Mon, 03 Aug 2020 11:35:24 -0700
8243320: Add SSL root certificates to Oracle Root CA program
Reviewed-by: mullan
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/make/data/cacerts/sslrooteccca Mon Aug 03 11:35:24 2020 -0700 1.3 @@ -0,0 +1,23 @@ 1.4 +Owner: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US 1.5 +Issuer: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US 1.6 +Serial number: 75e6dfcbc1685ba8 1.7 +Valid from: Fri Feb 12 18:14:03 GMT 2016 until: Tue Feb 12 18:14:03 GMT 2041 1.8 +Signature algorithm name: SHA256withECDSA 1.9 +Subject Public Key Algorithm: 384-bit EC key 1.10 +Version: 3 1.11 +-----BEGIN CERTIFICATE----- 1.12 +MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC 1.13 +VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T 1.14 +U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0 1.15 +aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz 1.16 +WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0 1.17 +b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS 1.18 +b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB 1.19 +BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI 1.20 +7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg 1.21 +CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud 1.22 +EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD 1.23 +VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T 1.24 +kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+ 1.25 +gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl 1.26 +-----END CERTIFICATE-----
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 2.2 +++ b/make/data/cacerts/sslrootevrsaca Mon Aug 03 11:35:24 2020 -0700 2.3 @@ -0,0 +1,41 @@ 2.4 +Owner: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US 2.5 +Issuer: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US 2.6 +Serial number: 56b629cd34bc78f6 2.7 +Valid from: Wed May 31 18:14:37 GMT 2017 until: Fri May 30 18:14:37 GMT 2042 2.8 +Signature algorithm name: SHA256withRSA 2.9 +Subject Public Key Algorithm: 4096-bit RSA key 2.10 +Version: 3 2.11 +-----BEGIN CERTIFICATE----- 2.12 +MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV 2.13 +BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE 2.14 +CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy 2.15 +dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy 2.16 +MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G 2.17 +A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD 2.18 +DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy 2.19 +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq 2.20 +M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf 2.21 +OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa 2.22 +4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9 2.23 +HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR 2.24 +aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA 2.25 +b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ 2.26 +Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV 2.27 +PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO 2.28 +pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu 2.29 +UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY 2.30 +MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV 2.31 +HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4 2.32 +9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW 2.33 +s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5 2.34 +Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg 2.35 +cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM 2.36 +79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz 2.37 +/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt 2.38 +ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm 2.39 +Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK 2.40 +QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ 2.41 +w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi 2.42 +S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07 2.43 +mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w== 2.44 +-----END CERTIFICATE-----
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/make/data/cacerts/sslrootrsaca Mon Aug 03 11:35:24 2020 -0700 3.3 @@ -0,0 +1,41 @@ 3.4 +Owner: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US 3.5 +Issuer: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US 3.6 +Serial number: 7b2c9bd316803299 3.7 +Valid from: Fri Feb 12 17:39:39 GMT 2016 until: Tue Feb 12 17:39:39 GMT 2041 3.8 +Signature algorithm name: SHA256withRSA 3.9 +Subject Public Key Algorithm: 4096-bit RSA key 3.10 +Version: 3 3.11 +-----BEGIN CERTIFICATE----- 3.12 +MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE 3.13 +BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK 3.14 +DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp 3.15 +Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz 3.16 +OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv 3.17 +dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv 3.18 +bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN 3.19 +AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R 3.20 +xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX 3.21 +qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC 3.22 +C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3 3.23 +6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh 3.24 +/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF 3.25 +YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E 3.26 +JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc 3.27 +US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8 3.28 +ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm 3.29 ++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi 3.30 +M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV 3.31 +HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G 3.32 +A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV 3.33 +cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc 3.34 +Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs 3.35 +PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/ 3.36 +q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0 3.37 +cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr 3.38 +a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I 3.39 +H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y 3.40 +K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu 3.41 +nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf 3.42 +oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY 3.43 +Ic2wBlX7Jz9TkHCpBB5XJ7k= 3.44 +-----END CERTIFICATE-----
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 4.2 +++ b/test/security/infra/java/security/cert/CertPathValidator/certification/SSLCA.java Mon Aug 03 11:35:24 2020 -0700 4.3 @@ -0,0 +1,489 @@ 4.4 +/* 4.5 + * Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved. 4.6 + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4.7 + * 4.8 + * This code is free software; you can redistribute it and/or modify it 4.9 + * under the terms of the GNU General Public License version 2 only, as 4.10 + * published by the Free Software Foundation. 4.11 + * 4.12 + * This code is distributed in the hope that it will be useful, but WITHOUT 4.13 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 4.14 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 4.15 + * version 2 for more details (a copy is included in the LICENSE file that 4.16 + * accompanied this code). 4.17 + * 4.18 + * You should have received a copy of the GNU General Public License version 4.19 + * 2 along with this work; if not, write to the Free Software Foundation, 4.20 + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 4.21 + * 4.22 + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 4.23 + * or visit www.oracle.com if you need additional information or have any 4.24 + * questions. 4.25 + */ 4.26 + 4.27 +/* 4.28 + * @test 4.29 + * @bug 8243320 4.30 + * @summary Interoperability tests with SSL.com's RSA, EV RSA, and ECC CA 4.31 + * @build ValidatePathWithParams 4.32 + * @run main/othervm -Djava.security.debug=certpath SSLCA OCSP 4.33 + * @run main/othervm -Djava.security.debug=certpath SSLCA CRL 4.34 + */ 4.35 + 4.36 +/* 4.37 + * Obtain TLS test artifacts for SSL.com CAs from: 4.38 + * 4.39 + * SSL.com RSA CA 4.40 + * Valid - https://test-dv-rsa.ssl.com 4.41 + * Revoked - https://revoked-rsa-dv.ssl.com/ 4.42 + * SSL.com EV RSA CA 4.43 + * Valid - https://test-ev-rsa.ssl.com 4.44 + * Revoked - https://revoked-rsa-ev.ssl.com/ 4.45 + * SSL.com ECC CA 4.46 + * Valid - https://test-dv-ecc.ssl.com 4.47 + * Revoked - https://revoked-ecc-dv.ssl.com/ 4.48 + */ 4.49 +public class SSLCA { 4.50 + 4.51 + public static void main(String[] args) throws Exception { 4.52 + 4.53 + ValidatePathWithParams pathValidator = new ValidatePathWithParams(null); 4.54 + boolean ocspEnabled = false; 4.55 + 4.56 + if (args.length >= 1 && "CRL".equalsIgnoreCase(args[0])) { 4.57 + pathValidator.enableCRLCheck(); 4.58 + } else { 4.59 + // OCSP check by default 4.60 + pathValidator.enableOCSPCheck(); 4.61 + ocspEnabled = true; 4.62 + } 4.63 + 4.64 + new SSLCA_RSA().runTest(pathValidator, ocspEnabled); 4.65 + new SSLCA_EV_RSA().runTest(pathValidator, ocspEnabled); 4.66 + new SSLCA_ECC().runTest(pathValidator, ocspEnabled); 4.67 + } 4.68 +} 4.69 + 4.70 +class SSLCA_RSA { 4.71 + 4.72 + // Owner: CN=SSL.com RSA SSL subCA, O=SSL Corporation, L=Houston, ST=Texas, C=US 4.73 + // Issuer: CN=SSL.com Root Certification Authority RSA, O=SSL Corporation, L=Houston, ST=Texas, C=US 4.74 + // Serial number: 997ed109d1f07fc 4.75 + // Valid from: Fri Feb 12 10:48:52 PST 2016 until: Wed Feb 12 10:48:52 PST 2031 4.76 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + 4.77 + "MIIGbzCCBFegAwIBAgIICZftEJ0fB/wwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE\n" + 4.78 + "BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK\n" + 4.79 + "DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp\n" + 4.80 + "Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTg0ODUyWhcNMzEwMjEyMTg0\n" + 4.81 + "ODUyWjBpMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv\n" + 4.82 + "dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNv\n" + 4.83 + "bSBSU0EgU1NMIHN1YkNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\n" + 4.84 + "hPYpOunhcxiF6xNzl6Tsm/Q89rnu2jVTXTBOZPaBkSD1Ic4lm7qkYwlZ/UgV5nn1\n" + 4.85 + "5ohhceYDC2AlR9RvGbP+26qrNcuE0XOdHJOB4SoY4d6OqLAQ6ZB0LdERK1Saa5lp\n" + 4.86 + "QlqHE8936dpr3hGWyqMb2LsdUuhQIzwNkLU/n9HO35irKCbKgS3FeejqkdqK5l6B\n" + 