From f6f9634758fec0c6e6c5d36422430d9831b85552 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vlado=20Paji=C4=87?= <vlado@brrrrr.at>
Date: Wed, 19 Mar 2025 16:04:52 +0100
Subject: [PATCH 1/2] update certificate test vectors

---
 tls/tls.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tls/tls.md b/tls/tls.md
index 0c500ce..9ce3c27 100644
--- a/tls/tls.md
+++ b/tls/tls.md
@@ -135,28 +135,28 @@ All certificates in these testcases are HEX encoded.
 
 Certificate:
 ```
-308201773082011ea003020102020900f5bd0debaa597f52300a06082a8648ce3d04030230003020170d3735303130313030303030305a180f34303936303130313030303030305a30003059301306072a8648ce3d020106082a8648ce3d030107034200046bf9871220d71dcb3483ecdfcbfcc7c103f8509d0974b3c18ab1f1be1302d643103a08f7a7722c1b247ba3876fe2c59e26526f479d7718a85202ddbe47562358a37f307d307b060a2b0601040183a25a01010101ff046a30680424080112207fda21856709c5ae12fd6e8450623f15f11955d384212b89f56e7e136d2e17280440aaa6bffabe91b6f30c35e3aa4f94b1188fed96b0ffdd393f4c58c1c047854120e674ce64c788406d1c2c4b116581fd7411b309881c3c7f20b46e54c7e6fe7f0f300a06082a8648ce3d040302034700304402207d1a1dbd2bda235ff2ec87daf006f9b04ba076a5a5530180cd9c2e8f6399e09d0220458527178c7e77024601dbb1b256593e9b96d961b96349d1f560114f61a87595
+308201d83082017ea003020102021100a488d437a726243f2f3933fb76ac1260300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d0301070342000408cb1e75b43c328b0c68b732cce1264aeaba43691a02b49af3cdb255b2832b10882aeb0cc2579ebc8750a15ae93c96be04c8a3ed11811ba90edc4cd2186a7b5ba381b03081ad300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003078060a2b0601040183a25a0101046a3068042408011220964412b781912b2cac807b9731d30201c0c17fccaf15363bf03458b4ed37b9120440fa19f2c89aed436e07ef860dc37a16e538b2714d4fbc95f2470d680bf04319de942108a7c61a23b8112715dd6a5db7846e0d8e2dfc0a11069f6691f0d4fa2c0c300a06082a8648ce3d040302034800304502210097c3c6887c2f4f4747f51a969e104ee3b66d4518bb42adeba13657954bc482b10220613a0a8726ef3c5453e1fe19a2e6fbb8cf6674c9d9480d210655b5416b57a939
 ```
 
-PeerId: `12D3KooWJRSrypvnpHgc6ZAgyCni4KcSmbV7uGRaMw5LgMKT18fq`
+PeerId: `12D3KooWKvwXZNS7Rabb9xZgscwidxjkCh6GgJCxvaYc2UekmKGu`
 
 ### 2. Valid certificate authenticating an ECDSA Peer ID
 
 Certificate:
 ```
-308201c030820166a003020102020900eaf419a6e3edb4a6300a06082a8648ce3d04030230003020170d3735303130313030303030305a180f34303936303130313030303030305a30003059301306072a8648ce3d020106082a8648ce3d030107034200048dbf1116c7c608d6d5292bd826c3feb53483a89fce434bf64538a359c8e07538ff71f6766239be6a146dcc1a5f3bb934bcd4ae2ae1d4da28ac68b4a20593f06ba381c63081c33081c0060a2b0601040183a25a01010101ff0481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d0301070342000484b93fa456a74bd0153919f036db7bc63c802f055bc7023395d0203de718ee0fc7b570b767cdd858aca6c7c4113ff002e78bd2138ac1a3b26dde3519e06979ad04483046022100bc84014cea5a41feabdf4c161096564b9ccf4b62fbef4fe1cd382c84e11101780221009204f086a84cb8ed8a9ddd7868dc90c792ee434adf62c66f99a08a5eba11615b300a06082a8648ce3d0403020348003045022054b437be9a2edf591312d68ff24bf91367ad4143f76cf80b5658f232ade820da022100e23b48de9df9c25d4c83ddddf75d2676f0b9318ee2a6c88a736d85eab94a912f
+3082021d308201c3a0030201020210030a3d9ec63fa9699d9786225333e2e6300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d0301070342000443cb7e0ad4550054ce8aef3871ff1183280a801f359a62449e742616d4859acbf90e4c3549e91d30343d934d6c7ed5177fda747b05450109ac0c2bed4b774961a381f63081f3300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003081bd060a2b0601040183a25a01010481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004e4314d7937c72ffe3e32c86bf01ce5dbbba97f51b3ba1b92988dc055134e67192cc7c4a72957efc81ca1d6842568424661f51d645cf188b49dcb378ab2f3ad8804483046022100b7a863233201ee58c55303e3a295debb4494215fadf9fdae8d673ec77fdc9248022100c622e11fc3f22d7ab6b3fbdb2b4fcdc20ded5cf63903c4a203b28418ea8eee41300a06082a8648ce3d0403020348003045022100ca7a345bdb1c9729e741d34871ef68150f8cd4727d3328a9c45401e201bbc0350220712fc0a3ec3fca0e50d001049a0a4114d957ae111f4c911c3e54360d80aa7119
 ```
 
