Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. vpnc>
  3. devel
svn commit: vpnc r539 - /branches/vpnc-nortel/ /branches/vpnc-nortel/test/ /trunk/ /trunk/test/
vpnc at unix-ag
Dec 4, 2013, 5:41 AM
Post #1 of 1 (1081 views)
Permalink
Author: Antonio Borneo
Date: Wed Dec 4 14:41:04 2013
New Revision: 539

Log:
Test: add documentation and rebuild files

One certificate in test folder is already expired, other
will follow.
The original private keys to rebuild the certificates are
not available, so no way to re-sign the same certificates.

Document why and how the test is performed.
Put in a Makefile the whole set of commands to rebuild
the certificates and encrypt the binary test.
Replace all the certificates and the encrypted binary
with new versions.

New certificates will expire in 2033.

OpenSSL is required only to re-build the certificates.
No need for OpenSSL to compile VPNC or to run the test.

Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>

Added:
branches/vpnc-nortel/test/Makefile
branches/vpnc-nortel/test/README.txt
branches/vpnc-nortel/test/ca_list.pem
branches/vpnc-nortel/test/cert3.pem
trunk/test/Makefile
trunk/test/README.txt
trunk/test/ca_list.pem
trunk/test/cert3.pem
Removed:
branches/vpnc-nortel/test/cert.pem
branches/vpnc-nortel/test/root.pem
trunk/test/cert.pem
trunk/test/root.pem
Modified:
branches/vpnc-nortel/Makefile
branches/vpnc-nortel/test/cert0.pem
branches/vpnc-nortel/test/cert1.pem
branches/vpnc-nortel/test/cert2.pem
branches/vpnc-nortel/test/sig_data.bin
trunk/Makefile
trunk/test/cert0.pem
trunk/test/cert1.pem
trunk/test/cert2.pem
trunk/test/sig_data.bin

Modified: branches/vpnc-nortel/Makefile
==============================================================================
--- branches/vpnc-nortel/Makefile (original)
+++ branches/vpnc-nortel/Makefile Wed Dec 4 14:41:04 2013
@@ -114,8 +114,8 @@
rm -rf vpnc-$*

test : all
- ./test-crypto test/sig_data.bin test/dec_data.bin \
- test/cert.pem test/cert1.pem test/cert2.pem test/root.pem
+ ./test-crypto test/sig_data.bin test/dec_data.bin test/ca_list.pem \
+ test/cert3.pem test/cert2.pem test/cert1.pem test/cert0.pem

dist : VERSION vpnc.8 vpnc-$(RELEASE_VERSION).tar.gz


Added: branches/vpnc-nortel/test/Makefile
==============================================================================
--- branches/vpnc-nortel/test/Makefile (added)
+++ branches/vpnc-nortel/test/Makefile Wed Dec 4 14:41:04 2013
@@ -0,0 +1,77 @@
+# Makefile to rebuild certificate chain for VPNC test.
+# Copyright (C) 2013 Antonio Borneo
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+OPENSSL = openssl
+
+CFG = openssl.cnf
+TIME = -days 7120
+
+# default targets empty.
+all default clean:
+
+# target to rebuild everything
+rebuild: ca_list.pem cert3.pem sig_data.bin
+
+ca1.key cert1.key:
+ $(OPENSSL) genrsa -out $@ 4096
+
+ca2.key ca3.key cert0.key cert2.key cert3.key:
+ $(OPENSSL) genrsa -out $@ 2048
+
+ca1.pem: ca1.key
+ca2.pem: ca2.key
+ca3.pem: ca3.key
+
+ca%.pem: ca%.key
+ $(OPENSSL) req -new -x509 -key $< -out $@ $(TIME) -batch -text \
+ -subj "/OU=Root Certification Authority/CN="$@
+
+ca_list.pem: ca1.pem ca2.pem ca3.pem
+ cat $^ > $@
+
+CHAIN_SIGN = $(OPENSSL) req -new -key $(2) -batch -subj "/OU=Cert/CN="$(1) \
+ | $(OPENSSL) x509 -req $(TIME) -CA $(3) -CAkey $(4) -set_serial 01 \
+ -out $(1) -text -extfile $(CFG) -extensions usr
+
+cert0.pem: cert0.key ca3.pem ca3.key $(CFG)
+ $(call CHAIN_SIGN,cert0.pem,cert0.key,ca3.pem,ca3.key)
+
+cert1.pem: cert1.key cert0.pem cert0.key $(CFG)
+ $(call CHAIN_SIGN,cert1.pem,cert1.key,cert0.pem,cert0.key)
+
+cert2.pem: cert2.key cert1.pem cert1.key $(CFG)
+ $(call CHAIN_SIGN,cert2.pem,cert2.key,cert1.pem,cert1.key)
+
+cert3.pem: cert3.key cert2.pem cert2.key $(CFG)
+ $(call CHAIN_SIGN,cert3.pem,cert3.key,cert2.pem,cert2.key)
+
+$(CFG):
+ echo -e '[ usr ]\nbasicConstraints=CA:TRUE' > $(CFG)
+
+dec_data.bin:
+ dd if=/dev/urandom of=$@ bs=256 count=1
+
+sig_data.bin: dec_data.bin cert0.key
+ $(OPENSSL) rsautl -decrypt -in $< -out $@ -inkey cert0.key -raw
+
+clean_build:
+ rm -f *.pem $(CFG) sig_data.bin
+
+clean_key:
+ rm -f *.key dec_data.bin
+
+clean_all: clean_build clean_key

Added: branches/vpnc-nortel/test/README.txt
==============================================================================
--- branches/vpnc-nortel/test/README.txt (added)
+++ branches/vpnc-nortel/test/README.txt Wed Dec 4 14:41:04 2013
@@ -0,0 +1,72 @@
+2013-12-04: Antonio Borneo <borneo.antonio@gmail.com>
+
+VPNC includes a wrapper around openssl and gnutls to
+offer single set of crypto-API.
+The program test-crypto.c is used to verify the API.
+
+This folder "test" provides a chain of certificates
+and an encrypted binary.
+test-crypto.c verifies the certificate chain, decrypts
+the binary and compare it against expected result.
+See below for more details on how to use test-crypto.
+
+openSSL is required to rebuild the test files.
+To avoid the dependence from openSSL during SW compile,
+all required files are distribuited together with the
+VPNC source code.
+
+The Makefile in this folder is able to rebuild all the
+certificates and the binary.
+ make clean_all
+to cleanup the folder and
+ make rebuild
+to re-build everything from scratch.
+Since both cryptographic keys and binary are generated
+through random functions, results are not replicable
+across executions. Use
+ make clean_build
+if you want to cleanup the folder but keep either keys
+and binary file.
+
+Files in the folder:
+- readme.txt:
+ This file.
+- Makefile:
+ To rebuild all following file.
+- ca1.key ca2.key ca3.key:
+ Pairs of private and public keys, used for
+ certificate authorities.
+- ca1.pem ca2.pem ca3.pem:
+ Self signed certificate of the certificate
+ authorities.
+- ca_list.pem:
+ Single file containing all the certificates
+ of the three CA above.
+- cert0.key cert1.key cert2.key cert3.key:
+ Pairs of private and public keys, used for
+ certificates.
+- cert0.pem cert1.pem cert2.pem cert3.pem:
+ Certificates derived from ".key" files above.
+ Certificates are signed in chain:
+ ca3.pem -> cert0.pem -> cert1.pem ->
+ -> cert2.pem -> cert3.pem
+ Self signed certificate "ca3.pem" signs the
+ certificate "cert0.pem", that in turn signs
+ "cert1.pem", and so on.
+- dec_data.bin:
+ Binary random data. File size equal to private
+ key size "cert0.key" (256 byte = 2048 bit).
+- sig_data.bin:
+ Data from "dec_data.bin" RSA encrypted through
+ private key in "cert0.pem".
+- openssl.cnf:
+ Temporarily config file for openSSL flags that
+ cannot be passed through command line.
+
+The program test-crypto.c requires at least 5 arguments:
+ test-crypto <sig> <dec> <ca> <cert1> <server>
+- <sig> is the encrypted binary;
+- <dec> is the reference binary before encryption;
+- <ca> is a list of CA certificates, one of them
+ signs <server>;
+- <cert1> ... <server> is the chain of certificates.

