openssl/test/certs
Dr. David von Oheimb 199df4a93f check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS
This is an upstream fix for #13931

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13968)
2021-01-28 15:05:04 +01:00
..
alt1-cert.pem
alt1-key.pem
alt2-cert.pem
alt2-key.pem
alt3-cert.pem
alt3-key.pem
bad-pc3-cert.pem
bad-pc3-key.pem
bad-pc4-cert.pem
bad-pc4-key.pem
bad-pc6-cert.pem
bad-pc6-key.pem
bad.key
bad.pem
badalt1-cert.pem
badalt1-key.pem
badalt2-cert.pem
badalt2-key.pem
badalt3-cert.pem
badalt3-key.pem
badalt4-cert.pem
badalt4-key.pem
badalt5-cert.pem
badalt5-key.pem
badalt6-cert.pem
badalt6-key.pem
badalt7-cert.pem
badalt7-key.pem
badalt8-cert.pem
badalt8-key.pem
badalt9-cert.pem
badalt9-key.pem
badalt10-cert.pem
badalt10-key.pem
badcn1-cert.pem
badcn1-key.pem
ca-anyEKU.pem
ca-cert2.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert-768.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert-768i.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert-ec-explicit.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert-ec-named.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert-md5-any.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert-md5.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-clientAuth.pem
ca-expired.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-key2.pem
ca-key-768.pem
ca-key-ec-explicit.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ca-key-ec-named.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ca-key.pem
ca-name2.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-nonbc.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-nonca.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-pss-cert.pem check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS 2021-01-28 15:05:04 +01:00
ca-pss-key.pem check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS 2021-01-28 15:05:04 +01:00
ca-root2.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ca-serverAuth.pem
ca+anyEKU.pem
ca+clientAuth.pem
ca+serverAuth.pem
cca-anyEKU.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
cca-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
cca-clientAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
cca-serverAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
cca+anyEKU.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
cca+clientAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
cca+serverAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
client-ed448-cert.pem
client-ed448-key.pem
client-ed25519-cert.pem
client-ed25519-key.pem
croot-anyEKU.pem
croot-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
croot-clientAuth.pem
croot-serverAuth.pem
croot+anyEKU.pem
croot+clientAuth.pem
croot+serverAuth.pem
ct-server-key-public.pem
ct-server-key.pem
cyrillic_crl.pem
cyrillic_crl.utf8
cyrillic.msb
cyrillic.pem
cyrillic.utf8
dhp2048.pem
ee-cert2.pem
ee-cert-768.pem
ee-cert-768i.pem
ee-cert-1024.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-cert-3072.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-cert-4096.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-cert-8192.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-cert-crit-unknown-ext.pem Implement treatment of id-pkix-ocsp-no-check extension for OCSP_basic_verify() 2020-09-26 14:03:44 +02:00
ee-cert-ec-explicit.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ee-cert-ec-named-explicit.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ee-cert-ec-named-named.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ee-cert-md5.pem
ee-cert-noncrit-unknown-ext.pem Implement treatment of id-pkix-ocsp-no-check extension for OCSP_basic_verify() 2020-09-26 14:03:44 +02:00
ee-cert-ocsp-nocheck.pem Implement treatment of id-pkix-ocsp-no-check extension for OCSP_basic_verify() 2020-09-26 14:03:44 +02:00
ee-cert.pem
ee-client-chain.pem
ee-client.pem
ee-clientAuth.pem
ee-ecdsa-client-chain.pem
ee-ecdsa-key.pem
ee-ed25519.pem
ee-expired.pem
ee-key-768.pem
ee-key-1024.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-key-3072.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-key-4096.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-key-8192.pem Add some additional test certificates/keys 2020-11-18 14:14:53 +00:00
ee-key-ec-explicit.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ee-key-ec-named-explicit.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ee-key-ec-named-named.pem Disallow certs with explicit curve in verification chain 2020-09-17 17:15:15 +02:00
