diff options
| author | Alex Stapleton <alexs@prol.etari.at> | 2014-12-13 19:11:33 +0000 |
|---|---|---|
| committer | Alex Stapleton <alexs@prol.etari.at> | 2014-12-13 19:11:33 +0000 |
| commit | c5e9ce030ba279973f2970d7efe16048a0d09b3a (patch) | |
| tree | bf94b1d02fb3bfeab33028cf69430f3ed83f4ef2 /docs/development | |
| parent | be42d096746ca211d0e1b21874017e75765dc40b (diff) | |
| parent | a850c613f0d2874a46a6ed883b32ca385048b395 (diff) | |
| download | cryptography-c5e9ce030ba279973f2970d7efe16048a0d09b3a.tar.gz cryptography-c5e9ce030ba279973f2970d7efe16048a0d09b3a.tar.bz2 cryptography-c5e9ce030ba279973f2970d7efe16048a0d09b3a.zip | |
Merge pull request #1498 from reaperhulk/x509-more-vectors
add several new x509 test vectors
Diffstat (limited to 'docs/development')
| -rw-r--r-- | docs/development/test-vectors.rst | 63 |
1 files changed, 42 insertions, 21 deletions
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 8c2d1361..10c20dba 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -34,10 +34,48 @@ Asymmetric ciphers `enc2-rsa-pkcs8.pem`_ was re-encrypted using a stronger PKCS#8 cipher. * `Botan's ECC private keys`_. +Custom Asymmetric Vectors +~~~~~~~~~~~~~~~~~~~~~~~~~ + +* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL + from the curve ``secp256r1``. +* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as + ``ec_private_key.pem``, except that it is encrypted with AES-128 with the + password "123456". +* ``ec_public_key.pem`` - Contains the public key corresponding to + ``ec_private_key.pem``, generated using OpenSSL. +* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using + OpenSSL, protected by the secret "123456" with DES3 encryption. +* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using + OpenSSL from ``rsa_private_key.pem``. +* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL; + contains no keys. +* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using + OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret + "123456" with DES3 encryption. +* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL + from ``dsa_private_key.pem``. + + X.509 ~~~~~ * PKITS test suite from `NIST PKI Testing`_. +* ``v1_cert.pem`` from the OpenSSL source tree (`testx509.pem`_). +* ``ecdsa_root.pem`` - `DigiCert Global Root G3`_, a ``secp384r1`` ECDSA root + certificate. + +Custom X.509 Vectors +~~~~~~~~~~~~~~~~~~~~ + +* ``invalid_version.pem`` - Contains an RSA 2048 bit certificate with the + X.509 version field set to ``0x7``. +* ``post2000utctime.pem`` - Contains an RSA 2048 bit certificate with the + ``notBefore`` and ``notAfter`` fields encoded as post-2000 ``UTCTime``. +* ``dsa_selfsigned_ca.pem`` - Contains a DSA self-signed CA certificate + generated using OpenSSL. +* ``ec_no_named_curve.pem`` - Contains an ECDSA certificate that does not have + an embedded OID defining the curve. Hashes ~~~~~~ @@ -107,27 +145,8 @@ Creating test vectors When official vectors are unavailable ``cryptography`` may choose to build its own using existing vectors as source material. -Current custom vectors -~~~~~~~~~~~~~~~~~~~~~~ - -* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL - from the curve ``secp256r1``. -* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as - ``ec_private_key.pem``, except that it is encrypted with AES-128 with the - password "123456". -* ``ec_public_key.pem`` - Contains the public key corresponding to - ``ec_private_key.pem``, generated using OpenSSL. -* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using - OpenSSL, protected by the secret "123456" with DES3 encryption. -* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using - OpenSSL from ``rsa_private_key.pem``. -* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL; - contains no keys. -* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using - OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret - "123456" with DES3 encryption. -* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL - from ``dsa_private_key.pem``. +Custom Symmetric Vectors +~~~~~~~~~~~~~~~~~~~~~~~~ .. toctree:: :maxdepth: 1 @@ -174,3 +193,5 @@ header format (substituting the correct information): .. _`Ed25519 website`: http://ed25519.cr.yp.to/software.html .. _`NIST SP-800-38B`: http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf .. _`NIST PKI Testing`: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html +.. _`testx509.pem`: https://github.com/openssl/openssl/blob/master/test/testx509.pem +.. _`DigiCert Global Root G3`: http://cacerts.digicert.com/DigiCertGlobalRootG3.crt |