Added: branches/vpnc-nortel/test/ca_list.pem
==============================================================================
--- branches/vpnc-nortel/test/ca_list.pem (added)
+++ branches/vpnc-nortel/test/ca_list.pem Wed Dec 4 14:41:04 2013
@@ -0,0 +1,276 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 8f:b0:fb:e5:0b:46:cc:4f
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca1.pem
+ Validity
+ Not Before: Dec 4 13:26:12 2013 GMT
+ Not After : Jun 2 13:26:12 2033 GMT
+ Subject: OU=Root Certification Authority, CN=ca1.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:d0:24:08:5e:8c:24:9f:df:fd:8f:f9:84:c0:d9:
+ 88:4c:94:6f:e0:78:64:6d:b8:c6:4a:71:15:1d:ad:
+ 8a:34:1d:64:03:f3:8f:cb:fb:2b:b9:bf:15:3a:18:
+ 32:71:0b:89:29:3a:6a:65:29:43:d2:b7:ed:0b:02:
+ 6f:7e:94:10:67:3e:38:f3:2f:d6:ad:94:e1:04:45:
+ 80:1a:89:3d:20:3b:45:b7:ee:f5:b5:39:f3:1d:3a:
+ 72:e0:ab:86:99:46:0f:0f:50:90:e2:28:b8:9d:1a:
+ 61:84:ed:ca:fb:9f:15:e5:a1:2a:2f:01:de:c6:a6:
+ 4a:4e:3a:5a:b8:a4:cf:8f:90:60:b7:b1:7d:ea:01:
+ ad:d9:0d:01:64:92:a1:3f:b0:24:eb:ac:6e:ff:fb:
+ 2c:65:fd:dd:bc:4a:95:ba:37:a0:ed:ed:13:e6:49:
+ a8:4a:4e:6c:a0:92:40:d8:74:5f:3f:32:79:27:9e:
+ 28:a0:0c:53:53:23:18:db:82:16:b8:72:89:8a:08:
+ 2c:e0:67:71:d4:5d:32:bc:97:89:c5:14:55:2d:b5:
+ ce:e4:28:94:21:38:f9:42:0e:e7:bc:45:8d:43:54:
+ 28:93:75:de:2d:de:83:e2:f5:8a:f1:f7:80:e6:ad:
+ 16:84:fd:2e:59:47:96:71:e9:49:08:72:77:d7:32:
+ 08:2b:a9:a0:7e:bc:5d:a6:b6:2e:44:5e:9d:67:cd:
+ c1:ec:0c:44:ec:47:2d:c3:f4:d2:8e:08:05:03:77:
+ 72:0b:a2:b6:f4:da:32:f3:84:54:ad:46:85:82:9a:
+ 08:79:4e:97:35:2d:14:35:22:35:51:6e:c8:73:8c:
+ 9a:25:90:ef:c1:cf:8b:40:a6:5e:a4:23:d0:28:19:
+ 4e:56:b4:8b:39:74:e8:5a:57:ca:28:0a:bb:aa:e3:
+ 54:3a:18:2f:31:b9:41:53:3e:bf:a4:f0:8b:3b:85:
+ bb:c0:7d:fd:5a:08:b9:d8:84:51:c7:23:27:44:82:
+ c1:af:e4:f2:db:99:46:a1:7f:35:03:f4:1a:a1:3a:
+ b9:55:a0:bf:6b:c9:7f:9f:66:ac:10:c4:99:12:8f:
+ 72:b8:3d:39:85:bf:9f:e1:ea:e2:42:c6:e1:e7:58:
+ 07:1e:0c:c7:43:1a:47:54:a6:77:59:59:20:15:98:
+ e7:30:4e:94:23:ef:c2:96:bd:ca:ab:ea:03:b1:cf:
+ 76:46:1f:d1:45:85:94:a0:f2:74:d4:50:8e:23:24:
+ ca:79:fc:8c:a8:36:61:1c:40:67:fa:b2:f5:59:e9:
+ fa:f2:73:11:52:0e:3c:db:42:21:76:9a:48:24:2e:
+ f2:64:84:52:c2:57:6b:4d:2a:1c:15:8c:00:cf:94:
+ 9e:b0:c3
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 99:77:DD:22:D3:28:B4:E6:7D:40:1D:ED:DB:7F:BD:3C:00:D3:88:28
+ X509v3 Authority Key Identifier:
+ keyid:99:77:DD:22:D3:28:B4:E6:7D:40:1D:ED:DB:7F:BD:3C:00:D3:88:28
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 7b:32:1c:c2:21:13:f6:c2:0c:30:e4:59:66:28:2f:69:de:50:
+ c2:e2:c9:f3:b6:36:2f:a4:a9:34:1a:9f:e4:4c:e5:a1:f0:be:
+ a7:e0:a4:f7:e2:a2:36:01:9a:68:4b:1f:a7:90:48:a9:c4:35:
+ d6:47:86:d3:f0:f4:2c:55:f2:2b:39:61:ef:82:32:ea:aa:82:
+ ec:20:7d:37:2f:ba:b4:a7:a6:86:92:72:dc:bc:27:73:d4:c3:
+ f0:bc:2f:16:0d:69:63:5e:f8:78:5c:b7:98:bb:b4:4d:cc:47:
+ f8:36:57:86:5c:bb:55:1b:7b:cd:32:8f:e7:bc:e0:fc:32:5a:
+ ed:5c:c5:5b:1f:c0:c3:9a:54:8a:92:eb:97:c0:9f:24:f2:7f:
+ df:e5:a5:f5:50:98:6c:65:31:40:df:4f:f1:47:f8:86:6f:4c:
+ a1:6a:ef:ab:2a:1f:f1:79:04:fd:2d:80:ca:b3:f3:98:f2:7d:
+ 2b:1a:43:3c:ad:30:59:bb:ea:34:5e:29:e3:76:4d:35:ff:0c:
+ c1:73:5c:cb:9f:48:72:87:f0:d6:96:c1:6c:a1:d7:9a:92:b4:
+ 46:2f:f0:ef:61:8b:02:93:ef:40:40:33:29:8c:c7:20:77:ca:
+ 7f:8a:25:3e:10:0a:e0:23:c9:b5:6d:6b:15:89:56:2a:f2:d2:
+ 75:52:15:80:4c:04:35:42:ac:bc:a0:1f:48:e4:cc:d8:62:88:
+ 5e:5c:a2:aa:9e:d4:63:77:46:d5:51:5d:00:2c:fc:99:e2:c3:
+ 31:a6:19:22:db:66:8c:37:35:c4:7d:5f:fc:ee:0f:a2:d3:cd:
+ 2d:90:49:af:35:4a:47:96:6b:3e:91:6c:56:4b:29:39:01:f2:
+ 17:1d:30:bb:74:0b:9d:8d:54:c3:37:1e:32:cb:b8:99:85:88:
+ 00:be:e2:21:85:fc:42:d2:ab:bf:34:99:96:46:7f:28:6e:4c:
+ c9:dc:f3:9d:37:9c:f6:1e:7e:bb:9e:9a:66:02:df:3f:68:1f:
+ 5b:a3:38:dd:fe:c6:93:7b:1f:98:76:54:79:c1:8a:0b:ea:91:
+ 00:e5:7c:9d:94:93:f1:e4:44:70:3f:81:8f:12:32:13:10:2a:
+ 5f:81:b4:e7:40:ea:16:e9:23:f8:b7:f4:c9:70:24:08:4a:45:
+ 50:36:48:e1:1a:25:fa:af:f3:17:26:34:43:22:aa:7c:86:45:
+ f8:b7:36:5a:44:16:51:98:84:df:e2:50:33:b5:ff:42:61:8d:
+ e5:ca:44:b0:06:12:ad:01:90:c6:fe:90:25:db:ab:42:b8:2a:
+ d1:c8:f2:5f:ad:a0:21:df:a3:99:96:d4:1d:87:1e:45:42:a1:
+ 85:5f:81:19:a5:db:5c:3e
+-----BEGIN CERTIFICATE-----
+MIIFRTCCAy2gAwIBAgIJAI+w++ULRsxPMA0GCSqGSIb3DQEBBQUAMDkxJTAjBgNV
+BAsMHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEDAOBgNVBAMMB2NhMS5w
+ZW0wHhcNMTMxMjA0MTMyNjEyWhcNMzMwNjAyMTMyNjEyWjA5MSUwIwYDVQQLDBxS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTEucGVtMIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0CQIXowkn9/9j/mEwNmITJRv
+4HhkbbjGSnEVHa2KNB1kA/OPy/srub8VOhgycQuJKTpqZSlD0rftCwJvfpQQZz44
+8y/WrZThBEWAGok9IDtFt+71tTnzHTpy4KuGmUYPD1CQ4ii4nRphhO3K+58V5aEq
+LwHexqZKTjpauKTPj5Bgt7F96gGt2Q0BZJKhP7Ak66xu//ssZf3dvEqVujeg7e0T
+5kmoSk5soJJA2HRfPzJ5J54ooAxTUyMY24IWuHKJiggs4Gdx1F0yvJeJxRRVLbXO
+5CiUITj5Qg7nvEWNQ1Qok3XeLd6D4vWK8feA5q0WhP0uWUeWcelJCHJ31zIIK6mg
+frxdprYuRF6dZ83B7AxE7Ectw/TSjggFA3dyC6K29Noy84RUrUaFgpoIeU6XNS0U
+NSI1UW7Ic4yaJZDvwc+LQKZepCPQKBlOVrSLOXToWlfKKAq7quNUOhgvMblBUz6/
+pPCLO4W7wH39Wgi52IRRxyMnRILBr+Ty25lGoX81A/QaoTq5VaC/a8l/n2asEMSZ
+Eo9yuD05hb+f4eriQsbh51gHHgzHQxpHVKZ3WVkgFZjnME6UI+/Clr3Kq+oDsc92
+Rh/RRYWUoPJ01FCOIyTKefyMqDZhHEBn+rL1Wen68nMRUg4820IhdppIJC7yZIRS
+wldrTSocFYwAz5SesMMCAwEAAaNQME4wHQYDVR0OBBYEFJl33SLTKLTmfUAd7dt/
+vTwA04goMB8GA1UdIwQYMBaAFJl33SLTKLTmfUAd7dt/vTwA04goMAwGA1UdEwQF
+MAMBAf8wDQYJKoZIhvcNAQEFBQADggIBAHsyHMIhE/bCDDDkWWYoL2neUMLiyfO2
+Ni+kqTQan+RM5aHwvqfgpPfiojYBmmhLH6eQSKnENdZHhtPw9CxV8is5Ye+CMuqq
+guwgfTcvurSnpoaScty8J3PUw/C8LxYNaWNe+Hhct5i7tE3MR/g2V4Zcu1Ube80y
+j+e84PwyWu1cxVsfwMOaVIqS65fAnyTyf9/lpfVQmGxlMUDfT/FH+IZvTKFq76sq
+H/F5BP0tgMqz85jyfSsaQzytMFm76jReKeN2TTX/DMFzXMufSHKH8NaWwWyh15qS
+tEYv8O9hiwKT70BAMymMxyB3yn+KJT4QCuAjybVtaxWJViry0nVSFYBMBDVCrLyg
+H0jkzNhiiF5coqqe1GN3RtVRXQAs/JniwzGmGSLbZow3NcR9X/zuD6LTzS2QSa81
+SkeWaz6RbFZLKTkB8hcdMLt0C52NVMM3HjLLuJmFiAC+4iGF/ELSq780mZZGfyhu
+TMnc8503nPYefruemmYC3z9oH1ujON3+xpN7H5h2VHnBigvqkQDlfJ2Uk/HkRHA/
+gY8SMhMQKl+BtOdA6hbpI/i39MlwJAhKRVA2SOEaJfqv8xcmNEMiqnyGRfi3NlpE
+FlGYhN/iUDO1/0JhjeXKRLAGEq0BkMb+kCXbq0K4KtHI8l+toCHfo5mW1B2HHkVC
+oYVfgRml21w+
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ b6:36:ad:93:f7:5f:26:91
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca2.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Root Certification Authority, CN=ca2.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:ea:19:0b:81:0f:b8:f1:1b:8c:a3:d6:ca:43:06:
+ 2d:b5:d3:45:95:cd:cb:cc:da:f4:4b:d0:da:77:2a:
+ 60:53:47:61:aa:79:99:f8:24:5c:5f:e6:57:72:c8:
+ 22:6d:3c:6f:a8:45:a3:5f:f9:c3:0d:76:bf:6c:a7:
+ f9:25:be:d2:a2:08:cb:8b:4e:00:41:e8:40:88:86:
+ a2:63:a3:c1:35:f8:82:ea:7e:53:8c:c9:3f:95:33:
+ d6:24:51:22:e8:b9:b1:1b:43:67:49:aa:57:4a:d5:
+ ad:0c:11:bf:c9:58:d7:24:97:51:34:9a:30:9a:d1:
+ f0:ec:2d:7b:1c:ef:fd:af:05:e4:69:09:81:86:8d:
+ 8e:dc:33:8d:1f:4d:20:de:d1:8d:5e:d7:de:fc:e3:
+ 7e:b2:0a:0b:31:23:ff:de:ff:61:44:3f:72:ec:48:
+ ca:01:94:2e:8e:3f:cf:fe:af:b3:19:da:e8:15:39:
+ 66:15:db:a4:5a:c0:38:8e:2d:94:31:96:a7:08:fc:
+ aa:03:2e:e2:ab:f9:53:fc:8a:42:ef:2c:d9:1d:cd:
+ 81:b9:9a:fc:3e:08:c3:63:64:57:dd:18:9e:61:52:
+ ab:43:fc:af:7a:3d:8d:99:52:73:0d:86:a7:d7:01:
+ 34:2d:cd:e6:c4:cc:99:01:dd:c7:cf:b1:64:8f:2c:
+ d5:73
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 68:C1:E8:F8:2B:27:CC:15:73:17:5E:E9:96:58:B0:1E:D8:9C:8D:9E
+ X509v3 Authority Key Identifier:
+ keyid:68:C1:E8:F8:2B:27:CC:15:73:17:5E:E9:96:58:B0:1E:D8:9C:8D:9E
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 41:39:9e:d2:fb:82:4f:bc:92:56:d7:de:43:e4:94:72:60:a2:
+ 0e:0c:50:9a:8a:fe:f2:74:63:36:4c:a8:1c:49:bc:aa:82:ae:
+ 39:ff:69:67:46:04:f9:17:b2:da:b1:cd:14:f6:7e:0a:e7:87:
+ 2d:87:98:59:81:91:93:e6:61:f4:56:6e:7d:22:79:3d:a4:73:
+ d5:00:a2:1a:8f:5c:cb:e6:53:04:55:a3:cc:5b:de:da:8e:63:
+ 49:72:d8:10:fd:be:dc:e3:50:83:06:4c:da:96:d3:37:dd:3e:
+ f5:41:08:0b:63:3d:47:08:c1:0b:be:4c:87:28:44:9f:72:fd:
+ 2a:aa:44:2b:cd:a5:a3:11:1e:01:e0:f5:c8:df:88:ed:8c:07:
+ fa:99:dd:dd:2a:67:80:70:81:d3:1d:13:40:de:a1:25:e1:f3:
+ 05:7d:97:b1:c4:d6:17:01:1c:57:a9:70:4c:22:31:45:6a:9e:
+ 4c:d4:14:41:8a:22:d6:a5:49:6b:4b:8a:4d:80:80:ab:1d:b4:
+ 8f:71:6f:78:c8:a2:52:cf:36:7c:f3:0f:f7:7d:19:22:31:ec:
+ 88:f2:16:61:ff:a0:6b:4c:39:57:1d:a2:ce:5a:9e:dd:a7:4b:
+ 31:52:80:9b:ca:fa:83:43:92:91:03:2a:d1:74:b7:b6:08:9b:
+ fa:88:ef:e1
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIJALY2rZP3XyaRMA0GCSqGSIb3DQEBBQUAMDkxJTAjBgNV
+BAsMHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEDAOBgNVBAMMB2NhMi5w
+ZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMyNjEzWjA5MSUwIwYDVQQLDBxS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTIucGVtMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hkLgQ+48RuMo9bKQwYttdNF
+lc3LzNr0S9DadypgU0dhqnmZ+CRcX+ZXcsgibTxvqEWjX/nDDXa/bKf5Jb7SogjL
+i04AQehAiIaiY6PBNfiC6n5TjMk/lTPWJFEi6LmxG0NnSapXStWtDBG/yVjXJJdR
+NJowmtHw7C17HO/9rwXkaQmBho2O3DONH00g3tGNXtfe/ON+sgoLMSP/3v9hRD9y
+7EjKAZQujj/P/q+zGdroFTlmFdukWsA4ji2UMZanCPyqAy7iq/lT/IpC7yzZHc2B
+uZr8PgjDY2RX3RieYVKrQ/yvej2NmVJzDYan1wE0Lc3mxMyZAd3Hz7FkjyzVcwID
+AQABo1AwTjAdBgNVHQ4EFgQUaMHo+CsnzBVzF17plliwHticjZ4wHwYDVR0jBBgw
+FoAUaMHo+CsnzBVzF17plliwHticjZ4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOCAQEAQTme0vuCT7ySVtfeQ+SUcmCiDgxQmor+8nRjNkyoHEm8qoKuOf9p
+Z0YE+Rey2rHNFPZ+CueHLYeYWYGRk+Zh9FZufSJ5PaRz1QCiGo9cy+ZTBFWjzFve
+2o5jSXLYEP2+3ONQgwZM2pbTN90+9UEIC2M9RwjBC75MhyhEn3L9KqpEK82loxEe
+AeD1yN+I7YwH+pnd3SpngHCB0x0TQN6hJeHzBX2XscTWFwEcV6lwTCIxRWqeTNQU
+QYoi1qVJa0uKTYCAqx20j3FveMiiUs82fPMP930ZIjHsiPIWYf+ga0w5Vx2izlqe
+3adLMVKAm8r6g0OSkQMq0XS3tgib+ojv4Q==
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 9f:ab:17:25:a8:44:2d:cd
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca3.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Root Certification Authority, CN=ca3.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bd:8b:3c:b6:0a:8e:17:f0:49:0e:36:c7:41:09:
+ 9a:ab:b4:47:f5:66:38:ae:92:45:b9:2a:53:1e:a6:
+ ea:01:db:2b:be:fc:cf:1b:82:a6:a0:df:ef:96:4b:
+ f4:44:3a:97:37:fd:0f:93:22:ee:94:97:d1:17:50:
+ 09:07:07:2a:6e:2d:ea:fb:21:cf:24:85:db:c1:93:
+ 95:fc:95:3d:13:4e:42:6e:56:20:57:2c:a2:e6:b1:
+ e4:41:eb:0c:14:b1:39:d5:8a:69:a0:df:26:af:15:
+ cf:13:3d:81:18:38:32:9a:40:ad:9d:82:6f:43:38:
+ 35:5b:44:55:fc:20:bd:30:3b:65:bb:eb:1c:52:6f:
+ 1b:a9:04:19:15:47:f3:03:9d:b6:f6:a6:f9:da:0c:
+ 5f:41:36:e6:47:f7:d2:15:25:3c:07:fc:7e:88:08:
+ f3:b8:17:e8:f2:7b:8e:e5:ba:27:d0:43:9a:a5:01:
+ 13:3b:bf:37:44:d6:65:ce:81:fb:a6:35:b4:d7:4d:
+ 6d:31:11:de:20:0b:2d:49:fc:60:9b:37:bf:03:5b:
+ c2:46:00:63:5d:64:80:48:b4:f5:49:dc:97:a9:7e:
+ 6e:c7:33:74:71:1e:8a:7d:d4:d5:e0:d2:a5:9c:f0:
+ 30:0a:1a:63:59:d3:f5:ce:93:e2:60:86:38:94:13:
+ 35:05
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ E5:0F:44:4E:46:BE:03:BE:BF:7E:3F:83:26:17:94:39:9A:38:34:55
+ X509v3 Authority Key Identifier:
+ keyid:E5:0F:44:4E:46:BE:03:BE:BF:7E:3F:83:26:17:94:39:9A:38:34:55
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 82:3a:9b:f8:01:23:35:18:9e:ee:f0:0e:45:f9:45:de:cc:42:
+ 69:f6:9d:9f:c6:6f:e3:78:21:94:1c:aa:23:9d:3c:11:fd:83:
+ 92:2b:4d:c6:0b:3f:e5:f1:da:2e:ab:a4:30:56:ae:5d:90:62:
+ ee:5e:ee:c3:27:2b:3e:9e:4f:57:69:65:50:52:60:41:07:8f:
+ b2:15:ec:27:14:58:c6:9f:4f:f1:b2:86:09:15:f3:b6:53:36:
+ 34:4c:c2:c5:50:b3:57:25:d0:44:0d:d6:2f:42:cc:54:b6:c8:
+ e7:53:24:b7:b9:d4:63:ba:0a:a3:db:1e:16:40:4c:bb:1d:c4:
+ 06:01:8d:b1:9a:7b:21:df:6d:c4:f3:e3:12:30:56:d9:43:3b:
+ 43:1a:da:8e:8c:56:38:92:e9:d5:9d:3c:51:58:ed:e0:2b:f2:
+ 29:7f:1c:0c:f0:df:a5:da:14:70:3b:85:a5:39:14:bf:a2:13:
+ 05:25:95:0d:8d:3b:28:e9:5c:26:5c:14:e8:56:da:c4:a7:f9:
+ 93:3a:c1:60:41:2b:bf:81:2a:fe:e2:75:ec:cf:8d:77:1b:6e:
+ b8:b2:50:84:d1:ce:67:86:7f:06:6e:5d:7e:29:92:a0:d8:c4:
+ 6c:bb:79:3d:8f:59:dd:d4:02:05:8a:93:ef:5c:7b:8f:38:7b:
+ 0e:b9:3a:f3
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIJAJ+rFyWoRC3NMA0GCSqGSIb3DQEBBQUAMDkxJTAjBgNV
+BAsMHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEDAOBgNVBAMMB2NhMy5w
+ZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMyNjEzWjA5MSUwIwYDVQQLDBxS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTMucGVtMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYs8tgqOF/BJDjbHQQmaq7RH
+9WY4rpJFuSpTHqbqAdsrvvzPG4KmoN/vlkv0RDqXN/0PkyLulJfRF1AJBwcqbi3q
++yHPJIXbwZOV/JU9E05CblYgVyyi5rHkQesMFLE51YppoN8mrxXPEz2BGDgymkCt
+nYJvQzg1W0RV/CC9MDtlu+scUm8bqQQZFUfzA5229qb52gxfQTbmR/fSFSU8B/x+
+iAjzuBfo8nuO5bon0EOapQETO783RNZlzoH7pjW0101tMRHeIAstSfxgmze/A1vC
+RgBjXWSASLT1SdyXqX5uxzN0cR6KfdTV4NKlnPAwChpjWdP1zpPiYIY4lBM1BQID
+AQABo1AwTjAdBgNVHQ4EFgQU5Q9ETka+A76/fj+DJheUOZo4NFUwHwYDVR0jBBgw
+FoAU5Q9ETka+A76/fj+DJheUOZo4NFUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOCAQEAgjqb+AEjNRie7vAORflF3sxCafadn8Zv43ghlByqI508Ef2DkitN
+xgs/5fHaLqukMFauXZBi7l7uwycrPp5PV2llUFJgQQePshXsJxRYxp9P8bKGCRXz
+tlM2NEzCxVCzVyXQRA3WL0LMVLbI51Mkt7nUY7oKo9seFkBMux3EBgGNsZp7Id9t
+xPPjEjBW2UM7QxrajoxWOJLp1Z08UVjt4CvyKX8cDPDfpdoUcDuFpTkUv6ITBSWV
+DY07KOlcJlwU6FbaxKf5kzrBYEErv4Eq/uJ17M+NdxtuuLJQhNHOZ4Z/Bm5dfimS
+oNjEbLt5PY9Z3dQCBYqT71x7jzh7Drk68w==
+-----END CERTIFICATE-----

