diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-09-09 07:02:22 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-09-08 19:02:22 -0400 |
| commit | 52067bc300ec37c1b4a4b889fd7828600f5b9ce1 (patch) | |
| tree | 5b686b35d3aeba0ed90dcad518a3e95365d6b945 | |
| parent | 2b01c55736ce9a03f3d77284ee182accaeaba282 (diff) | |
| download | cryptography-52067bc300ec37c1b4a4b889fd7828600f5b9ce1.tar.gz cryptography-52067bc300ec37c1b4a4b889fd7828600f5b9ce1.tar.bz2 cryptography-52067bc300ec37c1b4a4b889fd7828600f5b9ce1.zip | |
add X509 test vector with a TLS Feature (RFC 7633) extension (#3898)
| -rw-r--r-- | docs/development/test-vectors.rst | 3 | ||||
| -rw-r--r-- | vectors/cryptography_vectors/x509/tls-feature-ocsp-staple.pem | 33 |
2 files changed, 36 insertions, 0 deletions
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 7a5f8797..dc89cafa 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -167,6 +167,9 @@ X.509 * ``wosign-bc-invalid.pem`` - A certificate issued by WoSign that contains a basic constraints extension with CA set to false and a path length of zero in violation of :rfc:`5280`. +* ``tls-feature-ocsp-staple.pem`` - A certificate issued by Let's Encrypt that + contains a TLS Feature extension with the ``status_request`` feature (commonly + known as OCSP Must-Staple). Custom X.509 Vectors ~~~~~~~~~~~~~~~~~~~~ diff --git a/vectors/cryptography_vectors/x509/tls-feature-ocsp-staple.pem b/vectors/cryptography_vectors/x509/tls-feature-ocsp-staple.pem new file mode 100644 index 00000000..55c18f22 --- /dev/null +++ b/vectors/cryptography_vectors/x509/tls-feature-ocsp-staple.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFwDCCBKigAwIBAgISBAkqVGPY5uvY4mED7P7emq/6MA0GCSqGSIb3DQEBCwUA +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA4MzEyMzAxMDBaFw0x +NzExMjkyMzAxMDBaMBsxGTAXBgNVBAMTEHNjb3R0aGVsbWUuY28udWswggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa2odZX/NOf9NW/9tqMOWaAUfoImkp +t14vv3TgikHjBVNnNd8Jt9SSFSzgxn0JtLGot4w6Uy47NIhDE0Ff+Br2DuTYMUvJ +xg0b2cIuULUy3Rwt1IWhicSL/XDSIsSWleEhUYjtrFXhBMEjfvcKhlGGdXb5DgLS +KRol6Rv4RF2t3q68TF9VdV6wEU+2EdoadQqJ2HlIo2p8NZbfoQ2eo+6IyNi+t+0N +acsadrdRKb7K75l5d83/btxuV9tOmRVVfUIGqUztN9tJZSZMS8LxpMnQkf2dizL6 +Rsyl1vTpYLdo5mjgNn3r3yRAQ6qXhWhR3RyKp8WyHvKe/cy/tVx6ziidAgMBAAGj +ggLNMIICyTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG +AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJdftiVVJIUikEi+8+Px01S/ +/gBFMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEB +BGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0 +Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0 +Lm9yZy8wgcQGA1UdEQSBvDCBuYIYcnNhMjA0OC5zY290dGhlbG1lLmNvLnVrghBz +Y290dGhlbG1lLmNvLnVrgg5zY290dGhlbG1lLmNvbYIac3Ryb25nc3NsLnNjb3R0 +aGVsbWUuY28udWuCGHdlYWtzc2wuc2NvdHRoZWxtZS5jby51a4IUd3d3LnNjb3R0 +aGVsbWUuY28udWuCEnd3dy5zY290dGhlbG1lLmNvbYIbeG4tLWx2OGhhYS5zY290 +dGhlbG1lLmNvLnVrMBEGCCsGAQUFBwEYBAUwAwIBBTCB/gYDVR0gBIH2MIHzMAgG +BmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j +cHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlm +aWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVz +IGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9s +aWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkv +MA0GCSqGSIb3DQEBCwUAA4IBAQA2bHizYkS6EA8xpLwcQtsI2wHmU041SEFSJzUH +j2HmYQRk2qcpFMPlliSqpGrRm2cvRj2wmbAm3mkFw/D3qrC8c9+5YBSbzwRNEQcm +aCbvgQ5J8q7ZqYG3X/p72KuthuEyKqAE3BYYXBqoAIJnyzJALNRomCM6XcNFoDRN +0tXfEJ4gzRt5tBYYFlmLLm3Fhdf68HWE2W5h2E7FC4ScVuCczQZ95wITrAFapif3 +Z0rniIZOZDW1KqtHmXiHJH4+YDOLDOInD5en5Znt+c4PDCezymCJBy970VeSigpb +xFBzfG7Ocz3LpLbP8B0ZbwuahiXKfND/0HjTyQnxMA4FMdfE +-----END CERTIFICATE----- |