Additional testcases

[woodruffw]

1 is old and not super well organized, so I'm copying things that haven't yet been done into this new issue.

RFC 5280

• [x] implementations should reject EC keys not in namedCurve format (see #173)
• [ ] implementations should reject v1 certificates that contain v3 extensions
• [x] implementations should reject DNS Name Constraints of the form .foo (leading period is valid in URI constraints and others, but not in DNS constraints) (#207)
• [x] implementations should reject OtherName OIDs that they don't know (#228)
• [ ] implementations should check the time type:
  • [ ] 1950 <= validity < 2050 should be UTCTime
  • [ ] validity < 1950 || validity >= 2050 should be GeneralizedTime

CABF

• [ ] 7.1.4.3: If present, Subject.commonName MUST contain exactly one entry that is one of the values contained in the subjectAltName extension, and MUST be encoded as follows
  • For IPv4 addresses, must be an IPv4Address per RFC 3986 S. 3.2.2
  • For IPv6 addresses, must be be encoded in the text representation specified in RFC 5952 S. 4.
  • For FQDNs or wildcard domain names, must be a char-for-char copy of the dNSName entry from subjectAltName; P-labels must not be converted to their Unicode representation.
• [ ] 7.1.2.7.6 and 7.1.2.7.10: extKeyUsage is required in subscriber certificates, and MUST contain id-kp-serverAuth (MAY contain id-kp-clientAuth), and MUST NOT contain any other id-kp-*, anyExtendedKeyUsage, or the Precertificate Signing Certificate OID (1.3.6.1.4.1.11129.2.4.4)
• [ ] 7.1.2.10.6: CA EKUs are similar to subscriber cert EKUs

Regressions

• [x] CVE-2024-0567 from gnutls (https://gitlab.com/gnutls/gnutls/-/issues/1521)

General

• [ ] Implementations should (generally) not be permissive around times close to expiries (e.g. a cert that expired 5 seconds before validation should generally not be accepted)

Client verification

• [ ] Implementations should treat the *@example.com email NC as a literal email address with an inbox of *, not as a wildcard pattern for example.com.

Other test suites

• [ ] NIST PKITS (RFC 3280)
• [ ] Chrome's test suite: https://github.com/chromium/chromium/tree/main/net/data/ssl/certificates
• [ ] PITTv3: https://github.com/carl-wallace/rust-pki/tree/main/pittv3

[alex]

We need a test case for DoS in name constraint handling: https://github.com/openssl/openssl/pull/4393

[woodruffw]

We need a test case for DoS in name constraint handling: openssl/openssl#4393

Opened #204 for these. Will investigate why OpenSSL appears to pass its own DoS test.