65
func TestOCSPDecodeWithExtensions(t *testing.T) {
66
responseBytes, _ := hex.DecodeString(ocspResponseWithCriticalExtensionHex)
67
_, err := ParseResponse(responseBytes, nil)
72
responseBytes, _ = hex.DecodeString(ocspResponseWithExtensionHex)
73
response, err := ParseResponse(responseBytes, nil)
78
if len(response.Extensions) != 1 {
79
t.Errorf("len(response.Extensions): got %v, want %v", len(response.Extensions), 1)
82
extensionBytes := response.Extensions[0].Value
83
expectedBytes, _ := hex.DecodeString(ocspExtensionValueHex)
84
if !bytes.Equal(extensionBytes, expectedBytes) {
85
t.Errorf("response.Extensions[0]: got %x, want %x", extensionBytes, expectedBytes)
65
89
func TestOCSPSignature(t *testing.T) {
66
90
issuerCert, _ := hex.DecodeString(startComHex)
67
91
issuer, err := x509.ParseCertificate(issuerCert)
333
384
"20a1a65c7f0b6427a224b3c98edd96b9b61f706099951188b0289555ad30a216fb774651" +
334
385
"5a35fca2e054dfa8"
387
// PKIX nonce extension
388
var ocspExtensionOID = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 48, 1, 2}
389
var ocspExtensionValueHex = "0403000000"
391
const ocspResponseWithCriticalExtensionHex = "308204fe0a0100a08204f7308204f306092b0601050507300101048204e4308204e03081" +
392
"dba003020100a11b3019311730150603550403130e4f43535020526573706f6e64657218" +
393
"0f32303136303130343137303130305a3081a53081a23049300906052b0e03021a050004" +
394
"14c0fe0278fc99188891b3f212e9c7e1b21ab7bfc004140dfc1df0a9e0f01ce7f2b21317" +
395
"7e6f8d157cd4f60210017f77deb3bcbb235d44ccc7dba62e72a116180f32303130303730" +
396
"373135303130355aa0030a0101180f32303130303730373135303130355aa011180f3230" +
397
"3130303730373138333531375aa1193017301506092b06010505073001020101ff040504" +
398
"03000000300d06092a864886f70d01010b0500038201010031c730ca60a7a0d92d8e4010" +
399
"911b469de95b4d27e89de6537552436237967694f76f701cf6b45c932bd308bca4a8d092" +
400
"5c604ba94796903091d9e6c000178e72c1f0a24a277dd262835af5d17d3f9d7869606c9f" +
401
"e7c8e708a41645699895beee38bfa63bb46296683761c5d1d65439b8ab868dc3017c9eeb" +
402
"b70b82dbf3a31c55b457d48bb9e82b335ed49f445042eaf606b06a3e0639824924c89c63" +
403
"eccddfe85e6694314138b2536f5e15e07085d0f6e26d4b2f8244bab0d70de07283ac6384" +
404
"a0501fc3dea7cf0adfd4c7f34871080900e252ddc403e3f0265f2a704af905d3727504ed" +
405
"28f3214a219d898a022463c78439799ca81c8cbafdbcec34ea937cd6a08202ea308202e6" +
406
"308202e2308201caa003020102020101300d06092a864886f70d01010b05003019311730" +
407
"150603550403130e4f43535020526573706f6e646572301e170d31353031333031353530" +
408
"33335a170d3136303133303135353033335a3019311730150603550403130e4f43535020" +
409
"526573706f6e64657230820122300d06092a864886f70d01010105000382010f00308201" +
410
"0a0282010100e8155f2d3e6f2e8d14c62a788bd462f9f844e7a6977c83ef1099f0f6616e" +
411
"c5265b56f356e62c5400f0b06a2e7945a82752c636df32a895152d6074df1701dc6ccfbc" +
412
"bec75a70bd2b55ae2be7e6cad3b5fd4cd5b7790ab401a436d3f5f346074ffde8a99d5b72" +
413
"3350f0a112076614b12ef79c78991b119453445acf2416ab0046b540db14c9fc0f27b898" +
414
"9ad0f63aa4b8aefc91aa8a72160c36307c60fec78a93d3fddf4259902aa77e7332971c7d" +
415
"285b6a04f648993c6922a3e9da9adf5f81508c3228791843e5d49f24db2f1290bafd97e6" +
416
"55b1049a199f652cd603c4fafa330c390b0da78fbbc67e8fa021cbd74eb96222b12ace31" +
417
"a77dcf920334dc94581b0203010001a3353033300e0603551d0f0101ff04040302078030" +
418
"130603551d25040c300a06082b06010505070309300c0603551d130101ff04023000300d" +
419
"06092a864886f70d01010b05000382010100718012761b5063e18f0dc44644d8e6ab8612" +
420
"31c15fd5357805425d82aec1de85bf6d3e30fce205e3e3b8b795bbe52e40a439286d2288" +
421
