:0a:39:03:7e:c0:96:1b:
- 9e:8f:39:fa:49:3e:d0:4f:6b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- F1:31:DD:AE:13:EF:6C:62:A3:83:98:4D:1F:0D:25:1A:21:28:1E:5D
- X509v3 Authority Key Identifier:
- keyid:4A:49:37:7B:87:42:F2:B2:3F:07:11:1E:FC:AD:31:B2:C9:DA:CD:25
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=i1_ta1/emailAddress=i1_ta1
- serial:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 98:18:b3:7c:e7:02:ff:ac:b5:bd:af:2d:7e:02:5a:f2:db:fd:
- 1a:c8:31:20:44:2a:b4:78:df:87:f4:f5:5d:f0:bb:ee:97:d0:
- 45:db:10:2b:e3:1c:96:45:7b:d1:7c:d7:95:d8:f7:13:d1:2e:
- da:59:09:68:6c:1f:f1:b7:b6:c4:1b:3c:89:38:9e:ff:5a:74:
- 53:18:56:3b:9e:ba:c2:a6:e3:f0:94:85:6a:89:bb:7c:f3:a8:
- 8e:33:c5:54:d1:e1:4c:31:b6:c8:4d:e0:62:36:d6:83:a3:08:
- c4:e7:c4:5c:20:61:b4:8b:5c:05:2c:8c:28:b1:83:2f:68:e8:
- 16:92
------BEGIN CERTIFICATE-----
-MIIDOTCCAqKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEPMA0GA1UEAxQGaTJfdGExMRUwEwYJKoZIhvcNAQkBFgZpMl90YTEw
-HhcNMTEwMTI4MDI1NDEwWhcNMTMxMDI0MDI1NDEwWjB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMTEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA35nhMSFSTFIhdK7K
-Tel1bTojdY6cUqM+U8/7zcxHdNKOXWVXoa0bz1gjnlOdPBpGYJjZXjzl0MTLDChZ
-ll4myB0p6QGlWjvfnhqF9J1TDhmBINi8PSqJ54z+dWFFpfdqf62UopVLWDUqb+lU
-Syy/Bwo5A37Alhuejzn6ST7QT2sCAwEAAaOB3jCB2zAdBgNVHQ4EFgQU8THdrhPv
-bGKjg5hNHw0lGiEoHl0wgZgGA1UdIwSBkDCBjYAUSkk3e4dC8rI/BxEe/K0xssna
-zSWhcqRwMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD
-VQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQ8wDQYDVQQDFAZpMV90YTEx
-FTATBgkqhkiG9w0BCQEWBmkxX3RhMYIBAjAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOBgQCYGLN85wL/rLW9ry1+Alry2/0a
-yDEgRCq0eN+H9PVd8Lvul9BF2xAr4xyWRXvRfNeV2PcT0S7aWQlobB/xt7bEGzyJ
-OJ7/WnRTGFY7nrrCpuPwlIVqibt886iOM8VU0eFMMbbITeBiNtaDowjE58RcIGG0
-i1wFLIwosYMvaOgWkg==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/0C.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12 (0xc)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:dd:e0:f7:ca:f9:42:6a:e9:28:bf:8c:08:48:4c:
- 17:fc:35:c5:2c:0c:b4:07:7c:c1:c4:05:bb:88:15:
- 2f:25:23:db:41:b0:24:8e:54:3b:44:02:4b:8f:60:
- 3b:13:ef:f9:7d:8d:5d:dc:34:b3:13:b9:28:5d:3c:
- 4b:c1:76:6c:ae:ff:a3:7a:44:71:76:f9:0b:1a:cc:
- df:5a:37:9c:b3:12:eb:38:99:3b:85:f7:eb:13:93:
- 34:02:4b:54:7c:52:fd:ad:58:46:70:af:7b:2d:7f:
- 56:5a:f3:95:66:5a:52:2a:da:c3:b2:98:7b:2f:cd:
- 44:2f:2d:24:c9:6a:29:90:fd
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- C1:F8:27:0B:0D:24:82:11:16:5F:44:79:21:5A:E7:BF:F8:2E:7F:61
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 17:cc:85:98:2b:c5:c8:ce:30:6a:c8:99:c8:d5:41:68:37:12:
- e3:63:2d:47:33:b0:46:78:f7:c4:3a:cf:84:c9:5b:03:61:19:
- 40:69:7e:63:00:16:9d:15:73:39:1e:c3:e1:f6:fe:a5:88:5b:
- 86:c1:3e:9b:c4:ce:34:6b:51:a1:2b:47:6c:ae:17:c3:b4:c5:
- b4:be:14:47:0a:a3:f3:c5:fb:bb:85:4e:31:74:28:cf:fa:9d:
- 71:e0:93:68:c9:e4:83:33:1d:80:76:2d:cf:38:5b:4d:3e:e5:
- 16:0a:13:d4:ce:31:d9:b3:7b:6d:10:7f:6a:60:39:8a:ff:f2:
- 22:a5
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBDDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
-MTI4MDI1NDEzWhcNMTMxMDI0MDI1NDEzWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3eD3yvlCaukov4wISEwX/DXF
-LAy0B3zBxAW7iBUvJSPbQbAkjlQ7RAJLj2A7E+/5fY1d3DSzE7koXTxLwXZsrv+j
-ekRxdvkLGszfWjecsxLrOJk7hffrE5M0AktUfFL9rVhGcK97LX9WWvOVZlpSKtrD
-sph7L81ELy0kyWopkP0CAwEAAaOB4DCB3TAdBgNVHQ4EFgQUwfgnCw0kghEWX0R5
-IVrnv/guf2EwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBABfMhZgrxcjOMGrImcjVQWg3EuNjLUcz
-sEZ498Q6z4TJWwNhGUBpfmMAFp0Vczkew+H2/qWIW4bBPpvEzjRrUaErR2yuF8O0
-xbS+FEcKo/PF+7uFTjF0KM/6nXHgk2jJ5IMzHYB2Lc84W00+5RYKE9TOMdmze20Q
-f2pgOYr/8iKl
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/16.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 22 (0x16)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 28 02:54:20 2011 GMT
- Not After : Oct 24 02:54:20 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta3/emailAddress=pubCA2_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b8:c0:ed:3f:ee:b2:c4:82:85:82:6e:dc:d2:63:
- 72:d9:d7:73:bf:24:bc:5a:ab:9a:aa:39:dc:01:23:
- 95:40:8b:1c:c4:08:e1:3a:20:a9:f3:21:e4:ca:e9:
- c8:be:48:52:34:35:5f:af:19:60:89:7a:4f:95:e2:
- c2:dc:0a:f2:7a:7d:62:ce:d5:39:55:4e:10:d8:da:
- 90:48:73:69:64:ef:7d:a9:57:a2:f2:6d:e6:db:d0:
- a3:df:2a:a1:c1:f4:c6:44:32:bc:af:d9:bb:5e:c1:
- 39:10:27:fd:1e:6e:9f:dc:65:63:1c:9c:bd:3b:b1:
- 8f:9a:da:82:6e:5b:71:a0:97
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Issuer Alternative Name: critical
- <EMPTY>
-
- Signature Algorithm: sha256WithRSAEncryption
- bd:39:e7:46:37:ef:db:c9:d2:d5:af:3e:ac:5d:36:b3:c8:55:
- 3f:3a:5c:cb:54:33:bb:46:ad:90:a5:5b:29:87:31:c1:f2:7c:
- b0:15:99:93:ce:70:3c:7d:59:8d:3e:ba:ae:f6:77:ae:ee:21:
- 0e:6b:12:de:7c:f7:12:1e:94:81:77:01:ee:3b:15:86:28:f0:
- 13:64:2f:24:fa:15:71:02:53:93:9c:aa:a6:55:f9:75:eb:27:
- f8:09:09:af:7f:77:bf:5c:38:b1:ce:e6:46:60:36:16:83:59:
- 0d:f0:b5:b5:97:82:a7:43:d4:b5:6f:85:cd:77:4f:59:73:49:
- 9c:cb
------BEGIN CERTIFICATE-----
-MIICdTCCAd6gAwIBAgIBFjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
-MTI4MDI1NDIwWhcNMTMxMDI0MDI1NDIwWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0EyX3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0EyX3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuMDtP+6yxIKFgm7c0mNy2ddz
-vyS8WquaqjncASOVQIscxAjhOiCp8yHkyunIvkhSNDVfrxlgiXpPleLC3Aryen1i
-ztU5VU4Q2NqQSHNpZO99qVei8m3m29Cj3yqhwfTGRDK8r9m7XsE5ECf9Hm6f3GVj
-HJy9O7GPmtqCbltxoJcCAwEAAaMhMB8wDwYDVR0TAQH/BAUwAwEB/zAMBgNVHRIB
-Af8EAjAAMA0GCSqGSIb3DQEBCwUAA4GBAL0550Y379vJ0tWvPqxdNrPIVT86XMtU
-M7tGrZClWymHMcHyfLAVmZPOcDx9WY0+uq72d67uIQ5rEt589xIelIF3Ae47FYYo
-8BNkLyT6FXECU5OcqqZV+XXrJ/gJCa9/d79cOLHO5kZgNhaDWQ3wtbWXgqdD1LVv
-hc13T1lzSZzL
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/18.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 24 (0x18)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 1 01:01:01 2009 GMT
- Not After : Jan 2 01:01:01 2009 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA3_ta3/emailAddress=pubCA3_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ba:b1:90:f4:fa:4e:82:56:04:92:7a:d5:d7:23:
- 93:e4:53:47:c2:28:06:c3:a1:6e:ed:7c:02:0e:f6:
- 73:0b:8e:11:75:33:f3:d1:98:c0:ad:37:12:b8:41:
- 1a:57:12:95:5e:63:61:b5:69:97:60:07:6c:6e:4b:
- a5:19:0e:f8:ba:35:9d:7a:f0:5c:74:33:7a:78:24:
- cd:2f:2a:cd:31:84:17:0f:e0:4d:06:ba:92:7a:ae:
- d0:a9:54:80:f1:d2:4d:dc:e9:81:84:ad:c9:74:c0:
- 88:e8:67:63:70:2a:c4:85:75:b8:32:a8:ed:af:2a:
- 6b:63:53:97:27:d3:9d:e6:57
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- A2:91:E3:9A:3E:C3:FD:0E:04:36:9A:5C:34:32:84:C4:91:83:7A:91
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 03:8e:b8:b8:48:41:bd:75:34:8c:80:37:f3:6a:54:32:9a:dd:
- ef:55:e7:fc:b9:87:c3:1e:28:82:3c:09:09:9a:4d:d8:8e:25:
- 7b:4e:bb:b4:e9:45:61:27:25:0b:70:7a:1c:7d:14:da:4a:ff:
- bc:9f:1c:39:47:53:b9:a3:41:b1:15:e5:f7:01:b9:0e:8b:5f:
- a0:31:5e:4e:7d:d4:f0:ba:be:a1:b9:b3:25:d8:bb:b7:3c:0c:
- c9:a1:2e:60:d6:4f:21:a0:6e:2e:1b:40:dd:8c:ee:07:5c:21:
- 88:f7:40:3e:4b:3d:7f:00:bf:41:89:b1:1c:45:04:49:c3:92:
- f8:a5
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBGDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMDkw
-MTAxMDEwMTAxWhcNMDkwMTAyMDEwMTAxWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0EzX3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0EzX3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAurGQ9PpOglYEknrV1yOT5FNH
-wigGw6Fu7XwCDvZzC44RdTPz0ZjArTcSuEEaVxKVXmNhtWmXYAdsbkulGQ74ujWd
-evBcdDN6eCTNLyrNMYQXD+BNBrqSeq7QqVSA8dJN3OmBhK3JdMCI6GdjcCrEhXW4
-MqjtryprY1OXJ9Od5lcCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUopHjmj7D/Q4ENppc
-NDKExJGDepEwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAAOOuLhIQb11NIyAN/NqVDKa3e9V5/y5
-h8MeKII8CQmaTdiOJXtOu7TpRWEnJQtwehx9FNpK/7yfHDlHU7mjQbEV5fcBuQ6L
-X6AxXk591PC6vqG5syXYu7c8DMmhLmDWTyGgbi4bQN2M7gdcIYj3QD5LPX8Av0GJ
-sRxFBEnDkvil
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/1A.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 1 01:01:01 2035 GMT
- Not After : Jan 2 01:01:01 2035 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA4_ta3/emailAddress=pubCA4_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ca:aa:c4:0b:75:27:b8:a2:03:80:fd:5b:9d:db:
- 1d:d1:69:1b:4e:bb:7d:c6:88:db:b6:14:5d:f6:f2:
- ff:45:f3:b6:74:7f:35:b6:a1:97:49:5e:8a:bc:94:
- 36:25:d1:35:34:34:55:0a:e0:7f:e3:c1:1b:fe:27:
- ee:33:53:02:3b:a1:a7:99:ed:f1:d1:b8:1a:91:16:
- ba:83:9c:02:0d:78:0c:1c:79:59:74:bc:f1:0b:21:
- 1a:fa:aa:55:72:a5:b4:39:99:40:1c:77:da:17:d6:
- 6f:a2:14:61:96:5f:c5:14:d8:6c:ec:82:f9:b4:45:
- 76:68:b2:a9:07:ee:94:df:65
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 04:46:EB:13:B6:FE:E1:94:6D:9C:0E:59:20:4B:A2:6C:B1:DA:68:5C
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 06:1e:6c:15:d0:cd:28:6a:c2:c1:0e:3c:f5:8c:4e:0d:ec:53:
- a6:d9:f0:28:06:df:e6:a6:ed:f7:e5:ab:a1:2a:02:f8:17:29:
- 1e:54:ec:83:44:ce:a5:ed:ee:70:33:83:83:1e:31:81:2b:72:
- ee:4d:cd:d5:9c:9c:f3:0d:81:fd:5a:26:1c:c6:3b:27:a9:18:
- 41:96:ee:6b:bc:b4:06:72:1e:97:44:78:21:45:19:1d:38:8b:
- 69:8e:9e:d8:0f:7a:a4:4e:bb:49:8a:a9:37:5c:a5:98:6b:ad:
- f3:29:f3:8c:53:10:1c:af:d9:5f:2a:c7:9a:f8:d5:ce:b1:ba:
- dc:8d
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBGjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
-MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0E0X3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0E0X3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyqrEC3UnuKIDgP1bndsd0Wkb
-Trt9xojbthRd9vL/RfO2dH81tqGXSV6KvJQ2JdE1NDRVCuB/48Eb/ifuM1MCO6Gn
-me3x0bgakRa6g5wCDXgMHHlZdLzxCyEa+qpVcqW0OZlAHHfaF9ZvohRhll/FFNhs
-7IL5tEV2aLKpB+6U32UCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUBEbrE7b+4ZRtnA5Z
-IEuibLHaaFwwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAAYebBXQzShqwsEOPPWMTg3sU6bZ8CgG
-3+am7fflq6EqAvgXKR5U7INEzqXt7nAzg4MeMYErcu5NzdWcnPMNgf1aJhzGOyep
-GEGW7mu8tAZyHpdEeCFFGR04i2mOntgPeqROu0mKqTdcpZhrrfMp84xTEByv2V8q
-x5r41c6xutyN
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/1C.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,62 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 28 (0x1c)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 1 01:01:01 2035 GMT
- Not After : Jan 2 01:01:01 2035 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA5_ta3/emailAddress=pubCA5_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c1:7d:e8:01:87:c0:29:55:4f:e7:82:49:3f:d3:
- 58:23:af:60:58:22:68:d9:fe:67:b4:69:9e:48:ee:
- b9:05:dc:31:85:9d:5e:ba:2f:19:61:97:20:d5:99:
- d9:84:67:50:ce:bf:1b:ef:86:07:70:0e:fd:3f:22:
