aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/development/test-vectors.rst60
-rw-r--r--vectors/cryptography_vectors/x509/custom/dsa_root.pem31
-rw-r--r--vectors/cryptography_vectors/x509/custom/invalid_version.pem22
-rw-r--r--vectors/cryptography_vectors/x509/custom/post2000utctime.pem24
-rw-r--r--vectors/cryptography_vectors/x509/ecdsa_root.pem15
-rw-r--r--vectors/cryptography_vectors/x509/v1_cert.pem10
6 files changed, 141 insertions, 21 deletions
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index 8c2d1361..a682562a 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -34,10 +34,45 @@ Asymmetric ciphers
`enc2-rsa-pkcs8.pem`_ was re-encrypted using a stronger PKCS#8 cipher.
* `Botan's ECC private keys`_.
+Custom Asymmetric Vectors
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL
+ from the curve ``secp256r1``.
+* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as
+ ``ec_private_key.pem``, except that it is encrypted with AES-128 with the
+ password "123456".
+* ``ec_public_key.pem`` - Contains the public key corresponding to
+ ``ec_private_key.pem``, generated using OpenSSL.
+* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using
+ OpenSSL, protected by the secret "123456" with DES3 encryption.
+* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using
+ OpenSSL from ``rsa_private_key.pem``.
+* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL;
+ contains no keys.
+* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using
+ OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret
+ "123456" with DES3 encryption.
+* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL
+ from ``dsa_private_key.pem``.
+
+
X.509
~~~~~
* PKITS test suite from `NIST PKI Testing`_.
+* ``v1_cert.pem`` from the OpenSSL source tree (`testx509.pem`_).
+* ``ecdsa_root.pem`` - `DigiCert Global Root G3`_, a ``secp384r1`` ECDSA root
+ certificate.
+
+Custom X.509 Vectors
+~~~~~~~~~~~~~~~~~~~~
+
+* ``invalid_version.pem`` - Contains an RSA 2048 bit certificate with the
+ X.509 version field set to ``0x7``.
+* ``post2000utctime.pem`` - Contains an RSA 2048 bit certificate with the
+ ``notBefore`` and ``notAfter`` fields encoded as post-2000 ``UTCTime``.
+* ``dsa_root.pem`` - Contains a DSA root certificate generated using OpenSSL.
Hashes
~~~~~~
@@ -107,27 +142,8 @@ Creating test vectors
When official vectors are unavailable ``cryptography`` may choose to build
its own using existing vectors as source material.
-Current custom vectors
-~~~~~~~~~~~~~~~~~~~~~~
-
-* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL
- from the curve ``secp256r1``.
-* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as
- ``ec_private_key.pem``, except that it is encrypted with AES-128 with the
- password "123456".
-* ``ec_public_key.pem`` - Contains the public key corresponding to
- ``ec_private_key.pem``, generated using OpenSSL.
-* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using
- OpenSSL, protected by the secret "123456" with DES3 encryption.
-* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using
- OpenSSL from ``rsa_private_key.pem``.
-* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL;
- contains no keys.
-* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using
- OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret
- "123456" with DES3 encryption.
-* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL
- from ``dsa_private_key.pem``.
+Custom Symmetric Vectors
+~~~~~~~~~~~~~~~~~~~~~~~~
.. toctree::
:maxdepth: 1
@@ -174,3 +190,5 @@ header format (substituting the correct information):
