17 | 17 |
type t = X509.Validation.validation_error
|
18 | 18 |
|
19 | 19 |
let pp = X509.Validation.pp_validation_error
|
20 | |
|
21 | 20 |
let equal a b = compare a b = 0 (* TODO relies on polymorphic equality *)
|
22 | 21 |
end in
|
23 | 22 |
(module M : Alcotest.TESTABLE with type t = M.t)
|
|
43 | 42 |
let r = Alcotest.result ok err
|
44 | 43 |
|
45 | 44 |
let test_one ?time anchors result host chain () =
|
46 | |
let time () = match time with None -> Some now | Some t -> Some t
|
|
45 |
let time () = Some (Option.value ~default:now time)
|
47 | 46 |
and name = Domain_name.to_string host
|
48 | 47 |
and host = Some host in
|
49 | 48 |
Alcotest.check r ("test one " ^ name) result
|
|
51 | 50 |
|
52 | 51 |
let google =
|
53 | 52 |
{|
|
54 | |
CONNECTED(00000003)
|
|
53 |
CONNECTED(00000004)
|
55 | 54 |
---
|
56 | 55 |
Certificate chain
|
57 | |
0 s:C = US, ST = California, L = Mountain View, O = Google LLC, CN = *.google.com
|
58 | |
i:C = US, O = Google Trust Services, CN = GTS CA 1O1
|
59 | |
-----BEGIN CERTIFICATE-----
|
60 | |
MIIJcTCCCFmgAwIBAgIRAOzqbxiPVrFyAgAAAAB8NQswDQYJKoZIhvcNAQELBQAw
|
61 | |
QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET
|
62 | |
MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDA5MjIxNTIyMTlaFw0yMDEyMTUxNTIy
|
63 | |
MTlaMGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
|
64 | |
Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRUwEwYDVQQDDAwq
|
65 | |
Lmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARomdmWq6BlO0yH
|
66 | |
z9Xb08PTWbhcMw4YF14cQRiDKnigLYp3bGxUCDtu5dAdccM0mqQdzK0cMnYMXqEC
|
67 | |
2T3Hw647o4IHBzCCBwMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
|
68 | |
BwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEN+puKWN1FY2tdecjOJANtw/Sak
|
69 | |
MB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgGCCsGAQUFBwEBBFww
|
70 | |
WjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cvZ3RzMW8xY29yZTAr
|
71 | |
BggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nL2dzcjIvR1RTMU8xLmNydDCCBMIG
|
72 | |
A1UdEQSCBLkwggS1ggwqLmdvb2dsZS5jb22CDSouYW5kcm9pZC5jb22CFiouYXBw
|
73 | |
ZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoISKi5jbG91ZC5nb29nbGUuY29t
|
74 | |
ghgqLmNyb3dkc291cmNlLmdvb2dsZS5jb22CGCouZGF0YWNvbXB1dGUuZ29vZ2xl
|
75 | |
LmNvbYIGKi5nLmNvgg4qLmdjcC5ndnQyLmNvbYIRKi5nY3BjZG4uZ3Z0MS5jb22C
|
76 | |
CiouZ2dwaHQuY26CDiouZ2tlY25hcHBzLmNughYqLmdvb2dsZS1hbmFseXRpY3Mu
|
77 | |
Y29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xlLmNvLmlugg4q
|
78 | |
Lmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xlLmNvbS5hcoIP
|
79 | |
Ki5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5jb20uYnKCDyouZ29vZ2xlLmNvbS5j
|
80 | |
b4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2dsZS5jb20udHKCDyouZ29vZ2xlLmNv
|
81 | |
bS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xlLmVzggsqLmdvb2dsZS5mcoILKi5n
|
82 | |
b29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdvb2dsZS5ubIILKi5nb29nbGUucGyC
|
83 | |
CyouZ29vZ2xlLnB0ghIqLmdvb2dsZWFkYXBpcy5jb22CDyouZ29vZ2xlYXBpcy5j
|
84 | |
boIRKi5nb29nbGVjbmFwcHMuY26CFCouZ29vZ2xlY29tbWVyY2UuY29tghEqLmdv
|
85 | |
b2dsZXZpZGVvLmNvbYIMKi5nc3RhdGljLmNugg0qLmdzdGF0aWMuY29tghIqLmdz
|
86 | |
dGF0aWNjbmFwcHMuY26CCiouZ3Z0MS5jb22CCiouZ3Z0Mi5jb22CFCoubWV0cmlj
|
87 | |
LmdzdGF0aWMuY29tggwqLnVyY2hpbi5jb22CECoudXJsLmdvb2dsZS5jb22CEyou
|
88 | |
d2Vhci5na2VjbmFwcHMuY26CFioueW91dHViZS1ub2Nvb2tpZS5jb22CDSoueW91
|
89 | |
dHViZS5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CESoueW91dHViZWtpZHMu
