aboutsummaryrefslogtreecommitdiffstats
path: root/docs/development/test-vectors.rst
Commit message (Collapse)AuthorAgeFilesLines
* Added a test vector of an OCSP response with SCT extension (#5066)Alex Gaynor2019-11-161-0/+2
|
* Parse single_extensions in OCSP responses (#5059)Paul Kehrer2019-11-111-0/+2
| | | | | | | | | | | | * add single_extensions to OCSPResponse (#4753) * new vector, updateed docs, more stringent parser, changelog, etc * simplify PR (no SCT for now) * add a comment * finish pulling out the sct stuff so tests might actually run
* Finish ed25519 and ed448 support in x509 module (#4972)Marko Kreen2019-09-091-0/+6
| | | | | | | | | | | | | | | | | | * Support ed25519 in csr/crl creation * Tests for ed25519/x509 * Support ed448 in crt/csr/crl creation * Tests for ed448/x509 * Support ed25519/ed448 in OCSPResponseBuilder * Tests for eddsa in OCSPResponseBuilder * Builder check missing in create_x509_csr * Documentation update for ed25519+ed448 in x509
* fix coverage by adding two artificial DSA public keys (#4984)Paul Kehrer2019-09-061-0/+5
| | | | | | | | | | * fix coverage by adding two artificial DSA public keys One key removes the optional parameters from the structure to cover a branch conditional, and the other key has its BITSTRING padding value set to a non-zero value. * lexicographic? never heard of it
* add x509 CSR with challenge password (#4942)Paul Kehrer2019-07-091-0/+2
|
* fix inaccurate ed25519 vector docs (#4938)Paul Kehrer2019-07-061-1/+1
|
* more ed25519 vectors, better description of RFC 8410 vector (#4936)Paul Kehrer2019-07-061-2/+10
| | | | | | | | * more ed25519 vectors, better description of RFC 8410 vector * typo * oops, doc'd wrong
* add ed25519ph x509 test vector (#4933)Paul Kehrer2019-07-031-0/+2
|
* add RSA PSS certificate (#4865)Paul Kehrer2019-05-041-0/+1
| | | | | | * add RSA PSS certificate * i still maintain that 257 is slightly better than 256
* Refs #4830 -- added a vector of an x.509 certificate with a negative … (#4842)Alex Gaynor2019-04-131-0/+2
| | | | | | * Refs #4830 -- added a vector of an x.509 certificate with a negative serial number * Line wrap
* add poly1305 test vectors from rfc 7539 (#4800)Paul Kehrer2019-03-071-0/+5
|
* add ed25519 PKCS8 and subjectPublicKeyInfo vectors (#4719)Paul Kehrer2019-02-201-0/+7
| | | | | | * add ed25519 PKCS8 and subjectPublicKeyInfo vectors * line length fix
* add ed448 PKCS8 and subjectPublicKeyInfo vectors (#4718)Paul Kehrer2019-02-201-0/+7
|
* concede to digicert's garbage CDN (#4747)Paul Kehrer2019-02-031-1/+1
| | | Which, despite supporting HTTPS, is non-deterministically providing 404s and DigiCert has asserted that http is the only "supported" protocol.
* consistently linky RFC in the docs (#4716)Alex Gaynor2019-01-181-1/+1
| | | | | | * consistently linky RFC in the docs * oops
* Update wycheproof commit in docs (#4687)Alex Gaynor2019-01-131-1/+1
|
* add x25519 pkcs8/subjectpublickeyinfo vectors (#4685)Paul Kehrer2019-01-131-0/+7
|
* add signature_hash_algorithm to OCSPResponse (#4681)Paul Kehrer2019-01-101-0/+2
| | | | | | * add signature_hash_algorithm to OCSPResponse * fix pointless asserts
* add x448 private/public PEM/DER pkcs8/subjectpublickeyinfo vectors (#4667)Paul Kehrer2019-01-011-0/+7
|
* DigiCert's root is now available over https (#4664)Alex Gaynor2018-12-301-1/+1
|
* add compressed point EC vectors (#4637)Paul Kehrer2018-12-101-0/+2
|
* add ed448 test vectors (#4608)Paul Kehrer2018-11-241-0/+1
|
* x448 test vectors (#4576)Paul Kehrer2018-11-121-1/+1
|
* another pkcs12 vector (#4557)Paul Kehrer2018-11-041-2/+8
| | | | | | | | * another pkcs12 vector also fixed the pathing to be consistent in the docs for PKCS12 vectors * add a cert with no key pkcs12 as well
* additional pkcs12 test vector (#4554)Paul Kehrer2018-11-031-0/+3
|
* add pkcs12 test vectors (#4535)Paul Kehrer2018-10-301-0/+20
| | | | | | * add pkcs12 test vectors * add more explanatino
* add issuingDistributionPoint vectors (#4537)Paul Kehrer2018-10-291-0/+24
|
