• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..--

dir1/11-Mar-2024-8179

dir2/11-Mar-2024-9794

dir3/11-Mar-2024-9995

dir4/11-Mar-2024-641599

Readme-x509.txtD11-Mar-20243.8 KiB9479

bitstring-in-dn.pemD11-Mar-20243.1 KiB5151

cert_example_multi.crtD11-Mar-20244.3 KiB8179

cert_example_multi_nocn.crtD11-Mar-2024749 1413

cert_example_wildcard.crtD11-Mar-20244.1 KiB7876

cert_md2.crtD11-Mar-20244.1 KiB7876

cert_md4.crtD11-Mar-20244.1 KiB7876

cert_md5.crtD11-Mar-20244.1 KiB7876

cert_sha1.crtD11-Mar-20244.1 KiB7876

cert_sha224.crtD11-Mar-20244.1 KiB7876

cert_sha256.crtD11-Mar-20244.1 KiB7876

cert_sha384.crtD11-Mar-20244.1 KiB7876

cert_sha512.crtD11-Mar-20244.1 KiB7876

cert_v1_with_ext.crtD11-Mar-20241.3 KiB2423

cli2.crtD11-Mar-2024814 1514

cli2.keyD11-Mar-2024227 65

crl-ec-sha1.pemD11-Mar-2024552 1110

crl-ec-sha224.pemD11-Mar-2024552 1110

crl-ec-sha256.pemD11-Mar-2024556 1110

crl-ec-sha384.pemD11-Mar-2024552 1110

crl-ec-sha512.pemD11-Mar-2024556 1110

crl-future.pemD11-Mar-2024581 1211

crl-rsa-pss-sha1-badsign.pemD11-Mar-2024796 1514

crl-rsa-pss-sha1.pemD11-Mar-2024796 1514

crl-rsa-pss-sha224.pemD11-Mar-2024914 1716

crl-rsa-pss-sha256.pemD11-Mar-2024914 1716

crl-rsa-pss-sha384.pemD11-Mar-2024914 1716

crl-rsa-pss-sha512.pemD11-Mar-2024914 1716

crl.pemD11-Mar-2024633 1211

crl_cat_ec-rsa.pemD11-Mar-20241.2 KiB2221

crl_cat_ecfut-rsa.pemD11-Mar-20241.2 KiB2322

crl_cat_rsa-ec.pemD11-Mar-20241.2 KiB2221

crl_cat_rsabadpem-ec.pemD11-Mar-20241.2 KiB2221

crl_expired.pemD11-Mar-2024633 1211

crl_md2.pemD11-Mar-2024633 1211

crl_md4.pemD11-Mar-2024633 1211

crl_md5.pemD11-Mar-2024633 1211

crl_sha1.pemD11-Mar-2024633 1211

crl_sha224.pemD11-Mar-2024633 1211

crl_sha256.pemD11-Mar-2024633 1211

crl_sha384.pemD11-Mar-2024633 1211

crl_sha512.pemD11-Mar-2024633 1211

crt_cat_rsaexp-ec.pemD11-Mar-20241.2 KiB2221

dh.1000.pemD11-Mar-20241.2 KiB3529

dh.optlen.pemD11-Mar-20242.4 KiB5953

dhparams.pemD11-Mar-2024245 65

ec_224_prv.pemD11-Mar-2024207 65

ec_224_pub.pemD11-Mar-2024162 54

ec_256_prv.pemD11-Mar-2024227 65

ec_256_pub.pemD11-Mar-2024178 54

ec_384_prv.pemD11-Mar-2024288 76

ec_384_pub.pemD11-Mar-2024215 65

ec_521_prv.pemD11-Mar-2024365 87

ec_521_pub.pemD11-Mar-2024268 76

ec_bp256_prv.pemD11-Mar-2024227 65

ec_bp256_pub.pemD11-Mar-2024178 54

ec_bp384_prv.pemD11-Mar-2024292 76

ec_bp384_pub.pemD11-Mar-2024223 65

ec_bp512_prv.pemD11-Mar-2024361 87

ec_bp512_pub.pemD11-Mar-2024268 76

ec_prv.noopt.derD11-Mar-202467

ec_prv.pk8.derD11-Mar-2024113

ec_prv.pk8.pemD11-Mar-2024209 65

ec_prv.pk8.pw.derD11-Mar-2024148

ec_prv.pk8.pw.pemD11-Mar-2024278 76

ec_prv.sec1.derD11-Mar-202497

ec_prv.sec1.pemD11-Mar-2024195 65

ec_prv.sec1.pw.pemD11-Mar-2024262 97

ec_prv.specdom.derD11-Mar-2024214

ec_pub.derD11-Mar-202475

ec_pub.pemD11-Mar-2024154 54

enco-ca-prstr.pemD11-Mar-2024774 1514

enco-cert-utf8str.pemD11-Mar-2024737 1413

format_gen.keyD11-Mar-2024912 1716

format_gen.pubD11-Mar-2024272 76

format_pkcs12.fmtD11-Mar-20243.3 KiB

format_rsa.keyD11-Mar-2024887 1615

hash_file_1D11-Mar-20245 KiB

hash_file_2D11-Mar-2024153

hash_file_3D11-Mar-202413

hash_file_4D11-Mar-20240

hash_file_5D11-Mar-2024976.6 KiB11