|
90 | |
Y29tggcqLnl0LmJlggsqLnl0aW1nLmNvbYIaYW5kcm9pZC5jbGllbnRzLmdvb2ds
|
91 | |
ZS5jb22CC2FuZHJvaWQuY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26C
|
92 | |
HGRldmVsb3BlcnMuYW5kcm9pZC5nb29nbGUuY26CBGcuY2+CCGdncGh0LmNuggxn
|
93 | |
a2VjbmFwcHMuY26CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2ds
|
94 | |
ZS5jb22CD2dvb2dsZWNuYXBwcy5jboISZ29vZ2xlY29tbWVyY2UuY29tghhzb3Vy
|
95 | |
Y2UuYW5kcm9pZC5nb29nbGUuY26CCnVyY2hpbi5jb22CCnd3dy5nb28uZ2yCCHlv
|
96 | |
dXR1LmJlggt5b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1
|
97 | |
YmVraWRzLmNvbYIFeXQuYmUwIQYDVR0gBBowGDAIBgZngQwBAgIwDAYKKwYBBAHW
|
98 | |
eQIFAzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLnBraS5nb29nL0dUUzFP
|
99 | |
MWNvcmUuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAB7dcG+V9aP/xsMYd
|
100 | |
IxXHuuZXfFeUt2ruvGE6GmnTohwAAAF0tp+GwAAABAMARjBEAiBis68209UqRM3U
|
101 | |
pdK8YoCfL8BrZY6+i6ORfGmo7neXTQIgSrcPvX7ZqP3uvT5yoJYFjbpZBwY9cwAV
|
102 | |
W4n9855SnlcAdwDnEvKwN34aYvuOyQxhhPHqezfLVh0RJlvz4PNL8kFUbgAAAXS2
|
103 | |
n4TVAAAEAwBIMEYCIQCRyG5B5Www1ro7CxWNLULQ96BNxtNTCko0bNCD5MejPQIh
|
104 | |
AMNe5UO1cbG7u6oaO7/yRUt2O1OSewKoMddtPB1OUBh+MA0GCSqGSIb3DQEBCwUA
|
105 | |
A4IBAQAN61JzpCZJVRZrpVJIRy6Hn65b0ZDBXTh3x6OpD3X2Y0Q6FRqaQuPUA7xg
|
106 | |
DUvVnUUpMGsM2ylzUrtvJhSOCb32FU3g9FwVzTif/PRA5qniYRhysR2aa+NxHg5c
|
107 | |
rua60gExT/oSHeGKpJUXTCTPypF4wJ1YvKOd7pRfNqlGR4Gfb6BVy/YCA3CW/bk0
|
108 | |
yQ0k99iL/ancn2qGBn4++Z2XWGZHgo5FTvCtFl6ZrK01T+UeqhLp8kQOvyN58WiM
|
109 | |
S+c/7a4M2GyzJe+niWodeKFY91N0SpBViX8cl0YmIm6CNmJdRt5AA+C/FmLgxh7F
|
110 | |
wBPEtuosuW+JHwshTHwwylI7tT1x
|
111 | |
-----END CERTIFICATE-----
|
112 | |
1 s:C = US, O = Google Trust Services, CN = GTS CA 1O1
|
113 | |
i:OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
|
114 | |
-----BEGIN CERTIFICATE-----
|
115 | |
MIIESjCCAzKgAwIBAgINAeO0mqGNiqmBJWlQuDANBgkqhkiG9w0BAQsFADBMMSAw
|
116 | |
HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs
|
117 | |
U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy
|
118 | |
MTUwMDAwNDJaMEIxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg
|
119 | |
U2VydmljZXMxEzARBgNVBAMTCkdUUyBDQSAxTzEwggEiMA0GCSqGSIb3DQEBAQUA
|
120 | |
A4IBDwAwggEKAoIBAQDQGM9F1IvN05zkQO9+tN1pIRvJzzyOTHW5DzEZhD2ePCnv
|
121 | |
UA0Qk28FgICfKqC9EksC4T2fWBYk/jCfC3R3VZMdS/dN4ZKCEPZRrAzDsiKUDzRr
|
122 | |
mBBJ5wudgzndIMYcLe/RGGFl5yODIKgjEv/SJH/UL+dEaltN11BmsK+eQmMF++Ac
|
123 | |
xGNhr59qM/9il71I2dN8FGfcddwuaej4bXhp0LcQBbjxMcI7JP0aM3T4I+DsaxmK
|
124 | |
FsbjzaTNC9uzpFlgOIg7rR25xoynUxv8vNmkq7zdPGHXkxWY7oG9j+JkRyBABk7X
|
125 | |
rJfoucBZEqFJJSPk7XA0LKW0Y3z5oz2D0c1tJKwHAgMBAAGjggEzMIIBLzAOBgNV
|
126 | |
HQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1Ud
|
127 | |
EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJjR+G4Q68+b7GCfGJAboOt9Cf0rMB8G
|
128 | |
A1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEBBCkwJzAl
|
129 | |
BggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzAp
|
130 | |
MCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0g
|
131 | |
BDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9wa2kuZ29vZy9y
|
132 | |
ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAGoA+Nnn78y6pRjd9XlQWNa7H
|
133 | |
TgiZ/r3RNGkmUmYHPQq6Scti9PEajvwRT2iWTHQr02fesqOqBY2ETUwgZQ+lltoN
|
134 | |
FvhsO9tvBCOIazpswWC9aJ9xju4tWDQH8NVU6YZZ/XteDSGU9YzJqPjY8q3MDxrz
|
135 | |
mqepBCf5o8mw/wJ4a2G6xzUr6Fb6T8McDO22PLRL6u3M4Tzs3A2M1j6bykJYi8wW
|
136 | |
IRdAvKLWZu/axBVbzYmqmwkm5zLSDW5nIAJbELCQCZwMH56t2Dvqofxs6BBcCFIZ