Modified: branches/vpnc-nortel/test/cert0.pem
==============================================================================
--- branches/vpnc-nortel/test/cert0.pem (original)
+++ branches/vpnc-nortel/test/cert0.pem Wed Dec 4 14:41:04 2013
@@ -1,36 +1,70 @@
- 0 s:/1.3.6.1.4.1.311.60.2.1.3=CH/1.3.6.1.4.1.311.60.2.1.2=Bern/2.5.4.15=V1.0, Clause 5(b)/serialNumber=CH-035.7.001.278-9/C=CH/ST=Zuerich/L=Zuerich/O=SWITCH/CN=www.switch.ch
- i:/C=BM/O=QuoVadis Limited/OU=www.quovadisglobal.com/CN=QuoVadis Global SSL ICA
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca3.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert0.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bf:6d:e1:6a:22:df:a9:d1:75:d7:4e:8f:a1:cf:
+ 81:3b:83:9f:35:2b:ea:a1:37:ba:37:9f:45:fc:67:
+ 44:88:25:34:32:e7:79:8f:bf:6b:9f:68:ee:9a:38:
+ c1:ea:ce:52:d6:b4:74:4f:a9:80:d0:3e:66:24:3f:
+ 90:d0:86:7b:b3:40:ea:38:22:19:21:a1:dc:d8:ee:
+ 39:80:66:af:fc:47:ad:30:e1:a7:c9:fe:9c:58:aa:
+ 86:98:96:41:48:16:01:e5:0b:71:c3:d0:10:79:94:
+ 50:e6:49:74:f9:8f:77:34:cc:a0:dd:a5:7b:b5:d3:
+ 9d:d6:1f:71:5a:42:68:6d:9b:54:40:ad:f0:45:5e:
+ 48:e3:07:ad:08:23:91:2c:01:f9:08:b5:53:f7:f2:
+ 07:d9:89:41:ba:85:45:48:98:b9:7e:fe:47:6d:55:
+ f6:11:c5:20:55:cc:da:fb:d8:92:62:02:16:31:d3:
+ 18:fb:b0:93:40:5a:78:17:51:fe:62:2e:68:fb:d9:
+ 3f:f3:20:9a:ea:28:fc:1d:28:be:8d:1c:34:2b:07:
+ 47:17:5f:c6:97:df:72:1c:88:a0:02:37:13:0e:44:
+ c1:7c:db:dd:8e:a9:59:54:a6:46:4b:c8:d8:03:39:
+ 6e:15:31:a8:d6:9b:8d:72:89:6b:4b:eb:9d:26:14:
+ 37:47
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 99:8f:67:14:00:32:06:9b:bf:42:31:92:5d:bf:02:a0:b0:e6:
+ 67:11:c2:37:89:29:84:db:20:00:10:55:bf:14:31:1b:32:e9:
+ e5:26:4f:c1:52:81:66:6c:92:02:c1:32:69:27:22:b0:72:d5:
+ 62:d0:3e:93:91:b7:c3:8b:0e:e9:8c:c1:d9:d7:59:b1:ca:1e:
+ f2:11:bb:e9:4f:2f:e6:45:05:4c:30:9e:c2:59:07:ff:e5:e6:
+ 8c:d9:63:ae:12:e2:55:d9:9b:99:7b:0e:1d:96:bc:b0:5b:d9:
+ 10:e7:f6:06:45:a0:66:c8:fa:2d:df:c0:5b:73:98:ee:bb:82:
+ 8b:ad:67:70:98:6b:2c:a3:ad:4a:a6:79:18:81:3c:2b:dc:79:
+ f4:de:aa:d4:fe:3e:b3:fc:32:12:45:9a:90:48:70:e2:ed:65:
+ b2:59:1d:1c:c2:3a:e3:2d:0d:4b:3c:33:23:1d:80:9b:8b:1c:
+ d1:48:5d:c3:6e:58:49:7a:b3:4b:70:86:a5:31:b0:e6:d5:82:
+ 07:3c:6f:43:60:f1:b3:b4:39:7c:40:45:d7:a8:0c:5f:81:a5:
+ c6:86:14:59:0e:6c:b2:88:05:7a:85:ef:6f:5c:e7:a1:89:c9:
+ 29:95:5f:ba:7e:03:e4:66:d4:11:23:9c:9f:72:f8:00:b2:5c:
+ a0:46:09:e8
-----BEGIN CERTIFICATE-----
-MIIFpjCCBI6gAwIBAgICD4YwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
-c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
-DTA5MDExNTA5MjEzM1oXDTExMDExNTA5MjEzM1owgb8xEzARBgsrBgEEAYI3PAIB
-AxMCQ0gxFTATBgsrBgEEAYI3PAIBAhMEQmVybjEaMBgGA1UEDxMRVjEuMCwgQ2xh
-dXNlIDUoYikxGzAZBgNVBAUTEkNILTAzNS43LjAwMS4yNzgtOTELMAkGA1UEBhMC
-Q0gxEDAOBgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoT
-BlNXSVRDSDEWMBQGA1UEAxMNd3d3LnN3aXRjaC5jaDCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAKqwpnO5zcYxC829nQpHkFeZp9Hp4gzlyvHj0BHaLx9F
-pQxaFw7bsgbrMR+M+OjI+NXbWhPbc6ftY5VjqYwaVQAWmA3vvo5ELsy11lzyQusi
-ZT2wjx0Rx1SV7ocP20rDS0gkFqrej0ymdQKO/mcyht53a076goaUuacOElhNttlM
-baXiGwSMFURVUA/9dcOC8HhYPokzWnQD7BkFl3pg3BsmHz5mQ+rh79e+rKJylsXS
-qfSI1zD0QQTLd01JBzX4iOM37IlHBAJb/EWAuNJPjA9SHZlfILhphaAiEtKUlcyL
-4atAUUgbM2SI9yFfwALHliyBgoBcsZSd7ZlzhaFVA6UCAwEAAaOCAf0wggH5MHQG
-CCsGAQUFBwEBBGgwZjAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNn
-bG9iYWwuY29tMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
-YWwuY29tL3F2c3NsaWNhLmNydDBRBgNVHSAESjBIMEYGDCsGAQQBvlgAAmQBAjA2
-MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBv
-c2l0b3J5MIGEBgNVHREEfTB7gg13d3cuc3dpdGNoLmNogglzd2l0Y2guY2iCEXd3
-dy1kYXYuc3dpdGNoLmNoggxjbXMuc21zY2cuY2iCEWNtcy53d3cuc3dpdGNoLmNo
-ggllZHVodWIuY2iCDXd3dy5lZHVodWIuY2iCEWNtcy53d3cuZWR1aHViLmNoMAsG
-A1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0j
-BBgwFoAUMk2hT+rwrpm27psHLIQIEVCL4n4wOwYDVR0fBDQwMjAwoC6gLIYqaHR0
-cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZzc2xpY2EuY3JsMB0GA1UdDgQW
-BBRj4EuKFVw3hT+IAecPzu1V+KBfRDANBgkqhkiG9w0BAQUFAAOCAQEAOGUv6vmY
-Bz1d8aewypeEpfGG6HEM59xXEnawhywiT7642y0ZCrAIYQASpKhI4sLPKOJpmQRg
-IzApWKaYvLhUsqvnaEvGS+zj+WGvPps7Ky23mwNmLr4qlMdlW6HuXacZvePAUp9v
-qCzQzcxD2QRncZ1vmG1uz/2gR34b/pgb2HnUS4tT6HbUQxTbQAEEbRubTMjFAD5w
-MXIFvNdOl+fhsehC9xxRnXy0dprXE2Wtk29fqnnXmpTSaOOuzc5BhXamdjebCeY/
-ACI+6A2o7ZbwRLN/J/lnBItJuWam78u0ypLOpWpDImt7eWMP+3JjJcegxVwp80dU
-2TumER72gt2EOA==
+MIIC5zCCAc+gAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MSUwIwYDVQQLDBxSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTMucGVtMB4XDTEz
+MTIwNDEzMjYxM1oXDTMzMDYwMjEzMjYxM1owIzENMAsGA1UECwwEQ2VydDESMBAG
+A1UEAwwJY2VydDAucGVtMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+v23haiLfqdF1106Poc+BO4OfNSvqoTe6N59F/GdEiCU0Mud5j79rn2jumjjB6s5S
+1rR0T6mA0D5mJD+Q0IZ7s0DqOCIZIaHc2O45gGav/EetMOGnyf6cWKqGmJZBSBYB
+5Qtxw9AQeZRQ5kl0+Y93NMyg3aV7tdOd1h9xWkJobZtUQK3wRV5I4wetCCORLAH5
+CLVT9/IH2YlBuoVFSJi5fv5HbVX2EcUgVcza+9iSYgIWMdMY+7CTQFp4F1H+Yi5o
++9k/8yCa6ij8HSi+jRw0KwdHF1/Gl99yHIigAjcTDkTBfNvdjqlZVKZGS8jYAzlu
+FTGo1puNcolrS+udJhQ3RwIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
+DQEBBQUAA4IBAQCZj2cUADIGm79CMZJdvwKgsOZnEcI3iSmE2yAAEFW/FDEbMunl
+Jk/BUoFmbJICwTJpJyKwctVi0D6TkbfDiw7pjMHZ11mxyh7yEbvpTy/mRQVMMJ7C
+WQf/5eaM2WOuEuJV2ZuZew4dlrywW9kQ5/YGRaBmyPot38Bbc5juu4KLrWdwmGss
+o61KpnkYgTwr3Hn03qrU/j6z/DISRZqQSHDi7WWyWR0cwjrjLQ1LPDMjHYCbixzR
+SF3DblhJerNLcIalMbDm1YIHPG9DYPGztDl8QEXXqAxfgaXGhhRZDmyyiAV6he9v
+XOehickplV+6fgPkZtQRI5yfcvgAslygRgno
-----END CERTIFICATE-----
-

Modified: branches/vpnc-nortel/test/cert1.pem
==============================================================================
--- branches/vpnc-nortel/test/cert1.pem (original)
+++ branches/vpnc-nortel/test/cert1.pem Wed Dec 4 14:41:04 2013
@@ -1,34 +1,92 @@
- 1 s:/C=BM/O=QuoVadis Limited/OU=www.quovadisglobal.com/CN=QuoVadis Global SSL ICA
- i:/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Cert, CN=cert0.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert1.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:b7:8a:db:2e:f3:c7:6c:2c:78:7e:29:af:66:50:
+ d4:ff:f9:c1:29:2b:96:ad:b9:5f:c0:7b:02:39:09:
+ cc:46:5e:24:9e:e4:57:8b:43:d6:28:ae:91:2b:38:
+ dd:c6:e1:08:cc:22:7e:dd:87:79:06:28:98:81:b0:
+ 35:5e:75:ca:77:f6:15:34:9f:30:f9:cb:cc:fd:ae:
+ c6:91:1c:eb:45:fa:4b:92:fc:d6:27:ad:07:ac:20:
+ d2:6f:19:e4:c8:6b:3f:c0:17:20:c2:56:2a:6e:46:
+ 0d:c1:a1:39:f2:9c:65:57:8d:4b:b8:a4:60:36:13:
+ cf:68:3a:4c:cd:35:b0:77:3a:ec:e7:18:2b:da:b2:
+ b5:95:97:ae:22:ae:23:44:99:62:10:4d:fa:1f:62:
+ 93:93:35:7b:19:dc:51:3e:44:63:f8:95:c1:6a:62:
+ cf:d4:d3:67:9b:82:74:f9:d8:ac:06:0e:f6:5e:3a:
+ 76:8f:92:12:fe:ff:9d:11:8b:21:47:d6:b1:e8:53:
+ c4:a5:12:7d:d7:21:06:96:93:34:f0:13:57:12:3b:
+ 3c:4f:9b:7d:c0:a6:d0:cc:d2:c3:07:b9:e8:46:62:
+ d0:8e:49:14:1d:ae:69:34:a5:21:58:da:95:d6:af:
+ 84:5e:de:5f:e3:c3:b6:5d:0c:fd:33:f5:fe:c1:df:
+ 69:f7:11:0d:88:63:24:ff:1a:79:cd:76:81:2a:59:
+ f7:32:27:6f:b0:12:1b:0c:a8:ac:b8:c3:85:f6:63:
+ 7e:bd:bd:97:86:09:b6:1b:51:54:2e:03:02:9e:ae:
+ 44:07:2b:48:7e:34:76:fe:f8:6e:28:81:14:8b:ef:
+ 24:d0:eb:c3:f2:1f:4c:93:24:51:cd:5f:06:af:26:
+ 8e:08:da:aa:8b:8a:06:f5:ed:64:c2:4f:9b:f7:05:
+ ea:be:ab:24:1b:64:f0:01:99:40:8c:11:dd:9c:28:
+ 5d:6e:ac:b4:c0:f2:06:e9:14:ca:e0:b4:47:af:2d:
+ 51:4e:ee:a7:26:38:ba:97:91:8d:fe:00:19:0c:ca:
+ ac:2b:d1:57:ca:34:f4:1c:14:21:01:25:ed:9e:4c:
+ cd:47:f8:7f:9a:88:37:50:0f:28:71:2d:e5:23:5a:
+ 7f:08:1c:9e:05:ab:50:f6:a0:c4:63:74:d1:88:27:
+ 8c:c5:16:5a:f5:f0:79:77:c3:69:6d:88:17:8f:79:
+ 24:49:d3:69:79:59:c0:63:dc:a9:db:53:ea:dd:78:
+ 8c:7a:83:31:b4:1c:c2:8c:9e:14:85:95:9f:3c:21:
+ c2:f6:50:53:68:d9:c2:45:cf:94:91:87:94:62:3d:
+ b1:97:ac:96:2d:f0:c1:7c:15:62:00:91:26:58:b9:
+ 61:4e:ff
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 9f:4e:99:95:c8:87:7f:87:56:4c:88:6b:9f:9d:ca:f7:2f:07:
+ 88:5d:0e:14:a5:1a:6c:a0:4f:36:e1:76:a7:14:8c:44:51:1d:
+ 61:35:aa:75:16:4a:94:a8:b2:05:0e:df:21:ad:53:2e:85:ca:
+ dc:6a:8e:cf:78:77:01:e1:d5:e6:96:e0:3d:da:29:1c:3e:82:
+ f8:9d:c1:ad:1c:dc:88:dd:b5:cf:27:db:74:3b:7b:33:04:44:
+ b8:ae:e8:42:ae:16:67:a3:73:13:07:85:f7:0f:cf:54:a2:91:
+ 8f:b6:51:3c:9a:42:c4:23:47:5f:de:69:93:4b:aa:80:b4:1c:
+ 38:67:98:ab:ae:06:16:cf:55:b3:a2:4c:29:36:60:85:05:a1:
+ 9f:e9:a5:85:6d:95:55:6b:ea:bb:bf:eb:a9:77:a6:50:5a:95:
+ b2:7b:f1:3d:3e:a2:fe:c9:6d:f2:b7:a2:f2:cd:a2:20:92:cc:
+ 16:fc:2e:62:e2:a2:5d:be:59:d2:cc:13:36:ca:58:4a:5a:de:
+ e6:89:de:e8:f9:5e:1a:ca:05:c1:dd:46:4a:e8:3d:89:a4:78:
+ 07:65:fc:ea:55:aa:b9:3b:c9:d7:a6:e0:2d:5d:0c:b1:9a:b4:
+ 6f:95:1b:40:ae:17:f6:c6:2c:19:51:19:a7:48:68:0d:6f:e5:
+ 5d:e9:33:24
-----BEGIN CERTIFICATE-----
-MIIFTjCCAzagAwIBAgICBXowDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
-b3QgQ0EgMjAeFw0wNzAxMTIxNjEzMzNaFw0xNzAxMTIxNjEzMTFaMGsxCzAJBgNV
-BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR8wHQYDVQQLExZ3d3cu
-cXVvdmFkaXNnbG9iYWwuY29tMSAwHgYDVQQDExdRdW9WYWRpcyBHbG9iYWwgU1NM
-IElDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKk1mD/CiG1+aGcM
-xI7LJL0x4qQpmljkCt1BFL1oaoyuFW4l0GKVTNPFsJ6w4a7pLejG1uQJgeRmKy8n
-xm12NXgIshfqBvTqVFAcuGViwCreo5S+oZWlLxTIYRVJZB3OujED5IyXVibMLR7g
-xWwcXS2BCSNDUnCAN2x+sGHSR9o4sGTbiYFMZPWZfOc0rIbWtms/cUSVfqneyRGN
-WgoIvKPdT2vGvf70RpszxqjEEBLT2A1F2QwM/BxgxylzyelGCN6qVDJrE2rP1KRq
-AN+qiV7kK9MphZ9RYRkjtHE3qNkIxTi4KLy/FBWCy9abwK7t8+AGP6y+N8Oxf7Ed
-9AU37VcCAwEAAaOCASAwggEcMA8GA1UdEwEB/wQFMAMBAf8wOgYIKwYBBQUHAQEE
-LjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20w
-QgYDVR0gBDswOTA3BgRVHSAAMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVv
-dmFkaXNnbG9iYWwuY29tL2NwczAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAU
-GoRivEhMMyUE1O7Q9gPEGUbRlGswOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2Ny
-bC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyLmNybDAdBgNVHQ4EFgQUMk2hT+rw
-rpm27psHLIQIEVCL4n4wDQYJKoZIhvcNAQEFBQADggIBAI5zWxH+LIAvrc/dYIWZ
-8zHozDuc1kbd7IaiSgjJCZwNo1vMSLbNfgPg7XIoTDJ903URzDUWh4l8/XncwRil
-rRafR23N/iFkM+NF+LoABd9qpF/oAmOGuJ6GwPUf/yhioc8nQ/WXuMVF4/OTdvGF
-0QRsk7rivttpGx2aQhGBwO39ft4cySvXToNsBjH4VWcduEooZDg6plIec8S2zrFA
-dXvxSgz/sV41QHwyUokTxEY1UoXF9aA5VeGLKIkC1NasTyy26bzuOYOKxgqRUXIu
-n6M+CdWiKKJWVi3rBpbnFQWSrsotp4jeQn9zBuovTR0OOijTBWHj9ThxrIG5pb4g
-Nmd03/NZDe5l3ja59+UtBUpfCbdqPCCZSUy7t6PLAoDo5JwQKCEOrmNpwD/207GP
-2WMo77wh5/mvJRJMFfEZ+CwQXk5LPXXU7EJr+7PYpJB67hryxts1I6FJI0AF3ET9
-3YZ4sgEK009h6bdeZbIOvcT4e0v33EAJggFtxU/5xRdtk/PmwxBjSxeg+jBK2xeH
-3TScxc6nNvtcw22Lds5GucMsoxmpblYV1adrowg3twQvSXQZ96jzyT3qfmk09M+e
-bBTqd3GFwZcJNaQigOw8EQHQtjJm9Zco7FtJ+SxEqcQYFJ+M7QZz+0wWCPwlflMo
-7aGlYILpWH4iR3ZhuH/3xMkx
+MIID0TCCArmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAjMQ0wCwYDVQQLDARDZXJ0
+MRIwEAYDVQQDDAljZXJ0MC5wZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMy
+NjEzWjAjMQ0wCwYDVQQLDARDZXJ0MRIwEAYDVQQDDAljZXJ0MS5wZW0wggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3itsu88dsLHh+Ka9mUNT/+cEpK5at
+uV/AewI5CcxGXiSe5FeLQ9YorpErON3G4QjMIn7dh3kGKJiBsDVedcp39hU0nzD5
+y8z9rsaRHOtF+kuS/NYnrQesINJvGeTIaz/AFyDCVipuRg3BoTnynGVXjUu4pGA2
+E89oOkzNNbB3OuznGCvasrWVl64iriNEmWIQTfofYpOTNXsZ3FE+RGP4lcFqYs/U
+02ebgnT52KwGDvZeOnaPkhL+/50RiyFH1rHoU8SlEn3XIQaWkzTwE1cSOzxPm33A
+ptDM0sMHuehGYtCOSRQdrmk0pSFY2pXWr4Re3l/jw7ZdDP0z9f7B32n3EQ2IYyT/
+GnnNdoEqWfcyJ2+wEhsMqKy4w4X2Y369vZeGCbYbUVQuAwKerkQHK0h+NHb++G4o
+gRSL7yTQ68PyH0yTJFHNXwavJo4I2qqLigb17WTCT5v3Beq+qyQbZPABmUCMEd2c
+KF1urLTA8gbpFMrgtEevLVFO7qcmOLqXkY3+ABkMyqwr0VfKNPQcFCEBJe2eTM1H
++H+aiDdQDyhxLeUjWn8IHJ4Fq1D2oMRjdNGIJ4zFFlr18Hl3w2ltiBePeSRJ02l5
+WcBj3KnbU+rdeIx6gzG0HMKMnhSFlZ88IcL2UFNo2cJFz5SRh5RiPbGXrJYt8MF8
+FWIAkSZYuWFO/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
+A4IBAQCfTpmVyId/h1ZMiGufncr3LweIXQ4UpRpsoE824XanFIxEUR1hNap1FkqU
+qLIFDt8hrVMuhcrcao7PeHcB4dXmluA92ikcPoL4ncGtHNyI3bXPJ9t0O3szBES4
+ruhCrhZno3MTB4X3D89UopGPtlE8mkLEI0df3mmTS6qAtBw4Z5irrgYWz1Wzokwp
+NmCFBaGf6aWFbZVVa+q7v+upd6ZQWpWye/E9PqL+yW3yt6LyzaIgkswW/C5i4qJd
+vlnSzBM2ylhKWt7mid7o+V4aygXB3UZK6D2JpHgHZfzqVaq5O8nXpuAtXQyxmrRv
+lRtArhf2xiwZURmnSGgNb+Vd6TMk
-----END CERTIFICATE-----
-