4.87 + "b11693o4bz9UZCUdBcQ/Xz06tA5cfnHvYkmmjxhj1lLTKwkQhWuIDrpbwWLO0QVO\n" + 4.88 + "c29s9ieomRKm8sYMyiBG4QqRQ/+bXwp48cF0qAByGWD6b8/gG4Xq1IBgO5p+aWFS\n" + 4.89 + "0mszkk5rsh4b3XbTHohP3oWQIOV20WWdtVWXiQuBB8RocAl0Ga//b+epiGgME5JX\n" + 4.90 + "LWXD1aDg/xHy8MUsaMlh6jDfVIFepkPnkwXDpR/n36hpgKa9dErMkgbYeEaPanLH\n" + 4.91 + "Yd0kv4xQ36PlMMs9WhoDErGcEG9KxAXN4Axr5wl6PTDn/lXcUFvQoIq/5CSP+Kt5\n" + 4.92 + "jq9tK/gRrAc4AWqRugDvQPYUm00Rqzj5Oxm5NVQYDzbyoA66CD68LETuVrfa9GuW\n" + 4.93 + "9MAZRO6CDzonAezIdNHsslDb1H8VN/k0zMxjI+0ub4IAmc3I5GfZtvYcpjtMj8L4\n" + 4.94 + "2TDS34/COov/Pf2HZ/XXGlzjZ7WPmLl4fdB6hhjs2BsCAwEAAaOCAQYwggECMDAG\n" + 4.95 + "CCsGAQUFBwEBBCQwIjAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20w\n" + 4.96 + "HQYDVR0OBBYEFCYUfuDc16b34tQEJ99h8cLs5zLKMA8GA1UdEwEB/wQFMAMBAf8w\n" + 4.97 + "HwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUNplkwEQYDVR0gBAowCDAGBgRV\n" + 4.98 + "HSAAMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNv\n" + 4.99 + "bS1yc2EtUm9vdENBLmNybDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB\n" + 4.100 + "BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4ICAQAi6e/iSV5DEqDO6XjQ\n" + 4.101 + "SIIzXgc255yv6Oc2sqZnvRyVBHtHvo62jMoHY3Xunc/EofbeS4aHdYBvgkn6CNTj\n" + 4.102 + "VkCU+psWwcT3Pg83uP4k4Thu7bXvrClfS+XBlbJiCF/PSJxLrKnxRn+XIGiYl62H\n" + 4.103 + "glBhq9K8/fZrI2Qh1mZJmWE0FlxEDCb4i8SBNi8lmDogaFi8/yl32Z9ahmhxcLit\n" + 4.104 + "DU/XyKA0yOqvIrOGKH95v+/l8fQkzE1VEFvj+iyv4TXd7mRZDOsfqfIDZhrpou02\n" + 4.105 + "kXH/hcXlrR++t8kjj9wt8HHQ+FkryWI6bU3KPRJR6N8EH2EHi23Rp8/kyMs+gwaz\n" + 4.106 + "zMqnkNPbMME723rXk6/85sjOUaZCmhmRIx9rgqIWQesU962J0FruGOOasLT7WbZi\n" + 4.107 + "FsmSblmpjUAo49sIRi7X493qegyCEAa412ynybhQ7LVsTLEPxVbdmGVih3jVTif/\n" + 4.108 + "Nztr2Isaaz4LpMEo4mGCiGxec5mKr1w8AE9n6D91CvxR5/zL1VU1JCVC7sAtkdki\n" + 4.109 + "vnN1/6jEKFJvlUr5/FX04JXeomIjXTI8ciruZ6HIkbtJup1n9Zxvmr9JQcFTsP2c\n" + 4.110 + "bRbjaT7JD6MBidAWRCJWClR/5etTZwWwWrRCrzvIHC7WO6rCzwu69a+l7ofCKlWs\n" + 4.111 + "y702dmPTKEdEfwhgLx0LxJr/Aw==\n" + 4.112 + "-----END CERTIFICATE-----"; 4.113 + 4.114 + // Owner: CN=test-dv-rsa.ssl.com 4.115 + // Issuer: CN=SSL.com RSA SSL subCA, O=SSL Corporation, L=Houston, ST=Texas, C=US 4.116 + // Serial number: 4ceada4ade82a6ccd0b2ae32c0dbfd62 4.117 + // Valid from: Fri Jun 28 07:06:50 PDT 2019 until: Sun Jun 27 07:06:50 PDT 2021 4.118 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + 4.119 + "MIIHTjCCBTagAwIBAgIQTOraSt6CpszQsq4ywNv9YjANBgkqhkiG9w0BAQsFADBp\n" + 4.120 + "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + 4.121 + "GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg\n" + 4.122 + "U1NMIHN1YkNBMB4XDTE5MDYyODE0MDY1MFoXDTIxMDYyNzE0MDY1MFowHjEcMBoG\n" + 4.123 + "A1UEAwwTdGVzdC1kdi1yc2Euc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP\n" + 4.124 + "ADCCAQoCggEBAKlOrYr8fnHN8REfJDwgsBhJvnsU4beQIYYaOAzR8pmo8eq1U/K0\n" + 4.125 + "uwRrgJ5K61V78zBO5qmZNiivBobViftObWrq2H6QhQsYdMYXld3SEnEotIIriRHY\n" + 4.126 + "2PcqlgnFYXkqI0ZKs4kNs+j3GS0IwncJJwKtypmtLTCLK5J/kG7qB2MNfXZTIzKI\n" + 4.127 + "iZza4RUM1j67Hv3fPJzNEJ9urfjaI4xcRh5airlzBWOBU9pW87P7BgQN7cNzJQji\n" + 4.128 + "4DSvb1pSXv8sBbZk5fmG+81PyUxcfqj7Dbih0J1Aoq0YysHugsrK/kLz+CvqL9B2\n" + 4.129 + "a1JMZfob9jzcA7XPjpggLc3az2Wvv3XKqokCAwEAAaOCAzswggM3MB8GA1UdIwQY\n" + 4.130 + "MBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHwGCCsGAQUFBwEBBHAwbjBKBggrBgEF\n" + 4.131 + "BQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVN1YkNB\n" + 4.132 + "LVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5z\n" + 4.133 + "c2wuY29tMDcGA1UdEQQwMC6CE3Rlc3QtZHYtcnNhLnNzbC5jb22CF3d3dy50ZXN0\n" + 4.134 + "LWR2LXJzYS5zc2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkw\n" + 4.135 + "AQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRv\n" + 4.136 + "cnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDoGA1UdHwQzMDEwL6At\n" + 4.137 + "oCuGKWh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tUlNBU1NMc3ViQ0EuY3JsMB0G\n" + 4.138 + "A1UdDgQWBBQD/cmwQI853u0mOlmCjNRsAZOlEDAOBgNVHQ8BAf8EBAMCBaAwggF+\n" + 4.139 + "BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLY\n" + 4.140 + "gwDEe4l6qP3LAAABa55yL0QAAAQDAEcwRQIgWo8UQY3EYwyzkGLBLS0Zxu7oMmB7\n" + 4.141 + "dnpzsEcoexWzZrQCIQCR6FkAe5ns84x2phRkn6nV7a0anjnxjpJUNeCfc3/pxAB2\n" + 4.142 + "AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa55yLzsAAAQDAEcw\n" + 4.143 + "RQIhAKhGKQIpSd59tJm/Yac7Xo05u93CWbnDwoDgSMS+HBs5AiAfOSOc3BzY/2MF\n" + 4.144 + "AM4GWrkK5Ehs9JMafo/+VBM0OrwVKQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1\n" + 4.145 + "YMG06v9eoIMPAAABa55yL4IAAAQDAEcwRQIhANcF26iGoUuzZL6rGKduPtyyYusf\n" + 4.146 + "03lBKSyvxabB9WuvAiBNbxR210L+JP89s/ONw53lYVr+1m/c3u9/9Wpu7c3n5jAN\n" + 4.147 + "BgkqhkiG9w0BAQsFAAOCAgEACX2CbVM8MCIJ+2Wsap1v6VU2kpCS/FBIsLSTWNEf\n" + 4.148 + "dREv1nh93qQ2CPIxj5kP/0EOUfq7tmQCJHMODVgz3iHrdxRB1E58nXHlZ6vUdrCo\n" + 4.149 + "pD9d6Cp+AwvrOdv6MndVJgel9tVOAqAUblwdLzPNQHEcXoKnFEVv2SVQCmAYLlkP\n" + 4.150 + "xX2RS73gseiit4QnVZOWi/wDhqMm7/iq8n7rL/f7+ly2+7e3LVjxd24HZkgxNgbn\n" + 4.151 + "JDjYvIla+EvyrY8514Ru3Pf1UICY03VpYjE8R7SxrqcvOLtwvOVew6TuCUl6RNpl\n" + 4.152 + "xeC9Oa1dgf+QRXN7LvmBXUP2nOCnwJE1ENvThPLw9BXLatVJgkA/v/mYWE5VjzIL\n" + 4.153 + "hboPH2fNWemUv5QMzxUkqhgHgrhr8wnhI6xYIYciGDbmmfnItHex7bxktT7axoCD\n" + 4.154 + "3dTQQe01YfK/LlkHtnBmJf/t0F33m8KXcQ51fic/TR2U5Tampxp2kdFdTyvRRqMl\n" + 4.155 + "igqo3EhiPmB9bKsnXDA2AnvdjZT9uFwbUu5lNxjiMQcSZikjQAjJPgjCZ9BQOGbL\n" + 4.156 + "eqgZcw2CxWMxFSTLL3TIBlNL/0GpRlTvr3IGyvHEr7EESXKD+Ar8XW+4VlMc1s8F\n" + 4.157 + "cdtnus71s7wm+JUSXcM0WJUkRUvWqHlPi3Ucfe7k6x6BG9Mb42ECjorefPXvFu7v\n" + 4.158 + "OT4=\n" + 4.159 + "-----END CERTIFICATE-----"; 4.160 + 4.161 + // Owner: CN=revoked-rsa-dv.ssl.com 4.162 + // Issuer: CN=SSL.com RSA SSL subCA, O=SSL Corporation, L=Houston, ST=Texas, C=US 4.163 + // Serial number: 3f527e677d00558272ac90d1620b67f4 4.164 + // Valid from: Fri Jun 28 07:13:48 PDT 2019 until: Sun Jun 27 07:13:48 PDT 2021 4.165 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + 4.166 + "MIIHVzCCBT+gAwIBAgIQP1J+Z30AVYJyrJDRYgtn9DANBgkqhkiG9w0BAQsFADBp\n" + 4.167 + "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + 4.168 + "GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNvbSBSU0Eg\n" + 4.169 + "U1NMIHN1YkNBMB4XDTE5MDYyODE0MTM0OFoXDTIxMDYyNzE0MTM0OFowITEfMB0G\n" + 4.170 + "A1UEAwwWcmV2b2tlZC1yc2EtZHYuc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD\n" + 4.171 + "ggEPADCCAQoCggEBAMKtMVeo+fMoeu1nLrcwxNAdfUysNKEhNZbMUOu9pzCChEvJ\n" + 4.172 + "QHUicdrIZYl9m59uKUMh3Dj2nJLZ3a0pP4iWKcOEfCVMtA83/GDJl/BVj3XFbsMl\n" + 4.173 + "+HSIu7R0vQM4enOztLabnOzvE4pQOFUp8u5SKO+hmB0zQ1iWkevYjJOf5DBZ7Zsa\n" + 4.174 + "uF4qy9JqSF07gj/7FNqmqnfy6Z8yc8WAMjoUJrVrvmHQZeX/bCWxczFhYmAtYlwO\n" + 4.175 + "7a914VP79b3Jq60HbLbYBdILnuU1Uu5L/JbG+hm/fH2meY30aWUaKcGY04ej6xuM\n" + 4.176 + "hWsLhOrmcl3P7/E5UUojaR1Zvdtsn7jkQ8Y3iOsCAwEAAaOCA0EwggM9MB8GA1Ud\n" + 4.177 + "IwQYMBaAFCYUfuDc16b34tQEJ99h8cLs5zLKMHwGCCsGAQUFBwEBBHAwbjBKBggr\n" + 4.178 + "BgEFBQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVN1\n" + 4.179 + "YkNBLVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nw\n" + 4.180 + "cy5zc2wuY29tMD0GA1UdEQQ2MDSCFnJldm9rZWQtcnNhLWR2LnNzbC5jb22CGnd3\n" + 4.181 + "dy5yZXZva2VkLXJzYS1kdi5zc2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwG\n" + 4.182 + "DCsGAQQBgqkwAQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29t\n" + 4.183 + "L3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDoGA1Ud\n" + 4.184 + "HwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tUlNBU1NMc3Vi\n" + 4.185 + "Q0EuY3JsMB0GA1UdDgQWBBSTrHG0Sh+8BEp+oP+avIGAtSdyajAOBgNVHQ8BAf8E\n" + 4.186 + "BAMCBaAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AESUZS6w7s6vxEAH2Kj+\n" + 4.187 + "KMDa5oK+2MsxtT/TM5a1toGoAAABa554kQsAAAQDAEcwRQIhAIfU+5HWDnqZdlMN\n" + 4.188 + "Z+CEkBE8wBFUWzG0ixSQ5S1Tryt4AiAQevLU7OF3N90zIt2QpwVAIGve5lBElhMH\n" + 4.189 + "fRqXTkeZZwB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa554\n" + 4.190 + "jJQAAAQDAEcwRQIhAPd8mNiDFHA74Bl16nwOPehQZmiFltzCYDsd0uHv5qCfAiB+\n" + 4.191 + "S43G7Yhq62Ofma6wXsag+UEl/tttzfbfASGz1WPBOQB2AKS5CZC0GFgUh7sTosxn\n" + 4.192 + "cAo8NZgE+RvfuON3zQ7IDdwQAAABa554kDoAAAQDAEcwRQIgUs8O4gQ34Sp0K4Dn\n" + 4.193 + "Wh7FRFJWwZ6cGYvqmKT+UyCeVisCIQDl0AYXsn4ILMafvmJwnXlcduZ3z6P0jwGK\n" + 4.194 + "Cjh26ETDFzANBgkqhkiG9w0BAQsFAAOCAgEAAtTlh2YMwe6E0+EWKU3H79NmgLjK\n" + 4.195 + "xoR3VtT56ILRt0qJuJ+z1iqq/IxZBe7wnUUWU46SWmBfDEQcGI7Hdomr67QBZNZz\n" + 4.196 + "+wvnatMzrCPM7jPsb05Motz99NSk6yzQzR2c030sy1d78mRKJ/4wpidNDHpjuYL9\n" + 4.197 + "cBp2gKf2/RxU74+BhugCjLqB1gojGO0CT1/g5a1QMtqRMM0EPrJrrtcEM0zG48yI\n" + 4.198 + "P3b57Nl2ZbshRvY9bVi3of2SaPFQgu99/zAlerPUThz4O2CskOgKt77y6KOgCbBp\n" + 4.199 + "7fQF6vh/aOm0Xba2Z0CtB+uVN2g4+LwyuovOy+JyjGKv7GxRKEQmGZsRLDVpxOs5\n" + 4.200 + "W47K+iuOEhTRWRkStfuk2LcCLwTrgxHv2/Wo+80ME/7wxGKs1IzlkcFtFLhaeN4p\n" + 4.201 + "QsmADpcyBfeWmvTdKgaVBOE2F/nenIiKpo+0jcoMAW6JgMD+otn8gofBq+Za1N4X\n" + 4.202 + "xckvLWbMDAj4lELBHXu7gLHHLJCL9GGPD5HKjH/RyLtKKaRgT/AV6jl/woKTAzGF\n" + 4.203 + "SPqgNQsu+sCdUbO0nDONkXDxhfan8XNrd32KMPGucJySiyjpHkurobMuGbs/LQzd\n" + 4.204 + "JLTSTIIIPpEHBk7PHRGPSFewIhi0aDhupgZLU9UGrLRw/xV/KlGqTcGFWBvvOC+I\n" + 4.205 + "CSZFRr0hWBv/dfw=\n" + 4.206 + "-----END CERTIFICATE-----"; 4.207 + 4.208 + public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { 4.209 + // Validate valid 4.210 + pathValidator.validate(new String[]{VALID, INT}, 4.211 + ValidatePathWithParams.Status.GOOD, null, System.out); 4.212 + 4.213 + // Validate Revoked 4.214 + pathValidator.validate(new String[]{REVOKED, INT}, 4.215 + ValidatePathWithParams.Status.REVOKED, 4.216 + "Fri Jun 28 07:25:02 PDT 2019", System.out); 4.217 + } 4.218 +} 4.219 + 4.220 +class SSLCA_EV_RSA { 4.221 + 4.222 + // Owner: CN=SSL.com EV SSL Intermediate CA RSA R3, O=SSL Corp, L=Houston, ST=Texas, C=US 4.223 + // Issuer: CN=SSL.com EV Root Certification Authority RSA R2, O=SSL Corporation, L=Houston, ST=Texas, C=US 4.224 + // Serial number: 56b629cd34bc78f6 4.225 + // Valid from: Wed May 31 11:14:37 PDT 2017 until: Fri May 30 11:14:37 PDT 2042 4.226 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + 4.227 + "MIIG4DCCBMigAwIBAgIQA6P00GAwUqM3zjgKiDAxjDANBgkqhkiG9w0BAQsFADCB\n" + 4.228 + "gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u\n" + 4.229 + "MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg\n" + 4.230 + "Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkwMzI2MTc0\n" + 4.231 + "NjUzWhcNMzQwMzIyMTc0NjUzWjByMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4\n" + 4.232 + "YXMxEDAOBgNVBAcMB0hvdXN0b24xETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQD\n" + 4.233 + "DCVTU0wuY29tIEVWIFNTTCBJbnRlcm1lZGlhdGUgQ0EgUlNBIFIzMIICIjANBgkq\n" + 4.234 + "hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkby+CNUTyO0wakMc6VeJxQLGcTtfwJG6\n" + 4.235 + "W9MYhMBWW22YUMtfCL7at/ey89eCc0cNy9uekJqitJe78Ion5qHBLfSpahYWttzr\n" + 4.236 + "LflXkdlPz6xsZuw7F/tp6oYrcUpRIX92ci0EhORtb5xoX7rwzrBnG2Jv7fPn8JGj\n" + 4.237 + "wmvYPS0meVkuKGtdR/s3dkl0tDraq2xti8cN7W9VawzLDL9yNyEw2GWAp3M5Uqex\n" + 4.238 + "Yjh9HY5w/4bgk7K0KSw+2njaXCEa2MugM6txHDKjocVFBe7G8JPMKkCcbbrgZo/q\n" + 4.239 + "ygTnIY8q7B1XQG2wrdsu4LTo9ijIYmoZHBAKN/XCdPecQYF9cHrv6NjVUcMrNmHT\n" + 4.240 + "B43NrIvrXmm3lZJU4PZNUhb7YrDtpN+rV6zSaKAu/EArGDzYv8iHKT2E+wjhwqOC\n" + 4.241 + "WnXv1qSa//xvN6RSoDMpj7q7iTxfdrQqRFsr70hyPrUmnoJLrBBg1+IqFTkaNtuk\n" + 4.242 + "misP4Bd0zeqkEuxYCmhKcCTM2iS9RMCIot5HI5qeAcVs63WzM+ax0zbHK1F9AIOG\n" + 4.243 + "gwrVRrdwXRSXO4TlvamsL6klJMnjSCs7E1l8xeE403nZPp4RGr5ZQFrhfdG9nL7w\n" + 4.244 + "66osGX+dGHGZkFjASS3Bw0RCiz4oCJxFGE+FAD7pJaV8GP6XTkaZp9n1ooYzCC48\n" + 4.245 + "vq0OtfRS62MCAwEAAaOCAV8wggFbMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j\n" + 4.246 + "BBgwFoAU+WC71OPVNPa49QaAJadz20ZpqJ4wfAYIKwYBBQUHAQEEcDBuMEoGCCsG\n" + 4.247 + "AQUFBzAChj5odHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tUm9v\n" + 4.248 + "dENBLUVWLVJTQS00MDk2LVIyLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3Bz\n" + 4.249 + "LnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMC\n" + 4.250 + "BggrBgEFBQcDATBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3Jscy5zc2wuY29t\n" + 4.251 + "L1NTTGNvbS1Sb290Q0EtRVYtUlNBLTQwOTYtUjIuY3JsMB0GA1UdDgQWBBS/wVqH\n" + 4.252 + "/yj6QT39t0/kHa+gYVgpvTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD\n" + 4.253 + "ggIBAAoTAGRea1Lg+Rlvnhj6lHbvhn9mjUlXZuI1b4d4jDDk5X29gNKhW7Rg97Qt\n" + 4.254 + "oBoJaLb9gZkJ2MkUbCE1x2jIghjLmmFvaIq+nAZEMtWWEi0ycqQm8rVUHioZ2Mfn\n" + 4.255 + "2SoFtQeY+5MFLO9l8IeDaNZ+LV3su8YTsh/453vExhiNhPVEqLyGlkkW0B2gNW8z\n" + 4.256 + "bsRy6L5QW0cZ4gZrY86MvHB0Gl299mTJ4jcgic+Oalbz9SZJ+EiW/aUDSpZ2zawi\n" + 4.257 + "ackPWmAbk0y0gouOymrwOJZTuq+AJEJ6M+WSVdknwE7YwDpVMszHXS38BS1A5N1i\n" + 4.258 + "rzW3BcARHbtCb00vEy2mzW5JPM2LjkzfgJ0lBiyDCE3ZeBeUtKmcdFUFrHwHl3gV\n" + 4.259 + "aRipD+xMa1hGOTh33eMzwWoRxvk6o7y73Sy6XBfycN+8LhXUZT0X8STmWtBtLSMp\n" + 4.260 + "blWMjuuFyUVQvIj05N7hORY/LhdQhEx8kVwS5RkLVSpRnohdk+nI69yIA7EwZKlw\n" + 4.261 + "kKEsDqlVOeDYWVWQANDC55kJ7nOyJbqtGJqImwWXdQcf37fi80cf+mKOYs5vNmkx\n" + 4.262 + "D9bwFWsKnP71x0liSlv8z79vRAo8FJwTgXRNO1c0ACf0rXEJy3GRAXRWiTvuGahR\n" + 4.263 + "JVM3Jnn0G6o3+vTfwa7CKR/9Jc4t25iRU3xmSgiusg4u8i5x\n" + 4.264 + "-----END CERTIFICATE-----"; 4.265 + 4.266 + // Owner: OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.1.3.6.1.4.1.311.60.2.1.2=Nevada, STREET=3100 Richmond Ave, 4.267 + // OID.2.5.4.15=Private Organization, OID.2.5.4.17=77098, CN=test-ev-rsa.ssl.com, SERIALNUMBER=NV20081614243, 4.268 + // O=SSL Corp, L=Houston, ST=Texas, C=US 4.269 + // Issuer: CN=SSL.com EV SSL Intermediate CA RSA R3, O=SSL Corp, L=Houston, ST=Texas, C=US 4.270 + // Serial number: 558089b221d7cd9c7a4bc4a7fd7e2969 4.271 + // Valid from: Mon Jul 01 13:28:01 PDT 2019 until: Wed Jun 30 13:28:01 PDT 2021 4.272 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + 4.273 + "MIIISTCCBjGgAwIBAgIQVYCJsiHXzZx6S8Sn/X4paTANBgkqhkiG9w0BAQsFADBy\n" + 4.274 + "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + 4.275 + "ETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQDDCVTU0wuY29tIEVWIFNTTCBJbnRl\n" + 4.276 + "cm1lZGlhdGUgQ0EgUlNBIFIzMB4XDTE5MDcwMTIwMjgwMVoXDTIxMDYzMDIwMjgw\n" + 4.277 + "MVowgfExCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91\n" + 4.278 + "c3RvbjERMA8GA1UECgwIU1NMIENvcnAxFjAUBgNVBAUTDU5WMjAwODE2MTQyNDMx\n" + 4.279 + "HDAaBgNVBAMME3Rlc3QtZXYtcnNhLnNzbC5jb20xDjAMBgNVBBEMBTc3MDk4MR0w\n" + 4.280 + "GwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEaMBgGA1UECQwRMzEwMCBSaWNo\n" + 4.281 + "bW9uZCBBdmUxFzAVBgsrBgEEAYI3PAIBAgwGTmV2YWRhMRMwEQYLKwYBBAGCNzwC\n" + 4.282 + "AQMTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmMOHfREGN48\n" + 4.283 + "nlgxYiF0EJsytoM98UAslRRlGHJyZw3SLcPx9u/I82h0KKjLtnY3/o62mCoEZYlc\n" + 4.284 + "1UKKEIi3NgByU8yJ0yynm3I0LJHEZqOKoahtzwP787/OtqsSsWeblrTnfxVO7G1J\n" + 4.285 + "bPYrPtNuQ9ZnmByyhA+hlTIY48kJh5WtmBeftBSynuKCgpVnkv2y2LKZJc4t6JQX\n" + 4.286 + "XO6Geev8LPUd2uPVjatZv0se2YKdixFQQKwWcLJV5LZqjZDhZtPomCN0sp+wle4p\n" + 4.287 + "rRTZPSWRB98mI1X+UBTFGFKS9cxzO2NwmVcbgN2WYR+FpWbatoS/RThGC7mKQB7i\n" + 4.288 + "5BEQHNZMawIDAQABo4IDWTCCA1UwHwYDVR0jBBgwFoAUv8Fah/8o+kE9/bdP5B2v\n" + 4.289 + "oGFYKb0wfwYIKwYBBQUHAQEEczBxME0GCCsGAQUFBzAChkFodHRwOi8vd3d3LnNz\n" + 4.290 + "bC5jb20vcmVwb3NpdG9yeS9TU0xjb20tU3ViQ0EtRVYtU1NMLVJTQS00MDk2LVIz\n" + 4.291 + "LmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wNwYDVR0RBDAw\n" + 4.292 + "LoITdGVzdC1ldi1yc2Euc3NsLmNvbYIXd3d3LnRlc3QtZXYtcnNhLnNzbC5jb20w\n" + 4.293 + "XwYDVR0gBFgwVjAHBgVngQwBATANBgsqhGgBhvZ3AgUBATA8BgwrBgEEAYKpMAED\n" + 4.294 + "AQQwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5\n" + 4.295 + "MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBIBgNVHR8EQTA/MD2gO6A5\n" + 4.296 + "hjdodHRwOi8vY3Jscy5zc2wuY29tL1NTTGNvbS1TdWJDQS1FVi1TU0wtUlNBLTQw\n" + 4.297 + "OTYtUjMuY3JsMB0GA1UdDgQWBBTIDVTF3DDhdwudatuodPyHe1jcOzAOBgNVHQ8B\n" + 4.298 + "Af8EBAMCBaAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB1AG9Tdqwx8DEZ2JkA\n" + 4.299 + "pFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa69CQcUAAAQDAEYwRAIgEYzpfp8v+gG3\n" + 