ee-key.pem
ee-name2.pem
ee-pathlen.pem Add test cases for the non CA certificate with pathlen:0 2020-04-06 10:26:14 +02:00
ee-pss-cert.pem check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS 2021-01-28 15:05:04 +01:00
ee-pss-sha1-cert.pem
ee-pss-sha256-cert.pem
ee-pss-wrong1.5-cert.pem check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS 2021-01-28 15:05:04 +01:00
ee-self-signed.pem Fix a test_verify failure 2020-07-28 15:28:06 +01:00
ee-serverAuth.pem
ee+clientAuth.pem
ee+serverAuth.pem
embeddedSCTs1_issuer-key.pem
embeddedSCTs1_issuer.pem
embeddedSCTs1-key.pem
embeddedSCTs1.pem
embeddedSCTs1.sct
embeddedSCTs1.tlssct
embeddedSCTs3_issuer.pem
embeddedSCTs3.pem
embeddedSCTs3.sct
ext-check.csr apps/req.c: Add -copy_extensions option for use with -x509; default: none 2021-01-13 11:53:15 +01:00
fake-gp.pem Add support for unusal 'othername' subjectAltNames 2020-04-25 18:52:30 +03:00
goodcn1-cert.pem
goodcn1-key.pem
grfc.pem Issuer Sign Tool extention support 2020-03-25 15:33:53 +03:00
interCA.key
interCA.pem
invalid-cert.pem X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert 2021-01-13 11:19:17 +01:00
leaf.key
leaf.pem
many-constraints.pem
many-names1.pem
many-names2.pem
many-names3.pem
mkcert.sh check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS 2021-01-28 15:05:04 +01:00
nca+anyEKU.pem
nca+serverAuth.pem
ncca1-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ncca1-key.pem
ncca2-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ncca2-key.pem
ncca3-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
ncca3-key.pem
ncca-cert.pem
ncca-key.pem
nroot+anyEKU.pem
nroot+serverAuth.pem
p256-server-cert.pem
p256-server-key.pem
p384-root-key.pem
p384-root.pem
p384-server-cert.pem
p384-server-key.pem
pathlen.pem
pc1-cert.pem
pc1-key.pem
pc2-cert.pem
pc2-key.pem
pc5-cert.pem
pc5-key.pem
root2-serverAuth.pem
root2+clientAuth.pem
root2+serverAuth.pem
root-anyEKU.pem
root-cert2.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-cert-768.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-cert-md5.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-cert-rsa2.pem
root-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-clientAuth.pem
root-ed448-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-ed448-key.pem
root-ed25519.pem
root-ed25519.privkey.pem
root-ed25519.pubkey.pem
root-expired.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-key2.pem
root-key-768.pem
root-key.pem
root-name2.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
root-nonca.pem
root-noserver.pem
root-serverAuth.pem
root+anyEKU.pem
root+clientAuth.pem
root+serverAuth.pem
rootCA.key
rootCA.pem
rootcert.pem
rootkey.pem
roots.pem
sca-anyEKU.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sca-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sca-clientAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sca-serverAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sca+anyEKU.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sca+clientAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sca+serverAuth.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
server-cecdsa-cert.pem
server-cecdsa-key.pem
server-dsa-cert.pem
server-dsa-key.pem
server-dsa-pubkey.pem Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 2020-09-30 20:49:44 +02:00
server-ecdsa-brainpoolP256r1-cert.pem
server-ecdsa-brainpoolP256r1-key.pem
server-ecdsa-cert.pem
server-ecdsa-key.pem
server-ed448-cert.pem
server-ed448-key.pem
server-ed25519-cert.pem
server-ed25519-key.pem
server-pss-cert.pem
server-pss-key.pem
server-pss-restrict-cert.pem
server-pss-restrict-key.pem
server-trusted.pem
servercert.pem
serverkey.pem
setup.sh check_sig_alg_match(): weaken sig nid comparison to allow RSA{,PSS} key verify RSA-PSS 2021-01-28 15:05:04 +01:00
sm2-ca-cert.pem
sm2-csr.pem
sm2-root.crt
sm2-root.key
sm2.key
sm2.pem
some-names1.pem
some-names2.pem
some-names3.pem
sroot-anyEKU.pem
sroot-cert.pem make various test CA certs RFC 5280 compliant w.r.t. X509 extensions 2021-01-20 15:53:47 +01:00
sroot-clientAuth.pem
sroot-serverAuth.pem
sroot+anyEKU.pem
sroot+clientAuth.pem
sroot+serverAuth.pem
subinterCA-ss.pem
subinterCA.key
subinterCA.pem
untrusted.pem
v3-certs-RC2.p12 apps: make use of OSSL_STORE for generalized certs and CRLs loading 2020-08-20 14:55:34 +02:00
v3-certs-TDES.p12 apps: make use of OSSL_STORE for generalized certs and CRLs loading 2020-08-20 14:55:34 +02:00
wrongcert.pem
wrongkey.pem
x509-check-key.pem
x509-check.csr