Modified: branches/vpnc-nortel/test/cert2.pem
==============================================================================
--- branches/vpnc-nortel/test/cert2.pem (original)
+++ branches/vpnc-nortel/test/cert2.pem Wed Dec 4 14:41:04 2013
@@ -1,34 +1,89 @@
- 2 s:/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2
- i:/C=BM/O=QuoVadis Limited/OU=Root Certification Authority/CN=QuoVadis Root Certification Authority
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Cert, CN=cert1.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert2.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bd:bc:80:34:96:c5:ea:6f:81:aa:91:be:f5:32:
+ d9:8a:9f:02:67:b0:45:1c:3d:68:df:89:7d:af:be:
+ fc:69:d4:1d:0f:72:ae:c8:4f:2c:f4:e2:04:b3:28:
+ db:b9:05:ee:d7:87:c7:87:3f:76:b9:c7:8e:57:ec:
+ 4a:c1:e3:8b:b4:14:d4:a3:a5:13:16:b7:18:3a:97:
+ 5c:cd:c6:d6:aa:54:88:29:b1:75:d2:9d:2e:29:ef:
+ e5:5c:50:46:02:13:b2:d7:1a:2e:38:50:cc:2c:fc:
+ 62:fa:61:61:f7:86:18:a9:c9:b9:af:c0:0e:f9:d3:
+ 88:1b:91:27:b0:e6:e6:16:98:fd:9b:f6:c4:e2:76:
+ d2:63:da:77:21:b0:8d:a1:c8:d9:ce:84:3c:57:af:
+ 99:19:7b:01:8c:f1:ae:e1:7c:ac:13:a6:03:a0:ab:
+ a2:f6:ea:7d:de:b2:43:12:e5:23:ad:df:48:2e:bc:
+ f2:76:96:2b:a0:1c:dc:60:84:d7:de:68:9e:2f:5c:
+ f6:df:49:4e:05:8d:07:39:27:5e:49:45:88:86:33:
+ 16:1a:5f:b1:a2:d1:78:ff:30:36:25:b8:05:c1:8a:
+ dc:b4:6c:b6:3e:52:39:1e:61:dc:eb:bb:da:49:1d:
+ d1:1a:06:76:22:ab:94:07:c7:0e:58:cc:e0:c6:ff:
+ 8c:d3
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 6f:02:24:5d:60:3b:76:e8:aa:a5:37:d7:75:18:72:fd:e0:9a:
+ ce:aa:50:5e:e6:83:93:1b:2d:c4:47:5b:d6:d4:8d:d2:ba:6f:
+ af:a7:a8:78:6a:06:78:7e:9d:83:29:7d:9b:8a:f7:8d:7b:76:
+ d8:0d:0b:7e:b9:bd:15:e8:16:9a:c5:4b:48:c7:26:ba:37:fe:
+ f3:8f:dd:05:13:38:31:79:1a:f4:24:49:03:6d:f8:53:d7:01:
+ 44:79:67:ba:6a:d4:40:7d:56:4d:c4:a5:99:aa:a9:da:84:44:
+ e8:29:ea:bd:5e:5a:7d:c0:7d:e0:7e:0c:12:85:65:ef:cd:f8:
+ b6:56:9e:05:97:d4:48:d7:86:96:75:e6:cc:51:60:7f:eb:ed:
+ a4:e0:9e:c6:70:d9:ce:17:8e:41:16:7b:06:3d:c7:33:d3:d9:
+ 08:8d:17:4e:a5:13:6a:d7:e2:ce:cc:74:ce:14:76:0e:aa:1f:
+ 8d:f5:c8:ef:a0:34:e4:ed:f8:25:b5:8d:d2:3f:65:c4:75:97:
+ 6a:ae:0f:02:5e:61:a1:0d:a1:7c:53:fd:10:75:4f:19:71:05:
+ 6b:26:18:4c:95:85:7f:50:0f:a5:2d:0f:0a:07:a4:aa:ce:df:
+ 3c:32:47:14:88:73:e1:6b:70:fb:53:23:06:bb:66:91:b8:2a:
+ 23:9f:63:ab:40:a5:71:3d:c6:0a:d3:e5:a2:c5:c8:52:36:40:
+ 47:3c:6b:16:0c:08:d6:77:91:c5:ed:18:87:50:8e:2f:b0:83:
+ 31:34:12:57:41:56:e8:47:69:cb:37:ea:05:3c:29:a2:b5:a3:
+ 9a:82:08:ef:fd:2d:86:52:7d:99:eb:23:d6:28:2c:7e:bb:0a:
+ d0:c0:6e:73:89:09:2b:13:a5:c8:29:4c:e8:02:82:76:b6:d5:
+ 61:07:b0:78:c4:57:44:a7:c1:80:4f:51:0c:46:1e:d3:1b:45:
+ 35:1f:34:f3:e5:4f:88:2e:cd:ee:ac:98:70:35:62:4b:ca:b1:
+ db:37:a6:bb:24:b6:2c:71:d1:29:06:8f:7b:4b:e6:bf:86:57:
+ 23:1a:ce:9a:c5:25:b1:fe:fc:95:4f:5b:f0:9a:32:25:07:b3:
+ 25:87:55:e9:ed:e4:d3:76:53:f3:73:62:c7:63:ad:58:c3:8f:
+ ee:8e:5e:4f:4a:3f:d2:a9:aa:62:a7:37:01:a8:22:de:54:e9:
+ 06:10:7a:65:a9:06:78:47:c0:52:b4:c5:a1:a1:c1:2f:0c:f9:
+ 14:88:31:65:fc:9f:5e:b2:09:8a:35:db:a6:4d:7b:34:e2:46:
+ 97:b3:93:11:d6:a3:53:49:50:b0:5e:2a:64:a7:18:a0:0f:b1:
+ 14:78:dd:35:61:89:73:2d
-----BEGIN CERTIFICATE-----
-MIIFQjCCBCqgAwIBAgIEQh/RwTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3MTAxNDMyMjFaFw0xNzA3MTAxNDMx
-MDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRsw
-GQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC
-DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+j
-hiYaHv5+HBg6XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp
-3MJGF/hd/aTa/55JWpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02
-kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw
-419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7ds
-E/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3
-FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslW
-ZvB1JdxnwQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C31
-5eXbyOD/5YDXC2Og/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9
-gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqL
-ID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQAB
-o4H/MIH8MA8GA1UdEwEB/wQFMAMBAf8wQgYDVR0gBDswOTA3BgRVHSAAMC8wLQYI
-KwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczA6Bggr
-BgEFBQcBAQQuMCwwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xv
-YmFsLmNvbTAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUi0tt7dMpuQYZ7Dk5
-qfCXhGrL798wOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5xdW92YWRpc2ds
-b2JhbC5jb20vcXZyY2EuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBMcgnQQhxa0o7B
-SMNVmyE8suH3nmg3+FC6sAWUsYEKZUZU+PdUrOYGTybAjdPSghSzyhWf/h+l1zwb
-/vxiaZET3ikOni1G1L9rmNPNd0o8Omr/sxTtNyCIEugoJtiBV324XD9wjYr4TjzH
-fn5pq33j+5iqCS0oaynouNevRB/Kcn36esUBg5eEL84cu7JxoOgyPxIccskf5Zp+
-4pqUlQod9cedCi2NaSJ6ZyNExTTtsWXRZM2DYfwMNilHBwPhgj472vQqxN3wb7f6
-ndMU7j2DXbO6G9V891AT1OM6J0JC1DYaA4bMr4m31lJs2sIn99IgrondrOsPSWuu
-TYzbyDZK
+MIID0TCCAbmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAjMQ0wCwYDVQQLDARDZXJ0
+MRIwEAYDVQQDDAljZXJ0MS5wZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMy
+NjEzWjAjMQ0wCwYDVQQLDARDZXJ0MRIwEAYDVQQDDAljZXJ0Mi5wZW0wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9vIA0lsXqb4Gqkb71MtmKnwJnsEUc
+PWjfiX2vvvxp1B0Pcq7ITyz04gSzKNu5Be7Xh8eHP3a5x45X7ErB44u0FNSjpRMW
+txg6l1zNxtaqVIgpsXXSnS4p7+VcUEYCE7LXGi44UMws/GL6YWH3hhipybmvwA75
+04gbkSew5uYWmP2b9sTidtJj2nchsI2hyNnOhDxXr5kZewGM8a7hfKwTpgOgq6L2
+6n3eskMS5SOt30guvPJ2liugHNxghNfeaJ4vXPbfSU4FjQc5J15JRYiGMxYaX7Gi
+0Xj/MDYluAXBity0bLY+UjkeYdzru9pJHdEaBnYiq5QHxw5YzODG/4zTAgMBAAGj
+EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggIBAG8CJF1gO3boqqU3
+13UYcv3gms6qUF7mg5MbLcRHW9bUjdK6b6+nqHhqBnh+nYMpfZuK9417dtgNC365
+vRXoFprFS0jHJro3/vOP3QUTODF5GvQkSQNt+FPXAUR5Z7pq1EB9Vk3EpZmqqdqE
+ROgp6r1eWn3AfeB+DBKFZe/N+LZWngWX1EjXhpZ15sxRYH/r7aTgnsZw2c4XjkEW
+ewY9xzPT2QiNF06lE2rX4s7MdM4Udg6qH431yO+gNOTt+CW1jdI/ZcR1l2quDwJe
+YaENoXxT/RB1TxlxBWsmGEyVhX9QD6UtDwoHpKrO3zwyRxSIc+FrcPtTIwa7ZpG4
+KiOfY6tApXE9xgrT5aLFyFI2QEc8axYMCNZ3kcXtGIdQji+wgzE0EldBVuhHacs3
+6gU8KaK1o5qCCO/9LYZSfZnrI9YoLH67CtDAbnOJCSsTpcgpTOgCgna21WEHsHjE
+V0SnwYBPUQxGHtMbRTUfNPPlT4guze6smHA1YkvKsds3prsktixx0SkGj3tL5r+G
+VyMazprFJbH+/JVPW/CaMiUHsyWHVent5NN2U/NzYsdjrVjDj+6OXk9KP9KpqmKn
+NwGoIt5U6QYQemWpBnhHwFK0xaGhwS8M+RSIMWX8n16yCYo126ZNezTiRpezkxHW
+o1NJULBeKmSnGKAPsRR43TVhiXMt
-----END CERTIFICATE-----
-

Added: branches/vpnc-nortel/test/cert3.pem
==============================================================================
--- branches/vpnc-nortel/test/cert3.pem (added)
+++ branches/vpnc-nortel/test/cert3.pem Wed Dec 4 14:41:04 2013
@@ -0,0 +1,70 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Cert, CN=cert2.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert3.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:b3:9c:7b:17:41:6c:2f:57:f1:b0:e8:a5:5f:0c:
+ c6:65:15:cc:b1:68:c4:39:bd:9d:b0:14:92:39:b7:
+ e4:5d:c7:4d:33:33:67:7f:11:fd:0c:d5:c2:bb:15:
+ 10:bb:42:c6:c5:80:0d:0e:4e:a5:2e:c1:2b:9c:15:
+ 2d:59:51:88:34:89:fb:4e:19:be:17:c9:66:04:7f:
+ 11:72:5a:75:44:04:dd:82:51:0d:b8:01:df:09:a2:
+ fb:d9:64:9e:21:38:fd:a7:84:fd:62:62:a7:0f:c2:
+ 94:16:c5:75:5e:d4:f8:31:e2:55:f5:3c:9a:af:b5:
+ 73:21:d6:52:99:7f:da:f2:24:ed:ea:e9:79:59:83:
+ c4:32:3b:23:06:90:c2:b1:ba:b3:00:2e:47:2e:e3:
+ 82:c0:59:fd:2d:72:e1:8a:ba:ed:a8:b5:f2:59:eb:
+ 23:2d:e9:aa:42:ff:75:92:43:ac:e2:15:d6:69:13:
+ aa:eb:4c:9d:59:07:83:d9:dd:ac:57:f7:35:10:52:
+ a3:41:c9:03:07:d9:1f:32:18:f6:c1:2a:84:f0:5f:
+ 11:15:77:7f:30:e0:fb:18:fe:d0:bb:00:bb:54:16:
+ a0:47:89:fa:67:07:4e:15:91:64:20:e1:05:89:66:
+ f6:3c:3b:e9:90:37:5b:e3:d5:3f:3e:a4:83:d4:bf:
+ e9:23
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 05:8d:41:b5:b8:7f:d5:38:97:01:3f:f9:5d:83:9e:ca:54:9f:
+ ff:91:04:83:6b:9f:5f:27:be:c2:b7:4b:b7:ec:f8:11:28:14:
+ a6:b4:59:8d:7d:57:10:b4:08:04:56:ff:c9:63:32:db:6a:b2:
+ 28:db:28:27:84:c9:53:e0:de:4c:45:b4:01:37:2d:27:06:41:
+ 1f:85:d6:65:c6:a3:21:3c:a0:eb:e6:20:2b:c5:49:57:f2:e4:
+ 27:c9:20:c7:dd:8e:3b:53:f1:17:2b:52:f1:b2:70:e6:ed:c5:
+ 5a:4c:df:24:16:96:d6:20:41:51:1b:b1:af:c5:39:44:6c:dd:
+ b7:3a:16:05:06:89:a5:c8:c8:18:03:98:5a:3e:1f:22:44:e5:
+ 68:fb:be:3e:37:43:52:03:f8:9e:21:cb:1e:29:4f:0a:ff:33:
+ 0f:86:3b:b5:a4:33:73:89:a9:07:91:3e:e5:41:97:d4:46:c0:
+ 98:43:9e:bc:d9:f2:4a:1f:b3:52:9b:48:7e:7c:31:39:d4:9c:
+ 77:bb:78:27:9b:32:56:9b:b2:b8:0d:e3:ea:c7:c1:03:d0:29:
+ 46:a9:b3:b8:62:d9:91:26:a6:af:b8:c2:3e:28:e7:a0:dd:f4:
+ 06:1c:75:0f:f5:9f:52:b0:51:fc:f9:41:ec:3e:2d:95:dc:ab:
+ 7c:bc:0a:d5
+-----BEGIN CERTIFICATE-----
+MIIC0TCCAbmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAjMQ0wCwYDVQQLDARDZXJ0
+MRIwEAYDVQQDDAljZXJ0Mi5wZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMy
+NjEzWjAjMQ0wCwYDVQQLDARDZXJ0MRIwEAYDVQQDDAljZXJ0My5wZW0wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCznHsXQWwvV/Gw6KVfDMZlFcyxaMQ5
+vZ2wFJI5t+Rdx00zM2d/Ef0M1cK7FRC7QsbFgA0OTqUuwSucFS1ZUYg0iftOGb4X
+yWYEfxFyWnVEBN2CUQ24Ad8JovvZZJ4hOP2nhP1iYqcPwpQWxXVe1Pgx4lX1PJqv
+tXMh1lKZf9ryJO3q6XlZg8QyOyMGkMKxurMALkcu44LAWf0tcuGKuu2otfJZ6yMt
+6apC/3WSQ6ziFdZpE6rrTJ1ZB4PZ3axX9zUQUqNByQMH2R8yGPbBKoTwXxEVd38w
+4PsY/tC7ALtUFqBHifpnB04VkWQg4QWJZvY8O+mQN1vj1T8+pIPUv+kjAgMBAAGj
+EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWNQbW4f9U4lwE/
++V2DnspUn/+RBINrn18nvsK3S7fs+BEoFKa0WY19VxC0CARW/8ljMttqsijbKCeE
+yVPg3kxFtAE3LScGQR+F1mXGoyE8oOvmICvFSVfy5CfJIMfdjjtT8RcrUvGycObt
+xVpM3yQWltYgQVEbsa/FOURs3bc6FgUGiaXIyBgDmFo+HyJE5Wj7vj43Q1ID+J4h
+yx4pTwr/Mw+GO7WkM3OJqQeRPuVBl9RGwJhDnrzZ8kofs1KbSH58MTnUnHe7eCeb
+MlabsrgN4+rHwQPQKUaps7hi2ZEmpq+4wj4o56Dd9AYcdQ/1n1KwUfz5Qew+LZXc
+q3y8CtU=
+-----END CERTIFICATE-----