- a9:16:10:d6:2d:f6:30:23:36:54:28:16:33:d5:58:
- 6c:15:fb:79:2e:af:07:43:77:11:bb:54:e9:e3:e5:
- 5c:5b:5a:67:6f:bb:43:08:4e:c3:a8:77:06:25:92:
- 10:cc:cb:1d:4a:7d:07:1e:83:1e:43:59:bc:b5:56:
- 18:f6:2e:8a:4e:52:bf:fe:c1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 18:C6:4D:FD:87:0A:06:7E:55:86:3A:77:4F:0F:F7:33:67:02:F5:33
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- Signature Algorithm: sha256WithRSAEncryption
- 09:28:d6:10:c6:de:9d:66:c1:a9:d4:83:53:d9:ba:27:a1:64:
- ae:29:c2:07:42:33:b4:3c:1d:e1:8c:0a:c8:38:98:c8:89:d8:
- 98:26:41:75:56:b0:fa:30:d3:b8:ad:9f:47:7b:23:ec:da:99:
- ff:8f:a7:18:56:43:13:bf:ee:19:0f:d8:70:c7:fe:4e:0b:1c:
- 54:e4:af:d5:01:72:a8:19:5e:21:ed:17:90:a1:fe:51:74:c6:
- ba:29:89:e2:74:16:df:a8:89:7a:b3:ce:50:5f:9d:99:e7:76:
- c0:98:38:03:c2:a5:bb:88:bd:57:bc:4d:59:ce:cd:e0:c6:ad:
- 3c:2c
------BEGIN CERTIFICATE-----
-MIIDJTCCAo6gAwIBAgIBHDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
-MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0E1X3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0E1X3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwX3oAYfAKVVP54JJP9NYI69g
-WCJo2f5ntGmeSO65BdwxhZ1eui8ZYZcg1ZnZhGdQzr8b74YHcA79PyKpFhDWLfYw
-IzZUKBYz1VhsFft5Lq8HQ3cRu1Tp4+VcW1pnb7tDCE7DqHcGJZIQzMsdSn0HHoMe
-Q1m8tVYY9i6KTlK//sECAwEAAaOB0DCBzTAdBgNVHQ4EFgQUGMZN/YcKBn5Vhjp3
-Tw/3M2cC9TMwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN
-AQELBQADgYEACSjWEMbenWbBqdSDU9m6J6FkrinCB0IztDwd4YwKyDiYyInYmCZB
-dVaw+jDTuK2fR3sj7NqZ/4+nGFZDE7/uGQ/YcMf+TgscVOSv1QFyqBleIe0XkKH+
-UXTGuimJ4nQW36iJerPOUF+dmed2wJg4A8Klu4i9V7xNWc7N4MatPCw=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/1E.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 30 (0x1e)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
- Validity
- Not Before: Jan 28 02:54:22 2011 GMT
- Not After : Oct 24 02:54:22 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ae:1e:e8:c6:51:70:cc:7b:06:87:47:a1:f0:5a:
- fa:f3:cf:c4:fd:eb:ac:32:d9:ab:dd:36:15:09:71:
- 73:12:a3:6e:16:4a:af:83:33:d9:e0:1c:e8:63:ac:
- c7:8d:79:47:5a:cf:63:67:e1:0d:74:bc:09:16:8b:
- e1:27:24:78:6a:41:a5:c9:2f:4d:49:ef:a2:61:81:
- 45:98:21:b3:2a:d3:89:94:06:18:87:81:90:63:fc:
- 40:17:8d:89:35:6e:c5:68:d5:6d:89:d3:18:e2:07:
- e1:9f:f7:5f:78:24:83:11:c6:e5:0b:77:c3:3f:c9:
- 50:26:39:9c:8b:0d:18:fe:3b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- D3:DE:A8:63:F4:5C:5D:8E:DD:53:9F:D7:9E:90:14:71:D1:21:88:4B
- X509v3 Authority Key Identifier:
- keyid:B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:FC:C0:EE:93:13:43:17:2D
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 87:6d:c1:4d:b1:ea:af:f8:20:d9:dd:d8:cd:e1:60:62:41:a5:
- 5a:58:1e:cc:cb:fa:23:a9:82:fe:2c:54:53:86:f3:52:2f:ab:
- 8d:1b:68:9d:3b:83:e3:fd:37:2f:b5:d0:24:cf:78:98:ff:0a:
- 63:47:0b:c9:52:96:4f:5d:94:e1:28:fa:c4:eb:ea:17:42:6b:
- a2:30:37:bb:54:ac:47:45:55:2a:30:75:54:c9:7f:01:b9:9a:
- 55:3b:4d:bd:e5:29:02:a9:3c:f0:b4:b8:c4:c0:90:34:cd:94:
- 30:97:a8:16:2c:25:c8:da:cc:bd:0e:ea:5b:bf:dd:7b:7f:aa:
- f5:05
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBHjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
-MTI4MDI1NDIyWhcNMTMxMDI0MDI1NDIyWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3Rh
-NDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArh7oxlFwzHsGh0eh8Fr688/E
-/eusMtmr3TYVCXFzEqNuFkqvgzPZ4BzoY6zHjXlHWs9jZ+ENdLwJFovhJyR4akGl
-yS9NSe+iYYFFmCGzKtOJlAYYh4GQY/xAF42JNW7FaNVtidMY4gfhn/dfeCSDEcbl
-C3fDP8lQJjmciw0Y/jsCAwEAAaOB4DCB3TAdBgNVHQ4EFgQU096oY/RcXY7dU5/X
-npAUcdEhiEswgZoGA1UdIwSBkjCBj4AUuahSX5EbKiepCpRUBlIvcoaFnnWhbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG
-9w0BCQEWA3RhNIIJAPzA7pMTQxctMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAIdtwU2x6q/4INnd2M3hYGJBpVpYHszL
-+iOpgv4sVFOG81Ivq40baJ07g+P9Ny+10CTPeJj/CmNHC8lSlk9dlOEo+sTr6hdC
-a6IwN7tUrEdFVSowdVTJfwG5mlU7Tb3lKQKpPPC0uMTAkDTNlDCXqBYsJcjazL0O
-6lu/3Xt/qvUF
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/22.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 34 (0x22)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
- Validity
- Not Before: Jan 28 02:54:24 2011 GMT
- Not After : Oct 24 02:54:24 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta4/emailAddress=pubCA2_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b4:ad:43:56:c0:47:59:45:17:9b:25:94:a6:3f:
- 07:fa:0d:8c:17:bd:1d:ea:b0:14:73:4f:ab:91:ad:
- e5:72:15:a8:c3:5d:d2:37:d3:1c:9f:0d:b5:b1:5d:
- dc:e9:ca:dd:ba:58:de:d7:10:ca:ce:f7:76:4a:da:
- 62:87:04:00:34:ee:d2:2a:32:fa:57:0e:a3:a8:0c:
- f8:98:65:72:9b:65:2d:90:50:be:c0:a2:2e:33:13:
- 55:2f:17:8f:88:83:2a:e9:e0:a1:e1:6d:43:d1:2f:
- a7:6b:4c:a9:67:8f:3d:9d:3c:46:91:c8:fc:b8:38:
- 65:16:c5:60:b8:8a:7e:36:e3
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 7E:D7:20:26:1C:A5:29:A9:33:67:3B:8C:F6:91:31:8E:14:D9:C6:D6
- X509v3 Authority Key Identifier:
- keyid:B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:FC:C0:EE:93:13:43:17:2D
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign
- Signature Algorithm: sha256WithRSAEncryption
- 8a:49:79:6d:e2:18:16:a9:63:8c:a6:4c:78:02:27:7e:2b:99:
- 1f:a0:bd:23:93:6e:32:70:f9:4c:fd:c0:9c:78:11:1c:0e:ee:
- 3c:35:c6:12:70:c3:4b:4a:25:e1:20:75:9d:a0:37:b2:db:7a:
- 62:b2:a2:a6:37:5b:e5:fd:89:ec:bd:23:03:95:38:05:da:92:
- 5e:b4:32:b2:a1:0e:c2:cb:8e:62:01:f7:b5:87:c5:39:4a:40:
- 11:e4:fe:52:c5:ac:b7:c4:ca:4d:7b:c4:3c:79:f6:6f:a0:bc:
- 04:e5:dd:38:a0:e8:86:d5:14:01:bf:f5:01:bb:cc:7a:19:39:
- a8:ff
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBIjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
-MTI4MDI1NDI0WhcNMTMxMDI0MDI1NDI0WjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0EyX3RhNDEZMBcGCSqGSIb3DQEJARYKcHViQ0EyX3Rh
-NDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtK1DVsBHWUUXmyWUpj8H+g2M
-F70d6rAUc0+rka3lchWow13SN9Mcnw21sV3c6crdulje1xDKzvd2StpihwQANO7S
-KjL6Vw6jqAz4mGVym2UtkFC+wKIuMxNVLxePiIMq6eCh4W1D0S+na0ypZ489nTxG
-kcj8uDhlFsVguIp+NuMCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUftcgJhylKakzZzuM
-9pExjhTZxtYwgZoGA1UdIwSBkjCBj4AUuahSX5EbKiepCpRUBlIvcoaFnnWhbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG
-9w0BCQEWA3RhNIIJAPzA7pMTQxctMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4GBAIpJeW3iGBapY4ymTHgCJ34rmR+gvSOT
-bjJw+Uz9wJx4ERwO7jw1xhJww0tKJeEgdZ2gN7LbemKyoqY3W+X9iey9IwOVOAXa
-kl60MrKhDsLLjmIB97WHxTlKQBHk/lLFrLfEyk17xDx59m+gvATl3Tig6IbVFAG/
-9QG7zHoZOaj/
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/24.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,69 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 36 (0x24)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
- Validity
- Not Before: Jan 28 02:54:25 2011 GMT
- Not After : Oct 24 02:54:25 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta5/emailAddress=pubCA1_ta5
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d4:c6:69:11:45:2f:32:b0:20:8d:2d:0f:5c:5e:
- 36:10:ef:63:37:6a:03:b4:62:86:68:8f:fb:72:87:
- 91:15:5f:8e:b5:25:0c:d1:b3:c0:57:28:b5:56:d8:
- 8b:bc:c0:f5:ed:8a:d0:fb:56:45:91:ca:ae:a3:2f:
- f1:36:bf:54:91:c6:93:04:68:17:27:e5:96:fd:92:
- af:8f:5b:62:65:f7:2d:6d:5a:dc:2f:05:44:b7:7d:
- de:49:26:0b:ec:09:71:d0:bd:39:97:5b:0a:c8:80:
- 5b:6b:aa:19:8c:b2:df:73:ea:ce:a3:48:b1:b2:ba:
- 3f:58:3f:75:86:b0:9c:4c:5b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 52:C8:5D:28:0A:C3:1A:23:E7:52:17:1A:67:EB:EF:0F:BC:9F:0F:A7
- X509v3 Authority Key Identifier:
- keyid:62:0A:5F:1E:BA:AD:0B:1E:13:7A:CA:B4:5C:12:64:1F:BF:44:C6:B0
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
- serial:E0:A1:00:60:AE:57:96:B2
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/ta5_crl.pem
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 97:a5:5a:64:29:bd:24:f5:b1:27:11:83:2f:e7:a9:a5:f3:0b:
- 2b:b3:43:1f:74:c8:54:fa:56:5b:4f:7b:a2:3b:bc:db:4d:a6:
- c7:07:fb:52:2d:91:37:6a:fb:f1:c7:2a:54:3d:31:78:85:a5:
- f3:10:bf:05:2e:48:bb:bd:ed:d7:1d:7c:31:b5:4c:41:79:97:
- d6:2e:02:1b:84:77:24:47:57:00:56:a7:89:1c:f5:6d:d3:d8:
- da:69:a3:b9:2b:d2:73:c0:d4:a8:c1:86:4f:ba:04:2b:ea:2f:
- 0b:a4:1d:83:71:02:b5:47:87:13:ec:66:bb:87:6a:af:c2:1d:
- 07:5d
------BEGIN CERTIFICATE-----
-MIIDczCCAtygAwIBAgIBJDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGE1MRIwEAYJKoZIhvcNAQkBFgN0YTUwHhcNMTEw
-MTI4MDI1NDI1WhcNMTMxMDI0MDI1NDI1WjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0ExX3RhNTEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3Rh
-NTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1MZpEUUvMrAgjS0PXF42EO9j
-N2oDtGKGaI/7coeRFV+OtSUM0bPAVyi1VtiLvMD17YrQ+1ZFkcquoy/xNr9UkcaT
-BGgXJ+WW/ZKvj1tiZfctbVrcLwVEt33eSSYL7Alx0L05l1sKyIBba6oZjLLfc+rO
-o0ixsro/WD91hrCcTFsCAwEAAaOCAR0wggEZMB0GA1UdDgQWBBRSyF0oCsMaI+dS
-Fxpn6+8PvJ8PpzCBmgYDVR0jBIGSMIGPgBRiCl8euq0LHhN6yrRcEmQfv0TGsKFs
-pGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
-Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhNTESMBAGCSqG
-SIb3DQEJARYDdGE1ggkA4KEAYK5XlrIwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8E
-MzAxMC+gLaArhilodHRwOi8vbG9jYWxob3N0OjEyMDAxL2ZpbGUvMC90YTVfY3Js
-LnBlbTAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAl6VaZCm9JPWx
-JxGDL+eppfMLK7NDH3TIVPpWW097oju8202mxwf7Ui2RN2r78ccqVD0xeIWl8xC/
-BS5Iu73t1x18MbVMQXmX1i4CG4R3JEdXAFaniRz1bdPY2mmjuSvSc8DUqMGGT7oE
-K+ovC6Qdg3ECtUeHE+xmu4dqr8IdB10=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA1_ta1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 3 (0x3)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=i2_ta1/emailAddress=i2_ta1
- Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta1/emailAddress=pubCA1_ta1
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:df:99:e1:31:21:52:4c:52:21:74:ae:ca:4d:e9:
- 75:6d:3a:23:75:8e:9c:52:a3:3e:53:cf:fb:cd:cc:
- 47:74:d2:8e:5d:65:57:a1:ad:1b:cf:58:23:9e:53:
- 9d:3c:1a:46:60:98:d9:5e:3c:e5:d0:c4:cb:0c:28:
- 59:96:5e:26:c8:1d:29:e9:01:a5:5a:3b:df:9e:1a:
- 85:f4:9d:53:0e:19:81:20:d8:bc:3d:2a:89:e7:8c:
- fe:75:61:45:a5:f7:6a:7f:ad:94:a2:95:4b:58:35:
- 2a:6f:e9:54:4b:2c:bf:07:0a:39:03:7e:c0:96:1b:
- 9e:8f:39:fa:49:3e:d0:4f:6b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- F1:31:DD:AE:13:EF:6C:62:A3:83:98:4D:1F:0D:25:1A:21:28:1E:5D
- X509v3 Authority Key Identifier:
- keyid:4A:49:37:7B:87:42:F2:B2:3F:07:11:1E:FC:AD:31:B2:C9:DA:CD:25
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=i1_ta1/emailAddress=i1_ta1
- serial:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 98:18:b3:7c:e7:02:ff:ac:b5:bd:af:2d:7e:02:5a:f2:db:fd:
- 1a:c8:31:20:44:2a:b4:78:df:87:f4:f5:5d:f0:bb:ee:97:d0:
- 45:db:10:2b:e3:1c:96:45:7b:d1:7c:d7:95:d8:f7:13:d1:2e:
- da:59:09:68:6c:1f:f1:b7:b6:c4:1b:3c:89:38:9e:ff:5a:74:
- 53:18:56:3b:9e:ba:c2:a6:e3:f0:94:85:6a:89:bb:7c:f3:a8:
- 8e:33:c5:54:d1:e1:4c:31:b6:c8:4d:e0:62:36:d6:83:a3:08:
- c4:e7:c4:5c:20:61:b4:8b:5c:05:2c:8c:28:b1:83:2f:68:e8:
- 16:92
------BEGIN CERTIFICATE-----
-MIIDOTCCAqKgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEPMA0GA1UEAxQGaTJfdGExMRUwEwYJKoZIhvcNAQkBFgZpMl90YTEw
-HhcNMTEwMTI4MDI1NDEwWhcNMTMxMDI0MDI1NDEwWjB2MQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTETMBEGA1UEAxQKcHViQ0ExX3RhMTEZMBcGCSqGSIb3DQEJARYKcHVi
-Q0ExX3RhMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA35nhMSFSTFIhdK7K
-Tel1bTojdY6cUqM+U8/7zcxHdNKOXWVXoa0bz1gjnlOdPBpGYJjZXjzl0MTLDChZ
-ll4myB0p6QGlWjvfnhqF9J1TDhmBINi8PSqJ54z+dWFFpfdqf62UopVLWDUqb+lU
-Syy/Bwo5A37Alhuejzn6ST7QT2sCAwEAAaOB3jCB2zAdBgNVHQ4EFgQU8THdrhPv
-bGKjg5hNHw0lGiEoHl0wgZgGA1UdIwSBkDCBjYAUSkk3e4dC8rI/BxEe/K0xssna
-zSWhcqRwMG4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYD
-VQQHEwpNZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQ8wDQYDVQQDFAZpMV90YTEx
-FTATBgkqhkiG9w0BCQEWBmkxX3RhMYIBAjAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
-DwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOBgQCYGLN85wL/rLW9ry1+Alry2/0a
-yDEgRCq0eN+H9PVd8Lvul9BF2xAr4xyWRXvRfNeV2PcT0S7aWQlobB/xt7bEGzyJ
-OJ7/WnRTGFY7nrrCpuPwlIVqibt886iOM8VU0eFMMbbITeBiNtaDowjE58RcIGG0
-i1wFLIwosYMvaOgWkg==
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA1_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 12 (0xc)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta3/emailAddress=pubCA1_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:dd:e0:f7:ca:f9:42:6a:e9:28:bf:8c:08:48:4c:
- 17:fc:35:c5:2c:0c:b4:07:7c:c1:c4:05:bb:88:15:
- 2f:25:23:db:41:b0:24:8e:54:3b:44:02:4b:8f:60:
- 3b:13:ef:f9:7d:8d:5d:dc:34:b3:13:b9:28:5d:3c:
- 4b:c1:76:6c:ae:ff:a3:7a:44:71:76:f9:0b:1a:cc:
- df:5a:37:9c:b3:12:eb:38:99:3b:85:f7:eb:13:93:
- 34:02:4b:54:7c:52:fd:ad:58:46:70:af:7b:2d:7f:
- 56:5a:f3:95:66:5a:52:2a:da:c3:b2:98:7b:2f:cd:
- 44:2f:2d:24:c9:6a:29:90:fd
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- C1:F8:27:0B:0D:24:82:11:16:5F:44:79:21:5A:E7:BF:F8:2E:7F:61
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 17:cc:85:98:2b:c5:c8:ce:30:6a:c8:99:c8:d5:41:68:37:12:
- e3:63:2d:47:33:b0:46:78:f7:c4:3a:cf:84:c9:5b:03:61:19:
- 40:69:7e:63:00:16:9d:15:73:39:1e:c3:e1:f6:fe:a5:88:5b:
- 86:c1:3e:9b:c4:ce:34:6b:51:a1:2b:47:6c:ae:17:c3:b4:c5:
- b4:be:14:47:0a:a3:f3:c5:fb:bb:85:4e:31:74:28:cf:fa:9d:
- 71:e0:93:68:c9:e4:83:33:1d:80:76:2d:cf:38:5b:4d:3e:e5:
- 16:0a:13:d4:ce:31:d9:b3:7b:6d:10:7f:6a:60:39:8a:ff:f2:
- 22:a5
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBDDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
-MTI4MDI1NDEzWhcNMTMxMDI0MDI1NDEzWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0ExX3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3eD3yvlCaukov4wISEwX/DXF
-LAy0B3zBxAW7iBUvJSPbQbAkjlQ7RAJLj2A7E+/5fY1d3DSzE7koXTxLwXZsrv+j
-ekRxdvkLGszfWjecsxLrOJk7hffrE5M0AktUfFL9rVhGcK97LX9WWvOVZlpSKtrD
-sph7L81ELy0kyWopkP0CAwEAAaOB4DCB3TAdBgNVHQ4EFgQUwfgnCw0kghEWX0R5
-IVrnv/guf2EwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBABfMhZgrxcjOMGrImcjVQWg3EuNjLUcz
-sEZ498Q6z4TJWwNhGUBpfmMAFp0Vczkew+H2/qWIW4bBPpvEzjRrUaErR2yuF8O0
-xbS+FEcKo/PF+7uFTjF0KM/6nXHgk2jJ5IMzHYB2Lc84W00+5RYKE9TOMdmze20Q
-f2pgOYr/8iKl
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA1_ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 30 (0x1e)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
- Validity
- Not Before: Jan 28 02:54:22 2011 GMT
- Not After : Oct 24 02:54:22 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta4/emailAddress=pubCA1_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ae:1e:e8:c6:51:70:cc:7b:06:87:47:a1:f0:5a:
- fa:f3:cf:c4:fd:eb:ac:32:d9:ab:dd:36:15:09:71:
- 73:12:a3:6e:16:4a:af:83:33:d9:e0:1c:e8:63:ac:
- c7:8d:79:47:5a:cf:63:67:e1:0d:74:bc:09:16:8b:
- e1:27:24:78:6a:41:a5:c9:2f:4d:49:ef:a2:61:81:
- 45:98:21:b3:2a:d3:89:94:06:18:87:81:90:63:fc:
- 40:17:8d:89:35:6e:c5:68:d5:6d:89:d3:18:e2:07:
- e1:9f:f7:5f:78:24:83:11:c6:e5:0b:77:c3:3f:c9:
- 50:26:39:9c:8b:0d:18:fe:3b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- D3:DE:A8:63:F4:5C:5D:8E:DD:53:9F:D7:9E:90:14:71:D1:21:88:4B
- X509v3 Authority Key Identifier:
- keyid:B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:FC:C0:EE:93:13:43:17:2D
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 87:6d:c1:4d:b1:ea:af:f8:20:d9:dd:d8:cd:e1:60:62:41:a5:
- 5a:58:1e:cc:cb:fa:23:a9:82:fe:2c:54:53:86:f3:52:2f:ab:
- 8d:1b:68:9d:3b:83:e3:fd:37:2f:b5:d0:24:cf:78:98:ff:0a:
- 63:47:0b:c9:52:96:4f:5d:94:e1:28:fa:c4:eb:ea:17:42:6b:
- a2:30:37:bb:54:ac:47:45:55:2a:30:75:54:c9:7f:01:b9:9a:
- 55:3b:4d:bd:e5:29:02:a9:3c:f0:b4:b8:c4:c0:90:34:cd:94:
- 30:97:a8:16:2c:25:c8:da:cc:bd:0e:ea:5b:bf:dd:7b:7f:aa:
- f5:05
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBHjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
-MTI4MDI1NDIyWhcNMTMxMDI0MDI1NDIyWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0ExX3RhNDEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3Rh
-NDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArh7oxlFwzHsGh0eh8Fr688/E
-/eusMtmr3TYVCXFzEqNuFkqvgzPZ4BzoY6zHjXlHWs9jZ+ENdLwJFovhJyR4akGl
-yS9NSe+iYYFFmCGzKtOJlAYYh4GQY/xAF42JNW7FaNVtidMY4gfhn/dfeCSDEcbl
-C3fDP8lQJjmciw0Y/jsCAwEAAaOB4DCB3TAdBgNVHQ4EFgQU096oY/RcXY7dU5/X
-npAUcdEhiEswgZoGA1UdIwSBkjCBj4AUuahSX5EbKiepCpRUBlIvcoaFnnWhbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG
-9w0BCQEWA3RhNIIJAPzA7pMTQxctMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAIdtwU2x6q/4INnd2M3hYGJBpVpYHszL
-+iOpgv4sVFOG81Ivq40baJ07g+P9Ny+10CTPeJj/CmNHC8lSlk9dlOEo+sTr6hdC
-a6IwN7tUrEdFVSowdVTJfwG5mlU7Tb3lKQKpPPC0uMTAkDTNlDCXqBYsJcjazL0O
-6lu/3Xt/qvUF
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA1_ta5_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,69 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 36 (0x24)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
- Validity
- Not Before: Jan 28 02:54:25 2011 GMT
- Not After : Oct 24 02:54:25 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA1_ta5/emailAddress=pubCA1_ta5
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:d4:c6:69:11:45:2f:32:b0:20:8d:2d:0f:5c:5e:
- 36:10:ef:63:37:6a:03:b4:62:86:68:8f:fb:72:87:
- 91:15:5f:8e:b5:25:0c:d1:b3:c0:57:28:b5:56:d8:
- 8b:bc:c0:f5:ed:8a:d0:fb:56:45:91:ca:ae:a3:2f:
- f1:36:bf:54:91:c6:93:04:68:17:27:e5:96:fd:92:
- af:8f:5b:62:65:f7:2d:6d:5a:dc:2f:05:44:b7:7d:
- de:49:26:0b:ec:09:71:d0:bd:39:97:5b:0a:c8:80:
- 5b:6b:aa:19:8c:b2:df:73:ea:ce:a3:48:b1:b2:ba:
- 3f:58:3f:75:86:b0:9c:4c:5b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 52:C8:5D:28:0A:C3:1A:23:E7:52:17:1A:67:EB:EF:0F:BC:9F:0F:A7
- X509v3 Authority Key Identifier:
- keyid:62:0A:5F:1E:BA:AD:0B:1E:13:7A:CA:B4:5C:12:64:1F:BF:44:C6:B0
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
- serial:E0:A1:00:60:AE:57:96:B2
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 CRL Distribution Points:
- URI:http://localhost:12001/file/0/ta5_crl.pem
-
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 97:a5:5a:64:29:bd:24:f5:b1:27:11:83:2f:e7:a9:a5:f3:0b:
- 2b:b3:43:1f:74:c8:54:fa:56:5b:4f:7b:a2:3b:bc:db:4d:a6:
- c7:07:fb:52:2d:91:37:6a:fb:f1:c7:2a:54:3d:31:78:85:a5:
- f3:10:bf:05:2e:48:bb:bd:ed:d7:1d:7c:31:b5:4c:41:79:97:
- d6:2e:02:1b:84:77:24:47:57:00:56:a7:89:1c:f5:6d:d3:d8:
- da:69:a3:b9:2b:d2:73:c0:d4:a8:c1:86:4f:ba:04:2b:ea:2f:
- 0b:a4:1d:83:71:02:b5:47:87:13:ec:66:bb:87:6a:af:c2:1d:
- 07:5d
------BEGIN CERTIFICATE-----
-MIIDczCCAtygAwIBAgIBJDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGE1MRIwEAYJKoZIhvcNAQkBFgN0YTUwHhcNMTEw
-MTI4MDI1NDI1WhcNMTMxMDI0MDI1NDI1WjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0ExX3RhNTEZMBcGCSqGSIb3DQEJARYKcHViQ0ExX3Rh
-NTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1MZpEUUvMrAgjS0PXF42EO9j
-N2oDtGKGaI/7coeRFV+OtSUM0bPAVyi1VtiLvMD17YrQ+1ZFkcquoy/xNr9UkcaT
-BGgXJ+WW/ZKvj1tiZfctbVrcLwVEt33eSSYL7Alx0L05l1sKyIBba6oZjLLfc+rO
-o0ixsro/WD91hrCcTFsCAwEAAaOCAR0wggEZMB0GA1UdDgQWBBRSyF0oCsMaI+dS
-Fxpn6+8PvJ8PpzCBmgYDVR0jBIGSMIGPgBRiCl8euq0LHhN6yrRcEmQfv0TGsKFs
-pGowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEzARBgNVBAcT
-Ck1lbmxvIFBhcmsxDTALBgNVBAoTBHBrZzUxDDAKBgNVBAMTA3RhNTESMBAGCSqG
-SIb3DQEJARYDdGE1ggkA4KEAYK5XlrIwDwYDVR0TAQH/BAUwAwEB/zA6BgNVHR8E
-MzAxMC+gLaArhilodHRwOi8vbG9jYWxob3N0OjEyMDAxL2ZpbGUvMC90YTVfY3Js
-LnBlbTAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADgYEAl6VaZCm9JPWx
-JxGDL+eppfMLK7NDH3TIVPpWW097oju8202mxwf7Ui2RN2r78ccqVD0xeIWl8xC/
-BS5Iu73t1x18MbVMQXmX1i4CG4R3JEdXAFaniRz1bdPY2mmjuSvSc8DUqMGGT7oE
-K+ovC6Qdg3ECtUeHE+xmu4dqr8IdB10=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA2_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 22 (0x16)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 28 02:54:20 2011 GMT
- Not After : Oct 24 02:54:20 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta3/emailAddress=pubCA2_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b8:c0:ed:3f:ee:b2:c4:82:85:82:6e:dc:d2:63:
- 72:d9:d7:73:bf:24:bc:5a:ab:9a:aa:39:dc:01:23:
- 95:40:8b:1c:c4:08:e1:3a:20:a9:f3:21:e4:ca:e9:
- c8:be:48:52:34:35:5f:af:19:60:89:7a:4f:95:e2:
- c2:dc:0a:f2:7a:7d:62:ce:d5:39:55:4e:10:d8:da:
- 90:48:73:69:64:ef:7d:a9:57:a2:f2:6d:e6:db:d0:
- a3:df:2a:a1:c1:f4:c6:44:32:bc:af:d9:bb:5e:c1:
- 39:10:27:fd:1e:6e:9f:dc:65:63:1c:9c:bd:3b:b1:
- 8f:9a:da:82:6e:5b:71:a0:97
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Issuer Alternative Name: critical
- <EMPTY>
-
- Signature Algorithm: sha256WithRSAEncryption
- bd:39:e7:46:37:ef:db:c9:d2:d5:af:3e:ac:5d:36:b3:c8:55:
- 3f:3a:5c:cb:54:33:bb:46:ad:90:a5:5b:29:87:31:c1:f2:7c:
- b0:15:99:93:ce:70:3c:7d:59:8d:3e:ba:ae:f6:77:ae:ee:21:
- 0e:6b:12:de:7c:f7:12:1e:94:81:77:01:ee:3b:15:86:28:f0:
- 13:64:2f:24:fa:15:71:02:53:93:9c:aa:a6:55:f9:75:eb:27:
- f8:09:09:af:7f:77:bf:5c:38:b1:ce:e6:46:60:36:16:83:59:
- 0d:f0:b5:b5:97:82:a7:43:d4:b5:6f:85:cd:77:4f:59:73:49:
- 9c:cb
------BEGIN CERTIFICATE-----
-MIICdTCCAd6gAwIBAgIBFjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMTEw
-MTI4MDI1NDIwWhcNMTMxMDI0MDI1NDIwWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0EyX3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0EyX3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuMDtP+6yxIKFgm7c0mNy2ddz
-vyS8WquaqjncASOVQIscxAjhOiCp8yHkyunIvkhSNDVfrxlgiXpPleLC3Aryen1i
-ztU5VU4Q2NqQSHNpZO99qVei8m3m29Cj3yqhwfTGRDK8r9m7XsE5ECf9Hm6f3GVj
-HJy9O7GPmtqCbltxoJcCAwEAAaMhMB8wDwYDVR0TAQH/BAUwAwEB/zAMBgNVHRIB
