| OLD | NEW |
|---|
| 1 This directory contains various certificates for use with SSL-related | 1 This directory contains various certificates for use with SSL-related |
| 2 unit tests. | 2 unit tests. |
| 3 | 3 |
| 4 ===== Real-world certificates that need manual updating | 4 ===== Real-world certificates that need manual updating |
| 5 - google.binary.p7b | 5 - google.binary.p7b |
| 6 - google.chain.pem | 6 - google.chain.pem |
| 7 - google.pem_cert.p7b | 7 - google.pem_cert.p7b |
| 8 - google.pem_pkcs7.p7b | 8 - google.pem_pkcs7.p7b |
| 9 - google.pkcs7.p7b | 9 - google.pkcs7.p7b |
| 10 - google.single.der | 10 - google.single.der |
| (...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 239 - client_2.pk8 | 239 - client_2.pk8 |
| 240 - client_2_ca.pem | 240 - client_2_ca.pem |
| 241 - client_3.pem | 241 - client_3.pem |
| 242 - client_3.key | 242 - client_3.key |
| 243 - client_3.pk8 | 243 - client_3.pk8 |
| 244 - client_3_ca.pem | 244 - client_3_ca.pem |
| 245 - client_4.pem | 245 - client_4.pem |
| 246 - client_4.key | 246 - client_4.key |
| 247 - client_4.pk8 | 247 - client_4.pk8 |
| 248 - client_4_ca.pem | 248 - client_4_ca.pem |
| 249 - client_5.pem |
| 250 - client_5.key |
| 251 - client_5.pk8 |
| 252 - client_5_ca.pem |
| 253 - client_6.pem |
| 254 - client_6.key |
| 255 - client_6.pk8 |
| 256 - client_6_ca.pem |
| 249 - client_root_ca.pem | 257 - client_root_ca.pem |
| 250 This is a set of files used to unit test SSL client certificate | 258 This is a set of files used to unit test SSL client certificate |
| 251 authentication. | 259 authentication. |
| 252 - client_1_ca.pem and client_2_ca.pem are the certificates of | 260 - client_1_ca.pem and client_2_ca.pem are the certificates of |
| 253 two distinct signing CAs. | 261 two distinct signing CAs. |
| 254 - client_1.pem and client_1.key correspond to the certificate and | 262 - client_1.pem and client_1.key correspond to the certificate and |
| 255 private key for a first certificate signed by client_1_ca.pem. | 263 private key for a first certificate signed by client_1_ca.pem. |
| 256 - client_2.pem and client_2.key correspond to the certificate and | 264 - client_2.pem and client_2.key correspond to the certificate and |
| 257 private key for a second certificate signed by client_2_ca.pem. | 265 private key for a second certificate signed by client_2_ca.pem. |
| 258 - each .pk8 file contains the same key as the corresponding .key file | 266 - each .pk8 file contains the same key as the corresponding .key file |
| 259 as PKCS#8 PrivateKeyInfo in DER encoding. | 267 as PKCS#8 PrivateKeyInfo in DER encoding. |
| 260 - client_3.pem is nearly identical to client_2.pem, except it is used | 268 - client_3.pem is nearly identical to client_2.pem, except it is used |
| 261 to test wifi EAP-TLS authentication so it uses a different set | 269 to test wifi EAP-TLS authentication so it uses a different set |
| 262 of X509v3 extensions. Specifically it includes two Subject | 270 of X509v3 extensions. Specifically it includes two Subject |
| 263 Alternative Name fields recognized by Chrome OS. | 271 Alternative Name fields recognized by Chrome OS. |
| 264 - client_4.pem is similar to client_2.pem but is a P-256 ECDSA key rather | 272 - client_4.pem is similar to client_2.pem but is a P-256 ECDSA key rather |
| 265 than RSA. | 273 than RSA. |
| 274 - client_5.pem is similar to client_2.pem but is a P-384 ECDSA key rather |
| 275 than RSA. |
| 276 - client_6.pem is similar to client_2.pem but is a P-521 ECDSA key rather |
| 277 than RSA. |
| 266 - client_root_ca.pem is the CA certificate which signed client_*_ca.pem. | 278 - client_root_ca.pem is the CA certificate which signed client_*_ca.pem. |
| 267 | 279 |
| 268 ===== From net/data/ssl/scripts/generate-bad-eku-certs.sh | 280 ===== From net/data/ssl/scripts/generate-bad-eku-certs.sh |
| 269 - eku-test-root.pem | 281 - eku-test-root.pem |
| 270 - non-crit-codeSigning-chain.pem | 282 - non-crit-codeSigning-chain.pem |
| 271 - crit-codeSigning-chain.pem | 283 - crit-codeSigning-chain.pem |
| 272 Two code-signing certificates (eKU: codeSigning; eKU: critical, | 284 Two code-signing certificates (eKU: codeSigning; eKU: critical, |
| 273 codeSigning) which we use to test that clients are making sure that web | 285 codeSigning) which we use to test that clients are making sure that web |
| 274 server certs are checked for correct eKU fields (when an eKU field is | 286 server certs are checked for correct eKU fields (when an eKU field is |
| 275 present). Since codeSigning is not valid for web server auth, the checks | 287 present). Since codeSigning is not valid for web server auth, the checks |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 310 aia-cert.pem has a caIssuers that points to "aia-test.invalid" as the URL | 322 aia-cert.pem has a caIssuers that points to "aia-test.invalid" as the URL |
| 311 containing the intermediate, which can be served via a URLRequestFilter. | 323 containing the intermediate, which can be served via a URLRequestFilter. |
| 312 aia-intermediate.der is stored in DER form for convenience, since that is | 324 aia-intermediate.der is stored in DER form for convenience, since that is |
| 313 the form expected of certificates discovered via AIA. | 325 the form expected of certificates discovered via AIA. |
| 314 | 326 |
| 315 ===== From net/data/ssl/scripts/generate-self-signed-certs.sh | 327 ===== From net/data/ssl/scripts/generate-self-signed-certs.sh |
| 316 - self-signed-invalid-name.pem | 328 - self-signed-invalid-name.pem |
| 317 - self-signed-invalid-sig.pem | 329 - self-signed-invalid-sig.pem |
| 318 Two "self-signed" certificates with mismatched names or an invalid | 330 Two "self-signed" certificates with mismatched names or an invalid |
| 319 signature, respectively. | 331 signature, respectively. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2567523003:
Fix P-521 client cert mapping and test all curves. (Closed)
