MTC test certs
This directory contains the following certs:
mtc-leaf.pem- signatureless MTC issued by an MTC CA
mtc-leaf-standalone.pem- standalone MTC issued by an MTC CA
mtc-leaf-standalone-3cosigners.pem- standalone MTC containing the CA cosignature and two other cosignatures.
mtc-leaf-standalone-no_ca_signers.pem- MTC containing one cosignature, but no CA cosignature.
mtc-leaf-standalone-duplicate_ca_signer.pem- standalone MTC containing two duplicate CA cosignatures.
mtc-leaf-standalone-cosigner_wrong_order.pem- standalone MTC containing the CA cosignature and another cosignatures, but the cosignatures are not in sorted order.
mtc-ica.pem- signatureless MTC issued by the same MTC CA
- its BasicConstraints has
cA=TRUE
leaf.pem- classical ECDSA cert (SPKI) with ECDSA
signatureAlgorithm - issued by
mtc-ica.pem
(Re)generating test certs
Generating these certs is done in two steps.
The first step is to generate a keypair for the ICA and use the private key to sign the leaf cert:
- Run
go run generate_leaf.go - Copy the certificate PEM to
leaf.pem - Copy the ICA SPKI base64 to the first
PublicKey entry in mtc-config.json
The next step is to generate the MTCs:
- Run
generate_mtcs.sh - Copy the subtree range and hash from the script output into PathBuilderMTCPlants04Test::SetUp.