From b9a7c6e720ac9347d4ba2491cc48d7d64e6cd56c Mon Sep 17 00:00:00 2001 From: eclipse-temurin-bot <81643974+eclipse-temurin-bot@users.noreply.github.com> Date: Wed, 3 Jul 2024 03:04:39 +0200 Subject: [PATCH] cacerts: pull in updated certs from Mozilla (#3872) --- security/certdata.txt | 134 +++++++++++++++++- .../net/adoptium/test/VerifyCACertsTest.java | 2 +- 2 files changed, 133 insertions(+), 3 deletions(-) diff --git a/security/certdata.txt b/security/certdata.txt index ed5e6cb17..d58e9eded 100644 --- a/security/certdata.txt +++ b/security/certdata.txt @@ -17020,8 +17020,14 @@ CKA_VALUE MULTILINE_OCTAL \155\015\277\173\327\222 END CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE -CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE -CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE +# For Server Distrust After: Sun Jun 30 00:00:00 2024 +CKA_NSS_SERVER_DISTRUST_AFTER MULTILINE_OCTAL +\062\064\060\066\063\060\060\060\060\060\060\060\132 +END +# For Email Distrust After: Sun Jun 30 00:00:00 2024 +CKA_NSS_EMAIL_DISTRUST_AFTER MULTILINE_OCTAL +\062\064\060\066\063\060\060\060\060\060\060\060\132 +END # Trust for "GLOBALTRUST 2020" # Issuer: CN=GLOBALTRUST 2020,O=e-commerce monitoring GmbH,C=AT @@ -25359,3 +25365,127 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE + +# +# Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" +# +# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d +# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Not Valid Before: Wed Apr 06 09:01:36 2022 +# Not Valid After : Sun Mar 31 09:01:36 2047 +# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A +# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5 +CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB" +CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 +CKA_SUBJECT MULTILINE_OCTAL +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061 +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160 +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060 +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066 +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003 +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116 +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102 +END +CKA_ID UTF8 "0" +CKA_ISSUER MULTILINE_OCTAL +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061 +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160 +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060 +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066 +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003 +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116 +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126 +\114\155 +END +CKA_VALUE MULTILINE_OCTAL +\060\202\002\172\060\202\002\000\240\003\002\001\002\002\020\061 +\227\041\355\257\211\102\177\065\101\207\241\147\126\114\155\060 +\012\006\010\052\206\110\316\075\004\003\003\060\156\061\013\060 +\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003 +\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163 +\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004 +\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060 +\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122 +\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101 +\040\122\117\117\124\055\101\040\127\105\102\060\036\027\015\062 +\062\060\064\060\066\060\071\060\061\063\066\132\027\015\064\067 +\060\063\063\061\060\071\060\061\063\066\132\060\156\061\013\060 +\011\006\003\125\004\006\023\002\105\123\061\034\060\032\006\003 +\125\004\012\014\023\106\151\162\155\141\160\162\157\146\145\163 +\151\157\156\141\154\040\123\101\061\030\060\026\006\003\125\004 +\141\014\017\126\101\124\105\123\055\101\066\062\066\063\064\060 +\066\070\061\047\060\045\006\003\125\004\003\014\036\106\111\122 +\115\101\120\122\117\106\105\123\111\117\116\101\114\040\103\101 +\040\122\117\117\124\055\101\040\127\105\102\060\166\060\020\006 +\007\052\206\110\316\075\002\001\006\005\053\201\004\000\042\003 +\142\000\004\107\123\352\054\021\244\167\307\052\352\363\326\137 +\173\323\004\221\134\372\210\306\042\271\203\020\142\167\204\063 +\055\351\003\210\324\340\063\367\355\167\054\112\140\352\344\157 +\255\155\264\370\114\212\244\344\037\312\352\117\070\112\056\202 +\163\053\307\146\233\012\214\100\234\174\212\366\362\071\140\262 +\336\313\354\270\344\157\352\233\135\267\123\220\030\062\125\305 +\040\267\224\243\143\060\141\060\017\006\003\125\035\023\001\001 +\377\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004 +\030\060\026\200\024\223\341\103\143\134\074\235\326\047\363\122 +\354\027\262\251\257\054\367\166\370\060\035\006\003\125\035\016 +\004\026\004\024\223\341\103\143\134\074\235\326\047\363\122\354 +\027\262\251\257\054\367\166\370\060\016\006\003\125\035\017\001 +\001\377\004\004\003\002\001\006\060\012\006\010\052\206\110\316 +\075\004\003\003\003\150\000\060\145\002\060\035\174\244\173\303 +\211\165\063\341\073\251\105\277\106\351\351\241\335\311\042\026 +\267\107\021\013\330\232\272\361\310\013\160\120\123\002\221\160 +\205\131\251\036\244\346\352\043\061\240\000\002\061\000\375\342 +\370\263\257\026\271\036\163\304\226\343\301\060\031\330\176\346 +\303\227\336\034\117\270\211\057\063\353\110\017\031\367\207\106 +\135\046\220\245\205\305\271\172\224\076\207\250\275\000 +END +CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE +CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE +CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE + +# Trust for "FIRMAPROFESIONAL CA ROOT-A WEB" +# Issuer: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Serial Number:31:97:21:ed:af:89:42:7f:35:41:87:a1:67:56:4c:6d +# Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB,OID.2.5.4.97=VATES-A62634068,O=Firmaprofesional SA,C=ES +# Not Valid Before: Wed Apr 06 09:01:36 2022 +# Not Valid After : Sun Mar 31 09:01:36 2047 +# Fingerprint (SHA-256): BE:F2:56:DA:F2:6E:9C:69:BD:EC:16:02:35:97:98:F3:CA:F7:18:21:A0:3E:01:82:57:C5:3C:65:61:7F:3D:4A +# Fingerprint (SHA1): A8:31:11:74:A6:14:15:0D:CA:77:DD:0E:E4:0C:5D:58:FC:A0:72:A5 +CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST +CKA_TOKEN CK_BBOOL CK_TRUE +CKA_PRIVATE CK_BBOOL CK_FALSE +CKA_MODIFIABLE CK_BBOOL CK_FALSE +CKA_LABEL UTF8 "FIRMAPROFESIONAL CA ROOT-A WEB" +CKA_CERT_SHA1_HASH MULTILINE_OCTAL +\250\061\021\164\246\024\025\015\312\167\335\016\344\014\135\130 +\374\240\162\245 +END +CKA_CERT_MD5_HASH MULTILINE_OCTAL +\202\262\255\105\000\202\260\146\143\370\137\303\147\116\316\243 +END +CKA_ISSUER MULTILINE_OCTAL +\060\156\061\013\060\011\006\003\125\004\006\023\002\105\123\061 +\034\060\032\006\003\125\004\012\014\023\106\151\162\155\141\160 +\162\157\146\145\163\151\157\156\141\154\040\123\101\061\030\060 +\026\006\003\125\004\141\014\017\126\101\124\105\123\055\101\066 +\062\066\063\064\060\066\070\061\047\060\045\006\003\125\004\003 +\014\036\106\111\122\115\101\120\122\117\106\105\123\111\117\116 +\101\114\040\103\101\040\122\117\117\124\055\101\040\127\105\102 +END +CKA_SERIAL_NUMBER MULTILINE_OCTAL +\002\020\061\227\041\355\257\211\102\177\065\101\207\241\147\126 +\114\155 +END +CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR +CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST +CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST +CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE + diff --git a/test/functional/buildAndPackage/src/net/adoptium/test/VerifyCACertsTest.java b/test/functional/buildAndPackage/src/net/adoptium/test/VerifyCACertsTest.java index 10ec670f4..1fc39e44d 100644 --- a/test/functional/buildAndPackage/src/net/adoptium/test/VerifyCACertsTest.java +++ b/test/functional/buildAndPackage/src/net/adoptium/test/VerifyCACertsTest.java @@ -40,7 +40,7 @@ public class VerifyCACertsTest { private static final JdkVersion JDK_VERSION = new JdkVersion(); // Expect matching certs number - private static final int EXPECTED_COUNT = 147; + private static final int EXPECTED_COUNT = 148; /* TODO: add up to 141 certs private static final Map EXPFP_MAP = new HashMap<>() {