Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(212)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/data/ssl/certificates/README

Issue 2411023002: *WIP* Mac Unittest for client cert selection with intermediate certs
Patch Set: rebase Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/test_keychain_search_list_mac.cc ('k') | net/data/ssl/certificates/client_1.keychain » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 This directory contains various certificates for use with SSL-related 1 This directory contains various certificates for use with SSL-related
2 unit tests. 2 unit tests.
3 3
4 ===== Real-world certificates that need manual updating 4 ===== Real-world certificates that need manual updating
5 - google.binary.p7b 5 - google.binary.p7b
6 - google.chain.pem 6 - google.chain.pem
7 - google.pem_cert.p7b 7 - google.pem_cert.p7b
8 - google.pem_pkcs7.p7b 8 - google.pem_pkcs7.p7b
9 - google.pkcs7.p7b 9 - google.pkcs7.p7b
10 - google.single.der 10 - google.single.der
(...skipping 233 matching lines...) Expand 10 before | Expand all | Expand 10 after
244 - each .pk8 file contains the same key as the corresponding .key file 244 - each .pk8 file contains the same key as the corresponding .key file
245 as PKCS#8 PrivateKeyInfo in DER encoding. 245 as PKCS#8 PrivateKeyInfo in DER encoding.
246 - client_3.pem is nearly identical to client_2.pem, except it is used 246 - client_3.pem is nearly identical to client_2.pem, except it is used
247 to test wifi EAP-TLS authentication so it uses a different set 247 to test wifi EAP-TLS authentication so it uses a different set
248 of X509v3 extensions. Specifically it includes two Subject 248 of X509v3 extensions. Specifically it includes two Subject
249 Alternative Name fields recognized by Chrome OS. 249 Alternative Name fields recognized by Chrome OS.
250 - client_4.pem is similar to client_2.pem but is a P-256 ECDSA key rather 250 - client_4.pem is similar to client_2.pem but is a P-256 ECDSA key rather
251 than RSA. 251 than RSA.
252 - client_root_ca.pem is the CA certificate which signed client_*_ca.pem. 252 - client_root_ca.pem is the CA certificate which signed client_*_ca.pem.
253 253
254 ===== From net/data/ssl/scripts/generate-client-certificates-keychains.sh
255 - client_1.keychain: An OSX Keychain containing the generated
256 certificate & private key "client_1.pem" and "client_1.key".
257 - client_2.keychain: An OSX Keychain containing the generated
258 certificate client_1_ca.pem.
259
254 ===== From net/data/ssl/scripts/generate-bad-eku-certs.sh 260 ===== From net/data/ssl/scripts/generate-bad-eku-certs.sh
255 - eku-test-root.pem 261 - eku-test-root.pem
256 - non-crit-codeSigning-chain.pem 262 - non-crit-codeSigning-chain.pem
257 - crit-codeSigning-chain.pem 263 - crit-codeSigning-chain.pem
258 Two code-signing certificates (eKU: codeSigning; eKU: critical, 264 Two code-signing certificates (eKU: codeSigning; eKU: critical,
259 codeSigning) which we use to test that clients are making sure that web 265 codeSigning) which we use to test that clients are making sure that web
260 server certs are checked for correct eKU fields (when an eKU field is 266 server certs are checked for correct eKU fields (when an eKU field is
261 present). Since codeSigning is not valid for web server auth, the checks 267 present). Since codeSigning is not valid for web server auth, the checks
262 should fail. 268 should fail.
263 269
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
296 aia-cert.pem has a caIssuers that points to "aia-test.invalid" as the URL 302 aia-cert.pem has a caIssuers that points to "aia-test.invalid" as the URL
297 containing the intermediate, which can be served via a URLRequestFilter. 303 containing the intermediate, which can be served via a URLRequestFilter.
298 aia-intermediate.der is stored in DER form for convenience, since that is 304 aia-intermediate.der is stored in DER form for convenience, since that is
299 the form expected of certificates discovered via AIA. 305 the form expected of certificates discovered via AIA.
300 306
301 ===== From net/data/ssl/scripts/generate-self-signed-certs.sh 307 ===== From net/data/ssl/scripts/generate-self-signed-certs.sh
302 - self-signed-invalid-name.pem 308 - self-signed-invalid-name.pem
303 - self-signed-invalid-sig.pem 309 - self-signed-invalid-sig.pem
304 Two "self-signed" certificates with mismatched names or an invalid 310 Two "self-signed" certificates with mismatched names or an invalid
305 signature, respectively. 311 signature, respectively.
OLDNEW
« no previous file with comments | « net/cert/test_keychain_search_list_mac.cc ('k') | net/data/ssl/certificates/client_1.keychain » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698