-PeerId: `QmZcrvr3r4S3QvwFdae3c2EWTfo792Y14UpzCZurhmiWeX`
+PeerId: `QmPt7GAt6b4cJE8qYWYUvBkSPxmhsVoqkSnbtkoKw8rsKr`
 
 ### 3. Valid certificate authenticating a secp256k1 Peer ID
 
 Certificate:
 ```
-3082018230820128a003020102020900f3b305f55622cfdf300a06082a8648ce3d04030230003020170d3735303130313030303030305a180f34303936303130313030303030305a30003059301306072a8648ce3d020106082a8648ce3d0301070342000458f7e9581748ff9bdd933b655cc0e5552a1248f840658cc221dec2186b5a2fe4641b86ab7590a3422cdbb1000cf97662f27e5910d7569f22feed8829c8b52e0fa38188308185308182060a2b0601040183a25a01010101ff0471306f042508021221026b053094d1112bce799dc8026040ae6d4eb574157929f1598172061f753d9b1b04463044022040712707e97794c478d93989aaa28ae1f71c03af524a8a4bd2d98424948a782302207b61b7f074b696a25fb9e0059141a811cccc4cc28042d9301b9b2a4015e87470300a06082a8648ce3d04030203480030450220143ae4d86fdc8675d2480bb6912eca5e39165df7f572d836aa2f2d6acfab13f8022100831d1979a98f0c4a6fb5069ca374de92f1a1205c962a6d90ad3d7554cb7d9df4
+308201dd30820184a00302010202102c9f34881912e91d916c813673fc268a300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d03010703420004accc9a0f5852fd73b02ec880c4cb2076cd37440ae24aee1eb4b3116311215f9ba0a3d86a4b12dbf04f0a08e8f4dd2cc0f515bcb86e4653e991e2f0efc0365886a381b73081b4300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000307f060a2b0601040183a25a01010471306f0425080212210378067cceac4ac01ce5b03758ce4de591cec37080e434c3dd5e1cc62cd6da2831044630440220544b670a9d92b262714317f7f20f6afbd910d1573584fb672b0714bc2b8b195e02203d832f7f308e03a5a4d33fc4866af2044e9c69c459478ffb32b55ba7e7fad2a9300a06082a8648ce3d0403020347003044022048f1495b10b0ffcd8590600663bd63f7585b40c5f25ea65256e83410f3b12c6002202a37ba56922f953444e1128839a6c64681edcab6107b6fdc8e8a36172a95f842
 ```
 
-PeerId: `16Uiu2HAm2dSCBFxuge46aEt7U1oejtYuBUZXxASHqmcfVmk4gsbx`
+PeerId: `16Uiu2HAmLjX1eVhPDcu5UX7iMprQGHdn3iVqebE9Qe4R5LScDCPz`
 
 ### 4. Invalid certificate
 
@@ -164,7 +164,7 @@ This certificate has a mismatch between the Peer ID that it claims to authentica
 