Modified: branches/vpnc-nortel/test/sig_data.bin
==============================================================================
--- branches/vpnc-nortel/test/sig_data.bin (original)
+++ branches/vpnc-nortel/test/sig_data.bin Wed Dec 4 14:41:04 2013
@@ -1,2 +1,3 @@
-0‚µ0‚ 0  *†H†÷ -My Company Ltd10U The Unit10Utest.somewhere.org1!0 *†H†÷  test@somewhere.org0 090428025052Z 190426025052Z01 0 UUS10U Berk
+1O ágQ,ö±K "¤âeD£ ×=bquQ±ã”I0«x{fsÃê™O»2G wp~1û]ÃŽÂ…9»oÓòœUÍ0<‚U0æ%£ Õ¯n‚A®•[‘¹9„´’g“\mÿ³w«¹L*À÷:;*4Ã…Œ¼Ž¨¸<¥¬\f,Ãœ%ÿ„sJƒ; `±AÂ¥;BIÈç
+¶söÌW$SƜt
+öz®˜4TÇ ¬£ð\ç=©Tw½K·sÀ¼µé†ƒÜ!„wb©Nlח2õ
Modified: trunk/Makefile
==============================================================================
--- trunk/Makefile (original)
+++ trunk/Makefile Wed Dec 4 14:41:04 2013
@@ -114,8 +114,8 @@
rm -rf vpnc-$*

test : all
- ./test-crypto test/sig_data.bin test/dec_data.bin \
- test/cert.pem test/cert1.pem test/cert2.pem test/root.pem
+ ./test-crypto test/sig_data.bin test/dec_data.bin test/ca_list.pem \
+ test/cert3.pem test/cert2.pem test/cert1.pem test/cert0.pem

dist : VERSION vpnc.8 vpnc-$(RELEASE_VERSION).tar.gz


Added: trunk/test/Makefile
==============================================================================
--- trunk/test/Makefile (added)
+++ trunk/test/Makefile Wed Dec 4 14:41:04 2013
@@ -0,0 +1,77 @@
+# Makefile to rebuild certificate chain for VPNC test.
+# Copyright (C) 2013 Antonio Borneo
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+OPENSSL = openssl
+
+CFG = openssl.cnf
+TIME = -days 7120
+
+# default targets empty.
+all default clean:
+
+# target to rebuild everything
+rebuild: ca_list.pem cert3.pem sig_data.bin
+
+ca1.key cert1.key:
+ $(OPENSSL) genrsa -out $@ 4096
+
+ca2.key ca3.key cert0.key cert2.key cert3.key:
+ $(OPENSSL) genrsa -out $@ 2048
+
+ca1.pem: ca1.key
+ca2.pem: ca2.key
+ca3.pem: ca3.key
+
+ca%.pem: ca%.key
+ $(OPENSSL) req -new -x509 -key $< -out $@ $(TIME) -batch -text \
+ -subj "/OU=Root Certification Authority/CN="$@
+
+ca_list.pem: ca1.pem ca2.pem ca3.pem
+ cat $^ > $@
+
+CHAIN_SIGN = $(OPENSSL) req -new -key $(2) -batch -subj "/OU=Cert/CN="$(1) \
+ | $(OPENSSL) x509 -req $(TIME) -CA $(3) -CAkey $(4) -set_serial 01 \
+ -out $(1) -text -extfile $(CFG) -extensions usr
+
+cert0.pem: cert0.key ca3.pem ca3.key $(CFG)
+ $(call CHAIN_SIGN,cert0.pem,cert0.key,ca3.pem,ca3.key)
+
+cert1.pem: cert1.key cert0.pem cert0.key $(CFG)
+ $(call CHAIN_SIGN,cert1.pem,cert1.key,cert0.pem,cert0.key)
+
+cert2.pem: cert2.key cert1.pem cert1.key $(CFG)
+ $(call CHAIN_SIGN,cert2.pem,cert2.key,cert1.pem,cert1.key)
+
+cert3.pem: cert3.key cert2.pem cert2.key $(CFG)
+ $(call CHAIN_SIGN,cert3.pem,cert3.key,cert2.pem,cert2.key)
+
+$(CFG):
+ echo -e '[ usr ]\nbasicConstraints=CA:TRUE' > $(CFG)
+
+dec_data.bin:
+ dd if=/dev/urandom of=$@ bs=256 count=1
+
+sig_data.bin: dec_data.bin cert0.key
+ $(OPENSSL) rsautl -decrypt -in $< -out $@ -inkey cert0.key -raw
+
+clean_build:
+ rm -f *.pem $(CFG) sig_data.bin
+
+clean_key:
+ rm -f *.key dec_data.bin
+
+clean_all: clean_build clean_key

Added: trunk/test/README.txt
==============================================================================
--- trunk/test/README.txt (added)
+++ trunk/test/README.txt Wed Dec 4 14:41:04 2013
@@ -0,0 +1,72 @@
+2013-12-04: Antonio Borneo <borneo.antonio@gmail.com>
+
+VPNC includes a wrapper around openssl and gnutls to
+offer single set of crypto-API.
+The program test-crypto.c is used to verify the API.
+
+This folder "test" provides a chain of certificates
+and an encrypted binary.
+test-crypto.c verifies the certificate chain, decrypts
+the binary and compare it against expected result.
+See below for more details on how to use test-crypto.
+
+openSSL is required to rebuild the test files.
+To avoid the dependence from openSSL during SW compile,
+all required files are distribuited together with the
+VPNC source code.
+
+The Makefile in this folder is able to rebuild all the
+certificates and the binary.
+ make clean_all
+to cleanup the folder and
+ make rebuild
+to re-build everything from scratch.
+Since both cryptographic keys and binary are generated
+through random functions, results are not replicable
+across executions. Use
+ make clean_build
+if you want to cleanup the folder but keep either keys
+and binary file.
+
+Files in the folder:
+- readme.txt:
+ This file.
+- Makefile:
+ To rebuild all following file.
+- ca1.key ca2.key ca3.key:
+ Pairs of private and public keys, used for
+ certificate authorities.
+- ca1.pem ca2.pem ca3.pem:
+ Self signed certificate of the certificate
+ authorities.
+- ca_list.pem:
+ Single file containing all the certificates
+ of the three CA above.
+- cert0.key cert1.key cert2.key cert3.key:
+ Pairs of private and public keys, used for
+ certificates.
+- cert0.pem cert1.pem cert2.pem cert3.pem:
+ Certificates derived from ".key" files above.
+ Certificates are signed in chain:
+ ca3.pem -> cert0.pem -> cert1.pem ->
+ -> cert2.pem -> cert3.pem
+ Self signed certificate "ca3.pem" signs the
+ certificate "cert0.pem", that in turn signs
+ "cert1.pem", and so on.
+- dec_data.bin:
+ Binary random data. File size equal to private
+ key size "cert0.key" (256 byte = 2048 bit).
+- sig_data.bin:
+ Data from "dec_data.bin" RSA encrypted through
+ private key in "cert0.pem".
+- openssl.cnf:
+ Temporarily config file for openSSL flags that
+ cannot be passed through command line.
+
+The program test-crypto.c requires at least 5 arguments:
+ test-crypto <sig> <dec> <ca> <cert1> <server>
+- <sig> is the encrypted binary;
+- <dec> is the reference binary before encryption;
+- <ca> is a list of CA certificates, one of them
+ signs <server>;
+- <cert1> ... <server> is the chain of certificates.