.. _`Ed25519 website`: http://ed25519.cr.yp.to/software.html
.. _`NIST SP-800-38B`: http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf
.. _`NIST PKI Testing`: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html
+.. _`testx509.pem`: https://github.com/openssl/openssl/blob/master/test/testx509.pem
+.. _`DigiCert Global Root G3`: http://cacerts.digicert.com/DigiCertGlobalRootG3.crt
diff --git a/vectors/cryptography_vectors/x509/custom/dsa_root.pem b/vectors/cryptography_vectors/x509/custom/dsa_root.pem
new file mode 100644
index 00000000..4348ce81
--- /dev/null
+++ b/vectors/cryptography_vectors/x509/custom/dsa_root.pem
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFWjCCBRqgAwIBAgIJAKNzUuCyFC+GMAkGByqGSM44BAMwZzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgTBVRleGFzMQ8wDQYDVQQHEwZBdXN0aW4xITAfBgNVBAoTGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAxMLUHlDQSBEU0EgQ0EwHhcN
+MTQxMTI3MDUxNDE3WhcNMTQxMjI3MDUxNDE3WjBnMQswCQYDVQQGEwJVUzEOMAwG
+A1UECBMFVGV4YXMxDzANBgNVBAcTBkF1c3RpbjEhMB8GA1UEChMYSW50ZXJuZXQg
+V2lkZ2l0cyBQdHkgTHRkMRQwEgYDVQQDEwtQeUNBIERTQSBDQTCCAzowggItBgcq
+hkjOOAQBMIICIAKCAQEAv63mBI43PNTki2d+h4yOWwjAIQKuBOsstcRqUjo68cc9
+FrJPNKSWR4GuflBQDiF3d1SmcL0Zp0INYzCE5VVuM8osDn1UfqX0agegG/hmmuO9
+7AQtmyrl5uz0nwC6nayZq27/FA0s7fci7mLC+XNoV5cURMJdCjPSAX3DbWgqEFT+
+KpQo3aNVqFHObm1h4D5Bn9TKTnAzE3Q9hsqohZMPYu1b80LYFlYnaB6cwyRLpyqi
+IUhACmu+gBVOhV0ELJ3Co0BfHlF76d6lBWL1bak/YIX4RKfnBcHwQ+ZXUcWDuA0p
+ED5ZDMsm79qgiT2DPjZGjzkHz8p4ijy3kPA0HIoxvwIVAIIv9dI04HO5Ac9ZQfWO
+H1OOcdQNAoIBAEt87XHcNTll7MENRBqaBvwklDoy1mQp3V70TUPmfXidmXcK7DLA
+QV3JKXCICHLaRf743R4RWj5IATh7ptdVhh8GL9O26eqOJkEVIzm4KDFbFSjubHt5
+RY0h89uXP2/DA/k5cXTCeZ3SNRKCqi2IQsNXpzSVu6rEkyeGQUxV5g1zFp9XYQNv
+uinp7r+wSfijsbfO5vP7+hNiBfEwvuLPW5w43BCV1ABvLnMzXAc1LGQTChqyuJ8T
+tI9ijTzDhovuzpu3vq3p+DDqzG+iQUJcCz/MDfQWoMife/NWaNdl7JXNz76cr/Sc
+/BVsZox2+mJHZ2ptOslFhEoINQnGobQ2usoDggEFAAKCAQBMCL/l8tdmScgKz31D
+H2riEksheryMn2rKd23fqUU7ZlbxPlQ2hM1fZDGjFDd9Kr+gaLcIDLjdwGWvwt6l
+WfC1hMl6KyNbm2m0a8beGu1CKm80GDJhi8quIZiro4gJna+wX/C17+yzsK4WmmLh
+xyAir1CuaK87AzwY5u7B999GksRWzK+3nMfgjaCleG6YFs7aZR1htLt7gcJ4Pal8
+6mLfZ69ehZkf3BOv8Q/GDgZYY4a5a7eNZXUPVC+GlR4FptgbqtvNNaLlytQRmSOu
+aiACCRo9FwF/k8UpcBE83BGZcLkHTKUG6skcPdN2Ml30r2s5Ee8mfSZiOlocXfSm
+0T8co4HMMIHJMB0GA1UdDgQWBBSk+4h6E/zeswO7rpod7KcvElpUGzCBmQYDVR0j
+BIGRMIGOgBSk+4h6E/zeswO7rpod7KcvElpUG6FrpGkwZzELMAkGA1UEBhMCVVMx
+DjAMBgNVBAgTBVRleGFzMQ8wDQYDVQQHEwZBdXN0aW4xITAfBgNVBAoTGEludGVy
+bmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UEAxMLUHlDQSBEU0EgQ0GCCQCjc1Lg
+shQvhjAMBgNVHRMEBTADAQH/MAkGByqGSM44BAMDLwAwLAIUJcSoSpNqsxHuAX08
+vZo8ZQuzrkoCFF0wxktDJoa9+SVxa07QWRhDlrzO
+-----END CERTIFICATE-----
diff --git a/vectors/cryptography_vectors/x509/custom/invalid_version.pem b/vectors/cryptography_vectors/x509/custom/invalid_version.pem
new file mode 100644
index 00000000..84a55626
--- /dev/null
+++ b/vectors/cryptography_vectors/x509/custom/invalid_version.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDjjCCAnagAwIBBwITBlqtEggCEIn2HtsUzORK3EHP0zANBgkqhkiG9w0BAQUF
+ADBXMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxDzANBgNVBAcMBkF1c3Rp
+bjENMAsGA1UECgwEUHlDQTEYMBYGA1UEAwwPQ3J5cHRvZ3JhcGh5IENBMB4XDTE0
+MTEyNjE0NDQ1N1oXDTM0MTEyMTIwNDQ1N1owVzELMAkGA1UEBhMCVVMxDjAMBgNV
+BAgMBVRleGFzMQ8wDQYDVQQHDAZBdXN0aW4xDTALBgNVBAoMBFB5Q0ExGDAWBgNV
+BAMMD0NyeXB0b2dyYXBoeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAJZPCfKbFZQ5G5gYdXbxPq7o1DFaYzeWOqBzR4M1iE1gnDTw/ZQXExVVIZga
+QU3aiiL1hZ+9NdWvmViDKlj4Qa7+8FxHhuq/Weri/itFhMcEuGs+iTclWc/H1M5J
+3OChClzKcugeOPP/ZevZXiKSB4pGd+b6esw40WSmIWBqwKpQOu8DxXX1LCP+xS9j
