|
1 This directory contains pre-computed OCSP responses which are used by the input |
|
2 scripts for TOCSP. Most have been hand-edited to contain particular errors, and |
|
3 in some cases then re-signed using the 'resign' utility. |
|
4 |
|
5 (* signifies resigning was used) |
|
6 |
|
7 The following are used in the Error.txt input script: |
|
8 |
|
9 response.000 Original response, upon which other non-trivial responses are based |
|
10 response.001 'malformedRequest' |
|
11 response.002 'internalError' |
|
12 response.003 'tryLater' |
|
13 response.004 ..invalid responseStatus |
|
14 response.005 'sigRequired' |
|
15 response.006 'unauthorised' |
|
16 response.007 ..invalid responseStatus |
|
17 response.008 ..invalid responseStatus (-ve) |
|
18 response.009 invalid RSA signature |
|
19 response.010 corrupt RSA signature data (#unused bits not 0) |
|
20 response.011* invalid hashAlgorithm in CertId |
|
21 response.012* corrupt issuerNameHash in CertId |
|
22 response.013* corrupt issuerKeyHash in CertId |
|
23 response.014* corrupt serialNumber in CertId |
|
24 response.015 hash algorithm specified in signature doesn't match that |
|
25 used (which is specified before the signature) |
|
26 - produced using a modified version of resign.exe |
|
27 response.016 Invalid response type (outside signed data portion) |
|
28 response.017* Inserted 'version' field with value v1 (shouldn't be there since this is |
|
29 the default value, and defaults are skipped in DER) |
|
30 response.018* As 017, but with unrecognised version value '1'. |
|
31 response.019* producedAt before thisUpdate |
|
32 response.020* Added nextUpdate field - one month after thisUpdate |
|
33 response.021* From 020, set producedAt > nextUpdate |
|
34 response.022* From 020, set thisUpdate > nextUpdate (producedAt < nextUpdate) |
|
35 response.023* From 020, set thisUpdate > nextUpdate (producedAt between the two) |
|
36 response.024* From 020, set thisUpdate > nextUpdate (producedAt > thisUpdate) |
|
37 response.025* Issuer name corrupted (doesn't match signing cert subject field) |
|
38 response.026-030 Corrupt length fields (* on 29) |
|
39 response.031-035 Corrupt tag fields (* on 32, 34) |
|
40 |
|
41 The following are used in XCert.txt: |
|
42 |
|
43 response.n1 Testing Nonce on, incorrect value / unexpected nonce received |
|
44 response.n2 Testing Nonce on, response with missing nonce |
|
45 |
|
46 The following are used in XCert-local.txt, in addition to those used in XCert.txt: |
|
47 |
|
48 XCert_00_Good_RSA_XCert.rsp |
|
49 XCert_01_Revoked_RSA_XCert.rsp |
|
50 XCert_02_Suspended_RSA_XCert.rsp |
|
51 XCert_03_Unknown_RSA_XCert.rsp |
|
52 XCert_04_Good_DSA_XCert.rsp |
|
53 XCert_05_Revoked_DSA_XCert.rsp |
|
54 XCert_06_Suspended_DSA_XCert.rsp |
|
55 XCert_07_Unknown_DSA_XCert.rsp |
|
56 XCert_08_All_RSA_XCert.rsp |
|
57 XCert_09_All_DSA_XCert.rsp |
|
58 XCert_10_Expired_Subject_and_Issuer.rsp |
|
59 XCert_11_Expired_Signing.rsp |
|
60 XCert_12_Expired_Subject.rsp |
|
61 XCert_13_Unspecified_Date.rsp |
|
62 XCert_14_Expired_subject_valid_time.rsp |
|
63 XCert_15_Expired_unspecified.rsp |
|
64 XCert_16_Expired_specified.rsp |
|
65 XCert_20_Nonce_Off.rsp |
|
66 XCert_22_BadSig_DSA_XCert.rsp |