Added: trunk/test/ca_list.pem
==============================================================================
--- trunk/test/ca_list.pem (added)
+++ trunk/test/ca_list.pem Wed Dec 4 14:41:04 2013
@@ -0,0 +1,276 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 8f:b0:fb:e5:0b:46:cc:4f
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca1.pem
+ Validity
+ Not Before: Dec 4 13:26:12 2013 GMT
+ Not After : Jun 2 13:26:12 2033 GMT
+ Subject: OU=Root Certification Authority, CN=ca1.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:d0:24:08:5e:8c:24:9f:df:fd:8f:f9:84:c0:d9:
+ 88:4c:94:6f:e0:78:64:6d:b8:c6:4a:71:15:1d:ad:
+ 8a:34:1d:64:03:f3:8f:cb:fb:2b:b9:bf:15:3a:18:
+ 32:71:0b:89:29:3a:6a:65:29:43:d2:b7:ed:0b:02:
+ 6f:7e:94:10:67:3e:38:f3:2f:d6:ad:94:e1:04:45:
+ 80:1a:89:3d:20:3b:45:b7:ee:f5:b5:39:f3:1d:3a:
+ 72:e0:ab:86:99:46:0f:0f:50:90:e2:28:b8:9d:1a:
+ 61:84:ed:ca:fb:9f:15:e5:a1:2a:2f:01:de:c6:a6:
+ 4a:4e:3a:5a:b8:a4:cf:8f:90:60:b7:b1:7d:ea:01:
+ ad:d9:0d:01:64:92:a1:3f:b0:24:eb:ac:6e:ff:fb:
+ 2c:65:fd:dd:bc:4a:95:ba:37:a0:ed:ed:13:e6:49:
+ a8:4a:4e:6c:a0:92:40:d8:74:5f:3f:32:79:27:9e:
+ 28:a0:0c:53:53:23:18:db:82:16:b8:72:89:8a:08:
+ 2c:e0:67:71:d4:5d:32:bc:97:89:c5:14:55:2d:b5:
+ ce:e4:28:94:21:38:f9:42:0e:e7:bc:45:8d:43:54:
+ 28:93:75:de:2d:de:83:e2:f5:8a:f1:f7:80:e6:ad:
+ 16:84:fd:2e:59:47:96:71:e9:49:08:72:77:d7:32:
+ 08:2b:a9:a0:7e:bc:5d:a6:b6:2e:44:5e:9d:67:cd:
+ c1:ec:0c:44:ec:47:2d:c3:f4:d2:8e:08:05:03:77:
+ 72:0b:a2:b6:f4:da:32:f3:84:54:ad:46:85:82:9a:
+ 08:79:4e:97:35:2d:14:35:22:35:51:6e:c8:73:8c:
+ 9a:25:90:ef:c1:cf:8b:40:a6:5e:a4:23:d0:28:19:
+ 4e:56:b4:8b:39:74:e8:5a:57:ca:28:0a:bb:aa:e3:
+ 54:3a:18:2f:31:b9:41:53:3e:bf:a4:f0:8b:3b:85:
+ bb:c0:7d:fd:5a:08:b9:d8:84:51:c7:23:27:44:82:
+ c1:af:e4:f2:db:99:46:a1:7f:35:03:f4:1a:a1:3a:
+ b9:55:a0:bf:6b:c9:7f:9f:66:ac:10:c4:99:12:8f:
+ 72:b8:3d:39:85:bf:9f:e1:ea:e2:42:c6:e1:e7:58:
+ 07:1e:0c:c7:43:1a:47:54:a6:77:59:59:20:15:98:
+ e7:30:4e:94:23:ef:c2:96:bd:ca:ab:ea:03:b1:cf:
+ 76:46:1f:d1:45:85:94:a0:f2:74:d4:50:8e:23:24:
+ ca:79:fc:8c:a8:36:61:1c:40:67:fa:b2:f5:59:e9:
+ fa:f2:73:11:52:0e:3c:db:42:21:76:9a:48:24:2e:
+ f2:64:84:52:c2:57:6b:4d:2a:1c:15:8c:00:cf:94:
+ 9e:b0:c3
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 99:77:DD:22:D3:28:B4:E6:7D:40:1D:ED:DB:7F:BD:3C:00:D3:88:28
+ X509v3 Authority Key Identifier:
+ keyid:99:77:DD:22:D3:28:B4:E6:7D:40:1D:ED:DB:7F:BD:3C:00:D3:88:28
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 7b:32:1c:c2:21:13:f6:c2:0c:30:e4:59:66:28:2f:69:de:50:
+ c2:e2:c9:f3:b6:36:2f:a4:a9:34:1a:9f:e4:4c:e5:a1:f0:be:
+ a7:e0:a4:f7:e2:a2:36:01:9a:68:4b:1f:a7:90:48:a9:c4:35:
+ d6:47:86:d3:f0:f4:2c:55:f2:2b:39:61:ef:82:32:ea:aa:82:
+ ec:20:7d:37:2f:ba:b4:a7:a6:86:92:72:dc:bc:27:73:d4:c3:
+ f0:bc:2f:16:0d:69:63:5e:f8:78:5c:b7:98:bb:b4:4d:cc:47:
+ f8:36:57:86:5c:bb:55:1b:7b:cd:32:8f:e7:bc:e0:fc:32:5a:
+ ed:5c:c5:5b:1f:c0:c3:9a:54:8a:92:eb:97:c0:9f:24:f2:7f:
+ df:e5:a5:f5:50:98:6c:65:31:40:df:4f:f1:47:f8:86:6f:4c:
+ a1:6a:ef:ab:2a:1f:f1:79:04:fd:2d:80:ca:b3:f3:98:f2:7d:
+ 2b:1a:43:3c:ad:30:59:bb:ea:34:5e:29:e3:76:4d:35:ff:0c:
+ c1:73:5c:cb:9f:48:72:87:f0:d6:96:c1:6c:a1:d7:9a:92:b4:
+ 46:2f:f0:ef:61:8b:02:93:ef:40:40:33:29:8c:c7:20:77:ca:
+ 7f:8a:25:3e:10:0a:e0:23:c9:b5:6d:6b:15:89:56:2a:f2:d2:
+ 75:52:15:80:4c:04:35:42:ac:bc:a0:1f:48:e4:cc:d8:62:88:
+ 5e:5c:a2:aa:9e:d4:63:77:46:d5:51:5d:00:2c:fc:99:e2:c3:
+ 31:a6:19:22:db:66:8c:37:35:c4:7d:5f:fc:ee:0f:a2:d3:cd:
+ 2d:90:49:af:35:4a:47:96:6b:3e:91:6c:56:4b:29:39:01:f2:
+ 17:1d:30:bb:74:0b:9d:8d:54:c3:37:1e:32:cb:b8:99:85:88:
+ 00:be:e2:21:85:fc:42:d2:ab:bf:34:99:96:46:7f:28:6e:4c:
+ c9:dc:f3:9d:37:9c:f6:1e:7e:bb:9e:9a:66:02:df:3f:68:1f:
+ 5b:a3:38:dd:fe:c6:93:7b:1f:98:76:54:79:c1:8a:0b:ea:91:
+ 00:e5:7c:9d:94:93:f1:e4:44:70:3f:81:8f:12:32:13:10:2a:
+ 5f:81:b4:e7:40:ea:16:e9:23:f8:b7:f4:c9:70:24:08:4a:45:
+ 50:36:48:e1:1a:25:fa:af:f3:17:26:34:43:22:aa:7c:86:45:
+ f8:b7:36:5a:44:16:51:98:84:df:e2:50:33:b5:ff:42:61:8d:
+ e5:ca:44:b0:06:12:ad:01:90:c6:fe:90:25:db:ab:42:b8:2a:
+ d1:c8:f2:5f:ad:a0:21:df:a3:99:96:d4:1d:87:1e:45:42:a1:
+ 85:5f:81:19:a5:db:5c:3e
+-----BEGIN CERTIFICATE-----
+MIIFRTCCAy2gAwIBAgIJAI+w++ULRsxPMA0GCSqGSIb3DQEBBQUAMDkxJTAjBgNV
+BAsMHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEDAOBgNVBAMMB2NhMS5w
+ZW0wHhcNMTMxMjA0MTMyNjEyWhcNMzMwNjAyMTMyNjEyWjA5MSUwIwYDVQQLDBxS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTEucGVtMIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0CQIXowkn9/9j/mEwNmITJRv
+4HhkbbjGSnEVHa2KNB1kA/OPy/srub8VOhgycQuJKTpqZSlD0rftCwJvfpQQZz44
+8y/WrZThBEWAGok9IDtFt+71tTnzHTpy4KuGmUYPD1CQ4ii4nRphhO3K+58V5aEq
+LwHexqZKTjpauKTPj5Bgt7F96gGt2Q0BZJKhP7Ak66xu//ssZf3dvEqVujeg7e0T
+5kmoSk5soJJA2HRfPzJ5J54ooAxTUyMY24IWuHKJiggs4Gdx1F0yvJeJxRRVLbXO
+5CiUITj5Qg7nvEWNQ1Qok3XeLd6D4vWK8feA5q0WhP0uWUeWcelJCHJ31zIIK6mg
+frxdprYuRF6dZ83B7AxE7Ectw/TSjggFA3dyC6K29Noy84RUrUaFgpoIeU6XNS0U
+NSI1UW7Ic4yaJZDvwc+LQKZepCPQKBlOVrSLOXToWlfKKAq7quNUOhgvMblBUz6/
+pPCLO4W7wH39Wgi52IRRxyMnRILBr+Ty25lGoX81A/QaoTq5VaC/a8l/n2asEMSZ
+Eo9yuD05hb+f4eriQsbh51gHHgzHQxpHVKZ3WVkgFZjnME6UI+/Clr3Kq+oDsc92
+Rh/RRYWUoPJ01FCOIyTKefyMqDZhHEBn+rL1Wen68nMRUg4820IhdppIJC7yZIRS
+wldrTSocFYwAz5SesMMCAwEAAaNQME4wHQYDVR0OBBYEFJl33SLTKLTmfUAd7dt/
+vTwA04goMB8GA1UdIwQYMBaAFJl33SLTKLTmfUAd7dt/vTwA04goMAwGA1UdEwQF
+MAMBAf8wDQYJKoZIhvcNAQEFBQADggIBAHsyHMIhE/bCDDDkWWYoL2neUMLiyfO2
+Ni+kqTQan+RM5aHwvqfgpPfiojYBmmhLH6eQSKnENdZHhtPw9CxV8is5Ye+CMuqq
+guwgfTcvurSnpoaScty8J3PUw/C8LxYNaWNe+Hhct5i7tE3MR/g2V4Zcu1Ube80y
+j+e84PwyWu1cxVsfwMOaVIqS65fAnyTyf9/lpfVQmGxlMUDfT/FH+IZvTKFq76sq
+H/F5BP0tgMqz85jyfSsaQzytMFm76jReKeN2TTX/DMFzXMufSHKH8NaWwWyh15qS
+tEYv8O9hiwKT70BAMymMxyB3yn+KJT4QCuAjybVtaxWJViry0nVSFYBMBDVCrLyg
+H0jkzNhiiF5coqqe1GN3RtVRXQAs/JniwzGmGSLbZow3NcR9X/zuD6LTzS2QSa81
+SkeWaz6RbFZLKTkB8hcdMLt0C52NVMM3HjLLuJmFiAC+4iGF/ELSq780mZZGfyhu
+TMnc8503nPYefruemmYC3z9oH1ujON3+xpN7H5h2VHnBigvqkQDlfJ2Uk/HkRHA/
+gY8SMhMQKl+BtOdA6hbpI/i39MlwJAhKRVA2SOEaJfqv8xcmNEMiqnyGRfi3NlpE
+FlGYhN/iUDO1/0JhjeXKRLAGEq0BkMb+kCXbq0K4KtHI8l+toCHfo5mW1B2HHkVC
+oYVfgRml21w+
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ b6:36:ad:93:f7:5f:26:91
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca2.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Root Certification Authority, CN=ca2.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:ea:19:0b:81:0f:b8:f1:1b:8c:a3:d6:ca:43:06:
+ 2d:b5:d3:45:95:cd:cb:cc:da:f4:4b:d0:da:77:2a:
+ 60:53:47:61:aa:79:99:f8:24:5c:5f:e6:57:72:c8:
+ 22:6d:3c:6f:a8:45:a3:5f:f9:c3:0d:76:bf:6c:a7:
+ f9:25:be:d2:a2:08:cb:8b:4e:00:41:e8:40:88:86:
+ a2:63:a3:c1:35:f8:82:ea:7e:53:8c:c9:3f:95:33:
+ d6:24:51:22:e8:b9:b1:1b:43:67:49:aa:57:4a:d5:
+ ad:0c:11:bf:c9:58:d7:24:97:51:34:9a:30:9a:d1:
+ f0:ec:2d:7b:1c:ef:fd:af:05:e4:69:09:81:86:8d:
+ 8e:dc:33:8d:1f:4d:20:de:d1:8d:5e:d7:de:fc:e3:
+ 7e:b2:0a:0b:31:23:ff:de:ff:61:44:3f:72:ec:48:
+ ca:01:94:2e:8e:3f:cf:fe:af:b3:19:da:e8:15:39:
+ 66:15:db:a4:5a:c0:38:8e:2d:94:31:96:a7:08:fc:
+ aa:03:2e:e2:ab:f9:53:fc:8a:42:ef:2c:d9:1d:cd:
+ 81:b9:9a:fc:3e:08:c3:63:64:57:dd:18:9e:61:52:
+ ab:43:fc:af:7a:3d:8d:99:52:73:0d:86:a7:d7:01:
+ 34:2d:cd:e6:c4:cc:99:01:dd:c7:cf:b1:64:8f:2c:
+ d5:73
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 68:C1:E8:F8:2B:27:CC:15:73:17:5E:E9:96:58:B0:1E:D8:9C:8D:9E
+ X509v3 Authority Key Identifier:
+ keyid:68:C1:E8:F8:2B:27:CC:15:73:17:5E:E9:96:58:B0:1E:D8:9C:8D:9E
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 41:39:9e:d2:fb:82:4f:bc:92:56:d7:de:43:e4:94:72:60:a2:
+ 0e:0c:50:9a:8a:fe:f2:74:63:36:4c:a8:1c:49:bc:aa:82:ae:
+ 39:ff:69:67:46:04:f9:17:b2:da:b1:cd:14:f6:7e:0a:e7:87:
+ 2d:87:98:59:81:91:93:e6:61:f4:56:6e:7d:22:79:3d:a4:73:
+ d5:00:a2:1a:8f:5c:cb:e6:53:04:55:a3:cc:5b:de:da:8e:63:
+ 49:72:d8:10:fd:be:dc:e3:50:83:06:4c:da:96:d3:37:dd:3e:
+ f5:41:08:0b:63:3d:47:08:c1:0b:be:4c:87:28:44:9f:72:fd:
+ 2a:aa:44:2b:cd:a5:a3:11:1e:01:e0:f5:c8:df:88:ed:8c:07:
+ fa:99:dd:dd:2a:67:80:70:81:d3:1d:13:40:de:a1:25:e1:f3:
+ 05:7d:97:b1:c4:d6:17:01:1c:57:a9:70:4c:22:31:45:6a:9e:
+ 4c:d4:14:41:8a:22:d6:a5:49:6b:4b:8a:4d:80:80:ab:1d:b4:
+ 8f:71:6f:78:c8:a2:52:cf:36:7c:f3:0f:f7:7d:19:22:31:ec:
+ 88:f2:16:61:ff:a0:6b:4c:39:57:1d:a2:ce:5a:9e:dd:a7:4b:
+ 31:52:80:9b:ca:fa:83:43:92:91:03:2a:d1:74:b7:b6:08:9b:
+ fa:88:ef:e1
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIJALY2rZP3XyaRMA0GCSqGSIb3DQEBBQUAMDkxJTAjBgNV
+BAsMHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEDAOBgNVBAMMB2NhMi5w
+ZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMyNjEzWjA5MSUwIwYDVQQLDBxS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTIucGVtMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hkLgQ+48RuMo9bKQwYttdNF
+lc3LzNr0S9DadypgU0dhqnmZ+CRcX+ZXcsgibTxvqEWjX/nDDXa/bKf5Jb7SogjL
+i04AQehAiIaiY6PBNfiC6n5TjMk/lTPWJFEi6LmxG0NnSapXStWtDBG/yVjXJJdR
+NJowmtHw7C17HO/9rwXkaQmBho2O3DONH00g3tGNXtfe/ON+sgoLMSP/3v9hRD9y
+7EjKAZQujj/P/q+zGdroFTlmFdukWsA4ji2UMZanCPyqAy7iq/lT/IpC7yzZHc2B
+uZr8PgjDY2RX3RieYVKrQ/yvej2NmVJzDYan1wE0Lc3mxMyZAd3Hz7FkjyzVcwID
+AQABo1AwTjAdBgNVHQ4EFgQUaMHo+CsnzBVzF17plliwHticjZ4wHwYDVR0jBBgw
+FoAUaMHo+CsnzBVzF17plliwHticjZ4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOCAQEAQTme0vuCT7ySVtfeQ+SUcmCiDgxQmor+8nRjNkyoHEm8qoKuOf9p
+Z0YE+Rey2rHNFPZ+CueHLYeYWYGRk+Zh9FZufSJ5PaRz1QCiGo9cy+ZTBFWjzFve
+2o5jSXLYEP2+3ONQgwZM2pbTN90+9UEIC2M9RwjBC75MhyhEn3L9KqpEK82loxEe
+AeD1yN+I7YwH+pnd3SpngHCB0x0TQN6hJeHzBX2XscTWFwEcV6lwTCIxRWqeTNQU
+QYoi1qVJa0uKTYCAqx20j3FveMiiUs82fPMP930ZIjHsiPIWYf+ga0w5Vx2izlqe
+3adLMVKAm8r6g0OSkQMq0XS3tgib+ojv4Q==
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 9f:ab:17:25:a8:44:2d:cd
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca3.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Root Certification Authority, CN=ca3.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bd:8b:3c:b6:0a:8e:17:f0:49:0e:36:c7:41:09:
+ 9a:ab:b4:47:f5:66:38:ae:92:45:b9:2a:53:1e:a6:
+ ea:01:db:2b:be:fc:cf:1b:82:a6:a0:df:ef:96:4b:
+ f4:44:3a:97:37:fd:0f:93:22:ee:94:97:d1:17:50:
+ 09:07:07:2a:6e:2d:ea:fb:21:cf:24:85:db:c1:93:
+ 95:fc:95:3d:13:4e:42:6e:56:20:57:2c:a2:e6:b1:
+ e4:41:eb:0c:14:b1:39:d5:8a:69:a0:df:26:af:15:
+ cf:13:3d:81:18:38:32:9a:40:ad:9d:82:6f:43:38:
+ 35:5b:44:55:fc:20:bd:30:3b:65:bb:eb:1c:52:6f:
+ 1b:a9:04:19:15:47:f3:03:9d:b6:f6:a6:f9:da:0c:
+ 5f:41:36:e6:47:f7:d2:15:25:3c:07:fc:7e:88:08:
+ f3:b8:17:e8:f2:7b:8e:e5:ba:27:d0:43:9a:a5:01:
+ 13:3b:bf:37:44:d6:65:ce:81:fb:a6:35:b4:d7:4d:
+ 6d:31:11:de:20:0b:2d:49:fc:60:9b:37:bf:03:5b:
+ c2:46:00:63:5d:64:80:48:b4:f5:49:dc:97:a9:7e:
+ 6e:c7:33:74:71:1e:8a:7d:d4:d5:e0:d2:a5:9c:f0:
+ 30:0a:1a:63:59:d3:f5:ce:93:e2:60:86:38:94:13:
+ 35:05
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ E5:0F:44:4E:46:BE:03:BE:BF:7E:3F:83:26:17:94:39:9A:38:34:55
+ X509v3 Authority Key Identifier:
+ keyid:E5:0F:44:4E:46:BE:03:BE:BF:7E:3F:83:26:17:94:39:9A:38:34:55
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 82:3a:9b:f8:01:23:35:18:9e:ee:f0:0e:45:f9:45:de:cc:42:
+ 69:f6:9d:9f:c6:6f:e3:78:21:94:1c:aa:23:9d:3c:11:fd:83:
+ 92:2b:4d:c6:0b:3f:e5:f1:da:2e:ab:a4:30:56:ae:5d:90:62:
+ ee:5e:ee:c3:27:2b:3e:9e:4f:57:69:65:50:52:60:41:07:8f:
+ b2:15:ec:27:14:58:c6:9f:4f:f1:b2:86:09:15:f3:b6:53:36:
+ 34:4c:c2:c5:50:b3:57:25:d0:44:0d:d6:2f:42:cc:54:b6:c8:
+ e7:53:24:b7:b9:d4:63:ba:0a:a3:db:1e:16:40:4c:bb:1d:c4:
+ 06:01:8d:b1:9a:7b:21:df:6d:c4:f3:e3:12:30:56:d9:43:3b:
+ 43:1a:da:8e:8c:56:38:92:e9:d5:9d:3c:51:58:ed:e0:2b:f2:
+ 29:7f:1c:0c:f0:df:a5:da:14:70:3b:85:a5:39:14:bf:a2:13:
+ 05:25:95:0d:8d:3b:28:e9:5c:26:5c:14:e8:56:da:c4:a7:f9:
+ 93:3a:c1:60:41:2b:bf:81:2a:fe:e2:75:ec:cf:8d:77:1b:6e:
+ b8:b2:50:84:d1:ce:67:86:7f:06:6e:5d:7e:29:92:a0:d8:c4:
+ 6c:bb:79:3d:8f:59:dd:d4:02:05:8a:93:ef:5c:7b:8f:38:7b:
+ 0e:b9:3a:f3
+-----BEGIN CERTIFICATE-----
+MIIDRTCCAi2gAwIBAgIJAJ+rFyWoRC3NMA0GCSqGSIb3DQEBBQUAMDkxJTAjBgNV
+BAsMHFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEDAOBgNVBAMMB2NhMy5w
+ZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMyNjEzWjA5MSUwIwYDVQQLDBxS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTMucGVtMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYs8tgqOF/BJDjbHQQmaq7RH
+9WY4rpJFuSpTHqbqAdsrvvzPG4KmoN/vlkv0RDqXN/0PkyLulJfRF1AJBwcqbi3q
++yHPJIXbwZOV/JU9E05CblYgVyyi5rHkQesMFLE51YppoN8mrxXPEz2BGDgymkCt
+nYJvQzg1W0RV/CC9MDtlu+scUm8bqQQZFUfzA5229qb52gxfQTbmR/fSFSU8B/x+
+iAjzuBfo8nuO5bon0EOapQETO783RNZlzoH7pjW0101tMRHeIAstSfxgmze/A1vC
+RgBjXWSASLT1SdyXqX5uxzN0cR6KfdTV4NKlnPAwChpjWdP1zpPiYIY4lBM1BQID
+AQABo1AwTjAdBgNVHQ4EFgQU5Q9ETka+A76/fj+DJheUOZo4NFUwHwYDVR0jBBgw
+FoAU5Q9ETka+A76/fj+DJheUOZo4NFUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
+AQUFAAOCAQEAgjqb+AEjNRie7vAORflF3sxCafadn8Zv43ghlByqI508Ef2DkitN
+xgs/5fHaLqukMFauXZBi7l7uwycrPp5PV2llUFJgQQePshXsJxRYxp9P8bKGCRXz
+tlM2NEzCxVCzVyXQRA3WL0LMVLbI51Mkt7nUY7oKo9seFkBMux3EBgGNsZp7Id9t
+xPPjEjBW2UM7QxrajoxWOJLp1Z08UVjt4CvyKX8cDPDfpdoUcDuFpTkUv6ITBSWV
+DY07KOlcJlwU6FbaxKf5kzrBYEErv4Eq/uJ17M+NdxtuuLJQhNHOZ4Z/Bm5dfimS
+oNjEbLt5PY9Z3dQCBYqT71x7jzh7Drk68w==
+-----END CERTIFICATE-----

