Skip to content

A suite of testvectors for X.509 certificate path validation and tools for building them

License

Notifications You must be signed in to change notification settings

C2SP/x509-limbo

Repository files navigation

x509-limbo

⚠️ This is a work in progress! ⚠️

A suite of testvectors (and associated tooling) for X.509 certificate path validation.

This project is maintained by Trail of Bits.

How to use this repository

This repository contains canned testcases for developing or testing implementations of X.509 path validation.

To use it, you'll need to understand (and use) two pieces:

  1. limbo-schema.json: The testcase schema. This is provided as a JSON Schema definition.
  2. limbo.json: The combined testcase suite. The structure of this file conforms to the schema above.

The schema will tell you how to consume the combined testcase suite.

Developing

This repository contains a self-managing tool called limbo.

make dev && source env/bin/activate

limbo --help

This tool can be used to regenerate the schema, as well as develop and manage testcases and testcase assets:

limbo schema --help
limbo compile --help

There are also two convenience make targets for quickly regenerating the schema and test suite:

make limbo-schema.json
make limbo.json

Licensing

This repository and the Limbo testsuite are licensed under the Apache License, version 2.0.

This repository additionally contains testcases that are generated from the BetterTLS project, which is also licensed under the Apache License, version 2.0.