keyUsage.decipherOnly.crtD11-Mar-2024786 1514

keyfileD11-Mar-2024891 1615

keyfile.3desD11-Mar-2024963 1917

keyfile.aes128D11-Mar-2024986 1917

keyfile.aes192D11-Mar-2024986 1917

keyfile.aes256D11-Mar-2024986 1917

keyfile.desD11-Mar-2024958 1917

mpi_10D11-Mar-2024228 21

mpi_too_bigD11-Mar-20242.4 KiB21

passwd.pskD11-Mar-202449 21

pkcs8_pbe_sha1_2des.keyD11-Mar-20241.7 KiB3029

pkcs8_pbe_sha1_3des.derD11-Mar-20241.2 KiB

pkcs8_pbe_sha1_3des.keyD11-Mar-20241.7 KiB3029

pkcs8_pbe_sha1_rc4_128.keyD11-Mar-20241.7 KiB3029

pkcs8_pbes2_pbkdf2_3des.derD11-Mar-20241.3 KiB

pkcs8_pbes2_pbkdf2_3des.keyD11-Mar-20241.8 KiB3130

pkcs8_pbes2_pbkdf2_des.keyD11-Mar-20241.8 KiB3029

rsa4096_prv.pemD11-Mar-20243.2 KiB5251

rsa4096_pub.pemD11-Mar-2024800 1514

server1-nospace.crtD11-Mar-20241.3 KiB2221

server1-v1.crtD11-Mar-20241.1 KiB2019

server1.cert_type.crtD11-Mar-20241.2 KiB2120

server1.crtD11-Mar-20241.2 KiB2120

server1.ext_ku.crtD11-Mar-20241.3 KiB2322

server1.keyD11-Mar-20241.6 KiB2827

server1.key_usage.crtD11-Mar-20241.2 KiB2120

server1.pubkeyD11-Mar-2024451 109

server1.req.cert_typeD11-Mar-2024993 1817

server1.req.key_usageD11-Mar-2024985 1817

server1.req.ku-ctD11-Mar-20241,013 1817

server1.req.md4D11-Mar-2024944 1716

server1.req.md5D11-Mar-2024944 1716

server1.req.sha1D11-Mar-2024944 1716

server1.req.sha224D11-Mar-2024944 1716

server1.req.sha256D11-Mar-2024944 1716

server1.req.sha384D11-Mar-2024944 1716

server1.req.sha512D11-Mar-2024944 1716

server1.v1.crtD11-Mar-20241.1 KiB1918

server10.keyD11-Mar-2024227 65

server10_int3_int-ca2.crtD11-Mar-20244.4 KiB8180

server10_int3_int-ca2_ca.crtD11-Mar-20248.7 KiB161159

server1_ca.crtD11-Mar-20242.4 KiB4241

server2-badsign.crtD11-Mar-20241.1 KiB2120

server2-v1-chain.crtD11-Mar-20242.2 KiB3938

server2-v1.crtD11-Mar-20241.1 KiB2019

server2.crtD11-Mar-20244.1 KiB7876

server2.keyD11-Mar-20241.6 KiB2827

server2.ku-ds.crtD11-Mar-20241.3 KiB2221

server2.ku-ds_ke.crtD11-Mar-20241.3 KiB2221

server2.ku-ka.crtD11-Mar-20241.3 KiB2221

server2.ku-ke.crtD11-Mar-20241.3 KiB2221

server3.crtD11-Mar-2024973 1817

server3.keyD11-Mar-2024195 65

server4.crtD11-Mar-20241 KiB1918

server4.keyD11-Mar-20241.6 KiB2827

server5-badsign.crtD11-Mar-2024798 1514

server5-der0.crtD11-Mar-2024547

server5-der1a.crtD11-Mar-2024548

server5-der1b.crtD11-Mar-2024548

server5-der2.crtD11-Mar-2024549

server5-der4.crtD11-Mar-2024551

server5-der8.crtD11-Mar-2024555

server5-der9.crtD11-Mar-2024556

server5-expired.crtD11-Mar-2024794 1514

server5-future.crtD11-Mar-2024794 1514

server5-selfsigned.crtD11-Mar-2024684 1312

server5-sha1.crtD11-Mar-2024794 1514

server5-sha224.crtD11-Mar-2024798 1514

server5-sha384.crtD11-Mar-2024798 1514

server5-sha512.crtD11-Mar-2024798 1514

server5.crtD11-Mar-2024798 1514

server5.eku-cli.crtD11-Mar-2024717 1413

server5.eku-cs.crtD11-Mar-2024717 1413

server5.eku-cs_any.crtD11-Mar-2024725 1413

server5.eku-srv.crtD11-Mar-2024717 1413

server5.eku-srv_cli.crtD11-Mar-2024729 1413

server5.keyD11-Mar-2024227 65

server5.ku-ds.crtD11-Mar-2024814 1514

server5.ku-ka.crtD11-Mar-2024814 1514

server5.ku-ke.crtD11-Mar-2024814 1514

