Standard PKC Test KeysUniversity of AucklandDepartment of Computer ScienceAucklandNew Zealandpgut001@cs.auckland.ac.nzDigiCertcorey.bonnell@digicert.com
Security Area
Internet-Draft
This document provides a set of standard PKC test keys that may be used
wherever pre-generated keys and associated operations like digitial signatures
are required. Like the EICAR virus test file, these widely-known test keys
can be detected and recognised by applications consuming them as being purely
for testing purposes without assigning any security properties to them.
The widespread use of PKCs on the Internet has led to a proliferation of
publicly-known but not necessarily acknowledged keys used for testing purposes
or that ship preconfigured in applications. These keys provide no security,
but since there's no record of them it's often not known that they provide no
security. In order to address this issue, this document provides a set of
widely-known test keys that may be used wherever a preconfigured or sample key
is required, and by extension in situations where such keys may be used such
as when testing digitally signed data.
The keys provided cover three major algorithm families, RSA, DLP-based
algorithms such as DSA, DH, and Elgamal, and ECDLP-based algorithms such as
ECDSA and ECDH. Although some of the algorithms and key sizes are no longer
recommended, keys corresponding to those algorithms and key sizes are provided
in order to accommodate the large installed based of existing implementations
that use them.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in and
when, and only when, they appear in all capitals, as shown here.
This section provides the test keys for the algorithm groups in various sizes
in a C-like notation that may be directly used in crypto code written in C-
like languages such as C, C++, Java, JavaScript, Go, Swift, and Rust, covering
the majority of languages likely to be used to implement crypto code.
Alongside the source-code format, they are also provided in encoded form,
specifically the OpenSSL private-key format which many applications can
process directly.
Each element of the key is given in a form consisting of a count in bits
followed by a byte string containing that key element in big-endian form. For
example for the RSA p value it might be:
where 0xCF is the most-significant byte of the RSA p value and 0x03 is the
least-significant byte of the value.
The following widely-known test keys may be used for RSA.
The following widely-known test keys may be used for DLP-based algorithms such
as DSA, DH, and Elgamal.
The following widely-known test keys may be used for ECDLP-based algorithms
such as ECDSA and ECDH.
The intent of publishing known keys in this form is that they may be easily
recognised as being test keys when encountered. It should go without saying
that these keys should never be used or relied upon in production
environments.
The author awaits the inevitable CVEs.
Key words for use in RFCs to Indicate Requirement LevelsHarvard University
General
keywordAmbiguity of Uppercase vs Lowercase in RFC 2119 Key WordsHuawei Technologies