From f5ab0deff99c8c73e3a8ef46a4b6e567844b2555 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 30 Oct 2018 12:48:53 +0800 Subject: add pkcs12 test vectors (#4535) * add pkcs12 test vectors * add more explanatino --- docs/development/test-vectors.rst | 20 ++++++++++++++++++++ .../pkcs12/cert-key-aes256cbc.p12 | Bin 0 -> 948 bytes .../pkcs12/cert-none-key-none.p12 | Bin 0 -> 756 bytes .../pkcs12/cert-rc2-key-3des.p12 | Bin 0 -> 854 bytes vectors/cryptography_vectors/x509/custom/ca/ca.pem | 10 ++++++++++ .../cryptography_vectors/x509/custom/ca/ca_key.pem | 5 +++++ 6 files changed, 35 insertions(+) create mode 100644 vectors/cryptography_vectors/pkcs12/cert-key-aes256cbc.p12 create mode 100644 vectors/cryptography_vectors/pkcs12/cert-none-key-none.p12 create mode 100644 vectors/cryptography_vectors/pkcs12/cert-rc2-key-3des.p12 create mode 100644 vectors/cryptography_vectors/x509/custom/ca/ca.pem create mode 100644 vectors/cryptography_vectors/x509/custom/ca/ca_key.pem diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index f585412d..083283b7 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -98,6 +98,9 @@ Custom asymmetric vectors * ``asymmetric/public/PKCS1/rsa.pub.pem`` and ``asymmetric/public/PKCS1/rsa.pub.der`` are PKCS1 conversions of the public key from ``asymmetric/PKCS8/unenc-rsa-pkcs8.pem`` using PEM and DER encoding. +* ``x509/custom/ca/ca_key.pem`` - An unencrypted PCKS8 ``secp256r1`` key. It is + the private key for the certificate ``x509/custom/ca/ca.pem``. This key is + encoded in several of the PKCS12 custom vectors. Key exchange @@ -351,6 +354,9 @@ Custom X.509 Vectors a ``policyConstraints`` extension with a ``requireExplicitPolicy`` value. * ``freshestcrl.pem`` - A self-signed certificate containing a ``freshestCRL`` extension. +* ``ca/ca.pem`` - A self-signed certificate with ``basicConstraints`` set to + true. Its private key is ``ca/ca_key.pem``. This certificate is encoded in + several of the PKCS12 custom vectors. Custom X.509 Request Vectors ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -467,6 +473,20 @@ Custom X.509 OCSP Test Vectors * ``x509/ocsp/req-ext-nonce.der`` - An OCSP request containing a nonce extension. +Custom PKCS12 Test Vectors +~~~~~~~~~~~~~~~~~~~~~~~~~~ +* ``pkcs12/cert-key-aes256cbc.p12`` - A PKCS12 file containing a cert + (``x509/custom/ca/ca.pem``) and key (``x509/custom/ca/ca_key.pem``) + both encrypted with AES 256 CBC with the password ``cryptography``. +* ``pkcs12/cert-none-key-none.p12`` - A PKCS12 file containing a cert + (``x509/custom/ca/ca.pem``) and key (``x509/custom/ca/ca_key.pem``) + with no encryption. The password (used for integrity checking only) is + ``cryptography``. +* ``cert-rc2-key-3des.p12`` - A PKCS12 file containing a cert + (``x509/custom/ca/ca.pem``) encrypted with RC2 and key + (``x509/custom/ca/ca_key.pem``) encrypted via 3DES with the password + ``cryptography``. + Hashes ~~~~~~ diff --git a/vectors/cryptography_vectors/pkcs12/cert-key-aes256cbc.p12 b/vectors/cryptography_vectors/pkcs12/cert-key-aes256cbc.p12 new file mode 100644 index 00000000..5bb25fa0 Binary files /dev/null and b/vectors/cryptography_vectors/pkcs12/cert-key-aes256cbc.p12 differ diff --git a/vectors/cryptography_vectors/pkcs12/cert-none-key-none.p12 b/vectors/cryptography_vectors/pkcs12/cert-none-key-none.p12 new file mode 100644 index 00000000..b3f5c2a8 Binary files /dev/null and b/vectors/cryptography_vectors/pkcs12/cert-none-key-none.p12 differ diff --git a/vectors/cryptography_vectors/pkcs12/cert-rc2-key-3des.p12 b/vectors/cryptography_vectors/pkcs12/cert-rc2-key-3des.p12 new file mode 100644 index 00000000..9041671b Binary files /dev/null and b/vectors/cryptography_vectors/pkcs12/cert-rc2-key-3des.p12 differ diff --git a/vectors/cryptography_vectors/x509/custom/ca/ca.pem b/vectors/cryptography_vectors/x509/custom/ca/ca.pem new file mode 100644 index 00000000..5ca80286 --- /dev/null +++ b/vectors/cryptography_vectors/x509/custom/ca/ca.pem @@ -0,0 +1,10 @@ +-----BEGIN CERTIFICATE----- +MIIBUTCB96ADAgECAgIDCTAKBggqhkjOPQQDAjAnMQswCQYDVQQGEwJVUzEYMBYG +A1UEAwwPY3J5cHRvZ3JhcGh5IENBMB4XDTE3MDEwMTEyMDEwMFoXDTM4MTIzMTA4 +MzAwMFowJzELMAkGA1UEBhMCVVMxGDAWBgNVBAMMD2NyeXB0b2dyYXBoeSBDQTBZ +MBMGByqGSM49AgEGCCqGSM49AwEHA0IABBj/z7v5Obj13cPuwECLBnUGq0/N2CxS +JE4f4BBGZ7VfFblivTvPDG++Gve0oQ+0uctuhrNQ+WxRv8GC177F+QWjEzARMA8G +A1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhANES742XWm64tkGnz8Dn +pG6u2lHkZFQr3oaVvPcemvlbAiEA0WGGzmYx5C9UvfXIK7NEziT4pQtyESE0uRVK +Xw4nMqk= +-----END CERTIFICATE----- diff --git a/vectors/cryptography_vectors/x509/custom/ca/ca_key.pem b/vectors/cryptography_vectors/x509/custom/ca/ca_key.pem new file mode 100644 index 00000000..2fb53941 --- /dev/null +++ b/vectors/cryptography_vectors/x509/custom/ca/ca_key.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgA8Zqz5vLeR0ePZUe +jBfdyMmnnI4U5uAJApWTsMn/RuWhRANCAAQY/8+7+Tm49d3D7sBAiwZ1BqtPzdgs +UiROH+AQRme1XxW5Yr07zwxvvhr3tKEPtLnLboazUPlsUb/Bgte+xfkF +-----END PRIVATE KEY----- -- cgit v1.2.3