 Certificate:
 ```
-308201773082011da003020102020830a73c5d896a1109300a06082a8648ce3d04030230003020170d3735303130313030303030305a180f34303936303130313030303030305a30003059301306072a8648ce3d020106082a8648ce3d03010703420004bbe62df9a7c1c46b7f1f21d556deec5382a36df146fb29c7f1240e60d7d5328570e3b71d99602b77a65c9b3655f62837f8d66b59f1763b8c9beba3be07778043a37f307d307b060a2b0601040183a25a01010101ff046a3068042408011220ec8094573afb9728088860864f7bcea2d4fd412fef09a8e2d24d482377c20db60440ecabae8354afa2f0af4b8d2ad871e865cb5a7c0c8d3dbdbf42de577f92461a0ebb0a28703e33581af7d2a4f2270fc37aec6261fcc95f8af08f3f4806581c730a300a06082a8648ce3d040302034800304502202dfb17a6fa0f94ee0e2e6a3b9fb6e986f311dee27392058016464bd130930a61022100ba4b937a11c8d3172b81e7cd04aedb79b978c4379c2b5b24d565dd5d67d3cb3c
+3082021d308201c3a00302010202107f3d6f4349b6e7eb3b1bb66fff5046b8300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393134333631355a170d3335303331373134333631355a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d03010703420004df3a5d51c593489f59301eb4363618ba87c47f8bbbaec04af98d5fb94f3e15fff2abc41cc14a85b765df1b83d56feae524abfd9ad85e1e2805f06fc2f9794e72a381f63081f3300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003081bd060a2b0601040183a25a01010481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004534e5755014446ff4077c66addc4ac71be602d146d5d709a8c476a94a680b7e3355a17b95eda49c19740b90dcfb929e1e537ec8146acfcaa731b1b84c1ffdd83044830460221009f599024ebec5e4002c63878e6ba84f98fc968f2d635539524b7161b4ad31752022100bf5dd3b475e84c2192bee0a94ba41751f846b2715fa2f2ec51443dd89bed37f1300a06082a8648ce3d040302034800304502202362f3821760ed19d8ecb6c2c98e272e36728e2f9b74c80dfb44f4b6a4bca7ac022100dfbf9c66a75fdb91aa4215c5dbb6a560b81dcc3ebf7e4ef414cfbe04a8f3e5ee
 ```
 
 ## Future Extensibility

From f6db25a204148f5fa534ba9656881c8626603267 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vlado=20Paji=C4=87?= <vlado@brrrrr.at>
Date: Thu, 20 Mar 2025 13:11:18 +0100
Subject: [PATCH 2/2] update test vector

---
 tls/tls.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tls/tls.md b/tls/tls.md
index 9ce3c27..2231eab 100644
--- a/tls/tls.md
+++ b/tls/tls.md
@@ -135,28 +135,28 @@ All certificates in these testcases are HEX encoded.
 
 Certificate:
 ```
-308201d83082017ea003020102021100a488d437a726243f2f3933fb76ac1260300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d0301070342000408cb1e75b43c328b0c68b732cce1264aeaba43691a02b49af3cdb255b2832b10882aeb0cc2579ebc8750a15ae93c96be04c8a3ed11811ba90edc4cd2186a7b5ba381b03081ad300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003078060a2b0601040183a25a0101046a3068042408011220964412b781912b2cac807b9731d30201c0c17fccaf15363bf03458b4ed37b9120440fa19f2c89aed436e07ef860dc37a16e538b2714d4fbc95f2470d680bf04319de942108a7c61a23b8112715dd6a5db7846e0d8e2dfc0a11069f6691f0d4fa2c0c300a06082a8648ce3d040302034800304502210097c3c6887c2f4f4747f51a969e104ee3b66d4518bb42adeba13657954bc482b10220613a0a8726ef3c5453e1fe19a2e6fbb8cf6674c9d9480d210655b5416b57a939
+308201b030820156a00302010202081ef0074922d196fd300a06082a8648ce3d040302301e311c301a06035504051313343337323333323535383639393632313939323020170d3235303332303130333033305a180f32313235303232343131333033305a301e311c301a06035504051313343337323333323535383639393632313939323059301306072a8648ce3d020106082a8648ce3d03010703420004799542bfc7bfb7506ecd6d78857796b30e4127c44716fc2caa40922cc578ec9367e5b748c748a3ae576786b9fddeca36f40f2cc883b101e937511bff41ab5232a37c307a3078060a2b0601040183a25a0101046a3068042408011220970ec193ab5f6c556009767d5cdc0477d257807b41468a6f2007b40f03034fc70440db02949ac1e19fa61632baafa30d565eca7c12e84f0fc4341ade332b5ccbac60640fdc59213399d913e6c3c0f1111f92f66f04ee20cfe8f16cecfb7b5ee59205300a06082a8648ce3d040302034800304502203d33964353d80f393415c993a6462d47c7dacc38147ee445953019786ea7b66d022100a693ade35c4edb786bdb0bd09f1cb0c9a5b0bc6b61a97b639b4e3334371e10aa
 ```
 
