Name Date Size #Lines LOC

..--

10a/H--109107

10b/H--109107

11a/H--131129

11b/H--131129

12a/H--110108

13a/H--110108

1a/H--4442

2a/H--6765

2b/H--4543

2c/H--8886

3a/H--111109

3b/H--8987

3c/H--8987

3d/H--8987

3e/H--111109

4a/H--110108

4b/H--8987

4c/H--8987

4d/H--8886

4e/H--8886

4f/H--110108

4g/H--8987

4h/H--8987

5a/H--132130

5b/H--111109

5c/H--111109

5d/H--110108

5e/H--110108

5f/H--110108

5g/H--132130

5h/H--111109

5i/H--111109

6a/H--132130

6b/H--132130

7a/H--132130

7b/H--132130

8a/H--6664

9a/H--6664

MakefileH A D14-Jul-2020437 2214

READMEH A D27-Aug-20214.8 KiB12788

go.modH A D23-Feb-202178 53

make-certs.shH A D27-Aug-202114 KiB384302

verify_test.goH A D28-Aug-20212.6 KiB113104

README

1This directory contains tools for building certificate chains to
2test verification. Each subdirectory contains a set of certificates
3that test a particular scenario. The root certificate(s) are contained
4in a roots.pem file, while the leaf certificate and any untrusted
5intermediate certificates are contained in a bundle.pem file.
6
7 1a. A leaf certificate signed by the root certificate with no
8     intermediates (should verify).
9
10 2a. A leaf certificate signed by an intermediate, which is signed
11     by a root certificate (should verify).
12
13 2b. Same as (2a), however the intermediate is missing which should
14     prevent verification.
15
16 2c. Same as (2a), however the intermediate and root are in the intermediate
17     bundle, (should verify)
18
19 3a. A leaf certificate signed by three intermediates, the last of
20     which is signed by a root certificate (should verify).
21
22 3b. Same as (3a) however the first intermediate is missing which should
23     prevent verification.
24
25 3c. Same as (3a) however the second intermediate is missing which should
26     prevent verification.
27
28 3d. Same as (3a) however the third intermediate is missing which should
29     prevent verification.
30
31 3e. Same as (3a) however the order of the intermediates is reversed
32     (should verify).
33
34 4a. A leaf certificate signed by an intermediate, that is cross
35     signed by two root certificates (should verify with two chains).
36
37 4b. Same as (4a) but with one root missing (should verify with one chain).
38
39 4c. Same as (4b) but with the other root missing (should verify with one
40     chain).
41
42 4d. Same as (4a) but with one intermediate missing (should verify with one
43     chain).
44
45 4e. Same as (4d) but with the other intermediate missing (should verify
46     with one chain).
47
48 4f. Same as (4a) but with the intermediates reversed (should verify with
49     two chains).
50
51 4g. Same as (4b) but with the intermediates reversed (should verify with
52     one chain).
53
54 4h. Same as (4c) but with the intermediates reversed (should verify with
55     one chain).
56
57 5a. A leaf certificate signed by an intermediate, that is cross
58     signed by one root certificate and an intermediate, which in turn
59     is signed by a second root (should verify with two chains).
60
61 5b. Same as (5a) but missing the first root certificate (should verify
62     with one chain).
63
64 5c. Same as (5a) but missing the second root certificate (should verify
65     with one chain).
66
67 5d. Same as (5a) but missing the first intermediate (should verify with
68     one chain).
69
70 5e. Same as (5a) but missing the second intermediate (should verify
71     with one chain).
72
73 5f. Same as (5a) but missing the cross-signed intermediate (should verify
74     with one chain).
75
76 5g. Same as (5a) but order of intermediates is reversed (should verify
77     with two chains).
78
79 5h. Same as (5g) but missing the first root certificate (should verify
80     with two chains).
81
82 5i. Same as (5g) but missing the second root certificate (should verify
83     with two chains).
84
85 6a. A leaf certificate signed by an intermediate, that is cross
86     signed by an expired root certificate and an intermediate, which
87     in turn is signed by a second root (should verify with one chain).
88
89 6b. Same as (6a) but the order of the intermediates is reversed (should
90     verify with one chain).
91
92 7a. A leaf certificate signed by an intermediate, that is cross
93     signed by a root certificate and an intermediate, which in turn
94     is signed by a second root that has expired (should verify with one
95     chain).
96
97 7b. Same as (7a) but the order of the intermediates is reversed (should
98     verify with one chain).
99
100 8a. An expired leaf certificate signed by an intermediate that is then
101     signed by a root certificate (should fail to verify).
102
103 9a. A leaf certificate signed by an expired intermediate, which is
104     signed by a root certificate (should fail to verify).
105
10610a. A leaf certificate signed by an intermediate, that is cross
107     signed by two root certificates, with one of the cross signings
108     having expired (should verify with one chain).
109
11010b. Same as (10a) but order of intermediates is reversed (should verify
111     with one chain.
112
11311a. A leaf certificate signed by an intermediate, that is cross
114     signed by one root certificate and an expired intermediate, which
115     in turn is signed by a second root (should verify with one chain).
116
11711b. Same as (11a) but order of intermediates is reversed (should verify
118     with one chain.
119
12012a. A leaf certificate signed by an intermediate, that is signed by a
121     root certificate and cross signed as an expired intermediate, by a
122     second root (should verify with one chain).
123
12413a. A leaf certificate signed by an intermediate, that is signed by an
125     expired root certificate and cross signed as an intermediate, by a
126     second root (should verify with one chain).
127