* add a new SCT vector (#4528)Paul Kehrer2018-10-271-0/+2
| | | | | | * add a new SCT vector * ridiculous
* next_update is not a required field on OCSP responses (#4513)Paul Kehrer2018-10-231-0/+2
|
* add OCSP request with a request extension (nonce) (#4462)Paul Kehrer2018-09-071-0/+2
|
* More OCSP vectors (#4451)Paul Kehrer2018-09-011-0/+5
| | | | | | | | * yet another ocsp response vector. and yet there will be at least one more after this * add one more
* add LE subordinate certificate to test vectors (#4450)Paul Kehrer2018-09-011-0/+2
|
* add more OCSP response vectors (#4445)Paul Kehrer2018-09-011-0/+7
| | | | | | * add more OCSP response vectors * another vector and better docs
* OCSP response vector (#4443)Paul Kehrer2018-08-311-0/+5
| | | | | | | | | | * OCSP response vector * oops, wrong name * move ocsp response vector docs * make alex happy
* Added vector for pre-certificate poison extension (#4432)Alex Gaynor2018-08-301-0/+2
|
* Fix encoding errors in RSA test keys. (#4410)David Benjamin2018-08-231-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix encoding errors in RSA test keys. enc-rsa-pkcs8.pem and unenc-rsa-pkcs8.pem did not encode the RSA key correctly. Per RFC 8017, appendix A.1: The object identifier rsaEncryption identifies RSA public and private keys as defined in Appendices A.1.1 and A.1.2. The parameters field has associated with this OID in a value of type AlgorithmIdentifier SHALL have a value of type NULL. rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } unenc-rsa-pkcs8.pem, however, was missing that NULL, which was, in turn, carried into the encrypted payload of enc-rsa-pkcs8.pem. The DER version, enc-rsa-pkcs8.der, carries this mistake too. Interestingly, unenc-rsa-pkcs8.der does *not* have it. I'm guessing it was converted with the openssl command-line tool which fixed the encoding in conversion. Current versions of OpenSSL are lax and ignore the parameters field, but it's best to test against spec-compliant inputs. Fix unenc-rsa-pkcs8.pem to match unenc-rsa-pkcs8.der and then refresh enc-rsa-pkcs8.{der,pem} with the new encoding but otherwise the same encryption parameters. I've refreshed the dumpasn1 (at least that's what it looks like) preamble at the top of each file, but the current version of dumpasn1 appears to have changed the spacing slightly, so there's some whitespace diff noise. * Update test-vectors.rst.
* add new OCSP request vectors (#4399)Paul Kehrer2018-08-151-0/+4
|
* Document wycheproof revision we're current as of (#4390)Alex Gaynor2018-08-121-1/+13
| | | | | | | | * Document wycheproof revision we're current as of * Wycheproof is a real word! * line length
* Add SHA512/224 and SHA512/256 test vectors from NIST CAVP (#4237)Paul Kehrer2018-05-141-1/+1
|
* add SHA3 and SHAKE vectors (#4213)Paul Kehrer2018-05-091-0/+2
| | | These can be used when OpenSSL 1.1.1 is released
* Added badtime.pem vector (#4179)Joshua Crowgey2018-03-301-0/+2
| | | | | | | | * Added badtime.pem vector In connection with forthcoming PR to fix #4158 * shortened line, corrected and->and
* add botan's AESKWP vectors reformatted for our NIST loader (#4159)Paul Kehrer2018-03-201-0/+2
|
* brainpool vectors from rfc 7027 (#4143)Paul Kehrer2018-03-151-0/+2
|
* add 1200 byte HKDF test vector and a generator/verifier for it (#4074)Paul Kehrer2018-01-061-2/+4
| | | | | | | | * add 1200 byte HKDF test vector and a generator/verifier for it * exit non-zero when failing * ugh
* remove whirlpool vectors since we no longer support whirlpool (#4054)Paul Kehrer2017-12-101-2/+0
|
* add utf8 DNSName x509 vector (#3952)Paul Kehrer2017-10-091-0/+2
|
* add Freshest CRL and Delta CRL Indicator test vectors (#3932)Paul Kehrer2017-09-201-0/+4
|
* Switch NIST PDFs from nvlpubs to csrc which is HTTPS (#3929)Alex Gaynor2017-09-201-1/+1
|
* add unique identifier test vector (#3925)Paul Kehrer2017-09-191-2/+4
| | | | | | * add unique identifier test vector * wrap a line I didn't even touch...
* Update PKITS link (#3923)Alex Gaynor2017-09-201-1/+1
|