"9064f4aeeb150359b9425f1da51b3a5c939018555d13ac42c565a0603786a919328f3267" +
422
"09dce52c22ad958ecb7873b9771d1148b1c4be2efe80ba868919fc9f68b6090c2f33c156" +
423
"d67156e42766a50b5d51e79637b7e58af74c2a951b1e642fa7741fec982cc937de37eff5" +
424
"9e2005d5939bfc031589ca143e6e8ab83f40ee08cc20a6b4a95a318352c28d18528dcaf9" +
425
"66705de17afa19d6e8ae91ddf33179d16ebb6ac2c69cae8373d408ebf8c55308be6c04d9" +
426
"3a25439a94299a65a709756c7a3e568be049d5c38839"
428
const ocspResponseWithExtensionHex = "308204fb0a0100a08204f4308204f006092b0601050507300101048204e1308204dd3081" +
429
"d8a003020100a11b3019311730150603550403130e4f43535020526573706f6e64657218" +
430
"0f32303136303130343136353930305a3081a230819f3049300906052b0e03021a050004" +
431
"14c0fe0278fc99188891b3f212e9c7e1b21ab7bfc004140dfc1df0a9e0f01ce7f2b21317" +
432
"7e6f8d157cd4f60210017f77deb3bcbb235d44ccc7dba62e72a116180f32303130303730" +
433
"373135303130355aa0030a0101180f32303130303730373135303130355aa011180f3230" +
434
"3130303730373138333531375aa1163014301206092b0601050507300102040504030000" +
435
"00300d06092a864886f70d01010b05000382010100c09a33e0b2324c852421bb83f85ac9" +
436
"9113f5426012bd2d2279a8166e9241d18a33c870894250622ffc7ed0c4601b16d624f90b" +
437
"779265442cdb6868cf40ab304ab4b66e7315ed02cf663b1601d1d4751772b31bc299db23" +
438
"9aebac78ed6797c06ed815a7a8d18d63cfbb609cafb47ec2e89e37db255216eb09307848" +
439
"d01be0a3e943653c78212b96ff524b74c9ec456b17cdfb950cc97645c577b2e09ff41dde" +
440
"b03afb3adaa381cc0f7c1d95663ef22a0f72f2c45613ae8e2b2d1efc96e8463c7d1d8a1d" +
441
"7e3b35df8fe73a301fc3f804b942b2b3afa337ff105fc1462b7b1c1d75eb4566c8665e59" +
442
"f80393b0adbf8004ff6c3327ed34f007cb4a3348a7d55e06e3a08202ea308202e6308202" +
443
"e2308201caa003020102020101300d06092a864886f70d01010b05003019311730150603" +
444
"550403130e4f43535020526573706f6e646572301e170d3135303133303135353033335a" +
445
"170d3136303133303135353033335a3019311730150603550403130e4f43535020526573" +
446
"706f6e64657230820122300d06092a864886f70d01010105000382010f003082010a0282" +
447
"010100e8155f2d3e6f2e8d14c62a788bd462f9f844e7a6977c83ef1099f0f6616ec5265b" +
448
"56f356e62c5400f0b06a2e7945a82752c636df32a895152d6074df1701dc6ccfbcbec75a" +
449
"70bd2b55ae2be7e6cad3b5fd4cd5b7790ab401a436d3f5f346074ffde8a99d5b723350f0" +
450
"a112076614b12ef79c78991b119453445acf2416ab0046b540db14c9fc0f27b8989ad0f6" +
451
"3aa4b8aefc91aa8a72160c36307c60fec78a93d3fddf4259902aa77e7332971c7d285b6a" +
452
"04f648993c6922a3e9da9adf5f81508c3228791843e5d49f24db2f1290bafd97e655b104" +
453
"9a199f652cd603c4fafa330c390b0da78fbbc67e8fa021cbd74eb96222b12ace31a77dcf" +
454
"920334dc94581b0203010001a3353033300e0603551d0f0101ff04040302078030130603" +
455
"551d25040c300a06082b06010505070309300c0603551d130101ff04023000300d06092a" +
456
"864886f70d01010b05000382010100718012761b5063e18f0dc44644d8e6ab861231c15f" +
457
"d5357805425d82aec1de85bf6d3e30fce205e3e3b8b795bbe52e40a439286d22889064f4" +
458
"aeeb150359b9425f1da51b3a5c939018555d13ac42c565a0603786a919328f326709dce5" +
459
"2c22ad958ecb7873b9771d1148b1c4be2efe80ba868919fc9f68b6090c2f33c156d67156" +
460
"e42766a50b5d51e79637b7e58af74c2a951b1e642fa7741fec982cc937de37eff59e2005" +
461
"d5939bfc031589ca143e6e8ab83f40ee08cc20a6b4a95a318352c28d18528dcaf966705d" +
462
"e17afa19d6e8ae91ddf33179d16ebb6ac2c69cae8373d408ebf8c55308be6c04d93a2543" +
463
"9a94299a65a709756c7a3e568be049d5c38839"
336
465
const ocspRequestHex = "3051304f304d304b3049300906052b0e03021a05000414c0fe0278fc99188891b3f212e9" +
337
466
"c7e1b21ab7bfc004140dfc1df0a9e0f01ce7f2b213177e6f8d157cd4f60210017f77deb3" +
338
467
"bcbb235d44ccc7dba62e72"