From 873109aec60538b528c94e42e097ae7db398be95 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Tue, 23 Jun 2015 08:22:42 -0500
Subject: name constraints should not contain a wildcard character

According to RFC 5280 you should just start with a . (e.g. .domain.com
instead of *.domain.com)
---
 .../x509/custom/nc_excluded.pem                    | 24 +++++++++++-----------
 .../x509/custom/nc_permitted.pem                   | 23 ++++++++++-----------
 .../x509/custom/nc_permitted_excluded.pem          | 24 +++++++++++-----------
 3 files changed, 35 insertions(+), 36 deletions(-)

(limited to 'vectors')

diff --git a/vectors/cryptography_vectors/x509/custom/nc_excluded.pem b/vectors/cryptography_vectors/x509/custom/nc_excluded.pem
index 69f416e9..020cdb2b 100644
--- a/vectors/cryptography_vectors/x509/custom/nc_excluded.pem
+++ b/vectors/cryptography_vectors/x509/custom/nc_excluded.pem
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDADCCAeigAwIBAgITBm7Xt1PqHBXFuN+BRDTMZ+XpWzANBgkqhkiG9w0BAQsF
-ADAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwHhcNMTUwNjE3MjIzNzUwWhcNMTYw
-NjE2MjIzNzUwWjAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwggEiMA0GCSqGSIb3
+MIIC/zCCAeegAwIBAgITBm9f5vaPbvBta8T7sPJrGlRunjANBgkqhkiG9w0BAQsF
+ADAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwHhcNMTUwNjIzMDcyMTI3WhcNMTYw
+NjIyMDcyMTI3WjAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQCylTa0WkLvIXB4sWoPdv5iL3idlVHKR+ncODKL
 nwQ2Jtd990MfakOFRLrJFF1tfPL4qyRbbyMyrgCOoKBCAuIdBZfBDH3JWFjxGy8J
 Yls8yVeAVKreV18HmLvAsBL3bnr7Gk3vpznrfoG5rn5T/fL0cqqTXFV8zQhjHiEo
 zftSaoq0LOxsSgFdxXS8e8K6RMvLCZPcMpI4fo1Kq2QBT2J1x1/Hq/VnK132cs0g
 TOyiTyyJfvRmlqdXowh7Jf8LQB4mM6gc023fEdQ+HH6JYX1vDQVxaiTM6KMYJNv/
-l4gchP3jknOfZffwGGdXQrtUMhQmltnSqV5nY/G2OGm/Z0pdAgMBAAGjRTBDMEEG
-A1UdHgEB/wQ3MDWhMzATghEqLmNyeXB0b2dyYXBoeS5pbzAchhpnb3BoZXI6Ly9j
-cnlwdG9ncmFwaHkudGVzdDANBgkqhkiG9w0BAQsFAAOCAQEAcCcidJm7Wmc9ZdzF
-AlP/9Gd5bXBlNswcq1wCmS9S6fgM0oGDgK2duY72Jr5Qqz66yqfzmIO7TtAhaegp
-zCYar3Mmy7rwJHtJNRhBY+PYVLWXmUTf4yJhL+RcH6S+69PkqGQWjBa50vknIHt3
-dPtqadewocO7FuPWCdYDFLmMHM8S/ueMhSSJfFaGlYfy4UrnQhjuSpn6V/Gh5ED7
-tSqoncpHELItkvoS2LUTrpVDmQifuy3X78g7dYAGkjotCqddb90Y/MNSoM8BFS6i
-Fmh8kn8kj6ct1csFLaBzATWby4/NHkuD9vuj9Z941szqpvvZSZhQ/8pEBevs2CNE
-l2Sb0g==
+l4gchP3jknOfZffwGGdXQrtUMhQmltnSqV5nY/G2OGm/Z0pdAgMBAAGjRDBCMEAG
+A1UdHgEB/wQ2MDShMjASghAuY3J5cHRvZ3JhcGh5LmlvMByGGmdvcGhlcjovL2Ny
+eXB0b2dyYXBoeS50ZXN0MA0GCSqGSIb3DQEBCwUAA4IBAQAEknzbmdmW2bYZ/hdC
