RFC 9500 proposes a set of standard test keys. This repository presents the private and public keys, in different format to ease consumptions.
| testRSA1024 | ||
|---|---|---|
| private | pem | |
| public | pem |
| testRSA2048 | ||
|---|---|---|
| private | pem | |
| public | pem |
| testRSA4096 | ||
|---|---|---|
| private | pem | |
| public | pem |
| testDLP1024 | ||
|---|---|---|
| private | pem | hex |
| public | pem | hex |
| testDLP2048 | ||
|---|---|---|
| private | pem | hex |
| public | pem | hex |
| testDLP4096 | ||
|---|---|---|
| private | pem | hex |
| public | pem | hex |
| testECCP256 | ||
|---|---|---|
| private | pem | hex |
| public | pem | hex |
| testECCP384 | ||
|---|---|---|
| private | pem | hex |
| public | pem | hex |
| testECCP521 | ||
|---|---|---|
| private | pem | hex |
| public | pem | hex |
This software has not been audited. Please use at your sole discretion. With this in mind, dee security relies on the following:
- RFC 9500 holds the source cryptographic material, and more.
NO. At the same time, this repository might allow you to detect such usages.
For local development, have a look at mkcert. If you want to generate a fresh certificate with one of the RFC provided test key, use the following
# Select a PEM formated key in this repository
KEY=./pem/testRSA1024.pem
# Generate a Certificate Signing Request
openssl req -new -key "${KEY}" -out example_test.csr
# Generate the associated certificate
openssl x509 -req -in example_test.csr -signkey ./pem/testRSA1024.pem -out example_test.crtAll development happens in generate.sh. The initial private key in PEM format have been taken from RFC 9500, along with their recommended name. The script has then been run to generate public keys, and hex encoded keys.
./scripts/generate.sh