mbedtls/tests/data_files
Manuel Pégourié-Gonnard 179c227203 Fix CA encoding issue with gnutls-cli
In the 2.7 branch, test-ca.crt has all the components of its Subject name
encoded as PrintableString, because it's generated with our cert_write
program, and our code writes all components that way until Mbed TLS 2.14.

But the default RSA SHA-256 certificate, server2-sha256.crt, has the O and CN
components of its Issuer name encoded as UTF8String, because it was generated
with OpenSSL and that's what OpenSSL does, regardless of how those components
were encoded in the CA's Subject name.

This triggers some overly strict behaviour in some libraries, most notably NSS
and GnuTLS (of interest to us in ssl-opt.sh) which won't recognize the trusted
root as a possible parent for the presented certificate, see for example:
https://github.com/ARMmbed/mbedtls/issues/1033

Fortunately, we have at our disposal a version of test-ca.crt with encodings
matching the ones in server2-sha256.crt, in the file test-ca_utf8.crt. So
let's append that to gnutls-cli's list of trusted roots, so that it recognizes
certs signed by this CA but with the O and CN components as UTF8String.

Note: Since https://github.com/ARMmbed/mbedtls/pull/1641 was merged (in Mbed
TLS 2.14), we changed how we encode those components, so in the 2.16 branch,
cert_write generates test-ca.crt with encodings that matches the ones used by
openssl when generating server2-sha256.crt, so the issue of gnutls-cli
rejecting server2-sha256.crt is specific to the 2.7 branch.
2020-02-03 15:55:43 +01:00
..
dir1 Add tests for x509_crt_parse_path() 2013-11-28 18:07:39 +01:00
dir2 Add tests for x509_crt_parse_path() 2013-11-28 18:07:39 +01:00
dir3 Add tests for x509_crt_parse_path() 2013-11-28 18:07:39 +01:00
dir4 Add test case for root with max_pathlen=0 2015-11-19 11:10:33 +01:00
dir-maxpath Improve Readme for long test certificate chains 2017-07-26 13:49:38 +01:00
.gitignore Test that SHA-1 defaults off 2017-06-06 18:44:14 +02:00
bitstring-in-dn.pem Add test certificate for bitstring in DN 2015-03-27 13:11:33 +01:00
cert_example_multi_nocn.crt Replace expired test certificate 2014-01-22 13:03:42 +01:00
cert_example_multi.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_example_wildcard.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_md2.crt Add MD[245] test CRTs to tree 2019-06-03 16:22:01 +01:00
cert_md4.crt Add MD[245] test CRTs to tree 2019-06-03 16:22:01 +01:00
cert_md5.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_sha1.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_sha224.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_sha256.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_sha384.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_sha512.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cert_v1_with_ext.crt Support faulty X509 v1 certificates with extensions 2013-09-23 15:01:36 +02:00
cli2.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
cli2.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
cli-rsa-sha1.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cli-rsa-sha256.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
cli-rsa.key Added SHA256 test certificates 2017-06-06 18:44:13 +02:00
cli.opensslconf Added SHA256 test certificates 2017-06-06 18:44:13 +02:00
crl_cat_ec-rsa.pem Add tests for concatenated CRLs 2014-11-19 16:08:34 +01:00
crl_cat_ecfut-rsa.pem Update soon to be expired crl 2019-07-10 16:58:56 +03:00
crl_cat_rsa-ec.pem Add tests for concatenated CRLs 2014-11-19 16:08:34 +01:00
crl_cat_rsabadpem-ec.pem Add tests for concatenated CRLs 2014-11-19 16:08:34 +01:00
crl_expired.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_md2.pem - Added extra X509 regression and coverage tests 2009-07-19 20:30:14 +00:00
crl_md4.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_md5.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_sha1.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_sha224.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_sha256.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_sha384.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl_sha512.pem - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
crl-ec-sha1.pem Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
crl-ec-sha224.pem Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
crl-ec-sha256.pem Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
crl-ec-sha384.pem Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
crl-ec-sha512.pem Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
crl-future.pem Add x509_time_future() 2014-03-13 19:25:06 +01:00
crl-idp.pem x509: CRL: reject unsupported critical extensions 2018-03-14 09:24:12 +01:00
crl-idpnc.pem fixup previous commit: add forgotten file 2018-03-14 14:10:19 +01:00
crl-malformed-trailing-spaces.pem Add test for infinite loop in CRL parse 2017-01-19 17:10:51 +00:00
crl-rsa-pss-sha1-badsign.pem Also verify CRLs signed with RSASSA-PSS 2014-06-05 17:59:55 +02:00
crl-rsa-pss-sha1.pem Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
crl-rsa-pss-sha224.pem Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