-PeerId: `12D3KooWKvwXZNS7Rabb9xZgscwidxjkCh6GgJCxvaYc2UekmKGu`
+PeerId: `12D3KooWKz2nHY8tmcX7ziGsF3gBoUZVvCXcmkvn86DaBsGktZfc`
 
 ### 2. Valid certificate authenticating an ECDSA Peer ID
 
 Certificate:
 ```
-3082021d308201c3a0030201020210030a3d9ec63fa9699d9786225333e2e6300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d0301070342000443cb7e0ad4550054ce8aef3871ff1183280a801f359a62449e742616d4859acbf90e4c3549e91d30343d934d6c7ed5177fda747b05450109ac0c2bed4b774961a381f63081f3300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003081bd060a2b0601040183a25a01010481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004e4314d7937c72ffe3e32c86bf01ce5dbbba97f51b3ba1b92988dc055134e67192cc7c4a72957efc81ca1d6842568424661f51d645cf188b49dcb378ab2f3ad8804483046022100b7a863233201ee58c55303e3a295debb4494215fadf9fdae8d673ec77fdc9248022100c622e11fc3f22d7ab6b3fbdb2b4fcdc20ded5cf63903c4a203b28418ea8eee41300a06082a8648ce3d0403020348003045022100ca7a345bdb1c9729e741d34871ef68150f8cd4727d3328a9c45401e201bbc0350220712fc0a3ec3fca0e50d001049a0a4114d957ae111f4c911c3e54360d80aa7119
+308201f63082019ca00302010202081052b953fab8f4be300a06082a8648ce3d040302301e311c301a06035504051313313931333134363939343730373431363038313020170d3235303332303130333033305a180f32313235303232343131333033305a301e311c301a06035504051313313931333134363939343730373431363038313059301306072a8648ce3d020106082a8648ce3d03010703420004c2fc1d082c85b90d8a82413b9b34f9c9c5f93f79e6d1eb954b5fdfe41b26fc9a4c44f32844eb40be9b4728a59ec966816a5394d3a0c1f06334b6debecb36f0aea381c13081be3081bb060a2b0601040183a25a01010481ac3081a9045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004d287ad3dc5c97884b7ab987b660efc2aa8cde7f9814e0fb3a8a005bfd8cd4a6cd2fd961d3e2013256b5b59e1ca6c9e7e48febfb1ed90cd092ef24aa0ae2d0dc404463044022021e1ccaf2f3c77fde5ada1242b830e7a5c1ab25956ac5edbca4904ec47a09479022051884dbdda561b545abf3fe391341898a4b4ceccccb83507b445ed36a6b2eedc300a06082a8648ce3d040302034800304502200f0fd126fb521ef8543655ccd3c32b1df34be8eb61ba4d30a04eebdb2870f2b0022100e97a637a3e702f360b45eb7567647c6a46f9d2a53291332a89898f3d84afc24e
 ```
 
-PeerId: `QmPt7GAt6b4cJE8qYWYUvBkSPxmhsVoqkSnbtkoKw8rsKr`
+PeerId: `Qmf5QwyriEdqphhFWkFJsmfY4Sgsj5Cq47VTa5RAboELhM`
 
 ### 3. Valid certificate authenticating a secp256k1 Peer ID
 
 Certificate:
 ```
-308201dd30820184a00302010202102c9f34881912e91d916c813673fc268a300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393131353433315a170d3335303331373131353433315a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d03010703420004accc9a0f5852fd73b02ec880c4cb2076cd37440ae24aee1eb4b3116311215f9ba0a3d86a4b12dbf04f0a08e8f4dd2cc0f515bcb86e4653e991e2f0efc0365886a381b73081b4300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000307f060a2b0601040183a25a01010471306f0425080212210378067cceac4ac01ce5b03758ce4de591cec37080e434c3dd5e1cc62cd6da2831044630440220544b670a9d92b262714317f7f20f6afbd910d1573584fb672b0714bc2b8b195e02203d832f7f308e03a5a4d33fc4866af2044e9c69c459478ffb32b55ba7e7fad2a9300a06082a8648ce3d0403020347003044022048f1495b10b0ffcd8590600663bd63f7585b40c5f25ea65256e83410f3b12c6002202a37ba56922f953444e1128839a6c64681edcab6107b6fdc8e8a36172a95f842
+308201b83082015fa003020102020831c14b384686f89a300a06082a8648ce3d040302301e311c301a06035504051313313435373936393932373437313131393132373020170d3235303332303130333033305a180f32313235303232343131333033305a301e311c301a06035504051313313435373936393932373437313131393132373059301306072a8648ce3d020106082a8648ce3d03010703420004e5da66e6dc811fef90f2b7a77ec92f8f7a96942899dc31ce649058cff9f9504cbe2c70212b616daef3fb52afa7d75b1c7880f48fdf0565cb7809ffb656b3b540a38184308181307f060a2b0601040183a25a01010471306f04250802122102d5dd09fddbcc150de9cb92e1777d7712ba0e20f526c7a842cc5f134a966cda780446304402202ece49e25a4b743f6965c70fd7c6efcf9101909a12fe81f2df98a5fcc203e49b02206e16a72fa8d1375d6117db99a960c324fe02f54d0853ecc19dda23a4f40949f0300a06082a8648ce3d0403020347003044022022587f895d257d5cf66da1d1c3627910b858443cb887f405e1948dc3e55d80b902200e2f07b93a2e4a487bb4bc721e9431ae723f921d91f84a875758d787c4302fa8
 ```
 