+ZlARDS2VqD/LP6ZbTd5odOX6kMi4dm9mVnfREUL79hMShTPt2BB7muKm2yNWmJuh
+npUWTyl0P7r+lgr1y1E+u+3YbThWe7hk2Ra21J1Xpba4v1j5WR0+IfwjbJIJA7up
+eeqB3rrZBJmPyKGVX6m8gXiYtR8CAwEAAaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAd
+BgNVHQ4EFgQUrc6wKzvf3ST5Tk+Idr37QF9pIjMwHwYDVR0jBBgwFoAUrc6wKzvf
+3ST5Tk+Idr37QF9pIjMwDQYJKoZIhvcNAQEFBQADggEBACZusajSqo9wL+Rjn0EA
+kM92FglKgZ7K3Bp1O9MPp740ytnueY7lWduiPuEjcUQUeI2nBfQYJRoucPLi/2dD
+jJgxK6BoYwvm5VJH3g65G39EYnz3L8IUCYGKJ75nffVYvlqcJkfNO+lxt11hGXMA
+w/QOdv4TsfjVVbLMcbhKtrMh5iaB5+QbcoBx21i8opg1qi3pwJ8Tgj6JxsKTjlc0
+xoZWDjPao8/dpvbfMsJwlHazZFAPdknZN8/oo0M5DWBQuxiFNoXllDsHrZNN8TAk
+Xvr/2XumAxgJJmxDqSbRBDXnwAzj9Jq3ITl4bJ8Nw9sPpS920Owv0xKtQILbo+RR
+tcA=
+-----END CERTIFICATE-----
diff --git a/vectors/cryptography_vectors/x509/custom/post2000utctime.pem b/vectors/cryptography_vectors/x509/custom/post2000utctime.pem
new file mode 100644
index 00000000..ce5c058b
--- /dev/null
+++ b/vectors/cryptography_vectors/x509/custom/post2000utctime.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID8DCCAtigAwIBAgIJAKBstLlV9/TbMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxETAPBgNVBAMTCEhlbGxvIENBMB4XDTE0MTEyNjIxNDEy
+MFoXDTE0MTIyNjIxNDEyMFowWDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDERMA8GA1UE
+AxMISGVsbG8gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwOvcC
+BZ4n8eIoS1a7smwDkVO/gfKVtzpJEymQZF7eTS2gqRPELn0401iaANOUDRlPbm2H
+fC74EtoionXoPYvnhkZ0i05/I9EOhz/XL1ehPexzL8VqsTixuzCDmbtBLNc5IU73
+FOGXbglgNAXiVWKZoFUiUQrEV0216css9fmej0jBaWqz6i1tLdq31OGzFxiLdqVy
+l39uzgpK05bwFQ59ixqZhsDLkFJ+wmylbikUwnDSoZi2MvqKL9pVB509OYZLb7lt
+2+Mxyss8uHg6hJTMzNiGo1JQeIR8oByl+APokhRAPopLVJlTnAuG96DapFsgSo4H
+nYpbA9t7obo9cBGnAgMBAAGjgbwwgbkwHQYDVR0OBBYEFNjoncd35EcmVvGGRpWp
+9mt7BACuMIGJBgNVHSMEgYEwf4AU2Oidx3fkRyZW8YZGlan2a3sEAK6hXKRaMFgx
+CzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRl
+cm5ldCBXaWRnaXRzIFB0eSBMdGQxETAPBgNVBAMTCEhlbGxvIENBggkAoGy0uVX3
+9NswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAjg9y/L6+R1Wryvds
+jOC64XzeTbFikWOOGxzgSpPNtMRKNIYHCYbFqIDBT9+El+fSibJjDMsh0ko9GqGy
+2HSCB/Oh4WzN+Nqop+oaM9SXdPUT7fCScL2OZltjAKEPADZqWQdpBetjzxCoGgyn
+im7zEn9ssvb7f5R/ziKjDYAEjCQ7osGlTEJf4SMQ6Kc3Y49JIDVNTM4ly9neol5q
+L+DYV5pcjZKbknW+Ihl1R58/dQdbys8JUmUjtf1n92g/PNpCD6ux6eb8JrwGSc9h
+uwUdaTL6w3Bmuxb1WQPf54U9xeUF4qEPu6T56ToNO1O3+jSwXXum7vhpv8NLjlFP
+1UGfdQ==
+-----END CERTIFICATE-----
diff --git a/vectors/cryptography_vectors/x509/ecdsa_root.pem b/vectors/cryptography_vectors/x509/ecdsa_root.pem
new file mode 100644
index 00000000..bc20c1e1
--- /dev/null
+++ b/vectors/cryptography_vectors/x509/ecdsa_root.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw
+EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x
+IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF
+K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG
+fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO
+Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx
+AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/
+oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8
+sycX
+-----END CERTIFICATE-----
diff --git a/vectors/cryptography_vectors/x509/v1_cert.pem b/vectors/cryptography_vectors/x509/v1_cert.pem
new file mode 100644
index 00000000..8a85d149
--- /dev/null
+++ b/vectors/cryptography_vectors/x509/v1_cert.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
+MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
+/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
+Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
+zl9HYIMxATFyqSiD9jsx
+-----END CERTIFICATE-----
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-24 18:32:28 +0000