Mercurial Mercurial > oss > FCL > sf > mw > securitysrv / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
pkiutilities/ocsp/test/responses/README.TXT
changeset 0 164170e6151a 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/pkiutilities/ocsp/test/responses/README.TXT	Tue Jan 26 15:20:08 2010 +0200
@@ -0,0 +1,66 @@
+This directory contains pre-computed OCSP responses which are used by the input
+scripts for TOCSP.  Most have been hand-edited to contain particular errors, and
+in some cases then re-signed using the 'resign' utility.
+
+(* signifies resigning was used)
+
+The following are used in the Error.txt input script:
+
+response.000     Original response, upon which other non-trivial responses are based
+response.001     'malformedRequest'
+response.002     'internalError'
+response.003     'tryLater'
+response.004     ..invalid responseStatus
+response.005     'sigRequired'
+response.006     'unauthorised'
+response.007     ..invalid responseStatus
+response.008     ..invalid responseStatus (-ve)
+response.009     invalid RSA signature
+response.010     corrupt RSA signature data (#unused bits not 0)
+response.011*    invalid hashAlgorithm in CertId
+response.012*    corrupt issuerNameHash in CertId
+response.013*    corrupt issuerKeyHash in CertId
+response.014*    corrupt serialNumber in CertId
+response.015     hash algorithm specified in signature doesn't match that
+                  used (which is specified before the signature)
+                  - produced using a modified version of resign.exe
+response.016     Invalid response type (outside signed data portion)
+response.017*    Inserted 'version' field with value v1 (shouldn't be there since this is
+                  the default value, and defaults are skipped in DER)
+response.018*    As 017, but with unrecognised version value '1'.
+response.019*    producedAt before thisUpdate
+response.020*    Added nextUpdate field - one month after thisUpdate
+response.021*    From 020, set producedAt > nextUpdate
+response.022*    From 020, set thisUpdate > nextUpdate (producedAt < nextUpdate)
+response.023*    From 020, set thisUpdate > nextUpdate (producedAt between the two)
+response.024*    From 020, set thisUpdate > nextUpdate (producedAt > thisUpdate)
+response.025*    Issuer name corrupted (doesn't match signing cert subject field)
+response.026-030 Corrupt length fields (* on 29)
+response.031-035 Corrupt tag fields (* on 32, 34)
+
+The following are used in XCert.txt:
+
+response.n1      Testing Nonce on, incorrect value / unexpected nonce received
+response.n2      Testing Nonce on, response with missing nonce
+
+The following are used in XCert-local.txt, in addition to those used in XCert.txt:
+
+XCert_00_Good_RSA_XCert.rsp
+XCert_01_Revoked_RSA_XCert.rsp
+XCert_02_Suspended_RSA_XCert.rsp
+XCert_03_Unknown_RSA_XCert.rsp
+XCert_04_Good_DSA_XCert.rsp
+XCert_05_Revoked_DSA_XCert.rsp
+XCert_06_Suspended_DSA_XCert.rsp
+XCert_07_Unknown_DSA_XCert.rsp
+XCert_08_All_RSA_XCert.rsp
+XCert_09_All_DSA_XCert.rsp
+XCert_10_Expired_Subject_and_Issuer.rsp
+XCert_11_Expired_Signing.rsp
+XCert_12_Expired_Subject.rsp
+XCert_13_Unspecified_Date.rsp
+XCert_14_Expired_subject_valid_time.rsp
+XCert_15_Expired_unspecified.rsp
+XCert_16_Expired_specified.rsp
+XCert_20_Nonce_Off.rsp
+XCert_22_BadSig_DSA_XCert.rsp
FCL/sf/mw/securitysrv