Modified: trunk/test/cert0.pem
==============================================================================
--- trunk/test/cert0.pem (original)
+++ trunk/test/cert0.pem Wed Dec 4 14:41:04 2013
@@ -1,36 +1,70 @@
- 0 s:/1.3.6.1.4.1.311.60.2.1.3=CH/1.3.6.1.4.1.311.60.2.1.2=Bern/2.5.4.15=V1.0, Clause 5(b)/serialNumber=CH-035.7.001.278-9/C=CH/ST=Zuerich/L=Zuerich/O=SWITCH/CN=www.switch.ch
- i:/C=BM/O=QuoVadis Limited/OU=www.quovadisglobal.com/CN=QuoVadis Global SSL ICA
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Root Certification Authority, CN=ca3.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert0.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bf:6d:e1:6a:22:df:a9:d1:75:d7:4e:8f:a1:cf:
+ 81:3b:83:9f:35:2b:ea:a1:37:ba:37:9f:45:fc:67:
+ 44:88:25:34:32:e7:79:8f:bf:6b:9f:68:ee:9a:38:
+ c1:ea:ce:52:d6:b4:74:4f:a9:80:d0:3e:66:24:3f:
+ 90:d0:86:7b:b3:40:ea:38:22:19:21:a1:dc:d8:ee:
+ 39:80:66:af:fc:47:ad:30:e1:a7:c9:fe:9c:58:aa:
+ 86:98:96:41:48:16:01:e5:0b:71:c3:d0:10:79:94:
+ 50:e6:49:74:f9:8f:77:34:cc:a0:dd:a5:7b:b5:d3:
+ 9d:d6:1f:71:5a:42:68:6d:9b:54:40:ad:f0:45:5e:
+ 48:e3:07:ad:08:23:91:2c:01:f9:08:b5:53:f7:f2:
+ 07:d9:89:41:ba:85:45:48:98:b9:7e:fe:47:6d:55:
+ f6:11:c5:20:55:cc:da:fb:d8:92:62:02:16:31:d3:
+ 18:fb:b0:93:40:5a:78:17:51:fe:62:2e:68:fb:d9:
+ 3f:f3:20:9a:ea:28:fc:1d:28:be:8d:1c:34:2b:07:
+ 47:17:5f:c6:97:df:72:1c:88:a0:02:37:13:0e:44:
+ c1:7c:db:dd:8e:a9:59:54:a6:46:4b:c8:d8:03:39:
+ 6e:15:31:a8:d6:9b:8d:72:89:6b:4b:eb:9d:26:14:
+ 37:47
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 99:8f:67:14:00:32:06:9b:bf:42:31:92:5d:bf:02:a0:b0:e6:
+ 67:11:c2:37:89:29:84:db:20:00:10:55:bf:14:31:1b:32:e9:
+ e5:26:4f:c1:52:81:66:6c:92:02:c1:32:69:27:22:b0:72:d5:
+ 62:d0:3e:93:91:b7:c3:8b:0e:e9:8c:c1:d9:d7:59:b1:ca:1e:
+ f2:11:bb:e9:4f:2f:e6:45:05:4c:30:9e:c2:59:07:ff:e5:e6:
+ 8c:d9:63:ae:12:e2:55:d9:9b:99:7b:0e:1d:96:bc:b0:5b:d9:
+ 10:e7:f6:06:45:a0:66:c8:fa:2d:df:c0:5b:73:98:ee:bb:82:
+ 8b:ad:67:70:98:6b:2c:a3:ad:4a:a6:79:18:81:3c:2b:dc:79:
+ f4:de:aa:d4:fe:3e:b3:fc:32:12:45:9a:90:48:70:e2:ed:65:
+ b2:59:1d:1c:c2:3a:e3:2d:0d:4b:3c:33:23:1d:80:9b:8b:1c:
+ d1:48:5d:c3:6e:58:49:7a:b3:4b:70:86:a5:31:b0:e6:d5:82:
+ 07:3c:6f:43:60:f1:b3:b4:39:7c:40:45:d7:a8:0c:5f:81:a5:
+ c6:86:14:59:0e:6c:b2:88:05:7a:85:ef:6f:5c:e7:a1:89:c9:
+ 29:95:5f:ba:7e:03:e4:66:d4:11:23:9c:9f:72:f8:00:b2:5c:
+ a0:46:09:e8
-----BEGIN CERTIFICATE-----
-MIIFpjCCBI6gAwIBAgICD4YwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
-c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
-DTA5MDExNTA5MjEzM1oXDTExMDExNTA5MjEzM1owgb8xEzARBgsrBgEEAYI3PAIB
-AxMCQ0gxFTATBgsrBgEEAYI3PAIBAhMEQmVybjEaMBgGA1UEDxMRVjEuMCwgQ2xh
-dXNlIDUoYikxGzAZBgNVBAUTEkNILTAzNS43LjAwMS4yNzgtOTELMAkGA1UEBhMC
-Q0gxEDAOBgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoT
-BlNXSVRDSDEWMBQGA1UEAxMNd3d3LnN3aXRjaC5jaDCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAKqwpnO5zcYxC829nQpHkFeZp9Hp4gzlyvHj0BHaLx9F
-pQxaFw7bsgbrMR+M+OjI+NXbWhPbc6ftY5VjqYwaVQAWmA3vvo5ELsy11lzyQusi
-ZT2wjx0Rx1SV7ocP20rDS0gkFqrej0ymdQKO/mcyht53a076goaUuacOElhNttlM
-baXiGwSMFURVUA/9dcOC8HhYPokzWnQD7BkFl3pg3BsmHz5mQ+rh79e+rKJylsXS
-qfSI1zD0QQTLd01JBzX4iOM37IlHBAJb/EWAuNJPjA9SHZlfILhphaAiEtKUlcyL
-4atAUUgbM2SI9yFfwALHliyBgoBcsZSd7ZlzhaFVA6UCAwEAAaOCAf0wggH5MHQG
-CCsGAQUFBwEBBGgwZjAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNn
-bG9iYWwuY29tMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
-YWwuY29tL3F2c3NsaWNhLmNydDBRBgNVHSAESjBIMEYGDCsGAQQBvlgAAmQBAjA2
-MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBv
-c2l0b3J5MIGEBgNVHREEfTB7gg13d3cuc3dpdGNoLmNogglzd2l0Y2guY2iCEXd3
-dy1kYXYuc3dpdGNoLmNoggxjbXMuc21zY2cuY2iCEWNtcy53d3cuc3dpdGNoLmNo
-ggllZHVodWIuY2iCDXd3dy5lZHVodWIuY2iCEWNtcy53d3cuZWR1aHViLmNoMAsG
-A1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0j
-BBgwFoAUMk2hT+rwrpm27psHLIQIEVCL4n4wOwYDVR0fBDQwMjAwoC6gLIYqaHR0
-cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZzc2xpY2EuY3JsMB0GA1UdDgQW
-BBRj4EuKFVw3hT+IAecPzu1V+KBfRDANBgkqhkiG9w0BAQUFAAOCAQEAOGUv6vmY
-Bz1d8aewypeEpfGG6HEM59xXEnawhywiT7642y0ZCrAIYQASpKhI4sLPKOJpmQRg
-IzApWKaYvLhUsqvnaEvGS+zj+WGvPps7Ky23mwNmLr4qlMdlW6HuXacZvePAUp9v
-qCzQzcxD2QRncZ1vmG1uz/2gR34b/pgb2HnUS4tT6HbUQxTbQAEEbRubTMjFAD5w
-MXIFvNdOl+fhsehC9xxRnXy0dprXE2Wtk29fqnnXmpTSaOOuzc5BhXamdjebCeY/
-ACI+6A2o7ZbwRLN/J/lnBItJuWam78u0ypLOpWpDImt7eWMP+3JjJcegxVwp80dU
-2TumER72gt2EOA==
+MIIC5zCCAc+gAwIBAgIBATANBgkqhkiG9w0BAQUFADA5MSUwIwYDVQQLDBxSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRAwDgYDVQQDDAdjYTMucGVtMB4XDTEz
+MTIwNDEzMjYxM1oXDTMzMDYwMjEzMjYxM1owIzENMAsGA1UECwwEQ2VydDESMBAG
+A1UEAwwJY2VydDAucGVtMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+v23haiLfqdF1106Poc+BO4OfNSvqoTe6N59F/GdEiCU0Mud5j79rn2jumjjB6s5S
+1rR0T6mA0D5mJD+Q0IZ7s0DqOCIZIaHc2O45gGav/EetMOGnyf6cWKqGmJZBSBYB
+5Qtxw9AQeZRQ5kl0+Y93NMyg3aV7tdOd1h9xWkJobZtUQK3wRV5I4wetCCORLAH5
+CLVT9/IH2YlBuoVFSJi5fv5HbVX2EcUgVcza+9iSYgIWMdMY+7CTQFp4F1H+Yi5o
++9k/8yCa6ij8HSi+jRw0KwdHF1/Gl99yHIigAjcTDkTBfNvdjqlZVKZGS8jYAzlu
+FTGo1puNcolrS+udJhQ3RwIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
+DQEBBQUAA4IBAQCZj2cUADIGm79CMZJdvwKgsOZnEcI3iSmE2yAAEFW/FDEbMunl
+Jk/BUoFmbJICwTJpJyKwctVi0D6TkbfDiw7pjMHZ11mxyh7yEbvpTy/mRQVMMJ7C
+WQf/5eaM2WOuEuJV2ZuZew4dlrywW9kQ5/YGRaBmyPot38Bbc5juu4KLrWdwmGss
+o61KpnkYgTwr3Hn03qrU/j6z/DISRZqQSHDi7WWyWR0cwjrjLQ1LPDMjHYCbixzR
+SF3DblhJerNLcIalMbDm1YIHPG9DYPGztDl8QEXXqAxfgaXGhhRZDmyyiAV6he9v
+XOehickplV+6fgPkZtQRI5yfcvgAslygRgno
-----END CERTIFICATE-----
-

Modified: trunk/test/cert1.pem
==============================================================================
--- trunk/test/cert1.pem (original)
+++ trunk/test/cert1.pem Wed Dec 4 14:41:04 2013
@@ -1,34 +1,92 @@
- 1 s:/C=BM/O=QuoVadis Limited/OU=www.quovadisglobal.com/CN=QuoVadis Global SSL ICA
- i:/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Cert, CN=cert0.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert1.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (4096 bit)
+ Modulus:
+ 00:b7:8a:db:2e:f3:c7:6c:2c:78:7e:29:af:66:50:
+ d4:ff:f9:c1:29:2b:96:ad:b9:5f:c0:7b:02:39:09:
+ cc:46:5e:24:9e:e4:57:8b:43:d6:28:ae:91:2b:38:
+ dd:c6:e1:08:cc:22:7e:dd:87:79:06:28:98:81:b0:
+ 35:5e:75:ca:77:f6:15:34:9f:30:f9:cb:cc:fd:ae:
+ c6:91:1c:eb:45:fa:4b:92:fc:d6:27:ad:07:ac:20:
+ d2:6f:19:e4:c8:6b:3f:c0:17:20:c2:56:2a:6e:46:
+ 0d:c1:a1:39:f2:9c:65:57:8d:4b:b8:a4:60:36:13:
+ cf:68:3a:4c:cd:35:b0:77:3a:ec:e7:18:2b:da:b2:
+ b5:95:97:ae:22:ae:23:44:99:62:10:4d:fa:1f:62:
+ 93:93:35:7b:19:dc:51:3e:44:63:f8:95:c1:6a:62:
+ cf:d4:d3:67:9b:82:74:f9:d8:ac:06:0e:f6:5e:3a:
+ 76:8f:92:12:fe:ff:9d:11:8b:21:47:d6:b1:e8:53:
+ c4:a5:12:7d:d7:21:06:96:93:34:f0:13:57:12:3b:
+ 3c:4f:9b:7d:c0:a6:d0:cc:d2:c3:07:b9:e8:46:62:
+ d0:8e:49:14:1d:ae:69:34:a5:21:58:da:95:d6:af:
+ 84:5e:de:5f:e3:c3:b6:5d:0c:fd:33:f5:fe:c1:df:
+ 69:f7:11:0d:88:63:24:ff:1a:79:cd:76:81:2a:59:
+ f7:32:27:6f:b0:12:1b:0c:a8:ac:b8:c3:85:f6:63:
+ 7e:bd:bd:97:86:09:b6:1b:51:54:2e:03:02:9e:ae:
+ 44:07:2b:48:7e:34:76:fe:f8:6e:28:81:14:8b:ef:
+ 24:d0:eb:c3:f2:1f:4c:93:24:51:cd:5f:06:af:26:
+ 8e:08:da:aa:8b:8a:06:f5:ed:64:c2:4f:9b:f7:05:
+ ea:be:ab:24:1b:64:f0:01:99:40:8c:11:dd:9c:28:
+ 5d:6e:ac:b4:c0:f2:06:e9:14:ca:e0:b4:47:af:2d:
+ 51:4e:ee:a7:26:38:ba:97:91:8d:fe:00:19:0c:ca:
+ ac:2b:d1:57:ca:34:f4:1c:14:21:01:25:ed:9e:4c:
+ cd:47:f8:7f:9a:88:37:50:0f:28:71:2d:e5:23:5a:
+ 7f:08:1c:9e:05:ab:50:f6:a0:c4:63:74:d1:88:27:
+ 8c:c5:16:5a:f5:f0:79:77:c3:69:6d:88:17:8f:79:
+ 24:49:d3:69:79:59:c0:63:dc:a9:db:53:ea:dd:78:
+ 8c:7a:83:31:b4:1c:c2:8c:9e:14:85:95:9f:3c:21:
+ c2:f6:50:53:68:d9:c2:45:cf:94:91:87:94:62:3d:
+ b1:97:ac:96:2d:f0:c1:7c:15:62:00:91:26:58:b9:
+ 61:4e:ff
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 9f:4e:99:95:c8:87:7f:87:56:4c:88:6b:9f:9d:ca:f7:2f:07:
+ 88:5d:0e:14:a5:1a:6c:a0:4f:36:e1:76:a7:14:8c:44:51:1d:
+ 61:35:aa:75:16:4a:94:a8:b2:05:0e:df:21:ad:53:2e:85:ca:
+ dc:6a:8e:cf:78:77:01:e1:d5:e6:96:e0:3d:da:29:1c:3e:82:
+ f8:9d:c1:ad:1c:dc:88:dd:b5:cf:27:db:74:3b:7b:33:04:44:
+ b8:ae:e8:42:ae:16:67:a3:73:13:07:85:f7:0f:cf:54:a2:91:
+ 8f:b6:51:3c:9a:42:c4:23:47:5f:de:69:93:4b:aa:80:b4:1c:
+ 38:67:98:ab:ae:06:16:cf:55:b3:a2:4c:29:36:60:85:05:a1:
+ 9f:e9:a5:85:6d:95:55:6b:ea:bb:bf:eb:a9:77:a6:50:5a:95:
+ b2:7b:f1:3d:3e:a2:fe:c9:6d:f2:b7:a2:f2:cd:a2:20:92:cc:
+ 16:fc:2e:62:e2:a2:5d:be:59:d2:cc:13:36:ca:58:4a:5a:de:
+ e6:89:de:e8:f9:5e:1a:ca:05:c1:dd:46:4a:e8:3d:89:a4:78:
+ 07:65:fc:ea:55:aa:b9:3b:c9:d7:a6:e0:2d:5d:0c:b1:9a:b4:
+ 6f:95:1b:40:ae:17:f6:c6:2c:19:51:19:a7:48:68:0d:6f:e5:
+ 5d:e9:33:24
-----BEGIN CERTIFICATE-----
-MIIFTjCCAzagAwIBAgICBXowDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
-GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
-b3QgQ0EgMjAeFw0wNzAxMTIxNjEzMzNaFw0xNzAxMTIxNjEzMTFaMGsxCzAJBgNV
-BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR8wHQYDVQQLExZ3d3cu
-cXVvdmFkaXNnbG9iYWwuY29tMSAwHgYDVQQDExdRdW9WYWRpcyBHbG9iYWwgU1NM
-IElDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKk1mD/CiG1+aGcM
-xI7LJL0x4qQpmljkCt1BFL1oaoyuFW4l0GKVTNPFsJ6w4a7pLejG1uQJgeRmKy8n
-xm12NXgIshfqBvTqVFAcuGViwCreo5S+oZWlLxTIYRVJZB3OujED5IyXVibMLR7g
-xWwcXS2BCSNDUnCAN2x+sGHSR9o4sGTbiYFMZPWZfOc0rIbWtms/cUSVfqneyRGN
-WgoIvKPdT2vGvf70RpszxqjEEBLT2A1F2QwM/BxgxylzyelGCN6qVDJrE2rP1KRq
-AN+qiV7kK9MphZ9RYRkjtHE3qNkIxTi4KLy/FBWCy9abwK7t8+AGP6y+N8Oxf7Ed
-9AU37VcCAwEAAaOCASAwggEcMA8GA1UdEwEB/wQFMAMBAf8wOgYIKwYBBQUHAQEE
-LjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20w
-QgYDVR0gBDswOTA3BgRVHSAAMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVv
-dmFkaXNnbG9iYWwuY29tL2NwczAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAU
-GoRivEhMMyUE1O7Q9gPEGUbRlGswOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2Ny
-bC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyLmNybDAdBgNVHQ4EFgQUMk2hT+rw
-rpm27psHLIQIEVCL4n4wDQYJKoZIhvcNAQEFBQADggIBAI5zWxH+LIAvrc/dYIWZ
-8zHozDuc1kbd7IaiSgjJCZwNo1vMSLbNfgPg7XIoTDJ903URzDUWh4l8/XncwRil
-rRafR23N/iFkM+NF+LoABd9qpF/oAmOGuJ6GwPUf/yhioc8nQ/WXuMVF4/OTdvGF
-0QRsk7rivttpGx2aQhGBwO39ft4cySvXToNsBjH4VWcduEooZDg6plIec8S2zrFA
-dXvxSgz/sV41QHwyUokTxEY1UoXF9aA5VeGLKIkC1NasTyy26bzuOYOKxgqRUXIu
-n6M+CdWiKKJWVi3rBpbnFQWSrsotp4jeQn9zBuovTR0OOijTBWHj9ThxrIG5pb4g
-Nmd03/NZDe5l3ja59+UtBUpfCbdqPCCZSUy7t6PLAoDo5JwQKCEOrmNpwD/207GP
-2WMo77wh5/mvJRJMFfEZ+CwQXk5LPXXU7EJr+7PYpJB67hryxts1I6FJI0AF3ET9
-3YZ4sgEK009h6bdeZbIOvcT4e0v33EAJggFtxU/5xRdtk/PmwxBjSxeg+jBK2xeH
-3TScxc6nNvtcw22Lds5GucMsoxmpblYV1adrowg3twQvSXQZ96jzyT3qfmk09M+e
-bBTqd3GFwZcJNaQigOw8EQHQtjJm9Zco7FtJ+SxEqcQYFJ+M7QZz+0wWCPwlflMo
-7aGlYILpWH4iR3ZhuH/3xMkx
+MIID0TCCArmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAjMQ0wCwYDVQQLDARDZXJ0
+MRIwEAYDVQQDDAljZXJ0MC5wZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMy
+NjEzWjAjMQ0wCwYDVQQLDARDZXJ0MRIwEAYDVQQDDAljZXJ0MS5wZW0wggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3itsu88dsLHh+Ka9mUNT/+cEpK5at
+uV/AewI5CcxGXiSe5FeLQ9YorpErON3G4QjMIn7dh3kGKJiBsDVedcp39hU0nzD5
+y8z9rsaRHOtF+kuS/NYnrQesINJvGeTIaz/AFyDCVipuRg3BoTnynGVXjUu4pGA2
+E89oOkzNNbB3OuznGCvasrWVl64iriNEmWIQTfofYpOTNXsZ3FE+RGP4lcFqYs/U
+02ebgnT52KwGDvZeOnaPkhL+/50RiyFH1rHoU8SlEn3XIQaWkzTwE1cSOzxPm33A
+ptDM0sMHuehGYtCOSRQdrmk0pSFY2pXWr4Re3l/jw7ZdDP0z9f7B32n3EQ2IYyT/
+GnnNdoEqWfcyJ2+wEhsMqKy4w4X2Y369vZeGCbYbUVQuAwKerkQHK0h+NHb++G4o
+gRSL7yTQ68PyH0yTJFHNXwavJo4I2qqLigb17WTCT5v3Beq+qyQbZPABmUCMEd2c
+KF1urLTA8gbpFMrgtEevLVFO7qcmOLqXkY3+ABkMyqwr0VfKNPQcFCEBJe2eTM1H
++H+aiDdQDyhxLeUjWn8IHJ4Fq1D2oMRjdNGIJ4zFFlr18Hl3w2ltiBePeSRJ02l5
+WcBj3KnbU+rdeIx6gzG0HMKMnhSFlZ88IcL2UFNo2cJFz5SRh5RiPbGXrJYt8MF8
+FWIAkSZYuWFO/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
+A4IBAQCfTpmVyId/h1ZMiGufncr3LweIXQ4UpRpsoE824XanFIxEUR1hNap1FkqU
+qLIFDt8hrVMuhcrcao7PeHcB4dXmluA92ikcPoL4ncGtHNyI3bXPJ9t0O3szBES4
+ruhCrhZno3MTB4X3D89UopGPtlE8mkLEI0df3mmTS6qAtBw4Z5irrgYWz1Wzokwp
+NmCFBaGf6aWFbZVVa+q7v+upd6ZQWpWye/E9PqL+yW3yt6LyzaIgkswW/C5i4qJd
+vlnSzBM2ylhKWt7mid7o+V4aygXB3UZK6D2JpHgHZfzqVaq5O8nXpuAtXQyxmrRv
+lRtArhf2xiwZURmnSGgNb+Vd6TMk
-----END CERTIFICATE-----
-

