f040a17604
With SHA-1 deprecation, we need a few certificates using algorithms in the default support list. Most tests still use SHA-1 though. The generation process for the new certificates is recorded in the makefile.
108 lines
4.3 KiB
Plaintext
108 lines
4.3 KiB
Plaintext
This documents the X.509 CAs, certificates, and CRLS used for testing.
|
|
|
|
Certification authorities
|
|
-------------------------
|
|
|
|
There are two main CAs for use as trusted roots:
|
|
- test-ca.crt aka "C=NL, O=PolarSSL, CN=PolarSSL Test CA"
|
|
uses a RSA-2048 key
|
|
test-ca-sha1.crt and test-ca-sha256.crt use the same key, signed with
|
|
different hashes.
|
|
- test-ca2*.crt aka "C=NL, O=PolarSSL, CN=Polarssl Test EC CA"
|
|
uses an EC key with NIST P-384 (aka secp384r1)
|
|
variants used to test the keyUsage extension
|
|
The files test-ca_cat12 and test-ca_cat21 contain them concatenated both ways.
|
|
|
|
Two intermediate CAs are signed by them:
|
|
- test-int-ca.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA"
|
|
uses RSA-4096, signed by test-ca2
|
|
- test-int-ca2.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA"
|
|
uses an EC key with NIST P-256, signed by test-ca
|
|
|
|
A third intermediate CA is signed by test-int-ca2.crt:
|
|
- test-int-ca3.crt "C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3"
|
|
|
|
Finally, other CAs for specific purposes:
|
|
- enco-ca-prstr.pem: has its CN encoded as a printable string, but child cert
|
|
enco-cert-utf8str.pem has its issuer's CN encoded as a UTF-8 string.
|
|
- test-ca-v1.crt: v1 "CA", signs
|
|
server1-v1.crt: v1 "intermediate CA", signs
|
|
server2-v1*.crt: EE cert (without of with chain in same file)
|
|
- keyUsage.decipherOnly.crt: has the decipherOnly keyUsage bit set
|
|
|
|
End-entity certificates
|
|
-----------------------
|
|
|
|
Short information fields:
|
|
|
|
- name or pattern
|
|
- issuing CA: 1 -> test-ca.crt
|
|
2 -> test-ca2.crt
|
|
I1 -> test-int-ca.crt
|
|
I2 -> test-int-ca2.crt
|
|
I3 -> test-int-ca3.crt
|
|
O -> other
|
|
- key type: R -> RSA, E -> EC
|
|
- C -> there is a CRL revoking this cert (see below)
|
|
- L -> CN=localhost (useful for local test servers)
|
|
- P1, P2 if the file includes parent (resp. parent + grandparent)
|
|
- free-form comments
|
|
|
|
List of certificates:
|
|
|
|
- cert_example_multi*.crt: 1/O R: subjectAltName
|
|
- cert_example_wildcard.crt: 1 R: wildcard in subject's CN
|
|
- cert_md*.crt, cert_sha*.crt: 1 R: signature hash
|
|
- cert_v1_with_ext.crt: 1 R: v1 with extensions (illegal)
|
|
- cli2.crt: 2 E: basic
|
|
- cli-rsa.key, cli-rsa-*.crt: RSA key used for test clients, signed by
|
|
the RSA test CA.
|
|
- enco-cert-utf8str.pem: see enco-ca-prstr.pem above
|
|
- server1*.crt: 1* R C* P1*: misc *(server1-v1 see test-ca-v1.crt above)
|
|
*CRL for: .cert_type.crt, .crt, .key_usage.crt, .v1.crt
|
|
P1 only for _ca.crt
|
|
- server2-v1*.crt: O R: see test-ca-v1.crt above
|
|
- server2*.crt: 1 R L: misc
|
|
- server3.crt: 1 E L: EC cert signed by RSA CA
|
|
- server4.crt: 2 R L: RSA cert signed by EC CA
|
|
- server5*.crt: 2* E L: misc *(except server5-selfsigned)
|
|
-sha*: hashes
|
|
-eku*: extendeKeyUsage (cli/srv = www client/server, cs = codesign, etc)
|
|
-ku*: keyUsage (ds = signatures, ke/ka = key exchange/agreement)
|
|
- server6-ss-child.crt: O E: "child" of non-CA server5-selfsigned
|
|
- server6.crt, server6.pem: 2 E L C: revoked
|
|
- server7*.crt: I1 E L P1*: EC signed by RSA signed by EC
|
|
*P1 except 7.crt, P2 _int-ca_ca2.crt
|
|
*_space: with PEM error(s)
|
|
- server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2)
|
|
- server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS
|
|
*CRL for: 9.crt, -badsign, -with-ca (P1)
|
|
- server10*.crt: I3 E L P2/P3
|
|
|
|
Certificate revocation lists
|
|
----------------------------
|
|
|
|
Signing CA in parentheses (same meaning as certificates).
|
|
|
|
- crl-ec-sha*.pem: (2) server6.crt
|
|
- crl-future.pem: (2) server6.crt + unknown
|
|
- crl-rsa-pss-*.pem: (1) server9{,badsign,with-ca}.crt + cert_sha384.crt + unknown
|
|
- crl.pem, crl_expired.pem: (1) server1{,.cert_type,.key_usage,.v1}.crt + unknown
|
|
- crl_md*.pem: crl_sha*.pem: (1) same as crl.pem
|
|
- crt_cat_*.pem: (1+2) concatenations in various orders:
|
|
ec = crl-ec-sha256.pem, ecfut = crl-future.pem
|
|
rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem
|
|
|
|
Note: crl_future would revoke server9 and cert_sha384.crt if signed by CA 1
|
|
crl-rsa-pss* would revoke server6.crt if signed by CA 2
|
|
|
|
Generation
|
|
----------
|
|
|
|
Newer test files have been generated through commands in the Makefile. The
|
|
resulting files are committed to the repository so that the tests can
|
|
run without having to re-do the generation and so that the output is the
|
|
same for everyone (the generation process is randomized).
|
|
|
|
The origin of older certificates has not been recorded.
|