|
137 | |
USpxu6x6td0V7SvJCCosirSmIatj/9dSSVDQibet8q/7UK4v4ZUN80atnZz1yg==
|
|
56 |
0 s:CN = *.google.com
|
|
57 |
i:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
|
|
58 |
-----BEGIN CERTIFICATE-----
|
|
59 |
MIIN7TCCDNWgAwIBAgIRAOiTWGjouQqZEnfVOliVUgMwDQYJKoZIhvcNAQELBQAw
|
|
60 |
RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM
|
|
61 |
TEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjIwODE1MDgxNzU1WhcNMjIxMTA3
|
|
62 |
MDgxNzU0WjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq
|
|
63 |
hkjOPQMBBwNCAAR+WyRr7LUBv9hZwwfLXBL1TKYA7WPZ9M/U0M4hNC4Z/AKlY6uO
|
|
64 |
UfM/EQb7U9EKKx97cFnNeu4NSn91myBj2I9To4ILzjCCC8owDgYDVR0PAQH/BAQD
|
|
65 |
AgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
|
|
66 |
FBGBZeOKvV1jMa3d+vhUaXt7MXyFMB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG
|
|
67 |
FPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au
|
|
68 |
cGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw
|
|
69 |
by9jZXJ0cy9ndHMxYzMuZGVyMIIJfwYDVR0RBIIJdjCCCXKCDCouZ29vZ2xlLmNv
|
|
70 |
bYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghUqLm9yaWdpbi10
|
|
71 |
ZXN0LmJkbi5kZXaCEiouY2xvdWQuZ29vZ2xlLmNvbYIYKi5jcm93ZHNvdXJjZS5n
|
|
72 |
b29nbGUuY29tghgqLmRhdGFjb21wdXRlLmdvb2dsZS5jb22CCyouZ29vZ2xlLmNh
|
|
73 |
ggsqLmdvb2dsZS5jbIIOKi5nb29nbGUuY28uaW6CDiouZ29vZ2xlLmNvLmpwgg4q
|
|
74 |
Lmdvb2dsZS5jby51a4IPKi5nb29nbGUuY29tLmFygg8qLmdvb2dsZS5jb20uYXWC
|
|
75 |
DyouZ29vZ2xlLmNvbS5icoIPKi5nb29nbGUuY29tLmNvgg8qLmdvb2dsZS5jb20u
|
|
76 |
bXiCDyouZ29vZ2xlLmNvbS50coIPKi5nb29nbGUuY29tLnZuggsqLmdvb2dsZS5k
|
|
77 |
ZYILKi5nb29nbGUuZXOCCyouZ29vZ2xlLmZyggsqLmdvb2dsZS5odYILKi5nb29n
|
|
78 |
bGUuaXSCCyouZ29vZ2xlLm5sggsqLmdvb2dsZS5wbIILKi5nb29nbGUucHSCEiou
|
|
79 |
Z29vZ2xlYWRhcGlzLmNvbYIPKi5nb29nbGVhcGlzLmNughEqLmdvb2dsZXZpZGVv
|
|
80 |
LmNvbYIMKi5nc3RhdGljLmNughAqLmdzdGF0aWMtY24uY29tgg9nb29nbGVjbmFw
|
|
81 |
cHMuY26CESouZ29vZ2xlY25hcHBzLmNughFnb29nbGVhcHBzLWNuLmNvbYITKi5n
|
|
82 |
b29nbGVhcHBzLWNuLmNvbYIMZ2tlY25hcHBzLmNugg4qLmdrZWNuYXBwcy5jboIS
|
|
83 |
Z29vZ2xlZG93bmxvYWRzLmNughQqLmdvb2dsZWRvd25sb2Fkcy5jboIQcmVjYXB0
|
|
84 |
Y2hhLm5ldC5jboISKi5yZWNhcHRjaGEubmV0LmNughByZWNhcHRjaGEtY24ubmV0
|
|
85 |
ghIqLnJlY2FwdGNoYS1jbi5uZXSCC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNu
|
|
86 |
ghFhbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJv
|
|
87 |
amVjdC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRp
|
|
88 |
Y3MtY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNl
|
|
89 |
cnZpY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xl
|
|
90 |
dmFkcy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24u
|
|
91 |
Y29tghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22C
|
|
92 |
FyouZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCou
|
|
93 |
ZG91YmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiou
|
|
94 |
Zy5kb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNs
|
|
95 |
aWNrLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNu
|
|
96 |
ghFkYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xl
|
|
97 |
dHJhdmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNl
|
|
98 |
cy1jbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdz
|
|
99 |
ZXJ2aWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2ds
|
|
100 |
ZXRhZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiou
|
|
101 |
Z29vZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5k
|
|
102 |
aWNhdGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1l