crl-rsa-pss-sha256.pem Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
crl-rsa-pss-sha384.pem Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
crl-rsa-pss-sha512.pem Parse CRLs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
crl.pem Update soon to be expired crl 2019-07-10 16:58:56 +03:00
crt_cat_rsaexp-ec.pem Add tests for concatenated CRLs 2014-11-19 16:08:34 +01:00
dh.1000.pem Add tests for dhm_min_bitlen 2015-06-17 14:27:38 +02:00
dh.optlen.pem Add test case for dh params with privateValueLength 2015-04-15 13:50:29 +02:00
dhparams.pem Add test for dhm_parse_dhmfile 2014-04-04 16:42:44 +02:00
ec_224_prv.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_224_pub.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_256_long_prv.pem pk_write test cases with short/long private key 2018-09-04 11:16:42 +02:00
ec_256_prv.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_256_pub.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_384_prv.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_384_pub.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_521_prv.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_521_pub.pem Add test for EC keys with all curves. 2013-08-16 14:00:52 +02:00
ec_521_short_prv.pem pk_write test cases with short/long private key 2018-09-04 11:16:42 +02:00
ec_bp256_prv.pem Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
ec_bp256_pub.pem Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
ec_bp384_prv.pem Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
ec_bp384_pub.pem Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
ec_bp512_prv.pem Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
ec_bp512_pub.pem Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
ec_prv.pk8.der Add tests for x509parse_key_ec() 2013-07-08 17:32:26 +02:00
ec_prv.pk8.pem Add tests for x509parse_key_ec() 2013-07-08 17:32:26 +02:00
ec_prv.pk8.pw.der Adapt test files to supported PKCS#8 modes 2013-07-08 17:32:26 +02:00
ec_prv.pk8.pw.pem Adapt test files to supported PKCS#8 modes 2013-07-08 17:32:26 +02:00
ec_prv.pk8nopub.der Fix parsing of PKCS#8 encoded Elliptic Curve keys. 2018-03-28 11:29:21 +02:00
ec_prv.pk8nopub.pem Fix parsing of PKCS#8 encoded Elliptic Curve keys. 2018-03-28 11:29:21 +02:00
ec_prv.pk8nopubparam.der Fix parsing of PKCS#8 encoded Elliptic Curve keys. 2018-03-28 11:29:21 +02:00
ec_prv.pk8nopubparam.pem Fix parsing of PKCS#8 encoded Elliptic Curve keys. 2018-03-28 11:29:21 +02:00
ec_prv.pk8param.der Fix parsing of PKCS#8 encoded Elliptic Curve keys. 2018-03-28 11:29:21 +02:00
ec_prv.pk8param.pem Fix parsing of PKCS#8 encoded Elliptic Curve keys. 2018-03-28 11:29:21 +02:00
ec_prv.sec1.der Add tests for x509parse_key_ec() 2013-07-08 17:32:26 +02:00
ec_prv.sec1.pem Add tests for x509parse_key_ec() 2013-07-08 17:32:26 +02:00
ec_prv.sec1.pw.pem Add tests for x509parse_key_ec() 2013-07-08 17:32:26 +02:00
ec_prv.specdom.der Add test for SpecifiedECDomain 2014-03-19 16:50:59 +01:00
ec_pub.der Complete x509parse_public_key_ec() 2013-07-08 17:32:26 +02:00
ec_pub.pem Complete x509parse_public_key_ec() 2013-07-08 17:32:26 +02:00
enco-ca-prstr.pem Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
enco-cert-utf8str.pem Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
format_gen.key - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
format_gen.pub - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
format_pkcs12.fmt - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
format_rsa.key - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
hash_file_1 - Added shax_file tests and data files 2009-07-05 11:30:16 +00:00
hash_file_2 - Added shax_file tests and data files 2009-07-05 11:30:16 +00:00
hash_file_3 - Added shax_file tests and data files 2009-07-05 11:30:16 +00:00
hash_file_4 - Added shax_file tests and data files 2009-07-05 11:30:16 +00:00
hash_file_5 Add RIPEMD-160 to the generic MD layer 2014-01-17 20:41:32 +01:00
keyUsage.decipherOnly.crt Add parsing/printing for new X.509 keyUsage flags 2015-06-23 13:09:10 +02:00
Makefile Fix CA encoding issue with gnutls-cli 2020-02-03 15:55:43 +01:00
mpi_10 Increase MPI_MAX_BYTES to allow RSA 8192 2014-10-15 22:06:46 +02:00
mpi_too_big Increase MPI_MAX_BYTES to allow RSA 8192 2014-10-15 22:06:46 +02:00
passwd.psk GnuTLS in compat.sh: server-side 2014-03-14 08:41:02 +01:00
print_c.pl Document test data makefile 2017-06-06 18:44:14 +02:00
Readme-x509.txt Add tests for spurious certs in the chain 2018-03-05 12:56:49 +01:00
rsa512.key RSA: Fix buffer overflow in PSS signature verification 2017-10-17 19:01:38 +02:00
rsa521.key RSA: Fix buffer overflow in PSS signature verification 2017-10-17 19:01:38 +02:00
rsa522.key RSA: Fix buffer overflow in PSS signature verification 2017-10-17 19:01:38 +02:00
rsa528.key RSA: Fix buffer overflow in PSS signature verification 2017-10-17 19:01:38 +02:00
rsa4096_prv.pem Fix buffer size in pk_write_*_pem() 2014-08-14 11:34:35 +02:00
rsa4096_pub.pem Fix buffer size in pk_write_*_pem() 2014-08-14 11:34:35 +02:00
rsa_pkcs1_1024_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_1024_aes128.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_1024_aes192.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_1024_aes256.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_1024_clear.pem Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
rsa_pkcs1_1024_des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_2048_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_2048_aes128.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_2048_aes192.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_2048_aes256.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_2048_clear.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_2048_des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_4096_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_4096_aes128.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_4096_aes192.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_4096_aes256.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_4096_clear.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs1_4096_des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_1024_2des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_1024_2des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_1024_3des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_1024_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_1024_rc4_128.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_1024_rc4_128.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_2048_2des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_2048_2des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_2048_3des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_2048_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_2048_rc4_128.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_2048_rc4_128.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_4096_2des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_4096_2des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_4096_3des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_4096_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_4096_rc4_128.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbe_sha1_4096_rc4_128.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha256.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha512.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha256.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des_sha512.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_1024_des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_1024_des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha256.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha512.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_2048_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha256.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des_sha512.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_2048_des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_2048_des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha256.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha512.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_4096_3des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.der data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des_sha512.pem data_files/pkcs8-v2: add keys generated with PRF != SHA1 2018-02-08 17:18:19 +08:00
rsa_pkcs8_pbes2_pbkdf2_4096_des.der Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
rsa_pkcs8_pbes2_pbkdf2_4096_des.pem Unify naming schemes for RSA keys 2017-09-29 20:05:23 +01:00
secp521r1_prv.der Add a test for signing content with a long ECDSA key 2019-06-10 11:48:38 +02:00
server1_ca.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1_csr.opensslconf Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
server1-ms.req.sha256 Add additional test case for alternative CSR headers 2018-12-05 23:23:28 +00:00
server1-nospace.crt ssl-opt.sh: address some robustness issues 2014-03-26 14:21:34 +01:00
server1-v1.crt Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
server1.cert_type_noauthid.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1.cert_type.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1.cert_type.crt.openssl.v3_ext Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
server1.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1.crt.openssl.v3_ext Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
server1.csr Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
server1.ext_ku.crt Print extended key usage in x509_crt_info() 2014-04-04 14:01:39 +02:00
server1.key - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.key_usage_noauthid.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1.key_usage.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1.key_usage.crt.openssl.v3_ext Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
server1.noauthid.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server1.pubkey Add test for x509write_pubkey_pem() 2013-09-12 11:57:01 +02:00
server1.req.cert_type Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:10:55 +00:00
server1.req.cert_type_empty Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:10:55 +00:00