-Af8EAjAAMA0GCSqGSIb3DQEBCwUAA4GBAL0550Y379vJ0tWvPqxdNrPIVT86XMtU
-M7tGrZClWymHMcHyfLAVmZPOcDx9WY0+uq72d67uIQ5rEt589xIelIF3Ae47FYYo
-8BNkLyT6FXECU5OcqqZV+XXrJ/gJCa9/d79cOLHO5kZgNhaDWQ3wtbWXgqdD1LVv
-hc13T1lzSZzL
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA2_ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 34 (0x22)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
- Validity
- Not Before: Jan 28 02:54:24 2011 GMT
- Not After : Oct 24 02:54:24 2013 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA2_ta4/emailAddress=pubCA2_ta4
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b4:ad:43:56:c0:47:59:45:17:9b:25:94:a6:3f:
- 07:fa:0d:8c:17:bd:1d:ea:b0:14:73:4f:ab:91:ad:
- e5:72:15:a8:c3:5d:d2:37:d3:1c:9f:0d:b5:b1:5d:
- dc:e9:ca:dd:ba:58:de:d7:10:ca:ce:f7:76:4a:da:
- 62:87:04:00:34:ee:d2:2a:32:fa:57:0e:a3:a8:0c:
- f8:98:65:72:9b:65:2d:90:50:be:c0:a2:2e:33:13:
- 55:2f:17:8f:88:83:2a:e9:e0:a1:e1:6d:43:d1:2f:
- a7:6b:4c:a9:67:8f:3d:9d:3c:46:91:c8:fc:b8:38:
- 65:16:c5:60:b8:8a:7e:36:e3
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 7E:D7:20:26:1C:A5:29:A9:33:67:3B:8C:F6:91:31:8E:14:D9:C6:D6
- X509v3 Authority Key Identifier:
- keyid:B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:FC:C0:EE:93:13:43:17:2D
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign
- Signature Algorithm: sha256WithRSAEncryption
- 8a:49:79:6d:e2:18:16:a9:63:8c:a6:4c:78:02:27:7e:2b:99:
- 1f:a0:bd:23:93:6e:32:70:f9:4c:fd:c0:9c:78:11:1c:0e:ee:
- 3c:35:c6:12:70:c3:4b:4a:25:e1:20:75:9d:a0:37:b2:db:7a:
- 62:b2:a2:a6:37:5b:e5:fd:89:ec:bd:23:03:95:38:05:da:92:
- 5e:b4:32:b2:a1:0e:c2:cb:8e:62:01:f7:b5:87:c5:39:4a:40:
- 11:e4:fe:52:c5:ac:b7:c4:ca:4d:7b:c4:3c:79:f6:6f:a0:bc:
- 04:e5:dd:38:a0:e8:86:d5:14:01:bf:f5:01:bb:cc:7a:19:39:
- a8:ff
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBIjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGE0MRIwEAYJKoZIhvcNAQkBFgN0YTQwHhcNMTEw
-MTI4MDI1NDI0WhcNMTMxMDI0MDI1NDI0WjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0EyX3RhNDEZMBcGCSqGSIb3DQEJARYKcHViQ0EyX3Rh
-NDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtK1DVsBHWUUXmyWUpj8H+g2M
-F70d6rAUc0+rka3lchWow13SN9Mcnw21sV3c6crdulje1xDKzvd2StpihwQANO7S
-KjL6Vw6jqAz4mGVym2UtkFC+wKIuMxNVLxePiIMq6eCh4W1D0S+na0ypZ489nTxG
-kcj8uDhlFsVguIp+NuMCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUftcgJhylKakzZzuM
-9pExjhTZxtYwgZoGA1UdIwSBkjCBj4AUuahSX5EbKiepCpRUBlIvcoaFnnWhbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG
-9w0BCQEWA3RhNIIJAPzA7pMTQxctMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4GBAIpJeW3iGBapY4ymTHgCJ34rmR+gvSOT
-bjJw+Uz9wJx4ERwO7jw1xhJww0tKJeEgdZ2gN7LbemKyoqY3W+X9iey9IwOVOAXa
-kl60MrKhDsLLjmIB97WHxTlKQBHk/lLFrLfEyk17xDx59m+gvATl3Tig6IbVFAG/
-9QG7zHoZOaj/
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA3_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 24 (0x18)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 1 01:01:01 2009 GMT
- Not After : Jan 2 01:01:01 2009 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA3_ta3/emailAddress=pubCA3_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ba:b1:90:f4:fa:4e:82:56:04:92:7a:d5:d7:23:
- 93:e4:53:47:c2:28:06:c3:a1:6e:ed:7c:02:0e:f6:
- 73:0b:8e:11:75:33:f3:d1:98:c0:ad:37:12:b8:41:
- 1a:57:12:95:5e:63:61:b5:69:97:60:07:6c:6e:4b:
- a5:19:0e:f8:ba:35:9d:7a:f0:5c:74:33:7a:78:24:
- cd:2f:2a:cd:31:84:17:0f:e0:4d:06:ba:92:7a:ae:
- d0:a9:54:80:f1:d2:4d:dc:e9:81:84:ad:c9:74:c0:
- 88:e8:67:63:70:2a:c4:85:75:b8:32:a8:ed:af:2a:
- 6b:63:53:97:27:d3:9d:e6:57
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- A2:91:E3:9A:3E:C3:FD:0E:04:36:9A:5C:34:32:84:C4:91:83:7A:91
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 03:8e:b8:b8:48:41:bd:75:34:8c:80:37:f3:6a:54:32:9a:dd:
- ef:55:e7:fc:b9:87:c3:1e:28:82:3c:09:09:9a:4d:d8:8e:25:
- 7b:4e:bb:b4:e9:45:61:27:25:0b:70:7a:1c:7d:14:da:4a:ff:
- bc:9f:1c:39:47:53:b9:a3:41:b1:15:e5:f7:01:b9:0e:8b:5f:
- a0:31:5e:4e:7d:d4:f0:ba:be:a1:b9:b3:25:d8:bb:b7:3c:0c:
- c9:a1:2e:60:d6:4f:21:a0:6e:2e:1b:40:dd:8c:ee:07:5c:21:
- 88:f7:40:3e:4b:3d:7f:00:bf:41:89:b1:1c:45:04:49:c3:92:
- f8:a5
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBGDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMDkw
-MTAxMDEwMTAxWhcNMDkwMTAyMDEwMTAxWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0EzX3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0EzX3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAurGQ9PpOglYEknrV1yOT5FNH
-wigGw6Fu7XwCDvZzC44RdTPz0ZjArTcSuEEaVxKVXmNhtWmXYAdsbkulGQ74ujWd
-evBcdDN6eCTNLyrNMYQXD+BNBrqSeq7QqVSA8dJN3OmBhK3JdMCI6GdjcCrEhXW4
-MqjtryprY1OXJ9Od5lcCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUopHjmj7D/Q4ENppc
-NDKExJGDepEwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAAOOuLhIQb11NIyAN/NqVDKa3e9V5/y5
-h8MeKII8CQmaTdiOJXtOu7TpRWEnJQtwehx9FNpK/7yfHDlHU7mjQbEV5fcBuQ6L
-X6AxXk591PC6vqG5syXYu7c8DMmhLmDWTyGgbi4bQN2M7gdcIYj3QD5LPX8Av0GJ
-sRxFBEnDkvil
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA4_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 26 (0x1a)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 1 01:01:01 2035 GMT
- Not After : Jan 2 01:01:01 2035 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA4_ta3/emailAddress=pubCA4_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:ca:aa:c4:0b:75:27:b8:a2:03:80:fd:5b:9d:db:
- 1d:d1:69:1b:4e:bb:7d:c6:88:db:b6:14:5d:f6:f2:
- ff:45:f3:b6:74:7f:35:b6:a1:97:49:5e:8a:bc:94:
- 36:25:d1:35:34:34:55:0a:e0:7f:e3:c1:1b:fe:27:
- ee:33:53:02:3b:a1:a7:99:ed:f1:d1:b8:1a:91:16:
- ba:83:9c:02:0d:78:0c:1c:79:59:74:bc:f1:0b:21:
- 1a:fa:aa:55:72:a5:b4:39:99:40:1c:77:da:17:d6:
- 6f:a2:14:61:96:5f:c5:14:d8:6c:ec:82:f9:b4:45:
- 76:68:b2:a9:07:ee:94:df:65
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 04:46:EB:13:B6:FE:E1:94:6D:9C:0E:59:20:4B:A2:6C:B1:DA:68:5C
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- X509v3 Key Usage: critical
- Certificate Sign, CRL Sign
- Signature Algorithm: sha256WithRSAEncryption
- 06:1e:6c:15:d0:cd:28:6a:c2:c1:0e:3c:f5:8c:4e:0d:ec:53:
- a6:d9:f0:28:06:df:e6:a6:ed:f7:e5:ab:a1:2a:02:f8:17:29:
- 1e:54:ec:83:44:ce:a5:ed:ee:70:33:83:83:1e:31:81:2b:72:
- ee:4d:cd:d5:9c:9c:f3:0d:81:fd:5a:26:1c:c6:3b:27:a9:18:
- 41:96:ee:6b:bc:b4:06:72:1e:97:44:78:21:45:19:1d:38:8b:
- 69:8e:9e:d8:0f:7a:a4:4e:bb:49:8a:a9:37:5c:a5:98:6b:ad:
- f3:29:f3:8c:53:10:1c:af:d9:5f:2a:c7:9a:f8:d5:ce:b1:ba:
- dc:8d
------BEGIN CERTIFICATE-----
-MIIDNTCCAp6gAwIBAgIBGjANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
-MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0E0X3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0E0X3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyqrEC3UnuKIDgP1bndsd0Wkb
-Trt9xojbthRd9vL/RfO2dH81tqGXSV6KvJQ2JdE1NDRVCuB/48Eb/ifuM1MCO6Gn
-me3x0bgakRa6g5wCDXgMHHlZdLzxCyEa+qpVcqW0OZlAHHfaF9ZvohRhll/FFNhs
-7IL5tEV2aLKpB+6U32UCAwEAAaOB4DCB3TAdBgNVHQ4EFgQUBEbrE7b+4ZRtnA5Z
-IEuibLHaaFwwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4GBAAYebBXQzShqwsEOPPWMTg3sU6bZ8CgG
-3+am7fflq6EqAvgXKR5U7INEzqXt7nAzg4MeMYErcu5NzdWcnPMNgf1aJhzGOyep
-GEGW7mu8tAZyHpdEeCFFGR04i2mOntgPeqROu0mKqTdcpZhrrfMp84xTEByv2V8q
-x5r41c6xutyN
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/publisher_cas/pubCA5_ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,62 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 28 (0x1c)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
- Validity
- Not Before: Jan 1 01:01:01 2035 GMT
- Not After : Jan 2 01:01:01 2035 GMT
- Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=pubCA5_ta3/emailAddress=pubCA5_ta3
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:c1:7d:e8:01:87:c0:29:55:4f:e7:82:49:3f:d3:
- 58:23:af:60:58:22:68:d9:fe:67:b4:69:9e:48:ee:
- b9:05:dc:31:85:9d:5e:ba:2f:19:61:97:20:d5:99:
- d9:84:67:50:ce:bf:1b:ef:86:07:70:0e:fd:3f:22:
- a9:16:10:d6:2d:f6:30:23:36:54:28:16:33:d5:58:
- 6c:15:fb:79:2e:af:07:43:77:11:bb:54:e9:e3:e5:
- 5c:5b:5a:67:6f:bb:43:08:4e:c3:a8:77:06:25:92:
- 10:cc:cb:1d:4a:7d:07:1e:83:1e:43:59:bc:b5:56:
- 18:f6:2e:8a:4e:52:bf:fe:c1
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 18:C6:4D:FD:87:0A:06:7E:55:86:3A:77:4F:0F:F7:33:67:02:F5:33
- X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
- DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
-
- X509v3 Basic Constraints: critical
- CA:TRUE
- Signature Algorithm: sha256WithRSAEncryption
- 09:28:d6:10:c6:de:9d:66:c1:a9:d4:83:53:d9:ba:27:a1:64:
- ae:29:c2:07:42:33:b4:3c:1d:e1:8c:0a:c8:38:98:c8:89:d8:
- 98:26:41:75:56:b0:fa:30:d3:b8:ad:9f:47:7b:23:ec:da:99:
- ff:8f:a7:18:56:43:13:bf:ee:19:0f:d8:70:c7:fe:4e:0b:1c:
- 54:e4:af:d5:01:72:a8:19:5e:21:ed:17:90:a1:fe:51:74:c6:
- ba:29:89:e2:74:16:df:a8:89:7a:b3:ce:50:5f:9d:99:e7:76:
- c0:98:38:03:c2:a5:bb:88:bd:57:bc:4d:59:ce:cd:e0:c6:ad:
- 3c:2c
------BEGIN CERTIFICATE-----
-MIIDJTCCAo6gAwIBAgIBHDANBgkqhkiG9w0BAQsFADBoMQswCQYDVQQGEwJVUzET
-MBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UE
-ChMEcGtnNTEMMAoGA1UEAxMDdGEzMRIwEAYJKoZIhvcNAQkBFgN0YTMwHhcNMzUw
-MTAxMDEwMTAxWhcNMzUwMTAyMDEwMTAxWjB2MQswCQYDVQQGEwJVUzETMBEGA1UE
-CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazENMAsGA1UEChMEcGtn
-NTETMBEGA1UEAxQKcHViQ0E1X3RhMzEZMBcGCSqGSIb3DQEJARYKcHViQ0E1X3Rh
-MzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwX3oAYfAKVVP54JJP9NYI69g
-WCJo2f5ntGmeSO65BdwxhZ1eui8ZYZcg1ZnZhGdQzr8b74YHcA79PyKpFhDWLfYw
-IzZUKBYz1VhsFft5Lq8HQ3cRu1Tp4+VcW1pnb7tDCE7DqHcGJZIQzMsdSn0HHoMe
-Q1m8tVYY9i6KTlK//sECAwEAAaOB0DCBzTAdBgNVHQ4EFgQUGMZN/YcKBn5Vhjp3
-Tw/3M2cC9TMwgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRq
-MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpN
-ZW5sbyBQYXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG
-9w0BCQEWA3RhM4IJAJgpjTih59ECMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN
-AQELBQADgYEACSjWEMbenWbBqdSDU9m6J6FkrinCB0IztDwd4YwKyDiYyInYmCZB
-dVaw+jDTuK2fR3sj7NqZ/4+nGFZDE7/uGQ/YcMf+TgscVOSv1QFyqBleIe0XkKH+
-UXTGuimJ4nQW36iJerPOUF+dmed2wJg4A8Klu4i9V7xNWc7N4MatPCw=
------END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/serial Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/serial Wed Apr 06 18:06:57 2011 -0700
@@ -1,1 +1,1 @@
-26
+2A
--- a/src/tests/ro_data/signing_certs/produced/ta1/ta1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/ta1/ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- c1:e4:f1:a8:14:c7:a7:58
+ de:88:28:ec:1b:64:08:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:a4:e5:50:4f:dd:85:ff:70:fd:e9:82:c0:b4:44:
- 4e:3f:50:5e:32:57:52:9e:1d:ce:96:a4:36:38:5f:
- 2c:c0:41:27:a7:4d:f4:04:d8:05:71:b3:56:a4:09:
- 32:26:38:f8:17:a6:d7:e8:4c:f6:64:56:e0:fb:fa:
- 6b:41:44:9c:06:fe:f1:99:35:d5:bb:66:8c:12:f6:
- ab:cd:90:02:df:94:97:5e:8c:94:89:8a:8f:2e:8b:
- 8a:3c:0a:85:2f:9a:25:34:ad:b4:82:e4:04:4d:a8:
- 8b:dc:b4:42:58:3d:c1:0f:85:28:d7:25:22:02:b8:
- 09:f2:23:2e:57:eb:dd:e3:31
+ 00:d6:e9:55:f5:86:01:d5:2b:dd:52:6e:82:89:dc:
+ 7a:23:a2:8b:32:28:af:09:2b:37:f4:98:d9:2d:3d:
+ b6:d3:58:6d:4d:f9:e5:af:40:aa:41:8e:ca:6a:11:
+ 28:6e:bd:17:ee:17:5f:22:c3:15:99:65:3d:fc:b6:
+ 16:bc:5a:fb:bd:a7:15:b0:ff:f6:5d:19:20:3c:f5:
+ 78:54:19:75:cc:61:82:6f:bc:bb:1a:5f:c8:37:7a:
+ b0:c0:5e:30:27:a1:aa:b2:87:4d:10:57:fc:2d:d6:
+ 17:6d:b0:39:bd:06:b5:0f:ce:d1:00:2f:85:35:ad:
+ c8:72:39:e5:2c:e4:06:2a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 15:AB:A2:AB:34:BD:EB:C4:C9:AE:0D:82:51:00:DD:2D:B1:1D:1A:7B
+ 06:D0:C0:FB:C5:79:67:F9:F9:10:92:CA:81:5B:5F:92:D8:D8:9F:A6
X509v3 Authority Key Identifier:
- keyid:15:AB:A2:AB:34:BD:EB:C4:C9:AE:0D:82:51:00:DD:2D:B1:1D:1A:7B
+ keyid:06:D0:C0:FB:C5:79:67:F9:F9:10:92:CA:81:5B:5F:92:D8:D8:9F:A6
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
- serial:C1:E4:F1:A8:14:C7:A7:58
+ serial:DE:88:28:EC:1B:64:08:9C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 4c:dc:c9:ca:75:c0:d1:87:da:b1:43:63:b9:41:2c:d1:05:78:
- 17:80:0a:63:8e:ea:a8:2a:8b:84:75:2a:ef:17:d1:5e:d9:78:
- c5:4f:fb:b1:cb:16:93:fe:1b:b1:4f:4c:f2:b8:80:60:1a:34:
- ff:d2:c3:99:6a:94:4a:00:4b:08:ea:b1:a6:1c:61:d1:8c:a3:
- 05:08:34:24:c7:6d:4a:7a:af:b0:1b:62:55:38:0d:fb:5e:ce:
- 4b:49:6f:c1:1b:0c:a6:7b:00:a8:e9:42:37:6b:1f:4c:4e:c6:
- 52:9c:cd:f0:86:39:68:b8:a4:51:e6:9a:4a:70:ef:60:e7:51:
- 7d:4a
+ a5:e8:f1:e8:94:a3:87:7b:60:62:54:0b:7d:b6:02:16:6f:cf:
+ 05:10:1e:fc:99:36:f2:a7:22:40:41:9b:a5:c2:6a:c7:2d:87:
+ 6b:1d:4d:d6:9e:1c:15:20:5f:62:f2:51:b8:6a:f5:2b:75:b7:
+ aa:21:aa:9c:e2:88:e0:74:ce:4e:84:a1:28:fb:24:c7:bb:6f:
+ d5:e3:f6:36:57:fe:1e:ba:98:ab:82:51:fa:33:75:93:a5:bb:
+ fb:8f:00:54:fd:e4:fd:00:f7:e2:84:ed:71:3e:e8:66:3a:82:
+ f2:70:d6:ee:2b:d9:b9:07:50:6f:d6:86:04:5a:bf:64:07:bd:
+ 2f:70
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAMHk8agUx6dYMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAN6IKOwbZAicMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEWA3Rh
-MTAeFw0xMTAxMjgwMjU0MTBaFw0xMzEwMjQwMjU0MTBaMGgxCzAJBgNVBAYTAlVT
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEWA3RhMTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApOVQT92F/3D96YLAtEROP1BeMldSnh3O
-lqQ2OF8swEEnp030BNgFcbNWpAkyJjj4F6bX6Ez2ZFbg+/prQUScBv7xmTXVu2aM
-EvarzZAC35SXXoyUiYqPLouKPAqFL5olNK20guQETaiL3LRCWD3BD4Uo1yUiArgJ
-8iMuV+vd4zECAwEAAaOBzTCByjAdBgNVHQ4EFgQUFauiqzS968TJrg2CUQDdLbEd
-GnswgZoGA1UdIwSBkjCBj4AUFauiqzS968TJrg2CUQDdLbEdGnuhbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1ulV9YYB1SvdUm6Cidx6I6KLMiivCSs3
+9JjZLT2201htTfnlr0CqQY7KahEobr0X7hdfIsMVmWU9/LYWvFr7vacVsP/2XRkg
+PPV4VBl1zGGCb7y7Gl/IN3qwwF4wJ6GqsodNEFf8LdYXbbA5vQa1D87RAC+FNa3I
+cjnlLOQGKhsCAwEAAaOBzTCByjAdBgNVHQ4EFgQUBtDA+8V5Z/n5EJLKgVtfktjY
+n6YwgZoGA1UdIwSBkjCBj4AUBtDA+8V5Z/n5EJLKgVtfktjYn6ahbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEW
-A3RhMYIJAMHk8agUx6dYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-TNzJynXA0YfasUNjuUEs0QV4F4AKY47qqCqLhHUq7xfRXtl4xU/7scsWk/4bsU9M
-8riAYBo0/9LDmWqUSgBLCOqxphxh0YyjBQg0JMdtSnqvsBtiVTgN+17OS0lvwRsM
-pnsAqOlCN2sfTE7GUpzN8IY5aLikUeaaSnDvYOdRfUo=
+A3RhMYIJAN6IKOwbZAicMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+pejx6JSjh3tgYlQLfbYCFm/PBRAe/Jk28qciQEGbpcJqxy2Hax1N1p4cFSBfYvJR
+uGr1K3W3qiGqnOKI4HTOToShKPskx7tv1eP2Nlf+HrqYq4JR+jN1k6W7+48AVP3k
+/QD34oTtcT7oZjqC8nDW7ivZuQdQb9aGBFq/ZAe9L3A=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/ta2/ta2_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/ta2/ta2_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- a3:0a:29:bc:c4:1c:d8:4c
+ a8:5c:e8:7d:2f:86:1f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:d6:3a:84:18:7a:d6:3a:ee:7d:4c:75:0a:18:f4:
- ce:c0:2c:b5:59:eb:bd:83:0c:3c:59:90:0c:35:b9:
- c8:55:a4:c1:04:88:41:c4:40:a8:73:4e:f1:e4:db:
- 84:aa:bb:03:7b:e1:5e:5d:91:a0:ee:22:3d:f3:84:
- 35:09:de:a9:07:69:35:e6:8f:65:c4:55:70:52:a6:
- 5f:36:ff:6a:d3:7c:c5:6c:d3:cb:4f:a1:d8:94:68:
- 14:49:32:93:4c:ad:ac:09:25:c5:b4:e5:92:c4:5d:
- f5:d0:49:54:dc:e6:df:80:6f:c2:86:34:39:0e:e6:
- a8:9b:6b:32:21:41:ca:7b:ad
+ 00:a4:44:fb:94:e4:92:ab:2c:c0:22:a1:ed:7d:4c:
+ de:52:91:a6:70:e4:89:75:55:a4:01:ef:66:63:b4:
+ fe:69:ac:b7:83:e6:43:5f:90:44:f6:cc:66:21:69:
+ be:d3:06:3d:82:2d:dc:6d:f1:d2:6d:e3:b0:32:d6:
+ 32:e7:b3:d6:39:76:13:1a:14:f5:1c:a0:cc:8d:b0:
+ 7a:b5:63:b3:10:b9:37:cc:34:ee:18:b1:35:59:86:
+ 96:1c:d4:b4:1a:71:25:e7:aa:ca:56:57:d5:ea:8a:
+ b6:4a:fc:d8:d6:96:54:5c:da:c4:b3:3d:f9:25:e5:
+ e5:bd:bc:8e:47:bf:e9:c7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- D5:27:DA:4C:ED:2E:83:84:C3:2A:A9:98:E6:88:24:2A:03:01:CF:D5
+ FF:24:E8:06:21:CA:81:14:44:D5:85:07:EF:FB:A2:E7:C0:72:E3:AF
X509v3 Authority Key Identifier:
- keyid:D5:27:DA:4C:ED:2E:83:84:C3:2A:A9:98:E6:88:24:2A:03:01:CF:D5
+ keyid:FF:24:E8:06:21:CA:81:14:44:D5:85:07:EF:FB:A2:E7:C0:72:E3:AF
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta2/emailAddress=ta2
- serial:A3:0A:29:BC:C4:1C:D8:4C
+ serial:A8:5C:E8:7D:2F:86:1F:3C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 23:44:91:7e:24:18:05:e5:1f:05:7b:e1:ca:e2:a5:b9:f0:16:
- 04:b2:2c:7d:1b:a7:7f:eb:9e:71:95:ab:8d:46:65:30:b5:3f:
- af:e5:39:0e:2d:83:30:80:a0:cb:a7:f7:a4:41:5c:7e:d9:41:
- ef:7b:d2:b6:dd:9e:37:d4:d4:ac:c7:ee:06:42:69:02:88:b2:
- 97:60:bc:95:c5:ca:c9:59:8a:d6:35:3f:b6:09:58:62:e7:c3:
- a3:f9:f7:4e:10:30:94:05:91:0c:cb:f7:11:17:5e:7d:bf:99:
- ca:1d:ca:08:58:f8:a0:ea:26:0e:44:ce:cc:4a:34:b8:6a:9e:
- 88:ac
+ 24:2b:df:0f:66:4c:23:88:18:45:08:26:65:c1:65:6b:d8:0d:
+ 74:c8:2a:c6:6c:77:60:f2:41:1a:8f:23:42:5a:5b:53:5d:33:
+ fe:07:41:13:a9:a2:c4:62:22:08:13:30:57:60:fe:f5:55:ca:
+ 09:59:0d:b1:f9:27:49:a5:7d:2b:6d:52:f8:0e:1e:4f:04:27:
+ 6e:c4:98:31:b5:db:c2:c5:c3:09:29:28:d3:01:c7:5d:4a:a1:
+ 92:27:3d:2c:ef:94:ac:19:94:ff:24:5b:18:85:7d:a8:f9:8d:
+ b1:1f:46:a1:d6:30:4b:0d:d1:a3:0f:05:82:ae:4c:e2:53:b3:
+ de:1b
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAKMKKbzEHNhMMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAKhc6H0vhh88MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTIxEjAQBgkqhkiG9w0BCQEWA3Rh
-MjAeFw0xMTAxMjgwMjU0MTNaFw0xMzEwMjQwMjU0MTNaMGgxCzAJBgNVBAYTAlVT
+MjAeFw0xMTAzMjEwMDQ5MjZaFw0xMzEyMTUwMDQ5MjZaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTIxEjAQBgkqhkiG9w0BCQEWA3RhMjCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1jqEGHrWOu59THUKGPTOwCy1Weu9gww8
-WZAMNbnIVaTBBIhBxECoc07x5NuEqrsDe+FeXZGg7iI984Q1Cd6pB2k15o9lxFVw
-UqZfNv9q03zFbNPLT6HYlGgUSTKTTK2sCSXFtOWSxF310ElU3ObfgG/ChjQ5Duao
-m2syIUHKe60CAwEAAaOBzTCByjAdBgNVHQ4EFgQU1SfaTO0ug4TDKqmY5ogkKgMB
-z9UwgZoGA1UdIwSBkjCBj4AU1SfaTO0ug4TDKqmY5ogkKgMBz9WhbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApET7lOSSqyzAIqHtfUzeUpGmcOSJdVWk
+Ae9mY7T+aay3g+ZDX5BE9sxmIWm+0wY9gi3cbfHSbeOwMtYy57PWOXYTGhT1HKDM
+jbB6tWOzELk3zDTuGLE1WYaWHNS0GnEl56rKVlfV6oq2SvzY1pZUXNrEsz35JeXl
+vbyOR7/px/0CAwEAAaOBzTCByjAdBgNVHQ4EFgQU/yToBiHKgRRE1YUH7/ui58By
+468wgZoGA1UdIwSBkjCBj4AU/yToBiHKgRRE1YUH7/ui58By46+hbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTIxEjAQBgkqhkiG9w0BCQEW
-A3RhMoIJAKMKKbzEHNhMMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-I0SRfiQYBeUfBXvhyuKlufAWBLIsfRunf+uecZWrjUZlMLU/r+U5Di2DMICgy6f3
-pEFcftlB73vStt2eN9TUrMfuBkJpAoiyl2C8lcXKyVmK1jU/tglYYufDo/n3ThAw
-lAWRDMv3ERdefb+Zyh3KCFj4oOomDkTOzEo0uGqeiKw=
+A3RhMoIJAKhc6H0vhh88MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+JCvfD2ZMI4gYRQgmZcFla9gNdMgqxmx3YPJBGo8jQlpbU10z/gdBE6mixGIiCBMw
+V2D+9VXKCVkNsfknSaV9K21S+A4eTwQnbsSYMbXbwsXDCSko0wHHXUqhkic9LO+U
+rBmU/yRbGIV9qPmNsR9GodYwSw3Row8Fgq5M4lOz3hs=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/ta3/ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/ta3/ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- 98:29:8d:38:a1:e7:d1:02
+ ee:77:7e:6a:c1:1e:57:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ee:7d:c2:8c:0e:23:2b:7d:b5:b9:51:ca:8f:45:
- 37:2a:21:5b:2d:d6:ec:57:c5:fa:ac:f1:39:63:d3:
- 6d:40:39:cc:53:23:a5:a5:72:6e:1a:f0:bc:e5:0b:
- fb:0d:82:40:b4:61:d7:a9:1b:b4:4a:55:62:cf:4e:
- 3c:a6:39:65:fa:74:f9:91:8c:b9:0e:01:2b:cd:34:
- 87:a7:76:f7:02:dd:ed:81:77:ca:d5:c7:9c:b8:03:
- a7:81:7e:c0:bf:14:32:7b:82:50:69:15:03:b0:7c:
- 5d:66:d4:d1:58:70:0a:90:0c:97:b7:ab:64:30:45:
- 5f:a8:7a:27:82:89:88:98:0d
+ 00:d8:90:38:43:d3:79:4c:01:69:dc:78:b0:e5:8c:
+ 1c:90:85:72:d5:30:6a:03:2d:a8:e4:6a:ad:27:c4:
+ 59:e8:8c:a6:51:79:62:ff:18:26:87:e7:29:68:2e:
+ 3d:20:b1:78:40:56:c0:82:04:2a:4a:37:e1:38:9f:
+ 0a:ce:0d:c6:ad:e7:8c:b1:8e:25:61:a1:72:09:98:
+ 2c:a5:a4:bb:56:61:87:f0:2e:12:8d:da:8b:68:e1:
+ 39:9a:c8:2f:aa:dc:c9:84:ff:1b:eb:ce:29:82:55:
+ b3:4c:c9:98:fd:d8:7c:13:ea:c0:d5:72:17:7e:92:
+ 0b:f4:d4:71:a0:22:fa:c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
+ E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
+ serial:EE:77:7E:6A:C1:1E:57:ED
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- b0:3d:ff:8a:38:de:32:30:4e:1f:f3:ba:2f:f9:4d:c4:20:31:
- f9:5d:3e:38:91:c8:f9:ce:84:ed:3a:16:52:29:2c:4b:6c:5f:
- f3:5d:76:c8:23:cb:be:8c:ba:26:f2:09:53:79:dd:67:28:aa:
- f8:3a:19:ff:9a:47:d8:67:93:0a:fe:1d:ae:b4:71:2d:e8:52:
- d9:78:1b:d9:5c:a0:8e:e9:ff:6a:f3:92:5c:5a:8f:12:3d:29:
- 35:c9:16:de:e7:94:6b:58:20:85:85:9e:31:d7:80:9a:e0:a8:
- dc:e9:61:b0:4e:aa:7f:10:d4:90:e2:39:ca:b0:93:02:03:53:
- 89:6f
+ 63:77:35:62:c5:a1:23:fb:3b:7f:05:54:98:94:b8:52:15:20:
+ 56:e0:55:44:90:e0:bc:3c:f4:de:ad:f9:17:36:1e:c5:7a:0f:
+ ac:b1:17:44:27:cd:cf:a0:d4:5a:a8:68:ca:22:04:8a:ac:9e:
+ ae:fc:e4:8a:71:4b:2a:33:86:9e:6b:63:73:97:9c:8d:76:88:
+ 08:87:31:cc:21:c5:c9:fb:db:c1:cd:64:b3:f5:09:cc:14:48:
+ d6:38:0b:15:2e:d0:ca:d2:3c:d7:36:14:db:74:7c:7a:38:db:
+ 2a:2c:50:ec:08:d4:f9:9b:24:3c:69:f1:a9:c1:46:6b:7b:84:
+ aa:36
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAJgpjTih59ECMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAO53fmrBHlftMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEWA3Rh
-MzAeFw0xMTAxMjgwMjU0MTNaFw0xMzEwMjQwMjU0MTNaMGgxCzAJBgNVBAYTAlVT
+MzAeFw0xMTAzMjEwMDQ5MjZaFw0xMzEyMTUwMDQ5MjZaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEWA3RhMzCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7n3CjA4jK321uVHKj0U3KiFbLdbsV8X6
-rPE5Y9NtQDnMUyOlpXJuGvC85Qv7DYJAtGHXqRu0SlViz048pjll+nT5kYy5DgEr
-zTSHp3b3At3tgXfK1cecuAOngX7AvxQye4JQaRUDsHxdZtTRWHAKkAyXt6tkMEVf
-qHongomImA0CAwEAAaOBzTCByjAdBgNVHQ4EFgQU3/HDQuQnIeA7HeCFRx8WNU1Y
-8x4wgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2JA4Q9N5TAFp3Hiw5YwckIVy1TBqAy2o
