github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/swarmkit/ca/testutils/staticcerts.go (about)

     1  package testutils
     2  
     3  var (
     4  	// NotYetValidCert is an ECDSA CA certificate that becomes valid in 2117, and expires in 2316
     5  	NotYetValidCert = []byte(`
     6  -----BEGIN CERTIFICATE-----
     7  MIIBajCCARCgAwIBAgIUWYyg+FvrTJ/wtJd4pZF/GfO5uC0wCgYIKoZIzj0EAwIw
     8  ETEPMA0GA1UEAxMGcm9vdENOMCIYDzIxMTcwMTAyMTgxODUyWhgPMjMxNjExMTUx
     9  ODE4NTJaMBExDzANBgNVBAMTBnJvb3RDTjBZMBMGByqGSM49AgEGCCqGSM49AwEH
    10  A0IABDC0qWmbfAkZH01xUVjwwR+2ovotU1iVIUD2fOFm93WUfg31cyga9dPDsg7R
    11  GXJlRBnU9A48TWZMzIcqaa9ZpwyjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB
    12  Af8EBTADAQH/MB0GA1UdDgQWBBS17zzXe1Q2tBZGw8xGL0spE88yQTAKBggqhkjO
    13  PQQDAgNIADBFAiEAvnTTPh/jgnXIyLmbfROftfY2zCk0C0XLfLVnSj5MDZwCIDdP
    14  tPG9bWx1C0I55UiWXKGQf3nUU68nQkk9JxVyjBma
    15  -----END CERTIFICATE-----
    16  `)
    17  	// NotYetValidKey is the key corresponding to the NotYetValidCert
    18  	NotYetValidKey = []byte(`
    19  -----BEGIN EC PRIVATE KEY-----
    20  MHcCAQEEIOPDjFG/meAtl1a/mXP66Y17O7TFCop9JXo5Il90qYLNoAoGCCqGSM49
    21  AwEHoUQDQgAEMLSpaZt8CRkfTXFRWPDBH7ai+i1TWJUhQPZ84Wb3dZR+DfVzKBr1
    22  08OyDtEZcmVEGdT0DjxNZkzMhyppr1mnDA==
    23  -----END EC PRIVATE KEY-----
    24  `)
    25  
    26  	// ExpiredCert is an ECDSA CA certificate that expired in 2007 (1967-2007)
    27  	ExpiredCert = []byte(`
    28  -----BEGIN CERTIFICATE-----
    29  MIIBZzCCAQygAwIBAgIUNwwbocQMXzakEpwZoGkk7yOleRgwCgYIKoZIzj0EAwIw
    30  ETEPMA0GA1UEAxMGcm9vdENOMB4XDTY3MDIyNDIzMDc0MFoXDTA3MDIyNDIzMDc0
    31  MFowETEPMA0GA1UEAxMGcm9vdENOMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
    32  MLSpaZt8CRkfTXFRWPDBH7ai+i1TWJUhQPZ84Wb3dZR+DfVzKBr108OyDtEZcmVE
    33  GdT0DjxNZkzMhyppr1mnDKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
    34  MAMBAf8wHQYDVR0OBBYEFLXvPNd7VDa0FkbDzEYvSykTzzJBMAoGCCqGSM49BAMC
    35  A0kAMEYCIQCx5Lhl4b3YsjQuqHT/+vL5rnc0GV/OwJ8l2GFS2IB7EgIhAKrHZrcr
    36  5+MmM1YUiykjweok2j5rj0/+9sR7waa69dkW
    37  -----END CERTIFICATE-----
    38  `)
    39  	// ExpiredKey is the key corresponding to the ExpiredCert
    40  	ExpiredKey = []byte(`
    41  -----BEGIN EC PRIVATE KEY-----
    42  MHcCAQEEIOPDjFG/meAtl1a/mXP66Y17O7TFCop9JXo5Il90qYLNoAoGCCqGSM49
    43  AwEHoUQDQgAEMLSpaZt8CRkfTXFRWPDBH7ai+i1TWJUhQPZ84Wb3dZR+DfVzKBr1
    44  08OyDtEZcmVEGdT0DjxNZkzMhyppr1mnDA==
    45  -----END EC PRIVATE KEY-----
    46  `)
    47  
    48  	// RSA2048SHA256Cert is an RSA CA cert with a 2048-bit key, SHA256 signature algorithm, that is currently valid and expires in 2117.
    49  	// This should be valid because the key length is at least 2048 and the signature algorithm is SHA256.