-PeerId: `16Uiu2HAmLjX1eVhPDcu5UX7iMprQGHdn3iVqebE9Qe4R5LScDCPz`
+PeerId: `16Uiu2HAm9pWJoENCPfqs3NxD58ujsoi8PNAVpDDJxfbuVHSWj1VZ`
 
 ### 4. Invalid certificate
 
@@ -164,7 +164,7 @@ This certificate has a mismatch between the Peer ID that it claims to authentica
 
 Certificate:
 ```
-3082021d308201c3a00302010202107f3d6f4349b6e7eb3b1bb66fff5046b8300a06082a8648ce3d040302301431123010060355040a13096c69627032702e696f301e170d3235303331393134333631355a170d3335303331373134333631355a301431123010060355040a13096c69627032702e696f3059301306072a8648ce3d020106082a8648ce3d03010703420004df3a5d51c593489f59301eb4363618ba87c47f8bbbaec04af98d5fb94f3e15fff2abc41cc14a85b765df1b83d56feae524abfd9ad85e1e2805f06fc2f9794e72a381f63081f3300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff040230003081bd060a2b0601040183a25a01010481ae3081ab045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004534e5755014446ff4077c66addc4ac71be602d146d5d709a8c476a94a680b7e3355a17b95eda49c19740b90dcfb929e1e537ec8146acfcaa731b1b84c1ffdd83044830460221009f599024ebec5e4002c63878e6ba84f98fc968f2d635539524b7161b4ad31752022100bf5dd3b475e84c2192bee0a94ba41751f846b2715fa2f2ec51443dd89bed37f1300a06082a8648ce3d040302034800304502202362f3821760ed19d8ecb6c2c98e272e36728e2f9b74c80dfb44f4b6a4bca7ac022100dfbf9c66a75fdb91aa4215c5dbb6a560b81dcc3ebf7e4ef414cfbe04a8f3e5ee
+308201f83082019da00302010202081d051a136acdc4ea300a06082a8648ce3d040302301e311c301a06035504051313333037373732313536373332393634323238363020170d3235303332303130333830395a180f32313235303232343131333830395a301e311c301a06035504051313333037373732313536373332393634323238363059301306072a8648ce3d020106082a8648ce3d030107034200043168c3c9c49ec956c48446b64cc9c2c3d19eb7292ec8410ab9db14bef4946e5d14372ff5ae437b66b2fc724180bafeb8424a7bd4e119a02fcbbbabe039d9e6d7a381c23081bf3081bc060a2b0601040183a25a01010481ad3081aa045f0803125b3059301306072a8648ce3d020106082a8648ce3d03010703420004570acac25ebaaf7cc97c83858bff4c1bec26c9fdeb001b443c08cf26aee887099b36b73fa1aab6b3f729d8e9d8a7b789b5addcb79064769722a0da54cb4ceee804473045022100c253946d4c212698afb92095fdf281611f3fe7088f6cc1ccc71950509558459202206213b2c8fd07d53dc4554c54403116cb9d780d2fdd5b05c4447f1f187dbd26b6300a06082a8648ce3d0403020349003046022100c942bba92a2f3a1f639ae20c1c20e3bbea0f69d45c0ca67411a67c5ec71745f4022100896af401d8d137db9d075cb949b26c5808543540f3cf823352f53e920b5c7d55
 ```
 
 ## Future Extensibility