+8My2MbQPvQ32wySV5F3LotcdMI62osfV0zRtl3r5yULRhrg8Ngj/mIKE9Y6vMyP9
+JnbZexRA0opLadcSu67/Nq7CXEOxgSD4MRqX1hyC0A61m3Lg9NYCzN4b3kQOLrIv
+hG/YrZEVeZ8S+2Xkzb/WllPjirekiX++MjcB7cnIE/noloE7gSVG4hlvTd4fagQi
+U6QZgIEBLmmN7Lc1vlwEbouQ5QAbwOmSvCJ5AQ6b2I1JwwmbkcqhYhIWKkWIKzu1
+mZWkwgC20wBr4pShWRG12cRM5XrtYqSR7ACofK/Rfxz528Rg5zjJZ9Pzr81Pe9z3
+cnP3
 -----END CERTIFICATE-----
diff --git a/vectors/cryptography_vectors/x509/custom/nc_permitted.pem b/vectors/cryptography_vectors/x509/custom/nc_permitted.pem
index a68096e7..22675c35 100644
--- a/vectors/cryptography_vectors/x509/custom/nc_permitted.pem
+++ b/vectors/cryptography_vectors/x509/custom/nc_permitted.pem
@@ -1,19 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC/TCCAeWgAwIBAgITBm7XungOGlx+YwUFD5Z/Pzj7KTANBgkqhkiG9w0BAQsF
-ADAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwHhcNMTUwNjE3MjIzODMyWhcNMTYw
-NjE2MjIzODMyWjAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwggEiMA0GCSqGSIb3
+MIIC/DCCAeSgAwIBAgITBm9f5IA41CoEeSXlCcLyHXDFaDANBgkqhkiG9w0BAQsF
+ADAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwHhcNMTUwNjIzMDcyMDU0WhcNMTYw
+NjIyMDcyMDU0WjAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQCylTa0WkLvIXB4sWoPdv5iL3idlVHKR+ncODKL
 nwQ2Jtd990MfakOFRLrJFF1tfPL4qyRbbyMyrgCOoKBCAuIdBZfBDH3JWFjxGy8J
 Yls8yVeAVKreV18HmLvAsBL3bnr7Gk3vpznrfoG5rn5T/fL0cqqTXFV8zQhjHiEo
 zftSaoq0LOxsSgFdxXS8e8K6RMvLCZPcMpI4fo1Kq2QBT2J1x1/Hq/VnK132cs0g
 TOyiTyyJfvRmlqdXowh7Jf8LQB4mM6gc023fEdQ+HH6JYX1vDQVxaiTM6KMYJNv/
-l4gchP3jknOfZffwGGdXQrtUMhQmltnSqV5nY/G2OGm/Z0pdAgMBAAGjQjBAMD4G
-A1UdHgEB/wQ0MDKgMDATghEqLmNyeXB0b2dyYXBoeS5pbzAZhhdmdHA6Ly9jcnlw
-dG9ncmFwaHkudGVzdDANBgkqhkiG9w0BAQsFAAOCAQEAkQItRDBDmQLlhnyeqYvh
-I5urSAsvAoSMiuXSekM5hv6HtOrpZECUS4SDU3RaSsjTf4uNpebRAgP/Uj5JVgL6
-byWSpQBRGVtFRtORTIldxhexeSJtg675+4DQ/kUjiFawM2AlwUluz7WUJavbrz1H
-4HJTKCFTH5gj27ynfdTUVNkW1tKRiffwdKG9xq+po0FlaAgMNzUlvcNBZKxG5CuT
-C1e08/sEFeZEYtFCxuqqrl7wvk0l/7ayNjdld2Mkk//jKhzvScy6d1lBaxUurOn1
-UAxkdnQ65Jw86oebie8C5Faw43U0p42dMqXeXqhXfXmNpMs5p/FumRUHcr9bs+G4
-hw==
+l4gchP3jknOfZffwGGdXQrtUMhQmltnSqV5nY/G2OGm/Z0pdAgMBAAGjQTA/MD0G
+A1UdHgEB/wQzMDGgLzASghAuY3J5cHRvZ3JhcGh5LmlvMBmGF2Z0cDovL2NyeXB0
+b2dyYXBoeS50ZXN0MA0GCSqGSIb3DQEBCwUAA4IBAQAbJtJo+zpVtfPqK6jRUg12
+yMfjMUIanVmCloWrnopOJ50mKgJxtQmP9mvq0BzzrZKSpRKzF8IrEvNzTGdSIZiX
+wbL7hVgEbMZeHEyYDIxoSQdaj6Mf5/nDwbyLGA+LjZ0Lq31ITVEaA/j3/Zhlq24H
+Tz2ALAq6/jWXA001OLHIxyLNB+iAhHReNNM8MjGMa4NS239BZpF9Ob7TRCCAsaS+
+G1LGRdJ/8AT9DkG+al3Ja9jcbdgan2h14QAkyNFxUf1oaxTZ18IByq8285ycHZJK