Modified: trunk/test/cert2.pem
==============================================================================
--- trunk/test/cert2.pem (original)
+++ trunk/test/cert2.pem Wed Dec 4 14:41:04 2013
@@ -1,34 +1,89 @@
- 2 s:/C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2
- i:/C=BM/O=QuoVadis Limited/OU=Root Certification Authority/CN=QuoVadis Root Certification Authority
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Cert, CN=cert1.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert2.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:bd:bc:80:34:96:c5:ea:6f:81:aa:91:be:f5:32:
+ d9:8a:9f:02:67:b0:45:1c:3d:68:df:89:7d:af:be:
+ fc:69:d4:1d:0f:72:ae:c8:4f:2c:f4:e2:04:b3:28:
+ db:b9:05:ee:d7:87:c7:87:3f:76:b9:c7:8e:57:ec:
+ 4a:c1:e3:8b:b4:14:d4:a3:a5:13:16:b7:18:3a:97:
+ 5c:cd:c6:d6:aa:54:88:29:b1:75:d2:9d:2e:29:ef:
+ e5:5c:50:46:02:13:b2:d7:1a:2e:38:50:cc:2c:fc:
+ 62:fa:61:61:f7:86:18:a9:c9:b9:af:c0:0e:f9:d3:
+ 88:1b:91:27:b0:e6:e6:16:98:fd:9b:f6:c4:e2:76:
+ d2:63:da:77:21:b0:8d:a1:c8:d9:ce:84:3c:57:af:
+ 99:19:7b:01:8c:f1:ae:e1:7c:ac:13:a6:03:a0:ab:
+ a2:f6:ea:7d:de:b2:43:12:e5:23:ad:df:48:2e:bc:
+ f2:76:96:2b:a0:1c:dc:60:84:d7:de:68:9e:2f:5c:
+ f6:df:49:4e:05:8d:07:39:27:5e:49:45:88:86:33:
+ 16:1a:5f:b1:a2:d1:78:ff:30:36:25:b8:05:c1:8a:
+ dc:b4:6c:b6:3e:52:39:1e:61:dc:eb:bb:da:49:1d:
+ d1:1a:06:76:22:ab:94:07:c7:0e:58:cc:e0:c6:ff:
+ 8c:d3
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 6f:02:24:5d:60:3b:76:e8:aa:a5:37:d7:75:18:72:fd:e0:9a:
+ ce:aa:50:5e:e6:83:93:1b:2d:c4:47:5b:d6:d4:8d:d2:ba:6f:
+ af:a7:a8:78:6a:06:78:7e:9d:83:29:7d:9b:8a:f7:8d:7b:76:
+ d8:0d:0b:7e:b9:bd:15:e8:16:9a:c5:4b:48:c7:26:ba:37:fe:
+ f3:8f:dd:05:13:38:31:79:1a:f4:24:49:03:6d:f8:53:d7:01:
+ 44:79:67:ba:6a:d4:40:7d:56:4d:c4:a5:99:aa:a9:da:84:44:
+ e8:29:ea:bd:5e:5a:7d:c0:7d:e0:7e:0c:12:85:65:ef:cd:f8:
+ b6:56:9e:05:97:d4:48:d7:86:96:75:e6:cc:51:60:7f:eb:ed:
+ a4:e0:9e:c6:70:d9:ce:17:8e:41:16:7b:06:3d:c7:33:d3:d9:
+ 08:8d:17:4e:a5:13:6a:d7:e2:ce:cc:74:ce:14:76:0e:aa:1f:
+ 8d:f5:c8:ef:a0:34:e4:ed:f8:25:b5:8d:d2:3f:65:c4:75:97:
+ 6a:ae:0f:02:5e:61:a1:0d:a1:7c:53:fd:10:75:4f:19:71:05:
+ 6b:26:18:4c:95:85:7f:50:0f:a5:2d:0f:0a:07:a4:aa:ce:df:
+ 3c:32:47:14:88:73:e1:6b:70:fb:53:23:06:bb:66:91:b8:2a:
+ 23:9f:63:ab:40:a5:71:3d:c6:0a:d3:e5:a2:c5:c8:52:36:40:
+ 47:3c:6b:16:0c:08:d6:77:91:c5:ed:18:87:50:8e:2f:b0:83:
+ 31:34:12:57:41:56:e8:47:69:cb:37:ea:05:3c:29:a2:b5:a3:
+ 9a:82:08:ef:fd:2d:86:52:7d:99:eb:23:d6:28:2c:7e:bb:0a:
+ d0:c0:6e:73:89:09:2b:13:a5:c8:29:4c:e8:02:82:76:b6:d5:
+ 61:07:b0:78:c4:57:44:a7:c1:80:4f:51:0c:46:1e:d3:1b:45:
+ 35:1f:34:f3:e5:4f:88:2e:cd:ee:ac:98:70:35:62:4b:ca:b1:
+ db:37:a6:bb:24:b6:2c:71:d1:29:06:8f:7b:4b:e6:bf:86:57:
+ 23:1a:ce:9a:c5:25:b1:fe:fc:95:4f:5b:f0:9a:32:25:07:b3:
+ 25:87:55:e9:ed:e4:d3:76:53:f3:73:62:c7:63:ad:58:c3:8f:
+ ee:8e:5e:4f:4a:3f:d2:a9:aa:62:a7:37:01:a8:22:de:54:e9:
+ 06:10:7a:65:a9:06:78:47:c0:52:b4:c5:a1:a1:c1:2f:0c:f9:
+ 14:88:31:65:fc:9f:5e:b2:09:8a:35:db:a6:4d:7b:34:e2:46:
+ 97:b3:93:11:d6:a3:53:49:50:b0:5e:2a:64:a7:18:a0:0f:b1:
+ 14:78:dd:35:61:89:73:2d
-----BEGIN CERTIFICATE-----
-MIIFQjCCBCqgAwIBAgIEQh/RwTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNzA3MTAxNDMyMjFaFw0xNzA3MTAxNDMx
-MDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRsw
-GQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC
-DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+j
-hiYaHv5+HBg6XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp
-3MJGF/hd/aTa/55JWpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02
-kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw
-419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7ds
-E/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3
-FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslW
-ZvB1JdxnwQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C31
-5eXbyOD/5YDXC2Og/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9
-gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqL
-ID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQAB
-o4H/MIH8MA8GA1UdEwEB/wQFMAMBAf8wQgYDVR0gBDswOTA3BgRVHSAAMC8wLQYI
-KwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczA6Bggr
-BgEFBQcBAQQuMCwwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xv
-YmFsLmNvbTAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUi0tt7dMpuQYZ7Dk5
-qfCXhGrL798wOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5xdW92YWRpc2ds
-b2JhbC5jb20vcXZyY2EuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBMcgnQQhxa0o7B
-SMNVmyE8suH3nmg3+FC6sAWUsYEKZUZU+PdUrOYGTybAjdPSghSzyhWf/h+l1zwb
-/vxiaZET3ikOni1G1L9rmNPNd0o8Omr/sxTtNyCIEugoJtiBV324XD9wjYr4TjzH
-fn5pq33j+5iqCS0oaynouNevRB/Kcn36esUBg5eEL84cu7JxoOgyPxIccskf5Zp+
-4pqUlQod9cedCi2NaSJ6ZyNExTTtsWXRZM2DYfwMNilHBwPhgj472vQqxN3wb7f6
-ndMU7j2DXbO6G9V891AT1OM6J0JC1DYaA4bMr4m31lJs2sIn99IgrondrOsPSWuu
-TYzbyDZK
+MIID0TCCAbmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAjMQ0wCwYDVQQLDARDZXJ0
+MRIwEAYDVQQDDAljZXJ0MS5wZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMy
+NjEzWjAjMQ0wCwYDVQQLDARDZXJ0MRIwEAYDVQQDDAljZXJ0Mi5wZW0wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9vIA0lsXqb4Gqkb71MtmKnwJnsEUc
+PWjfiX2vvvxp1B0Pcq7ITyz04gSzKNu5Be7Xh8eHP3a5x45X7ErB44u0FNSjpRMW
+txg6l1zNxtaqVIgpsXXSnS4p7+VcUEYCE7LXGi44UMws/GL6YWH3hhipybmvwA75
+04gbkSew5uYWmP2b9sTidtJj2nchsI2hyNnOhDxXr5kZewGM8a7hfKwTpgOgq6L2
+6n3eskMS5SOt30guvPJ2liugHNxghNfeaJ4vXPbfSU4FjQc5J15JRYiGMxYaX7Gi
+0Xj/MDYluAXBity0bLY+UjkeYdzru9pJHdEaBnYiq5QHxw5YzODG/4zTAgMBAAGj
+EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggIBAG8CJF1gO3boqqU3
+13UYcv3gms6qUF7mg5MbLcRHW9bUjdK6b6+nqHhqBnh+nYMpfZuK9417dtgNC365
+vRXoFprFS0jHJro3/vOP3QUTODF5GvQkSQNt+FPXAUR5Z7pq1EB9Vk3EpZmqqdqE
+ROgp6r1eWn3AfeB+DBKFZe/N+LZWngWX1EjXhpZ15sxRYH/r7aTgnsZw2c4XjkEW
+ewY9xzPT2QiNF06lE2rX4s7MdM4Udg6qH431yO+gNOTt+CW1jdI/ZcR1l2quDwJe
+YaENoXxT/RB1TxlxBWsmGEyVhX9QD6UtDwoHpKrO3zwyRxSIc+FrcPtTIwa7ZpG4
+KiOfY6tApXE9xgrT5aLFyFI2QEc8axYMCNZ3kcXtGIdQji+wgzE0EldBVuhHacs3
+6gU8KaK1o5qCCO/9LYZSfZnrI9YoLH67CtDAbnOJCSsTpcgpTOgCgna21WEHsHjE
+V0SnwYBPUQxGHtMbRTUfNPPlT4guze6smHA1YkvKsds3prsktixx0SkGj3tL5r+G
+VyMazprFJbH+/JVPW/CaMiUHsyWHVent5NN2U/NzYsdjrVjDj+6OXk9KP9KpqmKn
+NwGoIt5U6QYQemWpBnhHwFK0xaGhwS8M+RSIMWX8n16yCYo126ZNezTiRpezkxHW
+o1NJULBeKmSnGKAPsRR43TVhiXMt
-----END CERTIFICATE-----
-

Added: trunk/test/cert3.pem
==============================================================================
--- trunk/test/cert3.pem (added)
+++ trunk/test/cert3.pem Wed Dec 4 14:41:04 2013
@@ -0,0 +1,70 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: OU=Cert, CN=cert2.pem
+ Validity
+ Not Before: Dec 4 13:26:13 2013 GMT
+ Not After : Jun 2 13:26:13 2033 GMT
+ Subject: OU=Cert, CN=cert3.pem
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:b3:9c:7b:17:41:6c:2f:57:f1:b0:e8:a5:5f:0c:
+ c6:65:15:cc:b1:68:c4:39:bd:9d:b0:14:92:39:b7:
+ e4:5d:c7:4d:33:33:67:7f:11:fd:0c:d5:c2:bb:15:
+ 10:bb:42:c6:c5:80:0d:0e:4e:a5:2e:c1:2b:9c:15:
+ 2d:59:51:88:34:89:fb:4e:19:be:17:c9:66:04:7f:
+ 11:72:5a:75:44:04:dd:82:51:0d:b8:01:df:09:a2:
+ fb:d9:64:9e:21:38:fd:a7:84:fd:62:62:a7:0f:c2:
+ 94:16:c5:75:5e:d4:f8:31:e2:55:f5:3c:9a:af:b5:
+ 73:21:d6:52:99:7f:da:f2:24:ed:ea:e9:79:59:83:
+ c4:32:3b:23:06:90:c2:b1:ba:b3:00:2e:47:2e:e3:
+ 82:c0:59:fd:2d:72:e1:8a:ba:ed:a8:b5:f2:59:eb:
+ 23:2d:e9:aa:42:ff:75:92:43:ac:e2:15:d6:69:13:
+ aa:eb:4c:9d:59:07:83:d9:dd:ac:57:f7:35:10:52:
+ a3:41:c9:03:07:d9:1f:32:18:f6:c1:2a:84:f0:5f:
+ 11:15:77:7f:30:e0:fb:18:fe:d0:bb:00:bb:54:16:
+ a0:47:89:fa:67:07:4e:15:91:64:20:e1:05:89:66:
+ f6:3c:3b:e9:90:37:5b:e3:d5:3f:3e:a4:83:d4:bf:
+ e9:23
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 05:8d:41:b5:b8:7f:d5:38:97:01:3f:f9:5d:83:9e:ca:54:9f:
+ ff:91:04:83:6b:9f:5f:27:be:c2:b7:4b:b7:ec:f8:11:28:14:
+ a6:b4:59:8d:7d:57:10:b4:08:04:56:ff:c9:63:32:db:6a:b2:
+ 28:db:28:27:84:c9:53:e0:de:4c:45:b4:01:37:2d:27:06:41:
+ 1f:85:d6:65:c6:a3:21:3c:a0:eb:e6:20:2b:c5:49:57:f2:e4:
+ 27:c9:20:c7:dd:8e:3b:53:f1:17:2b:52:f1:b2:70:e6:ed:c5:
+ 5a:4c:df:24:16:96:d6:20:41:51:1b:b1:af:c5:39:44:6c:dd:
+ b7:3a:16:05:06:89:a5:c8:c8:18:03:98:5a:3e:1f:22:44:e5:
+ 68:fb:be:3e:37:43:52:03:f8:9e:21:cb:1e:29:4f:0a:ff:33:
+ 0f:86:3b:b5:a4:33:73:89:a9:07:91:3e:e5:41:97:d4:46:c0:
+ 98:43:9e:bc:d9:f2:4a:1f:b3:52:9b:48:7e:7c:31:39:d4:9c:
+ 77:bb:78:27:9b:32:56:9b:b2:b8:0d:e3:ea:c7:c1:03:d0:29:
+ 46:a9:b3:b8:62:d9:91:26:a6:af:b8:c2:3e:28:e7:a0:dd:f4:
+ 06:1c:75:0f:f5:9f:52:b0:51:fc:f9:41:ec:3e:2d:95:dc:ab:
+ 7c:bc:0a:d5
+-----BEGIN CERTIFICATE-----
+MIIC0TCCAbmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAjMQ0wCwYDVQQLDARDZXJ0
+MRIwEAYDVQQDDAljZXJ0Mi5wZW0wHhcNMTMxMjA0MTMyNjEzWhcNMzMwNjAyMTMy
+NjEzWjAjMQ0wCwYDVQQLDARDZXJ0MRIwEAYDVQQDDAljZXJ0My5wZW0wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCznHsXQWwvV/Gw6KVfDMZlFcyxaMQ5
+vZ2wFJI5t+Rdx00zM2d/Ef0M1cK7FRC7QsbFgA0OTqUuwSucFS1ZUYg0iftOGb4X
+yWYEfxFyWnVEBN2CUQ24Ad8JovvZZJ4hOP2nhP1iYqcPwpQWxXVe1Pgx4lX1PJqv
+tXMh1lKZf9ryJO3q6XlZg8QyOyMGkMKxurMALkcu44LAWf0tcuGKuu2otfJZ6yMt
+6apC/3WSQ6ziFdZpE6rrTJ1ZB4PZ3axX9zUQUqNByQMH2R8yGPbBKoTwXxEVd38w
+4PsY/tC7ALtUFqBHifpnB04VkWQg4QWJZvY8O+mQN1vj1T8+pIPUv+kjAgMBAAGj
+EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWNQbW4f9U4lwE/
++V2DnspUn/+RBINrn18nvsK3S7fs+BEoFKa0WY19VxC0CARW/8ljMttqsijbKCeE
+yVPg3kxFtAE3LScGQR+F1mXGoyE8oOvmICvFSVfy5CfJIMfdjjtT8RcrUvGycObt
+xVpM3yQWltYgQVEbsa/FOURs3bc6FgUGiaXIyBgDmFo+HyJE5Wj7vj43Q1ID+J4h
+yx4pTwr/Mw+GO7WkM3OJqQeRPuVBl9RGwJhDnrzZ8kofs1KbSH58MTnUnHe7eCeb
+MlabsrgN4+rHwQPQKUaps7hi2ZEmpq+4wj4o56Dd9AYcdQ/1n1KwUfz5Qew+LZXc
+q3y8CtU=
+-----END CERTIFICATE-----

Modified: trunk/test/sig_data.bin
==============================================================================
--- trunk/test/sig_data.bin (original)
+++ trunk/test/sig_data.bin Wed Dec 4 14:41:04 2013
@@ -1,2 +1,3 @@
-0‚µ0‚ 0  *†H†÷ -My Company Ltd10U The Unit10Utest.somewhere.org1!0 *†H†÷  test@somewhere.org0 090428025052Z 190426025052Z01 0 UUS10U Berk
+1O ágQ,ö±K "¤âeD£ ×=bquQ±ã”I0«x{fsÃê™O»2G wp~1û]ÃŽÂ…9»oÓòœUÍ0<‚U0æ%£ Õ¯n‚A®•[‘¹9„´’g“\mÿ³w«¹L*À÷:;*4Ã…Œ¼Ž¨¸<¥¬\f,Ãœ%ÿ„sJƒ; `±AÂ¥;BIÈç
+¶söÌW$SƜt
+öz®˜4TÇ ¬£ð\ç=©Tw½K·sÀ¼µé†ƒÜ!„wb©Nlח2õ
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal