add several new x509 test vectors

1 files changed, 39 insertions, 21 deletions

diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index 8c2d1361..a682562a 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -34,10 +34,45 @@ Asymmetric ciphers
     `enc2-rsa-pkcs8.pem`_ was re-encrypted using a stronger PKCS#8 cipher.
   * `Botan's ECC private keys`_.
 
+Custom Asymmetric Vectors
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL
+  from the curve ``secp256r1``.
+* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as
+  ``ec_private_key.pem``, except that it is encrypted with AES-128 with the
+  password "123456".
+* ``ec_public_key.pem`` - Contains the public key corresponding to
+  ``ec_private_key.pem``, generated using OpenSSL.
+* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using
+  OpenSSL, protected by the secret "123456" with DES3 encryption.
+* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using
+  OpenSSL from ``rsa_private_key.pem``.
+* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL;
+  contains no keys.
+* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using
+  OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret
+  "123456" with DES3 encryption.
+* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL
+  from ``dsa_private_key.pem``.
+
+
 X.509
 ~~~~~
 
 * PKITS test suite from `NIST PKI Testing`_.
+* ``v1_cert.pem`` from the OpenSSL source tree (`testx509.pem`_).
+* ``ecdsa_root.pem`` - `DigiCert Global Root G3`_, a ``secp384r1`` ECDSA root
+  certificate.
+
+Custom X.509 Vectors
+~~~~~~~~~~~~~~~~~~~~
+
+* ``invalid_version.pem`` - Contains an RSA 2048 bit certificate with the
+  X.509 version field set to ``0x7``.
+* ``post2000utctime.pem`` - Contains an RSA 2048 bit certificate with the
+  ``notBefore`` and ``notAfter`` fields encoded as post-2000 ``UTCTime``.
+* ``dsa_root.pem`` - Contains a DSA root certificate generated using OpenSSL.
 
 Hashes
 ~~~~~~
@@ -107,27 +142,8 @@ Creating test vectors
 When official vectors are unavailable ``cryptography`` may choose to build
 its own using existing vectors as source material.
 
-Current custom vectors
-~~~~~~~~~~~~~~~~~~~~~~
-
-* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL
-  from the curve ``secp256r1``.
-* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as
-  ``ec_private_key.pem``, except that it is encrypted with AES-128 with the
-  password "123456".
-* ``ec_public_key.pem`` - Contains the public key corresponding to
-  ``ec_private_key.pem``, generated using OpenSSL.
-* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using
-  OpenSSL, protected by the secret "123456" with DES3 encryption.
-* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using
-  OpenSSL from ``rsa_private_key.pem``.
-* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL;
-  contains no keys.
-* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using
-  OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret
-  "123456" with DES3 encryption.
-* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL
-  from ``dsa_private_key.pem``.
+Custom Symmetric Vectors
+~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. toctree::
     :maxdepth: 1
@@ -174,3 +190,5 @@ header format (substituting the correct information):
 .. _`Ed25519 website`: http://ed25519.cr.yp.to/software.html
 .. _`NIST SP-800-38B`: http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf
 .. _`NIST PKI Testing`: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html
+.. _`testx509.pem`: https://github.com/openssl/openssl/blob/master/test/testx509.pem
+.. _`DigiCert Global Root G3`: http://cacerts.digicert.com/DigiCertGlobalRootG3.crt