server5.req.ku.sha1D11-Mar-2024452 98

server5.req.sha1D11-Mar-2024456 98

server5.req.sha224D11-Mar-2024456 98

server5.req.sha256D11-Mar-2024456 98

server5.req.sha384D11-Mar-2024456 98

server5.req.sha512D11-Mar-2024456 98

server6-ss-child.crtD11-Mar-2024737 1413

server6.crtD11-Mar-2024798 1514

server6.keyD11-Mar-2024227 65

server7.crtD11-Mar-20241.3 KiB2423

server7.keyD11-Mar-2024227 65

server7_all_space.crtD11-Mar-20242.7 KiB4847

server7_int-ca.crtD11-Mar-20242.7 KiB4847

server7_int-ca_ca2.crtD11-Mar-20243.6 KiB6362

server7_pem_space.crtD11-Mar-20242.7 KiB4847

server7_trailing_space.crtD11-Mar-20242.8 KiB4847

server8.crtD11-Mar-20241 KiB1918

server8.keyD11-Mar-20241.6 KiB2827

server8_int-ca2.crtD11-Mar-20242.1 KiB3736

server9-bad-mgfhash.crtD11-Mar-20241.2 KiB2120

server9-bad-saltlen.crtD11-Mar-20241.2 KiB2120

server9-badsign.crtD11-Mar-20241.1 KiB2019

server9-defaults.crtD11-Mar-20241.1 KiB2019

server9-sha224.crtD11-Mar-20241.2 KiB2120

server9-sha256.crtD11-Mar-20241.2 KiB2120

server9-sha384.crtD11-Mar-20241.2 KiB2120

server9-sha512.crtD11-Mar-20241.2 KiB2120

server9-with-ca.crtD11-Mar-20245.3 KiB10098

server9.crtD11-Mar-20241.1 KiB2019

server9.keyD11-Mar-2024887 1615

server9.req.sha1D11-Mar-2024643 1211

server9.req.sha224D11-Mar-2024700 1312

server9.req.sha256D11-Mar-2024700 1312

server9.req.sha384D11-Mar-2024700 1312

server9.req.sha512D11-Mar-2024700 1312

test-ca-v1.crtD11-Mar-20241.1 KiB2019

test-ca.crtD11-Mar-20244.3 KiB8179

test-ca.keyD11-Mar-20241.7 KiB3129

test-ca2.crtD11-Mar-2024867 1615

test-ca2.keyD11-Mar-2024288 76

test-ca2.ku-crl.crtD11-Mar-2024684 1312

test-ca2.ku-crt.crtD11-Mar-2024684 1312

test-ca2.ku-crt_crl.crtD11-Mar-2024684 1312

test-ca2.ku-ds.crtD11-Mar-2024684 1312

test-ca2_cat-future-present.crtD11-Mar-20241.6 KiB2928

test-ca2_cat-past-present.crtD11-Mar-20241.6 KiB2928

test-ca2_cat-present-future.crtD11-Mar-20241.6 KiB2928

test-ca2_cat-present-past.crtD11-Mar-20241.6 KiB2928

test-ca_cat12.crtD11-Mar-20245.1 KiB9694

test-ca_cat21.crtD11-Mar-20245.1 KiB9694

test-int-ca.crtD11-Mar-20241.4 KiB2524

test-int-ca.keyD11-Mar-20243.2 KiB5251

test-int-ca2.crtD11-Mar-20241 KiB1918

test-int-ca2.keyD11-Mar-2024288 76

test-int-ca3.crtD11-Mar-2024652 1312

test-int-ca3.keyD11-Mar-2024302 98

Readme-x509.txt

1This documents the X.509 CAs, certificates, and CRLS used for testing.
2
3Certification authorities
4-------------------------
5
6There are two main CAs for use as trusted roots:
7- test-ca.crt aka "C=NL, O=PolarSSL, CN=PolarSSL Test CA"
8  uses a RSA-2048 key
9- test-ca2*.crt aka "C=NL, O=PolarSSL, CN=Polarssl Test EC CA"
10  uses an EC key with NIST P-384 (aka secp384r1)
11  variants used to test the keyUsage extension
12The files test-ca_cat12 and test-ca_cat21 contain them concatenated both ways.
13
14Two intermediate CAs are signed by them:
15- test-int-ca.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate CA"
16  uses RSA-4096, signed by test-ca2
17- test-int-ca2.crt "C=NL, O=PolarSSL, CN=PolarSSL Test Intermediate EC CA"
18  uses an EC key with NIST P-256, signed by test-ca
19
20A third intermediate CA is signed by test-int-ca2.crt:
21- test-int-ca3.crt "C=UK, O=mbed TLS, CN=mbed TLS Test intermediate CA 3"
22
23Finally, other CAs for specific purposes:
24- enco-ca-prstr.pem: has its CN encoded as a printable string, but child cert
25  enco-cert-utf8str.pem has its issuer's CN encoded as a UTF-8 string.
26- test-ca-v1.crt: v1 "CA", signs
27    server1-v1.crt: v1 "intermediate CA", signs
28        server2-v1*.crt: EE cert (without of with chain in same file)
29- keyUsage.decipherOnly.crt: has the decipherOnly keyUsage bit set
30
31End-entity certificates
32-----------------------
33
34Short information fields:
35
36- name or pattern
37- issuing CA:   1   -> test-ca.crt
38                2   -> test-ca2.crt
39                I1  -> test-int-ca.crt
40                I2  -> test-int-ca2.crt
41                I3  -> test-int-ca3.crt
42                O   -> other
43- key type: R -> RSA, E -> EC
44- C -> there is a CRL revoking this cert (see below)
45- L -> CN=localhost (useful for local test servers)
46- P1, P2 if the file includes parent (resp. parent + grandparent)
47- free-form comments
48
49List of certificates:
50
51- cert_example_multi*.crt: 1/O R: subjectAltName
52- cert_example_wildcard.crt: 1 R: wildcard in subject's CN
53- cert_md*.crt, cert_sha*.crt: 1 R: signature hash
54- cert_v1_with_ext.crt: 1 R: v1 with extensions (illegal)
55- cli2.crt: 2 E: basic
56- enco-cert-utf8str.pem: see enco-ca-prstr.pem above
57- server1*.crt: 1* R C* P1*: misc *(server1-v1 see test-ca-v1.crt above)
58    *CRL for: .cert_type.crt, .crt, .key_usage.crt, .v1.crt
59    P1 only for _ca.crt
60- server2-v1*.crt: O R: see test-ca-v1.crt above
61- server2*.crt: 1 R L: misc
62- server3.crt: 1 E L: EC cert signed by RSA CA
63- server4.crt: 2 R L: RSA cert signed by EC CA
64- server5*.crt: 2* E L: misc *(except server5-selfsigned)
65    -sha*: hashes
66    -eku*: extendeKeyUsage (cli/srv = www client/server, cs = codesign, etc)
67    -ku*: keyUsage (ds = signatures, ke/ka = key exchange/agreement)
68- server6-ss-child.crt: O E: "child" of non-CA server5-selfsigned
69- server6.crt, server6.pem: 2 E L C: revoked
70- server7*.crt: I1 E L P1*: EC signed by RSA signed by EC
71    *P1 except 7.crt, P2 _int-ca_ca2.crt
72    *_space: with PEM error(s)
73- server8*.crt: I2 R L: RSA signed by EC signed by RSA (P1 for _int-ca2)
74- server9*.crt: 1 R C* L P1*: signed using RSASSA-PSS
75    *CRL for: 9.crt, -badsign, -with-ca (P1)
76- server10*.crt: I3 E L P2/P3
77
78Certificate revocation lists
79----------------------------
80
81Signing CA in parentheses (same meaning as certificates).
82
83- crl-ec-sha*.pem: (2) server6.crt
84- crl-future.pem: (2) server6.crt + unknown
85- crl-rsa-pss-*.pem: (1) server9{,badsign,with-ca}.crt + cert_sha384.crt + unknown
86- crl.pem, crl_expired.pem: (1) server1{,.cert_type,.key_usage,.v1}.crt + unknown
87- crl_md*.pem: crl_sha*.pem: (1) same as crl.pem
88- crt_cat_*.pem: (1+2) concatenations in various orders:
89    ec = crl-ec-sha256.pem, ecfut = crl-future.pem
90    rsa = crl.pem, rsabadpem = same with pem error, rsaexp = crl_expired.pem
91
92Note: crl_future would revoke server9 and cert_sha384.crt if signed by CA 1
93      crl-rsa-pss* would revoke server6.crt if signed by CA 2
94