server1.req.key_usage Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:10:55 +00:00
server1.req.key_usage_empty Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:10:55 +00:00
server1.req.ku-ct Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:10:55 +00:00
server1.req.md4 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.req.md5 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.req.sha1 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.req.sha224 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.req.sha256 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.req.sha384 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.req.sha512 - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
server1.v1.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server2-badsign.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server2-sha256.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server2-v1-chain.crt Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
server2-v1.crt Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
server2.crt Create certificates with correct string formatting 2019-07-10 17:23:06 +03:00
server2.key - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
server2.ku-ds_ke.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server2.ku-ds.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server2.ku-ka.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server2.ku-ke.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server3.crt Add test files for EC cert & crl validation 2013-08-20 20:21:02 +02:00
server3.key Add some more x509_verify tests 2013-08-20 20:46:03 +02:00
server4.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server4.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5-badsign.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5-der0.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-der1a.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-der1b.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-der2.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-der4.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-der8.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-der9.crt x509: trailing bytes in DER: add integration tests 2016-02-17 10:11:21 +00:00
server5-expired.crt Reject certs and CRLs from the future 2014-03-13 19:25:06 +01:00
server5-future.crt Add x509_time_future() 2014-03-13 19:25:06 +01:00
server5-selfsigned.crt Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
server5-sha1.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5-sha224.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5-sha384.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5-sha512.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5-ss-expired.crt Add tests for flags passed to f_vrfy 2018-03-05 13:01:02 +01:00
server5-ss-forgeca.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
server5.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5.eku-cli.crt Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
server5.eku-cs_any.crt Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
server5.eku-cs.crt Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
server5.eku-srv_cli.crt Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
server5.eku-srv.crt Add x509_crt_check_extended_key_usage() 2014-04-11 11:09:00 +02:00
server5.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server5.ku-ds.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server5.ku-ka.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server5.ku-ke.crt Check keyUsage in SSL client and server 2014-04-09 15:50:57 +02:00
server5.req.ku.sha1 Add tests for (named) bitstring to suite_asn1write 2019-02-11 21:10:55 +00:00
server5.req.sha1 Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
server5.req.sha224 Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
server5.req.sha256 Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
server5.req.sha384 Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
server5.req.sha512 Add tests for parsing CSRs 2014-06-02 16:10:29 +02:00
server6-ss-child.crt Restore ability to trust non-CA selfsigned EE cert 2014-06-25 11:26:13 +02:00
server6.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server6.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server7_all_space.crt Accept spaces at end of line/buffer in base64 2014-10-15 23:53:33 +02:00
server7_int-ca_ca2.crt Add tests for verify callback 2015-09-01 17:24:42 +02:00
server7_int-ca-exp.crt Add tests for flags passed to f_vrfy 2018-03-05 13:01:02 +01:00
server7_int-ca.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server7_pem_space.crt Accept spaces at end of line/buffer in base64 2014-10-15 23:53:33 +02:00
server7_spurious_int-ca.crt Add tests for spurious certs in the chain 2018-03-05 12:56:49 +01:00
server7_trailing_space.crt Accept a trailing space at end of PEM lines 2015-07-31 11:11:26 +02:00
server7-badsign.crt Add test for bad signature with longer chain 2018-03-05 12:53:39 +01:00
server7-expired.crt Add test for expired cert in longer chain 2018-03-05 12:53:23 +01:00
server7-future.crt Add test for expired cert in longer chain 2018-03-05 12:53:23 +01:00