    50  	RSA2048SHA256Cert = []byte(`
    51  -----BEGIN CERTIFICATE-----
    52  MIIDjDCCAnSgAwIBAgIJAI5MpW7XttrnMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV
    53  BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
    54  A1UEChMGRG9ja2VyMRwwGgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMCAXDTE3
    55  MDEyNzAwMzM1N1oYDzIxMTcwMTAzMDAzMzU3WjBhMQswCQYDVQQGEwJVUzELMAkG
    56  A1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tl
    57  cjEcMBoGA1UEAxMTU3dhcm1raXQgQ0EgVGVzdGluZzCCASIwDQYJKoZIhvcNAQEB
    58  BQADggEPADCCAQoCggEBAOj20YFx3Lo3xxshGwCirWixp3Wxa+k3Fpa3o1fZ3+jl
    59  1V0op4swrf9EckrrDNHSkDeWRVjSuYAZ/t8KT/B/JuP8rL8PWkQD0BUQAuArxIsG
    60  JuhfwuNhM6mhSEEMIrb6g1XLQ37rW5a9FTIbY+QJgYsPgWjFRgY5cT+ZXrgacmg6
    61  cVWF75wSjW5DzZavGVfHPDebl0dXqeUHXvksZZ/pfzsTyqlgVp3Br5PKON6UqHNT
    62  zI8MWEeTT+jpFTSR4Qt/Gdp5PbzTxfun38oOgT8WB3xJ1XvrRsxROPluBa1y7cVm
    63  UcriTPzUtAhxb7MVGaTVwQ1zX1Wd+t0mYQVW8zRMK6ECAwEAAaNFMEMwEgYDVR0T
    64  AQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAUYwHQYDVR0OBBYEFLzBQbsbg8is
    65  pyWorw6eP2ftJETsMA0GCSqGSIb3DQEBCwUAA4IBAQAPj5P1v1fqxUSs/uswfNZ2
    66  APb7h1bccP41bEmgX45m0g7S4fLoFZb501IzgF6fsmJibhOJ/mKrPi5VM1RFpMfM
    67  mL5zpdEXsopIfn9J4liXGXM1gFH6s4GeEn6cIwT7Sfzo1VPS0qbe9KJqPCLFySev
    68  DivyL8Yv/NbTPF1wTrtoAhQeADSMxdctTutLMKE4CbJWhSPpvnojL94Jxj5TkUKR
    69  fpg1gDGYtAcxpE+qZBI+YCh0r9ae/Wtg3lzw+I7/usmfO2Pm56Hb/O7ulRuLEOFu
    70  XL2VZMKBpOTyDpe3YXMcvp3HT4qO5PmNs1b/N3Q8GwYRwfg6DZX2fPHT9vJGEdyq
    71  -----END CERTIFICATE-----
    72  `)
    73  	// RSA2048SHA1Cert is an RSA CA cert with a 2048-bit key, SHA1 signature algorithm, that is currently valid and expires in 2117.
    74  	// This should be not valid because the signature algorithm is SHA1.
    75  	RSA2048SHA1Cert = []byte(`
    76  -----BEGIN CERTIFICATE-----
    77  MIIDjDCCAnSgAwIBAgIJAI6dSku42a9hMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
    78  BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
    79  A1UEChMGRG9ja2VyMRwwGgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMCAXDTE3
    80  MDEyNzAwMzQzNloYDzIxMTcwMTAzMDAzNDM2WjBhMQswCQYDVQQGEwJVUzELMAkG
    81  A1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tl
    82  cjEcMBoGA1UEAxMTU3dhcm1raXQgQ0EgVGVzdGluZzCCASIwDQYJKoZIhvcNAQEB
    83  BQADggEPADCCAQoCggEBAOj20YFx3Lo3xxshGwCirWixp3Wxa+k3Fpa3o1fZ3+jl
    84  1V0op4swrf9EckrrDNHSkDeWRVjSuYAZ/t8KT/B/JuP8rL8PWkQD0BUQAuArxIsG
    85  JuhfwuNhM6mhSEEMIrb6g1XLQ37rW5a9FTIbY+QJgYsPgWjFRgY5cT+ZXrgacmg6
    86  cVWF75wSjW5DzZavGVfHPDebl0dXqeUHXvksZZ/pfzsTyqlgVp3Br5PKON6UqHNT
    87  zI8MWEeTT+jpFTSR4Qt/Gdp5PbzTxfun38oOgT8WB3xJ1XvrRsxROPluBa1y7cVm
    88  UcriTPzUtAhxb7MVGaTVwQ1zX1Wd+t0mYQVW8zRMK6ECAwEAAaNFMEMwEgYDVR0T
    89  AQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAUYwHQYDVR0OBBYEFLzBQbsbg8is
    90  pyWorw6eP2ftJETsMA0GCSqGSIb3DQEBBQUAA4IBAQDXb48+km740mC/EE68jHts
    91  QV9tAFJ2c0WhMUfn0quL1C7FCUu9Y2lq75Rw7knbi+Q+F+PL165pk9WKQ/Q8iW3/
    92  E7DBy67uV6r/3PT+Ay4GemfOMWj+MKaJQD5+EBErnqNXglfYZvG6JQorHtz29OFb
    93  GJ3/dICwhz/SFF2/Hxh8mpzGpRs5CPMpSD6sFc+MhK8JsWzpOCRIHGzStF47dyG0
    94  fY7KVrPFmx46Fx6aoNOF4AS8rMNcVaYmlHGhEn546LK3e+UeapK8GN9haNrggbTs
    95  Eg+Uruj2i6nbXOuVJkJAIpbx/KuPb2vy+NCbLoPekfufWzFyy0Cs8CSU9CeLeaH0
    96  -----END CERTIFICATE-----
    97  `)
    98  	// RSA2048Key is a 2048-bit RSA key.
