mbedtls

yuzu-emu/mbedtls

Fork 0

Commit graph

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	c10afdb322	Add test for CA forgery attempt As we accept EE certs that are explicitly trusted (in the list of trusted roots) and usually look for parent by subject, and in the future we might want to avoid checking the self-signature on trusted certs, there could a risk that we incorrectly accept a cert that looks like a trusted root except it doesn't have the same key. This test ensures this will never happen.	2017-08-08 11:06:50 +02:00
Gilles Peskine	f040a17604	Added SHA256 test certificates With SHA-1 deprecation, we need a few certificates using algorithms in the default support list. Most tests still use SHA-1 though. The generation process for the new certificates is recorded in the makefile.	2017-06-06 18:44:13 +02:00

Author

SHA1

Message

Date

Manuel Pégourié-Gonnard

c10afdb322

Add test for CA forgery attempt

As we accept EE certs that are explicitly trusted (in the list of trusted
roots) and usually look for parent by subject, and in the future we might want
to avoid checking the self-signature on trusted certs, there could a risk that we
incorrectly accept a cert that looks like a trusted root except it doesn't
have the same key. This test ensures this will never happen.

2017-08-08 11:06:50 +02:00

Gilles Peskine

f040a17604

Added SHA256 test certificates

With SHA-1 deprecation, we need a few certificates using algorithms in
the default support list. Most tests still use SHA-1 though.

The generation process for the new certificates is recorded in the makefile.

2017-06-06 18:44:13 +02:00

2 commits