4.300 + "S9cgZIuFCKPeoSM85gag8/iBJhNIb9oCIDcq+2Pi8+E3LAVmZfgcMhg30t821LNn\n" + 4.301 + "PWATU5+gAmmzAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFr\n" + 4.302 + "r0JCCQAABAMARjBEAiAzeyNw/2osk+xktY8VpFTsROj7jRODS2G3G2MDV6ZmMwIg\n" + 4.303 + "bwuFbNxSEqUfKhveZJVVLYzZtzXcjkhflaazupumZrkAdwC72d+8H4pxtZOUI5eq\n" + 4.304 + "kntHOFeVCqtS6BqQlmQ2jh7RhQAAAWuvQkGUAAAEAwBIMEYCIQCEfoPIKoy0Rv/d\n" + 4.305 + "DXOVm0FzKDH2zWHN/oQZ/7gwd21hvAIhAL2gDESf+tcjCkbjdj9NpDa/fVWO9VZD\n" + 4.306 + "uPPnAZ6jf2G3MA0GCSqGSIb3DQEBCwUAA4ICAQAcYH/+o9N0E3H9h0GfohGElfRw\n" + 4.307 + "XPUnQI3/CZwuG0ShCbpVspvUkuR/P0Hjr9XgDVy39R9SOaEDK3/coG8/Ry56Lrm0\n" + 4.308 + "17v+yeEzAVK51eQeinHoCYc9TIwmyrwt36JE/zIwnDB623Y4ccxYN5LZxjVx668/\n" + 4.309 + "xj3JffaY5185qPjAqkjLUzj9TeeAJk/ws1YXbQJvO4CZV2QXrishC+dEoqvfOe/u\n" + 4.310 + "sMHcMJy+cFrPhe4cC7s9fHeYTpF36yvfWrgjGwDki/9zgRhOvDuM72dIMkrcHkZi\n" + 4.311 + "OvZMgyoXz/Nw3D514K9BSt6xRB2qGzI8fx0EOGzEEjX1Zdie2uVDy9aC8k8TjQAM\n" + 4.312 + "v/YT7Bggpv300hWvBGw0QT8l7Nk1PZFBagAhqRCKRsR1pUZ8CyZzwNkNyUSYV4Or\n" + 4.313 + "n0vYwVEgpMeSMu/ObWwWPM7QKSNcSSIV5lxmsZX+wS76OpDMHm27P94RTEePF4sG\n" + 4.314 + "QmvY6hgHSlREJUL0vyGGY2Rbm3cL3zaM4qTquN18v61uUVKakELYIcRZwVTyBj5M\n" + 4.315 + "KxOkjGXnLYpDOLFHD4WB1q7J+SorG43V+nbmTEN5fshGUjjWoz5ykfErnyJa1+Py\n" + 4.316 + "FXWoPFb425DelhuDe94btROuJELRfzhqDXoKrhDgSQGV2qM3sk6uIPOaoH4N31ko\n" + 4.317 + "C41bezSdJ5r4mif8iA==\n" + 4.318 + "-----END CERTIFICATE-----"; 4.319 + 4.320 + // Owner: OID.1.3.6.1.4.1.311.60.2.1.3=US, OID.1.3.6.1.4.1.311.60.2.1.2=Nevada, STREET=3100 Richmond Ave, 4.321 + // OID.2.5.4.15=Private Organization, OID.2.5.4.17=77098, CN=revoked-rsa-ev.ssl.com, SERIALNUMBER=NV20081614243, 4.322 + // O=SSL Corp, L=Houston, ST=Texas, C=US 4.323 + // Issuer: CN=SSL.com EV SSL Intermediate CA RSA R3, O=SSL Corp, L=Houston, ST=Texas, C=US 4.324 + // Serial number: 1ea7f53492bded2d425135bdf525889f 4.325 + // Valid from: Mon Jul 01 13:29:02 PDT 2019 until: Wed Jun 30 13:29:02 PDT 2021 4.326 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + 4.327 + "MIIIUzCCBjugAwIBAgIQHqf1NJK97S1CUTW99SWInzANBgkqhkiG9w0BAQsFADBy\n" + 4.328 + "MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x\n" + 4.329 + "ETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQDDCVTU0wuY29tIEVWIFNTTCBJbnRl\n" + 4.330 + "cm1lZGlhdGUgQ0EgUlNBIFIzMB4XDTE5MDcwMTIwMjkwMloXDTIxMDYzMDIwMjkw\n" + 4.331 + "MlowgfQxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91\n" + 4.332 + "c3RvbjERMA8GA1UECgwIU1NMIENvcnAxFjAUBgNVBAUTDU5WMjAwODE2MTQyNDMx\n" + 4.333 + "HzAdBgNVBAMMFnJldm9rZWQtcnNhLWV2LnNzbC5jb20xDjAMBgNVBBEMBTc3MDk4\n" + 4.334 + "MR0wGwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjEaMBgGA1UECQwRMzEwMCBS\n" + 4.335 + "aWNobW9uZCBBdmUxFzAVBgsrBgEEAYI3PAIBAgwGTmV2YWRhMRMwEQYLKwYBBAGC\n" + 4.336 + "NzwCAQMTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqZwW2n7\n" + 4.337 + "Ot8ujRGyCkzf/FqkiIi6+mq7QXlBMsZVNmLcWzatoS9K8WOviU+lmYpdV3rkrX1v\n" + 4.338 + "e/FZBwtBR/x1FRN3CPoGcO0Yu6CZjknHtyyNQ36mwUy7UW+rQKYjDfU4aXme4bP8\n" + 4.339 + "Dk2rUYQtM/xpYHKDk9x7Vg4zAmk+L0LQmSU0103DRuANnxOszEK196UbLE4W+2+i\n" + 4.340 + "Xat40jHW3KU2PxVfCajgB1mdrDt2b5j/qDAL+Wo2DzCtE62UPJvI6UyEqJ24jinS\n" + 4.341 + "A4l4NgkMPDMWNU5QIkV/EhQvZMUKCvNUv+Gsq8pcOeDXxKpBIe/KoQSMH18mym1U\n" + 4.342 + "vIaTjAzDDsWjqwIDAQABo4IDYDCCA1wwHwYDVR0jBBgwFoAUv8Fah/8o+kE9/bdP\n" + 4.343 + "5B2voGFYKb0wfwYIKwYBBQUHAQEEczBxME0GCCsGAQUFBzAChkFodHRwOi8vd3d3\n" + 4.344 + "LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tU3ViQ0EtRVYtU1NMLVJTQS00MDk2\n" + 4.345 + "LVIzLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wPQYDVR0R\n" + 4.346 + "BDYwNIIWcmV2b2tlZC1yc2EtZXYuc3NsLmNvbYIad3d3LnJldm9rZWQtcnNhLWV2\n" + 4.347 + "LnNzbC5jb20wXwYDVR0gBFgwVjAHBgVngQwBATANBgsqhGgBhvZ3AgUBATA8Bgwr\n" + 4.348 + "BgEEAYKpMAEDAQQwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9y\n" + 4.349 + "ZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBIBgNVHR8E\n" + 4.350 + "QTA/MD2gO6A5hjdodHRwOi8vY3Jscy5zc2wuY29tL1NTTGNvbS1TdWJDQS1FVi1T\n" + 4.351 + "U0wtUlNBLTQwOTYtUjMuY3JsMB0GA1UdDgQWBBQnclOL04VraXmRZEkhwgMbajmy\n" + 4.352 + "YTAOBgNVHQ8BAf8EBAMCBaAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3AG9T\n" + 4.353 + "dqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa69DLjEAAAQDAEgwRgIh\n" + 4.354 + "AMd3B9Gt/hpTCZ+2xsOTTKBaDjh+EsMcKuwZkEpO6UN0AiEA8yiZ9ZIrCOUxsdQp\n" + 4.355 + "FJi+MtsNQxvgu8igdv+l34jHZA0AdgCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDB\n" + 4.356 + "tOr/XqCDDwAAAWuvQy52AAAEAwBHMEUCIQCFPALMZd6xk4NgYuTXoJGo/FRX0Wub\n" + 4.357 + "VWSgTZQwld5fTQIgDDp8vajs+7R7XyKOv41xP26NQ3zR4EegwOGeb0paiIIAdQC7\n" + 4.358 + "2d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWuvQy4MAAAEAwBGMEQC\n" + 4.359 + "IGFiEQ8fMrjm1bV/mbT35bvJWf4mUbb92/NkHkQvHcaQAiBcS4CclZmzQLj4w6CV\n" + 4.360 + "JsLf1P6+OhCDtvxWZdndGwJRczANBgkqhkiG9w0BAQsFAAOCAgEAFwE/RMAk871D\n" + 4.361 + "acLlB0Jb29+WBmCgIu1pA+bh5/lMxn5KoPxkbHPFVHlfenDgZHUNU6DKH4HdCUG7\n" + 4.362 + "GSAyajLiYRkcrDtBfp5MtNUAqnOJbh2NWiJ3FgSdAjfeSXPhhGfQ3U+0YCWarBfO\n" + 4.363 + "xZ49eyhTzhHMoW+caJV3jC442Ebzh2X243MwcxqIkjgzWs6duiHnpHfT9gZBl3ou\n" + 4.364 + "eu85LVFwzxNdrrAx1yG9PA05wCsYYlzwx7fC8ycfbvs+2ORIztiEScyr9VCg5sho\n" + 4.365 + "YGuBFuP38sWRwiV5K7+EqpGjY+4R3BLWol7lzWsqWJC1J4zkd6Df5reSGBt0wlbx\n" + 4.366 + "7MdUTXzHMtP8NDIYpdMBrPbkzOKIDzO6bDMsBWWFz7rWCmxUI6sSf0yknPtmBgCd\n" + 4.367 + "rJAq25V/DqSRGrkaY4Dx1CPGtwYN34fCDLxKeN69rG5mkR2w7HRR5eMXek6oi3Pr\n" + 4.368 + "hQrKt5NgrYjO6HJ6ABI5xoDM9doXy9BYbz5RX43RTU399aIqyXZh0d3W0rr7wggt\n" + 4.369 + "+PFRU1OJqhpPQgKsB5zFT3G2HgVBD0hawHS+0Hu+CHpngiDziH+eyvTk3tdhIq2x\n" + 4.370 + "oDZXs7SSZK6hf/im+7OFSkROy6CwhAn3nxRI9lpag1tTgF4kVSctBv+301ev0twX\n" + 4.371 + "0w6RymKcvEbcuSDHkzOYWxc1cqwOxjA=\n" + 4.372 + "-----END CERTIFICATE-----"; 4.373 + 4.374 + public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { 4.375 + // Validate valid 4.376 + pathValidator.validate(new String[]{VALID, INT}, 4.377 + ValidatePathWithParams.Status.GOOD, null, System.out); 4.378 + 4.379 + // Validate Revoked 4.380 + pathValidator.validate(new String[]{REVOKED, INT}, 4.381 + ValidatePathWithParams.Status.REVOKED, 4.382 + "Mon Jul 01 20:53:13 PDT 2019", System.out); 4.383 + } 4.384 +} 4.385 + 4.386 +class SSLCA_ECC { 4.387 + 4.388 + // Owner: CN=SSL.com SSL Intermediate CA ECC R2, O=SSL Corp, L=Houston, ST=Texas, C=US 4.389 + // Issuer: CN=SSL.com Root Certification Authority ECC, O=SSL Corporation, L=Houston, ST=Texas, C=US 4.390 + // Serial number: 75e6dfcbc1685ba8 4.391 + // Valid from: Fri Feb 12 10:14:03 PST 2016 until: Tue Feb 12 10:14:03 PST 2041 4.392 + private static final String INT = "-----BEGIN CERTIFICATE-----\n" + 4.393 + "MIIDejCCAv+gAwIBAgIQHNcSEt4VENkSgtozEEoQLzAKBggqhkjOPQQDAzB8MQsw\n" + 4.394 + "CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW\n" + 4.395 + "BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl\n" + 4.396 + "cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTQyNDJaFw0zNDAz\n" + 4.397 + "MDMxOTQyNDJaMG8xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UE\n" + 4.398 + "BwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxKzApBgNVBAMMIlNTTC5jb20g\n" + 4.399 + "U1NMIEludGVybWVkaWF0ZSBDQSBFQ0MgUjIwdjAQBgcqhkjOPQIBBgUrgQQAIgNi\n" + 4.400 + "AASEOWn30uEYKDLFu4sCjFQ1VupFaeMtQjqVWyWSA7+KFljnsVaFQ2hgs4cQk1f/\n" + 4.401 + "RQ2INSwdVCYU0i5qsbom20rigUhDh9dM/r6bEZ75eFE899kSCI14xqThYVLPdLEl\n" + 4.402 + "+dyjggFRMIIBTTASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFILRhXMw\n" + 4.403 + "5zUE044CkvvlpNHEIejNMHgGCCsGAQUFBwEBBGwwajBGBggrBgEFBQcwAoY6aHR0\n" + 4.404 + "cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVJvb3RDQS1FQ0MtMzg0\n" + 4.405 + "LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wEQYDVR0g\n" + 4.406 + "BAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNV\n" + 4.407 + "HR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tZWNjLVJv\n" + 4.408 + "b3RDQS5jcmwwHQYDVR0OBBYEFA10Zgpen+Is7NXCXSUEf3Uyuv99MA4GA1UdDwEB\n" + 4.409 + "/wQEAwIBhjAKBggqhkjOPQQDAwNpADBmAjEAxYt6Ylk/N8Fch/3fgKYKwI5A011Q\n" + 4.410 + "MKW0h3F9JW/NX/F7oYtWrxljheH8n2BrkDybAjEAlCxkLE0vQTYcFzrR24oogyw6\n" + 4.411 + "VkgTm92+jiqJTO5SSA9QUa092S5cTKiHkH2cOM6m\n" + 4.412 + "-----END CERTIFICATE-----"; 4.413 + 4.414 + // Owner: CN=test-dv-ecc.ssl.com 4.415 + // Issuer: CN=SSL.com SSL Intermediate CA ECC R2, O=SSL Corp, L=Houston, ST=Texas, C=US 4.416 + // Serial number: 1bfbd8e4bea894f3d1887c50e7d366d7 4.417 + // Valid from: Fri Jun 28 06:58:27 PDT 2019 until: Sun Jun 27 06:58:27 PDT 2021 4.418 + private static final String VALID = "-----BEGIN CERTIFICATE-----\n" + 4.419 + "MIIE9TCCBHqgAwIBAgIQG/vY5L6olPPRiHxQ59Nm1zAKBggqhkjOPQQDAzBvMQsw\n" + 4.420 + "CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xETAP\n" + 4.421 + "BgNVBAoMCFNTTCBDb3JwMSswKQYDVQQDDCJTU0wuY29tIFNTTCBJbnRlcm1lZGlh\n" + 4.422 + "dGUgQ0EgRUNDIFIyMB4XDTE5MDYyODEzNTgyN1oXDTIxMDYyNzEzNTgyN1owHjEc\n" + 4.423 + "MBoGA1UEAwwTdGVzdC1kdi1lY2Muc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49\n" + 4.424 + "AwEHA0IABJ5u0b8BID+8+TKxn+os0rdwvWB7mUJ4lcCthTADMhnr1VUWBbmBEelB\n" + 4.425 + "666WbvbVXooPMUbhE5JvhXCTDyI7RRmjggNHMIIDQzAfBgNVHSMEGDAWgBQNdGYK\n" + 4.426 + "Xp/iLOzVwl0lBH91Mrr/fTB7BggrBgEFBQcBAQRvMG0wSQYIKwYBBQUHMAKGPWh0\n" + 4.427 + "dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbS1TdWJDQS1TU0wtRUND\n" + 4.428 + "LTM4NC1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMDcG\n" + 4.429 + "A1UdEQQwMC6CE3Rlc3QtZHYtZWNjLnNzbC5jb22CF3d3dy50ZXN0LWR2LWVjYy5z\n" + 4.430 + "c2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkwAQMBATAsMCoG\n" + 4.431 + "CCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkwHQYDVR0l\n" + 4.432 + "BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6\n" + 4.433 + "Ly9jcmxzLnNzbC5jb20vU1NMY29tLVN1YkNBLVNTTC1FQ0MtMzg0LVIyLmNybDAd\n" + 4.434 + "BgNVHQ4EFgQUGCTbprTbVmmNOgJjUgiHonbu8b8wDgYDVR0PAQH/BAQDAgeAMIIB\n" + 4.435 + "gQYKKwYBBAHWeQIEAgSCAXEEggFtAWsAdwCHdb/nWXz4jEOZX73zbv9WjUdWNv9K\n" + 4.436 + "tWDBtOr/XqCDDwAAAWueaoEnAAAEAwBIMEYCIQCdy3N9w0pem1XShE/rkVSpHxQb\n" + 4.437 + "8QdUu3E6R+oncxOGXgIhAJoWg2gJYc9DWDl5ImnrqsmVS6OPgSQRvDsjRIN9gH7a\n" + 4.438 + "AHcAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e0YUAAAFrnmqArQAABAMA\n" + 4.439 + "SDBGAiEAs2yfi9e1h6dTQbe4WPd7+5qf7kvP7Vr2k0nAtBS1IgECIQCQYL9he9J4\n" + 4.440 + "Bh5cpQezTVPgLAOGcf5xIcCrBs1QJe66/AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4\n" + 4.441 + "cCUIFy+jqh0HE9MMAAABa55qgaEAAAQDAEgwRgIhAI/27txsvzpbBXkMICi/UOzE\n" + 4.442 + "t8uZidbF9KSwmGRPT/6gAiEAhm/VeWHDeWK8gFMU+f0/x4jK7UbzySGBvPzbPpNd\n" + 4.443 + "EDwwCgYIKoZIzj0EAwMDaQAwZgIxAJKn8Hr68Z/2rA+VHfZo8eeIFaZ3nvSvQO92\n" + 4.444 + "1Byl6cPAm8DsdCnYT16uNSL8Zb5IQAIxAOFLsqPDCSAYkpgutAnVgwI+c549SIRU\n" + 4.445 + "k8ol+wUx6zgMmt8VHYagyj6IO0GRDjm/eA==\n" + 4.446 + "-----END CERTIFICATE-----"; 4.447 + 4.448 + // Owner: CN=revoked-ecc-dv.ssl.com 4.449 + // Issuer: CN=SSL.com SSL Intermediate CA ECC R2, O=SSL Corp, L=Houston, ST=Texas, C=US 4.450 + // Serial number: 423c2b57dfa379d0c45ffceb6284ed99 4.451 + // Valid from: Fri Jun 28 07:09:30 PDT 2019 until: Sun Jun 27 07:09:30 PDT 2021 4.452 + private static final String REVOKED = "-----BEGIN CERTIFICATE-----\n" + 4.453 + "MIIE+TCCBH+gAwIBAgIQQjwrV9+jedDEX/zrYoTtmTAKBggqhkjOPQQDAzBvMQsw\n" + 4.454 + "CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xETAP\n" + 4.455 + "BgNVBAoMCFNTTCBDb3JwMSswKQYDVQQDDCJTU0wuY29tIFNTTCBJbnRlcm1lZGlh\n" + 4.456 + "dGUgQ0EgRUNDIFIyMB4XDTE5MDYyODE0MDkzMFoXDTIxMDYyNzE0MDkzMFowITEf\n" + 4.457 + "MB0GA1UEAwwWcmV2b2tlZC1lY2MtZHYuc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG\n" + 4.458 + "SM49AwEHA0IABH4nWtnAwPIdcQOSNI72IJJ/I1ZL2XQUAfa3ox5taFQQAalng6N9\n" + 4.459 + "Od9t9de1vIMDzUvs5sMWw4YrqAlywFKMraajggNJMIIDRTAfBgNVHSMEGDAWgBQN\n" + 4.460 + "dGYKXp/iLOzVwl0lBH91Mrr/fTB7BggrBgEFBQcBAQRvMG0wSQYIKwYBBQUHMAKG\n" + 4.461 + "PWh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbS1TdWJDQS1TU0wt\n" + 4.462 + "RUNDLTM4NC1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29t\n" + 4.463 + "MD0GA1UdEQQ2MDSCFnJldm9rZWQtZWNjLWR2LnNzbC5jb22CGnd3dy5yZXZva2Vk\n" + 4.464 + "LWVjYy1kdi5zc2wuY29tMFEGA1UdIARKMEgwCAYGZ4EMAQIBMDwGDCsGAQQBgqkw\n" + 4.465 + "AQMBATAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRv\n" + 4.466 + "cnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEQGA1UdHwQ9MDswOaA3\n" + 4.467 + "oDWGM2h0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tLVN1YkNBLVNTTC1FQ0MtMzg0\n" + 4.468 + "LVIyLmNybDAdBgNVHQ4EFgQUY7q+xN9nV1nPQ/dJ5rUC8OKgaoMwDgYDVR0PAQH/\n" + 4.469 + "BAQDAgeAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdQBElGUusO7Or8RAB9io\n" + 4.470 + "/ijA2uaCvtjLMbU/0zOWtbaBqAAAAWuedJ/tAAAEAwBGMEQCIGPBF546Tn/lzB22\n" + 4.471 + "ICpFLOWOIyIOPwL9S4ikS8Vt1aFTAiBe8mp/WCJnV7WxMIVWEUSLVOYn7erwyu6D\n" + 4.472 + "hWNIST4W8wB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABa550\n" + 4.473 + "oQEAAAQDAEcwRQIhAJ3nwLI7kLP2SKicFKuJoqRYKE/FR2Ff65WL+iWxm/6nAiAJ\n" + 4.474 + "cd9EKnBETwM9qQfKoSSs2oTQL4QjSKJZi/sPfKQaagB2ALvZ37wfinG1k5Qjl6qS\n" + 4.475 + "e0c4V5UKq1LoGpCWZDaOHtGFAAABa550oH4AAAQDAEcwRQIhAIo6k5BMSFN3FnD4\n" + 4.476 + "UFbyJJG/Bujh+OFTYzVM8vuIBoU0AiAhBe+air4wHvd68ykK6xOPv9Qshje9F6LC\n" + 4.477 + "gxTqbMOEkDAKBggqhkjOPQQDAwNoADBlAjEAyayBtbcCQB0fE+cCc7OHLuNvb9tl\n" + 4.478 + "uiHWy/Ika6IA72WJLLmED971ik08OMa2mGt4AjAklxdElQ5Z/nSeJ2CNEwD7pcYz\n" + 4.479 + "468kkrMoGU2lk3QmwcXZscPIoh4Pwew6QteY4J0=\n" + 4.480 + "-----END CERTIFICATE-----"; 4.481 + 4.482 + public void runTest(ValidatePathWithParams pathValidator, boolean ocspEnabled) throws Exception { 4.483 + // Validate valid 4.484 + pathValidator.validate(new String[]{VALID, INT}, 4.485 + ValidatePathWithParams.Status.GOOD, null, System.out); 4.486 + 4.487 + // Validate Revoked 4.488 + pathValidator.validate(new String[]{REVOKED, INT}, 4.489 + ValidatePathWithParams.Status.REVOKED, 4.490 + "Fri Jun 28 07:59:20 PDT 2019", System.out); 4.491 + } 4.492 +}
5.1 --- a/test/sun/security/lib/cacerts/VerifyCACerts.java Fri Jun 28 18:51:01 2019 -0700 5.2 +++ b/test/sun/security/lib/cacerts/VerifyCACerts.java Mon Aug 03 11:35:24 2020 -0700 5.3 @@ -26,7 +26,7 @@ 5.4 * @test 5.5 * @bug 8189131 8198240 8191844 8189949 8191031 8196141 8204923 8195774 8199779 5.6 * 8209452 8209506 8210432 8195793 8216577 8222089 8222133 8222137 8222136 5.7 - * 8223499 8225392 8232019 8234245 8233223 8225068 8225069 8243321 5.8 + * 8223499 8225392 8232019 8234245 8233223 8225068 8225069 8243321 8243320 5.9 * @summary Check root CA entries in cacerts file 5.10 */ 5.11 import java.io.ByteArrayInputStream; 5.12 @@ -52,12 +52,12 @@ 5.13 + File.separator + "security" + File.separator + "cacerts"; 5.14 5.15 // The numbers of certs now. 5.16 - private static final int COUNT = 92; 5.17 + private static final int COUNT = 95; 5.18 5.19 // SHA-256 of cacerts, can be generated with 5.20 // shasum -a 256 cacerts | sed -e 's/../&:/g' | tr '[:lower:]' '[:upper:]' | cut -c1-95 5.21 private static final String CHECKSUM 5.22 - = "44:AE:94:16:D1:2A:5B:CB:C3:89:19:D5:7A:87:C9:4A:E1:D4:ED:24:81:25:0A:0F:70:75:08:2A:D5:90:93:8B"; 5.23 + = "84:BB:36:9E:B0:07:A7:C5:7F:38:EC:36:82:5C:0F:46:C0:35:3B:B1:1F:06:C2:D0:47:B9:39:FA:87:64:E5:9D"; 5.24 5.25 // map of cert alias to SHA-256 fingerprint 5.26 @SuppressWarnings("serial") 5.27 @@ -248,6 +248,12 @@ 5.28 "E3:5D:28:41:9E:D0:20:25:CF:A6:90:38:CD:62:39:62:45:8D:A5:C6:95:FB:DE:A3:C2:2B:0B:FB:25:89:70:92"); 5.29 put("entrustrootcag4 [jdk]", 5.30 "DB:35:17:D1:F6:73:2A:2D:5A:B9:7C:53:3E:C7:07:79:EE:32:70:A6:2F:B4:AC:42:38:37:24:60:E6:F0:1E:88"); 5.31 + put("sslrootrsaca [jdk]", 5.32 + "85:66:6A:56:2E:E0:BE:5C:E9:25:C1:D8:89:0A:6F:76:A8:7E:C1:6D:4D:7D:5F:29:EA:74:19:CF:20:12:3B:69"); 5.33 + put("sslrootevrsaca [jdk]", 5.34 + "2E:7B:F1:6C:C2:24:85:A7:BB:E2:AA:86:96:75:07:61:B0:AE:39:BE:3B:2F:E9:D0:CC:6D:4E:F7:34:91:42:5C"); 5.35 + put("sslrooteccca [jdk]", 5.36 + "34:17:BB:06:CC:60:07:DA:1B:96:1C:92:0B:8A:B4:CE:3F:AD:82:0E:4A:A3:0B:9A:CB:C4:A7:4E:BD:CE:BC:65"); 5.37 } 5.38 }; 5.39