server7.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server7.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server8_int-ca2.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server8.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server8.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
server9-bad-mgfhash.crt Add pathological RSASSA-PSS test certificates 2014-06-07 11:21:52 +02:00
server9-bad-saltlen.crt Add pathological RSASSA-PSS test certificates 2014-06-07 11:21:52 +02:00
server9-badsign.crt Add basic PSS cert verification 2014-06-04 12:09:08 +02:00
server9-defaults.crt Add RSASSA-PSS certificate with all defaults 2014-06-05 18:00:08 +02:00
server9-sha224.crt Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
server9-sha256.crt Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
server9-sha384.crt Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
server9-sha512.crt Finish parsing RSASSA-PSS parameters 2014-06-02 16:10:29 +02:00
server9-with-ca.crt Add basic PSS cert verification 2014-06-04 12:09:08 +02:00
server9.crt Basic parsing of certs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
server9.key Basic parsing of certs signed with RSASSA-PSS 2014-06-02 16:10:29 +02:00
server9.req.sha1 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
server9.req.sha224 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
server9.req.sha256 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
server9.req.sha384 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
server9.req.sha512 Parse CSRs signed with RSASSA-PSS 2014-06-02 16:10:30 +02:00
server10_int3_int-ca2_ca.crt Add tests for spurious certs in the chain 2018-03-05 12:56:49 +01:00
server10_int3_int-ca2.crt Add tests for spurious certs in the chain 2018-03-05 12:56:49 +01:00
server10_int3_spurious_int-ca2.crt Add tests for spurious certs in the chain 2018-03-05 12:56:49 +01:00
server10.key Add tests for verify callback 2015-09-01 17:24:42 +02:00
test-ca2_cat-future-invalid.crt Add tests for out flags from x509_crt_verify_top() 2017-01-20 13:52:01 +00:00
test-ca2_cat-future-present.crt X509: Future CA among trusted: add unit tests 2016-03-09 19:32:10 +00:00
test-ca2_cat-past-invalid.crt Add tests for out flags from x509_crt_verify_top() 2017-01-20 13:52:01 +00:00
test-ca2_cat-past-present.crt X509: Future CA among trusted: add more tests 2016-03-09 19:32:10 +00:00
test-ca2_cat-present-future.crt X509: Future CA among trusted: add unit tests 2016-03-09 19:32:10 +00:00
test-ca2_cat-present-past.crt X509: Future CA among trusted: add more tests 2016-03-09 19:32:10 +00:00
test-ca2-expired.crt Add tests for flags passed to f_vrfy 2018-03-05 13:01:02 +01:00
test-ca2.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
test-ca2.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
test-ca2.ku-crl.crt Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
test-ca2.ku-crt_crl.crt Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
test-ca2.ku-crt.crt Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
test-ca2.ku-ds.crt Add keyUsage checking for CAs 2014-04-09 15:50:58 +02:00
test-ca_cat12.crt Create certificates with correct string formatting 2019-07-10 17:23:06 +03:00
test-ca_cat12u.crt Fix CA encoding issue with gnutls-cli 2020-02-03 15:55:43 +01:00
test-ca_cat21.crt Create certificates with correct string formatting 2019-07-10 17:23:06 +03:00
test-ca_printable.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca_uppercase.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca_utf8.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-alt-good.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-alt.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-alt.csr Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-alt.key Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-good-alt.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-sha1.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-sha256.crt Update certificates to expire in 2029 2019-07-10 17:23:06 +03:00
test-ca-v1.crt Restore ability to use v1 CA if trusted locally 2014-06-25 11:26:12 +02:00
test-ca.crt Create certificates with correct string formatting 2019-07-10 17:23:06 +03:00
test-ca.key - Corrected parsing of UTCTime dates before 1990 and after 1950 2011-02-20 10:40:16 +00:00
test-ca.opensslconf Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted 2018-03-23 02:12:44 +01:00
test-ca.server1.db Update soon to be expired crl 2019-07-10 16:58:56 +03:00
test-ca.server1.opensslconf Extend tests/data_files/Makefile to include CRT's for CRT write test 2017-09-14 07:51:28 +01:00
test-int-ca2.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
test-int-ca2.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
test-int-ca3.crt Add tests for verify callback 2015-09-01 17:24:42 +02:00
test-int-ca3.key Add tests for verify callback 2015-09-01 17:24:42 +02:00
test-int-ca-exp.crt Add tests for flags passed to f_vrfy 2018-03-05 13:01:02 +01:00
test-int-ca.crt Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00
test-int-ca.key Update EC certs to use NIST-256 and NIST-384 2013-09-24 21:25:54 +02:00