    99  	RSA2048Key = []byte(`
   100  -----BEGIN RSA PRIVATE KEY-----
   101  MIIEpAIBAAKCAQEA6PbRgXHcujfHGyEbAKKtaLGndbFr6TcWlrejV9nf6OXVXSin
   102  izCt/0RySusM0dKQN5ZFWNK5gBn+3wpP8H8m4/ysvw9aRAPQFRAC4CvEiwYm6F/C
   103  42EzqaFIQQwitvqDVctDfutblr0VMhtj5AmBiw+BaMVGBjlxP5leuBpyaDpxVYXv
   104  nBKNbkPNlq8ZV8c8N5uXR1ep5Qde+Sxln+l/OxPKqWBWncGvk8o43pSoc1PMjwxY
   105  R5NP6OkVNJHhC38Z2nk9vNPF+6ffyg6BPxYHfEnVe+tGzFE4+W4FrXLtxWZRyuJM
   106  /NS0CHFvsxUZpNXBDXNfVZ363SZhBVbzNEwroQIDAQABAoIBAQDLnr/rxlvJH+uV
   107  mNADNC0hbvYRdqv9QbsqrQPGS5bb99cP//LBRCExFuBW/y9LTiHjlCK0yip8/zu4
   108  M0k/ycNyTm2m6YJaJIMBhecdjOPTJ+NmBB1RpKoFQATpZfQJvtiAapNqIckB7e7S
   109  xwH+VRi3NSxFKPhVhGupzSHvBJ6u3Yrx49kAX7CDVlRFAu7NGkDmbkN5gknxHAFt
   110  qwd6uLIrUwPQ3OJoqleU8ASYzI1CdGqSFojl67bYmanXbtQoxYFqtwgkWucttzdl
   111  hfpCOw+kiB1LGQI7RNnW3yAfII7QLsO+nVNQgtxMe7qWxxNCMDSEnhRzNsicVKp/
   112  n+vDTu4pAoGBAP17l2Gz8ZY8RiS7Kmjkyt5ZaEHKva81L6fgnN9rL105up8hm+CB
   113  paqLOKh0DQHcMiBDkrUwbVvvPp2oq8iu6Uui/mihlyEnlkM35PpV8HIqcvDFh+Jo
   114  6lopjM635qLW9uHyQ4d+mF2V6NqvGv01dE30HJEqDmaMR3dTZ9OvbtHTAoGBAOtH
   115  EG0ezQXOAQWqiAq771pDRx+k0M8P4lu2f0mLFB53M92dxS3/hYjQJvpNwvJdPXLP
   116  jzfv04MjN6vW1X+pol8xpCHYCNlPmjWt+xW73mZVTLM74SNjYQ44v2x4pF9g9nng
   117  rX44aM+LqKXO5zu9dWM9JuRCe17sP1ElF6knRPA7AoGACLPXjKkq4CeNmPE8EYHZ
   118  XSzgoXGedYdz7WWOvTTm2WKD/7adrWWGFIbXGSFy2N+AcQ8g2EujVYavNaZ2z1sB
   119  83DTHzB9CcxcIk6m89lDegfvDkkZ0zIa6aGHjglOR8TtkPBKVTqJbJ0a83cTjCHr
   120  rkl1OZ6iA+9I/NXGOMRLH7UCgYEA30P1m4diCYMexzC3nnAPR7mWUboGiKfLJzr8
   121  eV6ofeyiZEimZ+sV3emhQ1/tgi7m8/9xKiTEs6oE12Wr/lSMiAdEePVYGFgIv63V
   122  Gh/IgZWqjl9hW0KgRG2ngZjOatBJtQh3utJu65zdMlMwbSlxrvXF5VANYNuRjkBD
   123  vrpMGicCgYAnMLwEVnoW7yNpsz4KrvXMQigQ3zNMDYFZPlwNMRSo1zl8k4OAPVL1
   124  U76uzbRNRlCGtKPKRwQhcSxrc6gNuCd84l1t1goCBvkQk/c0q2J/8YQi743OJLT6
   125  1HttNHgxkzTDmn72TepqDq/eMCSWzuoN+fFDnJZdK88hiCgCTHIGrQ==
   126  -----END RSA PRIVATE KEY-----
   127  `)
   128  
   129  	// RSA1024Cert is an RSA CA cert with a 1024-bit key, SHA256 signature algorithm, that is currently valid and expires in 2117.
   130  	// This should not be a valid cert because the key is only 1024 bits.
   131  	RSA1024Cert = []byte(`
   132  -----BEGIN CERTIFICATE-----
   133  MIIChzCCAfCgAwIBAgIJAK9Xim2q4NaMMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV
   134  BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0G
   135  A1UEChMGRG9ja2VyMRwwGgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMCAXDTE3
   136  MDEyNjIzMTQ1MFoYDzIxMTcwMTAyMjMxNDUwWjBhMQswCQYDVQQGEwJVUzELMAkG
   137  A1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tl
   138  cjEcMBoGA1UEAxMTU3dhcm1raXQgQ0EgVGVzdGluZzCBnzANBgkqhkiG9w0BAQEF
   139  AAOBjQAwgYkCgYEAwJecFi5Sa4aaY5lRvZZbiDA9ETESO7xrIgVWM3OVvBFAb8k2
   140  9CRkxSpalEp4Iguwl6i3liMXudFXpek8sVcqzZDbFeQ6GfPL2zQU7hLevvhutE1V
   141  moj8L5khsdyhDLwLBLl8XCYNCq4WlJvzuK4vKcO6bRc+2hlpogmOWFwjfBECAwEA
   142  AaNFMEMwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAUYwHQYDVR0O
   143  BBYEFEjeSZQwqag+zm7sh85i0H6saGojMA0GCSqGSIb3DQEBCwUAA4GBADwPil+v
   144  LfLlEZS1DrNy1nwl6mQuekqkfduq0U7fmaH6fpGYGs4Dbxjf/WqjV34EspMW6CGS
   145  TCb+9eeYDfGqvZkSUwtpnN1m/1H19+2PD86aPRDQgeRE7BOhU0jsxJ3mYWwacMPH
   146  fvP9c4cDXwEPJ/ocj95Ps35snJTpzFAaG7hp
   147  -----END CERTIFICATE-----
   148  `)
   149  	// RSA1024Key is a 1024-bit RSA key
   150  	RSA1024Key = []byte(`
   151  -----BEGIN RSA PRIVATE KEY-----
   152  MIICXQIBAAKBgQDAl5wWLlJrhppjmVG9lluIMD0RMRI7vGsiBVYzc5W8EUBvyTb0
   153  JGTFKlqUSngiC7CXqLeWIxe50Vel6TyxVyrNkNsV5DoZ88vbNBTuEt6++G60TVWa
   154  iPwvmSGx3KEMvAsEuXxcJg0KrhaUm/O4ri8pw7ptFz7aGWmiCY5YXCN8EQIDAQAB
   155  AoGBALYWIWLvRMmYp5uHN7sxzzSBtxrr9Ds6N2gg95EJtQXsoamO6kAFsKihFKaj
   156  idVWjA23XGu8ng/3FxEr5VAeA75WMnd82XxGCDostRwufBU2N6O96MMAiTCEia5q
   157  lttn7OE4kgW4tSrTODKM6utvkqmLyJJeFlPHgoEb0WI6L95hAkEA7x9xMjd5WFES
   158  t/cloA4msaIVSDbzN9ql31Z9IP/0z6CexNj3pjdtRD+Ydj9dPIzeskoDseS2d0l2
   159  RXX3Z9YYJQJBAM4vb5UxVY4qaCY/tS44tAf6vwIo0lzKHBd41+ubpefWL6C4lhd1
   160  jLhmwY6dio7mzFfKeI5Xtdu6DXr0zClzSn0CQGLpaaRxB/O9TXXleJ3VXLIbrpv5
   161  hu/ytKxGlWniFn0QHrykVwRdZwhVGhbHrSSPzMqJDTA3wDZln9OpsVY1XDUCQQCr
   162  hL54B8A6MYDOQLUBrF3nPWnj6/2C/wZ7aCWGc8aBo6WfN65z+W+EfsaJUvjOg6R9
   163  a4r6LnC0RoOsQzQLT0MpAkA7q59Eo9DwPuLz6GrGAKBaxYXXPOyx58yO4DAq0e32
   164  anuVw1kAAKz5HYioZkBJpnpN5dXCHNC54ooq76cIGFpT
   165  -----END RSA PRIVATE KEY-----
   166  `)
   167  
   168  	// ECDSA224Cert is an ECDSA curve-P224 CA cert with a SHA256 signature algorithm
   169  	// that is current valid and expires in 2117. This should not be a valid cert because we only accept curve-P256,
   170  	// curve-P385, and curve-P521 (the only keys cfssl will generate).
   171  	ECDSA224Cert = []byte(`
   172  -----BEGIN CERTIFICATE-----
   173  MIIB7jCCAZugAwIBAgIJALF0a2jHg8P9MAoGCCqGSM49BAMCMGExCzAJBgNVBAYT
   174  AlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0GA1UE
   175  ChMGRG9ja2VyMRwwGgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMCAXDTE3MDEy
   176  NzAwMjg1MloYDzIxMTcwMTAzMDAyODUyWjBhMQswCQYDVQQGEwJVUzELMAkGA1UE
   177  CBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tlcjEc
   178  MBoGA1UEAxMTU3dhcm1raXQgQ0EgVGVzdGluZzBOMBAGByqGSM49AgEGBSuBBAAh
   179  AzoABFseGAWIbCHKia0TN6tjJbzu4GOi6lqxitimkygWnxaROVo1sJ/61A0lmy7z
   180  Z5nb3HRWfrDJYZbao0UwQzASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQE
   181  AwIBRjAdBgNVHQ4EFgQU93VkqOtp8QHVRh7qh22G+QsnO2QwCgYIKoZIzj0EAwID
   182  QQAwPgIdAMD758a1UD/YBA/fc00XL5g+a6v3bt9ZiSwSifMCHQDu1/WD9JmCdjbB
   183  UJrkTcIE8xDejpxjPooK1cLT
   184  -----END CERTIFICATE-----
   185  `)
   186  	// ECDSA224Key is an ECDSA curve-P224 key.
   187  	ECDSA224Key = []byte(`
   188  -----BEGIN EC PRIVATE KEY-----
   189  MGgCAQEEHK+OanuZ3Gqx7/xipRzOneQUUlc11AMavfj2d1qgBwYFK4EEACGhPAM6
   190  AARbHhgFiGwhyomtEzerYyW87uBjoupasYrYppMoFp8WkTlaNbCf+tQNJZsu82eZ
   191  29x0Vn6wyWGW2g==
   192  -----END EC PRIVATE KEY-----
   193  `)
   194  
   195  	// ECDSA256SHA256Cert is an ECDSA curve-P256 CA cert with a SHA256 signature algorithm
   196  	// that is current valid and expires in 2117. This is a valid cert because it has an accepted key length
   197  	// and an accepted signature algorithm.
   198  	ECDSA256SHA256Cert = []byte(`
   199  -----BEGIN CERTIFICATE-----
   200  MIICADCCAaagAwIBAgIJAOnbqU2SK/veMAoGCCqGSM49BAMCMGExCzAJBgNVBAYT
   201  AlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0GA1UE
   202  ChMGRG9ja2VyMRwwGgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMCAXDTE3MDEy
   203  NzAwMjcyNVoYDzIxMTcwMTAzMDAyNzI1WjBhMQswCQYDVQQGEwJVUzELMAkGA1UE
   204  CBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xDzANBgNVBAoTBkRvY2tlcjEc
   205  MBoGA1UEAxMTU3dhcm1raXQgQ0EgVGVzdGluZzBZMBMGByqGSM49AgEGCCqGSM49
   206  AwEHA0IABHmyfgFJLu94IyPYeYv/laDUe6cXcZWZL62dW3tm61YUDRQb57zJxvaI
   207  eHsd7KW0YwQEbOeh2Qo0Uab4+pgTsiWjRTBDMBIGA1UdEwEB/wQIMAYBAf8CAQEw
   208  DgYDVR0PAQH/BAQDAgFGMB0GA1UdDgQWBBTcjpX4ZO+MWsSyKARyyRproJzAWjAK
   209  BggqhkjOPQQDAgNIADBFAiAdIZG7qzr+vCSt6FnotFKOhRBpLw9vkq8O2kBNbPCy
   210  4wIhANXcKDlG507bv5bOWYo92XDWuHd1FzyZfSLren9uFVfB
   211  -----END CERTIFICATE-----
   212  `)
   213  	// ECDSA256SHA1Cert is an ECDSA curve-P256 CA cert with a SHA1 signature algorithm
   214  	// that is current valid and expires in 2117. This should not be a valid cert because a SHA1 signature algorithm.
   215  	ECDSA256SHA1Cert = []byte(`
   216  -----BEGIN CERTIFICATE-----
   217  MIIB/jCCAaWgAwIBAgIJAKGcB/unE+cZMAkGByqGSM49BAEwYTELMAkGA1UEBhMC
   218  VVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK
   219  EwZEb2NrZXIxHDAaBgNVBAMTE1N3YXJta2l0IENBIFRlc3RpbmcwIBcNMTcwMTI3
   220  MDAyNzQ0WhgPMjExNzAxMDMwMDI3NDRaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQI
   221  EwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0GA1UEChMGRG9ja2VyMRww
   222  GgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMFkwEwYHKoZIzj0CAQYIKoZIzj0D
   223  AQcDQgAEebJ+AUku73gjI9h5i/+VoNR7pxdxlZkvrZ1be2brVhQNFBvnvMnG9oh4
   224  ex3spbRjBARs56HZCjRRpvj6mBOyJaNFMEMwEgYDVR0TAQH/BAgwBgEB/wIBATAO
   225  BgNVHQ8BAf8EBAMCAUYwHQYDVR0OBBYEFNyOlfhk74xaxLIoBHLJGmugnMBaMAkG
   226  ByqGSM49BAEDSAAwRQIgX90Mxm8eGW43u6ztz3ePHz9X8UEozx4311fyYwtsLTEC
   227  IQC7EWwxn+xAzcHUzQ1INPrsmnuvladTumv5huhkARtlgg==
   228  -----END CERTIFICATE-----
   229  `)
   230  	// ECDSA256Key is an ECDSA curve-P256 key.
   231  	ECDSA256Key = []byte(`
   232  -----BEGIN EC PRIVATE KEY-----
   233  MHcCAQEEIKXkvFfUcVbH9Uqxkdo4Obwc3RSJfEH2254sfqkx50xBoAoGCCqGSM49
   234  AwEHoUQDQgAEebJ+AUku73gjI9h5i/+VoNR7pxdxlZkvrZ1be2brVhQNFBvnvMnG
   235  9oh4ex3spbRjBARs56HZCjRRpvj6mBOyJQ==
   236  -----END EC PRIVATE KEY-----
   237  `)
   238  
   239  	// DSA2048Cert is a DSA CA cert with a 2048 key, SHA1 hash, that is currently valid and expires in 2117
   240  	// This should not be a valid cert because we do not accept DSA keys.
   241  	DSA2048Cert = []byte(`
   242  -----BEGIN CERTIFICATE-----
   243  MIIEyTCCBIigAwIBAgIJANu4Tu71eD7AMAkGByqGSM44BAMwYTELMAkGA1UEBhMC
   244  VVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMQ8wDQYDVQQK
   245  EwZEb2NrZXIxHDAaBgNVBAMTE1N3YXJta2l0IENBIFRlc3RpbmcwIBcNMTcwMTI2
   246  MTgzNDQ2WhgPMjExNzAxMDIxODM0NDZaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQI
   247  EwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEPMA0GA1UEChMGRG9ja2VyMRww
   248  GgYDVQQDExNTd2FybWtpdCBDQSBUZXN0aW5nMIIDOjCCAi0GByqGSM44BAEwggIg
   249  AoIBAQD0EIQuOHBiDsmKGxTe5Ck87A2J1kkFkHZzcg3kde3BMyfeP5r1ReDkXdYR
   250  06r8e2De4Ymsu/B4p5qetiP0XcMO6fERyrBrGSxIANeJNM9ccRsfcnxnvSFIu1qk
   251  LixSEQxE8wN4v/c7fyFZrtSxXly2CWxb4qlPIs/xoQs+s8pRuW/uFk18QjszYq96
   252  cliIIAf1qNEqadnYRvHSX0Xn2J+PSW2aRXXr79C1AUNq/U/CVkMJ1RHq0jTwsxlA
   253  3P6ofjhxW/rXY7uTZeeZBLLeU/sRugvRfiubWIkjl1h0frOk7S1sND5wZ6zCZORA
   254  bEpd9yRsvPYKlUMnHy7oUGT/IF1tAhUA6SQtzdKO+BoiRLmJ29etE+KnLwMCggEA
   255  YYEJJRA869RzyrCUxEOmOFumnPVWIrS0+SY/fdK6uxLDVhO5v0EKsx4f8rBS9PPA
   256  L6/elbV/GYtnR5iKktx16X8Jeo2YT5madLamREkI/9C4x0+UKF6ETx+ttEkntdAv
   257  d6H3tTJw0y9WOV+TyQpNl8PloqEHP2slpeUjXapfhia/kfKeKfR2rSAlnMyWeiHD
   258  ANnAJn+dfoITSxHgyaao73fCMryPfmEK4ffNEVHd5SA1SUUeAmEqbTwDi0BD31w5
   259  PU1kDthsbNYFEx3S7PThZeLL74xxNbjoMK4zTTueXFjLlhDr7YfZYzCGauxT/Cij
   260  qSJxfojjLv4PGFgeoIiNwgOCAQUAAoIBAHFK5SqxjgLqmWcJERnkFxDWE3fcO9ow
   261  lSHJXugzP5Uyv3+IYJ67J22QthsajrnSduCJ+TPgnGPkJHk+3zzFYKArNKOKC5si
   262  MkUD8DBLhY23ieX01J34Ej+t/uQYge1zFaGNm3c1k3WuCTCsbYqJtn60sh50oG3q
   263  lfeRiVFgDto5EraYG9AgtfPSSkeSFVxIBfu6Hy/ri5M9gYwsmVpHZFElCNCbCcnh
   264  zeNosUe5DlYnCdeviY8y3GeIP7QctnFGCCNODOGTuAGoOYb0xSw7rLM1cNns5Xzh
   265  iq4iRFElvjPuiYGAUAsSYqCGx7gt2TiWW4AWbCkZi3S86ppxeevI2OijRTBDMBIG
   266  A1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgFGMB0GA1UdDgQWBBQfWhZE
   267  rEu8JT69BxWWXujrVlrenTAJBgcqhkjOOAQDAzAAMC0CFQDVY5dfGv4GiM8HXqUM
   268  Ve+sDSZ9OAIUd4Cznid6BdEVGyQop2PFd/48Ieo=
   269  -----END CERTIFICATE-----
   270  `)
   271  	// DSA2048Key is a 2048-bit DSA key
   272  	DSA2048Key = []byte(`
   273  -----BEGIN DSA PRIVATE KEY-----
   274  MIIDPgIBAAKCAQEA9BCELjhwYg7JihsU3uQpPOwNidZJBZB2c3IN5HXtwTMn3j+a
   275  9UXg5F3WEdOq/Htg3uGJrLvweKeanrYj9F3DDunxEcqwaxksSADXiTTPXHEbH3J8
   276  Z70hSLtapC4sUhEMRPMDeL/3O38hWa7UsV5ctglsW+KpTyLP8aELPrPKUblv7hZN
   277  fEI7M2KvenJYiCAH9ajRKmnZ2Ebx0l9F59ifj0ltmkV16+/QtQFDav1PwlZDCdUR
   278  6tI08LMZQNz+qH44cVv612O7k2XnmQSy3lP7EboL0X4rm1iJI5dYdH6zpO0tbDQ+
   279  cGeswmTkQGxKXfckbLz2CpVDJx8u6FBk/yBdbQIVAOkkLc3SjvgaIkS5idvXrRPi
   280  py8DAoIBAGGBCSUQPOvUc8qwlMRDpjhbppz1ViK0tPkmP33SursSw1YTub9BCrMe
   281  H/KwUvTzwC+v3pW1fxmLZ0eYipLcdel/CXqNmE+ZmnS2pkRJCP/QuMdPlChehE8f
   282  rbRJJ7XQL3eh97UycNMvVjlfk8kKTZfD5aKhBz9rJaXlI12qX4Ymv5Hynin0dq0g
   283  JZzMlnohwwDZwCZ/nX6CE0sR4MmmqO93wjK8j35hCuH3zRFR3eUgNUlFHgJhKm08
   284  A4tAQ99cOT1NZA7YbGzWBRMd0uz04WXiy++McTW46DCuM007nlxYy5YQ6+2H2WMw
   285  hmrsU/woo6kicX6I4y7+DxhYHqCIjcICggEAcUrlKrGOAuqZZwkRGeQXENYTd9w7
   286  2jCVIcle6DM/lTK/f4hgnrsnbZC2GxqOudJ24In5M+CcY+QkeT7fPMVgoCs0o4oL
   287  myIyRQPwMEuFjbeJ5fTUnfgSP63+5BiB7XMVoY2bdzWTda4JMKxtiom2frSyHnSg
   288  beqV95GJUWAO2jkStpgb0CC189JKR5IVXEgF+7ofL+uLkz2BjCyZWkdkUSUI0JsJ
   289  yeHN42ixR7kOVicJ16+JjzLcZ4g/tBy2cUYII04M4ZO4Aag5hvTFLDusszVw2ezl
   290  fOGKriJEUSW+M+6JgYBQCxJioIbHuC3ZOJZbgBZsKRmLdLzqmnF568jY6AIVAJ8Z
   291  5HzoPpFuQiZ6/H/N6RYpQmAO
   292  -----END DSA PRIVATE KEY-----
   293  `)
   294  	// ECDSACertChain contains 3 SHA256 curve P-256 certificates:  leaf, intermediate, and root
   295  	// They all expire in 2117.  The leaf cert's OU is swarm-manager.
   296  	ECDSACertChain = [][]byte{
   297  		[]byte(`
   298  -----BEGIN CERTIFICATE-----
   299  MIIB3TCCAYOgAwIBAgIUG2izItTi/0YNpfdwUwo7UcjddawwCgYIKoZIzj0EAwIw
   300  EjEQMA4GA1UEAxMHcm9vdENOMjAgFw0xNzAzMDEyMzA1MDBaGA8yMTE3MDIwNjAw
   301  MDUwMFowKDEMMAoGA1UEChMDb3JnMQswCQYDVQQLEwJvdTELMAkGA1UEAxMCY24w
   302  WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATCVPwZBGYQ0SpeXahXzU8BB+ZBjdw9
   303  WsKBa03qSic4O0qtUrLTQSvg2bWoKlo2fVe5g6Sl29gMm0912fTG5nHro4GeMIGb
   304  MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
   305  DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU/hk9CSt3C+8+hVVe1+xTHdAYka4wHwYD
   306  VR0jBBgwFoAU0qlzziAdvItofIcj5PK+SLIRngAwHAYDVR0RBBUwE4ICY26CDXN3
   307  YXJtLW1hbmFnZXIwCgYIKoZIzj0EAwIDSAAwRQIhAIV+zZKA58KkkeV9lC7EgVjT
   308  nXZuicOq8369KseHDSINAiAy8QKshS5XUHXFJi778Mclr2jvx88XnV2yYb7osJv4
   309  Ew==
   310  -----END CERTIFICATE-----
   311  `),
   312  		[]byte(`
   313  -----BEGIN CERTIFICATE-----
   314  MIIBizCCATCgAwIBAgIUcGcL0qGDloPcLE69t6X81DKiaZAwCgYIKoZIzj0EAwIw
   315  ETEPMA0GA1UEAxMGcm9vdENOMCAXDTE3MDMwMjAwMDAwMFoYDzIxMTcwMjA2MDAw
   316  MDAwWjASMRAwDgYDVQQDEwdyb290Q04yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
   317  QgAEL4g4/wWhZM/YfCk/zEXbmTIgaiNUsXrqexXGrsFeoxfojAEuA8tygI8mu45V
   318  fNk16nzO4AfXMFBiChB9fPE1dKNjMGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB
   319  /wQFMAMBAf8wHQYDVR0OBBYEFNKpc84gHbyLaHyHI+TyvkiyEZ4AMB8GA1UdIwQY
   320  MBaAFGD5gOqAIojsuSKECZwWE5aeGDD9MAoGCCqGSM49BAMCA0kAMEYCIQDN10Lz
   321  9mqWPOgqlpSboPf+VzC0HA1ZZI5wqETUKCK1wQIhANkepyJrCapiQ6Vuvc+qycuS
   322  ZS16fmlAEKrBm2KgpZt2
   323  -----END CERTIFICATE-----
   324  `),
   325  		[]byte(`
   326  -----BEGIN CERTIFICATE-----
   327  MIIBaDCCAQ6gAwIBAgIUfmVlMNH1dFyOjZHL18pw0ji9aTkwCgYIKoZIzj0EAwIw
   328  ETEPMA0GA1UEAxMGcm9vdENOMCAXDTE3MDMwMjAwMDAwMFoYDzIxMTcwMjA2MDAw
   329  MDAwWjARMQ8wDQYDVQQDEwZyb290Q04wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
   330  AAT6NjQeSstS/gi2wN+AoWnMZaLfiBjpNSqryqEiPH03viwbtWMG9aCu7cU/3alJ
   331  iIlmQl6Y3n3cFhiQV2dum+UUo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
   332  BAUwAwEB/zAdBgNVHQ4EFgQUYPmA6oAiiOy5IoQJnBYTlp4YMP0wCgYIKoZIzj0E
   333  AwIDSAAwRQIgP8iV0PKFeQZey6j89ieI+IPucjfl8Hp1OLJbamrVEr8CIQD0PsI8
   334  pMJFqD7k4votyNu3W82NrBSe+xyMgFqI5tfx4g==
   335  -----END CERTIFICATE-----
   336  `),
   337  	}
   338  
   339  	// ECDSACertChainKeys contains 3 SHA256 curve P-256 keys: corresponding, respectively,
   340  	// to the certificates in ECDSACertChain
   341  	ECDSACertChainKeys = [][]byte{
   342  		[]byte(`
   343  -----BEGIN EC PRIVATE KEY-----
   344  MHcCAQEEIN+BaGyxGLSgEDLjmQBHdL7JuuAIYlSGCwYS2CCUxMEOoAoGCCqGSM49
   345  AwEHoUQDQgAEwlT8GQRmENEqXl2oV81PAQfmQY3cPVrCgWtN6konODtKrVKy00Er
   346  4Nm1qCpaNn1XuYOkpdvYDJtPddn0xuZx6w==
   347  -----END EC PRIVATE KEY-----
   348  `),
   349  		[]byte(`
   350  -----BEGIN EC PRIVATE KEY-----
   351  MHcCAQEEIP7yNfaUImD76q1pfgx+8PYSq50zK1imh41SKFPzR5fioAoGCCqGSM49
   352  AwEHoUQDQgAEL4g4/wWhZM/YfCk/zEXbmTIgaiNUsXrqexXGrsFeoxfojAEuA8ty
   353  gI8mu45VfNk16nzO4AfXMFBiChB9fPE1dA==
   354  -----END EC PRIVATE KEY-----
   355  `),
   356  		[]byte(`
   357  -----BEGIN EC PRIVATE KEY-----
   358  MHcCAQEEIDIgEpCpn7wEEYt/hLT+NewO0lgBPBRk3A5nU4ASOShDoAoGCCqGSM49
   359  AwEHoUQDQgAE+jY0HkrLUv4ItsDfgKFpzGWi34gY6TUqq8qhIjx9N74sG7VjBvWg
   360  ru3FP92pSYiJZkJemN593BYYkFdnbpvlFA==
   361  -----END EC PRIVATE KEY-----
   362  `),
   363  	}
   364  
   365  	// ECDSACertChainPKCS8Keys contains 3 SHA256 curve P-256 keys in PKCS#8 format:
   366  	// corresponding, respectively, to the certificates in ECDSACertChain
   367  	ECDSACertChainPKCS8Keys = [][]byte{
   368  		[]byte(`-----BEGIN PRIVATE KEY-----
   369  MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg34FobLEYtKAQMuOZ
   370  AEd0vsm64AhiVIYLBhLYIJTEwQ6hRANCAATCVPwZBGYQ0SpeXahXzU8BB+ZBjdw9
   371  WsKBa03qSic4O0qtUrLTQSvg2bWoKlo2fVe5g6Sl29gMm0912fTG5nHr
   372  -----END PRIVATE KEY-----
   373    `),
   374  		[]byte(`-----BEGIN PRIVATE KEY-----
   375  MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg/vI19pQiYPvqrWl+
   376  DH7w9hKrnTMrWKaHjVIoU/NHl+KhRANCAAQviDj/BaFkz9h8KT/MRduZMiBqI1Sx
   377  eup7FcauwV6jF+iMAS4Dy3KAjya7jlV82TXqfM7gB9cwUGIKEH188TV0
   378  -----END PRIVATE KEY-----
   379    `),
   380  		[]byte(`-----BEGIN PRIVATE KEY-----
   381  MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgMiASkKmfvAQRi3+E
   382  tP417A7SWAE8FGTcDmdTgBI5KEOhRANCAAT6NjQeSstS/gi2wN+AoWnMZaLfiBjp
   383  NSqryqEiPH03viwbtWMG9aCu7cU/3alJiIlmQl6Y3n3cFhiQV2dum+UU
   384  -----END PRIVATE KEY-----
   385    `),
   386  	}
   387  )