+5GqtJ8RZ6IymUXli/xgmh+cpaC49ILF4QFbAggQqSjfhOJ8Kzg3GreeMsY4lYaFy
+CZgspaS7VmGH8C4SjdqLaOE5msgvqtzJhP8b684pglWzTMmY/dh8E+rA1XIXfpIL
+9NRxoCL6xfcCAwEAAaOBzTCByjAdBgNVHQ4EFgQU4p6hi9fTsPHD6XekSV1qTqtz
+rF0wgZoGA1UdIwSBkjCBj4AU4p6hi9fTsPHD6XekSV1qTqtzrF2hbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEW
-A3RhM4IJAJgpjTih59ECMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-sD3/ijjeMjBOH/O6L/lNxCAx+V0+OJHI+c6E7ToWUiksS2xf8112yCPLvoy6JvIJ
-U3ndZyiq+DoZ/5pH2GeTCv4drrRxLehS2Xgb2Vygjun/avOSXFqPEj0pNckW3ueU
-a1gghYWeMdeAmuCo3OlhsE6qfxDUkOI5yrCTAgNTiW8=
+A3RhM4IJAO53fmrBHlftMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+Y3c1YsWhI/s7fwVUmJS4UhUgVuBVRJDgvDz03q35FzYexXoPrLEXRCfNz6DUWqho
+yiIEiqyervzkinFLKjOGnmtjc5ecjXaICIcxzCHFyfvbwc1ks/UJzBRI1jgLFS7Q
+ytI81zYU23R8ejjbKixQ7AjU+ZskPGnxqcFGa3uEqjY=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/ta4/ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/ta4/ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- fc:c0:ee:93:13:43:17:2d
+ c5:19:14:97:e3:27:2e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
+ Not Before: Mar 21 00:49:31 2011 GMT
+ Not After : Dec 15 00:49:31 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c0:2b:f2:13:a5:29:e8:19:ed:15:b7:ef:65:2a:
- 33:bc:aa:23:17:07:4f:e2:b8:c2:fc:e8:f0:36:d2:
- 71:55:fe:45:15:4f:62:3d:0b:f6:1a:4e:6c:7c:59:
- 09:06:10:6e:f6:17:1c:96:4e:d6:ce:fa:b8:b6:a4:
- 36:97:95:dc:49:87:ce:ed:10:1a:f8:ca:b9:8f:3e:
- d4:e6:89:64:27:01:1d:e0:56:9d:71:55:7b:f1:53:
- eb:16:b9:d6:3c:f4:35:3f:a5:23:b7:50:1e:d8:0d:
- 67:af:fb:65:77:55:34:0f:a9:cf:35:9a:bc:ea:ed:
- cb:7c:5c:9f:61:1a:96:ea:a3
+ 00:b1:4b:88:95:b3:1e:8c:08:95:21:43:4e:19:f6:
+ c1:e0:4a:68:49:d8:28:48:ba:20:22:2d:ab:d8:62:
+ 15:d5:4e:21:bd:c0:af:00:d0:09:4a:da:3b:00:2d:
+ 13:0c:6e:e1:3d:37:00:f5:09:5d:cd:69:81:4e:2b:
+ 3d:38:8c:f0:64:66:0e:a0:d6:68:b1:27:57:3e:01:
+ c3:27:2a:c1:a8:35:b2:54:a7:4e:17:3d:83:85:43:
+ 6d:f8:07:ba:3b:40:05:b5:c3:9b:a7:66:f5:5f:a5:
+ f8:b0:5f:3d:3d:97:25:4c:4f:89:63:51:7d:4a:be:
+ 48:1a:1c:71:a3:fa:6a:87:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
+ 0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
X509v3 Authority Key Identifier:
- keyid:B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
+ keyid:0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:FC:C0:EE:93:13:43:17:2D
+ serial:C5:19:14:97:E3:27:2E:9B
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 18:3d:23:29:a5:74:64:5d:c8:6d:b8:66:f6:68:d5:ff:72:51:
- cb:ce:ca:6c:55:af:25:ff:c5:4e:ac:65:f3:16:a7:22:11:82:
- 4c:35:92:27:dc:23:55:a0:d8:b1:e9:1d:d7:fc:ba:a6:df:13:
- c5:6c:85:42:43:cc:ec:ff:62:49:b1:ef:63:15:25:37:57:59:
- 15:e3:ab:26:06:5a:62:df:fb:82:1a:57:a0:0f:64:29:7f:80:
- 5e:e5:c7:2b:cb:5d:da:4d:e4:dc:da:52:94:79:9b:4b:b5:ba:
- fa:4d:4b:65:26:95:20:70:95:8c:cf:d5:d2:fe:44:66:48:ec:
- c1:ad
+ 64:93:80:7e:ae:43:e2:e6:96:07:67:cf:34:c3:ef:cc:69:1c:
+ 52:41:fb:ec:11:dc:f6:fe:88:e4:8e:3b:90:97:d5:e5:6e:b6:
+ b7:8e:0b:40:3b:84:5b:36:73:e4:ce:39:8e:e7:7e:db:dc:cd:
+ 0f:97:1c:bb:2a:31:56:28:6b:87:50:72:be:5f:47:68:4e:a1:
+ 38:7e:bc:c6:11:4c:2e:46:e3:94:a1:04:a5:15:70:af:2f:a9:
+ 8f:b3:26:be:c1:35:15:b2:fd:94:f1:5d:a7:06:4f:2d:37:c8:
+ 47:eb:db:cb:a4:69:05:98:fb:5a:1a:d3:03:17:e2:90:54:5a:
+ 7d:1d
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAPzA7pMTQxctMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAMUZFJfjJy6bMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEWA3Rh
-NDAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMGgxCzAJBgNVBAYTAlVT
+NDAeFw0xMTAzMjEwMDQ5MzFaFw0xMzEyMTUwMDQ5MzFaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEWA3RhNDCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwCvyE6Up6BntFbfvZSozvKojFwdP4rjC
-/OjwNtJxVf5FFU9iPQv2Gk5sfFkJBhBu9hcclk7Wzvq4tqQ2l5XcSYfO7RAa+Mq5
-jz7U5olkJwEd4FadcVV78VPrFrnWPPQ1P6Ujt1Ae2A1nr/tld1U0D6nPNZq86u3L
-fFyfYRqW6qMCAwEAAaOBzTCByjAdBgNVHQ4EFgQUuahSX5EbKiepCpRUBlIvcoaF
-nnUwgZoGA1UdIwSBkjCBj4AUuahSX5EbKiepCpRUBlIvcoaFnnWhbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsUuIlbMejAiVIUNOGfbB4EpoSdgoSLog
+Ii2r2GIV1U4hvcCvANAJSto7AC0TDG7hPTcA9QldzWmBTis9OIzwZGYOoNZosSdX
+PgHDJyrBqDWyVKdOFz2DhUNt+Ae6O0AFtcObp2b1X6X4sF89PZclTE+JY1F9Sr5I
+Ghxxo/pqhxMCAwEAAaOBzTCByjAdBgNVHQ4EFgQUChy6plvGgzJg5ZsAhTd00Y0w
+uoowgZoGA1UdIwSBkjCBj4AUChy6plvGgzJg5ZsAhTd00Y0wuoqhbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEW
-A3RhNIIJAPzA7pMTQxctMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-GD0jKaV0ZF3Ibbhm9mjV/3JRy87KbFWvJf/FTqxl8xanIhGCTDWSJ9wjVaDYsekd
-1/y6pt8TxWyFQkPM7P9iSbHvYxUlN1dZFeOrJgZaYt/7ghpXoA9kKX+AXuXHK8td
-2k3k3NpSlHmbS7W6+k1LZSaVIHCVjM/V0v5EZkjswa0=
+A3RhNIIJAMUZFJfjJy6bMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+ZJOAfq5D4uaWB2fPNMPvzGkcUkH77BHc9v6I5I47kJfV5W62t44LQDuEWzZz5M45
+jud+29zND5ccuyoxVihrh1Byvl9HaE6hOH68xhFMLkbjlKEEpRVwry+pj7MmvsE1
+FbL9lPFdpwZPLTfIR+vby6RpBZj7WhrTAxfikFRafR0=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/ta5/ta5_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/ta5/ta5_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- e0:a1:00:60:ae:57:96:b2
+ ec:86:c3:65:f9:7f:14:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
Validity
- Not Before: Jan 28 02:54:25 2011 GMT
- Not After : Oct 24 02:54:25 2013 GMT
+ Not Before: Mar 21 00:49:34 2011 GMT
+ Not After : Dec 15 00:49:34 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ab:ce:85:a0:8e:f0:46:60:75:e2:b8:90:39:ef:
- 03:a8:47:a0:d7:75:a3:09:de:dd:a6:b2:ca:e1:3a:
- e1:fb:bb:59:36:43:85:e2:97:89:23:82:8e:6e:93:
- b5:76:aa:67:56:28:37:1a:8a:f3:4f:50:f7:59:50:
- 3d:52:9d:b2:b3:28:36:b5:b1:c4:cf:92:56:d4:14:
- 95:3d:c7:04:79:cd:88:ae:72:9e:9a:6f:49:7a:c2:
- a1:be:e5:38:c2:fc:62:ef:65:ab:20:7a:02:74:56:
- 0d:09:8b:86:b2:6b:86:97:03:04:02:58:7c:01:12:
- 1d:e4:27:0c:60:34:23:f7:35
+ 00:cc:27:b4:c2:c1:88:36:eb:9d:c4:02:79:04:8d:
+ 8e:3d:84:72:32:92:7d:77:5e:87:a7:1b:19:7d:09:
+ 3e:ff:83:de:de:64:9b:03:c4:95:64:a3:16:ef:b6:
+ 33:2b:d7:28:3f:70:8d:81:c3:03:af:4e:04:de:e8:
+ 86:51:82:75:81:4e:1f:97:e1:53:76:58:27:61:f2:
+ 0c:2f:2e:ba:d2:b7:f5:6a:b1:66:87:81:2c:78:cf:
+ 8c:74:92:2c:2e:bd:8d:ee:68:ec:92:e3:0d:73:1b:
+ 82:27:3e:44:67:97:1c:42:46:20:65:89:61:ae:1b:
+ 07:1f:20:60:3c:c2:16:27:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 62:0A:5F:1E:BA:AD:0B:1E:13:7A:CA:B4:5C:12:64:1F:BF:44:C6:B0
+ 8A:83:E9:51:D7:32:B4:6F:3B:85:AF:1A:11:94:5C:B6:21:E5:5D:0F
X509v3 Authority Key Identifier:
- keyid:62:0A:5F:1E:BA:AD:0B:1E:13:7A:CA:B4:5C:12:64:1F:BF:44:C6:B0
+ keyid:8A:83:E9:51:D7:32:B4:6F:3B:85:AF:1A:11:94:5C:B6:21:E5:5D:0F
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
- serial:E0:A1:00:60:AE:57:96:B2
+ serial:EC:86:C3:65:F9:7F:14:08
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 99:ed:98:00:f9:46:27:4d:de:ec:2f:4f:87:33:18:e6:25:e5:
- 45:ef:67:56:5d:24:42:b3:93:fd:3b:18:19:93:71:3c:24:88:
- c2:84:6c:e6:91:a8:42:9a:a0:7d:3c:96:0f:50:89:2c:25:ad:
- a0:d9:ee:d1:3c:37:da:75:17:6b:99:39:bc:5f:d4:82:7d:f0:
- cf:d5:02:5a:e7:26:8c:47:c0:33:8d:1b:9e:70:d3:99:71:38:
- 1e:1e:05:54:aa:26:5b:f7:6d:4a:b5:e0:0c:db:e1:af:52:7e:
- 66:7c:5f:a5:4e:19:e4:77:9c:65:10:ad:cf:97:d6:78:26:fc:
- 1c:c2
+ 32:f3:a4:fc:a0:a8:a7:64:a5:6a:6d:63:f0:ee:95:2f:2c:93:
+ f8:70:c8:d6:f7:ae:98:3a:c8:9b:bd:69:fa:26:87:f5:bd:1e:
+ 28:80:0b:03:13:33:87:99:33:52:2e:1a:0a:78:be:e5:0a:7a:
+ 1d:a0:44:1c:1c:7e:93:2e:dc:e6:f5:66:79:27:58:2f:ad:03:
+ d4:12:78:fa:d8:d7:f2:25:45:88:cf:ee:2a:c4:8a:f0:f3:8c:
+ 18:56:eb:4b:d5:58:53:77:24:53:7b:cd:75:fe:8c:1c:e0:d3:
+ 09:6e:e6:be:43:5c:b1:e5:71:58:65:4d:78:6d:01:bd:68:6c:
+ 72:64
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAOChAGCuV5ayMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAOyGw2X5fxQIMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTUxEjAQBgkqhkiG9w0BCQEWA3Rh
-NTAeFw0xMTAxMjgwMjU0MjVaFw0xMzEwMjQwMjU0MjVaMGgxCzAJBgNVBAYTAlVT
+NTAeFw0xMTAzMjEwMDQ5MzRaFw0xMzEyMTUwMDQ5MzRaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTUxEjAQBgkqhkiG9w0BCQEWA3RhNTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAq86FoI7wRmB14riQOe8DqEeg13WjCd7d
-prLK4Trh+7tZNkOF4peJI4KObpO1dqpnVig3GorzT1D3WVA9Up2ysyg2tbHEz5JW
-1BSVPccEec2IrnKemm9JesKhvuU4wvxi72WrIHoCdFYNCYuGsmuGlwMEAlh8ARId
-5CcMYDQj9zUCAwEAAaOBzTCByjAdBgNVHQ4EFgQUYgpfHrqtCx4Tesq0XBJkH79E
-xrAwgZoGA1UdIwSBkjCBj4AUYgpfHrqtCx4Tesq0XBJkH79ExrChbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzCe0wsGINuudxAJ5BI2OPYRyMpJ9d16H
+pxsZfQk+/4Pe3mSbA8SVZKMW77YzK9coP3CNgcMDr04E3uiGUYJ1gU4fl+FTdlgn
+YfIMLy660rf1arFmh4EseM+MdJIsLr2N7mjskuMNcxuCJz5EZ5ccQkYgZYlhrhsH
+HyBgPMIWJw8CAwEAAaOBzTCByjAdBgNVHQ4EFgQUioPpUdcytG87ha8aEZRctiHl
+XQ8wgZoGA1UdIwSBkjCBj4AUioPpUdcytG87ha8aEZRctiHlXQ+hbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTUxEjAQBgkqhkiG9w0BCQEW
-A3RhNYIJAOChAGCuV5ayMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-me2YAPlGJ03e7C9PhzMY5iXlRe9nVl0kQrOT/TsYGZNxPCSIwoRs5pGoQpqgfTyW
-D1CJLCWtoNnu0Tw32nUXa5k5vF/Ugn3wz9UCWucmjEfAM40bnnDTmXE4Hh4FVKom
-W/dtSrXgDNvhr1J+ZnxfpU4Z5HecZRCtz5fWeCb8HMI=
+A3RhNYIJAOyGw2X5fxQIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+MvOk/KCop2Slam1j8O6VLyyT+HDI1veumDrIm71p+iaH9b0eKIALAxMzh5kzUi4a
+Cni+5Qp6HaBEHBx+ky7c5vVmeSdYL60D1BJ4+tjX8iVFiM/uKsSK8POMGFbrS9VY
+U3ckU3vNdf6MHODTCW7mvkNcseVxWGVNeG0BvWhscmQ=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/trust_anchors/ta1_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/trust_anchors/ta1_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- c1:e4:f1:a8:14:c7:a7:58
+ de:88:28:ec:1b:64:08:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
Validity
- Not Before: Jan 28 02:54:10 2011 GMT
- Not After : Oct 24 02:54:10 2013 GMT
+ Not Before: Mar 21 00:49:23 2011 GMT
+ Not After : Dec 15 00:49:23 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta1/emailAddress=ta1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:a4:e5:50:4f:dd:85:ff:70:fd:e9:82:c0:b4:44:
- 4e:3f:50:5e:32:57:52:9e:1d:ce:96:a4:36:38:5f:
- 2c:c0:41:27:a7:4d:f4:04:d8:05:71:b3:56:a4:09:
- 32:26:38:f8:17:a6:d7:e8:4c:f6:64:56:e0:fb:fa:
- 6b:41:44:9c:06:fe:f1:99:35:d5:bb:66:8c:12:f6:
- ab:cd:90:02:df:94:97:5e:8c:94:89:8a:8f:2e:8b:
- 8a:3c:0a:85:2f:9a:25:34:ad:b4:82:e4:04:4d:a8:
- 8b:dc:b4:42:58:3d:c1:0f:85:28:d7:25:22:02:b8:
- 09:f2:23:2e:57:eb:dd:e3:31
+ 00:d6:e9:55:f5:86:01:d5:2b:dd:52:6e:82:89:dc:
+ 7a:23:a2:8b:32:28:af:09:2b:37:f4:98:d9:2d:3d:
+ b6:d3:58:6d:4d:f9:e5:af:40:aa:41:8e:ca:6a:11:
+ 28:6e:bd:17:ee:17:5f:22:c3:15:99:65:3d:fc:b6:
+ 16:bc:5a:fb:bd:a7:15:b0:ff:f6:5d:19:20:3c:f5:
+ 78:54:19:75:cc:61:82:6f:bc:bb:1a:5f:c8:37:7a:
+ b0:c0:5e:30:27:a1:aa:b2:87:4d:10:57:fc:2d:d6:
+ 17:6d:b0:39:bd:06:b5:0f:ce:d1:00:2f:85:35:ad:
+ c8:72:39:e5:2c:e4:06:2a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 15:AB:A2:AB:34:BD:EB:C4:C9:AE:0D:82:51:00:DD:2D:B1:1D:1A:7B
+ 06:D0:C0:FB:C5:79:67:F9:F9:10:92:CA:81:5B:5F:92:D8:D8:9F:A6
X509v3 Authority Key Identifier:
- keyid:15:AB:A2:AB:34:BD:EB:C4:C9:AE:0D:82:51:00:DD:2D:B1:1D:1A:7B
+ keyid:06:D0:C0:FB:C5:79:67:F9:F9:10:92:CA:81:5B:5F:92:D8:D8:9F:A6
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta1/emailAddress=ta1
- serial:C1:E4:F1:A8:14:C7:A7:58
+ serial:DE:88:28:EC:1B:64:08:9C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 4c:dc:c9:ca:75:c0:d1:87:da:b1:43:63:b9:41:2c:d1:05:78:
- 17:80:0a:63:8e:ea:a8:2a:8b:84:75:2a:ef:17:d1:5e:d9:78:
- c5:4f:fb:b1:cb:16:93:fe:1b:b1:4f:4c:f2:b8:80:60:1a:34:
- ff:d2:c3:99:6a:94:4a:00:4b:08:ea:b1:a6:1c:61:d1:8c:a3:
- 05:08:34:24:c7:6d:4a:7a:af:b0:1b:62:55:38:0d:fb:5e:ce:
- 4b:49:6f:c1:1b:0c:a6:7b:00:a8:e9:42:37:6b:1f:4c:4e:c6:
- 52:9c:cd:f0:86:39:68:b8:a4:51:e6:9a:4a:70:ef:60:e7:51:
- 7d:4a
+ a5:e8:f1:e8:94:a3:87:7b:60:62:54:0b:7d:b6:02:16:6f:cf:
+ 05:10:1e:fc:99:36:f2:a7:22:40:41:9b:a5:c2:6a:c7:2d:87:
+ 6b:1d:4d:d6:9e:1c:15:20:5f:62:f2:51:b8:6a:f5:2b:75:b7:
+ aa:21:aa:9c:e2:88:e0:74:ce:4e:84:a1:28:fb:24:c7:bb:6f:
+ d5:e3:f6:36:57:fe:1e:ba:98:ab:82:51:fa:33:75:93:a5:bb:
+ fb:8f:00:54:fd:e4:fd:00:f7:e2:84:ed:71:3e:e8:66:3a:82:
+ f2:70:d6:ee:2b:d9:b9:07:50:6f:d6:86:04:5a:bf:64:07:bd:
+ 2f:70
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAMHk8agUx6dYMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAN6IKOwbZAicMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEWA3Rh
-MTAeFw0xMTAxMjgwMjU0MTBaFw0xMzEwMjQwMjU0MTBaMGgxCzAJBgNVBAYTAlVT
+MTAeFw0xMTAzMjEwMDQ5MjNaFw0xMzEyMTUwMDQ5MjNaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEWA3RhMTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApOVQT92F/3D96YLAtEROP1BeMldSnh3O
-lqQ2OF8swEEnp030BNgFcbNWpAkyJjj4F6bX6Ez2ZFbg+/prQUScBv7xmTXVu2aM
-EvarzZAC35SXXoyUiYqPLouKPAqFL5olNK20guQETaiL3LRCWD3BD4Uo1yUiArgJ
-8iMuV+vd4zECAwEAAaOBzTCByjAdBgNVHQ4EFgQUFauiqzS968TJrg2CUQDdLbEd
-GnswgZoGA1UdIwSBkjCBj4AUFauiqzS968TJrg2CUQDdLbEdGnuhbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1ulV9YYB1SvdUm6Cidx6I6KLMiivCSs3
+9JjZLT2201htTfnlr0CqQY7KahEobr0X7hdfIsMVmWU9/LYWvFr7vacVsP/2XRkg
+PPV4VBl1zGGCb7y7Gl/IN3qwwF4wJ6GqsodNEFf8LdYXbbA5vQa1D87RAC+FNa3I
+cjnlLOQGKhsCAwEAAaOBzTCByjAdBgNVHQ4EFgQUBtDA+8V5Z/n5EJLKgVtfktjY
+n6YwgZoGA1UdIwSBkjCBj4AUBtDA+8V5Z/n5EJLKgVtfktjYn6ahbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTExEjAQBgkqhkiG9w0BCQEW
-A3RhMYIJAMHk8agUx6dYMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-TNzJynXA0YfasUNjuUEs0QV4F4AKY47qqCqLhHUq7xfRXtl4xU/7scsWk/4bsU9M
-8riAYBo0/9LDmWqUSgBLCOqxphxh0YyjBQg0JMdtSnqvsBtiVTgN+17OS0lvwRsM
-pnsAqOlCN2sfTE7GUpzN8IY5aLikUeaaSnDvYOdRfUo=
+A3RhMYIJAN6IKOwbZAicMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+pejx6JSjh3tgYlQLfbYCFm/PBRAe/Jk28qciQEGbpcJqxy2Hax1N1p4cFSBfYvJR
+uGr1K3W3qiGqnOKI4HTOToShKPskx7tv1eP2Nlf+HrqYq4JR+jN1k6W7+48AVP3k
+/QD34oTtcT7oZjqC8nDW7ivZuQdQb9aGBFq/ZAe9L3A=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/trust_anchors/ta2_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/trust_anchors/ta2_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- a3:0a:29:bc:c4:1c:d8:4c
+ a8:5c:e8:7d:2f:86:1f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta2/emailAddress=ta2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:d6:3a:84:18:7a:d6:3a:ee:7d:4c:75:0a:18:f4:
- ce:c0:2c:b5:59:eb:bd:83:0c:3c:59:90:0c:35:b9:
- c8:55:a4:c1:04:88:41:c4:40:a8:73:4e:f1:e4:db:
- 84:aa:bb:03:7b:e1:5e:5d:91:a0:ee:22:3d:f3:84:
- 35:09:de:a9:07:69:35:e6:8f:65:c4:55:70:52:a6:
- 5f:36:ff:6a:d3:7c:c5:6c:d3:cb:4f:a1:d8:94:68:
- 14:49:32:93:4c:ad:ac:09:25:c5:b4:e5:92:c4:5d:
- f5:d0:49:54:dc:e6:df:80:6f:c2:86:34:39:0e:e6:
- a8:9b:6b:32:21:41:ca:7b:ad
+ 00:a4:44:fb:94:e4:92:ab:2c:c0:22:a1:ed:7d:4c:
+ de:52:91:a6:70:e4:89:75:55:a4:01:ef:66:63:b4:
+ fe:69:ac:b7:83:e6:43:5f:90:44:f6:cc:66:21:69:
+ be:d3:06:3d:82:2d:dc:6d:f1:d2:6d:e3:b0:32:d6:
+ 32:e7:b3:d6:39:76:13:1a:14:f5:1c:a0:cc:8d:b0:
+ 7a:b5:63:b3:10:b9:37:cc:34:ee:18:b1:35:59:86:
+ 96:1c:d4:b4:1a:71:25:e7:aa:ca:56:57:d5:ea:8a:
+ b6:4a:fc:d8:d6:96:54:5c:da:c4:b3:3d:f9:25:e5:
+ e5:bd:bc:8e:47:bf:e9:c7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- D5:27:DA:4C:ED:2E:83:84:C3:2A:A9:98:E6:88:24:2A:03:01:CF:D5
+ FF:24:E8:06:21:CA:81:14:44:D5:85:07:EF:FB:A2:E7:C0:72:E3:AF
X509v3 Authority Key Identifier:
- keyid:D5:27:DA:4C:ED:2E:83:84:C3:2A:A9:98:E6:88:24:2A:03:01:CF:D5
+ keyid:FF:24:E8:06:21:CA:81:14:44:D5:85:07:EF:FB:A2:E7:C0:72:E3:AF
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta2/emailAddress=ta2
- serial:A3:0A:29:BC:C4:1C:D8:4C
+ serial:A8:5C:E8:7D:2F:86:1F:3C
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 23:44:91:7e:24:18:05:e5:1f:05:7b:e1:ca:e2:a5:b9:f0:16:
- 04:b2:2c:7d:1b:a7:7f:eb:9e:71:95:ab:8d:46:65:30:b5:3f:
- af:e5:39:0e:2d:83:30:80:a0:cb:a7:f7:a4:41:5c:7e:d9:41:
- ef:7b:d2:b6:dd:9e:37:d4:d4:ac:c7:ee:06:42:69:02:88:b2:
- 97:60:bc:95:c5:ca:c9:59:8a:d6:35:3f:b6:09:58:62:e7:c3:
- a3:f9:f7:4e:10:30:94:05:91:0c:cb:f7:11:17:5e:7d:bf:99:
- ca:1d:ca:08:58:f8:a0:ea:26:0e:44:ce:cc:4a:34:b8:6a:9e:
- 88:ac
+ 24:2b:df:0f:66:4c:23:88:18:45:08:26:65:c1:65:6b:d8:0d:
+ 74:c8:2a:c6:6c:77:60:f2:41:1a:8f:23:42:5a:5b:53:5d:33:
+ fe:07:41:13:a9:a2:c4:62:22:08:13:30:57:60:fe:f5:55:ca:
+ 09:59:0d:b1:f9:27:49:a5:7d:2b:6d:52:f8:0e:1e:4f:04:27:
+ 6e:c4:98:31:b5:db:c2:c5:c3:09:29:28:d3:01:c7:5d:4a:a1:
+ 92:27:3d:2c:ef:94:ac:19:94:ff:24:5b:18:85:7d:a8:f9:8d:
+ b1:1f:46:a1:d6:30:4b:0d:d1:a3:0f:05:82:ae:4c:e2:53:b3:
+ de:1b
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAKMKKbzEHNhMMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAKhc6H0vhh88MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTIxEjAQBgkqhkiG9w0BCQEWA3Rh
-MjAeFw0xMTAxMjgwMjU0MTNaFw0xMzEwMjQwMjU0MTNaMGgxCzAJBgNVBAYTAlVT
+MjAeFw0xMTAzMjEwMDQ5MjZaFw0xMzEyMTUwMDQ5MjZaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTIxEjAQBgkqhkiG9w0BCQEWA3RhMjCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1jqEGHrWOu59THUKGPTOwCy1Weu9gww8
-WZAMNbnIVaTBBIhBxECoc07x5NuEqrsDe+FeXZGg7iI984Q1Cd6pB2k15o9lxFVw
-UqZfNv9q03zFbNPLT6HYlGgUSTKTTK2sCSXFtOWSxF310ElU3ObfgG/ChjQ5Duao
-m2syIUHKe60CAwEAAaOBzTCByjAdBgNVHQ4EFgQU1SfaTO0ug4TDKqmY5ogkKgMB
-z9UwgZoGA1UdIwSBkjCBj4AU1SfaTO0ug4TDKqmY5ogkKgMBz9WhbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApET7lOSSqyzAIqHtfUzeUpGmcOSJdVWk
+Ae9mY7T+aay3g+ZDX5BE9sxmIWm+0wY9gi3cbfHSbeOwMtYy57PWOXYTGhT1HKDM
+jbB6tWOzELk3zDTuGLE1WYaWHNS0GnEl56rKVlfV6oq2SvzY1pZUXNrEsz35JeXl
+vbyOR7/px/0CAwEAAaOBzTCByjAdBgNVHQ4EFgQU/yToBiHKgRRE1YUH7/ui58By
+468wgZoGA1UdIwSBkjCBj4AU/yToBiHKgRRE1YUH7/ui58By46+hbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTIxEjAQBgkqhkiG9w0BCQEW
-A3RhMoIJAKMKKbzEHNhMMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-I0SRfiQYBeUfBXvhyuKlufAWBLIsfRunf+uecZWrjUZlMLU/r+U5Di2DMICgy6f3
-pEFcftlB73vStt2eN9TUrMfuBkJpAoiyl2C8lcXKyVmK1jU/tglYYufDo/n3ThAw
-lAWRDMv3ERdefb+Zyh3KCFj4oOomDkTOzEo0uGqeiKw=
+A3RhMoIJAKhc6H0vhh88MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+JCvfD2ZMI4gYRQgmZcFla9gNdMgqxmx3YPJBGo8jQlpbU10z/gdBE6mixGIiCBMw
+V2D+9VXKCVkNsfknSaV9K21S+A4eTwQnbsSYMbXbwsXDCSko0wHHXUqhkic9LO+U
+rBmU/yRbGIV9qPmNsR9GodYwSw3Row8Fgq5M4lOz3hs=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/trust_anchors/ta3_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/trust_anchors/ta3_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- 98:29:8d:38:a1:e7:d1:02
+ ee:77:7e:6a:c1:1e:57:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
Validity
- Not Before: Jan 28 02:54:13 2011 GMT
- Not After : Oct 24 02:54:13 2013 GMT
+ Not Before: Mar 21 00:49:26 2011 GMT
+ Not After : Dec 15 00:49:26 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta3/emailAddress=ta3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ee:7d:c2:8c:0e:23:2b:7d:b5:b9:51:ca:8f:45:
- 37:2a:21:5b:2d:d6:ec:57:c5:fa:ac:f1:39:63:d3:
- 6d:40:39:cc:53:23:a5:a5:72:6e:1a:f0:bc:e5:0b:
- fb:0d:82:40:b4:61:d7:a9:1b:b4:4a:55:62:cf:4e:
- 3c:a6:39:65:fa:74:f9:91:8c:b9:0e:01:2b:cd:34:
- 87:a7:76:f7:02:dd:ed:81:77:ca:d5:c7:9c:b8:03:
- a7:81:7e:c0:bf:14:32:7b:82:50:69:15:03:b0:7c:
- 5d:66:d4:d1:58:70:0a:90:0c:97:b7:ab:64:30:45:
- 5f:a8:7a:27:82:89:88:98:0d
+ 00:d8:90:38:43:d3:79:4c:01:69:dc:78:b0:e5:8c:
+ 1c:90:85:72:d5:30:6a:03:2d:a8:e4:6a:ad:27:c4:
+ 59:e8:8c:a6:51:79:62:ff:18:26:87:e7:29:68:2e:
+ 3d:20:b1:78:40:56:c0:82:04:2a:4a:37:e1:38:9f:
+ 0a:ce:0d:c6:ad:e7:8c:b1:8e:25:61:a1:72:09:98:
+ 2c:a5:a4:bb:56:61:87:f0:2e:12:8d:da:8b:68:e1:
+ 39:9a:c8:2f:aa:dc:c9:84:ff:1b:eb:ce:29:82:55:
+ b3:4c:c9:98:fd:d8:7c:13:ea:c0:d5:72:17:7e:92:
+ 0b:f4:d4:71:a0:22:fa:c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
+ E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
X509v3 Authority Key Identifier:
- keyid:DF:F1:C3:42:E4:27:21:E0:3B:1D:E0:85:47:1F:16:35:4D:58:F3:1E
+ keyid:E2:9E:A1:8B:D7:D3:B0:F1:C3:E9:77:A4:49:5D:6A:4E:AB:73:AC:5D
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta3/emailAddress=ta3
- serial:98:29:8D:38:A1:E7:D1:02
+ serial:EE:77:7E:6A:C1:1E:57:ED
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- b0:3d:ff:8a:38:de:32:30:4e:1f:f3:ba:2f:f9:4d:c4:20:31:
- f9:5d:3e:38:91:c8:f9:ce:84:ed:3a:16:52:29:2c:4b:6c:5f:
- f3:5d:76:c8:23:cb:be:8c:ba:26:f2:09:53:79:dd:67:28:aa:
- f8:3a:19:ff:9a:47:d8:67:93:0a:fe:1d:ae:b4:71:2d:e8:52:
- d9:78:1b:d9:5c:a0:8e:e9:ff:6a:f3:92:5c:5a:8f:12:3d:29:
- 35:c9:16:de:e7:94:6b:58:20:85:85:9e:31:d7:80:9a:e0:a8:
- dc:e9:61:b0:4e:aa:7f:10:d4:90:e2:39:ca:b0:93:02:03:53:
- 89:6f
+ 63:77:35:62:c5:a1:23:fb:3b:7f:05:54:98:94:b8:52:15:20:
+ 56:e0:55:44:90:e0:bc:3c:f4:de:ad:f9:17:36:1e:c5:7a:0f:
+ ac:b1:17:44:27:cd:cf:a0:d4:5a:a8:68:ca:22:04:8a:ac:9e:
+ ae:fc:e4:8a:71:4b:2a:33:86:9e:6b:63:73:97:9c:8d:76:88:
+ 08:87:31:cc:21:c5:c9:fb:db:c1:cd:64:b3:f5:09:cc:14:48:
+ d6:38:0b:15:2e:d0:ca:d2:3c:d7:36:14:db:74:7c:7a:38:db:
+ 2a:2c:50:ec:08:d4:f9:9b:24:3c:69:f1:a9:c1:46:6b:7b:84:
+ aa:36
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAJgpjTih59ECMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAO53fmrBHlftMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEWA3Rh
-MzAeFw0xMTAxMjgwMjU0MTNaFw0xMzEwMjQwMjU0MTNaMGgxCzAJBgNVBAYTAlVT
+MzAeFw0xMTAzMjEwMDQ5MjZaFw0xMzEyMTUwMDQ5MjZaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEWA3RhMzCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7n3CjA4jK321uVHKj0U3KiFbLdbsV8X6
-rPE5Y9NtQDnMUyOlpXJuGvC85Qv7DYJAtGHXqRu0SlViz048pjll+nT5kYy5DgEr
-zTSHp3b3At3tgXfK1cecuAOngX7AvxQye4JQaRUDsHxdZtTRWHAKkAyXt6tkMEVf
