• Home
Name Date Size #Lines LOC

..--

READMED03-May-20243.5 KiB7552

blocklist_test_chain.pemD03-May-20242.2 KiB3938

blocklist_test_valid_ca.pemD03-May-20241.1 KiB2019

blocklist_test_valid_chain.pemD03-May-20245.5 KiB9695

ca-cert.pemD03-May-20243.1 KiB6260

cert-ct-embedded.pemD03-May-20243.4 KiB6664

cert-ct-poisoned.pemD03-May-20243.1 KiB6462

cert-key.pemD03-May-2024887 1615

cert.pemD03-May-20243.1 KiB6159

ct-server-key-public.pemD03-May-2024178 54

ct-signed-timestamp-listD03-May-2024123

ct-signed-timestamp-list-invalidD03-May-2024122

ct-signed-timestamp-list-unknownD03-May-2024123

ocsp-response-sct-extension.derD03-May-2024126

ocsp-response.derD03-May-20241.2 KiB

test_blocklist_ca.pemD03-May-20241.1 KiB2019

test_blocklist_ca_key.pemD03-May-20241.7 KiB2928

test_intermediate.csrD03-May-2024895 1615

test_intermediate_blockedroot.pemD03-May-20241.1 KiB2019

test_intermediate_key.pemD03-May-20241.7 KiB2928

test_intermediate_nonblockedroot.pemD03-May-20241.1 KiB2019

test_leaf.csrD03-May-2024883 1615

test_leaf_blockedroot.pemD03-May-20241.1 KiB2019

test_leaf_intermediate.pemD03-May-20241.1 KiB2019

test_nonblocklist_ca.pemD03-May-20241.1 KiB2019

test_nonblocklist_ca_key.pemD03-May-20241.7 KiB2928

README

1This repository contains data used in various tests :
2- ca-cert.pem: Root CA certificate
3
4- ct-server-key-public.pem: Public Key of a test Certificate Transparency log
5
6- cert.pem / cert-key.pem: Certificate issued by ca-cert.pem, and its private key
7
8- cert-ct-poisoned.pem: Same certificate as cert.pem, but with an extra CT Poison extension
9
10- cert-ct-embedded.pem: Same certificate as cert.pem, but with an embedded signed certificate
11    timestamp signed by the test CT log
12
13- ct-signed-timestamp-list: TLS-encoded SignedCertificateTimestampList containing one SCT for
14    cert.pem signed by the test CT log
15
16- ct-signed-timestamp-list-invalid: TLS-encoded SignedCertificateTimestampList containing one SCT
17    signed by the test CT log, but for another certificate
18
19- ct-signed-timestamp-list-unknown: TLS-encoded SignedCertificateTimestampList containing one SCT
20    for cert.pem, but signed by a different log
21
22- ocsp-response.der: OCSP response for cert.pem, containing an SCT for cert.pem signed by the test
23    CT log
24
25- ocsp-response-sct-extension.der: The extension from ocsp-response.der which contains the SCT
26
27
28For blocklist testing:
29- test_blocklist_ca_key.pem: Private key for blocklisted CA
30
31- test_blocklist_ca.pem: Certificate for blocklisted CA
32Generate with:
33    openssl req -x509 -new -subj "/CN=blacklist test CA" -days 3650 -key test_blocklist_ca_key.pem -out test_blocklist_ca.pem -nodes
34
35- test_nonblocklist_ca_key.pem: Private key for non-blocklisted CA
36
37- test_nonblocklist_ca.pem: Certificate for non-blocklisted CA
38Generate with:
39    openssl req -x509 -new -subj "/CN=Test CA" -days 3650 -key test_nonblocklist_ca_key.pem -out test_nonblocklist_ca.pem -nodes
40
41- test_leaf.csr: CSR for leaf certificate
42Generate with:
43    openssl req -new -subj "/CN=leaf" -out test_leaf.csr -nodes
44
45- test_intermediate.csr: CSR for intermediate certificate
46Generate with:
47    openssl req -new -subj "/CN=intermediate" -out test_intermediate.csr -keyout test_intermediate_key.pem -nodes
48
49- test_leaf_blockedroot.pem: Leaf cert signed by blocked root CA
50Generate with:
51    openssl  req -days 3650  -in test_leaf.csr -out test_leaf_blockedroot.pem -CA test_blocklist_ca.pem -CAkey test_blocklist_ca_key.pem -nodes
52
53- test_leaf_intermediate.pem: Leaf cert signed by intermediate CA
54Generate with:
55    openssl  req -days 3650  -in test_leaf.csr -out test_leaf_intermediate.pem -CA test_intermediate_blockedroot.pem -CAkey test_intermediate_key.pem -nodes
56
57- test_intermediate_blockedroot.pem: Intermediate cert signed by blocked root CA
58Generate with:
59    openssl  req -days 3650  -in test_intermediate.csr -out test_intermediate_blockedroot.pem -CA test_blocklist_ca.pem -CAkey test_blocklist_ca_key.pem -nodes
60
61- test_intermediate_nonblockedroot.pem: Intermediate cert signed by non-blocked root CA
62Generate with:
63    openssl  req -days 3650  -in test_intermediate.csr -out test_intermediate_nonblockedroot.pem -CA test_nonblocklist_ca.pem -CAkey test_nonblocklist_ca_key.pem -nodes
64
65- blocklist_test_valid_ca.pem: non-blocklisted CA cert
66Generate with:
67    cp test_nonblocklist_ca.pem blocklist_test_valid_ca.pem
68
69- blocklist_test_chain.pem: Test chain with a valid leaf signed by a blocklisted CA
70Generate with:
71    cat test_leaf_blockedroot.pem test_blocklist_ca.pem > blocklist_test_chain.pem
72
73blocklist_test_valid_chain.pem: Valid cert chain - leaf signed by intermediate cross-signed by both CAs
74Generate with:
75    cat test_leaf_intermediate.pem test_intermediate_blockedroot.pem test_intermediate_nonblockedroot.pem test_blocklist_ca.pem test_nonblocklist_ca.pem > blocklist_test_valid_chain.pem