|
|
103 |
YXN1cmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2
|
|
104 |
dDItY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNu
|
|
105 |
Lm5ldIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5u
|
|
106 |
ZXSCDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CDSouZ3N0YXRpYy5jb22C
|
|
107 |
FCoubWV0cmljLmdzdGF0aWMuY29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQx
|
|
108 |
LmNvbYIKKi5ndnQyLmNvbYIOKi5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5j
|
|
109 |
b22CFioueW91dHViZS1ub2Nvb2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lk
|
|
110 |
LmNvbYINKi5hbmRyb2lkLmNvbYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIG
|
|
111 |
Ki5nLmNuggRnLmNvggYqLmcuY2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xl
|
|
112 |
LWFuYWx5dGljcy5jb22CFiouZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5j
|
|
113 |
b22CEmdvb2dsZWNvbW1lcmNlLmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdn
|
|
114 |
cGh0LmNuggoqLmdncGh0LmNuggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlv
|
|
115 |
dXR1LmJlggt5b3V0dWJlLmNvbYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNh
|
|
116 |
dGlvbi5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNv
|
|
117 |
bYIRKi55b3V0dWJla2lkcy5jb22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNs
|
|
118 |
aWVudHMuZ29vZ2xlLmNvbYIbZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxk
|
|
119 |
ZXZlbG9wZXJzLmFuZHJvaWQuZ29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29n
|
|
120 |
bGUuY24wIQYDVR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8E
|
|
121 |
NTAzMDGgL6AthitodHRwOi8vY3Jscy5wa2kuZ29vZy9ndHMxYzMvZlZKeGJWLUt0
|
|
122 |
bWsuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYAQcjKsd8iRkoQxqE6CUKH
|
|
123 |
Xk4xixsD6+tLx2jwkGKWBvYAAAGCoMvRfgAABAMARzBFAiBPV0E8HDi+cvjenWQs
|
|
124 |
LDIplbHN7wh5WW4JljdvTDT6VQIhAOHGQ8dvdnvoWlUsaiQCdYXCJJdBgqfjmNjE
|
|
125 |
StIajA4iAHUAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAGCoMvR
|
|
126 |
QgAABAMARjBEAiAPgjURNB68xW+4M++sKc7+gOHPDWmhhj9u9WrxM/Qg6QIgAVui
|
|
127 |
/sPQD8WI2grIQcvoYKSgBqP+3tzI+BKC1bt74/IwDQYJKoZIhvcNAQELBQADggEB
|
|
128 |
AKgGzIajsJI5BWB15oKyo5XBHWWY4tkT4s0XIQh1GOZVM/iu4QcDDmjpD0sAexXe
|
|
129 |
fRXT7m+58x8WT1nf1M+U/eAtSullmLHh/OAVFAhW9xMwu5HiteEyBQrYHA0wQ92V
|
|
130 |
Fj9zce9Ps7oOcI79YACdyMtq1mwoWoqDsLxXINJROb2tYpIY75ASaqeN81fCznYS
|
|
131 |
sy6o5bVgPOuzZGn9V/PHDx4+10m1sGtWhcBstqteT3G5xnXekrsZlIm+vugtTnMX
|
|
132 |
RGgpPtZqE8q47tO5m2WsfzaNJSQPlxvm0ccthevPqh/BlD+UNl1uLa2I+/HjBhgo
|
|
133 |
tDTg697Ek5DAKVWvnQwmskU=
|
|
134 |
-----END CERTIFICATE-----
|
|
135 |
1 s:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
|
|
136 |
i:C = US, O = Google Trust Services LLC, CN = GTS Root R1
|
|
137 |
-----BEGIN CERTIFICATE-----
|
|
138 |
MIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw
|
|
139 |
CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
|
|
140 |
MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw
|
|
141 |
MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
|
|
142 |
Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD
|
|
143 |
ggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp
|
|
144 |
kgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX
|
|
145 |
lOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm
|
|
146 |
BA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA
|
|
147 |
gOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL
|
|
148 |
tmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud
|
|
149 |
DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T
|
|
150 |
AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD
|
|
151 |
VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG
|
|
152 |
CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw
|
|
153 |
AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt
|
|
154 |
MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG
|
|
155 |
A1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br
|
|
156 |
aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN
|
|
157 |
AQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ
|
|
158 |
cSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL
|
|
159 |
RklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U
|
|
160 |
+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr
|
|
161 |
PxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER
|
|
162 |
lQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs
|
|
163 |
Yye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO
|
|
164 |
z23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG
|
|
165 |
AJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw
|
|
166 |
juDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl
|
|
167 |
1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd
|
138 | 168 |
-----END CERTIFICATE-----
|
139 | 169 |
---
|
140 | 170 |
Server certificate
|
141 | |
subject=C = US, ST = California, L = Mountain View, O = Google LLC, CN = *.google.com
|
142 | |
|
143 | |
issuer=C = US, O = Google Trust Services, CN = GTS CA 1O1
|
|
171 |
subject=CN = *.google.com
|
|
172 |
|
|
173 |
issuer=C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
|
144 | 174 |
|
145 | 175 |
---
|
146 | 176 |
No client certificate CA names sent
|
|
148 | 178 |
Peer signature type: ECDSA
|
149 | 179 |
Server Temp Key: X25519, 253 bits
|
150 | 180 |
---
|
151 | |
SSL handshake has read 3832 bytes and written 390 bytes
|
|
181 |
SSL handshake has read 6700 bytes and written 388 bytes
|
152 | 182 |
Verification: OK
|
153 | 183 |
---
|
154 | 184 |
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
|
|
280 | 310 |
|
281 | 311 |
let ok_tests =
|
282 | 312 |
[
|
283 | |
("google.com", google);
|
284 | |
("extended-validation.badssl.com", extended_validation_badssl);
|
|
313 |
( "google.com",
|
|
314 |
google,
|
|
315 |
Ptime.of_date_time ((2022, 09, 02), ((14, 00, 00), 00)) );
|
|
316 |
("extended-validation.badssl.com", extended_validation_badssl, None);
|
285 | 317 |
]
|
286 | 318 |
|
287 | 319 |
let self_signed_badssl =
|
|
931 | 963 |
( "wrong.host.google.com",
|
932 | 964 |
(fun h c -> `LeafInvalidName (List.hd c, Some h)),
|
933 | 965 |
google,
|
934 | |
None );
|
|
966 |
Ptime.of_date_time ((2022, 09, 02), ((14, 00, 00), 00)) );
|
935 | 967 |
]
|
936 | 968 |
|
937 | 969 |
let tests tas =
|
938 | 970 |
List.map
|
939 | |
(fun (name, data) ->
|
|
971 |
(fun (name, data, time) ->
|
940 | 972 |
let host = Domain_name.(of_string_exn name |> host_exn)
|
941 | 973 |
and chain =
|
942 | 974 |
Result.get_ok
|
943 | 975 |
(X509.Certificate.decode_pem_multiple (Cstruct.of_string data))
|
944 | 976 |
in
|
945 | |
(name, `Quick, test_one tas (Ok (Some (chain, List.hd chain))) host chain))
|
|
977 |
( name,
|
|
978 |
`Quick,
|
|
979 |
test_one ?time tas (Ok (Some (chain, List.hd chain))) host chain ))
|
946 | 980 |
ok_tests
|
947 | 981 |
@ List.map
|
948 | 982 |
(fun (name, result, data, time) ->
|