-qHongomImA0CAwEAAaOBzTCByjAdBgNVHQ4EFgQU3/HDQuQnIeA7HeCFRx8WNU1Y
-8x4wgZoGA1UdIwSBkjCBj4AU3/HDQuQnIeA7HeCFRx8WNU1Y8x6hbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2JA4Q9N5TAFp3Hiw5YwckIVy1TBqAy2o
+5GqtJ8RZ6IymUXli/xgmh+cpaC49ILF4QFbAggQqSjfhOJ8Kzg3GreeMsY4lYaFy
+CZgspaS7VmGH8C4SjdqLaOE5msgvqtzJhP8b684pglWzTMmY/dh8E+rA1XIXfpIL
+9NRxoCL6xfcCAwEAAaOBzTCByjAdBgNVHQ4EFgQU4p6hi9fTsPHD6XekSV1qTqtz
+rF0wgZoGA1UdIwSBkjCBj4AU4p6hi9fTsPHD6XekSV1qTqtzrF2hbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTMxEjAQBgkqhkiG9w0BCQEW
-A3RhM4IJAJgpjTih59ECMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-sD3/ijjeMjBOH/O6L/lNxCAx+V0+OJHI+c6E7ToWUiksS2xf8112yCPLvoy6JvIJ
-U3ndZyiq+DoZ/5pH2GeTCv4drrRxLehS2Xgb2Vygjun/avOSXFqPEj0pNckW3ueU
-a1gghYWeMdeAmuCo3OlhsE6qfxDUkOI5yrCTAgNTiW8=
+A3RhM4IJAO53fmrBHlftMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+Y3c1YsWhI/s7fwVUmJS4UhUgVuBVRJDgvDz03q35FzYexXoPrLEXRCfNz6DUWqho
+yiIEiqyervzkinFLKjOGnmtjc5ecjXaICIcxzCHFyfvbwc1ks/UJzBRI1jgLFS7Q
+ytI81zYU23R8ejjbKixQ7AjU+ZskPGnxqcFGa3uEqjY=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/trust_anchors/ta4_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/trust_anchors/ta4_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- fc:c0:ee:93:13:43:17:2d
+ c5:19:14:97:e3:27:2e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
Validity
- Not Before: Jan 28 02:54:21 2011 GMT
- Not After : Oct 24 02:54:21 2013 GMT
+ Not Before: Mar 21 00:49:31 2011 GMT
+ Not After : Dec 15 00:49:31 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta4/emailAddress=ta4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:c0:2b:f2:13:a5:29:e8:19:ed:15:b7:ef:65:2a:
- 33:bc:aa:23:17:07:4f:e2:b8:c2:fc:e8:f0:36:d2:
- 71:55:fe:45:15:4f:62:3d:0b:f6:1a:4e:6c:7c:59:
- 09:06:10:6e:f6:17:1c:96:4e:d6:ce:fa:b8:b6:a4:
- 36:97:95:dc:49:87:ce:ed:10:1a:f8:ca:b9:8f:3e:
- d4:e6:89:64:27:01:1d:e0:56:9d:71:55:7b:f1:53:
- eb:16:b9:d6:3c:f4:35:3f:a5:23:b7:50:1e:d8:0d:
- 67:af:fb:65:77:55:34:0f:a9:cf:35:9a:bc:ea:ed:
- cb:7c:5c:9f:61:1a:96:ea:a3
+ 00:b1:4b:88:95:b3:1e:8c:08:95:21:43:4e:19:f6:
+ c1:e0:4a:68:49:d8:28:48:ba:20:22:2d:ab:d8:62:
+ 15:d5:4e:21:bd:c0:af:00:d0:09:4a:da:3b:00:2d:
+ 13:0c:6e:e1:3d:37:00:f5:09:5d:cd:69:81:4e:2b:
+ 3d:38:8c:f0:64:66:0e:a0:d6:68:b1:27:57:3e:01:
+ c3:27:2a:c1:a8:35:b2:54:a7:4e:17:3d:83:85:43:
+ 6d:f8:07:ba:3b:40:05:b5:c3:9b:a7:66:f5:5f:a5:
+ f8:b0:5f:3d:3d:97:25:4c:4f:89:63:51:7d:4a:be:
+ 48:1a:1c:71:a3:fa:6a:87:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
+ 0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
X509v3 Authority Key Identifier:
- keyid:B9:A8:52:5F:91:1B:2A:27:A9:0A:94:54:06:52:2F:72:86:85:9E:75
+ keyid:0A:1C:BA:A6:5B:C6:83:32:60:E5:9B:00:85:37:74:D1:8D:30:BA:8A
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta4/emailAddress=ta4
- serial:FC:C0:EE:93:13:43:17:2D
+ serial:C5:19:14:97:E3:27:2E:9B
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 18:3d:23:29:a5:74:64:5d:c8:6d:b8:66:f6:68:d5:ff:72:51:
- cb:ce:ca:6c:55:af:25:ff:c5:4e:ac:65:f3:16:a7:22:11:82:
- 4c:35:92:27:dc:23:55:a0:d8:b1:e9:1d:d7:fc:ba:a6:df:13:
- c5:6c:85:42:43:cc:ec:ff:62:49:b1:ef:63:15:25:37:57:59:
- 15:e3:ab:26:06:5a:62:df:fb:82:1a:57:a0:0f:64:29:7f:80:
- 5e:e5:c7:2b:cb:5d:da:4d:e4:dc:da:52:94:79:9b:4b:b5:ba:
- fa:4d:4b:65:26:95:20:70:95:8c:cf:d5:d2:fe:44:66:48:ec:
- c1:ad
+ 64:93:80:7e:ae:43:e2:e6:96:07:67:cf:34:c3:ef:cc:69:1c:
+ 52:41:fb:ec:11:dc:f6:fe:88:e4:8e:3b:90:97:d5:e5:6e:b6:
+ b7:8e:0b:40:3b:84:5b:36:73:e4:ce:39:8e:e7:7e:db:dc:cd:
+ 0f:97:1c:bb:2a:31:56:28:6b:87:50:72:be:5f:47:68:4e:a1:
+ 38:7e:bc:c6:11:4c:2e:46:e3:94:a1:04:a5:15:70:af:2f:a9:
+ 8f:b3:26:be:c1:35:15:b2:fd:94:f1:5d:a7:06:4f:2d:37:c8:
+ 47:eb:db:cb:a4:69:05:98:fb:5a:1a:d3:03:17:e2:90:54:5a:
+ 7d:1d
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAPzA7pMTQxctMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAMUZFJfjJy6bMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEWA3Rh
-NDAeFw0xMTAxMjgwMjU0MjFaFw0xMzEwMjQwMjU0MjFaMGgxCzAJBgNVBAYTAlVT
+NDAeFw0xMTAzMjEwMDQ5MzFaFw0xMzEyMTUwMDQ5MzFaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEWA3RhNDCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwCvyE6Up6BntFbfvZSozvKojFwdP4rjC
-/OjwNtJxVf5FFU9iPQv2Gk5sfFkJBhBu9hcclk7Wzvq4tqQ2l5XcSYfO7RAa+Mq5
-jz7U5olkJwEd4FadcVV78VPrFrnWPPQ1P6Ujt1Ae2A1nr/tld1U0D6nPNZq86u3L
-fFyfYRqW6qMCAwEAAaOBzTCByjAdBgNVHQ4EFgQUuahSX5EbKiepCpRUBlIvcoaF
-nnUwgZoGA1UdIwSBkjCBj4AUuahSX5EbKiepCpRUBlIvcoaFnnWhbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsUuIlbMejAiVIUNOGfbB4EpoSdgoSLog
+Ii2r2GIV1U4hvcCvANAJSto7AC0TDG7hPTcA9QldzWmBTis9OIzwZGYOoNZosSdX
+PgHDJyrBqDWyVKdOFz2DhUNt+Ae6O0AFtcObp2b1X6X4sF89PZclTE+JY1F9Sr5I
+Ghxxo/pqhxMCAwEAAaOBzTCByjAdBgNVHQ4EFgQUChy6plvGgzJg5ZsAhTd00Y0w
+uoowgZoGA1UdIwSBkjCBj4AUChy6plvGgzJg5ZsAhTd00Y0wuoqhbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTQxEjAQBgkqhkiG9w0BCQEW
-A3RhNIIJAPzA7pMTQxctMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-GD0jKaV0ZF3Ibbhm9mjV/3JRy87KbFWvJf/FTqxl8xanIhGCTDWSJ9wjVaDYsekd
-1/y6pt8TxWyFQkPM7P9iSbHvYxUlN1dZFeOrJgZaYt/7ghpXoA9kKX+AXuXHK8td
-2k3k3NpSlHmbS7W6+k1LZSaVIHCVjM/V0v5EZkjswa0=
+A3RhNIIJAMUZFJfjJy6bMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+ZJOAfq5D4uaWB2fPNMPvzGkcUkH77BHc9v6I5I47kJfV5W62t44LQDuEWzZz5M45
+jud+29zND5ccuyoxVihrh1Byvl9HaE6hOH68xhFMLkbjlKEEpRVwry+pj7MmvsE1
+FbL9lPFdpwZPLTfIR+vby6RpBZj7WhrTAxfikFRafR0=
-----END CERTIFICATE-----
--- a/src/tests/ro_data/signing_certs/produced/trust_anchors/ta5_cert.pem Mon Apr 04 09:02:59 2011 -0700
+++ b/src/tests/ro_data/signing_certs/produced/trust_anchors/ta5_cert.pem Wed Apr 06 18:06:57 2011 -0700
@@ -2,62 +2,62 @@
Data:
Version: 3 (0x2)
Serial Number:
- e0:a1:00:60:ae:57:96:b2
+ ec:86:c3:65:f9:7f:14:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
Validity
- Not Before: Jan 28 02:54:25 2011 GMT
- Not After : Oct 24 02:54:25 2013 GMT
+ Not Before: Mar 21 00:49:34 2011 GMT
+ Not After : Dec 15 00:49:34 2013 GMT
Subject: C=US, ST=California, L=Menlo Park, O=pkg5, CN=ta5/emailAddress=ta5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
- 00:ab:ce:85:a0:8e:f0:46:60:75:e2:b8:90:39:ef:
- 03:a8:47:a0:d7:75:a3:09:de:dd:a6:b2:ca:e1:3a:
- e1:fb:bb:59:36:43:85:e2:97:89:23:82:8e:6e:93:
- b5:76:aa:67:56:28:37:1a:8a:f3:4f:50:f7:59:50:
- 3d:52:9d:b2:b3:28:36:b5:b1:c4:cf:92:56:d4:14:
- 95:3d:c7:04:79:cd:88:ae:72:9e:9a:6f:49:7a:c2:
- a1:be:e5:38:c2:fc:62:ef:65:ab:20:7a:02:74:56:
- 0d:09:8b:86:b2:6b:86:97:03:04:02:58:7c:01:12:
- 1d:e4:27:0c:60:34:23:f7:35
+ 00:cc:27:b4:c2:c1:88:36:eb:9d:c4:02:79:04:8d:
+ 8e:3d:84:72:32:92:7d:77:5e:87:a7:1b:19:7d:09:
+ 3e:ff:83:de:de:64:9b:03:c4:95:64:a3:16:ef:b6:
+ 33:2b:d7:28:3f:70:8d:81:c3:03:af:4e:04:de:e8:
+ 86:51:82:75:81:4e:1f:97:e1:53:76:58:27:61:f2:
+ 0c:2f:2e:ba:d2:b7:f5:6a:b1:66:87:81:2c:78:cf:
+ 8c:74:92:2c:2e:bd:8d:ee:68:ec:92:e3:0d:73:1b:
+ 82:27:3e:44:67:97:1c:42:46:20:65:89:61:ae:1b:
+ 07:1f:20:60:3c:c2:16:27:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 62:0A:5F:1E:BA:AD:0B:1E:13:7A:CA:B4:5C:12:64:1F:BF:44:C6:B0
+ 8A:83:E9:51:D7:32:B4:6F:3B:85:AF:1A:11:94:5C:B6:21:E5:5D:0F
X509v3 Authority Key Identifier:
- keyid:62:0A:5F:1E:BA:AD:0B:1E:13:7A:CA:B4:5C:12:64:1F:BF:44:C6:B0
+ keyid:8A:83:E9:51:D7:32:B4:6F:3B:85:AF:1A:11:94:5C:B6:21:E5:5D:0F
DirName:/C=US/ST=California/L=Menlo Park/O=pkg5/CN=ta5/emailAddress=ta5
- serial:E0:A1:00:60:AE:57:96:B2
+ serial:EC:86:C3:65:F9:7F:14:08
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
- 99:ed:98:00:f9:46:27:4d:de:ec:2f:4f:87:33:18:e6:25:e5:
- 45:ef:67:56:5d:24:42:b3:93:fd:3b:18:19:93:71:3c:24:88:
- c2:84:6c:e6:91:a8:42:9a:a0:7d:3c:96:0f:50:89:2c:25:ad:
- a0:d9:ee:d1:3c:37:da:75:17:6b:99:39:bc:5f:d4:82:7d:f0:
- cf:d5:02:5a:e7:26:8c:47:c0:33:8d:1b:9e:70:d3:99:71:38:
- 1e:1e:05:54:aa:26:5b:f7:6d:4a:b5:e0:0c:db:e1:af:52:7e:
- 66:7c:5f:a5:4e:19:e4:77:9c:65:10:ad:cf:97:d6:78:26:fc:
- 1c:c2
+ 32:f3:a4:fc:a0:a8:a7:64:a5:6a:6d:63:f0:ee:95:2f:2c:93:
+ f8:70:c8:d6:f7:ae:98:3a:c8:9b:bd:69:fa:26:87:f5:bd:1e:
+ 28:80:0b:03:13:33:87:99:33:52:2e:1a:0a:78:be:e5:0a:7a:
+ 1d:a0:44:1c:1c:7e:93:2e:dc:e6:f5:66:79:27:58:2f:ad:03:
+ d4:12:78:fa:d8:d7:f2:25:45:88:cf:ee:2a:c4:8a:f0:f3:8c:
+ 18:56:eb:4b:d5:58:53:77:24:53:7b:cd:75:fe:8c:1c:e0:d3:
+ 09:6e:e6:be:43:5c:b1:e5:71:58:65:4d:78:6d:01:bd:68:6c:
+ 72:64
-----BEGIN CERTIFICATE-----
-MIIDHDCCAoWgAwIBAgIJAOChAGCuV5ayMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+MIIDHDCCAoWgAwIBAgIJAOyGw2X5fxQIMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJr
MQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTUxEjAQBgkqhkiG9w0BCQEWA3Rh
-NTAeFw0xMTAxMjgwMjU0MjVaFw0xMzEwMjQwMjU0MjVaMGgxCzAJBgNVBAYTAlVT
+NTAeFw0xMTAzMjEwMDQ5MzRaFw0xMzEyMTUwMDQ5MzRaMGgxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQYXJrMQ0wCwYD
VQQKEwRwa2c1MQwwCgYDVQQDEwN0YTUxEjAQBgkqhkiG9w0BCQEWA3RhNTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAq86FoI7wRmB14riQOe8DqEeg13WjCd7d
-prLK4Trh+7tZNkOF4peJI4KObpO1dqpnVig3GorzT1D3WVA9Up2ysyg2tbHEz5JW
-1BSVPccEec2IrnKemm9JesKhvuU4wvxi72WrIHoCdFYNCYuGsmuGlwMEAlh8ARId
-5CcMYDQj9zUCAwEAAaOBzTCByjAdBgNVHQ4EFgQUYgpfHrqtCx4Tesq0XBJkH79E
-xrAwgZoGA1UdIwSBkjCBj4AUYgpfHrqtCx4Tesq0XBJkH79ExrChbKRqMGgxCzAJ
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzCe0wsGINuudxAJ5BI2OPYRyMpJ9d16H
+pxsZfQk+/4Pe3mSbA8SVZKMW77YzK9coP3CNgcMDr04E3uiGUYJ1gU4fl+FTdlgn
+YfIMLy660rf1arFmh4EseM+MdJIsLr2N7mjskuMNcxuCJz5EZ5ccQkYgZYlhrhsH
+HyBgPMIWJw8CAwEAAaOBzTCByjAdBgNVHQ4EFgQUioPpUdcytG87ha8aEZRctiHl
+XQ8wgZoGA1UdIwSBkjCBj4AUioPpUdcytG87ha8aEZRctiHlXQ+hbKRqMGgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRMwEQYDVQQHEwpNZW5sbyBQ
YXJrMQ0wCwYDVQQKEwRwa2c1MQwwCgYDVQQDEwN0YTUxEjAQBgkqhkiG9w0BCQEW
-A3RhNYIJAOChAGCuV5ayMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
-me2YAPlGJ03e7C9PhzMY5iXlRe9nVl0kQrOT/TsYGZNxPCSIwoRs5pGoQpqgfTyW
-D1CJLCWtoNnu0Tw32nUXa5k5vF/Ugn3wz9UCWucmjEfAM40bnnDTmXE4Hh4FVKom
-W/dtSrXgDNvhr1J+ZnxfpU4Z5HecZRCtz5fWeCb8HMI=
+A3RhNYIJAOyGw2X5fxQIMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEA
+MvOk/KCop2Slam1j8O6VLyyT+HDI1veumDrIm71p+iaH9b0eKIALAxMzh5kzUi4a
+Cni+5Qp6HaBEHBx+ky7c5vVmeSdYL60D1BJ4+tjX8iVFiM/uKsSK8POMGFbrS9VY
+U3ckU3vNdf6MHODTCW7mvkNcseVxWGVNeG0BvWhscmQ=
-----END CERTIFICATE-----
--- a/src/util/distro-import/importer.py Mon Apr 04 09:02:59 2011 -0700
+++ b/src/util/distro-import/importer.py Wed Apr 06 18:06:57 2011 -0700
@@ -56,7 +56,7 @@
from pkg.misc import emsg
from pkg.portable import PD_LOCAL_PATH, PD_PROTO_DIR, PD_PROTO_DIR_LIST
-CLIENT_API_VERSION = 53
+CLIENT_API_VERSION = 55
PKG_CLIENT_NAME = "importer.py"
pkg.client.global_settings.client_name = PKG_CLIENT_NAME