+YCY0PK9mSXmeC6S4+rb1TH836twR5cw9g9zxW0dEEftyfrP5BYLyWm3BELgPkbld
 -----END CERTIFICATE-----
diff --git a/vectors/cryptography_vectors/x509/custom/nc_permitted_excluded.pem b/vectors/cryptography_vectors/x509/custom/nc_permitted_excluded.pem
index 726b3b88..13f26ca6 100644
--- a/vectors/cryptography_vectors/x509/custom/nc_permitted_excluded.pem
+++ b/vectors/cryptography_vectors/x509/custom/nc_permitted_excluded.pem
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDJDCCAgygAwIBAgITBm7Xr09L6ZOQw9RfzgaA+R4ROjANBgkqhkiG9w0BAQsF
-ADAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwHhcNMTUwNjE3MjIzNjAzWhcNMTYw
-NjE2MjIzNjAzWjAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwggEiMA0GCSqGSIb3
+MIIDIzCCAgugAwIBAgITBm9f6VBd37JBCGQYKoXvtJ0PbDANBgkqhkiG9w0BAQsF
+ADAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwHhcNMTUwNjIzMDcyMTU4WhcNMTYw
+NjIyMDcyMTU4WjAXMRUwEwYDVQQDDAxjcnlwdG9ncmFwaHkwggEiMA0GCSqGSIb3
 DQEBAQUAA4IBDwAwggEKAoIBAQCylTa0WkLvIXB4sWoPdv5iL3idlVHKR+ncODKL
 nwQ2Jtd990MfakOFRLrJFF1tfPL4qyRbbyMyrgCOoKBCAuIdBZfBDH3JWFjxGy8J
 Yls8yVeAVKreV18HmLvAsBL3bnr7Gk3vpznrfoG5rn5T/fL0cqqTXFV8zQhjHiEo
 zftSaoq0LOxsSgFdxXS8e8K6RMvLCZPcMpI4fo1Kq2QBT2J1x1/Hq/VnK132cs0g
 TOyiTyyJfvRmlqdXowh7Jf8LQB4mM6gc023fEdQ+HH6JYX1vDQVxaiTM6KMYJNv/
-l4gchP3jknOfZffwGGdXQrtUMhQmltnSqV5nY/G2OGm/Z0pdAgMBAAGjaTBnMGUG
-A1UdHgEB/wRbMFmgMDAKhwjAqAAA////ADAihyAA/wAAAAAAAAAAAAAAAAAAAP8A
-AAAAAAAAAAAAAAAA/6ElMA6CDCouZG9tYWluLmNvbTAThhFodHRwOi8vdGVzdC5s
-b2NhbDANBgkqhkiG9w0BAQsFAAOCAQEAqMvB4gK4XFrDtdEXE4eq3LcAbuII4loK
-2CD0D3gMygTXG7KJ9gVjckWMTzGwW0n/honog6L2T8xF77a4HcbHkMsrY5wU2z5m
-MoJWa5z/kQWKMcL6nCaRHzPm2dj/UcEIoZrgJwlrp42OVYNE/4LeSQTF7xBG6V2C
-GNRpNKZFWwZA8Kgxxp4FUpy3jkspCuKsY2r6bm9IutUy6Mx/AQaSNxz4qDWojiYc
-AA/UXvX6lssK+gHWHMc2SmdN2wCa+dJvZyaGGUZOfxoVXwllpnLO2Upslgs8DrOD
-3FOw7Bi/d1zkcPr6Gtq0z8Nf7hHAs9mRXoLmRHKhyBkA9jmkla0wGw==
+l4gchP3jknOfZffwGGdXQrtUMhQmltnSqV5nY/G2OGm/Z0pdAgMBAAGjaDBmMGQG
+A1UdHgEB/wRaMFigMDAKhwjAqAAA////ADAihyAA/wAAAAAAAAAAAAAAAAAAAP8A
+AAAAAAAAAAAAAAAA/6EkMA2CCy5kb21haW4uY29tMBOGEWh0dHA6Ly90ZXN0Lmxv
+Y2FsMA0GCSqGSIb3DQEBCwUAA4IBAQAKS62+aFz7T7Vt2K5/dHWE8sqh9g86veQL
+wBQPG+6ysG4QkQQOiS4CUwOCf4S3quS0pXn+UeJsQKistjFWxoVIrLhEaCPMjpwX
+2LSnQQVBF4YCOnnGyGD1m4hCH1j3hWkHKwPLCcQ7LQ6a1a7CKHLitVxWGWUW+CM+
+NYxt/mon5rYZTomI6p1eVsdrq7Ma942HbgvvQBT8EJjrNGRbH9RV7mGj1ZxBdyyX
+Li7iLk670nIzTG/DfA+yckU5vZkrhicezhsLqXYwhzWUpmWp68vehj0zd25qHP2k
+lCXgYIHtlc9m8p/Io4eRM/Kx8qMsMGe8l7FI8j9uNNZGHt0ecdbX
 -----END CERTIFICATE-----
-- 
cgit v1.2.3